I used to do this until something happened at my ISP and my router can no longer authenticate against my ISP's PPPoE server. Now I have my modem providing NAT and DHCP, and my router is just a dumb access point. The only problem is my modem has an externally accessible administration page running on port 4567, and telnet on port 1111 that I can't turn off, even when all remote management configuration options are turned off. I've had to set up a cronscript to attempt to telnet into the thing continuously, and if successful it will kill the httpd server and telnet daemon.
It's absolutely ridiculous how insecure home network equipment is.
UPnP is the one that gives me concern. User programs can punch holes in your firewall without you knowing about it. Now you have a port open on your firewall... pointed at someone's computer without your knowledge. UPnP goes off - if you want that port open, let's talk about it, little software thingy.
Yeah, I'm running in bridged mode, it works great. I used to run it like your current setup, but now I can finally run the Tomato router as my main one, and QoS is just too amazing to pass up on...
