[c-nsp] cisco BRAS operational questions

Thiago Lizardo de Moraes thilizardo at gmail.com
Fri Jan 20 08:57:23 EST 2012


I think that should you consider different platforms... SmartEdge or MX...
those are more stable for that purpose,

[ ]'s,
Thiago Lizardo de Moraes

2012/1/19 Mike <mike-cisconsplist at tiedyenetworks.com>

> Hello,
>
>        I am considering going to a cisco 7201 for PPPoE subscriber
> termination, and I am trying to figure out how I would duplicate some
> features of my current (linux based) pppoe solution. I use radius and am
> certain %85 of what I do is stock-and-trade for the cisco solution, the
> devil is in some custom things we've come to depend on.
>
>        * per-customer ip filtering
>
>        Most customers have a default ip filter which drops all rfc1918
> addresses, invalid source addresses, and prevents direct-to-smtp
> connections other than to our mail hosts. A very small subset of
> subscribers have a slightly modified filter which permits smtp-to-anywhere.
> I want to be able to set this via radius attributes but have no clue how
> I'd give any given subscriber one filter list vs another. The filter rules
> themselves could certainly be pretty static and not changing often, I just
> need to be able to tell the box which set of rules should apply per
> customer.
>
>        * captive portal / source routing
>
>        Certain customers may need to have different routing than the
> default 'to internet' gateway. For example, I have a captive portal system
> that works by returing custom web pages for any request that gets routed to
> it, such as if you make this box's ip the 'default gateway' used by a
> customer. I would need to be able to tell the cisco to route all packets
> from some given customer - either by source ip address or, preferably, by
> interface - down to this alternate gateway.
>
>        * diagnostic intercept
>
>        For troubleshooting purposes, we find it helpful to be able to use
> tcpdump to capture packets. We do it by mac address and sometimes by
> customer PPP interface. Aside from having a span port on the switch, is
> there any way we could get a feed from the 7201 for this purpose?
>
> Thanks all.
>
> Mike-
> ______________________________**_________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/**mailman/listinfo/cisco-nsp<https://puck.nether.net/mailman/listinfo/cisco-nsp>
> archive at http://puck.nether.net/**pipermail/cisco-nsp/<http://puck.nether.net/pipermail/cisco-nsp/>
>



-- 
Thiago Lizardo de Moraes
Consultor em Tecnologia
+55 41 8818 7141


More information about the cisco-nsp mailing list