Cisco Wireless -N Home Router WRT120N

[R I G Consulting, Inc.]

Greetings,

Out of the box, I set up the WRT120N router per instructions from the
manual.

Problems:
1. I need to power-cyle the router every 24 hours for the devices to
identify the hotspot, if I don't, the wired router function is fine,
but wireless function is dead.
2. The "Network Magic" software can't see the DSL modem behing the
router (including the command line ping <modem-ip> won't respond) so
effectively the router has some factory defaults to block certain
ports from the LAN to the DSL modem. However the nodes on the LAN are
able to see the internet (HTML through traffic is fine, SMTP is fine
etc.)

Is this is a known issue with WRT120N? Any firmware upgrades are
suggested? How to change the factory defaults on the port
configurations? If it is easier to exchange for another model that
would be my take instead of upgrades. The manual is a bare-min setup
intructions and I am lazy to look them up online.
Any responses are appreciated.

TIA
The e-mail on the header is a spam filter; please e-mail
rigconsulting2@[nospam]yahoo.com for direct responses.

[Jeff Liebermann]

On Mon, 7 Nov 2011 19:32:48 -0800 (PST), "R I G Consulting, Inc."
<rig_p...@yahoo.com> wrote:

>Greetings,
>
>Out of the box, I set up the WRT120N router per instructions from the
>manual.
>
>Problems:
>1. I need to power-cyle the router every 24 hours for the devices to
>identify the hotspot, if I don't, the wired router function is fine,
>but wireless function is dead.
>2. The "Network Magic" software can't see the DSL modem behing the
>router (including the command line ping <modem-ip> won't respond) so
>effectively the router has some factory defaults to block certain
>ports from the LAN to the DSL modem. However the nodes on the LAN are
>able to see the internet (HTML through traffic is fine, SMTP is fine
>etc.)
>
>Is this is a known issue with WRT120N? Any firmware upgrades are
>suggested? How to change the factory defaults on the port
>configurations? If it is easier to exchange for another model that
>would be my take instead of upgrades. The manual is a bare-min setup
>intructions and I am lazy to look them up online.
>Any responses are appreciated.

Try the latest firmware from Linksys. I got stuck with 2 of these at
remote mountaintop sites. Both would hang erratically and loose some
services, much the same as what you're seeing. Reducing the rather
large amount of port forwarding that was configured reduced, but not
eliminated the hangs. I keep them running with a clock timer, that
power cycles the routers twice a day. Yech(tm).

Another hint would be the crummy user ratings on various review sites.
The consensus is that it sucks:
<http://reviews.cnet.com/routers/linksys-wireless-n-home/4505-3319_7-33697852.html>
<http://www.zdnet.com/reviews/product/routers/linksys-wireless-n-home-router-wrt120n/33697852>
<http://www.smallnetbuilder.com/wireless/wireless-reviews/30900-linksys-cisco-wrt120n-reviewed>
<http://www.newegg.com/Product/Product.aspx?Item=N82E16833124344>
NewEgg has 111 reviews, almost all of which say it's a terrible
router.


--
Jeff Liebermann je...@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

[Jeff Liebermann]

On Mon, 07 Nov 2011 22:59:49 -0800, Jeff Liebermann <je...@cruzio.com>
wrote:

(...)

><http://www.newegg.com/Product/Product.aspx?Item=N82E16833124344>
>NewEgg has 111 reviews, almost all of which say it's a terrible
>router.

I noticed that one of the review on NewEgg mentioned that the WRT120N
is not "N" certified. That appears to be correct:
<http://certifications.wi-fi.org/pdf_certificate.php?cid=WFA7283>
<http://www.wi-fi.org/certified_products.php>

[R I G Consulting, Inc.]

I think I agree on the ratings...I might swap this for a Belkin
router, any suggestions on what would be good model with Belkin (or)
any other manufacturer model for that matter?

------------------------------------------------------------------------------------------------------------------------------------------------------
Aside,

I did locate the cisco online support manual (their out of the box
manual is only an installation guide)
http://homesupport.cisco.com/en-us/wireless/lbc/WRT120N

Accessing the router web server at http://192.168.1.1 gives the config
page -- unlike the wired equivalent RT31P2 which I had earlier, this
router has some kind of soft switch for (PPoE) login into the modem
from the router which appears to be a new feature; contrast this with
prior models where once you logged on into the modem then connecting
the router inbetween the server and modem did not require you to learn
or change any settings on the router meaning that the factory defaults
on the modem just let the traffic thro unless you wanted to change
anything! The problem is, I do not know how to turn this feature off,
there is a Status | Login access to this feature on the router's web
onfig page, but it repeatedy fails. The ever first time I setup, I
used the desktop software "network magic" to connect, so effectively
this sw talks to the router to turn on the soft switch to allow
traffic. Now that I have direct access to the router config through
the web page, I thought I am better off, but even the original traffic
is not there now so I have to go back and setup the way I did from the
beginning out of the box.
And power cycle every 24 hrs!

TIA

[Jeff Liebermann]

On Tue, 8 Nov 2011 14:12:41 -0800 (PST), "R I G Consulting, Inc."
<rig_p...@yahoo.com> wrote:

>I think I agree on the ratings...I might swap this for a Belkin
>router, any suggestions on what would be good model with Belkin (or)
>any other manufacturer model for that matter?

I try not to recommend anything that I haven't tried myself. I have
only a little experience with Belkin. Mostly, their older stuff sucks
primarily because they don't bother doing updates to their firmware
beyond one or maybe two updates to the original release. If there are
bugs, they tend to be permanent. However, I will confess that I'm now
testing a Belkin F5D-8235-4 v2 router.
<http://www.newegg.com/Product/Product.aspx?Item=N82E16833314041>
It won't do all the nifty and tricky stuff that DD-WRT will do, but is
good enough for my office use. Right now, it's moving a 7GB Mac DMG
file via wireless at about 25Mbits/sec. When I switch to 100baseT
ethernet on the target iMac G5, it speeds up slightly to about
30Mbits/sec. Not fabulous, but good enough for 2x2 MIMO. In all, it
seems like a tolerable router.

However, the reason I'm testing it is that my customer complained that
it stalls streaming HD video from his NAS box. I'm simulating his
setup and have not seen any such problems. Since he went to Costco
and bought a newer model Belkin something, I guess this one is now
mine.

>I did locate the cisco online support manual (their out of the box
>manual is only an installation guide)
>http://homesupport.cisco.com/en-us/wireless/lbc/WRT120N
>
>Accessing the router web server at http://192.168.1.1 gives the config
>page -- unlike the wired equivalent RT31P2 which I had earlier, this
>router has some kind of soft switch for (PPoE) login into the modem
>from the router which appears to be a new feature; contrast this with
>prior models where once you logged on into the modem then connecting
>the router inbetween the server and modem did not require you to learn
>or change any settings on the router meaning that the factory defaults
>on the modem just let the traffic thro unless you wanted to change
>anything!

The router does not "login" to the modem. I presume you have a DSL
modem. Since you're stuck with PPPoE, you have two choices. Setup
your PPPoE login in the modem, and setup the router for DHCP on the
WAN(internet) port. Or, you can setup the DSL modem for bridging, and
setup the PPPoE login in the router. Both work.

>The problem is, I do not know how to turn this feature off,

My problem is that you supplied everything except:
1. What you're trying to accomplish?
2. What you have to work with? (i.e. type of service, type of
connection (PPPoE, PPPoA, DHCP, etc, model of DSL or cable modem, etc.
3. What problem are you experiencing? I prefer to supply the right
way to do things, rather than try to determine what you might be doing
wrong.

>there is a Status | Login access to this feature on the router's web
>onfig page, but it repeatedy fails. The ever first time I setup, I
>used the desktop software "network magic" to connect, so effectively
>this sw talks to the router to turn on the soft switch to allow
>traffic.

Remove Network Magic. Products containing superlatives, such as
magic, miracle, amazing, ultimate, advanced, super, etc rarely are as
good as their name suggests. Network Magic tries to take control of
your connection. You can either set things up using Network Magic and
let it GUESS what type of system you're running, or you can get rid
Network Magic, and just follow the instructions on your ISP's web pile
or in the docs for the various devices. Doing both doesn't work.

>Now that I have direct access to the router config through
>the web page, I thought I am better off, but even the original traffic
>is not there now so I have to go back and setup the way I did from the
>beginning out of the box.

The router does not save your "original traffic" whatever that means.
I would not expect it to be there more than a few microseconds after
it is received.

>And power cycle every 24 hrs!

I would think that several hundred bad reviews would be sufficient to
convince you to abandon this router. Every company has its losers and
the Linksys WRT120N is certainly a problem.

--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831-336-2558
# http://802.11junk.com je...@cruzio.com
# http://www.LearnByDestroying.com AE6KS

[R I G Consulting, Inc.]

First off thanks for tuning in (into my problem), please read response
to
your question.

----------- start quote
-------------------------------------------------------------------------------------

My problem is that you supplied everything except:
1. What you're trying to accomplish?
2. What you have to work with? (i.e. type of service, type of
connection (PPPoE, PPPoA, DHCP, etc, model of DSL or cable modem,
etc.
3. What problem are you experiencing? I prefer to supply the right
way to do things, rather than try to determine what you might be
doing
wrong.

----------- end quote
---------------------------------------------------------------------------------------

1. Getting rid of wired LinkSys router RT31P2 to wireless-N (as you
had nailed it is no
N) WRT120N. Everthing else remains the same. The LAN is connected to
the router, router
to the DSL Modem westell wirespeed A90-210030-40 (if that matters). I
am moving to wireless
so the iPhone etc can use the hotspot.
2. PPPoE
3. Old setup that works: With the wired router RT31P2, there isn't
anything like the router
logging into the modem. The way I usually setup is (a) connect the
Desktop directly to the modem and
login into the ISP to test the ISP connection Logged-on & ON. When
this step is tested
(b) introduce the RT31P2 between the desktop(s) and
modem and connect all the desktops VoIP phone etc to the router. (c)
When required, for example,
incoming NetMeeting request from an associate, open the ports
NetMeeting on both the modem and router.
Or sometimes I just rid of the router and DMZ the IP for the main
desktop into the modem instead of hacking
my memory recalling port numbers. I keep the manuals for both, they
are REAL manuals and written WELL.

