Bridge mode versus DMZ for seperate modem/router setup question.

Messages
708
Location
Indiana
Reading Alarm's thread about using his router after modem, I have a similar situation but didn't want to gum up his thread.

Currently I have a ATT PACE "gateway" for my VDSL internet service and prefer to use my own router. Unfortunately the PACE modem doesn't provide a "true" bridge mode, but the workaround is to use DMZ to pass things to the router. Is this a double NAT situation? Does anyone know a better solution?

The reason for setting things up like this is to A) be able to configure DNS using a pi-hole, as the PACE has no provision for specifying DNS address and, B) use my TP-Link Deco mesh wi-fi system. Currently the PACE is in DMZ and assigns an IP to the router, which then does DHCP for my ethernet connections and TPLink wifi (which is in access point, not router mode and uses ethernet backhaul). Ultimately I'd like to replace the router and pi-hole with a pfsense box.
 
Messages
44,577
Location
Ontario, Canada
Just looking at this:

And if you enable passthrough mode, your router should get a public IP (no NAT on the upstream device) which is about as close to a bridge as you are going to get and should provide what you are looking for/need.
 

Touring5

Thread starter
Messages
708
Location
Indiana
Thanks for your reply. Unfortunately, the PACE gateway version doesn't provide a passthrough mode, just the DMZplus mode. (I was hoping this was something I had totally missed in my investigation, but it is mentioned a bit further down on the page you linked).

Screenshot_2021-01-11 Firewall status.png

I have the Archer modem setup as my DHCP server, as that is the only place to configure my pi-hole for DNS.

Everything does what I need, mostly. Oddly I can still access the PACE gateway, but it hangs when I try to make any changes from the Archer connected devices. (I still can connect directly to the PACE ports and make changes). I know just enough about networking to "be dangerous".

I appreciate your help - am I still off-base or doing the best possible under the limitations involved?
 
Messages
44,577
Location
Ontario, Canada
You are working within the limitations of your gear then unfortunately. Do they offer another model that has the passthrough feature? That would definitely be the best option if they do.
 

Touring5

Thread starter
Messages
708
Location
Indiana
Thanks for the input guys. I saw responses to alarmguys T-Mobile thread and figured some members with knowledge on the subject could provide some insight.

I have seen instances of others getting a different gateway model, but it didn't seem like a routine request. I'm going to look into the route alarmguy has taken with T-M.

Again thanks for your input.
 
Top