I'm on FiOS (was Verizon now Frontier Comm.) and I'm considering buying a Pi for ampr.org connection. I'm pretty much stuck with the Verizon Actiontec MI424WR on the WAN due to ISP requirements and I'm wondering how it might be best to place the Pi on the LAN. Should it be in the DMZ or should it stay behind NAT?
Feel free to email me off list if this is OT.
On Tue, Apr 05, 2016 at 11:05:38AM -0700, Geoff Joy -KE6QH- wrote:
I'm on FiOS (was Verizon now Frontier Comm.) and I'm considering buying a Pi for ampr.org connection. I'm pretty much stuck with the Verizon Actiontec MI424WR on the WAN due to ISP requirements and I'm wondering how it might be best to place the Pi on the LAN. Should it be in the DMZ or should it stay behind NAT?
I'm not familiar with that particular router, but most residential routers don't have a provision for allowing the IPIP protocol through the NAT so you pretty much have to use the DMZ for AMPRNet tunneling. - Brian
The DMZ IS behind NAT, too. The DMZ host sits on the LAN, has a local LAN IP, just that any unknown/unclassified traffic is forwarded to that specific host.
-----Original Message----- From: Geoff Joy -KE6QH- Sent: Tuesday, April 05, 2016 21:05 To: AMPRNet working group Subject: [44net] ISP Router and Pi Cohabitation
(Please trim inclusions from previous messages) _______________________________________________ I'm on FiOS (was Verizon now Frontier Comm.) and I'm considering buying a Pi for ampr.org connection. I'm pretty much stuck with the Verizon Actiontec MI424WR on the WAN due to ISP requirements and I'm wondering how it might be best to place the Pi on the LAN. Should it be in the DMZ or should it stay behind NAT?
Feel free to email me off list if this is OT.
I am on FiOS with Frontier and I don't use an Actiontec -- The box that does the media conversion from optic to copper (usually outside your house) can be configured to put the Internet on Ethernet, and configured as a bridge, then you install your router on the other end of the Ethernet. I use MikroTik. I actually also have Comcast/Xfinity, and do a similar configuration with a Motorola modem and bring both Ethernets to the router, for IPv4 I run most traffic through FiOS but have auto failover to Comcast. All IPv6 is routed to Comcast.
I actually have a VPN with routed addresses that supports the net-44 stuff
On Tue, Apr 5, 2016 at 11:05 AM, Geoff Joy -KE6QH- geoff@windowmeister.com wrote:
(Please trim inclusions from previous messages) _______________________________________________ I'm on FiOS (was Verizon now Frontier Comm.) and I'm considering buying a Pi for ampr.org connection. I'm pretty much stuck with the Verizon Actiontec MI424WR on the WAN due to ISP requirements and I'm wondering how it might be best to place the Pi on the LAN. Should it be in the DMZ or should it stay behind NAT?
Feel free to email me off list if this is OT.
Geoff Joy - ke6qh - AmprNet IP Address Coordinator for San Bernardino & Riverside Counties. (44.18/16)
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
On Tue, 5 Apr 2016 12:10:16 -0700, K7VE - John k7ve@k7ve.org wrote:
I am on FiOS with Frontier and I don't use an Actiontec -- The box that does the media conversion from optic to copper (usually outside your house) can be configured to put the Internet on Ethernet, and configured as a bridge, then you install your router on the other end of the Ethernet. I use MikroTik. I actually also have Comcast/Xfinity, and do a similar configuration with a Motorola modem and bring both Ethernets to the router, for IPv4 I run most traffic through FiOS but have auto failover to Comcast. All IPv6 is routed to Comcast.
I actually have a VPN with routed addresses that supports the net-44 stuff
I've got TV/internet/phone on the TriplePlay/Pay/Pray plan. :) I know the ONT is configured to send the internet stuff over the UTP and the coax is split in my office between the router, DVR and the TV. I know the ONT is also bridged already. It was my understanding that the DVR cannot be configured or updated by the ISP if you don't use their router. I know they have a backdoor into the router for firmware updates as I think I saw at least one update over the years.
The service is 99.999% up for at least the last 5 years or so therefore I am not inclined to go to the expense of changing routers unless Frontier decides to start screwing up their subscribers but your fail-over scheme sounds interesting. I wasn't aware Comcast had IPv6 to end users already. I know my Apple devices are Teredo tunneling their IPv6 traffic here.
It sounds like putting a Pi on the DMZ and VPN into the ampr.org would be the way to go.
-
Brian Kantor -
Geoff Joy -KE6QH- -
K7VE - John -
Marius Petrescu