Reply
New Member
Posts: 30
Registered: ‎11-11-2018
Kudos: 1

USG: Avoiding DHCP conflicts with ISP modem

Using a USG with DHCP enabled.

 

The ISP modem-router also has DHCP enabled.

 

What is the best set-up to avoid DHCP conflicts?

Member
Posts: 121
Registered: ‎04-19-2016
Kudos: 18
Solutions: 3

Re: USG: Avoiding DHCP conflicts with ISP modem

What modem were you supplied with? You will need to turn the ISP supplied modem/router to Bridge Mode - otherwise you'll encounter Double NAT. 

Senior Member
Posts: 16,227
Registered: ‎08-04-2017
Kudos: 2968
Solutions: 800

Re: USG: Avoiding DHCP conflicts with ISP modem

Hello @ruamayor,

 

If you can put the modem into bridge modes, or disable DHCP on the modem.

 


Regards,

Glenn R.

Cloud Hosted Controllers | Glenn R. | UniFi Installation/Easy Update Scripts | UniFi-VoIP Installation Scripts
USG-4-PRO • USG
USW-48-500W • USW-24-POE-250W 2x • USW-16-POE-150W 3x • USW-24 • USW-8-150W • USW-8
UAP XG • UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2-PLUS • UCK-G2 • UCK
New Member
Posts: 30
Registered: ‎11-11-2018
Kudos: 1

Re: USG: Avoiding DHCP conflicts with ISP modem

Thanks guys.

 

Its a Huawei F1000.

 

Will an ipconfig command indicate if its in bridge mode already?

Senior Member
Posts: 16,227
Registered: ‎08-04-2017
Kudos: 2968
Solutions: 800

Re: USG: Avoiding DHCP conflicts with ISP modem

Hello @ruamayor,

 

Login to your modem and see if you can either put it in bridges modes or disable DHCP.

Some ISPs can put your modem into bridge modes ( You need to call them )

 

 

Regards,

Glenn R.

Cloud Hosted Controllers | Glenn R. | UniFi Installation/Easy Update Scripts | UniFi-VoIP Installation Scripts
USG-4-PRO • USG
USW-48-500W • USW-24-POE-250W 2x • USW-16-POE-150W 3x • USW-24 • USW-8-150W • USW-8
UAP XG • UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2-PLUS • UCK-G2 • UCK
Member
Posts: 208
Registered: ‎10-07-2017
Kudos: 61
Solutions: 1

Re: USG: Avoiding DHCP conflicts with ISP modem

[ Edited ]

Because i cant be onsite most of the time, and because we didnt therefore want to get into having the possibility of non-tech managers trying to redo bridging or other settings, should (and when) theyre told by the various ISP's at the varying properties to do a factory reset when troublesooting the ISPS's own connectivity issues Man Happy, we have left the modems as is, and run the USG behind them in non-bridging mode...makes more sense for me to be able to fiddle with the USG's which are identical to setup/edit, rather than various modems around the place...

 

Anyhow, we have had one site behind a non-bridged modem for a year now, and not a single issue.

 

So people telling you you have to bridge your modem are not exactly telling the truth

 

Is it preferable? yes, but its by no means a deal breaker....nothing people bang on about has ever caused us a single moments drama, ymmv....

 

I have DPI and IPS (almost all of the categories enabled) turned on on our USG's and they do not miss a beat or suffer any ill effects....

 

p.s. Leaving the modem untouched also means, with Australias dodgy National Broadband Network - or what we got instead, thanks Liberal Party , (that apart from needing the NBN modem for the connection - again thanl Liberla Party for the lack of FTTP),  you can also continue to use the telephone. the minute you bridge an NBN mdoem, you'll have some fun getting that to work via a CIsco VoIP adapator.....many of the ISP's here do not provide VoIP settings....

Member
Posts: 121
Registered: ‎04-19-2016
Kudos: 18
Solutions: 3

Re: USG: Avoiding DHCP conflicts with ISP modem

[ Edited ]

@ruamayor - Bridge Mode is only found on the modem/routers web based setup page (if it is available) - It cannot be configured from Command Prompt on your own computer.... As Glenn said you will need to check with your ISP - and whilst you're on the phone double check that you have the right username & password to connect to the ISP (as you might need that for the USG in the later stages).

 

Depending on your ISP -and modem/router you can run a quick google search on how to setup bridge mode along with the common setting relating to that provider, or occasionallly they will send you out a modem which can be placed in bridge mode.

 

@adrianmmillerHaving a USG behind the router of the ISP's modem - any firewall or port changes you need to make would need to be made on the ISP's modem/router side which can't be done via Unifi's controller - so you'd need to be on site... but the old addage still stands - if it ain't broke, leave it... if you are happy with how it all functions - then leave the USG behind the router...

That said a VDSL modem like the Draytek 130 will work on both NZ and Auz MBN network. It is generally IMO better made that the ISP supplied kit.

