Sky Fibre to the Cabinet Rollout - PfSense support?
-
I haven't ordered it yet, however i am using llu pppoa for normal adsl2+
which uses both methods for authentication either mer/pppoa. -
That's what it looks like, yes.
You could check for sure by looking at a packet capture on the interface and see what the dhcp client is sending. Or just wait and try it!Are either of you on sky already? From reading the forums it looks like they are running both authentication systems in parallel in existing adsl lines.
Steve
May 4th. There is a guy on another forum who has fibre a little sooner than me, and Pfsense, so i'll pass him the link and see if he has any luck.
-
Hey guys,
So the task has been completed by some clever folks:
–-------------------------------------------------------
WRT54G & Similar running Tomato
Some versions of Tomato support '-c' client ID option (option 61), however others do not. Where 'udhcpcd' supports '-c' then you may enter '-c PPPusername|PPPpassword' in DHCPC options. An alternate method using '-x' to specify additional DHCPC options (incl option 61) may be used. Where '-x' is used the username & password fields must be translated into a HEX string (see below)
It is not necessary to spoof your original Sky router's MAC address in order to obtain an IP address.- Convert your PPPusername|PPPpassword string into HEX - I used http://www.string-functions.com/string-hex.aspx
e.g. 1a2b3c4d5e6f@skydsl|zzc7Zovbt5Fpa7B turns into 31613262336334643565366640736b7964736c7c7a7a63375a6f766274354670613742 - In 'Advanced->DHCP/DNS DHCPC options enter '-x 61:00' immediately followed by the converted string from above. e.g. '-x 61:0031613262336334643565366640736b7964736c7c7a7a63375a6f766274354670613742' & save.
- In 'Basic->Network set your network type to DHCP, default MTU & save
Does anyone know how I would go about implementing this on PfSense?
- Convert your PPPusername|PPPpassword string into HEX - I used http://www.string-functions.com/string-hex.aspx
-
That's what I have been basing my speculation on.
To implement this on pfSense you need to enter your "PPPusername|PPPpassword" in the hostname field on the dhcp setup. Try it and see.
You will not have to enter it as HEX since pfSense sends this as '61', client identifier.Steve
-
Hey Stephen,
Unfortunately I am still without Sky fibre (roll on Friday!) however I may not attempt much messing about as it will cause the DLM (Sky line monitoring) to flag my connection as flapping and then get throttled.
There is an awesome plugin here tho:
http://forum.pfsense.org/index.php?topic=40194.0That seems to fit the bill exactly to what we need to do to accomplish this if your suggestion doesn't work.
I will be trying to negotiate an MER connection tonight with my current unlimited broadband, however
-
Yes that mod will definitely do it but it shouldn't be required at the moment. However if Sky subsequently decide to require option 60 as well you can easily do it with that. Nice. :)
DLM is done based on line disconnection i.e. actually unplugging the modem. There should be no need for you to that to test pfSense. You can leave the Openreach modem connected to the VDSL line and just replace Skys router with pfSense.
Steve
-
Awesome Stephen, thanks very much for the help so far.
May I ask what your day job is?
-
Ha! Well it depends who you ask.
Technically I'm an electrical/electronics engineer but I left my job a few years ago to do some travelling and have been decorating on and off while I think of something better to do. ::)
Hence plenty of free time for commenting!Steve
-
Hey Stephen,
Unfortunately I am still without Sky fibre (roll on Friday!) however I may not attempt much messing about as it will cause the DLM (Sky line monitoring) to flag my connection as flapping and then get throttled.
There is an awesome plugin here tho:
http://forum.pfsense.org/index.php?topic=40194.0That seems to fit the bill exactly to what we need to do to accomplish this if your suggestion doesn't work.
I will be trying to negotiate an MER connection tonight with my current unlimited broadband, however
really cool. do let me know if you get it working without the patch. It makes sense it should work just with the existing dhcp hostname and mac cloning on wan.
A guide written up would be really cool for anyone new to this once we getting it working.
-
No need to spoof the MAC on WAN even.
@http://www.billion.uk.com/forum/viewtopic.php?f=9&t=343&start=20#p1492:
Sky MER authentication don't use Option 60, so mac spoofing is not needed.
Steve
-
Is there a way to check if my exchange even supports MER?
I tried it last night, both spoofing MAC and not - using the PPPuser|PPPpass - no good, never got an IP.
