Sadly I have no other options here in San Francisco. My house is not wired for phone service so I cannot get DSL. The various fiber services that are becoming more available in San Francisco are generally only available downtown or large apartment buildings. My freestanding house can’t get any of that. AT&T‘s new fiber doesn’t connect to me either. And webpass doesn’t have a good line of sight from my location to any of their microwave towers so I can’t get that. It is Comcast or nothing. It always amazes me that San Francisco is supposedly the tech capital of the world but internet connectivity here is worse than rural China. (And that’s not an exaggeration, I’ve spent plenty of time in rural China and in the mountains there, both the cellular and hardline service is infinitely better than San Francisco, aside from the firewall issues of course)
…I guess that turned into a bit of a personal rant but holy crap how is it 2025 and this is still a problem in a major tech city?
For a while I had fiber running through an XGS-PON SFP module in my own Fritz!Box. Now I use the provider's ONT (which is just a fiber <-> ethernet media converter) hooked up to a Unifi Cloud Gateway Max.
Plenty of folks here that have their UDM or OpnSense box hooked up directly to fiber with a Zaram XGS-PON module.
Also, I am sorry you have to deal with caps. Data has been unlimited here ever since we switched from 56k6 to ADSL. (I also have unlimited 5G for 25 Euro per month.)
Broadband is then extra special if you let the ISP also own the infrastructure as everyone has to reconnect their service to every house instead of one company (or forbid, the govt) owning the pipes and several companies competing for providing services over those shared pipes.
Imo the competition model doesn't necessarily (always) work that well for infra.
One of my connections here is 10G but I haven't tested any modules...
If you happen to be in the Netherlands, some of the KPN tech staff hang around on the Tweakers.net forums. They help a lot of users there who want to go down this road.
I pay $130 for 1.4gbit and unlimited data. It's expensive but I also have no other choices. Sonic stops only one block over and we haven't been able to convince them to wire up my block.
I also pay a little more than $130 for gigabit with a 1tb limit.
I wish I had options.
For fiber is it popular to use your own modem? I always bough my own cable modems (Surfboards) but once I switched to fiber I didn’t really investigate it. As long as the ISP gives me a “clean line” out of the modem then I’m happy.
I use about 4TB of download and 4TB of upload a month on average so a 1TB limit feels incredibly limiting.
I’m in Lexington, KY which can account for it being cheaper but if you told me 5-10 years ago that KY would have better internet than SF/San Jose/etc I would have laughed in your face. I also can get 2Gbps/1Gbps for an extra ~$30/mo but all my equipment is 1Gbps max so I haven’t considered upgrading until I do a more general refresh of my network hardware. I think they have 5Gbps (not sure the upload speed) coming soon but I haven’t followed it closely. And yes, I realize I could benefit some from having 2Gbps Internet, even if most of my equipment doesn’t support it because I could use some of it over Wi-Fi and the rest of it hardwired. My eero does support 2.5Gbps, just nothing else in my house does more than 1Gbps.
That’s also insane to me, I’ve spent quite literally my entire life chasing faster internet speeds and always paid for the best plan available (aside from 10x priced business plans) and now I’m passing up a 2x download upgrade because what I have works great.
In LA I pay $105 for "supposedly" 2-300mbit, but this week I've been seeing 30.
I keep looking for alternatives but haven't found any in my area.
The quality of service is the real problem. When the tower is busy (happens at least once a week), I usually drop to 30Mb/30Kb or so, which is little enough upload that even download-intensive applications often struggle. Plus, the jitter is terrible, latency is slightly worse on average, and 3 times so far I've had internet effectively down (spotty connections in the 1Kb/1b range) for days at a time.
Interestingly, "predictable uptime" is something I care about and is much better with T-Mobile. With Comcast I'd have at least one hang every 10 minutes or so for multiple seconds on an otherwise perfectly functional connection. With T-Mobile, it's either down for days (tower maintenance) or up (perhaps slow, but definitely up). That makes all sorts of near-real-time activities easier to coordinate.
I'd probably do it again (I don't think I actually have any options unless I get off my ass and finally sue Comcast), but it isn't a clear win.
It's more about availability.
I have 5G for home internet, and it's $55/month, including taxes. I get 100 to 300 mbps, though during lunch on weekdays that can slow to 50.
There are two other 5G Home Internet providers in this state. One wants $100/month for 5-100 mbps. The other won't let me sign up because it doesn't have the capacity where I am.
I think that is what the commenter meant: "...unless I pay a whole bunch of extra fees or accept a stupidly low monthly data cap"
(edit: I initially thought it was $15/mo for the gateway + no data cap but just checked and it is $25/mo. They are called "Xfinity Gateway" vs "xFi Complete").
There is also "gigabit pro"/"gigabit x10" where they run fiber to your house. That is $350/month for symmetric 10gbps. Lots of limitations on availability and a big install fee, though. Gotta get the other half on board with that ;-)
You don't need to plan for media consumption anymore. It's there when you need it. Want to play 100GB XBox game? No problem, it's here in <15 mins.
I’m not the first one to say this, but often it seems that faster Internet speeds have enabled completely new use-cases and applications that sometimes weren’t even obvious until a critical mass of people had the faster speeds.
My building in Oakland, CA has multiple options, including fiber. The Comcast folks setup tables at least once per quarter to help customers/residents. The cost was much cheaper. I now have gigabit fiber from Wave, and pay less than I did back in MA.
Are you sure it's a _discount_? They charged me _more_ for "unlimited" data and own modem. This change isn't new (at least a few years) but a quick google found recent: https://forums.xfinity.com/conversations/customer-service/wh...
We actually don't use that much data though, so just went with the data cap and our own modem, and never went over.
This was in the Seattle area.
If you choose the $25/mo option, you don't have have to pay to waive the monthly data cap.
We moved from lower Nob Hill to Russian Hill and were finally able to get fiber from Sonic. We went from ~300Mbps down to 1G (more like 750Mbps) and from $137/month to $50/month. Oh and it’s symmetric, very much unlike cable. So happy to get rid of Comcast.
Edit for disclosure: I’m a former employee, but I have no present affiliation with the company.
This (or a memory leak, anyway, something) is why I have my ISPs modem (I luckily can disable the router part; I think that might actually be EU mandated) on a smart plug. When my internet fails, I check to see if the modem is reachable, if it’s not, I go to Home Assistant, turn it off for 10 seconds and then turn it on again.
I guess I could automate it, but every 1-1.5 month is not enough to make me bother.
Once an investment has been made it's hard to justify making another large investment, or if one is being made it becomes very political and captured by vested interests.
This is not necessary. These countries are also very rich and can afford to upgrade infrastructure. I am in The Netherlands and have 4Gbit fiber. At the end of 2024 there were 8 million fiber connections, whereas there are 8.4 million households. Heck, even my parents who live in a small remote village can get multi-gig fiber (though they are happy with their 100MBit).
They just need a permission from our landlord, who said no way and blocked the fiber installation. We are stuck with Vodafone only...
I guess it is a better investment for them to smoke us out, renovate this place and rent it with three times more...
We left Germany in 2018. We have unlimited 4Gbit synchronous fiber and unlimited 5G.
I use Vodafone Cable 250/50 MBit/s for around 25€ (discount for new customers). Not very stable but good enough. 1000/50 MBit/s is available but costs 50€.
If you live together with someone you can always switch the contract taker and thus always get the "new" customer benefits to save some money.
Also in Germany
I recommend to check the law here :)
It won't be fiber speeds though.
Regulation created by ISPs to create monopolies for themselves.
Then between major ISPs they have under the table agreements to avoid competing in certain areas. This impacts all types of residential areas - suburban, urban, and rural. I believe it’s much worse in rural areas.
Why bother with providing good customer service or improving? They know you have no other choice.
Cellular networks functioning as ISPs have provided _some_ relief in this aspect but comes with its own drawbacks (congestion can get bad and you get throttled, and latency tends to be shitty all around).
The ideal municipal ISP I have seen is in Chattanooga TN. They (EPB) offer _residential_ customers symmetrical access starting at 1000 Mbps, up to 25,000Mbps. [1]
The 1gig plan is cheaper than GFi er and 2.5G plan is competitive.
Plus this money is kept within the ecosystem of this area. Creates high paying jobs. Profits reinvested into network rather than stock buybacks or some C-level executive that “super commutes” in a private jet.
you ougth remember because it happened three times.
> I’ve got my router downstream of theirs
To my understanding this is partially for them to push their crowdsourced WiFi, and maybe an easier way to sell you an all-in-one security/internet/TV package.
When I explained that I would just their device as a passthrough, and that it would be a waste to have the device here, she removed it from my account.
Now, what I don't know is HOW they check whether I'm using their device. MAC? Easily copied. Them sending some commands that only their devices can respond to? Yea, that's a bigger problem.
Insects love electronics, with the heat and noise they generate. And when electronics sit in storage for a long time, the critters can crawl in from neighboring items.
This is just as likely to happen with a non-ISP router.
Ok, in all fairness I don’t have any stats to back up that claim. But nobody else does either.
