1

I have a dynamic IP address. I would like to have a static IP, but Virgin Media don't allow static IPs for residential broadband services, even if you ask them really nicely and offer to pay for it without switching to a business tariff.

I am already registered with a dynamic DNS service which is updated by my router eg me.example.com will always resolve to my dynamic IP. This is fine for some circumstances, but not if you can only enter an IP address into configuration files/hardware etc like firewalls, subversion services etc etc.

Is there a way I can have a static IP address 'forwarding' to my dynamic IP?

Would a possible solution involve tunnelling? Setting up a private proxy? Please note the following:

  • I am able to buy an IP address from my web host.
  • I have access to a webserver and I am able to create custom DNS zones.
  • I'm happy to have a webserver running at home if necessary also.
  • I do not wish to change broadband providers.
  • I am already aware of VM's "sticky IPs" which I am currently taking advantage of by leaving the modem on all the time
  • I have zero control over the services that require the IP address entering so I cannot tackle the problem that way round (services I need to access are at work).

PS I've tried googling this issue, but it is very difficult to search for as most results are related to dynamic dns (which I already have set up and isnt quite what I'm after)

teaforchris
  • 149
  • 1
  • 1
  • 4
  • have you tried asking for VPN access from your company? – Zypher Apr 28 '10 at 22:04
  • Yes. The answer was maybe. – teaforchris Apr 28 '10 at 22:10
  • Well then i would suggest you wait for the answer form them, if they say no, and you have a true business case for needing to work from home escalate to your boss. – Zypher Apr 28 '10 at 22:13
  • But I could do with a static IP for a number of other reasons. Accessing company services was only the main one. I would still prefer an answer to my question rather than seeking an alternative solution - while it is still a valid alternative solution which I am already in the process of seeking. – teaforchris Apr 28 '10 at 22:16

2 Answers2

2

If I understand correctly, you need to be able to enter a static IP address in access control lists for external services. Since you have a web host with static addresses, one easy way might be to use port forwarding with SSH. For example:

home$ ssh -L 3690:svn.example.com:3690 webhost.example.com
... then, in another local shell ...
home$ svn ls svn://localhost

This will tunnel the Subversion connection through SSH to your web host, which will then pass it on to the Subversion server, coming from your web host address.

SSH has a wide variety of tunnelling options that can be creatively applied to many different situations. For example, you could set up a web server (or any other type of server) at home and use SSH with -R to tunnel connections from your web host back to your home machine.

Greg Hewgill
  • 6,749
  • 3
  • 29
  • 26
0

Virgin Media dish out dynamic addresses using DHCP. Each DHCP assignment is leased, which defines that the receiving device is permitted to use the given address for the period of time defined in the lease and then it must be renewed. Thus:

  1. If you leave the device and your modem turned on at all times then you'll find that it will continue to renew and you'll retain the same IP address.

  2. If the device is switched off then the lease is either returned or left to expire and the associated IP address is returned to the pool and may be assigned to somebody else.

  3. If that address/lease hasn't been assigned to anyone else by the time you turn your device back on then the same lease will be requested and chances are that you will receive the same address as before.

So although the address you're receiving is dynamic, there's actually a pretty good chance of keeping that same IP address for a long period of time. Providing that you can keep your devices powered on and VM don't produce any outages. If you're connecting your modem directly to your PC then you might want to replace it with a low-powered router to keep on at all times.

It's not quite the same assurance as having a static IP but doing this myself I've typically kept the same address for years at a time. Certainly long enough that I'm comfortable writing it into firewall configs and the such.


If you're not comfortable with that then an alternative is to bounce the connections off another host. You must be able to trust that host though as any direct connections from it would have to be permitted.

Set it up as an OpenVPN server, add it's address to your ACLs and then connect to it with either additional route directives in your config or using redirect-gateway.

Dan Carley
  • 25,189
  • 5
  • 52
  • 70
  • Your first bit: yeah I already knew about this which is what I'm currently doing. I think its known as a sticky IP. I've had the same IP since October (6 months), but the other day it has changed. Indeed, I can update configs/hardware with my new 'sticky' ip every few months, but I'd rather not have the router on all the time and also, the uptime isn't guaranteed so is likely to change again. Your second bit: Can you go into more detail on this? This is more like what I want to achieve. – teaforchris Apr 29 '10 at 12:55