Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Cisco 678 Routing

35 views
Skip to first unread message

Travis

unread,
Jan 19, 2006, 5:56:44 PM1/19/06
to
Right now if I need to forward a port to a certain PC on my lan, I have to
forward it on 2 routers. First I have to forwared the port on my Cisco 678
DSL Modem to my Linksys Wireless Router, then I have to forward said port
to the PC of choice on the Linksys.

Is there anyway to just forward *all* ports to my Linksys? And then let my
linksys be the "firewall". Is that a bad choice? Or even better is there
away to eliminate the private subnet that my Cisco creates? (that my linksys
is the only device on) Maybe setup the Cisco 678 as a "bridge" instead of a
router? Will disableing NAT on the Cisco accomplish this?

TIA


Eric Jorgensen

unread,
Jan 19, 2006, 7:46:26 PM1/19/06
to
On Thu, 19 Jan 2006 15:56:44 -0700
"Travis" <som...@microsoft.com> wrote:

> Is there anyway to just forward *all* ports to my Linksys? And then let
> my linksys be the "firewall". Is that a bad choice? Or even better is
> there away to eliminate the private subnet that my Cisco creates? (that
> my linksys is the only device on) Maybe setup the Cisco 678 as a
> "bridge" instead of a router? Will disableing NAT on the Cisco
> accomplish this?


If your Linksys can do PPPoE, there is a possibility that you can use an
unsupported configuration that you should never tell Qwest that you are
using. Assuming you're an Xmission customer through Qwest.

In many cases, you can reconfigure the 678 for bridging and fire up a
PPPoE client, and it'll Just Work.

Qwest may break it if they hear about you doing it, so, um, don't tell
'em. They want you to have to use PPPoA on the dsl modem, but a security
patch they had to install on their equipment about a year ago inadvertently
made it possible to use this non-standard configuration.

From their perspective this is a 'problem' that they can 'fix' if they
decide to. The impression i got from browsing dslreports a while back was
that they had turned it off in some neighborhoods in colorado.

It does however solve all the annoying issues i ever had with CBOS. I
have a spare 678 configured for PPPoA in case i have to call Qwest to fix a
DSL issue.

Travis

unread,
Jan 19, 2006, 9:43:59 PM1/19/06
to
> If your Linksys can do PPPoE, there is a possibility that you can use an
> unsupported configuration that you should never tell Qwest that you are
> using. Assuming you're an Xmission customer through Qwest.
>
> In many cases, you can reconfigure the 678 for bridging and fire up a
> PPPoE client, and it'll Just Work.
>


Nice! Thanx for the tip. Works like a charm so far and saves me a "hop".


Eric Jorgensen

unread,
Jan 19, 2006, 10:28:48 PM1/19/06
to

Plus the 678 is no longer selectively mangling the payloads of some of
your packets, too. (Cisco says this is a 'feature' that you are not allowed
to 'fix')

It's a great way to run.

Anthony Chavez

unread,
Jan 20, 2006, 11:34:23 PM1/20/06
to
On Thu, 19 Jan 2006 20:28:48 -0700 Eric Jorgensen <al...@xmission.com> wrote:

> Plus the 678 is no longer selectively mangling the payloads of some of
> your packets, too. (Cisco says this is a 'feature' that you are not allowed
> to 'fix')
>
> It's a great way to run.

Curious, do you have any more details on this packet mangling? I've
never noticed it myself, but never really looked for it, either.
Perhaps I trust my equipment too much? ;-)

--
Anthony Chavez http://anthonychavez.org/
mailto:a...@anthonychavez.org jabber:a...@jabber.anthonychavez.org

Eric Jorgensen

unread,
Jan 21, 2006, 12:14:40 AM1/21/06
to
On Fri, 20 Jan 2006 21:34:23 -0700
Anthony Chavez <a...@anthonychavez.org> wrote:

> Curious, do you have any more details on this packet mangling? I've
> never noticed it myself, but never really looked for it, either.
> Perhaps I trust my equipment too much? ;-)


I don't remember if there are other problems, but the one that sticks
out is the way that CBOS changes the TTL on DNS packets so that nothing
ever expires.

This can be a major, earth-shattering problem if you were running a
public dns server for your domain behind a Cisco 67x router, and then
wanted to change one of your records. Much of the internet would cache your
old records until the cache was purged - usually manually, by restarting
the daemon.

This caused some real problems for people, but cisco insists it's a
feature. It's even touted as a unique cisco feature in some documentation -
they don't only do it on the 600 series. It only occurs if you use
"network-address port translation" - which is far more useful and way more
cumbersome to say than 'NAT', which is why people almost always use 'NAT'
to describe a router that also remaps port assignments so as to compress
address space.

True NAT is just 1:1 address mapping with no port remapping, and recent
versions of CBOS don't do it. iirc the really old versions would do a
port-for-port forward to a single IP if you wanted it to.

scratch

unread,
Jan 24, 2006, 5:25:24 PM1/24/06
to
I need to check into xm.gen more often.

PPPoE is fully supported, and is just as simple as he described. Bridge
the Cisco and use the PPPoE client in your Linksys to login with your
XMission username and password. Your IP will then be assigned to the
WAN port of the Linksys instead of the WAN port of the Cisco. Piece of
cake, and a good way to avoid a dual-NAT setup like you have now.

Qwest.net *does* support PPPoE in some areas (although I've been told
that they deprioritize PPPoE traffic on their network). But with
XMission as your ISP, it makes no difference to Qwest what protocol you
are using to connect to us over your DSL line. And if they complain at
some point, tell them I say its none of their damn business.

warren woodward
XMission DSL/UTOPIA Services

bgeer

unread,
Jan 25, 2006, 9:06:10 PM1/25/06
to
scratch <scr...@thatispyouuse.com> writes:

>I need to check into xm.gen more often.

>PPPoE is fully supported, and is just as simple as he described. Bridge
>the Cisco and use the PPPoE client in your Linksys to login with your
>XMission username and password. Your IP will then be assigned to the
>WAN port of the Linksys instead of the WAN port of the Cisco. Piece of
>cake, and a good way to avoid a dual-NAT setup like you have now.

>Qwest.net *does* support PPPoE in some areas (although I've been told
>that they deprioritize PPPoE traffic on their network). But with
>XMission as your ISP, it makes no difference to Qwest what protocol you
>are using to connect to us over your DSL line. And if they complain at
>some point, tell them I say its none of their damn business.

>warren woodward
>XMission DSL/UTOPIA Services

Does this work only if you have a modem plugged into a router/switch?

I just tried my Zoom X3's PPPoE None, PPPoE LLC, & PPPoE VC-Mux from
Albuquerque. In each case, modem reboot got to ADSL connected &
stalled. I went back to PPPoA & it connected ok.

[& yes, I waited long enough; well, longer than I had to wait for
PPPoA to connect.]

Also, any word on shortening ping times? I'm still getting 110ms. No
problem for me, but I was wondering...

Cheers, Bob


--- bg...@xmission.com ---
--
<> Robert Geer & Donna Tomky | |||| We sure |||| <>
<> bg...@xmission.com | == == find it == == <>
<> dto...@xmission.com | == == enchanting == == <>
<> Albuquerque, NM USA | |||| here! |||| <>

scratch

unread,
Jan 27, 2006, 2:16:53 PM1/27/06
to
Betcha five bucks we forgot to enable that for NM. I'll look into it.

See? Told you I need to pay more attention here.


warren woodward
XMission DSL/UTOPIA services

0 new messages