ONT Through Switch

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

chocrates

Occasional Visitor
Hey All, I had my AT&T fiber setup this way:

Fiber (from street) -> ONT -> switch -> modem -> router

I was getting 800mbps down on my machines behind the router.

I had the AT&T tech come in today to make sure I set it up properly and they said that it shouldn't have worked at all, and was surprised their speed tests were identical between having the switch between the modem and ont box and otherwise.

Anybody know why it is a bad idea or what problems could happen? I'm super curious how it worked at all.
 

ColinTaylor

Part of the Furniture
In most cases a switch will be a transparent device so there's really no point having it there unless it's serving some other function that you haven't mentioned. What sort of modem are you using? I wouldn't have thought that was compatible with an ONT (although I'm not familiar with AT&T).
 
Last edited:

chocrates

Occasional Visitor
I think it is an Arris Bgw210

The switch didn't need to be there. I was having some trouble getting it set up (I had bad cables from the wall to my computers and one of my rj45 ports on the wall is missing a pin so it would tone but not carry data), so I think at one point I was just plugging things together to try to get it to work.
 

ColinTaylor

Part of the Furniture
I think it is an Arris Bgw210
I could be wrong but that doesn't look like just a modem, it looks like a DSL wireless router (except you're not using the DSL part).

The switch didn't need to be there. I was having some trouble getting it set up (I had bad cables from the wall to my computers and one of my rj45 ports on the wall is missing a pin so it would tone but not carry data), so I think at one point I was just plugging things together to try to get it to work.
Perhaps the Arris uses VLANs to separate IPTV or VoIP services from internet. Some switches might strip that VLAN information so perhaps that's why the tech said he was surprised it worked. Either way, having that switch and the additional cable is just adding extra potential points of failure so you should try to replace them with a single cable if possible.
 
Last edited:

det721

Part of the Furniture
Where you attemping to do the dumb switch bypass ? If not no reason for the switch before the gateway.
 

follower

Senior Member
Hey All, I had my AT&T fiber setup this way:

Fiber (from street) -> ONT -> switch -> modem -> router

I was getting 800mbps down on my machines behind the router.

I had the AT&T tech come in today to make sure I set it up properly and they said that it shouldn't have worked at all, and was surprised their speed tests were identical between having the switch between the modem and ont box and otherwise.

Anybody know why it is a bad idea or what problems could happen? I'm super curious how it worked at all.

1. Wrong connection: Fiber (from street) -> ONT -> switch -> modem -> router
: the switch gets an IP address from the ONT> the switch gives an IP address which is the same as ONT gives to the modem> the modem gives an IP address(same IP) to the router.
Some managed switches like Netgear's works as an unmanaged switch without any setup(factory default). So it doesn't matter whether a managed or an unmanaged switch. It just works. But it's a wrong setup unless you have 2 or more physical IP addresses and you need to use those physical IP addresses.

2. Correct connection: Fiber (from street) > ONT > modem > router > switch
: You should changed the modem to Bridge mode. Disable DHCP and some options.

Warning.
No.2 works with your network environment. But it may not work with other network environments.

Read this.
 
Last edited:

chocrates

Occasional Visitor
1. Wrong connection: Fiber (from street) -> ONT -> switch -> modem -> router
: the switch gets an IP address from the ONT> the switch gives an IP address which is the same as ONT gives to the modem> the modem gives an IP address(same IP) to the router.
Some managed switches like Netgear's works as an unmanaged switch without any setup(factory default). So it doesn't matter whether a managed or an unmanaged switch. It just works. But it's a wrong setup unless you have 2 or more physical IP addresses and you need to use those physical IP addresses.

2. Correct connection: Fiber (from street) > ONT > modem > router > switch
: You should changed the modem to Bridge mode. Disable DHCP and some options.

Warning.
No.2 works with your network environment. But it may not work with other network environments.

Read this.

I am up and running now.

Fiber -> ONT -> Modem (in bridge mode) -> Router -> various patch panel terminals -> switch -> devices
 

DirtyOldBiker

New Around Here
1. Wrong connection: Fiber (from street) -> ONT -> switch -> modem -> router
: the switch gets an IP address from the ONT> the switch gives an IP address which is the same as ONT gives to the modem> the modem gives an IP address(same IP) to the router.
Some managed switches like Netgear's works as an unmanaged switch without any setup(factory default). So it doesn't matter whether a managed or an unmanaged switch. It just works. But it's a wrong setup unless you have 2 or more physical IP addresses and you need to use those physical IP addresses.

2. Correct connection: Fiber (from street) > ONT > modem > router > switch
: You should changed the modem to Bridge mode. Disable DHCP and some options.

Warning.
No.2 works with your network environment. But it may not work with other network environments.

Read this.
Was looking for something else & stumbled upon this; I wanted to clarify for others searching similar topics...

You CAN and depending on your setup & requirement MAY need to install a switch between the ONT and a router. You CAN use a dumb switch, that is relatively pointless; or you can use a managed L2+ switch with DHCP. This can have several benefits & as I mentioned, CAN BE INVALUABLE, if not necessary, in troubleshooting network issues or just keeping an eye on your network traffic.

I use a L2+ managed web switch at the ont, which allows me to [packet sniff the entire network, see exactly what is traversing my network & it provides the additional benefit of almost never having to worry about IP issues, while providing 80Gbe of throughput (40Gbe unblocked) for my LAN & VLAN's.

