Jump to content

Router in bridge mode and power cuts.


phetphet

Recommended Posts

Was just about to upgrade my 3BB internet VDSL to 3BB Fiber.  Was planning to use my own Asus router in bridge mode from the ISP supplied one for a more secure system..

 

Then I got to thinking. We have quite a lot of power cuts here in Samui. Especially since the undersea cable from the mainland was recently damaged. Would these power cuts create a situation where every time the power went off, I would need to set up the whole bridge mode again? Or perhaps even have to ask 3BB to do it from their end? Or would everything just restart as normal?

 

Anyone experienced this? 

 

TIA

Link to comment
Share on other sites

Having your ISP-provided router set to bridge mode and then using your personally bought router is a good way to go for various  reasons.  But one very important reason is internet/router firmware vulnerabilities (i.e., security issues) are always popping-up as bad guys try to hack into your system by exploiting outdated router firmware.

 

ISP-provided routers rarely, if ever, receive a firmware updates to fix vulnerabilities or performance issues.   They are a hackers delight.  Best just to set them to bridge mode to where they are nothing more than a signal converter and use your personal router (which hopefully receive frequent firmware updates) to fully control your home network and perform the "guard on the internet wall" duties for your internet connection to the world.    

 

On my AIS  Fibre plan I have the AIS-provided router (a Huawei model) set to  bridge mode and my Asus 86U router performs full router duties and guard on  the internet wall duties....and the Asus 86U gets frequent firmware updates.  In fact, it got one today....it usually gets one every month or two to fix nearly discovered internet vulnerabilities, provide performance tweaks, add features, etc.   See summary of the latest firmware update t

 

Quote

 

2018/08/2459.86 MBytes

ASUS RT-AC86U Firmware version 3.0.0.4.384.32797
AiMesh new features
- Supported creating mesh system with new router, BlueCave.
- Added Roaming block list in Advanced Settings --> Wireless. 
You can add devices into block list and this device will not be roamed between AiMesh nodes.
- Supported ethernet onboarding. User can use ethernet cable.
You can use ethernet cable to connect AiMesh router LAN port and AiMesh node WAN port first and run the adding node process to build the mesh system.

Security fixes.
- Fixed Reflected XSS vulnerability.
- Fixed CSRF vulnerability.
- Fixed command injection vulnerability.
- Fixed stack buffer overflow vulnerability.
Thanks for Rick Ramgattie contribution.

Fixed Adaptive QoS upload bandwidth setting issue.
Fixed 4-wires ethernet cable compatibility issues.
Fixed USB hard drive over 2TB compatibility issues.
Fixed Samba/FTP folder permission issues.
Added USB3.0/2.0 mode switch setting in Administration --> System --> USB Settings.

 

 

Link to comment
Share on other sites

And just to give more info on security fixes, above firmware update fixed something called a "Reflected XSS Vulnerability" which I figure is bad, but didn't have a clue what it meant.   So I googled a little bit and it comes down to malicious script that can be injected into websites we visit.

 

I'm sure there are many malicious scripts lurking out there on websites and more occurring everyday.   However, I can sleep a little better such malicious scripts will have a harder time getting pass my "router guard on the internet wall" since my router gets frequent firmware updates.  


https://www.veracode.com/security/reflected-xss

Quote


Reflected XSS

The key to preventing a reflected XSS attack

A reflected XSS attack is a kind of cross-site scripting attack, where malicious script is injected into websites that are trusted or otherwise benign. Typically, the injection occurs when an unsuspecting user clicks on a link that is specifically designed to attack the website they are visiting. For example, on websites that rely on user-generated content like forums or comment sections, attackers may post malicious code that infects anyone who views it or clicks on it.

