If you’re reading this, then you know I have a home website, with some of my older music output and this blog. I also have a handful of other unpublicized properties (a wiki, a private cloud, etc.) running on the same hardware. Many of these have been up for a *long* time in internet years: The first Wayback Machine snapshot I could find was from 2006, but the first post on the blog is actually from March 2005.
Over the lifespan of the site, I have changed the hardware it’s hosted on several times from a Mac G5 tower, to a first generation Mac mini, to an iMac, to a 4Gig Raspberry Pi, and finally to its current home on an 8Gig Pi. I have also switched internet providers multiple times: Bell, Rogers, Bell, TekSavvy, and now back to Bell. The reason I’m on Bell again (instead of TekSavvy cable) is because they finally ran fibre-to-the-home out to my house, and so:
I have been avoiding Bell for a while because OOTB Bell home internet service blocks incoming access to http, which makes any website you run at home inaccessible from the internet at large. Really, this is just a cash grab from Bell, since they will happily let the traffic through if you have a business account, at many times the cost. The truth is, I don’t run a business from my home, I just have a personal website that gets its traffic from family and a handful of friends.
What’s worse, Bell where I live doesn’t even want to admit they filter the incoming traffic. When I went through first and second level tech support, the people involved took forever to understand the question, then said that they were sure that nothing was filtered. After paying for “expert” Bell tech support and spending an hour getting them to understand what I was asking, the response was effectively “That’s just how we do it; there’s no way to change it”.
If anyone else hits a wall when attempting to get Bell to admit they filter traffic, here is a link that might be useful: https://www.bellmts.ca/support/internet/security/blocked-or-restricted-ports
Note that link is from a Manitoba Bell site, which means it’s not directly applicable where I am, but it is clear evidence that some parts of Bell do filter. In case, the page gets taken down, here’s the salient section:
Anyway, if Google brought you here, you probably want to know how I got the site internet visible again. The solution I found works, but is definitely a bit of a hack. What I did was tell the Bell modem to put my home router in the DMZ. This is perhaps not great security wise, but really it’s basically the same situation as when I was running on TekSavvy.
The next step was to tell my home router to connect via PPPoE. This gets the router its own connection to Bell, which bypasses the port blocking. To do this, you need your modem account and password. That information you can get from the “My Bell” website on the details page for your internet service. You can’t actually get your password (of course), but you can reset it to a new value and then use that.
Running a PPPoE connection is presumably costing me performance, but given that my internal wiring and switches are all gigabit (for now, at least!), I’m still getting close to the theoretical maximum to my machines. Here’s what I see on my home Mac:
And so all is right with the world again. 🙂 Note that there is still the added wrinkle that I need to run a DynDNS client to keep mikew.ca pointing at the PPPoE connection, but that’s not a new problem.
