[server-admins] Fwd: IP address space allocation - Phoenix

Jonathan Marsden jmarsden at fastmail.fm
Wed Jan 12 19:04:53 MST 2011 

On 1/12/2011 11:36 AM, Troy A. Griffitts wrote:

> From: "Ed LaFrance" <edl at liscolo.com>

> Here is your block of IP addresses:

> Network:	64.71.190.104
> Broadcast:	64.71.190.111
> Netmask:	255.255.255.248
> Gateway:	64.71.190.105

OK, so you have 5 usable public IPs.  At some point you should think
about whether it makes sense to use multiple IPs, so you could bind
Apache to one IP and Tomcat to another, or give each web virtual host
its own IP and so make https possible for each site, etc.

Whether you want to even think about that right now... is a different
issue :)  Perhaps wiser to get the move done as is, using a single
public IP, and then do some thinking and IP address allocation redesign
later.

> Hurricane Electric periodically audits usage of IP allocations, and
> may revoke a subnet if utilization is below the 80% mark, and the
> situation is not resolved in a timely manner. Please be sure to
> alias/bind at least 80% of your usable range to an addressable device
> so that they respond to simple ICMP ping requests within a reasonable
> time frame of receiving them. If you will be using a firewall, please
> add a rule to allow ICMP packets from 'monitor.he.net'
> (216.218.130.50) through.

So even if you don't use the 5 IPs now, you want to make them pingable
just to keep the beancounters happy... OK.

> By default he.net will configure the first usable ip address in the 
> range as the gateway.

That's fine.

> If you need resolvers for external DNS lookups, we suggest you use the 
> following servers run by OpenDNS.com:
> 
> 	208.67.222.222
> 	208.67.220.220

I wouldn't do that myself; use 8.8.8.8 and 8.8.4.4 (Google's public DNS
servers) to get started, soon we'll be running DNS on the crosswire.org
server itself.

> To have reverse DNS delegated to you, please supply us with the 
> following information:
> 
> 1. Primary nameserver name (ie ns1.mynameserver.com)
> 2. Secondary nameserver name (ie ns2.mynameserver.com optional)
> 3. Notation desired (DeGroot, RFC4183, or RFC2317)

Let's hold off on this until we have BIND running on the crosswire.org
machine, so we don't have to do this twice.

Jonathan

More information about the server-admins mailing list