Update May 2020: I am no longer a Beanfield customer despite living at the same address, and now recommend and use FibreStream.
Around a month ago I posted a 1 month review of Beanfield’s 50/50 FTTH Internet service, along with some technical details and some of my internal network configuration.
Since then, there are a number of updates to post regarding my original review.
Beanfield have been in touch and have kindly provided some feedback on my first review. I have to commend Beanfield for reaching out and actually providing some feedback – well done Beanfield. Next time, feel free to post comments so everyone can see your responses!
Firstly, the network hardware is actually a zNID 2600 Series Indoor Gigabit Active Ethernet ONT (my bad), and from port identification appears to be a model 2628A. This is different from the GPON version, as explained below:
The Zhone we use is not using GPON. GPON uses passive optical splitters to connect up to 32 fibres to a single fibre, which is essentially sharing a single fibre between 32 users. GPON is very common with fibre-to-the-home service delivery (for example, Bell uses it). We actually deploy Active Ethernet, the opposite of GPON. Active Ethernet runs like an everyday, ordinary Ethernet network in that every customer is provided with their own fibre strand, which runs to the Cisco switch we have in the building.
Next, some feedback on how my existing router was rendered pretty much useless by the default setup. Beanfield made the point that the majority of their customers are not as technically savvy as myself, and so they choose to manage everything via their own Zhone hardware.
This I have to take issue with to be quite honest, as I explained to them. Sure, this may work for the majority of customers. But there is an entire “prosumer” market, and it would make sense that most of this market would jump at the chance to get FTTH if they knew about it’s availability. This market will, quite simply, be left disappointed by the default setup and it’s limitations as they currently stand.
There are many services that routers (mine is an RT-N16 running Toastman’s custom TomatoUSB firmware) provide to the “prosumer” market – QoS, UPnP, custom routing, VPN, mounting and sharing of network storage and USB printers, etc. At a bare minimum, it would be desirable for install techs to talk with customers and ask them whether they are using the functionality of the router and perhaps – where applicable – to ensure a setup like mine before leaving the install premises, rather than just making the customer’s existing equipment largely inaccessible.
This is certainly something for Beanfield to think about – my understanding is that Beanfield is relatively new to the consumer market and I’m sure they will make improvements if they continue to engage with and listen to their customers.
Beanfield also provided some feedback on my double DHCP configuration:
Your suggestion for a work-around included a step to re-enable DHCP on your router. Only one device on a network can be responsible for handing out private IP addresses. This means that the Zhone and your router are both fighting to hand out IP Addresses to your devices. If you are looking to use your router as a device on the network that allows USB storage or printing, you can assign the device a static IP, but be sure to disable both NAT and DHCP.
Technically it is bad practice to have two DHCP servers and Beanfield are correct, but unfortunately this is necessary in my particular case for a number of reasons. Firstly, I need to assign static IP addresses based on MAC addresses so I can forward ports – my router allows me to do this and the Beanfield customer portal does not. Secondly, as all my clients are wireless, they will all be assigned an IP by my router and there will be no chance of any collisions. As of writing, Beanfield are still working on correcting the bug in their customer portal so custom network settings can be applied.
Quality of Service (QoS)
Since writing my original review, I have been enjoying the fast speeds provided by FTTH. I had reconfigured QoS on my router based on the new speeds, but have since noticed that my router classifies all traffic as “unclassified” after some further investigation into stuttering video.
There are a number of important considerations to take into account when implementing QoS:
- It only classifies traffic running through the router (not to or from the router).
- It only classifies traffic running from WAN <-> LAN and vice versa.
Due to the fact that my router’s WAN functionality is disabled and it is configured as an Access Point, making it an extension of the Zhone LAN, it’s built in QoS is useless (as per point 2 above).
While perhaps not such a huge deal for the majority of consumers, this is now creating a problem for me as I like to stream media to devices outside my network when travelling, and also use Skype at home. I also have a server that automatically downloads media files, and when these downloads are saturating the bandwidth, media streaming and Skype are affected.
This is all the more frustrating as the Zhone AE ONT apparently offers full QoS traffic management functionality available via a web interface or CLI. I have raised this point with Beanfield and will report back when they get a chance to respond, but at this point it seems the solution is either to give customers access to the Zhone web interface or to build traffic management into Beanfield’s customer portal.
