Static Ip in Router works with Cable Internet WHY?

H

hevnbnd

Limp Gawd
Joined
Nov 9, 2005
Messages
260
I have 5 static ip addresses at my office and only use 1 so I decided to try inserting the static ip address into my router at my home. I use the same cable company for both connections. It works! I can rdp into my computer at home with the static ip address, when I look up my ip address from home it shows the static ip i have imput into my router.

So question is WHY does this work? ISP says home service can NOT have a static IP address. It is supposed to be dynamic. I don't understand enough about it to understand why it works.

I am thinking about a setup like this next to try.

MODEM
-Switch
-Router (Static IP Address 1)
-Computer A
-Router (Static IP Address 2)
-Computer B

Any idea if computer a & b would have different IP addresses?
 
hevnbnd said:
I have 5 static ip addresses at my office and only use 1 so I decided to try inserting the static ip address into my router at my home. I use the same cable company for both connections. It works! I can rdp into my computer at home with the static ip address, when I look up my ip address from home it shows the static ip i have imput into my router.

So question is WHY does this work? ISP says home service can NOT have a static IP address. It is supposed to be dynamic. I don't understand enough about it to understand why it works.

I am thinking about a setup like this next to try.

MODEM
-Switch
-Router (Static IP Address 1)
-Computer A
-Router (Static IP Address 2)
-Computer B

Any idea if computer a & b would have different IP addresses?
Click to expand...


Id put it like this

Modem > switch router a router b into the switch.
 
suprised that works our isp gives a cisco router for the static ip settings without it just dynamic
 
it works because that IP belongs to Comcast, so their network knows how to route the traffic.

I'd be questioning why it didn't work, if you couldn't get it to work.
 
I'm confused. If I'm understanding this, you're saying you took an IP from your block of statics assigned to your office and configured it on your home router? And you're saying it works? I don't see how that's possible.

So I guess I'm misunderstanding you.
 
Only way it could possibly work is some horrible misconfiguation at the ISP (borderline impossible though) or some VPN tunnel making it work.
 
Not really. Most ISPs just run large l2 networks in the same geo area (eg. to ease management). Nothing weird with this if op lives close to his office.

It's not the best thing security wise but with all the corner cutting to save $$ ... it could be worse really :)

Edit: Ofc, if you want privacy, you generally have to pay extra for it (leased lines, mpls...).
 
x.sci said:
Not really. Most ISPs just run large l2 networks in the same geo area (eg. to ease management). Nothing weird with this if op lives close to his office
Click to expand...

That's rare in my area, I don't use Comcast though.

OP, what is the subnet mask you're using?
 
Vito_Corleone said:
I'm confused. If I'm understanding this, you're saying you took an IP from your block of statics assigned to your office and configured it on your home router? And you're saying it works? I don't see how that's possible.

So I guess I'm misunderstanding you.
Click to expand...

YES THIS IS CORRECT

I am not with Comcast. I am with Suddenlink

As for subnet. Well I actually tried it with 2 different static ip addresses from the office one had a subnet mask of 255.255.255.0 and the other with 255.255.252.0 Why does it matter on the subnet mask?

Suddenlink does NOT have static Ip addresses for home users even to purchase or I would have one. I do live about 5 miles from my office.

What is the security risk? I am actually thinking about running a website from my home on a different port than 80 of course and I already have an Exchange Server running from the house.
 
Sorry, I don't know where I got the Comcast thing from.

I was asking the mask so I could see how large the network is.
 
Vito_Corleone said:
Sorry, I don't know where I got the Comcast thing from.
Click to expand...

sorry, that was me.
but I have no clue where I got Comcast from either, but I stated it :p

sounds to me like all IPs are in the same subnet, just reserved from the DHCP pool. Not too unusual, imho.
 
More then likely they won't let you use a static ip on a home connection because they want people to bump up to their 'Business Class' connection, not because the system can't do it. Like x.sci said a lot of these networks are flat l2. The ISP I work for uses a few /24 subnets for our DHCP pool that we add to as we grow, then we have another set of subnets for us to pick statics out of. Granted we assign the static to the customers access port so they can't switch locations without calling us and getting the port changed.
 
j-sta said:
sorry, that was me.
but I have no clue where I got Comcast from either, but I stated it :p

sounds to me like all IPs are in the same subnet, just reserved from the DHCP pool. Not too unusual, imho.
Click to expand...

Not unusual for an SP? I guess the SPs in my area are the exception, but I've rarely seen something like that.
 
hevnbnd said:
What is the security risk? I am actually thinking about running a website from my home on a different port than 80 of course and I already have an Exchange Server running from the house.
Click to expand...
Probably nothing to worry about but that's hard to say without knowing the actual design.

What obviously could happen is, someone would use one of your unused ips and when you'd want to start using it, you couldn't. What would probably happen then is you'd call your isp, they'd find the thief that stole your ip and threaten him to cut his line, so you'd get your ip back. A proper security policy could prevent this. On the other hand, it obviously doesn't happen often enough or they'd already implement that.
 
Vito_Corleone said:
Not unusual for an SP? I guess the SPs in my area are the exception, but I've rarely seen something like that.
Click to expand...
Remember that you can have 2 or more completely different ip subnets on the same l2 network. You'd have to sniff traffic in front of firewall to see what's really going on.

Anyway, vlan for every customer/port i'm afraid doesn't scale too well. So you're basically left with pppoe or port acls. There's dhcp based on access port + dhcp snooping combination too but i really doubt anyone uses that.
 
wow i wish i could do that. i had never thought of it so i tried it after reading this thread
no joy :(
 
x.sci said:
Remember that you can have 2 or more completely different ip subnets on the same l2 network. You'd have to sniff traffic in front of firewall to see what's really going on.

Anyway, vlan for every customer/port i'm afraid doesn't scale too well. So you're basically left with pppoe or port acls. There's dhcp based on access port + dhcp snooping combination too but i really doubt anyone uses that.
Click to expand...

Thanks for that reminder, lol.

So where are you getting these facts about SPs? Do you actually have CMTS/cable provider knowledge?
 
I would imagine that they would lock those IP's you have to the MAC address of the cable modem.

My understanding is that they were doing some sort of a static DHCP setup, where each MAC address would be assigned a range of 5 IPs.

Authentication (at least for consumer cable connections) is based upon mac address of the modem (plus the general location of the user). The cable company knows that a certain mac address has been registered. They authorize it for use on a specific CMTS (based upon where you live). So now, once the dhcp server pushes out an IP address, they can apply QoS/flow analysis to that IP to start giving you bandwidth limits / billing
 
lol

ISPs don't run large Layer 2 networks...that would scale horrible and destroy performance not to mention most ISPs Comcast, TWC, etc move video traffic around multicast so they already have nicely built networks.

Also network blocks are assigned to the CMTS at least they are with Cisco and Arris ones

A lot of times modems assigned a static IP are actually running RIP behind the scenes because the static IPs come out of a different pool
 
Last edited:
Sorry, I take that back. Was meant relatively and even that would be misleading. It's just that I keep thinking of isp uplink as some kind of a l3 p2p link (damned be dialup, huh? :) but that's just not the case usually. I do remember seeing /16, wasn't cable though.

Now, I don't work for a cable isp and may be a bit behind times but a couple of hundred users on a line card were normal, right? And if you don't run rip (which is better i guess) but just put another subnet on cmts interface for statics, how does cmts know it shouldn't route traffic for "stolen" ip?

And what's the reasoning behind horrible scaling? Anyway, I thought multicast was how video got to cmts or wherever and then got encoded to cable broadcast.
 
You must log in or register to reply here.
Back
Top