I'm a total noob at networking but I somehow managed to link a Netgear
DM111P to a Linksys WRT54G and make it work, thing is I have 2 working
configs and I'd like to know if one is better, or if both are stupid and
horribly vulnerable.
Please be kind.

I have a dynamic IP
Modem ip: 192.168.0.1
Router ip: 192.168.1.1

1st config- modem is set to pppoe-bridging with dhcp on (in pppoe mode
it can't be turned off) , router's internet connection dialog set to
auto-dhcp.
Router internet config dialog shows:
Connection : Auto-dhcp
IP address : 192.168.1.1
Subnet : 255.255.255.0
Default gateway : xxx.xxx.xxx.N+1 , being the IP assigned by ISP
xxx.xxx.xxx.N
Modem manages the connection/disconnection to internet, being still
accessible trough browser at 192.168.0.1 (this puzzles me because i
though it wasn't going to work, since router's gateway is set to another ip)

2nd config- modem is set to rfc-bridging, this turns off modem dhcp,
router internet connection set to pppoe.
This way router manages connection/disconnection to internet, and modem
is no longer accessible at 192.168.0.1
Router internet config dialog shows:
Connection : PPPoe
Ip address: ip assigned by ISP
Subnet: 255.255.255.255
Default Gateway : ISP's gateway

There's an option for connecting the router to a static Ip (which is
obviously not my case) but i tried to set static IP to 192.168.0.1 just
to see what happened... didn't work.

My limited knowledge suggests me 1st is better (lan before router - lan
between router and modem - internet , maybe?), but i can't tell the
difference between a wan port and my butthole, so I confide in your
experience.
Thank you.

Ragga <look@mydick.com> writes:

> I'm a total noob at networking but I somehow managed to link a Netgear
> DM111P to a Linksys WRT54G and make it work, thing is I have 2 working
> configs and I'd like to know if one is better, or if both are stupid
> and horribly vulnerable.

The latter is Sebastian G's opinion about... well, almost everything.

> Please be kind.

I'll try.

Before you plug either into the internet, be aware of a current issue
with Flash that's making exploiting of UPnP rather common right now,
so whatever you do, you'll want to make sure you get updated firmware
for your router, set an administrative password, and disable UPnP
before you stand em up on the net and do a bunch of web browsing from
behind em.

> 1st config- modem is set to pppoe-bridging with dhcp on (in pppoe mode
> it can't be turned off) , router's internet connection dialog set to
> auto-dhcp.
> Router internet config dialog shows:
> Connection : Auto-dhcp
> IP address : 192.168.1.1
> Subnet : 255.255.255.0
> Default gateway : xxx.xxx.xxx.N+1 , being the IP assigned by ISP
> xxx.xxx.xxx.N
> Modem manages the connection/disconnection to internet, being still
> accessible trough browser at 192.168.0.1 (this puzzles me because i
> though it wasn't going to work, since router's gateway is set to
> another ip)


The router itself uses the gateway IP given to it by the ISP. It uses
it as the default next hop it's gonna send outgoing traffic to on the
WAN interface.

Your LAN devices will use your router's IP as their default gateway.

> 2nd config- modem is set to rfc-bridging, this turns off modem dhcp,
> router internet connection set to pppoe.
> This way router manages connection/disconnection to internet, and
> modem is no longer accessible at 192.168.0.1
> Router internet config dialog shows:
> Connection : PPPoe
> Ip address: ip assigned by ISP
> Subnet: 255.255.255.255
> Default Gateway : ISP's gateway
>
> There's an option for connecting the router to a static Ip (which is
> obviously not my case) but i tried to set static IP to 192.168.0.1
> just to see what happened... didn't work.

I think that setup may have bridged your entire lan right onto the
internet. You'd have to get multiple-IP support from your broadband
provider for it to work, and your lan machines would contact the isp
dhcp server for addresses, if the multiple-ip broadband plan didn't
come with static IP's for you to assign your machines.

