[TriLUG] ATT gigabit internet quick review

Ron Kelley via TriLUG trilug at trilug.org
Sun Dec 11 12:58:31 EST 2016 

What are you guys doing about AT&T spying on your line?  I understand you 
have to pay more each month  to opt-out of their data collection policy.


On December 11, 2016 12:46:16 PM "Rogers, Matthew via TriLUG" 
<trilug at trilug.org> wrote:

> You got it.  It's pretty easy, just need to get the workflow right, and you 
> overcome the limited routing capabilities of the att junk.  I'm using an 
> opnsense Linux box with 2 nics running inline ids and vpn services.
>
>
> Matthew Rogers | Senior Security Manager
> Allscripts | 8529 Six Forks Road | Raleigh, NC | 
> 27615<x-apple-data-detectors://0/1>
>
> 919.691.4636<tel:919.691.4636> | M
> 919.329.1130<tel:919.329.1130> | D
>
>
> matthew.rogers2 at allscripts.com<mailto:matthew.rogers2 at allscripts.com> | 
> www.allscripts.com<http://www.allscripts.com/>
> Corporate Headquarters l 222 Merchandise Mart 
> Plaza<x-apple-data-detectors://5> l 20th Floor l Chicago, IL l 60654
>
> On Dec 6, 2016, at 6:13 PM, David Burton via TriLUG 
> <trilug at trilug.org<mailto:trilug at trilug.org>> wrote:
>
> So, is this right, Matthew?
>
> Suppose that your gateway gets external IPv4 address 129.250.123.123. When
> you first set up your router, you plug it into the 5268AC gateway, and your
> router is given an IP address by the gateway between 192.168.0.2 and
> 192.168.0.253. Your computer, plugged into your router, gets an IP address
> between 192.168.x.2 and 192.168.x.253, where x is != 0 (as configured in
> your router's DHCP/LAN settings). Your computer sees the router at
> 192.168.x.1 (or perhaps 192.168.x.254). It sees the gateway at 192.168.0.1
> (or maybe 192.168.0.254). It sees the Internet through two layers of
> NAT-ing.
>
> But when you configure DMZ+ in the gateway, and then reboot your router,
> instead of getting an IP address between 192.168.0.2 and 192.168.0.253,
> your router is given the external IP address, 129.250.123.123, passed on by
> the gateway, which the gateway used to have, before DMZ+ was enabled.
>
> Right?  If that's right, then it sounds pretty good, to me!
>
> It also sounds like you could configure whatever DNSs you want in your own
> router, and if it's a decent router then the problem of machines on your
> LAN not being able to access your server(s) via your external IP address
> would also be solved, since that traffic wouldn't even make it up to the
> gateway.
>
> Dave
>
>
>
> On Tue, Dec 6, 2016 at 3:07 PM, Rogers, Matthew <
> Matthew.Rogers2 at allscripts.com<mailto:Matthew.Rogers2 at allscripts.com>> wrote:
>
> So in DMZ mode the DMZ device shows the external IP which it pulls via
> DHCP.  The ATT device just forwards all traffic to that particular port
> unless it has something in its state table since the ATT router is still
> running.  I turned off the wireless on the ATT device.  It's important to
> note that the ATT device uses a particular subnet 192.168.1.0 or whatever,
> but prior to the DMZ mode being used - the new router will pull an internal
> IP prior to configuration of DMZ plus mode.  If you duplicate that subnet
> you'll cause a problem during that configuration change.
>
>
> *...[snip]...*
>
>
> *From:* David Burton [mailto:ncdave4life at gmail.com]
> *Sent:* Tuesday, December 6, 2016 10:58 AM
> *To:* Rogers, Matthew 
> <Matthew.Rogers2 at allscripts.com<mailto:Matthew.Rogers2 at allscripts.com>>; 
> Triangle Linux
> Users Group General Discussion <trilug at trilug.org<mailto:trilug at trilug.org>>
> *Subject:* Re: [TriLUG] ATT gigabit internet quick review
>
>
>
> On Sun, Dec 4, 2016 at 5:00 PM, Rogers, Matthew via TriLUG <
> trilug at trilug.org<mailto:trilug at trilug.org>> wrote:
>
> You can set a device in dmz plus mode which is basically a bridge mode.  I
> do this and run my own router and domain controller with dhcp/DNS etc.
>
>
>
> Do you end up with double-NAT using DMZ mode, Matthew, or does your router
> get the external IP address?
>
>
>
> Dave
>
> --
> This message was sent to: Matthew 
> <matthew.rogers2 at allscripts.com<mailto:matthew.rogers2 at allscripts.com>>
> To unsubscribe, send a blank message to 
> trilug-leave at trilug.org<mailto:trilug-leave at trilug.org> from that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web    : 
> http://www.trilug.org/mailman/options/trilug/matthew.rogers2%40allscripts.com
> Welcome to TriLUG: http://trilug.org/welcome
> --
> This message was sent to: Ron Kelley <rkelleyrtp at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that 
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web	: 
> http://www.trilug.org/mailman/options/trilug/rkelleyrtp%40gmail.com
> Welcome to TriLUG: http://trilug.org/welcome

More information about the TriLUG mailing list