Routing to my UVerse gateway

[palswim]

At my house, I have the Internet through an AT&T U-Verse Gateway (Router). To it, I've attached an ASUS WL-520 GU Router running DD-WRT v24-sp1, which I would like to use for the computers in my house. But, I still would like to manage some settings on the U-Verse gateway (at IP: 192.168.1.254).

Originally, my DD-WRT parked itself at 192.168.1.1, but I moved it to 192.168.0.1, but kept the subnet mask at 255.255.255.0 (though after I configure everything, I'll probably set it to 255.255.0.0). But, for the life of me, I can't determine how to pass through LAN requests for 192.168.1.254 to the gateway. Currently, my Routing Table through DD-WRT's interface looks like this:

Destination LAN NET, Subnet Mask, Gateway, Interface
192.168.1.0, 255.255.255.0, 0.0.0.0, WAN
192.168.0.0, 255.255.255.0, 0.0.0.0, LAN & WLAN
169.254.0.0, 255.255.0.0, 0.0.0.0, LAN & WLAN
0.0.0.0, 0.0.0.0, 192.168.1.254, WAN

I've tried a few other entries previously

Examples:
192.168.1.0, 255.255.255.0, 192.168.1.254, WAN
192.168.1.254, 255.255.255.255, 192.168.1.254, WAN

But none of these seem to allow me to access the gateway from the LAN.

I don't know how that 1st line in the actual routing table appeared and how exactly I can configure it and since I don't know, I would think it would affect the problem somehow.

Edit: Corrected example routing table entries.

 

[ScottMac]

Routers can't route to the same network. You need two different network addresses for each side of the router.
So, put/keep 192.168.1.0 255.255.255.0 on the RG->ASUS link, and put/keep 192.168.0.0 (255.255.255.0) on the house->Asus link.

Personally I stay away from 192.168.0.0 255.255.255.0 because some older network stuff has problems with a "zero" network. That's probably not your issue, I'm jus' sayin' ...

You may have some issues with ambiguous DHCP ... are both active?

Lose the 192.168.0.0 255.255.0.0 completely, forever.

DG for the house ->Asus is 192.168.0.254 (or whatever)

DG for things directly connected to the RG is 192.168.1.254

 

[palswim]

Originally posted by: ScottMac
Lose the 192.168.0.0 255.255.0.0 completely, forever.

Yeah, it's nonstandard, but why should I avoid it at all costs?

 

[ScottMac]

Because it makes your two subnets into one, and your router can't route.
Because if you don't do it right (and it doesn't look like you are/do/will) it screws things up.
Because it's friggin' goofy and stupid 99.999% of the time someone tries to use it (think of it as a "Kick Me" sign taped to your back).

 

[palswim]

As an update (in case someone with a similar problem finds this thread in the future), I can keep the 255.255.0.0 subnet mask on the router (if I would like), but the problem finds its source in my DHCP/DNS server (which is not the router itself). I had my DHCP server deliver addresses in the 192.168.0.0/16 range, but when I limited it to 192.168.0.0/24, I could once again access 192.168.1.254. I'm still trying to see if I can do some other things to allow the DHCP server to deliver the 192.168.0.0/16 addresses, but limit the addresses somehow.

Although I had tried it before, I now have the following line in my routing table:

192.168.1.254, 255.255.255.255, 0.0.0.0, WAN

Edit: Formatting

 

[palswim]

I found the solution! To accomplish this, each client machine needs an entry for this in its routing table. I could manually add the route with a command like

route ADD 192.168.1.254 192.168.0.1

on each machine, which I actually resigned myself to do. Since each machine had 192.168.0.0/16 as its subnet mask, the machine used itself as the "gateway" by default. So, each machine needed a line to tell it to use the router as the gateway for that specific address.

