Discussion:
Draytek or FitzBox for Site2Site VPN
(too old to reply)
David Wade
2023-11-03 22:56:18 UTC
Permalink
Until recently I had

1. a Draytek 2862 on FTTC in the UK
2. an old 2820 at my holiday home.

The internet in my holiday home is 300Mb FTTP with CG NAT on a Huawei
EG8145V5 router. The 2820 connects to the EG8145V5 via 100mb LAN cable
and then back to the 2862 via a VPN.

I recently upgraded my UK setup to Zen FTTP 500/75 and telephony from
Voipfone. I installed the ZEN Fritz!Box 7530AX router and set up the
2862 as a so called "DMZ" device. I configured VOIP on the 7530, so I
now have:-

Draytek 2862 <-- DMZ/NAT --> Fitz!Box 7530AX <-- Internet --> EG8145V5
<-- Draytek 2820

Now the 2820 seem to be a bit of a bottleneck, so I was wondering if I
would be better replacing it with a newer Draytek, or as they seem
cheaper and more widely available a Fritz!Box 7530.

I can see the Fritz!Box does not have a local DNS. Are there any other
features I might miss?

Any other points?

Dave
Graham J
2023-11-04 08:50:11 UTC
Permalink
Post by David Wade
Until recently I had
1. a Draytek 2862 on FTTC in the UK
2. an old 2820 at my holiday home.
The internet in my holiday home is 300Mb FTTP with CG NAT on a Huawei
EG8145V5 router. The 2820 connects to the EG8145V5 via 100mb LAN cable
and then back to the 2862 via a VPN.
I recently upgraded my UK setup to Zen FTTP 500/75 and telephony from
Voipfone. I installed the ZEN Fritz!Box 7530AX router and set up the
2862 as a so called "DMZ" device. I configured VOIP on the 7530, so I
now have:-
Draytek 2862 <-- DMZ/NAT --> Fitz!Box 7530AX <-- Internet --> EG8145V5
<-- Draytek 2820
Now the 2820 seem to be a bit of a bottleneck, so I was wondering if I
would be better replacing it with a newer Draytek, or as they seem
cheaper and more widely available a Fritz!Box 7530.
I can see the Fritz!Box does not have a local DNS. Are there any other
features I might miss?
Any other points?
I don't think any Draytek has local DNS either. But generally the
Drayteks have superior management and monitoring - although CG NAT at
your holiday home means that these probably won't be remotely
accessible. I think using a Fritz!Box at the holiday home may mean it
is impossible to set up a VPN to the 2862.

Since you have Voipfone I don't see why you need the Fritz!Box - Zen
only provide them so you can use their proprietary VoIP service. Why
not connect the 2862 drect to the ONT?
--
Graham J
Andy Burns
2023-11-04 08:56:50 UTC
Permalink
Post by Graham J
I don't think any Draytek has local DNS either.
sure they do, under
Applications > LAN DNS / DNS Forwarding
Graham J
2023-11-04 09:56:45 UTC
Permalink
Post by Andy Burns
Post by Graham J
I don't think any Draytek has local DNS either.
sure they do, under
Applications > LAN DNS / DNS Forwarding
That is DNS forwarding, not a local DNS server. It does not resolve
node names to local IP addresses, it forwards name requests to the
external DNS server(s).

Others here have complained bitterly about this inadequacy.
--
Graham J
Andy Burns
2023-11-04 10:12:36 UTC
Permalink
Post by Andy Burns
Post by Graham J
I don't think any Draytek has local DNS either.
sure they do, under
Applications > LAN DNS / DNS Forwarding
That is DNS forwarding, not a local DNS server.  It does not resolve
node names to local IP addresses, it forwards name requests to the
external DNS server(s).
Err, no.

It forwards if you set the type to "DNS forwarding" but it resolves
names to IPs if you set the type to "LAN DNS"
Others here have complained bitterly about this inadequacy.
Well they should look closer at it then, it certainly resolves local
names, I use it here, it works ...

