Static IP routing to Dynamic IP routing

S

spidy

n00b
Joined
Sep 2, 2004
Messages
38
I'm really hoping someone can help me out with this one.

Here's my problem:

I have several companies connecting to my web service that points to a static IP which the companies punch a hole in their firewalls to connect to. However if my system goes down I have a DNS change to a backup system and I have a dynamic name server in place that will point everyone to the backup system by the DNS. However, the backup system has a dynamic IP in which the companies do not have their firewall setup to connect to since it is a dynamic IP. My question is this, is there a service out there that will point a static IP to a dynamic IP? Much like services like DynDNS.org but for IP's. That way a company and punch a hole for one IP and not have to worry about my backup systems.

Thanks for everyone's help.
 
i dont beleive so....., can you not get a static IP for your back up systems - if you are in a buisness making money you should spend some on making sure that back up system has a static IP as well- or does the back up no offer static IP's? could you not manually configure the IP into your back ups router, this could possibly hold the IP i have done this on home cable connections.
 
What about using Dynamic DNS for the backup link??? Just a suggestion, without knowing more about the setup that is the best thing I could come up with to track dynamic address changes if obtaining a static address is not an option...
 
The only way to do what you are wanting involves having a static IP. You'd have to have a NAT device sitting on the second static IP that would redirect the traffic to the dynamically moving IP. It would be a lot easier to just assign that static IP to whatever resource they need to reach.

You could use your one static IP to point at a NAT device, and have the NAT device point to whichever resource is actually up at the time, but you don't have real redundancy that way. The NAT would become your single point of failure, instead of your resource.

If most of your custmers' firewalls are using IP address and not fully qualified domain names to set their firewall configs (I would only use IPs, DNS poisoning somwhere up your DNS chain is just too easy), dynamic DNS isn't going to address their issues, as dynamic DNS just allows the FQDN to change to point at a current IP. You can't point one IP address to another without using a NAT device or other forwarding hardware.
 
Thanks for all the responces. I know a static IP on both ends is really the best solution.
 
Nessus' point is correct.

You could do it that way, using a NAT device in between or windows NLB.
 
You must log in or register to reply here.
Back
Top