I recently signed up for Clearwire's WiMAX service. So far the service itself has been great. Performance is good at all times, and we haven't lost our connection once in the past two weeks. This is pretty important since I work from home and also run a couple of low-profile servers over this connection.
Most of my problems with Clear stemmed from the fact that they advertised their Motorola gateway as a modem when it's actually a router. Unfortunately the gateway has continued to cause problems--so many that I would not recommend Clear's service to anyone with a home network (or at least anyone with more than the plainest vanilla configuration). Wait until you can purchase a better WiMAX modem or gateway than what's provided by Clear.
First, the gateway refuses to properly forward requests originating on the local network to my public servers. Every LinkSys home router I've owned for the past 8 years has handled this correctly. But the Clear Motorola gateway returns the router's administration console for all local network requests to the gateway's private AND public IP addresses. The router includes an option to enable/disable administration from the Internet, but that makes no difference. In practical terms, this means I can't see what my home servers look like to the outside world without either A) accessing them through a different ISP or B) routing my http requests through a slow and invasive proxy server such as this one.
Second, the gateway apparently eats traceroute packets. The screenshot below shows a traceroute to www.google.com with a timeout of 10,000 milliseconds:
Now I can't prove that the gateway is actually eating these packets because I don't have another device on Clear's network to compare. It could be that the packets are eaten by an upstream router on Clear's network. But I doubt that's the case. (As an aside, I see the same behavior when I run a traceroute to other hosts on the Clear network, such as their DNS servers and time server.)
A big reason I'm inclined to blame the gateway for eating traceroute packets is also the third thing I hate about it: It doesn't fully implement the DNS protocol. I discovered this when my mail relay stopped working after switching to Clear. After several wasted hours monkeying around with my SMTP server and Wireshark I found that the gateway was eating DNS lookups for mail exchanger records. This was especially difficult to diagnose because the A record lookups were working just fine.
The screenshot below shows an nslookup of the MX record for gmail.com, which times out:
This screenshot shows an nslookup of the A record for gmail.com, which succeeds:
Once I identified the problem it took just a few minutes to fix by bypassing the Clear gateway for DNS lookups on the mail server. As you can see below, the same MX lookup works fine when routed specifically to Clear's primary DNS server (75.94.255.12):
This DNS server is where the gateway passes DNS requests it can't resolve, which indicates to me that the gateway itself is responsible for mangling the DNS packets.
6 comments:
I too very much hate the Motorola Gateway with my Clear Wimax service. If it had the option to simply allow the device to act as a bridge instead of insisting on being a router it would not be so bad. With a little time tweaking the settings with DMZ and portforwarding I was able to get things limping along - but not the way I would like. I would also NOT recommend the service simply based on this device as well.
In addition the phone support for Clear Wimax and customer service is absolutely horrible. I disconnected my service today and will never do business with Clear again in the future.
I just went through the same exercise of discovering the broken DNS handling of the modem. With so much anecdotal evidence of a problem with that modem (I've tried two generations of them now), I don't see why they don't just fix its DHCP server to return the DNS address(es) that modem sees instead of the local address of the modem itself. I've moved back to my own DHCP/DNS server inside my network now and things are fine, but I sure feel for those who are networking challenged. No wonder Clear is getting ripped. I've actually had good technical support experiences thus far, probably because I'm patient and start off with, "I'm a software/network engineer and here is what's happening..." No, they don't/can't solve the problem, but at least the ones I've spoken with are willing to dig deeper and not just tell me to reboot everything. I'll probably keep clear for speed/price since I'm saving $50/month on internet and phone, but I wouldn't recommend them for the casual internet user.
@Scott: Hope my post helped you a bit!
I had just puzzled out my DNS issues already, but your well-written post was illuminating and identified additional areas of potential concern. Thank you!
@ken: You're welcome!
OMFG I am so glad I read this!
I changed my DNS from dynamic to static and EVERYTHING works again!
Post a Comment