Uverse RG MAC Abuse

Symptoms: Uverse service and hosts with multiple IPs losing reach-ability.

Cause: Uverse "RG" firmware abuses MAC addressing for the sake of security.

Workaround: Add a router and take advantage of "router behind router" feature.

I have had Uverse for 3 years, and in that time I have learned to live with the fact that the "RGs" firmware is broken. The manner in which MAC addresses are used to secure devices to IP address within the built in firewall limits the ability to utilize a pool of static IP addresses in a simple way. i.e. not having a NIC for every address. One way I fixed this was by doing some creative natting on a Cisco router and applying the additional IPs as standby addresses with unique MACs. I found that this method was successful but somewhat painful to get the RG to initially see the other MAC/IP combinations. With the latest conversion from DSL to Uverse I attempted to use the "router behind router" feature. I configured a spare Cisco router with a 192.X on one interface, and the public static IP block on the other interface. Configured routing and everything worked better than expected. The end result is using 1 additional layer 3 device to separate the "MAC abuse" from the RG and place ownership of the public IPs on a separate device.