nanog mailing list archives

Re: AT&T U-Verse Data Setup Convention


From: Chuck Anderson <cra () WPI EDU>
Date: Thu, 30 Jul 2015 12:20:09 -0400

People need to really stop using Source IP as an ACL mechanism
whereever possible.  Have you considered using SSL certs or SSH keys
or some other sort of API key instead?  I'm mean, do you really want
to have to know how the technology of every ISP that every possible
SaaS customer may use to access your service is set up?

On Thu, Jul 30, 2015 at 04:02:06PM +0000, Keith Stokes wrote:
I’m wondering if some can share their experiences or maybe there’s an AT&T person here who can confirm policy.

I work for SaaS provider who requires a source IP to access our system to businesses.

Normally we tell the customer to request a “Static IP” from their provider. That term makes sense to most ISPs.

However, we’ve recently worked with an AT&T higher-up tech who told us that every U-Verse modem is locked to an 
address even when set to DHCP and will not change unless the unit is changed. Ordering a “Static IP” from them means 
your devices will individually get public addresses, which isn’t a requirement for us, isn’t quite as easy to add 
multiple devices and costs our customers more money.

Here are my questions:

1. Is it really accurate that the customer’s address is tied to the modem/router?

2. For my curiosity, is this done through a DHCP reservation or is there a hard coded entry somewhere?

3. Do all U-Verse modem/routers behave the same way? This particular unit was a Motorola but the friends I’ve seen 
with U-Verse use a Cisco unit.


Current thread: