I am considering buying & hooking up the Ooma Telo with my line-of-sight ISP and Linksys WRT54G wireless router.
Reading the Ooma reviews, I come across this line: "Note, you filthy pirates, that this will double-NAT your network unless you put your existing router in bridge mode."
In this review: Review: A month with Ooma, the lifetime free VoIP system
formatting link
Can you tell me in plain English what this line is trying to tell me?
- Why is he directing this to 'filthy pirates'?
- If network address translation is good, is double NAT better? Why?
- Is he actually recommending "bridge mode" (whatever that is) or not?
I know the basics, so, if you can tell it to me with basic talk, that would be great. Basically, if I get this Oooma Telo VOIP unit, would I want to hook it up before the router, or after? And would I want to put my router in this so-called bridge mode or not?
PS: I'm not a pirate so I'm not sure if any of this applies.
I can say that I have 2 routers (wired & wireless) and had to put one in bridge mode, i.e. you do not want 2 things giving out ip addresses. Your hookup would go modem -> Ooma -> router -> rest of your network.
Most home user routers or DSL Modems/routers are setup by default to use a NAT IP address values on the LAN side. The usual range of IP address assigned using NAT are not able to be routed over the internet. The user's local router knows the final physical device address and as such is able to complete the connection to the internet for you.
When you add a second router also using NAT into the mix things get tricky. The final router in the link at the user knows the local devices but when it tries to forward them to the internet it gets blocked by the second non-routable NAT address in use by the other router or DSL/Cable Modem box using NAT.
Bridge mode basically turns off the router functions, so that the internet IP address that comes in from the WAN goes directly to the LAN with no change in IP address. The second router is then able to forward it's NAT'd devices out over the internet using the routable address being supplied by the first box. With NAT turned off a box that has more than one "LAN" port becomes basically an Ethernet switch with all ports showing the same IP address as supplied by the ISP or device upline from it.
I found the review at the following YouTube link quite interesting.
I assume he's talking about port forwarding. Filesharers and gamers, for example, typically need to forward certain ports to get their respective apps working, and double NAT makes port forwarding a bit more complicated because it has to be done twice if there are two NAT routers connected back to back. Putting one of the routers in bridge mode eliminates the double NAT, somewhat simplifying things for people who need to forward ports. If you're in a category of people who don't worry about such things, then double NAT is no worse than single NAT, IMHO.
NAT has its pros and cons, but double NAT probably brings more cons than pros for many people. Others won't see any behavioral changes at all, so it depends on the specific situation.
If double NAT is a problem for you, then putting one router in bridge mode will help because it eliminates the double NAT. On the other hand, if you have no apps that are affected by double NAT, or even if you do have such apps and you're comfortable with making the necessary router config changes, then double NAT is nothing to be afraid of.
I would connect it to the LAN side of your existing router. If you do that and it works fine for you, (no QOS issues, for example), then the whole bridge mode argument is moot.
Sigh. Ooma works, but I'm not thrilled with the prices.
For example, I'm paying $75/year for Future-Nine.com. Breakeven with Ooma would be in 3-4 years, by which time the Ooma hardware might be considered obsolete. (Hint: Computers are NOT a good investment).
True. The problem is that the required STUN server will not traverse double NAT. See techy details at:
In many application scenarios it is common that both endpoints are located behind a NAT. This double-NAT problem is often not easily overcome even with STUN and sometimes an intermediate application proxy server is required. I've tried double NAT with various VoIP applications. Outgoing calls usually work. Incoming, through double NAT never does. Check with Ooma to be sure, and ask whether they support RFC3489 or RFC5389. If RFC5389, it *MIGHT* be possible to answer calls.
Nope. I deal in technobabble. VoIP is NOT simple or easy.
No clue. The reference makes no sense and trashes an otherwise tolerable product review. Pirates are usually those that engage in theft of service. I suggest you ignore it.
NAT is a cute trick that single handedly saved the internet from an early demise. Were it not for NAT, we would have run out of IP addresses long ago (instead of running out next year). NAT allows you to run a large number of computers hidden behind a single IP address. That's the good part. Everything else about NAT is problematic. Port forwarding is an ordeal processes needed to deal with incoming connections (VoIP incoming calls, interactive games, etc). If you have an application that is hard coded for a single IP address, you can have exactly one computah running that application behind your NAT router. Connecting to the modem (or OOma) device THROUGH the router is also a problem that requires setting up a static router. Lots of other compromises and limitations which I won't detail.
A second NAT router (double NAT) makes things even more complexicated. Such arrangements are common in coffee shop hot spot systems, where it is used to isolate the coffee shop machines from the customers. It's also used in some private networks for connecting to a remote office via a VPN that traverses the internet over a single IP address. Again, it can be made to work, but you really need to know what you're doing.
Bridge mode means turning OFF the routing function in the router. I have zero technical info on the workings of the Ooma device, so I can't offer any specifics. In the case of various Linksys VoIP routers, I simply ignore the WAN (internet) port on the router, plug one of the LAN ports into the main internet router, disable the DHCP server, and it works. In effect, I've disabled routing (and enabled bridging) by simply not using the router section. No clue if Ooma can do that.
If it can't, then your other option is to do the same with your WRT54G router. This may not be desirable. More specifically, I think it's a lousy idea. Putting the main router into bridge mode disables all the firewall protection and services in the WRT54G and counts on Ooma to provide firewall services. Not recommended.
Incidentally, this hassle is why STUN services were invented.
Too late. You get technobabble. I don't have time to make it simple.
Dunno. I have no real info on the Ooma. Ooma does give a clue at:
However, I'm not going to guess what they're trying to do. A real data sheet on their VoIP device would have answered any questions, but apparently Ooma does not seem to want such details disclosed. You probably should dig though their installation support forum at:
for a more specific answer.
Let me know if you want links pointing to instructions how to become a pirate.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.