Outbound SMTP blocked
Not really a showstopper, but an annoyance nonetheless. I am running a Postfix mail server on my Ubuntu media server so that it can send me notifications, which it no longer can as outbound traffic on port 25 appears to be blocked by Beanfield.
From the Postfix logs:
Jan 7 12:51:00 media postfix/smtp: connect to
194.70.26]:25: No route to host
Further investigation on the command line verifies the port is blocked:
[email protected]:/home/frank# telnet aspmx.l.google.com 25 Trying 18.104.22.168... Trying 2607:f8b0:400d:c02::1a... telnet: Unable to connect to remote host: Network is unreachable [email protected]:/home/frank# telnet www.google.com 80 Trying 22.214.171.124... Connected to www.google.com. Escape character is '^]'. ^C Connection closed by foreign host.
The same thing on my DigitalOcean cloud server (for comparison):
[email protected]:~$ telnet aspmx.l.google.com 25 Trying 126.96.36.199... Connected to aspmx.l.google.com. Escape character is '^]'. 220 mx.google.com ESMTP s10si865745qas.3 - gsmtp quit 221 2.0.0 closing connection s10si865745qas.3 - gsmtp Connection closed by foreign host.
Unfortunately this means that Postfix can’t send e-mail and I don’t get e-mails from my media server any more.
Coming from TekSavvy and having unblocked, unshaped Internet access, this is pretty disappointing given how technically advanced Beanfield’s service is. I can’t imagine Beanfield block port 25 for their business clients, so why do it for consumers? Hell, Bob Jonkman even wrote a blog post about how blocking port 25 is harmful and ineffective. I await Beanfield’s response on this one too.
My overall experience with Beanfield is positive. I would recommend them to the average home user without thinking – the Internet service is the most technically advanced available in the GTA marketplace, it’s fast and stable, and the price point is great.
That said, Beanfield really need to think through their product offering for the consumer market place, particularly how it caters to the “prosumer”market. After all, these are the early adopters – the people who are going to jump at the chance to get a synchronous fibre internet service and write about it – and they will be likely left disappointed by the default setup as it currently stands.
Port 25 should not be blocked. The service should be untampered with and remain unshaped. I’m not an expert on FTTH by any means, but I do know that due to the way Beanfield have implemented their Internet service with the Zhone Active Ethernet ONT, they have simultaneously rendered customer’s existing routers largely useless and have therefore entered themselves into the home router market. Sure, I can still use my router for file and print sharing after playing around with it myself and changing the settings left by the install tech, but the fact is most router functions are now performed by Beanfield’s equipment.
In light of this fact, the configuration abilities provided to customers are somewhat lacking, and consist of 4 basic functions:
- basic network configuration (when it’s fixed)
- the ability to set custom DNS servers (think OpenDNS)
- the ability to configure port forwarding (should really have the ability to set static IPs by MAC so you don’t have to keep editing the port forwarding rules)
- a status page showing the status of each port (pretty useless)
Important features such as QoS are rendered useless on existing routers and apparently inaccessible on the Zhone. I’m sure that when Beanfield rolls out their own IPTV product, they will make use of the Zhone’s built in functionality to isolate IPTV and ensure it remains unaffected by traffic spikes. That functionality needs to be provided to consumers in some form, so they can manage their own network traffic. This is all the more important due to changing habits of Internet usage – video messaging such as Skype and Facetime is becoming ubiquitous, and media streaming services such as Youtube, Netflix and home media servers such as Serviio are growing exponentially. In this day and age, particularly in a network with multiple bandwidth hungry devices, it is unacceptable for customers to not be able to manage traffic.
I hope that Beanfield continues to listen to customer feedback as they build out their consumer triple-play of Internet, IPTV and home phone. They have some way to go, as I have outlined in this blog post, but the average user will be more than happy with the speed and price point. Fortunately for Beanfield, they so far seem to be an intelligent company, and have chosen to engage with their customers. They have a great product built on an awesome technology – now all they need to do is fill in the critical gaps and get their customer acquisition strategy right, particularly in new condo developments.
[…] NOTE: I have since posted an update to this blog post, that corrects some of the technical aspects of this post and provides some feedback from Beanfield. You read these updates in my 2 month review of Beanfield. […]
The previously reported bug on our portal has been fixed in our development environment and will be pushed out to our production environment this week.
