Some tidbits on the FibreOP infrastructure - Page 3 - Canadian TV, Computing and Home Theatre Forums

nuke12 · 2011-07-20, 10:00 AM

Quote:

Originally Posted by sunfiregt

So I have attempted to setup and remove the actiontec router.. I have a HP procurve switch that i have done the following.

1. Create VLAN 35
2. Port 25 is Tagged VLan 35 and connected to ONT
3. Port 26 is untagged VLAN 35 and connect to DDwrt router via wan port with MAC Address cloned to match the actiontec router..

Does this seem correct? I still cannot get a DHCP address on the WRT Router.

That sounds about right but I haven't tried this with managed switches.

I will tell you a little secret. The Actiontec gets a 2 hour lease from Aliant. The new firmware on the Actiontec allows you to release and renew the IP but we found it didn't work correctly. We found you had to wait 2 hours (with the Actiontec disconnected) for the lease to expire before you could get an IP on another machine.

nuke12 · 2011-07-25, 10:22 AM

Quote:

Originally Posted by sunfiregt

Has anyone tried this with a DD-WRT router?

LOL, I think you asked this same question on the dd-wrt forums. Because the question has been asked before, I'll post the dd-wrt thread on how to get more then 15 VLANS.

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=86919

Still lots of work but it can be done.

sunfiregt · 2011-07-25, 02:05 PM

I did :-) I figured I could try in multiple areas :-)

nuke12 · 2011-07-25, 03:22 PM

Quote:

Originally Posted by sunfiregt

I did :-) I figured I could try in multiple areas :-)

Good for you! If you get it all figured out and working, a post here on your config with setup examples would probably be most helpful for others.

The Actiontec could be a great router with it's hardware but the firmware is pretty much brain dead unless your just using the basic functions.

killabytes · 2011-07-31, 12:15 AM

Hey folks,

I just got FibreOP Internet myself and I'm trying to continue the use of my m0n0wall box. I've tried following the directions here; but they're hard to follow since m0n0wall is a web-based configuration.

Here is what I've done:
Spoofed my Actiontec's MAC on the WAN interface.
Created a VLAN 35 and assigned it to the WAN interface.
--------------------------

Once I restart the firewall my WAN interface gets an IP address, 142.x.x.x. Which is vaild. The issue is that I have no connectivity to the internet. I cannot ping hosts or IPs on the internet. I'm thinking it's probably due to lack of a firewall rule? I'm not really sure.

Any thoughts?

Thanks!

nuke12 · 2011-07-31, 07:12 AM

You do need firewall rules applied to the VLAN interface. How you do that, I don't know. I'm not a m0n0wall user. From the shell of the m0n0wall box, you should be able to ping the outside world.

Anyway, your questions would be better answered on the m0n0wall forums. There should be some method of using your old rules and changing the interface to the VLAN interface.

killabytes · 2011-07-31, 07:14 AM

Thanks. I did ask the question on their forums; but it's fairly dead there. Just figured I'd ask here. Especially since others were talking about pfSense. I'll just dig through their documents and see what I can find.

Thanks.

nuke12 · 2011-07-31, 02:43 PM

Is there not a way to get a listing of the firewall rules you were using?

My guess is all you should have to do is take the rules and change the old interface name to the new interface name.

I've used BSD for other things but not the firewall aspect of things.

killabytes · 2011-07-31, 06:35 PM

Thanks again.

I can view all the rules. I did copy them verbatim from the WAN's rules. I know I'm missing something. But on the plus side; you were right. I'm able to ping hosts from the system itself.

sped · 2011-08-05, 11:40 PM

I've been trying to replace my Actiontec as well using a pfsense router.
Im having difficulties getting the TV signal to work.
Here is my setup:

ONT -> pfSense lan1 (em1)
pfSense lan0 (em0) (em1_vlan34 as Gateway)-> Unmanaged LAN Switch (Gigabit) -> Wireless AP/Computers (working)
pfSense lan2 (re0) -> Unmanaged TV Switch (100mbit) -> (3) Motorola Boxes

I have pfSense configured as;
VLAN35 on em1
VLAN34 on em1
VLAN33 on em1 (probably not needed?)
em0 with no vlan configuration straight to swtich

I have tried tuning a few different ways from bridges, to static routes and i can't seem to get any packets to get to the STBs.
I noticed in an earlier post that you need to set priority on the packets to 4 for video, but i have no idea where to set this in pfsense.

Anybody have any idea where i am going wrong?

file · 2011-08-06, 08:35 AM

FreeBSD does not support doing so, and since pfSense is based on FreeBSD it also does not support it. I ended up having to put a hack into the FreeBSD kernel to do it. I have since lost that change unfortunately so you would either have to figure out how to do it or switch to a Linux based solution which does support setting the priority.

sped · 2011-08-06, 12:29 PM

Awesome to find this out after 3 days of trying. haha
Thanks, file.

Anybody have any recommendations on the linux based firewall/router OSes?

nuke12 · 2011-08-07, 07:20 AM

Any Linux distro will do it but it sounds like you want a firewall GUI interface?

I've not been down this road but this might be a start;
http://en.wikipedia.org/wiki/List_of..._distributions

sunfiregt · 2011-08-07, 06:37 PM

Quote:

Originally Posted by nuke12

That sounds about right but I haven't tried this with managed switches.

I will tell you a little secret. The Actiontec gets a 2 hour lease from Aliant. The new firmware on the Actiontec allows you to release and renew the IP but we found it didn't work correctly. We found you had to wait 2 hours (with the Actiontec disconnected) for the lease to expire before you could get an IP on another machine.

