DHCPv6-PD and PPPoE


#1

We are soon to be rolling out IPv6 to customers using DHCPv6-PD over PPPoE. I am wondering if it is possible for Sonar to learn the current prefix that is assigned to the customer as a soft-assigned prefix? We would like to have a history of what prefixes are assigned to what customers at what times, like we have for IPv4.


#2

We’re also looking to roll out IPv6. Tracking customer assignments in Sonar is important for us as well. I’d rather not use PPPoE, but it’s my understanding that it is the only way to track DHCPv6-PD assignments since the DUID isn’t able to be determined by the MAC.

For tracking through PPPoE, what piece is missing? Just a script that runs on the PPPoE server that notifies sonar similar to the DHCP script/batcher?


#3

Yes - there is a binding script in MikroTik DHCPv6 server so that it can run the script when a subnet is assigned or unassigned. The binding script has a variable to hold the DHCPv6 server name, which in PPPoE is a dynamic server assigned the name of the customer’s PPP interface. The customer username can be extracted from this DHCPv6 server name by the script and then Sonar can be updated as a result.

Writing the script is easy enough, but it would require that Sonar add an endpoint to allow the update, like the endpoint that allows the DHCP script/batcher. I assume Sonar doesn’t have this endpoint right now and would need to add it.


#4

We came up with a solution, it was probably the best one for us. First we had to solve the problem of IPv6 disconnections while allowing the customer to still go to the portal to pay. What we do is we have configured a second ppp profile that is a duplicate copy of the one the customers use, but we configured this duplicate copy profile to add the customer’s interface to the interface list named “inactive-or-delinquent”. We gave the ppp profile a suitable name, and then we created two new RADIUS groups named Delinquent and Inactive, configured to match inactive or delinquent users and pass the radius reply Mikrotik-Group:=my-inactive-or-delinquent-profile.

When the user goes delinquent, the CoA packet from Sonar will cause the user’s PPPoE session to reset, and then due to this change the user will now be assigned to the new ppp profile “my-inactive-or-delinquent-profile”. When they connect up, this special profile is configured to add them to the “inactive-or-delinquent” interface list. IPv6 firewall rules are configured for the inactive-or-delinquent interface list to prevent the customer from going to websites other than the portal to make a payment.

This provides us with automatic disconnections even though Sonar doesn’t know the IPv6 subnet that the customer is getting. We then had one last problem, which was how identify what prefix each customer has. We did this with a simple Mikrotik script that is configured to run every 5 minutes, what it does is makes each pppoe customer’s lease static so they will get the same lease each time. Then the person having to look up the customer’s IP can log into the pppoe concentrator and check the bindings menu to see which subnet each customer has assigned:

/ipv6 dhcp-server binding;
:foreach i in=[find server~“pppoe”] do={
make-static $i;
set $i comment=[get $i server];
set $i server=all;
}

It works fine and gives us a way of tracking customers. Unfortunately the IPv6 subnets assigned in this way do not show up in Sonar, but that is due to Mikrotik’s lack of support for IPv6 RADIUS accounting instead of limitation of Sonar. At least this solves our problems - we get automated disconnection like with IPv4, and like with IPv4, the customer can still get to the portal to pay their bill when they are disconnected. We can also track which customer has which prefix so that if we have to send out copyright notices we can look it up in a list on the MikroTik.