Please excuse the spotty network availability of our websites during the past two weeks. On Tuesday, July 20, which will be forever known by my company as “Black Tuesday,” we upgraded our AT&T DSL internet services to the new AT&T Uverse for a faster Internet connection. You might have experienced access problems during those weeks while we fixed problems and changed over to new IP addresses.
Unfortunately, you probably experienced problems accessing our sites or emailing us for a few weeks afterwards. Our experience with UVerse during the past few weeks had its ups and downs. Unfortunately, those ups and downs were in the form of Internet connectivity with our web and mail servers. We still don’t have an active fax line as a result of the upgrade either. However that should be fixed by Thursday, August 18.
The problem with UVerse isn’t in the actual service itself, but in the 2Wire gateway appliance that brings the service into your home or office. You must conform to it or it will punish you with random outages until you conform. I’m happy to announce that the U-Verse 2Wire appliance and I have worked out our differences and come up with a compromise that we can both live with. The 2Wire appliance has allowed my websites to peacefully exist on the Internet for the past week without even a hiccup or disturbance.
Why did it take so long to fix the problem? It’s because I had to figure it out myself. Because I have static IP addresses on my 2Wire account, and because all my problems related to static IP configurations and registering the names in DNS, all the UVerse help desk could do was to bounce me around from department to department until I learned that layout of authority in the support departments. They even tried to sign me up for paid support. However no one in the paid support area even knew what DNS or static IPs were. With the exception of 2 out of 30 people I was transferred to, both of which were in the non-pay tier 2 support, no one understood what static IP addresses or DNS records were or anything related. Rather than admit defeat, they just dumped me into another holding cue. During that time I actually signed up for DSL with full intention of going back, canceling at the last minute. The lure of faster Internet was too compelling. If I hadn’t found the cure on my own, I’d be a DSL customer once again, like I was before.
During my quest for answers, UVerse tech support had a few humorous answers. When I asked them to register my domain names with THEIR DNS nameserver, in their network, maintained by their staff, the technician wanted to know what operating system my computer was using. I knew he had no idea what I was talking about at that point. He dumped me to another department’s help desk to get rid of me. Problem solved for him anyway. When I asked another UVerse support person about submitting my domain names to their DNS servers, he said the they don’t support WINS, I then said, “that’s nice, but can we get back to my problem?” Three technicians in Tier 2 UVerse support were very helpful and for that I’m very grateful. They provided a good start for my investigation journey. However, I still had PTR, A, MX, and CNAME records to update in their DNS servers, so my journey was far from over. At that point, I remembered my days as a system admin and knew there had to be a way around tech support. I found it by doing a nslookup, whois lookup, etc., on the DNS servers I was trying to get listed on and there it was, like a gleaming beacon of hope. I found an administrative contact email address for the DNS servers. I immediately shot an email to the contact explaining my situation and the records I needed changing and they were a great help. It always pays to be resourceful. There’s always a backdoor if you know where to look.
After all my experiences, it was worth the struggle to get a faster Internet connection. I’m glad it all worked out and thanks to 3 out of 30 technicians at UVerse support and the extremely helpful DNS provisioning staff I’m now a happy UVerse customer. Granted, most of the support issues most UVerse customers face, involve simple things like how to program the remote, or how to sign up for pay-per-view movies so they scale down the knowledge pool to address those issues and for most people this is acceptable. However, they need to have a staff that can help for configurations related to having their products work with static IPs. After all, they sell them so they need to be able to service them. The lack of knowledge in that area was frightening.
As an IT tech who successfully slayed the UVerse dragon, I’m offering my UVerse consulting services for $500/hr. Trust me, there will be a point when you’ll gladly pay it. Just kidding about the price. If you have any problems with UVerse and static IP addresses, I’ll gladly share what I discovered related to static IP addresses and trying to get your firewall to work behind their firewall. If you’re wanting to know why your TV doesn’t work or stuff like that, call UVerse tech support. That’s what they’re qualified to handle.
AUG 19 UPDATE: As of now, my fax line works so all my problems seem to be behind me. Nothing but blazing fast Internet ahead. Hopefully!
SEPT 22 UPDATE: Only had one DHCP problem happen since last update. Might have been related to server maintenance. Confidence building.
If you are buying or selling a house and are looking to hire a successful real estate agent to help you through the process, take a look at AgentHarvest's list of top-ranking local Realtors in your area. We found these agents by examining their sales track records, awards, rankings, client testimonials and by conducting personal interviews.