I learned a little trick too :-) release the ip on the actiontec before cutting over and vice versa.. works the first time..

sped · 2011-08-07, 10:08 PM

@nuke12, yeah i was thinking about a GUI based firewall distro, but decided on debian w/webmin installed instead.
That way i wont feel so weird about installing extra packages if need be.

It ended up working very well with 2 unmanaged switches.
I managed to get snmp and upnp working as well
mrtg is my next challenge, for monitoring usage

I do owe you one though, nuke12. without your little network script i never would have figured this out so quickly, your 2nd script in post #22 for switches instead of actiontec works flawlessly.

*edit: im waiting to see if that fiberop 2.0 will get messed up by all these changes in network, anyone else get the update already and get messed up?

2011-07-31, 07:12 AM	#36
nuke12 Join Date: May 2011 Location: Quispamsis, NB Posts: 174	You do need firewall rules applied to the VLAN interface. How you do that, I don't know. I'm not a m0n0wall user. From the shell of the m0n0wall box, you should be able to ping the outside world. Anyway, your questions would be better answered on the m0n0wall forums. There should be some method of using your old rules and changing the interface to the VLAN interface. Last edited by Dr.Dave; 2011-07-31 at 09:25 AM. Reason: Unnecessary quote removed

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

2011-07-25, 02:05 PM	#33
sunfiregt Join Date: Apr 2008 Posts: 77	I did :-) I figured I could try in multiple areas :-)

2011-07-31, 12:15 AM	#35
killabytes Rookie Join Date: Apr 2010 Location: Quispamsis, NB Posts: 14	Hey folks, I just got FibreOP Internet myself and I'm trying to continue the use of my m0n0wall box. I've tried following the directions here; but they're hard to follow since m0n0wall is a web-based configuration. Here is what I've done: Spoofed my Actiontec's MAC on the WAN interface. Created a VLAN 35 and assigned it to the WAN interface. -------------------------- Once I restart the firewall my WAN interface gets an IP address, 142.x.x.x. Which is vaild. The issue is that I have no connectivity to the internet. I cannot ping hosts or IPs on the internet. I'm thinking it's probably due to lack of a firewall rule? I'm not really sure. Any thoughts? Thanks!

2011-07-31, 07:14 AM	#37
killabytes Rookie Join Date: Apr 2010 Location: Quispamsis, NB Posts: 14	Thanks. I did ask the question on their forums; but it's fairly dead there. Just figured I'd ask here. Especially since others were talking about pfSense. I'll just dig through their documents and see what I can find. Thanks.

2011-07-31, 02:43 PM	#38
nuke12 Join Date: May 2011 Location: Quispamsis, NB Posts: 174	Is there not a way to get a listing of the firewall rules you were using? My guess is all you should have to do is take the rules and change the old interface name to the new interface name. I've used BSD for other things but not the firewall aspect of things.

2011-07-31, 06:35 PM	#39
killabytes Rookie Join Date: Apr 2010 Location: Quispamsis, NB Posts: 14	Thanks again. I can view all the rules. I did copy them verbatim from the WAN's rules. I know I'm missing something. But on the plus side; you were right. I'm able to ping hosts from the system itself.

2011-08-05, 11:40 PM	#40
sped Rookie Join Date: Aug 2011 Posts: 6	I've been trying to replace my Actiontec as well using a pfsense router. Im having difficulties getting the TV signal to work. Here is my setup: ONT -> pfSense lan1 (em1) pfSense lan0 (em0) (em1_vlan34 as Gateway)-> Unmanaged LAN Switch (Gigabit) -> Wireless AP/Computers (working) pfSense lan2 (re0) -> Unmanaged TV Switch (100mbit) -> (3) Motorola Boxes I have pfSense configured as; VLAN35 on em1 VLAN34 on em1 VLAN33 on em1 (probably not needed?) em0 with no vlan configuration straight to swtich I have tried tuning a few different ways from bridges, to static routes and i can't seem to get any packets to get to the STBs. I noticed in an earlier post that you need to set priority on the packets to 4 for video, but i have no idea where to set this in pfsense. Anybody have any idea where i am going wrong?

2011-08-06, 08:35 AM	#41
file Join Date: Nov 2010 Location: Riverview, NB Posts: 761	FreeBSD does not support doing so, and since pfSense is based on FreeBSD it also does not support it. I ended up having to put a hack into the FreeBSD kernel to do it. I have since lost that change unfortunately so you would either have to figure out how to do it or switch to a Linux based solution which does support setting the priority.

2011-08-06, 12:29 PM	#42
sped Rookie Join Date: Aug 2011 Posts: 6	Awesome to find this out after 3 days of trying. haha Thanks, file. Anybody have any recommendations on the linux based firewall/router OSes?

2011-08-07, 07:20 AM	#43
nuke12 Join Date: May 2011 Location: Quispamsis, NB Posts: 174	Any Linux distro will do it but it sounds like you want a firewall GUI interface? I've not been down this road but this might be a start; http://en.wikipedia.org/wiki/List_of..._distributions

2011-08-07, 10:08 PM	#45
sped Rookie Join Date: Aug 2011 Posts: 6	@nuke12, yeah i was thinking about a GUI based firewall distro, but decided on debian w/webmin installed instead. That way i wont feel so weird about installing extra packages if need be. It ended up working very well with 2 unmanaged switches. I managed to get snmp and upnp working as well mrtg is my next challenge, for monitoring usage I do owe you one though, nuke12. without your little network script i never would have figured this out so quickly, your 2nd script in post #22 for switches instead of actiontec works flawlessly. *edit: im waiting to see if that fiberop 2.0 will get messed up by all these changes in network, anyone else get the update already and get messed up?