Re: [AFMUG] DHCP option 82 + Canopy + Powercode

Jon Bruce Fri, 19 Aug 2016 07:08:48 -0700

We're using PC with DHCP for management of SMs and for public IPs. Eachis on it's own VLAN and IPs are given out by PC based on MAC address.

PC can do RADIUS and has it (sort of half, almost, kinda) built in but Ihaven't made it work (yet). Calling support will only leave you curledup in a ball, crying.

Under Network -> Servers, there is RADIUS and Canopy RADIUS. I askedonce what the difference was, what they were meant to do differently andwhy there are two and was met with documentation removed from their siteand several support calls and emails ignored.


I hope that helped a little.

If anyone can share information on RADIUS and PC, I would love it.

On 8/19/2016 1:19 AM, George Skorup wrote:

The only thing is full relay vs insertion only. Full relay probablywouldn't work in this scenario. Because you can't define the L3 relayIP per VLAN. The AP is going to relay all DHCP requests to thespecified address. I still say the way to go is static management IPon the SMs.

Wait... am I being stupid again? Is option 82 inserted for the SMitself or not? Been a while since I messed with it. If it does, thatwould be a good feature request for Cambium. Let us turn that off forthe SM itself.


On 8/19/2016 12:03 AM, Sean Heskett wrote:

Good call on the VLANs George!  I think that might be the ticket.

That gives me something to try in our lab :)

-Sean

On Thursday, August 18, 2016, George Skorup <geo...@cbcast.com<mailto:geo...@cbcast.com>> wrote:


    Does PC do the zero-touch config? Why can't a new SM come up and
    get the option 66 info for the config URL, then download its
    config which contains a static management IP?

    Or, what about separating things in VLANs? Put your SM management
    on a dedicated VLAN with its own DHCP server instance and the
    various options you need? Customer/user/data VLAN would be
    another DHCP server where you'd act upon the Agent-Remote-ID
    option 82 info.

    On 8/18/2016 11:25 PM, Sean Heskett wrote:

    right now everything is static (mgmt and public ip) we try to
    deploy SMs with NAT enabled but that's not possible half the
    time for one reason or another.

    Once we move to powercode I want to use their zero touch config
    (dhcp option 66) to config the SM and then option 82 if the SM
    is bridged to give an ip to their router or our managed
    calix router.  I'd prefer to not have to keep track of router
    MACs especially if the router is the customer's and not our calix.

    Powercode doesn't use RADIUS so I'd probably have to set that up
    on the side or something.

    Like I said I want to make this as automagic as possible and I'm
    wondering if anyone has already gone thru this so I don't have
    to reinvent the wheel.

    Powercode didn't have any ideas of how to accomplish this so
    maybe I'm blazing a trail on the cutting edge :-/

    -Sean

    On Thursday, August 18, 2016, George Skorup <geo...@cbcast.com
    <javascript:_e(%7B%7D,'cvml','geo...@cbcast.com');>> wrote:

        I assume you're doing bridge mode? Use RADIUS to assign the
        SM's management IP. Then DHCP + Op 82 is used for the
        customer equipment.

        We just do static management IP on the SMs. Playing with NAT
        + DMZ on the customer side. Traceroute and other ICMP
        responses don't work through NAT mode, even with DMZ. And
        L2TP tunnels. I forget what else I tested on my SM at home.
        So far I'm not too thrilled with it.

        On 8/18/2016 10:08 PM, Sean Heskett wrote:

        Hummmm that's the conclusion we were coming to also.

        I'm trying to find a way to make it all automagic but that
        seems not possible :-/

        -Sean


        On Thursday, August 18, 2016, Joe Novak <jno...@lrcomm.com>
        wrote:

            From how I understand it that is not possible unless
            you plan on managing via the public IP.

            Option 82, in its simplest form, just allows accounting
            via the SU mac address, along with what 'circuit' (AP)
            it came from. I think in your situation if you want to
            use powercode to hand out public addresses you will
            need a static management network for CPEs.



            On Thu, Aug 18, 2016 at 9:05 PM, Sean Heskett
            <af...@zirkel.us> wrote:

                Thx joe,

                So if it sends the same 0a:00:3e MAC for the
                bridged device, how do you get the dhcp server to
                send the management IP to the SM since that would
                be the same MAC??