 

best

 

A

New Member
Posts: 30
Registered: ‎11-11-2018
Kudos: 1

Re: USG: Avoiding DHCP conflicts with ISP modem

Thanks for the replies guys.

 

 

>>>Anyhow, we have had one site behind a non-bridged modem for a year now, and not a single issue.

 

Adrian, any theory why no issues. Sometimes two DHCP servers on the same network will play havoc. What's different with Ubiquiti?

Regular Member
Posts: 492
Registered: ‎11-30-2016
Kudos: 244
Solutions: 27

Re: USG: Avoiding DHCP conflicts with ISP modem

@ruamayor It depends on how you connect them. If you connect the ISP modem to the WAN port of the USG it will work. If the ISP modem is not bridged then you'll have double-NAT, which may give you some headaches in some circumstances. In most cases it will work just fine.

 

Apparently you have now connected the ISP modem directly to the internal LAN. That means the Security Gateway is bypassed altogether and it is not providing any security at all. Instead both devices are feeding DHCP addresses to the LAN, which is the symptom you are observing.

If I helped you, please don't clutter the forum with a Thank You post. Give Kudos or Mark as a Solution instead. I'll appreciate it.
Regular Member
Posts: 492
Registered: ‎11-30-2016
Kudos: 244
Solutions: 27

Re: USG: Avoiding DHCP conflicts with ISP modem

One picture will tell more than a thousand words:

 

DHCP.png

 

Of course it is better if you can configure the router as a bridge without NAT or DHCP.

If I helped you, please don't clutter the forum with a Thank You post. Give Kudos or Mark as a Solution instead. I'll appreciate it.
New Member
Posts: 27
Registered: ‎01-28-2016
Kudos: 3

Re: USG: Avoiding DHCP conflicts with ISP modem

[ Edited ]

@ruamayor Having it unbridged will only cause problems when you try you open ports to servers.  If you are doing the normal everyday internet browsing having double NAT should never cause an issue. 

 

The DHCP on the modem will only assign IP address to the router, devices on your network should get everything from your router and never see the modem if it's hooked to the WAN port on the router.

 

 

New Member
Posts: 30
Registered: ‎11-11-2018
Kudos: 1

Re: USG: Avoiding DHCP conflicts with ISP modem

Petri, thanks for that amazing diagram.

Jrowe, does a device like the USG distribute IP addresses via DHCP?
Member
Posts: 208
Registered: ‎10-07-2017
Kudos: 61
Solutions: 1

Re: USG: Avoiding DHCP conflicts with ISP modem

[ Edited ]

For completeness, I should add that the only "downside" we had using the USG behind the unbridged modem, that we wanted to avoid ANY changes on, was using OpenDNS, and keeping the ip updated when of course our dynamic IP changed

 

Simply solved by the following scipt placed in  the usg's /config/scripts directory (survives updates):

 

curl --basic -k --user <username@gmail.com>:<password> https://updates.opendns.com/nic/update?hostname=<networkname>

And then the following config.gateway.json on the controller to schedule the script:

 

{
	"system": {
		"task-scheduler": {
			"task": {
				"opendnsupdate": {
					"executable": {
						"path": "/config/scripts/updateopendns.sh"
					},
					"interval": "4h"
				}
			}
		}
	}
}

bonus?, our full config.gateway/json - with forced DNS on both LAN 1 & 2 (we have a switch each connected to LAN 1 & LAN 2:

 

{
	"service": {
		"nat": {
			"rule": {
				"1": {
					"description": "DNS Redirect",
					"destination": {
						"address": "!10.0.0.1",
						"port": "53"
					},
					"inbound-interface": "eth1",
					"inside-address": {
						"address": "10.0.0.1"
					},
					"log": "disable",
					"protocol": "tcp_udp",
					"type": "destination"
				},
				"2": {
					"description": "DNS Redirect",
					"destination": {
						"address": "!10.0.0.1",
						"port": "53"
					},
					"inbound-interface": "eth2",
					"inside-address": {
						"address": "10.0.1.1"
					},
					"log": "disable",
					"protocol": "tcp_udp",
					"type": "destination"
				}

			}

		}
	},


	"system": {
		"task-scheduler": {
			"task": {
				"opendnsupdate": {
					"executable": {
						"path": "/config/scripts/updateopendns.sh"
					},
					"interval": "4h"
				}
			}
		}

	}
}

 

New Member
Posts: 27
Registered: ‎01-28-2016
Kudos: 3

Re: USG: Avoiding DHCP conflicts with ISP modem

[ Edited ]

If you have it set to distribute IP addresses.  The USG is just like any normal router, the only difference is it doesn't have the switch built in so it only has one lan port.  All of the devices in your network from the USG forward will be issued ip address by the USG.  If your modem is hooked to the WAN port on the USG all of the devices on your network only see an internet connection, they have no idea or even care how they get it.

Reply