Notwithstanding the security implications of providing open SMTP access in a residential environment, we consider that to be a business grade service so we don’t permit it on residential connections. That said, we permit access to Beanfield’s SMTP servers. So in the case of your media server, you can configure Postfix to relay through smtp.beanfield.com. If you’d rather switch to a business grade service where we don’t impose that restriction, this is certainly an option. Let me know and I’ll be happy to have someone contact you about that!
QoS is a great tool in a business environment where there are lots of people sharing a single connection. By comparison, a residential customer’s network environment is quite small, so QoS there is more of a complicated toy than a practical tool for mitigating conditions that would result in a saturated link. All modern p2p applications have a setting that can limit the upload bandwidth and/or set a maximum number of peer connections; one or both of these settings would be useful to prevent the p2p application from saturating your downlink, preserving interactive traffic like streaming media and Skype.
We’ve been given heaps of positive feedback on our service from our more savvy customer base. We know they love to tinker and that they think it’s lots of fun! They’ve really proven that they have no issues making any small configuration adjustments on their home networks that might be needed to make the transition from traditional cable or DSL based services over to our FTTH service. We’re always here to help walk you through any rough spots. Just give us a call or drop us an email!
I hear you about the SMTP thing Jason. However, there are many ISPs that are able to run an unrestricted service, such as my previous ISP TekSavvy. Anyway, not a huge deal and thanks for the suggestion.
With regard to the QoS thing, seriously? I think it’s pretty silly to claim QoS is “more of a complicated toy than a practical tool” in a home network, given a search for “home routers with qos” yields 1.7m results.
QoS is on many, many home routers, for obvious reasons. DD-WRT, OpenWRT and Tomato have been growing for years. D-Link, Trendnet, Linksys and Netgear to name a few manufacturers also disagree with you – as do their customers who buy their QoS-enabled routers.
Indeed a simple Google search for “netgear qos” yields a link to PC Magazine’s review of the Netgear Nighthawk. This is a residential router featured in a consumer-focused magazine.
The very first paragraph states: A feature Netgear is highlighting in the Nighthawk is enhanced QoS. I tested it, and am happy to say that, in my testing, the QoS capability of this router isn’t just hype. The QoS feature is excellent at optimizing video streaming.
So that’s is a residential router, with working QoS, successfully “mitigating conditions that would result in a saturated link”. Conditions I have – but would not have – if I could use my router, or if Beanfield provided me access to use the QoS on the Zhone.
Artificially, permanently, and unnecessarily (most of the time) limiting the amount of bandwidth on a per-application basis is, imho, an ugly and sub-optimal solution to a problem that Beanfield have created. There’s a reason why home routers come with QoS functionality, irrespective of whether Beanfield are in denial about it. Simple as that I’m afraid.
Hi Frank, I have been looking for a reliable internet service in Toronto.
Are you still satisfied with Beanfield’s services?
I am still satisfied with Beanfield’s internet service, it’s very stable, fast and reliable. If you’re a regular internet user you’ll be very happy with the fast speed and competitive price. However if you need to use the more advanced features of a router then I would perhaps look elsewhere as they completely hobble your existing WiFi router by putting it into bridge mode.
I am also a Beanfield customer and agree with the point about no QoS being an issue. I’m also having some of the same issues you’ve talked about in the post Frank. Beanfield need to get their head out of their ass and give customers some QoS. Just because it’s a fat pipe doesn’t mean QoS is unnecessary!
Glad I came across your blog Frank. I was giving serious thought to going to Beanfield in my new condo but being a prosumer, I rely heavily on the settings I’ve configured on my own router. So now knowing that it would be rendered useless and I would be at the mercy of the Beanfield router is a show stopper for me! Will stick with TekSavvy and hopefully one day Beanfield will resolve allow people to use they own routers.
Well to be honest Matt, it’s grown on me a bit. I have found ways to work around Beanfield, and with 100Mbps up and down since the free speed upgrade from 50Mbps, I rarely have any issues with not having QoS.
I plug my printer into my Linux box and share it that way. Just means you can’t plug anything into your router and expect it to work. They’ve also improved the management portal on their website and it is more useful now.
