Excelent... I have a few customers who use multiple IPs, it would be fantastic if they could be routed over PPPoE.
Thanks, Roger ----- Original Message ----- From: "John Hokenson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, November 10, 2003 12:57 PM Subject: Re: [smartBridges] sB Network Issue > You can route subnets over PPPoE if you want. > > JH > ----- Original Message ----- > From: "Roger Howard" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, November 10, 2003 10:39 AM > Subject: Re: [smartBridges] sB Network Issue > > > > This is suddenly looking more attractive. I was going to persue routing > each > > customer and providing a subnet of IP addresses to each one. I think I'll > > experiment with pppoe and see how it works out. > > > > Thanks for the info. > > Roger > > > > ----- Original Message ----- > > From: "Colin Watson" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Monday, November 10, 2003 11:59 AM > > Subject: Re: [smartBridges] sB Network Issue > > > > > > > Because everything is tunneled over the PPP connection. Each client > > connects > > > via a dedicated tunnel to the PPP Server, which performs all the > requests > > on > > > teh clients behalf (for instance answering ARP requests - Proxy ARP's). > > It's > > > better to visualise a PPP session as a link between the customer and the > > PPP > > > Server, as opposed to the current way which is the Customer --> Access > > Point > > > then ---> NOC/Shaping system. To illustrate: > > > > > > > > > Customer PC<=============================>ROUTER (Logical Layout in PPP) > > > Customer PC<----->CPE<---->AP<---->SWITCH<---->ROUTER (Physical Layout) > > > > > > Because *All* client traffic is *forced* down the PPP tunnel (ICMP, et > > al), > > > you have full control over what your customers can and cannot do. For > > > instance, when they reach the PPP Server (Access Concentrator) - All > > Netbios > > > (Windows File & Printer Sharing) can be blocked, all ICMP traffic could > be > > > blocked (if you wanted), All packets can be shaped so the customer can > > only > > > transmit/receive at the alloted bandwidth, you can also block virus > > > prolifiration ports. If you are running a pure Layer 2 Network (I.e. teh > > > only router is at your NOC), then this would be ideal because each > client > > > that connects will go through the PPPoE server at the NOC. Think of it > as > > a > > > transparent proxy server, Basically thats what it is. PPP is NOT IP > > traffic, > > > PPP is an encapsulation protocol (like a bucket which you can fill with > > many > > > things). > > > > > > Just for your info, 99.9% of routers support PPPoE, - Most DSL ISP's use > > > PPPoE or PPPoA for authenticaing and controlling their customers. > Because > > > you have a fixed point which concentrates access, you have a high degree > > of > > > control over your network. Also, you can 'share' a PPPoE connection via > > > Windows ICS - negating the need for cheapskates who don't want to buy a > > > router. > > > > > > Regards > > > > > > Colin > > > > > > > > > > > > > > > ----- Original Message ----- > > > From: "Roger Howard" <[EMAIL PROTECTED]> > > > To: <[EMAIL PROTECTED]> > > > Sent: Monday, November 10, 2003 4:58 PM > > > Subject: Re: [smartBridges] sB Network Issue > > > > > > > > > > How can PPPoE stop a client from sending out ICMP echo requests? If > the > > > > traffic gets dropped at the NOC queue then that customer can still tie > > up > > > > all the air time of the access point and bring the wireless side of > the > > > > network to it's knees. It keeps pinging whether it gets a response or > > not, > > > > whether the packets are dropped somewhere or not. > > > > > > > > I am looking into using PPPoE, I might set this up yet. > > > > > > > > Thanks, > > > > Roger > > > > > > > > ----- Original Message ----- > > > > From: "Colin Watson" <[EMAIL PROTECTED]> > > > > To: <[EMAIL PROTECTED]> > > > > Sent: Monday, November 10, 2003 10:24 AM > > > > Subject: Re: [smartBridges] sB Network Issue > > > > > > > > > > > > > Or, C) Use PPPoE :) > > > > > > > > > > PPPoE overcomes all these problems, it also ensures you remove IP > > > traffic > > > > > from your client <-> AP wireless link (You tunnel everything over > > PPP). > > > > > Basically, if you use PPP you get to control the entire connection, > > from > > > > the > > > > > IP leasing (So the user hasn't