3 edits
5 recommendations |
Bypass Google Fiber Box (How-To pfSense)Just in case anyone was looking or wondering. You can indeed bypass the crappy Google Fiber box if you use pfSense/Untangle/Router that supports vlan tagging. I get about 975/975 consistently. Never once had any issues. I believe there are still some issues being reverse engineered with the TV services however. TV Setup: » www.itnutt.com/how-to-ge ··· pfsense/» flyovercountry.org/wp-co ··· uide.pdfSee the attached for the WAN config on pfSense. As of 10/13/2017 - pfSense 2.4.0 DOES NOT WORK - the vLan tagging is broken and speeds are ridiculously slow and all over the place. pfSense devs advised should be fixed in 2.4.1 |
|
2 recommendations |
Re: Bypass Google Fiber Box (How-To)Thanks for posting. It should be a sticky thread. |
|
F100 join:2013-01-15 Durham, NC Alcatel-Lucent G-010G-A (Software) pfSense Pace 5268AC
2 recommendations |
to CobraGT2000
Yes, a sticky would be great. I hope to do this in a year or so when service is ready. GFBR vaults are being installed this week!!
Any suggestions on builds for a new pfSense box? My current setup is on a 9 year old PC and I want to move it to something newer with more power savings and capacity for Gigabit. I'd love to do something with the Skylake chipsets. |
|
2 recommendations |
Not sure how to do the sticky.
Idk, any will work. I've got mine on a Lenovo Core 2 Duo 1.86. Never uses more then 25% CPU under full GB load. Any real cheap box should do. Ive also got an actual piece of pfSense hardware, its a 1Ghz, 1GB RAM and it works fine as well.
Depends on what all you are wanting to do. Just a plan router then any hardware will work. If you want to get into CaptivePortal, Ipsec, Content filtering, fail-over etc then better hardware will make a difference.
Thankfully pfSense backup and restore works awesome, so if the hardware isn't fast enough, make a backup and restore on new hardware and bam, up and running again. |
|
F100 join:2013-01-15 Durham, NC Alcatel-Lucent G-010G-A (Software) pfSense Pace 5268AC
2 recommendations |
F100
Member
2016-Aug-5 12:48 pm
Yeah, I got a new used rack from work and I'd like to move to something that is rackmount from a smaller desktop. Or at least a 1 or 2 U space that would fit on a shelf.
I will probably get Gigapower while I wait for Google. The GF hut is not even built/installed yet so it might be a while. I'm making some other physical changes to me setup to have things ready. |
|
2 recommendations |
Any server grade hardware is overkill IMO unless you have 500+ users.
They make little 1u empty chassis you could get with a Mico motherboard. Basically what they used to sell. |
|
F100 join:2013-01-15 Durham, NC Alcatel-Lucent G-010G-A (Software) pfSense Pace 5268AC
2 recommendations |
F100
Member
2016-Aug-5 1:05 pm
Yeah, Intel has some newer processors for embedded systems that will replace Atoms and will probably run pfSense great. I might try to find something with support for Open VPN acceleration. I have 1Gbps at my work currently. Would be nice to do VPN at 1Gbps both ways but it's not critical. |
|
2 recommendations |
Ive got OpenVPN and Ipsec running on pfSense (Server is doing PPTP/L2TP). Ive got an Ipsec tunnel to the office with another crappy laptop as the "WiFi" router. You will unlikely get 1Gps over the tunnel. Best ive gotten is 500Mbps. |
|
ke4pym Premium Member join:2004-07-24 Charlotte, NC
2 recommendations |
to CobraGT2000
I've read where some folks had to plug in a dedicated netgear switch (or was it TPLink?). Did you have to do that? Or did you just set the VLAN/QoS settings in pf? |
|
2 recommendations |
Nope, mine goes from fiber jack directly to pfSense then out to switch. You can use a switch if you got one, just needs to be a layer 3/7 capable switch with tagging. pfSense does all that. |