New Setup: However in WRT120N it appears the default is for the
router to login into
modem, somehow browsing through the web config I can't turn this
feature off. So I thought
this mandates re-login so supplied the credentials to login thru the
web config so I tried login
it keeps failing. [Note that the moden in already in a LOGGED IN state
and the DSL connection is
on] At this point I rid of the router and connect my desktop directly
to the modem and everything is
fine (to test). I agree I should rid of the "nw magic" sw supplied,
but the thing is, the sw mimics the
login thro the router it fails too, except if I startover (powercycle
router and follow the sw instruction) as if
out of box and it is fine. So everytime I rid of the router and DMZ
with the modem (for whatever reason)
and put the router back for getting other desktops and devices to the
internet, I have a problem, the
router does not connect to the DSL modem and no internet (LAN
operation is fine so the router's
switching is fine)

To sum it up the problem I am experiencing is (1) need to power-cycle
for the wireless to work every 24 hrs
(2) startover the setup whenever I rid of the router and put it back.
When I say startover, following the step by
step instruction as directed by the "nw magic" sw which I want to rid
off. The reason why I suspect it is
using some kind of "soft switch" to turn the router (Not the switch)
ON. I presumed this switch
to be the "login into the modem" mandated by the router web config,
but it may not be. Coz' when
go the web config on the router and login it always fails.

I just put my old RT31P2 back and everything a OK (of course I do not
have wireless) -- until I figure
a solution for this so I can use the wireless feature.

TIA

[R I G Consulting, Inc.]

Thanks for tuning in to the problem, answers below your question.

My problem is that you supplied everything except:
1. What you're trying to accomplish?

**** Moving from wired to wireless router. Everything else is the
same. Desktops
connected to router and router to DSL modem (westell wirespeed)

2. What you have to work with? (i.e. type of service, type of
connection (PPPoE, PPPoA, DHCP, etc, model of DSL or cable modem,
etc.

**** PPPoE

3. What problem are you experiencing? I prefer to supply the right
way to do things, rather than try to determine what you might be
doing
wrong.

***** with the old setup, whenever I rid of the router and put it
back, no re-login,
no change to anything. It works like magic -- not really magic, the
router
retains the config saved and restored -- even though power cycled.
***** with new setup 2 problems (1) need to power cycle every 24 hrs
for wireless to work (2) when ever I put the router back after
removing
it does not work, unless I start setup from the beginning using the
"nw magic" desktp
sw. I agree I need to rid of the sw, but it seems to turn on some soft
switch on the
router to connect to the modem (note the LAN switch function is ok,
just no access
to internet) I presumed this switch to be the " login to the modem"
feature on the router
but it is not, the login keeps failing when I try directly on the
router's web config.
This is frustrating since I want to rid of the sw.

[miso]

I noticed Fry's is now selling Cisco branded routers in addition to
Linksys. As you know, Linksys sucked in the pre-Cisco days. Lots of
complaints on the net. After being owned by Cisco for a while, Linksys
seemed to be OK. Now you show they are selling junk again.

I can verify Linksys customer support is crap. You get the call center
in India and the responses are totally scripted. They won't look into my
router going into an unresponsive state when it gets too much wifi data.
Further, not only is there no new firmware update, but tech support told
me they will only provide new firmware to add a feature. There are no
bug fixes. To add insult to injury, they actually pulled the firmware
from their website, so if for some reason I needed to flash the router,
I'm SOL. The claim was a GPL violation existed in the firmware. Well
spend some freakin' money and get the rights to whatever was violated.

I hate Netgear. Their routers just out and out fizzle. D-Link seems to
be OK for a company that really doesn't design anything. It's all ODM,
just like Belkin, but they seem to have a decent ODM. [I'm only using
D-Link switches, not a wifi router.] A lot of Belkin gear has lifetime
warranties, which I've managed to use thanks to their crappy Chinese
OEM. I will admit Belkin sends you new shit to replace the broken shit,
only after you send them the defective item.

It may be to get a decent router these days, you have to buy the Cisco
branded gear. If the support on Cisco branded gear is in the US, I'd go
that route.

I haven't called D-Link in years, but in the day, their tech support
seemed to be domestic and competent.

In my call to Linksys tech support, it was suggested to first try a
different channel. I refused because that would mean setting up all my
wifi clients again. No amount of insisting I didn't have a comm issue on
the channel I picked would get me past step one on their script. I ran
kismet and knew all the signal strength of my neighbors and the channels
in use.

[Char Jackson]

On Tue, 08 Nov 2011 22:35:05 -0800, miso <mi...@sushi.com> wrote:

>I noticed Fry's is now selling Cisco branded routers in addition to
>Linksys. As you know, Linksys sucked in the pre-Cisco days. Lots of
>complaints on the net. After being owned by Cisco for a while, Linksys
>seemed to be OK. Now you show they are selling junk again.

I guess everyone has their own perspective, just like everyone loves a
certain brand of hard drive and considers all the rest junk. For me,
Linksys (pre-Cisco) was the best of the lot at that time. Netgear was
also fine, with D-Link solidly bringing up the rear. Other brands,
notably Belkin, didn't even rate a mention, in my book. As for Linksys
complaints on the net, I believe Linksys was by far the most popular
so it stands to reason they would have the most complaints. I'm sure
they also had the most satisfied users.

It's important to note a few things, as well. Every brand has its
stars and its clunkers, so it's not fair or correct to say a whole
brand name is junk. I'm guilty of that, too. Secondly, it can also
make a difference to separate the firmware from the hardware and
evaluate each on its own. If you can run 3rd party firmware such as
dd-wrt or Tomato or one of the other well-liked and well-known
flavors, then it doesn't much matter how bad the original firmware is
because you have an easy way to get around it.

>I can verify Linksys customer support is crap. You get the call center
>in India and the responses are totally scripted. They won't look into my
>router going into an unresponsive state when it gets too much wifi data.
>Further, not only is there no new firmware update, but tech support told
>me they will only provide new firmware to add a feature. There are no
>bug fixes. To add insult to injury, they actually pulled the firmware
>from their website, so if for some reason I needed to flash the router,
>I'm SOL. The claim was a GPL violation existed in the firmware. Well
>spend some freakin' money and get the rights to whatever was violated.

It's news to me that they no longer provide firmware on their website
or that they don't provide bug fixes, so I checked a random model, the
WRT54GL v1.1. While a quick glance didn't reveal multiple firmware
versions, the latest version was there and its release notes had a
fairly extensive list of bug fixes and nearly no new features. So much
for what they told you.
<http://homedownloads.cisco.com/downloads/WRT54GL_v4.30.15_FwReleaseNotes.txt>

>I hate Netgear. Their routers just out and out fizzle. D-Link seems to
>be OK for a company that really doesn't design anything. It's all ODM,
>just like Belkin, but they seem to have a decent ODM. [I'm only using
>D-Link switches, not a wifi router.] A lot of Belkin gear has lifetime
>warranties, which I've managed to use thanks to their crappy Chinese
>OEM. I will admit Belkin sends you new shit to replace the broken shit,
>only after you send them the defective item.

I have no experience with Belkin other than I've replaced a few dozen
Belkin routers with Linksys models over the years. Usually it was
because the Belkin had died, but more so lately it has been because
the customer wanted to go wireless.

>It may be to get a decent router these days, you have to buy the Cisco
>branded gear. If the support on Cisco branded gear is in the US, I'd go
>that route.
>
>I haven't called D-Link in years, but in the day, their tech support
>seemed to be domestic and competent.
>
>In my call to Linksys tech support, it was suggested to first try a
>different channel. I refused because that would mean setting up all my
>wifi clients again. No amount of insisting I didn't have a comm issue on
>the channel I picked would get me past step one on their script. I ran
>kismet and knew all the signal strength of my neighbors and the channels
>in use.

I don't see why changing channels on the router would mean squat to
the wireless clients. You don't get to specify the channel on the
client.

[R I G Consulting, Inc.]

I decided to call the LinkSys support eventually when I have
patience to deal with them, but meanwhile I decided D-Link for
backup instead of Belkin based on the above feedback. Any
suggestions on D-Link router models based on what I intend to
do (explained in the posts above?)

TIA

[alexd]

miso (for it is he) wrote:

> The claim was a GPL violation existed in the firmware. Well spend some
> freakin' money and get the rights to whatever was violated.

Ironically they couldn't buy the rights if they wanted to - all they need to
do is provide the source and the problem goes away.

> I hate Netgear. Their routers just out and out fizzle. D-Link seems to
> be OK for a company that really doesn't design anything. It's all ODM,
> just like Belkin, but they seem to have a decent ODM. [I'm only using
> D-Link switches, not a wifi router.]

Don't be in any doubt that Linksys is all about ODMing as well.

> It may be to get a decent router these days, you have to buy the Cisco
> branded gear. If the support on Cisco branded gear is in the US, I'd go
> that route.

Unfortunately Cisco have polluted their brand with their forays into the
lower end. Whereas before if someone bought a Cisco router or switch, they
could be sure they had something reasonably decent running IOS or CatOS;
nowadays you have to clarify with them, is it "Cisco Small Business",
"Linksys by Cisco", "Catalyst Express" or is it actually real Cisco kit?
When they bought Linksys, surely all they were getting was the name; they
already had the technical muscle, distribution, sales, marketing, etc. They
could have done the ODMs without buying Linksys, now they've got rid of the
brand too, what have they got left? I suppose this is partly what the recent
whining in the financial press over Cisco's management has been about.

--
<http://ale.cx/> (AIM:troffasky) (UnSoEs...@ale.cx)
18:08:34 up 54 days, 22 min, 7 users, load average: 0.19, 0.19, 0.26
"People believe any quote they read on the internet
if it fits their preconceived notions." - Martin Luther King

[alexd]

R I G Consulting, Inc. (for it is he) wrote:

> Any suggestions

If you get something that can run OpenWRT or DDWRT, then at least you've got
a way out if the original firmware is a bag of shite.