Now my connection even on traditional PPPoA won't connect…
-
What modem are you using? It has to be set to MpoA to use MER.
As detailed: http://wiki.ph-mb.com/wiki/MER#WRT54G_.26_Similar_running_TomatoSteve
-
What modem are you using? It has to be set to MpoA to use MER.
As detailed: http://wiki.ph-mb.com/wiki/MER#WRT54G_.26_Similar_running_TomatoSteve
I set it to MER, still no go.
Unsure what's happened. Going to try my spare pfsense build and see if it's because I'm messed so much with the WAN settings its corrupt it.
-
Is there a way to check if my exchange even supports MER?
I tried it last night, both spoofing MAC and not - using the PPPuser|PPPpass - no good, never got an IP.
Now my connection even on traditional PPPoA won't connect…
please post dhcp log from systems log, so we can see what is happening
-
Is there a way to check if my exchange even supports MER?
I tried it last night, both spoofing MAC and not - using the PPPuser|PPPpass - no good, never got an IP.
Now my connection even on traditional PPPoA won't connect…
please post dhcp log from systems log, so we can see what is happening
Does it save after a reboot?
-
Okay, small update to this.
I tried again last night with the correct modem settings, the DHCP log kept showing DISCOVER but no offer.
Maybe my exchange isn't MER enabled - I don't know how to confirm this.
-
Hmm, I don't think it's the exchange that has to be MER enabled. The authentication servers are not in the exchange.
They probably do have to support MPoA at the exchange though.
Edit: Nope probably just ticking a check box on some central server.Unless you managed to get hold of a friendly sky engineer I don't know how you could find out. How likely is that! ::)
Until you are sure you can connect via MER any results you get may just be more confusing than useful.
Only one more day to wait.Steve
-
May have been a modem issue (or firmware)
Fibre dropped today, will be attempting to get it up and running tonight!
-
Boom.
First pfsense install on MER/Fibre
All you do is use the tool here>http://www.ph-mb.com/products/sky-calc and ensure you select the Sagem one.
Then in hostname under DHCP on the WAN connection add your username|password (with the bar).
Connected first time. Well happy!
-
Ha. Nice. ;D
Steve
-
-
glad to hear.
was the MER only enabled when you switched to fibre?, or was it enabled all along.
Do you mind posting a brief guide for all sky users that may wish to use pfsense as their firewall/router
-
glad to hear.
was the MER only enabled when you switched to fibre?, or was it enabled all along.
Do you mind posting a brief guide for all sky users that may wish to use pfsense as their firewall/router
Yes. For me anyway, I know some users have been using MER for ages on their ADSL line.
I was with Sky since 2008 for broadband though so I was using the legacy PPPoA mechanism with no possibility to use MER.
All you need to do is enter your router username and password (like this (with the | bar) -> USER|PASS) with the bar that you get from the ph-mb website (http://www.ph-mb.com/products/sky-calc) using your fibre routers LAN MAC and wireless key (8 LETTERS).
Drop it into the DHCP connections 'hostname' field:
Simple as that.
Please Note: It is NOT your previous sky adsl username and password
-
thank you very much both of you.
-
On BT Fiber that I have had working with pfsense for about 5 months, I have to set the WAN interface as PPPoE and set my username and password specified from BT. I wonder why sky uses that connection type and BT does not. Does it make any difference? Just different isp software?
-
Well it means they don't have to use PPPoE. No PPP layer means less overhead and a slightly faster connection. Pretty weak argument!
It means they can connect almost anything that has an ethernet port, it doesn't have to support PPPoE. A Sky satellite box perhaps.I have a mate who deals with this sort of thing I'll ask him.
Steve
-
Hi All,
I'm in the process of moving to sky (Adsl not fibre), and they are sending me straight onto the SVBN, which I believe means I will be on a MER only connection (no option to use PPPoA).. Currently I connect to my BT broadband using a ZyXEL P660R-D1 Ethernet router, with ipcop handling the actual connection.
It appears that it wont work with the new Sky setup.. but I believe that pfSense will..