I have read nightmares like yours and have been trying to find best practices – please forward and/post all the gory technical details.
When I ordered business uverse ATT called and said I had to cancel my T1 and DSL lines (from Verizon) before they could install uverse – I couldn’t allow that for business continuity reasons so ATT cancelled my order. Yes the sales and tech staff merely said “due to technical reasons” although they could never specify one, nor did it matter that I wanted to avoid exactly the same situation you had.
I did my own research and despite the marketing claims uverse IS NOT fiber optic but rather super fast DSL for the last few hundred yards (I think fiber up to that point). Then I found references to home cross talk issue and the fact that ATT replace the entire copper home wire pair – thus you can not run DSL twice on the same line.
Okay for home installs if uverse this now made a bit of sense, however I was a business customer (or wanted to be one) and had no less than 13 free copper pairs and also 2 unused free cat-6 cables from the main buildings access point to my suites. So theimitations and so called “technical reasons” really do not apply to my business or most business in a commercial building environment.
So in order to get uverse and keep my existing Internet feeds I had two choices 1) rent a new suite and only put in uverse 2) sublet/subdivide my suite into two legal units with legal mailing adresses (the later is the key point two legal mailing adresses)
Now I can order max-turbo at 24mbps with 64 static IPs but I will have the same issues as you experienced
Life would be simple if the 2wire could be put in bridge mode but with new firmware (which is autopushed by ATT) and the 3800 RG bridging is no longer a viable option
Issue I know about
A) Router behind router (this is a setting/warning that can be adjusted)
B) Two dhcp servers if router behind router (make sure the 2wire and you own priv net are diff class C’s
C) Inability to add static routes for static IPs (no work around)
D) Static IPs must be served by the 2wire dhcp server (yes sounds so odd and so wrong)
E) use DMZ+ for all static IPs (no router behind router) but you get stuck with relying on the 2wire device for firewall or nofirewall
So I have big concerns (speed and price seem good so I will get uverse and experiment) yet I just don’t know if it can safely be deployed in my business as such I would appreciate any help/advice in detail
I don’t know if DMZ+ even has a firewall or if pin holes can be configured or if VPNs can be deployed – honestly ATT is selling a business service yet sticking you with a limited residential gateway (3800) they need a business gateway
I am hopeful but I don’t put much faith in ATT answering a myriad of questions I have
Thanks
Oh this post seems to outline the same concerns
http://forums.att.com/t5/High-Speed-Internet-Access/UVERSE-NOT-suitable-for-businesses/m-p/2310619/highlight/true#M4946
There are other issues too, such as the inability to bind more than one IP address on a nic. Also, to go with public IPs, you have to have the device as a DHCP client. However, I came up with a pleasing workaround that allowed me to still use my original firewall. The only problem is that I have to only use one IP address on that firewall. All devices behind it will have to use NAT by application or port #. As long as the 2wire only sees the one device it doesn’t hurt it. But uncheck all 2wire firewall features in advanced menu. I lost no functionality, but the world only sees me as one IP address. Worked ok for my situation since all my servers are sorted by type (web, mail, etc).
Also, I found that trying to get DNS changes was like pulling teeth. I finally worked around it by doing a DNS name lookup on the AT&T name servers to see who the technical contact was. they were helpful and I can now leave tech support behind for DNS changes. PHEWWW!
As a more advanced home user and a tech, I thank you for your perseverance!
U-Verse is one of the only viable options in my small semi-rural town, other than pure DSL which AT&T had stopped developing because of the U-Verse rollout, limiting DSL to 2Mbps, maximum. This prompted me to begin investigation into this product, with what I perceive to be mixed reviews.
For Basic users, I hear hymns sung of the stuff dreams are made of. From Business users, I hear the wailing dirges of nightmares and woe, all due to the blasted 2wire residential gateway, which is obviously not a business grade device. No 2wire device I have ever used has been capable of keeping up with a commercial grade (Sonicwall), quality custom firmware based (WRT54GL), or PC-based router/gateway. The solution has always been to bridge the device into “idiot mode” and let the big boys carry the load of PPPoE Auth, firewalling, and VPN.
Admittedly, I have never subscribed to a static DNS solution, perhaps because I’ve never trusted a non-T1 grade service to provide reliable static IP (as well as the fact that I’m a bit of a cheapskate and don’t want to pay extra for it). My solution was to use DynDNS to park my domain name and provide DNS resolution to whatever my dynamically assigned IP had been set to at the time. This has worked well for me as I joined DynDNS when they were still a non-profit startup and got in as a lifetime member for one fee. However, it would be a service that I WOULD pay for monthly, just for the ability to park my domain on a single service that routes my resolution to any ISP which I deem worthy to provide service.