That open source router you love so much may have been sitting in storage even longer.
I have mixed feelings about ISP routers, and ISPs in general.
But insect infestation is a serious issue in consumer electronics and has nothing to do with ISPs.
When it's shrink wrapped?
And why would a used device be on the shelf next to the new router I was buying?
You can argue this is "just as likely" with used devices, maybe. But if I'm buying a router it's not going to be used.
This is the case of Iliad in Italy.
In Germany you have FTTH installations where Telekom puts a mini Fiber Gateway in your home and an extra router dials with the credentials to access the internet. In this setup, you can use OpenWRT or other routers, rather than the Fritz!Box or the Speedport routers.
The linked article is about a live cockroach colony in the package when it was delivered from their ISP. If that went unnoticed, what would you think about their supply-chain security?
If you get insect-infested packages from wherever you get your electronics, you should switch suppliers. It is not normal.
Letters too.
They’re usually not there. And there more often dead than alive.
But from time to time, the critters to crawl out.
So yes, ISP routers and associated equip I do not recommend!
I do sometimes miss living in Germany.
[0]: Press release in German: https://www.bundesnetzagentur.de/SharedDocs/Pressemitteilung...
____
[1]: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32...
[2]: https://umap.openstreetmap.fr/en/map/router-freedom-tracker-...
Used to be you could find out there what works and what doesn't down to the chipset variations. My experience was same as yours, as long as I matched provider capabilities, it worked.
Yeah. I saw it mentioned in a response to Karl Bode (TD). Sorry to see it gone.
I joined in DSLR in 04 and dumped more hours there than anywhere else, ever. It wasn't the same after the database crash in the mid 10s. When they shuttered the new-music thread, I finally moved on.
It depends on the ISP. Over 25 years of IT support I've had to fight with about 30% of them to bring in my own device.
Most notable screwery was with Verizon DSL. They'd lease a new public IP every time we tried an incoming connection. As fast as I could record the new IP in the remote config and reconnect - my IP would change. I was able to push it past six changes/min.
Regionally is a total crapshoot as to ISP choice, in my experience. Even in the massive regional cities it's often appalling. People living in rural or remote areas might as well not exist. If I moved somewhere that only telstra serviced I'd seriously consider just not having internet at all. It's roughly equivalent in internet access as paying telstra but it sure is cheaper!
You don't actually need a secondary modem and can plug your pc directly into it, takes a lot of the pain out of it and reduces the need for ISP supplied modems.
I could be wrong, but I think AT&T Fiber is the only US ISP that doesn't even allow you to directly connect to their network. If you use any of their provided routers, they only offer "DMZ Plus" mode that still leaves their router/gateway managing state tables, which is vulnerable to hardware and software issues from the ISP. This leads people down the path of programming SFP+ modules and spending a lot more time than they should have learning about ISP networking, just to have a safer router/modem.
[0]: Due to security issues in the router/gateway firmware, various people have published guides and/or run actual businesses shucking routers/gateways from AT&T by exploiting them, grabbing the certs and private keys, and then re-selling them to people who need them. These don't get you free access to the internet or anything, they just let you authenticate to the network with your own device.
I would be in agreement with it if we were using all this to steal service, we just don't want to use their unstable and unacceptable equipment.
When the prepaid shipping box never arrived, I called them and inquired. The representative told me that, since it was 5+ years old, they didn't want it and I should throw it out as e-waste. I still have it in a closet somewhere.
Might be a regional difference, but in my case I never felt that the box was mine.
They'll have to pry it from my cold dead hand when I move.
If you do go down the general-purpose cpu (x64/arm) route and your ISP uses PPPoE, you may need to tweak so that the rx queue is handled by multiple cpu cores as they will default to the first core by default.
On that note, it's better to buy a router separately from the modem. All-in-one devices are harder to diagnose and you can't reuse the router with a different connection type.
Put an OpenBSD machine to act as a router/firewall between supplied devices and your own network to keep things clean.
That's why my ISP forces me to rent theirs!
Something something market dominance in one market something something force dominance in another market …
In the end, I just treat the network like any other: assume the network is compromised, and security is/should be done by the endpoints.
> I spent decades as a network engineer and then architect.
As an engineer, you've no interest in hosting your own services?
I’m fortunate enough to have fun at work, that may well be part of it.
I used to run my own DIY router setup for about a decade until I realized it wasn't adding much value anymore.
Anything that needs to be visible publicly I just throw on a VM in the cloud these days. Keeps my home network "normie proof" and calm. Anyone visiting can find the modem, locate the password and get online without forcing a 45 minute IT change order circus in my own home.
