You are here

ubr subinterfaces

10 posts / 0 new
Last post
lancey
ubr subinterfaces

Is there a way to assign CPEs to subinterfaces only through DHCP options?

luciano
theoretically - why not?

Hey there Lancey,

just my $.02 - I haven't worked with ubr, but surely have with dhcp - it will assign whomever and whatever information you want, as long as the appropriate subnet is declared within dhcpd.conf. Therefore, CM would probably get an address from the scope where provisioning server is, and where CMTS ports are. However, CPE can get whatever you want, just make sure it is routable both ways. AFAIK CPE can get any address, and it could be completely independent of the CM structure and networks.

as i said i have limited experience with CMTSes so your mileage may vary....

.play.open.minded.

lancey
Yes, the DHCP can assign IPs

Yes, the DHCP can assign IPs from different subnets - no problem with that.

I'm speaking about subinterfaces, though. I.e. instead of having primary IP address on the cable/bundle interface for modems and secondary addresses for CPEs, I'd like to have them on different subinterfaces, i.e. Bundle1.1 for CMs, Bundle1.2 for CPEs, Bundle1.3 for some VPN client, etc., etc. This way it's easier to build access lists, and more interesting things could be done - different VRFs, etc.

The obvious way to do this would be to expect the CMTS to put the CPE in the subinterface according to the subnet of the IP address assigned from the DHCP. Apparently, that's not the case, or I can't find a way to do it.

There's a way to do this through the CM config file, though it requires hardcoding MAC addresses in it. I think there's a way to do that with some DHCP options in the reply, just can't seem to have a documented way to do that. If anyone has done it, please share your knowledge.

-----------------------------------
http://www.net1.cc

kwesibrunee
Yes this can be done on

Yes this can be done on cisco hardware with dhcpd, we do this to facilitate autoprovisioning and it works great, however it is tricky.

given the following config:

bundle 1.1
ip address 10.0.0.1 255.255.0.0 #Authorized Modems
ip address 10.0.1.1 255.255.0.0 secondary # Unauthorized modems

bundle 1.2
ip address 192.168.0.1 255.255.255.0 # Authorized Clients
ipaddress 192.168.1.1 255.255.255.0 # Unauthorized Clients (MTA, PC etc....)

You need TWO dhcpd servers to make this work, one for modems and one for clients. The modem dhcpd server is configured with a shared network like this:

shared-network Modems {
  subnet 10.0.0.0 netmask 255.255.0.0 {
    allow known-clients;
    deny unknown-clients;
    # Subnet for Authorized modems
  }
  subnet 10.0.1.0 netmask 255.255.0.0 {
    allow unknown-clients;
    deny known-clients;
    # Subnet for Unauthorized modems
  }
}

The Client dhcpd server is configured like so

# The inclusion of the Authorized Modems subnet here tells DHCPD to treat it as if they were on the same network segment
shared-network AuthorizedModems {
  subnet 10.0.0.0 255.255.0.0 {
    # Subnet decl for Authed modems purposely left empty
  }
  subnet 192.168.0.0 netmask 255.255.255.0 {
    # Subnet for Authorized clients
    allow known-clients;
    deny unknown-clients;
  }
}
# The inclusion of the Unauthorized Modems subnet here tells DHCPD to treat it as if they were on the same network segment
shared-network UnuthorizedModems {
  subnet 10.0.1.0 255.255.0.0 {
    # Subnet decl for Unauthed modems purposely left empty
  }
  subnet 192.168.1.0 netmask 255.255.255.0 {
    # Subnet for Unuthorized clients
    allow unknown-clients;
    deny known-clients;
  }
}

On the CMTS you also need two cable helper-addresses on each bundle subinterface like so:

interface bundle 1.1
cable helper-address 10.5.0.1 cable-modems
cable helper-address 10.5.0.2 hosts

When the modem requests dhcp the cmts sends the dhcp request to the modems dhcpd server with the source address of 10.0.0.1 the modems dhcpd server then assigns it an ip from one of two+ subnets depending on whether it is known(authorized) or not.

