Sunday, August 23, 2015

Framed Route Configuration for MTS Internet

I recently found out that you can have multiple IPs on a MTS (Manitoba Telecom Services) Internet connection. I haven't investigated this for a long time and this was a pleasant surprise when migrating a client from a more expensive Internet connection to MTS after MTS upgraded the connectivity in their relatively remote building.

Adding additional IPs with MTS is done by purchasing a framed route. The minimum size is 6 IP addresses for $9.95/month. Pretty good if you need an extra IP or two as our client did. The description of the service is here:
We have the framed route up and running for the customer and it worked very well once it was configured. What we ran into was vague documentation and a support person that wasn't familiar with it and messed up the configuration on the first attempt (a second tech was very helpful and got it right).

MTS provides the following document to clients:
The document provided by MTS pretty much just indicates to add an IP from your framed route range to your computer or firewall and it will all start working. However, that is not the case. Your modem from MTS needs to be configured to support the framed route. It's not hard to do, but there is no documentation available, and it's not widely understood by the support staff.

We did the install for a Pace modem. So, the screenshots below show what needs to be configured for that specific modem type.

After you have connected to your Pace modem, go to Settings > Broadband > Link Configuration.

At the bottom of this page, in the Supplementary Network section, select Enable to add an additional network.

Notice that the interface doesn't ask you for your network, it only asks for the address you want to use as the default gateway (router address) and the subnet mask. The Pace box identifies the network from this information. So, you need to determine ahead of time which IP address in your framed route that you want to use as gateway. This means if you purchased a framed route of 6 IP addresses, only 5 are usable because the gateway uses one IP address.

You should also select the Auto Firewall Open option to automatically forward all Internet traffic to hosts inside the Pace box. If you don't, you'll need to either forward specific ports in the Pace firewall, or configure additional DMZ zones in the Pace box. In our case, we were configuring a firewall behind the Pace box and wanted all traffic to be forwarded.

Tuesday, August 4, 2015

Optimize Network Connectivity for Office 365

Microsoft has just released a nice video on optimizing network connectivity for Office 365:
A quick summary of the video:

A lot of connectivity to Office 365 is not in your control. However, you should have an understanding of connectivity to the data center to your tenant. In some cases, MS has worked with ISPs to optimize connectivity in cases where there was obviously bad routing. For example traffic being routed unnecessarily over trans-oceanic links.

If you have high latency to Office 365 you can use tools such as PSping to look at connectivity. PSping performs a connection to a service at a port number rather than using ICMP packets as regular ping does. You can also use Network Monitor to identify some issues.

PSping is free from Sysinternals:
It's important to know that DNS lookups are based on geographic location.  For example outlook.office365.com will resolve to a different data center depending on location. If users are accessing through a corporate VPN they may be accessing inefficiently.