ISP Issues: Netmask / CIDR et cetera (et cetera ad nauseam > 15)

OK - my ISP has been giving me the runaround - and the media (copper) owner NBN (National Broadband Network) are even worse.

It’s never been ideal - but really started playing up in January 2024…

In January the ISP sent out an NBN “tech” (they’re ALL recent immigrants) with his trusty tool (some diagnostic thing they plug into the copper) and he determined my less than 6 month old TP-Link router was faulty (the model was on the ISP’s supported device list).

So - I took it back and got it replaced under warranty - only for it to exhibit the EXACT same symptoms. These recent immigrant “techs” are nothing but trained monkeys - I hope they’re paid in peanuts anyway… I’m not anti-immigration - but I am anti non-experts trying to masquerade as SMEs (subject matter experts).

The usual “fix” is to re-use the original piece of crap router the ISP supplied when I signed up to the NBN with this ISP (#MATE #LETSBEMATES) in January 2018 - a Netcomm NF18 or some such. But each time - that means rejigging a bunch of shit around (and it has the WiFi split into 2 AP’s whereas the TP-Link merges both 2.4 and 5 Ghz into a single access point).

Happened again late last week. NBN came out on Friday - did something (nothing really) and I hooked up the “newer” router and got online. For some reason NBN decided to send another “tech” out on Monday - he reckoned he did something to the phone jack to “fix” my issue - but - when I tried hooking up the TP-Link it NEVER sync’d the VDSL to the “node” (the technology is called “Fibre To The Node” - i.e. I am on copper to some junction box in my neighbourhood, that is then connected to an exchange via fibre) - so I hooked up the old Netcomm piece of crap (should only take <5 minutes - but it takes 10+ mins) and got online.

Needless to say - I got very little WFH done on Friday or Monday.

On Wednesday decided to bite the bullet and get my ISP to send me a new pre-configured router (it’s TP-Link brand).

So that means re-jigging ALL my network shit yet again - I still have my Cameras on the WiFi from the TP-Link. Joining them to another AP means a factory reset (yeah - that’s bullshit - I know! But that’s what the vendor state).

I have my main Linux desktop machine (Pop!_OS) “multi-homed”. i.e. it’s on two VLANs on my home ethernet (both IP addresses on the same NIC) - I also have a 5 port Gigabit switch interfacing everything (i.e. BOTH routers). I have my NAS on both VLANs too… I hit a few issues with that scenario - and realised I had DHCP running on BOTH routers - so weird shit like connecting a WiFi client onto an AP running on the Netcomm, was getting a DHCP lease from the TP-Link!

But - I’m getting fed up of this.

So - I’m going to use a big fat CIDR (/14 - i.e. netmask: 255.252.0.0) - so that it encompasses BOTH VLANs I’m currently using - and I can hopefully, slowly, piecemeal, move stuff over onto the new VLAN / CIDR. In a few cases, it will be just changing the subnet mask.

I’ll probably have the DHCP scope (on the new router) set for a range outside of what I’m currently using - but will have to remember to “isolate” the old devices (routers) - but - probably still within a Class C range (above CIDR gives a Class A network).

Above will give me 262,142 possible LAN addresses! I wonder if I’ll EVER run out :smiley: ?

Anyone see any potential drawbacks from having such a huge “SHOUTY!” broadcast scope?

2 Likes

I cant see any issues
but
my one reaction was…
“cant Daniel separate the modem function from the routing”
What I would be looking for is a simple ISP supplied modem, and my own separate router.
It is not that there is any merit in having things in separate boxes, it just splits the function so you dont have to reconfigure the whole network every time the ISP shoots you in the back.
Or is that how you planned to use CIDR anyway?

3 Likes

I just want one box that works… that’s all…

Most NBN ISPs don’t offer “just a modem” anyway…

And if/when - I can finally get FTTP (fibre to the premises) as promised by March 2025 - I can use the same device as it’s FTTP ready (as well as being VDSL capable)…

Sheeze - all this networking jiggery has my nerves frayed!

One of my IP cameras dropped out - and I figured it was 'cause of DHCP - it got an IP address on my Netcomm router DHCP scope…

So - I can still look at both Cameras (now on different VLANs) from my Linux PC using RTSP and MPV - but the shitty app the camera vendor gives me, I can only look at the one camera still on the same WiFi VLAN…

2 Likes

That would be one reason I’d wish for time to fly. Hopefully they hit their target date or even sooner. Merry Christmas!

1 Like

Crap! I wrote a long reply to this on another computer - and then thought I’d posted it (on this computer) - and removed the draft from the other computer when I restarted Brave…

Anyway - over 20 hours now with the giant shouty CIDR…

Seems okay - can’t see any obvious issues. Biggest job was getting my IP cameras connected - had to factory reset them and start again from scratch (losing saved videos since November 2023 - but didn’t really need them). Took about 90 minutes (and lots of curse words).

One thing that “broke” was scanning to FTP from my Brother MFC - but - soon as I put the MFC on WiFi - I could then reach my FTP server (hosted on my TrueNAS FreeBSD NAS)… When this wasn’t working - I realised I have NO IDEA what I set the HTTP login to my MFC as or password. So thanks to my big fat CIDR - I can reach the FTP server on my NAS on the same TCP/IP LAN (albeit now using different netmasks - but still same IP address).

