We run PPPoE and use PPPoE only filters and filter out Bootp server in all
CPE gear. To detect rogue clients spewing DHCP around, we uplink a Mikrotik
router to an untagged DHCP port in our switch and run the DHCP-Server Alert
feature. This way we get an alert when someone plugs their router in
backwards. Helps us be more proactive.
On Wed, Mar 11, 2015 at 9:57 AM, Glen Waldrop <gwl...@cngwireless.net>
wrote:
> We NAT as well.
>
> Static customers are WDS bridged.
>
>
>
>
> ----- Original Message ----- From: "Bill Prince" <part15...@gmail.com>
> To: <af@afmug.com>
> Sent: Wednesday, March 11, 2015 9:36 AM
> Subject: Re: [AFMUG] DHCP backfeed
>
>
>
>> (1) We NAT most of our SMs (> 96%)
>> (2) Block DHCP server in the SM
>>
>> bp
>> <part15sbs{at}gmail{dot}com>
>>
>> On 3/11/2015 7:05 AM, Brett A Mansfield wrote:
>>
>>> I’m curious what everyone does to prevent a customer from pulling more
>>> than one IP address without using PPPoE, and how do you prevent their
>>> router from backfeeding it’s DCHP server onto your network if they plug in
>>> the cable to a LAN port instead of the WAN port?
>>>
>>> Thank you,
>>> Brett A Mansfield
>>> Silver Lake Internet
>>>
>>
>>
>>
>
