Adapting the Swisscom Piccolo (Motorola 7640-47) Router for bridging and other ISPs


Background

The Piccolo is actually quite a powerful router. Unfortunately, Swisscom has crippled it, removing fundamental configuration options from the web management interface, and even worse, breaking some of the (undocumented) command line configuration options.

At a bare minimum, the router can be turned into a bridge/modem, enabling more powerful functionality to be implemented using a wifi router with OpenWRT or a similar solution.

Documentation for the Motorola generic version of this device provides some helpful clues about the configuration and may be a useful resource for anybody adapting it.

The undocumented telnet interface

The username and password for the web interface also allow telnet access to administer the router. The telnet interface actually has quite a lot of features, many more than the web interface.

The normal username is admin. If the admin password is not known it can be reset to 1234 using the factory reset button on the back of the router.

$ telnet 192.168.1.1 Trying 192.168.1.1... Connected to 192.168.1.1. Escape character is '^]'. login: admin Password: (default 1234) Terminal shell v1.0 Copyright (C) 2011 Motorola, Inc. All rights reserved. Motorola Netopia Model 7640-47 Annex A VDSL2 IAD Running Netopia SOC OS version 9.0.10 (build h2d8) ADSL/VDSL capable (admin completed login: Admin account with read/write access.)

Removing the Swisscom backdoor

The first step for any Piccolo owner is to remove the backdoor from Swisscom. Swisscom links the routers to a management platform that allows them to change configuration remotely, or even push out firmware updates.

Allowing an external party such as your ISP to push updates to your router is a major risk. Just imagine if Swisscom decides to update firmware while you are making an online purchase or checking in to a flight - your router reboots itself and your transaction is hosed.

Let's have a look at the default configuration of the router, notice these cwmp settings:

Centro_piccolo> show conf . . . set management cwmp enable on set management cwmp acs-url "https://rms.bluewin.ch/cwmpWeb/WGCPEMgt" set management cwmp acs-username "bluewincustomer" set management cwmp acs-password "***************" . . .

If you didn't already know that was there, you might be quite unpleasantly surprised right now.

Removing it is easy:

Centro_piccolo> conf
Config Mode v1.3
Centro_piccolo (top)>> management
Centro_piccolo (management)>> cwmp enable
Centro_piccolo (management cwmp enable)>> set
      enable (on) [ off | on ]: off
Centro_piccolo (management cwmp enable)>> up
Centro_piccolo (management cwmp)>> up
Centro_piccolo (management)>> up
Centro_piccolo (top)>> save
Configuration data saved.
Centro_piccolo (top)>> exit

Notice that after you make a change, you must type the save command to persist the change.

Disable the Piccolo's DHCP server

If using a more powerful router (e.g. a TP-Link or Buffalo running OpenWRT) then the DHCP server in the Piccolo is not needed.

Furthermore, if bridging from a provider that uses the DHCP (as opposed to PPPoE) mechanism to give you your real-world IP address, then the Piccolo's DHCP server will answer the DHCP requests from your other router, and it will never get the proper IP address from the ISP. This scenario must be avoided by disabling the DHCP server in the Piccolo.

Centro_piccolo (top)>> conn name LAN
Centro_piccolo (conn name "LAN")>> dhcp-server-enable
Centro_piccolo (conn name "LAN" dhcp-server-enable)>> set off
Centro_piccolo (conn name "LAN" dhcp-server-enable)>> save

Now, when you want to administer the Piccolo, you need to manually configure an IP address (e.g. 192.168.1.2/24) on the PC that is connecting to the Piccolo.

Putting the router into bridge mode

When I purchased the router, I was using it with Swisscom. Their own network operates ethernet over ATM and the router obtains an IP address using DHCP. I subsequently changed my ISP to Init7, an independent ISP. Init7, like most third-party ISPs in Switzerland, uses PPPoE rather than the bridged mode. For either mode of operation, the router can bridge the DHCP or PPPoE packets to a more flexible router, such as a TP Link WR-1043ND running OpenWRT or even a Linux server.

In the normal configuration, I discovered two bridges in the router:

Centro_piccolo> show bridge interfaces
Bridge interfaces:
bridge name     bridge id               STP enabled     interfaces
br1             8000.0024c94dfcf0       no              eth0.16
                                                        eth1.16
br2             8000.0024c94dfcf1       no              ptm0
                                                        atm1

Clearly, bridging is possible. The Motorola/Netopia manuals refer to various bridge configuration options that just don't seem to exist on this unit. Nonetheless, it is possible to join those two bridges into one:

Centro_piccolo> conf
Config Mode v1.3
Centro_piccolo (top)>> link name LAN
Centro_piccolo (link name "LAN")>> port-vlan
Centro_piccolo (link name "LAN" port-vlan)>> ports
Centro_piccolo (link name "LAN" port-vlan ports)>> set
        ports ("lan-1 lan-2") [ lan-1, lan-2, ptm, vc-1 ]: "lan-1 lan-2 ptm vc-1"
Centro_piccolo (link name "LAN" port-vlan ports)>> up
Centro_piccolo (link name "LAN" port-vlan)>> up
Centro_piccolo (link name "LAN")>> up
Centro_piccolo (link)>> name WAN
Centro_piccolo (link name "WAN")>> port
Centro_piccolo (link name "WAN" port-vlan)>> view
      port-vlan
        ports "ptm vc-1"
        priority 0
Centro_piccolo (link name "WAN" port-vlan)>> ports
Centro_piccolo (link name "WAN" port-vlan ports)>> set
        ports ("ptm vc-1") [ lan-1, lan-2, ptm, vc-1 ]: ""
Centro_piccolo (link name "WAN" port-vlan ports)>> view
        ports ""
Centro_piccolo (link name "WAN" port-vlan ports)>> up
Centro_piccolo (link name "WAN" port-vlan)>> up
Centro_piccolo (link name "WAN")>> up
Centro_piccolo (link)>> save
Configuration data saved.
Centro_piccolo (conn name "WAN" link-oid)>> exit

and now let's check the results:

Centro_piccolo> show bridge interfaces
 Bridge interfaces:
bridge name     bridge id               STP enabled     interfaces
br1             8000.0024c94dfcf0       no              eth0.16
                                                        eth1.16
                                                        ptm0
                                                        atm1

Any WAN connection parameters (PPPoE or DHCP) should now be ignored by the router, and it should just be bridging PPPoE or DHCP traffic from the ISP to the other router. The Piccolo is now behaving like a modem/bridge.