<Loading Image...>
Java Jive
2023-11-04 13:07:37 UTC
Permalink
Post by Andy Burns
Post by Andy Burns
Post by Graham J
I don't think any Draytek has local DNS either.
sure they do, under
Applications > LAN DNS / DNS Forwarding
That is DNS forwarding, not a local DNS server.  It does not resolve
node names to local IP addresses, it forwards name requests to the
external DNS server(s).
Err, no.
It forwards if you set the type to "DNS forwarding" but it resolves
names to IPs if you set the type to "LAN DNS"
Others here have complained bitterly about this inadequacy.
Well they should look closer at it then, it certainly resolves local
names, I use it here, it works ...
<http://andyburns.uk/misc/draytek-local-dns.png>
No, we've had this same argument before. As in

"Re: Are there any VDSL routers out there that do proper DHCP/DNS with
names?
Post by Andy Burns
I did point out that it wouldn't help Chris because even though the
vigor is aware of non-blank device IDs, it doesn't use them for local
DNS lookups. If you want local machine lookups to work (in combination
with external DNS), you do have to type them into the "LAN DNS" entries
section.

Well, fair enough, you didn't type them in, but also, just as I said,
there isn't proper local DNS, because it doesn't 'just work' unless you
do type them in. I don't have to type the PC and NAS names into my
BTHH5a running OpenWRT, it 'just works', and so it should on a DV, but,
appallingly for a top name, it doesn't, and AFAIAA never has."

So that is not true local DNS, because you have manually to set up the
name and IP pairing, just as you would in a hosts file, the only
advantage it offers is having to do this once instead of copying a hosts
file around every PC or other device. A properly functioning local DNS
server would do this automatically.
--
Fake news kills!

I may be contacted via the contact address given on my website:
www.macfh.co.uk
Andy Burns
2023-11-04 13:21:04 UTC
Permalink
Post by Java Jive
we've had this same argument before.
Now you're moving the goalposts!

A DNS server doesn't have to do anything other than lookup entries from
a zone file, integration with a separate DHCP server isn't mandatory
(yes it can be convenient).

So yes, a Draytek won't automatically add entries to local DNS
corresponding to every DHCP address issued.
David Wade
2023-11-04 13:21:46 UTC
Permalink
Post by Andy Burns
Post by Andy Burns
Post by Graham J
I don't think any Draytek has local DNS either.
sure they do, under
Applications > LAN DNS / DNS Forwarding
That is DNS forwarding, not a local DNS server.  It does not resolve
node names to local IP addresses, it forwards name requests to the
external DNS server(s).
Err, no.
It forwards if you set the type to "DNS forwarding" but it resolves
names to IPs if you set the type to "LAN DNS"
Others here have complained bitterly about this inadequacy.
Well they should look closer at it then, it certainly resolves local
names, I use it here, it works ...
<http://andyburns.uk/misc/draytek-local-dns.png>
No, we've had this same argument before.  As in
"Re: Are there any VDSL routers out there that do proper DHCP/DNS with
names?
Post by Andy Burns
I did point out that it wouldn't help Chris because even though the
vigor is aware of non-blank device IDs, it doesn't use them for local
DNS lookups.  If you want local machine lookups to work (in combination
with external DNS), you do have to type them into the "LAN DNS" entries
section.
Well, fair enough, you didn't type them in, but also, just as I said,
there isn't proper local DNS, because it doesn't 'just work' unless you
do type them in.  I don't have to type the PC and NAS names into my
BTHH5a running OpenWRT, it 'just works', and so it should on a DV, but,
appallingly for a top name, it doesn't, and AFAIAA never has."
So that is not true local DNS, because you have manually to set up the
name and IP pairing, just as you would in a hosts file, the only
advantage it offers is having to do this once instead of copying a hosts
file around every PC or other device.  A properly functioning local DNS
server would do this automatically.
Sounds like a proper DNS to me. Just because its not updated via dynamic
DNS updates doesn't mean its not "proper". Most of the ISPs that offer
DNS hosting for domains don't offer dynamic DNS or host updates via DHCP.


