THIS IS LONG.. IS it worth saving a few thousand for your business connection.

We Recent had a allot of experience with U-verse Residential and business..
I'm getting this info out fast and some of it might be a little sloppy. When I get the full write up done I'll post it in another board for questions and answers. I'm doing short section on residential first.
If your looking for help with Residential because web pages don't seem to open properly. Open your network settings and add public DNS assignments to TcpIP v4. A good place to start is Google public and open DNS. There IP addresses are for Google 8.8.8.8 and 8.8.4.4 AND OpenDNS are 208.67.222.222 208.67.220.220 I suggest you look them up in Google search for more information.
The other and more practical way for residential is to have a second router. plug it into the AT&T 2wire. Wait a few minutes go get a coffee then login to the 2wire. Goto the Network info page and note the name of your router. Then go to the Firewall setting and enable DMZplus mode for your router. once its set use all your networking for your computers or gaming boxes to go threw that router.. There will be more details in the Business IP assignments portion of this BUT this could also solve any minor pix-elation you might be getting by leaving your TV's and phones connected direct to the 2wire. and your computers behind on the second layer. It will also allow to to setup connections from work easier

HERE's the Section most business owners are having problems with.
So you had U-verse business installed.. and your Surfing ... AND YOU CAN'T get your 5 Static IP's or more running..
I know your pain
We had U-verse business put in about March 30th after long discussions with Techs and Sales people at AT&T We went with it.. Cable wasnt a option because Cable dosn't work properly in our area with lost connections that just won't work.

We have 8 IP addresses assigned to us. 5 of them usable as public IP addresses. We run extensive cloud service here with 18 Websites on 3 servers with POP and SMTP mail Servers with a total of 8 machines running 24/7 over the years the AT&T Static IP's threw DSL have been fine with our other DSL running great for a total of 10 IP addresses. All that and a average of 35Gig of bandwidth for the websites and about 150000 emails a month.
So now it was time better uploads to work with our servers and our own work.

So now AT&T U-verse is installed on a Dry loop to our business Which took a lot of pateints to have installed.
They brought out a iNID which is basically the Router mounted outside. Then installed a what looks like a regular 2wire inside and a battery backup to power the outside iNID router. 3 peaces of equipment.. You go through the registration and your surfing... But you didn't come here to find out how to surf or even get it installed You want to know how to use your additional IP addresses

By now you've been put in MAC Address hell.. This WILL fix that

Since the 31st of march I read over 1000 pages on this, including how bad the 2wire is to different solutions that made for allot of work..
This will still be a little technical BUT will work the first time and you can get back to what you really do for a living.
My personal opinion the 2wire solution is brilliant more on that below.

Most businesses will have a IT Guy or Girl or the owner of the business has learned how to be Technical. This wont cost a bunch of money. Just a little time.. HEY it took you time just to get U-verse give it a little patients. 

First you need a older computer that your not using anymore OR look for a cheep Desktop with a minimum of 512 memory.
get 2 Network cards. inexpensive Realtek cards will work fine for this. In the future because of our needs we'll probably be getting managed Intel cards.. 99% of all businesses can probably get away with 2 NIC's(network cards)

So now you have the older computer setup with the 2 network cards.
You need something to run it and be able to assign your IP addresses with MAC addresses.... AGAIN I'M GETTING THIS INFO OUT FAST So it might be missing little details but the setup info works..

To do this we need a Operating system with a router solution.. This was done with PFSense. Some call it a Super router. I call it a Unbelievable Super Router.. Your 2wire router is built around FreeBSD our version is 4.4 PFsense is based on FreeBSD 8.1. For all practical purpose we're using PFsense 2.0.1 the latest build.
You'll need to download this from PFsense http://www.pfsense.org/ and burnit to disk.. There's ALLOT of info and support for the software on there website and Please if you find this works for you Give them some MONEY otherwise it is free 
For our purpose we used a Pentium 2.8 32bit with a gig of memory we had laying around.
Once you have PfSense installed and running you need to plug it into the 2wire.

PfSense will run without installing from the CD so you can get familiar with it... For this to work YOU WILL need to install it to a Hard drive.
During the setup you need to setup the WAN NIC(network card) more info is gotten on the pfsense website.
Once PFsense is up and running and your surfing through it.
Goto the 2wire and set it to turn off the firewall for your Static IP's

Goto Broadband Tab> Link Configuration link>
scroll down to "Supplementary network" > Add additional network
Check the box to > Enable
Input your Gateway IP that AT&T gave you for your Static IP addresses
Input your subnet mask usually 255.255.255.248
Check the box "Auto firewall open"
Hit save
I assume the AT&T tech already did this for you... but just in case you have that info now.
Now goto the Firewall Tab> Advanced configuration
Disable> Stealth Mode
Disable> Block ping
Disable> Strict UDP Session control
Leave UDP session timeout alone.. Pleanty of people have messed with this and for this setup LEAVE IT ALONE
TCP session timeout is great right were it is.