As it stands, DynDNS is still a free service if you do not need to park your own custom domain on their servers, and instead are willing to use one of their own domains with your custom domain prefix, which most advanced non-business users may be content to do. I don’t worry about IP renewal downtime as the router solutions I use have onboard dynamic DNS update clients, and notice the change of WAN IP and update DynDNS within seconds. Perhaps this might help other users that may run into this article.
I’m diligently pursuing AT&T and Google’s repositories for alternatives to this abomination that calls itself a router, but it sounds like your experience has shown this to be a futile effort. I will continue to pester them as kindly as I can to actually support the needs of their users, which I feel that far too many corporate giants have forgotten how to do. The fact that those of us that are intelligent enough to see the wool as it is pulled down makes their disdain all the more insulting.
Ian:
I’m happy to update this post with more positive feelings about Uverse. When it’s up, it’s stable and worth the money. You can setup a DMZ that bypasses the Uverse appliance, but if you use static IP addresses and want to use your own firewall behind the UVerse appliance, you need to come to grips with the fact that you’ll only use one of the 5 static IP addresses you’re paying for. You can only use all 5 if you only rely on the UVerse appliance as your firewall and all the devices attach to it via DHCP for the address. While I have to attach my firewall to it via DHCP, at least it can be registered to only get the one static address so no big deal unless you need to map multiple IP addresses to multiple servers behind your firewall. Then, you’re screwed but in most situations, the one address will be adequate, at least it was for me after I consolidated web servers. Still, it’s worth it for the bandwidth and affordability.
Just get to know the DNS provisioning department and deal with them directly. Avoid using uverse tech support for anything related to static IP and DNS name registration in their nameservers. Hint: Do a WHOIS on the AT&T name server you’ll be assigned to and contact the tech contact listed in DNS registry. That was my backdoor and it can be yours too. They were quite knowledgeable and willing to help. They were probably sympathetic too but didn’t let on.
I decided to avoid DynDNS simply because I wanted my own domain.com rather than subdomain in DynDNS. I think it just looks better, since I’m hosting a web server. If I had a personal server to access, I wouldn’t have a problem with DynDNS. I just don’t like adding extra hoop to jump thru for stability and efficiency. Actually you mention affordability as an issue using static IPs. I think I only pay $5-10 per month, or 2-4 large Lattes at Starbucks. It’s worth it to look as professional as the competition.
However, not all things Uverse are rosy. I had another outage a few months ago when I modified my service package. What happened, I soon discovered, is that when the package is changed, it is resubmitted in entirety. This means that you automatically get reassigned a new block of static IP addresses and your old block, the block all your domain names were pointing to, goes into nowhere land. Don’t waste your time trying to get them to reverse that. I wasted a day of uptime trying to get my old addresses back. You’re better off abandoning them, calling your DNS tech contact (avoiding tech support) and giving that person your new addresses. Be sure to save the list of records and domain names for future use so you can send all that info to them. So I suggest you make as few changes as possible to your account and always do it on a Monday morning so you’ll have time to recover.
Overall, I’m happy with the service, but I will never change anything ever again. I also use the 2-wire for internet and lan only. EVERYTHING else, included WiFi is disabled. I don’t use it for cable TV, phone or anything other than internet. The WiFi router is horrible anyway so you won’t miss it if you install another wifi router to it.
Don’t bother trying to find a 2-wire alternative. There aren’t any. Just be prepared to submit to it’s limitations but you can use your own firewall behind it without ANY problems as long as you can live with one static IP address being assigned to it. Trying to outsmart it will only bring you random outages and despair. Just think of it as a Borg and assimilate to it’s will. In my case, it is a happy marriage, but we do have our fights.
Ok so the name and rmail address are fake but…
I think you are missing something with the 5 static ip addresses.
I really can’t remember how it all went down but I setup a friend/client of mine
with Uverse Biz and 5 statics aboiut two weeks ago. They had the 2wire wireless
router . I wish I could remember how I did it but I Got the FOUR usable IP’S
forwarded through their network appliance and this all took me baout 30 minutes.
It was so Intuitive for me after the massive hairloss I have endured whilst
installing/setting up DSL.
