An overview of Network options when setting up a WAN with Zorus Network Security
Option 1: IPv4 or IPv6 Address
Simply insert a standard IPv4 or IPv6 address in the field. In the event that there is more than one IP address used for a Customer site, then you will either need to create a new Network (WAN) or do one of the other options below
Option 2: IP with CIDR Notation
CIDR stands for Classless Inter-Domain Routing that allow for notation to specify a range of IP Addresses. They include two parts separated by a forward slash /:
-
The IP Address base
-
The CIDR range as an integer
The most important thing to note is the secondary field (CIDR Range) number decreases the number of IP Addresses in the range with a larger number designation.
For IPv4 a /0 designates 4,294,967,296 IP Addresses while a /32 designates just a single IP address.
For IPv6 a /0 designates 340,282,366,920,938,463,463,374,607,431,768,211,456 IP Addresses, while /128 designates a single IP address
Examples of the notation as well as the ranges for each integer distinction can be found at this site: IPv4 / IPv6 CIDR - IP.SB
Zorus Network Security only allows CIDR ranges for IPv4 to be between /24 and /32 while IPv6 only allows for between /48 and /128. DNS addresses must conform with the RFC standard.
Option 3: Dynamic DNS Address
Small business or homes frequently do not buy expensive network hardware nor register for explicit static IP Addresses and so their networks are given a “dynamic” or “possibly changing” IP address from their Internet Service Provider (ISP).
Just because your IP address at home may be 36.11.14.86 one day does not mean it may stay that the next day or even the next minute. The ISP may provide you with a new address whenever they swap hardware, reconnect you to new systems, when your router restarts (usually from power outages), or just because they feel like it.
Thus Dynamic DNS clients such as No-IP will run on a computer or piece of hardware at a location and periodically send up what that device is resolving as it’s public global IP Address. This address is then bound through their system to a “DNS Address” that they have in their records that you register with them. Instead of providing a hard-set IP Address you can instead provide this “DNS Address” that will resolve to where your client is pushing any IP address changes from.
Example: How To Set Up Dynamic DNS Client (No-IP)
No-IP provides a single registration absolutely free (because they rock my socks). Register by signing up at their website then go to Dynamic DNS → No-IP Hostnames in their navigation and “Create Hostname” following their conventions.
Afterwards go to Dynamic DNS → Dynamic Update Client (DUC) and install the client for the OS that you wish to have the client run on to update your IP address record.
Log in to the app and choose your address from the list (or you may create it directly from the DUC) and just let it run. It will query every now and again and keep your address up to date with the registration.
… And that’s it! You now have Dynamic DNS set up
Zorus Portal
Customer Networks Grid
As you can see from the image above we allow for all options written previously. If provided an IPv4/IPv6 it will just display that one address.
If it includes the CIDR notation it does not break down each address the range includes, but instead only displays the IP with the CIDR.
For Dynamic DNS records it will include both the DNS address as well as any resolved IP addresses, separated by a colon : and space between the DNS and first IP address with commas separating the IP addresses that may resolve to the DNS address.
Create/Edit Validation
The portal includes validation in the Create/Edit modal on the Network Address for invalid input. Because we accept a DNS address this means that some invalid IP Addresses may make it pass validation because an invalid IP address can technically be a DNS address.
However, the validation will display below the input field. IPv4 only allows CIDR ranges to be between /24 and /32 while IPv6 only allows for between /48 and /128. DNS addresses must conform with the RFC standard.