You probably really dont' want to be bridging your machines on the
internet.

> My limited knowledge suggests me 1st is better (lan before router -
> lan between router and modem - internet , maybe?), but i can't tell
> the difference between a wan port and my butthole, so I confide in
> your experience.
> Thank you.

Your gut guides you well.

--
Todd H.
http://www.toddh.net/

On 01 Feb 2008 21:47:20 -0600, comphelp@toddh.net (Todd H.) wrote:

>Ragga <look@mydick.com> writes:
>
>> I'm a total noob at networking but I somehow managed to link a Netgear
>> DM111P to a Linksys WRT54G and make it work, thing is I have 2 working
>> configs and I'd like to know if one is better, or if both are stupid
>> and horribly vulnerable.
>
>The latter is Sebastian G's opinion about... well, almost everything.
>
>> Please be kind.
>
>I'll try.
>
>Before you plug either into the internet, be aware of a current issue
>with Flash that's making exploiting of UPnP rather common right now,
>so whatever you do, you'll want to make sure you get updated firmware
>for your router, set an administrative password, and disable UPnP
>before you stand em up on the net and do a bunch of web browsing from
>behind em.
>
>> 1st config- modem is set to pppoe-bridging with dhcp on (in pppoe mode
>> it can't be turned off) , router's internet connection dialog set to
>> auto-dhcp.
>> Router internet config dialog shows:
>> Connection : Auto-dhcp
>> IP address : 192.168.1.1
>> Subnet : 255.255.255.0
>> Default gateway : xxx.xxx.xxx.N+1 , being the IP assigned by ISP
>> xxx.xxx.xxx.N
>> Modem manages the connection/disconnection to internet, being still
>> accessible trough browser at 192.168.0.1 (this puzzles me because i
>> though it wasn't going to work, since router's gateway is set to
>> another ip)
>
>
>The router itself uses the gateway IP given to it by the ISP. It uses
>it as the default next hop it's gonna send outgoing traffic to on the
>WAN interface.
>
>Your LAN devices will use your router's IP as their default gateway.
>
>> 2nd config- modem is set to rfc-bridging, this turns off modem dhcp,
>> router internet connection set to pppoe.
>> This way router manages connection/disconnection to internet, and
>> modem is no longer accessible at 192.168.0.1
>> Router internet config dialog shows:
>> Connection : PPPoe
>> Ip address: ip assigned by ISP
>> Subnet: 255.255.255.255
>> Default Gateway : ISP's gateway
>>
>> There's an option for connecting the router to a static Ip (which is
>> obviously not my case) but i tried to set static IP to 192.168.0.1
>> just to see what happened... didn't work.
>
>I think that setup may have bridged your entire lan right onto the
>internet. You'd have to get multiple-IP support from your broadband
>provider for it to work, and your lan machines would contact the isp
>dhcp server for addresses, if the multiple-ip broadband plan didn't
>come with static IP's for you to assign your machines.
>
>You probably really dont' want to be bridging your machines on the
>internet.
>
>> My limited knowledge suggests me 1st is better (lan before router -
>> lan between router and modem - internet , maybe?), but i can't tell
>> the difference between a wan port and my butthole, so I confide in
>> your experience.
>> Thank you.
>
>Your gut guides you well.

I probably know even less than the OP professes to, but my setup is
similar to his number 2 config. My flaky understanding is that the
broadband modem is effectively just presenting the broadband
connection to the router, which has its own firewall and NAT inbuilt
so that the baddies can't get in. Is that wrong?

The only issue I have with the arrangement is that I can't get at the
modem from a machine on the LAN to see stats, configure it, etc,
unless someone knows an easy workaround?
--
All the best
David Millen
Xativa, Valencia
www.fincacasablanca.com
please reply in group
if you have to email me, remove the obvious:
davidtheobvious@millen.com

David Millen ha scritto:
> On 01 Feb 2008 21:47:20 -0600, comphelp@toddh.net (Todd H.) wrote:
>

>>
>> Before you plug either into the internet, be aware of a current issue
>> with Flash that's making exploiting of UPnP rather common right now,
>> so whatever you do, you'll want to make sure you get updated firmware
>> for your router, set an administrative password, and disable UPnP
>> before you stand em up on the net and do a bunch of web browsing from
>> behind em.

