I've got the original, ISP supplied NVG589 DSL router configured and working, despite its many annoyances and flaws, buffer bloat and need to hard-reset and recreate the settings every few months...
Frontier tells me I need a newer model, so they shipped me the NVG448B several months ago. I configured it identically to the NVG589, every setting matched precisely what was on the "older" modem, and everything works... except routing to and from the 16 static addresses defined in my public subnet section.
I can unplug the NVG448B, plug in the NVG589 and it works, swap them, and suddenly I can't ping any public IP or DNS name from machines defined with those static addresses (VMs on my ESXi lab machine).
Routes are the same inside those VMs, network hasn't changed at all, with the exception of swapping the NVG589 for the NVG448B and back. I've powered the entire network down, brought it back up, same story.
Hard-reset the modem, recreated all the settings (painfully recreating 50+ firewall rules by hand, since I apparently can't back up the configuration and restore it... what century is this?). Same story.
Networking works, and clients of the router on the LAN side work fine, pings work, I can browse, all of that works, but _nothing_ works from inside machines defined with any of my /28's static addresses.
I called Frontier and submitted a trouble ticket, but they said they can't find anything wrong on their end, and the best they can do is to send a technician out to my home to test things on this end.
Given the pandemic risk and that there's literally nothing they're going to be able to do that I haven't done, I'm skeptical this is a modem issue, and I don't want to have a technician onsite.
I started searching for a replacement, 3rd-party DSL/vdsl router, but there are zero to be found, other than refurbished modems and older models that probably have less features/worse performance.
Has anyone had success with this configuration using either the NVG448B, or a 3rd-party router that allows defining a public subnet _on the router itself_, not setting it into bridged mode and adding another router between it and my network?
The only thing I can think of, is that the routing rules on the Frontier side, assume the public IP of the NVG589 is still in use, and when I plug in the NVG448B, I get a completely different public IP on a completely different subnet (located about 40 miles further away than the NVG589. according to whatismyip), and so no traffic egressing from my VMs behind that /28 is routed anywhere beyond the gateway itself.
What's odd, is I can ping the gateway from those VMs (32.215.x.x -> 192.168.1.254), and I can ping the public WAN IP on the other side of that gateway (32.211.x.x), and that all works fine, but I can't ping 1.1.1.1 for example, or google.com, or even frontier.com or frontiernet.net. Those all fail, 100% ping loss.
Traceroute to frontier.com or frontiernet.net gets to 30 unknown hops, then fails (and why does a successful traceroute from 192.168.1.254 go through msn.net to get to frontiernet.net? Something is definitely off there).
Should I just stick with the NVG589, and work on some ansible/browser automation to reconfigure it every time I have to hard-reset it?
Thoughts? Suggestions?
↧