North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: rfc1918 ignorant (fwd)

  • From: Darren Bolding
  • Date: Thu Jul 24 13:01:12 2003

Unfortunately, the vast majority of Cable modems use the private ("CM"
or "Docsis") MAC address for management and present the primary ("CPE")
MAC address to attached equipment.

E.G.- a cable provider has two DHCP scopes configured- a.b.c.d (RFC
1918) and w.x.y.z (Public Space).  In Cisco land at least, the CMTS is
configured with "cable-helper" which relays the CM MAC address to the
DHCP server from the primary address of the Cable Interface and the CPE
MAC Address is relayed from the secondary address of the Cable
Interface.

The CM interface is used for management of the system and such- a key
example is to transfer the DOCSIS configuration file which does things
such as setting rate limits, QoS parameters and lots of other parameters
dreamt up by cable-labs.  

The utility of this design is something I will choose to avoid
commenting on at this time.

--D

--
--  Darren Bolding

> -----Original Message-----
> From: [email protected] [mailto:[email protected]] On 
> Behalf Of Haesu
> Sent: Wednesday, July 23, 2003 5:10 PM
> To: [email protected]
> Subject: Re: rfc1918 ignorant (fwd)
> 
> 
> 
> Well, if uBR showing RFC1918 address out on the traceroute is 
> an issue, why not just reverse the way its configured?
> 
> Put RFC1918 as secondary, and put the routable addr as 
> primary. Either way, it should work w/o issues, right?
> 
> I know quite a few people who purposely put a non-routable IP 
> (whether it be 1918 or RIR-registered block) as primary on 
> their interface, and use routable IP as secondary. Their 
> reason for doing this is to somewhat "hide" their router's 
> real interface IP from showing up in traceroute.. Well, it wouldn't 
> completely 'hide' it, but to a certain level of degree, it 
> probably does...
> 
> -hc
> 
> -- 
> Sincerely,
>   Haesu C.
>   TowardEX Technologies, Inc.
>   WWW: http://www.towardex.com
>   E-mail: [email protected]
>   Cell: (978) 394-2867
> 
> On Wed, Jul 23, 2003 at 07:21:25PM -0400, Jeff Wasilko wrote:
> > 
> > On Wed, Jul 23, 2003 at 06:03:13PM -0400, Daniel Senie wrote:
> > > At 02:11 PM 7/23/2003, Dave Temkin wrote:
> > > 
> > > >2003 7:07 AM:]
> > > >> Comcast and many others seem to
> > > >> blithely ignore this for convenience sake. (It's not like they 
> > > >> need a huge amount of space to give private addresses to these 
> > > >> links.)
> > > >
> > > >ARIN required cable operators to use RFC 1918 space for the 
> > > >management agents of the bridge cable modems that have 
> been rolled 
> > > >out to the millions of residential cable modem 
> customers.  Doing so 
> > > >obviously requires a 1918 address on the cable router, 
> but Cisco's 
> > > >implementation requires that address to be the primary interface 
> > > >address.  There is also a publicly routable secondary 
> which in fact 
> > > >is the gateway address to the customer, but isn't the address 
> > > >returned in a traceroute.  Cisco has by far the lead in market 
> > > >share of the first gen Docsis cable modem router market so any 
> > > >trace to a cable modem customer is going to show this.
> > > 
> > > When MediaOne (remember them?) deployed the cable modems here 
> > > (LanCity
> > > stuff, originally), traceroutes did NOT show the 10/8 
> address from the 
> > > router at the head end. ATT bought MediaOne, and now 
> we've got Comcast. The 
> > > service quality has stayed low, and the price has jumped 
> quite a bit, and 
> > > somewhere along the line a change happened and the 10/8 
> address of the 
> > > router did start showing up. Now it's possible the router 
> in the head end 
> > > got changed and that was the cause. I really don't know.
> > 
> > That's exactly what happened. The Lancity equipment were 
> bridges, so 
> > you never saw them in traceroutes. The head-end bridges were 
> > aggregated into switches which were connected to routers.
> > 
> > The Cisco uBR is a router, so you see the cable interface (which is 
> > typically rfc1918 space) showing up in traceroutes from the 
> CPE out. 
> > Note that you don't see it on traceroutes towards the CPE since you 
> > see the 'internet facing' interface on the uBR.
> > 
> > -j
> 
>