6 Replies Latest reply on Sep 6, 2013 10:38 AM by levi

    Traffic shaping cable modem wifi

    calvine New Member

      Aloha AdTran Support Community!

       

      My goal is to use the wireless functionality of the cable modem, while having the AdTran provide DHCP & QoS to the wired and wireless networks.

       

      I'm using a 3448 behind a Motorola SURFboard SBG6580 Residential Gateway cable modem that includes built-in Wifi and 4 Ethernet switchports.

      When using the default configuration, the public IP address is assigned to the cable modem, which performs NAT and DHCP for the rest of the network.

      This does not allow the AdTran to QoS the Wifi traffic, which has impacted the voice quality of a Polycom phone wired to the AdTran.

       

      On the cable modem I have disabled "NAPT mode" and its DHCP server. I've enabled "Rg PassThrough" and added the AdTran eth 0/1 to the "PassThrough Mac Addresses".

      Now the AdTran is able to acquire a public IP address and provide DHCP to the wired network, but the wireless network then does not have any layer 3 connectivity.

       

      I've been able to temporarily restore the wifi by connecting an AdTran switchport to one of the other cable modem switchports.

      This allows the AdTran to provide DHCP to the wireless network with the AdTran as the gateway, thereby enforcing QoS on the wireless traffic.

      That achieves my goal for a few minutes, and then the AdTran eth 0/1 interface eventually drops the public IP and leases a private IP from itself.

       

      How can I prevent the AdTran from giving itself an IP address?

      I've tried an ACL to drop packets coming into eth 0/1 from the private network but that doesn't seem to be effective.

        • Re: Traffic shaping cable modem wifi
          Employee

          calvine - Thanks for posting your question to the forum!

           

          I have a few questions in addition to the information you have already provided:

           

          1. Is the port that NetVanta eth 0/1 port is plugging into a switchport on the Motorola modem or is it a separate routeable interface?

          2. What is the private subnet your wireless clients are sitting on?

          3. Is the DHCP currently turned on for the Motorola modem for wired or wireless users?

           

          Thanks,

          Noor

            • Re: Traffic shaping cable modem wifi
              calvine New Member

              1. This model of modem only provides four identical switchports. There are no options to configure these ports. This is where the netvanta eth 0/1 and switchport are both connected.

              2. When working as intended, all wired and wireless clients are using VLAN 20, 172.16.20.0/24. This is not a requirement, so I can separate them if necessary.

              3. The cable modem DHCP server listens to both the wired and wireless networks and does not allow me to set the default gateway, hence the wireless traffic bypassing the AdTran, so it is currently disabled. I can configure static leases, but there is only one pool available.

                • Re: Traffic shaping cable modem wifi
                  Employee

                  calvine - I haven't tested this idea but have you tried configuring an access-group to block incoming requests from the VLAN to eth 0/1. The configuration would look a little something like this:

                   

                  ip access-list extended BLOCK-DHCP

                    deny   tcp host <LAN DHCP server>  any eq 67

                    deny   tcp host <LAN DHCP server>  any eq 68

                    permit ip any  any

                   

                  interface eth 0/1

                    ip address  dhcp

                    ip access-group BLOCK-DHCP in

                    no shutdown

                   

                  Please do not hesitate to let us know if you have any questions.

                   

                  Thanks,

                  Noor

                  1 of 1 people found this helpful
                    • Re: Traffic shaping cable modem wifi
                      calvine New Member

                      noor wrote:

                       

                        deny   tcp host <LAN DHCP server>  any eq 67

                        deny   tcp host <LAN DHCP server>  any eq 68

                       

                      Thanks noor! I should be able to test this in a couple hours.

                       

                      Should the above be udp rather than tcp?

                       

                      Would something like this be more thorough?

                       

                      ip access-list extended BLOCK-LAN

                        deny   ip 172.16.20.0 0.0.0.255  any     log

                        permit ip any  any

                        • Re: Traffic shaping cable modem wifi
                          Employee

                          calvine - You are right in both regards. My apologies, that was a slip up on my part. You are right, my example should have looked like this:

                           

                          ip access-list extended BLOCK-DHCP

                            deny   udp host <LAN DHCP server>  any eq 67

                            deny   udp host <LAN DHCP server>  any eq 68

                            permit ip any  any

                           

                          interface eth 0/1

                            ip address  dhcp

                            ip access-group BLOCK-DHCP in

                            no shutdown

                           

                          Your example, however, would be more through and block traffic coming from the entire 172.16.20.x network.

                          Let us know if you have any further questions.

                           

                          Thanks,

                          Noor

                  • Re: Traffic shaping cable modem wifi
                    levi Employee

                    calvine:

                     

                    I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it and select another in its place with the applicable buttons.  If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.

                    Thanks,

                     

                    Levi