Back

Breaking Free from the Openreach Monopoly

Breaking Free from the Openreach Monopoly

Introduction

For seven years, I was a loyal BT customer. The service was reliable, and I rarely had any issues, even when streaming, gaming, or working from home. So why switch to Vodafone over CityFibre? One reason: symmetrical broadband speeds. If you've ever dealt with sluggish uploads, the idea of matching download and upload speeds is a big deal.

In this post, I'll share what moving from BT to Vodafone over CityFibre looked like, the downstream equipment compatibility you'll need to think about, and what to expect if you're considering a move off the Openreach network.

The switch: smooth and painless

Cancelling BT was surprisingly hassle-free. Once I signed up with Vodafone, they handled notifying BT about the switch. My final BT bill included an early repayment charge, but Vodafone credited that amount back to my account, which took the sting out of leaving.

Installation and setup

Transitioning to Vodafone - CityFibre required the installation of a new fibre line, as CityFibre operates independently from Openreach's infrastructure. A CityFibre technician visited my home to install their own Optical Network Terminal (ONT), running a separate fibre cable alongside the existing Openreach setup. This means I now have both ONTs installed, allowing flexibility should I choose to switch back to BT in the future.

CityFibre's independent infrastructure is part of a growing trend among alternative network providers (AltNets) aiming to offer consumers more choices beyond the traditional Openreach network. BTT Comms

Configuring Sophos XG210 for CityFibre

Switching from BT to CityFibre wasn't just about plugging in a new ONT; it also required adjustments to my Sophos XG210 firewall running SFOS (Sophos Firewall OS). Here's what changed:

1. WAN Interface Settings

With BT, the WAN interface used specific settings tied to the Openreach network. CityFibre, being an entirely separate network, required different configuration parameters.

  • BT Configuration:
    • Connection Type: PPPoE
    • Username/Password: Provided by BT.
    • VLAN Tagging: No VLAN for residential FTTC/FTTP connections.
    • MTU: 1500 (Default)

DSL and MTU settings bt

  • CityFibre Configuration:
    • Connection Type: PPPoE
    • Username/Password: Provided by Vodafone.
    • VLAN Tagging: VLAN 911.
    • MTU: 1492

DSL and MTU settings cf

2. IP Addressing

With BT, the WAN interface used dynamic IP addressing, and my Sophos XG210 handled updating the Dynamic DNS (DDNS) with Cloudflare. This is built straight into Sophos Firewall OS (SFOS), so services dependent on DDNS (like remote access or hosting) kept working without manual intervention.

CityFibre's Setup CityFibre also uses dynamic IP addressing by default, so the same DDNS setup continued to work without any changes. My existing Cloudflare DDNS configuration on the XG210 didn't need touching during the transition.

What to Consider: If your setup relies heavily on a static IP (e.g., for hosting or certain VPN configurations), you'll need to request this as an additional service from Vodafone, as they offer static IPs as an optional add-on. For most users on DDNS, the dynamic setup works just fine.

What I Did:

  • Added a new WAN interface with the configuration outlined above
  • Plugged in the new ONT directly to see if the service would come up

3. Firewall Rules and Policies

Existing firewall rules and NAT policies didn't require significant changes, as the internal network structure remained the same. However, you might need to:

  • Adjust any rules tied to a specific WAN IP address (e.g., port forwarding or DMZ rules).
  • Verify that DNS settings point to Vodafone's or a custom DNS provider.

4. Performance Tuning

CityFibre's symmetrical speeds unlocked potential I hadn't tapped into with BT. After the switch, I ran throughput tests and noticed my previous QoS settings were unnecessary, as upload speeds no longer lagged behind downloads.

Recommendation: If you're using Sophos's traffic shaping policies to prioritise certain traffic types, revisit these after switching to a symmetric connection.

5. Monitoring the Connection

Sophos's built-in Diagnostics > Packet Capture and WAN link monitoring tools helped me confirm the new connection was stable and performing as expected. I also updated the connection monitoring settings to ping Vodafone's DNS instead of BT's.

Back to top