I will dig through my brain and and see if I can remember the details. This was
my first experience with U-Verse hardware and the most pleasant experience I have
ever had dealing with TelCO HSI. It all went so smoothly that I didn’t take notes
or bother trying to remember anything.
Unfortunately my problem wasn’t with static ip addresses behind the 2wire, but with public static ip addresses, the ip addresses that can be seen by the public. Normally it isn’t a problem if you want to use the 2wire appliance as your firewall, but I wanted to use my firewall that has more features and great logging abilities. To do that means that I had to bind multiple ip addresses to the same interface. Can not be done on 2 wire. Just 1 ip address can be assigned to an interface. And all ip addresses MUST be assigned by 2wire’s DHCP server.
I found a workaround but it still leaves 4 rented addresses unused.
The customer is always right, wrong…
If you like being treated like a second class citizen/ customer, ATT is the provider for you.
If you only desire to speak to automated telephone support, ATT is the provider for you.
If you enjoy the inability to settle any sort of dispute whatsoever, ATT is the provider for you.
If you’re enamored by offensive and threatening business letters, ATT is the provider for you.
God forbid you should decide to upgrade your services with them because they’ll continue charging you for both the old services and new ones.
After 6 prison-like years of services (if you know what i mean), I’m sending it all back. Good riddance.
ATT, this is my last act as a paying customer, and it’s only befitting that I let everyone know how wonderful you are!
Regards,
Hope ATT fires you Dimitrious from Sales, Service and Billing (phone click)
I recognize that frustration. By the way, “Thank you for using AT&T.”
I seriously thought that maybe i had bad luck contacting the same “Tier 2” to get a simple PTR record created for a small business in San Diego. Unbelievably they had NO CLUE what i was talking about and insisted on get a technician out there. This is only 2 hours after the same tech left stating that “The customer has to call in for anything like that, such as PTR Records” that he could NOT do it. I bought that, but i have to say the the competency of the people there (even the local, NON-Exported) tier 2’s had no idea. Basically said “Is the internet UP?”, i said “Yes” then they said, then there is nothing wrong. I guess was the idiot for setting up an internal Exchange server and Webmail. I asked them if this is their “Tier 2” then what the hell was Tier 1? OHHH and if i wanted a “DNS” change i need to contact their Support 365 which is a “PAID” service. Unbelievable. ON TOP of that their stupid router DOES NOT WORK as designed. 5 statics? BS. I could only get 1 to work with MY OLD router after enabling it as a PASSHTROUGH which makes this fancy shiny new modem a piece of poop “Come on in yall” dumb router. It then hit me WHY the installation was free and the monthly cost was toooo good to beat by anyone else. Giving them 48 hours to get my a PTR record so my exchange server is not flagged as a spamming bot.
1 more thing, after my polite venting i said “We are going around in circles aren’t we” Then the polite young ARROGANT (i’m right your setup is wrong) agent simply said “Yup, we are, thanks for calling ATT, we value you as our customer” and hung up.
Hugo, if this is a new Exchange server, wait until you discover they block port 25. They’ll unblock it for you if you can find the right person that actually knows what you’re talking about. I had a U-verse port 25 issue last week. I spent 11 hours being transferred to 7 departments to find the person who could fix my problem. The problem: Port 25 should be unblocked on my account, and it has been for almost a year. But for some reason last Tuesday, I wasn’t sending SMTP out via port 25. My router somehow lost the setting. The fix was to enable port 25 block then again disable port 25 block then push the configuration to my router. Push config was their term so use it often. That fixed my router after a reboot with the new config. The fix took 2 minutes, finding the fixer took 10 hours, 56 minutes. This fix was done by Tier 2 of the free tech support.
At one point, I was told to upgrade to the paid support tech department. I disagreed but obeyed. All of the techs I found there either wanted to dial into my PC to look at my configuration (even though it was a 2wire problem) or they quickly transferred me to another non-paying department.
Regarding DNS issues: I just discovered that if you buy a domain name on GoDaddy you can use their nameservers and create the records yourself and point them to your IP address. That will take 10 minutes tops and you can do it yourself. This will be the direction I go next time.
NEVER BUY THE PAID SUPPORT SERVICE at AT&T. To this date, they have never been able to solve any problem that I have called about. However, those problems were solved by Tier 2 of the regular support service.
Another observation I’ve noticed is that the techs with a foreign accent are just blindly following a flow chart of what to do. They don’t deviate from it. The American techs have all solved my problems quickly. Another thing I hate about the foreign support is that each time your call is transferred to another overseas department, call volume and quality drop, sometimes to the point where you can’t even hear each other or one can’t hear the other.