Dave
Graham J
2023-11-04 13:53:24 UTC
Permalink
Post by Andy Burns
Post by Andy Burns
Post by Graham J
I don't think any Draytek has local DNS either.
sure they do, under
Applications > LAN DNS / DNS Forwarding
That is DNS forwarding, not a local DNS server.  It does not resolve
node names to local IP addresses, it forwards name requests to the
external DNS server(s).
Err, no.
It forwards if you set the type to "DNS forwarding" but it resolves
names to IPs if you set the type to "LAN DNS"
Others here have complained bitterly about this inadequacy.
Well they should look closer at it then, it certainly resolves local
names, I use it here, it works ...
<http://andyburns.uk/misc/draytek-local-dns.png>
No, we've had this same argument before.  As in
"Re: Are there any VDSL routers out there that do proper DHCP/DNS with
names?
Post by Andy Burns
I did point out that it wouldn't help Chris because even though the
vigor is aware of non-blank device IDs, it doesn't use them for local
DNS lookups.  If you want local machine lookups to work (in combination
with external DNS), you do have to type them into the "LAN DNS" entries
section.
Well, fair enough, you didn't type them in, but also, just as I said,
there isn't proper local DNS, because it doesn't 'just work' unless you
do type them in.  I don't have to type the PC and NAS names into my
BTHH5a running OpenWRT, it 'just works', and so it should on a DV, but,
appallingly for a top name, it doesn't, and AFAIAA never has."
So that is not true local DNS, because you have manually to set up the
name and IP pairing, just as you would in a hosts file, the only
advantage it offers is having to do this once instead of copying a hosts
file around every PC or other device.  A properly functioning local DNS
server would do this automatically.
Indeed.

If you run a server on your LAN, it would integrate DHCP and DNS. You
then would disable the DHCP and DNS forwarding in your router. I'm told
this can be done with a Raspberry Pi.
--
Graham J
Chris Green
2023-11-04 09:17:12 UTC
Permalink
Post by Graham J
Post by David Wade
Until recently I had
1. a Draytek 2862 on FTTC in the UK
2. an old 2820 at my holiday home.
The internet in my holiday home is 300Mb FTTP with CG NAT on a Huawei
EG8145V5 router. The 2820 connects to the EG8145V5 via 100mb LAN cable
and then back to the 2862 via a VPN.
I recently upgraded my UK setup to Zen FTTP 500/75 and telephony from
Voipfone. I installed the ZEN Fritz!Box 7530AX router and set up the
2862 as a so called "DMZ" device. I configured VOIP on the 7530, so I
now have:-
Draytek 2862 <-- DMZ/NAT --> Fitz!Box 7530AX <-- Internet --> EG8145V5
<-- Draytek 2820
Now the 2820 seem to be a bit of a bottleneck, so I was wondering if I
would be better replacing it with a newer Draytek, or as they seem
cheaper and more widely available a Fritz!Box 7530.
I can see the Fritz!Box does not have a local DNS. Are there any other
features I might miss?
Any other points?
I don't think any Draytek has local DNS either. But generally the
They do but it's not very good, i.e. you can't give names to systems,
it's just a caching DNS server.
--
Chris Green
·
David Wade
2023-11-04 11:02:16 UTC
Permalink
Post by David Wade
Until recently I had
1. a Draytek 2862 on FTTC in the UK
2. an old 2820 at my holiday home.
The internet in my holiday home is 300Mb FTTP with CG NAT on a Huawei
EG8145V5 router. The 2820 connects to the EG8145V5 via 100mb LAN cable
and then back to the 2862 via a VPN.
I recently upgraded my UK setup to Zen FTTP 500/75 and telephony from
Voipfone. I installed the ZEN Fritz!Box 7530AX router and set up the
2862 as a so called "DMZ" device. I configured VOIP on the 7530, so I
now have:-
Draytek 2862 <-- DMZ/NAT --> Fitz!Box 7530AX <-- Internet --> EG8145V5
<-- Draytek 2820
Now the 2820 seem to be a bit of a bottleneck, so I was wondering if I
would be better replacing it with a newer Draytek, or as they seem
cheaper and more widely available a Fritz!Box 7530.
I can see the Fritz!Box does not have a local DNS. Are there any other
features I might miss?
Any other points?
I don't think any Draytek has local DNS either.  But generally the
Drayteks have superior management and monitoring - although CG NAT at
your holiday home means that these probably won't be remotely
accessible.  I think using a Fritz!Box at the holiday home may mean it
is impossible to set up a VPN to the 2862.
Since you have Voipfone I don't see why you need the Fritz!Box - Zen
only provide them so you can use their proprietary VoIP service.  Why
not connect the 2862 drect to the ONT?
I don't have an ONT. ZEN leave the voip in the 7530 unlocked if you
don't take their VOIP service and I connect that to Voipfone

