[135529] in North American Network Operators' Group
Re: PPPOE vs DHCP
daemon@ATHENA.MIT.EDU (isabel dias)
Wed Jan 26 09:40:20 2011
Date: Wed, 26 Jan 2011 06:39:36 -0800 (PST)
From: isabel dias <isabeldias1@yahoo.com>
To: Paul Stewart <paul@paulstewart.org>,
Miquel van Smoorenburg <mikevs@xs4all.net>
In-Reply-To: <07df01cbbd5e$a53fabe0$efbf03a0$@org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
http://www.cisco.com/en/US/products/hw/routers/ps295/products_configuration=
_example09186a0080093e3b.shtml=0A=0A=0Ahttp://s-tools1.juniper.net/solution=
s/literature/white_papers/200187.pdf=0A=0A=0A3rd party vendors might want t=
o have me onboard :-) otherwise you can come up w/ =0Ayour own piece of kit=
, rfc' it and a few white papers bla and boom, start your =0Aown business l=
ike the others have done in the past ..........=0A=0A=A0=0A=0A=0A=0A_______=
_________________________=0AFrom: Paul Stewart <paul@paulstewart.org>=0ATo:=
Miquel van Smoorenburg <mikevs@xs4all.net>=0ACc: nanog@nanog.org=0ASent: W=
ed, January 26, 2011 1:40:49 PM=0ASubject: RE: PPPOE vs DHCP=0A=0AThank you=
for the response...=0A=0AI should have made this a bit clearer - option 82=
is an option on their=0ADSLAM's today and is supposed to work "not bad".=
=A0 But this customer may also=0Abe looking at other services such as wirel=
ess in the future which does not=0Asupport option 82 - they want a unified =
delivery of their product.=A0 I left=0Aout this detail as you can see ;)=0A=
=0AAlso, the comment " so a customer doesn't have to configure his/her rout=
er=0Ato get online" is also interesting - we WANT our customers to configur=
e=0Atheir routers and understand them to a basic degree... this coming from=
a=0Asecurity perspective where we are seeing a magnitude to customer route=
rs=0Agetting hacked or their wireless left open etc.=0A=0AUsage based billi=
ng is a very hot topic in this area (Ontario, Canada) and=0Awe will confirm=
with the customer today that they do indeed want to track=0Aall GB usage p=
er customer... =0A=0AToday, they have no interest nor can they get IPv6 whi=
ch is a shame....=0Ahaving said that, we want to provide a solution to them=
than can do IPv6 in=0Athe future...=0A=0AThanks,=0A=0APaul=0A=0A=0A-----Or=
iginal Message-----=0AFrom: Miquel van Smoorenburg [mailto:mikevs@xs4all.ne=
t] =0ASent: Wednesday, January 26, 2011 4:16 AM=0ATo: paul@paulstewart.org=
=0ACc: nanog@nanog.org=0ASubject: Re: PPPOE vs DHCP=0A=0AIn article <051001=
cbbcf0$c33e8b20$49bba160$@org> you write:=0A>PPPOE vs DHCP=0A>Allows full a=
uthentication of customers (requires username/password)=0A=0AYou probably w=
ant to authenticate on circuit id, not username/password.=0AATM port/vpi/vc=
i for ATM connections, or PPPoE circuit id tag added=0Aby the DSLAM or FTTH=
access switch when using an ethernet transport layer.=0AIt's just a differ=
ent radius attribute to authenticate on, no magic.=0AWe do that so a custom=
er doesn't have to configure his/her router=0Ato get online.=0A=0A>Easily a=
ssign static IP to customer (no MAC address or CPE information=0A>required)=
=0A=0ADon't need that with DHCP either, if you run a DHCP server that can=
=0Aassign IP addresses based on option82. I run a patched ISC dhcp3 server,=
=0Abut I understand that ISC dhcp4 makes this pretty easy=0A=0A>Assign publ=
ic subnet to customer with ease (no manual routing required)=0A=0ADon't nee=
d manual routing with DHCP either, if you use a real=0Abras such as a junip=
er, since you can have it authenticate off=0Aradius first before doing DHCP=
, and in the radius reply you can=0Areturn a static route.=0A=0A>Usage trac=
king (GB transfer) from radius generated data=0A=0ATrue, at least juniper e=
-series BRASes don't send radius accounting=0Afor atm rfc1483/bridged conne=
ctions for some reason.=0A=0A>DHCP Cons=0A>=0A>---------=0A=0AOne more DHCP=
con is that if you have an ethernet transport network=0Afrom the DSLAM or =
FTTH access switch to your router that lumps together =0Amultiple customers=
in one VLAN, something along the way is probably=0Adoing DHCP sniffing to =
set up routing. And you can be just about sure=0Athat won't work with IPv6.=
VLAN-per-customer will work (and is a=0Areally a great model, for all type=
s of encapsulation)=0A=0AMike.=0A=0A=0A