I did my homework and shut off upnp on every machine I have, plus some
services like remote registry/desktop and such (win xp)

>>
>>> 1st config- modem is set to pppoe-bridging with dhcp on (in pppoe mode
>>> it can't be turned off) , router's internet connection dialog set to
>>> auto-dhcp.
>>> Router internet config dialog shows:
>>> Connection : Auto-dhcp
>>> IP address : 192.168.1.1
>>> Subnet : 255.255.255.0
>>> Default gateway : xxx.xxx.xxx.N+1 , being the IP assigned by ISP
>>> xxx.xxx.xxx.N
>>> Modem manages the connection/disconnection to internet, being still
>>> accessible trough browser at 192.168.0.1 (this puzzles me because i
>>> though it wasn't going to work, since router's gateway is set to
>>> another ip)
>>
>> The router itself uses the gateway IP given to it by the ISP. It uses
>> it as the default next hop it's gonna send outgoing traffic to on the
>> WAN interface.
>>
>> Your LAN devices will use your router's IP as their default gateway.
>>

That is what I don't understand, see if this makes sense.
Router's gateway should be the modem, and modem's gateway should be the
ISP's, so router dialog should tell me its gateway is 192.168.0.1 .
This is what happens if I unplug the phone cable from the modem: no
internet connection, no assigned IP from ISP, router tells me its
gateway is 192.168.0.1, very reassuring.
Then I plug in the phone cable, modem hooks up with dsl signal, gets its
dynamic IP 200.100.50.50 .
At this point router changes the parameters shown, and tells me gateway
is 200.100.50.51 .Same scenario as above.
If I traceroute traffic, it shows the obvious 192.168.1.1 - 192.168.0.1
- ISP machines - whatever route to target.
This makes total sense.
So where is 200.100.50.51? What is that?
The only idea I can come up with is "dynamic Ip + 1" is the address
assigned by modem's dhcp to router's wan port in the mini-lan connecting
the two devices.Mini lan that should be the 192.168.0.X subnet (thus I
am able to access modem config with browser, pointing it at
192.168.0.1), while my pc's+router lan is the 192.168.1.X subnet.
Still router should tell me its gateway is 192.168.0.1 as shown in the
traceroute.
Router's gateway address is router's wan port IP?
Modem's IP (on my side) is both 192.168.0.1 and 200.100.50.51? (this
makes no sense at all)
D'oh.



>>> 2nd config- modem is set to rfc-bridging, this turns off modem dhcp,
>>> router internet connection set to pppoe.
>>> This way router manages connection/disconnection to internet, and
>>> modem is no longer accessible at 192.168.0.1
>>> Router internet config dialog shows:
>>> Connection : PPPoe
>>> Ip address: ip assigned by ISP
>>> Subnet: 255.255.255.255
>>> Default Gateway : ISP's gateway
>>>
>>> There's an option for connecting the router to a static Ip (which is
>>> obviously not my case) but i tried to set static IP to 192.168.0.1
>>> just to see what happened... didn't work.
>> I think that setup may have bridged your entire lan right onto the
>> internet. You'd have to get multiple-IP support from your broadband
>> provider for it to work, and your lan machines would contact the isp
>> dhcp server for addresses, if the multiple-ip broadband plan didn't
>> come with static IP's for you to assign your machines.
>>
>> You probably really dont' want to be bridging your machines on the
>> internet.
>>
>>> My limited knowledge suggests me 1st is better (lan before router -
>>> lan between router and modem - internet , maybe?), but i can't tell
>>> the difference between a wan port and my butthole, so I confide in
>>> your experience.
>>> Thank you.
>> Your gut guides you well.
>
> I probably know even less than the OP professes to, but my setup is
> similar to his number 2 config. My flaky understanding is that the
> broadband modem is effectively just presenting the broadband
> connection to the router, which has its own firewall and NAT inbuilt
> so that the baddies can't get in. Is that wrong?
>
> The only issue I have with the arrangement is that I can't get at the
> modem from a machine on the LAN to see stats, configure it, etc,
> unless someone knows an easy workaround?

