dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
5632
boeckelr2
join:2006-06-05
Stillwater, OK

boeckelr2

Member

NVG 589 issues

Hi - I can't remember if I posted this question here before. But if I did NOBODY responded (might have been at different forum). This time I am asking that you please help. I'm frustrated, and all out of ideas.

In Nov 2012 I upgraded to uverse. All three services. In addition, I ordered a block of static ip addresses. Although the 510 did not have a true bridge mode, I was able to get them to work with my Cisco ASA and all was well.

A few months ago I upgraded to the new 45 Mbps speed level. I was given an NVG589. However, I would describe the 589 we were given as flaky. We suffered from spontaneous loss of television, telephone and internet service a couple times a week. The problem never resolved itself - the only way to restore service was to press the red button on the rear of the unit and wait.

Eventually I called and had tech support come out. All they did was swap 589s and all was well. Uverse was working as it was supposed to. I should note that prior to this we were not seeing the faster bandwidth like as were supposed to - apparently AT&T forgot to update my account to the faster profile. The tech also took care of that, and I was happy.

After my 589 was swapped to a working model, I decided to configure my static ip block - but the router refused to accept them. I sought the help of "David T" - an ATT employee from the AT&T forums - and he and I were unable to figure out what the issue was, even though I was using the correct addresses and subnet mask (he checked to make sure).

So I gave up on the static ips for a while and tried to set up ip passthrough. I have a Cisco ASA that I'd like to practice on...as well as a new Linksys wifi router. After many major problems (spontaneous service drops) I was able to get the Linksys to operate perfectly with ip passthrough. I used it for close to two weeks; however i decided to return the Linksys and purchase a new Netgear wifi router. I figured whichever one of the two - Linksys or Nethear - that I thought I would end up buying whichever router that worked the best.

So last night I tried setting up ip passthrough to work with the Netgear. All it really entailed was changing the MAC address, which I did, and clicking apply.

Upon doing this I started having major problems. My tv service shut down (I didn't check the phone). The internet became excruciatingly slow. And I was having trouble logging into its webpage; when I would click on a link that required the password for example, after entering the password I would be sent back out to the main conduct page that shows status. This made it impossible to get anywhere where I could make changes to the 589. So I was forced to hit the red button on the back of the unit. After waiting thru the 5 mins of rebooting, sometimes everything worked, and other times the internet or TV was giving me problems.

I gave up last night bc I was interfering with people watching tv. But I got up at 5am while everyone was asleep and thought that I got it working. However around noon the phones went totally out.

Please remember I don't have my static ip info entered into my 589.

So after the phone went off out of the blue I reset the 589 to factory defaults, and everything has worked perfectly since.

So what do you suggest I do? I need to use both my static ips as well as ip passthrough. Yet I can't. I can understand if I get connectivity issues with the router connected to the passthrough; but instead it's literally hosing my tv, internet and phone.

Has anyone experienced this? Remember this is my second 589 and presumably a functional unit.

And has anyone ever had issues entering the static IP address black into the 589?

The way I see it, these are both features of AT&TS hardware. And I'm explicitly paying for my static block. Yet I'm unable up use either bc they won't work and noons at AT&T can get them to work. What's especially disconcerting is that thru my research, I haven't come across any similar issues.

And the problem is I need to be able to run additional routers. Plus the 589 is just not able to adequately handle the 4 iPads, 3 iPhones, a roku and an Apple TV, 1 droid, 1 Galaxy tab, an Xbox one and two pcs.

Does anyone have any ideas? Or similar experiences? This is so frustrating.

Thanks!
premtrekker
join:2014-06-23
canada

premtrekker

Member

What is the error you are getting when entering the static ip block?

rolande
Certifiable
MVM,
join:2002-05-24
Dallas, TX
ARRIS BGW210-700
Cisco Meraki MR42

rolande to boeckelr2

MVM,

to boeckelr2
If the NVG589 really is okay, then you likely have a PICNIK (Problem In Chair Not In Keyboard) problem. Believe me, I should know a thing or two about routing and switching and I ran into similar stupid problems with the 2Wire 3801 RG when I first was setting it up with my router. I made too many assumptions about how it should work. I should have checked my knowledge at the door and assumed nothing. It would have saved a few hours of aggravation.

I don't believe you can use both IP-Passthrough and the Cascaded Router features at the same time on the same internal router/firewall. IP-Passthrough is used to map the publicly assigned IP on the outside interface of the RG to an internal router/firewall using DHCP to assign the real public IP to the router's interface. It accomplishes this through a magical trick called MAC rewriting.

