Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Francis Drouillard
Francis Drouillard Author
User level: Level 1
22 points

Getting the Basics Right Before "Bridging" the Comcast Router

It's been a rough week. I've sought advice on configuring a home network that includes Time Capsule, a Mac Mini Sever running Server.app and two iMacs. MrHoffman, Linc Davis and Camelot provided some great advice that I tried to implement without success.


It turns out that the main problem was Comcast -- they inexplicably changed my single Static IP account to a single dynamic IP account. It took several hours for an upper level Comcast technician to restore my Static IP account then restore the Comcast Cable modem (SMC8014) to it's default configuration.


DHCP is now enabled on the SMC8014 for a private network of 10.1.10.xxx. The Time Capsule, Mac Mini Server and both iMacs were manually configured to be part of that 10.1.10.xxx network. The Mac Mini Server and both iMacs can now browse the Internet and receive email. My Mac Mini Server is still not serving to the public, which is what I want it to do.


Some folks (including the upper level Comcast technician) note that the Static IP address can be assigned to the Time Capsule:

<http://www.dslreports.com/forum/r21202317-Business-how-to-bridge-a-smc-8014-busi ness-class-modem>


INTERNET

|

/ Gateway IP \

| 173.nnn.mmm.122 |

| 255.255.255.252 |-COMCAST SMC8014

| 75.75.75.75 dns1 |

| 75.75.76.76 dns2 |

\ / |

/ Static IP: \

| 173.nnn.mmm.121 |

| Router IP: |

| 173.nnn.mmm.122 |

| 255.255.255.252 |

| 75.75.75.75 dns1 |

| 75.75.76.76 dns2 |

| |-Time Capsule -- USB Printer

| Private LAN IP | (DHCP)

| 192.168.0.254 |

| 255.255.255.0 |

| 75.75.75.75 dns1 |

\ 75.75.76.76 dns2 /

|

|--------------------------------------------

| | |

/ Mac Mini Server \ / iMac #1 \ / iMac #2 \

\ 192.168.0.19 / \ 192.168.0.17 / \ 192.168.0.13 /

| |

| 255.255.255.0 subnet mask |

| 192.168.0.254 router |

| 192.168.0.254 dns |

|--------------------------------------------

|

HDMI TV


If I understand it correclty the Comcast SMC8014 would provide routing and NAT in the above scenario and Time Capsule would provide DHCP.


But that configuration may not be the best.


Linc Davis recommends putting the Comcast Cable modem in "bridge" mode and using the Time Capsule for DHCP & NAT.

MrHoffman agrees, and notes further that a ZyXEL ZyWALL USG can be used to provide DHCP & NAT as well as additional security. It'll be a few months before I can purchase the ZyXEL.


Changing the Comcast modem to "bridge" mode requires a call to Level 2 support. Changing it back requires another call to them. For that reason I want to proceed with caution before changing it to "bridge" mode.


What would my network topology look like with the SMC8014 in "bridge" mode? The following?:


INTERNET

|

/ | \

| | |-COMCAST SMC8014

| | | (bridged)

\ | /

|

/ Static IP: \

| 173.nnn.mmm.121 |

| Gateway IP: |

| 173.nnn.mmm.122 |

| 255.255.255.252 |

| 75.75.75.75 dns1 |

| 75.75.76.76 dns2 |

| |-Time Capsule -- USB Printer

| Private LAN IP | (DHCP & NAT)

| 192.168.0.254 |

| 255.255.255.0 |

| 75.75.75.75 dns1 |

\ 75.75.76.76 dns2 /

|

|-------------------------------------------

| | |

/ Mac Mini Server \ / iMac #1 \ / iMac #2 \

\ 192.168.0.19 / \ 192.168.0.17 / \ 192.168.0.13 /

| |

| 255.255.255.0 subnet mask |

| 192.168.0.254 router |

| 192.168.0.254 dns |

|-------------------------------------------

|

HDMI TV


How do I configure Time Capsule so that the Mac Mini Server and the two iMacs can access the Internet? In particular, how do I give Time Capsule a Static IP, a Gateway or Router IP and a LAN IP?


Once that works I'll come back to ask:

1) how to direct all queries to 173.13.188.121 to the Mac Mini Server? and

2) how to configure DNS in Server.app on the Mac Mini?