However, I did not quite look forward to manually adding an entry to each machine's routing table. But, then I found an option to add static routes in my Windows DHCP server configuration. So, I could serve this static route to each machine in my network. Look for option "121 Classless Static Routes", which allows you to enter any number of static routes for any IP/netmask combo. So, I added the 192.168.1.254/32 destination using the 192.168.0.1 gateway, and BAM! Everything works!

So, I can keep my 192.168.0.0/16 subnet and don't have to change anything from my original idea. On my DD-WRT router, I still should keep the static route, but the problem/solution lay in my DHCP server. Also, if you encounter this, make sure your DHCP server won't actually assign the 192.168.1.254 address to another computer - add an Exclusion or limit your routing pool.

 

[Crusty]

Or you could make things a LOT simpler by using two subnets one that your dd-wrt belongs to, being controlled by the U-VERSE and then the subnet all your computers are connected to being controlled by your dd-wrt. Then you don't need any fancy routes or DHCP options... just plug it in and go.

 

[palswim]

Originally posted by: Crusty
Or you could make things a LOT simpler by using two subnets one that your dd-wrt belongs to, being controlled by the U-VERSE and then the subnet all your computers are connected to being controlled by your dd-wrt. Then you don't need any fancy routes or DHCP options... just plug it in and go.

Well, AT&T could have made things a lot simpler, too. They actually give the option to change the gateway's IP/subnet, and I had changed it to 10.0.0.1 or something. But I found out that the DVR/TV box (which runs through the gateway as well) looks for only the default IP (192.168.1.254), so changing the gateway to use any other address kills my TV.

And I could change all my routing stuff to work around AT&T's silliness, but as Michael Bolton from Office Space said, "Why should I change? He's the one who sucks."

 

[Crusty]

So change your dd-wrt to use 10.0.0.0/24?

 

[palswim]

Originally posted by: Crusty
So change your dd-wrt to use 10.0.0.0/24?

Again, I could, but I've used the 192.168.0.0/16 addresses forever, so I prefer to still work with those. The solution I have right now fits all of my parameters (that I can imagine), so I don't see any reason to change, since any other solution I've seen hasn't fully satisfied the constraints which I've placed on my network.

Other solutions could exist, but I really like the one I have now.

 

[ScottMac]

Originally posted by: palswim

Originally posted by: Crusty
Or you could make things a LOT simpler by using two subnets one that your dd-wrt belongs to, being controlled by the U-VERSE and then the subnet all your computers are connected to being controlled by your dd-wrt. Then you don't need any fancy routes or DHCP options... just plug it in and go.

Well, AT&T could have made things a lot simpler, too. They actually give the option to change the gateway's IP/subnet, and I had changed it to 10.0.0.1 or something. But I found out that the DVR/TV box (which runs through the gateway as well) looks for only the default IP (192.168.1.254), so changing the gateway to use any other address kills my TV.

And I could change all my routing stuff to work around AT&T's silliness, but as Michael Bolton from Office Space said, "Why should I change? He's the one who sucks."

You're wrong. The STB comes up on DHCP, just like every other host.

If your STBs were getting 192.168.x.x addresses after you changed the RG, your setup is wrong (probably in the physical sense).

 

[cpals]

Originally posted by: palswim

Originally posted by: Crusty
So change your dd-wrt to use 10.0.0.0/24?

Again, I could, but I've used the 192.168.0.0/16 addresses forever, so I prefer to still work with those. The solution I have right now fits all of my parameters (that I can imagine), so I don't see any reason to change, since any other solution I've seen hasn't fully satisfied the constraints which I've placed on my network.

Other solutions could exist, but I really like the one I have now.

Okay, I'm still fresh here, but from what I've learned recently a /16 on a 192.168.0.0 network is not correct by networking standards. It may 'work', but a 192 address will always be a /24?

Also, do you really need 2^16 host addresses?

 

[palswim]

Originally posted by: ScottMac

Originally posted by: palswim

Originally posted by: Crusty
Or you could make things a LOT simpler by using two subnets one that your dd-wrt belongs to, being controlled by the U-VERSE and then the subnet all your computers are connected to being controlled by your dd-wrt. Then you don't need any fancy routes or DHCP options... just plug it in and go.

