I’m having problems with my ISP, Xfinity / Comcast, where their supplied cable modem will not work in bridge mode but will work when not in bridge mode. While troubleshooting over the phone, they keep asking me to switch in and out of bridge mode which, of course, means my IPFire system needs to disconnect and reconnect the Red interface.
So far, the only way I know to do that is to reboot. This is time consuming and there should be a better way, but I can’t find any documentation on how to best accomplish it.
Ideally, I’d like to see some UI buttons somewhere but I’ll accept a shell script (or two). If something already exists, then please point me to it.
It has been flaky for a few weeks but yesterday after about 14 hours of 30-120 second dropouts 10-20 times an hour it just quit giving out an IP address when in bridge mode. Rebooting the cable modem numerous times and rebooting the firewall about the same number of times the remote technician scheduled a real technician to come on monday.
The modem has four ethernet ports and when not in bridge mode, hands out IP addresses in the 10.0.0.0/24 range, it is at 10.0.0.1. IPFire occupies one of the ethernet ports and I have a Raspberry Pi 4 on a second port. The RPi has a fixed IP address 10.0.0.100 (so it doesn’t steal the public IP address when the modem is in bridge mode).
I want to be in bridge mode using IPFire as my firewall. While in bridge mode (which I’ve been using successfully for a few years) I would like the connection to be stable, i.e. not drop out for 10-120 seconds 10-20 times an hour. This instability started about a month ago and Comcast / Xfinity has been unable to fix it. The last two home visits have resulted in modem replacements and service upgrades (because each upgrade resulted in a price decrease) and I’m now at 900Mbits/sec down and 120Mbits/sec up.
While my IPFire system had Gigabit Ethernet adapters, its Pentium 4 CPU wasn’t up to handling 900Mbits/sec so I built a new system with a Core i5. I did see a speedtest run locally on the IPFire system at 810Mbits/sec down and 116Mbits/sec up so I believe the new system is up to the task.
With the new IPFire system I did see a stable connection for about 24 hours (i.e. no dropouts) then it went back to what I was seeing for the month or more.
I’m going to remove all but one Ethernet wire, plug it into the Ethernet port labeled 1, reenable bridge mode and try one more time. I’ll be back in about 30 minutes with the results.
Progress (of sorts). With just one Ethernet wire connected to port 1 on the cable modem, I was able to get an IP address in bridge mode. I was also able to reconnect an RPi 4 to a second Ethernet port with a static IP. The RPi WiFi is connected to my LAN (IPFire green) and I switch its default route with ifmetric.
I am, however, still getting the dropouts. I wonder if its just ICMP packets that are getting dropped on the floor?
If you stayed in bridge mode (in my opinion - preferred!) and unplugged your ipfire device and the RPi, does a computer or laptop stay connected when connected via ethernet (not wifi) only?
The first line here where it says carrier lost means that the carrier signal being sent to IPFire disappeared. Then 2 secs later the carrier was acquired again and IPFire solicited a dhcp lease and after 30 secs had no reply and so was timed out.
This looks to me like there is a hardware problem somewhere. If the modem has been replaced, have the ethernet cables also been replaced.
When I had a cable modem I could log into it and get data on the quality of the signal getting to the cable modem. At one time I had a lot of errors in that quality info, and problems with my internet and my TV digital signal, and the cable company found a problem with some of their cables. After being bypassed in their switching system my signal was consistent again and my internet and TV problems disappeared.
What I do not understand is, what kind of bridging are you getting? A bridge should take all the traffic it receives and forward it as is to one of the ethernet ports. If this is the case, how are you connecting 2 devices (IPFire and RPi4) to your provider modem?
The cable modem in bridge mode provides a public IP address to one of its Ethernet ports via DHCP. The cable modem also provides its web interface on 10.0.0.1 while in bridge mode. In addition, the cable modem still has its own public IP address so the other three Ethernet ports can be used if they have a static IP addresses in the 10.0.0.0/24 range (i.e. the cable modem DHCP server isn’t running).
One of the programs I use is called PingPlotter. this does repeated traceroutes and plots the results. If I run this program on my Windows 10 desktop it will see the dropouts. If I plug my Windows 10 laptop into one of the other three ethernet ports and run PingPlotter at the same time, the connection is rock steady, no dropouts at all.
This dropout problem is relatively new, it just started about a month ago. Prior to that my connection through the cable modem in bridge mode was very stable. I had the occasional middle of the night drop for a few minutes but I had 99.5% uptime.
Cable modem in bridge mode, no devices connected. IPFire has no connection on red, green is connected to my LAN. My desktop and 40 or so other devices are connected to the LAN. Many hardwired to gigabit switches, many connected to a WiFi access point (which is connected via hardwire to the gigabit switches).
Attach IPFire red ethernet cable to the cable modem. IPFire asks for and receives a public IP address from the cable modem. All my devices on green can use the internet.
I believe this is a basic as it gets. How would you like me to determine the quality of this configuration?
So you want me to attach something other than IPFire to the cable modem configured in bridge mode? This laptop or desktop will obtain a public IP address and be naked and exposed to the denizens on the internet (I’m seeing well in excess of 100,000 attack packets per day).
I’ll have to build something because I’ll probably have to trash it after I’m done. I’d use a live linux distribution on the IPFire hardware but I don’t know of any linux tools to test the quality of the connection. Do you have any suggestions for tools to use?
BTW, I have run a live linux distribution on the IPFire system, Linuxmint 20.3. This was to verify that both gigabit ethernet adapters were functional.
And I am hoping to pull the IPFire temporarily out of the testing loop.
I usually put the computer into firewall mode (a local software firewall). And only keep it connected for a short time.
I would suggest visiting some of your favorite website. I am guessing (hoping) you’ll see a dropped connection. Or you can try running some favorite speedtest.
Please don’t do this if it sounds bad. I don’t want you to trash a good computer!