When a client requests dhcp, the cmts forwards the request with the modems gateway as the source address, so on the clients dhcpd server if the modem has an IP from 10.0.0.1/16 subnet it will get an ip from 192.168.0.0/24, if the modem the client is connecting behind has an ip from the 10.0.1.0/16 subnet it will assign it an ip from the 192.168.1.0/24 subnet. More subnets can be added for MTAs, specific clients etc....

Ibrologic
HOW TO AUTO-SET 2 IP ADDR on a SINGLE CMs' INTERFACE FACING CMTS

2 public Ip address on a Single CMs Interface facing CMTS
Hi Guys, I need your help on this topology.
I have
( [Internet + VoIP Traffic)-CPE===>CM====>CMTS=====>PE. Eventually, I will use two VRFs to separate Internet and VoIP traffic on the PE.

However, I intend to do NATting on the CM such that
Internet traffic would be natted to a public IP interface received from the CMTS while
VoIP traffic would be natted to another public address also receive from the CMTS.

But, I am having single physical cable interface between CM and CMTS.

Question 1. Is it possible to configure CM cable interface to receive two Public IP addresses under two subinterfaces from the config file during booting or there is another way to achieve this. Please, i need examples on how this can be achieve on CMTS and CM single cable physical interface. Also, how can I achieve the automation also within the config file.

Guys, I would be glad to have your inputs with examples and explanation in brief.

Thank you in advance
Ibrologic

lancey
Hmm, I don't see a logical

Hmm, I don't see a logical reason to use two different DHCP servers - if the UBR takes the subnet from the reply to really assign the CM / CPE to the appropriate subinterface, it should not matter if you do split requests from CMs and CPEs or not. Would definitely try that, though.
My idea was to not put all CPEs in one subinterface, though. E.g., in your example setup, put unathorized clients in one subinterface, and authorized in another. Or, put home clients on one subinterface, corporate clients on another, VPN clients each get their own subinterface, etc.
We've been doing this with MPLS tagging and CMs config files, but if the DHCP way works it will be superior.
Do you use this setup (or sth like this) in production, and it really does not require using any special DHCP options in the DHCPD config file?
Tnaks veyr much for your response!
-----------------------------------
http://www.net1.cc

kwesibrunee
Yes we use it in production,

Yes we use it in production, it works very well, the reason two dhcpd servers are required is a limitation of dhcpd not the cmts. dhcpd does not allow the same subnet to be used in two different shared-networks on the same server, it does not generate an error but the second shared network is never looked at when requests come in. If you were to use ciscos CNR you could it with one server, other dhcp servers probably work as well.

We actually use one server still, but we use Virtual Machines to run both the client and modem dhcpd servers on the same machine. and the second machine for failover.

dlxneamtu
how to reference the bundle interface?

Hi,

In this scenario, do we reference the bundle 1 interface under the cable interface or wideband interface, or we do not reference anything (as we canot reference the bundle sub-interface in the config). Example, would this be ok, or we have to remove the "cable bundle 1" statements:

interface Cable7/0/0
no cable packet-cache
cable bundle 1

interface Wideband-Cable7/0/0:0
description Wideband for CM1
load-interval 30
cable bundle 1

Dan

mbowe
Yes you reference bundle1 as

Yes you reference bundle1 as usual

Ibrologic
HOW TO AUTO-SET 2 IP ADDR on a SINGLE CMs' INTERFACE FACING CMTS

2 public Ip address on a Single CMs Interface facing CMTS
Hi Guys, I need your help on this topology.
I have
( [Internet + VoIP Traffic)-CPE===>CM====>CMTS=====>PE. Eventually, I will use two VRFs to separate Internet and VoIP traffic on the PE.

However, I intend to do NATting on the CM such that
Internet traffic would be natted to a public IP interface received from the CMTS while
VoIP traffic would be natted to another public address also receive from the CMTS.

But, I am having single physical cable interface between CM and CMTS.

Question 1. Is it possible to configure CM cable interface to receive two Public IP addresses under two subinterfaces from the config file during booting or there is another way to achieve this. Please, i need examples on how this can be achieve on CMTS and CM single cable physical interface. Also, how can I achieve the automation also within the config file.

Guys, I would be glad to have your inputs with examples and explanation in brief.

Thank you in advance
Ibrologic

docsis