Cascaded Router essentially routes an assigned network to the internal IP address of your router/ASA firewall. Your router/firewall can not have both an internal private IP on its outside interface and the publicly registered address assigned via DHCP. It breaks the RG's forwarding logic. That would require a route to a private IP for the subnet and a MAC rewrite rule for an IP in the same network. You can't tell a router to do 2 completely different things with the same destination network traffic. That is like a divide by Zero error. When running DHCP for your internal router/firewall, the RG requires exactly 1 unique IPv4 address per MAC address. If you try to statically assign another IP address to the interface as a virtual like a NAT, it breaks the DHCP mapping on the RG when it sees packets from the same MAC with a different source IP. So, this prevents you from using DHCP with IP-Passthrough and trying to do virtual NATs on the same interface. Hence why your 589 went completely nuts on you.

IIRC, the static block you are assigned is delegated to your RG via DHCP based on your client-identifier (RG certificate). The last usable IP address in the range is assigned to the outside interface. So, you can not use both IP-Passthrough to assign that IP to your router via DHCP and use Cascaded Router to route the entire netblock to another private IP address on your router. It creates a chicken and the egg problem in the routing table and in the DHCP mapping.

If you just use the Cascaded Router feature, you should be able to accomplish everything you are wanting to do. But, you have to disable IP-Passthrough and just give your router's/firewall's outside interface a private IP on the same subnet the RG is using. If your Linksys router does not have the ability to do virtual NATs instead of simple interface NAT, then you are stuck. You should be able to do this on the ASA, though.
boeckelr2
join:2006-06-05
Stillwater, OK

boeckelr2

Member

Thanks for the replies!

A couple of things that I should have explained better.

First, I shouldn't have mentioned the static ip issue. They are not even set up in the 589 so they really are not involved with this.

I'll try to re explain my problem wo it being so convoluted.

In late June I had a Linksys router that I was using with the ip passthrough successfully. I chose that route instead of cascaded router route based on the advice of the AT&T rep, David T, who was working closely with me.

At no time were the static ips configured into my 589. The reason why they weren't entered in was because the 589 would not accept them. Besides using a guide that I found that showed exactly which address to use where, I have a MS in Telecommunications. I know this stuff. Because the static ips weren't even configured, I shouldn't have mentioned them bc they had nothing to do with the ip passthrough issue. My bad.

So I ended up returning the Linksys router in favor of a Netgear. Two days ago I went to change the MAC address in the ip passthrough settings of the 589 to match that of the Netgear router. While I was able to get the Netgear router to work, my tv, telephone and internet started to have problems.

For example, all the service suddenly stopped, as if the router spontaneously rebooted itself. Even wifi went down. After it came back on again, it eventually happened again. So eventually I turned off and disconnected the Netgear router, and did a factory reset. Once the router started up, I went In and made one change - switching the SSID and wifi password to the one we had been using, lest I'd have to waste my time reconfiguring 3 iPads, 1 Galaxy Note, 2 iPhones, 1 Droid, 3 laptops, an Apple TV, a Roku, and an Xbox One.

So all appears well. Except at noon yesterday, without me having done anything to the 589, the phones went out while everything else worked fine. This time I held down the red button on the back for 30 seconds. Everything came back up again, and IIRC I had to switch the SSID and pw again.

Once again everything worked fine all day. But at 1:30 am or so EVERYTHING went out again ie it had once again spontaneously rebooted itself.

Now is this an expected side effect of changing the Mac addrESS for the ip passthrough box? How is this in any way shape or form caused by me making a user error?

Im not saying that I'm above making mistakes - of course I'm not. But this is ridiculous. I was trying to configure a FEATURE of the 589, and it resulted in my 589 needing to be replaced.

BTW when we first upgraded to the high speed tier, the 589 they gave us was flaky like this. It would reboot once a day, or drop DNS so even though the tv would work, web pages wouldn't load unless I configured each device with a known DNS server (I used googles). And the kicker - I had done NOTHING to this 589. I had not attempted setting up my static ips, nor had I tried setting up ip passthrough.

Then a month later I had time to schedule a tech to come out, and he exchanged 589s....and it was perfect. It worked rock solid... Until I tried to configure the ip passthrough feature, when it resulted in a flaky 589.

So anyone saying this is caused by me fat fingering something needs to open their mind and realize that there might be something wrong with some of these 589s. I've read threads here or at AT&T where people complain of spontaneous reboots of 589s and spectate it has to do with S/N ratio. Maybe in reality it's caused by faulty firmware, like I'm experiencing.

My personal take is that when I try to make changes, such as setting up ip passthrough, the firmware is being corrupted when it saves the changes.

The problem is that I NEED ip passthrough at the least and preferably static ips. I do computer security for a living, and use the static ips to test equipment and maintain proficiency with my Cisco ASA firewall. But I obviously can't do it with the 589. If I were to get this 589 swapped out, why would I try setting up ip passthrough again, knowing I had a good chance of hosing the router???

