On 10/21/2016 9:52 PM, Tim Way wrote:
2k12r2 ha DHCP service, Linux clustering or simple dual scopes!
That still requires connectivity from the device to the DHCP server. Static management addresses let you associate a piece of hardware, a physical thing, with that 32-bit name and not worry about it.
On Oct 21, 2016 6:16 PM, "Adair Winter" <[email protected] <mailto:[email protected]>> wrote:What happens when DHCP quits and you can't manage anything? Powercode assigns the next available management IP for whatever tower/range and we statically assign to the CPE On Fri, Oct 21, 2016 at 6:13 PM, Ian Fraser <[email protected] <mailto:[email protected]>> wrote: Not sure how static would be safer than DHCP for CPE mgmt? Ian -------- Original message -------- From: Fred Goldstein <[email protected] <mailto:[email protected]>> Date:10-21-2016 6:31 PM (GMT-05:00) To: [email protected] <mailto:[email protected]> Cc: Subject: Re: [WISPA] Network/infrastructure design for WISP's On 10/21/2016 5:55 PM, Ian Fraser wrote: > > > PPPOE for Res traffic. VLAN's for Biz. Public IP's are statically > assigned. DHCP for CPE's MgMt IP assignment. PPPOE session and CPE's > connection to the AP authenticated by Radius. Radius Accounting is > used for traffic billing and session info. > Wouldn't it be safer to use static IPs for CPE management? I'd do that, private IPs of course on a management VLAN not visible to customers. > Per site: 2 VLANs for MgMt (1 for Tower/AP/UPS etc and 1 for CPEs) and > 1 VLAN per AP for PPPOE or a dedicated VLAN per Biz. AP's are bridged > for CPE's PPPOE to NAS. uPnP enabled CPEs. Cust Routers are not > allowed to initiate PPPOE. PPPOE NAS's are mostly colocated tower > sites so that backhauls can see QOS markers on traffic and not just a > Tunnel. > > BGP Advertises IP range per Fibre POP and feeds 0.0.0.0/0 <http://0.0.0.0/0> into OSPF > for redistributing routes inside the AS. Infrastructure MgMt is on > RFC1918 and customers are Public IPs. Firewall rules on > NAS/Router/CPE prevent Customer IP's from reaching MgMt IP's. > Nice if you have enough public IPs for customers. I'm not sure BGP and PPPOE are necessarily the easiest protocols for this purpose, but definitely do use the VLANs and keep the routing out of the radios. > Mikrotik for all routing. Netonix for most switching. Mikrotik for > most PtMP (probably uncommon) but LTE is Telrad in areas where it is > deployed, which skews the above architecture a bit :( LTE is not for > newbies though.... mind you maybe Mikrotik isn't either lol... but in > 13 years I've never been floored by a virus "infecting" my gear ;-) > You can't do 5 GHz with MikroTik in the US; they don't have valid FCC approval any more. Not that they admit it, but the US isn't a big market for them. The wireless design itself has to be based on the local terrain, clutter (trees, etc.), subscriber density, and other conditions. You do want a nice SNMP monitoring system that allows you to pull whatever parameters you want out of the MIB, not one that charges per line item (like PRTG) or that only pulls a few selected details. I do enjoy the detail I can get out of InterMapper, for instance. Where are you (or your planned network) located, Jordan? > Cheers, > > Ian > > >> On 10/21/2016 3:07 PM, Jordan de Geus wrote: >>> Hey guys, >>> >>> I'm very new to the WISP industry and I've been curious to know how >>> people are designing their WISP networks. >>> >>> Are you creating VLAN's for each connection point? So your backhauls >>> are all in one VLAN, while all AP to client connections are in >>> another VLAN? >>> >>> I had been thinking about how the above VLAN based design would be, >>> in terms of security, and I realized that if all CPE's were in one >>> VLAN together, wouldn't they be able to cross communicate? So an AP >>> with 30 clients operating in VLANX, would essentially be able to >>> communicate to each other, bring security as a major issue. I was >>> thinking that you'd be able to do VLAN's for each customer, but >>> doing a PTMP setup for residential purposes, I feel like the system >>> would be quite bogged down with that amount of vlans? >>> >>> How are you authenticating and issuing IP's to clients? Are you >>> doing PPPOE or DHCP? Is everything just in routed tables? >>> >>> What sort of hardware are you using for your network design and >>> management? >>> >>> Kind Regards, >>> Jordan >>>-- Fred R. Goldstein k1io fred "at" interisle.net<http://interisle.net> Interisle Consulting Group +1 617 795 2701 <tel:%2B1%20617%20795%202701> _______________________________________________ Wireless mailing list [email protected] <mailto:[email protected]> http://lists.wispa.org/mailman/listinfo/wireless <http://lists.wispa.org/mailman/listinfo/wireless> _______________________________________________ Wireless mailing list [email protected] <mailto:[email protected]> http://lists.wispa.org/mailman/listinfo/wireless <http://lists.wispa.org/mailman/listinfo/wireless>--Adair Winter VP, Network Operations / Co-Owner Amarillo Wireless | 806.316.5071 <tel:806.316.5071> C: 806.231.7180 <tel:806.231.7180> http://www.amarillowireless.net <http://www.amarillowireless.net/> <http://www.amarillowireless.net> _______________________________________________ Wireless mailing list [email protected] <mailto:[email protected]> http://lists.wispa.org/mailman/listinfo/wireless <http://lists.wispa.org/mailman/listinfo/wireless> _______________________________________________ Wireless mailing list [email protected] http://lists.wispa.org/mailman/listinfo/wireless
-- Fred R. Goldstein k1io fred "at" interisle.net Interisle Consulting Group +1 617 795 2701
<<attachment: fred.vcf>>
_______________________________________________ Wireless mailing list [email protected] http://lists.wispa.org/mailman/listinfo/wireless
