Re: FIOS Router
-- Original Message --- From: Brielle Bruns > See the response I just posted, but in all likely, he's being > hampered by the fact the handoff from the ONT is 100BT ethernet and > OpenRG (which bolts on top of a Linux OS and 'replaces' the > functionality of iptables and such). I really meant a real Linux server (or desktop box loaded with CentOS, Deb, ect) with some basic IPtables rules and dual NIC. I never intended to use any kind of appliance or router device loaded with 'brand x' Linux. A 100bT hand-off should have NO issues reaching ~98Mbps without packet loss; just a little extra latency as you start filling buffers. Since the first day our FiOS was installed, we switched out the cruddy Dlink router (later swapped with Actiontec) with a Linux box running CentOS and a simple iptables script. I later added a Atheros-based wifi card with HostAP and madwifi to create an AP from the same box. Linux/Wifi is not for all of course, but the dual-nic and IPtables part pretty much anyone can do...you could just as easily hang a small wifi router off the box. -R
Re: FIOS Router
On Thu, May 27, 2010 at 3:40 PM, Chris Burwell wrote: > To be honest, I'm not sure how they got the 100Mb service. The fastest > service I have seen on the FiOS website is the 50/20. I can only > assume that it varies by region. It does, or it used to... rumors were DFW was a good place to get the 100/100 service. As to the actiontec, just ditch it, if you have cat-5 from the ONT you've been presented with an ethernet LAN, plug that into any old switch and feed your end systems off that (presuming you have more than 1 ip address and static addressing). If you NEED a router/firewall, then get an ssg5 or use a little linux-alike box. -Chris >On Thu, May 27, 2010 at 3:22 PM, Robert Enger - NANOG wrote: >> Sadly, I have only the 50/20 FiOS service. I would love to get 100/100. >> Where do I sign up. >> >> My initial installation used MoCA. It would not reliably deliver 50Mbps on >> tcp-based download tests. (coax network brand new, very small). Test >> results were erratic, typically between 30 and 40Mbps. Technician told me >> to put up with it (not making this up). >> >> I fought with VZ and had them re-provision me to 100BaseT connection on the >> ONT. I immediately observed reliable, consistent download speeds at >> 51.8Mbps. (Since dropped to 49.2 after their speed re-provisioning a few >> months ago.) >> >> MoCA is a half-duplex channel with sophisticated MAC (e.g. BW reservations >> and so forth). The MoCA diag displays show that the STBs see each other >> and the Actiontech at speeds over 220Mbps. I doubt the issue is inadequate >> phy connection. I assume the interplay between the MoCA MAC and TCP yields >> poor performance. But, I did not research this. I had them take my >> Internet off the MoCA path and it has worked fine since. >> >> So, how I go about getting 100/100? >> >> >> >> > >
Re: FIOS Router
To be honest, I'm not sure how they got the 100Mb service. The fastest service I have seen on the FiOS website is the 50/20. I can only assume that it varies by region. - Chris On Thu, May 27, 2010 at 3:22 PM, Robert Enger - NANOG wrote: > Sadly, I have only the 50/20 FiOS service. I would love to get 100/100. > Where do I sign up. > > My initial installation used MoCA. It would not reliably deliver 50Mbps on > tcp-based download tests. (coax network brand new, very small). Test > results were erratic, typically between 30 and 40Mbps. Technician told me > to put up with it (not making this up). > > I fought with VZ and had them re-provision me to 100BaseT connection on the > ONT. I immediately observed reliable, consistent download speeds at > 51.8Mbps. (Since dropped to 49.2 after their speed re-provisioning a few > months ago.) > > MoCA is a half-duplex channel with sophisticated MAC (e.g. BW reservations > and so forth). The MoCA diag displays show that the STBs see each other > and the Actiontech at speeds over 220Mbps. I doubt the issue is inadequate > phy connection. I assume the interplay between the MoCA MAC and TCP yields > poor performance. But, I did not research this. I had them take my > Internet off the MoCA path and it has worked fine since. > > So, how I go about getting 100/100? > > > >
Re: FIOS Router
Sadly, I have only the 50/20 FiOS service. I would love to get 100/100. Where do I sign up. My initial installation used MoCA. It would not reliably deliver 50Mbps on tcp-based download tests. (coax network brand new, very small). Test results were erratic, typically between 30 and 40Mbps. Technician told me to put up with it (not making this up). I fought with VZ and had them re-provision me to 100BaseT connection on the ONT. I immediately observed reliable, consistent download speeds at 51.8Mbps. (Since dropped to 49.2 after their speed re-provisioning a few months ago.) MoCA is a half-duplex channel with sophisticated MAC (e.g. BW reservations and so forth). The MoCA diag displays show that the STBs see each other and the Actiontech at speeds over 220Mbps. I doubt the issue is inadequate phy connection. I assume the interplay between the MoCA MAC and TCP yields poor performance. But, I did not research this. I had them take my Internet off the MoCA path and it has worked fine since. So, how I go about getting 100/100?
