Constantine A. Murenin
Posts tagged ‘ZyXEL’
Any consumer routers that can do routing? Or, the router that isn’t.

I’m looking for a robust consumer router that can do the simplest routing function of all — simply forward packets between the WAN and LAN interfaces. The option of NAT’ing the RFC 1918 addresses would be awesome, too.

Spoiler alert: after several very long conversations with ZyXEL NA tech support (including the managers; by the way, ZyXEL’s tech support is outsourced to Anaheim, CA), I was told that noone makes such devices for the consumer market at all. Is that really true?

I have a 99.124.xxx.xxx/27 Static IP address allocation from AT&T U-verse FTTP; however, the way it worked with 2Wire is that you still get a single regular “dynamic” IP address via DHCP from their common and shared 76.220.xx.xx/22 pool, through which all your traffic to your static IP addresses (in a totally different subnet, as you may have noticed) is then routed. The 2Wire 3800HGV-B then has a setting called “Public Networks” → “User Defined Supplemental Networks”, where the user has to manually specify the allocation they have received; subsequently, for each individual device on the LAN (as well as in the default options for the LAN DHCP server itself) you can either assign a public address from the public pool, or a private address from the private pool (with the option of specifying which public address the private address will be NAT’ed to). However, I’m getting rid of 2Wire PoS due to the unlimited number of bugs, stability issues, as well as unacceptable power consumption (2× to 3× higher than the devices below, without even supporting GigE or 802.11n).

Prior to buying the routers as below, I’ve tried connecting my OpenBSD netbook to the Ethernet port on the SBC ONT directly, to see if I can indeed ditch 2Wire 3800HGV-B PoS, and after some playing with `ifconfig` and `route`, indeed was I getting all the packets for the static block from the internet without any problems!

I’ve got a ZyXEL NBG4615 to replace 2Wire, then subsequently NETGEAR WNR3500L to replace ZyXEL. Both were (and still are) marketed as routers. When setting up each, I’ve changed the MAC-address to the one used by 2Wire, and set up my /27 subnet to be used for their LAN interfaces. Apparently, both ZyXEL and NETGEAR happily do NAT of publicly routable IP addresses instead of passing it straight, and neither one can do packet forwarding (also known as “routing”, surprise!) between the WAN and LAN interfaces without the NAT.

The ZyXEL does have an option of disabling NAT, so, according to their interface, it’s all supposed to work just dandy. However, apparently, in practice it doesn’t do any routing between the two interfaces once the NAT is disabled (I presume they erroneously also do something like `sysctl net.inet.ip.forwarding=0` or `sysctl net.ipv4.ip_forward=0` when you disable NAT), so my internet simply stops working immediately and as soon as I disable NAT within their interface. I’ve contacted the ZyXEL tech support, and they seem to misunderstand what routing is all about, they also claim that no consumer-oriented router can do routing without [also] doing NAT. Is that really true?

In any case, I tell them they have a clear bug with their user interface not functioning the way anyone would expect it to, yet they repeatedly conclude that they’ll only address the problem if other comparable products on the market also have the feature (“have implemented their own feature set correctly”, they mean?). Pardon me, but how are the obvious bugs in one’s interface are related to any other products by any other manufacturer? Especially if all that’s concerned is literally a one-byte change (0 to 1, that’s merely a bit even!); strike that, most likely is merely a matter of actually removing one or more lines of code that disables ip forwarding through sysctl when NAT is disabled through the interface. After all, this GigE router is based on Linux 2.6, from what I gather and based on nmap.

The NETGEAR doesn’t have any options to disable NAT in their default firmware. Although, to be fair, I would argue that having a default of doing NAT of non-RFC1918 addresses is a major bug in and of itself, and any NAT-disable options in any interface are only really meant to apply to the RFC1918 addresses in the first place.

So, just out of curiosity, any consumer routers that can actually do the simple routing, please?

Is AT&T’s setup of two different subnets (as explained above) really so uncommon in the ISP world to not get any attention of third-party consumer router manufacturers?

Am I actually doing something wrong, and is this whole thing supposed to be configured some other way? Or is this really too advanced and is not supposed to work with consumer off-the-shelf routers at all?

Any firmwares to recommend for WNR3500L that were actually thought out to be a great fit for packet forwarding and multiple routable IP addresses, over two subnets as above? I just want my subnet to work, nothing too fancy, really. That said, it would be disappointing to actually have fewer features than what was available back with 2Wire, e.g. it would be nice to continue having the ability to have two IP-address pools for my LAN, one public and one private. A SIP registration server, HE’s IPv6 TunnelBroker.net support and authoritative DNS would be a plus, too, though. SNMP won’t hurt, either. (-: Looking for something stable that I could install with uptime of months, and which would not break when I need to make simple changes of adding new LAN devices etc.

P.S. BTW, apparently, the ZyXEL tech support guys in Anaheim quite misunderstand what routing between two interfaces is all about. They claim that I want some kind of “advanced router”, whereas their product only offers NAT routing (what is “NAT routing” anyways? do they mean “routing + NAT”?), disregarding the fact that they explicitly have the option of disabling NAT in their interface, where the router is still advertised to be in the Router mode (they have a separate option to select the Mode between Router Mode, Access Point Mode etc). I assume that their NAT-disable option not only disables NAT, but also sets `sysctl net.ipv4.ip_forward` to 0. ZyXEL tech support suggested all sorts of things, from using the router in bridge mode, and configuring my host computers to be on my /27, yet somehow have me specify the AT&T gateway from the shared /22 (I’m, like, really?).

