Hello everyone,
Currently I’m working on setting up an ISP Infrastructure, i’m looking for the contribution of an expert which is in the ISP field.
I need a help as there is a lot to discuss.
Regards
Riyaaz
You should read the topics opened here or ask specific questions if you have not found any answers to them. Most probably your questions were answered already…
Please elaborate.
First Issue.
Lets start with end users;
-
To authenticate users to access the network, I was thinking of using pppoe, but recently I had a board discussion and we agreed to use DHCP.
-
As we have control up to the CPE router, we can easily use traditional DHCP to handover IP address, but there are security considerations. ex: what if the client remove my router and plug in his router, so in any case, even i have control up to the CPE’s, i need to authenticate the users. I understand that there is an option in DHCP which is option 82 that can be use for authentication. I would need some information how to setup user authentication using option 82 or is there better.
-
As an ISP it is wise to handover dynamic IP address and if a client need static address, they pay a premium. Now, lets suppose a client has been authenticated and been assigned an ip address (ex:10.10.10.1) from my DHCP pool, later the client minds got dirty and want to have a permanent ip address for his own purposes, he take out my router and put his router and forge a MAC address and assign 10.10.10.1 as static address. I could i prevent this.
I stop here for now a wait for your response.
This reads as if you have no prior isp experience in which case you should hire someone who has.
Then, think about your customer - who is he and how will you connect him?
End users will typically be connected using cheap routers and dynamic Ips. Don’t use an authentication technique you are not sure you can get an inexpensive router for - so pppoe is a good idea, everyone speaks it. The more you can buy off the shelf, the cheaper and more reliable it will probably be.
Do you even want to control your customers cpe? Stuff that’s on your customers premises is not yours anyway in a security sense. Probably easier to just give the customer the option to rent a cpe or buy his own and give him login credentials.
Firewall stuff has to be on your end anyway.
Or do you have big customers with dedicated lines? No authentication needed then. You know where the line terminates on each end. Do you even need DHCP in that case? Or is it more useful to statically allocate addresses?
Or are you wireless? Which I have no clue about 
.
Do you want to provide telephone services? What about traffic shaping?
All stuff to think about. Which brings me back to my first point : hire someone, or at least get a consultant with isp pedigree. If you are in Germany, my employer can do that for you, if not, you’ll have to find your own.
Indeed, there are lots of questions and things that need to be taken into consideration. I’m in Mauritius and eventually I would need to ask my employer to hire someone.
FYI, we are in the Broadband Wireless field for years, we provide B2B private and shared links and now we want to pursue with the WISP.
For the time being, we are still under planning phases and we are evaluating possibilities of how to deploy the infrastructure especially with mikrotik and probably Azotel. Concerning lines, it would be wireless from our core to end customers and that we control it.
I would like to ask if you can share any kind of advice or guideline. That will be of great use for me.
I’m doing enterprise fixed line stuff only so I can not really tell you anything about wireless.
Thanks anyway for your input.