# Assigning Static IP Address Range in a Router



## Sasqui (Oct 8, 2013)

My current router, ASUS RT-N66U, has DHCP setup for addresses .1 through .254 (all of them) by default.  There's usually a default range for static addresses.  Simple question I think... I have some camera hardware that I need to assign static local IP's to, and ports for forwarding.  What should I pick for a range?

Also, in the meantime, I've assigned a static IP with a lease for 48 days and assigned a separate port to that, say 98.  I type in xx.xx.xx.xx:98 and gets to the camera just fine.  xx.xx.xx.xx is the "whatismyIP" address.  Is that the right way to do it?   And how often does Comcast assign a different outside IP address (the xx.xx.xx.xx part).


----------



## brandonwh64 (Oct 8, 2013)

Sasqui said:


> My current router, ASUS RT-N66U, has DHCP setup for addresses .1 through .254 (all of them) by default.  There's usually a default range for static addresses.  Simple question I think... I have some camera hardware that I need to assign static local IP's to, and ports for forwarding.  What should I pick for a range?
> 
> Also, in the meantime, I've assigned a static IP with a lease for 48 days and assigned a separate port to that, say 98.  I type in xx.xx.xx.xx:98 and gets to the camera just fine.  xx.xx.xx.xx is the "whatismyIP" address.  Is that the right way to do it?   And how often does Comcast assign a different outside IP address (the xx.xx.xx.xx part).



Ok is the camera taking its IP off the router? is it giving out 192.168.x.x addresses? If so then below would be an example IP you could give to your cameras.

192.168.1.254 (For statics I usually start at the end of the range and work my way down)
255.255.255.0
192.168.1.1

DNS would be whatever your router is giving out for a DNS IP.

Even though the router is handing out addresses, setting a static will not harm anything.


----------



## Sasqui (Oct 8, 2013)

brandonwh64 said:


> Ok is the camera taking its IP off the router? is it giving out 192.168.x.x addresses?



Yes indeed... assigning dynamically.




brandonwh64 said:


> DNS would be whatever your router is giving out for a DNS IP.
> 
> Even though the router is handing out addresses, setting a static will not harm anything.



The camer MFG has a DDNS Domain that its set to.

I wanted to have a Static IP, as I thought it was required for port forwarding (?)


----------



## brandonwh64 (Oct 8, 2013)

Sasqui said:


> I wanted to have a Static IP, as I thought it was *required for port forwarding* (?)



Nope no static needed for that since when the router gets port requests that it would handle by the port forwarding policy.

BUT

Since its a device you do not want the IP address to never change then just set it as mentioned above.


----------



## newtekie1 (Oct 8, 2013)

The router has the ability to set Static-DHCP clients. It is located on the same page where you configure the DHCP server. Enter your camera system's MAC address in that section, enter the IP address you want the camera system to have in the DHCP range and then the router will reserve that address for the camera system and guarantee the camera system will always have that IP.

It is bad practice to just set a static IP on the device, and even worse practice to set a static IP address on the device that overlaps with the router's DHCP range.


----------



## Sasqui (Oct 8, 2013)

brandonwh64 said:


> Nope no static needed for that since when the router gets port requests that it would handle by the port forwarding policy.
> 
> BUT
> 
> Since its a device you do not want the IP address to never change then just set it as mentioned above.



Is it possible that something else would try to use/assign the port?  The only way I could find to assign a port was to link it to an IP address.



newtekie1 said:


> The router has the ability to set Static-DHCP clients. It is located on the same page where you configure the DHCP server. Enter your camera system's MAC address in that section, enter the IP address you want the camera system to have in the DHCP range and then the router will reserve that address for the camera system and guarantee the camera system will always have that IP.
> 
> It is bad practice to just set a static IP on the device, and even worse practice to set a static IP address on the device that overlaps with the router's DHCP range.



Ok, I need a networking for dummies book now 

Have a dear friend who is a network junkie, deep packet inspection and all that... offered to skype in and share my screen to help out... maybe I should just accept that offer.


----------



## brandonwh64 (Oct 8, 2013)

newtekie1 said:


> It is bad practice to just set a static IP on the device, and even worse practice to set a static IP address on the device that overlaps with the router's DHCP range.



