[TriLUG] at&t fiber
David Burton via TriLUG
trilug at trilug.org
Fri Sep 8 10:37:06 EDT 2017
On Thu, Sep 7, 2017 at 11:19 AM, Mark Turner via TriLUG <trilug at trilug.org>
wrote:
> Hey folks,
>
> I've had AT&T Fiber for about three months now. 1Gb up and down. Fast
> and rock-solid, so far.
>
> I ditched the AT&T modem (in my case, a Pace 5268AC) right away since I
> don't really trust AT&T being on my home network (with the
> vulnerabilities found in their Arris modems, I was justified).
>
Mark, that's really interesting, but I'm a bit confused. (Note: I don't
have AT&T currently, but they pulled fiber to my curb, so I'm interested.)
AT&T uses the 802.1x *wired* protocol to authenticate to its network.
> One drawback for 802.1x wired is that there is no ongoing
> reauthentication. Authentication is used only to initially open the
> port. Once the port is up it does not reauthenticate.
>
> This means you can set up your own router to act as your gateway. You'll
> need to clone the MAC address of your AT&T modem and set it up to pull
> DHCP addresses (including IPv6, I believe).
>
> Then, plug the AT&T router and the ONT into a gigabit switch (any will
> do, it doesn't have to be managed). Wait until the AT&T router has
> exchanged certificates with the AT&T headend and you have traffic
> flowing. Once this happens, plug in your router to the gigabit switch
> and unplug the AT&T router.
>
Here's a Pace 5268AC manual:
https://www.dslreports.com/r0/download/2267100~5694a5d84811c1255c4f12556de77ead/5268AC%20Manual.pdf
>From that manual it appears that the fastest internet connection it
supports is VDSL2, which Wikipedia says
<https://en.wikipedia.org/wiki/VDSL#VDSL_standards> supports up to 100
mbps, max.
So I was surprised that your AT&T gigabit fiber came with a Pace 5268AC!
Correct me if I'm wrong: the ONT is the fiber version of a NID, typically
on the outside of the house, with fiber coming in and some sort of copper
coming out. Right?
Here's a screenshot from the Pace 5268AC manual:
http://www.geeksalive.com/Pace_5268AC_Manual_screenshot.png
<http://www.geeksalive.com/Pace_5268AC_Manual_screenshot.png>
*(click to enlarge)*
So, I think I have a guess at the answer. My guess is that with gigabit
fiber the green VDSL port is unused, and they're instead using the red
Ethernet port, and running copper 1000base-T Ethernet to the ONT.
Is that correct?
And so the Pace 5268AC gateway/modem is really just functioning as a
router? Right?
And so in your email you're using the terms "AT&T router" and "AT&T modem"
interchangeably? Right?
So... could you dispense with the gigabit switch entirely, and just unplug
the Pace 5268AC from the ONT and plug your router (with cloned MAC address)
in its place, after the authentication? Or would the momentary
disconnection from the ONT trigger a reauthentication attempt?
Or, for a shorter glitch, perhaps you could use a mechanical AB switch,
like one of these?
http://www.ebay.com/itm/Mini-2-Port-AB-Manual-Network-Switch-Box-2In1-1In2-Sharing-RJ45-Network-Ethernet-/232405140436
http://www.ebay.com/itm/mini-2-Ports-Rj45-Inner-External-Network-Switch-Splitter-Box-Avoid-Cable-Plug-/181142320097
http://www.ebay.com/itm/CablesOnline-2-Way-RJ45-Ethernet-AB-Manual-Switch-Box-SB-034-/270656362709
Dave
> Viola! All your gigabit sweetness is now passing through your router and
> the AT&T router can be put aside.
>
> I've run for months this way, only going through the process if my
> devices lose power. Give it a try!
>
> Cheers,
>
> Mark
>
More information about the TriLUG
mailing list