how-to block ads
|
|
Share Topic
 |
 |
|
Kieran
join:2012-11-01
Gastonia, NC | reply to Kieran
Re: [Modem] Port Forwarding doesn't work even with bridged modem
WNR2000 Port Forwarding |
| |
 NetFixerFrom my cold dead handsPremium
join:2004-06-24
The Boro
 ·Comcast Business..
 ·Vonage
 ·Cingular Wireless
·Comcast
2 edits | said by Kieran:Yes, I have the WNR2000's DMZ set to my comp's static IP, and the first application cannot be connected to from the internet. I have a couple of arbitrary ports set up to see if I can successfully test any of them, but so far all of them appear closed. The program is set to pass through the firewall, but that shouldn't matter as I turned the wirewall OFF to test it. Did I understand your question correctly?
If your question was directed to me (you actually replied to yourself), then yes, you answered my question.
My next question is when you look at the "Router Status" page, does the router show that you are getting a public IP address from AT&T? I seem to recall seeing a warning from AT&T that they were going to start using the 10.0.0.0/8 subnet for WAN IP addresses, and put all non-static IP customers on "carrier grade" NAT. Perhaps that practice has already started in your area? It is your use of the 10.0.0.0 subnet on your LAN that reminded me of that warning.
Here is a link to an article on this site discussing that: »AT&T Warns U-Verse Users of Service Disruption
While the warning implies that only U-verse customers will be effected, that does not mean that AT&T could not have expanded the practice into standard ATM DSL areas too.
Another possibility related to AT&T's use of the 10.0.0.0 subnet, is that even if you are still getting a public IP address on your router's WAN, AT&T might be using that subnet (and have devices with the same IP addresses as devices on your LAN), that could be complicating your use of that subnet for Internet facing applications. I remember having that problem when I used Covad. They used the 192.168.1.0 subnet for some of their internal routers and switches, and that caused problems for me until I changed my private LAN subnet (and my LAN device IP addresses) to something other than 192.168.1.x.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander. | |
 NormanSPremium,MVM
join:2001-02-14
San Jose, CA
kudos:9
 ·SONIC.NET
·Pacific Bell - SBC
| reply to Kieran
In line with NetFixer  's comments, there is a seemingly rarely used block of RFC 1918 reserved IP addresses which would not conflict with either the 10/8 block, or the 192.168/16 block. Carve a /24 out of the 172.16/12 block. Don't worry about all those slashes; all you need to know is the required subnet mask for a given network address.
RFC 1918 defines three ranges of IP addresses reserved for private networks. Here is the RFC ("Request For Comment"):
»www.faqs.org/rfcs/rfc1918.html
172.16/12 starts at 172.16.0.0, and runs to 172.31.255.255. You can configure the WNR2000 LAN to use 172.16.0.0 with a subnet mask of 255.255.255.0. That would mitigate any conflicts with either of the other reserved blocks.
Instead of your current 10.0.0.112 address, you would be using 172.16.0.112 on your device. Your gateway in routing would be 172,16.0.1.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum | |
NetFixerFrom my cold dead handsPremium
join:2004-06-24
The Boro Reviews:
·Comcast Business..
·Vonage
·Cingular Wireless
·Comcast
1 edit | said by NormanS:In line with NetFixer 's comments, there is a seemingly rarely used block of RFC 1918 reserved IP addresses which would not conflict with either the 10/8 block, or the 192.168/16 block. Carve a /24 out of the 172.16/12 block. Don't worry about all those slashes; all you need to know is the required subnet mask for a given network address.
RFC 1918 defines three ranges of IP addresses reserved for private networks. Here is the RFC ("Request For Comment"):
»www.faqs.org/rfcs/rfc1918.html
172.16/12 starts at 172.16.0.0, and runs to 172.31.255.255. You can configure the WNR2000 LAN to use 172.16.0.0 with a subnet mask of 255.255.255.0. That would mitigate any conflicts with either of the other reserved blocks.
Instead of your current 10.0.0.112 address, you would be using 172.16.0.112 on your device. Your gateway in routing would be 172,16.0.1.
Actually AT&T uses both the 10/8 and the 172.16/12 blocks internally. Here is the ipconfig information for a tethered AT&T cell phone connection, and a traceroute to www.dslreports done using that connection.
PPP adapter AT&T Mobility:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.180.147.18
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 10.180.147.18
DNS Servers . . . . . . . . . . . : 172.16.7.167
172.16.7.167
Primary WINS Server . . . . . . . : 10.11.12.13
Secondary WINS Server . . . . . . : 10.11.12.14
C:\>tracert www.dslreports.com
Tracing route to www.dslreports.com [209.123.109.175]
over a maximum of 30 hops:
1 * * * Request timed out.