I don’t mind paying for support, but I hate not getting my money’s worth. I’d pay $100 per incident if they could direct me to a competent tech. I remember back in the days of NetWare paying Novell $500-$1000 per incident without hesitation because you knew they’d fix it.
Hugo – “Thanks for using AT&T!!!”
As a tier 2 agent, just thought I’d let you know that the process of unblocking SMTP/opening port 25 takes me about 3 clicks and ten seconds. One click to open the tool I need, one click to unblock the port, and the last click you hear after a successful resolution 🙂
You screwed up pal! You gave me your email address. For that I and all other Uverse clients reading this blog thank you.
It takes me a minimum of 8 hours and 10 seconds to get the problem resolved. Ten seconds for the tier 2 tech to fix it and 8 hours to find the Tier 2 tech that knows what I’m talking about while I’m being transferred to a minimum of 4 departments, some of which aren’t even support depts. Once I even got transferred to T-1 Provisioning for a residential Uverse problem. I’ve used the paid premium support service a few times and they NEVER solved my problem and quickly transferred me to another department within minutes. To this date, Tier 2 is the best AT&T support staff.
While I have you, what tips or suggestions do you have for Uverse clients calling for support? When is the best time that the most knowledgeable techs are on duty? Which departments should we avoid, etc? Also, do you accept bribes paid to deal with you directly? Could be a great side income. Just saying…
Thanks
Bill
Direct line to tier 2 – 18887229337 extension 296 or 944 they both go to the same place. Hold time between noon to 5 pm is pretty much nonexistent, 5 – 10 pm can be anywhere up to 45 min, avoid those hours. Also don’t bother calling in on Saturday 10 pm – 6 am, our tools go down for regular maintenance and we can’t do much without them. Note, these are all Central Standard Times. Feel free to ask me any issue specific questions, I’d be more than happy to help
Secret:
On behalf of all of my readers using Uverse, including myself, I thank you.
Regarding additional questions…. you didn’t answer the bribe to deal with you directly question.
Thank you for helping us use AT&T!!!
On that note, I have no problem accepting bribes 🙂 just let me know whatever you need!
Hello,
Awesome info. We have been in IT Hell for about a year with this. I can’t tell you how many thousands of dollars I have paid. and still dropping internet, no speed, etc.
from the sounds of it. If I provide EVERYTHING to the 2nd tier techs, it is not so hard to get fixed??
What – everything do I need to provide to make it ‘doable’ on their end
problem free, to move this along or move on
I cannot even tell you the impact on our business. It is sickening. We got it to get voip and that is not even feasible with this situation. It is worse than the dsl that we had with them
Would really be so thankful for your help!!
Thank you in advance!!
Genie:
Thank you for using AT&T. Kidding. We had a similar problem once, but I was trying to get around limitations of the 2-wire and it didn’t like it. I tried to connect a firewall router to the 2-wire using a 2 nic configuration that used load balancing so I could dedicate an IP address to each port on my firewall since I had two servers that needed unique addresses. The DHCP keepalive packets were getting mixed up so I had to yank that configuration. Solved problem by making each server offer a unique service so that I could route by port on MY firewall (not 2-wire). Haven’t had a peep out of it since.
You say you’re dropping connection often? Does it automatically reconnect on its own? You may need to have a tech come out and take a look at your service from the Central Office switch (CO) to the demark, the place where they connect to your office and anything after that you own. Uverse has a limitation of distance over copper. If you’re beyond the limited distance, or close, you may have weak signal strength. You may also suffer from a sloppy connection or bad connector. They might be able to help. Start at Tier 2 and ask for them to send a tech to test line and inspect wire. If you get the wrong tech, you’ll have to argue with them that rebooting won’t cure it. I’ve noticed that calling early in the day usually has the best luck of getting a good tech. After 5 they get sent overseas. You’ll usually notice a drop in volume at that point when they come on line.
Best of luck and keep us posted on your adventures in tech support.
I have a friend who worked for weeks trying to address the same concerns… He’s started am article on his website to detail his findings and possibly help others that need it. His particular install uses the outside iNID and inside 2wire device…
Thanks for your article here. It helps with the much needed education! 🙂
Article at dslnuts.com
Chris:
Interesting site. My solution involved a popular firewall behind the 2Wire however it only allowed one IP address.
