how-to block ads
|
59126125
Premium
join:2006-01-21
clubs:
1 edit | Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" Well, according to this »kb.efficient.com/article.asp?art···82&p=351
The Router supports two fundamental modes of operation with respect to connectivity between the Local Area Network (LAN) and the Wide Area Network (WAN): bridge/routing mode and bridge mode.
The default mode of operation is bridge/routing mode. With bridge/routing mode, the Router provides typical routing functionality between the WAN side and the LAN side. However, all LAN-side interfaces are "bridged."
The second mode of operation provides only "bridging" functionality. This applies to both WAN-to-LAN connectivity as well as to all LAN-side interfaces. Point-to-Point (PPP) connections are not available under the bridge mode of operation.
Important! If you switch to Bridge mode, you will lose access to the Web management interface and can only return to Router mode by resetting the Router to factory defaults.
So my understanding is that the 4100 is technically acting as a router regardless of what is doing the login since it is still doing NAT, until it is put in bridge mode, at which point it is a true bridge and not a router.
--
There is a reason the wires are twisted together, it's called a pair. It defeats the whole purpose of twisted pair cabling by using the solid orange and solid green to wire the jack. | |
|  
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
 ·AT&T U-Verse
 ·AT&T Midwest
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" Note that your link is the documentation for the full retail version of the 4100, not for the SBC version with its more restrictive firmware. | |
| |
59126125
Premium
join:2006-01-21
clubs: | Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" Sorry about that, I should have included that in my post. Though it still describes the functionality of the modem. | |
| | |
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL | Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" In my quick browse through that documentation, I didn't find the "PPPoE on the computer" option. So maybe that's an option only for the SBC version. The SBC version of the 4100 is not doing NAT when set for PPPoE on the computer. | |
| | | | docinthebox
join:2003-01-25
Laurel, MD | Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" Thanks for all your help! | |
| | | |
59126125
Premium
join:2006-01-21
clubs:
| Ok, now that has me confused. How can a device be handing out a private IP and yet not be doing NAT? If that's the case, that would mean the 4100 is always a bridge since it only hands out one private IP? My understanding is that if a device is doing NAT, it is a router, even if it is a very simple one and only hands out one private IP. Also, my understanding is that a true bridge only translates different protocols, like ATM to Ethernet, without doing NAT. The PPP login's sole purpose is authenticating the user on the network so a WAN IP gets assigned to the circuit to access the Internet. If this is incorrect, someone please let me know.
--
There is a reason the wires are twisted together, it's called a pair. It defeats the whole purpose of twisted pair cabling by using the solid orange and solid green to wire the jack. | |
| | | | |
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
·AT&T U-Verse
·AT&T Midwest
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" How can a device be handing out a private IP and yet not be doing NAT? It is only doing NAT if it is also mapping that private IP to a different (usually public) IP. If it is merely giving out a private IP for communication on the LAN, and is handling the DSL traffic purely as an ethernet bridge would, then it is not acting as a router and is not doing NAT.
Also, my understanding is that a true bridge only translates different protocols, like ATM to Ethernet, without doing NAT. Right. But an ethernet can sustain multiple traffic. There is no reason that you could not use LAN tcp-ip communication on the local ethernet at the same time that the bridged ethernet packets are being transferred between the local ethernet and the remote ATM network. | |
| | | | | |
59126125
Premium
join:2006-01-21
clubs:
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" said by nwrickert  :How can a device be handing out a private IP and yet not be doing NAT? It is only doing NAT if it is also mapping that private IP to a different (usually public) IP. If it is merely giving out a private IP for communication on the LAN, and is handling the DSL traffic purely as an ethernet bridge would, then it is not acting as a router and is not doing NAT. Well, that's what has me confused the most. Wouldn't the 4100 still be acting as a router since it is connecting two different networks? For an example of why I believe it would still be doing NAT, lets say the WAN side is assigned an IP of 69.xxx.xxx.xxx while the LAN side is 192.xxx.xxx.xxx, wouldn't there have to be a translation from address to address / network to network and some type of routing table used? I always thought that a bridge could only forward packets to devices assigned on the same network / IP range.