|
ke4pym Premium Member join:2004-07-24 Charlotte, NC
2 recommendations |
to F100
said by F100:Any suggestions on builds for a new pfSense box? I put together a miniITX GIGABYTE GA-Z170N board because it had on-board dual Intel based NICs. Using a i3-6300 Dual Core Processor @ 3.8GHz. It has no problem with my 300 meg connection with multiple VPNs (site-to-site and mobile). At my Dad's and Sister's I use Soekris 6501 boards. They work great. But I don't think they have the mojo to do a gig of throughput. |
|
ke4pym
2 recommendations |
to CobraGT2000
said by CobraGT2000:Nope, mine goes from fiber jack directly to pfSense then out to switch. You can use a switch if you got one, just needs to be a layer 3/7 capable switch with tagging. pfSense does all that. That's great to know! Thanks for posting this! |
|
F100 join:2013-01-15 Durham, NC Alcatel-Lucent G-010G-A (Software) pfSense Pace 5268AC
3 recommendations |
to CobraGT2000
said by CobraGT2000:Nope, mine goes from fiber jack directly to pfSense then out to switch. You can use a switch if you got one, just needs to be a layer 3/7 capable switch with tagging. pfSense does all that. So maybe if you have a pfSense router and a Web managed "smart" switch, you could use the VLANs to route traffic and even have the TV box behind your own router if you wanted. I believe I read that Internet, TV, and Phone are all on separate VLANs with Internet being like the default untagged VLAN. I'd take even 500Mbps upload. That's 495 better than I have now. |
|
2 recommendations |
You can do it all with pfsense. Just created the other vlans for the tv/phone, created all the IP ranges for the TV service. Create firewall rules to pass all TV traffic to that vlan tagged interface. |
|
2 recommendations |
to CobraGT2000
Nice post.
I have a Juniper SRX on the way and was going to do a similar write-up for it, ASAs and Cisco routers. |
|
aefstoggaflmOpen Source Fan Premium Member join:2002-03-04 Bethlehem, PA Linksys E4200 ARRIS SB6141
1 recommendation |
to CobraGT2000
Good write up even through Google Fiber is not in my area. I believe that you must talk to the admins/mods that watch this area by PM/IM. As they are the only ones who have that power to do that. Since I am an admin/a mod at another website with message board, that is how I know/suspect that.. Mod that has the power to that, according to About Google Fiber is User » Mike |
|
|
bigreg join:2006-12-25 Morrisville, NC
2 recommendations |
to CobraGT2000
My first attempt doing this in the Raleigh-Durham market failed to even get a DHCP address my pfSense box (Intel NICs on a Supermicro X11SBALN4F). I'm somewhat of a pfSense newbie, but not new to more advanced networking, so I may be missing something simple.
My Fiber Jack connects, pfSense shows Up, but no DHCP or other traffic is received based on interface counters.
Any troubleshooting tips?
Thanks! |
|
2 recommendations |
to CobraGT2000
This is one of the most helpful and most asked for how-to I've ever heard. Absolutely quidisential! Now, to figure out how to bypass the TV box and use our own DVR... |
|
3 recommendations |
to CobraGT2000
Ok quick question. My Linksys router supports VLAN. I need more then its four ports provide. Do I still need a layer 3 to 7 switch behind it or can I just use this? » www.linksys.com/us/p/P-SE4008/ |
|
mixdup join:2003-06-28 Alpharetta, GA
1 recommendation |
to CobraGT2000
So these instructions are from Aug 2016, are they still valid, and are they valid for all areas of Google Fiber? I know that some areas Google is piggybacking on existing fiber networks to get connected to certain apartment complexes. I'm moving soon to Atlanta, and I'm looking at places that have AT&T Fiber and Google Fiber.
