Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:network:wan:isp-configurations [2024/02/18 23:41] – [KPN with OpenWrt behind the supplied kpn Box 12 modem] fix wrong noun usage and clarify instructions to prevent bricking squeaktoy | docs:guide-user:network:wan:isp-configurations [2024/08/26 10:51] – [Aruba FTTH] Again option ipv6 '1' bit for OpenWrt 19.07 andreabravetti | ||
|---|---|---|---|
| Line 939: | Line 939: | ||
| </ | </ | ||
| + | ==== Deutsche Glasfaser ==== | ||
| + | |||
| + | Deutsche Glasfaser locally known as **DG** and in English the **German Fiber** uses IPoE for private customers with the support of **DHCPv4** (RFC 2131) and **DHCPv6** (RFC 8415) for all new connections. | ||
| + | |||
| + | If you are an OpenWrt user means that you are using your own router (Kundeneigener Router) whose WAN interface is connected to the DG's **ONT** (Optical Network Terminal) directly. | ||
| + | |||
| + | The minimal **wan4** and **wan6** configuration needed is shown below. The DG supplies a CG-NAT IPv4 address and a public IPv6 address in addition to the ''/ | ||
| + | |||
| + | < | ||
| + | config interface ' | ||
| + | option proto ' | ||
| + | option device ' | ||
| + | |||
| + | config interface ' | ||
| + | option proto ' | ||
| + | option device ' | ||
| + | option reqaddress ' | ||
| + | option reqprefix ' | ||
| + | option norelease ' | ||
| + | </ | ||
| + | |||
| + | Note: '' | ||
| + | |||
| + | ==== Vodafone ==== | ||
| + | |||
| + | === FTTH === | ||
| + | |||
| + | / | ||
| + | < | ||
| + | config interface ' | ||
| + | option device ' | ||
| + | option proto ' | ||
| + | option username ' | ||
| + | option password ' | ||
| + | option ipv6 ' | ||
| + | |||
| + | config interface ' | ||
| + | option proto ' | ||
| + | option reqaddress ' | ||
| + | option reqprefix ' | ||
| + | option device ' | ||
| + | |||
| + | config interface ' | ||
| + | option proto ' | ||
| + | option peeraddr '::' | ||
| + | option encaplimit ' | ||
| + | </ | ||
| + | |||
| + | / | ||
| + | |||
| + | < | ||
| + | config zone | ||
| + | option name ' | ||
| + | option input ' | ||
| + | option output ' | ||
| + | option forward ' | ||
| + | option masq ' | ||
| + | option mtu_fix ' | ||
| + | list network ' | ||
| + | list network ' | ||
| + | list network ' | ||
| + | </ | ||
| + | |||
| + | ===== Greece ===== | ||
| + | ==== Nova ==== | ||
| + | This ISP is little more involved to set up. Users who wish to use their own CPEs need to get ahold of: | ||
| + | * The PPPoE credentials | ||
| + | * The telephony credentials | ||
| + | |||
| + | This can either be done by formally requesting the credentials from the ISP or by acquiring them from the router that the ISP provides. | ||
| + | |||
| + | The ISP provides internet connectivity on VLAN 835 (PPPoE) and voip telephony on VLAN 837 (DHCP). | ||
| + | |||
| + | For internet access, one must create a VLAN 835 and tag CPU and WAN. Then create a PPPoE interface, bind it on the 835 VLAN device, enter the credentials and enable "Use default gateway" | ||
| + | |||
| + | Example configuration for internet access: | ||
| + | < | ||
| + | config device | ||
| + | option name ' | ||
| + | option type ' | ||
| + | option ifname ' | ||
| + | option vid ' | ||
| + | |||
| + | config interface ' | ||
| + | option device ' | ||
| + | option proto ' | ||
| + | option username ' | ||
| + | option password ' | ||
| + | option ipv6 ' | ||
| + | </ | ||
| + | |||
| + | For telephony, one must create a VLAN 837 and tag CPU and WAN. Then create a DHCP interface, bind it on the 837 VLAN, disable "Use default gateway" | ||
| + | |||
| + | Example configuration for telephony: | ||
| + | < | ||
| + | config device | ||
| + | option name ' | ||
| + | option type ' | ||
| + | option ifname ' | ||
| + | option vid ' | ||
| + | option ipv6 ' | ||
| + | | ||
| + | config interface ' | ||
| + | option proto ' | ||
| + | option device ' | ||
| + | option clientid ' | ||
| + | option delegate ' | ||
| + | option defaultroute ' | ||