I’m curious, have you explored the possibility of using your own device to access Beanfield’s stream? It has been suggested to me that this isn’t possible, but from a technology perspective I don’t see why this should be the case.
Are you talking about the TV stream? What kind of device? I’m not aware of any consumer devices that can access FTTH internet or TV…and not sure why I would want to go to the effort.
I’ve been trying to figure out why Beanfield provides 100/100 residential service for $45/mo, and charges $69/mo for 10/10 business service. It sounds like the ability to use your own router is really the big differentiator here, which is too bad. As you’ve noted, there are a bunch of restrictions when you’re forced to run your own router in bridge mode. (In the case of Apple’s Airport routers, you lose the ability to broadcast a guest network.)
Do you know what range of ports Beanfield’s router blocks? You note that port 25 is blocked, and I’m guessing they block 80 as well – anything else?
I’m not sure if they block port 80 to be honest, I haven’t tried running a web server. I have a few internal services running, and have managed to open whatever ports I want on their portal. I wouldn’t think they would block any incoming ports, it’s probably safe to say it’s just outbound SMTP.
Thanks for your blog. Beanfield has just arrived at our condo building and this is important information to know. May I ask if you were able to use a VPN effectively on their connection and still receive the full 100 Mbps speed? Mine currently sits on my router but I know I should be able to move it to my devices individually if needed.
I’m assuming you are talking about outbound VPN and not a VPN server here.
I’ve used various VPNs, including an L2TP/IPSec connection to my office, and an Astrill OpenVPN for personal browsing. I’d have to say that in each case the speed is constrained by the capability of the VPN provider, and not by Beanfield.
I managed to get a couple of MBps on a good Astrill server, but nothing like a straight connection. I gave up on Astrill for personal use, just because the max speed I could get, even on their fastest server, was nowhere near the 100Mbps pipe Beanfield was giving me (and Canadian laws are pretty consumer friendly…)
Hi Frank, thanks for the detailed review. I’m curious if you have tried the beanfield TV service or know anyone that has? I’m looking to sign up for both Internet and TV. Thanks in advance
I have tried the Beanfield TV service, and have been using it now since the beta testing phase. It’s pretty good value for money compared with Rogers/Bell, and quite reliable. The picture quality is also very good. I’d sign up for both if I were you.
Hey Frank, thanks for this resource – one of the only independent reviews of Beanfield that I could find. I just moved into a new condo and got their 100/100 service installed.
I notice that Beanfield’s remote administration app now allows DHCP to be turned off, and firewall to be “disabled”. Have you tried doing either of these things? Would this eliminate the double-NAT issue, the QoS issue, or the DHCP-to-MAC-assignment issue?
Glad you found it useful.
Edit: I believe the setting to disable DHCP and Firewall have been there for a while now, come to think of it. I think I tried disabling the DHCP server and enabling my own router one, and didn’t get very far. IIRC, the router doesn’t get an IP from the Zhone, meaning you can only set static internal IPs.
Anyway, I’d be interested to hear your feedback on whether disabling DHCP/Firewall allows QoS on your router, and whether all traffic is passed through to the router. Since they upgraded the service from 50/50 to 100/100, I haven’t really been having any issues with quality of service on things like Skype or VoIP.
Also, since they added a DHCP leases section to the Status tab a while back, I’ve been using their DHCP as I can now see what IPs my machines have (2 headless servers of particular interest) so don’t have to scan my own network 😉 I find the leases to be pretty much static for the last year, so it’s not really a problem.
Thanks for the reply. I’m trying their recommended setup first (without QoS and letting the Zhone take care of DHCP and firewall) and, as you say, bandwidth is plentiful. I did notice that all my IP leases got mixed up after an extended service outage. However, I think if it is a serious issue, I’ll just use static IP addressing on each device that needs it.
Thanks for your reviews, it’s the most useful thing I’ve found on Beanfield. I’d like to clarify if you can access any ports on your Linux box using your external IP. I’m trying to do so and failing completely. Basically, I’m running the Python’s SimpleHTTPServer on port 8000 (to test the idea), I can access it just fine using my internal IP address, but even if I disable the Zhone firewall completely through Beanfield web interface, I still can’t access it using my external IP. When I disable the firewall, I can access Zhone’s interface on ports 80 and 23 through the external IP, but no other ports (I don’t know the login and password for Zhone’s interface – maybe you do?). Tried enabling firewall and setting up port forwarding – same.
