My friends,
Help me understand public IP address assignment. I've run into an environment where each publicly accessible server has it's own dedicated public IP. They are in a DMZ but their NICs are all using private addressing. Where are the public IP's for those services assigned?
My understanding was you could preserve public address allocation by using port forwarding ie;
- 1.1.1.1:443 ---> 192.168.1.1
- 1.1.1.1:3389 --> 192.168.1.2
- 1.1.1.1:5345 --> 192.168.1.3
What are the limitations of this? Where is the address "1.1.1.1" actually assigned within your environment in this configuration? Is it a WAN port on your firewall? What if I have 15 public IP's and want them all configured this way? Do I need 15 WAN ports or interfaces on my firewall?
Alternatively, I can directly assign public IP's to my web facing servers and stick them in a DMZ?
What are the limitations of this? Understand you run out of IP's quicker than you would the previous method but are there any other limitations?
Appreciate it and thanks for your patience with a total novice!
No comments:
Post a Comment