Scroll down past all the rest of the enabled stuff to
Attack detection>
Un-check all that stuff.. You don't need it pfSense will do that...
By all means Please leave NetBIOS unchecked.. you dont need to advirtise your network or open the computers this way to the public..
   
Now goto the LAN tab>
Scroll down to see devices
look for the currant IP and MAC address of the PFsense network card.. If you left it as DHCP assigned it should show your LAST Static IP address
If not at this time reboot the 2wire wait a minute and reboot the pfsense router

Go back into the 2wire firewall configuration > Applications. pinholes and DMZ
click on the pfsense computer link and if its not in the DMZ plus mode check that box or radio button and hit save.

At this point we're ready to get the rest of the IP addresses running as long as you can surf to the web through the pfsense box

In pfSense for our configuration we did a couple things I'll give you at the end. I'm also going to assume you know how to work with NAT port assignments and how to enable ICMP.. Believe it or not ICMP on ATT DSL and AT&T U-verse is important if you want to increase your connection time...

Lets assume your WAN IP is x.x.x.109... Its already up and running and the 2wire knows its MAC address
So in pfsense goto>
Firewall>Virtual IP>
Click the plus sign>
Click the box/radio button Carp
Interface WAN
Add your next IP if your WAN IP ends in x.x.x.108
(x represents number)
Set your CIDR for subnet 248 that = 29
Set a Virtual IP password.. If all goes well you can even login to pfsence from that virtual IP
Set the VHID Group>1
Since this is the first IP leave it as the number 1
Advertising Frequency> leave as default(Master) base 1 skew 0
Give it a short description you will use that name in NAT later on... I use the IP and the word "Static"
Hit Save the screen hit apply
Lets add another IP

click on a plus sign to add again follow the directions just above
Add the IP CIDR and password
Set the VHID Group to 2
Advertising Frequency the same as the first Virtual IP
Add your description and Save then apply

You can add more if you want but at this point you can check to see if there working in
status>Carp(failover)
In Status>Carp they should show as MASTER with a Green running arrow.
If you scroll down a little to find.......
pfSync nodes:

xxxxxxxxf
2xxxxxxxf

the x represents a number
Simply said these numbers represent HEX addresses which are translated to MAC addresses that the 2wire router then recognizes...
You can also add this to the pfsense
Status>Dashboard


As a Safety we added loop to our madness 

I mentioned the 3rd network card. we added the interface and enabled it.. DO NOT ASSIGN IT to anything at this point.
We then added to
System>Routing>
Click the Routes Tab
Add your pool address and gateway.
 
Reboot your (2wire and pfsense)routers and go check for the IP's now showing in the 2wire
please note  It could in some cases take a little bit to propigate the CARP virtual IP's

I hope this has been a big help to someone and as I get more of my info and desktop captures together I'll clean this up a bit.
In the mean time dont hesitate to ask for help in the forum.

Some of the other things we have running in pfsense is pfblocker and Squid proxy.
Also keep in mind pfsense is running services and a firewall.. these should be treated seperatly mentally and your not opening things in the 2wire firewall to your network. Your openhing them to your new firewal to control..

Important to note: U-verse will pass DNS public. So using a DNS IP other then what AT&T assigns is important
ICMP will increase reliablity to a AT&T connection.. Opening the Advanced Firewall in the 2wire is not decreasing your security.. pfsense will.. Some people think its double NAT from the 2wire threw pfsense.. Ive ran enough tracerts and pings to know its passing just fine.. if your not sure do a packet sniff frrom pfsense.. they have it built in...
This is as close as your gonna get to having a True commercial Cisco router without the expense or headaches.
We've been running pfSense builds since just before version 1.2.1... once you setit you can forget it..
With pfsense we dont use allot of the addons.. Squid proxy is to help cache our websites not SSL or SSH.. it speeds up the webpages a touch.. Squid can also be used to GET windows updates but we don't use it for that.
pfblocker we use to block by country name or a CIDR set of addresses that have attacked the router

WE also set these up in other places bonding more then one ISP or Failover and decrease latency
our laTENCY in this particlar build averages 30ms and in pfsense 0.72ms
Memeory use is about 10% the Swap file is 0 and CPU fluctuates from 0 to 6% on a normal day.. We have seen it as high as 20%

The last Pfsense box we setup was for a Comcast business connection that was subscribed to as 12down x 2up with it bonded to a AT&T DSL at 3 x 512Kb... End results were 56Mb down by 5Mb upload... Dont ask for that secret

KEEP IN MIND besides giving this info most of the info for the build of YOUR pfSense box is on the pfSense Website.
They deserve 99.9999% of the credit without CARP I wouldn't be writing about this...
Please donate to there website.. This isnt cheap to support BUT man you'll save on nightmares at night knowing your up and running..

