Skip to content

Turn off DHCP server on 5031?

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
11 posts Page 1 of 2
Post a reply

Turn off DHCP server on 5031?

by gizmos » Thu Oct 01, 2015 10:07 am
Can the DHCP server on the Pace 5031NV be disabled? There doesn't seem to be a "OFF" selection on the DHCP settings page. Please tell me that this thing isn't going to insist that I can't have my own DHCP server!

BTW, I'd be happy to let the 5031 be the DHCP server if there were a way to tell it which DNS servers to advertise to DHCP clients, but it doesn't seem that you can do that either. It appears to be hardwired to always use the AT&T servers.

I have my own DNS server in house that knows the names of the machines on my own internal network, and I want internal machines to use that one so they can talk to each other.
by gizmos » Thu Oct 01, 2015 10:34 am
More - this gets even worse. It appears that you cannot configure the 5031 to use network 10 (i.e. LAN IP addresses in the range 10.x.x.x) at all! Yes, you can set the DHCP server to "configure manually" and enter this address range, but when you try to save it you'll get an error that says "Router Address should not start with 10."

Seriously???
by dherr » Thu Oct 01, 2015 11:00 am
I read that AT&T is using 10.x.x.x in such a way that they decided to disable that ability for the gateways.

And yup, it does not seem that there is a way to turn off DHCP either.

DMZ+ mode with a second router will allow both options. The good news is that DMZ+ does seem to work very well once it is up and running. As an example; my second router is set in "Pass Through" mode for IPv6, and it works great. My reason for switching to DMZ+ was that the newer firmware broke multicast communication between LAN and WLAN.
by gizmos » Thu Oct 01, 2015 11:11 am
dherr wrote:I read that AT&T is using 10.x.x.x in such a way that they decided to disable that ability for the gateways
Yeah, the first thing that occurred to me is that AT&T is probably planning to do some global Uverse wide NAT thing, and they'll use network 10 as their "internal" Uverse network. Hopefully not, though, because that would be the end of any kind of incoming connection to your home.

That's a bummer about the DNS and DHCP limitations, though. I was actually going to try and use the 5031 as a router, but this is a non-starter. I'll try the DMZ+ thing and relegate the Pace to the darkest corner I can find. Perhaps I can just pretend that it's not there...
by gizmos » Thu Oct 01, 2015 7:52 pm
I set up the DMZ+ mode on the Pace and used by old Netgear router this afternoon. Interestingly, I couldn't get the DMZ+ to work (nothing got passed to the Netgear at all as far as I could tell) until I did a "factory reset" on the Pace and then set up the DMZ again. I've seen the same thing reported in other forums, so this problem isn't unique to me.

After that, things are better. I can at least get some traffic thru my router AND use the DHCP server in my router too. There are still a few things that don't work and I haven't yet figured out why.

One is NTP traffic (UDP port 123) - the Pace doesn't seem to be passing incoming NTP packets to the Netgear, even in the DMZ. Does the Pace do anything funny with NTP ??
by Guest » Thu Oct 01, 2015 9:41 pm
gizmos wrote:One is NTP traffic (UDP port 123) - the Pace doesn't seem to be passing incoming NTP packets to the Netgear, even in the DMZ. Does the Pace do anything funny with NTP ??
NTP works for me in DMZ+.

Using
2.north-america.pool.ntp.org
1.north-america.pool.ntp.org
0.north-america.pool.ntp.org
by dherr » Fri Oct 02, 2015 9:42 am
gizmos wrote:I set up the DMZ+ mode on the Pace and used by old Netgear router
[snip]
the Pace doesn't seem to be passing incoming NTP packets to the Netgear, even in the DMZ. Does the Pace do anything funny with NTP ??
As noted by "guest" it is working for me, but that is only *behind* the Netgear. The Netgear itself does not seem to be able to reach the NTP servers that it is set to use. My test fix was to turn on named on my host with a zone file for netgear.com as such:

time-a IN A 64.142.1.20
time-b IN A 64.142.1.20

The IP there is a Sonic NTP server. Before this fix the Netgear thought it was 1999. Setting it to use my host IP as the DNS host fixed the time. So it does not seem that the NTP connection is being blocked since this was still pointing the Netgear to a WAN side server. It "feels" more like time-a/b.netgear.com are not talking to the Netgear in the language it wants. Maybe they switched over to something more secure where the Sonic server still allows an older protocol. My host can get a reply with `ntpdate -q time-a.netgear.com` so it is not simply an old DNS name. I don't know enough about NTP to know if this makes sense or not, I only know that I was able to get the Netgear to show the correct time with that method.
by gizmos » Fri Oct 02, 2015 11:17 am
dherr wrote:The Netgear itself does not seem to be able to reach the NTP servers that it is set to use.
FWIW, my Netgear (an FVS338) has the exact same problem. The Netgear firmware is smart enough, though, to let you specify a LAN (not WAN!) side NTP server. There's a screen where you can configure the time servers, and I just gave it the IP (a dotted IP, not a FQDN) of my internal ntpd machine. That works fine and the Netgear synchronizes with my Linux box.

The ntpd on the Linux box still cannot talk to the outside world, however, I've run tcpdump on the ntpd machine and I can see NTP packets going back and forth between all my other local machines, AND I can see the machine sending NTP packets to external time servers, but no response ever comes back from those external machines. I've tried several different external NTP servers, including three that I was using up 'till day before yesterday, and none respond.

Either my Netgear or the Pace must be dropping the NTP packets, or AT&T's network just isn't delivering them. The Netgear worked fine with a Sonic legacy DSL up 'till the new FTTN was connected two days ago, so I suspect that it's innocent. Can't prove it, though, unless I can find a way to monitor the packets on the Pace side.
by dherr » Fri Oct 02, 2015 1:19 pm
Maybe double check that all of the firewall options are turned off in the 5031nv config?
by gizmos » Sat Oct 03, 2015 1:28 pm
dherr wrote:Maybe double check that all of the firewall options are turned off in the 5031nv config?
* Uncheck Stealth, block ping and strict UDP control.
* Check all outbound protocols except Telnet and NetBIOS (disabling telnet is a personal choice)
* Turn off all attack detection options

Anything I forgot?
11 posts Page 1 of 2

Return to “Access”

Who is online

In total there are 5 users online :: 1 registered, 0 hidden and 4 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am
Users browsing this forum: Bing [Bot] and 4 guests