User Profile
ArthurZey
Roaming Rookie
Joined 3 years ago
User Widgets
Contribuciones
Re: Home Internet Static IP
DTV says it is a T mobile problem and when I called T Mobile they claim it is a DTV problem, that they need to find a better way to track my location…… @scottyj: I basically concur with @Jrinehart76. Yes, it's definitely a DirecTV problem in terms of how they're attempting to "secure" legitimate access to their service. But T-Mobile isn't exactly making it easier, either. My static IP address from T-Mobile resolves to Bellevue, WA, which is about 1000 miles (and a whole timezone) off from where I am in Colorado. Because of my need to access various network services at my home while I'm away, it's important that I have publicly accessible IPv4 addresses. (I don't actually care if they're static or dynamic, but I need durable port forwarding.) So with my Starlink connection, which, like the conventional T-Mobile 5G Home Internet, uses CGNAT and only a public IPv6 address, I need to make sure that individual connection is always VPNed. So I bought a static IPv4 address from my VPN provider so that I could get all the right ports forwarded, and I have a VPN router sitting between my multi-WAN router and my Starlink equipment. My static IP address from my VPN has GeoIPresolution closer to my actual home than my T-Mobile-assigned static IPv4 address. My multi-WAN router establishes connections over whichever link (Startlink, T-Mobile, etc) is least saturated and has sufficient bandwidth. So sometimes, my video streams to these services go out over the VPNed Starlink connection. (The reason that all outbound connections--and not just inbound connections--need to go over the VPN IP address is related to how my Dynamic DNS client updates my public hostname with the IP address of whateverlink is up.) The irony for me is that Hulu, Disney+, and Netflix all block streams when they detect that I've happened to connect to them over the VPNed Starlink connection, all claiming that VPNs obscure my location and violate their terms of service. Reading their terms of service, that's not actually true, but more to the point, T-Mobile is more severely obscuring my location than my VPN is...not that any of this matters, since there are no content license differences between Colorado and any other state in the US. So I have to find my own workarounds totheirviolation of their terms of service. The obvious solution here would be to have their apps on my phone report their location based on GPS, which would give them accurate information to within a few meters at worst, rather than 1000 miles off. And they could even correlate the app on my phone with apps on TVs and such by looking at whether the devices are on the same network. And voilà--you know where your users are without worrying about whether VPNs are obscuring someone's location. Ugh. Whatever. @Jrinehart76: to use IP Passthrough, first change the LAN settings of the Inseego to a subnet not found on your own router. I set my Inseego to 192.168.12.1/24 subnet (because I had the Nokia trashcan before) and my own equipment is on the 192.168.1.1/24 subnet. Once that was set, I then enabled IP Passthrough and I am still able to access the webGUI. So yes, every segment is on a different subnet. My T-Mobile gateway is on 192.168.20.0/24, and my multi-WAN router is on 192.168.47.0/24. (And behind that, my Ubiquiti networking equipment is on 10.10.32.0/20.) I have it on good authority from my colleagues who know more about network performance than I do that the fact of additional NATting is a drop in the bucket in terms of added latency compare to the mere fact of there being an additional device needing to forward/route packets at all. So I'm not that fussed about using IP Passthrough, since the DMZ solution works just fine. That said, I'm curious about your recommendation, since I'm fuzzy on the technical details of network routing: If I do IP Passthrough, it will assign my public T-Mobile IPv4 address to the WAN port of my ER605 multi-WAN router. So from the ER605's perspective, that port's IP address will be that public IPv4 address, not 192.168.20.10 (which I had configured statically to be on the Inseego FX2000's subnet). What you're saying suggests to me that the Inseego FX2000's192.168.20.0/24 subnet still somehow remains active, and that its 192.168.20.1 address remains accessible.Is that right? In this configuration, I totally don't get what the network configuration is of the Inseego FX2000 and which of its ports have what IP address attached to them. I'm also confused about how, from a routing tables perspective, traffic to 192.168.20.1 would know to go out over the link whose IP address is 162.191.x.y (my T-Mobile-assigned IPv4 address). As I'm thinking about it, I wonder if that's a non-issue when there's only one path, but in my case, since I have 4 WAN links a connection could go over, maybe I have to create a static route on my ER605 that traffic destined to 192.168.20.0/24 needs to have its next hop beover the WAN port that the Inseego FX2000 is connected to. Thoughts?9Visto0likes0ComentariosRe: Home Internet Static IP