In a reflected XSS attack, a web application with an XSS vulnerability will allow potentially harmful data to be inserted into a routine transaction. For example, when a user sends a web request to a server by submitting a form, the application will respond with a page containing an echo of what the user has submitted for confirmation. A malicious piece of JavaScript can replace or append itself to the user’s entry, which the user inadvertently executes. A reflected XSS attack may also lure a victim into starting an HTTP request by clicking on a malicious link in an email or a counterfeit webpage that looks legitimate.

While these attacks are among the most frequent risks to application security, reflected XSS and cross site scripting prevention is rather simple when enterprises have the right tools.


 

 

Link to comment
Share on other sites

I already have an Asus 68U, but funnily enough I had already ordered the 86U from InvadeIT in preparation of upgrading to Fiber.

 

The fiber optic cable was already installed all the way to the back of my tv cabinet several months ago, so it should be just a case of connecting it to a new 3BB FTTH router. I think all  the ISP's here use Huawei models of one sort or another.

 

I presume having fiber all the way also does away for the need for a modem. Is that correct?

 

 

Link to comment
Share on other sites

10 hours ago, phetphet said:

I already have an Asus 68U, but funnily enough I had already ordered the 86U from InvadeIT in preparation of upgrading to Fiber.

 

The fiber optic cable was already installed all the way to the back of my tv cabinet several months ago, so it should be just a case of connecting it to a new 3BB FTTH router. I think all  the ISP's here use Huawei models of one sort or another.

 

I presume having fiber all the way also does away for the need for a modem. Is that correct?

 

In FTTH (back of your TV cabinet), it does "not" do away with the need for a modem or combo modem-router which is referred to in fiber optics internet connects as GPON ONT which means Gigabit-capable Passive Optical Network Optical Network Terminal.  

 

That ONT converts the fiber optical signal into an electrical signal.   An ISP-provided ONT can take the form of a modem or a combo modem-router.   

 

When you set a combo modem-router (a.k.a, router) to bridge mode it's basically turned into a modem only and is doing nothing much more than converting the incoming optical signal to electrical signal which your router connected to it can use.    The electrical signal output will be an ethernet type signal.

 

Lots of different modem/routers provided by ISPs....Hauwei is probably the most used but there are other manufacturers used also.   When ISPs buy modems/routers they buy thousands at a time....they put out a contract for bids....bidders propose their various models and prices....a winning bidder and model(s) is selected...and then new customers will probably get that model until the ISP uses up all those routers and start using a new model from another contract. 

Link to comment
Share on other sites

On 8/27/2018 at 6:30 PM, Pib said:

No.  You do not have set things up again after a power outage, after you turn off the devices, etc.  Settings are remembered and reboot to those same settings.

Yes that's how things should work...but  sometimes  in a "brown out" situation  where the voltage is low

and up/down all over the place.. its possible ( small chance) to corrupt the non volatile RAM settings, that would then require a factory reset  ...Ahh I see the op has a UPS already.

Link to comment
Share on other sites

32 minutes ago, johng said:

Yes that's how things should work...but  sometimes  in a "brown out" situation  where the voltage is low

and up/down all over the place.. its possible ( small chance) to corrupt the non volatile RAM settings, that would then require a factory reset  ...Ahh I see the op has a UPS already.

Sure....corruption can happen for various reasons..and it can happen even if a router is "not" set to bridge mode. 

 

Usually in a brown-out where the voltage is low....like maybe even 90 volts the router would still be getting the proper power from it's 5 or 12V (probably 12V) power adapter as the adapter is designed to work on either 120V or 220V which means it will operate properly from around approx 90 to 240V.     Now in a black-out situation where the voltage goes to zero or durn near then all kinds of crazy, bad things can happen with electronics but fortunately more and more modern day electronic power supplies/power adapters have protection circuits which completely shutdown the power supply when the input voltage drops below a certain minimum level.

 

Edit: for example after posting above I remembered I had an Asus router I wasn't using anymore....took a  picture of its 12V power adapter....notice it says it can operate with a 100 to 240V input.

 

image.png.f14a110905a1012161fc42e7c6583b52.png

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.




×
×
  • Create New...