Written for, and discussion at, http://www.dslreports.com/forum/r26754312-Any-consumer-routers-that-can-do-routing-

Posted 4 months ago
2 notes • view comments
Tagged: DSLReports, ZyXEL, NETGEAR, ip.forwarding, FTTH, U-verse, NBG4615, .
My Amazon ZyXEL NBG4615 review.

http://www.amazon.com/gp/product/B004UBFV8Q
http://www.amazon.com/ZyXEL-NBG4615-300Mbps-Wireless-Gigabit/dp/B004UBFV8Q


I’m a big fan of ZyXEL stuff, from their 56K modems back in the day, to the Prestige line of ADSL modems that I used to have with my Sprint / Embarq a few years ago. So I was pretty excited about this router.

I now live in San Jose, California in a new apartment building, and have AT&T U-verse delivered by fibre that is terminated in my bedroom’s walk-in closet. I got this ZyXEL router with the intention of entirely replacing the huge RG that AT&T supplies all of its customers with (2Wire 3800HGV-B), including customers that have a fibre-terminated Fast Ethernet, which is connected to the BROADBAND port on that huge multipurpose RG (instead of the PHONE LINE, as would be the case with xDSL customers). (Note for novice users: This router cannot replace the RG if you have regular AT&T U-verse powered by xDSL, which is what more than 90% of U-verse customers currently have.)

I connected this router to my fibre-box, cloned my RG’s MAC address (you won’t get a DHCP lease without cloning the MAC address of your 2Wire RG for some reason), setup my Static IP allocation under Configuration: Network: LAN: IP, and it all worked after that. With the exception of U-verse TV.

To get the TV working, I tried enabling IGMPv1/v2, and after that, TV seemingly started to work, too; yet each channel could only be watched for like 15 seconds, and then the TV box would report that the signal is lost. Supposedly, AT&T U-verse TV requires IGMPv3, as is evidenced by some statistics on the 2Wire RG, but this router only supports v1 and v2, so, I guess I’m out of luck. I then tried to actually disable IGMP all together, as I’ve figured I only have one TV box, so IGMP on my own network doesn’t really make that much sense. The TV box actually still seemed to work for a while even after IGMP was disabled (it didn’t seem to work at all prior to IGMP being enabled in the first place), and my dumb GS108 was only reporting activity on two ports (e.g. IGMP must have been indeed off). However, each TV channel would still only work for like 15 seconds, before the TV box claiming that the signal is lost. Disabling the firewall on the router didn’t seem to alleviate any of these problems. I tried disabling NAT (I have a bunch of public IPs, so NAT is not needed), however, TV now didn’t work at all. (I have to say I’m not very familiar with IGMP yet.)

The power consumption is significantly lower than that of 2Wire RG: 2Wire gets around 10W idle, yet this thing gets only 5W. E.g. you get both: considerably lower power consumption, yet considerably higher wired and wireless networks — impressive. Size-wise, this router is also considerable smaller.

Overall, however, I am somewhat disappointed in this router, for the following reasons:

* There is no telnet configuration, which I’ve grown to love with my old Sprint/Embarq Prestige modems.
* The LAN setting only has one IP Alias option, I recall even my Prestige modems had 2 aliases.
* DHCP Server: Advanced tab wouldn’t let you use addresses from the “LAN: IP Alias” tab, saying that they are invalid as they are outside of the “LAN: IP” subnet.
* As per above, it looks like DHCP server only supports a single IP subnet. That’s just stupid, even the 2Wire RG that was to be replaced allows you to specify either a private or a public IP address for each machine.
* No prefilled MAC-address values anywhere whatsoever in the interface; you have to find all the info by hand and manually place it into the tables provided.
* No IGMPv3 support, which supposedly seems to be required in order for the U-verse TV to work at all.
* Firmware update from the first version (late 2010) to the second version (summer 2011) removes the ability to specify IPv6 on the IPv6 settings page. WTF?
* Bandwidth Management for Guest WLAN is a lie — you provide a single kbps setting, yet your given value only limits downstream, thus your guests can easily saturate your upstream if they wish to, against your instruction, knowledge or desire, and make your connection unusable (saturated upstream would make the fastest connection unusable). I tried the limit of 384 kbps on my 18/1.5 U-verse, and benchmarked 0.34Mbps downstream and 1.4Mbps upstream, e.g. upstream got saturated. There’s also no setting of what external IP-address should be used for Guest WLAN (remember, I have a bunch of Static IP addresses).
* Other annoying bugs in the cumbersome interface.

I’m thinking that I might be returning this unit, or simply not end up using it myself as the primary device I expected it to be. Power consumption, Gigabit Ethernet and 300 Mbps Wireless N are all nice, but the shortcomings are a bit disappointing. I was expecting more from ZyXEL.

I cannot say that I’d recommend this ZyXEL NBG4615 router, unless you really are looking for a quite simple network.

Posted 8 months ago
138 notes • view comments
Tagged: ZyXEL, NBG4615, .