From Tom_Roche at pobox.com Tue Aug 26 11:39:13 2014 From: Tom_Roche at pobox.com (Tom Roche) Date: Tue, 26 Aug 2014 11:39:13 -0400 Subject: [Trilug-ontopic] best way(s) to get static IP# @home with DHCP ISP? Message-ID: <871ts3uuou.fsf@pobox.com> summary: I'm a home ISP user who may soon be required to get a static IP#. Please recommend cheap-but-effective ways to do this. details: I'm a student doing research using data and other computing resources provided by a federal agency in RTP. I'm in the area, but far enough away that travel to/from the site is onerous. Accordingly I have been using these assets remotely for almost 2 years: I use an agency-provided SecurID[1] to authenticate to a VPN, and SSH over the VPN into research clusters. The agency also contracts with Computer Sciences Corporation (CSC) for security services. It appears that, recently, CSC contractors decided that all "external partners" (such as myself) should be restricted to remote access from static IP#s. I'm appealing this decision, but suspect I will be steamrolled. (Hopefully without extraordinary rendition[2].) So I'd appreciate tips/tricks regarding how (or how not) to acquire one or more static IP#s so as to jointly optimize cost (low) and performance (e.g., high reliability and speed). FWIW 1. I'm running debian on my home PCs, only one of which would need static IP. 2. I have an old router=WRT54GL running DD-WRT that I currently use only as a wired switch (for which it is plenty fast) between the FP modem and my PCs. 3. My current ISP=FreedomPop, which I've been using for nearly a year. They don't (IIUC) provide static IP. Nevertheless I'd prefer to stay on that provider, since 3.1. FP costs less than a third of what TimeWarner/RoadRunner wanted me to pay (on which price-hike announcement I bailed), and I am very price-sensitive. 3.2. FP has been reasonably fast (certainly plenty fast to shell into console sessions). I suspect that any third-party static-IP or dynamic-DNS provider I use will degrade the ISP's connection speed: I'm hoping to limit the degradation. 3.3. FP has been quite reliable with the VPN. It only tends to drop during major thunderstorms, probably because their network is wireless. (Currently home service is 4G, but apparently will go LTE Real Soon Now; their phone service is already LTE.) your assistance is appreciated, Tom Roche [1]: https://en.wikipedia.org/wiki/SecurID [2]: http://www.therenditionproject.org.uk/global-rendition/the-aircraft/N288KA.html From bdmc at buadh-brath.com Tue Aug 26 12:34:23 2014 From: bdmc at buadh-brath.com (Brian McCullough) Date: Tue, 26 Aug 2014 12:34:23 -0400 Subject: [Trilug-ontopic] best way(s) to get static IP# @home with DHCP ISP? In-Reply-To: <871ts3uuou.fsf@pobox.com> References: <871ts3uuou.fsf@pobox.com> Message-ID: <20140826163423.GA25297@bdmcc-us.com> On Tue, Aug 26, 2014 at 11:39:13AM -0400, Tom Roche wrote: > > summary: I'm a home ISP user who may soon be required to get a static IP#. Please recommend cheap-but-effective ways to do this. I wonder whether Nivex's IPv6 solution would solve your issue. He has a cheap Linode machine set up as his "global endpoint." He sets up a VPN connection from whereever he is to that, and then from there to the "actual" destination. You and use either IPv4 or IPv6 with such a solution. Yes, you will have some speed decrease, going through two servers, but that shouldn't be a major factor. Brian From Tom_Roche at pobox.com Tue Aug 26 12:37:28 2014 From: Tom_Roche at pobox.com (Tom Roche) Date: Tue, 26 Aug 2014 12:37:28 -0400 Subject: [Trilug-ontopic] best