US Telco Support → AT&T → AT&T U-verse > Does the new NVG589 suuport DMZPlus/IP Passthough?

Does the new NVG589 suuport DMZPlus/IP Passthough?

I would like to go to the "Power" level for my U-Verse but if they replace my 3800HGV-B I am concerned I would not be able to put my router / AP behind their new Moto gateway. I leverage QOS due to the number of concurrent users in my household... big family!

Has anyone tested out this mode in the NVG589?

Yes, it supports IP passthrough.

So on the NVG589, enabling DMZ+ will disable the internal DHCP server? I'll just use my RT-N16 on the DMZ+ port.

Thanks for the replies. When a friend of mine ordered U-verse internet only they sent him a NVG510 and when we put the his Netgear behind that and setup IP Passthrough the default gateway delivered to the Netgear was always "0.0.0.0" thus it didn't work. We had to manually configure the IP / Gateway in his router from the settings in NVG510 when it is the gateway and set to back to IP passthough. This put's him at risk if U-verse starts rotating IP addresses.

The above issue has always made me leery of any equipment from AT&T.

Given DMZ'd device (RT-N16) is a 2nd router's WAN port, the NVG589's DHCP-server still hands out an IP (and a gateway IP) to the DHCP-client RT-N16. The RT-N16's LAN side is another subnet, DHCP-served by the RT-N16 itself, not the NVG589 RG.

The gateway IP is for an upstream (public) ATT router. Say RG's subnet is 192.168.1.x, and DMZ'd 2nd router's subnet is 192.168.2.x (both private).

In my experience, a device behind 2nd router can ping devices on the RG's subnet. But 2nd router's routing table has no entry for 192.168.1.x subnet; it routes thru the upstream ATT gateway.

How is that made possible: to ping RG's private subnet from 2nd router's subnet?

% traceroute -n -I 192.168.1.64
traceroute to 192.168.1.64 (192.168.1.64), 64 hops max, 72 byte packets
 1  192.168.2.1  0.712 ms  0.294 ms  0.286 ms
 2  * * *
 3  192.168.1.64  75.862 ms  5.201 ms  5.299 ms

Due to the trickery used by DMZ+/IP Passthrough, the 2nd router isn't actually talking to the upstream AT&T router (it's really the NVG589 acting like the upstream router). As the NVG589 knows about that subnet it routes those packets there instead.

/M

Well Friday the 27th is the day I am upgrading to the "Power" tier for internet. According to the person on the phone I will be receiving the NVG589 and a home visit is required. They didn't say anything about the $99 install fee keeping my fingers crossed that I will have a seamless transition and that I will still have IP Pass-through.

Just a follow up on my upgrade to the "Power" tier and IP Passthough.

My upgrade went well. He spent more time at the box then he did at my house. The NVG589 took about 15 minutes to upgrade it's firmware before we were able to re-attach my router. It was very easy to setup IP Passthough to a static MAC address (my router). Also the IPv6 was active and I was able to setup IPv6 address delegation in my router but it didn't work until I turned off QOS.

So my speed test shows 46 mbps down and 5.5 mbps up. AT&T advertised 45/6 but my tests shows close enough for that AT&T advertised.

I am working with the Tomato firmware developers on the IPv6 issue with QOS. There is some coding changes required to fix the placement of IPv6 table rules into the right containers. I am ok without QOS right now but if a big backup kicks off my IP Phones will take the hit.

Passthrough, like 2wire DMZ, can end up with two subnets, two wifi's one for NVG589 itself, one for your router I presume?

If so, and you kept your IP phones as clients of NVG589 instead, you could test its new super built-in QoS features (during big backups). Does it give its own subnet's VOIP traffic priority in the queue, over non-VOIP traffic from passthrough?

Does that improve your IP Phone reliability, during your period of QoS crisis?

On the NVG589 I turned off the Wireless radio and rely on my Asus RT-N66U for both wireless and wired client. I haven't thought about connecting my Ooma service directly to the NVG589 while having passthough configured to leverage my router for other devices.

Yes that type of configuration does sound interesting but I doubt the native QOS support in the NVG589 is exposed to consumer equipment. I don't see any configuration option for it on the menus so I assume the U-verse TV receivers and the phone ports configurations are all hidden.

Been posts implying ATT RG's with ATA's "just work" (to prioritize them), despite exposing no configurable QoS options: »Re: U-Verse & VoIP

Still wanting reports claiming same for NVG589.

For me (2wire 3800) no TV, also like to keep all devices behind my 2nd router in the DMZ with its own QoS settings. As a consequence, after recent minor speed-bump in the tiers, had to reconfigure those same QoS settings...

To test phone QoS reliability with TV, I suspect one should be perpetually changing channels? Better worst case, forcing more use of TCP (briefly used for faster channel change response) versus one-way UDP.

I thought htese problems were solved with the "cascaded router" options in the pace 3801HG and the nvg589? Supposedly both have the option. the NVG had it right from the start if memory serves correctly and the 3801 got it with the most recent firmware update.

AFAIK, the "cascaded router" option only works if you buy a static IP block. People with a single dynamic IP can't use it.

/M