1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

setup tomato router behind a dsl modem/router

Discussion in 'Tomato Firmware' started by jeremycobert, Dec 1, 2009.

  1. jeremycobert

    jeremycobert LI Guru Member

    a quick question (i hope) i need to setup a tomato wtr54g fro my dad when i go back home and visit him this Christmas. i plan on setting up dyndns so i can remotely help him. the problem i ran into last time i was there is that his DSL provider has him using a modem/router with the typical 4 ports. i cant remember which model, but it was fairly cheap with limited features.

    obviously just plugging the wrt into the back side of the DSL router is not going to work. i just want all inbound internet traffic to hit the WRT and not even know about the DSL router, unless that is a security risk.

    is there a way i can run this dsl----->dsl router/modem------->wrt54g----->end machines

    and just basically bypass the dsl companies equipment. I'm thinking about just forwarding all ports from the dsl router to the wrt, but I'm not sure if that will work. I'm sure I'm missing something here, i just cant test it until i get home for the holidays , so i haven't been able to tinker with it.

    thanks for any help or ideas.
     
  2. occamsrazor

    occamsrazor LI Guru Member

    Yes you can, but it depends what modes his dsl router/modem supports. See if it has something along the lines of "bridge" mode or "1483 bridge" mode. If it does then use that and the modem will deal only with the DSL stuff i.e. no routing, and the Tomato router will do the PPPoE authentication and routing.

    Your other option is just to DMZ all traffic to the Tomato router, but I believe that means you are running a double NAT, which isn't great (it caused me some problems with incoming connections e.g. to a VOIP device). Then I discovered the bridged mode and ditched the DMZ idea and all has been fine.
     
  3. Planiwa

    Planiwa LI Guru Member

    There is a lot of confused talk about this on the Net, so read this carefully, if you want to avoid becoming part of the confusion: :)

    1. Set your Tomato Router up for PPPoE.

    2. Plug it into the Modem. (Your modem should need to know nothing at all about your ISP's account -- except possibly PCI/VCI which some ancient modems can't auto-detect)

    That is all that is necessary. (Almost certainly. :))

    * * *

    [It is (almost) completely irrelevant if/that/whether the modem also does PPPoE and/or also does router functions, since those things will (be vacuous and) have nothing at all to do with the PPP session that you will be using.]

    By simply setting the Tomato Router up to connect via PPPoE, you will be using the modem for DSL only. (Actually, DSL + ATM + AAL5 + Ethernet).

    (Once you have done that and seen that it works, then, if you feel like it, you can tell the modem not to do PPPoE or any router functions. The modem may have a setting called "Bridge Mode", which keeps it from doing those things. All that is optional. (I like to let the modem do its own (vacuous) PPP session, for diagnostic and forensic purposes, etc.))

    The root of the confusion probably lies in confounding Bridged Access from the Tomato-router to the modem, with configuring the modem in "Bridged Mode". The former is well-defined, necessary, and sufficient. The latter is ill-defined, optional, and insufficient.

    (There is a small chance that your ISP or your DSL provider may limit PPP sessions for an account, for a DSL connection, or for a time period. In that case turning off PPPoE in the modem becomes necessary.)

    [corrections invited :-]
     
  4. occamsrazor

    occamsrazor LI Guru Member

    (To the OP: Listen to Planiwa, not me, he knows better...)

    Planiwa.... If you don't turn off routing on the modem, and say it gives out 192.168.1.x addresses.... then how would you configure the Tomato Router address and DHCP-for-clients addressing? Wouldn't you have to give the Tomato Router a 192.168.1.x address and then the Tomato clients different addressing e.g. 192.168.0.x? And wouldn't that lead to a NAT within a NAT? And if the modem is doing routing, how do incoming connections get to the Tomato router without port-forwarding on the modem?

    Sorry for my bad terminology.... I can't seem to visualise what is happening in your scenario. Don't want to add to the confusion, just understand better.... :)

    Also, you seem to imply that there is some disadvantage in using a modem's so-called "Bridge mode", versus your method. You say:

    "The root of the confusion probably lies in confounding Bridged Access from the router to the modem, with configuring the modem in "Bridged Mode". The former is well-defined, necessary, and sufficient. The latter is ill-defined, optional, and insufficient"

    Yup. I'm confused on that, could you elaborate? :)
     
  5. Planiwa

    Planiwa LI Guru Member

    I should mention that although my message was posted after occamsrazor's, it was was written before I read his. I write slowly. :)

    Almost all DSL modems, will be bridge-accessible out of the box (or upon HW reset).

