Sky Fibre to the Cabinet Rollout - PfSense support?
-
I am also on sky and currently am using pppoe passthrough via my mode.
I fear that when i do upgrade to fibre my pfsense alix board will become redundant.Is there a plan for pfsense to implement 1483 MER ?
-
Pfsense supports MER, however we need to determine how to use option 61. The guys at billion have figured it out for their routers.
We simply need a way to add option 61 info to the DHCP that gets sent to the WAN.
-
but on wan dhcp. there is a field for hostname authentication
I assume this is where you can paste the hex key to authenticate
-
That's what it looks like, yes.
You could check for sure by looking at a packet capture on the interface and see what the dhcp client is sending. Or just wait and try it!Are either of you on sky already? From reading the forums it looks like they are running both authentication systems in parallel in existing adsl lines.
Steve
-
I haven't ordered it yet, however i am using llu pppoa for normal adsl2+
which uses both methods for authentication either mer/pppoa. -
That's what it looks like, yes.
You could check for sure by looking at a packet capture on the interface and see what the dhcp client is sending. Or just wait and try it!Are either of you on sky already? From reading the forums it looks like they are running both authentication systems in parallel in existing adsl lines.
Steve
May 4th. There is a guy on another forum who has fibre a little sooner than me, and Pfsense, so i'll pass him the link and see if he has any luck.
-
Hey guys,
So the task has been completed by some clever folks:
–-------------------------------------------------------
WRT54G & Similar running Tomato
Some versions of Tomato support '-c' client ID option (option 61), however others do not. Where 'udhcpcd' supports '-c' then you may enter '-c PPPusername|PPPpassword' in DHCPC options. An alternate method using '-x' to specify additional DHCPC options (incl option 61) may be used. Where '-x' is used the username & password fields must be translated into a HEX string (see below)
It is not necessary to spoof your original Sky router's MAC address in order to obtain an IP address.- Convert your PPPusername|PPPpassword string into HEX - I used http://www.string-functions.com/string-hex.aspx
e.g. 1a2b3c4d5e6f@skydsl|zzc7Zovbt5Fpa7B turns into 31613262336334643565366640736b7964736c7c7a7a63375a6f766274354670613742 - In 'Advanced->DHCP/DNS DHCPC options enter '-x 61:00' immediately followed by the converted string from above. e.g. '-x 61:0031613262336334643565366640736b7964736c7c7a7a63375a6f766274354670613742' & save.
- In 'Basic->Network set your network type to DHCP, default MTU & save
Does anyone know how I would go about implementing this on PfSense?
- Convert your PPPusername|PPPpassword string into HEX - I used http://www.string-functions.com/string-hex.aspx
-
That's what I have been basing my speculation on.
To implement this on pfSense you need to enter your "PPPusername|PPPpassword" in the hostname field on the dhcp setup. Try it and see.
You will not have to enter it as HEX since pfSense sends this as '61', client identifier.Steve
-
Hey Stephen,
Unfortunately I am still without Sky fibre (roll on Friday!) however I may not attempt much messing about as it will cause the DLM (Sky line monitoring) to flag my connection as flapping and then get throttled.
There is an awesome plugin here tho:
http://forum.pfsense.org/index.php?topic=40194.0That seems to fit the bill exactly to what we need to do to accomplish this if your suggestion doesn't work.
I will be trying to negotiate an MER connection tonight with my current unlimited broadband, however
-
Yes that mod will definitely do it but it shouldn't be required at the moment. However if Sky subsequently decide to require option 60 as well you can easily do it with that. Nice. :)
DLM is done based on line disconnection i.e. actually unplugging the modem. There should be no need for you to that to test pfSense. You can leave the Openreach modem connected to the VDSL line and just replace Skys router with pfSense.
Steve
-
Awesome Stephen, thanks very much for the help so far.
May I ask what your day job is?
-
Ha! Well it depends who you ask.
Technically I'm an electrical/electronics engineer but I left my job a few years ago to do some travelling and have been decorating on and off while I think of something better to do. ::)
Hence plenty of free time for commenting!Steve
-
Hey Stephen,
Unfortunately I am still without Sky fibre (roll on Friday!) however I may not attempt much messing about as it will cause the DLM (Sky line monitoring) to flag my connection as flapping and then get throttled.
There is an awesome plugin here tho:
http://forum.pfsense.org/index.php?topic=40194.0That seems to fit the bill exactly to what we need to do to accomplish this if your suggestion doesn't work.
I will be trying to negotiate an MER connection tonight with my current unlimited broadband, however
really cool. do let me know if you get it working without the patch. It makes sense it should work just with the existing dhcp hostname and mac cloning on wan.
A guide written up would be really cool for anyone new to this once we getting it working.
-
No need to spoof the MAC on WAN even.
@http://www.billion.uk.com/forum/viewtopic.php?f=9&t=343&start=20#p1492:
Sky MER authentication don't use Option 60, so mac spoofing is not needed.
Steve
-
Is there a way to check if my exchange even supports MER?
I tried it last night, both spoofing MAC and not - using the PPPuser|PPPpass - no good, never got an IP.
Now my connection even on traditional PPPoA won't connect…
-
What modem are you using? It has to be set to MpoA to use MER.
As detailed: http://wiki.ph-mb.com/wiki/MER#WRT54G_.26_Similar_running_TomatoSteve
-
What modem are you using? It has to be set to MpoA to use MER.
As detailed: http://wiki.ph-mb.com/wiki/MER#WRT54G_.26_Similar_running_TomatoSteve
I set it to MER, still no go.
Unsure what's happened. Going to try my spare pfsense build and see if it's because I'm messed so much with the WAN settings its corrupt it.
-
Is there a way to check if my exchange even supports MER?
I tried it last night, both spoofing MAC and not - using the PPPuser|PPPpass - no good, never got an IP.
Now my connection even on traditional PPPoA won't connect…
please post dhcp log from systems log, so we can see what is happening
-
Is there a way to check if my exchange even supports MER?
I tried it last night, both spoofing MAC and not - using the PPPuser|PPPpass - no good, never got an IP.
Now my connection even on traditional PPPoA won't connect…
please post dhcp log from systems log, so we can see what is happening
Does it save after a reboot?
-
Okay, small update to this.
I tried again last night with the correct modem settings, the DHCP log kept showing DISCOVER but no offer.
Maybe my exchange isn't MER enabled - I don't know how to confirm this.