Yes setting a non expiring lease time by mac works just as good but most newer routers poll the DHCP table to see what address are pingable and if you infact DID set the camera statically then the router would see it as a pingable address and not give that IP address back to the empty pool.



Sasqui said:


> Have a dear friend who is a network junkie, deep packet inspection and all that... offered to skype in and share my screen to help out... maybe I should just accept that offer.



I would honestly do this if you are not comfortable messing with the routers config page. Have him set it up as newtekie said.


----------



## newtekie1 (Oct 8, 2013)

brandonwh64 said:


> Yes setting a non expiring lease time by mac works just as good but most newer routers poll the DHCP table to see what address are pingable and if you infact DID set the camera statically then the router would see it as a pingable address and not give that IP address back to the empty pool.



Some routers do that, a lot do not.  I'm not sure if the ASUS router does that.  Which is why it is generally a bad practice to set static IPs on the devices.


----------



## Sasqui (Oct 8, 2013)

I was planning on setting a range of static IP addresses, assigning the camera to one of those, then assigning a new unique port to that IP.  The default camera port is 80.

To access the camera from outside my LAN using port forwarding, my understanding is that you need to assign a unique port...  am I dense?


----------



## brandonwh64 (Oct 8, 2013)

newtekie1 said:


> Some routers do that, a lot do not.  I'm not sure if the ASUS router does that.  Which is why it is generally a bad practice to set static IPs on the devices.



Maybe I am usta dealing with commercial grade routers such as juniper, cisco, foresystems, and alcatel lucent is the reason for that suggestion.


----------



## ChristTheGreat (Oct 8, 2013)

newtekie1 said:


> Some routers do that, a lot do not.  I'm not sure if the ASUS router does that.  Which is why it is generally a bad practice to set static IPs on the devices.



Why would it be a bad pratice? 

it all depends of the situation:

You have a server that manage 10 IP camera and have a switch for all these hardware. You set DHCP reservation for these (if you use the Router that manage the DHCP.

Blackout and all reboot. The router isn't rebooting.. what is happening? No IP for server and camera so server can't manage them... That is why having static IP to device can be useful depending of what you do.. Same shit for printer, or anything else.

DHCP, I usually use from 10 to 254, and keep lower IP for device that needs to be static.


----------



## newtekie1 (Oct 8, 2013)

Sasqui said:


> To access the camera from outside my LAN using port forwarding, my understanding is that you need to assign a unique port... am I dense?



You don't need a unique port unless something is already using port 80 or your ISP blocks port 80.



brandonwh64 said:


> Maybe I am usta dealing with commercial grade routers such as juniper, cisco, foresystems, and alcatel lucent is the reason for that suggestion.



I'd be nice if home equipment was as nice.



ChristTheGreat said:


> Why would it be a bad pratice?
> 
> it all depends of the situation:
> 
> ...



Not having your router on a UPS is just as bad of a practice.


----------



## ChristTheGreat (Oct 8, 2013)

Sasqui said:


> I was planning on setting a range of static IP addresses, assigning the camera to one of those, then assigning a new unique port to that IP.  The default camera port is 80.
> 
> To access the camera from outside my LAN using port forwarding, my understanding is that you need to assign a unique port...  am I dense?





It depends, your camera has a DDNS? You need to have forwarding port to 80 normally..


----------



## ChristTheGreat (Oct 8, 2013)

newtekie1 said:


> You don't need a unique port unless something is already using port 80 or your ISP blocks port 80.
> 
> 
> 
> ...





You know, UPS or not, any device can crash.. if your UPS is low battery and shutdown... Anyway, Static IP isn't a bad pratice, sorry but I've been using this for a long time and everywhere I worked, we did use this...


----------



## Sasqui (Oct 8, 2013)

newtekie1 said:


> Not having your router on a UPS is just as bad of a practice.



My router is on a UPS 

I was planning on assigning a static IP range in the router then have the camera assiged to a number in the static range, with a unique port.  So, what's is bad practice there?  Serious question...


----------



## ChristTheGreat (Oct 8, 2013)

Personnaly, I prefer to have a restricted IP range that has no DHCP, just for static.

What camera model you have? DDNS will redirect to your Internet IP, but the router needs to accept these request. if the camera is manageable from outside on the company website, there is no need for port forwarding.