                -Sean

                On Thursday, August 18, 2016, Joe Novak
                <jno...@lrcomm.com> wrote:

                    Sean,

                    No problem!

                    Cambium 450/EPMP behave the same way I am
                    pretty sure without looking at my notes. This
                    post describes it perfectly and also has a raw
                    dump of the dhcp request:
                    
http://community.cambiumnetworks.com/t5/PMP-450/DHCP-Opt-82/td-p/39636
                    
<http://community.cambiumnetworks.com/t5/PMP-450/DHCP-Opt-82/td-p/39636>

                    OPTION: 82 ( 29) Relay Agent Information
                    Circuit-ID 0a:00:3e:XX:XX:XX    #AP MAC
                    Remote-ID 0a:00:3e:YY:YY:YY    #SU Wireless MAC

                    That means that even if the client is in bridge
                    mode the only mac address you need to track is
                    the subscriber unit. I do not know any
                    powercode specific stuff but I am looking at
                    implementing with DHCP ISC.


                    On Thu, Aug 18, 2016 at 8:36 PM, Sean Heskett
                    <af...@zirkel.us> wrote:

                        Hey joe,

                        Yeah we are mocking it up in our lab right
                        now. Mainly need to know what MAC gets sent
                        for all the different interfaces -
                        management, NAT enabled, bridged etc.

                        Powercode will only let you add one IP and
                        MAC per device.  Since we are in the
                        process of importing all our data for the
                        migration to PC I'd like to set it all up
                        now to be ready for option 82 in the future ;)

                        Joe, do you mind if our network engineer
                        Elijah contacts you off list??

                        Thanks,

                        Sean

                        On Thursday, August 18, 2016, Joe Novak
                        <jno...@lrcomm.com> wrote:

                            I plan on implementing it with cambium
                            both 450/epmp. Any specific questions?
                            I learned a lot by taking a setting up
                            a dhcp server with whatever verbose
                            logging turned on and watching the
                            requests.


                            On Aug 18, 2016 8:13 PM, "Josh Luthman"
                            <j...@imaginenetworksllc.com> wrote:

                                I'm almost certain someone does...
                                But I'm not 100%

                                Josh Luthman
                                Office: 937-552-2340 <tel:937-552-2340>
                                Direct: 937-552-2343 <tel:937-552-2343>
                                1100 Wayne St
                                Suite 1337
                                Troy, OH 45373


                                On Aug 18, 2016 8:51 PM, "Sean
                                Heskett" <af...@zirkel.us> wrote:

                                    Powercode said they had never
                                    done it and didn't know anyone
                                    who had. (I was kinda surprised
                                    at that response)

                                    Figured I'd check to see if
                                    y'all had used it.

                                    -Sean


                                    On Thursday, August 18, 2016,
                                    Josh Luthman
                                    <j...@imaginenetworksllc.com>
                                    wrote:

                                        Have you contacted
                                        Powercode about this or
                                        no?  I figure they'd know,
                                        their wisp is Canopy.

                                        Josh Luthman
                                        Office: 937-552-2340
                                        <tel:937-552-2340>
                                        Direct: 937-552-2343
                                        <tel:937-552-2343>
                                        1100 Wayne St
                                        Suite 1337
                                        Troy, OH 45373


                                        On Aug 18, 2016 8:35 PM,
                                        "Sean Heskett"
                                        <af...@zirkel.us> wrote:

                                            We are in the process
                                            of migrating to
                                            powercode...it's not an
                                            easy task but I think
                                            it will be well worth
                                            it.  Lots of details to
                                            figure out lol.

                                            -Sean

                                            On Thursday, August 18,
                                            2016, Tushar Patel
                                            <tpa...@ecpi.com> wrote:

                                                You moved to
                                                powercode!!!

                                                Tushar


                                                > On Aug 18, 2016,
                                                at 6:16 PM, Sean
                                                Heskett
                                                <af...@zirkel.us>
                                                wrote:
                                                >
                                                > Hey gang,
                                                >
                                                > Any experts out
                                                there have
                                                experience with
                                                DHCP option 82 +
                                                Canopy +
                                                Powercode?  If so
                                                can I pick your
                                                brain???
                                                >
                                                > Thanks,
                                                >
                                                > Sean
                                                >
                                                >

Re: [AFMUG] DHCP option 82 + Canopy + Powercode

Reply via email to