Well, AT&T could have made things a lot simpler, too. They actually give the option to change the gateway's IP/subnet, and I had changed it to 10.0.0.1 or something. But I found out that the DVR/TV box (which runs through the gateway as well) looks for only the default IP (192.168.1.254), so changing the gateway to use any other address kills my TV.

And I could change all my routing stuff to work around AT&T's silliness, but as Michael Bolton from Office Space said, "Why should I change? He's the one who sucks."

You're wrong. The STB comes up on DHCP, just like every other host.

If your STBs were getting 192.168.x.x addresses after you changed the RG, your setup is wrong (probably in the physical sense).

Now I don't trust everything that comes from an AT&T support tech's mouth, but two of them have told me that I can't change the way the STB works. Though, I seriously doubt either of them understood my question.

 

[palswim]

Originally posted by: cpals

Originally posted by: palswim

Originally posted by: Crusty
So change your dd-wrt to use 10.0.0.0/24?

Again, I could, but I've used the 192.168.0.0/16 addresses forever, so I prefer to still work with those. The solution I have right now fits all of my parameters (that I can imagine), so I don't see any reason to change, since any other solution I've seen hasn't fully satisfied the constraints which I've placed on my network.

Other solutions could exist, but I really like the one I have now.

Okay, I'm still fresh here, but from what I've learned recently a /16 on a 192.168.0.0 network is not correct by networking standards. It may 'work', but a 192 address will always be a /24?

Also, do you really need 2^16 host addresses?

No, I probably don't need that many. I don't even need 256 (or, technically, 254) addresses for now, but if I ever need more than 256 addresses, I already have to have multiple values for my third octet, so I might as well take the IPv6 approach and allocate way more than I need, just to make it so I never encounter that problem.

In Class-based networking, any device 192.0.0.0 and above is a "Class-C" device (subnet mask 255.255.255.0), but Classless Networking (CIDR), no such restrictions exist.

 

[cpals]

Originally posted by: palswim

Originally posted by: cpals

Originally posted by: palswim

Originally posted by: Crusty
So change your dd-wrt to use 10.0.0.0/24?

Again, I could, but I've used the 192.168.0.0/16 addresses forever, so I prefer to still work with those. The solution I have right now fits all of my parameters (that I can imagine), so I don't see any reason to change, since any other solution I've seen hasn't fully satisfied the constraints which I've placed on my network.

Other solutions could exist, but I really like the one I have now.

Okay, I'm still fresh here, but from what I've learned recently a /16 on a 192.168.0.0 network is not correct by networking standards. It may 'work', but a 192 address will always be a /24?

Also, do you really need 2^16 host addresses?

No, I probably don't need that many. I don't even need 256 (or, technically, 254) addresses for now, but if I ever need more than 256 addresses, I already have to have multiple values for my third octet, so I might as well take the IPv6 approach and allocate way more than I need, just to make it so I never encounter that problem.

In Class-based networking, any device 192.0.0.0 and above is a "Class-C" device (subnet mask 255.255.255.0), but Classless Networking (CIDR), no such restrictions exist.

Hmm... interesting. Don't know too much about CIDR, but just from reading the wikipedia link what is the diference between CIDR and subnetting?

So CIDR would be /26, but subnet would be 255.255.255.192? I must be missing something.

Thanks for the link.

 

[palswim]

Originally posted by: cpals
Hmm... interesting. Don't know too much about CIDR, but just from reading the wikipedia link what is the diference between CIDR and subnetting?

So CIDR would be /26, but subnet would be 255.255.255.192? I must be missing something.

Thanks for the link.