It’s a shame the 2wire won’t recognized bound interfaces. DSL would let me bind multiple IP addresses to the same NIC port but since the 2wire forces you to use DHCP for anything wanting to use an external address, you have to be creative.
But as they say, “Thank you for using AT&T.”
Hey Bill, I have been trying to get Linux/Postfix working most of the day with my Uverse account. I began with getting port 587 working to smtp.att.yahoo.com. Then found the problem with them only accepting MY account name as the from address. This is effective to limit spammers but makes the account severely limiting as a useful service. My solution at the moment is to use the /etc/postfix/generic mapping to force all the outgoing mail to use my AT&T email address in the from. This really sucks for people that just reply to an address I NEVER look at. Perhaps I can set up a forward there but this is NUTZ. I guess I need to look for another mail relay and probably pay for it. I am taking your advise and not attempting to get AT&T to change the hostname of my static IP. I will use someone like hover.com to create an alias. It would be nice if AT&T would park my domain for me though. I may also make some effort to get port 25 opened. But I’m not paying $30 for the privilege.
Port 25 is really your only option. I tried having my server login to their mail server to relay but no go. Connection refused and the outgoing mail piled up. Pay the blood money and get on with your life. You’ve probably spent over 10 hours trying to avoid paying $30. You’re worth more than $3/hr. Once port 25 is opened, your problems will be solved and you can send mail under your server’s ID.
Earlier this year, my 2Wire router had a hiccup and blocked port 25 again for some reason. After a few hours of tech calls, I found a tech that fixed it by turning port 25 off then toggling it back on and pushing both changes to my unit. That fixed the hiccup without having to factory reset and reconfigure my 2wire, which was my next step. It looked open on their end but for some reason my 2wire box saw it differently.
Transfer your domains to godaddy and use their DNS servers. You can configure your A, MX and alias records on their website. Takes seconds. AT&T will park your domains, but you have to find the right tech that knows what you’re talking about. Good luck adding or making changes. They will try to charge you for this service. It’s not worth it.
That tier 2 phone number is magic… port 25 block lifted Sat morning with 10 minute hold time. Now I just need to figure out the DNS alias thing for my domain and I can get on with the real work. The 2-wire won’t let you mess with the DHCP DNS settings 🙁
Mark:
I have two tips for DNS
1. Do a whois on your nameserver, find the technical contact for that server and send the request to them directly. For Uverse, it could take a week for your request to be completed due to work schedules and workload of tech staff. DSL’s DNS staff is great and fast. I miss them.
2. Buy a GoDaddy.com domain and use their DNS. You can create the records yourself and point them to your IP address or redirect domains to another domain. That’s the route I’m going for all new domains. Wish I’d discovered it 5 domains ago.
If you would, could you comment back or sent me an email and tell me how you managed to solve your static IP issue? I have escalated and escalated with UVerse tier 2 support and management and still have no resolution. We have a Cisco ASA 5505 behind our 2Wire with around 20 virtual servers behind the ASA, four of which have web facing or our Exchange server. The only IP that works is the firewall/global IP address and that is not going to cut it. And so far, AT&T has no clue what to do and seems to be unaware of the issue altogether. This seems to be something that I would think they would test and address before providing this service to business since 99% of business have a firewall facing the internet and need multiple IPs.
Any help you could give me would be greatly appreciated!
Sadly, you’ve reached the end of your abilities. Only one IP Address will work. In this discussion, I’m considering the 2-wire a passthru device and any reference to firewall refers to a stand-alone firewall appliance I have in an unfirewalled DMZ behind the 2-wire device. I’ve tried to buck the 2-wire limitations (no static routing on non-assigned IP addresses) by installing multiple nics in the firewall appliance and having the 2-wire appliance assign addresses to each and having each nic specifically assigned to a server. At the time, I thought this worked, but the links go down occasionally due to IP renewal issues when the other nic answered the DHCP request. The only way I could make this work is to succumb to their demands. I was lucky in that each server was assigned a specific task. All mail on one, web on another, ftp on third. I was able to send everything from the 2-wire to the firewall and sort it out there by directing traffic at the port or application level.
For your situation, the only solution that may work is by putting each server directly on the 2-wire, which scares the heck out of me so I wouldn’t do it on a dare. Another possibility that I haven’t experimented with is multiple firewalls, either appliances or virtually hosted software firewalls. Whatever you decide, you’re going to have to trick the 2-wire into thinking that each server requiring a static IP address is separate from all others. It’s a horrible solution, but it’s all that we’re left with. I had to consolidate a few servers to make my solution work. Consolidation may help make your problem less complicated, but the cleanest solution I know is go back to DSL, spring for a T-1 or fractional T-1, or get a hosting provider.