--
<http://ale.cx/> (AIM:troffasky) (UnSoEs...@ale.cx)

18:35:41 up 54 days, 49 min, 7 users, load average: 0.09, 0.12, 0.14

[miso]

Some of my gear will not connect if the channel is changed. It might be
security in the client. My Logitech squeezeboxes for instance. It sees
something has changed, and figures you want to start from scratch.

Linksys pre-Cisco was dissed quite a bit on the net. Also not every
Linksys can use 3rd party firmware. I have a WRT330N. Per the Cisco
website:
> (The firmware/driver for this product is no longer available for download. We regret any inconvenience this may cause you.)

Hey at least they are sorry. ;-) Like I said, there is a GPL violation
in the firmware, and the company is to f-ing cheap to pay off whomever
needs to be paid off. I weaseled that out of tech support, though with
more polite terminology.

> http://www.dd-wrt.com/wiki/index.php/Linksys_WRT330N

[miso]

On 11/9/2011 10:30 AM, alexd wrote:
> miso (for it is he) wrote:
>
>> The claim was a GPL violation existed in the firmware. Well spend some
>> freakin' money and get the rights to whatever was violated.
>
> Ironically they couldn't buy the rights if they wanted to - all they need to
> do is provide the source and the problem goes away.
>
>> I hate Netgear. Their routers just out and out fizzle. D-Link seems to
>> be OK for a company that really doesn't design anything. It's all ODM,
>> just like Belkin, but they seem to have a decent ODM. [I'm only using
>> D-Link switches, not a wifi router.]
>
> Don't be in any doubt that Linksys is all about ODMing as well.
>
>> It may be to get a decent router these days, you have to buy the Cisco
>> branded gear. If the support on Cisco branded gear is in the US, I'd go
>> that route.
>
> Unfortunately Cisco have polluted their brand with their forays into the
> lower end. Whereas before if someone bought a Cisco router or switch, they
> could be sure they had something reasonably decent running IOS or CatOS;
> nowadays you have to clarify with them, is it "Cisco Small Business",
> "Linksys by Cisco", "Catalyst Express" or is it actually real Cisco kit?
> When they bought Linksys, surely all they were getting was the name; they
> already had the technical muscle, distribution, sales, marketing, etc. They
> could have done the ODMs without buying Linksys, now they've got rid of the
> brand too, what have they got left? I suppose this is partly what the recent
> whining in the financial press over Cisco's management has been about.
>

I will admit I don't understand the GPL issue. I provided the lame ass
message on the Cisco website in my other post, but here it is again:
> http://homesupport.cisco.com/en-us/wireless/lbc/WRT330N

[Char Jackson]

On Wed, 09 Nov 2011 21:58:17 -0800, miso <mi...@sushi.com> wrote:

>On 11/9/2011 12:48 AM, Char Jackson wrote:
>> I don't see why changing channels on the router would mean squat to
>> the wireless clients. You don't get to specify the channel on the
>> client.
>
>Some of my gear will not connect if the channel is changed. It might be
>security in the client. My Logitech squeezeboxes for instance. It sees
>something has changed, and figures you want to start from scratch.

I don't know what "start from scratch" means, or what it entails with
regard to a Squeezebox, but it doesn't surprise me that changing the
channel on the router causes the clients to drop. That sounds
completely normal. When you re-establish the wireless connection the
clients will (automatically) use the new channel. When tech support
suggested you try another channel, that sounds like excellent advice
to me. Not all forms of interference on the WiFi spectrum comes from
other WiFi devices so it won't necessarily show up with WiFi
monitoring tools. Lacking proper tools, trial and error is probably
your best bet.

>Linksys pre-Cisco was dissed quite a bit on the net.

Yes, of course. They were, by far, the most popular brand out there
for quite a number of years and probably still are, so it stands to
reason that they would have the largest number of complaints. When
more people use something, that thing will generate a higher number of
complaints, but the picture changes dramatically when you consider the
number of complaints as a percentage of total number of customers. I
think that's the point you're missing.

>Also not every Linksys can use 3rd party firmware.

Of course. IMHO, it's a good idea, prior to making a purchase
decision, to determine whether that piece of hardware is supported by
3rd party firmware, but I understand that most people don't consider
that to be important or simply don't think that far ahead. Some of
them come to regret it later.

> I have a WRT330N. Per the Cisco website:
>> (The firmware/driver for this product is no longer available for download. We regret any inconvenience this may cause you.)
>
>Hey at least they are sorry. ;-) Like I said, there is a GPL violation
>in the firmware, and the company is to f-ing cheap to pay off whomever
>needs to be paid off. I weaseled that out of tech support, though with
>more polite terminology.

Who do you think they should pay? Why do you think this is a case of
not wanting to pay someone?

[R I G Consulting, Inc.]

I have been aware of third party firmware, but OpenWRT is
flabbergasting, I never
knew it existed!

Google searched for "D-Link OpenWRT", not anywhere closer to a g/n
router, may have to settle with a 802.11b:

This is 802.11b:
http://wiki.openwrt.org/toh/d-link/dsl-2640u

Linksys WRT54G series may not a be bad choice since it is OpenWRT
compatible, but it is a 802.11b as well.
http://en.wikipedia.org/wiki/Linksys_WRT54G_series

It appears, OpenWRT has the latest at 802.11b for both LinkSys and D-
Link?
So I may have settle with 802.11b?

TIA

[Jeff Liebermann]

On Thu, 10 Nov 2011 06:13:18 -0800 (PST), "R I G Consulting, Inc."
<rig_p...@yahoo.com> wrote:

>It appears, OpenWRT has the latest at 802.11b for both LinkSys and D-
>Link?
>So I may have settle with 802.11b?

No. All the devices in the supported shopping list support 802.11g.
<http://www.dd-wrt.com/wiki/index.php/Supported_Devices>
<http://wiki.openwrt.org/toh/start>
<http://www.polarcloud.com/tomato>
I prefer DD-WRT.

Note that not every WRT54G hardware mutation is suitable. V1.1 thru
V4 are fine, V5 and V6 are junk, and V5 thu V8 only have enough RAM to
load the "micro" version, which is lacking in many features.

Note that Netgear also has their own open source support forum:
<http://www.myopenrouter.com>

Plenty to choose from. However, are you sure you're ready for a
learning curve? Alternative firmware is NOT a plug-n-play exercise.

[alexd]

Jeff Liebermann (for it is he) wrote:

> Plenty to choose from. However, are you sure you're ready for a
> learning curve? Alternative firmware is NOT a plug-n-play exercise.

I beg to differ - DD-WRT has looked the same to me on every router I've ever
put it on, which eases the learning curve as you're not having to figure out
another manufacturer's UI. The defaults are sensible [apart from the
insecure wifi] so it should be easy enough to get going. If you're not up to
installing it on your router, a quick Google product search will turn up
routers pre-loaded with DD-WRT.

--
<http://ale.cx/> (AIM:troffasky) (UnSoEs...@ale.cx)

19:32:31 up 55 days, 1:46, 7 users, load average: 0.07, 0.26, 0.35

[miso]

>
> Who do you think they should pay? Why do you think this is a case of
> not wanting to pay someone?
>

There is a GPL violation. Whatever it takes to undo that violation is
what Cisco needs to do. I assume that means a royalty, but I'm not a lawyer.

Changing channels was a moronic suggestion. I had no comm problem. As it
turns out, the problem was with the ISP.

[Char Jackson]

Hopeless.

[miso]

Whatever. I guess this is all beyond your comprehension.

[Jeff Liebermann]

On Thu, 10 Nov 2011 19:39:10 +0000, alexd <trof...@hotmail.com>
wrote:

>Jeff Liebermann (for it is he) wrote:
>
>> Plenty to choose from. However, are you sure you're ready for a
>> learning curve? Alternative firmware is NOT a plug-n-play exercise.
>
>I beg to differ - DD-WRT has looked the same to me on every router I've ever
>put it on, which eases the learning curve as you're not having to figure out
>another manufacturer's UI. The defaults are sensible [apart from the
>insecure wifi] so it should be easy enough to get going. If you're not up to
>installing it on your router, a quick Google product search will turn up
>routers pre-loaded with DD-WRT.

A common user interface is great once you've learned it. The problem
is the initial learning curve. My guess(tm) is that there are perhaps
10 times as many options, checkboxes, and obscure features scattered
among the various DD-WRT management pages. For some models, loading
the firmware is an ordeal process, where a comatose router is the
reward for failing to follow the instructions exactly.

Many useful features (such as being able to directly configure an
attached cable or DSL modem), require command line incantations to
configure. Another example is guest access on a separate subnet.
That's a standard feature on most commodity routers made in the last 2
years. For dd-wrt, here's the procedure:
<http://forums.buffalotech.com/t5/Wireless/FAQ-5-of-5-Wireless-Guest-Network-on-Buffalo-DD-WRT/td-p/65372>

As for the defaults being sensible, there are a few that I would
change. Saving the DHCP status (MAC address table), between reboots
is useful, until you try it at a coffee shop which could easily see
thousands of MAC addresses. Probably a few more I could complain
about, but I don't want to look right now.

As for routers pre-loaded with DD-WRT, to the best of my knowledge,
only Buffalo offers retail "powered by dd-wrt" products.

[Robert Redelmeier]

In comp.dcom.lans.ethernet miso <mi...@sushi.com> wrote in part:

> There is a GPL violation. Whatever it takes to undo that violation is what
> Cisco needs to do. I assume that means a royalty, but I'm not a lawyer.

GPL violations are usually failure to publish source. Easy to
cure, just give the source to anyone who legitimately has the
device/binary and requests it. Not at all easy to figure out to
whom you might pay a royalty. The Linux kernel has hundreds if not
thousands of authors, all of whom would have to give you a separate
licence. Virtually impossible, so delivering source is easier.

