Lee H. Marzke on 19 Dec 2017 08:30:16 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] New Comcast wireless modem with old Buffalo wireless router |
Interesting, I run my FiOS ONT Ethernet port directly to a managed Cisco switch access port, and vLAN tag it, then it goes over a vLAN trunk ( two SFP cables using LACP ) to a 2nd switch in my mobile rack running ESX. I don't think using vLAN's over a trunk is a security problem, however just vLAN tagging packets on the normal LAN that could be read by any PC would be. In my case the FiOS WAN vLAN only goes to an my backup physical EdgeRouter-X and via the trunk to ESX ( to the pfSense VM ) My pfSense router also has a IPv6 GIF tunnel to HE, and I have an IPv6 webserver, and outbound IPv6. This is mostly for learning about IPv6, since Verizon doesn't offer native IPv6 yet. Lee ----- Original Message ----- > From: gary@duzan.org > To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org> > Sent: Monday, December 18, 2017 8:00:30 PM > Subject: Re: [PLUG] New Comcast wireless modem with old Buffalo wireless router > => "Lee H. Marzke" <lee@marzke.net> wrote: > => > => If your FIOS ONT unit has an Ethernet jack, then it is acting as a bridge > => and it is > => a regular Ethernet connection to Verizon so no special requirements exist. > => > => I run my FIOS WAN Ethernet connection to my pfSense Router and it works > => just fine. No need for > => any special router from Verizon unless you are using their cable TV > => option. I also > => had a Ubiquity EdgeRouter X connected to the ONT on a different public IP > => and it worked fine. > => > => Have you not been able to get another router to work on your ONT ? > => > => Lee > > Yes, I did look into that, but I do have FiOS TV, so I need the MOCA > stuff to keep working. Interestingly, my FiOS Android app can no longer > access my DVR contents, and I suspect the "unsupported" router is to > blame. I'm not sure I want to know what stupid router tricks they are > pulling for that one. > > I also do the trick of having my own router behind theirs, though to > support my IPv6 tunnel broker connection I have a smart switch to put > the FiOS LAN on my main LAN as a tagged VLAN, and configured a VLAN on > my server to route IPv6. Probably not the most secure thing, I know, > but some extra work for any attacker. > > Gary Duzan > > > > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug -- "Between subtle shading and the absence of light lies the nuance of iqlusion..." - Kryptos Lee Marzke, lee@marzke.net http://marzke.net/lee/ IT Consultant, VMware, VCenter, SAN storage, infrastructure, SW CM ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug