My Router-Modem Setup

!Here's what I've figured out with my router/modem setup:

The router has two sets of plugs in it. One set is the regular ethernet ports to hook in single computers to. However, there is a single yellow port known as the WAN or Internet port. What really is the difference here? I've figured it out. The WAN port actually is the interface to a second half of the router. Just as the router communicates with computers so that the computers can communicate each other, all pieces being in a single "network" the WAN port on the router functions in exactly the same way with the though, though the modem now acts as a DHCP server and the router functions as a regular old client computer on the MODEM'S little LAN, known by the router as the WAN. From there, the MODEM creates a WAN network with Qwest...and who cares what THEY do? The configuration for the modem's LAN is an interface ONLY for the router, and the configuration for the router's WAN accesses the same exact interface, only from the other side.

So in short:

Modem WAN = Qwest Connection
Modem LAN = Router WAN
Router LAN = Computer 1, Computer 2, Computer 3 etc LAN

...
...
...
at least with my setup, this is how it works.


The way I found this out was with the strange way I could somehow access the modem THROUGH the router, even though the modem had a different base IP than the router was assigning to my computer. Of course, the best way to configure a modem is to attach it directly to a single computer and edit its stuff that way, but for some reason I was able to access it through the router. I had also figured that, well with two DHCP servers, one of them could be turned off and the router could assign them all. WRONG. I have to leave BOTH of them on! Why? Because when plugging the modem into the WAN (Internet) port on the router, that network created is entirely separated from the LAN that the router creates with my computer. They are TWO SEPARATE NETWORKS and any single one cannot be terminated, nor can their dynamic IP addresses conflict.

I had tried turning off the DHCP on the modem. This made the modem completely unavailable, because the Router cannot assign IP addresses via the WAN port. It is only a client there. I tried changing the IP address of the modem to the same IP address the router had on the LAN. This made BOTH unavailable to the ultimate client: my computer, because to my computer, these addresses were conflicting. I tried changing the IP of the Modem to something a little more friendly than the industry standard 192.168.0.1. In fact, in each case, I changed it to something like 161.0.0.161 or 161.0.0.200. But this was in the thought that the modem existed on the LAN. It does not. The modem exists on its OWN network with the router only.

So, as I lay awake at night, I thought, "What if I were to keep everything on, but change both the IP address of the modem and its DHCP assignments to the same, but completely different network? My router right now is on the LAN address 161.0.0.1 and it assigns clients IP addresses from 161.0.0.2 to 161.0.0.254. Those are two different screens on the router configuration. The modem has almost the exact same screens. A place where you can set its IP and a place where you can change its DHCP." Then this two-network configuration dawned on me and I knew it would work. There is also a WAN screen in the router configuration which shows its own DHCP-acquired IP address on the Internet.

Thus, when I got up this morning, I decided to play around with it, but with this knowledge in mind.

Going into the modem's DHCP settings, I changed the assignments to 160.0.0.2 to 160.0.0.254 (different from the router: 161.0.0.2-161.0.0.254). I got an error saying that the modem's own IP address was not on the same domain as I was trying to change the DHCP settings to. So I went into the Modem's LAN screen, where you can set its local IP address, and changed it to 160.0.0.1. I then in turn went BACK to the DHCP settings and tried again. Nothing changed when I hit apply, no error..and the numbers did not change. However, I figured that it was probably stuck, as a popup had occurred when changing the IP of the modem, saying that it needed to be rebooted. This time, I tried a software reboot via the menus. It worked, I hit refresh, and it errored out.

Oh yeah. Its IP isn't 192.168.0.1 anymore. It should now be 160.0.0.1. So I changed that in the browser's address bar. Lo and behold, it came right up! No problems at all!!

Now then, I've figured out that with this configuration, I have a two separate networks in my system. The router sees the modem's network as the "Internet" and serves to the computers the -real- LAN, while the modem sees the router as -its- LAN and pulls the Internet in as it should be, through the phone line with authentication. With this in mind, it is my new hypothesis that the router will NOT need to be configured to connect to Qwest. It is working thus far..I can connect to the modem through the router, and really, the modem IS the entire internet as far as my router is concerned. At least until I get the modem to connect to the internet and pass information through. So in my router's WAN setup, I should think in terms of "it is only communicating with the modem in this network. Everything should be left as off or default."

And in the same manner, I must consciously remember that all the INTERNET security features are pretty much up to the modem to block/allow/forward on to the router, because in terms of the modem, the router is the only computer connected to it!

Actually, theoretically, I should be able to place a switch between the modem and the router, giving me access to three more ports that will exist in the modem's network. I do have a switch. A switch is pretty much just a passive ethernet splitter, with a few hard-code smarts to make using it faster for all computers. There is no host plug, no client plug...everything just connects to the same string of ports and all interfaces through it function as parallel clients, even the Internet feed (server via router or modem). So, if I were to place my switch between the router and the modem, I should be able to attach a client computer to that switch and sit on the modem's network. In fact, with a switch, I should be able to take the router out of the equation completely. Of course, this would also take my router's wireless interface out, and the laptops would not be able to connect, but the modem would create the LAN network for both the router and a computer.

Now...there IS a feature in the modem configuration. It is called RFC Transparent Bridging. This basically turns off EVERYTHING in the modem and simply passes the DSL signal directly through to the router down the line. If I were to turn this on, my entire web interface to the modem would disappear (requiring a hard factory reset in order to get it back), and my router would be able to be configured with username/password/connection protocols directly to Qwest.

What if...I were to take the above two scenarios and combine them? What if I were to turn on the modem to transparent bridging mode AND split out the signal with only the switch? What if I were to make my LAN completely irrelevant? What if each computer was allowed to directly access the internet on its own?

In this case, each computer would need to be authenticated via their Local Area Network settings to work directly on the internet and authenticate with Qwest's servers. But in each case, the computer would be able to have their own IP with the rest of the world and function on their own! Of course, with this in mind, they would also be tying through the same switch, and so would be able to access each other, even with domain names (or in this case, workgroup names, because I don't have a computer with a DNS server).

Oooh!! With that last sentence, I just came up with another setup! If I could program a single whole computer as a server, I could buffer the Internet from the switch and essentially make that computer my "router."

And the possibilities go on. I could attach a router to the switch, making a wireless subnet (with a different set of IP addresses, of course). I could turn the modem back on, put a server in between the modem and the router and make a three-stage LAN...although this would be rather pointless unless you wanted to serve stuff up with minimal security.

So back to my first and currently-working scenario. What makes accessing the modem, and hopefully the Internet through the modem so easy if a router is buffering the signal and splitting the network into two? My hunch is what is called Routing Information Protocol or RIP.

RIP is defined by the router (modem's client) as allowing a router to exchange routing information with other routers. The RIP direction selection controls how the router sends and receives RIP packets. It can do Both, In or Out. There are two versions for RIP: RIP-1 is universally supported and is sufficient for most networks. RIP-2 allows for more information, uses subnet broadcasting (RIP-2B) or uses multicasting (RIP-2M), but is not as well supported.

RIP is not defined by the modem, but the setup says that "If a gateway or router is set up behind the modem, consult the documentation that came with the router to see if dynamic routing is needed and what version." And in turn, you can change what your router's RIP version is (1, 2 or off).

It is my theory that RIP (termed Dynamic Routing by the modem), is what makes passing information from the router's network into the modem's network (and the internet by extension), and vice versa. It basically bridges the two and says, "Yes the computers on the router's network can access information on the internet. And the computers on the router's network should also be able to access computers on the modem's network...if there are any." And I just tried it. From a computer, I typed in http://160.0.0.2 (the router on the modem's subnet), and it came up smooth as silk. I can get the exact same screen with at http://161.0.0.1. COOL!!! Now to see if I can turn off RIP on either of the devices and still make this work...

