DSL modem as bridge/router why is one right/wrong ?
 

Hi;
I've been struggling with a) a new dsl modem b) my network configuration for two NIC , IP-Masq , and lan c) my local phone company and am looking for some technical insight.

My linux box is running debian 3.0r1 kernel 2.4.18-bf2.4 it has two NIC and is server to a LAN that is IP-Masqed and Sambaed there are linux and windows boxes on the lan I had it all up and running fine with a 56k dialup modem.

I had put in a second lan card but had not gotten it up and running when the installer form my new ISP (phone Co.) showed up he told me that the dsl -modem ( best data 500)
needed to be configured as a bridge and not as a router because my server was acting as a router. Also that I needed to re (ip) number internal network since the the modem had the same ip as my lan NIC. He reconfigured the modem by flashing it as a bridge and set it up so I would have an internet connection on the server - and it worked!
But I could not ping any of my IP-Masqed machines and they could not connect to the internet.

I tried to go back to the pre-DSL configuration and managed to get both NIC 's installed and my IPmasqed machines - Great! Then I tried to re install the DSL-Modem, no luck my pppoe install utility failed to see it. Checking with the phone Co again I found that doing a hardware reset did not return it to a router mode, but to a completely unusable state and I will have to take it down and have it re-flashed as a bridge. But -- ( and this is finally my question ) no one has yet explained to my satisfaction why this will not work as a router and has to be flashed as a bridge ? what is the difference between them that prevents the router from working and allowing the bridge to function ? Sorry to go one so long, I hope some one can help me. I hope I haven't switched over to Linux just to have some other proprietary barrier preventing me from understanding and controlling my own hardware.

Jeff

You want it to operate in bridge mode. All it will do is forward traffic from your INET NIC to the gateway on your ISPs side, and in the other direction it will forward traffic for your IP from the gateway to your INET NIC. The gateway on the ISP side is actually a router, so it will only send you traffic for your IP. You must assign your IP directly to the outside network interface (or set it for DHCP, although I'm not sure if DHCP works with a bridge...).

If you set the DSL unit to be a router then you're just senselessly duplicating functionality. In router mode it will have your global IP on the side facing the ISP, and it will have a private IP on the side facing your network. You'll get this:

|ISP router| (gateway IP) (your Internet IP) |DSL box| (Private IP) (Private IP2) |Linux box| (Private2 IP) { LAN cloud on Private2 network }

See, you'll have two sets of private IPs. One for the twilight zone between the DSL box and your Linux box, and a completely different private net that the inside NIC on your Linux box shares with the LAN. Usually you can configure what private net the router uses for it's inside interface, but it's not always possible. If that is the case, then the ISP tech is right and you need to change the network your LAN is using.

Avoid all that hassle and confusion, go with bridge mode. The only reason this would not work is if you're not forwarding packets between interfaces (which was probably your problem all along). Bridge = simple. Simple = good.

PS PPPoE is a total pain in the *** so if your ISP is giving you an option to not use it, REJOICE!

PPS I could have made it clearer. The difference between a bridge and a router is that a bridge has no IP addresses, while a router has at least two IP addresses (in your case it wold have exactly two IP addresses, your Internet IP and a private IP).

>But I could not ping any of my IP-Masqed machines and they could not connect to the internet.
At that point presumably you had the linux box, client machines and dslmodem
plugged into one hub/switch?
The reason you could not ping the other machines was proably because they are
in a different subnet to the internet ip address. This configuration
will probably work if the clients have static addresses and you give the router a second ip
on the ethernet card. In that configuration if you try to use dhcp with the clients
they will be confused between dhcp from the internet and dhcp from the
linux box.

>why this will not work as a router and has to be flashed as a bridge ?
It would work with the dsl-modem configured as a router.
you could connect all the clients direct to the router and not have the linux box do masquerading.
Alternativly you could have a NAT behind a NAT. It would work.
A linux box doing NAT/masq often works better than a hardware NAT router since the linux box
has more memory and cheap NAT router and cable/dsl modems sometimes
have buggy firmware that crashes under heavy traffic.

We are getting into confusing teritory here. What home users call
a router is actually a NAT device. A real router just forwards packets,
if you had internet reachable ip addresses for all your machines you could
use a proper router.