Ignite WiFi Gateway Modem XB7 (Gen 2)

Need Help?

That's what we're here for! The goal of the Rogers Community is to help you find answers on everything Rogers. Can't find what you're looking for? Just ask!
cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Datalink
Resident Expert
Resident Expert
Posts: 7,374

Re: Ignite WiFi Gateway Modem XB7 (Gen 2)

@SpeedyC fwiw, in WifiInfoView, go Options .... BSS Type Summery Mode.  Let that run for a while .... say 15 to 30 minutes.  That will give you a total count of all of the wifi transmitters that the laptop/desktop wifi adapter can detect.  Sitting on the second floor of our home, that comes up to 153 -155 transmitters that one of our laptops can recognize.  That's about 25 5Ghz transmitters and 125 or so 2.4Ghz transmitters.  Ugh....  If you to to Options .... Channel Summer Mode, that will give you the number of wifi transmitters running on each channel. 

 

For 5 Ghz ops, run the modem or router using channels 149 to 161 as those channels are allowed to run 1 watt maximum output power compared to 200 milli-watts for channels 36 to 48.  With the high channels set, rerun any 5 Ghz testing that you may have done previously. 

 

The fact that your able to connect the Xi6 set top box and Nvidea Shield to the modem confirms that Rogers still allows two IP addresses off of the modem when the modem is running in Bridge mode.  I'm assuming that there's nothing else connected via ethernet to the modem.  

 

The problem with connecting the modem, any Gateway modem that is,  when its in Bridge mode, is that the modem does not provide any firewall to protect the connected devices.  So, the Xi6 set top box and Nvidea Shield are wide open to the internet.  They will see between 5 to 10 port scans per minute, maybe more, just depends on the day and time of day.  Those port scans are run by internet hackers and miscreants located around the world, who have nothing better to do than attempt to break into internet connected devices.  So, personal opinion, anything that you run via ethernet should be behind a firewall of some type.  I'd park the Nvidea Shield behind the router.  The Xi6 set top box is your choice, its only a rental, right?  If someone hacks the Xi6, well ........



SpeedyC
I'm a Reliable Contributor
Posts: 200

Re: Ignite WiFi Gateway Modem XB7 (Gen 2)

@Datalink

 

Thanks for the advice!

 

I was mistaken ... only the  Xi6 TV box had internet connection when connected to the XB7 modem.

 

But after reading your comments, I decided to connect both the Xi6 and the NVIDIA SHIELD to my D-Link router via ethernet instead!

 

Also, below are my current Firewall settings for the router ... in your opinion, should I enable all the settings EXCEPT for DMZ?

 

Firewall.JPG

 

 

Datalink
Resident Expert
Resident Expert
Posts: 7,374

Re: Ignite WiFi Gateway Modem XB7 (Gen 2)

@SpeedyC, I don't know the exact router model you might have, so I had a look at the dlink site for a model that would have the same firewall options that you posted. I used the DIR-890L/R as it has the same firewall settings. Here's the link to the support page:

 

https://support.dlink.ca/ProductInfo.aspx?m=DIR-890L%2FR

 

Select the downloads link and then download the User Manual (English) 1.00 dated 02/17/15

 

Have a look at page 100 for the firewall explanations. Some of them are very basic and really don't say a whole lot.

 

Here's what I would set:

 

Enable DMZ: Disabled


Enable SPI IPv4: Enabled


Enable Anti-Spoof checking: Enabled


IPv6 Simple Security: Enabled only if you're running IPV6


IPv6 Ingress Filtering: Enabled regardless of whether or not you're running IPv6.

 

 

Application Level Gateway (ALG) Configuration:

 

PPTP: Point-to-Point Tunneling Protocol: Enabled only if you need it for VPN use. See comments below:

 

IPSec (VPN): Enabled only if you're using IPSec VPNs

 

RTSP: Real Time Streaming Protocol: this might be useful for Streaming purposes. There's no indication of whether or not this is upload only, or for both downloads and uploads. This would be worthy of an experiment for streaming downloads, and for uploads if you happen to be a gaming streamer.

 

SIP: Session Initiation Protocol (SIP), SIP manages registering devices, maintaining call presence, and overseeing the call audio. There is more to this which you can research online.  The problem with SIP is that the router will rewrite the incoming protocol to one that is specified by Dlink.  That may, or may not match the SIP protocol used by your VOIP provider if in fact you use a VOIP phone.  More than likely it won't match the protocol used by the provider.  If you do use a VOIP phone, your VOIP provider probably has a recommended setting for your router, or for routers in general.  I suspect that the recommendation would be to disable SIP, so that the signaling protocol makes it thru the router, to the VOIP phone without being mangled by the router.  That should allow the VOIP phone to function as its expected to.

