Re: Actiontec DSL Modem/Router Trouble

Nate Duehr <nate@...>

Gary McDuffie, Sr. wrote:

On Wed, 8 Sep 2004 00:48:35 -0700, Ross wrote:

I had to go to a cable modem ISP for many reasons but the main was MSN my
DSL ISP provider made it impossible due to their provided DSL modem
settings. I'm not sure here but it may be your ISP give them a call and
ask if you have a public accessible IP address. Good Luck
I'm assuming everyone knows that you need to have the modem in 'bridging
mode'. The modem needs to pass the IP address from the ISP to the
router so that NAT takes place there and NOT in the modem. The commands
are sometime available online (modem manufacturer), and your provider
usually needs to make the change. An outsider should be able to ping
the outside address as seen on your router's status page. Once you are
done testing, you should then turn off the ability to ping. Just
another part of being transparent to the hackers.

Sorry if this is old news, but it sounded like something that might need
to be included here.

Gary - AG�N
Unfortunately it's not this simple, making this statement not really true.

Some ISP's route fully usable Internet addresses to your router at your location and in this case, you do not need to use a bridged mode or anything like that. A real IP that's routed is a real IP... as long as they're not blocking incoming connections with a stateful firewall, ACL's in their edge routers, etc.

In the case of ISP's that use RFC1918 address space then yeah, if they'll give you a bridged connection to something that has a non RFC1918 space that will make things work.

Basically, what I'm saying here is that it's "more complex" than meets the eye... and of course, this is why even the smallest of ISPs employ a number of router folks. The best anyone can do is either look at their setup with a lot of routing experience and say "ah-ha... I see how my carrier does it!"... or they can call them on the phone and explain what they're trying to do and see if it's possible. In most cases, it is, because customers demand it. ISP's that don't route things correctly to RFC1918 space via NAT are rare, but in cases where they've done it, it has usually been done for a business reason. (i.e. Fully routable "business" connections vs. NAT'ed "residential" connections at different price levels, etc.)

Nate WY0X

Join to automatically receive all group messages.