Upgrade to fiber internet connection

vbn · February 17, 2019, 12:21am

NethServer Version: 7.6

So I thought I would upgrade from cable (Comcast) to fiber (AT&T) and gain some speed while saving some cash.
The cable is simple Docsis 3 modem, plug it in and everything works.
With fiber you have to use the supplied router/gateway, and while you can disable the routing and gateway functions, connection apparently can be achieved only through port forwarding.
My server has Eth0 - green, and Eth1 - red. I cannot figure out how to set port forwarding to Eth1 (enp2s0) the only address i see is that provided by ISP.
I hope I am missing something. Can anyone enlighten me about how to make this work?
Thanks.

federico.ballarini · February 17, 2019, 12:27am

If I understand correctly you will insert into red of NS directly the IP provided from ISP.
I think that ports are all open to this IP and it will be the NethServer to filter connections.

vbn · February 17, 2019, 4:10am

You understand correctly. The problem is that according to ISP they can accomplish this only through IP forwarding, and they require me to give them a forwarding address or port. Unfortunately I have no clue what to give them. Meanwhile I have lost acces to the web interface (not sure why), but at least I still have command line access. Too bad there is no GUI that way since I am mostly clueless when it comes to Linux commands.

pike · February 17, 2019, 3:59pm

If i am correct RED interface should have one of these kind of addreses:
172.16-31.X.X
192.168.X.X
10.X.X.X
Is that correct?

federico.ballarini · February 17, 2019, 4:32pm

It depends. Normally yes, but ISP can provide a type of subscription that consent to you to insert directly the public IP address in the RED IP address field of your firewall. It depends by subscription, router and type of connection (VDSL,ADSL,Radio,ecc…).
Normally, this type of configuration is provided with business contract.

pike · February 17, 2019, 4:33pm

If the public address is set on RED, should not be necessary port forwarding in that case, @federico.ballarini…

federico.ballarini · February 17, 2019, 4:34pm

Yes. All ports should be directly forwarded to the firewall without any configuration.
You have to apply PF configuration on your firewall if you need to forward some ports to internal devices.

vbn · February 17, 2019, 5:13pm

The address on the RED interface is the public address assigned by ISP through DHCP. According to ISP it is mandatory to use their router/modem between ONT (optical network terminal) and Nethserver and they claim that can be accomplished only through IP forwarding.
Maybe the best solution is to configure as single NIC and let their equipment handle routing/gatewayDHCP etc. But I do not know how to configure that.