Hi
I have few question regarding Docsis and wifi
If wifi access point (non Docsis) is connected to cable modem as CPE, how Docsis looks at MAC addresses of wifi clients?
Does CM store the MAC address of every wifi client?
Does CMTS store client MAC - CM binding for every client?
In addition, does Docsis allow aging out of MAC addresses?
this is an interesting question:
Let's assume a few things here first:
You are using a cable modem only, i.e. it does not have a router built in, or if it has a router it is turned off
you have a max cpe set to 16 in both the CMTS and the CM config file
You are connecting a Wifi Access Point (No router functionality)
In this case, yes, the CMTS will see the MAC address of every Wifi client
Up to 16 Mac addresses it will all work normally
when you try to add your 17th MAC address however, you will find that the CM will not add it to its MAC address table and the client will not get connectivity
CM MAC address tables do not, by spec have an age out mechanism, to clear it you need to reboot it in most cases, it can also be done via SNMP
Another caveat, if the connection is setup this way, the ISP will have to assign IPs to each of those wifi clients from its, usually public, DHCP pool
This is why most cable modems have some router functionality built-in, some ISPs also further restrict max CPEs to 1-2 devices to specifically prevent the above from happening
It is usually expected that every customer has a router these days
Also remember that CMs by themselves are bridges from a networking sense, and as such by themselves have very limited MAC address bridging tables, think like 128-256 max.
There are some scenarios where what you want may be possible, like MDU, DORM etc... but it would require special settings to work properly:
Modems would need to be configured to be in L2VPN (BSOD) mode with MAC learning and MAC moving turned on (CM manufacturer proprietary settings) on the CMTS you would need to set the same, MAC learning and MAC moving, At the CMTS the VLAN would need to be routed to a L3 device that would be GW for CPE and provide DHCP (i.e. a BNG or generic Router)
this would allow the MAC address table of the modem to be dynamic (for the specific VLAN) like a normal switch, and it would allow the MAC address of a client to move from Access point to Access point (typically each behind a different CM) and everything work fine
Let's presume we talk about enterprise environment where classical AP (not the AP which is installed at customer premise in ISP environment, and has router functionality) is connected to CM, and CMTS is connnected to ethernet switch. In such case, would it be used bridge or BSOD mode? The docsis operator can see which MAC addresses is binded to which CM, and I can see client MSC address arriving from CMTS in ethernet switch.
The DHCP is outside Docsis part of the network.
I am talking about just one site/location.
If you have an AP with a router, only one mac address will be visible to the CMTS.
Unless you use BSOD, the client MAC addresses will not be visible to anything other than the CMTS, because the CMTS is a Router and routes customer traffic towards the internet. when you use BSOD you turn that specific VLAN into a L2 passthrough at the CMTS
If you desire the Client MACs visible at an external switch you need:
Regular cable modem without router, or in bridge mode.
AP without router or in bridge mode
BSOD turned on CM routing traffic to a specific VLAN
BSOD mac address learning turned on CM
that same VLAN configured on NSI ports of CMTS connected to switch
BSOD mac address learning turned on CMTS
BSON mac address movable turned on CMTS
SVI on switch for that VLAN to be default gateway for CPEs in VLAN
In such scenario with BSOD, does CM allow MAC address aging? The AP has not router functionality.
CM is transparent when you run BSOD, any mac address learning/aging would happen at a L3 device upstream of the CMTS, in other words the CM and CMTS just forward frames they do not look at the frames.
But if they do not look the frames, how it is possible to see clients' MAC addresses and to which CM they belong?
at the CMTS you cannot see which modem a mac address belongs to directly, because it does not look at the frames at a docsis level.
i.e. if you run show cable modem cpe for the modem in question it will be empty
but if you use the command to show the BSOD VLAN you can see what mac addresses are being forwarded by that vlan. If you have a unique VLAN per modem, you can use that command as a proxy.
But if you don't run BSOD then such thing would be possible?
yes with the aforementioned caveats built in to DOCSIS spec:
CM functions as a bridge
has finite bridge table (mac address) only guaranteed to be 64+
no mechanism in DOCSIS spec to remove mac addresses from bridging table, vendor proprietary options may exist
CPEs (mac addresses behind the cable modem) get IP from CPE DHCP pool typically public IPs
I am looking at CPEs of one Cable Modem. I can see the MAC and IP address of AP and WiFi clients, as well as the VLAN ID they belong to. Based on the information on CM, would you say it is working in BSOD mode or no?