[afnog] Bridged Access Network

Phil Regnauld regnauld at nsrc.org
Wed Oct 9 08:55:31 UTC 2013 

    Hi Vincent,

    You clearly need to start moving your architecture to a routed one.

    What you are seeing is symptomatic of large flat L2 networks. They're
    one large broadcast domains. Using WiMax to bridge all the customers
    means you're exacerbating the problem since you have limited bandwidth,
    but broadcasts are being spread across the bridged segments.

    You need to look at making IP addressing plan and allocating each customer
    with a subnet, preferably public IPs (PI from Afrinic) and place each
    customer behind a routing device at the edge of their network. This device
    could be provided by yourself, and you might possibly already have this
    functionality in your WiMax access device. The customer is welcome to
    design their own network architecture behind the device, or even install
    their own router and do NAT if they so wish.

    The outside edge of the access device you place at the customer premises
    has an IP in a subnet that is used exclusively for interconnecting the
    devices at each customer site with your own aggregation router. Or
    even use a /30 "point to point" with a dedicated (sub)interface for
    each customer interconnection.

    The device you control at the customer premises will keep broadcasts
    local and isolate you from those.

    Now, if the customer wants to have inter-site L2, you need to look at
    technologies like L2 tunneling, I've done this in the past with
    point-to-point GRE tunnels bridged with LANs. Depending on the size
    and complexity, you may have to look at solutions such as QinQ tunneling
    and maybe even MPLS - I'll leave this up to the adults on this list :)

    Cheers,
    Phil


Vincent Mwamba (davince01) writes:
> 
> We recently experienced a bad broadcast storm on our bridged(flat) access
> network caused by our customers sending broadcasts into our network.
> Our current design is we have multiple high sites in a town which have
> WiMAX access points(bridged mode)/point to point radios/fttx terminating
> onto a switch, we see broadcasts from all these customers. We have
> seperated some of the services to have their own Vlans but as soon as the
> numbers grow in each Vlan we see these issues again. The customer traffic
> from each high site is carried over our layer 2 access back to a single
> aggregation router.
> Some High sites are aggregation points for more remote sites and for
> redundancy links, which has caused us spanning tree issues in the past.
> 
> What is the best way to grow the flat network and avoid spanning tree
> headaches.
> What is the best practice to provision the various services we offering to
> our customers and avoid broadcasts?
> How are other ISP doing it?
> 
> Thanks
> 
> ./Vinny

> _______________________________________________
> afnog mailing list
> http://afnog.org/mailman/listinfo/afnog


-- 
  "Hey kid, go scan a /48"

More information about the afnog mailing list