Saturday 20 July 2013

Bridged Mode And Opik TV - The Easy Way

In my previous post about switching the Actiontec v1000H into bridging mode I mentioned the need to turn on IGMP Proxy on the attached router to get Optik TV working properly. If this feature is not turned on your TV signal will drop every few seconds. This has to do with the way your router handles IGMP Multicasting. While this may work for some advanced users, not everyone will have this feature on their router, and there is a simpler solution.

You get two public IP addresses for every Telus account. You can switch the Actiontec into bridged mode, connect your router to one LAN port and connect your Optik TV box into another LAN port. This lets the Optik TV box bypass your routers LAN network and gives it direct access to the internet. In this configuration you don't need to worry about multicasting/IGMP Proxy settings.


Click to Enlarge


Here's a pretty good explanation of IGMP Proxying

Downsides to this setup configuration is that you don't have control over the overall bandwidth used between your TV Box and router network. This may be an issue if your network is regularly congested (maxed-out bandwidth) on your router LAN and you're trying to watch TV at the same time. This is normally handled gracefully when the Telus TV Box is inside your LAN by Quality Of Service (QOS) settings on your router. These QOS settings are set by default on the Actiontec. While in theory this is a downside I haven't noticed any issues.

Saturday 10 November 2012

Actiontec v1000h Web Pages


FYI here is a list of all the pages accessible on the Actiontec v1000h. Some pages may be blocked from being accessed depending what account you're logged in as. 


addEntryError.html
adv_left.html
adv_util_left.html
advance_left.html
advance_top.html
advancedsetup_admin.html
advancedsetup_advancedportforwarding.html
advancedsetup_applications.html
advancedsetup_broadbandsettings.html
advancedsetup_dhcpsettings.html
advancedsetup_dmzhosting.html
advancedsetup_downstream.html
advancedsetup_dslsettings.html
advancedsetup_dynamicrouting.html
advancedsetup_firewallsettings.html
advancedsetup_firewallsettings_blockstatic.html
advancedsetup_firewallsettings_custom.html
advancedsetup_firewallsettings_high.html
advancedsetup_firewallsettings_low.html
advancedsetup_firewallsettings_medium.html
advancedsetup_firewallsettings_popup.html
advancedsetup_hpna.html
advancedsetup_ipsec.html
advancedsetup_lanipaddress.html
advancedsetup_lanipaddress_hide.html
advancedsetup_lanipaddress_info.html
advancedsetup_lanipaddress_real.html
advancedsetup_lanipdhcpsettings.html
advancedsetup_lansubnets.html
advancedsetup_nat.html
advancedsetup_option60.html
advancedsetup_ptmsettings.html
advancedsetup_remotegui.html
advancedsetup_remotetelnet.html
advancedsetup_schedulerules.html
advancedsetup_schedulingaccess.html
advancedsetup_servicesblocking.html
advancedsetup_staticrouting.html
advancedsetup_upnp.html
advancedsetup_upstream.html
advancedsetup_vlan.html
advancedsetup_waneth.html
advancedsetup_wanip.html
advancedsetup_wanipaddress.html
advancedsetup_wanvlans.html
advancedsetup_websiteblocking.html
advancedutilities_dnscache.html
advancedutilities_hpnadiag.html
advancedutilities_igmp.html
advancedutilities_ipping.html
advancedutilities_oamping.html
advancedutilities_systemlog.html
advancedutilities_traceroute.html
advancedutilities_wanvlans.html
advancedutilities_wanvlans_atm.html
advancedutilities_wanvlans_eth.html
advancedutilities_wanvlans_eth_hide.html
advancedutilities_wanvlans_eth_real.html
advancedutilities_wanvlans_hpna.html
advancedutilities_wanvlans_hpna_hide.html
advancedutilities_wanvlans_hpna_real.html
advancedutilities_wanvlans_ptm.html
advancedutilities_wanvlans_ptm_real.html
autosetup.html
autosetup_congratulations.html
autosetup_detect.html
autosetup_detect_real.html
autosetup_failure.html
autosetup_hiden.html
autosetup_ipoe_hiden.html
autosetup_ppp.html
autosetup_ppp_detect.html
autosetup_ppp_hiden.html
autosetup_ppp_wait_hiden.html
autosetup_pppoa.html
autosetup_pppoa_detect.html
autosetup_pppoa_wait_hiden.html
autosetup_pppoe.html
autosetup_pppoe_detect.html
autosetup_pppoe_wait_hiden.html
autosetup_response.html
autosetup_status.html
autosetup_wait_hiden.html
autosetupx_detect.html
autosetupx_ppp.html
autosetupx_ptm.html
autosetupx_wait_hiden.html
autosetupx_wait_hiden1.html
autosetupx_wan.html
autosetupx_wan_hide.html
autosetupx_wan_real.html
cmdthankyou.html
cmdthankyou_hide.html
cmdthankyou_real.html
connect_left.html
customersetup.html
customersetup_isp.html
customersetup_ppp.html
customersetup_status.html
customersetup_wan.html
customersetup_wan_hide.html
customersetup_wan_real.html
fw_left.html
home_left.html
home_top.html
hurl.html
index.html
index_noauto.html
index_real.html
index_wizard.html
lockerror.html
logconfig.html
login.html
login_fail.html
login_suc.html
modemstatus_activeuserlist.html
modemstatus_firewallstatus.html
modemstatus_home.html
modemstatus_hpna.html
modemstatus_iptrafficqos.html
modemstatus_lanstatus.html
modemstatus_modemutilization.html
modemstatus_nattable.html
modemstatus_portmappingstatus.html
modemstatus_routingtable.html
modemstatus_wanethstatus.html
modemstatus_wanstatus.html
modemstatus_wirelessstatus.html
perm.txt
qs_top.html
quicksetup.html
quicksetup_2nd.html
quicksetup_left.html
rebootinfo.html
rebootinfo_hide.html
rebootinfo_real.html
reset_fail.html
reset_suc.html
restoreinfo.html
restoreinfo_hide.html
restoreinfo_real.html
restorewireless.html
restorewireless_hide.html
restorewireless_real.html
security_left.html
security_top.html
status_left.html
status_top.html
thankyou.html
todthankyou.html
top_btn_nav.html
top_btn_nav1.html
top_btn_nav2.html
top_btn_nav3.html
top_btn_nav4.html
top_btn_nav5.html
tr69.html
uploadinfo.html
uploadinfo_success.html
utilities_diagnostictest.html
utilities_left.html
utilities_reboot.html
utilities_restoredefaultsettings.html
utilities_timezone.html
utilities_updatesettings.html
utilities_upgradefirmware.html
utilities_upgradefirmware_hide.html
utilities_upgradefirmware_real.html
utilities_webactivitylog.html
wireless_left.html
wireless_top.html
wirelesssetup_80211bgmode.html
wirelesssetup_80211n.html
wirelesssetup_advanced.html
wirelesssetup_basic.html
wirelesssetup_basicsettings.html
wirelesssetup_channel.html
wirelesssetup_multiplessid.html
wirelesssetup_nomodule.html
wirelesssetup_refresh.html
wirelesssetup_ssidbroadcast.html
wirelesssetup_thankyou.html
wirelesssetup_web8021x.html
wirelesssetup_wep.html
wirelesssetup_wep8021x.html
wirelesssetup_wirelessmacauthentication.html
wirelesssetup_wmm.html
wirelesssetup_wpa.html
wirelesssetup_wps.html
wizard_wl.html

