cancel
Showing results for 
Search instead for 
Did you mean: 

Arris XB6 Ethernet Ports - Are they Split

mizzoni
I've Been Here Awhile

Like a ton of people are doing the over the past few weeks, I am rebuilding my entire home network to add needed performance to sustain the load of three teenagers (social, gaming, online learning, Gsuite) and two parents (zoom, webex, Teams, skype, Office 365, Gsuite ).  I have added a new mesh WIFI system (Linksys Velop) and upgraded my ISP to the full GB level.

 

Config:  I have my Arris XB6 in BRIDGE mode and the Velop in GATEWAY,  all is fine on the WIFI side including my Rogers TV boxes which I have moved to the Velop mesh WIFI with no issues (this was easy actually).  Have lots of residential devices now on the Velop mesh and working well.  That all said, I think the WIFI rebuild is good.

 

What I am having a problem with the hardware Ethernet side of my  home network.  Prior to the change of putting the Arris XB6 into bridge mode, my ethernet devices would get their DHCP from the XB6.  Now all devices on the Ethernet are hung I think waiting for and IP assignment or something other?  

 

I think the issue is how I am using the two ethernet ports on the back of the XB6.  One port is going to my new Velop WIFI/router (and all is fine).  The second port I am using to connect into my first Ethernet LAN bridge which branches out across my house to specific devices including XBOX, ADT Pulse Security, HUE and Insteon Lighting bridges and a few higher end PC workstations.  The devices as I said above on the Ethernet LAN cannot access internet or devices on the Veloo WIFI network.

 

QUESTION:  Are the two Ethernet ports on the back of the XB6 connected such that devices on LAN can see my new DHCP server (Velop Router) hanging off of the other XB6 port.

 

Yikes!  This guy needs help, way over my head I think

 

 

 

 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Arris XB6 Ethernet Ports - Are they Split

-G-
Resident Expert
Resident Expert

@mizzoni  With "Bridge Mode" enabled on your XB6, your Velop mesh is now the router and primary connection point for all devices in your home.  All of the devices connected to the XB6's second LAN port are now directly connected to the Internet with no firewall to protect them.  Rogers will also only allow a certain number of devices to connect to directly to the Rogers network so all of those devices are causing your Internet connectivity to become unstable.

 

To fix your connectivity problems, unplug the "Ethernet LAN bridge" from LAN port #2 on the XB6 and reconnect it to the second Ethernet port on the parent Velop node.

 

An alternate solution would be to disable Bridge Mode on the XB6, disable Wi-Fi on the XB6, and put your Velop mesh into bridge mode.



View solution in original post

10 REPLIES 10

Re: Arris XB6 Ethernet Ports - Are they Split

-G-
Resident Expert
Resident Expert

@mizzoni  With "Bridge Mode" enabled on your XB6, your Velop mesh is now the router and primary connection point for all devices in your home.  All of the devices connected to the XB6's second LAN port are now directly connected to the Internet with no firewall to protect them.  Rogers will also only allow a certain number of devices to connect to directly to the Rogers network so all of those devices are causing your Internet connectivity to become unstable.

 

To fix your connectivity problems, unplug the "Ethernet LAN bridge" from LAN port #2 on the XB6 and reconnect it to the second Ethernet port on the parent Velop node.

 

An alternate solution would be to disable Bridge Mode on the XB6, disable Wi-Fi on the XB6, and put your Velop mesh into bridge mode.



View solution in original post

Re: Arris XB6 Ethernet Ports - Are they Split

mizzoni
I've Been Here Awhile
Thanks and appreciate the quick heads up on direct connection to Internet. I have done the quick cable reconfig and all is working now.

I do notice however a major decrease in bandwidth the Ethernet end-point devices now going through the Velop gateway. I am also going to try flip around the modes for both the XB6 and Velop node. For this second option, can I go back to using the second port on the XB6 or is that taboo for ever?