@zookybear: t-mobile small business internet throttles ALL streaming services WOW...that is just so...wildly unacceptable. I don't even know what to say. I probably haven't noticed because I've had this all set up for less than a week so far. I'm in a rural mountain town, so I'm getting a few tens of Mbps upload/download at most through my T-Mobile connection, even with a high-gain antenna boosterpointed directly at the (LTE-only) T-Mobile cell tower that I can see with the naked eye… I'm loadbalancing across 4 ISP connections (2x Rise Broadband, 1x Starlink, 1x T-Mobile) using my TP-Link ER605 multi-WAN router, so not all streams go over the T-Mobile connection. I vaguely recall a flyer plastered to the counterin the T-Mobile store that said something about how they had some commitment to not do anything of the sort, but I didn't read the verbiage carefully, nor did I snap a photo. Ugh. T-Mobile has been quite the unpleasant experience for the last several months of just trying to get into a usable state, and if it weren't so dirt cheap, I probably would boycott them.7Visto1like0ComentariosRe: Home Internet Static IP
The ~20-hour ordeal that I had to go through for all this is worth a separate writeup, but yes, you can get a static public IPv4 address on your T-Mobile gateway/router. Here are the requirements: Set up a T-Mobile Business Accountusing a Federal Tax ID Number (also referred to as an "FEIN"). Youcannotset up the business account as asole proprietorship under your social security number (SSN). You'll have to do this in a physical store. Ask your in-store sales rep to add the following add-on to your account: ZSIPV4MI "Bus Static IPV4 MI $3 Chi" That is the product code / SKU for a static IPv4 address for an extra $3/month. (There's a similar one for IPv6, if you need that for some reason.) Make sure to request an Inseego FX2000 device as your gateway/router. They are unlikely to have these in-store. (I had to do a horrific rigamarole to get one of these by calling Business Sales ahead of having the right kind of business account set up.) Call Business Tech Support and request that they finish approving/activating/provisioning your static IPv4 address. I wish I could give you the direct number, but every time I call what I'm previously told is a direct number, I get bounced around to 4 or 5 reps before getting to someone in the right department. You can try Business Customer Care (allegedly+1-888-310-8369) and then make sure to specifically requestBusiness Technical Support who can help with 5G Home Internet. 9 out of 10 "technical" "support" reps are not going to know anything about IPv4 or IPv6 or static IP addresses or anything. You will likely get a lot of runaround and misinformation. (Do not be fooled by claims about having a "Retail Business Account" versus a "Corporate Business Account" or the line needing to be on some other kind of plan (eg,ZUNLINTTR); these are all irrelevant!)What I found ultimately had to happen was for them to updatethe APNsassociated with my line and then for me to power cycle my Inseego FX2000 gateway for it to pick up the new settings (and then it automatically configured itself with the static IP address, which I was able to find on the administrative configuration website of the router itself). A few other notes: You do not ever need to use the T-Mobile Internet app on a mobile phone, no matter what anybody tells you. If you have your own router, it might be temptingto set the Inseego FX2000 to "IP Passthrough" mode (under Settings →Advanced→ LAN), so that your own router gets the public IP address (and you avoid being double-NATted), doing so will prevent you from being able to access the Inseego FX2000 configuration website (since it won't have its own IP address to access via your browser), and you'll lose access to some useful diagnostic information. So I recommendagainstIP Passthrough, instead opting for putting your own router in the Inseego FX2000's DMZ (under Settings → Advanced → Firewall), and to do so, you'll probably want to configure your own router to use a static IP address on the Inseego FX200's LAN subnet. From a performance perspective, I have it on good authority that the biggest introduction of latency is the mere fact of there being a physical device, rather than the double-NATting itself. Putting your own router in the DMZ should address any of the functional downsides of double-NATting. I can confirm that with all of the above, I'm able to access internal network services on my private LAN with the appropriate port forwarding set up. For example, I have a machine ISSH into that only has a private LAN address, but when I try to connect to it from outside my networkthroughmy T-Mobile static IPv4 address, the Inseego FX2000 forwards all traffic to my own router (which is in its DMZ), which then forwards the specific port to the machine I'm SSHing into.10Visto2likes0Comentarios