Say what you will, UVerse is still the best bang for the buck for the bandwith delivered. However, while getting it to initially work, that banging noise is the sound of your head ramming against a wall.
Hope this helps.
Bill Petrey,
I thought I was the only one having this hellish experience with AT&T UVerse technical support. I am trying to get a PTR record set up on AT&T’s DNS server. Please can you provide the information that discovered on your journey to success.
Thanks for all your assistance in advance.
Regards,
Jonathan Cohen
Jonathan:
Actually I’m sure EVERY UVERSE owner requiring PTR records lives in this fiery existence.
Recommended approach… If you’re lucky, use your domain registry service for DNS. Some allow you to setup all DNS records online. This is the direction I’m using for all new domains.
Backdoor to AT&T… I was able to get in contact with a technical contact by using WHOIS on their nameserver to find the technical contact.
TIP: The technical contacts are tech people inside their network that maintain their network. It’s not their job to help customers. So appeal to their charitable side. Also, give all your info when sending a request. They’ll need your UVerse Acct number, static IP addresses, domain names needing records, and list each requested record line by line. Also list ALL your contact info. Keep in mind that it may take a few days for them to call you back. If they have all the needed info, without having to contact you back, they will be more than likely to help you because you’ll appear to know what you’re talking about.
I’ve had great success with this approach, but it takes a few days.
The First approach of doing it yourself from your domain register website takes one minute.
I’ll let you decide which approach you prefer.
Help….. just switched to Uverse and I can’t get my HP2600N printer to work. Tech support hung up on me twice no return call. I simply can’t believe I can’t connect a network printer to that RG. Any suggestions would be appreciated.
You must be really frustrated to resort to asking a real estate agent for tech help.
If it’s a wireless connection:
Check your HP configuration to make sure that you’re on the right wifi network. If you are then it’s probably the authentication method (under wireless security) or your printer isn’t getting an IP address. My guess it’s probably encryption. Go to the 2wire Uverse box and temporarily, let me repeat TEMPORARILY, disable the encryption method by changing it to WEP open. If that works, then it’s a issue with authentication. Play around with different settings until you find one they both agree on.
If it’s connected by wire:
Check the Uverse box to see if it’s being assigned an IP address. You can get the MAC address from the HP configuration and compare it to the list of addresses on the 2wire. See if it’s enabled or disabled or any other wording that may look bad. I assume you’re trying to print locally from another device hooked to the uverse box. If you’re trying to set it up to be shared globally on the internet then DON’T.
Hope this helps. If not, a more detailed description is needed. Just curious, how many departments were you transferred to and how many hours did you waste on the phone?
Thank you for using AT&T.
Hi Bill,
I read your blog here with a smile, having just gone through a similar experience switching our electronics business Internet from DSL to Uverse. It started last Friday, and things have now calmed down to the point where there isn’t a line of employees at my office door with complaints about their Internet. It’s taken five service tech visits, and about double that many support calls.
I haven’t canceled the old DSL service yet. We run our own DNS and email servers here, and I set up a Linux box as a router to pass traffic from the old DSL IPS to the new Uverse ones. I had also set the TTL on all the DNS records to 300 seconds, so after changing the record on our DNS server (also having the old IPs routed to the new ones and changing the primary DNS ip with our domain registrar), the DNS info change seemed to go smoothly.
I needed AT&T to do a classless delegation to our servers for reverse DNS, so we can send out email directly to companies that need the reverse DNS to match our domain name. It was a challenge to find someone at AT&T who had a clue. But finally got to a lady who had never heard of it before, but was able to quickly figure it out and get it done.
My biggest complaint is that Uverse is obviously residential service sold to business customers. I had to go through a laborious registration procedure through the Motorola NVG510 modem’s web server to get connected. Why hadn’t that been already done? And I had to figure out how to configure the modem as a bridge because the service tech had no clue. Since we ordered static IPs, why hadn’t that already been done? And the modem’s firmware is atrocious. If the modem can’t connect to its hard-coded domain name servers, even for a few seconds, it redirects all web traffic to a page in the modem with instructions on fixing connectivity issues. Visualize that the first time there was a glitch in one of AT&T’s DNS servers, 15 of our employees were rebooting their computers and fiddling with network cables.
And don’t get me started on the bait & switch tactics of the Uverse sales people.
