Hopefully someone with more experience will comment here.

What was your set up before you got Comcast?

Is there one of your machines that is running Mac OS X Server? Can it act as the DNS? I know we have local names on our network, but I'm not sure how it is set up.

Hi,

Thanks for your comment.

We used to have Verizon DSL, and I was able to set up Bridge mode in the modem itself. So, the only thing that it changed since them is that we have a cable modem from Comcast.

Again, OS X server is currently setup as a local DNS server. So instead of IP address, people can type anydoamin.lan for instance.

Thanks again!

The 8014 is a NOT a modem, it's a gateway, which is a fancy term for a cable modem with a built in router.  It is also a VERY dated device, as well as poor performing according to some.  I assume you have Comcast Business class service?  If so, the techs there are pretty experienced and you should talk to them.  The newer SMCD3G is a better and more capable device, I would recommend you request a swap.  My understanding is it CAN be placed in bridge mode, but that's just hearsay, I have no direct experience with them.  Otherwise, you can setup a public static IP on your Airport Extreme and configure it through the SMC.  Static IP's are a cost item on your service, I think, but I have no idea how much.  Your least desireable choice is to setup a double NAT situation, where the SMC is in gateway mode and your AEX is sharing a public IP address, although it's really sharing a private IP address given to it by the SMC.  Your AEX will likely complain about this, but it should work in most situations.  Some types of connections don't like otr work well with double NAT setups, so beware.

A simpler solution, I think, would go like this:

1. All ethernet connections go to the SMC (through your ethernet switch), and that includes the AEX's WAN interface.

2. Place the AEX in bridge mode so it acts like a wireless access point and NOT a router.

3. All your wireless devices connect to the AEX and through it to the SMC.

4. The SMC provides the DHCP and NAT function.

5. Disable or reconfigure the local DNS server to use the Comcast provided DNS servers.  If the systems with static IP's have hardcoded DNS setups (this is not a good long term managable solution, you understand), then you have two choices, either go to each system and change the DNS settings, or replace the DNS server on the OSX box with a dnsmasq type server that simply relays to the Comcast servers.  Better yet convert all to DHCP and manage your DHCP leases by MAC address/client id.  If you need more capability in DHCP than the gateway allows, disable its DHCP function and put up your own DHCP server to handle your network.  Managing systems with static IP setups is fine for just a few systems, but as your network growns, so do your headaches, don't go that way.

OK,

Thanks for your comment!

There are several things that I need to understand in terms of networking in general (this is not my fieild or anything. I am just a small business owner who can understand just enough to get by...). If you can teach me, I would appreciate it.

1) IP address of gateway and local domain. 

We have been using the 10.0.1.xxx for local domain (this is Apple's default). The router, AEX in this case, has 10.0.1.1 and our OSX server is 10.0.1.10.

Again the most of desktop computers are static IP because I thought it is better for whatever I thought when I set it up. (I guess there is no reason to use internal static IP address, as you mention, expect for printers and file server itself. By the way I do not have static IP address for the Comcast connection, which is $15/month.).

The defaul IP address of the gateway is 10.1.10.1, which is the different range than what we have. My first questions is:

Q: Don't they need to be in the same range to work?

But right now, they are not but work just fine. This is how they are set up right now:

Gateway: 10.1.10.1 (completely default setting since I hardreset the gateway after many changes)

AEX: 10.0.1.1 (Ethernet, Automatic, Share a public IP address)

My laptop: 10.0.1.195 (via DHCP, set router as 10.0.1.1)

I can not understand why it works in the first place... Let's start bit by bit. Thanks again for your time!

If your subnet mask is 255.255.255.0 then those addresses look reasonable. Your lan is 10.0.1.x, the segment between the AEX and modem is 10.0.10.x, and they don't conflict.

If you point all the machines on the LAN to the OS X server as their DNS, you should still be able to get online. It should be configured as authoritative only for your home domain; for all other domains, it should go out to the Internet (either using a root hints file to do the lookup itself, or forwarding to the AEX or Comcast DNS). Can you post your named.conf file?

Hi thanks again!

OK, so there is nothing wrong with the way it is set right now...

But as soon as I set the DNS server as local X server, it stop working: I cannot go online...

Where can I find "named.conf" file? What other information I can show so that it can be diagnosed.

Thanks again.

How did you set up the local DNS server if you don't know where the named.conf file is? Creating that file is part of configuring the server.

I think the named.conf file is normally located in /etc.

Via Server Admin. That is how I can create a local domain and setup DNS.

I think I may have figured it out actually. I took look at Forwarder IP Address in Server Admin, and realized that I was still using verizon DNS.

I chaged to Google DNS server, and now it works! I suppose it it were empty, then it would have worked...

Thanks!

Good to see you found a solution and posted about it. Thank you.

If someone needs to use some of the TV and Play Now options, you may find that you need to use a Comcast DNS.

What you have is a double NAT setup and while it work in most instances, it will fail in others and it's not something I recommend, which is why I recommend you do away with the NAT firewall in the AEX, put it in bridge more behind the SMC and stop using static IP addresses, you are really hurting yourself when you have to make config changes.

While you can use Google or OpenDNS, I would highly recommend you use the Comcast DNS servers: 75.75.75.75 and 75.75.76.76.  They are closer and usually faster then going outside the Comcast network for DNS service.  Only use other servers if you have some legitimate problem with the Comcast servers (which are pretty rare, relatively).

---

tsutu wrote:

Hi,

 

That was my next quetion acutally. Right now, since gateway is not in brige mode nor AEX, which is doing the routing job?

---

Both. AEBS is routing to the gateway, and then gateway is routing to the Internet.

If you bridge the AEX, then the few static IP's you have left will need to be configured on the SMC's network, since the AEX subnet will disappear.  If their IP's change, then you need to fix their DNS configuration.

Most folks that run their own networks for businesses have thier own DNS and DHCP server(s) internally and simply relay any requests they don't service out to the DNS servers for their ISP, in this case Comcast.  If you run your own DNS and DHCP server, then I recommend you disable the DHCP function in the SMC so it doesn't conflict with your DHCP server, just make sure the IP's served are on the SMC's defined LAN subnet and that they don't overlay anything that the SMC wants (for example the gateway IP address, etc).