Thanks

Public static IP not working after u-verse AT&T U-Verse Static IP get information about a Static IP? - AT&T

Yes the world is going insane.. While we're using our new firewall to make things better for us.
AT&T has New Email setting's

Here's a link to the NEW setup
http://www.att.com/esupport/article.jsp?sid=KB401570&cv=804&title=Email+server+settings+%28POP+and+SMTP%29#fbid=iYtxCNWv8nh

Basically if your email is working now but a little spotty
you should change the POP and SMTP settings from
smtp.att.yahoo.com to outbound.att.net
and
pop.att.yahoo.com to inbound.att.net
You may or may not have to make additional changes
The Link above includes links to program settings that include Thunderbird or Outlook and more..

We hope this helped with getting your email working again.

Enjoy

We instated a couple of firewalls a few weeks ago..
These cover the Servers which take care of all the email and websites
within the firewall(s) we have a option to block certain countries and cities
for instance the Baidu spider from Beiging China or the
top known spammers and spam bots.
Keep in mind no firewall is perfect but these seem to do the trick

Firewall Stats of blocked bad guys for the servers for the past couple weeks
Our users have been real happy not having to deal with Spam and We've been extremely happy not having to deal with
Baidu and Asia Bot's.

These numbers are based on just 2 of our servers
Server 2
Asia                                      23091
Europe                         9657
South America                      17

Server 1
Top Spammers                      625
Africa                               650
Asia                                    20688
Europe                               17987
South America                 3632  Mostly Brazil
Baidu                                  148    See Asia as well
dotnetdotcomorg              150
Wordlightcom                  320
limestonenetworkscom      12
amazoncom                        170


We run an extensive cloud (internet) servers and as of this date the email servers are at a all time low for spam and have only seen 12 virus hit the mail servers which were removed.

You might notice that Amazon is on that list.. Please keep in mind we are not blocking Amazon email or the website only an exploit that was detected coming out of Germany through Amazon.
We dont block all of Germany and we certainly don't block all of Europe
But the numbers your seeing above is just how bad these spammers want to exploit yours and our information..

The United States of America is nothing to laugh at either.
We still see a good amount of spam from here as well as viruses and some of that might be coming from companies that are from outside the united states using servers here.
The United states is a large resource for spam. Maybe one of the largest.

At this time I want to thank the providers of our firewall and custom settings
from PFSense.org and the Very user friendly addon from Countryblock and IPblocklist
If you have a spare computer and a Gig or more of memory with a Dual core CPU and two or more network cards you could have the same firewall capability within your home or office making a Safe point for all your computers

most of the info for building a pfSense can be gotten here
http://www.pfsense.org

One other thing since using pfSense we noticed that allot of wasted bandwidth and Latency have seemed to be gone.
our connections are not working as hard and we're able to get our communications out in half the time.

Please We're not a corporation or a large company we do this as a help to others who may have a small office or a home that may need help from time to time.. This is a Educational website along with dslnuts.com, Cablenut.com and broadbandnuts.com

Our one and only advertisement on the website helps us to keep all of this going. Clicking on the advert and checking them out not only helps us but helps them as well.

If you like something you see on Cyberonic Pick up the phone and give them a call.. You might be surprised when someone actually picks up the phone.

Thanks

   If your here reading this post you have internet connectivity of some kind. Whether it be dialup, ISDN, T-1, or some other form of broadband, you have probably experienced the wait for a download. Nowadays if you have cable internet, or you live close enough to the telephone company C.O. you can probably subscribe to a higher tier for speeds that will drastically reduce your wait times. If though you are in an area not served by cable or close enough to get the better DSL tiers, you are probably living with patience that users of the higher speed tiers have long forgotten.

   There's satellite internet solutions that can make dialup seem fast at times. And with the higher cost, much higher latency, and much lower usage caps, satellite is last resort. Cellular solutions exist but for the most part have low usage caps and higher cost as well. In some cases you can still subscribe to DSL but have limited speeds due to the distance from the C.O. or the fact that you are fed from a remote DSLAM. My office is a good example of the remote DSLAM connection.