-- Robert

[Char Jackson]

On Fri, 11 Nov 2011 08:28:31 -0800, Jeff Liebermann <je...@cruzio.com>
wrote:

>A common user interface is great once you've learned it. The problem
>is the initial learning curve. My guess(tm) is that there are perhaps
>10 times as many options, checkboxes, and obscure features scattered
>among the various DD-WRT management pages. For some models, loading
>the firmware is an ordeal process, where a comatose router is the
>reward for failing to follow the instructions exactly.
>
>Many useful features (such as being able to directly configure an
>attached cable or DSL modem), require command line incantations to
>configure.

Just curious, can you give an example of a cable modem that can be
configured by the user (versus the cable company)? I can't think of
any modems, or modem features, that allow that.*

*Not without flashing the firmware, I mean.

[Jeff Liebermann]

On Fri, 11 Nov 2011 17:18:29 -0600, Char Jackson <no...@none.invalid>
wrote:

>Just curious, can you give an example of a cable modem that can be
>configured by the user (versus the cable company)? I can't think of
>any modems, or modem features, that allow that.*
>
>*Not without flashing the firmware, I mean.

Ok, I won't mention the cable modem hacking guide.

I shouldn't have used "configure" and cable modem in the same
sentence. There's nothing that can be changed by the user as
literally all the parameters and settings are performed via DHCP
extensions from the CMTS. However, on Comcast, the user can connect
to 192.168.100.254 and obtain connection status, signal levels, and
other interesting info.

It's more useful with a DSL modem, where users actually have access to
settings that they can change and screw up. Here's the setup for
DD-WRT to create what I think is a static route to the WAN side of the
router so that LAN users can talk to the modem.
<http://www.dd-wrt.com/wiki/index.php/Access_To_Modem_Configuration>
It took me about an hour to decode the instructions, fix my errors,
and make it work. It's now in all my DD-WRT installations.

[miso]

So you think Cisco has some call it "sexy code" that they don't want to
publish so they just completely pulled the firmware? But the firmware is
out there, so wouldn't that mean the products in the field violate the GPL?

It would be interesting to go through the support website and see how
many routers for which they won't supply the firmware. Obviously a
tedious task.

[alexd]

miso (for it is he) wrote:

> On 11/11/2011 2:32 PM, Robert Redelmeier wrote:

>> GPL violations are usually failure to publish source. Easy to
>> cure, just give the source to anyone who legitimately has the
>> device/binary and requests it. Not at all easy to figure out to
>> whom you might pay a royalty. The Linux kernel has hundreds if not
>> thousands of authors, all of whom would have to give you a separate
>> licence. Virtually impossible, so delivering source is easier.

I suspect the vast majority of contributors wouldn't want one's money anyway
- after all there's a reason they made their contributions under the GPL in
the first place.

> So you think Cisco has some call it "sexy code" that they don't want to
> publish so they just completely pulled the firmware?

My guess it was written by an ODM and they don't have the source in the
first place. Perhaps they've had to do some arm-twisting to get it
subsequently.

> But the firmware is out there, so wouldn't that mean the products in the
> field violate the GPL?

<http://www.linuxfordevices.com/c/a/News/Cisco-settles-with-FSF-on-GPL-
violations/>

--
<http://ale.cx/> (AIM:troffasky) (UnSoEs...@ale.cx)

10:17:07 up 49 min, 5 users, load average: 0.19, 0.25, 0.34

[Char Jackson]

On Fri, 11 Nov 2011 20:26:04 -0800, Jeff Liebermann <je...@cruzio.com>
wrote:

>On Fri, 11 Nov 2011 17:18:29 -0600, Char Jackson <no...@none.invalid>
>wrote:
>
>>Just curious, can you give an example of a cable modem that can be
>>configured by the user (versus the cable company)? I can't think of
>>any modems, or modem features, that allow that.*
>>
>>*Not without flashing the firmware, I mean.
>
>Ok, I won't mention the cable modem hacking guide.

No need, I'm quite familiar with that aspect.

>I shouldn't have used "configure" and cable modem in the same
>sentence. There's nothing that can be changed by the user as
>literally all the parameters and settings are performed via DHCP
>extensions from the CMTS. However, on Comcast, the user can connect
>to 192.168.100.254 and obtain connection status, signal levels, and
>other interesting info.

IME, most cable modems seem to have followed the Motorola example and
put their web server at 192.168.100.1. I've only seen the .254 address
on some 2Wire DSL modems. No NAT router configuration is required to
reach the 192.168.100.x subnet because it's outside of the LAN in
every case I've stumbled across, although now that I've said that I
suppose I'll encounter someone who has configured their LAN to be on
the 192.168.100.x subnet and can't figure out why they can't see past
their router to view their cable modem status.

>It's more useful with a DSL modem, where users actually have access to
>settings that they can change and screw up. Here's the setup for
>DD-WRT to create what I think is a static route to the WAN side of the
>router so that LAN users can talk to the modem.
><http://www.dd-wrt.com/wiki/index.php/Access_To_Modem_Configuration>
>It took me about an hour to decode the instructions, fix my errors,
>and make it work. It's now in all my DD-WRT installations.

Yuck. Happily, I've never run into that. Good to know there's a
solution, just in case.

[Jeff Liebermann]

On Sat, 12 Nov 2011 10:03:39 -0600, Char Jackson <no...@none.invalid>
wrote:

>IME, most cable modems seem to have followed the Motorola example and
>put their web server at 192.168.100.1. I've only seen the .254 address
>on some 2Wire DSL modems.

So much for my photographic memory.

>No NAT router configuration is required to
>reach the 192.168.100.x subnet because it's outside of the LAN in
>every case I've stumbled across, although now that I've said that I
>suppose I'll encounter someone who has configured their LAN to be on
>the 192.168.100.x subnet and can't figure out why they can't see past
>their router to view their cable modem status.

Try it. I think you'll be surprised. What the router will do is
assume that access to every IP address outside of the NAT address
space is reached through the default gateway address. For example, if
the NAT LAN side is at 192.168.1.xxx, and you try to view
192.168.100.1 with your web browser, the router will dutifully send
the request to the ISP's default gateway. Note that this is the ISP's
default gateway, not the router IP.

In order to avoid having everything outside of the NAT address block
go out via the ISP default gateway, you need to setup a static route
on the WAN side of the router. The ugly mess below is how DD-WRT does
it.

Even if the user mis-configures their router to use 192.168.100.xxx as
their NAT address space, it still won't work. The router has to
decide which side of the router the 192.168.100.1 address is located.
The assumption is that since it's in the NAT address space, it must be
on the LAN side. It won't look on the WAN side. This is a problem
with older DSL modems, that default to 192.168.0.1. This also
explains why many newer routers now default to 192.168.2.xxx.

I've found very few consumer level routers that can successfully
configure the modem through the router. The conglomerated devices,
that have the modem and router in the same package, such as the 2wire
2700HG-B DSL modem/router, will do it. Since it's all in one box, a
single management IP address is used to configure both the modem and
the router, thus eliminating the need for elaborate routing.

>>It's more useful with a DSL modem, where users actually have access to
>>settings that they can change and screw up. Here's the setup for
>>DD-WRT to create what I think is a static route to the WAN side of the
>>router so that LAN users can talk to the modem.
>><http://www.dd-wrt.com/wiki/index.php/Access_To_Modem_Configuration>
>>It took me about an hour to decode the instructions, fix my errors,
>>and make it work. It's now in all my DD-WRT installations.
>
>Yuck. Happily, I've never run into that. Good to know there's a
>solution, just in case.

You will run into it with most consumer router installation. One
reason I use DD-WRT is that I can do such tricks. It's not often that
I have to look at the modem config, but they do exist. For example, I
have a situation where the DSL signal levels and SNR seem to be
varying. I login remotely (using TeamViewer) to the customers PC,
connect to the DSL modem at 192.168.0.1, and look at the numbers.

[miso]

On 11/12/2011 2:24 AM, alexd wrote:
> miso (for it is he) wrote:
>
>> On 11/11/2011 2:32 PM, Robert Redelmeier wrote:
>
>>> GPL violations are usually failure to publish source. Easy to
>>> cure, just give the source to anyone who legitimately has the
>>> device/binary and requests it. Not at all easy to figure out to
>>> whom you might pay a royalty. The Linux kernel has hundreds if not
>>> thousands of authors, all of whom would have to give you a separate
>>> licence. Virtually impossible, so delivering source is easier.
>
> I suspect the vast majority of contributors wouldn't want one's money anyway
> - after all there's a reason they made their contributions under the GPL in
> the first place.
>
>> So you think Cisco has some call it "sexy code" that they don't want to
>> publish so they just completely pulled the firmware?
>
> My guess it was written by an ODM and they don't have the source in the
> first place. Perhaps they've had to do some arm-twisting to get it
> subsequently.
>
>> But the firmware is out there, so wouldn't that mean the products in the
>> field violate the GPL?
>
> <http://www.linuxfordevices.com/c/a/News/Cisco-settles-with-FSF-on-GPL-
> violations/>
>

Well that is about 90% of the story I was looking for. Thanks. However,
If Cisco published the source per the lawsuit, then why is the firmware
off their website?

This router came out long after the Linksys buyout. It could have
remnants of the old code, but you would think Cisco would have cleaned
things up by then. The buyout was in 2003. The WRT330N came out around
2007 based on reviews.

I wonder if Cisco just paid enough to cover the FSF legal costs, or
really made a significant contribution to the cause.

[Char Jackson]

On Sat, 12 Nov 2011 10:44:07 -0800, Jeff Liebermann <je...@cruzio.com>
wrote:

>On Sat, 12 Nov 2011 10:03:39 -0600, Char Jackson <no...@none.invalid>
>wrote:
>

>>No NAT router configuration is required to
>>reach the 192.168.100.x subnet because it's outside of the LAN in
>>every case I've stumbled across, although now that I've said that I
>>suppose I'll encounter someone who has configured their LAN to be on
>>the 192.168.100.x subnet and can't figure out why they can't see past
>>their router to view their cable modem status.
>
>Try it. I think you'll be surprised. What the router will do is
>assume that access to every IP address outside of the NAT address
>space is reached through the default gateway address. For example, if
>the NAT LAN side is at 192.168.1.xxx, and you try to view
>192.168.100.1 with your web browser, the router will dutifully send
>the request to the ISP's default gateway. Note that this is the ISP's
>default gateway, not the router IP.

