nick's site

backup internet via xfinitywifi

2017.03.25

sometimes cable modems die. sometimes coax degrades causing your cable modem signals to tank. sometimes comcast de-registers your cable modem and re-registers your old cable modem. in these cases, it’d still be nice to have an internet connection at the house.

given that much is TLS these days, i’m not too worried about snooping. maybe i can get a router which supports EAP-TLS and/or 802.1x and transport will be encrypted as well.

i got clever. i picked up a tp-link tl-wr710n router because it has a WISP Client Mode. when it arrived, i configured it for this mode and attached it to xfinitywifi, served out by one of my gracious neighbors. i then authenticated via the captive portal and had the system remember my new router’s wifi MAC.

next, i changed the TP-Link’s LAN-side IP to be in the same subnet as my home network and disabled the internal DHCP server.

now to configure the my cisco 1841 for these shenanigans.

! default comcast docsis. ip route 0.0.0.0 0.0.0.0 dhcp 250 ! via xfinity wifi/tp-link router ip route 0.0.0.0 0.0.0.0 10.11.12.252 254 ! ip sla destination, since i don't use comcast dns ip route 75.75.75.75 255.255.255.255 10.11.12.252 250

that’s the basic bits. if my cable modem loses its IP and/or the WAN interface of my 1841 goes down, the home network should leverage the xfinitywifi/tp-link path. i have a backup internet connection good for 15mbps down and 5mbps up.

this doesn’t help with problems further inside comcast’s network. Â this doesn’t help with physical plant problems affecting the whole neighborhood. Â however, i’m not paying for a second internet circuit either.

comcast is a metered connection. therefore next, i thought i could leverage this link for offsite backups. pbr to the rescue! but first, maybe some sla/tracking will help:

! define the check to see if the connection is up ip sla 1 icmp-echo 75.75.75.75 source-interface FastEthernet0/1 frequency 5 ! check forever ip sla schedule 1 life forever start-time now ! create an acl identifying backup traffic ip access-list extended send-backup permit tcp any host x.y.z.a eq 22 ! create a route-map for pbr route-map send-backup permit 10 match ip address send-backup set ip next-hop verify-availability 10.11.12.252 1 track 1 ! apply pbr interface FastEthernet0/1 description inside ip policy route-map send-backup ! client cached redirects can be a challenge no ip redirects no ipv6 redirects

todo: get an ethernet hwic for my 1841 so this failover/failback stuff is easier.

March 2017

backup internet via xfinitywifi

Pages

Categories

Archives

because i'm lazy

car stuff

entertainment

friend'age

fun - nsfw

geek stuff

hangouts

me

photography

Meta

nick's site a feeble attempt at something not unique March 2017
	backup internet via xfinitywifi 2017.03.25 sometimes cable modems die. sometimes coax degrades causing your cable modem signals to tank. sometimes comcast de-registers your cable modem and re-registers your old cable modem. in these cases, it’d still be nice to have an internet connection at the house. given that much is TLS these days, i’m not too worried about snooping. maybe i can get a router which supports EAP-TLS and/or 802.1x and transport will be encrypted as well. i got clever. i picked up a tp-link tl-wr710n router because it has a WISP Client Mode. when it arrived, i configured it for this mode and attached it to xfinitywifi, served out by one of my gracious neighbors. i then authenticated via the captive portal and had the system remember my new router’s wifi MAC. next, i changed the TP-Link’s LAN-side IP to be in the same subnet as my home network and disabled the internal DHCP server. now to configure the my cisco 1841 for these shenanigans. `! default comcast docsis. ip route 0.0.0.0 0.0.0.0 dhcp 250 ! via xfinity wifi/tp-link router ip route 0.0.0.0 0.0.0.0 10.11.12.252 254 ! ip sla destination, since i don't use comcast dns ip route 75.75.75.75 255.255.255.255 10.11.12.252 250` that’s the basic bits. if my cable modem loses its IP and/or the WAN interface of my 1841 goes down, the home network should leverage the xfinitywifi/tp-link path. i have a backup internet connection good for 15mbps down and 5mbps up. this doesn’t help with problems further inside comcast’s network. Â this doesn’t help with physical plant problems affecting the whole neighborhood. Â however, i’m not paying for a second internet circuit either. comcast is a metered connection. therefore next, i thought i could leverage this link for offsite backups. pbr to the rescue! but first, maybe some sla/tracking will help: ! define the check to see if the connection is up ip sla 1 icmp-echo 75.75.75.75 source-interface FastEthernet0/1 frequency 5 ! check forever ip sla schedule 1 life forever start-time now ! create an acl identifying backup traffic ip access-list extended send-backup permit tcp any host x.y.z.a eq 22 ! create a route-map for pbr route-map send-backup permit 10 match ip address send-backup set ip next-hop verify-availability 10.11.12.252 1 track 1 ! apply pbr interface FastEthernet0/1 description inside ip policy route-map send-backup ! client cached redirects can be a challenge no ip redirects no ipv6 redirects todo: get an ethernet hwic for my 1841 so this failover/failback stuff is easier. Categories : geek	Pages About Me About The Home Server #326 (no title) How-To’s cacti on debian or ubuntu prevent automotive theft sony vaio hotkeys in windows xp vista disable hibernation things i wish to consume Categories about BOIH events fun geek mobile OMG DUDA WTF photography quizzes reviews site news transportation Uncategorized Archives November 2020 March 2017 February 2015 January 2014 April 2013 May 2012 April 2012 January 2012 November 2011 May 2011 March 2011 February 2011 December 2010 October 2010 July 2010 June 2010 April 2010 February 2010 January 2010 December 2009 November 2009 October 2009 August 2009 June 2009 May 2009 April 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 July 2008 June 2008 May 2008 April 2008 March 2008 January 2008 December 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 because i'm lazy Google’s gmail my lj friends my rss news feeds and such Royal Oak MI Weather car stuff 2GN.ORG dno dsc tunerhaven neons.org entertainment Exploding Dog holy shit, bees (nsfw) last.fm Monkey Radio Partially Clips Red Vs Blue shoutcast SomaFM Strongbad The Boondocks friend'age aaron goad aaron lake amanda andy chuck dave’s lj dave’s myspace dave’s wp erica greg croft Ian Shook jason jeff lundberg jer mandi rose mike’s mith mike’s mith pt2 nate nathan pat rob sivy sarah Will Read fun - nsfw ASCII Art Farts bash.org top 100 Cyanide and Happiness FARK GET YOUR WAR ON gyrate dot org iLL WiLL PreSS maddox Mr. Wiggles RED MEAT tard blog you’re the man now dog [this might be offensive] geek stuff ARIN WHOIS Lookup broadband/dslreports crontab calculator debian.org folding@home LANParty.com LinksysInfo MPCon MS-DOS 6.22 Cmd Ref sans internet storm center SETI@Home Stanford Computer Systems Laboratory Colloquium TED World of Warcraft XtremeSystems hangouts Anandtech Arstechnica slashdot me Gallery mine old car my resume photography Digital Photography School DOF Calculator Flickr Nikon Equipment Forum NikonCafe PhotoPermit.Org Strobist Meta Log in Entries RSS Comments RSS