Re: [PLUG] Comcast "CDV" device & firewalls

JP Vossen on 5 Oct 2009 14:52:31 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Comcast "CDV" device & firewalls

From: JP Vossen <jp@jpsdomain.org>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] Comcast "CDV" device & firewalls

Date: Mon, 05 Oct 2009 17:52:11 -0400

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Thunderbird 2.0.0.23 (Windows/20090812)

Solved. All it required was, in fact, a long-ish power off (sigh). But... The new "CDV" unit installed 1 week ago is an Arris Model TM602G/CT with a battery. We powered off the external firewall and CDV for about 5 minutes, *while talking on the phone routed through the device!* We kept talking, it did not disconnect us. When the Comcast tech said he powered off and it did disconnect us, I assume that 1) the battery hadn't charged enough to maintain the call and 2) he didn't leave it off long enough to forget the MAC. When we powered back up with the FW external/untrusted interface connected to the CDV, everything Just Worked. And, critically, what Carl said was right, the CDV is a simple DOCSIS bridge (cable "modems" aren't really "modems"). It has zero security or other features on it, which is perfect for what I want but I found surprising for the other 99.99% of their customers. I guess historically Comcast provided a dumb cable modem and that was it, so this is just the updated version of that and maybe I got too used to FiOS coming with an all-in-one gadget that includes: TV, IP bridge, wireless, FW/NAT. I don't use the FiOS gadget, I use my own firewall, but again for 99.99% of their customers that is actually useful. Whatever. Also, I really like Carl's idea of moving the CDV to the "side," re-provisioning it as phone only, re-adding the old cable modem, and provisioning that for Internet only. I didn't do it that way because I wasn't on-site, and because it was late on a Sunday night and neither I nor my cousin felt like doing the Comcast Tech Support hassle. I may still do it next time I am on-site, though also if it ain't (that) broke I may not fix it... Thanks for everyone's responses, especially Carl's, which were enormously helpful. Also, I hope this thread will use useful for other folks using their own hardware and software (ideally F/OSS) on the inside. For example, and though it isn't actually Linux but FreeBSD: http://m0n0.ch. :-) Thanks, JP ----------------------------|:::======|------------------------------- JP Vossen, CISSP |:::======| http://bashcookbook.com/ My Account, My Opinions |=========| http://www.jpsdomain.org/ ----------------------------|=========|------------------------------- "Microsoft Tax" = the additional hardware & yearly fees for the add-on software required to protect Windows from its own poorly designed and implemented self, while the overhead incidentally flattens Moore's Law. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] Comcast "CDV" device & firewalls
From: Carl Johnson <cjohnson19791979@gmail.com>

Prev by Date: Re: [PLUG] using mv as a backup

Next by Date: Re: [PLUG] Comcast "CDV" device & firewalls

Previous by thread: Re: [PLUG] Comcast "CDV" device & firewalls

Next by thread: Re: [PLUG] Comcast "CDV" device & firewalls

Index(es):

Date

Thread