Re: [WISPA] DHCP with a twist
You can do all this with DHCP at least with ISC's version of DHCPD. I won't go into all the gory details but you but you can use clases to put different mac's into different groups of IP ranges etc. For example we set all of our CB3's to DHCP and based on their MAC address we throw them into a private IP range. That way our techs can log into them remotely and manage them. Then the customer's router MAC goes into a separate class which gives them a public IP address and then our packet shaper limits their speed based on which plan they purchased. You can also take any MAC address that is not registered in your DHCP server and give them a BOGUS IP and DNS server which forces all traffic to a registration server(walled garden) that allows them put in their username and password. If it authenticates, then it put's their MAC into the known clients and lets them have a real public IP and away they go. Anyhow, I guess what I am saying what you want to do is all possible via DHCP. You don't have to add the additional overhead of PPPoE to make what you want to do happen. -Eric On 11/15/06, Sam Tetherow <[EMAIL PROTECTED]> wrote: There is a way, it is just more expensive than a CB3 ;) One idea I have had is to set up a 'walled garden' for unknown DHCP assignments. In other words if they don't match a static lease they go into a seperate address space which is restricted to an internal web site. From they they can log in with their username and password from email and it will automagically figure out what mac goes with what IP address. The code wouldn't take much in my setup, given their dynamic IP I know what AP they are on. The program then logs into the AP and pulls the DHCP assignment from the lease table. Given the username and password they logged in with I can tell what the IP is suppose to be and I can now update the static lease. This wouldn't be that hard to write since I use MT for my APs. But looking at the setup I ask myself, wouldn't it just make more sense to go PPPoE instead? Less work on my end, it is standard and there is less stuff to break. Sam Tetherow Sandhills Wireless David E. Smith wrote: > Sam Tetherow wrote: > >> Being five days late on this you have probably already solved it, but >> just in case >> > > Not really, no. :) I'm still in the "planning" phase of this next change > in the network. > > >> The CB3 will request a DHCP address with it's MAC address (assuming it >> is set to DHCP). When the PC or router behind the CB3 requests a DHCP >> lease you will see the MAC for that device. The DHCP REQUEST message >> actually contains the MAC address it is requesting an IP for, it is not >> just assumed to be the MAC address that is seen making the request. The >> biggest issue I could think of with this setup is when the customers >> device changes (new router or NIC) they will have to call into the NOC >> and the DHCP assignment will have to be changed. >> > > That's the problem I was hoping to avoid. > > Honestly, I really like (from a technical standpoint) the cable modem > solution to all this. DOCSIS addresses pretty much every question I've > ever had, and then some. Heck, it even includes enforcing your bandwidth > quotas right there in the CPE, which gives me fits of giggles every time > I think about it. And it's dead simple for the customer to set up, > because there basically is no set-up to be done. > > I'm sure there's a way to duplicate the benefits of DOCSIS on a wireless > network, I just haven't figured it out yet :) > > David Smith > MVN.net > -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] DHCP with a twist
There is a way, it is just more expensive than a CB3 ;) One idea I have had is to set up a 'walled garden' for unknown DHCP assignments. In other words if they don't match a static lease they go into a seperate address space which is restricted to an internal web site. From they they can log in with their username and password from email and it will automagically figure out what mac goes with what IP address. The code wouldn't take much in my setup, given their dynamic IP I know what AP they are on. The program then logs into the AP and pulls the DHCP assignment from the lease table. Given the username and password they logged in with I can tell what the IP is suppose to be and I can now update the static lease. This wouldn't be that hard to write since I use MT for my APs. But looking at the setup I ask myself, wouldn't it just make more sense to go PPPoE instead? Less work on my end, it is standard and there is less stuff to break. Sam Tetherow Sandhills Wireless David E. Smith wrote: Sam Tetherow wrote: Being five days late on this you have probably already solved it, but