Thanks in advance for your help and continued patience.

Mac mini, OS X Mountain Lion (10.8.3), Mac Mini Server (late 2012)

Posted on Jul 24, 2013 10:06 AM

Reply
Question marked as Best reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
116,175 points

Posted on Jul 24, 2013 3:49 PM

Bridge the Comcast router.


Once you bridge the Comcast router, it's effectively "invisible" to local IP networking. (IP routers are not "transparent"; they have IP addresses that other hosts (other than configuration tools) care about, need, and use. Network bridges don't have IP addresses, or they have IP addresses that just the configuration tools need and care about.)


Then set up your gateway device with your static IP as its external address. Use the Airport Confguration to do this. There's a Wizard in there somewhere, IIRC, though selecting the device and configuring the "Intrernet" settings for static IP will get you most of the way.


Set up DNS services on your LAN. You need to have local DNS working. You cannot depend on DNS from your ISP here. The linked article is for 10.6 and Server Admin.app tool, though the concepts are the same and the setup works the same for OS X Server 10.7 and 10.8 once you check the Show All Records setting in Server.app. Again, you cannot successfully reference the Comcast servers from your local network, only your local DNS services. Let your own local DNS resolve all addresses on your network, as well as DNS translations off your network. (Servers and networks with local servers are configured and operate differently from client networks, particularly those in a private IP address space. Servers provide services to clients, which means the server and network administratiion involves a little more...)


You will be tempted tp try to skip this DNS set-up step, but you need DNS on your private network. OS X Server gets squirrelly when local DNS isn't correct. Stuff will appear to work, and then you'll end up with problems. (Voice of experience: I tried skipping this DNS setup, back when you could sort-of get away with it, and even 10.5 got weird. DNS has only become more central since 10.5, too...)


Set your clients to use your Airport or Time Capsule or ZyXEL ZyWALL as the gateway router for your network, either manually for those configured that way, and via the DHCP settings for those that receive the gateway address and DNS server address (of your local server, not the ISP DNS servers!) via DHCP.


If you want an overview of terms and concepts involved here, start with this overview of a small IP network. (If either article is confusing or missing something, please let me know and I'll see if I can address the confusion.)

View in context
2 replies
Question marked as Best reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
116,175 points

Jul 24, 2013 3:49 PM in response to Francis Drouillard

Bridge the Comcast router.


Once you bridge the Comcast router, it's effectively "invisible" to local IP networking. (IP routers are not "transparent"; they have IP addresses that other hosts (other than configuration tools) care about, need, and use. Network bridges don't have IP addresses, or they have IP addresses that just the configuration tools need and care about.)


Then set up your gateway device with your static IP as its external address. Use the Airport Confguration to do this. There's a Wizard in there somewhere, IIRC, though selecting the device and configuring the "Intrernet" settings for static IP will get you most of the way.


Set up DNS services on your LAN. You need to have local DNS working. You cannot depend on DNS from your ISP here. The linked article is for 10.6 and Server Admin.app tool, though the concepts are the same and the setup works the same for OS X Server 10.7 and 10.8 once you check the Show All Records setting in Server.app. Again, you cannot successfully reference the Comcast servers from your local network, only your local DNS services. Let your own local DNS resolve all addresses on your network, as well as DNS translations off your network. (Servers and networks with local servers are configured and operate differently from client networks, particularly those in a private IP address space. Servers provide services to clients, which means the server and network administratiion involves a little more...)


You will be tempted tp try to skip this DNS set-up step, but you need DNS on your private network. OS X Server gets squirrelly when local DNS isn't correct. Stuff will appear to work, and then you'll end up with problems. (Voice of experience: I tried skipping this DNS setup, back when you could sort-of get away with it, and even 10.5 got weird. DNS has only become more central since 10.5, too...)


Set your clients to use your Airport or Time Capsule or ZyXEL ZyWALL as the gateway router for your network, either manually for those configured that way, and via the DHCP settings for those that receive the gateway address and DNS server address (of your local server, not the ISP DNS servers!) via DHCP.


If you want an overview of terms and concepts involved here, start with this overview of a small IP network. (If either article is confusing or missing something, please let me know and I'll see if I can address the confusion.)

Reply

Getting the Basics Right Before "Bridging" the Comcast Router

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up