You are here

ubr10k Sub-Bundle DHCP Cable Helper.

6 posts / 0 new
Last post
djamp42
ubr10k Sub-Bundle DHCP Cable Helper.

So i understand that unknown CPEs and Cable modems will request an address from the Primary bundle cable helper address using the primary ip address as the giaddr. (Default behavior)

So now some CPEs should a sub-bundle if they get a IP in the subnet under that sub-bundle. What happens when this CPE renews the IP again, will it use the helper address under the sub-bundle or use primary bundle? Can these helper address's be different? Assuming all the routing works and they point to the same DHCP server?

I want to create a VRF under the sub-bundle, but i don't want to leak routes between the main bundle (Global Routing) and the sub-bundle (VRF). So i would have a secondary NIC on my DHCP server that just handles dhcp renews from the sub-bundle.

Thanks!

mbowe
As you say, unknown CM will

As you say, unknown CM will initially DHCP via the primary bundle.

The address they receive will then determine which bundle they associate to.
Subsequent DHCP will use the helper commands attached to that bundle.

You can choose whether to point each bundle to same or different DHCP servers.

On our equipment we have multiple bundles, and some are in VRF.
Basically the scenario is we are cable operator and we handle all the CM and MTA prov for multiple ISP on the same CMTS.
We use the same DHCP server for all CM and MTA requests.
Each ISP is in their own bundle/VRF and helper points towards their own CPE DHCP.

To get the CM/MTA DHCP traffic out of the VRF to our DHCP server we just use a static route to jump that destination address across to the global table.
Same thing for any management station /32's etc which need access to all CM/MTA ranges.
To allow CM/MTA traffic back into the VRF we leak the CM and MTA ranges into the global table.
There is no leaking of any CPE addresses. Each of these has their own default gateway towards the owning ISP.

You could use additional NIC on your DHCP server etc, but it becomes a bit messy / doesnt scale very well.

Now if only Cisco would support full QinQ of L2VPN we could just run everything in L2 mode rather than this type of messy L3.
But single Q doesnt give enough VLANs, and the MPLS version is still very limited at 16K sessions per chassis.

djamp42
As you say unknown CM will

As you say unknown CM will initially DHCP via the primary bundle.

What about CPEs that have never been online? They would use the same primary bundle correct, or do they use the bundle that the CM is assigned too?

I'm also a little confused about this.

Each ISP is in their own bundle/VRF and helper points towards their own CPE DHCP.

But in the next line you said

To get the CPE/MTA DHCP traffic out of the VRF to our DHCP server. was that suppose to be CM/MTA, sense the ISPs are handling the CPE DHCP?

I assume your putting CMs into different sub-bundles keep each ISP CM subnet different(For management,acls,ect)? Would you be able to put them all in the primary bundle if the ISPs didn't want management access to the CMs? I guess I'm confused on what bundle the CPE would pick when requesting DHCP for the first time.

mbowe
> What about CPEs that have

> What about CPEs that have never been online?

The CPE cant appear until the modem is online.
So by the time the CPE comes up, the owning CM is already associated with a bundle.
The CPE will thus be associated to that same bundle as the CM.

> To get the CPE/MTA DHCP traffic out of the VRF to our DHCP server. was that suppose to be CM/MTA, sense the ISPs are handling the CPE DHCP?

Yep sorry typo, will go back and edit/fix it now.

> I assume your putting CMs into different sub-bundles keep each ISP CM subnet different(For management,acls,ect)?

The main reason to put each ISP onto own bundle/VRF is because each ISP is providing their own internet feed.
Each known modem is assigned a static reservation and client class by MSO.
So you end up with this sort of pattern :
* bunde1.1 is not in VRF, private CM range00 supplied by MSO, default policy is for CM to be placed on "disabled" CM config file. Unknown modems live here.
* bundle1.101 is VRF01, private CM/MTA range01 supplied by MSO, public CPE range supplied by ISP01, VRF01 default gw points to ISP01
* bundle1.102 is VRF02, private CM/MTA range02 supplied by MSO, public CPE range supplied by ISP02, VRF02 default gw points to ISP02
* bundle1.103 is VRF03, private CM/MTA range03 supplied by MSO, public CPE range supplied by ISP03, VRF03 default gw points to ISP03

MSO is providing the cable network capacity.
Each ISP is providing their own internet uplink / capacity / shaping / counting / ACL / BNG.

> Would you be able to put them all in the primary bundle if the ISPs didn't want management access to the CMs?

In our case the MSO is in charge of all aspects of the cable network.
So each CM/MTA gets a unique private IP / subnet.

ISP just responsible for the CPE and their internet capacity.
MSO provides ISP with basic HTTP-based troubleshooting tools to view CM stats like power levels, etc.

If MSO is supplying the internet feed for all ISP, then you could do one of these :
* put all modems onto the same subnet/default bundle (sort of hard to tell customers apart then)
* create 1 subnet/bundle per ISP, but don’t create any VRF. (this style is easier to tell customers apart. Also allows different bundle ACL, policy-routing or whatever)

> I guess I'm confused on what bundle the CPE would pick when requesting DHCP for the first time.

They pick the bundle their owning CM is assigned to.

djamp42
L2VPN

Now if only Cisco would support full QinQ of L2VPN we could just run everything in L2 mode rather than this type of messy L3.
But single Q doesnt give enough VLANs, and the MPLS version is still very limited at 16K sessions per chassis.

I came from a CASA cmts, and i straight up laughed when "trying" to get L2VPN working. It's been awhile sense i looked at it, but from I remembered i could only assign one modem per L2VPN. So if i had 50 CMs i would have to create 50 different L2VPNs. CASA i could have 1 L2VPN with 50 modems on it.

mbowe
Yep on Cisco, each modem has

Yep on Cisco, each modem has to be in a unique VLAN, and you have to have an external bridging router to merge VLANs together to allow intersite connectivity. Pretty messy.

docsis