| + | </ | ||
| + | |||
| + | The DHCP client will fetch the ip and the proper classless routes. | ||
| + | |||
| + | **Make sure you disable Rebind protection. Whitelisting the sip service domain will not suffice.** | ||
| + | |||
| + | **Additionally for this method you have to clone the original routers MAC if using the original credentials** | ||
| + | |||
| + | SIP Configuration: | ||
| + | |||
| + | Depending on whether you have fetched the credentials from the ISP's original router or whether you have applied for a "bring your own device" | ||
| + | |||
| + | * Domain: `sip-voice.forthnet.gr` | ||
| + | * Username: Your phone number (`30xxxxxxxxxx`) | ||
| + | * Password: Your voip password (as fetched from the ISP's router) | ||
| + | * Server: `sip-voice.forthnet.gr` | ||
| + | * Port: `5060` | ||
| + | * SIP Transport: `UDP` | ||
| + | * SIP Address: `30xxxxxxxxxx@sip-voice.forthnet.gr` | ||
| + | * Registry Server: `sip-voice.forthnet.gr` | ||
| + | |||
| + | For the second case the following is what needs to be the client configuration | ||
| + | |||
| + | * Domain: `byod.nova.gr` | ||
| + | * Username: Your phone number (`30xxxxxxxxxx`) | ||
| + | * Password: Your voip password (from the email) | ||
| + | * Server: `byod.nova.gr` | ||
| + | * Port: `5060` | ||
| + | * SIP Transport: `UDP` | ||
| + | * SIP Address: `30xxxxxxxxxx@byod.nova.gr` | ||
| + | * Registry Server: `byod.nova.gr` | ||
| + | * Audio Codec: `PCMA` ONLY | ||
| + | |||
| + | **Caution, the byod.nova.gr domain is only configured on the DNS servers of the telephony VLAN, ** | ||
| + | |||
| + | Alternatively you can do a custom DNS record if you don't want to use the ISP DNS | ||
| + | the IPv4 for byod.nova.gr is 10.50.131.150 | ||
| ===== Ireland ===== | ===== Ireland ===== | ||
| Line 1042: | Line 1187: | ||
| option service ' | option service ' | ||
| </ | </ | ||
| + | |||
| ===== Italy ===== | ===== Italy ===== | ||
| + | ==== Aruba FTTH ==== | ||
| + | This ISP in Italy is pretty easy to set up, and it is compliant to Italian law about the utilization of your own (compatible) modem/ | ||
| + | The only thig to setup is a PPPoE connection with a 835 VLAN on the WAN port. Note that user and password are not necessary for authentication and can be whatever. | ||
| + | |||
| + | With **OpenWrt 21.02** (with DSA): | ||
| + | |||
| + | < | ||
| + | config interface ' | ||
| + | option proto ' | ||
| + | option username ' | ||
| + | option password ' | ||
| + | option ipv6 ' | ||
| + | option device ' | ||
| + | |||
| + | config interface ' | ||
| + | option proto ' | ||
| + | option reqaddress ' | ||
| + | option reqprefix ' | ||
| + | option ifname ' | ||
| + | </ | ||
| + | |||
| + | |||
| + | With **OpenWrt 19.07** (with swconfig): | ||
| + | |||
| + | < | ||
| + | config interface ' | ||
| + | option ifname ' | ||
| + | option proto ' | ||
| + | option username ' | ||
| + | option password ' | ||
| + | option ipv6 ' | ||
| + | |||
| + | config interface ' | ||
| + | option proto ' | ||
| + | option reqaddress ' | ||
| + | option reqprefix ' | ||
| + | option ifname ' | ||
| + | </ | ||
| + | |||
| + | ==== TIM ==== | ||
| + | TIM (a.k.a. Telecom Italia) uses the following PPPoE connection settings: [[https:// | ||
| + | VLAN 835 is required on your WAN port. In the following example, the phisical name of WAN interface is ' | ||
| + | |||
| + | Configuration with **OpenWrt 21.02** (with DSA): | ||
| + | |||
| + | < | ||
| + | config interface ' | ||
| + | option ifname ' | ||
| + | option proto ' | ||
| + | option username ' | ||
| + | option password ' | ||
| + | option ipv6 ' | ||
| + | </ | ||
| + | |||
| ==== Tiscali ==== | ==== Tiscali ==== | ||
| Tiscali uses the following ADSL PPPoA connection settings: [[https:// | Tiscali uses the following ADSL PPPoA connection settings: [[https:// | ||
| Line 1122: | Line 1322: | ||
| **IMPORTANT**: | **IMPORTANT**: | ||
| - | ==== Aruba FTTH ==== | ||