just in case Not really, no. :) I'm still in the "planning" phase of this next change in the network. The CB3 will request a DHCP address with it's MAC address (assuming it is set to DHCP). When the PC or router behind the CB3 requests a DHCP lease you will see the MAC for that device. The DHCP REQUEST message actually contains the MAC address it is requesting an IP for, it is not just assumed to be the MAC address that is seen making the request. The biggest issue I could think of with this setup is when the customers device changes (new router or NIC) they will have to call into the NOC and the DHCP assignment will have to be changed. That's the problem I was hoping to avoid. Honestly, I really like (from a technical standpoint) the cable modem solution to all this. DOCSIS addresses pretty much every question I've ever had, and then some. Heck, it even includes enforcing your bandwidth quotas right there in the CPE, which gives me fits of giggles every time I think about it. And it's dead simple for the customer to set up, because there basically is no set-up to be done. I'm sure there's a way to duplicate the benefits of DOCSIS on a wireless network, I just haven't figured it out yet :) David Smith MVN.net -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] DHCP with a twist
Sam Tetherow wrote: > Being five days late on this you have probably already solved it, but > just in case Not really, no. :) I'm still in the "planning" phase of this next change in the network. > The CB3 will request a DHCP address with it's MAC address (assuming it > is set to DHCP). When the PC or router behind the CB3 requests a DHCP > lease you will see the MAC for that device. The DHCP REQUEST message > actually contains the MAC address it is requesting an IP for, it is not > just assumed to be the MAC address that is seen making the request. The > biggest issue I could think of with this setup is when the customers > device changes (new router or NIC) they will have to call into the NOC > and the DHCP assignment will have to be changed. That's the problem I was hoping to avoid. Honestly, I really like (from a technical standpoint) the cable modem solution to all this. DOCSIS addresses pretty much every question I've ever had, and then some. Heck, it even includes enforcing your bandwidth quotas right there in the CPE, which gives me fits of giggles every time I think about it. And it's dead simple for the customer to set up, because there basically is no set-up to be done. I'm sure there's a way to duplicate the benefits of DOCSIS on a wireless network, I just haven't figured it out yet :) David Smith MVN.net -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] DHCP with a twist
Being five days late on this you have probably already solved it, but just in case The CB3 will request a DHCP address with it's MAC address (assuming it is set to DHCP). When the PC or router behind the CB3 requests a DHCP lease you will see the MAC for that device. The DHCP REQUEST message actually contains the MAC address it is requesting an IP for, it is not just assumed to be the MAC address that is seen making the request. The biggest issue I could think of with this setup is when the customers device changes (new router or NIC) they will have to call into the NOC and the DHCP assignment will have to be changed. Sam Tetherow Sandhills Wireless David E. Smith wrote: As part of the ongoing (does it ever stop?) efforts to make a Better Network, I've finally started using private subnets where appropriate. I'd love to be able to better automate some parts of my network, though, and I'm not sure how to do both of 'em at the same time. (Right now, substantially our whole network uses static IP assignments everywhere, and that's not really viable long-term.) My ideal scenario would be something like this: * The AP runs a DHCP server and talks to a RADIUS server (that's easy) * When a client associates, do a RADIUS lookup to see if they should be allowed to associate (that's easy too) * Give the CPE an IP address from one subnet, then give "whatever else is there" an IP from a different subnet (that's the tricky part) This is made even more complicated by the fact that many of our CPE are Senao CB3 units, which do MAC cloning and I don't think you can turn it off. (Basically, both the CPE and the customer's router, or whatever, show up in my tower as having the CPE's MAC.) If I weren't trying to conserve public IP space, this would be easy enough - just give the CPE one IP address and the customer's gear a second one. But there's really no reason for my radios to be visible to the public Internet, and it's wasteful of those sweet sweet IPs. I know there's a solution to this problem, because that's basically how most cable modem setups work. (Annoyingly, I can't get my company's wireless Internet at home, so I've got cable modem there.) The cable modem is a bit "smarter" than a CB3, though, thanks to DOCSIS. I'd like to do all this at the tower, instead of having to buy (or invent) new CPE if possible. Is this even possible? David Smith MVN.net -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] DHCP with a twist
