Bridge mode


  • Hi,

    Can someone tell me what bridge mode means? My device only works when I put it on Bridge mode.

    I just bought an AmpliFi AFi-HD Multiroom wifi kit.
    My modem (from the internet provider) is in the cellar. From there I have an ethernet cable running up to the first floor. And that is where I plug my Amplifi router in. In normal mode it doesn't work, it only works in bridge mode.

    But my wifi mesh is not working properly. When I use the wifi on my phone on the ground floor and I start going up, I can see my signal become weaker. When I reset my wifi on my phone I get full strength again. As if the phone stays connected to the antenna, while the connection is better/stronger from the base station.

    That is issue number one. A 2nd issue is my PC. Which is connected with ethernet. I am currently playing a game called division 2. And every day I am disconnected from the game once or twice. As if connection is suddenly gone. But when I test my connection right after I lose it, it works fine. Not sure how I can trouble shoot this.

    I hope someone can help
    thanks!


  • Bridge mode connects two different networks in a way where that connection has minimal management and interference. "Management and interference" can include things such as firewalls, NAT, port redirections, and much more. It's almost like changing the device into a switch instead of a router where it just connects things together in one big happy network.

    In your case, you have 2-4 networks:

    1. The Internet
    2. The ISP's network outside your modem/router (your modem/router's WAN port, effectively)
    3. Your modem/router's internal network (your modem/router's WiFi/LAN ports & the AmpliFi's WAN port)
    4. Your AmpliFi's network (your AmpliFi's WiFi/LAN ports)

    Between every one of these networks can be a layer of management, that we call NAT (Network Address Translation). This is what allows your ISP to give you one public IP but all of your devices inside your house to have their own internal IP addresses. This NAT layer will route/map all of the various connections to your one public IP to your various internal IPs. This is a complicated thing but generally works really well, but only if there is just a single NAT layer. Major complications arrise when you have a NAT layer behind another NAT layer (also commonly referred to as a Double NAT) and you always want to avoid this. Even if you can get a Double NAT to work, it'll break a lot of things that may not be obvious at first.

    In the hierarchy of networks I listed above, most (but not all) ISPs will bridge networks #0 & #1 together so there is no NAT layer there. This is ideal and common, so I'll go with the assumption that you can just pretend that distinction is not there. If your ISP has an "upstream NAT", then you're already starting out in a tough position to get things working well and dealing with that is beyond the scope of my post.

    Now you next have your ISP's modem/router that you seemingly cannot put into Bridge Mode. This means that your modem/router is creating a NAT between networks #1 and #2. Like I said before, you only get one NAT and if you use it up here, then you cannot have any additional NAT layers. This is why you are seeing that the AmpliFi doesn't work well when it's in its default Router mode since that creates yet another NAT and you then have a Double NAT. But when you switch the AmpliFi into Bridge Mode, you remove this Double NAT and you now meet the single NAT rule I described above. Sadly, fixing this is outside of AmpliFi's control. But this explains why Bridge Mode works as it just connects your networks #2 and #3 into one big happy network.

    A few options to change this:

    1. Put your modem/router into bridge mode (you said this isn't possible but do verify with your ISP just in case they can toggle this for you - some can)
    2. Replace the modem/router with either just a pure modem (this is ideal as they don't have a NAT) or a modem/router combo that does support bridge mode)
    3. Create a DMZ behind your ISP's modem/router device (if it supports it) with your AmpliFi router being the only device connected to it and all ports open to the AmpliFi device. This is a bit of a hack, and your modem/router device may not support this, but this hack might serve well for your needs. Remember, NAT is an IP translation layer and if you can set it up such that this translation layer doesn't actually have to translate anything and just passes it forward, you are effectively removing it from the picture, if done right.

    Sadly, if you are stuck with your ISP's modem/router and it cannot be put into bridge mode, that puts you in a bind. Likewise, if your ISP has an upstream NAT, that also puts you into a bind. My fiber ISP is actually one that does that BUT they only do it for customers without a static IP. I lucked out there since I need a static IP.


  • @shane-milton said in Bridge mode:

    ehind your ISP's modem/route

    Thanks. I will try this.
    Cheers!


Log in to reply
 

Looks like your connection to AmpliFi was lost, please wait while we try to reconnect.