[ale] Tomcat Monitoring

DJ-Pfulio DJPfulio at jdpfu.com
Thu Oct 6 07:29:50 EDT 2016


Can't help with residential. Things are different there.

I have a static /29 on biz and treat their router/modem like a
bridge/gateway.  MY router is setup for the public /29 subnet. No
double-NAT at that layer.

Their router is my gateway with a single address. Put a non-secured,
cheapo, wifi router into one of the comcast ports, it gets a 10.x.x.x
DHCP address and works for guests.

I suspect the tech was right. Disable DHCP and the firewall on the WAN
side.  For common things, the techs are usually right.

On 10/05/2016 05:41 PM, Chris Fowler wrote:
> 
> 
> ------------------------------------------------------------------------
> 
>     *From: *"DJ-Pfulio" <DJPfulio at jdpfu.com>
>     *To: *ale at ale.org
>     *Sent: *Tuesday, October 4, 2016 7:13:47 PM
>     *Subject: *Re: [ale] Tomcat Monitoring
> 
> 
> 
>     However, be certain to get them to disable the Xfinity wifi crap. I
>     watched the tech do it and the following day it was back on. Seems we
>     have to call and complain a few times until they alter the router setup
>     at their end to really disabled it.
> 
> The biz tech replaced my supplied modem with theirs today.  She knew her
> cable, but not layer 2 vs layer 3 and my issue with this new modem is
> that it is layer 3 type device.  My original modem was just a "bridge".
>   She told me to turn on "bridge" mode all I needed to do was disable
> DHCP and turn off firewall.  No, not really.  What I did was assign my
> router a static on 10.1.10.0/24 address that this modem is on and
> configure that static address for DMZ.
> 
> Is this good enough to give me the benefits of layer 2 or should I just
> replace it with my own and send it back?
> 
> With that DMZ it should just be DNAT/SNAT for everything on the public.
>  Double NAT issues should not really cause a problem. I do something
> similar when I assign a lab device a public IP from my private net.  On
> a system at Peak 10 I alias another public on its eth0.  I run openvpn
> on the device with the 10.8.1.X subnet and then use DNAT/SNAT to
> "assign" that public to the device.


More information about the Ale mailing list