Monday 8 October 2012

Incoming Ports That Telus Blocks

Telus blocks you from hosting several services on your home internet connection. This prevents you from hosting things like web sites, ftp servers, mail servers, on their native ports. You can get around this by hosting these services on non-standard ports or using a VPN connection that doesn't block the same incoming traffic. 

The rationale for blocking these services appears to be under the guise of protecting users and the Telus network from malware. Really it's just a way to prevent you from fully utilizing your home connection and to force you to buy a more expensive tier of service.

The only packages with no blocked ports at this time are the Server packages.

The blocked ports currently are:

TCP 21 (ftp)
FTP server

TCP 25 (smtp)
Email delivery server (MTA - Mail Transfer Agent)

TCP 80 (www)
Web server

TCP 110 (pop3)
POP3 email retrieval servers (MDA - Mail Delivery Agent)

TCP 6667 (ircd)
IRC servers (Internet Relay Chat)

TCP/UDP 135-139 (dcom and netbios)
135 Windows RPC
136 PROFILE Naming System (basically unused)
137-139 Windows NetBios

TCP/UDP 443 (ssl)
Secure web browsing - HTTPS

TCP/UDP 445 (ms-ds)
Microsoft Directory Services

TCP/UDP 1433-1434 (ms-sql)
Microsoft SQL Server

Saturday 6 October 2012

Using your own router in tandem with the Actiontec V1000H Router and Telus Optik TV

...I choose my networking hardware, not my ISP (Telus)!