I’m not sure what the issue could be, but I know for this you would need to setup port forwarding within the Beanfield portal to the relevant internal IP (unless the server has UPnP, which is well supported). I have a couple of ports forwarded and they work fine (emby server and sshd).
In terms of accessing the Zhone, yes well this is a pet peeve of mine when it comes to Beanfield, as they like to treat all their customers as amateurs. Access to the Zhone itself is not allowed, and you can see the limited amount of functionality they have provided via their customer portal. I’m not sure in this case if accessing the Zhone web interface would actually help though, as port forwarding in the customer portal does work.
One thing you may want to consider is that the zhone external IP doesn’t seem routable from the LAN. Test your setup from a different network, such as tethering your phone and trying to access the external IP on port 8000.
If you do get it working and want a nice way to access it on a domain you own, then may I recommend the excellent Cloudflare DDNS python script (not that the IP really changes, but still good to have). https://github.com/asazodi/cloudflare_ddns
Yeah, being in the LAN was the issue – I tried accessing it from a different network, and it turns out port forwarding was working all along. Thanks a lot! The script you linked looks interesting, too, thanks for that as well.
Glad I could help 🙂
Frank – Very helpful info. I’m curious if anything has changed on this front? Is there really no way to flip the Beanfield Zhone modem/router into bridge mode so that you can connect your router to the Zhone and effectively bypass it, putting your router effectively the front end of the internet connection?
With Bell you can turn the Sagecomm router into bridge mode and connect your router to it and bypass its functionality. There’s also a way to bypass the Sagecomm altogether by connecting directly to Bell’s Alcatel-Lucent fibre modem and creating a VLAN (id 35) and using your PPoE credentials to connect.
Not to my knowledge Matt, I am not able to access the Zhone at all directly (SNMP, CLI or Web), and there is no way to change it into bridge mode on their web portal.
I’m not an expert on the setup, but I believe there are some fairly significant differences between how Bell and Beanfield have implemented their services. I’m 99% sure there is no PPoE in the mix here. The Zhone is also a router/modem in 1 unit, so there is no separate fibre modem – the fibre is terminated directly into the Zhone.
Beanfield is internet for dummies at the end of the day, they don’t appear to have any interest in relaxing any of the restrictions. I can’t even get any stats on my internet connection, despite there being a full SNMP interface on the hardware provided. I guess I’ve learned to live with it, and have adapted myself around the limitations, mainly by running a linux server to perform various functions I’d otherwise use a router for.
Thanks, Frank. Unfortunate as it is, I think I’m going to stay with Bell for now since they offered me two years no contract, 500gig of usage, but only 25mbps for $50. The speed sucks compared to bean field, but I, like you, want the extra functionality that Beanfield doesn’t allow for.
Great info! Really appreciate the ideas/comments/suggestions you’ve provided for all your readers.
I do have a question that I was hoping to pick your brains with! Basically I’m trying to avoid paying another $90 (one time “rental” fee) to upgrade to their Wireless AC enabled version of their Zhone; I already have a TP-LINK Archer C7 AC1750 that I think should be more than capable of their 250Mbps up/down service. However, I’m wondering how well it would play with Chromecast in my private network if I did the static IP/gateway IP = Zhone IP/DHCP approach/workaround you mentioned.
Google recommends the following router settings:
– Use the required 2.4 GHz WiFi band, not 5 GHz.
– Enable: Universal Plug and Play (UPnP), multicast, Internet Group Management Protocol (IGMP)
– Disable: AP/client isolation, virtual private networks (VPNs), proxy servers, IGMP Proxy
I’ve gotten it to work just fine on my current setup (ISP = EBOX cable). I’m just worried about the effectiveness (if any) of the above required settings when putting my router into that particular state to enable the DHCP server.
In case anyone was wondering beanfield now offers a BYOR service (Bring Your Own Router), essentially you sign away all support, they give you a media converter and that’s it.
I personally went this route and love it.
Using my own router and everything is controlled as I like.
11/10 to beanfield for finally doing this.
Hmmm interesting, I don’t see anything about that on their website. What do you mean by media converter, are you talking about the Zhone box to terminate the fibre? Can you explain a bit more about your setup? Sounds like an interesting option!
