nanog mailing list archives
RE: PPPoE vs. Bridged ADSL
From: Sean Donelan <sean () donelan com>
Date: Sat, 31 Oct 2009 16:13:31 -0400 (EDT)
On Thu, 29 Oct 2009, Frank Bulk - iName.com wrote:
Others commented on things I already had in mind only the username/password thing of PPPoE. We use the same username/pw on the modem as the customer users for their e-mail, so a password change necessitates a truck roll (I know, I know, TR-069). We started with PPPoE for our FTTH, because we were familiar with it, but we moved over to a "VLAN per service" model which ends up something like RBE in function. We can track customers based on the Option 82 info, so we're good to go in terms of tracking them.
You can have a "network username/password" for the customer differentfrom the mail and other application-layer username/password. Some ISPs did that in the dial-up days, and also with PPPOx. The network account information is configured in the dialer or router/modem; and most users never need to know the network-layer stuff. The user can change their mail/application password (and use it for off-network access) without affecting their network-layer pasword.
The same network account may have multiple mail/application accounts associated with it. It also helps in the debate whether you store unreversable passwords or cleartext passwords for things like CHAP/PAP; need to split accounts because people change households; network re-architecture moves circuits around or users move and re-associating the connections with the correct accounts. Yep, I sometimes found two households with swapped VPI/VCI, VLAN or PORT identifiers because someone/something made a data entry or circuit termination mistake.
I like a combination of 802.1x and Option 82 as way of cross-checking, and layer 2/3 anti-spoof protection. I also like handling network things mostly at the network/hardware level, separate from the application layer identity so the user changes aren't affected.
But there are almost always multiple ways to solve a problem.
Current thread:
- Re: PPPoE vs. Bridged ADSL, (continued)
- Re: PPPoE vs. Bridged ADSL Sean Donelan (Oct 29)
- RE: PPPoE vs. Bridged ADSL Vince Mammoliti (Oct 29)
- Re: PPPoE vs. Bridged ADSL Jack Bates (Oct 29)
- Re: PPPoE vs. Bridged ADSL Ben Scott (Oct 29)
- RE: PPPoE vs. Bridged ADSL Sean Donelan (Oct 30)
- Re: PPPoE vs. Bridged ADSL George Carey (Oct 28)
- Re: PPPoE vs. Bridged ADSL Mikael Abrahamsson (Oct 29)
- Re: PPPoE vs. Bridged ADSL Jack Bates (Oct 29)
- RE: PPPoE vs. Bridged ADSL Frank Bulk - iName.com (Oct 30)
- RE: PPPoE vs. Bridged ADSL Frank Bulk - iName.com (Oct 29)
- RE: PPPoE vs. Bridged ADSL Sean Donelan (Oct 31)
- RE: PPPoE vs. Bridged ADSL Frank Bulk - iName.com (Oct 31)