10

As the question suggests, is it possible for me to buy/get dedicated/static IP addresses and connect them to my OpenVPN server so I can assign each IP address to a client?

Peter Mortensen
  • 2,319
  • 5
  • 23
  • 24
Alex Aref
  • 115
  • 5

1 Answers1

19

You can't get provider independent IPv4 space unless you are buying at least a /24 worth (which will cost you at least $6000) and have your own autonomous system. You don't have your own AS; you aren't big enough.

You will need to obtain IP addresses from whoever hosts you, who does have their own AS. You won't be able to take these addresses with you to another provider; they remain with the provider who supplied them to you.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
  • 3
    To elaborate, the reason is that you need to ensure that the whole world knows where to send data so that it arrives in "your" addresses; that's done by someone with multiple large IP ranges (the autonomous system/AS) advertising how to reach "their IP range" where they will know how to forward data to your specific hardware. – Peteris Jun 16 '20 at 22:56
  • 1
    As with any such technical query, my suggestion is always to talk to several supplies - learning more from each one - until you find two or three both happy to take the time, and capable of explaining everything in a way you understand… it matters little whether the query is how to fuse a domestic appliance or cool a nuclear power station. Once they've shown they're both willing and able to help, look at considerations like cost and service… – Robbie Goodwin Jun 16 '20 at 23:37
  • 2
    What is stopping you from getting your own AS? Your RIR rejecting your application? – gszavae Jun 17 '20 at 05:14
  • 1
    @gszavae Most likely, [policy](https://www.arin.net/participate/policy/nrpm/#5-as-numbers). He does not sound like he can currently meet these requirements. – Michael Hampton Jun 17 '20 at 05:20
  • 2
    Are you sure you need your own AS? I was under the impression that you could own provider independent space and get your provider to advertise it under their AS. – Peter Green Jun 17 '20 at 06:18
  • I can't imagine where one would find a seller for an entire class C at $6k in this day and age. – chrylis -cautiouslyoptimistic- Jun 17 '20 at 07:30
  • This is partly backwards. You need the IP space before you can apply for an AS number. – chepner Jun 17 '20 at 11:18
  • @PeterGreen To my knowledg the requirement of getting routed is 2 different uplinks - so 2 providers. Which means need an AS. – TomTom Jun 17 '20 at 12:46
  • IPv6 addresses are *much* cheaper. – Martin Schröder Jun 17 '20 at 17:49
  • 1
    As the question is not specific to IPv4, mentioning IPv6 might be worthwile? – Paŭlo Ebermann Jun 17 '20 at 23:16
  • @PaŭloEbermann The question did not ask about IPv6. – Michael Hampton Jun 17 '20 at 23:20
  • @MichaelHampton No, but not about IPv4 as well. It was about IP addresses, which come in these two flavours. – glglgl Jun 18 '20 at 07:24
  • @MichaelHampton glglgl is correct, IP addresses come in both flavors, and the question does not explicitly state or in any other way indicate a need for IPv4, so there's no reason not to use IPv6. OpenVPN most certainly supports it. Of course I have a hard time understanding why one might want to assign public IPs directly to VPN clients in the first place (it's less safe and will likely be more difficult to set up in OpenVPN and actually get working as expected) – Doktor J Jun 18 '20 at 13:37
  • 1
    @DoktorJ I'm aware of IPv6. I have been routing global IPv6 blocks over OpenVPN for years. I also understand people, which is why I am sure the OP had no thought of IPv6 whatsoever. Maybe he should have, but he gave no indication of it, and that is why it is not mentioned. – Michael Hampton Jun 18 '20 at 14:50