2 203 ms 157 ms 151 ms 172.26.248.2
3 160 ms 175 ms 171 ms 172.16.7.82
4 156 ms 152 ms 165 ms 10.251.11.32
5 167 ms 201 ms 153 ms 10.251.10.2
6 200 ms 166 ms 482 ms 10.252.1.1
7 152 ms 163 ms 162 ms 209-183-048-002.mobile.mymmode.com [209.183.48.2]
8 240 ms 143 ms 164 ms 172.16.75.1
9 155 ms 203 ms 162 ms 12.94.97.13
10 150 ms 162 ms 174 ms cr1.dlstx.ip.att.net [12.122.100.26]
11 173 ms 176 ms 165 ms gar26.dlstx.ip.att.net [12.123.16.85]
12 153 ms 166 ms 144 ms 4.68.62.229
13 184 ms 812 ms 275 ms vlan60.csw1.Dallas1.Level3.net [4.69.145.62]
14 215 ms 180 ms 219 ms ae-63-63.ebr3.Dallas1.Level3.net [4.69.151.134]
15 167 ms 201 ms 177 ms ae-7-7.ebr3.Atlanta2.Level3.net [4.69.134.22]
16 176 ms 555 ms 207 ms ae-2-2.ebr1.Washington1.Level3.net [4.69.132.86]
17 186 ms 223 ms 194 ms ae-81-81.csw3.Washington1.Level3.net [4.69.134.138]
18 210 ms 204 ms 261 ms ae-82-82.ebr2.Washington1.Level3.net [4.69.134.153]
19 188 ms 199 ms 202 ms ae-4-4.ebr2.Newark1.Level3.net [4.69.132.102]
20 189 ms 218 ms 198 ms ae-21-52.car1.Newark1.Level3.net [4.69.156.37]
21 214 ms 196 ms 219 ms NETCCESS.car1.Newark1.Level3.net [4.26.16.190]
22 210 ms 293 ms 189 ms 0.e3-3.tbr2.mmu.nac.net [209.123.11.77]
23 257 ms 201 ms 214 ms 0.e1-1.tbr2.oct.nac.net [209.123.10.21]
24 177 ms 214 ms 198 ms vlan808.esd1.oct.nac.net [209.123.10.42]
25 181 ms 218 ms 202 ms www.dslreports.com [209.123.109.175]
Trace complete.
FWIW, I don't see any private subnets being used on my backup AT&T WiFi hotspot connection (which goes through a traditional AT&T ATM based DSL circuit), but that does not mean that AT&T is not using mixed public/private IP addresses for some DSL locations. Here is the same traceroute to www.dslreports using that connection.
C:\>use-att.cmd
Pinging 192.168.1.254 with 32 bytes of data:
Reply from 192.168.1.254: bytes=32 time=177ms TTL=253
Ping statistics for 192.168.1.254:
Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 177ms, Maximum = 177ms, Average = 177ms
C:\>route change 0.0.0.0 mask 0.0.0.0 192.168.9.9 metric 10
You are now using the Windcrest AT&T backup connection!
C:\>tracert www.dslreports.com
Tracing route to www.dslreports.com [209.123.109.175]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms ps1.dcs-net [192.168.9.9]
2 3 ms 3 ms 3 ms ap1-dcs-net [192.168.8.254]
3 261 ms 276 ms 271 ms 192.168.1.254
4 532 ms 340 ms 149 ms adsl-74-240-252-1.bna.bellsouth.net [74.240.252.1]
5 268 ms 198 ms 56 ms 70.159.210.120
6 186 ms 177 ms 365 ms 70.159.210.122
7 608 ms 89 ms 63 ms 70.159.210.119
8 340 ms 118 ms 308 ms 12.81.32.144
9 244 ms 41 ms 36 ms 12.81.32.45
10 198 ms 156 ms 230 ms 74.175.192.138
11 371 ms 207 ms 47 ms cr1.nsvtn.ip.att.net [12.122.148.14]
12 210 ms 128 ms 113 ms cr2.attga.ip.att.net [12.122.28.105]
13 627 ms 432 ms 211 ms attga02jt.ip.att.net [12.123.22.153]
14 591 ms 248 ms 188 ms 192.205.34.234
15 451 ms 190 ms 178 ms ash-bb1-link.telia.net [80.91.246.76]
16 122 ms 107 ms 98 ms nyk-bb2-link.telia.net [213.155.134.128]
17 169 ms 65 ms 369 ms nyk-b3-link.telia.net [80.91.247.21]
18 120 ms 66 ms 79 ms netaccess-tic-133837-nyk-b3.c.telia.net [213.248.99.90]
19 413 ms 679 ms 492 ms 0.e1-4.tbr1.mmu.nac.net [209.123.10.101]
20 336 ms 599 ms 185 ms 0.e1-1.tbr1.oct.nac.net [209.123.10.17]
21 192 ms 247 ms 370 ms vlan804.esd1.oct.nac.net [209.123.10.2]
22 311 ms 64 ms 261 ms www.dslreports.com [209.123.109.175]
Trace complete.
Also (in AT&T's defense), while they have to some extent allowed their DSL infrastructure to decay, it isn't as bad as the above traceroute seems to indicate. The excessive lag is due to a relayed WiFi connection to a very busy hotspot in my apartment complex's leasing office. A traceroute to www.dslreports.com done directly from that hotspot's Netopia 3347 router is shown below (I have access because I maintain that network).
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander. | | |
|
|