| - | This brand new ISP in Italy is pretty easy to set up, and it is compliant to Italian law about the utilization of your own (compatible) modem/ | ||
| - | The only thig to setup is a PPPOE connection with a 835 vlan on the wan port. Note that user and password are not necessary for authentication and can be whatever. | ||
| - | |||
| - | With **OpenWrt 21.02** (with DSA): | ||
| - | |||
| - | < | ||
| - | config interface ' | ||
| - | option proto ' | ||
| - | option username ' | ||
| - | option password ' | ||
| - | option ipv6 ' | ||
| - | option device ' | ||
| - | |||
| - | config interface ' | ||
| - | option proto ' | ||
| - | option reqaddress ' | ||
| - | option reqprefix ' | ||
| - | option ifname ' | ||
| - | </ | ||
| - | |||
| - | |||
| - | With **OpenWrt 19.07** (with swconfig): | ||
| - | |||
| - | < | ||
| - | config interface ' | ||
| - | option ifname ' | ||
| - | option proto ' | ||
| - | option username ' | ||
| - | option password ' | ||
| - | option ipv6 ' | ||
| - | |||
| - | config interface ' | ||
| - | option proto ' | ||
| - | option reqaddress ' | ||
| - | option reqprefix ' | ||
| - | option ifname ' | ||
| - | </ | ||
| ===== Netherlands ===== | ===== Netherlands ===== | ||
| Line 1193: | Line 1355: | ||
| config interface ' | config interface ' | ||
| option proto ' | option proto ' | ||
| - | option device ' | + | option device ' |
| - | option reqaddress 'none' | + | option reqaddress 'try' |
| option reqprefix ' | option reqprefix ' | ||
| option peerdns ' | option peerdns ' | ||
| Line 1202: | Line 1364: | ||
| </ | </ | ||
| - | ==== KPN with OpenWrt behind the supplied kpn Box 12 modem ==== | + | ==== KPN: OpenWrt behind the supplied kpn Box 12 modem ==== |
| If you have the OpenWrt router' | If you have the OpenWrt router' | ||
| - | You can set up the kpn Box 12 so that OpenWrt can automatically expose all ports through the NAT and also get IPv6 addresses for all your devices, without the modem or its firewall getting in your way. | + | |
| + | Don't get sad, though! | ||
| WARNING: This configuration will expose other devices you directly connect to the modem to the internet without any firewall! This won't be a problem if you connect other devices via your OpenWrt router. | WARNING: This configuration will expose other devices you directly connect to the modem to the internet without any firewall! This won't be a problem if you connect other devices via your OpenWrt router. | ||
| Especially IPv6-enabled devices would be at risk, as the following modem configuration allows any IPv6 device connected to it to expose any port to the internet. IPv4 devices will be stuck behind NAT, and all NAT ports will be reserved for the OpenWrt router. | Especially IPv6-enabled devices would be at risk, as the following modem configuration allows any IPv6 device connected to it to expose any port to the internet. IPv4 devices will be stuck behind NAT, and all NAT ports will be reserved for the OpenWrt router. | ||
| - | If you use a custom DNS on your computer, consider finding out the IP of your KPN modem, which can be done by logging into your OpenWrt router -> '' | + | If you use a custom DNS on your computer, consider finding out the IP address |
| You can add this IP address to your computer' | You can add this IP address to your computer' | ||
| < | < | ||
| 192.168.2.254 | 192.168.2.254 | ||
| </ | </ | ||
| - | where you replace '' | + | where you replace '' |
| Now you can go into your modem' | Now you can go into your modem' | ||
| - Log into the modem. | - Log into the modem. | ||
| - | - If this is the first time logging into the modem, it's going to ask you to change the admin password. DO NOT AT ANY TIME click outside this dialog, as doing so will soft-brick your modem! If you do soft-brick it, either call KPN, or use a needle to push the reset switch on the device. | + | - If this is the first time logging into the modem, it's going to ask you to change the admin password. DO NOT AT ANY TIME click outside this dialog |