I'm not sure how to test what I think you're saying. With a live
Internet connection, a traceroute to the modem's web interface shows
the NAT router as the first hop, with hop 2 being the destination, the
modem. No mention of the ISP gateway there, but I wonder if you're
saying it happens but is silent. I'm not set up to do packet captures
on the WAN side of the router so I can't tell. The router's routing
table doesn't have an entry for 192.168.100.x so I suppose it does
have to bounce off the ISP's gateway, after all.

>In order to avoid having everything outside of the NAT address block
>go out via the ISP default gateway, you need to setup a static route
>on the WAN side of the router. The ugly mess below is how DD-WRT does
>it.

Well, other than the modem traffic (perhaps), you'd *want* everything
outside of the NAT block to hit the ISP default gateway, right?

>Even if the user mis-configures their router to use 192.168.100.xxx as
>their NAT address space, it still won't work.

No, I was saying the opposite. It always works *unless* the user
misconfigures their router to use 192.168.100.x on the LAN side. If
that happens, you have the scenario you described directly below, but
I haven't run into that and if I ever do, it will be easy to identify
and likely easy to fix.

>The router has to
>decide which side of the router the 192.168.100.1 address is located.
>The assumption is that since it's in the NAT address space, it must be
>on the LAN side. It won't look on the WAN side. This is a problem
>with older DSL modems, that default to 192.168.0.1. This also
>explains why many newer routers now default to 192.168.2.xxx.
>
>I've found very few consumer level routers that can successfully
>configure the modem through the router.

I haven't seen a router that *can't* access a modem on the router's
WAN side, so I assume you're limiting that statement in some way that
I'm not aware of.

>The conglomerated devices,
>that have the modem and router in the same package, such as the 2wire
>2700HG-B DSL modem/router, will do it. Since it's all in one box, a
>single management IP address is used to configure both the modem and
>the router, thus eliminating the need for elaborate routing.
>
>>>It's more useful with a DSL modem, where users actually have access to
>>>settings that they can change and screw up. Here's the setup for
>>>DD-WRT to create what I think is a static route to the WAN side of the
>>>router so that LAN users can talk to the modem.
>>><http://www.dd-wrt.com/wiki/index.php/Access_To_Modem_Configuration>
>>>It took me about an hour to decode the instructions, fix my errors,
>>>and make it work. It's now in all my DD-WRT installations.
>>
>>Yuck. Happily, I've never run into that. Good to know there's a
>>solution, just in case.
>
>You will run into it with most consumer router installation. One
>reason I use DD-WRT is that I can do such tricks. It's not often that
>I have to look at the modem config, but they do exist. For example, I
>have a situation where the DSL signal levels and SNR seem to be
>varying. I login remotely (using TeamViewer) to the customers PC,
>connect to the DSL modem at 192.168.0.1, and look at the numbers.

So far, I'm not understanding what triggers the requirement to set up
this static route. I haven't run into it so I assume I've been lucky,
but I hate to depend on luck, especially with (potentially) a customer
looking over my shoulder.

[Jeff Liebermann]

On Sat, 12 Nov 2011 17:42:18 -0600, Char Jackson <no...@none.invalid>
wrote:

>I'm not sure how to test what I think you're saying.

Take a DSL or cable modem. If possible, set the DSL modem to "bridge
mode" so that there isn't a 2nd set of IP addresses (double NAT)
involved. Attach a consumer grade router to the modem. Configure as
needed (i.e. PPPoE login/passwd). Make sure you can browse the
internet.

For the test, try to connect to 192.168.0.1, 192.168.100.1,
192.168.100.254 or whatever the modem management interface uses. Most
likely, it won't work.

I have about 4 assorted routers in my car. I'll try it later and
report some results.

>With a live
>Internet connection, a traceroute to the modem's web interface shows
>the NAT router as the first hop, with hop 2 being the destination, the
>modem. No mention of the ISP gateway there, but I wonder if you're
>saying it happens but is silent.

Using traceroute, my Buffalo WHR-HP-G54 router, configured with a
static route to the entire 192.168.0.xxx subnet on the WAN side, as
described in:
<http://www.dd-wrt.com/wiki/index.php/Access_To_Modem_Configuration>
using:
> ifconfig `nvram get wan_ifname`:0 192.168.0.5 netmask 255.255.255.0
> iptables -t nat -I POSTROUTING -o `nvram get wan_ifname` -j MASQUERADE

returns:
> C:\>tracert 192.168.0.1
> Tracing route to 192.168.0.1 over a maximum of 30 hops
> 1 1 ms <1 ms <1 ms DD-WRT [192.168.1.1]
> 2 3 ms 2 ms 2 ms 192.168.0.1
> Trace complete.
Also, when I point my browser to:
<http://192.168.0.1>
I'm able to see my DSL modem (Speedstream 4100) config page.

When I temporarily disable the static route by deleting the static
route, I'm not able to connect to the DSL modem config page and
traceroute shows:
> C:\>tracert 192.168.0.1
> Tracing route to 192.168.0.1 over a maximum of 30 hops
> 1 1 ms <1 ms <1 ms DD-WRT [192.168.1.1]
> 2 15 ms 16 ms 16 ms dsl-63-249-85-gateway.static.cruzio.com [63.249.85.1]
> 3 16 ms 14 ms 15 ms 192.168.0.1
> Trace complete.

Note that the packets are now going out via the default gateway to my
ISP. Hmmm... that's odd. I can traceroute and ping 192.168.0.1
successfully, but I can't see anything with the web browser. Time for
a reboot. To be continued...

[Jeff Liebermann]

On Sun, 13 Nov 2011 09:24:25 -0800, Jeff Liebermann <je...@cruzio.com>
wrote:

>When I temporarily disable the static route by deleting the static
>route, I'm not able to connect to the DSL modem config page and
>traceroute shows:
>> C:\>tracert 192.168.0.1
>> Tracing route to 192.168.0.1 over a maximum of 30 hops
>> 1 1 ms <1 ms <1 ms DD-WRT [192.168.1.1]
>> 2 15 ms 16 ms 16 ms dsl-63-249-85-gateway.static.cruzio.com [63.249.85.1]
>> 3 16 ms 14 ms 15 ms 192.168.0.1
>> Trace complete.
>
>Note that the packets are now going out via the default gateway to my
>ISP. Hmmm... that's odd. I can traceroute and ping 192.168.0.1
>successfully, but I can't see anything with the web browser. Time for
>a reboot. To be continued...

Same thing after rebooting everything. The return from 192.168.0.1 is
coming via the ISP (note the latency time) and not directly from the
modem. However, my browser can't see the DSL modem. That means that
my Speedstream 4100 is responding to 192.168.0.1 on the WAN side, but
not allowing remote config on port 80 from the WAN side. However, it
might work on a different port number. Very strange.

More later tonite after I do some more testing with other routers.

[Jeff Liebermann]

On Sat, 12 Nov 2011 10:50:14 -0800, miso <mi...@sushi.com> wrote:

>Well that is about 90% of the story I was looking for. Thanks. However,
>If Cisco published the source per the lawsuit, then why is the firmware
>off their website?

<http://homesupport.cisco.com/en-us/gplcodecenter?gplsku=>
WRT120n is not listed.

My guess(tm) is that it's missing for the same reason that some
firmware updates are missing for obsolete products from other vendors.
The product, firmware, or both are known to be defective. Rather the
propagate a known bad product, which tends to attract product
liability attorneys, the vendor has simple removed all evidence that
the product even existed. Since the WRT120n seems to have chronic and
apparently incurable problems, I suspect that Linksys also removed all
evidence of having produced a lemon.

[Char Jackson]

On Sun, 13 Nov 2011 09:24:25 -0800, Jeff Liebermann <je...@cruzio.com>
wrote:

>On Sat, 12 Nov 2011 17:42:18 -0600, Char Jackson <no...@none.invalid>
>wrote:
>
>>I'm not sure how to test what I think you're saying.
>
>Take a DSL or cable modem. If possible, set the DSL modem to "bridge
>mode" so that there isn't a 2nd set of IP addresses (double NAT)
>involved. Attach a consumer grade router to the modem. Configure as
>needed (i.e. PPPoE login/passwd). Make sure you can browse the
>internet.
>
>For the test, try to connect to 192.168.0.1, 192.168.100.1,
>192.168.100.254 or whatever the modem management interface uses. Most
>likely, it won't work.

I wonder if the key is to have the DSL modem in bridge mode. I realize
that's a valid configuration, but I haven't personally seen it here.
DSL isn't popular in my area to start with, and the few DSL
implementations I've played with haven't been set up that way.

DSL in routed mode, and all cable modem implementations that I've
seen, don't seem to need the explicit route table entries you
mentioned. They just work.

[Char Jackson]

On Sun, 13 Nov 2011 12:36:00 -0600, Char Jackson <no...@none.invalid>

Update to the "they just work" comment. It seems that my previous
hypothesis might be correct in that the ISP's gateway (Comcast,
anyway. Can't speak for DSL at the moment but it may be the same) has
a static route pointing back to each modem, mostly eliminating the
need for the static route to be set up in the NAT router.

What this means is that the modem's web GUI is reachable without any
user configuration, but only if the modem has established a connection
to the ISP's network. Without that connection being up, other
accommodations need to be made, such as setting up a static route
locally or placing the NAT router's WAN interface (or the PC, if
directly connected) in the 192.168.100.x subnet.

You can test this by doing a continuous ping to 192.168.100.1 and then
disconnecting the cable modem's coax. Not only is the target IP no
longer reachable, the error message is "<ISP's gateway IP> is no
longer reachable." This is despite the ISP's gateway IP not showing up
in a traceroute to 192.168.100.1.

