[Forge]

Paul B, on 11 June 2019 - 10:36 AM, said:

Wrong again. When a Modem/Router combination device is operating in Bridge mode NAT must get disabled which in turn disables Routing, Firewall service, DHCP & WIFI on the device that is being bridged. It effectively causes the device from operating at Layer 3 of the OSI model and dumbs it down to Layer 2 switching.

wrong again.

I can turn my wifi on and off in my ips modem without changing the bridge mode
I can change the bridge mode with having to turn the wifi on or off

I've turned the bridge mode on -when I first connected my router. The wifi continued to broadcast from the modem.

get over yourself

[Paul B]

Forge, on 11 June 2019 - 10:41 AM, said:

wrong again.

I can turn my wifi on and off in my ips modem without changing the bridge mode
I can change the bridge mode with having to turn the wifi on or off

I've turned the bridge mode on -when I first connected my router. The wifi continued to broadcast.

get over yourself

I have no idea what your ISP modem is like or if your setup is even as you describe so yea I won't comment because I'm physically not there. But everyone else who has a Modem / Router combo has to disable WIFI when they bridge their modems it is just how the standard works its a compromise because Layer 3 services can't operate in a Layer 2 Device its just common sense. What might be happening with your setup Forge is you might be running a Layer 3 ISP Modem/Router with a single port enabled for WAN Pass through which would bypass NAT and provide a public IP on a single port while still offering WIFI from the Modem and connecting your NetGear from the WAN port to the Modem's pass through port. This wouldn't require bridging the modem and would work as you described but again not a typical setup for the average home user.

[Mark]

Like I said earlier, we'll see if anything needs to be done or not once I connect it.

I remember being in the 72.xxx range long before all of this. So if I have been vunerable to attack with no router protection for years I've been lucky.

[Forge]

Paul B, on 11 June 2019 - 10:45 AM, said:

I have no idea what your ISP modem is like or if your setup is even as you describe so yea I won't comment because I'm physically not there. But everyone else who has a Modem / Router combo has to disable WIFI when they bridge their modems it is just how the standard works its a compromise because Layer 3 services can't operate in a Layer 2 Device its just common sense.

it's an xfinity modem. They like their net-neutrality socialized wifi blanket coverage. It's why I got a router in the first place - shut their shit off and put a device between my equipment and free public access to the bandwidth I'm paying for.
.

[Mark]

Another thing to ponder. Even though my phone no longer sees the ISP's wireless router, both 2.4 and 5ghz lights are lit in front which means they are still active. Its a shame I don't have a field strength meter that reads that high in frequency to test for an output from the device. I know the lights should be off because when I previously shut off wifi manually the lights went out. According to a website the ISP forgot to shut it down totally when disabling my wifi.

Why must those buffoons make things so complicated?

[Paul B]

Mark, on 11 June 2019 - 10:48 AM, said:

Like I said earlier, we'll see if anything needs to be done or not once I connect it.

I remember being in the 72.xxx range long before all of this. So if I have been vunerable to attack with no router protection for years I've been lucky.

If your computer gets a 72.x.x.x address that is a public facing IP address there is no protection.

[Paul B]

Mark, on 11 June 2019 - 10:52 AM, said:

Another thing to ponder. Even though my phone no longer sees the ISP's wireless router, both 2.4 and 5ghz lights are lit in front which means they are still active. Its a shame I don't have a field strength meter that reads that high in frequency to test for an output from the device.

No those lights can be lit regardless and not have it active. That might just be how those devices operate in Bridge mode. I wouldn't go by the lights on the modem in this case.

Guys i'm exhausted. I'm going for lunch!

[Mark]

I edited my previous post. Scroll up in case you missed it.

[Mark]

I hope the new router gets here soon so we all can get satisfaction.

[Forge]

Paul B, on 11 June 2019 - 10:45 AM, said:

What might be happening with your setup Forge is you might be running a Layer 3 ISP Modem/Router with a single port enabled for WAN Pass through which would bypass NAT and provide a public IP on a single port while still offering WIFI from the Modem and connecting your NetGear from the WAN port to the Modem's pass through port. This wouldn't require bridging the modem and would work as you described but again not a typical setup for the average home user.

Like I mentioned earlier - the older xfinity modems broadcast wifi openly. There was no way to password protect it or secure it. I bridged the modem to my router and shut the wifi off, but then comcast would frequently put out firmware updates and turn it right back on. While I was bridged.
The x1 update allowed me to actually password protect it, but I already had the router set up for all my devices, so I just shut it off.
They haven't turned it back on since I got the x1 & since the netgear is "smart" I was able to unbridge and it autodetected the x1 modem's settings and issued itself a unique wan ip

[Mark]

Paul B, on 11 June 2019 - 10:29 AM, said:

That's the way it should be! Just keep in mind your ISP only allows for you to use so many devices connected directly to the Modem. So if you exceed that amount then you either spoof a device or you sign in to remove previously registered devices that aren't in use any longer or you pay the ISP to allow you to add more.

The way I understand that is I will have only the output of the new router plugged into the ISP router/modem. My new router will have 2 comps and a cellphone. Never more than 2 operating at once. I can't believe that would exceed any ISP limits. Spectrum brags in commercials about being able to stream to TVs, tablets, play games, etc all at the same time, way more than I would evr do.

[Forge]

Mark, on 11 June 2019 - 11:03 AM, said:

The way I understand that is I will have only the output of the new router plugged into the ISP router/modem. My new router will have 2 comps and a cellphone. Never more than 2 operating at once. I can't believe that would exceed any ISP limits.

pretty sure the isp modem will only count the router (and everything connected to the new router) as one device.

side note:
Not the equipment guru, but I believe after 6 active devices -depending on what they are - you'll start getting lag in your wifi connection

[Mark]

Thats my thinking too.