Can anyone confirm that the settings and advice in this thread is equally relevant to the ADSL connections? Im just wondering if I should move to pfSense now in preparation as I have no desire to use the Sky ADSL Router.. I'd like to put my router into ENET ENCAP mode which ZyXEL tell me is the same as RFC1483 MER, and then use pfSense with the modifications above to get it all connected.. (Which I hope means I can get rid of the sky router)
Thanks (and apologies for this not being 100% on topic but it didnt seem to deserve a new thread either)
-
Should be the same. It will be completely dependent on your modem supporting the correct mode. Ethernet encapsulation sounds pretty good. The only known configuration is using the Draytek V120, where you have to set it in MpoA mode:
http://wiki.ph-mb.com/wiki/MER#WRT54G_.26_Similar_running_TomatoSteve
-
Hi All,
I'm in the process of moving to sky (Adsl not fibre), and they are sending me straight onto the SVBN, which I believe means I will be on a MER only connection (no option to use PPPoA).. Currently I connect to my BT broadband using a ZyXEL P660R-D1 Ethernet router, with ipcop handling the actual connection.
It appears that it wont work with the new Sky setup.. but I believe that pfSense will..
Can anyone confirm that the settings and advice in this thread is equally relevant to the ADSL connections? Im just wondering if I should move to pfSense now in preparation as I have no desire to use the Sky ADSL Router.. I'd like to put my router into ENET ENCAP mode which ZyXEL tell me is the same as RFC1483 MER, and then use pfSense with the modifications above to get it all connected.. (Which I hope means I can get rid of the sky router)
Thanks (and apologies for this not being 100% on topic but it didnt seem to deserve a new thread either)
For me, it didn't work for ADSL.
I had to use PPPoA bridge on the Draytek Vigor 120.
If you have a modem thats capable of bridging it will be the same.
-
Hi All,
I'm in the process of moving to sky (Adsl not fibre), and they are sending me straight onto the SVBN, which I believe means I will be on a MER only connection (no option to use PPPoA).. Currently I connect to my BT broadband using a ZyXEL P660R-D1 Ethernet router, with ipcop handling the actual connection.
It appears that it wont work with the new Sky setup.. but I believe that pfSense will..
Can anyone confirm that the settings and advice in this thread is equally relevant to the ADSL connections? Im just wondering if I should move to pfSense now in preparation as I have no desire to use the Sky ADSL Router.. I'd like to put my router into ENET ENCAP mode which ZyXEL tell me is the same as RFC1483 MER, and then use pfSense with the modifications above to get it all connected.. (Which I hope means I can get rid of the sky router)
Thanks (and apologies for this not being 100% on topic but it didnt seem to deserve a new thread either)
For me, it didn't work for ADSL.
I had to use PPPoA bridge on the Draytek Vigor 120.
If you have a modem thats capable of bridging it will be the same.
cheers, it worked for me on adsl2+ unlimited. so glad
cant wait for fibre in june -
Why do you just put the WAN port into the Sky router and on the Sky port just DMZ the pfsense IP on that Sky router :P ::)
-
Because that leaves you at the mercy of who ever wrote the firmware in the Sagem router as well as being dependent on the throughput of it's hardware. ;)
Steve
-
Why do you just put the WAN port into the Sky router and on the Sky port just DMZ the pfsense IP on that Sky router :P ::)
Because that's an awful idea.
Stage 3 of my project (Maxterm 8300B > Intel Atom 330D) is to implement Pfsense on an ESXi box.
I wonder if I can do PPPoE through a switch.
-
Why do you just put the WAN port into the Sky router and on the Sky port just DMZ the pfsense IP on that Sky router :P ::)
Because that's an awful idea.
:D True, Lets hope Virgin Media never do this aswell :o but recently we have been upgraded to superhub made by NETGEAR all in one wireless and modem combo, But theres a downside from BT side. If your still fair from the bt exchange you wont get say 38 Mbps Down because some of the wires are not fiber from your house to there cabinet is all copper with Virgin Media is all fiber from your house to there cabinet and from there cabinet to where ever is all fiber and you will get your full speeds.
Ok now heres the downside to Virgin Media,
30 Mbps reach 7GB in the daytime they cap you 15 Mbps speed until 5 hours
60 Mbps reach 1TB in the daytime they cap you 30 Mbps speed until 5 hours - The one of the reason why im on this package too many Sky anytime+ downloads from the misses and PS3, Wii, Xbox 360)
120Mbps reach 2TB in the daytime they cap you 60 Mbps speed until 5 hours -
Capped to 60Mbps doesn't sound too bad. ;)
The FTTC dsl operated by bt wholesale and used by everyone except virgin uses VDSL2 between your house and the cabinet. VDSL2 is good for up to 250Mbps at 100M.
