[wplug] Verizon misconfiguration?
Janos Dohanics
web at 3dresearch.com
Fri Dec 5 00:30:07 EST 2008
On Thursday 04 December 2008 08:22:25 pm Andrew Fisk wrote:
> As your dsl modem is connected to Verizon's network, there is no
> reason that they should not also use a private IP to get traffic from
> their DSL access point to a router with a external address. This
> let's them do all there fun port blocking and DNS hijacking on the
> internal network and means they only have to use one external IP for
> all the customers on the that router.
Yeah, I stopped using their DNS and set up my own resolver.
> They can route 10.xxx.xxx.xxx traffic on their internal network just
> like you can and as the wan interface of your dsl router is on their
> network (not on the internet) their is no issue with the address being
> routable.
Well, the (Verizon-supplied) router says that it has a public IP address, and
I can forward ssh to my FreeBSD box (didn't try port 22 though)... I
shouldn't ask you to guess how Verizon is set up, but are you saying that
Verizon seems to have a 10.xxx.xxx.xxx network set up, customers get one of
these 10.xxx.xxx.xxx IP addresses + a dynamically assigned public IP
address "aliased" to the 10.xxx.xxx.xxx IP address? If so, shouldn't my
router "know" about the Verizon-issued 10.xxx.xxx.xxx IP address as well?
> If you want a straight shot out to the world you will have to pay them
> for a static IP -- but I don't think that that would solve your speed
> problem -- I am sure you will have to talk to some nice person in
> Bulgaria who will insist on going through pages 1 through 7 of his
> manual before you get to talk to a level 2 engineer who will actually
> test the line and dispatch a tech if the line is a problem.
You are right about that one, except the nice person is in the Philippines.
> You might find it less confusing to run a 192.168.xxx.xxx subnet
> internally, it is just as secure and should provide more than enough
> address space for your home (64K devices ) -- at least you won't get
> your stuff mixed up with verizons, and if they add a 10.61 network you
> won't be messed up while you (and verizon) figure out what happened.
FWIW, I didn't have this kind of a problem until a couple of days ago (Verizon
has some other unkind practices, but that's another post). I suppose I
shouldn't object to have to start using 192.168.xxx.xxx, except that I was
under the impression that one should be able to use the 10.xxx.xxx.xxx range
with no interference by the ISP...
jd
--
Janos Dohanics
More information about the wplug
mailing list