Thekey to the switch is L3 capabilities, DHCP in particular, allowing it to pull my DYNAMIC public IP from the ISP. This allows me to then reset or replace routers without losing my IP, the ISP none the wiser. Even with a localized power outage, between my ONT backup power & the UPS, I keep my public IP. The switch then sends out runs & drops to the various rooms, sending a 10Gbe to my NAS NIC-1, where the internal virtual switching adds a firewall & second layer of access control & required routing. Another goes to VPN firewall router, 4-speed POE switches, to security cameras and other security related I/IIoT devices, cameras & a group of firewalled mesh routers, keeping available all of the enhanced features typically lost to AP mode or bridged connections. This AX WiFi group is whitelisted for only my wireless IP cams. Back at the ONT switch, this VLAN is segregated with strict ACL control, allowing only the require sorce & destination IP's to be accessed.

The second run is another 10Gbe, to the second router & another set of Mesh, but EAP's this time, with ethernet backhaul, tied into the office switch, where NAS NIC #2 & 3 can communicate with media devices for DLNA & media serving, using LACP, along with another VLAN & port bonding, limiting what services can be accessed by the media node of my network.

Lastly, I have the third run, this going to another multi-VPN switch, to NIC #3 on the NAS, to a dedicated 10Gbe connection for the lab, terminal & for my laptop, for communicating with a second location & used as a private network for just those items.

For the most part, I now control everything that comes in & goes out on my network & I am now integrating as many services as possible to the lab & my server, from DNS to IoT (handle my own DNS, have intranet based network access, & currently learning my way thru JS, MQTT & a dozen other protocols & languages, already handling 75% of all my scenes and routines internally. My ultimate goal is to keep my data mine, my part to hamper companies using public resources to reap huge profits, which they did for decades without notice or consent.

BTW, I am not, nor have I ever been, in the tech, IT or ISS industries. Everything so far being learned in spare time, self-taught, with countless debts of gratitude owed to people on forums. Synology boards, QNAP communities & especially in the Cisco communities. Either it had been done before and well documented, or I lucked into someone eager to teach to someone hungry for knowledge, undoubtedly tired of the spoon feeding requests seemingly so prevalent these days. So many went out of their way to answer questions, suggest directions where merited or add to the journey of creating a means to accomplish the desired outcome.
 

follower

Senior Member
Was looking for something else & stumbled upon this; I wanted to clarify for others searching similar topics...

You CAN and depending on your setup & requirement MAY need to install a switch between the ONT and a router. You CAN use a dumb switch, that is relatively pointless; or you can use a managed L2+ switch with DHCP. This can have several benefits & as I mentioned, CAN BE INVALUABLE, if not necessary, in troubleshooting network issues or just keeping an eye on your network traffic.

I use a L2+ managed web switch at the ont, which allows me to [packet sniff the entire network, see exactly what is traversing my network & it provides the additional benefit of almost never having to worry about IP issues, while providing 80Gbe of throughput (40Gbe unblocked) for my LAN & VLAN's.

Thekey to the switch is L3 capabilities, DHCP in particular, allowing it to pull my DYNAMIC public IP from the ISP. This allows me to then reset or replace routers without losing my IP, the ISP none the wiser. Even with a localized power outage, between my ONT backup power & the UPS, I keep my public IP. The switch then sends out runs & drops to the various rooms, sending a 10Gbe to my NAS NIC-1, where the internal virtual switching adds a firewall & second layer of access control & required routing. Another goes to VPN firewall router, 4-speed POE switches, to security cameras and other security related I/IIoT devices, cameras & a group of firewalled mesh routers, keeping available all of the enhanced features typically lost to AP mode or bridged connections. This AX WiFi group is whitelisted for only my wireless IP cams. Back at the ONT switch, this VLAN is segregated with strict ACL control, allowing only the require sorce & destination IP's to be accessed.

The second run is another 10Gbe, to the second router & another set of Mesh, but EAP's this time, with ethernet backhaul, tied into the office switch, where NAS NIC #2 & 3 can communicate with media devices for DLNA & media serving, using LACP, along with another VLAN & port bonding, limiting what services can be accessed by the media node of my network.

Lastly, I have the third run, this going to another multi-VPN switch, to NIC #3 on the NAS, to a dedicated 10Gbe connection for the lab, terminal & for my laptop, for communicating with a second location & used as a private network for just those items.

For the most part, I now control everything that comes in & goes out on my network & I am now integrating as many services as possible to the lab & my server, from DNS to IoT (handle my own DNS, have intranet based network access, & currently learning my way thru JS, MQTT & a dozen other protocols & languages, already handling 75% of all my scenes and routines internally. My ultimate goal is to keep my data mine, my part to hamper companies using public resources to reap huge profits, which they did for decades without notice or consent.

BTW, I am not, nor have I ever been, in the tech, IT or ISS industries. Everything so far being learned in spare time, self-taught, with countless debts of gratitude owed to people on forums. Synology boards, QNAP communities & especially in the Cisco communities. Either it had been done before and well documented, or I lucked into someone eager to teach to someone hungry for knowledge, undoubtedly tired of the spoon feeding requests seemingly so prevalent these days. So many went out of their way to answer questions, suggest directions where merited or add to the journey of creating a means to accomplish the desired outcome.

You don't think about beginners or normal users? I think I have more complicated and bigger networks than you. You know what? I never recommend those network environments to beginners or normal users. Why? It's not for them. Is that easy for maintenance and repair?
I don't think so. They just need a simple home network.
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top