Meraki

Community

Bouncing management traffic through a MX to a WAN side device

MartinS
Building a reputation
a month ago
a month ago

Bouncing management traffic through a MX to a WAN side device

I'd be very interested if anyone has any creative ideas for how to do this on an MX please?

 

We have a number of MSP partners and end customers who use a VDSL2 modem/router(1) sat in front of the MX device. The preferred mode of operation is to have this VDSL2 modem/router set in bridge mode and for the MX to connect using PPPoE so the MX gets the public IP.

 

The downside of doing this is the VDSL2 modem is hard to manage as it has no routed IP address. We have a feature in our service observability platform where we collect data on, graph, alert, report on the DSL sync rate which is collected from the modem, but if we can't get SNMP access to it, no data.

 

Is there a method of having a management network with a range of RFC1918 IPs for each site, where one of these IPs is allocated, or NAT'd to the LAN side IP of the VDSL2 modem in front of the MX please? Or does anyone have any other creative ways of doing this in the world of Meraki please?

 

(1) This is just one example, it could be Starlink or a non-Meraki cellular device where you don't even get a proper IP address either

---
COO
Highlight - Service Observability Platform
www.highlight.net
0 Kudos
4 Replies 4
PhilipDAth
Kind of a big deal
Kind of a big deal
a month ago
a month ago

Does the VDSL router have a management port that could be plugged into the internal network?

0 Kudos
In response to PhilipDAth
MartinS
Building a reputation
a month ago
a month ago

Sadly not - generally these are cheap (nasty) devices that just have a single LAN side ethernet port

---
COO
Highlight - Service Observability Platform
www.highlight.net
0 Kudos
In response to PhilipDAth
MartinS
Building a reputation
a month ago
a month ago

...although now you mention it, could you create a VLAN on a couple of the ports on the MX, plug the DSL modem into one, and then connect WAN1 to the other? Would the PPPoE packet make its way through the switch ports and out through the modem?

---
COO
Highlight - Service Observability Platform
www.highlight.net
0 Kudos
In response to MartinS
MartinS
Building a reputation
a month ago
a month ago

To partially answer my own question:

Point-to-Point Protocol over Ethernet - Wikipedia

 

PPPoE discovery

 

Since traditional PPP connections are established between two end points over a serial link or over an ATM virtual circuit that has already been established during dial-up, all PPP frames sent on the wire are sure to reach the other end. But Ethernet networks are multi-access where each node in the network can access every other node. An Ethernet frame contains the hardware address of the destination node (MAC address). This helps the frame reach the intended destination.

Hence before exchanging PPP control packets to establish the connection over Ethernet, the MAC addresses of the two end points should be known to each other so that they can be encoded in these control packets. The PPPoE Discovery stage does exactly this. It also helps establish a Session ID that can be used for further exchange of packets, and is also used to indicate termination of the session.

PPPoE discovery packets are carried in Ethernet frames with EtherType set to 0x8863."

---
COO
Highlight - Service Observability Platform
www.highlight.net
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.