In the ideal big-brother world of Telus they would have you only use their supplied hardware for networking - ie the Actiontec V1000H Router. For advanced users this is a serious pain, when your own router probably has a much richer feature set. For others you may just want complete control of your network and its hardware.

The solution? Log in as root, set the Actiontec to "bridged mode", essentially turning it into a standard modem. Now you can use your own router connected directly to the WAN. If you call Telus tech support, they won't have a clue what you're talking about when you mention bridging or just tell you it's not possible. I understand that it's more difficult for the Telus support people to read from their script when every customer could have a different router, but I, like many others, never call Telus tech support unless there is something broken on their side, like my service has dropped completely. You may be better off talking to brick wall for anything else.

If you don't enable bridging on the Actiontec and you use it with your router, you'll get a double NAT situation. While it may work, it will be a pain to configure and may result in some peculiar networking problems. This is exacerbated by the fact that you don't have access to fully configure the Actiontec router to work properly in this situation - like disabling DHCP. Check out this explanation of double NAT for more info.

The below instructions work flawlessly with my DDWRT54G v3 running Tomato Firmware v1.28.7633 .3-Toastman-VLAN-IPT-ND ND VPN


To start - knowing your logins:


There are a set of logins for the Actiontec - the one that you're given is a crippled account with limited access to settings.

default customer login is (can be changed after first login)
username: admin
password: telus

"poweruser" login - some options are still locked
username: tech
password: t3lu5tv

root login - all features are unlocked and configurable
(old firmware 31.30L.48)
username: root
password: m3di@r00m!

(new firmware 31.30L.55)
username: root
password: Thr33scr33n!


Bridged Mode - so you can use your third party router:


Before enabling bridged mode you may want to turn off wireless if you're going to use it on your own router. I've had some problems turning it off after enabling bridged mode. Also, you can unscrew the attached antennas, you don't need them if you've turned off wireless.

On your third party router change the default LAN subnet to something outside of the Actiontec's default subnet 192.168.1.0 255.255.255.0 - 10.0.0.0 255.0.0.0 should work fine.

To enable transparent bridging mode:
  1. log in as root
  2. go to "Advanced Setup"
  3. WAN IP Addressing
  4. 2. Select the ISP protocol below
  5. select "RFC 1483 Transparent Bridging"
Plug your own router (WAN port) into the actiontec router (LAN port), now your own router should transparently pass through the actiontec getting a DHCP assigned IP address directly from Telus. Some additional config may be necessary on your router.

To connect to the Actiontec router while in bridging mode:

Directly connect a computer to the actiontec router and change the adapter address to a static IP in the actiontec's default IP range.

192.168.1.1 should work.
Then connect to the router as usual - http://192.168.1.254

With bridging enabled, some strange behaviour is exhibited when logging in - you'll see below the log in section that it says you're already logged in as admin although you won't be able to view any of the configuration pages. When you log in as root you won't see any confirmation of a log in, you'll just get bumped back to the home page. You should be able to go to config pages once logged in though.

Alternatively you can log in using telnet if you want to enable it:
  1. Advanced Setup
  2. Remote
  3. Remote Telnet
  4. 1. Set the remote telnet state below.
  5. Local Telnet -> enable
  6. Set the user name and password for login
Use putty or some other terminal client and login using the username and password you've set.
Once logged in, you have a crippled shell - like the command "ls" and "cd" won't work.
To get a slightly more functional shell type "sh" to get a busybox shell.


To get Optik TV working with a third party router, you must enable multicasting:


If you don't have multicasting enabled on your third party router, TV channels will work for a few seconds then drop out.

For the tomato firmware this option is:
Advanced -> Firewall -> Multicast
Enable IGMPproxy
Check off the LAN segment you want to enable multicasting on - default should be LAN


Troubleshooting:


If you find you've locked yourself out of the router, or want to reset all the settings back to the defaults - do a factory reset.

Take a pen and press the reset button down (the button is recessed in a hole marked with a red circle around it) for a few seconds until the power light turns red, then unplug the power and plug it back in. The router will take around 30 seconds to reboot with the default settings.

UPDATE - May 1, 2013

If you need to do a factory reset or want to do other types of fiddling after being in bridged mode for awhile, disconnect the phone cable. Many people are reporting that their firmware gets updated immediately after a factory reset with the phone cable plugged in (ie being connected to the Internet) and the root password has been changed (unconfirmed) on newer versions of the firmware.

UPDATE - July 20, 2013

People are reporting that on newer firmware versions doing a factory reset will allow the root login to work again.