RE: FIOS Router
While I replied of list, RouterOS (Mikrotik) can do 100meg in many of their inexpensive devices. WE have a fiber loop here running our office that we can pull 70+ meg and its a 200 buck unit! We actually make a device called a PowerRouter, these are x86 versions, vs 680mhz mips processors. These can route at GigE speeds. Not to mention you get all of the firewalling, traffic management, QoS, etc with it as well. Just another option. --- Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE, MTCTCE, MTCUME Link Technologies, Inc -- Mikrotik & WISP Support Services Office: 314-735-0270 Website: http://www.linktechs.net LIVE On-Line Mikrotik Training - Author of "Learn RouterOS" -Original Message- From: Brielle Bruns [mailto:br...@2mbit.com] Sent: Thursday, May 27, 2010 12:55 PM To: nanog@nanog.org Subject: Re: FIOS Router On 5/27/10 11:46 AM, Chris Burwell wrote: > Brielle: Thank you for the info about the Ethernet port on the ONT. I > will make sure to relay that information. At this point I believe they > would want to make their service stable and worry about maximum > bandwidth once that is done. > I was actually corrected off list that its possible to get 100mbit over 100Base-TX, but its entirely possible that cheapie cards and such may not be able to hit that high of performance. > The router they have is the MI424WR, which is what I have for my home > service. I don't have many complaints about it at home, however it's > clear that it's not up to the task in the case of my client. They have > had the router replaced by Verizon 4 times in about as many months. > I believe its possible to install DD-WRT on the MI424WR. http://dd-wrt.com/wiki/index.php/MI424WR You might have luck with running pure Linux on that rather then Jungo's commercial linux abomination that Verizon uses. -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org/ http://www.ahbl.org
Re: FIOS Router
On 5/27/10 11:46 AM, Chris Burwell wrote: Brielle: Thank you for the info about the Ethernet port on the ONT. I will make sure to relay that information. At this point I believe they would want to make their service stable and worry about maximum bandwidth once that is done. I was actually corrected off list that its possible to get 100mbit over 100Base-TX, but its entirely possible that cheapie cards and such may not be able to hit that high of performance. The router they have is the MI424WR, which is what I have for my home service. I don't have many complaints about it at home, however it's clear that it's not up to the task in the case of my client. They have had the router replaced by Verizon 4 times in about as many months. I believe its possible to install DD-WRT on the MI424WR. http://dd-wrt.com/wiki/index.php/MI424WR You might have luck with running pure Linux on that rather then Jungo's commercial linux abomination that Verizon uses. -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org/ http://www.ahbl.org
Re: FIOS Router
Thanks for the information everyone! Most I will spec out several solutions for them, but the preferred solution will probably be a firewall just because most appliances will do more routing then they would need. I was looking at the Sonicwall NS series because it looks like they provide good throughput for the price. Brielle: Thank you for the info about the Ethernet port on the ONT. I will make sure to relay that information. At this point I believe they would want to make their service stable and worry about maximum bandwidth once that is done. The router they have is the MI424WR, which is what I have for my home service. I don't have many complaints about it at home, however it's clear that it's not up to the task in the case of my client. They have had the router replaced by Verizon 4 times in about as many months. - Chris
Re: FIOS Router
On 5/27/10 10:25 AM, Randy McAnally wrote: I've been using linux/iptables since day 1. 100Mbps is a walk in the park. See the response I just posted, but in all likely, he's being hampered by the fact the handoff from the ONT is 100BT ethernet and OpenRG (which bolts on top of a Linux OS and 'replaces' the functionality of iptables and such). -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org/ http://www.ahbl.org
Re: FIOS Router