Dave
Graham J
2023-11-04 11:21:04 UTC
Permalink
David Wade wrote:

[snip]
Post by David Wade
Post by Graham J
Since you have Voipfone I don't see why you need the Fritz!Box - Zen
only provide them so you can use their proprietary VoIP service.  Why
not connect the 2862 drect to the ONT?
I don't have an ONT.
What does the Fritz!Box WAN port connect to?

My FTTP arrives on an ONT which has an Ethernet socket - I connect this
to the WAN port of my router.
Post by David Wade
ZEN leave the voip in the 7530 unlocked if you
don't take their VOIP service and I connect that to Voipfone
Other people have asked hear about that. Can you show more details so
we can see how you conenct it to Voipfone, please?
--
Graham J
David Wade
2023-11-04 11:47:33 UTC
Permalink
Post by Graham J
[snip]
Post by David Wade
Post by Graham J
Since you have Voipfone I don't see why you need the Fritz!Box - Zen
only provide them so you can use their proprietary VoIP service.  Why
not connect the 2862 drect to the ONT?
I don't have an ONT.
What does the Fritz!Box WAN port connect to?
My FTTP arrives on an ONT which has an Ethernet socket - I connect this
to the WAN port of my router.
Post by David Wade
ZEN leave the voip in the 7530 unlocked if you don't take their VOIP
service and I connect that to Voipfone
Other people have asked hear about that.  Can you show more details so
we can see how you conenct it to Voipfone, please?
Its just a normal SIP connection. Apparently you need Fritz!OS 7.25
The only trick is you need to tick "Provider does not support
REGISTER-fetch"

If you use the voipfone voicemail the call waiting light on the 7530
does not work.
Dave
Graham J
2023-11-04 12:20:20 UTC
Permalink
Post by Graham J
[snip]
Post by David Wade
Post by Graham J
Since you have Voipfone I don't see why you need the Fritz!Box - Zen
only provide them so you can use their proprietary VoIP service.
Why not connect the 2862 drect to the ONT?
I don't have an ONT.
What does the Fritz!Box WAN port connect to?
Please explaiin ...
--
Graham J
David Wade
2023-11-04 13:17:00 UTC
Permalink
Post by Graham J
Post by Graham J
[snip]
Post by David Wade
Post by Graham J
Since you have Voipfone I don't see why you need the Fritz!Box -
Zen only provide them so you can use their proprietary VoIP
service. Why not connect the 2862 drect to the ONT?
I don't have an ONT.
sorry mis-read that as ATA
Post by Graham J
Post by Graham J
What does the Fritz!Box WAN port connect to?
Please explaiin ...
Of course the Fritz!box connects to the ONT and provides the VOIP ATA. I
plugged my DECT base station into the FON port on the Fritz!box which is
why I don't connect the Draytek directly to the ONT.
Graham J
2023-11-04 13:50:06 UTC
Permalink
Post by David Wade
Post by Graham J
Post by Graham J
[snip]
Post by David Wade
Post by Graham J
Since you have Voipfone I don't see why you need the Fritz!Box -
Zen only provide them so you can use their proprietary VoIP
service. Why not connect the 2862 drect to the ONT?
I don't have an ONT.
sorry mis-read that as ATA
Post by Graham J
Post by Graham J
What does the Fritz!Box WAN port connect to?
Please explaiin ...
Of course the Fritz!box connects to the ONT and provides the VOIP ATA. I
plugged my DECT base station into the FON port on the Fritz!box which is
why I don't connect the Draytek directly to the ONT.
OK understood.

