LocostBuilders - powered by XMB

Network IPv4 routing question

scudderfish - 20/6/20 at 02:43 PM

Completely not car related!

I have a bit of an odd setup at home due to Openreach/BT being useless (If I want FTTC*, they want Ł5k). This is an approx diagram of my network.

https://drive.google.com/file/d/1Rn3WGXIKk4QBM5LrfGwL6LWav0_Wcmth/view?usp=sharing

I basically want to add static routes (I assume) to the netgear mesh and openwrt boxes so that on the laptop which gets 10.0.0.2 as it's address, I can access the web interface on 192.168.1.1. What spec routes do I need?

Regards,
David

* not even FTTP! Houses around me not on the same cabinet all get reasonable speeds, I get 3-4Mb ADSL. Last year I got a 4G fixed mobile router for literally 10x better performance, but that has nasty CGNAT on it. AAISP, my ISP for years lets me set up an L2TP tunnel over that so I get full fat internet access as it should be. I'm currently fiddling with VOIP so I can completely stop giving BT any money at all.

JMW - 20/6/20 at 05:20 PM

I just got a 4g router a month ago for exactly the same reasons as you, with roughly the same result, so compared with before I am happy (so far).

But forgive me, I don't understand a lot of the terminology you mention in regard to the 4g router, for example what is CGNAT and why is it not good? I did google for cgnat but am none the wiser.

scudderfish - 20/6/20 at 06:08 PM

Basically, you get NAT twice which scuppers any chance of running a server at home. AAISP give me 30 static IPs so I run mail server, web server, calendar server etc from them.

JMW - 20/6/20 at 06:33 PM

OK, thanks.

jeffw - 20/6/20 at 09:26 PM

You are actually using the public address space internally rather than NAT on the router?

SteveWalker - 20/6/20 at 11:00 PM

Can you not set the first device to pass everything straight through and the second to carry out port forwarding, so you only end up with one layer of NAT? That is a common scenario for people using a cable router as just a modem and then connecting their own, more capable, router to it.

scudderfish - 21/6/20 at 02:20 PM

quote:
Originally posted by jeffw
You are actually using the public address space internally rather than NAT on the router?

Yes. I have several different machines I want traffic on 443 to go to. Most stuff lives behind the 10.x.x.x network, but I want to hit the admin page on the 4G box.

scudderfish - 21/6/20 at 02:22 PM

quote:
Originally posted by SteveWalker
Can you not set the first device to pass everything straight through and the second to carry out port forwarding, so you only end up with one layer of NAT? That is a common scenario for people using a cable router as just a modem and then connecting their own, more capable, router to it.

That is effectively what I have as the L2TP tunnel hides the connection the 4G router has to my network. I then have a bunch of boxes with public routable addresses, and everything else 'hidden' behind the 10.x.x.x network.

David Jenkins - 21/6/20 at 03:32 PM

Potentially dumb question: have you asked someone like Plusnet for a quote for FTTC?

Although they are owned by BT, they are way cheaper - might be worth a shot, even if "the computer says no".

scudderfish - 21/6/20 at 04:52 PM

quote:
Originally posted by David Jenkins
Potentially dumb question: have you asked someone like Plusnet for a quote for FTTC?

Although they are owned by BT, they are way cheaper - might be worth a shot, even if "the computer says no".

Because ultimately it is Openreach who run the fibre to the cabinet and they want Ł5k to do that. I think fundamentally my problem is tweaking the firewall rules on the OpenWRT box to allow the traffic through. If I do a 'traceroute 192.168.1.1' from a 10.x.x.x machine it does get as far as the OpenWRT box and then disappears. On that box I can merrily access 192.168.1.1. Next test is can I get to 192.168.1.1 from another 90.155.34.x machine.

David Jenkins - 21/6/20 at 04:54 PM

I know what you're saying - but Openreach will quote one figure, and other suppliers will quote another. You may be surprised...

scudderfish - 21/6/20 at 06:13 PM

quote:
Originally posted by David Jenkins
I know what you're saying - but Openreach will quote one figure, and other suppliers will quote another. You may be surprised...

Openreach aren't the ISP (like Plusnet or A&A), they are the part of BT that does infrastructure, so whichever ISP you use (unless it is someone like Virgin with there own kit), you end up using stuff owned by Openreach and they charge whatever they want.

MikeR - 21/6/20 at 09:53 PM

I'd agree with try Plusnet. They may bundle 10,20,100 requests and get a large discount that you asking doesn't.