Wed Feb 18 12:53:53 GMT 2015

Further Suresignal Adventures

After all of the setup with the Billion 8800NL I was left thinking I was doing very well and all was good with the world, then I noticed I wasn't getting delivery reports...

I figured it was the firewall on the router, so I enabled port forwarding as per the Vodafone guidelines (link)

Seconds later I heard my partners phone going crazy, all of the texts I had sent over the last 2 days arriving at once!

So, yeah, if you are not receiving calls and you have a SureSignal, try the port forwarding.

Posted by Phill | Permalink

Thu Feb 12 14:40:53 GMT 2015

Fiddling with the ASUS N55U

I have had trouble since moving to fibre (VDSL) with my Vodafone SureSignal.

The SureSignal just refuses to negotiate a connection with the Vodafone servers and Vodafone merely say, sorry since fibre uses PPPoE and we only support PPPoA, there is nothing we can do.

My ISP (Eclipse) who I have held in high regard for quite some time, were unfortunately unhelpful with, well a lot of our customers are quite successfully using a SureSignal on fibre, speak to Vodafone maybe..? [cos yeah, not thought of trying that one -.-].

At this point I think that I should explain the setup of my fibre installation - it will be the same as many others' out there:

The fibre connection is FTTC, so inside my house nothing has really changed, just a new faceplate on my master socket, this using a standard RJ11 connects to a Huawei Echolife DG612 modem (more on that later) which then connects to my own router specifying PPPoE credentails, the rest, again, remains normal...

Now, that Huawei device... it turns out it is actually quite a well specified device, just BT hand them out and lock them down so you can't access them over telnet, ssh, web... etc.

The Hauwei is set as a bridge and has 2 10/100 ports (remember this, there will be questions later!) one of the ports is stickered over with a not in use sticker; so - a little investigation later:

The Huawei can be accessed only from the stickered port by a device running with an IP of AFTER it has been reflashed, search for the firmware from 'asbokid', all it does is put the same settings on and unlock the telnet and web interfaces, so, all well and good, got me onto the interface.

Looking at the web interface you will see 2 virtual interfaces, VLAN 101 and VLAN 301, VLAN 301 has it's own conspiracy theory which makes for some reading if you are interested, since it gets an IP over DHCP that is in a range owned by the American Department of Defence... VLAN 101 however is our bridge.

If you're really keen, you can set the device to route mode and enable DHCP and you can take your own router out of the mix, as long as you don't need wireless at that point...

So what has this to do with my SureSignal I hear you think... well, after setting up all of the useless port forwarding they expect you to do (it's a uPnP device, it can manage these itself) I read that the Vodafone servers allow fragmentation in their packets and because of the 8 byte overhead for PPPoE the initial handshake packets get fragmented, which wouldn't normally be a problem, except the first part apparently goes AWOL and the last 8 bytes arrives at what we can safely assume is a confused and innocent SureSignal...

So now we try to make the tunnel wider, increasing the MTU so that the Vodafone MTU of 1500 and the NAT MTU of 1500 can pass unharmed through the PPPoE tunnel, technically this is naughty, as the PPPoE standard is an MTU of 1492, but since the advent of gigabit networking, 'jumbo' frames are allowed over ethernet and this is PPPo Ethernet isn't it... so into the settings we delve, on the router (an Asus N55u) we hack about with the nvram and set the MTU to 1508 (I will write more on that in my next entry I think...).

This yields an external MTU of... you guessed it - 1492. Remember those 10/100 ports I mentioned earlier? Well, yep, they can take a maximum MTU of 1500... so sent off for a new router (a Billion 8800NL) and we'll see how that goes :)

OK I have time... I'll take you through setting the MTU on the ASUS to high values:

Log on to the web interface, enable telnet access and then go to configuring your connection, assuming you have an internet connection of PPPoE you will have a box for MTU and MRU, set both of these to 1200, save and reboot.

Log into the router:
$ telnet 23 [or substitute your router IP, if different, OR will work too, in most cases]
Default username is admin

Default password is admin

You will then be presented with a prompt
Connected to
Escape character is '^]'.
DSL-N55U login: admin

ASUSWRT DSL-N55U_3.0.0.4 Mon Jan 12 06:42:28 UTC 2015
nvram show | grep 1200
This will show your settings affected by your earlier change, something like this:
# nvram show | grep 1200
size: 28885 bytes (3883 left)
For each one, we set the values in nvram:
#nvram set wan1_pppoe_mtu=1508
#nvram set wan1_pppoe_mru=1508
#nvram set dslx_pppoe_mtu=1508
Then save and reboot:
#nvram commit

To check your MTU you'll need a host outside of your setup, and - presuming it's Linux - run pathtrace with your IP:
This will report your MTU, if it is less than 1492 on PPPoE it's worth checking with your ISP :)

Posted by Phill | Permalink