On Sun, 01 Feb 2004 11:32:02 GMT, Juha Laiho hath writ:
> "William D. Tallman" <wtallman@olypen.com> said:
>>I've got ADSL from my ISP via Qwest to an Actiontec 1524 DSL modem. It is
>>connected to an ethernet switch, to which a Linux box and a M$ PC are also
>>connected. The Actiontec is the "gateway" with a permanent address on the
>>LAN side. It connects to the ISP using PPPoA and DHCP. Or so says the
>>Actiontec's web page.
>
> Ok.

I just finished an identical install here: Qwest, ADSL, Actiontec 1524.
System here: A Win XP, an OS/2 Warp, and this MDK 9.1 are plugged into
3 of the four switch ports on the back of the Actiontec.
(And, as close as I can read the doc's, it is a *switch*, not a hub.)
Then, a hub with a (seldom on) Win 95, and a (sometimes on) MDK 8.2 is
plugged into the 4th Actiontec switch port.

>>It appears that as long as everything is up and running, the Actiontec sees
>>the ethernet switch as an active component, even when both computers are
>>powered down.
>
> Correct.
>
>>At least it shows a regular blip on it's ethernet interface, suggesting
>>that there is activity, and the interface light remains on at all
>>times. When both computers were connected directly to the Actiontec,
>>the interface lights went out when the computers powered down.
>
> I'm not sure why there should be activity with the computers powered down.
> But at ethernet level the link really is up as long as the switch is
> powered up.

I see the Actiontec "polling"(?) the hub when none of the pc's
are turned on.

>>Questions:
>>
>>1) It would seem that neither computer has to worry about DHCP, as that
>>is settled between the DSL modem and the ISP. Effectively, then, the
>>computers are left with a permanent Internet address. Is this correct?
>
> Yes..no. The computers effectively don't have Internet addresses at all;
> they only have _intranet_ addresses. Your modem apparently has an Internet
> address it obtained by DHCP from your ISP.
>
> But correct in that sense, that with that kind of set-up you can keep
> consistent, non-changing addresses on your LAN.

On the "WAN" side the Actiontec does dhcp with the ISP.
My dsl service does not come with a static ip.
This is a "don't care" on the lan side
(unless you are running exposed-to-the-net servers.)
On the lan side I config'd the Actiontec for static lan ip's. The
Qwest doc's say to use dhcp on the lan side. Ignore that unless you
want A LOT of confusion on your lan. (I suppose it makes sense
for the average MS user that never had a NIC to start with...)
[The Actiontec has a dhcp _server_ for the lan side -- if you want.
We are talking two *different* dhcp's here -- one server in the
Actiontec for the lan boxes, and the ISP server for the Actiontec's
outside-world ip. http:// to the Actiontec and click on "status"
to see the ISP-assigned ip address.]

>>2) If so, then it would seem that as far as the computers are concerned,
>>they both access a fixed internet address, and that address is the LAN
>>address of the modem and not the assigned address on the ISP side. Is that
>>correct?
>
> Both computers access the Internet through a gateway having a fixed
> address. Still, the "LAN address of the modem" apparently is not an Internet
> address. Sorry to be anal over these, but trying to keep these straight
> tends to at some point clarify things.

The Actiontec comes by default as 192.168.0.1 (which was ok by
me -- as I retired the first lan box - a 486DX33 on 192.168.0.1 - a
year ago.) You can (re)config the Actiontec for any lan ip you wish.
Just set all your pc's "gateway"s to 192.168.01.
For easy browser access: add "192.168.0.1 DSL " to /etc/hosts

>>3) I've made a practice of having a terminal running tcpdump whenever
>>the box is up, and have seen no intrusive activity at all. In fact,
>>except for explicit activity with the time server, the mail server, the
>>news server, and whatever http server I'm doing business with, there is
>>no more activity now than when the DSL modem was not connected to the
>>LAN. Given that the modem is actually a NAT enabled bridge, does that
>>suggest that it is doing everything that needs to be done? I'm aware
>>that this is commonly thought not to be the case....
>
> I'd say that can't NAT on a bridge. Sounds like a NATting router.

Yep.

> At network level everything now depends on the configuration of the modem:
> have you assigned any ports to be forwarded to any of the LAN machines
> for incoming traffic? So, f.ex. if someone connects to port 25 ("smtp",
> common port for providing mail server service) of your modem from the
> Internet, does the modem just drop/reject the traffic, or have you
> configured it to forward those requests to one of your internal machines?
>
> Basically, I'd expect that all traffic you see in your LAN is packets
> originated by your machine, and response packets to these.
>
> One thing you need to find out, though: is the configuration www service
> that your modem provides available also to the Internet? If so, have you
> set up a good enough password (or rather, find out whether there is any
> way to restrict the configuration access to LAN only).

By default it is *not* web admin'able from the "wan" side.

There is a BIG pdf out there for the details of the
Actiontec. (There's also a small sales/marketing pdf, too.)
Google on "qwest actiontec 1524" and drill down to it.
(Hell, it just occurred to me that the pdf should be on the
CD in the box with the Actiontec that Qwest shipped to you.)

All-in-all, this Action 1524 is Real Slick. I had been
doing lots of web research on DSL installs, dual-nic setups,
yaa-daa, yaa-daa. I was aprehensive.
It now seems Actiontec was reading the same ng postings I
was and built a box to address all the then-existing hassles
and problems.

HTH,
Jonesy
--
| Marvin L Jones | jonz | W3DHJ | OS/2
| Gunnison, Colorado | @ | Jonesy | linux __
| 7,703' -- 2,345m | config.com | DM68mn SK