著者: sawbona 日付: To: Simon 題目: Re: [DNG] What are you using for a firewall/router
Hello:
On 2 May 2024 at 19:48, Simon wrote:
> altoid via Dng <dng@???> wrote: > > ... appreciate your briefly commenting on what your options are.
> That depends a lot on your ISP. Indeed ...
I have to put up with the Telefonica/Movistar privateers.
ie: white-collar criminals with a government issued "letter of
marque".
The connection to the web is with fibre to the flat and then an ISP
issued box/router with WiFi 2.4/5.0 which I do not use.
> ... still the case with fibre as they share a single fibre between multiple end users.
> ... mandatory to use their NTE ...
> ... just a fibre-copper ethernet converter ...
>From what I have seen of the infrastructure installed, that seems to be the case here.
> ... as with xDSL ...
> ... plug whatever router you want into it and configure it ... Yes, when I had an ADSL I was able to configure what I needed.
eg: my own DNS server running on a VM in my Sun U24.
But they had the habit of resetting the box every so often so I had
to do it all again.
> ... there are several sub options.
> ... put into modem mode. I will know about that when it gets installed.
/rant on
They did away with the building's copper lines without taking into
account the eventual demand so there is a huge backlog.
Incompetence is the norm with these AHs, at *every* level.
Gone is my *very reliable* analogue telephone line.
I thonk VOIP is crap and a liability but as corporate profit is the
only thing taken into account, you have to grin and bear it, so to
speak.
/rant off
> ... plug another router into the ISP one - but then you
> have two levels of NAT ... I see. > ... and IPv6 could be interesting. I don't use IPv6 at the moment.
> ISP router is still doing NAT, and still controlling traffic ...
> tell it to just forward all inbound traffic to one IP ... I'll have to see about getting a decent router for that.
All the ISP issued hardware I have seen is the cheapest stuff the
ISPs can get wholesale.
> ... configure your router to not do NAT. I have to check to see if that is possible.
> ... able to tell the ISP router to route all traffic for (say)
> 192.168.123.0/24 via your router and use 192.168.123.0/24
> internally (still (say) 192.168.1.0/24) on the ISP´s router), the
> ISP router still does NAT, but you don´t add your own layer. That seems to be a good option.
ie: only one level NAT
Seems I have some reading to do.
> ... didn´t plan on that being ... You have been *very* helpful.
Thank you very much for taking the time to write this up.