Anyway, Bill, thanks for the post about your experience. I really enjoyed hearing from someone else about the same issues. It’s this type of incompetence from Uverse that keeps independent IT consultants in business!
If you want more details about our setup, please ask.
All the best,
Karl
Karl:
Don’t forget …. “Thank you for using AT&T.”
I write that with a chuckle. Glad to hear you survived. Curious, I’m keeping a scorecard here. How many hours did you spend talking to support to solve one problem and how many departments were you transferred to?
I only had to wait once to connect to Uverse tech support, but that was a long one — over 1/2 hour. I suppose in total the time was probably 3-4 hours. After the first few exchanges with clueless techs, I mostly Googled to find answers. Like hacking into the modem via ssh to turn off redirects. My total time in this is probably 50-60 hours, including probably 15 hours on Labor Day weekend.
Before deciding on Uverse, we almost went with Ethernet over copper at about $400/mo. This was business-class service, with guaranteed uptimes and even sales people who know business Internet. You pay a lot each month, but it will be a while before my time doing this changeover has been paid off by the savings.
Karl
Bill,
Thanks for your invaluable insights. Three years later, they are still just as valuable. Of note was your comment on spoofing multiple NICs to get multiple IPs to a business-grade router/firewall. I think I will find a way to do port mapping rather than follow these instructions (for Cisco, not the firewall brand we have).
http://forums.att.com/t5/Features-and-How-To/How-to-fake-bridged-mode-with-U-Verse/m-p/2859191
My church office converted from DSL to U-Verse 10 days ago and our internal mail server was down for an entire week. They took our DSL line down 24 hours before the installation to reconfigure it, we did not get the static IPs until the U-Verse tech was about to leave and I specifically requested them, and then it took a day for our DNS changes to settle before we got complains that mail was not being sent. By then it was in the weekend and the clock started again on Monday morning. Internally we have three techs who support business IT, and we quickly realized that the PTR record pointed to sbcglobal.net (the company that gobbled up the former parent AT&T). I spoke to numerous techs, none of whom actually understood what I was asking. In spite of the fact that they did not understand DNS and PTR records, each one was unwilling to admit that he/she didn’t know and wanted to complete the call without transferring me. Once I found someone to correct it, the PTR record took exactly 48 hours to change, and they spelled our name wrong! The one time I got a very knowledgeable tech from the start was when I called in to complain about this! Within 10 minutes our IP’s PTR record was pointing to sbcglobal.net again, and five minutes after that it was correct. And yet, we still did not have outbound mail.
One of our techs did low-level SMTP testing, and noted that port 25 traffic never got to the destination mail server (he was watching the SMTP logs of the destination). For all of the people I talked to, NOT ONE OF THEM proactively mentioned un-blocking port 25.
Believe me, from now on I will call SECRET (if he’s still there), and never ever make a change to our 2-Wire configuration.
Thanks.
-jonH
After spending 2 hours and (another half thinking about it)with a tier 1 tech (make that 3 tier 1 techs)I am no closer to figuring out why my self hosted sites won’t load on my laptop at my father’s home running uVerse internet, when they will load perfectly from my laptop or any other device anywhere else including my personal residence where I have Cox Cable dsl. I read at one time that such conflicts occur with uVerse, but I lack that level of troubleshooting expertise. Any help would be worth $500/hr (unfortunately I cannot pay that).
Ron:
2 hours, wow, you were fast tracked.
Can you do a dstrace or nslookup of your web server from your father’s PC using windows command line prompt? I think those are the windows version of the command. Tend to get my Windows, Mac, UNIX, Linux, NetWare and Cisco commands mixed up. From his PC, can you resolve your domain name to the correct address of your web server? Sometimes PING will show IP address in results.
I’ve seen this problem before with either DNS or router table issues somewhere on the internet. May not be a UVerse problem but a routing problem or DNS problem instead. DNS and routing problems like this can be the fault of any router or name server along the path from his PC to your server. If others can get to it, more than likely the problem is further up the chain near his end. If it’s a routing issue, routing tables fix themselves as dead routes are discovered, removed from routing tables and those routing tables are propagated to other routers.
Experiment with using different DNS servers on his pc’s ip configuration. Also try accessing your site from his PC by IP address. http://ip_address:80
If that works then it’s definitely a DNS issue on his end. It’s an issue on your end only if no one can see your site.
Don’t think it’s a UVerse issue if other external users can access your site.
Good luck,
Bill Petrey