<div dir="auto"><div dir="auto" style="font-family:sans-serif;font-size:13.696px"><span style="font-size:13.696px">Diagram below:</span></div><div dir="auto" style="font-family:sans-serif;font-size:13.696px"><span style="font-size:13.696px"><br></span></div><div dir="auto" style="font-family:sans-serif;font-size:13.696px"><span style="font-size:13.696px">Wholesaler Fiber >. our Radius Server </span><br></div><div dir="auto" style="font-family:sans-serif;font-size:13.696px"> | |</div><div dir="auto" style="font-family:sans-serif;font-size:13.696px"> ASR-1001-x(A) ASR-1001-x(B)</div><div dir="auto" style="font-family:sans-serif;font-size:13.696px"><br></div><div dir="auto" style="font-family:sans-serif;font-size:13.696px">Best Regards,</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mar 31, 2017 8:08 AM, "Bruce Nikzad" <<a href="mailto:bruce@rayantelecom.ca">bruce@rayantelecom.ca</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto">Hi James,<div dir="auto"><br></div><div dir="auto">Thanks for the details. I appreciate any and all diagrams and guides as it's my first time ha fling this.</div><div dir="auto"><br></div><div dir="auto">Here is a big difference about what I am hearing here and maybe I have heard it wrong. Apparently our wholesaler provider wants their fiber to connect directly to our ASR-1000-x (we are not decided on equipment yet but they recommend to sell us ASR-1000-x) and then Radius gets quiried and gives ASR the OK to send back to wholesaler.</div><div dir="auto"><br></div><div dir="auto">^^^ If above is true (which never made sense to me) then we can't have multiple Cisco routers that support LAC. </div><div dir="auto"><br></div><div dir="auto">The only other thing they said is that they can round robin this to our multiple ASRs. I guess directly to them than a Radius.</div><div dir="auto"><br></div><div dir="auto">Is it possible they are doing it differently than your structure?</div><div dir="auto"><br></div><div dir="auto">Best Regards,</div><br><div class="gmail_extra" dir="auto"><br><div class="gmail_quote">On Mar 31, 2017 4:44 AM, "James Bensley" <<a href="mailto:jwbensley@gmail.com" target="_blank">jwbensley@gmail.com</a>> wrote:<br type="attribution"><blockquote class="m_8200652328326141707quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 28 March 2017 at 19:55, Bruce Technical <<a href="mailto:brucetechnical@gmail.com" target="_blank">brucetechnical@gmail.com</a>> wrote:<br>
> P.S. why would you not recommend ASR vs ASR-X? (There is a huge price<br>
> difference on eBay).<br>
><br>
> On Mar 28, 2017 12:07 PM, "Bruce Technical" <<a href="mailto:brucetechnical@gmail.com" target="_blank">brucetechnical@gmail.com</a>><br>
> wrote:<br>
>><br>
>> ***sending again with reply all and a minor change***<br>
>> Hi James,<br>
>><br>
>> Not late at all. We are deciding this week to go with one ASR-x or<br>
>> multiple 7206vxr.<br>
>><br>
>> 1- How would couple 7206vxr work together when our ISP is wanting to<br>
>> connect to LNS first and not Radius?<br>
>><br>
>> 2- I am asked to pick single or multimode fiber. For 7206vxr which one<br>
>> should I pick and which is supported?<br>
>><br>
>> 1000 customers is not bad for the price of a VXR.<br>
>><br>
>> Best Regards,<br>
<br>
<br>
<br>
Hi Bruce,<br>
<br>
>> 1- How would couple 7206vxr work together when our ISP is wanting to<br>
>> connect to LNS first and not Radius?<br>
<br>
That's a bit odd. I would expect the normal procedure to be as follows<br>
(visual representation here:<br>
<a href="https://null.53bits.co.uk/index.php?page=adsl2-2-ppp-over-l2tp-life-cycle" rel="noreferrer" target="_blank">https://null.53bits.co.uk/inde<wbr>x.php?page=adsl2-2-ppp-over-<wbr>l2tp-life-cycle</a>),<br>
sorry if you know all this it’s not meant to be patronising:<br>
<br>
- CPE comes online and wholesaler LAC queries the CPE for authentication details<br>