[Jeff Liebermann]

On Sun, 13 Nov 2011 15:48:59 -0600, Char Jackson <no...@none.invalid>
wrote:

>You can test this by doing a continuous ping to 192.168.100.1 and then
>disconnecting the cable modem's coax. Not only is the target IP no
>longer reachable, the error message is "<ISP's gateway IP> is no
>longer reachable." This is despite the ISP's gateway IP not showing up
>in a traceroute to 192.168.100.1.

Ummm... you're disconnecting both the outgoing and incoming route when
you disconnect the cable modem's coax. Of course it will fail.
However, it is proof that the pings are going out to the ISP's router,
and not going to the local cable modem.

I just tried it with a Linksys E1000, and a WRT54G2 router. It did
exactly the same thing as the Buffalo WHR-HP-G54 running DD-WRT, with
one minor oddity. Note the increased latency. Traceroute looks like
this:

> C:\>tracert 192.168.0.1
> Tracing route to 192.168.0.1 over a maximum of 30 hops

> 1 <1 ms <1 ms <1 ms 192.168.1.1
> 2 11 ms 12 ms 12 ms dsl-63-249-85-gateway.static.cruzio.com [63.249.85.1]
> 3 66 ms 76 ms 78 ms 192.168.0.1
> Trace complete.

Pointing the web browser to 192.168.0.1 (IP address of the DSL modem)
still does not produce the config web page with either router.

I tried to setup a different modem for the default double NAT
configuration. However, I ran into a problem. I have a static IP
address which will only work with the DSL modem in bridging mode. So,
I logged into a customers system, that's fairly close to stock except
that they use a Motorola 2210 DSL modem setup in bridged mode:

> C:\>tracert 192.168.1.254
> Tracing route to 192.168.1.254 over a maximum of 30 hops
> 1 <1 ms <1 ms <1 ms router.belkin [192.168.111.254]
> 2 44 ms 44 ms 45 ms adsl-76-254-7-254.dsl.pltn13.sbcglobal.net [76.254.7.254]
> 3 45 ms 45 ms 44 ms dist2-vlan52.pltnca.sbcglobal.net [99.36.71.130]
> 4 * * * Request timed out.
> 5 * * * Request timed out.

I also tried it (remotely) from my palatial office:

> C:\>tracert 192.168.0.1
> Tracing route to 192.168.0.1 over a maximum of 30 hops

> 1 <1 ms <1 ms <1 ms 192.168.111.1
> 2 44 ms 44 ms 43 ms adsl-63-198-98-49.dsl.snfc21.pacbell.net [63.198.98.49]
> 3 43 ms 44 ms 44 ms dist1-vlan62.snfcca.sbcglobal.net [206.13.3.129]
> 4 * * * Request timed out.
> 5 * * * Request timed out.

Again, traffic to the DSL modem's IP address goes out to the ISP. As
before, I was unable to access the modem config page through the
router. However, all the above systems were setup by me, and I always
use the bridged mode in the DSL modem. I'll see if I can find one
that uses double NAT.

So, are you able to connect to your cable modem config page from the
LAN side of a commodity router? (Not ping or traceroute, but by using
a web browser). If so, what is the maker and model number of the
cable modem and router? If not, do now you see why I need the static
route to the modem?

[Char Jackson]

On Sun, 13 Nov 2011 19:39:20 -0800, Jeff Liebermann <je...@cruzio.com>
wrote:

>On Sun, 13 Nov 2011 15:48:59 -0600, Char Jackson <no...@none.invalid>
>wrote:
>
>>You can test this by doing a continuous ping to 192.168.100.1 and then
>>disconnecting the cable modem's coax. Not only is the target IP no
>>longer reachable, the error message is "<ISP's gateway IP> is no
>>longer reachable." This is despite the ISP's gateway IP not showing up
>>in a traceroute to 192.168.100.1.
>
>Ummm... you're disconnecting both the outgoing and incoming route when
>you disconnect the cable modem's coax. Of course it will fail.

Say what? I thought I was trying to determine whether traffic to
192.168.100.1 was hitting the ISP's gateway or not. It looks like it
does, even though it doesn't show up in a traceroute. The other thing
I thought I was determining was whether a static route needs to be
configured locally, and it apparently does not.

>However, it is proof that the pings are going out to the ISP's router,
>and not going to the local cable modem.

Or more correctly, they are going through the cable modem to the ISP's
default gateway, then back to the modem.

Yes, of course. I've been doing it since cable Internet came to the
area in about 1996.

>If so, what is the maker and model number of the cable modem and
>router?

Router is any, including multiple models of all the common brand
names: Linksys (stock firmware, Tomato, dd-wrt, etc.), Netgear,
D-Link, Belkin, TrendNet, and a bunch I've probably only heard of
once. Cable modems are the usual Motorola models, most typically the
5x00 series and 6x00 series, as well as some Thomsen's.

>If not, do now you see why I need the static route to the modem?

No, not really. From what I can tell, if the Internet connection is up
the locally configured static route is completely unnecessary, and
that is 100% of the cases for me. If the Internet connection is not up
I wouldn't be able to remote in in the first place. The edge case is
where I'm on site, the Internet connection is down, and I need to see
what the modem can tell me. In that case, I'd probably just connect
directly to the modem, bypassing the router and bypassing the need for
a static route.

Bottom line, I'm still not sure when this static route is needed.
Certainly not with cable systems, but also not with the DSL that I've
seen, although my DSL experience is very limited.

[Char Jackson]

On Sun, 13 Nov 2011 19:39:20 -0800, Jeff Liebermann <je...@cruzio.com>
wrote:

>So, are you able to connect to your cable modem config page from the
>LAN side of a commodity router? (Not ping or traceroute, but by using
>a web browser). If so, what is the maker and model number of the
>cable modem and router? If not, do now you see why I need the static
>route to the modem?

I think I've solved the mystery, after giving it some thought. It has
nothing to do with the make or model of router and nothing to do with
the type of modem (cable or DSL) or how it's configured (router or
bridge). It comes down to the ISP and whether they have a static route
configured on their end to bring modem traffic back to the modem.

Fortunately for me, the 3 cable ISP's in my area, Comcast, Time
Warner, and Surewest, and the single DSL ISP, at&t, all provide such a
static route. This basically means I don't need to worry about
configuring the route myself, except for a few fringe cases that don't
really apply to me.

The ISP's in your area are apparently less customer friendly and
require you to configure the route yourself. I have no explanation for
that, other than possibly a we-don't-care attitude.

[Jeff Liebermann]

On Mon, 14 Nov 2011 23:38:28 -0600, Char Jackson <no...@none.invalid>
wrote:

>On Sun, 13 Nov 2011 19:39:20 -0800, Jeff Liebermann <je...@cruzio.com>
>wrote:
>
>>So, are you able to connect to your cable modem config page from the
>>LAN side of a commodity router? (Not ping or traceroute, but by using
>>a web browser). If so, what is the maker and model number of the
>>cable modem and router? If not, do now you see why I need the static
>>route to the modem?
>
>I think I've solved the mystery, after giving it some thought. It has
>nothing to do with the make or model of router and nothing to do with
>the type of modem (cable or DSL) or how it's configured (router or
>bridge). It comes down to the ISP and whether they have a static route
>configured on their end to bring modem traffic back to the modem.
>
>Fortunately for me, the 3 cable ISP's in my area, Comcast, Time
>Warner, and Surewest, and the single DSL ISP, at&t, all provide such a
>static route. This basically means I don't need to worry about
>configuring the route myself, except for a few fringe cases that don't
>really apply to me.

I just came from a customer with Comcast service. Arris TM502G modem
and Netgear WGR614v6 router. I can see the modem config page at
192.168.100.1 the way you describe without any static route tricks.
However, I'm not sure that the ISP has provided a route to the modem
back from the ISP gateway router as you suspect. When I run
traceroute, it shows up as two hops. Same as in the original static
route example. Something like this:
> C:\>tracert 192.168.100.1
> Tracing route to 192.168.100.1 over a maximum of 30 hops

> 1 1 ms <1 ms <1 ms 192.168.1.1

> 2 3 ms 2 ms 2 ms 192.168.100.1
> Trace complete.

Note that the gateway router is not on the route, that the response
from the cable modem is quick, and that it does not include any
additional delays I would expect if the packets were going the long
way via the ISP. It's identical to what I got when I setup a static
route to the modem. Something else is going on, but I don't know
what.

>The ISP's in your area are apparently less customer friendly and
>require you to configure the route yourself. I have no explanation for
>that, other than possibly a we-don't-care attitude.

I'll ask some of the local DSL ISP's and see how they respond. Might
as well as in ba.internet and get a consensus. I don't think it's a
conspiracy. Actually, it may have been a botched implementation.
Without a static route, I can ping or traceroute to the modem
interface. What I can't do is get a web page on port 80 which
suggests a partial implementation.

[Char Jackson]

On Tue, 15 Nov 2011 14:21:30 -0800, Jeff Liebermann <je...@cruzio.com>

wrote:

>On Mon, 14 Nov 2011 23:38:28 -0600, Char Jackson <no...@none.invalid>
>wrote:
>
>>On Sun, 13 Nov 2011 19:39:20 -0800, Jeff Liebermann <je...@cruzio.com>
>>wrote:
>>
>>>So, are you able to connect to your cable modem config page from the
>>>LAN side of a commodity router? (Not ping or traceroute, but by using
>>>a web browser). If so, what is the maker and model number of the
>>>cable modem and router? If not, do now you see why I need the static
>>>route to the modem?
>>
>>I think I've solved the mystery, after giving it some thought. It has
>>nothing to do with the make or model of router and nothing to do with
>>the type of modem (cable or DSL) or how it's configured (router or
>>bridge). It comes down to the ISP and whether they have a static route
>>configured on their end to bring modem traffic back to the modem.
>>
>>Fortunately for me, the 3 cable ISP's in my area, Comcast, Time
>>Warner, and Surewest, and the single DSL ISP, at&t, all provide such a
>>static route. This basically means I don't need to worry about
>>configuring the route myself, except for a few fringe cases that don't
>>really apply to me.
>
>I just came from a customer with Comcast service. Arris TM502G modem
>and Netgear WGR614v6 router.

