Sppedtouch Modem with PPoE router

Forums › New Zealand Broadband › Sppedtouch Modem with PPoE router

aboylikedave

243 posts

Master Geek
+1 received by user: 4

Topic # 57584 18-Feb-2010 07:34

Just got my Broadband via a Telecom Speedtouch ST536. I also have a Buffallo WHR-HP-G54. flashed with DD-WRT (although I don't really understand it's full capability, but can follow instructions!)

Can somebody cofirm that I can't use them together as the ST is PPoA?

I had been warned this might be the case before, one solution was a modem in half bridge mode. WIll I notice any impact on speed? What other impications are there for this solution?

Thanks

p.s. In relation to my previos post about choosing an ISP have been very impressed with Telecom's customer service, v quick phone pick ups....so far!

My EPL football websites: Get the results but hide the score of your team at HidetheScore.net. Compare league positions with wage bills at RealPremierLeague.net.

SamF

1383 posts

Uber Geek
+1 received by user: 168

Trusted

Reply # 300631 21-Feb-2010 01:53

FYI, I currently have an ST536 & a Linksys WRT54GL with DD-WRT on it.

There are various ways you can get these 2 working together:

1) Half-Bridging / DHCP Spoofing
2) PPTP to PPPOA Bridging
3) Double NAT
4) 1:1 NAT / N:N NAT

That's the theory, now here's the practical issues with each:
1) Half-Bridging (or DHCP Spoofing as it is referred to in the Thomson world) has some pretty serious issues with Internet IP renewals. I have created scripts to address this in the past, but to be honest, the whole thing is a very ugly mash of CR@P!!

2) PPTP to PPPOA Bridging has MAJOR issues with CPU usage on my 200MHz DD-WRT router! Basically once setup the CPU usage went through the ceiling and stayed there and subsequently the router was dropping HUNDREDS of packets per second under network load!! Your router might be powerful enough to handle this, but it will be working pretty hard to do so and this will impact on other services on the box.

3) Double NAT can have issues with having to forward ports twice, thus having to maintain double firewall rulesets or if you try to forward all 65536 ports it hangs the ST536!

4) 1:1 NAT (or N:N NAT in Thomson speak) is Double NAT but with a static address translation to effectively forward all traffic to one address. This option is the best one of the lot and will only give you issues if you are trying to host a SIP / VideoPhone gateway (SIP VOIP phones will still work fine).

People will tell you that Double-NAT is a big no-no, but really, after spending probably well over 100 HOURS working on all 4 of these options over the years, Double-NAT with 1:1 NAT is the easiest to implement, best performing, least troublesome, and most robust option of them all!!

If you want to setup 1:1 NAT the do the following:
- Telnet to the ST536 & login as 'Administrator'.
- Enter the commands:

:firewall config state=disabled

:nat tmpladd type=nat outside_addr=0.0.0.1 inside_addr=192.168.1.1

saveall

NOTE: 192.168.1.1 will need to be substituted with the outside (Internet facing) IP address of your DD-WRT box.

All done!

Let me know if you have any issues.

Now if NZ ISPs used PPPoE, this would all be a moot point!! I don't know why they all use PPPoA!?

Ragnor

8025 posts

Uber Geek
+1 received by user: 387

Trusted

Subscriber

Reply # 300734 21-Feb-2010 15:52

Usually the problem with double NAT is related to that fact that many programs and services use UPNP, IGP or NAT-PMP to dynamically open/forward ports in the router.

The front router (Thomson) has no idea what has been dynamically opened/fowarded in the back router (WRT) so I expect you will still face the same problems with hosting games, msn file transfers and so on.

Many games and services have moved to using a central server as a reflector between players/users/networks so you don't see the problem as much anymore as you used to.

SamF

1383 posts

Uber Geek
+1 received by user: 168

Trusted

Reply # 300743 21-Feb-2010 16:29

Sure, but real men configure their firewalls manually rather than relying on some application / OS to do it for them :P :P :P

Ragnor

8025 posts

Uber Geek
+1 received by user: 387

Trusted

Subscriber

Reply # 300808 21-Feb-2010 20:15

That would get annoying fast with multiple computers behind the same router playing the same game where the game dynamically uses a different port for each player and where it may not use the same port number next time you play.

You'd have to forward the port twice once for each router for every computer every time you played, sounds lame!

SamF

1383 posts

Uber Geek
+1 received by user: 168

Trusted

Reply # 300813 21-Feb-2010 20:22

BAH! Real men don't complain about such trivial things!! :D Shutup and open another port man!! LOL.

tanivula

515 posts

Ultimate Geek
+1 received by user: 25

Reply # 301473 23-Feb-2010 13:40

Is 1:1 NAT the same as DMZ in other routers?

SamF

1383 posts

Uber Geek
+1 received by user: 168

Trusted

Reply # 301638 23-Feb-2010 20:03

A DMZ is more of a concept than a method, so depending on the router it may use one of a number of methods to achieve this.

rphenix

854 posts

Ultimate Geek
+1 received by user: 53

Subscriber

Reply # 303110 28-Feb-2010 20:59

Most Alcatel speedtouch units have a firmware that allows you to setup a PPTP to PPPOA bridge (in that your router establishes a pptp vpn connection to the speedtouch, and from there gets assigned the public ip). I did similar with a Speedtouch 530 till I replaced it with a Draytek PPPOE to PPPOA modem.

SamF

1383 posts

Uber Geek
+1 received by user: 168

Trusted

Reply # 303132 28-Feb-2010 22:03

rphenix: Most Alcatel speedtouch units have a firmware that allows you to setup a PPTP to PPPOA bridge (in that your router establishes a pptp vpn connection to the speedtouch, and from there gets assigned the public ip). I did similar with a Speedtouch 530 till I replaced it with a Draytek PPPOE to PPPOA modem.

Be aware that this can cause issues with some routers not having sufficient CPU power to deal with this configuration however.