gotta configure anything, cept press > > > > > Next->Next->Next), dns servers, and netmask. In addition you get all > > the > > > > > logging functionality (if you auth to a radius server). The other > (and > > > the > > > > > one I imagine you are most interested) is the ability to traffic > > limit. > > > > > Because all traffic *has* to go through the PPP Tunnel, your client > > can > > > > only > > > > > receive teh bandwidth you have designated him/her. So if one of the > > > > buggers > > > > > contracts a nasty strain of MSBLaST, and are paying for a 128/128 > > > > > connection, then they will only be able to spew traffic out at > 128K - > > no > > > > > more, because the rest will get dropped at the NOC's queue. Also, it > > > means > > > > > clients can communicate with each other, even when Interlcient > > > > communication > > > > > is disabled - but only at the bandwidth they are paying for - So no > > one > > > > can > > > > > hog all the air bandwidth - Really is a fantastic System :) > > > > > > > > > > Regards > > > > > > > > > > Colin. > > > > > > > > > > ----- Original Message ----- > > > > > From: "Roger Howard" <[EMAIL PROTECTED]> > > > > > To: <[EMAIL PROTECTED]> > > > > > Sent: Monday, November 10, 2003 5:04 AM > > > > > Subject: [smartBridges] sB Network Issue > > > > > > > > > > > > > > > > One of the problems I seem to be facing frequently these days is > > that > > > a > > > > > > single customer can get a virus and generate tremendous amounts of > > > > > traffic, > > > > > > which brings the whole network to a crawl. Normally bandwidth > > shaping > > > at > > > > > the > > > > > > NOC will limit the amount the customer can transmit, due to the > > > > > Transmission > > > > > > Control Protocol part of TCP/IP. But if it is something like the > > > > > Nachi.worm > > > > > > it is ping packets which do not have transmission control and can > be > > > > > spewed > > > > > > out at tremendous rates that no bandwidth shaper can control. So > > > what's > > > > > the > > > > > > solution to stop these slowdowns and outages caused by these > > viruses? > > > > > > > > > > > > A) Reduce the customer's functionality by insisting they use a > > router > > > or > > > > > > firewall. > > > > > > B) Have bandwidth shaping at the CPE. > > > > > > > > > > > > Personally I prefer B.... but that seems to be expensive, usually. > > > > > > Smartbridges, it might be something you can include in your Nexus > > > > product? > > > > > > > > > > > > Thanks, > > > > > > Roger > > > > > > > > > > > > The PART-15.ORG smartBridges Discussion List > > > > > > To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe > > > > > smartBridges <yournickname> > > > > > > To Remove: mailto:[EMAIL PROTECTED] (in the body type > unsubscribe > > > > > smartBridges) > > > > > > Archives: http://archives.part-15.org > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The PART-15.ORG smartBridges Discussion List > > > > > To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe > > > > smartBridges <yournickname> > > > > > To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe > > > > smartBridges) > > > > > Archives: http://archives.part-15.org > > > > > > > > The PART-15.ORG smartBridges Discussion List > > > > To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe > > > smartBridges <yournickname> > > > > To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe > > > smartBridges) > > > > Archives: http://archives.part-15.org > > > > > > > > > > > > > > > > > > > > The PART-15.ORG smartBridges Discussion List > > > To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe > > smartBridges <yournickname> > > > To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe > > smartBridges) > > > Archives: http://archives.part-15.org > > > > The PART-15.ORG smartBridges Discussion List > > To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe > smartBridges <yournickname> > > To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe > smartBridges) > > Archives: http://archives.part-15.org > > The PART-15.ORG smartBridges Discussion List > To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> > To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) > Archives: http://archives.part-15.org The PART-15.ORG smartBridges Discussion List To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) Archives: http://archives.part-15.org
