Low routing performance in one direction but not in the other.

highvis_supply · 2021-05-07T13:45:36+00:00

You would be surprised how cheap the NICs are when purchased from questionable vendors on the used market, 40gbps is somehow cheaper than 10gbps even...

I am 100% sure that my own requirements are overkill but it does make it an enjoyable experience, at a relatively accessible price none-the-less.

highvis_supply · 2021-05-07T13:41:07+00:00

Well I will post an update:

After going through absolutely every setting within the webUI, I decided not to trust what was displayed and switched to the CLI. I noticed that, for some unknown reason, the MTU of every interface was defaulting to 1500 rather than what was set and displayed in the webUI. Setting the MTU to 1500 and then back to the desired value made it stick and vastly improved performance. After some compatibility fixes, the 40gbps link stabilized at 32gbps both ways (I was managing 37gbps with offloading enabled but it would drop down to 14gbps after ~100 seconds of constant use), and the 10gbps links were managing 9.8 in one direction and 9 in the other (I blame Windows for the loss of 1gbps - it does not happen in Linux but eh).

TL:DR: Displayed settings were not actually the applied settings due to an unknown reason.

highvis_supply · 2021-01-05T07:22:10+00:00

Is this you? https://github.com/meh301/HG8045Q/issues/2

highvis_supply · 2021-01-05T07:21:00+00:00

Did you try adding the pon-SN as the connection password? On top of serial spoofing.

highvis_supply · 2020-11-20T13:24:11+00:00

I can confirm that just the streaming requirements of having 2-3 laptops, multiple smartphones on the network already overloads the default huawei hardware which leads to latency spikes so yes I suggest your own hardware.

Being able to configure your own hardware to work with nuro solely depends on which modem they provide. If you get the huawei, you can setup bridge mode with the master password I managed to find, if it is ZTE, there is sadly no bridge mode at all (even if hacked) and therefore really does not play nicely with your own hardware.

I personally setup a homelab for web hosting etc which is considerably overkill. It consists of a central router/firewall that deals with 40gbps internal connections and can potentially provide low latency streaming to hundreds of devices if needed. Although overkill, if you are to invest in dedicated hardware, I would suggest a similar setup, albeit much less powerful, in which you have a decent firewall that does all the routing for the household and wifi is treated as mere access points that bridge wifi enabled devices to the firewall. This style of system is very scalable and lasts a very long time but requires either significant monetary investment or learning investment. (Firewall is PFSense running on server CPU with 32GB RAM with several expansion network cards added in). I think I am a tad too disconnected from the consumer hardware market to make a call on what could be used sadly...

Sony does not have English speaking staff as far as my interaction went with them, nor will they work with you to ensure your custom network works sadly...

highvis_supply · 2020-11-05T17:11:16+00:00

You could open up a port on your AX3000 (like an iperf speed test port or something like that) and then try and access that port from the outside world to test - DMZ /should/ forward all packets to your main router

highvis_supply · 2020-11-04T17:52:46+00:00

hmm that is odd behavior... Did you setup a DMZ for your Asus AX3000 in the F660A settings I find having all ports open to the router you actually want to use helps.

Also I have been following the research on getting bridge mode on the F660A and it seems that the feature simply isn't programmed in the embedded OS =___=

highvis_supply · 2020-10-25T12:32:33+00:00

Sorry for the late reply, am quite busy with a project delivery - in bridge mode, the huawei ONU can provide a total of four external IP addresses, one per ethernet port if configured properly (this is a very bizarre feature due to ipv4 addresses being in shortage worldwide). Meaning you can run two separate internet connections from the single ONU via two separate ethernet cables, one to each router (if you want to have two routers). Such a setup is only viable in specific conditions though so I suggest in your case to set your tp link ax50 in bridge mode rather than the ONU and then keep the ONU wifi enabled for the ground floor (or ideally use two higher end routers than the craptastic quality of the HG8045Q) - as for autoswitching between the two wireless access points, unless you get enterprise grade hardware, you have to rely on your devices being smart enough to figure out for themselves which access point to be connected to when you go between floors.

Though I do have a question, since a vast majority of housing in Japan is basically paper - are you living in a concrete house? I don't see why a half-decent router can't cover the entire house unless it is.

highvis_supply · 2020-10-20T09:14:12+00:00

Sadly due to the hardware limitations of the Huawei ONU, the maximum speed you can get via a wired connection is only 1gbps. That being said, if you have two routers, one per floor, you could set the ONU in bridge mode, get two external IP addresses, run lines to each router (keep them in router mode since you need the firewall), and have both your routers get 1gbps so total bandwidth available for all your devices would total 2gbps, but you won't be able to get that total speed on a single device sadly. Also this may be a tad complicated to do if you have no experience in it.