So what to do. I don't know for sure, but I think the only way to get static ips with Comcast is to pay exorbitant monthly fees for their business service. I'm not paying $100+ a month for 16Mbps cable. No way. Not when a consumer can get 105Mbps for $80. Plus my house is older. Other than the main line connected to my 589 (which is Cat5e), the main distribution system is coax. How would Comcast even set up a cable modem for me when all the coax is being used? And most importantly, why should I pay all that extra for a service that is included with my Uverse???? It's a feature that for whatever reason has caused my 589 to be rendered useless. I'm already paying AT&T for static ips and ip passthrough is a feature of the 589. Why should I pay a dime more for this same thing to Comcast????

And then there's the question of who can or will even help me with this problem. Am I to call Malaysia or the Philippines and have one of their "techs" to help???? And when I post on forums barely anyone responds, and those that do either don't believe me or think it's my fault. Grrr.

rolande
Certifiable
MVM,
join:2002-05-24
Dallas, TX
ARRIS BGW210-700
Cisco Meraki MR42

rolande

MVM,

said by boeckelr2:

And when I post on forums barely anyone responds, and those that do either don't believe me or think it's my fault. Grrr.

Sorry. I was not trying to accuse you of anything. My point was, assuming everything with the port profile and config is fine, if the 589 is not broken in some way, then there is a configuration issue on the 589. The RGs can be pesky if you change fundamental settings and you don't reboot. They can lock up and lose their minds as a result. Unfortunately this forum has gotten quieter over the years as many of the regulars have moved on and there have been few if any replacements to help fill the void.

My 589 has been rock solid in IP-Passthrough, once I understood how it actually worked rather than assuming. I have my Routing & Switching CCIE and 19+ years of professional experience in network engineering, so I know a few things about this stuff, too. I beat my head on the wall with this at first, too because I didn't understand the behavior of the RG. So, we'll forget the static IP issue. You are simply unable to get IP-Passthrough to work stably?

When you changed the MAC address of the passthrough router to the Netgear and saved, did you restart the 589? I presume you enabled DHCP on the WAN interface of your Netgear router also. The RG has to be rebooted when you change the MAC on the Passthrough config.

I would actually recommend just removing the Passthrough config completely on your 589 and save it. Then force your Netgear router to lease a private IP using DHCP. Next, reconfigure the 589 for IP-Passthrough with the autodetected hostname/IP of your Netgear router. If you have any issues with the previous 2 steps, reboot the 589 and then try. Sometimes the RG hangs onto entries in its tables longer than it should. Rebooting will flush it. Once you complete these steps, save the config and reboot the 589 once more.

Anonnnn
@144.160.5.x

Anonnnn

Anon

Is the battery light lit up on the 589?
satyre5
join:2004-12-22

satyre5 to rolande

Member

to rolande
Rolande:

In NVG589 when we configure passthough, can we use DHCP dynamic mode?

rolande
Certifiable
MVM,
join:2002-05-24
Dallas, TX
ARRIS BGW210-700
Cisco Meraki MR42

rolande

MVM,

said by satyre5:

Rolande:

In NVG589 when we configure passthough, can we use DHCP dynamic mode?

I'm not quite clear on what you are asking. Are you referring to running a DHCP server on the NVG589 for other clients directly attached to it or are you referring to acting as a DHCP client on the outside interface of your personal router?
premtrekker
join:2014-06-23
canada

premtrekker to Anonnnn

Member

to Anonnnn
said by Anonnnn :

Is the battery light lit up on the 589?

I know this seems like an unrelated question, but there is an issue with the batteries making the telephone line randomly shutoff or random reboots...
satyre5
join:2004-12-22

satyre5 to rolande

Member

to rolande
"I'm not quite clear on what you are asking."

The Passthrough is to make it into Bridge mode. So, my router will serve the DHCP.

When we choose Passthrough in NVG589, three modes are given. I was wondering why everybody is saying to use DHCPS-fixed mode... any problem in using DHCPS- Dynamic mode.

brookeKrige
join:2012-11-05
San Jose, CA

brookeKrige

Member

Help text says for DHCPS-Dynamic: "WAN IP address will be handed out by the device's DHCP server to the first LAN client that requests a DHCP lease"

I occasionally direct connect a client to 589, temporarily by passing my 2nd router in IP-Passthrough. If I reboot 589 then, it would risk that client becoming the IP-Passthrough device.

If had TV service, I'd be concerned also the DVR/STB boxes would request LAN IP's and might be "the first". Just does not sound deterministic or reliable enough.