My same reasoning, with second config router and modem should work as a
single device, like they were a router with built in dsl modem (phone
jack instead of wan port)

Still I configured network as suggested by Todd, thanks mate.

Ragga <look@mydick.com> writes:

> >>> 1st config- modem is set to pppoe-bridging with dhcp on (in pppoe mode
> >>> it can't be turned off) , router's internet connection dialog set to
> >>> auto-dhcp.
> >>> Router internet config dialog shows:
> >>> Connection : Auto-dhcp
> >>> IP address : 192.168.1.1
> >>> Subnet : 255.255.255.0
> >>> Default gateway : xxx.xxx.xxx.N+1 , being the IP assigned by ISP
> >>> xxx.xxx.xxx.N
> >>> Modem manages the connection/disconnection to internet, being still
> >>> accessible trough browser at 192.168.0.1 (this puzzles me because i
> >>> though it wasn't going to work, since router's gateway is set to
> >>> another ip)
> >>
> >> The router itself uses the gateway IP given to it by the ISP. It uses
> >> it as the default next hop it's gonna send outgoing traffic to on the
> >> WAN interface. Your LAN devices will use your router's IP as
> >> their default gateway.
>
> That is what I don't understand, see if this makes sense.
> Router's gateway should be the modem, and modem's gateway should be
> the ISP's, so router dialog should tell me its gateway is 192.168.0.1 .
> This is what happens if I unplug the phone cable from the modem: no
> internet connection, no assigned IP from ISP, router tells me its
> gateway is 192.168.0.1, very reassuring.
> Then I plug in the phone cable, modem hooks up with dsl signal, gets
> its dynamic IP 200.100.50.50 .
> At this point router changes the parameters shown, and tells me
> gateway is 200.100.50.51 .Same scenario as above.
> If I traceroute traffic, it shows the obvious 192.168.1.1 -
> 192.168.0.1 - ISP machines - whatever route to target.
> This makes total sense.
> So where is 200.100.50.51? What is that?
> The only idea I can come up with is "dynamic Ip + 1" is the address
> assigned by modem's dhcp to router's wan port in the mini-lan
> connecting the two devices.Mini lan that should be the 192.168.0.X
> subnet (thus I am able to access modem config with browser, pointing
> it at 192.168.0.1), while my pc's+router lan is the 192.168.1.X
> subnet.
> Still router should tell me its gateway is 192.168.0.1 as shown in the
> traceroute.
> Router's gateway address is router's wan port IP?
> Modem's IP (on my side) is both 192.168.0.1 and 200.100.50.51? (this
> makes no sense at all)
> D'oh.

What make/model of router and make/model of modem? I'm having
trouble picturing where you're seeing this .50 and .51 address. If
you can search up a screen shot or something on the internet it might
be helpful to answer the question.

Generally with a cable modem, teh routing goes
1 your home router's LAN IP
2 an IP somehwere in your ISP's network
3 other stuff

The IP your cable modem is assigned doesn't show up, since strictle a
cable modem isn't an IP layer device. It' conencts at one layer lower
on the ole network stack. From a IP standpoint, the cable modem is
really just a layer 2 thingee that connects your home router to the
ISP's network, and IP doesnt' care about the details.


Once you get the IP and everything is trained up and working, visit a
site like http://whatismyip.com/ (which provide the IP address as
internet web servers would see you as being) and compare those with
what you're seeing on these various screens.