----------



## bencrutz (Oct 9, 2013)

Sasqui said:


> I was planning on assigning a static IP range in the router then have the camera assiged to a number in the static range, with a unique port.  So, what's is bad practice there?  Serious question...



well, that is the idea. bind IP's to your camera's mac address respectively, make sure DHCP pool don't overlap them. e.g. you reserve IP x.x.x.10 ~ x.x.x.30 for camera's static IP, so your DHCP pool should be x.x.x.31 ~ x.x.x.254

if your ISP gave dynamic public IP address, then you should set ddns to the router (if it support ddns) so you could access it from the internet (outside your LAN).

to access your cameras, you give them unique ports by setting port forwarding in the router.

e.g. camera0 set to 5000 port, camera1 to 5001, camera2 to 5002 and your ddns is myrouter.no-ip.org then you just type in a browser from anywhere outside your LAN myrouter.no-ip.org:5000 to access camera0 or myrouter.no-ip.org:5001 for camera1 and so on.


----------



## newtekie1 (Oct 9, 2013)

ChristTheGreat said:


> Anyway, Static IP isn't a bad pratice, sorry but I've been using this for a long time and everywhere I worked, we did use this...



In the professional networking world, yes it is considered a bad practice. Your DHCP server should handle all IP assignments.  If you don't trust your DHCP server for some reason then you should address the reason behind why you don't trust your DHCP, not just hard code IP addresses in the devices.



Sasqui said:


> My router is on a UPS
> 
> I was planning on assigning a static IP range in the router then have the camera assiged to a number in the static range, with a unique port.  So, what's is bad practice there?  Serious question...



As long as the router is handling the IP assignments, there is no bad practice.  However, if you hardcode the IP address into the camera, that is a bad practice.  There really is no point in hard coding IPs into the cameras since your router has a section for static DHCP.


----------



## Mussels (Oct 9, 2013)

every modern router i've used just reserves the IP.


so if your dynamic range was between .2 and .254 you can assign .10 to one MAC address, and the router will never give that IP to any other device.


----------



## newtekie1 (Oct 9, 2013)

Mussels said:


> every modern router i've used just reserves the IP.
> 
> 
> so if your dynamic range was between .2 and .254 you can assign .10 to one MAC address, and the router will never give that IP to any other device.



Correct, that is the correct way to do it.


----------



## ChristTheGreat (Oct 9, 2013)

newtekie1 said:


> In the professional networking world, yes it is considered a bad practice. Your DHCP server should handle all IP assignments.  If you don't trust your DHCP server for some reason then you should address the reason behind why you don't trust your DHCP, not just hard code IP addresses in the devices.
> 
> 
> 
> As long as the router is handling the IP assignments, there is no bad practice.  However, if you hardcode the IP address into the camera, that is a bad practice.  There really is no point in hard coding IPs into the cameras since your router has a section for static DHCP.




Well, it must be different opinion as Static IP can prevent downtime for some hardware (like camera... if they record then shoot this to a server, remember what I said, your the DHCP dies, whenever the hardware you reboot, you have no IP in Binding, which is not useful, it is preventing from malfunction shit in your network).

I do trust my 4000$ firewall, which relay the Internet to the servers, but I do keep a backup in case it crash..

Anyway, in this case here, he doesn't need static, I was only pointing the point you said it is a bad pratice to use static IP, as it is not


----------



## Sasqui (Oct 9, 2013)

ChristTheGreat said:


> What camera model you have?



Hootoo HT-IP210F  HooToo HT-IP210F Indoor 640 x 480 MAX Resolution R...  So far, it's awesome.  I haven't been able to get audio, not sure why.  The web interface is flaky on my Droid, but works and there is a 3rd party Android APP that supports the camera.

So at this point, I need to:


Set aside a range of static IP addresses (by default in the ASUS, ALL of the IP addresses .2 through .254 are DHCP). 

Assign one of the static IP addresses to the camera (in the router)

Assign a port to that IP address

Side note: LAN addresses 192.168.1.*1 *and 192.168.1.*255 *are reserved in just about every router (from what I've been told)

I just wish I could understand how DDNS works locally.


