PPPoE with additional public routed subnet
The situation described in this thread https://community.tp-link.com/en/business/forum/topic/618974 whereby an ISP requires a PPPoE primary WAN connection and provides an additional routed subnet, is not an uncommon scenario in the UK when Business customers subscribe to a block of IPV4 addresses.
The ISP uses the PPPoE connection to provide the primary IP address and routes the additional subnet on the same connection.
Given that the ER605 is marketed as a Business class router one would expect it to be able to handle this scenario.
Since the solution outlined in the linked thread is apparently not acceptable since the design of the router does not permit disabling of NAT, it would therefore be assumed that this scenario should be configurable using One-to-One NAT perhaps ?
Given that the linked thread is now locked for further comment could @Clive_A possibly advise how the ER605 should be configured for this scenario ?
Thank you
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @MisterW
Thanks for posting in our business forum.
First, that link you pasted was locked by the OP. I don't really know how I can help with his "disable NAT requirement" as we don't provide any root or ability to disable NAT.
Second, if you are saying something like that, you should use One-to-one NAT which is used for that kind of scenario.
How to configure One-to-One NAT on Safestream routers using the new GUI
But I suggest you verify that you are actually allowed to use these IP addresses and you have a requirement to map private IP to a public IP.
- Copy Link
- Report Inappropriate Content
But I suggest you verify that you are actually allowed to use these IP addresses and you have a requirement to map private IP to a public IP.
From that reply and earlier similar ones to other posts , you seem to be unfamiliar with the concept of being allocated a multiple public IP block e.g /29 by your ISP.
Whilst I accept it is not common in the residential environment, it is not uncommon in the Business environment in the UK. These public IP's are then typically used to host web servers, vpn servers and voip systems.
Ideally these systems are allocated their own public IP from the block and are directly accessible from the internet.
Whilst One-to-One NAT is a possible way to achieve this its not ideal, particularly in the voip(sip) environment where it is better if the system has the public IP.
Anyway , as regards One-to-One NAT on the ER605, this appears to only be possible when the WAN connection type is static IP. Most ISP's in the UK use PPPoE for the WAN connection, where they provide multiple IP's these
are either provided as a subnet for the main IP or as a separate subnet. Either way , there appears to be no way of defining the multiple IP's in the ER605, therefore One-to-One NAT cant be configured!
Given that the ER605 is marketed as a business class router, you would expect that the facility to handle multiple public IP's in a typical PPPoE environment would be available.
Now, I actually use the ER605 in a residential environment and it is quite suitable.
So can I ask again , Can you please advise how would expect the ER605, as a business class router, to be configured for this scenario ?
- Copy Link
- Report Inappropriate Content
Hi @MisterW
Straight answer is no. That would be a feature request and you can start a new thread in the related section.
I am aware of what you said but I also met people who allegedly said they "own" a list of IP addresses by simply calculating the subnets as "truth and fact" for me which is shockingly peculiar to me. And I always tread carefully, and I always verify and make sure whoever said on the forum is based on past experience/test or basic facts.
I know what subnet means and I know you can have a list of IP addresses for web hosting and other stuff. But, everything you said is based on the fact what you learn from your ISP and I am telling you to verify it with your ISP. And you can only use One-to-one NAT for this scenario based on the fact that we don't support any other ways.
You can say that I am not familiar with what feature has been implemented on other brands to achieve what you asked. That's a truth and I admit that.
- Copy Link
- Report Inappropriate Content
thanks for the reply.
It's disapointing that my assumptions are correct and that the ER605 is not suitable for this scenario.
It just means that it wont be considered as an option in my case.
- Copy Link
- Report Inappropriate Content
Yes, I locked the thread because I followed the advice given of "seeking other solutions" and flashed the ER605 with OpenWRT 23.05-rc2 proper, instead of TP-Link's own 14.07-based one.
Well, the issue is, one-to-one nat cannot be used with a PPPoE-connection with TP-Link's firmware, for some reason. I Already tried that.
With OpenWRT proper, you can go 2 routes;
1) Add all 8 (yes, you probably can use all 8) by assigning each IP as a /32 alias on the WAN-interface and go from there
2) Use normal routing and assign the first usable IP as /29 as alias on the LAN-interface and set up routing and firewall rules
This feature is currently missing from TP-Link's firmware.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
With HW NAT enabled (Enable both 'Software flow offloading' and 'Hardware flow offloading' under Network -> Firewall 'Routing/NAT Offloading' ) I get full wirespeed (930mbit up and and 930mbit down on gigabit fiber).
Disabling HW NAT halves those numbers basically.
- Copy Link
- Report Inappropriate Content
Sjon_Gerrits wrote
Yes, I locked the thread because I followed the advice given of "seeking other solutions" and flashed the ER605 with OpenWRT 23.05-rc2 proper, instead of TP-Link's own 14.07-based one.
Well, the issue is, one-to-one nat cannot be used with a PPPoE-connection with TP-Link's firmware, for some reason. I Already tried that.
With OpenWRT proper, you can go 2 routes;
1) Add all 8 (yes, you probably can use all 8) by assigning each IP as a /32 alias on the WAN-interface and go from there
2) Use normal routing and assign the first usable IP as /29 as alias on the LAN-interface and set up routing and firewall rules
This feature is currently missing from TP-Link's firmware.
do you have a reference or guide for 605 for flashing it to the OpenWrt you have?
- Copy Link
- Report Inappropriate Content
@Tedd404 Sure thing
Use at your own risk. Your device may become bricked if you do something wrong or as a result of a bug. Don't bother TP-Link if something went wrong.
(As it says on the page, I added the last part ;) )
https://github.com/chill1Penguin/er605v2_openwrt_install
Good luck!
- Copy Link
- Report Inappropriate Content
thanks a lot. it's a super cool repository. this is also the link that i learned from the openwrt. that dude who created this is kinda cool. but it breaks the recovery mode, I think I am not gonna risk it..
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1376
Replies: 10
Voters 0
No one has voted for it yet.