PPPOE is possible in C5?


#1

Good afternoon, excuse my bad English, I’m using a translator.
There is a way for C5 computers to authenticate for PPPOE and Radius without placing G2 or another Router.
For a network with several APs and some thousands of clients it is better to centralize the control of the same and we do not see that option in the C5 or A5 or A5C which is a pity since they can not be used.
I await the answers, and comments, thank you very much


#2

hello Jorge, just yesterday i makr the same answer, and they say me that dont have plans to use it.
i think like you, that is very usefull to use it in the cpe.
please take that in mind and dont leave us without answer.
i think is not veru dificult to implement it


#3

Probably to give best performance results, Mimosa prefer to leave the PPPoE termination out from radio.

You can always use a simple Mikrotik hAP gear to the customer site.


#4

I do not think it’s an option to add another PPPOE, it should be included in the software of the team (even the cheapest brands have it, it’s a worldwide PPPOE and Radius standard); Since I went to school I was told that each team that is added is one more possibility of failure …


#5

Most of us terminate PPPOE at the home wireless router, not @ CPE, that is why it is not needed.


#6

I don’t know why any CPE wouldn’t support PPPoE. If you terminate PPPoE at the router, what keeps the customer from bypassing the router and getting free internet after you shut them off for non payment? PPPoE at the CPE makes things simple. What are you thinking Mimosa?!?!


#7

Presumably you’d put a layer 2 filter to block any non pppoe packets.


#8

@Spencer Mimosa’s architecture is Layer 2 from the Access Point through the CPE. All the termination functions (PPPoE/Routing/NAT, etc.) should happen on the gateway. We do this to keep the cost down of our high performance CPE. In a typical PPPoE deployment, if the customer bypasses the PPOoE termination point they won’t have a method to get an authenticated, routable IP address and possibly will be blocked by L2 filters as mentioned by @Richard3.

To help assist with the management of the gateway device behind the CPE, Mimosa is developing several network integration features:

  • VLAN per C5

  • Radius auth with Vendor Specific Attributes (VSA) for provisioning VLANs and Rate Plans

  • DHCP Option 82 for the insertion of a Circuit ID (A5 MAC) and Remote ID (C5 MAC) into the DHCP request. This allows full control from an advanced DHCP server for managing how and to what an IP address is handed out.

  • Show wired connected device behind the CPE. This will allow easy visibility into what customers are connecting to the CPE device.

  • David


#9

Hello again, i think that provide ppoe or not, at eclection of customer(isp) is the best option,
The imposibility of election is not good.
I think that a cpe finishing in pppoe make more secure the network(the wisp client won’t able access to l2 network), avoiding the posibilities of error and giving as David says options to check user network.


#10

I just wanted to weigh in on this in the hopes that someone might bypass a lot of work and to encourage Mimosas current line of thinking. I have been doing this for a decade and a half and have used just about every authentication method out there. There was a time and place for PPPoE but there are much more scalable authentication methods now and to me, it doesn’t make any sense for Mimosa to use resources on PPPoE especially when they are concentrating on higher throughput connections on a cheap CPE. The horsepower that you would have to throw at the CPE just doesn’t make sense. I would start taking a look at IPoE. Almost all of us have end to end ethernet networks so it doesn’t make any sense to encapsulate ethernet in something else just because of the AAA capabilities when the same capabilities exist for Ethernet encapsulation. There are lots of ways to do it but essentially you use customer circuit info such as VLANs or option 82 info to create a dynamic interface on your BNG for each subscriber. We use VPLS to transport Service VLANs to each POP and then give each customer their own C VLAN on the S VLAN. One big pool of IPs just like PPPoE. Rate limits out of Radius just like PPPoE. Isolated customer traffic just like PPPoE. None of the overhead of PPPoE on the CPE and a lot less overhead on the BNG. Mimosa still has work to do on VLANs and option 82 but they promise me that it is being worked on.