What do you mean, "time"? It's automated.
I turned off remote access and TR-069 through a toggle in the settings, then changed the admin password. Really, that's all you need to do to take control of one of these routers.
There are good reasons to dislike the AVM routers, but their software is actually pretty solid in terms of customisation and network security. It's not a bad device, and the large scales ISPs can order them at they can be had for a significant discount as a rental compared to buying your own in a store.
One of my employers once ordered a pallet of Huawei routers. They turned up with a custom firmware provided by a different ISP. It was completely locked down, and only configurable via TR-069 and some proprietary Huawei ONT magic.
I also had a customer once that deployed a series of routers that were cloud managed only via the ISP. Not even TR-069 but they just did DHCP and phoned home via a proprietary protocol. Magic my customer said, he can just reboot customer routers remotely. The company that manufactured that router went bust 8 months later, leaving a bunch of preconfigured routers without a cloud portal and no path forward. Surprised I havent seen a DNS hijack published for them yet.
All major ISPs in the US do not do this, e.g., AT&T, Verizon, Comcast, Frontier, etc. You might be right for some ISPs that are nicer, but this advice is completely ineffective for most US consumers.
the thing went in the bin the next day
Or are you talking about something like a Dream Machine Pro Max where the you'd plug in the fiber into the SFP module?
You may well find something that fits your situation with a little searching.
FWIW their box isn't bad once you put it in bridge mode. I have 10gig on my lan and 3gig to the edge and the connection is impressively stable at 3gig. I get 1 ping sometimes when playing Fortnite -- I'm on Vancouver Island. Comical if not inaccurate.
My only real issue with having their box is it sucks maybe 30watts ... Removing it would give me an extra 20 or so minutes on my UPS.
US? Not Verizon/Frontier or the shared fiber networks. I'll need their ONT, if that's what you mean but it's always my router.
AT&T is another matter. I avoid them whenever possible.
Getting rid of a GPON router can be challenging now that everyone is moving to fiber.
-For one, you could get banned for having a problematic transceiver. -You might be able to spoof the SN and even MAC and PLOAM password but even then there is a GPON ONU and OLT incompatibility problem. Nokia OLT for example can be notorious while some OLTs only work with their own brand ONUs. -Finding the correct VLAN is also tricky and sometimes different VLANs are used for different services like POTS which means your GPON bridge needs to be able to do correct pass through after registering instead of registering on just one VLAN.
ISPs should just provide a GPON SFP bridge to consumers with the router it plugs into that has a TR-069 configured so that the ISP can also swap routers as and when they get upgraded while keeping the SFP bridge constant as the cost of router would then decrease without having to need a GPON ONU to be built. Not to mention the software gets less complicated without GPON on the router end.
https://www.pcmag.com/news/isps-cant-charge-you-for-using-yo...
Unless they come up with a BS security excuse, like cert based auth to their network, which means they claim they cannot offer people to BYOE. I bought an old DSL modem off eBay some years back and tried to get AT&T to waive the rental fee (honestly thinking I was in the clear).
They were not having it. I filed an FCC complaint and in a few days got a call from the office of the CEO saying the equipment was still technically theirs and "gray market" and they could sue me if they wanted. I did get that rental fee waived.
I got off AT&T as soon as humanly possible after that. I used to think they were less shady than Comcast, but now I know otherwise. Comcast, for all their egregious nonsense, at least lets you BYOE.
This is how I did it:
Avoid ISP Routers - https://news.ycombinator.com/item?id=41092571 - July 2024 (26 comments)
My current router is a NanoPi r6c which is a marvelous piece of hardware - stick in an nvm drive and it's more than happy running a bunch of containers. (It's running FriendlyWRT at the moment though I think the next release of openWRT will support it).
If they're desperate for the $10 per month box rental, I'm sure they could just levy a $10 per month BYOD "support fee" to make equal, but it sounds like in some places they're charging way more as a penalty.
I know some of them were very aggressive about using home routers to provide coverage for roaming Wi-Fi, but that doesn't seem as big a push as it was. I suspect this corresponds with a lot of them getting into the MVNO business lately.
Do they result in a disproportionate volume of support inquiries, or maybe ones that they can't just dispatch by trying to send a remote-reboot signal down the line? I could see addressing that by moving towards a fee-for-service-call model if you need to call the "custom configurations" hotline.
I've been meaning to buy and setup a mesh, but they sent me an extender for free, and they haven't charged a modem rental fee either like Cox/Comcast did, so I've been living with "free" for awhile until I see a good mesh router on sale.
