Community discussions

 
psycoclan1
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 54
Joined: Mon Aug 11, 2008 4:30 pm
Location: England

WISP core router configuration

Sat Dec 12, 2015 11:14 pm

I was struggling the past few weeks on how to make a core router to be as much efficient as it can.

Lets take it from the beginning. I work for a company which provides wireless internet in more than 500 clients. All the clients are connected via 5ghz equipment (ubnt products) to 5ghz APs. The APs are connected to a switch and from there into another managed switch where the previous guy used to create vlans for some reason. This managed switch is connected to the first router (core router ccr1036) which is connected to the BT router, and we have a second router (ccr1036) as bras (???) for incoming pppoe connections (some clients use pppoe, some others are bridged!!! and some others with static ip in a vlan). Well as you all understand it's so complicated to even explain it properly.

I want to change the configuration and use one ccr1036 instead of 2, and no managed switch. I prefer to use the ethernet ports of the ccr instead.

This is a question to people who actually worked in infrastructure, and im looking for an advice on how to handle all this mess without having to disconnect any customers. Some friends who i asked, suggested me to pray loool :)
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1743
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: WISP core router configuration

Sun Dec 13, 2015 1:53 am

research the functionalities of that manageable switch, then see what role and functionalities can be used on that switch because the switch do all their functionalities by hardware at wire-speed, taking advantage of that can relieve your routers from some load improving performance and leaving cpu power available to give a good performance.

is a bad idea to remove a switch who do they work at hardware for a router who do their work in software, very inefficient idea

before removing bras router research the load and the functions it realizes, maybe removing it is not a good idea, some implementations are very simple and efficient when implemented on multiple routers, but too much complicated (punishing performance) when implemented all in one router, and are harder to scale and troubleshoot.

if the network is not well documented maybe the best way to go is to document the actual configuration (i know is a hard work) to understand it, than trow all away to start from zero

looks like is a well designed hierarchical topology
 
psycoclan1
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 54
Joined: Mon Aug 11, 2008 4:30 pm
Location: England

Re: WISP core router configuration

Sun Dec 13, 2015 4:27 am

I see what you mean. The bras router in the network does nothing but around 20-30 pppoe connections.

The managed switch as far as i know does a lot of vlans. I cant go deeper on the switch because i dont have the login details. Noone has it.

The sfp1 from the core router has a lot of different real IPs assigned on it. People who want to use real ip addresses have to go through nat (dst nat) from a network ip to real ip. Wouldnt it be better to have a pool with the c class and a dhcp server for the real ip addresses and then decide if the client get a real ip or not?
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1743
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: WISP core router configuration

Sun Dec 13, 2015 5:58 am

I see what you mean. The bras router in the network does nothing but around 20-30 pppoe connections.

The managed switch as far as i know does a lot of vlans. I cant go deeper on the switch because i dont have the login details. Noone has it.

The sfp1 from the core router has a lot of different real IPs assigned on it. People who want to use real ip addresses have to go through nat (dst nat) from a network ip to real ip. Wouldnt it be better to have a pool with the c class and a dhcp server for the real ip addresses and then decide if the client get a real ip or not?

now i understand why you want to quit that switch, without credentials to manage it is a black box and you need to remove it to reset it to factory defaults, what model and brand of switch is??

about nat strategies for the use of public ips many approach can be correct, today with the shortage of public ipv4 addresses is very important to use it in the most possible efficient manner because its a valuable and scarce resource
 
barkas
Member Candidate
Member Candidate
Posts: 260
Joined: Sun Sep 25, 2011 10:51 pm

AW: WISP core router configuration

Sun Dec 13, 2015 10:06 am

Get an expert.
Recover that password.
Understand the access products.
Then think about it again.

Edit: because from what you wrote, that seems like a sensible setup to me (doing similar stuff for a major European carrier).
 
psycoclan1
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 54
Joined: Mon Aug 11, 2008 4:30 pm
Location: England

Re: WISP core router configuration

Sun Dec 13, 2015 11:33 am

There is no documentation at all. Not even the private ip ranges that are used. This makes it difficult in order to make a full customers list with ip and etc.

The first thing i am planning to do is to change all the clients into pppoe clients on the bras server. And when its done i want to implement a proper management system for office use. Then i will go deeper into the core network routing. At this moment i had complaints from a few customers that they cant access sony playstation's portal. I assume this has to do with the vlans. Is my thought correct so far?

Ps : i will try to find the switch user/pass
 
barkas
Member Candidate
Member Candidate
Posts: 260
Joined: Sun Sep 25, 2011 10:51 pm

AW: Re: WISP core router configuration

Sun Dec 13, 2015 12:05 pm

There is no documentation at all. Not even the private ip ranges that are used. This makes it difficult in order to make a full customers list with ip and etc.

The first thing i am planning to do is to change all the clients into pppoe clients on the bras server. And when its done i want to implement a proper management system for office use. Then i will go deeper into the core network routing. At this moment i had complaints from a few customers that they cant access sony playstation's portal. I assume this has to do with the vlans. Is my thought correct so far?

