SG-1100 has uplink but no connection to ISP gateway

heper

@dominikhoffmann your wan interface appears to be on a vlan ?

might be better to provide all relevant information instead of bits and pieces

DominikHoffmann

@johnpoz: Yes, I can ping the gateway from my laptop, when hooked up directly. That rules out any hypothesis that the gateway ceased responding to pings recently.

DominikHoffmann

@heper: I appreciate your input! That appears to be normal:

This is a configuration I have not changed from the default.

@heper said in SG-1100 has uplink but no connection to ISP gateway:

might be better to provide all relevant information instead of bits and pieces

I apologize! I only know to provide what I initially understand to be relevant. I am relying on pointers from @johnpoz and you to learn what else might be insightful.

DaddyGo

@dominikhoffmann said in SG-1100 has uplink but no connection to ISP gateway:

I apologize! I only know to provide what I initially understand to be relevant.

Hi,

as John said, it is likely that GW not respond to PING...
(although this is contradicted by a direct laptop connection)

perform a test with a known DNS server IP for GW monitor

I am already saying, - yes, not the solution, but it is a test...

then perform a "tracert" and search for a nearby upstream IP that responds to PING
(as much as possible to the accuracy of the GW parameter, whic is measured by pfSense - dpinger)

DaddyGo

@heper said in SG-1100 has uplink but no connection to ISP gateway:

your wan interface appears to be on a vlan ?

this does not mean that there is no PING response

just watch my ONT setting,.... with VLAN.... (and there is GW PING)

johnpoz

Not enough experience with ont sort of devices - but with say cable modems. If you change the device connected them (the mac) you need to power cycle them.

Have you powercycled the device between changing between laptop and pfsense?

I take it you have done that since you do mention rebooting it.

You could sniff on pfsense and if its sending out pings, but not getting an answer - then yeah its going to show offline. I would do a packet capture and validate that.. Then maybe ask the isp why that is happening.. Showing them the sniff saying hey - sending pings, to this ip/mac - why no answer..

DaddyGo

@johnpoz said in SG-1100 has uplink but no connection to ISP gateway:

Have you powercycled the device between changing between laptop and pfsense?

As long as the cable modem requires a power cycle, the ONT responds immediately and assigns a new IP from the range based on the MACs.

so it mentions OP ONT, so the above process is not necessary here

BTW:

package capture is a good idea

DominikHoffmann

I now works. After resetting the SG-1100 to factory settings and only changing it from being a DHCP client on the WAN to the static IP assigned by the ISP, I made another call to the ISP, because short of refreshing the device there was nothing left to try. Their ARP table had my laptop’s MAC address lodged in it, from when I had hooked it up straight to the ONT. Once the support rep cleared that MAC address, I started getting connectivity.

There is no telling what had been wrong initially.

The ONT (optical network terminal) doesn’t get rebooted by the customer. It is something the ISP can do remotely, though, and they did that initially. Their troubleshooting steps apparently do not involve doing that for everything.

Thanks to all for helping! I certainly learned something.

johnpoz

@dominikhoffmann said in SG-1100 has uplink but no connection to ISP gateway:

Their ARP table had my laptop’s MAC address lodged in it

Yeah that for sure would cause you grief ;) Glad you got it sorted.. But wouldn't you be able to remove power from the ont? That would for sure reboot it --- heheh.

DaddyGo

@dominikhoffmann said in SG-1100 has uplink but no connection to ISP gateway:

I certainly learned something.

even from my ISP (L2 eng.) age I can think of these, which were the rigid settings of the network security:

DHCP MAC Address Exclusion List
Prerequisites for GPON DHCP Leasequery

these are parameters configured on the "head - end" that are sometimes good, sometimes bad

DominikHoffmann

@johnpoz: So would that ISP ARP table reside in the ONT or in their data center equipment. I am not sure how transparent the ONT is. As far as I understand it is merely a physical-layer bridge.

johnpoz

Normally a true hardware bridge wouldn't have a arp table.. But I am not up to speed on those devices..

They are a bit more involved than just a simple bridge.. Do you have a specific model number.. There are many different ways an ISP might be setup.. I doubt the device they deployed to you is just a simple hardware bridge..

DaddyGo

@dominikhoffmann said in SG-1100 has uplink but no connection to ISP gateway:

As far as I understand it is merely a physical-layer bridge.

They can be configured in different ways, as several types of services are available through it (DATA, VoIP, IPTV, etc).

They (ONT) usually do not act as a network bridge, this is how ARP appears:
(All configurations are received from OLT after proper authentication, therefore difficult to hack)

https://community.fs.com/blog/components-and-architecture-of-gpon-ftth-access-network.html

in bridge mode, f.e PPPoE or IPoE.:
https://forum.huawei.com/enterprise/en/huawei-ont-bridge-mode-introduction/thread/498679-100181

I know Huawei in your place is not current, but it is a good description

DominikHoffmann

@daddygo: “Mathematics: The Beautiful Language of the Universe”

Mathematics is the body of truths about numbers. Truth is the Logos, the second person of the Trinity who said about himself, “I am the Truth, the Way, and the Life.”

DaddyGo

@dominikhoffmann said in SG-1100 has uplink but no connection to ISP gateway:

Mathematics is the body of truths about numbers.

Hmmm,

Yeah, I graduated with a degree in mathematics in the early 90s, but I don't remember it anymore...

BTW:

I didn't rotate the Bible much, only once I read it, because I think it’s mandatory...

somehow in my reading, math and faith, opposite poles

DominikHoffmann

@daddygo said in SG-1100 has uplink but no connection to ISP gateway:

I didn't rotate the Bible much, only once I read it, because I think it’s mandatory...
somehow in my reading, math and faith, opposite poles

Not the way I see it. If, in fact, the Son, the second person of the Trinity, is Truth, then the pursuit of truth and mathematics and the pursuit of theological truth are merely different aspects of the same object of study.

Beyond that, though, the thing that already shocked the ancient Greeks was that that Principle, which was the logical conclusion of every action having a cause and that there had to be one original cause, is a person and a person who entered His own creation. That’s why Christmas is such a big deal. He did that, in order to make us oh-so-limited creatures members of His family. He wants to have an eternal relationship with you, and me, and every other human being. That’s the Good News, the Gospel.

johnpoz

How did this thread turn to into thumper spam?

DaddyGo

@dominikhoffmann

Thanks for your reply, really.

I already understand you, but we have different points of view and opinions. I have been and will remain an atheist all my life.

Perhaps this is due to the technical approach, the "creator" cannot show much on this subject...

I have to say that I have always respected religions, and it remains so.
I always like to talk to religious people because we see the world from different perspectives.

BTW:
and as long as we live we learn

DaddyGo

@johnpoz said in SG-1100 has uplink but no connection to ISP gateway:

How did this thread turn to into thumper spam?

Don't worry John, only people are talking.
Aren't you used to it? :)

+++edit:
it is only such an aftershock as in the case of volcanoes

DominikHoffmann

@johnpoz: I just responded to @DaddyGo’s religious statement about beauty and mathematics in his signature. It was just a “BTW.”