[Paul B]

Mark, on 11 June 2019 - 11:03 AM, said:

The way I understand that is I will have only the output of the new router plugged into the ISP router/modem. My new router will have 2 comps and a cellphone. Never more than 2 operating at once. I can't believe that would exceed any ISP limits. Spectrum brags in commercials about being able to stream to TVs, tablets, play games, etc all at the same time, way more than I would evr do.

Mark once you get your router you can technically have 254 devices connected to the internet. However the hardware they ship with those devices will probably only allow for about 40 or 50 devices. The more devices the more often the device would crash or run out of resources because they have minimal hardware to support simultaneous connections. The idea is your Router is the only device your ISP should see as being public facing how many computers you have behind that router is your business not your ISP's

[Mark]

Hey, we all agreed on something. Lets end on a high note.

[Mark]

UPS tracking shows the router is on the delivery truck this morning. I usually see their truck in my neighborhood around lunch time. I've had bad luck this week with some other RL stuff. Lets hope this is a ray of sunshine by being easy to get running.

[Mark]

Forge, on 10 June 2019 - 06:33 PM, said:

the only thing I read about the modem he's getting and running the same ISP Mark uses. They had to do something to mimic the MAC address, or something like that. I don't know anything about that. Maybe they meant allowing with unrestricted access.

I shut everything down and did full reset on both devices. In the new router access program setup there was a choice to clone existing MAC or not. I seem to remember reading that I should so I checked that box. Things seem to be running OK.
I ran the setup and its working. Today, while my DL and UL speeds haven't changed, my ping was higher than usual. Instead of the usual 10-15 it was in the high 20's. I'll have to do some more speed testing in the coming days to get an average.

[Mark]

When I go to this site it shows my public and local IP addresses. Is that normal or bad news for security. In the past I only went to this site for their speed test. I never paid attention if both addresses were shown before or not.
https://www.whatismyip.com/

[Paul B]

Mark, on 14 June 2019 - 02:24 PM, said:

When I go to this site it shows my public and local IP addresses. Is that normal or bad news for security. In the past I only went to this site for their speed test. I never paid attention if both addresses were shown before or not.
https://www.whatismyip.com/

That is normal, it is because you were never behind a private network before and you are now.

[Mark]

But its showing the same public 72.xxx that you said was from lack of security. As far back as I can remember, 72.xxx has always been handed out by TWC/Spectrum.

[Paul B]

Mark, on 14 June 2019 - 02:59 PM, said:

But its showing the same public 72.xxx that you said was from lack of security. As far back as I can remember, 72.xxx has always been handed out by TWC/Spectrum.

Yes it was because of a lack of security because that number was coming from your computer. Now its coming from your Router which is why you have a local private IP as well which you never had before. Your PC has what is called a Private IP Address using a subnet of either 192.168.0.x or 192.168.1.x. Your public IP of 72.x.x.x is coming from your WAN port on your Router. Now it sounds like you've finally set it up properly. Good job!

[Mark]

I'm saying its always been a public IP of 72.xxx
I didn't pay attention in the test before for the local IP. So it sounds like I always have been protected.

On the down side. Even though I show anywhere from 54-72 Mbps connect with my 2 phones, speedtests from different sites all confirm I'm getting only 5Mbps download speed on them. Upload speed is 10Mbps as always. Twice as fast as DL
Emails, a couple of duke4 type sites and YT vids all seem to run smooth and will be the majority of wireless use but I'm still wondering whats going on.

[Mark]

Tried it again later tonight and had 30-35Mbps. I wonder if I had interference earlier.

[Forge]

anything can run interference
your neighbor's wifi. power lines. your microwave, etc, etc.

[Paul B]

Mark, on 14 June 2019 - 06:27 PM, said:

Tried it again later tonight and had 30-35Mbps. I wonder if I had interference earlier.

@Mark - You can have a 72.x.x.x address from your Router or from your PC. This is a public address. When your PC was being issued this IP address you never had protection because your Modem is bridged and your PC was getting an IP directly from the ISP. The only firewall you would have had is your Windows Firewall and that would all depend on what Firewall Profile you chose when you connected to the network (Private, Work or Public). Presently the 72.x.x.x address is assigned to your Router which is the public interface. While all your devices are connected to the private interface.

As far as your WIFI connection goes, You can install a free WIFI app that will show you the WIFI networks around you, their signal strength and what channels they are using. If you have a lot of WIFI hot spots in your area you want to perform a site survey to determine which wireless networks are broadcasting on what channels. WIFI channels typically overlap and the 3 non shared channels are 1,6 & 11. Ideally if you don't have any WIFI networks using Channel 1 this is the channel you want to use as it only has one side band and is typically never a default channel on a Wifi network. So perform a speed test on each of the 3 channels and pick the fastest one. Typically I like to see WIFI radios operate on Channel 1 where possible. I find the 5Ghz devices have less interference and tend to run a lot more reliably as less devices use them and they operate on higher frequencies with more bandwidth. Also the 5GHz band has 23 available channels for devices vs the 3 available on the 2.4 GHz band.

[Mark]

If my router was in bridge mode its only been for the last few weeks when the ISP messed with it. Up until that time I could access the router and I saw that it was not in bridge mode.

There are a lot of wifi signals in my area. Most times of the day I can see 8-12 show up on my phone's scan for networks. I didn't even activate 5ghz because I assumed my older phones don't support it.

[Mark]

Forge, on 14 June 2019 - 06:39 PM, said:

anything can run interference
your neighbor's wifi. power lines. your microwave, etc, etc.

I was sitting about 4 feet from the router. I think the only interference I might get was if my ISP router is indeed still sending out a signal.