*Note* All content is redirected from nexusshield.com to here, nexushield.com is being phased out.
Background
Google Fiber is great. For just 70$/month one can get true gigabit internet, both upstream and downstream.
However, the router (Google dubbed Network Box), is, to put it lightly, not good. The few features it has only seem to work half the time. There is no bridge mode on the unit; there is no way to turn off DHCP, and no DMZ functionality. I originally posted a guide directing users how to bypass all the controls Google has put into place to prevent a customer from using their own router. The previous guide required a managed switch that was ~70$ and a high-end consumer router, or a good pfSense/linux router machine, view the original guide here. Ever since then I have been looking for ways to improve this situation in terms of making it more accessible money-wise and knowledge-wise.
Enter Ubiquiti’s Edgerouter lineup of products, these are feature-rich enterprise-grade routers that have a very reasonable cost. Ubiquiti’s EdgeOS is based on debian linux and therefore highly customizable. With even the lowest end Edgerouter, which should run you under 100$, you will be able to get rid of the need for a middleman switch and make use of the full 1Gbp/s download/upload.
Important Notes
The attached script will setup Interface 1 as WAN, Interface 0 as LAN (192.168.2.1/24) and no touch any other interfaces.
The attached script will need to be run as root on your Edgerouter.
You will want to modify at least line 101 on the script to change it to your domain name.
You may also want to modify like 104 to your timezone, if you don’t live in Provo.
Packages do NOT survive system upgrades, if you upgrade to 1.6+ in the future you will have to apt-get the vlan package again, or run the script again.
If you do not have TV service you do not need to run the second script.
Before running the attached script you should upgrade your Edgerouter to version 1.5/1.6! Follow this guide for assistance upgrading your edgerouter.
Hardware
Buy an edgerouter: here
Preparation
You will need a SSH client: Putty
Plug your edgerouter into power.
Plug an Ethernet cable into eth0 of the edgerouter, and the other side of the cable into your computer.
Plug another Ethernet cable into eth1, and plug the other side of that cable into the Fiber Jack.
Set your computer’s ip address to 192.168.1.2, so we can communicate with the edgerouter.
SSH should be enabled by default, open putty and type 192.168.1.1 into the “Hostname or IP address” field and click open.
Click Yes to continue with the SSH connection.
Scripts
Running the script
You should get a login prompt, the default username and password will both be “ubnt”.
Type in “sudo su” to switch users to the root user.
Simply copy the script content off of this blog and right clicking in the putty window should paste it.
You should see the script running and configuring your router.
If you have TV Services through google repeat the above steps with the TV script.
Other things you might want to do
Change the default password for the ubnt user. This is done with the following command:
set system login user youruser authentication plaintext-password PASSWORD
Set your computer’s ip address back to DHCP.
If you do not have the technical skills to implement this yourself, you can contact an IT support provider, like https://netswat.com.
james
Thank you so much for this I have been wracking my brain over the last week trying to figure how to configure my new GF install next week after I found out they were not bridging. I was almost 100% set on using a managed switch until I came across this post and having used Ubiquiti WAPs in the past I really love their product and happy to see this solution. Looks like I will be picking up an Edge Lite and having a go at making it work.
Bryan
James, just curious, did you get this and make it work with this guide? I’ve been dying to get off the GF network box as well just looking for something that will work.
Chris
Is this post still current with Google Fiber TV Service does the script still work?
info
As far as I know it should work. I no longer have Google Fiber TV Service so i have no way of testing it.
Barry
Have you gotten this to work on a USG? Tried doing the manual configuration (changed the interfaces to match whats on the USG) but it either stops routing traffic or it doesn’t help the speeds.
info
I don’t have a USG and have never tried. I would think that the configuration would be very similar, though. It also appears that it can push the pps (packets per second) required to get full gig.
Logan B
I’ve seen elsewhere that this works with the USG but the only question I had is that the eth0 port on the USG is really the WAN. On the EdgeRouter Lite the eth1 port is the WAN.
Aaron
I have a brand new Edgerouter ER-8 and updated it to 1.9 before I noticed that this script is written for 1.6.
I can’t get it to pass traffic from WAN to LAN but it is entirely possible I did something incorrectly. It is my first time using a Ubiquiti product.
have you tried this with 1.9? maybe I should drop back to 1.6 and see if that makes a difference.
info
As far as i know it should work for 1.9. I am unable to confirm as I don’t currently have an edgerouter to test on. There are many using this config though and i haven’t heard of any issues with newer versions.
aaron
I figured it out based on this post on the Ubiquiti forums:
https://community.ubnt.com/t5/EdgeMAX/Google-Fiber-with-5-Static-IP-Addresses/m-p/1478901/highlight/false#M97404
Google has changed their setup and creating a vlan2 is no longer needed. It picks the IP right up via DHCP.
Thank you so much for your work on this! it has helped me immensely!
undert0wn
Hi Atlantisman, I have successfully swapped my Google box for an ERL thanks to your initial drafts. Thank you for paving the way. I remember last year when I was scouring through message boards I came across one that had drafts for a few other routers as well. My question is if it is possible to use a Cisco ASA5505 with fiber. Thank you.
info
I don’t see any reason why not. However, according to the cisco spec sheet the max throughput of the 5505 is about 150Mbps. Additionally, the 5505 only has 100Mbps ethernet ports.
Jay C.
Hi, I am not sure if anything has changed but I am not able to even get a link light when I connect the cable directly from the fiber box to my ethernet port on the Edge Router Lite; it’s set to DHCP/Auth Neg. Thanks! -Jay
info
Is your fiberjack powered on? I know the newer NB models provide power via POE and you need an external power brick without it.
Kevin
For the TV service:
How will this work with the DVR /network box combo? The network box hands out DHCP addresses, so if I plug it into my LAN, it’ll conflict with the DHCP router on the ER, right? But without it plugged in, I won’t have any DVR. Or, am I missing something?
Thanks for all the work on this!
info
The only way to use your own router with the v2.0 network/tv boxes is to run a “split” network. Essentially you put a Network switch between the fiber jack and the network box, this will allow you to connect the edge-router to the switch and then use that router for all your data traffic (computers and etc).