--
There is a reason the wires are twisted together, it's called a pair. It defeats the whole purpose of twisted pair cabling by using the solid orange and solid green to wire the jack. | |
| | | | | | | docinthebox
join:2003-01-25
Laurel, MD | Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" I thought the 4100 is forwarding packets from the WAN side (69.xxx.xxx.xxx) to the WAN port of the router which is still 69.xxx.xxx.xxx. It is the router that's connecting 69.xxx.xxx.xxx with 192.xxx.xxx.xxx | |
| | | | | | | |
59126125
Premium
join:2006-01-21
clubs:
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" My understanding is when the 4100 is fully bridged the router is then assigned a WAN IP (69.xxx.xxx.xxx), but if the 4100 is configured to "PPP on the computer" it still hands out a LAN IP (192.xxx.xxx.xxx) to the router.
--
There is a reason the wires are twisted together, it's called a pair. It defeats the whole purpose of twisted pair cabling by using the solid orange and solid green to wire the jack. | |
| | | | | | | | |
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL | Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" If the 4100 is fully bridged, it is talking ethernet, not TCP/IP. It doesn't have a WAN IP address. The WAN IP address is assigned over PPPoE, so is assigned to the system that actually does the PPPoE. | |
| | | | | | | | | |
59126125
Premium
join:2006-01-21
clubs:
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" Ok, still confused. Here is my understanding on how the three different configurations for the 4100 work and would appreciate any corrections.
1. PPP on the modem - modem authenticates, is first IP device in contact with the WAN network and is assigned the WAN IP from the AT&T Redback router. 4100 hands out private IP to first device behind it. 4100 acting as a router.
2. PPP on the computer - any device behind the 4100 can do the authentication, yet the 4100 is still the first IP device in contact with the WAN and still gets assigned the WAN IP from the AT&T Redback router. 4100 hands out private IP to first device behind it. 4100 acting as a router.
3. Bridged Mode - 4100 ceases to exist as far as IP goes and merely translates protocols and forwards packets. The router is now assigned the WAN IP from the AT&T Redback router since it is the first IP device in contact with the WAN. The router is now on the same network as the Redback Router. 4100 acting as a bridge.
--
There is a reason the wires are twisted together, it's called a pair. It defeats the whole purpose of twisted pair cabling by using the solid orange and solid green to wire the jack. | |
| | | | | | | | | | 
wayjac
Premium,MVM
join:2001-12-22
Indy
·AT&T Midwest
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" The PPPoE client reguardless of where it is gets the wan IP info
PPP on the modem and PPP on the computer have a lot in common, the modem's lan DHCP server is active, with the correct configuration another device can do the PPPoE.
In Bridged mode the modem's lan DHCP server is disabled.
I agree fully with statement 1 and 3 statement 2 should read just like statement 3 with a few "buts"
--
God bless our troops | |
| | | | | | | | | |
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
·AT&T U-Verse
·AT&T Midwest
| In mode 2 (from your list), the 4100 is not an IP device on the WAN. It has no WAN IP, and it does not know what the public IP should be. It merely accepts ethernet frames from the redback, and bridges them to the local ethernet. It likewise picks up ethernet frames on the local ethernet, and bridges those to the redback.
In addition, it assigns itself an IP address of 192.168.0.1 on the local ethernet, and can exchange IP packets with other systems on the local ethernet. It does not exchange IP packets with WAN hosts - it only bridges ethernet frames but does not look inside those frames. It does give out a DHCP address of 192.168.1.64 to one client on the local ethernet. This would normally be used only for getting the modem statistics.
A local host on the ethernet can do the authentication. But then that same local host has to use the assigned WAN address, and has to extract IP packets from the PPPoE transmissions that it receives. It can't just authenticate - it has to do all of the PPPoE. If that local host wants to act as a router, it can. But then it needs a second ethernet interface.
Mode 3 (bridged mode) differs in that it does not do DHCP. I think (but I'm not sure) that it will still accept packets to IP=192.168.0.1 for requesting statistics. But the computer that wants to see the statistics would need to be manually configured with IP=192.168.1.64, netmask=255.255.0.0.
-------
Let me describe my WAP (Wireless Access Point). The WAP is, in effect, a bridge between the WiFi LAN and the wired LAN. It acts on ethernet frames, and transfers them between the wired LAN and the wireless LAN. It does not do any routing, so both wired and wirless LANs have to share the same range of IP addresses. The WAP happens to also have an IP address. It is a smart bridge, and uses its own IP address so that you can configure it. But, except when you are configuring the WAP (or getting info on settings from the WAP), it is acting only as a bridge.