Modem and router are irrelevant, but continue.

>I can see the modem config page at
>192.168.100.1 the way you describe without any static route tricks.
>However, I'm not sure that the ISP has provided a route to the modem
>back from the ISP gateway router as you suspect. When I run
>traceroute, it shows up as two hops.

Yes, I pointed that out earlier in this thread. That's what ultimately
prompted me to generate traffic and then disconnect the modem's coax,
revealing that router-to-modem traffic was indeed hitting the ISP's
gateway. Note that routers can be configured NOT to decrement the TTL,
thereby becoming invisible to traceroute. That's what's happening
here.

You can test it yourself like I did, or if you have a hub you can
insert it between the router and modem and watch the outgoing 'modem'
traffic. You'll see that it's destined for the default gateway, not
the modem. It's the default gateway that either forwards the traffic
back to the modem or drops it. (Until you configure a static route, of
course.)

>Same as in the original static
>route example. Something like this:
>> C:\>tracert 192.168.100.1
>> Tracing route to 192.168.100.1 over a maximum of 30 hops
>> 1 1 ms <1 ms <1 ms 192.168.1.1
>> 2 3 ms 2 ms 2 ms 192.168.100.1
>> Trace complete.
>
>Note that the gateway router is not on the route, that the response
>from the cable modem is quick, and that it does not include any
>additional delays I would expect if the packets were going the long
>way via the ISP. It's identical to what I got when I setup a static
>route to the modem. Something else is going on, but I don't know
>what.

It looks like standard IP behavior to me.

[Jeff Liebermann]

On Tue, 15 Nov 2011 19:32:11 -0600, Char Jackson <no...@none.invalid>
wrote:

>You can test it yourself like I did, or if you have a hub you can
>insert it between the router and modem and watch the outgoing 'modem'
>traffic. You'll see that it's destined for the default gateway, not
>the modem. It's the default gateway that either forwards the traffic
>back to the modem or drops it. (Until you configure a static route, of
>course.)

Good idea. I'll setup something on the neighbors cable modem in the
next few days using WireShark to sniff the traffic.

>>Same as in the original static
>>route example. Something like this:
>>> C:\>tracert 192.168.100.1
>>> Tracing route to 192.168.100.1 over a maximum of 30 hops
>>> 1 1 ms <1 ms <1 ms 192.168.1.1
>>> 2 3 ms 2 ms 2 ms 192.168.100.1
>>> Trace complete.
>>
>>Note that the gateway router is not on the route, that the response
>>from the cable modem is quick, and that it does not include any
>>additional delays I would expect if the packets were going the long
>>way via the ISP. It's identical to what I got when I setup a static
>>route to the modem. Something else is going on, but I don't know
>>what.
>
>It looks like standard IP behavior to me.

Look again. If the packets went to the ISP gateway and back, I would
expect to see an additional delay to 192.168.100.1. I would also
expect to see the default gateway IP in the traceroute path. It would
be similar to what I saw with my DSL modem as in:

> C:\>tracert 192.168.0.1

> Tracing route to 192.168.0.1 over a maximum of 30 hops
> 1 1 ms <1 ms <1 ms DD-WRT [192.168.1.1]
> 2 15 ms 16 ms 16 ms dsl-63-249-85-gateway.static.cruzio.com [63.249.85.1]
> 3 16 ms 14 ms 15 ms 192.168.0.1
> Trace complete.

That's not quite standard behavior, methinks. Some else is happening,
but I don't know what. Maybe sniffing will help.

[Char Jackson]

On Wed, 16 Nov 2011 08:33:03 -0800, Jeff Liebermann <je...@cruzio.com>
wrote:

>On Tue, 15 Nov 2011 19:32:11 -0600, Char Jackson <no...@none.invalid>
>wrote:
>
>>You can test it yourself like I did, or if you have a hub you can
>>insert it between the router and modem and watch the outgoing 'modem'
>>traffic. You'll see that it's destined for the default gateway, not
>>the modem. It's the default gateway that either forwards the traffic
>>back to the modem or drops it. (Until you configure a static route, of
>>course.)
>
>Good idea. I'll setup something on the neighbors cable modem in the
>next few days using WireShark to sniff the traffic.

Cool, I'll be very interested to see what you find.

I've already mentioned that the lack of an entry in a traceroute is
not a red flag and doesn't mean anything by itself. The most likely
explanation is that the router is configured to leave the TTL alone
rather than decrementing it. Many routers are configured that way, so
there's nothing unusual there.

That leaves the quick RTT that you're seeing. I don't think that's a
valid indicator of "something else". Bottom line, it still looks like
standard IP behavior to me. Removing the modem's coax showed it, and I
expect sniffing to show it, as well.

[alexd]

Char Jackson (for it is he) wrote:

> Jeff Liebermann <je...@cruzio.com> wrote:

>>>>> C:\>tracert 192.168.100.1
>>>>> Tracing route to 192.168.100.1 over a maximum of 30 hops
>>>>> 1 1 ms <1 ms <1 ms 192.168.1.1
>>>>> 2 3 ms 2 ms 2 ms 192.168.100.1
>>>>> Trace complete.

> That leaves the quick RTT that you're seeing. I don't think that's a
> valid indicator of "something else".

Then you don't understand. It's not going to get to the ISPs router and back
to the customer in 2ms, is it?

--
<http://ale.cx/> (AIM:troffasky) (UnSoEs...@ale.cx)

20:29:33 up 1 day, 21:44, 3 users, load average: 0.06, 0.17, 0.19

[Char Jackson]

On Wed, 16 Nov 2011 20:31:29 +0000, alexd <trof...@hotmail.com>
wrote:

>Char Jackson (for it is he) wrote:
>
>> Jeff Liebermann <je...@cruzio.com> wrote:
>
>>>>>> C:\>tracert 192.168.100.1
>>>>>> Tracing route to 192.168.100.1 over a maximum of 30 hops
>>>>>> 1 1 ms <1 ms <1 ms 192.168.1.1
>>>>>> 2 3 ms 2 ms 2 ms 192.168.100.1
>>>>>> Trace complete.
>
>> That leaves the quick RTT that you're seeing. I don't think that's a
>> valid indicator of "something else".
>
>Then you don't understand. It's not going to get to the ISPs router and back
>to the customer in 2ms, is it?

So far, I'm the only one with a plausible theory. Jeff's still working
on his, and I haven't heard yours. Care to share?

[Moe Trin]

On Wed, 16 Nov 2011, in the Usenet newsgroup alt.internet.wireless, in article
<joo7c7hllbjutpu2g...@4ax.com>, Jeff Liebermann wrote:

]]] Jeff Liebermann <je...@cruzio.com> wrote:

>>>>> C:\>tracert 192.168.100.1
>>>>> Tracing route to 192.168.100.1 over a maximum of 30 hops
>>>>> 1 1 ms <1 ms <1 ms 192.168.1.1
>>>>> 2 3 ms 2 ms 2 ms 192.168.100.1
>>>>> Trace complete.

>>>>Note that the gateway router is not on the route, that the response
>>>>from the cable modem is quick, and that it does not include any
>>>>additional delays I would expect if the packets were going the long
>>>>way via the ISP. It's identical to what I got when I setup a static
>>>>route to the modem. Something else is going on, but I don't know
>>>>what.

Jeff, just how far away do you expect the IPS's responder to be? You
may recall something called a "radar mile" which is 12.359 usec/nm or
6.673 usec/km out and back. Even if you include the cable propagation
factor, the distance delay is lost in the noise. The main factor in
the delay is in the operating system, traversing the network stack.
The operating system or routing application is doing a lot of other
things and can't respond ``instantly'' to an ICMP echo request. When
the packet arrives, the CPU has to stop watching the computer pr0n-show
it's watching, look at the source and destination addresses, look at
the TTL in the IP header, make the "appropriate" routing decision and
either forward the packet or create the appropriate reply packet, look
at it's routing table, and finally shove the packet out the door. All
this takes time. Or do you think that 192.168.1.1 is 1 msec = 1000
usec = 1000/12.36 = 81 nautical miles / 150 km away from this source.
(I'm ignoring the time it takes the originating computer to get the
packet from the 'tracert' application out onto the wire, and the reply
from the wire back up to the application.)

>I would also expect to see the default gateway IP in the traceroute
>path. It would be similar to what I saw with my DSL modem as in:

> C:\>tracert 192.168.0.1
> Tracing route to 192.168.0.1 over a maximum of 30 hops
> 1 1 ms <1 ms <1 ms DD-WRT [192.168.1.1]
> 2 15 ms 16 ms 16 ms dsl-63-249-85-gateway.static.cruzio.com

> 3 16 ms 14 ms 15 ms 192.168.0.1
> Trace complete.

>That's not quite standard behavior, methinks. Some else is happening,
>but I don't know what. Maybe sniffing will help.

So the gateway is 1200 miles away (well, maybe 840 miles through wet
string)? Most of that delay is the network stack. As to why hop 2
appears between hop 1 and 3 here and not above, that's a function of
the O/S and routing application. Did the gateway decrement the TTL
above? The "Discussion" section of RFC1122 section 3.2.1.7 says it
should happen (based on RFC1812 section 5.3.1), but is that happening?
Maybe, maybe not. You might get a hint by looking at the arriving TTL
on "this" box, but the only way to find out for sure is to put sniffers
either side of the gateway. The fact that you're going from a RFC1918
address to a routable one and back to RFC1918 may also delay things.

Old guy

[Jeff Liebermann]

I would expect the latency for traceroute to anywhere to be a minimum
of the latency between the local DSL modem and the delays introduced
by the Byzantine path the packet follows through the ISP's hardware. I
have yet to see it even close to the theoretical propagation delay.
For DSL, it has to go through the RT (remote terminal) concentrator,
get converted and compressed into whatever fiber or copper protocol is
used to get to the DSLAM. At DSLAM, it goes to the network edge
Redback router, which eventually hits the ISP's gateway router. In my
case, I think it's from Ben Lomond to San Francisco via ATM and from
San Francisco to Pentaluma (sonic.net) via ATM. From SF to Santa Cruz
on probably ATM where it hits the Cruzio gateway router. I have an
Efficient 5260 DSL modem, which can do an ATM ping. Right now, I'm
showing 14 msec latency on a 3Mbit/sec DSL line. As I recall, the ATM
ping shows about 4 msec, most of which is ATM encoding/decoding. The
rest is IP overhead, which you so nicely described (thanks).

