Admin Access to ONT

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
12 posts Page 1 of 2
by pearsons_11114 » Sun Jan 09, 2022 12:28 pm
Just received upgrade from Fusion to Sonic native and I'm little confused about interfacing with the ONT. My understanding is that this is the fiber equivalent of a cable modem. However in the past the ISP has always provided a combo modem/router, and you could administer the router part yourself. From there you can either use that box for your router, or put it into bridge mode and use your own router. But in either case there is NAT and a firewall between your devices and the internet. When I hook my NIC directly to the 10GB/s port, it seems to DHCP me an address, but not on one of the standard internal subnets like 192.168.1.* or 10.0.0.*. So it seems as though I'm being connected directly to the WAN, no firewall. That seems like a recipe for disaster, so I must be missing something. The default gateway that shows up is on a different subnet, but not sure if that really means anything. I guess what I fear here is that to utilize the 10GB/s port I would have to get a 10GB/s router ($$$) for NAT/firewall, in addition to a 10GB/s NIC. Can anyone enlighten me? Has anyone rented a router from Sonic and does the router do 10GB/s? Thanks!

-Steve
by pearsons_11114 » Sun Jan 09, 2022 1:59 pm
Okay, so I think answered part of this just by plugging stuff in. The ONT does appear to be in bridge mode. When I hook up my PC NIC to the 10GB port I get an IP as mention above. When I plug my router in to the 1GB port, I get a different IP on the WAN, and all the NAT/firewall stuff on my router works as usual. However, these two IPs are on different subnets, kinda like main and guest subnets you get with home routers. Which means that tho that the PC can't talk to the rest of the network. Seems like there ought to be a way to allow routing between the two subnets on the ONT. Still unanswered:

* Isn't a bad idea to have the ONT serve up a WAN address to my PC NIC? It's always been my understanding that you can't lock down a Windows box sufficiently for this to be safe.
* If I don't want this, then do I have to buy a 10GB router in addition to the 10GB NIC?
* Is there a way to get the two subnets talking to each other?
* Does the router that Sonic offers for rent solve any of these issues?

Thanks!!
by ngufra » Mon Jan 10, 2022 8:34 am
The ONT is just that : network adapter. it does not route, switch or anything.
You would typically plug a router behind to do your internet networking.
As you noticed there are 2 ports on the ONT. My understanding is they get two separate public IPs so they are as close to each other than if one were at your neighbor.
Not clear is using both at the same time is supported.
by pearsons_11114 » Mon Jan 10, 2022 10:34 am
Before I go any further, bear in mind I'm technically oriented (developer) but only know enough networking to get by. I may say stupid things.

Please see this thread:

viewtopic.php?f=10&t=17030&p=58608&hilit=822v#p58608

> But the new 822V XGS-PON ONT is currently being deployed in a routed configuration, with NAT etc. [Dane Jasper]
> And finally, yes, we can now support bridge mode! We are field trialing that feature and I would like to convert your ONT as soon as you are ready. [Michael Tardif]
> We should be able to get your ONT bridged now, a Sonic rep will be reaching out to you later today to get that coordinated and squared away. [Andrew M.]

So clearly according to Sonic this device can be configured for routing/NAT or put in bridged mode. Hoping Sonic will provide a definitive answer to these questions:
  • How do I administer the ONT to configure it for my needs? Is there a web interface or other means? Credentials? A manual for the device?
  • What are the possibilities for configuration? E.g., the IPs assigned by the device to the 1GB and 10GB ports are on a different subnet. It should be routine to configure the device to allow traffic between these subnets. It doesn't make a lot of sense for your home network devices not to be able to talk to each other just because they have different bandwidth capabilities. I can think of a number of other ways to solve this, but I need to know what the device capabilities are to figure that out. (The installer pitched me on renting a separate router from Sonic, but again, I know nothing about its capabilities.)
  • Why is the ONT deployed by default in bridged mode, when non-IT people might blithely connect their PC directly to the internet with no firewall/NAT protection? (In fact this is what the installer did before he left.)

To sum it up, we're being provided with 10GB internet speeds, which is super, but very little assistance in how to actually make use of it. 10GB gear is still pretty expensive, so I kinda have to know exactly what I'm getting into before decide what to buy. I understand this stuff is very new and it takes time to dial it all in. Just looking for the latest information available.

Thanks!
by meisonic » Mon Jan 10, 2022 11:00 am
For traditional people, the Sonic rep does not stop at the installing ONT part.. They proceed with installing with a Router, currently the Eero6 which does 1gbps.

The ONT converts media, its purpose is not routing or dealing with providing you LAN addresses. Those addresses are assigned to you by the ISP and they don't need to be on the same subnet because you are plugging into a WAN interface.

Once you have a router of your choosing, you can plug its WAN interface into those ONT ports and that router will now separate LAN and WAN. That router will give you private subnet ips.

There is not much too much hardware out there that can support 10gbps.. They do exist but are pricey. Netgate 7100U is able to handle it but will run you upwards of ~$1300. (Which is extremely cheap for what you're getting)
by igorru » Mon Jan 10, 2022 5:07 pm
I have not looked at 10GB firewall/router hardware much until now. Netgate 7100U looks to be a great solution for that, but I'm curious why you do not mention the Netgate 6100? Seems to be just as capable for the SOHO user at about 2/3 of the price.
by dane » Wed Jan 12, 2022 10:13 am
Keep in mind that just because a router has 10 Gigabit ports, does not necessarily mean that it can route and firewall traffic at full 10 Gigabit speed.
Dane Jasper
Sonic
by klui » Thu Jan 13, 2022 4:45 pm
The 822V is a combo ONT/gateway. Just call Sonic and they should provide you with credentials. Unless the credentials are already attached on the CPE's label.

You did state this is "all very new," so it's not unusual that there are bumps here and there.
by meisonic » Sat Jan 22, 2022 11:33 am
igorru wrote:I have not looked at 10GB firewall/router hardware much until now. Netgate 7100U looks to be a great solution for that, but I'm curious why you do not mention the Netgate 6100? Seems to be just as capable for the SOHO user at about 2/3 of the price.
I actually wasn’t aware of the 6100. It looks like it’s a new product released 6-7 months ago. Definitely better than the 1U 7100!

Alternative for opnsense is the DEC740/750 at €699 and €799 euros.
by graeme_stewart » Thu Feb 24, 2022 3:06 pm
Just call Sonic and they should provide you with credentials.
Is that accurate? Would be awesome if there was a customer-facing diagnostic page on the 822, but I'm not convinced there is...
12 posts Page 1 of 2

Who is online

In total there are 34 users online :: 0 registered, 0 hidden and 34 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: No registered users and 34 guests