They actually just proposed this option to me today. Basically you sign a form, they arrange an appointment for a tech to come out and remove your Zhone. Replace it with a media converter which basically just converts Fiber -> Ethernet.
Once that’s done – they make sure it works and leave. You can then hook that up to your router and at that point you completely control everything. I haven’t signed up yet, but I figure my RT-AC5300 wouldn’t have a problem managing QoS, Firewall, etc.
The caveat as Corey mentioned is that support ends at the media converter. They won’t help with anything else past that.
Oh that’s interesting Chris, thanks for the clarification.
Frank, in all of your probing and testing with Beanfield have you ever been able to unearth any technical information about their IPTV service? I’m trying to get enough info to see if I can use my existing IPTV tuner to access their service so I’m not beholden to their STB, and they’re not able to answer my questions.
I didn’t realize it until just now, but apparently I exchanged emails with the CEO last night. I got all of the IPTV info I needed from him.
It’s not exactly the information I was hoping for, but kudos on them for being so keen, let alone at midnight on a Saturday.
Hi Joseph I was also interested in doing something similar, would you mind frowarding the info?
The key points from my email exchange with Dan…
“Our IPTV is delivered as Multicast IGMPv3/SSM.”
“… So HDMI…. This comes down to the same copyright issue. Our agreement with the underlying content owners makes us assure them that only 1 display panel is watching it. We use HDCP on encrypted channels that only starts video playback if the display reports HDCP.”
I’ve recently signed up and am running into the same issues you had a while back. Their support actually said I could turn DHCP and Firewall off on the Zhone and then have my ASUS RT-AC5300 take care of it all. Needless to say I couldn’t get any of that to work. I’m a programmer, not a Network Engineer – so I’m sure something wasn’t set correctly. I’m still chatting with them on this.
The core issues for me were the fact that the OpenVPN Client settings don’t work since there isn’t technically an internet connection to the router since the Zhone is plugged into a LAN port and not the WAN. Swapping modes to make it an Access Point removes the VPN functionality since at that point it can’t route the traffic… Needless to say it’s been an annoying issue.
Did you go the media converter route in the end, and if so, how is it? I solved your problem by running StrongSwan (IPsec-based VPN server) on my linux server, and forwarding the ports in the Beanfield web UI. Was a bit of a pain, but eventually got a nice certificate based IPSec VPN back to my home network running.
Frank et al
Since the ‘media convertor’ conversation still seems to be going strong, I can say I’ve been using the service pretty much since it was introduced (I originally found out about while asking whether the Zhone supported NAT loopback (it doesn’t, or didn’t then)). I’ve had no issues with it, originally running a Netgear UTM and now SOPHOS UTM on the inside. I also have a number of Raspberry Pis running OpenVPN based clients out through the SOPHOS/ Beanfield fibre with no issues.
Just called beanfield, the bring your own router is not available in all areas it seems.
I just switched to Beanfield yesterday but the Zhone web interface is horribly limited (as it’s very well know to readers here). I set up port forwarding for a whole bunch of devices only to have all of them re-assign their IP (maybe the Zhone rebooted?). This is a royal pain because there’s no EDIT option. I’ve got port forwards set up for Plex, VPN server, web server, etc. and I can’t take advantage of any of it with my fancy 500/500 connection. This is a complete deal breaker. I will talk to them about this “media converter” business but if it’s a no go, it’s back to TekSavvy for me.
Its actually a great and helpful piece of information. I am satisfied that you simply shared this helpful info with us. Please stay us informed like this. Keep up the good work
Thank you for sharing.
First I want to thank you for this post, I’ve referred back to it over the years. Since you managed to get Beanfield’s attention, I’d hoped they’d update you when they changed things.
I recently called Beanfield support after a power outage and while talking to them, I learned that they will put your zhone router in bridge mode. After they made their change, I had to change my WAN connection type to Automatic IP and DHCP query frequency from aggressive mode to normal mode.
Looks like SMTP is still blocked, but I’ll take the win for controlling my own home network.
Interesting to see that you’ve moved on to Fiberstream, I’ll have a look. I just wanted to take the time to thank you and to pass along to anyone like myself who checked in here to see if you can set the zhone router to bridge mode. You can, you just have to call.