Router DMZ vs Bridge Mode - Pros/Cons?

[Crossy]

I've been happily running my ToT fibre router with a second Tomato router as its DMZ device (fixed IP on the Tomato WAN port). All port-forwarding is done on the Tomato, everything works as expected even a baby web server is accessible from outside. I'm using No-IP as my DDNS provider with the DDNS client running on the Tomato router (never got DDNS to work properly on the ToT Forth router) which is updating correctly.

 

So, are there any real advantages to using Bridge Mode, the double NAT seems to make no difference to how things work and any performance hit is imperceptible (to me anyway).

 

The advantage to me is that I still have the support of the ToT man when things go awry, as they do occasionally (last time was a cement truck took out the fibre trunk to the village).

 

I'm loathe to go to Bridge Mode if it offers no real advantages especially as the ToT man expressed his reluctance to look at any issues with a bridged ToT router.

 

[KittenKong]

Putting the TOT router into bridge mode would remove one source of potential problems and a tiny bit of overhead, but these are unlikely to be significant so hardly worth bothering. As you say, the upside of keeping the TOT tech happy is probably worth more than any possible speed or functionality increase you may get by switching to full bridge mode. More so if what you have does what you need anyway, which apparently it does.

[Crossy]

Yeah, it's certainly doing what I need right now, just wondered if there were any potential pitfalls waiting to swallow my internet connection :)

 

[RedCardinal]

I have to ask here - so your configuration is that you run hook up your primary router's WAN port (Tomato) to the DMZ on the ToT router, which therefore bypasses NAT on the ToT box to avoid double-NATting right?

 

I have a problem in that I load balance 2 connections, and True are phasing out bridge mode support in their routers.  But if their new DOCSIS 3 modems have DMZ I suspect I could run the same set-up as you connecting one of my primary router WAN ports to the DMZ on True router to get the same outcome as their router working in bridge mode.  

 

Do you think this will work?

[Crossy]

Yes RC, it would certainly work, that is exactly what I'm doing.

 

Effectively the DMZ has every port forwarded to it,  it doesn't do away with the double-NAT as the Tomato router doesn't see the external IP address but otherwise behaves as if the front end router is in bridge mode.

 

[Ajesh]

 I also need help in programming a huawei hg8645q2 ont as bridge wan to create a VPN connectivity with draytek vigor 2912 can I Create a DMZ of my vigor 2912 in service provider fiber ONT modem

 

Edited May 2, 2018 by Ajesh

[Ajesh]

10 hours ago, Ajesh said:

 I also need help in programming a huawei hg8645q2 ont as bridge wan to create a VPN connectivity with draytek vigor 2912 can I Create a DMZ of my vigor 2912 in service provider fiber ONT modem