But - if you discard the Fritz!box then your Draytek would connect
directly to the ONT, and you could have remote access into the Draytek
for management and confirming that the internet conenction is live via a
monitoring service such as <https://f8lure.mouselike.org/auth.asp>

It might also make setting up the endpoint for the LAN-to-LAN VPN easier.

Of course you would then require an ATA or a VoIP phone to connect to
your LAN.
--
Graham J
David Wade
2023-11-04 14:25:44 UTC
Permalink
Post by Graham J
Post by David Wade
Post by Graham J
Post by Graham J
[snip]
Post by David Wade
Post by Graham J
Since you have Voipfone I don't see why you need the Fritz!Box -
Zen only provide them so you can use their proprietary VoIP
service. Why not connect the 2862 drect to the ONT?
I don't have an ONT.
sorry mis-read that as ATA
Post by Graham J
Post by Graham J
What does the Fritz!Box WAN port connect to?
Please explaiin ...
Of course the Fritz!box connects to the ONT and provides the VOIP ATA.
I plugged my DECT base station into the FON port on the Fritz!box
which is why I don't connect the Draytek directly to the ONT.
OK understood.
But - if you discard the Fritz!box then your Draytek would connect
directly to the ONT, and you could have remote access into the Draytek
for management and confirming that the internet conenction is live via a
monitoring service such as <https://f8lure.mouselike.org/auth.asp>
It might also make setting up the endpoint for the LAN-to-LAN VPN easier.
Of course you would then require an ATA or a VoIP phone to connect to
your LAN.
I get remote access to the Draytek in the UK anyway. The Fritz!Box
really only handles the VOIP at present. It routes all other traffic to
the Draytek. I have a fixed IP from Zen.....

.. The other end is the problem. The Draytek 2820 there is old and has
low VPN throughput. It only has one 1Gb link. The link to the ISP router
is only 100mb. The WiFi is Wifi "n" only.

The question is do I replace it with a second Fritz!Box or a newer Draytek.

The Fritz!box would be lower priced, give me a phone port, faster WiFi
(the AX version with WiFi 6 would be more expensive but still less than
a Draytek) but fewer VPN options.

On the other hand a Draytek has more VPN option and could manage the
Draytek Access Points I have.....


Dave
Graham J
2023-11-04 16:10:35 UTC
Permalink
David Wade wrote:

[snip]
Post by David Wade
The question is do I replace it with a second Fritz!Box or a newer Draytek.
The Fritz!box would be lower priced, give me a phone port, faster WiFi
(the AX version with WiFi 6 would be more expensive but still less than
a Draytek) but fewer VPN options.
On the other hand a Draytek has more VPN option and could manage the
Draytek Access Points I have.....
I think there will be more modern Drayteks available on the secondhand
market as people discard them in favour of ISP-provided routers such as
the Fritz!Box where the users need a simple "Digital Voice" solution.
--
Graham J
Graham J
2023-11-04 16:14:44 UTC
Permalink
David Wade wrote:

