Bridge + NAT

Johnboy1951

Some of the older eircom supplied ADSL modem/routers had the facility to choose Bridge+NAT, which essentially meant that the modem/router did its own NAT but also provided a bridge connection to another router.
The result was that from one broadband connection the customer could have two (or more with more routers?) WAN IP addresses.

Is this type of set up possible with the newer devices from eir for their FTTC or FTTH packages?

ED E

You have to purchase a static block to do this, otherwise you can only pull one IP from the pool.

Johnboy1951

ED E wrote: »

You have to purchase a static block to do this, otherwise you can only pull one IP from the pool.

Thanks.
So they have applied limitations that were not present on ADSL.

ED E

AFAIK they've been present for a very long time.

seaniefr

ED E wrote: »

AFAIK they've been present for a very long time.

Applogies for piggybacking but do you know ED E if you can just buy a second IP address in the same physical location rather than a block

ED E

Not sure what you're asking, two IPs in the same gelocation(pool) but not sequentially? Then I'm pretty sure no.

You've one calling ID, so you've get one assignment. Normally its /32 so a single IP, but you can purchase any CIDR block above that eg: /30 for two usable, /29 for six and so on.

In the past it was €50 one time fee for a /30, not sure if thats still true. Heard tell of a subscription charge for VDSL a la vodafone.

seaniefr

ED E wrote: »

Not sure what you're asking, two IPs in the same gelocation(pool) but not sequentially? Then I'm pretty sure no.

You've one calling ID, so you've get one assignment. Normally its /32 so a single IP, but you can purchase any CIDR block above that eg: /30 for two usable, /29 for six and so on.

In the past it was 50 one time fee for a /30, not sure if thats still true. Heard tell of a subscription charge for VDSL a la vodafone.

Yeah think I have a handle on what you are saying I basically have a workshop in the middle of nowhere linked to my own place by wireless so I can monitor the cameras and I can't get Adsl there or FWA at a reasonable price so was looking to view cctv there when out and about as well as my own place that's basically what I mean

Johnboy1951

ED E wrote: »

AFAIK they've been present for a very long time.

Maybe I misunderstood so

To be clear, it is my experience that with the ADSL router/modem in Bridge+NAT setting, the modem acquires an IP address, and a router attached to it can get a separate and different IP address.

This without any special arrangements or purchasing a static IP block.
Both the IPs would be dynamic.

I am trying to determine if the devices issued for FTTC/FTTH have the same or similar settings available to the user.

mass_debater

Johnboy1951 wrote: »

Maybe I misunderstood so

To be clear, it is my experience that with the ADSL router/modem in Bridge+NAT setting, the modem acquires an IP address, and a router attached to it can get a separate and different IP address.

This without any special arrangements or purchasing a static IP block.
Both the IPs would be dynamic.

I am trying to determine if the devices issued for FTTC/FTTH have the same or similar settings available to the user.

Bridge and NAT is what's known as half bridge mode, where the modem passes the received public IP to the next device and forwards all traffic to it. You only get one IP. The router connected to the modem should be set to receive an IP address on the Wan by DHCP, not PPPoE as the modem will be using PPPoE.

Half Bridge Mode

When the PPP Half Bridge is enabled the modem becomes invisible.The DHCP server will duplicate the WAN IP address from the ISP to the local client PC. Only one PC is able to access the Internet using half bridge mode.

Half bridge mode can only be used when a single IP address has been assigned by the ISP, it is not suitable for services that provide multiple IP addresses. Half bridge mode is used when the use of NAT or NAPT is not desired and there is a single computer attached to the modem.

When to Use Half Bridge Mode
When using a separate firewall that will be protecting the network, half bridge mode will allow the firewall to appear on the internet using the publicly accessible IP address assigned by the ISP. This configuration will allow the dedicated firewall to have full control of the inbound and outbound traffic and is the intended purpose for this mode.

Security Consideration
Remember that when not using NAT/NAPT the computer system is more vulnerable to attack from the internet so extra consideration should be given to security. A firewall and up-to-date anti virus software should be considered a minimum requirement. Also remember to check your operating system and software regularly for security updates and apply them as soon as possible.

Johnboy1951

mass_debater wrote: »

Bridge and NAT is what's known as half bridge mode, where the modem passes the received public IP to the next device and forwards all traffic to it. You only get one IP. The router connected to the modem should be set to receive an IP address on the Wan by DHCP, not PPPoE as the modem will be using PPPoE.

Not what I described.

I specifically stated two different WAN IPs.

The router/modem gets one and the attached router another when using PPoE.

mass_debater

Johnboy1951 wrote: »

Not what I described.

I specifically stated two different WAN IPs.

The router/modem gets one and the attached router another when using PPoE.

Not what you described but the way half bridge mode (bridge and NAT) is supposed to work. Not sure why you would want a public IP on a transparent bridge, you can get to it from lan for admin purposes, how often would you even want to do that.

Johnboy1951

mass_debater wrote: »

Not what you described but the way half bridge mode (bridge and NAT) is supposed to work. Not sure why you would want a public IP on a transparent bridge, you can get to it from lan for admin purposes, how often would you even want to do that.

I have no idea how this is 'supposed' to work, only that it does what I described.

So the question remains ...... is the same facility available in the modem/routers for FTTC/FTTH connections?

mass_debater

Johnboy1951 wrote: »

I have no idea how this is 'supposed' to work, only that it does what I described.

So the question remains ...... is the same facility available in the modem/routers for FTTC/FTTH connections?

No, half bridge mode is not an option in either the Eir f1000 or f2000 modems, not sure about other providers modems. You were never supposed to get more than one IP, that they insist you pay for. Eir charge a one off fee, Vodafone charge monthly

ED E

To my knowledge eir RAS's wouldnt support this with any residential connection since they've used calling stations for auth which they've done for a really long time if not since they started.

The only way you'd get two IPs is if they provisioned your profile on their end to allow it. It may be the case if you ordered the right type of package it facilitated it and you received a modem to complement it.


VM's CPE when bridged will allocate up to 3(4) addresses out to devices behind it so that may facilitate whatever you want to do.

Johnboy1951

ED E wrote: »

To my knowledge eir RAS's wouldnt support this with any residential connection since they've used calling stations for auth which they've done for a really long time if not since they started.

It does here

The only way you'd get two IPs is if they provisioned your profile on their end to allow it. It may be the case if you ordered the right type of package it facilitated it and you received a modem to complement it.

No special order, just ordinary ADSL broadband.
No special modem either.
In fact I have used a couple of different model eircom modems over the years.

VM's CPE when bridged will allocate up to 3(4) addresses out to devices behind it so that may facilitate whatever you want to do.

Thanks.

It seems either no one else has ever tried my set up or else I have a peculiar one.

Strange .....