My guess(tm) is much of the observed latency is tied up in the gateway
router trying to do some manner of intelligent filtering and
prioritization (QoS or MPLS QoS). It also takes some time to assemble
ATM packets into IP packets and back again. I recall reading a
detailed breakdown on where the delays are hiding, but need to get
otto here immediately so I separate my customers from their money.
More later (if I survive).

[Moe Trin]

On Thu, 17 Nov 2011, in the Usenet newsgroup alt.internet.wireless, in article
<tkpac7ll48n9gie2h...@4ax.com>, Jeff Liebermann wrote:

>I would expect the latency for traceroute to anywhere to be a minimum
>of the latency between the local DSL modem and the delays introduced
>by the Byzantine path the packet follows through the ISP's hardware.

I'd tend to agree, although I don't see really long delays.

>I have yet to see it even close to the theoretical propagation delay.

Heck, I haven't seen that on a cross-over cable between systems, let
alone a tunnel from client to local backbone.

>My guess(tm) is much of the observed latency is tied up in the gateway
>router trying to do some manner of intelligent filtering and
>prioritization (QoS or MPLS QoS). It also takes some time to assemble
>ATM packets into IP packets and back again.

http://www.ietf.org/rfc/rfc6349.txt

6349 Framework for TCP Throughput Testing. B. Constantine, G. Forget,
R. Geib, R. Schrage. August 2011. (Format: TXT=62494 bytes) (Status:
INFORMATIONAL)

Old guy

[alexd]

2ms is implausibly quick for getting from a computer, to the ISPs router and
back again.

My best guess is that the cable modem somehow intercepts traffic destined
for 192.168.100.1 [gratuitous ARP? Something non-standard?].

http://homepage.ntlworld.com/robin.d.h.walker/docsdiag/#custside

hints at this:

# Some specific brands of cable modem (e.g. Motorola SURFboard, 3Com
# Tailfin) take special action to sniff passing traffic from the user's PC,
# and intercept packets addressed to 192.168.100.1, so they appear to do the
# right thing even when the rules of IP routing are broken, but even this
# magic fails unless those cable modems have successfully connected to the
# cable operator's network.

--
<http://ale.cx/> (AIM:troffasky) (UnSoEs...@ale.cx)

11:24:11 up 4 days, 12:38, 4 users, load average: 0.19, 0.15, 0.18

[Jeff Liebermann]

On Sat, 19 Nov 2011 11:51:04 +0000, alexd <trof...@hotmail.com>
wrote:

>My best guess is that the cable modem somehow intercepts traffic destined
>for 192.168.100.1 [gratuitous ARP? Something non-standard?].
>
>http://homepage.ntlworld.com/robin.d.h.walker/docsdiag/#custside
>
>hints at this:
>
># Some specific brands of cable modem (e.g. Motorola SURFboard, 3Com
># Tailfin) take special action to sniff passing traffic from the user's PC,
># and intercept packets addressed to 192.168.100.1, so they appear to do the
># right thing even when the rules of IP routing are broken, but even this
># magic fails unless those cable modems have successfully connected to the
># cable operator's network.

I agree. The short latency is sufficient proof that it's not going to
the ISP default gateway router and back.

Googling for "modem intercept 192.168.100.1" yields quite a few hits
that suggest the same thing. I haven't had time to sniff the traffic
yet, but I suspect it won't show anything useful. If the cable modem
is intercepting the outbound traffic, then no amount of sniffing
between the router and modem will show anything useful.

I tried testing with a Motorola 2210-02 DSL modem. No problems
getting to the modem web config through the router. However, the
earlier Speedstream 4100 (my favorite DSL modem) seems to have it half
way working. I can ping or traceroute to the config IP address
(192.168.0.1), but the web browser doesn't show the modem config
pages. I have other 4100 modems with other firmware mutations, which
might fix the problem:
<http://shadow.sentry.org/~trev/4200.html>
It might also be an artifact of my static IP address configurations.

More testing....(groan).

[Moe Trin]

On Sat, 19 Nov 2011, in the Usenet newsgroup alt.internet.wireless, in article
<9h9gc7t90hcmjplb6...@4ax.com>, Jeff Liebermann wrote:

>I haven't had time to sniff the traffic yet, but I suspect it won't
>show anything useful. If the cable modem is intercepting the outbound
>traffic, then no amount of sniffing between the router and modem will
>show anything useful.

[selene ~]$ whatis p0f
p0f (1) - identify remote systems passively
[selene ~]$

That's really an O/S fingerprint tool - but one of the things it does
is to try to guess how far away the remote is by hop-count. Briefly,
it looks at the arriving TTL, and guesses from that. RFC0791 Section
3.2 and RFC1122 Section 3.2.1.7 point to the obsolete "Assigned Numbers"
RFC (the last being RFC1700) which RFC3232 says has been replaced with
an on-line data base. The one you want is
http://www.iana.org/assignments/ip-parameters which says

IP TIME TO LIVE PARAMETER

The current recommended default time to live (TTL) for the Internet
Protocol (IP) is 64 [RFC791, RFC1122].

In fact, many O/S wiggle on this, but with few exceptions, the starting
TTL is a binary number - 32, 64, 128 or 255 (yeah). The exceptions are
older UNIX versions. So, what's the arriving TTL of packets in
question (compared to packets from the modem, and elsewhere)? And
what's the TTL and source IP on the ICMP "Network Unreachable" when you
try to reach some /other/ non-routable address like 192.168.222.222?

>More testing....(groan).

Well, it's better than being picked up by the CHP for DWI 'cause you
found this neat winery up the road... ;-)

Old guy

[Char Jackson]

On Sat, 19 Nov 2011 14:11:42 -0800, Jeff Liebermann <je...@cruzio.com>
wrote:

>On Sat, 19 Nov 2011 11:51:04 +0000, alexd <trof...@hotmail.com>
>wrote:
>
>>My best guess is that the cable modem somehow intercepts traffic destined
>>for 192.168.100.1 [gratuitous ARP? Something non-standard?].
>>
>>http://homepage.ntlworld.com/robin.d.h.walker/docsdiag/#custside
>>
>>hints at this:
>>
>># Some specific brands of cable modem (e.g. Motorola SURFboard, 3Com
>># Tailfin) take special action to sniff passing traffic from the user's PC,
>># and intercept packets addressed to 192.168.100.1, so they appear to do the
>># right thing even when the rules of IP routing are broken, but even this
>># magic fails unless those cable modems have successfully connected to the
>># cable operator's network.
>
>I agree. The short latency is sufficient proof that it's not going to
>the ISP default gateway router and back.

Sufficient proof for you, not for me. In my own case, running a
continuous ping to my Comcast gateway shows some results coming back
in 3mS, which is not a whole lot different from your 2mS example. (The
average is 5mS.)

>Googling for "modem intercept 192.168.100.1" yields quite a few hits
>that suggest the same thing. I haven't had time to sniff the traffic
>yet, but I suspect it won't show anything useful. If the cable modem
>is intercepting the outbound traffic, then no amount of sniffing
>between the router and modem will show anything useful.

Obviously.

>I tried testing with a Motorola 2210-02 DSL modem. No problems
>getting to the modem web config through the router. However, the
>earlier Speedstream 4100 (my favorite DSL modem) seems to have it half
>way working. I can ping or traceroute to the config IP address
>(192.168.0.1), but the web browser doesn't show the modem config
>pages. I have other 4100 modems with other firmware mutations, which
>might fix the problem:
><http://shadow.sentry.org/~trev/4200.html>
>It might also be an artifact of my static IP address configurations.
>
>More testing....(groan).

At least we can put to rest the theories that NAT router make/model
have anything to do with it.

[Char Jackson]

On Sat, 19 Nov 2011 11:51:04 +0000, alexd <trof...@hotmail.com>
wrote:

>Char Jackson (for it is he) wrote:
>
>> On Wed, 16 Nov 2011 20:31:29 +0000, alexd <trof...@hotmail.com>
>> wrote:
>
>>>Then you don't understand. It's not going to get to the ISPs router and
>>>back to the customer in 2ms, is it?
>>
>> So far, I'm the only one with a plausible theory. Jeff's still working
>> on his, and I haven't heard yours. Care to share?
>
>2ms is implausibly quick for getting from a computer, to the ISPs router and
>back again.
>
>My best guess is that the cable modem somehow intercepts traffic destined
>for 192.168.100.1 [gratuitous ARP? Something non-standard?].
>
>http://homepage.ntlworld.com/robin.d.h.walker/docsdiag/#custside
>
>hints at this:
>
># Some specific brands of cable modem (e.g. Motorola SURFboard, 3Com
># Tailfin) take special action to sniff passing traffic from the user's PC,
># and intercept packets addressed to 192.168.100.1, so they appear to do the
># right thing even when the rules of IP routing are broken, but even this
># magic fails unless those cable modems have successfully connected to the
># cable operator's network.

I only read a few paragraphs of the article at the link you provided
and stopped reading after stumbling across multiple factual and
technical errors. Despite the shadow of doubt that places over
everything on the page, I concede that the sniffing described there
satisfies all of my expectations, conditions, and requirements and may
well be exactly what happens.

Good find, thanks for posting.

[Jeff Jonas]

>but meanwhile I decided D-Link for backup instead of Belkin

Things MAYBE might have improved
but D-Link used to claim Linux support on the box,
but M$ Explorer was required for some of the admin web interface
due to Explorer specific HTML and scripting.
I'm unsure if Safari users were similarly alienated.

The Belkin stuff I've encountered was definitely low-end:
few features, strange admin interface.