On Thu, 9 Nov 2006, David E. Smith wrote: My ideal scenario would be something like this: * The AP runs a DHCP server and talks to a RADIUS server (that's easy) Yup. (assuming Mikrotik) * When a client associates, do a RADIUS lookup to see if they should be allowed to associate (that's easy too) Yup. You can do this with Wireless OR DHCP requests (for DHCP, the mac addy is sent as User-Name with no password) * Give the CPE an IP address from one subnet, then give "whatever else is there" an IP from a different subnet (that's the tricky part) This is not that tricky, really. Again, I am assuming Mikrotik (since you said you were trying to better the network. ;-)). Anyway, the way the MT will handle this (for dhcp) is: 1. If you have a static entry for the MAC, it will use those parameters - no radius check is done 2. If you DON'T have a static entry, MT will check radius for that user. If a NO answer is received, then the user is NOT given an IP. What you have to do is use a "default" profile in the radius server. I know that FreeRadius supports this, but not sure if others do. If your radius server supports handling the IP pool (I think FreeRadius does), then you can assign IP addresses from that pool for one group of users. If there is no "Framed-IP-Address" in the access accept packet, then the MT will use the pool assigned for the dhcp server under "/ip dhcp-server network". This gives you some pretty good options. Even if your radius server does not support the pool option, you can assign each user in the RADIUS a static IP via the "Framed-IP-Address" attribute and then have the "default" profile simply not return that attribute (thereby using the "default" pool set up on the MT). This is made even more complicated by the fact that many of our CPE are Senao CB3 units, which do MAC cloning and I don't think you can turn it off. (Basically, both the CPE and the customer's router, or whatever, show up in my tower as having the CPE's MAC.) The DHCP server SHOULD see the MAC of the device making the request. I believe it is the MAC inside the request (not the source mac address) that is sent to the radius server for authentication. Is this even possible? Hope this helps answer that question. :-) -- Butch Evans Network Engineering and Security Consulting 573-276-2879 http://www.butchevans.com/ Mikrotik Certified Consultant (http://www.mikrotik.com/consultants.html) -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] DHCP with a twist
With our private IP's we do w.x.y.z for the cust router and w.x.y+1.z for the cust radio gear using a subnet of 255.255.254.0 We have also laid out our IP's so that the second octet describes the radio tech, (17 for 802.11b/g, 18 for TurboCell, 19 for NetStream 5.8GHz, 20 for Netstream 900mhz) and then the third octet describes what tower they are on. Makes it a bit easier David E. Smith wrote: Pete Davis wrote: I know a nearby WISP that gives his customers IP space and his CPE space on the same last 3 octets. Makes figuring out who's CPE belongs to who's equipmnent much easier: For example: Customer addr = 64.123.105.33, CPE addr: 10.123.105.33 We keep out CPE private, and customer addr public, but we aren't quite THAT organized. I've started doing that, actually :D In the past (and, some, today, because I'm still in the middle of this transition) we always tried to give a customer's CPE and PC sequential addresses (if one was x.x.x.34, the other would be x.x.x.35). This, though, is even easier. :) David Smith MVN.net -- Blair Davis AOL IM Screen Name -- Theory240 West Michigan Wireless ISP 269-686-8648 A division of: Camp Communication Services, INC -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] DHCP with a twist
Pete Davis wrote: > I know a nearby WISP that gives his customers IP space and his CPE space > on the same last 3 octets. Makes figuring out who's CPE belongs to who's > equipmnent much easier: > > For example: Customer addr = 64.123.105.33, CPE addr: 10.123.105.33 > > We keep out CPE private, and customer addr public, but we aren't quite > THAT organized. I've started doing that, actually :D In the past (and, some, today, because I'm still in the middle of this transition) we always tried to give a customer's CPE and PC sequential addresses (if one was x.x.x.34, the other would be x.x.x.35). This, though, is even easier. :) David Smith MVN.net -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] DHCP with a twist