----------



## newtekie1 (Oct 9, 2013)

ChristTheGreat said:


> Well, it must be different opinion as Static IP can prevent downtime for some hardware (like camera... if they record then shoot this to a server, remember what I said, your the DHCP dies, whenever the hardware you reboot, you have no IP in Binding, which is not useful, it is preventing from malfunction shit in your network).
> 
> I do trust my 4000$ firewall, which relay the Internet to the servers, but I do keep a backup in case it crash..
> 
> Anyway, in this case here, he doesn't need static, I was only pointing the point you said it is a bad pratice to use static IP, as it is not



You DHCP should not die, that is the point.  If you have a properly setup DHCP server you shouldn't have the need for hard coded devices.  But yes, shit does happen from time to time.  If you hardcode the IP address and your DHCP server dies, and you replace it, and the new one starts trying to hand out the IPs that your cameras already are using, then it can take them down too.  So there is no perfect solution. However, in the professional networking industry, hard-coding IP addresses into devices on the network when DHCP is available is considered a bad-practice.


----------



## Steevo (Oct 9, 2013)

Shorten your DHCP range and use an address outside that range, it will still ARP the IP and add it to the table, but never allocate the IP from the open pool.


So

DHCP range 192.168.0.1-150

Static IP's begin and are assigned to devices at 192.168.0.151

Simple.


----------



## brandonwh64 (Oct 9, 2013)

I think by now he should get the concept of it so lets kill all the good or bad practices and focus on his next move. 

Now then, what have you done so far after going over the post here in the thread sasqui?


----------



## bencrutz (Oct 10, 2013)

Sasqui said:


> So at this point, I need to:
> 
> 
> Set aside a range of static IP addresses (by default in the ASUS, ALL of the IP addresses .2 through .254 are DHCP).
> ...


yep, pretty much all.

for point #2 if you are having difficulty binding static IP in the router, it is ok to set static IP in the camera instead - just make sure you take a note on which IP is which camera so that you wouldnt put the wrong IP in the port forwarding.




> I just wish I could understand how DDNS works locally.


am not sure what you meant. you don't need ddns to access the camera locally (from inside your LAN)


----------



## Sasqui (Oct 10, 2013)

bencrutz said:


> am not sure what you meant. you don't need ddns to access the camera locally (from inside your LAN)



That's my goal, to access the camera outside of the LAN (and do it right).  I have access now through a long term IP lease and assigning a port for port forwarding.

More trying to understand all this and the best way to do it.  I do appreciate the help (everyone).

Was on the road from 9am to 7:30 last night so haven't had any chance to log back into the router since my last post.


----------



## newtekie1 (Oct 10, 2013)

All the DDNS does is assign a domain name to the external IP address of the camera, and if your external IP address changed then the DDNS will update the domain name to point to the new IP address.


----------



## Sasqui (Oct 10, 2013)

newtekie1 said:


> All the DDNS does is assign a domain name to the external IP address of the camera, and if your external IP address changed then the DDNS will update the domain name to point to the new IP address.



Would that require an external (paid) DNS service?


----------



## newtekie1 (Oct 10, 2013)

Sasqui said:


> Would that require an external (paid) DNS service?



Yes, you need an external DNS service, but there are a lot of free services that do this.  I use noip.com.


----------



## Sasqui (Oct 10, 2013)

newtekie1 said:


> Yes, you need an external DNS service, but there are a lot of free services that do this.  I use noip.com.



Had no idea there were free DNS services available.  I have freinds and former colleagues @DYN http://dyn.com/


----------



## bencrutz (Oct 11, 2013)

Sasqui said:


> Had no idea there were free DNS services available.  I have freinds and former colleagues @DYN http://dyn.com/



noip is quite reliable, been using it for a few years now. but i don't think asus router would get along with noip. first time i ever configured a asus router back in early 2012 it didn't support no-ip ddns service.

but i believe asus have it own free ddns service, why don't you try it out and see if it can suffice your need


----------



## Mussels (Oct 11, 2013)

newtekie1 said:


> Yes, you need an external DNS service, but there are a lot of free services that do this.  I use noip.com.



i also use them. you can pay, or click a link they email you once a month.

my tp link supports it natively, but there IS a windows program you can get that auto updates teh WAN IP address (or you can just login to the website and update it yourself manually)


----------



## Sasqui (Oct 11, 2013)

bencrutz said:


> but i believe asus have it own free ddns service, why don't you try it out and see if it can suffice your need



Huh, indeed:

http://asusddns.appspot.com/

Looks like a decent setup guide as well:  http://asusddns.appspot.com/setup.jsp


----------