 

Relevent links:

 

Ok, here's a couple of Wikepedia links that are worth glancing at:

 

PPTP:

 

https://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol


Note the second sentance in the article: "The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks. PPTP has many well known security issues."  Seems like its a hazard in itself.


RTSP:

 

https://en.wikipedia.org/wiki/Real_Time_Streaming_Protocol


Here's some food for thought:

 

Enable DMZ: I would keep this Disabled unless you know that you need it.  If you do, I'd set up an IP Reservation for the device in question and then set to run in the DMZ.  With the IP Reservation, if the router reboots at some point in time, it will assign the same IP address to the device in question so that if the DMZ is specified by IP address instead of MAC address, the correct device will end up in the DMZ. 

 

Enable SPI IPv4: if you run this Enabled, you might find that the data rate drops due to the Stateful Packet Inspection that is running.  What you see will depend on your internet plan data rate and the horsepower of the router.  I wouldn't be surprised to see a data rate drop. Here's one of many internet articles on SPI:

 

https://fastestvpn.com/blog/spi-firewall-protect-network-traffic/

 

Enable Anti-Spoof checking: If you had a look at the user manual that I linked, you'll see that there's very little explanation as to exactly what this does. Given the port scans that continually occur these days, it might be worth enabling to see what effect, if any, that it has on your internet data rates.

 

IPv6 Simple Security: the user manual has no explanation of how this works, so, if you're using IPV6, I'd enable this, but, keep mind that it may come with a performance penalty.

 

IPv6 Ingress Filtering: Enabled regardless of whether or not you're running IPv6.  I use an Asus RT-AX86U which has a separate IPV6 firewall setting which can be enabled regardless of the state of IPV6 (Enabled or Disabled).  So, I keep the IPV6 firewall enabled at all times.  There is probably a greatly reduced chance of a port scan via IPV6, but, its not terribly difficult to determine the address ranges for an ISP, after which you can simply scan thru the entire range.  Yup, it will be large range to scan thru, but, that's not difficult these days.  Here's the Hurricane Electric page for Rogers, which contains the base IPV4 and IPV6 address and their address ranges.

 

https://bgp.he.net/search?search%5Bsearch%5D=Rogers+Communications+Canada+Inc.&commit=Search


Application Level Gateway (ALG) Configuration:

 

PPTP: Point-to-Point Tunneling Protocol: Enabled only if you need it for VPN use.

 

IPSec (VPN): Enabled only if you're using IPSec VPNs

 

RTSP: Real Time Streaming Protocol: this might be useful for Streaming purposes.  There's no indication of whether or not this is upload only, or for both downloads and uploads.  This would be worthy of an experiment for streaming downloads, and for uploads if you happen to be a gaming streamer.

 

SIP: Session Initiation Protocol (SIP): As indicated above, this setting will depend on whether or not you use a VOIP phone.  If you don't use a VOIP phone, I'd disable it.

 

Out of curiosity, what model of router do you have, and, what's the latest firmware version date that is loaded? If that's out of date by more than a year, and there's no sign on the horizon of a firmware update, it will be time to find another router that receives regular firmware updates.  There's way too much happening these days in terms of router security problems to leave your network protection to a router that isn't keeping up with those threats.

 

For each of those settings in your post that might actually be useful to you, only enable one at a time and take at least a day or two to assess the impact on the router processing and data rate throughput.  Without knowing what router model you have, I can only speculate that you might find that the router doesn't have enough horsepower to do everything that you might want it to do.  Take your time when it comes to enabling those settings, changing one function at a time.  

 

Hope this helps 🙂



SpeedyC
I'm a Reliable Contributor
Posts: 200

Re: Ignite WiFi Gateway Modem XB7 (Gen 2)

@Datalink
Thank you very much for the thorough reply !!!