The 4100 in "PPP on computer" mode is likewise a smart bridge. It is mostly doing bridging, but it has its own IP address on the LAN so that it can be configured and so that you can get info from it. It happens to also give out a DHCP address to make that configuration a little easier to do. | |
| | | | | | | | | |
59126125
Premium
join:2006-01-21
clubs:
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" Ah, I think it is getting clearer now. So basically, whatever device does the authentication gets assigned the IP from the Redback. So, when the 4100 is set to "PPP on the computer", the modem has to "bridge" straight to a LAN IP for the connection to work to the MAC address. Yet, it keeps a LAN IP so it can be accessed via regular ethernet. Do I finally have it right?
--
There is a reason the wires are twisted together, it's called a pair. It defeats the whole purpose of twisted pair cabling by using the solid orange and solid green to wire the jack. | |
| | | | | | | | | |
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL | Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" Correct. | |
| | | | | | | | | |
59126125
Premium
join:2006-01-21
clubs: | Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" Thanks for the info, quite the confusing concept, but at least it makes some sense now. I think it's time for a scotch...  | |
| | | | | | | | | | | | | | | | | | | | 
d_l
Barsoom
Premium,MVM
join:2002-12-08
Reno, NV
1 edit | Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" If you set the modem to be PPP on the modem, leave the UserID/PW blank, and let the router or computer initiate the PPPoE connection, you pretty much end up with your Mode 2 with some slight differences, e.g. the modem is continually broadcasting to the computer/router. | |
| | | | | | | | | |
59126125
Premium
join:2006-01-21
clubs:
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" Oh yeah, forgot about that situation. Which brings up more questions. It apparently wouldn't be doing NAT or have a WAN IP in that situation either. So I'm assuming it would technically be a smart bridge. Does it still do firewall functions? So, all in all, the 4100 is never classified as a router until it actually does the login?
--
There is a reason the wires are twisted together, it's called a pair. It defeats the whole purpose of twisted pair cabling by using the solid orange and solid green to wire the jack. | |
| | | | | | | | | |
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL | Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" So, all in all, the 4100 is never classified as a router until it actually does the login? That's correct (at least for the SBC version of the 4100). | |
| | | | | | | | | |
59126125
Premium
join:2006-01-21
clubs: | Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" Kick ass, I love it when it all clicks. Maybe I'll get the hang of this networking stuff after all. | |
| | | | | | | | | | NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| said by 59126125 :Does it still do firewall functions? I am not aware that the SS4100 has firewall functions. I certainly can't find any. But what do I know? I am just used to having a device with firewall functions; my Netgear FVS 114.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum | |
| | | | | | | | | |
d_l
Barsoom
Premium,MVM
join:2002-12-08
Reno, NV
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" The underlying CLI of the 4100 has numerous firewall function settings. I haven't tested whether all of them are still functional or not. It is probably possible to go under the AT&T GUI firmware and change some firewall settings which would remain operative once the GUI locks out telnet access.  | |
| | | | | | | | | | NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer" said by d_l :The underlying CLI of the 4100 has numerous firewall function settings. I haven't tested whether all of them are still functional or not. It is probably possible to go under the AT&T GUI firmware and change some firewall settings which would remain operative once the GUI locks out telnet access. That is a bit of an obscure thing. Most AT&T users of the SBC issued SS4100 don't even know about the Telnet access, or CLI. I don't find it necessary to use the SS4100 beyond the limited mode that SBC issued; I have all the firewall I need on the router.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum | |
| | | | | | | | | |
d_l
Barsoom
Premium,MVM
join:2002-12-08
Reno, NV
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer"Actually if you allow the modem to issue the 192.168.1.64 IP to your router, you are using the DMZ function of the 4100's internal router. From the CLI of the 4100:
xsh> show ipfw dmz
Firewall DMZ is enabled, DMZ Host IP = 192.168.1.64 | |
| | | | | | | | | | NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| Re: SpeedStream 4100: "Bridged mode" vs "PPP on the computer"
Netgear FVS114 firewall. |
When I think of firewall, I don't think of NAT, or port forwarding. I think of Access Control. Some routers have it. Many do not. The screen shot shows my Netgear FVS114 firewall. I have seen such on the D-Link D-704UP, the Netgear FR114P, and the SMC Barricade 7004BR with a certain firmware level, though that was only limited to eight entries each way (outbound and inbound). I have not seen it on earlier firmware versions on the SMC Barricade 7004BR, nor on the oldest hardware level of the Linksys BEFSR11, and related Linksys products.
I believe some call it an SPI filter. Unlike NAT port forwarding, which can only control local port access by the entire Internet, this SPI filter, firewall, or ACL (you pick the term which best fits) controls remote, and local access by IP address, or range of IP addresses.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum | |
| | | | | | | | | | |
|