Re: Arris XB6 Ethernet Ports - Are they Split

-G-
Resident Expert
Resident Expert

@mizzoni wrote:
Thanks and appreciate the quick heads up on direct connection to Internet. I have done the quick cable reconfig and all is working now.

I do notice however a major decrease in bandwidth the Ethernet end-point devices now going through the Velop gateway. I am also going to try flip around the modes for both the XB6 and Velop node. For this second option, can I go back to using the second port on the XB6 or is that taboo for ever?

Sure.  When the XB6 is in Gateway mode (i.e. Bridge Mode disabled) you can use both LAN ports.



Re: Arris XB6 Ethernet Ports - Are they Split

mizzoni
I've Been Here Awhile
Thanks and case closed. Thank you!!!

Re: Arris XB6 Ethernet Ports - Are they Split

Actually its not case closed at all.  Without a quick check, I believe that the solution as indicated above is not correct at all.  

 

@mizzoni  there's actually more to this.  Rogers has historically provided at least two ports on the modems that will provide separate and independent (IPV4 and IPV6) addresses to connected devices when the modem is in Bridge mode.  In a nutshell, if you connect two devices to the modem (in Bridge mode) then each device should receive separate and independent IPV4 and IPV6 addresses. 

 

Those devices in theory shouldn't be able to see each other, but, one would have to test that out to see what each modem manufacturer does with that.  I run a Hitron CODA-4582 which I haven't tested in that regard.  One of these days I'll have to try that.  I know I've done that with the predecessor CGN3 series modems which provided some surprising results.

 

In any event, if you connect two routers to the modem, then each router should have its own IPV4 and IPV6 address and provide independent and separate paths to the internet for their respective networks.  With the firewall up and running on both routers, then of course both networks would not be able to see each other or use any resources such as printers as a common resource.  

 

Fwiw, with my 4582 in Bridge mode, I'm running two routers, where each have their own IPV4 and IPV6 addresses and operate independently of each other.  To be specific, one is running with IPV4 only and one is running with both IPV4 and IPV6.  

 

For your specific case, the wifi router would have its own set of IPV4 and IPV6 addresses, and one other device connected to the second modem port would have had its own IPV4 and IPV6 address.  The question is, which one, as that device would have been open to the internet.  You indicated that you had connected the modem's second port to a "Ethernet LAN bridge".  What is that bridge exactly?  Are you referring to a unmanaged gigabit switch?  Or to some other device.  Some device that was connected to the second port would or should have had internet access with its own IPV4 and IPV6 address.  So, that should be some cause for concern.  You might want to check your devices and run scans on those devices to look for any intrusion.

 

Quick check:  with the wifi side of the network running as usual, connect a pc or laptop to the second port, only long enough to acquire its IPV4 and IPV6 address from the Cable Modem Termination System.  Then disconnect the pc or laptop to prevent any port scans from occurring.  I don't recommend this as a normal practice, but it will confirm very quickly if the second port on the modem is providing separate and independent IPV4 and IPV6 addresses.  Once that is confirmed or denied, then its case closed.  Until then, there is no solution to the question. 



Re: Arris XB6 Ethernet Ports - Are they Split

-G-
Resident Expert
Resident Expert

@Datalink  There are two problems with what you are suggesting:

 

First, the XB6 is different from the CODA in that it still has services running, even when it is in Bridge Mode, so it still counts as an active, connected edge device.  As a result, I don't think that two routers connected to the XB6 will be allowed to connect to the Rogers network simultaneously in addition to the "bridged" XB6.

 

Secondly, even if this did work, then the two internal networks will be completely isolated from one another, and I don't think that this is what @mizzoni  was aiming for in the new setup.

 

There is also one additional advantage to leaving the XB6 in Gateway mode: it is the preferred configuration for Ignite TV.



