U-verse Networking
by Uriah Christensen
I work in technical support for AT&T Business U-verse.
I switched from working with consumer accounts to business accounts because I like solving real problems. I was also burned out of having to tell someone to change the input settings on their TV to get the U-verse to "work." The technology and the way U-verse works is quite interesting and has much potential for the future of Internet-based media. However, this article is not about that. This article is a basic description of how to set up a network and correctly configure it to connect to U-verse.
The reason for this is that I have found many IT personnel are clueless when it comes to connecting a network to an Internet gateway. I'm not sure how many people in the IT field that this article refers to will actually read it. If you have used U-verse as your Internet provider and have no issues with setting up your internal network, feel free to skip this article. Or you can keep reading and may learn something that didn't occur to you before. I find this info will be considered Networking 101 for most, and am shocked with the IT people calling in and saying AT&T messed up their connections, when just about ten minutes of configuring would get them back up and running.
The first thing I would like to let everyone know is that U-verse is a VDSL connection. Basically, it is a different frequency that allows for more data to be sent down the line then traditional ADSL, and an ADSL modem will not work or authenticate. Also, the authentication is different with U-verse. Traditional ADSL uses PPPoE, while U-verse uses IEEE 802.1X certificate authentication. The modems cannot be put in bridge mode, and the DHCP cannot be turned off.
So how does a person connect a router to the modem?
Simply put an Ethernet cord from the modem's built-in four port router to the Internet/WAN port of the router. Simple, right? Not quite. The next thing you need to do is set up the subnet correctly. Many routers (including the U-verse modems) have a default private IP address range of 192.168.1.0/24. The default gateway on most routers is 192.168.1.1, and the default gateway on the U-verse modem is 192.168.1.254.
Now, if your devices see a gateway of 192.168.1.1, and the router sees one at 192.168.1.254, then the router will look for that IP on its subnet, and the router will also get two IP addresses on the same subnet: 192.168.1.1 and 192.168.1.64, for example.
Since these are showing the same subnet, where will the traffic be sent? This will cause some major routing issues, so we need to set things up differently.
Since I hate to tell customers to reconfigure their entire network, I have a simple solution. If you have ever done some checking on a cable modem's connection settings, you know that they usually have a private IP address of 192.168.100.1. This corrects the IP address issue. I simply have the customer log into the modem and have them change the default DHCP to 192.168.100.0/24. This two minute fix corrects most of the issues that come my way.
The next complaint I get is that there is no bridge mode on the modem.
Due to the authentication, you cannot have bridge mode because the device that you would bridge to could not authenticate on AT&T servers (I know, don't make an argument about how one could technically do it if they wanted to. I have also come up with someways, but that is not the point of this article.). The question is, what is the point of bridge mode? Well, it's to give your router the WAN IP address and let your router handle the routing down from there. This can be done by either using DMZplus mode on the 2WIRE models or IP Passthrough on the Motorola models. Bridge mode is not needed to pass the WAN address. Bridge mode is needed to pass the ADSL signal to a second device that can handle the authentication. Unfortunately, many seem not to understand what the difference is.
The last complaint I get is that you cannot turn off DHCP.
I get this so much that I really would like to tell them to hold, then throw myself out the window and plummet to my death! One IT person told me that she needed to turn off DHCP on the modem. I just blinked (I wish they could see my face over the phone) and asked a question: "Why?" She actually thought that the modem would hand out IP addresses to the devices on her router's subnet. I had to explain that the modem will hand out IP addresses to the devices connected to it, and her router would handle the addressing of the devices connected to it.
To have to explain this to IT professionals is one of the most annoying things to me. Certification is no substitute for competence!
There is one other topic I would like to discuss. That is static IP addresses.
You can have a block of static IP addresses for a low monthly cost. The first thing I would like to say is that I have no idea why AT&T calls them "static." These are assigned by the DHCP server in the modem and are dynamic by default, unless you statically assign them on the device you want to have it on. They are public IP addresses, and you set them up as a subnet in the modem. Once you assign the IP to a device, you can go to whatismyip.com and you will see that IP pop-up. Also, since it is a subnet, the WAN IP assigned to the modem is different than the default gateway address for the public block. This confuses many customers, but when you explain that the same thing happens when you see a WAN IP of, say, 68.2.135.x and a gateway address of 192.168.1.1, as you would on most routers and that it's the same thing with the public subnet, the light dawns!
My hope is that this article will help with understanding basic networking and how to implement this with a U-verse connection.
It isn't that hard, but for some reason I get calls from IT professionals that have no idea of basic networking concepts. My rant is this: I don't care that you crammed for a week to get certified! I don't care how long you have been in the field posing as an IT professional! I'll say it a second time: certification is no substitute for competence!
Play with the equipment! Learn the equipment! Hack the equipment! Only then are you qualified for the job!
I spend my time practicing these basic concepts, playing with my routers, and writing programs.
I hack so I can do my job better, and so should you!