Zorus Network Security - Configuring Net Address

An overview of Network options when setting up a WAN with Zorus Network Security

Option 1: IPv4 or IPv6 Address

Simply insert a standard IPv4 or IPv6 address in the field. In the event that there is more than one IP address used for a Customer site, then you will either need to create a new Network (WAN) or do one of the other options below

Option 2: IP with CIDR Notation

CIDR stands for Classless Inter-Domain Routing that allow for notation to specify a range of IP Addresses. They include two parts separated by a forward slash /:

  1. The IP Address base

  2. The CIDR range as an integer

The most important thing to note is the secondary field (CIDR Range) number decreases the number of IP Addresses in the range with a larger number designation.

For IPv4 a /0 designates 4,294,967,296 IP Addresses while a /32 designates just a single IP address.

For IPv6 a /0 designates 340,282,366,920,938,463,463,374,607,431,768,211,456 IP Addresses, while /128 designates a single IP address

Examples of the notation as well as the ranges for each integer distinction can be found at this site: IPv4 / IPv6 CIDR - IP.SB

Zorus Network Security only allows CIDR ranges for IPv4 to be between /24 and /32 while IPv6 only allows for between /48 and /128. DNS addresses must conform with the RFC standard.

Option 3: Dynamic DNS Address

Small business or homes frequently do not buy expensive network hardware nor register for explicit static IP Addresses and so their networks are given a “dynamic” or “possibly changing” IP address from their Internet Service Provider (ISP).

Just because your IP address at home may be one day does not mean it may stay that the next day or even the next minute. The ISP may provide you with a new address whenever they swap hardware, reconnect you to new systems, when your router restarts (usually from power outages), or just because they feel like it.

Thus Dynamic DNS clients such as No-IP will run on a computer or piece of hardware at a location and periodically send up what that device is resolving as it’s public global IP Address. This address is then bound through their system to a “DNS Address” that they have in their records that you register with them. Instead of providing a hard-set IP Address you can instead provide this “DNS Address” that will resolve to where your client is pushing any IP address changes from.

Example: How To Set Up Dynamic DNS Client (No-IP)

No-IP provides a single registration absolutely free (because they rock my socks). Register by signing up at their website then go to Dynamic DNS → No-IP Hostnames in their navigation and “Create Hostname” following their conventions.

Afterwards go to Dynamic DNS → Dynamic Update Client (DUC) and install the client for the OS that you wish to have the client run on to update your IP address record.

Log in to the app and choose your address from the list (or you may create it directly from the DUC) and just let it run. It will query every now and again and keep your address up to date with the registration.

… And that’s it! You now have Dynamic DNS set up :slight_smile:

Zorus Portal

Customer Networks Grid

As you can see from the image above we allow for all options written previously. If provided an IPv4/IPv6 it will just display that one address.

If it includes the CIDR notation it does not break down each address the range includes, but instead only displays the IP with the CIDR.

For Dynamic DNS records it will include both the DNS address as well as any resolved IP addresses, separated by a colon : and space between the DNS and first IP address with commas separating the IP addresses that may resolve to the DNS address.

Create/Edit Validation

The portal includes validation in the Create/Edit modal on the Network Address for invalid input. Because we accept a DNS address this means that some invalid IP Addresses may make it pass validation because an invalid IP address can technically be a DNS address.

However, the validation will display below the input field. IPv4 only allows CIDR ranges to be between /24 and /32 while IPv6 only allows for between /48 and /128. DNS addresses must conform with the RFC standard.

Invalid CIDR IPv4:

Invalid IPv6 CIDR

Invalid Domain