AT&T 2Wire Device with PFSense and Virtual IPS (V2.0 RC1)
-
Those 2wire boxes are a buggy pain, aside from being a headache to configure the things that do work. You must have a unique MAC address for every IP address (amongst other bugs like the stateful firewall being impossible to turn off entirely, blocking traceroute entirely, and more crap). You can work around having to have a unique MAC per IP by using only CARP VIPs as they each have a unique MAC. The other issues…well you're stuck with those. I've been living with it for about a year and a half though I'm not happy.
-
http://www.dslreports.com/forum/r21066151-2wire-2700HGB-bridge-mode-simple-tutorial
-
http://www.dslreports.com/forum/r21066151-2wire-2700HGB-bridge-mode-simple-tutorial
That's not applicable when you have a static /29.
-
That's not applicable when you have a static /29.
Good to know… Thanks!
-
Well, I have thrown in the towel, BUT AT&T managed to not follow their own policy and issued a disconnect on the DSL before the UVerse install So the attempt by them to fall back to DSL last night failed an I am on UVerse with no inbound connectivity right now.
Oh well.. No idea where this is going to end up :-(
Oh, one correction in my original post, 12 Hours not 12 Years.. It was a very long day..
–----------------------
-
Looking at the CARP option –
Not really sure what I am doing here and have not found a good tutorial yet..
Might you be able to shed some light on what values / which options you placed here..
http://172.16.200.20/pkg_edit.php?xml=carp_settings.xml&id=0I am assuming this section ?
Configuration Synchronization Settings (XMLRPC Sync)
An the NIC address of the 2Wire 3800-HGV-B that the PFsense box is linked to.
An then enable the Synchronize Virtual IPs
Any other options that need to be enabled ??
Thanks --
@cmb:
Those 2wire boxes are a buggy pain, aside from being a headache to configure the things that do work. You must have a unique MAC address for every IP address (amongst other bugs like the stateful firewall being impossible to turn off entirely, blocking traceroute entirely, and more crap). You can work around having to have a unique MAC per IP by using only CARP VIPs as they each have a unique MAC. The other issues…well you're stuck with those. I've been living with it for about a year and a half though I'm not happy.
-
You're looking at the config sync, you don't need or want that unless you're going to do a full blown HA setup. All you have to do is add CARP type VIPs under Firewall>Virtual IPs for your additional IPs.
-
Okay,
Now I see. (Did a Firmware upgrade so I am now on V 2.01 just to be safe..
In looking at carp and with the 2Wire 3800 in mind..
I don't think I need a Virtual IP Password ?
I would leave the VHID Group as 1 for all the four Virtual address ?
An the Advertising Frequency Base / Shew alone ?
Or am I missing something .. Have not played with CARP before.
Thank you for your help –
@cmb:
You're looking at the config sync, you don't need or want that unless you're going to do a full blown HA setup. All you have to do is add CARP type VIPs under Firewall>Virtual IPs for your additional IPs.
-
I don't think I need a Virtual IP Password ?
I would leave the VHID Group as 1 for all the four Virtual address ?
An the Advertising Frequency Base / Shew alone ?
Or am I missing something .. Have not played with CARP before.
Thank you for your help –Enter whatever you want for the password, just enter something.
Each VIP must have a unique VHID.
Leave the Base and Skew alone. -
Thank you all for your responses and HELP !!!
BUT, I have gone back to the old DSL link and written off this aborted try at UVerse. The speed
was an improvement, but not enough to justify the grief and time it was taking with all the
customer no-service / support calls.It seems to work great if you have a single dynamic or static IP but start to do any real business
services behind the demark and you are just asking for trouble and issues.–-- Again thank you all, and here is hoping for a great 2012..
