Hi All,
Looking around here I cannot find a definitive answer as to what would be the best setting for my ISP modem/router. At the moment the eero is connected to the modem (through a powerline adapter) and everything seems to be working ok.
The general benefit people mention about bridge mode for the modem is that then you don’t have double NAT and you can (for example) use a VPN server at the edge of the network. However eero seems not to have VPN and the rest seems to only impact incoming traffic.
So, back to the question: should I put my modem in bridge mode and what would be the benefits or downsides?
Thanks!
I prefer double NAT. Three main reasons:
- My ISP router sometimes flakes and fails to route for a spell. Internally, I have equipment that talks to each other but not the internet (primarily PC backups to NAS, and a NAS-based DVR and related apps on TVs/phones).
- I can use the router’s wifi for IOT as a guest network-- but not have it set up as a guest network where devices are isolated. Some of my IOT devices don’t work well with guest network isolation.
- I don’t trust that my ISP will update firmware as regularly as Eero pushes out updates, although in fairness I just checked and it was last updated in Sept. 18, 2020.
With double NAT, I have tried both having the Eero in the DMZ and just using port forwarding to the Eero and, in both cases, then (re)forwarding from the Eero to the device. With this, I’ve managed to expose a Raspberry Pi-based OpenVPN and un-VPN’d Remote Desktop to a specific PC. I think I was more successful with the DMZ-based solution.
The main reason I’ve found for bridge mode is device control. If double NAT’d, the ISP router recognizes all traffic as from Eero. In bridge, the ISP router lets me set more granular control on my kids’ devices than on/off and the few filter switches in Eero Plus. It’s also somewhat more convenient to do direct port forwarding than relay it through the Eero.
No. You can run a VPN server either way, FYI, bridging doesn’t impact that. There’s a slight benefit in that there are fewer things that can go wrong as packets flow in and out, but it really is slight, more of a preference, if you will.
There is no reason not to use bridge mode in most cases where the modem is not providing services to any other ISP equipment (TV or phone). If nothing else you reduce the complexity of your network, which means less to go wrong. You might also see imperceptibly better latency and possibly fewer issues with gaming or smart home stuff that need unrestricted internet access.
I’ve always run double NAT. I have a couple of things like my voip plugged into the ISP router. I basically have a DMZ between the two. I haven’t had problems with anything behind the double NAT.
I know a lot of people bridge the ISP router and that’s fine, but I prefer having a DMZ.
Double NAT on most routers really sucks, but since eero supports port mapping punchthrough, it isn’t a big problem for most people.
Hi man, yes it is better to use your eero as a gateway, so your modem/router should be with turned off wi fi or in bridge mode. You can get a VPN with eero secure +, but when your eero is the main router, you can set up a lot of things of your eero app, to open ports and make ip reservations for example, when you have eero, and you do not use it with all features it works like an extender of your isp and you pay for options that you do not use 
I think this clarify what I was looking for. At the moment everything works on the eero, even games like rocket league are perfect (I may have added about 10ms of ping so no big deal) so I was wondering if all the fuss about double NAT is justified.
I will try again to remove the NAT from the modem but every time I did so everything stops, so I need to first create some static routes.
Thanks!
That’s interesting. My modem has the option of disabling NAT, would that be the same thing or enough? I reckon that if I put it in bridge mode then the eero needs to connect to the internet with PPPoE, but is it capable of doing so?