[snip]
Post by David Wade
The question is do I replace it with a second Fritz!Box or a newer Draytek.
The Fritz!box would be lower priced, give me a phone port, faster WiFi
(the AX version with WiFi 6 would be more expensive but still less than
a Draytek) but fewer VPN options.
On the other hand a Draytek has more VPN option and could manage the
Draytek Access Points I have.....
I think there will be more modern Drayteks available on the secondhand
market as people discard them in favour of ISP-provided routers such as
the Fritz!Box where the users need a simple "Digital Voice" solution.
--
Graham J
David Wade
2023-11-04 11:13:46 UTC
Permalink
Post by Graham J
Post by David Wade
Until recently I had
1. a Draytek 2862 on FTTC in the UK
2. an old 2820 at my holiday home.
The internet in my holiday home is 300Mb FTTP with CG NAT on a Huawei
EG8145V5 router. The 2820 connects to the EG8145V5 via 100mb LAN cable
and then back to the 2862 via a VPN.
I recently upgraded my UK setup to Zen FTTP 500/75 and telephony from
Voipfone. I installed the ZEN Fritz!Box 7530AX router and set up the
2862 as a so called "DMZ" device. I configured VOIP on the 7530, so I
now have:-
Draytek 2862 <-- DMZ/NAT --> Fitz!Box 7530AX <-- Internet --> EG8145V5
<-- Draytek 2820
Now the 2820 seem to be a bit of a bottleneck, so I was wondering if I
would be better replacing it with a newer Draytek, or as they seem
cheaper and more widely available a Fritz!Box 7530.
I can see the Fritz!Box does not have a local DNS. Are there any other
features I might miss?
Any other points?
I don't think any Draytek has local DNS either.
Its pretty thick, but its there.
Post by Graham J
But generally the
Drayteks have superior management and monitoring - although CG NAT at
your holiday home means that these probably won't be remotely
accessible.
Its OK if the VPN is up. I use 192.168.1.1 main home, 192.168.0.1
Holiday home. looks pretty seamless, except AP config for remote APs
does not work.


I think using a Fritz!Box at the holiday home may mean it
Post by Graham J
is impossible to set up a VPN to the 2862.
Since you have Voipfone I don't see why you need the Fritz!Box - Zen
only provide them so you can use their proprietary VoIP service.  Why
not connect the 2862 drect to the ONT?
See other reply.

Dave
Graham J
2023-11-04 11:26:14 UTC
Permalink
David Wade wrote:

[snip]
Post by David Wade
But generally the Drayteks have superior management and monitoring -
although CG NAT at your holiday home means that these probably won't
be remotely accessible.
Its OK if the VPN is up.
Exactly my point! If anything goes wrong with the remote VPN settings
you have to go to Spain to correct it.
Post by David Wade
I use 192.168.1.1 main home, 192.168.0.1
Holiday home. looks pretty seamless, except AP config for remote APs
does not work.
Have you got the appropriate default gateway set in the the remote APs?
--
Graham J
David Wade
2023-11-04 11:54:34 UTC
Permalink
Post by Graham J
[snip]
Post by David Wade
But generally the Drayteks have superior management and monitoring -
although CG NAT at your holiday home means that these probably won't
be remotely accessible.
Its OK if the VPN is up.
Exactly my point!  If anything goes wrong with the remote VPN settings
you have to go to Spain to correct it.
Post by David Wade
I use 192.168.1.1 main home, 192.168.0.1 Holiday home. looks pretty
seamless, except AP config for remote APs does not work.
Have you got the appropriate default gateway set in the the remote APs?
Yes, I meant the central management of remote APs from the routers does
not work. Its because the router in the Holiday Home does not pass a
certain type of packet across to the main router.

Dave
Roderick Stewart
2023-11-04 09:12:50 UTC
Permalink
Post by David Wade
I can see the Fritz!Box does not have a local DNS. Are there any other
features I might miss?
Mine has.

Home Network - Network - Network Settings tab, then scroll down to IP
Addresses and click the IPV4 (or IPV6) Settings button.

Here you can set the router's own IP address, DHCP range and lease
time, DNS server address and guest network address.

Rod.
grinch
2023-11-04 10:10:15 UTC
Permalink
Post by Roderick Stewart
Post by David Wade
I can see the Fritz!Box does not have a local DNS. Are there any other
features I might miss?
Mine has.
Home Network - Network - Network Settings tab, then scroll down to IP
Addresses and click the IPV4 (or IPV6) Settings button.
Here you can set the router's own IP address, DHCP range and lease
time, DNS server address and guest network address.
Rod.
My Zen provided 7530 is on the latest firmware and the DNS server
settings are under /account information/internet/DNS server.

You can set the DNS servers you require or let it use your isp's DNS
servers.