All private here as well Static and routed... NAT to true public as needed... Only DHCP is for public access hotspot's... Track and manage it all thru my MikroTiks.. Dennis Burgess - 2K Wireless wrote: I just stick with all private addressing. The radios, high gain antennas and TenXs we use all do NAT in them, so we just leave it at that. Dennis Burgess, MCP, CCNA, A+, N+, Mikrotik Certified [EMAIL PROTECTED] www.2kwireless.com 2K Wireless provides high-speed internet access, along with network consulting for WISPs, and business's with a focus on TCP/IP networking, security, and Mikrotik routers. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pete Davis Sent: Friday, November 10, 2006 12:43 PM To: WISPA General List Subject: Re: [WISPA] DHCP with a twist I know a nearby WISP that gives his customers IP space and his CPE space on the same last 3 octets. Makes figuring out who's CPE belongs to who's equipmnent much easier: For example: Customer addr = 64.123.105.33, CPE addr: 10.123.105.33 We keep out CPE private, and customer addr public, but we aren't quite THAT organized. pd Ryan Langseth wrote: David, On Thu, 2006-11-09 at 11:23 -0600, David E. Smith wrote: As part of the ongoing (does it ever stop?) efforts to make a Better Network, I've finally started using private subnets where appropriate. I'd love to be able to better automate some parts of my network, though, and I'm not sure how to do both of 'em at the same time. (Right now, substantially our whole network uses static IP assignments everywhere, and that's not really viable long-term.) My ideal scenario would be something like this: * The AP runs a DHCP server and talks to a RADIUS server (that's easy) * When a client associates, do a RADIUS lookup to see if they should be allowed to associate (that's easy too) * Give the CPE an IP address from one subnet, then give "whatever else is there" an IP from a different subnet (that's the tricky part) Why not have the AP run a DHCP relay instead of a full server, have everything relayed to a central server of your choice that way IP management becomes a one stop shop. Reservations would take care of setting IPs for specific mac addresses. This is made even more complicated by the fact that many of our CPE are Senao CB3 units, which do MAC cloning and I don't think you can turn it off. (Basically, both the CPE and the customer's router, or whatever, show up in my tower as having the CPE's MAC.) We are currently setting two IPs for each customer using a cb3, one for the cb3 and one for the customer's equipment ( router, computer etc ) so you should be able to apply a different IP for each piece of equipment. If I weren't trying to conserve public IP space, this would be easy enough - just give the CPE one IP address and the customer's gear a second one. But there's really no reason for my radios to be visible to the public Internet, and it's wasteful of those sweet sweet IPs. I know there's a solution to this problem, because that's basically how most cable modem setups work. (Annoyingly, I can't get my company's wireless Internet at home, so I've got cable modem there.) The cable modem is a bit "smarter" than a CB3, though, thanks to DOCSIS. I'd like to do all this at the tower, instead of having to buy (or invent) new CPE if possible. Is this even possible? Anything is possible. I am planning a similar system, hopefully deployed by the first of the year. Along with our own IPs from ARIN and all new bandwidth. David Smith MVN.net Ryan Langseth invisimax.com -- Blair Davis AOL IM Screen Name -- Theory240 West Michigan Wireless ISP 269-686-8648 A division of: Camp Communication Services, INC -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
RE: [WISPA] DHCP with a twist
I just stick with all private addressing. The radios, high gain antennas and TenXs we use all do NAT in them, so we just leave it at that. Dennis Burgess, MCP, CCNA, A+, N+, Mikrotik Certified [EMAIL PROTECTED] www.2kwireless.com 2K Wireless provides high-speed internet access, along with network consulting for WISPs, and business's with a focus on TCP/IP networking, security, and Mikrotik routers. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pete Davis Sent: Friday, November 10, 2006 12:43 PM To: WISPA General List Subject: Re: [WISPA] DHCP with a twist I know a nearby WISP that gives his customers IP space and his CPE space on the same last 3 octets. Makes figuring out who's CPE belongs to who's equipmnent much easier: For example: Customer addr = 64.123.105.33, CPE addr: 10.123.105.33 We keep out CPE private, and customer addr public, but we aren't quite THAT organized. pd Ryan Langseth wrote: >David, > >On Thu, 2006-11-09 at 11:23 -0600, David E. Smith wrote: > > >>As part of the ongoing (does it ever stop?) efforts to make a Better >>Network, I've finally started using private subnets where appropriate. >> >>I'd love to be able to better automate some parts of my network, though, >>and I'm not sure how to do both of 'em at the same time. (Right now, >>substantially our whole network uses static IP assignments everywhere, >>and that's not really viable long-term.) >> >>My ideal scenario would be something like this: >> >>* The AP runs a DHCP server and talks to a RADIUS server (that's easy) >>* When a client associates, do a RADIUS lookup to see if they should be >> allowed to associate (that's easy too) >>* Give the CPE an IP address from one subnet, then give "whatever else >> is there" an IP from a different subnet (that's the tricky part) >> >> >Why not have the AP run a DHCP relay instead of a full server, have >everything relayed to a central server of your choice that way IP >management becomes a one stop shop. Reservations would take care of >setting IPs for specific mac addresses. > > > >>This is made even more complicated by the fact that many of our CPE are >>Senao CB3 units, which do MAC cloning and I don't think you can turn it >>off. (Basically, both the CPE and the customer's router, or whatever, >>show up in my tower as having the CPE's MAC.) >> >> >We are currently setting two IPs for each customer using a cb3, one for >the cb3 and one for the customer's equipment ( router, computer etc ) so >you should be able to apply a different IP for each piece of equipment. > > > >>If I weren't trying to conserve public IP space, this would be easy >>enough - just give the CPE one IP address and the customer's gear a >>second one. But there's really no reason for my radios to be visible to >>the public Internet, and it's wasteful of those sweet sweet IPs. >> >>I know there's a solution to this problem, because that's basically how >>most cable modem setups work. (Annoyingly, I can't get my company's >>wireless Internet at home, so I've got cable modem there.) The cable >>modem is a bit "smarter" than a CB3, though, thanks to DOCSIS. I'd like >>to do all this at the tower, instead of having to buy (or invent) new >>CPE if possible. >> >>Is this even possible? >> >> >Anything is possible. > > > >I am planning a similar system, hopefully deployed by the first of the >year. Along with our own IPs from ARIN and all new bandwidth. > > > > >>David Smith >>MVN.net >> >> > > >Ryan Langseth >invisimax.com > > > > -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] DHCP with a twist
I know a nearby WISP that gives his customers IP space and his CPE space on the same last 3 octets. Makes figuring out who's CPE belongs to who's equipmnent much easier: For example: Customer addr = 64.123.105.33, CPE addr: 10.123.105.33 We keep out CPE private, and customer addr public, but we aren't quite THAT organized. pd Ryan Langseth wrote: David, On Thu, 2006-11-09 at 11:23 -0600, David E. Smith wrote: As part of the ongoing (does it ever stop?) efforts to make a Better Network, I've finally started using private subnets where appropriate. I'd love to be able to better automate some parts of my network, though, and I'm not sure how to do both of 'em at the same time. (Right now, substantially our whole network uses static IP assignments everywhere, and that's not really viable long-term.) My ideal scenario would be something like this: * The AP runs a DHCP server and talks to a RADIUS server (that's easy) * When a client associates, do a RADIUS lookup to see if they should be allowed to associate (that's easy too) * Give the CPE an IP address from one subnet, then give "whatever else is there" an IP from a different subnet (that's the tricky part) Why not have the AP run a DHCP relay instead of a full server, have everything relayed to a central server of your choice that way IP management becomes a one stop shop. Reservations would take care of setting IPs for specific mac addresses. This is made even more complicated by the fact that many of our CPE are Senao CB3 units, which do MAC cloning and I don't think you can turn it off. (Basically, both the CPE and the customer's router, or whatever, show up in my tower as having the CPE's MAC.) We are currently setting two IPs for each customer using a cb3, one for the cb3 and one for the customer's equipment ( router, computer etc ) so you should be able to apply a different IP for each piece of equipment. If I weren't trying to conserve public IP space, this would be easy enough - just give the CPE one IP address and the customer's gear