Answered Need a networking guru please

ChrisGTL

Prominent Member
Joined
Aug 6, 2011
Messages
1,987
Reaction score
389
Points
561
Location
Huddersfield, UK
I need help!!

I've just been out and bought a Draytek 130 modem and Asus AC86U router to replace the Sky Q hub.

It's taken about 4 calls to Draytek and a lot of messing to get it working. Finally I have internet and all seems ok apart from the fact I can no longer connect to the Draytek webpage.

The Draytek came out of the box with 192.168.2.1 as it's address. Before getting the internet to work I was able to connect to it everytime. Now the internet is working I am no longer able to connect to it unless I plug my laptop directly into it and assign my laptop with a manual IP of 192.168.2.x/255.255.255.0

My Asus router assigned itself an IP of 192.168.1.1/255.255.255.0 and everything works fine apart from the fact I am unable to connect to the Draytek.

Why is the draytek on a totally different IP from my Router? Is this how a bridged modem works? I Don't understand........?

I bought the Draytek to see if my line speeds would improve as I've good things about it. I can't see my line stats without unplugging it from the router and manually assigning my laptop a suitable IP.


Have I got the following completely wrong;

Modem = 192.168.0.1/255.255.255.0
Router = 192.168.0.2/255.255.255.0
NAS = 192.168.0.3/255.255.255.0
Server = 192.168.0.4/255.255.255.0

Everything else is assigned by the router DHCP like laptops, tv's, phones, tablets etc.
 
The ones I have seen have a separate network for the modem or at least IP address.

So not quite following how you have it configured as you might have conflicted yourself.

So to double check you have the Asus connected via its blue port to the Draytek by a single ethernet cable and then Draytek to phone line?

Where are you setting the Modem's address to 192.168.0.1 ?

What DHCP settings are being given out to clients by the router? i.e is DNS and Default Gateway being set to 192.168.0.2 and an IP address range in the 192.168.0.x range?
 
A "router" is a device that separates one network (called a "sub-net" in IP jargon) from another. In a typical SOHO "get-you-on-the-Internet" omni-box known as a "router" the routing boundary is between the "WAN/Internet" interface and everything else (LAN ports and Wi-Fi.)

Thusly, by definition, your Draytek modem is "outside" your network and this needs a different sub-net range.

Usually "modems" don't have IP addresses (they don't need them) but in order to access the device to "play" with it's admin functions, some vendor give them IP addresses and a web admin interface.

(Modems and routers work fundamentally differently, though often SOHO routers have modem built in.)

There's a block diagram of the internals of a typical SOHO router in the "Using Two Routers Together" FAQ pinned in this forum (don't take notice of the specifics of the IP addressing in the diagram - it's just an example - focus on how the various physical interfaces are separated by the "router" block - this is what makes a router, a router, it sepatates one network from another.)

So "out the box" your DrayTek and ASUS should be working just fine with the IP addresses indicated. 192.168.2.X/192.168.1.X.

Where you might be getting problems accessing the Draytek from a device on the 192.168.1.X subnet may be due to either (or both) of:

1. The ASUS doesn't "know" how to reach the 192.168.2.X network in which case you'll need to add something called "static route" to the ASUS routing table to tell it that 192.168.2.X can be reached through it's "WAN/Internet/external" interface. Check the ASUS manual to see if this is possible and if so how to do it - exact details vary from vendor to vendor.

2. 192.168.X.Y IP addresses are known to be not valid on the public Internet, so the firewall/router in the ASUS may be automatically dropping such traffic from egressing through it's WAN interface. Again, check the manual for the ASUS to see if it's firewall has the facilities to be "told" to permit outbound traffic from 192.168.1.X to 192.168.2.X via the "WAN/Internet" interface. (But try the static route first - that may sort it for you automatically and you must have such a static route even if you need a firewall change.)

Have I got the following completely wrong;

Modem = 192.168.0.1/255.255.255.0
Router = 192.168.0.2/255.255.255.0
NAS = 192.168.0.3/255.255.255.0
Server = 192.168.0.4/255.255.255.0

Yes, this is incorrect. The modem, being "outside" your local subnet, must be a different IP subnet as described above. (Technically, it's also true that SOHO routers do not have a single IP address, they usually have at least two, one being your "external" public IP address provided by your ISP bound to the WAN interface, but most people don't "see" the external IP address and tend to only focus on the local 192.168.X.Y IP bound to the "internal" interface.)