    If the Router does PPPoE (Basic>Networking>WAN/Internet Type [PPPoE]), then it will set up a PPP session over the modem's Ethernet.

    Whether or not the modem already has its own PPP session over that ethernet (with its own IP address) is completely irrelevant to the router's PPP session, and any IP traffic that goes over it.

    You could log in to the modem and then ping the Tomato-router's IP address, in which case the traffic would go out over the DSL link, (via ATM) into the Access Concentrator, and then to an edge router, back to the AC, down the DSL link, and now to the Tomato-router's IP, and then back on the reverse path, echoing back to the modem. I often do exactly this, to measure the DSL link performance.

    There is no "double NAT" etc. at all. Modem and Tomato have totally separate public IP addresses. The only traffic that should get to the modem's router is "stray" traffic. None of it is IP traffic destined for Tomato.

    Once you realize that the modem's router and Tomato's router are unrelated IP hosts that happen to share a DSL link, you will see how irrelevant any modem-router function is to the Tomato-router.

    The confusion is not in the setup. It is entirely in making assumptions (based on confused writing on the Net) that obscure the clarity and simplicity of the setup. (To tell someone who wants to use just the modem but not the modem-router's PPP, etc, that he needs to put the modem in "bridge mode", is like telling someone who wants to know how to cook that he needs to wash the dishes. Not a bad idea, but not very filling. :)

    BTW, since the OP mentioned that the modem has 4 ports ...

    You could (DHCP) connect a PC host to one of the remaining 3 ports. You could then either access the modem-router's admin interface, or Internet connect via the modem's router. The Tomato-LAN and the modem-router's LAN would be completely separate, each with its own public IP address. For diagnostic purposes it may be helpful to be able to just plug a "terminal" into an available modem port to monitor the modem's DSL Line condition, for example.

    If you were to put the modem into "bridge mode", you would be likely to lose that functionality.

    (I prefer not to "burn bridges" unnecessarily like that. :)
     
  6. mstombs

    mstombs Network Guru Member

    The OP doesn't say what the connection type is - many DSL connections in UK (and the other side of the globe in New Zealand as it happens) are single dynamic IP PPPoA only. For these the only options are "double nat + dmz" or whatever the modem firmware builder has implemented as "half-bridge". Both use dhcp on the router WAN port.
     
  7. occamsrazor

    occamsrazor LI Guru Member

    Planiwa, so basicallly what your saying is irrespective of the modem's PPP session, the Tomato router would make its own PPP session direct to the exchange bypassing whatever the modem is doing, leading to two parallel PPP connections (1 for modem, 1 for Tomato), just that the modem PPP session doesn't go anywhere.

    Wouldn't it be a problem if the exchange has two simultaneous logins under same name/password?
     
  8. Planiwa

    Planiwa LI Guru Member

    Yes, but I would not say "bypass" since that is part of the confusion that assumes that the modem-router's PPP session is at all relevant.

    There is no technical problem with (overwhelmingly predominant) dynamic IP allocation. (I had already addressed that there may be admin problems, although having multiple PPP sessions is perfectly legitimate, and valuable for diagnosing connection problems.)

    [An underlying confusion stems from the confounding on the part of many users (caused by disastrously inept UI designers and writers) of the distinction between a DSL connection and a PPP connection.]
     
  9. occamsrazor

    occamsrazor LI Guru Member

    Thanks for your explanation... interesting stuff. I would try your method but I'm too scared to change anything now I've got my setup working after so long!
     
  10. Planiwa

    Planiwa LI Guru Member

    Perhaps the OP will let us know if those "far away" complexities apply. Knowing Make and Model of modem, or ISP name, or location might be useful.

    I wonder how the OP came to be pre-convinced that:

    I prefer to apply Ockham's Razor and refrain from assuming anything but the overwhelmingly most common (and simplest) situation in the absence of any supporting evidence. (I'm also convinced that William of Ockham must have been bearded. :))
     
  11. zforum69

    zforum69 Networkin' Nut Member

    Thanks for this and your other enlightening comments. I was certainly unaware of this and the general/default ability to run multiple PPP sessions through single DSL service. Just to satisfy my curiosity I'm going to try some of this out when I get home.

    Z
     
  12. Planiwa

    Planiwa LI Guru Member

  13. Pelias

    Pelias Addicted to LI Member

    My ISP (Netia Poland) doesn't support having two ppp sessions with same credentials. It will simply ignore second connection.

    I have WRT54GL on Tomato in pppoe mode and AG241 in RFC1483 Bridged. Is there a way I could access modem web interface from Tomato network? (without having to replug cables)
     
  14. Toastman

    Toastman Super Moderator Staff Member Member

Share This Page