On 5/27/10 8:21 AM, Chris Burwell wrote: I'm doing some research for a group that has a 100Mb FIOS Internet connection at their site. I was surprised to learn that Verizon supplied them with the same Actiontec router that they provided me with on my 10Mb connection at home. Needless to say the Actiontec router is not up to the task of moving all of that traffic (they are using about 80Mb now and sometimes max out their connection). Verizon has been good about replacing the router multiple time when they finally fail, however having to power-cycle the router multiple times per day is not acceptable. Which Actiontec did they give your client? There's like 3 different revisions of the Actiontec MoCA/Ethernet routers, and I know some of the earliest ones have some odd issues. The Actiontec MI424WR is actually a fairly beefy and nice router - but its hampered by two major things in terms of performance: 1) The ethernet hand-off from the ONT to the Actiontec is only 100BT. As we all know, 100mbit != actual 100mbit transfer. I believe MoCA can do better then 100mbit, so you'd have to use the MoCA port to get closer. 2) Jungo OpenRG is a pile, and buggy. My parents have FiOS and their MI424WR won't hand out any IP addresses for DNS other then itself no matter how I configure it. There's a bizarre slowdown when DNS is handled by the MI424WR, that I have yet to figure out. Yay for closed source crap bolted on top of open source stuff to 'replace' non-broken functionality with something that a company can restrict. What I would like to do is set them up with a router/firewall that is capable of handling their current bandwidth needs as well as their anticipated future growth. My concern is terminating the FIOS connection from the ONT directly to something like a Cisco 3900 (Output from the ONT is CAT5 terminating to RJ-45). I have been searching around the Internet and found one discussion where someone claims to have been able to accomplish just this using a Cisco 871 router. Based on the loose discussions that I have read it seems that the FIOS connection configuration can vary from area to area. I am also aware that we can configure the Actiontec router as a bridge, but I would much rather remove it altogether particularly with the amount of traffic this group is moving. Has anyone been able to accomplish this or something similar with any hardware other then the router Verizon provides? Any insight on Verizon's official stance on this would be helpful. If there is someone from Verizon out there that can contact me about the technical aspects of doing this, that would be much appreciated as well. Like I said, your going to be hampered by the fact that the ethernet handoff from the ONT is 100BT. Don't forget, there's all this overhead between ethernet, TCP/IP, the ATM network, etc that will even further limit your performance. If you call up and badger Verizon, you should be able to get them to switch between MoCA and ethernet handoffs if needed - I've only personally managed to get them to switch to ethernet once without faking a problem on our end to get a tech to come out and do it. -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org/ http://www.ahbl.org
Re: FIOS Router
I've been using linux/iptables since day 1. 100Mbps is a walk in the park. -- Original Message --- From: Chris Burwell To: NANOG Sent: Thu, 27 May 2010 10:21:01 -0400 Subject: FIOS Router > I'm doing some research for a group that has a 100Mb FIOS Internet > connection at their site. I was surprised to learn that Verizon > supplied them with the same Actiontec router that they provided me > with on my 10Mb connection at home. Needless to say the Actiontec > router is not up to the task of moving all of that traffic (they are > using about 80Mb now and sometimes max out their connection). Verizon > has been good about replacing the router multiple time when they > finally fail, however having to power-cycle the router multiple > times per day is not acceptable. > > What I would like to do is set them up with a router/firewall that is > capable of handling their current bandwidth needs as well as their > anticipated future growth. My concern is terminating the FIOS > connection from the ONT directly to something like a Cisco 3900 > (Output from the ONT is CAT5 terminating to RJ-45). I have been > searching around the Internet and found one discussion where someone > claims to have been able to accomplish just this using a Cisco 871 > router. Based on the loose discussions that I have read it seems that > the FIOS connection configuration can vary from area to area. > > I am also aware that we can configure the Actiontec router as a > bridge, but I would much rather remove it altogether particularly > with the amount of traffic this group is moving. > > Has anyone been able to accomplish this or something similar with any > hardware other then the router Verizon provides? Any insight on > Verizon's official stance on this would be helpful. If there is > someone from Verizon out there that can contact me about the > technical aspects of doing this, that would be much appreciated as well. > > - Chris --- End of Original Message ---
Re: FIOS Router
I've deployed SonicWALL NSA appliances for use on FiOS with good results. With any firewall, size it to be able to handle the bandwidth and applications involved. On May 27, 2010, at 11:26 AM, David Storandt wrote: > Would a hardware firewall appliance do the trick? Limited routing features > should be sufficient for an access application typical of FIOS. A Cisco ASA > 5510 or Juniper SSG5 wouldn't be bad choices.