Had the TrueNAS running with dual IP addresses on the single NIC - changed the netmask on one of them to the new CIDR ( /14 or “255.252.0.0”) - unmounted NFS and remounted - all good… Haven’t tried SMB yet - I only really use it from my iPads (I still can’t believe there’s no NFS client for tablets and smartphones - I did have one years ago on my ancient iPad 3 - but the app got the chop - or no longer worked on iOS updated to v9 and later)…

Got everything working - even the UPNP dynamic rules that Resilio Sync creates on my new router…

Got NAT from outside working… and it’s SUPER QUICK too (can access LAN stuff from outside)… Just wiped my Pi5 as it was slow as - probably a dodgy SD Card - now running it off a USB C SSD (Samsung T5) - heaps faster… Obviously installed fail2ban on it before opening the floodgates :smiley:


Freshly installed Bookworm (Raspbian) on Pi5 :

╭─x@frambo ~/tmp  
╰─➤  fastfetch
       _,met$$$$$gg.           x@frambo
    ,g$$$$$$$$$$$$$$$P.        --------
  ,g$$P"         """Y$$.".     OS: Debian GNU/Linux bookworm 12.6 aarch64
 ,$$P'               `$$$.     Host: Raspberry Pi 5 Model B Rev 1.0
',$$P       ,ggs.     `$$b:    Kernel: 6.6.31+rpt-rpi-2712
`d$$'     ,$P"'   .    $$$     Uptime: 5 hours, 23 mins
 $$P      d$'     ,    $$$P    Packages: 609 (dpkg)
 $$:      $.   -    ,d$$'      Shell: zsh 5.9
 $$;      Y$b._   _,d$P'       Display: 1920x1080
 Y$$.    `.`"Y$$$$P"'          WM: Mutter (X11)
 `$$b      "-.__               Terminal: /dev/pts/1
  `Y$$                         CPU: Cortex-A76 (4) @ 2.40 GHz
   `Y$$.                       Memory: 710.03 MiB / 7.86 GiB (9%)
     `$$b.                     Swap: 0 B / 199.98 MiB (0%)
       `Y$$b.                  Disk (/): 165.96 GiB / 458.24 GiB (36%) - ext4
          `"Y$b._              Local IP (eth0):  X.X.X.X/14 *
             `"""              Locale: en_GB.UTF-8

                               ████████████████████████
                               ████████████████████████

Correction - just noticed Locale was set to UK (surprised WiFi worked - but it did) :

╭─x@frambo ~  
╰─➤  fastfetch 
       _,met$$$$$gg.           x@frambo
    ,g$$$$$$$$$$$$$$$P.        --------
  ,g$$P"         """Y$$.".     OS: Debian GNU/Linux bookworm 12.6 aarch64
 ,$$P'               `$$$.     Host: Raspberry Pi 5 Model B Rev 1.0
',$$P       ,ggs.     `$$b:    Kernel: 6.6.31+rpt-rpi-2712
`d$$'     ,$P"'   .    $$$     Uptime: 5 hours, 26 mins
 $$P      d$'     ,    $$$P    Packages: 609 (dpkg)
 $$:      $.   -    ,d$$'      Shell: zsh 5.9
 $$;      Y$b._   _,d$P'       Display: 1920x1080
 Y$$.    `.`"Y$$$$P"'          WM: Mutter (X11)
 `$$b      "-.__               Terminal: /dev/pts/1
  `Y$$                         CPU: Cortex-A76 (4) @ 2.40 GHz
   `Y$$.                       Memory: 712.23 MiB / 7.86 GiB (9%)
     `$$b.                     Swap: 0 B / 199.98 MiB (0%)
       `Y$$b.                  Disk (/): 165.96 GiB / 458.24 GiB (36%) - ext4
          `"Y$b._              Local IP (eth0): X.x.x.x/14 *
             `"""              Locale: en_AU.UTF-8

                               ████████████████████████
                               ████████████████████████

2 Likes

Have you looked at Termux.
It has libnfs client library.

Didn’t realise - I’ve been using TermUX for 5+ years or so now… Nearly gave up on it when I thought I couldn’t use FDroid App Store on my stock Galaxy S9+…

I never had any success with NFS on Android Kernels (some ARM based single board computers used the Android Linux kernel) - as the Android kernels are compiled WITHOUT NFS support - I gave up on any other method and relied on SMB when I needed that feature…

Not that I really need an NFS client on Android… More iOS (i.e. iPadOS on iPad)… Hmmm - I think ChromeOs wouldn’t work either - not sure what kernel ChromeOS uses… Most of the apps visible in the App Store for ChromeOS are just Android apps… I guess I could try and get FDroid and TermUX on ChromeOS - but I don’t see the need as ChromeOS already has a quasi-native Linux subsystem…

In x86-64 you generally need to load a server module, but I think basic nfs support is compiled in , as you suggest.
If Android kernel has no nfs, I wonder what Termux does?

Not a bad way of sharing files, but there are other ways.

I agree - my choice of NAS : number 1 priority - NFS…
I use it on all my Linux servers - and MacOS too…

But I also host Resilio Sync shares on my NAS - and I have clients for that on EVERYTHING : iPad, Android, ChromeOS, Linux (arm and x86), MacOS, and of course FreeBSD itself…

Just noticed - and remembered - fail2ban doesn’t “work out of the box” on Bookworm (Raspbian on Pi5) like it did/does on Bullseye and Stretch and Ubuntu 22… Just about to hunt through this forum because I think the answer to this issue was discussed here…

Resolved here :

2 Likes