ISP forced modem+router

My local area is soon to have fiber. Found out the ISP (https://conxxus.com/) requires the use of a modem+router system from a company I had never heard of (https://www.calix.com/).

Was hoping someone would have some experience with any of this info/companies. I would be paying slightly less for double the internet w/o a data cap.

I don’t want to trade security for convenience, am willing to put whatever work into a work around if needed.

When forced to use a router you don’t own, you can stick your own router behind it and deal with a few double-NAT issue. Or to avoid the double-NAT, find out how to put it into a bridge mode. Searches for the later look positive:

2 Likes

Calix produces mostly enterprise and ISP networking products but they are a quite reputable company. CenturyLink uses their DSL DSLAMs in almost all the services areas where I live. But as for security, I think it’s a crap shoot with all the CPE manufacturers. Companies like Zyxel seem to have a new zero-day every other month but the ISPs keep buying and supplying them to customers. Anywho, but Calix has been around for a long time and I trust them as much as the other CPE’s.

3 Likes

There are two questions here, what is the layer 1 handoff (GPON, sfp, copper ethernet), and what layer 2 addressing scheme are they using (IPoE, static IP, perish the thought PPPoE) + any vlan tagging they’re doing. Luckily for you most of these are really easy to integrate into your own router. Most likely it’s copper ethernet (via a converter box) with IPoE, which means you simply run DHCP on your router to get your IP.

If you eventually get a login to the router (even read only), you should be able to get a copy of all the settings you need.

If you do use your own router the only real issue may be plugging in the stock modem/router if you ever need to call helpdesk.

1 Like

If you do use your own router the only real issue may be plugging in the stock modem/router if you ever need to call helpdesk.

The horror. Trying to convince helpdesk their service sucks and has gone down is so painful. I definitely add a +1 to keeping their router around for when you inevitably have to call them.

Good luck with your custom setup and report back on how it went!

The horror. Trying to convince helpdesk their service sucks and has gone down is so painful. I definitely add a +1 to keeping their router around for when you inevitably have to call them.

I can’t tell you how many times I’ve had to call CenturyLink, My ISP, to tell them that we are only getting a fraction of what we are paying for, or that their service has gone down. The built-in troubleshooter goes to some random address that doesn’t even exist, and wouldn’t even be in the same service area.

Running the two routers in tandem for your own security is perfectly acceptable. I do this. Do make sure, if possible, that the ISP router is in bridge mode. On some routers, you can also patch specific MAC addresses through to the broader internet. I don’t doubt that your ISP is using DHCP to give your router an address. It could be different because of fiber, though.

Best of wishes.

Bridge mode, modem mode, an older term is also DMZ - where all the traffic is passed to a specific MAC on the LAN side.