[AusNOG] Draytek 130 blank username/passwords

Benjamin Ricardo ben.ricardo at acs.com.au
Tue Jun 22 17:12:14 EST 2021


Thanks for the response guys,
Be nice to find an alternative to these Draytek devices… but that’s another thread.
I was hoping to get an indication from other providers on how they handle these “blank” authentications hitting their radius servers and whether this is a wide spread problem as it became a huge problem for us.



From: AusNOG <ausnog-bounces at lists.ausnog.net> On Behalf Of Bryn Loftus
Sent: Tuesday, 22 June 2021 2:27 PM
To: Dmitry Konchanin <dmitry.konchanin at dtsanz.com>
Cc: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Draytek 130 blank username/passwords

Interestingly I’d had a similar issue with 2830 & 130 units doing that with dhcp- despite being in bridge mode they still pickup the dhcp lease from the carrier and prevent the router getting it.

Not all the time but annoyingly often.
Sent from my iPhone


On 22 Jun 2021, at 2:10 pm, Dmitry Konchanin <dmitry.konchanin at dtsanz.com<mailto:dmitry.konchanin at dtsanz.com>> wrote:

It was ages ago, but I think I saw from time to time a combination of checkboxes on Draytek 120/130 itself that makes it do "own" pppoe attempt in parallel with PPPoE passthrough.
Try to change from pppoe to static for wan AND pppoe passthrough enabled?

Regards,
Dmitry

On 22/06/2021 3:33 pm, Benjamin Ricardo wrote:
Hi All,
Looking for some shared experience here.
We’ve had a complaint from our NBN wholesaler that our Draytek’s, which are configured in PPPoE passthrough, are sending blank authentications to their Radius server at a rate which is impacting their services.
Our standard deployment since about 2010 has been to deploy an xDSL type modem in PPPoE passthrough and then use a router to send the authentication. Interestingly we’ve never had this complaint before…
Our work around was that our wholesaler requires the credentials to be sent on a vlan so instead of using the Draytek to handle the vlan-ing we changed the router to insert the vlan (so the Draytek can be as noisy as it likes and it doesn’t affect them)

I’m wondering if others have also had this experience with these devices… and what you did about it?
Also, surely if the stupid Draytek is in pppoe passthrough it should know not to try to authenticate itself???

Cheers,
Ben






_______________________________________________

AusNOG mailing list

AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>

http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20210622/3efd111e/attachment.html>


More information about the AusNOG mailing list