They have inexpensive devices (Hex wired router will handle up to about 1 Gbps), and they receive software updates for longer than any hw manufacturer I can think of.
The main gateway router in my household has become something that needs to work reliably, not something I can (or want to) tinker with all that much. The MT devices are infinitely flexible, but rock solid and cheap.
My main goals were to improve throughput and security. Opnsense seems to work well OOTB, but being a dilettante in these matters I must admit to having a nagging anxiety that I may have misconfigured something important.
Any recommendations for a reliable way to check that?
Now if i can find a soundproof server rack so i can put my noisy servers without noise seeping through the house.
What router should I be using in place of the ISP one? Can I trust it's manufacturer? How can I make sure it definitely is a one to one replacement and I don't need to use my isp router as a bridge?
It does not require networking experience, just a bit of curiosity and following a bunch of well documented steps.
Knowledge is required to build a decent setup. It doesn't end there for a proper environment, you also want a VPN, this can be configured at the router level. Oh, what about an ad blocker, blacklisting all known ads serving hosts perhaps?
Given the time we spent hooked online, worth gaining what really is vital knowledge for a decent internet access, or the internet will gain most of your precious attention.
Intel NICs are generally preferred over Realtek if available.
I have been quite happy with the experience.
Ooof. pfSense on retired hardware is cheap, like free. Using them since 1.2.something. Mid 00's.
Sometimes they just don't allow you to use it. In the past I've had ISP router that had a heavily restricted custom firmware on it and a "hidden" username password setup for authorizing with the ISP. I couldn't use my own.
In that situation I had to aim to use it as the modem and have a second router it unloaded to. Not ideal.
Now I can freely pick hardware with my current ISP. Just need to find the time/money to upgrade to fibre everywhere to capitalize on the 10Gb/s.
Having said that It would be nice to have control over the ONT as well. there are PON sfp optics, that may be the easiest way to set up your own fiber capable router. I have heard it is tricky to to talk the isp into allowing your modules, you probably need to know a guy that works there.
https://egbert.net/blog/articles/ports-used-in-verizon-netwo...
There are also ONT/media converter boxes that'll spit out ethernet if you plug in a fiber and set the appropriate DIP switches. I found one hanging in my apartment when I moved in. I've also seen people sell them on second hand marketplaces (probably not realizing that they're technically property of the ISP). Buying newer ones that spit out more than 1gbps as a consumer can be a challenge, though.
There's a nice variety of small Linux router boxes available online that are relatively low power but still offer good connectivity through SFP(+) ports. Getting Linux running on those is easy, the challenge is in figuring out how to active the connection.
The other thing you can run into is, even in bridge mode, there is a relatively low session limit. The exact number depends on the model you get but some were as low as 4,000 (which sounds like a lot until you start loading background apps on devices and connecting to webpages which are actually dozens of connections per in many cases). The newer boxes aren't as bad... but it was still worthwhile for the effort.
I joined the 8311 discord and will be doing a full bypass as soon as feasible.
This is nicer than it seems because "I've already tried a completely different modem" is a good way to short circuit ISP troubleshooting scripts IME.
This is the 2nd time I've heard this in this thread and it baffles me. Setting up a fiber connection is how I know I won't have to fight for control at the edge.
> I get AT&T fiber...
Okay, okay. AT&T excepting but that goes without saying. Wherever they are you want to be elsewhere.
So when an ISP borders (and often more than that) on criminal practices or being malicious - which is a lot of them - they're laid prone to all the upstream garbage
(Defaults matter)
That said, I have run into issues where the ISP will upgrade the speeds and it will be beyond what the modem or router can handle, and as a result the speeds dropped dramatically. In those cases, I did need to hardware, but was still able to get my own.
Even 10 years ago with Comcast I’d have to call them and challenge their gaslighting to get it working. The model I had was listed on their website, but they would tell me it wasn’t supported. About once a year they would kill it and I had to call to get it working again, where they would again tell me it wasn’t supported, but with persistence on my part, they’d eventually register it and get it working again. I haven’t had as many issue with this recently with Comcast, but I figure it’s only a matter of time.
OpenWrt is pretty amazing, my router downloads torrents, blocks ads, runs a VPN client (enabled per-device) for watching geo-blocked streaming, serves content from a USB drive to my TV, among other things.
> The ability to update the firmware may also be locked down. You should have full control over firmware updates.
Bizarrely, for DOCSIS modems, even if you buy your own modem, the ISP has control over firmware! They can (and do) push any arbitrary firmware to your modem. The manufacturers go along with this for some reason.
So make sure to separate your modem and router too.