- Wholesaler LAC sends access-request using the CPE provided<br>
authentication details to wholesaler RADIUS to check if these details<br>
are correct<br>
- Wholesaler RADIUS see's these detail belong to another ISP (you!) an<br>
will proxy the authentication request to your RADIUS (forwards your<br>
RADIUS the access-request<br>
- Your RADIUS authenticates the user and in the access-accept response<br>
to the wholesalers RADIUS send your tunnel-endpoint IP and password<br>
(your LNS IP and password)<br>
- When wholesaler RADIUS response sends this access-accept back to the<br>
LAC in response to the LACs access-request<br>
- The LAC builds the L2TP tunnel to your LNS<br>
....<br>
<br>
>From then on it’s all within your domain of responsibility.<br>
<br>
We have one wholesaler who's LACs speak to our RADIUS servers, so they<br>
are dual purpose devices, LAC and RADIUS Proxies. If the wholesaler<br>
wants their LAC/BRAS to talk to your LNS directly without any RADIUS<br>
involvement, how will you be able to dynamically return your LNS IP,<br>
unless they have fixed details: *@<a href="http://realm1.net" rel="noreferrer" target="_blank">realm1.net</a> > 1.2.3.4 (your LNS IP),<br>
*@<a href="http://realm2.net" rel="noreferrer" target="_blank">realm2.net</a> > 5.6.7.8 (another of your LNS IPs) etc.<br>
<br>
With multiple LNS as we heave, either the wholesaler RADIUS asks our<br>
RADIUS for the tunnel-endpoint IP and we return multiple IPs with the<br>
same preference and they round-robin across them (we can offset the<br>
preference in the RADIUS reply if we want to traffic steer certain<br>
sessions to certain LNS devices), or in the case of that “other”<br>
wholesaler, their LACs talk to our RADIUS then build the L2TP to our<br>
LNSs and again round-robin of the multiple IPs returned.<br>
<br>
<br>
>> 2- I am asked to pick single or multimode fiber. For 7206vxr which one<br>
>> should I pick and which is supported?<br>
<br>
Both are supported (you would purchase an MM or SM SFP/GBIC to go into<br>
the chassis line card, the transceiver “handles” the MM/SM port and<br>
the chassis is agnostic of it more or less). Multimode is usually<br>
cheaper although single mode will carry for a greater distance. You<br>
just need to weigh up what’s right for you there, nothing to<br>
complicated.<br>
<br>
<br>
>> 1000 customers is not bad for the price of a VXR.<br>
<br>
I’m in the UK, with the rise of FTTC that number will probably come<br>
down. CPU == throughput (more or less) on the 7200 series, slowly we<br>
are moving from 1000x 8Mbps ADLS to some hundreds of 40-80Mbps FTTC.<br>
7200s are so cheap you can scale our horizontally easily, just deploy<br>
more LNS’s and return the additional IPs in your RADIUS response.<br>
However 10x 7200s is a lot more hassle than say 2x ASR1006-X. 7200s<br>
are so cheap though, have one if not two in the lab, probably some<br>
others lying around in storage we’ve forgotten about etc. It’s<br>
expensive to have an ASR 1000 series sitting in the lab for very<br>
occasional usage.<br>
<br>
<br>
> P.S. why would you not recommend ASR vs ASR-X? (There is a huge price<br>
> difference on eBay).<br>
<br>
The non-X versions either are EoS already or will be soon. The X<br>
versions are pretty much the defacto for the 1000 series devices. The<br>
H-X versions are out and they will eventually replace the X versions<br>
but that is still some years away. So for now if someone was going to<br>
put in a new deployment I’d recommend the X versions as the death<br>
knell has been rung for the non-X versions (bug fixes, TAC support,<br>
code upgrades etc). The X versions are more expensive as they are the<br>
next generation from the original non-X versions and much faster and<br>
more scalable.<br>
<br>
<br>
Cheers,<br>
James,<br>
</blockquote></div><br></div></div>
</blockquote></div></div>