In my case (which is similar router+cable modem), my "public ip" as
webservers see me (and as I'd see at a http://whatismyip.com or
equivalent) matches the "WAN IP" I see in my home router's
configuration page. This address doesn't show up in a traceroute (as
it's not a router's IP address). The default gateway, from the
perspective of my home router is an IP address within my ISP, and it
matches to the IP I see on the 2nd hop of a traceroute performed from
any computer inside my LAN. The first hop of course is the internal
IP address of my router.

Now, on the cable modem itself.... (as reported at the DOCIS standard
location of http://192.168.100.1/ on my scientific atlanta cable
modem) the "cable modem IP address" shows a 10.x address that shows up
nowhere else (not in my router, not in my traceroutes, etc). And
under "CPE Conenctions" on this cable modem status web page, my public
address (that one that matches whatismyip.com) does show there.

Finally, on my client machines in my lan, all DHCP assigned machines
have my router's internal LAN IP address as their default gateway.


Dunno if any of this helps you directly, but gives you another common
datapoint to see if you can figure out what the various IP addresses
that you're seeing on your network can be made sense of.

--
Todd H.
http://www.toddh.net/

Todd H. ha scritto:
> Ragga <look@mydick.com> writes:
>
>>>>> 1st config- modem is set to pppoe-bridging with dhcp on (in pppoe mode
>>>>> it can't be turned off) , router's internet connection dialog set to
>>>>> auto-dhcp.
>>>>> Router internet config dialog shows:
>>>>> Connection : Auto-dhcp
>>>>> IP address : 192.168.1.1
>>>>> Subnet : 255.255.255.0
>>>>> Default gateway : xxx.xxx.xxx.N+1 , being the IP assigned by ISP
>>>>> xxx.xxx.xxx.N
>>>>> Modem manages the connection/disconnection to internet, being still
>>>>> accessible trough browser at 192.168.0.1 (this puzzles me because i
>>>>> though it wasn't going to work, since router's gateway is set to
>>>>> another ip)
>>>> The router itself uses the gateway IP given to it by the ISP. It uses
>>>> it as the default next hop it's gonna send outgoing traffic to on the
>>>> WAN interface. Your LAN devices will use your router's IP as
>>>> their default gateway.
>> That is what I don't understand, see if this makes sense.
>> Router's gateway should be the modem, and modem's gateway should be
>> the ISP's, so router dialog should tell me its gateway is 192.168.0.1 .
>> This is what happens if I unplug the phone cable from the modem: no
>> internet connection, no assigned IP from ISP, router tells me its
>> gateway is 192.168.0.1, very reassuring.
>> Then I plug in the phone cable, modem hooks up with dsl signal, gets
>> its dynamic IP 200.100.50.50 .
>> At this point router changes the parameters shown, and tells me
>> gateway is 200.100.50.51 .Same scenario as above.
>> If I traceroute traffic, it shows the obvious 192.168.1.1 -
>> 192.168.0.1 - ISP machines - whatever route to target.
>> This makes total sense.
>> So where is 200.100.50.51? What is that?
>> The only idea I can come up with is "dynamic Ip + 1" is the address
>> assigned by modem's dhcp to router's wan port in the mini-lan
>> connecting the two devices.Mini lan that should be the 192.168.0.X
>> subnet (thus I am able to access modem config with browser, pointing
>> it at 192.168.0.1), while my pc's+router lan is the 192.168.1.X
>> subnet.
>> Still router should tell me its gateway is 192.168.0.1 as shown in the
>> traceroute.
>> Router's gateway address is router's wan port IP?
>> Modem's IP (on my side) is both 192.168.0.1 and 200.100.50.51? (this
>> makes no sense at all)
>> D'oh.
>
> What make/model of router and make/model of modem? I'm having
> trouble picturing where you're seeing this .50 and .51 address. If
> you can search up a screen shot or something on the internet it might
> be helpful to answer the question.

I'm going to do something stupid and post my config, I hope I masked all
sensitive data

Modem : Netgear DM111P (Not sold in North America) is a DSL2+ - ethernet
Router: Linksys WRT54G-EU version 7 (European version) is a router-wireless
Both devices' firmware is updated to latest version.


