Sugggested Router to Route Public IPs?

MY ISP gave me a single public IP for my router's WAN port and a public IP LAN block (5 public IPs on a different subnet) for the routers behind the first router.

I need a router to route public IPs. The router will be configured with public IPs on both the WAN and the LAN (public IP LAN block).
I need a router that only routes traffic without NAT and without a firewall. The two routers behind this router will do the NAT and firewall functions for the local area network that they are attached too.

I see many routers for sale but they all seem to be geared towards public WAN to private LAN uses.
What router would you suggest?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Fred MarshallPrincipalCommented:
It's not clear to me why you want a router for this sitation.

Here's what I do:

I have a router (which is the interface to the ISP much like a modem might be) with the public address on the WAN port and one of the public block IPs on the LAN port.  It's in "Router" mode which means "No NAT".

The LAN port connects to a switch that I call the "Internet Switch"
Then all of the devices that will have public IP addresses out of the block are statically-addresses and plugged into this same switch.  The switch can be viewed as a mini-connection to the internet.  Well, as far as I'm concerned, it *is* the internet with limited address scope but the router takes care of all the universe beyond.

Then, in turn, each device with a public address is configured as it would be were it alone connected to a modem or ISP port.  Our main firewall is an example.  Some VPN boxes are other examples, etc.
There is no need for routing at the "Internet Switch" level.  The ISP takes care of internet routing.
wmtraderAuthor Commented:
The ISP will only allow traffic coming from the device configured with the IP they gave me, the IP for the front router. So I will need device that will appear as if traffic is coming from the IP they gave me.
Fred MarshallPrincipalCommented:
Yes.  I understand.  
But you also said:
and a public IP LAN block (5 public IPs on a different subnet)
So, let's suppose that:
- the ONE they gave you is so we assign that to the WAN side of your router.  That's what they will "see" from their end of the connection.  And, of course, anyone on the internet, including the ISP can "see" all of your other public IP addresses in use VIA your router.
- the FIVE they gave you are in the subnet (just an example public subnet).
Actually, there are 6 hosts in that subnet so you should have some understanding with them what's the situation.  But, I will assume one of two situations: will be assigned to the ISP for some reason that I don't need to understand.  Otherwise I would probably assign it to the LAN port on your router.
and - are the 5 available for your devices.
So, if somehow (or the equivalent thereof) is being used by the ISP (leaving but 5 out of the 6) then I would:
Assign one of the remaining e.g. to the LAN side of your router.
Assign four of the remaining e.g. to to your other devices needing public IP addresses.

Otherwise, if what you meant was that you could have 5 devices with public addresses NOT including your router LAN port, then:
Assign one of the 6, e.g. to the router WAN port. (It could be any of them, but this is rather conventional practice).
Assign five of the remaining e.g. to to your other 5 devices needing public IP addresses.

Does that help?

Your router, in router mode with no NAT, accepts packets from its WAN side.  They are routed to the appropriate port on the switch going to your device with that address - as those are all on the same subnet.

Your router, in router mode with no NAT, accepts packets on its LAN side,  destined for the rest of the public internet, and passes them to the WAN side of the router and on to the ISP.

Since all of your public addresses are on the same subnet, any packet destined from one of your devices (either one with a public address or one on a LAN subnet behind it) and TO the public address of one of your other devices, will simply pass through the Internet Switch on the LAN side and NOT be passed to the WAN side and the "rest of the world".
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

wmtraderAuthor Commented:
Disregard the above, the wrong copy/paste.

AT&T (AT&T Business Direct fiber, the fiber service for large business) restricts traffic coming from a customer's location based on the the IP of the device connected to their service.

AT&T offered me a "managed router" to be installed behind their "fiber to copper media converter" but they failed to tell why they where offering me a managed router so I declined. Come to find out now I need a router using the /30 subnet address to provide access to the public IP LAN block using a the IP addresses of the /29 subnet.

So all I need is a solid fast router (their is a lot of traffic coming/going) that does nothing but routing, no firewall and no NAT.
Fred MarshallPrincipalCommented:
That all sounds correct.  The new information is that the AT&T side address is in a /30 block.  That's fine, whatever....

Yes, you need a router to connect to the fiber to copper media converter.  That's exactly what we're doing at sites like this.
wmtraderAuthor Commented:
My question is not if I need a router, I know I need a router, but what router do you suggest?
I need a fast, solid router to only do routing of public IPs.
Fred MarshallPrincipalCommented:
What is the data rate that you expect?
I'm using a very simple RV042 for this purpose with data rates at 30Mbps peak.

There are really two considerations:

- you don't want to pay for all kinds of features that you aren't going to use and might well increase the complexity of configuration.

- you want to be able to support the data rate.  

So, the RV042 is a good choice for the first part and now we need to help decide if the data rate will be supported.
wmtraderAuthor Commented:
I am not sure about the data rate.
The fiber is a 100Mbps connection.
The traffic consist of VoiP traffic from 50 handsets going to/from Ring Central, 3 router to router VPNs (VPN traffic supporting RDP, SAP, mail, file/print), a public Exchange server, and multiple offsite employees accessing the terminal server via Remote Web Access along with the 50 or so employees browsing the web and doing mail via the Exchange server.
Benjamin Van DitmarsSr Network EngineerCommented:
use an 1941 to do this job for you.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
wmtraderAuthor Commented:
I reviewed the  CISCO1941/K9 and decided that is was the good choice.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.