[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Multiple sticky IPs, only need one - using BT broadband and 2wire box

Posted on 2007-03-30
Medium Priority
Last Modified: 2013-12-14

I've read through a number of posts from contributors having similar problems and the mist is starting to clear slightly.

However, I still need some specifics on how these sticky IPs are working.

One of our clients has a BT broadband line, a 2wire router and 5 static IPs.

Each time the 2wire box connects it is assigned a dynamic IP.  BT keep track of which IP the customer has and routes traffic to the static IP block through this dynamic IP.  I have had this working with an additional router connected to the 2wire box with the WAN interface set to one of the static IPs.

I want to set things up so that I just have the 2wire working as a regular NAT router - one static IP on the WAN that I can port forward to internal hosts.

How do I do this?  Is it possible?  Or will I always need a second router in this scenario?

Question by:devon-lad
  • 3
  • 2
  • 2
  • +2
LVL 13

Accepted Solution

Nick Denny earned 375 total points
ID: 18825180
I would suggest to contact BT and reduce the service level to a single static IP.
Not only should this be cheaper, it is far far simpler.
LVL 78

Expert Comment

by:Rob Williams
ID: 18833973
Not sure I understand the question properly, but the way BT's "Sticky IP's"works is through DHCP reservations. Every time the same router connects to the Internet, BT recognizes the MAC address, and assigns it the same IP, but by using DHCP.
Rather than a static IP where they assign you an IP, you simply need to find the IP by checking the router, or going to   http://www.whatismyip.com  That IP will not change. The router is configured for Dynamic IP's on the WAN side, but you can always use the same IP, as if it were static.

Assisted Solution

ChrisMacleod earned 375 total points
ID: 18834858
Using BT's no NAT multiple IP products you will always be assigned a dynamic IP to the WAN interface.  Like seriousnickDate said you would be best to switch to a single IP options.  But this is not easily done with BT as the single IP product is in a completely different product family and changing to this product will incure charges.  

With a single IP product whenever your router or modem connects to the internet BT assigned you the same IP address to the WAN interface.

You could buy another router and connect it to the 2wire.  You would need to setup the static IP range in the public network section for the 2wire and then go into edit address allocation and assign the router a public IP.  Then you need to go into the firewall settings and set the router to allow all applications that way you can set all port forwarding on the other router.

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 13

Expert Comment

by:Nick Denny
ID: 18834945
Hi Rob/Devon-lad

BT operates its "5 static IP" service ("Business no NAT 5") as follows:

You are actually assigned 8 static IP's  - however 3 of these are reserved and do not get used.
The first IP in the range is known as the "network address" and should not be used for computer use.
The next 5 are for computer use.
Your gateway/router is is set as the next one after this.

e.g. range starts at xxx.xxx.xxx.101  (network address)
xxx.xxx.xxx.102 to 106 used for computers - subnet mask
xxx.xxx.xxx.107 for router/gateway.

There is a little more info here:

Author Comment

ID: 18834947
seriousnick: Yes, I already contacted BT to change the package around 10 days ago.  But as ChrisMacleod mentions - this is not easily done - like most things involving BT.

ChrisMacleod: We have had it working with a second router for the past 12 months, but have been experiencing some problems that we were hoping to resolve by replacing the 2wire box.

The site in question is the head office of a company that has 3 other sites.  Each site has a direct VPN connection to each other site.  The 3 branch offices have the same model router - and there are never problems with the VPN connection dropping out between the branch sites.

However, the VPN connections between the branch offices and the head office frequently need resetting.  So I would like to replace the 2wire box and additional router at the head office with the same model of modem/router that the branch offices have.

From reading other posts, I got an idea that I could use a replacement DSL router by setting up multiple PVCs.  One PPPoA to make the DSL connection and then a PPPoE to get the static IP.  Although I'd have to say that I've never had cause to setup more than one PVC so I'm not really clear on this.

Does this make any sense, or am I barking up the wrong tree?
LVL 78

Expert Comment

by:Rob Williams
ID: 18835872
If the VPN connections are being dropped and you are using PPPoE/A make sure you have "keep alive" enabled on the Routers WAN configuration and if available on the VPN configuration. Most PPPoE connections are set to time out and re-connect on demand. Not a good scenario for VPN's.

Author Comment

ID: 18841897
Yes, DSL and VPN are set for always connected.

Author Comment

ID: 18881120
Ok - it seems to me that the simplest technical solution is to change to a single static IP line.

However, if you take into account having to deal with BT, it will often be simpler to use a second router.

Thanks for your help.

Expert Comment

ID: 18898602
Devon, I am familiar with 2wire, but I have never worked with their biz class router...  First, I assume your isp issued you the router & it is designed to handle multi static ips (MSIPs). In any case, the "recommended" msip setup for a dsl biz-class router, as detailed by others above, is (unfortunately) a very conventional configuration.  As you have likely learned, many of the isp tech support people do not actually understand the network and routing specifics, as they are likely reading from a "script"....

Now, to answer your question, how stickies work....
  First, it sounds like you are familiar with dsl & you understand that dsl requires a pppoe authentication connection. When the authentication process (login) completes, the authentication server issue out a dynamic ip.  In the case of MSIPs, the dyn address doubles as a address pointer- which as you stated, is used to route your block of MSIPs to your dsl router.  More specifically, the isp's authentication server and routing table connects the dynamic to the 1st MSIP address in your block of 8 (or 16, 32, 64, etc).  When your dsl router is "properly" configured (e.g., subnet netmask, gatewate addr, nat, dhcp server, & stateful inspection) your MSIPs are routed to your dsl router. In turn, your router configs will be determine how the remaining routable (5) ips will be handled on your LAN side. Finally, the last address in your MSIP block is used as a broadcast address.  Make sense?

  Any network engineer familiar with router setups, would definitely NOT be a fan of the way ISPs configure MSIPs. With the router NAT off, all connected systems would be fully exposed to the internet - including any and all unsuspecting wireless and workstations connected via switches.  Not good.

Secondly... to answer your question re: using 1 static with port fwd'g .  
- Set the 2wire to run PPPoE & configure the dhcp scope to Verify NAT is ON & do NOT configure any MSIPs into the router... Assign your LAN systems with a private static IP in the ranges of thru  Then assign your ports and LAN PCs in the router accordingly...  After all is complete - powercycle the 2wire and all the port fwd'd LAN systems should be accessible via the 1st available static ip in your MSIP block....

Sorry for the verbosity, MSIPs are rather complicated & there is  very little docs on MSIPs configs using NAT.

Good luck. P2E

- http://static.btopenworld.com/business/help/otherfiles/BP-2039248PP.pdf
- http://www.btbroadbandoffice.com/BP-30254_32PP_PSG.pdf

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes you have to pull out old tricks to get a new firewall to work… While we were installing a new Sonicwall at a customers site we found that sites they were able to visit before were not working.  It seemed random and we could not understa…
Why do some people recommend buying business VoIP from an ISP? What are the benefits to my company? What are the costs?
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Suggested Courses
Course of the Month18 days, 17 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question