[ale] Xfinity Modem -- lease or buy recoomendations

Jeremy T. Bouse jeremy.bouse at undergrid.net
Tue Sep 29 20:22:30 EDT 2015


Even without a static IP it's still pretty static and rarely changes...
I happen to use AWS Route53 for DNS so I have a script running on one of
my servers which makes a curl call to get my external IP and compare it
to the entry in DNS and using denominator (Netflix OSS project) it
updates the Route53 entry to the new IP. I have the TTL on the record as
low as I can go and use it to point home. I have a cron job that runs
periodically to check and update if needed.

Beyond that... I have my Cisco ASA setup using my 'outside' interface
which is assigned via DHCP by Xfinity to do the NAT/PAT for the ports
into my servers inside my 'dmz' zone. Unfortunately to get 'inside' zone
to work I have to have an object to reference so when IP changes
inside->dmz breaks until the object is updated with new IP but
outside->dmz still works.

Now for some services I still have a very small VPS/cloud host that acts
as the front end that delivers directly to my server here at home.

Want proof it's working... mail01.undergrid.net as shown the headers of
my messages is my VPS host. It talks with my content filter host
amvs01.undergrid.net (another small VPS just to keep it near mail01)
over their private network interfaces. Mail01 actually talks to the
Dovecot server on my server here at home. It does authentication over a
unique port that Dovecot is listening on and then delivers any accepted
messages over LMTP to the Dovecot server on another port. Hitting my
Roundcube Webmail UI hits the nginx server running here at home that I
have listening on ports 80 and 443 that then load balances the traffic
over the Apache2/PHP servers with Roundcube installed on them.

As a side note, my Quals SSL Labs test score on my webmail server is A+.
https://www.ssllabs.com/ssltest/analyze.html?d=webmail.undergrid.net&hideResults=on

On 9/29/2015 6:34 PM, Horkan Smith wrote:
> (Hand goes up in the air...)
>
> Hey Jeremy, I'd *love* to know how to do Comcast Business class static IPs on my own modem!  How'd you do it?  8-)
>
> thanks!
>    horkan
>
> On Tue, Sep 29, 2015 at 05:57:40PM -0400, Jeremy T. Bouse wrote:
>> Ask me how you get around them not allowing you a static IP on business
>> class if you own your own modem :)
>>
>> I've been slowly moving all my services that ran on various VPS/cloud
>> hosts back into my house now that I'm on business class... You can
>> engineer the hell out of a solution and make it work if you want to.
>>
>> On 9/29/2015 1:04 PM, H P Ladds wrote:
>>> Jeremy
>>>
>>> On Mon, Sep 28, 2015 at 1:29 PM, Solomon Peachy <pizza at shaftnet.org
>>> <mailto:pizza at shaftnet.org>> wrote:
>>>
>>>     On Mon, Sep 28, 2015 at 01:14:07PM -0400, Paul Cartwright wrote:
>>>     > I had a DOCSIS modem long ago, before xfinity.. I helped my
>>>     daughter buy
>>>     > one a few years back, we went to Best buy & bought the cheapest
>>>     one they
>>>     > had. She never had a problem..
>>>     >
>>>     >
>>>     http://customer.xfinity.com/help-and-support/internet/list-of-approved-cable-modems/
>>>
>>>     http://mydeviceinfo.comcast.net/
>>>
>>>     You can plug your service speed in, and it'll show you the minimal
>>>     equipment needed.
>>>
>>>     I'd get the Motorola/Arris SB6141, they're reasonably priced ($90) and
>>>     will support all but the highest speed tiers (ie >=250Mbps).  The 6121
>>>     ($70 new) is cheaper but maxes out at 100Mbps.
>>>
>>>     One caveat, if you're a business class customer and want static
>>>     IPs, you
>>>     *must* rent a modem from Comcast.  (Go ahead, ask me how I learned
>>>     this.
>>>     sigh..)
>>>
>>>      - Solomon
>>>     --
>>>     Solomon Peachy                         pizza at shaftnet dot org
>>>     Delray Beach, FL                          ^^ (email/xmpp) ^^
>>>     Quidquid latine dictum sit, altum viditur.
>>>
>>>     _______________________________________________
>>>     Ale mailing list
>>>     Ale at ale.org <mailto:Ale at ale.org>
>>>     http://mail.ale.org/mailman/listinfo/ale
>>>     See JOBS, ANNOUNCE and SCHOOLS lists at
>>>     http://mail.ale.org/mailman/listinfo
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>
>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4807 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.ale.org/pipermail/ale/attachments/20150929/c77fbf1e/attachment.p7s>


More information about the Ale mailing list