   Our DSLAM is fed via 8 T-1 circuits from the Century Link central office in the town nearest our location. The areas covered by these remote DSLAMs are limited in available speed to 1.5mbps down and 896kbps up. Did I mention patience? For many years back to the day Qwest, the original phone service provider, turned up our area for DSL we have hoped for faster service.

   Not to long ago though I learned of a technology that is used to bond DSL circuits in much the same way the T-1 circuits to our DSLAM 1 mile away are bonded, known as MLPPP or Multi Link Point-to-Point Protocol. Whats needed is an ISP that can and is willing to provide the service using this method and a device on the client end that also works to provide it.

        What this gets you is the speed of all the links combined. So 4X 1.5 connections would get me a single 6mbps connection. And the 896kbps upload I have X4 would get me about 3.5mbps upload. Yes its means 4 dsl circuits but it might be the only way to get the speed you want without moving. In my case I only bond two for a 3mbps by about 1.5mbps connection.

   TekSavvy in Canada was the only ISP that I knew of at the time that provided it. There were others that I only learned about later. But in the U.S. the service was widely unheard of.

   Also- I learned that the particular router I was already using (pfSense) was capable of bonding DSL circuits via MLPPP. In fact there are users that have 6 lines bonded on their units. Other devices include Microtik routers, Tomato MLPPP version firmware, and others that I will update this post with as I run into them. Of coarse this means your modems are in bridge mode and the router does the login, but Ive found this to be better anyways. And I was able to get my local ISP to support it. That was key.
   
   Of course you need at least two DSL lines and more if you desire, to bond lines. Century Link is beginning to offer MLPPP in their legacy (non Qwest) areas on VDSL connections, but does not offer it anywhere else. However if you use one of the many ISP's that offer DSL service using Century Link connections, the possibility is there. This probably includes other phone companies such as Verizon and AT&T also but I have no knowledge either way.

   Another trend that is popping up is for companies to offer bonding service over multiple connection types. So whether you have a combination of services I.E. cable, dsl, wireless, ect. you can have those bonded just the same. This type of bonding sends your connections through your normal ISP's to a secondary ISP that provides the service. Accomplished by a VPN that is split apart and reassembled on the other end this type of connection has redundant property that standard MLPPP does not, as your different routes are more likely to not suffer the same types of outages at the same time.

   The nice thing about these types of circuits is just that though... They are redundant. If one circuit drops out for trouble issues, the other(s) stay active and keep your circuit live although without the added speed of the dead circuit.

   As I find them I will update my reply to this post with ISP's that offer MLPPP and multi connection bonding and cost if I can get it. If you know of any ISP's to add please do so. I believe the more ISP's that learn about this new possible revenue source, the more that will support it.

I was in the middle of a complicated order online for my business the middle of last year when suddenly my connection to the site I was on went dark. Turns out that a truck had turned to sharp and pulled 1800 feet of pole mounted fiber with it before stopping. Needless to say they weren't going to fix that real quick.

Before I knew what was going on I began to make a serious of ping tests to see how limited my new network was. I could reach several sites that I know exist on the NOANET network whom my ISP gets their connections from, but not any further. Luckily I could still reach my office over the VPN as the ISP that I use there also uses NOANET.

What really surprised me that day was how many were affected by this fiber string 6 miles away from my home. 911 phone systems at centers across the sound along the I5 corridor  had gone quiet. And three states worth of customers of my large cable ISP were without...

But also surprising was the fact that the VOIP phones at the office which I could reach were still live. If they had any down time at all I never saw it... Remoting into the desktop at my station there I was able to reach the rest of the world.  Very weird, I remember thinking... They must have a redundant route...  I later found out they did. By some quick changes to my firewall I was routing over the VPN and through my office gateway to and out to the internet. It was slow, but I got the order finished on time to get it shipped that day.

Another half hour of the outage I could of had email coming in also. But the fiber had been restrung before I got that far and I wasn't to worried.

What I later learned is that my office ISP, a small local hole in the wall establishment had not only an OC3 into NOANET's fiber (Actually NOANET manages PUD fiber in the state) but that they had redundant routes into the Qwest network. And while this event overloaded that redundant line, they still had connectivity to the rest of the world when my large multistate cable ISP fell down. To their credit the cable company sent fiber techs and bucket trucks to assist in the rebuild of that line... and they made sure that fact was mailed to all their commercial customers via a postcard about the event... But have we become that complacent? To run mission critical connections over single vulnerable routes?  Then when they fail, we pat ourselves on the back for being Johnny on the spot?  Its really the 911 services that went down that I worry about more than anything.