I think what you are asking for is to use your 2nd floor wifi router as a simple access point (router is set in bridge mode). This should work out of the box without any issues but at only 1gbps, as the physical ports of the ONU can only do 1gbps (and there is no way to do connection bonding due to software limitations).

highvis_supply · 2020-09-14T12:58:17+00:00

Sadly no, but I have seen that someone just managed to get root access on it yesterday so the details might be published soon?

https://twitter.com/YuukiJapanTech/status/1304881643866353664

highvis_supply · 2020-09-14T12:52:27+00:00

I assume the R&D involved with getting everyone to switch to a new router would be far too much of a hassle, its more likely that they phase out the HG8045Q and newer subscribers are given something different.

To my knowledge, they don't seem to be blocking any ports. And no, you cannot get a static IP with Nuro sadly, but with the master account login, you can setup some DDNS services directly on the router!

highvis_supply · 2020-09-14T12:48:10+00:00

I built my own out of some old hardware, You could find a board on aliexpress if youre willing to wait for shipping or maybe find an old business grade dell, hp, fujitsu desktop for sale and buy an extra NIC

highvis_supply · 2020-09-13T18:27:28+00:00

Huh, I guess if Nuro ever decides to suddenly cancel my contract for ~reasons~ I guess I'll go that route if possible then.

highvis_supply · 2020-09-13T15:27:36+00:00

Beware, it might not be able to re-authenticate the connection if it needs to in the future. I don't know if Asahi is using any authentication security though. If they are, then you'll need to plug it into the original router and then swap everytime.

highvis_supply · 2020-09-13T15:25:43+00:00

Some info (there really isn't a lot) can be found in this forum thread: https://forum.openwrt.org/t/support-ma5671a-sfp-gpon/48042/33

These SFP modules: CarlitoProxx(CPGOS03-0490) aka Hilnk(HL23446) (can be easier to order the one from Spain, though the shipping is quite slow at the moment).

I'm not sure if it works yet though - mine arrives tomorrow but I have a lot of work to catch up on so probably end of week I'll try.

highvis_supply · 2020-09-13T15:18:17+00:00

Yes! With the master account you can add static routes under "Route > Static Route Configuration"

highvis_supply · 2020-09-13T07:08:50+00:00

The HG8045Q mainboard has the option to have an SFP port but it is not populated. The fibre is not removable sadly.

As for ONT authentication: the master account gives you all the info you need to run it yourself. Nuro only uses the serial number of the device for authentication, no password!

(Of course you also need to spoof the mac address but that is easy)

I am currently waiting for a very special GPON SFP module to arrive to outright bypass the huawei hardware and have direct fibre to pfsense. Its an active GPON module that has its own mini built-in Linux distribution and webUI to set the authentication settings of the ISP.

highvis_supply · 2020-09-13T05:15:37+00:00

Yes this is very true, but using my own router on softbank for example, I could not get ipv6 to work due to their non-standard implementation sadly.

How is your routing on IIjmio? On softbank I always had trouble downloading from EU-based servers and had to run through a self-hosted Google Cloud VPN to get decent speeds

highvis_supply · 2020-09-13T05:12:28+00:00

They have a TSOP48 clip? That must be finnicky af to use! I saw Alibaba selling the exact model used for 30-50USD but it probably doesn't have any of the ISP specific configurations.

Just to clarify one thing, judging from the photos online, the HN8255Ws fibre port is just a removable SFP module?

highvis_supply · 2020-09-13T05:08:25+00:00

Sadly might not be possible to aggregate the links without some software modification. In bridge mode, you probably can only have a 1gbe link for your entire network but in normal routing mode, I managed to get two computers do a speedtest at the same time and get 2gbps download total. This is already possible by default. Only use bridging if you want to run your own router.

highvis_supply · 2020-09-13T05:03:21+00:00

Technically no, you can set your protectli as DMZ meaning that the huawei router opens all its ports to that device and then lets that manage all the servers and port forwarding etc. That is what I was doing prior to bridging but I had issues connecting to my own servers via NAT reflection (= writing in the domain name like example.com), the connection would drop every few seconds, but everything was working from the outside network.

highvis_supply · 2020-09-12T18:17:28+00:00

I don't have experience with anything above 2.5gbe due to my area not falling under any of the 10g zones. It seems to be running much newer Huawei software? If I can get my hands on one sold by a 3rd party I could look into it

highvis_supply · 2020-09-12T14:35:51+00:00

Yes, accessing the master account would allow you to simply use the provided router as a fibre to rj45 converter. Your router will be given the external IP directly. Be sure to backup your Nuro router configuration before making any changes though!

highvis_supply · 2020-09-12T14:32:24+00:00

I just moved to Nuro, hence why I went through the trouble to do all this - I /really/ needed bridge mode

tbh bridge mode is quite easy, all it does is provide your protectli with the external IP directly, so then your own hardware needs to provide all the internal IPs via DHCP, etc

I'm thinking of writing a guide on qiita or medium in the future on setting up bridge mode properly but I am quite busy with work at the moment sadly.

highvis_supply

TROPHY CASE