a second one. But there's really no reason for my radios to be visible to the public Internet, and it's wasteful of those sweet sweet IPs. I know there's a solution to this problem, because that's basically how most cable modem setups work. (Annoyingly, I can't get my company's wireless Internet at home, so I've got cable modem there.) The cable modem is a bit "smarter" than a CB3, though, thanks to DOCSIS. I'd like to do all this at the tower, instead of having to buy (or invent) new CPE if possible. Is this even possible? Anything is possible. I am planning a similar system, hopefully deployed by the first of the year. Along with our own IPs from ARIN and all new bandwidth. David Smith MVN.net Ryan Langseth invisimax.com -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] DHCP with a twist
Ryan Langseth wrote: > Why not have the AP run a DHCP relay instead of a full server, have > everything relayed to a central server of your choice that way IP > management becomes a one stop shop. Reservations would take care of > setting IPs for specific mac addresses. That one could go either way, honestly. It's not nearly as big an issue as... >> This is made even more complicated by the fact that many of our CPE are >> Senao CB3 units, which do MAC cloning and I don't think you can turn it >> off. > We are currently setting two IPs for each customer using a cb3, one for > the cb3 and one for the customer's equipment ( router, computer etc ) so > you should be able to apply a different IP for each piece of equipment. Just giving two IPs out is trivial, but the particular peculiar way I want to do it is giving me minor headaches. If a private IP gets assigned to a customer's router, the customer's Internet connection won't work, and I'll get calls. If a public IP gets assigned to a CPE, it's annoying, wasteful, and (in extreme cases) a network security risk. And based on just a MAC, I don't know how to differentiate CPE and customer gear. This may be difficult to solve with the CB3, but (hopefully) slightly more do-able with other CPE that's (hopefully) not quite as silly. David Smith MVN.net -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] DHCP with a twist
David, On Thu, 2006-11-09 at 11:23 -0600, David E. Smith wrote: > As part of the ongoing (does it ever stop?) efforts to make a Better > Network, I've finally started using private subnets where appropriate. > > I'd love to be able to better automate some parts of my network, though, > and I'm not sure how to do both of 'em at the same time. (Right now, > substantially our whole network uses static IP assignments everywhere, > and that's not really viable long-term.) > > My ideal scenario would be something like this: > > * The AP runs a DHCP server and talks to a RADIUS server (that's easy) > * When a client associates, do a RADIUS lookup to see if they should be > allowed to associate (that's easy too) > * Give the CPE an IP address from one subnet, then give "whatever else > is there" an IP from a different subnet (that's the tricky part) Why not have the AP run a DHCP relay instead of a full server, have everything relayed to a central server of your choice that way IP management becomes a one stop shop. Reservations would take care of setting IPs for specific mac addresses. > > This is made even more complicated by the fact that many of our CPE are > Senao CB3 units, which do MAC cloning and I don't think you can turn it > off. (Basically, both the CPE and the customer's router, or whatever, > show up in my tower as having the CPE's MAC.) We are currently setting two IPs for each customer using a cb3, one for the cb3 and one for the customer's equipment ( router, computer etc ) so you should be able to apply a different IP for each piece of equipment. > > If I weren't trying to conserve public IP space, this would be easy > enough - just give the CPE one IP address and the customer's gear a > second one. But there's really no reason for my radios to be visible to > the public Internet, and it's wasteful of those sweet sweet IPs. > > I know there's a solution to this problem, because that's basically how > most cable modem setups work. (Annoyingly, I can't get my company's > wireless Internet at home, so I've got cable modem there.) The cable > modem is a bit "smarter" than a CB3, though, thanks to DOCSIS. I'd like > to do all this at the tower, instead of having to buy (or invent) new > CPE if possible. > > Is this even possible? Anything is possible. > I am planning a similar system, hopefully deployed by the first of the year. Along with our own IPs from ARIN and all new bandwidth. > David Smith > MVN.net Ryan Langseth invisimax.com -- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/