I know I can bypass AT&T's gateway, I just want to make sure that out in the Atlanta 'burbs this bypass for Google will work too |
|
bigreg join:2006-12-25 Morrisville, NC
1 recommendation |
bigreg
Member
2017-Apr-30 6:04 pm
Yes, it's still the same. I'm using my own pfSense router with the latest hardware. |
|
DavidJ01 join:2003-11-23 Overland Park, KS
1 recommendation |
to CobraGT2000
All,
I'm at a novice level when it comes to networking, but I know just enough to be able to configure my own router with guest access and MAC address blocking, which is what I need. I just had GF installed a couple of weeks ago, and was ready to dump TWC, but the lack of features on the GF Box makes me want to stay with TWC.
My router is a new WRT3200ACM, which just replaced my Linksys E2500.
My quick Google search on pfsense shows it's a router or firewall. So I it looks like I'd need another box now in order to bypass the GF box? I'm beginning to think that better upload speeds aren't worth the extra hassle....
Thanks |
|
1 recommendation |
to mixdup
Sorry for the delay, lost access to my account for a while. Yes the settings are still valid. According to GF they have no plans on removing the vLan tags or changing them anytime soon. |
|
CobraGT2000
1 recommendation |
Updated post - pfSense 2.4.0 DOES NOT CURRENTLY WORK. 2.4.1 should have the vLan tagging fixed. |
|
CobraGT2000
1 recommendation |
to DavidJ01
said by DavidJ01:All,
I'm at a novice level when it comes to networking, but I know just enough to be able to configure my own router with guest access and MAC address blocking, which is what I need. I just had GF installed a couple of weeks ago, and was ready to dump TWC, but the lack of features on the GF Box makes me want to stay with TWC.
My router is a new WRT3200ACM, which just replaced my Linksys E2500.
My quick Google search on pfsense shows it's a router or firewall. So I it looks like I'd need another box now in order to bypass the GF box? I'm beginning to think that better upload speeds aren't worth the extra hassle....
Thanks I'm not sure how familiar you are with router firmware, but there is an "Aftermarket" if you will firmware for it called DD-WRT (» www.dd-wrt.com/phpBB2/vi ··· t=304086). I believe it may still be in dev phase, although i didn't read the entire thing. Its basically a new operating system for your router that allows you to set vLan tags and bits on the WAN connection. This method works the same as pfSense, just not a PC. There are other switches and stuff that support vLan tags that you could use as well (if you had them already). I can say I've used DD-WRT on various models throughout the years, and its ALWAYS been excellent (i usually base what model i buy on whether or not it has DD-WRT compatibility) |
|
1 recommendation |
to bigreg
what is your current speed @bigreg |
|
1 recommendation |
to CobraGT2000
@bigreg I'm also in Morrisville and currently I am using pfsense 2.4.1 on a Zotac MA320 which is an AMD a4-5000. Currently I'm only able to get 485 down and 200 up with my cpu usage @ 28%
May I ask what speeds you are getting and what your pfsense config looks like? I have done what was posted here only from CobraGT2000's post and just set up the WAN VLAN 2. |
|
2 recommendations |
to CobraGT2000
Re: Bypass Google Fiber Box (How-To pfSense)I'm know I'm late to the game, but I'm in the RTP area and use a Ubiquiti Edge Router to successfully bypass the Fiber Box. I even filter out the ads. I used the directions from » www.stevejenkins.com/blo ··· er-lite/ |
|
F100 join:2013-01-15 Durham, NC Alcatel-Lucent G-010G-A (Software) pfSense Pace 5268AC
2 recommendations |
F100
Member
2018-Dec-21 9:21 am
said by jdmm72:I'm know I'm late to the game, but I'm in the RTP area and use a Ubiquiti Edge Router to successfully bypass the Fiber Box. I even filter out the ads.
I used the directions from »www.stevejenkins.com/blo ··· er-lite/ What kink of throughput do you get on the UBT Edge Router? I know the Lite versions won't cut Gigabit. |
|
2 recommendations |
jdmm72
Member
2018-Dec-21 9:39 am
Running very little processing I get near line speed. 700-800 Mbps wired through the edge router X.
I offload advanced routing, VPN, and other stuff to a word machine running PfSense |
|