In my (limited) understanding, the CIDR notation means the same thing as the normal subnet notation (I think technically subnet notation can have any address, but a subnet mask of 254.255.48.0 would cause a router to flip out and no CIDR notation could represent that), but CIDR has more flexibility for future standards and makes it easier to understand arbitrary-length masks. So, yes, the subnet 192.168.0.0/26 would mean the same as 192.168.0.0 with a subnet mask of 255.255.255.192.

 

[ScottMac]

CIDR = Classless Inter-Domain Routing ... the key word being "classless."

The original IP address scheme defined five classes of addresses (A-E), with the Class being determined by the leading bit of the most significant ("left side") byte (Octet) of the address.

Remember that the four octets are really only a representation of a 32 bit binary number; each eight bits are converted to a decimal representation of those bits and separated with a decimal ("dotted decimal notation").

With CIDR, there is no class, any address can be represented and described within the range of 32 zeros to 32 ones, with a trailing descriptor of how many of the significant bits are the "network" portion of the address, and how many are the "host bits."

Using the RFC1918 (so-called "private" addresses) the traditional classes would be:
10.0.0.0/8 <= first eight bits are network, remaining 24 bits are host (Class A because the significant bits are "00")

172.{16-31}.0.0 /16 <=first 16 bits are network, remaining 16 bits are host (Class B because the significant bits are "10")

192.168.{0-255}.0/24 <=first 24 bits are network, remaining 8 are host (Class C because the significant bits are "11")

Class D is reserved for multicast ("110") and Class E is "experimental" ("111")

About the only restriction (which is a restriction only by convention IIRC ... I don't remember if they formalized it in an RFC) is that the mask should be contiguous (i.e. "11111111" is OK, "11111011" is not -*by convention*).

Subnetting is the same for both CIDR and Classfull addressing, the concept being that you are "borrowing" bits from the host portion of the address to define subnetworks within the assigned block of addresses.

In the case of taking (what would be) a Class C address of 192.168.1.0/24 (255.255.255.0) and subnetting with two more bits, 192.168.1.0/26 (255.25.255.192) the two most-significant bits of the last octet become part of the "network" portion of the address, giving you four subnets of the 192.168.1.0/24 address block;
192.168.1.0/26 (host 1-63), 192.168.1.64/26 (host 65-123), 192.168.1.128/26 (host 129-191), and 192.168.1.192/26 (host 193-254).

So CIDR versus Classless really means nothing in terms of the subnetting, except for the sake of things like Cisco tests, where you might see questions asking about bit counts ... like starting with a class B address, 172.16.1.0, and given a mask of 255.255.255.0 ("/24"), how many host bits, how many subnet bits, and how many host bits. Also, for the sake of tests, Class is usually the default (if only the address is given, no mask), then assume classfull notiation.

The answer (remember ... talking Classfull here) is 16 Network bits (the default mask for a Class B address), eight subnet bits (the entire third octet), and eight host bits (the entire fourth octet).

The above scenario provides 256 subnets of 254 hosts each. The convention says any address where the host portion is all zeros (172.16.1.0) will define the "network number" or base address of that network / subnet, and any address where the (entire, complete, total) host portion is all ones defines a broadcast address (172.16.1.255).

A common extension to the convention is to not use the the all ones or all zeros subnets, because some systems had trouble digesting them ... not so much the case these days, and using subnet Zero is now the default for Cisco L3 devices.

If the above address was using Classfull notation (255.255.0.0 or /16), then 172.16.255.254 would be a valid host address, since the host bits are neither all zeros or all ones (same for 172.16.0.255).

FWIW

 

[cpals]

Hmmm... I guess I'm a little slow today as it still seems fuzzy after reading that.

So classfull means the default network of each class? IE, 10. (/8), 128 (/16), etc? And classless means you don't have to have a /8 /16 /24 for your networks and go deeper? I guess I'm still not seeing how CIDR is different than subnetting.