way(s) to get static IP# @home with DHCP ISP? In-Reply-To: <20140826163423.GA25297@bdmcc-us.com> References: <20140826163423.GA25297@bdmcc-us.com> <871ts3uuou.fsf@pobox.com> Message-ID: <87y4ubtdfb.fsf@pobox.com> Tom Roche Tue, 26 Aug 2014 11:39:13 -0400 >> [I'm a student] using data and [computing remotely] provided by a >> federal agency[, which uses] Computer Sciences Corporation (CSC) >> for security services [...] recently, CSC contractors decided that >> all "external partners" [must use] static IP#s. Brian McCullough Tue, 26 Aug 2014 12:34:23 -0400 > [Nivex] has a cheap Linode machine set up as his "global endpoint." > He sets up a VPN connection from [wherever] he is to that, and then > from there to the "actual" destination. Interesting. I could do 10 $/mo. Is this solution documented anywhere? (Casual DDG did not find.) Alternatively, is Kevin Otte on this list? > You [could] use either IPv4 or IPv6 with such a solution. Good, because my guess is that Nameless Federal Agency is gonna be on IPv4 until someone pries the packets off their cold, dead cables :-) FWIW (and IIUC), they're still running nearly all XP desktops onsite (though a few folks have Scientific Linux supported). TIA, Tom Roche From Tom_Roche at pobox.com Tue Aug 26 14:05:45 2014 From: Tom_Roche at pobox.com (Tom Roche) Date: Tue, 26 Aug 2014 14:05:45 -0400 Subject: [Trilug-ontopic] best way(s) to get static IP# @home with DHCP ISP? In-Reply-To: <53FCC9EE.80002@earlham.edu> References: <53FCC9EE.80002@earlham.edu> <87y4ubtdfb.fsf@pobox.com> <20140826163423.GA25297@bdmcc-us.com> <871ts3uuou.fsf@pobox.com> Message-ID: <87sikjt9c6.fsf@pobox.com> Tom Roche Tue, 26 Aug 2014 11:39:13 -0400 >>>> [I'm a student] using data and [computing remotely] provided by a >>>> federal agency[, which uses] Computer Sciences Corporation (CSC) >>>> for security services [...] recently, CSC contractors decided that >>>> all "external partners" [must use] static IP#s. Brian McCullough Tue, 26 Aug 2014 12:34:23 -0400 >>> [Nivex] has a cheap Linode machine set up as his "global endpoint." Tom Roche Tue, 26 Aug 2014 12:37:28 -0400 >> Interesting. I could do 10 $/mo. Is this solution documented[?] >> (Casual DDG did not find.) Alternatively, is Kevin Otte on this list? Kevin Hunter Kesling Tue, 26 Aug 2014 13:54:54 -0400 > No, he's not, but I'll bet if you posed this question on the main list > (where there've been plenty of other discussions along this line) Will do. It's not that I'm opposed to the main list, but I'm on the digest, which gets *quite* long/unwieldy. thanks, Tom Roche From hunteke at earlham.edu Tue Aug 26 13:54:54 2014 From: hunteke at earlham.edu (Kevin Hunter Kesling) Date: Tue, 26 Aug 2014 13:54:54 -0400 Subject: [Trilug-ontopic] best way(s) to get static IP# @home with DHCP ISP? In-Reply-To: <87y4ubtdfb.fsf@pobox.com> References: <20140826163423.GA25297@bdmcc-us.com> <871ts3uuou.fsf@pobox.com> <87y4ubtdfb.fsf@pobox.com> Message-ID: <53FCC9EE.80002@earlham.edu> At 12:37pm -0400 Tue, 26 Aug 2014, Tom Roche wrote: > Brian McCullough Tue, 26 Aug 2014 12:34:23 -0400 >> [Nivex] has a cheap Linode machine set up as his "global endpoint." >> He sets up a VPN connection from [wherever] he is to that, and then >> from there to the "actual" destination. > > Interesting. I could do 10 $/mo. Is this solution documented > anywhere? (Casual DDG did not find.) Alternatively, is Kevin Otte on > this list? No, he's not, but I'll bet if you posed this question on the main list (where there've been plenty of other discussions along this line), he'd respond to it. Cheers, Kevin