Various means of delivering the last mile of service. With your DSL service it is almost all ADSL technology. With AT&T there are various means of connecting to the service. There are VDSL, Fiber, and ADSL2+ depending on where your home or office is located.Authentication
- There is no PPPoE authentication on the AT&T network.
- On the AT&T platform, authentication is based on a certificate that is hard coded into the RG, which is why only AT&T provided equipment can handle the authentication.
- Bridged mode is not supported on the network or on the RG. This is due to the architecture of the AT&T platform.
- Configurations can be made to allow much of the behavior typically needed when using a bridged mode, but there may be some limitations for those with more advanced needs. Those limitations can mostly be overcome once the user understands this and is willing and able to adapt to how things on the LAN need to be configured and updated. What should be done, such as using DMZplus, IP Passthrough (Passthrough or Default Server allocation mode) or Static IP service is based on the individual needs of the customer.
- Visit Bridged Mode with AT&T for more information.
Ping and Trace
- By default AT&T RGs are set to not respond to ICMP requests such as Ping and Trace.
- Because the network utilizes MPLS, trace routes often have hops which time out. This is not an indicator of trouble; it is just that the particular hop or node is not set to reply to ICMP requests. ICMP requests are quite often not answered or answered with a very low priority. Actual data traversing the same hop has a higher priority and does not experience the same delay.
- You may see a trace time out on several hops but the trace completes. The time outs do not indicate a problem, but instead indicate only that those hops are configured not to reply to ICMP requests.
- This is a common policy today as answering ICMP requests adds to CPU utilization and can impact network performance when attacks are made via mass ICMP request attempts, commonly referred to as Denial of Service attacks.
Use of 10.x.x.x IP addresses
Static IP delivery
- The DHCP server in the RG is configured to not allow 10.x.x.x IP scope to be set as the DHCP IP addresses.
- The customer may continue to use 10.x.x.x addresses on the LAN side of a third-party router, but the RG cannot be configured to hand out 10.x.x.x. IP addresses. Configuration of a third-party router is not in scope for Ubiz care.
IP Passthrough/DMZplus mode
- With DSL service the DSL modem was often set to bridge mode, one IP address was used at the Network Access Device on the AT&T side as the gateway IP address and minus the Network and Broadcast IP addresses. The rest were for users to configure on their equipment with the customer device being the next logical hop out from the Access device. For those with a single Static IP, there is no equivalent with AT&T today.
- With AT&T the RG is now the Network Access Device for this scenario. It has its own IP for its WAN which is a sticky dynamically assigned IP. A Virtual port is created on the LAN side for the Public/Static IP block and like the DSL Access device uses one IP from the block as the gateway IP on the LAN. The remaining usable IP addresses are handed to the customer devices.
- DMZ mode is known as DMZplus on the 2wire/Pace RGs.
- DMZ mode is known as IP Passthrough on the Motorola RGs.
- DMZ mode on many routers and broadband devices bypasses the firewall with an effective any-to-any filter. This means any IP or port can go to any IP or port. The intent is to let the assigned device placed into the DMZ mode handle its own security.
- This mode works well for a user placing a PC in DMZ mode. It works in many cases for a customer placing their own router in DMZ mode and not using public Static IPs offered by the AT&T Static IP Service.
- View Configuring Ip Passthrough and DMZplus for more information.