Re: Machine Registration

To: Mike Fedyk <mfedyk@matchmail.com>, debian-isp@lists.debian.org
Subject: Re: Machine Registration
From: Ted Deppner <ted@psyber.com>
Date: Fri, 20 Apr 2001 19:28:54 -0700
Message-id: <20010420192854.A29642@dondra.ofc.psyber.com>
Reply-to: Ted Deppner <ted@psyber.com>
In-reply-to: <20010420091735.E13433@mikef-linux.matchmail.com>; from mfedyk@matchmail.com on Fri, Apr 20, 2001 at 09:17:35AM -0700
References: <20010420054829.A5298@major.pita.org> <20010420073203.B15566@dondra.ofc.psyber.com> <20010420091735.E13433@mikef-linux.matchmail.com>

On Fri, Apr 20, 2001 at 09:17:35AM -0700, Mike Fedyk wrote:
> On Fri, Apr 20, 2001 at 07:32:03AM -0700, Ted Deppner wrote:
> > Another huge component is automatic MAC and GatewayIP address discovery.
> > The good systems allow you to use ANY settings on your laptop, DO NOT
> > require you to use DHCP, and can allow multiple people who have 10.0.0.1
> > as their ip address and anything in the 10.0.0.x as a gateway.
> 
> Basically, each 10.0.0.1 won't be able to see each other because they're
> each on a different port of a vlan eth switch, or did I miss something?

That would only be a problem for client to client comms, which in this
setting should be pretty much irrelevant -- and only a limitation due to
the client (for rather obvious reasons though.  :).

> With this setup, dhcp would be very hard to setup.  Since they're in
> different broadcast domains.

I agree it'd be harder to get both Gateway discovery and DHCP, but doing
one or the other seems doable.  

OTOH, the first thing you'll see from a static customer would be an ARP
request for it's specified gateway, and on a DHCP customer the first would
be a DHCP REQ broadcast packet (port 67 or 68).  This should be enough to
flag which method to use.

> I'm not sure, but do VLANs keep _any_ traffic from passing to other VLANs
> without a router, or just broadcast frames?

VLANs are the exact equivalent of separate switches.  Cisco allows cross
VLAN traffic inside the switch, but usually only at layer 3 (ip), and only in
ways you configure.  There should never be any layer 2 cross-talk.

> > Additionally, registration is done per port... not per ip.  
> 
> I think this is assuming a very high end network setup with Ethernet
> switches.  What if the network only uses hubs and routers?

Hubs (shudder) and switches (even most Cisco stuff) would allow snooping,
break two 10.0.0.1 customers from working, broadcast collisions, gateway
and next hop collisions, etc...

The concept is the customer is directly connected to an individual port[1],
capable of Gateway discovery, providing itself as the next hop gateway,
local DHCP assignment (or relay to a DHCP server higher up), and 1:1
NAT...  all on a per port basis.  

Once you can get into the NAT space, having one VLAN isn't a problem.

[1] that port is NOT part of a VLAN, but a single point to point ethernet
link.  Customer traffic two and from the port is handled by 1:1 NAT
between the backplane of the switch onto the wire.

-- 
Ted Deppner
http://www.psyber.com/~ted/

Reply to:

Follow-Ups:
- Re: Machine Registration
  - From: Mike Fedyk <mfedyk@matchmail.com>

References:
- Machine Registration
  - From: tps@unslept.com
- Re: Machine Registration
  - From: Ted Deppner <ted@psyber.com>
- Re: Machine Registration
  - From: Mike Fedyk <mfedyk@matchmail.com>

Prev by Date: Re: hello...
Next by Date: Re: Machine Registration
Previous by thread: Re: Machine Registration
Next by thread: Re: Machine Registration
Index(es):
- Date
- Thread