| - Log back into the modem using the new password. | - Log back into the modem using the new password. | ||
| - Click '' | - Click '' | ||
| Line 1232: | Line 1395: | ||
| - Set '' | - Set '' | ||
| - Set '' | - Set '' | ||
| - | - Leave '' | + | - Leave '' |
| - Turn on the '' | - Turn on the '' | ||
| - Click '' | - Click '' | ||
| Line 1269: | Line 1432: | ||
| </ | </ | ||
| Note that OpenWrt can't get a prefix through Prefix Delegation, so you may disable it. It's there in the hopes that KPN someday adds Prefix Delegation support to the kpn Box 12, which would greatly simplify the configuration. | Note that OpenWrt can't get a prefix through Prefix Delegation, so you may disable it. It's there in the hopes that KPN someday adds Prefix Delegation support to the kpn Box 12, which would greatly simplify the configuration. | ||
| - | Until KPN fixes this issue, we must relay DHCPv6, RA, and NDP with the following ''/ | + | Until KPN fixes this issue, we must relay DHCPv6, RA, and NDP with the following ''/ |
| < | < | ||
| config dhcp ' | config dhcp ' | ||
| Line 1290: | Line 1453: | ||
| The important thing to take away from this config is that we essentially set up '' | The important thing to take away from this config is that we essentially set up '' | ||
| - | And now you should have a proper internet connection again, like you would expect | + | And now you should have a proper internet connection again, like you would expect |
| ==== Many ISPs ==== | ==== Many ISPs ==== | ||
| Line 1733: | Line 1896: | ||
| **Note:** Turkcell Superonline does not share PPPoE credentials with you. So you have to capture them yourself from the stock router first. | **Note:** Turkcell Superonline does not share PPPoE credentials with you. So you have to capture them yourself from the stock router first. | ||
| + | |||
| + | ==== Turksat Kablonet ==== | ||
| + | |||
| + | Kablonet uses DHCP for Docsis and PPPoE for FTTH services. | ||
| + | |||
| + | Basic WAN configs should look like: | ||
| + | === DOCSIS === | ||
| + | < | ||
| + | config interface ' | ||
| + | option device ' | ||
| + | option proto ' | ||
| + | option ipv6 ' | ||
| + | option peerdns ' | ||
| + | option dns ' | ||
| + | option dns ' | ||
| + | </ | ||
| + | === FTTH === | ||
| + | < | ||
| + | config interface ' | ||
| + | option device ' | ||
| + | option proto ' | ||
| + | option username ' | ||
| + | option password ' | ||
| + | option ipv6 ' | ||
| + | option peerdns ' | ||
| + | option dns ' | ||
| + | option dns ' | ||
| + | </ | ||
| + | **Note(FTTH): | ||
| + | |||
| + | **Note2(FTTH): | ||
| ===== United Kingdom ===== | ===== United Kingdom ===== | ||
| Line 2011: | Line 2205: | ||
| * City Fibre | * City Fibre | ||
| + | * Community Fibre | ||
| * HyperOptic | * HyperOptic | ||
| * Giganet | * Giganet | ||
| Line 2026: | Line 2221: | ||
| DHCPv6 is used to IPv6 prefix delegation, but the IPv6 prefix must be released by the router before the prefix will be issued again to either the same router or to another router. If this doesn' | DHCPv6 is used to IPv6 prefix delegation, but the IPv6 prefix must be released by the router before the prefix will be issued again to either the same router or to another router. If this doesn' | ||
| + | |||
| + | == Gigabit Networks == | ||
| + | Gigabit networks provide residential broadband through Cityfibre. They operate CGNat and operate a DHCP based service. Their requirements web pag is here: [[https:// | ||
| + | |||
| + | These are a set of working steps with a Belkin RT3200. | ||
| + | * WAN VLAN tagging on the appropriate VLAN | ||
| + | * Disabled IPv6 | ||
| + | * No hostname required. | ||
| + | * Contact their support and ask for "Clear the DHCP Binding process for the ONT interface." | ||
| + | |||
| + | |||
| + | == Community Fibre == | ||
| + | |||
| + | The Adtran ONT connects to any DHCP enabled router. Recommended to spoof the MAC of your router so it follows the provider one. | ||
| + | |||
| + | |||
| ===== United States ===== | ===== United States ===== | ||