Modem DSL config:
http://img110.imageshack.us/img110/5208/modemdslsettingsaq6.jpg
Modem LAN config:
http://img238.imageshack.us/img238/9527/modemlansettingspb4.jpg

DHCP is permanently on in pppoe-bridging mode, modem manages the
connection providing username and password for my DSL

Router Setup:
http://img186.imageshack.us/img186/5738/routersetupmm6.jpg

Router DHCP is off, PCs in home network have manual assigned IP's , they
work fine , also I can turn on router's DHCP , it assignes IP's , and
everything works fine as well.

Now I connect to internet and my IP is:

http://img147.imageshack.us/img147/6066/myipaddressni7.jpg

Router Status turns to:

http://img147.imageshack.us/img147/3310/routerstatuspf9.jpg

Ip address is my assigned ip
Subnet mask : 255.255.255.0
Gateway is "assigned ip +1" , whatever is my dynamic ip (xxx.xxx.xxx.N),
gateway will be xxx.xxx.xxx.N+1
And that is not my ISP gateway, not even close.

Now 3 traceroutes:
http://img405.imageshack.us/img405/4035/traceroutefl3.jpg

They always show same beahviour
192.186.1.1 router
192.186.0.1 modem
Machines belonging to my ISP (99.9% of internet infastructure in my
country is owned by my ISP)
Route to target

This made me think I have one lan "pc's + router" 192.168.1.X , before
the router, and one 192.168.0.X between modem and router.

Second config now I think is like yours:
(no screenshots, I'd have to unplug,reconfigure,replug,I'm lazy)

Modem DSL config:
change pppoe-bridging to rfc-bridging, then no more username/password
blanks because these will be router's job , and DHCP is OFF

Router Setup:
switch Auto Config-DHCP to PPPoE
Dialog now shows blanks for username/password and CONNECT button
So the whole connection to internet is managed by router, especially
since now I can no more reach modem at 192.168.0.1

Router Status:
now it would show

Ip address : my assigned IP address
Subnet mask : 255.255.255.255
Default gateway : IP of my IPS gateway, I checked with them , that is
their gateway .

With this setup , if I do a traceroute there is no hop to 192.168.0.1 ,
traffic passes trhourg router (192.168.1.1) then straight to isp gateway.

This looks like your config, right?
> In my case (which is similar router+cable modem), my "public ip" as
> webservers see me (and as I'd see at a http://whatismyip.com or
> equivalent) matches the "WAN IP" I see in my home router's
> configuration page. This address doesn't show up in a traceroute (as
> it's not a router's IP address). The default gateway, from the
> perspective of my home router is an IP address within my ISP, and it
> matches to the IP I see on the 2nd hop of a traceroute performed from
> any computer inside my LAN. The first hop of course is the internal
> IP address of my router.
>
> Now, on the cable modem itself.... (as reported at the DOCIS standard
> location of http://192.168.100.1/ on my scientific atlanta cable
> modem) the "cable modem IP address" shows a 10.x address that shows up
> nowhere else (not in my router, not in my traceroutes, etc). And
> under "CPE Conenctions" on this cable modem status web page, my public
> address (that one that matches whatismyip.com) does show there.
>
I would say "yeah now I get it", but I still don't understand that
gateway adress (the one similiar to my assigned ip) and moreover, is the
screenshot setup (my actual) a ****up?
If choose second config, I can no longer access modem config, is there a
workaround ?




> Finally, on my client machines in my lan, all DHCP assigned machines
> have my router's internal LAN IP address as their default gateway.
>
Same as me, I just turned off DHCP and assigned LAN IP adresses manually
because I wanted to learn how to do it and to make port forwarding
easier to me.



>
> Dunno if any of this helps you directly, but gives you another common
> datapoint to see if you can figure out what the various IP addresses
> that you're seeing on your network can be made sense of.
>
You are very helpluf, thanks again.