[c-nsp] ADSL Bridging over Ethernet

Jurgen Marenda jm at ilk.net
Thu Jun 2 03:39:13 EDT 2011 

Hi Aaron,

> This is not really a cisco specific question. I just need 
> some clarification
> on ADSL bridging.
> 
> I have a situation where an ISP will deliver a /29 address 
> block over an
> ADSL connection. I assume the ADSL connection will be PPPoA / 
> PPPoE based.
> 
> The ADSL router is a simple consumer grade product and a 
> firewall will sit
> behind with a public IP address on an Ethernet interface 
> within this /29
> block.
> 
> My question is if I have this /29 block how can the ADSL 
> router be addressed
> LAN/WAN? I assume the only way to do this is to bridge the 
> ADSL connection
> to the Ethernet network?
> 
> If I bridge the connection does this mean the firewall will 
> need to run the
> PPPoE/PPPoA protocol? 

> I am confused as to where the encapsulation / 
> de-encapsulation occurs with
> this type of design. The ADSL router or the firewall? Can I 
> have the ADSL
> router take care of all the necessary PPP functions such as 
> authentication
> etc with bridging?
> 
> Can someone please shed some light?

If it's PPPoA, the device with the DSL-Modem has the ATM-PVC over which
the PPP session runs.
Clearly, that device is a router having the /29 on it's LAN 

If it's PPPoE, the DSL-Modem may act like as a router as in the PPPoA
Scenario.
(Here, the PPPoE frames are bridged to the ISP thru the ATM PVC.)

But the DSL-Modem may also act as a simple bridge.
In this case, the "firewall" must terminate the PPPoE Session
and may have the /29 on and DMZ Lan 
or use each of the 8 IP-Adresses for terminating (and NATting) Services.

It also may be your Provider has direct IP over the ATM PVC.
Here, the device with the DSL-Modem acts as a router and has the /29 on it's
LAN side.

My (el cheapo) alcatel/ST/thomson classical "adsl" Modem works in all modes
fine;
so even customer grade CPEs may work; 
all those scenarios may be set up with Cisco 876/877 
(iff you get the nessassary information from your ISP).

WAN side does not really need to have an ip-adress (if its
PPP=point-to-point)
but may borrow the LAN's ip adress ( ip unmbered ...)

Hope this helps,

Juergen.

More information about the cisco-nsp mailing list