Ps : i will try to find the switch user/pass
Vlans for customer separation are a good idea. I don't think it has to do with that particular problem.
 
psycoclan1
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 54
Joined: Mon Aug 11, 2008 4:30 pm
Location: England

Re: WISP core router configuration

Sun Dec 13, 2015 3:57 pm

I agree partially. But my problem is the lack of documentation which leads to such problems. I cant find a way to overcome all these issues so far. I got problems like this and i cannot solve them
 
barkas
Member Candidate
Member Candidate
Posts: 260
Joined: Sun Sep 25, 2011 10:51 pm

AW: Re: WISP core router configuration

Sun Dec 13, 2015 6:23 pm

I agree partially. But my problem is the lack of documentation which leads to such problems. I cant find a way to overcome all these issues so far. I got problems like this and i cannot solve them
You can solve that only by dumping all configs and understanding your network.
 
troffasky
Member
Member
Posts: 399
Joined: Wed Mar 26, 2014 4:37 pm

Re: WISP core router configuration

Mon Dec 14, 2015 12:40 am

At this moment i had complaints from a few customers that they cant access sony playstation's portal. I assume this has to do with the vlans. Is my thought correct so far?
VLAN = method of segmenting a L2 network
playstation portal = a website? a range of IP addresses? some specific TCP and/or UDP ports?

These two things are completely unrelated. It might turn out that some configuration on the former prevents access to the latter but we're just guessing at this point.
 
psycoclan1
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 54
Joined: Mon Aug 11, 2008 4:30 pm
Location: England

Re: WISP core router configuration

Tue Dec 15, 2015 1:36 am

Yes you are right. I stated it in a wrong way. I meant that in our network there are multiple vlans which divide clients by region (area), regardless that the former engineer didnt keep them in tact. Obviously these vlans have various ip ranges assigned to them, so on layer 3 firewall policies may apply. This is an example issue i am facing at the moment which minor.

The topology of the core router is "BT"-"demarcator"-"core router mt". What does actually do the demarcator?? The model is fsp-150 (adva). All i know for demarcators is that they separate networks. Nothing else.
 
troffasky
Member
Member
Posts: 399
Joined: Wed Mar 26, 2014 4:37 pm

Re: WISP core router configuration

Tue Dec 15, 2015 12:22 pm

FSP-150 is basically a glorified media converter - fibre in, copper out. It's probably a little more complex than that in reality [eg allows BT to monitor the state of the circuit]. No, you can't have access to it, and it doesn't do anything at L3 [possibly not even L2 for that matter]. BT will manage the circuit all the way up to the copper port on that NTE.
 
ebreyit
Member Candidate
Member Candidate
Posts: 120
Joined: Tue Apr 30, 2013 11:44 am
Location: Shropshire, United Kingdom

Re: WISP core router configuration

Tue Dec 15, 2015 5:45 pm

It's a tough one, but, there are some good comments in the thread so far.

Have to agree that you need to fully understand the network topology and configuration before you go messing (from end to end). It's a ball ache of a job but the more info you have before you start to alter anything the less likely you are to have issues, and when they do arise (and they will) you'll have a better understand of their cause and how to deal with them.

Once you have a full picture (or at least the best you can get) you may better understand the 'separation of concerns' approach that has lead to the current set-up and equipment used etc.

Some of the more recent setup/configuration could have been borne out of the fact that others also lacked access to the managed switch or other systems and ended up hacking things together.

The current set-up sounds a bit more like an organic set-up that has grown from needs rather than planning and deployment though.

If the network will continue to expand it might be the right time to start thinking about not consolidating compoents, but re-configuring the network to be more resilient and scalable.


A number of small ISP's I have spoken with are now looking to consolidate their networks and reduce IPv4 wastage in their own networks through PPPoE delivered over MLPS/VPLS (akin to http://mum.mikrotik.com/presentations/US13/kirnak.pdf & http://community.ubnt.com/ubnt/attachme ... 20MPLS.pdf)



Whatever you decide to do though, start with the best map you can and don't start without a back-out strategy unless you enjoy unhappy customers.
 
barkas
Member Candidate
Member Candidate
Posts: 260
Joined: Sun Sep 25, 2011 10:51 pm

AW: Re: WISP core router configuration

Tue Dec 15, 2015 9:51 pm

Yes you are right. I stated it in a wrong way. I meant that in our network there are multiple vlans which divide clients by region (area), regardless that the former engineer didnt keep them in tact. Obviously these vlans have various ip ranges assigned to them, so on layer 3 firewall policies may apply. This is an example issue i am facing at the moment which minor.

The topology of the core router is "BT"-"demarcator"-"core router mt". What does actually do the demarcator?? The model is fsp-150 (adva). All i know for demarcators is that they separate networks. Nothing else.
The adva dmd is managed by bt?

I have worked with those and they can do practically anything they would want to, but mostly they are used as fast, low cost, fan less cpes for layer 2 access products. Usually lots of tunneling and shaping.
Shouldn't be your problem though. Those things are really transparent.
You should think about them as switches connected to Bt's core network.

Also, I second the expansion thought. You should not think fewer routers, but more.
I like the separation of duties between routers, but you should also have everything twice for redundancy, at least in your core. That means 2 core routers and 2 bras.
 
psycoclan1
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 54
Joined: Mon Aug 11, 2008 4:30 pm
Location: England

Re: WISP core router configuration

Thu Dec 17, 2015 7:35 pm

Ok now it's getting more and more interesting this thread.

What we have :

2x CCR routers
1x edgeswitch ubnt 48ports+poe
1x cisco switch 24ports
1x ESXi server

20x ubnt APs

How would you deploy the core network with this equipement?

Who is online

Users browsing this forum: Google [Bot], moz1337 and 59 guests