09-27-2009 12:14 PM
We have had U-verse service for about two weeks and it is the most annoying piece of equipment I have ever used in a residential setting. I signed up for static IP addresses and was assigned a /29 block. I was so excited at the bandwidth available and a legitimate static IP address package. Keep in mind this is from my perspective and I am probably ignorant of many things, but my experience has been very far from ideal.
My first issue is that I have created a simple Linux virtual machine. Insured the NIC in the virtual machine has a unique MAC address. The machine won't keep a consistent IP address to save its life! I set it to DHCP on the private network (192.168.1.0/24) and it will, after a short period of time (hours or less) come up as "DHCP Renew" in the address allocation screen. Doing a DHCP release and getting a new address usually ends my device up with an external IP address! Wait a bit longer, maybe even the full lease period and it will change back to private. Completely horrible behavior from the gateway.
So issue one: device won't honor my private pool settings on the address allocation screen.
Issue 2: If you try to actually ASSIGN one of thse static IP addresses using the address allocation screen and keep the LAN client in DHCP mode after a short period of time it shows up as DHCP renew and gets assigned back to the private LAN or the static IP addresses changes. All of this happens with *ZERO* changes to the configuration on the gateway. Just waiting a bit and then releasing and reaquiring an IP from the gateway. This is hugely frustrating and only seems to be happening on some of my LAN devices. However, there is no reason for it.. the MAC addresses on these devices are not changing so I have no idea why the gateway would suddenly change a setting I specifically set.
Issue 3: It can take days for the statically assigned machine to finally show up.
The only solution anyone has proposed to me is that I use the DMZPlus mode and push a separate firewall / router behind that to handle the static IP addresses. This seems completely unacceptable when I am paying 180 dollars a year for static IP addresses. I expect to be able to actually use the darn things. Does anyone have any kind of magical insight in how to make the gateway behave properly and stop acting like a network ninja ... honor my allocation settings and just behave like a proper gateway / router??
I have called Tier II support and been through three different gateways with the same issue. Tier II support just kind of shrugs and says "well you can always try DMZPlus". I really wish someone could help me out. The people that have come to my house usually barely understand networking and have usually not seen a Linux machine or heard of virtualization so I might as well be performing black magic as far as they are concerned.
I am really frustrated. All I wanted to do was prop up a couple of virtual machines, assign them static IP addresses, and run a few services like OpenVPN, SSH and a web server for personal sites.... such a simple and incredibly reasonable use case for static IP addresses is nearly impossible it seems. Am I missing something?
09-27-2009 9:23 PM
09-28-2009 11:24 AM
The U-Verse RG is a rather idiosyncratic beast, especially when public IPs are involved.
The main thing that you have to keep in mind is that the RG routes everything by MAC address, not by IP address. Furthermore, the routing code in the RG assumes 1 MAC=1 device.
Because of this, there are two oddities to the U-Verse RG that affect the way the network responds:
1. You cannot use multihomed devices with the RG. If your host machine and the guest virtual machine are sharing a network card, and the host and the guest have different IP addresses, then the frames from the guest MUST have a different Ethernet MAC address. Use a network packet sniffer to verify this -- if the MAC addresses are the same and only the IP addresses are different, it will never work with the RG, period.
2. You basically cannot assign a static IP at the device in all circumstances. The RG provides its own facility to assign static IP addresses.
Here is the proper procedure to assign static public IPs to your devices:
1. Get both your host and guest up and running with DHCP-assigned private IP addresses in the 192.168.1.x range.
2. Go to the RG's main web page at http://192.168.1.254 from the host.
3. Click on Home Network at the top. Ensure that both the host and the guest are listed in the network summary as 2 independent local devices. If not, you have a MAC address problem.
4. Once that is resolved (if necessary), click on Advanced Settings.
5. Check the box for the Public Routed Subinterface. Type in the router address (first usable address in the block is fine - NOT the first address in the block which is the network address. e.g. if the public network you're assigned is 126.96.36.199/28, the router address would be 188.8.131.52, and subnet mask would be 255.255.255.240). Click save.
6. Now, over on the right you have a list of devices. At the bottom, click the button for Edit Address Allocation.
7. For any device you want to assign a public IP to from your static range, find it in the list, and change the first pull-down menu to "Public (select WAN IP mapping)". For the 2nd pull-down menu, select "Public from pool 184.108.40.206" (if you don't care which public IP it gets), or select "Public fixed: 99.99.99.x" to give it a fixed, constant IP address from the public pool. Click Save at the bottom.
8. Leave the assigned device to DHCP, but force it to release/renew either by command line (ipconfig /release, and ipconfig /renew for WIndows machines), or reboot. Upon the next DHCP renew, the device will pick up the public IP mapping.
9. Configure the firewall if necessary on the RG to add pinholes for certain services, or go back in to the Edit Address Allocation screen and uncheck the "Firewall Protection" box to open the device to the Internet completely.
The reason for all these gyrations is that the DVR/STB devices have to be on the private network (192.168.1.x) at the same time that other devices may be on the public network, and the RG has to keep them separate internally.
03-23-2019 9:54 AM
The procedure SomeJoe7777 provides is the best answer I have seen to date. Most RGs (such as the LinkSys and NetGear routers) allow you to use NAT to route incoming traffic to the correct internal host. Although the method these other RGs use is not typically used in large enterprise settings, it is the easiest for home users to understand and to implement public IP addressing on a home network for your web, DNS, application, , and email servers. ,