With the RIP on the modem off and on the router on, I can still access the modem's subnet (160.0.0.x). When turning off RIP on the router also, I can STILL access the modem's subnet. Okay. My concept of this is off..however, the modem did say that RIP should be enabled if a router is buffering its signal with the LAN, so I will turn it back on. I guess the fact that I can access 160.0.0.x means that this subnet looks like the Internet to my computer. Hopefully it won't conflict with another network on the real internet.....though it shouldn't matter really.

I expect the modem to be assigned a single IP, or at least with the arrival Qwest's documentation, to be given four IP addresses that are assigned directly to me (after all, I did say to the guy on the phone that we would have four computers on the internet at once). And in my modem's DHCP settings, I will make my little window of real-world internet IP addresses available to any client that connects directly through the modem. This means that my own router will have an Internet IP. But in my current setup, none of my actual client computers will. They will rely solely on the router IP for all transactions with the world. This means that my 160.0.0.2-160.0.0.254 will probably have to change.

But...since none of the client computers will have IP addresses on the network, unless they are connecting directly with the modem, it is likely that I will need to set up Port Forwarding for anything I want to serve from a client..web page, Telnet game, etc.

Port forwarding exists in both the modem's and the router's configuration screens. If you refer to my above configuration examples, let's take config 2.

Port forwarding a webserver from C2 through the router would make available to C1, a webpage that by typing in "160.0.0.2:80" it would be able to access. The port from the client would be passed into the router, but it would appear on the modem's network that the router was hosting the entire server, when in fact the client behind the router was forwarding port 80 through.

If I in turn turned on port forwarding in my modem's settings (Security/Port Forwarding) for a single computer, I could pass the router's Port 80 through to...the internet and the IP which is assigned to the modem will be able to be typed in to the web browser and C2's webserver SHOULD pop up!!

This brings up another issue though. While looking for Port Forwarding in the modem's config menus just now, I ran across the modem's IP address config. Does the modem also buffer with another IP address? Will the IP addresses it assigns to the router not be valid on the internet? Ignore Line 182. In the modem's config under the Status button (currently the modem is NOT online), and under Broadband status, it has a place for WAN IP, Gateway IP and modem model/MAC,etc. This means that the modem will be given its own IP which will itself buffer the rest of the network underneath it from the internet. Meaning that with my statement to the guy about planning on four computers connected at once (because there's a limit of five, which doesn't make sense), they're probably going to make me put my modem in Transparent Bridging mode and assume that I don't have a secondary router behind it. They will also assume that my modem is the same box as my router, so really it will be a wireless/wired switch in bridging mode. This will NOT be the case. I SHOULD be using only one of the four assigned IP's at a time and I'll just forward the services through as is required. The end. Deal with it!!!

So far, this is all I have that I could document..next up, what really IS RIP? What is NAT? I don't know...let's find out! :P

Oh hey. I just had a thought. If I forward port 80 from C2 through the router, that should mean that I should be able to access 160.0.0.2 (router's WAN connection) via C1 (or C2 as the case may be), and see C2's webserver rather than the router config! But going from the other way and accessing 161.0.0.1 (router as a server), I should get the router's firmware configuration.

Same with the modem. If I forward the router's new (or old) Port 80 through to the internet, I should be able to plugin the modem's IP address on the internet, and see the router's webserver (or configuration screen) rather than the modem's config. But I should be able to come in from the LAN (160.0.0.1) and see the modem config just fine. This could be cool!!!

1 comment :

Post a Comment

Comment loud, comment often. But comment on the content!

All comments are filtered through to my email, so your spam will never make it. Unless, of course, you wanted to try injection attacks into my email, which would probably not happen since Blogger just tells me that a comment is awaiting moderation and doesn't bother to tell me what it says. I trust Blogger like that..