I've spent some time over the last month trying to configure a test lab; everything is working quite well but I am confused about dealing with the external network for things like port forwarding.
I have a host machine running three VMs in Hyper-V (all are Windows Server 2016). My host machine has two NICs, one for the external network connected directly to the ISP's dynamic modem, and the other for the internal network (10.0.0.X) connected to a physical switch.
One VM (dc01) is the DC, also handling DNS and DHCP.
Another VM (gateway) is configured for RRAS.
"gateway" is connected to the internal and external switches; "dc01" is just connected to the internal. RRAS is handling routing and NAT. All VMs and clients connected to the switch are able to access the Internet and local domain resources.
However, I am having an issue with access to my network from the outside and I believe it has to do with the way I am handling the modem. The modem is configured as a bridge, so my understanding is it will only hand out one IP address. Since it is connected to the external NIC on the host, that machine gets the IP.
The only VM connected to the external switch is "gateway". Its external NIC is also set to DHCP. When I first configured this, it was getting the same address as the host, which I didn't exactly understand, but everything worked properly, so I didn't question it. I set up a few basic port forwards via the RRAS NAT interface, just adding services on the external NIC. These worked fine until today.
Today, the external NIC on my host got a different IP (as would be expected). However, the external NIC on "gateway", set to DHCP, is still showing the old IP. Internet access still works fine for all machines, but my port forwards no longer work. This makes sense to me logically, since now the traffic would not go any further than my host.
I guess my question is, how should I have the external NICs of my host and "gateway" configured? Should I have the external NIC on the host as a local address on the same or a different subnet as my internal NIC, then allow the DHCP from "gateway" to get the DHCP address from the modem, or am I entirely off-track?