As my firewall is also my internal DNS server I have left the fritzbox
defaults i.e. the isp's provided servers for ipv4 and ipv6
David Wade
2023-11-04 11:16:47 UTC
Permalink
Post by grinch
Post by Roderick Stewart
Post by David Wade
I can see the Fritz!Box does not have a local DNS. Are there any other
features I might miss?
Mine has.
Home Network - Network - Network Settings tab, then scroll down to IP
Addresses and click the IPV4 (or IPV6) Settings button.
Here you can set the router's own IP address, DHCP range and lease
time, DNS server address and guest network address.
Rod.
My Zen provided 7530 is on the latest firmware and the DNS server
settings are under /account information/internet/DNS server.
You can set the DNS servers you require or let it use your isp's DNS
servers.
As my firewall is also my internal DNS server I have left the fritzbox
defaults i.e. the isp's provided servers for ipv4 and ipv6
The Draytek will also resolve names -> addresses. I mainly use it for
vintage unix boxes...

Dave
Roderick Stewart
2023-11-04 12:57:19 UTC
Permalink
Post by grinch
Post by Roderick Stewart
Home Network - Network - Network Settings tab, then scroll down to IP
Addresses and click the IPV4 (or IPV6) Settings button.
Here you can set the router's own IP address, DHCP range and lease
time, DNS server address and guest network address.
Rod.
My Zen provided 7530 is on the latest firmware and the DNS server
settings are under /account information/internet/DNS server.
Just checked mine. Yes it's there too. Looks like another route to the
same page. (Fritz OS 7.57)

Rod.
SH
2023-11-04 10:14:33 UTC
Permalink
Post by David Wade
The internet in my holiday home is 300Mb FTTP with CG NAT on a Huawei
EG8145V5 router. The 2820 connects to the EG8145V5 via 100mb LAN cable
and then back to the 2862 via a VPN.
CG NAT on FTTP? I thought CGNAT was only used on mobile phone networks,
and that on FTTP products you had a dynamic IP and you could get a
static IP for free or for extra monthly fee.

I have static IP on my 500 Mb/s FTTP product, makes setting up a VPN so
much easier :-)

As for DNS, I run my own Pi Hole along with Wireguard.
Andy Burns
2023-11-04 10:20:59 UTC
Permalink
Post by SH
CG NAT on FTTP? I thought CGNAT was only used on mobile phone networks
You can have CGNAT anywhere the ISP has more customers than IPv4 addresses.
SH
2023-11-04 10:49:07 UTC
Permalink
Post by Andy Burns
Post by SH
CG NAT on FTTP? I thought CGNAT was only used on mobile phone networks
You can have CGNAT anywhere the ISP has more customers than IPv4 addresses.
thought all FTTP products were all now on IP v6?

My static IP address is a IP v4 address which was free of charge :-)

It might be worth the OP switching to vodafone Gigafast just for teh
static IP address one :-)

S.
David Wade
2023-11-04 11:06:51 UTC
Permalink
Post by SH
Post by Andy Burns
Post by SH
CG NAT on FTTP? I thought CGNAT was only used on mobile phone networks
You can have CGNAT anywhere the ISP has more customers than IPv4 addresses.
thought all FTTP products were all now on IP v6?
My static IP address is a IP v4 address which was free of charge :-)
It might be worth the OP switching to vodafone Gigafast just for teh
static IP address one :-)
S.
I should point out that the end point with the Huawei router is in Spain....
.... and switching to a supplier without CGNAT would double my monthly
bill to 40€ + VAT...