Re: Arris XB6 Ethernet Ports - Are they Split

Datalink
Resident Expert
Resident Expert

Well the original question was "are the ports split?"  The answer at this point in time is "they should be". But that's an assumption based on historical precedent.  At the end of the day any assumption of those ports providing independent IPV4 and IPV6 addresses and independent internet access, or not, is meaningless until someone actually tests this, with the Xi6 set boxes running as well. 

 

To do this correctly you would need two routers so that the router firewalls can protect themselves and any connected devices.  Its a very simple test.  Does this configuration allow two separate and independent networks as well as Xi6 set top box service, all without any problems.

 

This would require testing on both XB6 versions, the Arris and Technicolor versions.

 

Just to point out there are users who run two networks for various reasons.  Question is, can they continue to do so with the XB6 modems?



Re: Arris XB6 Ethernet Ports - Are they Split

-G-
Resident Expert
Resident Expert

@Datalink wrote:

Just to point out there are users who run two networks for various reasons.  Question is, can they continue to do so with the XB6 modems?


I'll dig up a spare router and will test this at some point when I can allow the network to go down.

 

As for the question, "are they split", the answer is: they basically are not (because the two XB6 LAN ports are normally bridged to the same LAN segment) but in that configuration they effectively are because one internal network segment was firewalled off from the other.

 

Not to make this even more complicated but LAN port #2 on the XB6 is special in that is was meant to provide connectivity for a dedicated "HOME SECURITY" network, which splits it off in a different way.  To enable this, there is an option called "Associate Ethernet Port 2 to HOME SECURITY Network" with a note saying, " Associating Ethernet Port 2 to HOME SECURITY network will remove the port from your home network."

 

As for my original answer, I was just trying to figure out what @mizzoni  was trying to do and explain why things were not working as expected.



Re: Arris XB6 Ethernet Ports - Are they Split

mizzoni
I've Been Here Awhile

Thanks guys.  I think I get drift of the discussion.  To clarify, my questions was really I guess more of a statement/assumption that the ports are not bridged because I could not get devices hanging off the second port, all Ethernet smart-home type devices (Hue bridge, Insteon Bridge, Xbox etc) to connect to their cloud-servers, and nor could I connect to them via my PCs hanging off the other port (Velop side).  @Datalink, the Ethernet LAN is essentially a D-Link 8 port bridge (giga) unmanaged with eight Cat6 runs going out to different points in my house.  

 

To my earlier reply and view on case closed, once I disconnected the D-Link bridge from the second XB6 LAN port and plugged it into the second port of the Linksys Velop (parent) hub, everything worked. 

 

I think I am going to keep everything in this config because I like the Velop smart WIFI software and controls than the native Rogers native Ignite wifi software and it seems when your device is in Bridge mode, all your cool controls go away.

 

 

Re: Arris XB6 Ethernet Ports - Are they Split

@mizzoni when you say "D-Link 8 port bridge (giga) unmanaged" I automatically think of an 8 port unmanaged gigabit switch, which I use as well.  I suspect that when you plugged that switch to the modem's second port, one device, (out of all of the devices connected to that switch) received both IPV4 and IPV6 addresses as was connected to the internet without a firewall.  Depending on what was connected, that might be a cause of concern.  After that one device was assigned its IPV4 and IPV6 address, all of the other devices were out of luck as the CMTS probably won't assign any more addresses thru your modem.  That probably protected the majority of devices connected thru the switch. 

 

This is easy enough to prove or disprove.  Simply connect a pc or laptop via ethernet to the modem's second port for a minute or less and see if it picks up an independent set of IP addresses from the CMTS.  If you compared them to the WAN addresses that the other port has been assigned, they should be different.  In that case you would need another router to take full advantage of that second port.  It should only take a few seconds for any device to pick up an IPV4 and IPV6 address, at which point you should disconnect the device from the modem. 

 

Fwiw.....



Topic Stats
  • 10 replies
  • 4353 views
  • 6 Likes
  • 3 in conversation