So, there is some merit to the design of an ISP network using L2TP Tunnels and PPPoE. It has some nice appeal in ability to hide underlying infrastructure, have a common way of managing customers etc.
But ... But .. But... when it comes to Wireless there is a Big Kibosh !...... (to the best of my knowledge, the Radios we all use are not able to respect traffic priority / dscp tags for any and all traffic flowing inside the PPPoE encapsulation). Thus in today's networks this is starting to be a No Go.... (even the DSL world which embraced the PPPoE, is not using this in their next gen upgrades... they are using MAC address & TR609 based provisioning ) My 2 cents... Regards. Faisal Imtiaz Snappy Internet & Telecom 7266 SW 48 Street Miami, FL 33155 Tel: 305 663 5518 x 232 Help-desk: (305)663-5518 Option 2 or Email: [email protected] > From: "Tim" <[email protected]> > To: "Ian Fraser" <[email protected]>, "WISPA General List" > <[email protected]> > Sent: Sunday, October 23, 2016 4:16:18 PM > Subject: Re: [WISPA] Network/infrastructure design for WISP's > We deployed for the last 10 years using fixed IP schemas per tower > Allocating IP addresses from a fixed pool (not dhcp) > Firewall rules locking out unassigned IP addresses > Plus we do 99% managed routers > However we are reevaluating PPOE with redundant radius servers that have > geographic separation. With an addition of Mac address authentication > From: Ian Fraser [mailto:[email protected]] > Sent: Saturday, October 22, 2016 5:32 PM > To: Tim <[email protected]>; WISPA General List > <[email protected]> > Subject: Re: [WISPA] Network/infrastructure design for WISP's > OK. What's your alternative? > Ian > -------- Original message -------- > From: Tim < [email protected] > > Date:10-21-2016 10:21 PM (GMT-05:00) > To: WISPA General List < [email protected] > > Cc: > Subject: Re: [WISPA] Network/infrastructure design for WISP's > Not a fan of ppoe. > Sent from my Verizon Wireless 4G LTE DROID > Tim Way < [email protected] > wrote: > 2k12r2 ha DHCP service, Linux clustering or simple dual scopes! > On Oct 21, 2016 6:16 PM, "Adair Winter" < [email protected] > wrote: >> What happens when DHCP quits and you can't manage anything? >> Powercode assigns the next available management IP for whatever tower/range >> and >> we statically assign to the CPE >> On Fri, Oct 21, 2016 at 6:13 PM, Ian Fraser < [email protected] > wrote: >>> Not sure how static would be safer than DHCP for CPE mgmt? >>> Ian >>> -------- Original message -------- >>> From: Fred Goldstein < [email protected] > >>> Date:10-21-2016 6:31 PM (GMT-05:00) >>> To: [email protected] >>> Cc: >>> Subject: Re: [WISPA] Network/infrastructure design for WISP's >>> On 10/21/2016 5:55 PM, Ian Fraser wrote: >>> > PPPOE for Res traffic. VLAN's for Biz. Public IP's are statically >>> > assigned. DHCP for CPE's MgMt IP assignment. PPPOE session and CPE's >>> > connection to the AP authenticated by Radius. Radius Accounting is >>> > used for traffic billing and session info. >>> Wouldn't it be safer to use static IPs for CPE management? I'd do that, >>> private IPs of course on a management VLAN not visible to customers. >>> > Per site: 2 VLANs for MgMt (1 for Tower/AP/UPS etc and 1 for CPEs) and >>> > 1 VLAN per AP for PPPOE or a dedicated VLAN per Biz. AP's are bridged >>> > for CPE's PPPOE to NAS. uPnP enabled CPEs. Cust Routers are not >>> > allowed to initiate PPPOE. PPPOE NAS's are mostly colocated tower >>> > sites so that backhauls can see QOS markers on traffic and not just a >>> > Tunnel. >>> > BGP Advertises IP range per Fibre POP and feeds 0.0.0.0/0 into OSPF >>> > for redistributing routes inside the AS. Infrastructure MgMt is on >>> > RFC1918 and customers are Public IPs. Firewall rules on >>> > NAS/Router/CPE prevent Customer IP's from reaching MgMt IP's. >>> Nice if you have enough public IPs for customers. I'm not sure BGP and >>> PPPOE are necessarily the easiest protocols for this purpose, but >>> definitely do use the VLANs and keep the routing out of the radios. >>> > Mikrotik for all routing. Netonix for most switching. Mikrotik for >>> > most PtMP (probably uncommon) but LTE is Telrad in areas where it is >>> > deployed, which skews the above architecture a bit :( LTE is not for >>> > newbies though.... mind you maybe Mikrotik isn't either lol... but in >>> > 13 years I've never been floored by a virus "infecting" my gear ;-) >>> You can't do 5 GHz with MikroTik in the US; they don't have valid FCC >>> approval any more. Not that they admit it, but the US isn't a big market >>> for them. The wireless design itself has to be based on the local >>> terrain, clutter (trees, etc.), subscriber density, and other conditions. >>> You do want a nice SNMP monitoring system that allows you to pull >>> whatever parameters you want out of the MIB, not one that charges per >>> line item (like PRTG) or that only pulls a few selected details. I do >>> enjoy the detail I can get out of InterMapper, for instance. Where are >>> you (or your planned network) located, Jordan? >>> > Cheers, >>> > Ian >>> >> On 10/21/2016 3:07 PM, Jordan de Geus wrote: >>> >>> Hey guys, >>> >>> I'm very new to the WISP industry and I've been curious to know how >>> >>> people are designing their WISP networks. >>> >>> Are you creating VLAN's for each connection point? So your backhauls >>> >>> are all in one VLAN, while all AP to client connections are in >>> >>> another VLAN? >>> >>> I had been thinking about how the above VLAN based design would be, >>> >>> in terms of security, and I realized that if all CPE's were in one >>> >>> VLAN together, wouldn't they be able to cross communicate? So an AP >>> >>> with 30 clients operating in VLANX, would essentially be able to >>> >>> communicate to each other, bring security as a major issue. I was >>> >>> thinking that you'd be able to do VLAN's for each customer, but >>> >>> doing a PTMP setup for residential purposes, I feel like the system >>> >>> would be quite bogged down with that amount of vlans? >>> >>> How are you authenticating and issuing IP's to clients? Are you >>> >>> doing PPPOE or DHCP? Is everything just in routed tables? >>> >>> What sort of hardware are you using for your network design and >>> >>> management? >>> >>> Kind Regards, >>> >>> Jordan >>> -- >>> Fred R. Goldstein k1io fred "at" interisle.net >>> Interisle Consulting Group >>> +1 617 795 2701 >>> _______________________________________________ >>> Wireless mailing list >>> [email protected] >>> http://lists.wispa.org/mailman/listinfo/wireless >>> _______________________________________________ >>> Wireless mailing list >>> [email protected] >>> http://lists.wispa.org/mailman/listinfo/wireless >> -- >> Adair Winter >> VP, Network Operations / Co-Owner >> Amarillo Wireless | 806.316.5071 >> C: 806.231.7180 >> http://www.amarillowireless.net >> _______________________________________________ >> Wireless mailing list >> [email protected] >> http://lists.wispa.org/mailman/listinfo/wireless > This email has been checked for viruses by Avast antivirus software. > www.avast.com > _______________________________________________ > Wireless mailing list > [email protected] > http://lists.wispa.org/mailman/listinfo/wireless
_______________________________________________ Wireless mailing list [email protected] http://lists.wispa.org/mailman/listinfo/wireless