Dave
Graham J
2023-11-04 11:29:37 UTC
Permalink
David Wade wrote:

[snip]
Post by David Wade
It might be worth the OP switching to vodafone Gigafast just for the
static IP address one :-)
As we've seen here in the postings from Peter, we all now know that we
should never use Vodafone!
Post by David Wade
I should point out that the end point with the Huawei router is in Spain....
.... and switching to a supplier without CGNAT would double my monthly
bill to 40€ + VAT...
Does the Spanish supplier offer IPV6? Does the Huawei router connect to
the fibre, or does it use Ethernet to the Spanish equivalent of
Openreach's ONT?
--
Graham J
David Wade
2023-11-04 13:11:19 UTC
Permalink
Post by Graham J
[snip]
Post by David Wade
It might be worth the OP switching to vodafone Gigafast just for the
static IP address one :-)
As we've seen here in the postings from Peter, we all now know that we
should never use Vodafone!
Post by David Wade
I should point out that the end point with the Huawei router is in Spain....
.... and switching to a supplier without CGNAT would double my monthly
bill to 40€ + VAT...
Does the Spanish supplier offer IPV6?  Does the Huawei router connect to
the fibre, or does it use Ethernet to the Spanish equivalent of
Openreach's ONT?
The Huawei router connects direct to the fibre, so no ONT and you can't
replace the router. No IPV6 but things might change as was small local
ISP (axartel)

https://www.axartel.es/en/

who have now been bought by a bigger one (avatel) although there is a
bigger holding company

Dave
Andy Burns
2023-11-04 12:04:31 UTC
Permalink
Post by SH
thought all FTTP products were all now on IP v6?
Plusnet finally started selling FTTP, but still don't have IPv6 (except
for a few who joined the trial years ago).
Post by SH
My static IP address is a IP v4 address which was free of charge :-)
Mine is a /29 also free.
www.GymRatZ.co.uk
2023-12-27 11:32:26 UTC
Permalink
Post by David Wade
I recently upgraded my UK setup to Zen FTTP 500/75 and telephony from
Voipfone. I installed the ZEN Fritz!Box 7530AX router and set up the
2862 as a so called "DMZ" device. I configured VOIP on the 7530, so I
now have:-
Draytek 2862 <-- DMZ/NAT --> Fitz!Box 7530AX <-- Internet --> EG8145V5
<-- Draytek 2820
Now the 2820 seem to be a bit of a bottleneck, so I was wondering if I
would be better replacing it with a newer Draytek, or as they seem
cheaper and more widely available a Fritz!Box 7530.
I can see the Fritz!Box does not have a local DNS. Are there any other
features I might miss?
Your set-up sounds very close to my own.

Site to Site Draytek VPN. Upgraded remote site to Zen FTTP and old
draytek 2920 is sadly lacking in throughput to maximise FTTP connection
but it's still fast enough to fulfill the purpose, and the remote site
is the Netfix account holders location which following this years
Netflix clamp down on account sharing meant the same account couldn't be
accessed from both locations but the VPN is fast enough to route all
local t.v. traffic through to the remote end and out on the same Zen IP
address so back to 2 sites being seen by Netflix as a single site.
The Zen supplied Fritz Box 7530 is used on the remote site but replacing
a network switch and adding a 2nd telephone "socket" so not providing
WAN interface.

I have the Fritz Box telephone side registered with both voipfone and
voipcheap accounts for the simple reason that the property alarm
auto-dialer needed to be presented with a POTS interface so I simply
wired it into the FritzBox telephone port. Alarm is triggered Fritzbox
dials out over LAN through Draytek to WAN (Always connect by internet
box ticked). Works perfectly unless power is out of course.

2 things to note. I can't log into the Fritzbox from remote via VPN, I
have to VNC into a computer on the same network and log into the box
from there whereas Draytek to Draytek is Wayyyy more versatile and with
static IP addresses on both ends even if the VPN is down I can still log
into Draytek admin via the "allow admin from WAN" (via specific IP
address for security)

The main reason I've always stuck to a Draytek at each end is simplicity
of duplicating a highly configurable set-up. i.e. Same settings both
ends with the exception of localand remote IP address chages.

I see the FritzBox has done an update and now supports WireGuard but
these features always seem to be to be focused on simplicity of logging
in from a remote client for internet break-out rather than a full-scale
site<->site communications of each end being both host and client.

My scenario is both sites are only 10 miles and 20 minutes apart so
sorting things out isn't a big issue.

Cheers
Pete

Loading...