I am having an issue where if my AT&T BGW320-500 modem reboots sometimes my router WAN will be given a private IP. The modem is in IP passthrough mode to my router. My modem's IP is 192.168.100.254 and this is the IP the router is sometimes given initially after a reboot, as opposed to my public IP. This breaks external connections to my network, but it is fixable by restarting the WAN interface on the router. I have tried using Reject Leases with 192.168.100.254 as the IP, but then the router is never able to get a public IP either. This appears to be the same issue referenced in this post: https://forum.opnsense.org/index.php?topic=37408.0.
This message appears in the logs when Reject Leases is used:
/interfaces.php: The command '/sbin/dhclient -c '/var/etc/dhclient_wan.conf' -p '/var/run/dhclient.ix0.pid' 'ix0'' returned exit code '15', the output was 'dhclient 71871 - - dhclient-script: Reason PREINIT on ix0 executing DHCPREQUEST on ix0 to 255.255.255.255 port 67 DHCPACK from 192.168.100.254 rejected. DHCPREQUEST on ix0 to 255.255.255.255 port 67 DHCPACK from 192.168.100.254 rejected. DHCPREQUEST on ix0 to 255.255.255.255 port 67 DHCPACK from 192.168.100.254 rejected. DHCPREQUEST on ix0 to 255.255.255.255 port 67 DHCPACK from 192.168.100.254 rejected. DHCPREQUEST on ix0 to 255.255.255.255 port 67 DHCPACK from 192.168.100.254 rejected. DHCPDISCOVER on ix0 to 255.255.255.255 port 67 interval 2 DHCPOFFER from 192.168.100.254 rejected. DHCPDISCOVER on ix0 to 255.255.255.255 port 67 interval 2 DHCPOFFER from 192.168.100.254 rejected. DHCPDISCOVER on ix0 to 255.255.255.255 port 67 interval 4 DHCPOFFER from 192.168.100.254 rejected. DHCPDISCOVER on ix0 to 255.255.255.255 port 67 interval 7 DHCPOFFER from 192.168.100.254 rejected. DHCPDISCOVER on ix0 to 255.255.255.255 port 67 interval 14 DHCPOFFER from 192.168.100.254 rejected.
Is this an expected issue or is there a bug? Do I need to find another way to solve this problem? I think I could potentially monitor the WAN interface IP and restart it every minute or so if it's not a public IP.
I have experienced this same behavior, with the same fix (refreshing WAN interface). It didn't happen all the time, but enough that I was afraid to remote reboot the firewall.
Ultimately, the solution is to bypass the AT&T gateway, as this is far from the only issue it has (not even talking about the well-known NAT table limitations). It also has some really nasty IPv6-PD bugs as well. Nasty as in it just doesn't work at all since the last update. Completely broken. I don't rely on IPv6, but I do have a dual stack network and I expect it to work... But good look explaining this to the support idiots at AT&T. It's not even worth the effort.
Bypass is the way. Anything else is a waste of effort. If you are interested, I and probably hundreds of others here can assist. I literally did this 2 weeks ago.
Quote from: Aerowinder on December 19, 2024, 08:48:24 PMBypass is the way. Anything else is a waste of effort. If you are interested, I and probably hundreds of others here can assist. I literally did this 2 weeks ago.
I heard about this but I'm not certain it's the approach I want to take (no doubt if this had been available years ago when I was originally building my network I would have done it). Firstly, I don't think I'm on XGS-PON, I'm not sure how much of a hassle it would be to get that changed but it doesn't sound super fun since I really don't need more than 1Gbps. Secondly, my router is a thin client with an Intel PCIe NIC so I don't have an SFP+ port and can't add one, so if I did decide to go this route what would you recommend for converting the WAS-110 with SFP+ to RJ45?
Quote from: L on December 19, 2024, 11:42:52 PMQuote from: Aerowinder on December 19, 2024, 08:48:24 PMBypass is the way. Anything else is a waste of effort. If you are interested, I and probably hundreds of others here can assist. I literally did this 2 weeks ago.
I heard about this but I'm not certain it's the approach I want to take (no doubt if this had been available years ago when I was originally building my network I would have done it). Firstly, I don't think I'm on XGS-PON, I'm not sure how much of a hassle it would be to get that changed but it doesn't sound super fun since I really don't need more than 1Gbps. Secondly, my router is a thin client with an Intel PCIe NIC so I don't have an SFP+ port and can't add one, so if I did decide to go this route what would you recommend for converting the WAS-110 with SFP+ to RJ45?
Being on GPON is actually better, because the equipment you need is significantly cheaper. If you are on GPON, you need:
1) a GPON transceiver (SFP) -
~$50 from FS.com, but cheaper models that are known to work can be had.
2) a switch or media converter (puke) that can handle the traffic. Literally any dumb switch with an SFP and RJ45 jack will work. Even an existing smart switch could easily be made to work. Media coverters are junk, in general. I bought one of those first and had pretty bad latency issues in games. Replaced it with a dumb switch and it's perfect now. -
~$20-$80, depending on what ya buy.
The whole deal will cost you $40-$100 USD, depending on which transceiver and switch. It will cost you probably an hour or less in time to get the transceiver set up. The documentation on how to do this is scattered in 3-4 different sites, but I compiled all the instructions into a document for future use.
There can be some gotchas, like if AT&T is still enforcing EAP auth where you are. I'm not sure how common that is any more. I didn't need any certs or anything for my setup, when I did in the past (when I had the BGW210).
Quote from: Aerowinder on December 20, 2024, 12:01:23 AMBeing on GPON is actually better...
Thanks for the insight, I'll take a deeper look and get back to you later if any issues arise.
Quote from: L on December 19, 2024, 06:55:37 PMI am having an issue where if my AT&T BGW320-500 modem reboots sometimes my router WAN will be given a private IP.
I assume this is happening before the WAN IP is assigned, have you tried dropping the lease on the DHCP server in the modem to 10 minutes (same as IP passthrough lease time)? I haven't encountered this yet, but only 1 month on AT&T Fiber so far. I'm happy to be back on AT&T, I went to cable after being frustrated with the high-price & low bandwidth of AT&T DSL (still no fiber). I got the speed from cable but the provider was awful (they had a lot of outages).
I haven't changed the DHCP server lease, but maybe I will preemptively.
Quote from: frakkin64 on December 20, 2024, 03:51:17 PMI assume this is happening before the WAN IP is assigned, have you tried dropping the lease on the DHCP server in the modem to 10 minutes (same as IP passthrough lease time)?
It is indeed happening before the WAN IP is assigned, and I honestly haven't tried this yet, and it will probably fix the problem well enough. I'll set it up and report back if the issue ever persists longer than 10 minutes.
I think I am anticipating switching ISPs in the foreseeable future, so I may ultimately not pursue bypassing the ONT for the time being.
Quote from: Aerowinder on December 20, 2024, 12:01:23 AMI compiled all the instructions into a document for future use.
There can be some gotchas, like if AT&T is still enforcing EAP auth where you are. I'm not sure how common that is any more. I didn't need any certs or anything for my setup, when I did in the past (when I had the BGW210).
I am on AT&T and I'm interested in this. Would you be willing to share the instructions here or in a private message?
Thanks
My BGW320-500 Just started doing this since the 25.10 update I think it is, whatever the latest version is as of about a week ago. I contact ATT and they send me a New BGW320-500 and of course it hasnt changed anything, they are sending me a BGW320-505 which I doubt will change anything but I am down to try it.