Re: FIOS Router
Would a hardware firewall appliance do the trick? Limited routing features should be sufficient for an access application typical of FIOS. A Cisco ASA 5510 or Juniper SSG5 wouldn't be bad choices.
Re: FIOS Router
I worked for a small business that purchased 20Mbps FiOS. I threw the actiontech out the day it showed up in the mail. Plugged the copper hand off from the ONT into my 2851 and never looked back. I can't recall what was involved back then in doing so. Verizon clearly stated that they won't support that. In other words, i'd have to hook up the actiontech every time I would need to call them, but that never happened. The link was solid day in and day out. So the only time I ever used it when VZN tech showed up to "make sure everything works" on the first day of service. iirc, I was researching that before I did that and stumbled upon some forums that claimed that if I hook up the actiontech first and then take it out and plug in something else, I'll have issues with VZN caching my MAC address or some bullsh*t like that. But that only seemed to apply in case of if the customer is using a DHCP address. At the time we paid for a block of 5 IPs, so we had static. In short, I never say a single issue, but just to be fair, I only did NAT out for user access. Never hosted a server on it or anything like that. The only thing I recall bugging VZN about is for them to hand me off RJ45 copper, rather than coax, but sounds like you've got RJ45 hand off already, so you should be set. Hope this helps. Andrey On Thu, May 27, 2010 at 10:21 AM, Chris Burwell wrote: > I'm doing some research for a group that has a 100Mb FIOS Internet > connection at their site. I was surprised to learn that Verizon > supplied them with the same Actiontec router that they provided me > with on my 10Mb connection at home. Needless to say the Actiontec > router is not up to the task of moving all of that traffic (they are > using about 80Mb now and sometimes max out their connection). Verizon > has been good about replacing the router multiple time when they > finally fail, however having to power-cycle the router multiple times > per day is not acceptable. > > What I would like to do is set them up with a router/firewall that is > capable of handling their current bandwidth needs as well as their > anticipated future growth. My concern is terminating the FIOS > connection from the ONT directly to something like a Cisco 3900 > (Output from the ONT is CAT5 terminating to RJ-45). I have been > searching around the Internet and found one discussion where someone > claims to have been able to accomplish just this using a Cisco 871 > router. Based on the loose discussions that I have read it seems that > the FIOS connection configuration can vary from area to area. > > I am also aware that we can configure the Actiontec router as a > bridge, but I would much rather remove it altogether particularly with > the amount of traffic this group is moving. > > Has anyone been able to accomplish this or something similar with any > hardware other then the router Verizon provides? Any insight on > Verizon's official stance on this would be helpful. If there is > someone from Verizon out there that can contact me about the technical > aspects of doing this, that would be much appreciated as well. > > - Chris > > -- Andrey Khomyakov [khomyakov.and...@gmail.com]
FIOS Router
I'm doing some research for a group that has a 100Mb FIOS Internet connection at their site. I was surprised to learn that Verizon supplied them with the same Actiontec router that they provided me with on my 10Mb connection at home. Needless to say the Actiontec router is not up to the task of moving all of that traffic (they are using about 80Mb now and sometimes max out their connection). Verizon has been good about replacing the router multiple time when they finally fail, however having to power-cycle the router multiple times per day is not acceptable. What I would like to do is set them up with a router/firewall that is capable of handling their current bandwidth needs as well as their anticipated future growth. My concern is terminating the FIOS connection from the ONT directly to something like a Cisco 3900 (Output from the ONT is CAT5 terminating to RJ-45). I have been searching around the Internet and found one discussion where someone claims to have been able to accomplish just this using a Cisco 871 router. Based on the loose discussions that I have read it seems that the FIOS connection configuration can vary from area to area. I am also aware that we can configure the Actiontec router as a bridge, but I would much rather remove it altogether particularly with the amount of traffic this group is moving. Has anyone been able to accomplish this or something similar with any hardware other then the router Verizon provides? Any insight on Verizon's official stance on this would be helpful. If there is someone from Verizon out there that can contact me about the technical aspects of doing this, that would be much appreciated as well. - Chris