Also: I changed my 5 GHz Wi-Fi channel from 48 to 153 as you suggested, and now my signal strength has gone from the mid-60s to the mid-80s !
Datalink
Resident Expert
Resident Expert
Posts: 7,374

Re: Ignite WiFi Gateway Modem XB7 (Gen 2)

??  That doesn't make sense.  Usually wifi signal strength (RSSI), or received signal levels are measured in dBmW (dB milli-watts).  That's a negative scale with 0 at the top, descending to -90 at the bottom.  When you change from a channel (36 to 48) range to a channel (149 to 161) range on the modem or router, the measured received signal level for a device at the same physical location should go up, meaning that the displayed signal level (RSSI) will go from say, -80 to -60 or higher.  Typically the best you will see on that scale is about -30 dBmW.  Apparently there's no set standard for that measurement so you could see differences in displayed RSSI values when you compare the numbers from different devices that are located at the same physical location. 

 

Now if you're talking about the Signal Quality or Average Signal Quality as displayed in WifiInfoView, then what you indicated does make sense.  I would expect the signal quality to increase as the output power level of the higher channels is about 5 times higher than the lower channels.  

 

Fwiw, consider downloading and installing Winfi Lite from:  https://www.tethabyte.com/

 

That's probably the best freebie wifi analyzer around these days.  You'll need to provide an email address for a download link.  The latest version is 1.0.21.9

 

It looks like tethabyte is preparing to release a pro version one of these days, but, they're not there yet.  

 

If you download and install Winfi Lite, start the application after its loaded, select the wrench (tool) icon near the right hand side to display a secondary lower display panel.  From that panel, select "Spectrum" to see the graphical display of the networks detailed in the upper text data section.  

 

What you want to do with that is determine who else is using that 149 to 161 channel range, more specifically what channels are shown in use as the base channel.  Ideally, with that knowledge, you would select a base channel that isn't occupied.  That choice will depend on the bandwidth that you have selected for the 5 Ghz channels, with 20 Mhz being the smallest bandwidth, 80 Mhz being the largest.  When the bandwidth setting is made, that could lock in the channel choices that you have.  I wouldn't be surprised to see that happen.  In any event, if you can manage to use an unoccupied channel, that will give you the highest bandwidth that you can attain, with the current channels in use within that upper range. 



SpeedyC
I'm a Reliable Contributor
Posts: 200

Re: Ignite WiFi Gateway Modem XB7 (Gen 2)

@Datalink

 

Now if you're talking about the Signal Quality or Average Signal Quality as displayed in WifiInfoView, then what you indicated does make sense.  I would expect the signal quality to increase as the output power level of the higher channels is about 5 times higher than the lower channels.  ”

 

That’s exactly what I was referring to !

aelaan
I Plan to Stick Around
Posts: 33

Re: Ignite WiFi Gateway Modem XB7 (Gen 2)

I am at the Ignite 1Gb plan with Ignite TV

aelaan
I Plan to Stick Around
Posts: 33

Re: Ignite WiFi Gateway Modem XB7 (Gen 2)

I would agree, were it not that I have been using the modem for months without issues.  Recently I got multiple AX devices that have the hardest time staying connected.  My laptop runs at 80Megabits which is three times lower than is accustomed on the AC network that the XB6 provides.  But I guess I will get myself a decent router and put this thing in bridge mode.

-G-
Resident Expert
Resident Expert
Posts: 2,497

Re: Ignite WiFi Gateway Modem XB7 (Gen 2)


@aelaan wrote:

I am at the Ignite 1Gb plan with Ignite TV


Rogers has some new FTTH customers with a 1.5Gb/s service coming online and may be reserving their XB7 stock for them.



-G-
Resident Expert
Resident Expert
Posts: 2,497

Re: Ignite WiFi Gateway Modem XB7 (Gen 2)


@aelaan wrote:

I would agree, were it not that I have been using the modem for months without issues.  Recently I got multiple AX devices that have the hardest time staying connected.  My laptop runs at 80Megabits which is three times lower than is accustomed on the AC network that the XB6 provides.  But I guess I will get myself a decent router and put this thing in bridge mode.


Even with the XB6, you should see substantially higher Wi-Fi speeds than that.  Either you have issues with your in-home Wi-Fi that need to be addressed or the IP network stack on your (Windows?) laptop is not configured to auto-tune and optimize for high-speed / gigabit-speed network connectivity.  Your AX devices also should not be dropping off of Wi-Fi, even if the network only supports 802.11ac/Wi-Fi 5.

 

You will also see slower Wi-Fi speeds if you have Ignite WiFi Pods installed, especially if the Pod does not have good connectivity to the Ignite gateway.  (FYI, the Ignite Pods also do not support Wi-Fi 6.)

 

Does your laptop have an Ethernet adapter?  If so, what network transfer speeds are you seeing over a wired connection?