Sorry! 🙂

 

[cpals]

Found this on another forum... is it accurate? It makes a little more sense to me after reading this:

3)Short answer: Classful protocols cannot carry a network mask as part of the routing advertisement. This limits the routing protocol to only supporting a single subnetting scheme within the autonomous system. Additionally, when advertising network addresses between different major network spaces, the routing protocol will summarize the routing information to the natural class (A, B, C) of the network address. It must do this since there is no method for one major class network to be updated with the network mask from another major class network. The best the routing protocol can do is summarized based on the class of the network (derived from the initial bits of the address) and the natural network mask associated with the network class.

4)A classless protocol has the ability to carry network mask information as part of the routing update. Since the network mask for each routing entry precisely describes the network being advertised and the address range it covers, a network address range can be subnetted using multiple network masks.
Additionally, it is possible to carry "subnet" information between network address spaces that formerly would have crossed major network boundaries. Essentially, removing the implied network mask based on network class allows the routing protocol to both summarize and subnet an address space based on the
network masks associated with each routing table entry.

5) The main difference is assumptions made about route summarizations.

If your networks are classful, the masks of 255.0.0.0, 255.255.0.0 and 255.255.255.0 will be implictly understood for summarizations based on the address (high order bits of the first octet)

When you are classless, you have to explicitly declare aggregations, since the classful assumptions fly out the window.

You also always have to include masks on IP route statements when running classless.

Example :

Classfull IPs are are thing of the past (almost).
Class A addresses: 1.x.x.x to 127.y.y.y and have a /8 net mask. For example, all the IPs in the 24.x.x.x range are one class A network .
Class B addresses: 128.0.x.x to 191.255.y.y have a /16 net mask.
Class C addresses: 192.0.0.x to 223.255.255.y, /24 net mask.
Of course, they could be subnetted internally in your network.

It's in the routing table that difference appear. with classfull
addresses, your routing table will contain only one route to whole
classfull networks for networks it's not participating in. For example:




| |
| e0 --------- s0 s0 --------- e0 |
|---| router1 |----------| router2 |---|
| --------- --------- |
| |
10.1.1.0/26 192.168.1.0/30 172.1.1.0/26

Using "no ip classless" in your routers and isssuing a "show ip routes? on router 1 would yield something like:

Network 10.0.0.0 is subnetted
10.1.1.0/26 via e0
Network 192.168.1.0 is subnetted
192.168.1.0/20 via s0
172.1.0.0 via 192.168.1.2

(there is no subnetting for network 172.1.0.0)

Whereas with "ip classless", your routing table would include only a route to 172.1.1.0/26 and would also allow you to use 172.1.1.128/26 on another interface of router1.

 

[ScottMac]

Look at it this way; When you used to go to an ISP, more-often-than-not, you'd get a whole Class C network (254 hosts), and it was expensive. That's because the ISP didn't really have the option to provide anything smaller, Class C was as small as it got.

These days, you can still get a full Class C if you want, but it'll cost you, and most places don't need that many public addresses, so you can get a /25, /26, /27, /28 ...with a cost savings at each level of reduction; you get only the public address count you need, and there are more chunks of addresses to pass around.

There's a lot of nuance to cover between Classless/CIDR and Classfull routing. In a nutshell, Classfull operates only at the octet boundaries, and Class is determined by the leading bits. Classless can define network/host boundaries anywhere. One of the points the thing you posted makes is an important distinction; in classfull routing, no mask needs to be sent (think RIPv1), because the other systems can figure out the mask from the class of the address. When using classless / CIDR, routes must be advertised with their mask (like RIPv2) to prevent address overlaps that might cause your traffic to go somewhere else.

 

[palswim]

Originally posted by: ScottMac
You're wrong. The STB comes up on DHCP, just like every other host.

If your STBs were getting 192.168.x.x addresses after you changed the RG, your setup is wrong (probably in the physical sense).

You're right! I don't know what I did a while ago, but I changed the DHCP settings on the AT&T gateway, unplugged (then re-plugged in) the Set-Top Box, and lo and behold! The DVR/STB has an address in the new DHCP scope! Somehow, I never re-initialized my DVR last time.