‘ISP’ it really a problem?
In this article, Geoff Meads looks at the downside – and potential upside – of free internet service providers (ISP)-supplied routers, are they any good?
Premium or ‘enterprise’ networking equipment usually offers more features, greater reliability and a better profit margin over and above that of cheaper, ‘High Street’ products.
When it comes to devices such and switches and access points, it’s pretty easy to swap out basic kit for ‘Enterprise’ equipment. Compared to many AV products, networking gear is relatively cheap and, with so many systems now relying on the robustness of the local network, better kit is an easy sell to consumers.
However, there’s one piece of the jigsaw that’s not so easy to replace – the ISP-supplied router.
Why is it free?
While it’s possible to get ‘Bring You Own Modem’ internet supply deals, most ISPs will prefer it if you take its modem too. Different countries favour different deals but, in most countries, the ISP prefers you to use its router. There are a few reasons for this situation:
- It’s a known quantity – put simply, it knows its router will work with its system.
- It knows how to support it – when you call with a problem, it knows the right questions to ask to help you get it working again with minimum delay and
cost to the company.
- It can upgrade it when it wants – if its systems change, it can send you a new router to easily support it or update the firmware remotely.
- It can remotely diagnose issues – often an ISP router has ‘back doors’, allowing the ISP to access and look at the status of your router without you getting
- It can control access – some ISPs use the router’s WAN MAC address to grant internet access or not. (The UK’s BT being a good example.)
Why swap an ISP router
This is a great question to ask yourself before ditching that ISP router but it may also be a question your customer asks of you. After all, why should they pay for something they already have?
Let’s look at a few good reasons:
- Reliability – A ‘free’ ISP router will be built to a price. Probably as close to $0.00 as the ISP can negotiate. Enterprise equipment is designed to run 24 hours a day and with constant high usage. For a typical family of four people, with moderate smart TV use and browsing, then an ISP router might work just fine. However, with the sort of high-traffic IPTV, security and IoT devices that installers fit network traffic can increase to very high levels and reliability might be an issue.
- Remote access – While a basic router will allow remote access to its setup menus and, using port forwarding, access to LAN devices, neither of these are recommended due to security issues. For secure remote access, a VPN connection is needed. VPNs can be deployed using dedicated server devices connected to a router but are more commonly deployed using technology built in to enterprise routers. It’s unlikely an ISP supplied router will have this technology built in.
- Profit – This is a simple one. There is no profit in a free router supplied by an ISP. There is profit in an enterprise level router that you supply. End of story.
It seems like a pretty simple decision then. Let’s go ahead and swap out that ISP router for a better, enterprise level model that we supply. It’s more reliable and offers more features, right?
Maybe not. There are a number of things to consider before we ditch that ISP router…
Firstly, there’s the question of support. When (not if…) the customer’s internet service goes down, they’ll make a call to the ISP support centre. As soon as the
ISP figures it’s not its router on the end of the line, it’ll refuse support. The next call will be to you. From an angry customer. Possibly at midnight, or worse…
Secondly, many ISPs expect to ‘see’ its router’s MAC address on the end of the line. If you swap out the router, the MAC address will change to that of the new
router and service may stop, maybe right away but, maybe, some hours or days later.
Next, we have to consider security. When an ISP’s router is connected the ISP has the ability to upload new firmware remotely to ensure its router remains secure. If you change out the router for one you’ve supplied, you become responsible for router firmware updates which may or may not be able to be carried out automatically or remotely.
Finally, we have to consider supply convergence. It’s becoming increasingly common for the ISP to supply other online services, like, TV, for example. Depending
on the nature of the service, it may not be possible to swap out the router without disturbing or disabling other services that the ISP is supplying.
The double NAT option
One possible solution is to use two routers. The ISP router stays as the main connection to the internet with one of the LAN connections on the ISP router used
to connect the WAN side of the enterprise router. LAN devices are then connected to the enterprise router.
There are three things to consider before attempting this solution:
- The enterprise router will need an unmodulated WAN connection (usually on an RJ-45 connector).
- The IP range of the enterprise router’s LAN must be different from that of the ISP router. For example, if the ISP router has an IP ID of 192.168.1.0/24 the enterprise router’s LAN could be 192.168.2.0/24.
- A pathway for VPN traffic must be set up through the ISP router (using port forwarding) for VPN connections so that inbound VPN traffic can reach the
VPN server on the enterprise router unhindered.
For many integrators the choice here is still far from clear and will depend on their own circumstances or even on the budget of the customer. Either way, making an informed choice comes down to having the right knowledge. I hope this article has helped a little with that. See you next time!