You could change the ASUS to use the 192.168.0.X subnet for it's internal sub-net, but if it's working well enough on 192.168.1.X, I wouldn't bother as such a change yields no benefit.

What you should end up with is something like:

ISP---Draytek[192.168.2.1]---[A.B.C.D]ASUS[192.168.1.1]---everything else on 192.168.1.X
 
Last edited:
This is very useful indeed. I won't lie - some of this is well over my head though.

So just to recap. I've changed everything now to the following;

ISP > Vigor 130 (192.168.1.1/24) > Asus 86U (192.168.0.1/24) > NAS (192.168.0.2/24)

DHCP is enabled on the Asus at a range of 192.168.0.100 to 192.168.0.254 as I like to reserve blocks of IP's for certain devices on my network.

DNS is set to 8.8.8.8 and 8.8.4.4 on the Asus. I see DNS settings on the Vigor 130 too but don't know where my devices get their DNS information from? The Asus or Draytek?

If for example I set my main gaming computer to 192.168.0.3/24 with default gateway of 192.168.0.1 and DNS of 192.168.0.1 then I presume the computer looks at the Asus for it's DNS? Which is set to 8.8.8.8/8.8.4.4

I need to look at this static routing thing first and see if I can work it out.
 
This is the screen I think I should be at for creating a static route? I need to enter a HOST IP, NETMASK, GATEWAY, METRIC & INTERFACE (wan, lan, man).
 

Attachments

  • lanroute.png
    lanroute.png
    32.6 KB · Views: 165
If for example I set my main gaming computer to 192.168.0.3/24 with default gateway of 192.168.0.1 and DNS of 192.168.0.1 then I presume the computer looks at the Asus for it's DNS? Which is set to 8.8.8.8/8.8.4.4

Presumably you have set this by a static IP address on the computer itself.

If you have set the PC's DNS to the 8.8.8.8 (Google public DNS) then it will route directly to Google when requesting DNS lookups. That will go through the Asus (and Draytek) as any other Internet traffic would via your ISP (who might do stuff) to Google.

This is the screen I think I should be at for creating a static route? I need to enter a HOST IP, NETMASK, GATEWAY, METRIC & INTERFACE (wan, lan, man).

Yes. Were the other routes created already? Just wondering about the last rule? The first one should allow you to connect from your PC (and other devices on your internal network) to see the Draytek.
 
Were the other routes created already? Just wondering about the last rule? The first one should allow you to connect from your PC (and other devices on your internal network) to see the Draytek.

I concur - you shouldn't need the last static route to the 192.168.0.X network (and it's incorrect, anyway - it should be to "lan" interface) - if you added it yourself just get rid of it - the router will very probably have built a (dynamic) route entry to 192.168.0.X when you gave an IP address to the lan interface, so your shouldn't need your own static one.

Very strictly speaking the static route to the Draytek that I have advocated is (technically) "wrong" but it should work for want you want to achieve.

On DNS, very basically:

DNS is hierarchical. It uses the concepts of "resolvers" and "forwarders." And just to confuse matters, some things can do both at the same time and many things cache the responses.

When a client device tries to "resolve" (name to IP) for itself, it first looks to see if it already knows the required name-IP mapping (including and entries it may have cached) and if so uses it.

If the client doesn't know, it will contact wherever it's been told to look to "resolve" any entries in doesn't already know. In a SOHO LAN, the target DNS resolver will be your router as the router has a resolver built in. If the router can resolve the name-IP mapping (again, including any cached entries it may have in hand) it will reply to the client with the requested IP address.

If the router cannot resolve the request it will the "forward" the request on up the line to "someone else." Usually at your ISP. The router learns which DNS Resolver to "forward" the request to from the ISP when estabilshing your ISP link.

If the ISP resolver can satisfy the request, is sends back the response, your router caches it, then send it down to the client (which almost certainly also caches the reply.)

If the ISP cannot resolve the request, it will ask another resolver....

And so on and so on until someone can resolve the request which might ultimately be the DNS resolver of the "owner" of the domains name (this is called the "authoritative" reponse as it comes from the horses mouth and isn't satisfied from any cached entries.)

Thusly, the process is very efficient as frequently used requests get responses from resolvers very close to the clients without having to search out the authoritative resolver every time. But it also vulnerable to some abuse and hacks which I won't get into.

