<div dir="ltr">Wow, amazing to hear about these problems still out there. It must be nearly 20 years ago I got called up by one of our senior consulting managers to help them with an issue. We were providing a lot of support services for a VERY BIG telco whose RADIUS servers were being absolutely hammered. They were running on our UNIX machines, single threaded I think, Perl based RADIUS service. The short term solution I had to run with was to basically double the two processes and listening ports ( I think they were listening on 1645, 1646 and we would enable 1812 and 1813). The effort was mainly around making sure all the automation around operations worked and satisfied all the SLAs.<div><br></div><div>The big problem was a lot of modems were getting shipped with default passwords that would get rejected and they would just end up looping until the home owner configured their credentials after logging a call with Telco support. (Basically they would plug the modem in and expect it to work). I recollect that one particular brand of modem would have a retry loop of something like one minute. They were contemplating a project called "Go To Jail" which would allow modems with wrong credentials get authenticated still, but end up in a quarantine network and I think use DNS on any web browsing to basically tell the end user to use their proper account credentials. I guess this was all before the days of shipping out provisioned modems.</div><div><br></div><div>Anyway it got me a 6 week weekly commute to Melbourne in Winter to sample a lot of fine restaurants around the CBD.</div><div> <br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature">Regards, Martin<br><br><a href="mailto:MartinVisser99@gmail.com" target="_blank">MartinVisser99@gmail.com</a></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 22 Jun 2021 at 13:34, Benjamin Ricardo <<a href="mailto:ben.ricardo@acs.com.au">ben.ricardo@acs.com.au</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div lang="EN-AU" style="overflow-wrap: break-word;">
<div class="gmail-m_-2423948593613760170WordSection1">
<p class="MsoNormal">Hi All,<u></u><u></u></p>
<p class="MsoNormal">Looking for some shared experience here.<u></u><u></u></p>
<p class="MsoNormal">We’ve had a complaint from our NBN wholesaler that our Draytek’s, which are configured in PPPoE passthrough, are sending blank authentications to their Radius server at a rate which is impacting their services.<u></u><u></u></p>
<p class="MsoNormal">Our standard deployment since about 2010 has been to deploy an xDSL type modem in PPPoE passthrough and then use a router to send the authentication. Interestingly we’ve never had this complaint before…<u></u><u></u></p>
<p class="MsoNormal">Our work around was that our wholesaler requires the credentials to be sent on a vlan so instead of using the Draytek to handle the vlan-ing we changed the router to insert the vlan (so the Draytek can be as noisy as it likes and it doesn’t
affect them)<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">I’m wondering if others have also had this experience with these devices… and what you did about it?<u></u><u></u></p>
<p class="MsoNormal">Also, surely if the stupid Draytek is in pppoe passthrough it should know not to try to authenticate itself???<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Cheers,<u></u><u></u></p>
<p class="MsoNormal">Ben<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</div>
_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" rel="noreferrer" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</blockquote></div>