@http://en.wikipedia.org/wiki/Very_high_speed_digital_subscriber_line_2:
VDSL2 deteriorates quickly from a theoretical maximum of 250 Mbit/s at source to 100 Mbit/s at 0.5 km (1,600 ft) and 50 Mbit/s at 1 km (3,300 ft), but degrades at a much slower rate from there, and still outperforms VDSL. Starting from 1.6 km (1 mi) its performance is equal to ADSL2+.[3]
So as long as you're within 1km of the cabinet you should see 38Mbps.
Not a problem for me, I'm less than 100M from the exchange! :P
Steve
-
if you watch 1080p HD video and downloading Demo on steam and on the PS3 and even on YouTube you can reach up to 2TB easily, I just did some testing watching the following video on YouTube. http://www.youtube.com/watch?v=XSGBVzeBUbk
240p - 580k/s peak rate, 525k sustained
360p - 1.2Mb/s peak, and around 750k/s sustained
480p - 7Mb/s peak rate, and around 850k/s sustained
720p - 11Mb/s peak rate, and around 2-2.5Mb/s sustained
1080p - 15Mb/s peak rate, 13Mb/s sustainedCapped to 60Mbps doesn't sound too bad. ;)
Yeah is not too bad but i tend to download during the night. But give it a few months and Openreach (BT, TalkTalk, Sky fiber etc) will start capping too because there will be people abusing the system with illegal P2P / Torrents but thats gonna come to a stop soon
On one hand i do torrent linux iso distros because i find them faster then the HTTP and FTP but i seed about 1mbits during the night
So as long as you're within 1km of the cabinet you should see 38Mbps.
Lucky for some haha! :P
-
if you watch 1080p HD video and downloading Demo on steam and on the PS3 and even on YouTube you can reach up to 2TB easily, I just did some testing watching the following video on YouTube. http://www.youtube.com/watch?v=XSGBVzeBUbk
240p - 580k/s peak rate, 525k sustained
360p - 1.2Mb/s peak, and around 750k/s sustained
480p - 7Mb/s peak rate, and around 850k/s sustained
720p - 11Mb/s peak rate, and around 2-2.5Mb/s sustained
1080p - 15Mb/s peak rate, 13Mb/s sustainedCapped to 60Mbps doesn't sound too bad. ;)
Yeah is not too bad but i tend to download during the night. But give it a few months and Openreach (BT, TalkTalk, Sky fiber etc) will start capping too because there will be people abusing the system with illegal P2P / Torrents but thats gonna come to a stop soon
On one hand i do torrent linux iso distros because i find them faster then the HTTP and FTP but i seed about 1mbits during the night
So as long as you're within 1km of the cabinet you should see 38Mbps.
Lucky for some haha! :P
Sky ADSL Unlimited never had a cap or throttle.
-
Clearly I'm not trying hard enough:
Billing Period Allowance Used Overnight Usage Total usage 01 Apr - 01 May 10.27GB 4.3GB 14.57GB 01 Mar - 01 Apr 11.01GB 5.18GB 16.18GB 01 Feb - 01 Mar 8.28GB 4.05GB 12.33GB
I'll have to step up my downloading! ::)
Steve
-
Thanks for this info :)
Didn't have any issues before because I was on DSL and I could use PPoE.
Then I upgraded to FTTC and… well... there was a noticeable improvement on speed (more than double) but my SonicWALL TZ200 didn't want to play ball.
Selected DHCP, put Skyusername|Skypassword on the Host Name field... nothing. Tried with hex converted Skyusername|Skypassword not enough characters in the field. Disappointing.
Contacted SonicWALL about it, they said "we don't support DHCP option 61"... which left me perplexed, what is the Host Name field then?
Then I stumbled upon this thread... Luckily I had just bought hardware for a small HTPC, which swiftly became a pfsense box :D
I was up and running in less than 10 minutes.
Now I need to figure out how to integrate the SonicWALL (after all pfsense looks very able but is not a UTM appliance, at least not out of the box) but I'm no longer bound to the Sky router hardware :)
-
I cant wait till the bring FTTH here too :)
right now im on a lower speed cable…
but cant complain about service.
Im paying for 50/3 and
That's what I'm getting
Also our FTTH service will start at 250/30 and span to 1000/200 :DCan't wait for November.
They are coming out sometime next week to replace my backdrop as its damaged and they are dropping in a new "structured" cable that contains the fiber and the coax :)