The disadvantage of having your clients use the Google (or any other) DNS resolver is that every DNS request has to go off to Google for a reply which is slower as you never get any caching in your router or at your iSP etc. Often the reason people opt for another DNS resolver is due to some Internet meme that says (for example) this or that ISP has a "rubbish DNS server" where "rubbish" is not adequately well quantified, or some DNS resolver is "better for gaming" again without any adequate description of what "better" means.

I would suggest not trying to fix a problem that isn't broken: Let your clients use your router as their DNS server, let your router use your ISP (as it almost certainly is doing automatically) and just try it for a while. If it's OK, job done. If there's a problem, anaylse what it is, prescribe a solution and then implement it.

It's not "wrong" to use an alternate DNS server to you router/ISP. But (I argue) why bother with an alternate if it makes things more complicated and slower.

A modem strictly speaking doesn't need a DNS function, so without churning through the manual, I'm not sure why it has any DNS settings. Possibly it's because one use case for such as device would be the really old school way of doing internet where you had ISP---Modem---PC in which case a DNS resolver on the modem might be useful.

However, using the Draytek as an external modem for a so-called "cable" router, then you robably don't need to worry about it. If you router can obtain DNS information from your ISP, automatically, I'd use that.
 
Last edited:
The other thing to note is even if you request a DNS entry from say Google DNS server your ISP may still intercept that request and give you the IP address they want you to use and not the real one.

A bit devious but .....
 
Thanks all for the info and advice. I can't get the admin page to work no matter what I try and I think from all the messing I have been doing recently it has caused my speeds to decrease massively.

On the Sky Q hub I was syncing at about 4.4MB/s and now I am down to 3.7MB/s :-(

I'm going to stop messing now and see if it comes back up - I'm hoping the DSLAM thinks I have a problem so it has slowed things down and I hope even more it will increase back up now I've stopped messing.

OR maybe the Draytek doesn't like my line as much as the Sky Q hub...........eeeek.
 
I can't get the (Draytek?) admin page to work no matter what I try...

In the static routes list, will the ASUS let you specify a route without setting a "gateway" address...?
If so, try that, so the entry just reads, "192.168.1.0" "255.255.255.0" no gateway, no metric and interface "wan"
 
Ok just checking, what speed are you expecting to get?

I was getting a rock solid 4.2MB/s on the Sky Q hub. I'm down to 3.7MB/s on the Vigor. I spoke to Sky tonight and I made a cock and bull story about a dog (which I don't have) chewed through some internal wiring causing the internet to disconnect. They are sending an engineer to see if everything looks ok now I've replaced my wiring. I've requested the DLM to be reset - I need to put my Sky Q hub back in before he turns up.

In the static routes list, will the ASUS let you specify a route without setting a "gateway" address...?
If so, try that, so the entry just reads, "192.168.1.0" "255.255.255.0" no gateway, no metric and interface "wan"

Afraid not. Asus says I can't leave the gateway blank.
 
In the static routes list, will the ASUS let you specify a route without setting a "gateway" address...?
If so, try that, so the entry just reads, "192.168.1.0" "255.255.255.0" no gateway, no metric and interface "wan"

You need a gateway though to tell it where to go.

Did you put your routes in or where they generated?

They both could be wrong due to the netmasks. If you put them in delete them both and try the following.

What's available in the drop down list for Interfaces?

I would try

192.168.1.1 net mask 255.255.255.255 Interface WAN (although try LAN too)

or

192.168.1.0 net mask 255.255.255.0 Interface WAN
 
So a little update here:

I've reset everything as I got lost as to what I'd done - I needed a brain restart. So now I have the following;

Modem 192.168.2.1 / 255.255.255.0
Router 192.168.0.1 / 255.255.255.0


If I set the WAN to STATIC IP on the router to 192.168.2.1 I can now access the modem UI, however, I can't access the internet.

If I set the WAN to AUTOMATIC IP on the router I can access the internet but not the modem UI.

In the LAN static route part of the router I have 3 INTERFACES to chose; LAN, MAN & WAN. If I set this to LAN I have a drop down box with available MAC addresses on my network. If I chose MAN or WAN the drop down box disappears and I have to enter details manually (I don't know if I should be entering IP's or MAC's).
 
Which is why you will need a static route.

Plenty of systems are set up this way take for example Virgin Media. In Modem Only mode all Super Hubs are assigned 192.168.100.1 as their address. The router connected will then assign what it is configured for say 192.168.0.x like but will allow access to 192.168.100.1 still.

Did you try the static routes I suggested?

Albeit it now with your changes it would be

192.168.2.0 net mask 255.255.255.0 Interface WAN Gateway 192.168.0.1
 
You need a gateway though to tell it where to go.

We shouldn't need a "next hop gateway" address for any directly connected subnets because, (by definition,) there is no "other" router one needs to forward traffic to to reach the target subnet: We just need to tell the router to "egress all traffic for subnet X through interface Y." The "next hop gateway" is to tell the router where (which other router) to forward the traffic for some subnet Z (not directly connected) and thence which interface the traffic must egress through to reach said router.

For example, imagine a small network of three subnets separated by two routers:

192.168.1.0---(A)rtr1(B)---172.16.0.0---(C)rtr2(D)---10.0.0.0

A static route on rtr1 for 10.0.0.0 would define rtr2 as the next hop gateway which is reached through interface B. But for subnet 172.16.0.0 it simply has to egress traffic through interface B without hopping through any other router.

However, as I'm typing this, it occurs that of course as far as the ASUS is concerned, it's not directly connected to 192.168.2.0 and thus insists on having a next hop gateway. But we might be able to lie to it...

Bearing in mind that the ASUS WAN interface is bound up to the ISP subnet (not the modems 192.168.2.X) and has a publicly routable IP address. Strictly speaking the modem should have an IP address in the same range as the ISP, but good luck getting another one of them from the ISP.

Maybe we can lie to the ASUS that modem is the next hop gateway for the 192.168.2.0 subnet. IE set the static route entry as: 192.168.2.0 / 255.255.255.0 gateway 192.168.2.1 interface wan. My worry might be that there isn't an (effective) path in the reverse direction, (back from the modem,) but it's worth a try, it'll either work or it won't.

Indeed, I'd be interested to know whether the ASUS will regard the "network/host" as a (single) "host" if you give it a 255.255.255.255 subnet mask as chuck suggest and whether that negates the requirement for a next hop gateway. So if you specify 192.168.2.1 / 255.255.255.255, does ASUS still insist on having a next hop gateway..?

@ChrisGTL "static IP address" and "static route" are not the same (or related) "things" - you need to leave the ASUS WAN interface to "automatically get it's IP address" otherwise the Internet will not work (as you've observed.)
 
Last edited:
We just need to tell the router to "egress all traffic for subnet X through interface Y."

Yes if we could do that but I don't think we can or rather its interface is chosen by the IP (I used gateway when perhaps was a bad choice of words)

So in the same way we could equally have another PC on the network with multi-Nics hosting a small subdomain on say a 10.x.x.x domain the route for that would have the interface (gateway) as the Lan IP address of the Multi-nic PC.
 
Yeah, the more I think (thought) about this as I'm typing, the more I think the "problem" is the ASUS is probably not flexible enough to cope with multiple subnets on the same (WAN) NIC and it's presuming there's only one subnet attached and that is the expected to be the ISP.

Hence, it occurred to me that we might "lie" to the ASUS and declare that the modem is the router for the 192.168.2.0 subnet and see if that tricks into yielding to our will. Mwahhaahaaa.

Of course, even then, NAT and the firewall might stick it's oar it.
 
Even running a very capable custom build Pfsense router PC I am unable to log into the vigor 130 interface unless I connect into it directly. Some Draytek routers will disply the line stats ect.
I can assign it whatever subnet I choose to the modem, but it makes no difference.
There is nothing to see anyway, it is in bridged mode out of the box and configured to run on virtually all UK networks out of the box. Unless there are ISP dependent settings that need changing, nothing needs to be messed with.
If I was you, I wouldnt waste another second of your life messing with it. Plug it in, leave it alone for a few days and let your line settle down.
 
Cheers all for the advice.

I called out Sky and requested an Open Reach engineer to investigate another issue and while he was here I got him to replace some wiring, and reset my connection.

I am now back on FAST instead of INTERLEAVING and my speeds are syncing higher than ever before so all is good. I need to leave my modem alone now as I am back on the 10 day training period.

Just glad the Open Reach engineer that came to me had worked there for over 20 years - he certainly knew his stuff and ended up fixing a fault on my voice line which I wasn't aware of.
 
A fault on your voice line if external could cause a problem on your broadband too. They are the same line ?
 

The latest video from AVForums

TV Buying Guide - Which TV Is Best For You?
Subscribe to our YouTube channel
Back
Top Bottom