IP Routing
6-6
8000-A2-GB21-20
November 1997
Automatic dynamic access control
The DSL card supports IP filters to validate user access to the NSP network.
If the automatic dynamic access control feature is enabled, filters are
configured automatically. The IP filters examine the IP source address of the
upstream traffic to validate the end-user system’s IP address. This feature
enhances security by preventing an end user from spoofing the IP address of
another user on a different DSL port. The DSLAM checks the end-user’s IP
address. If it does not match any valid IP addresses in the routing table, then
the packet is dropped. Use the DHCP Relay Servers screen to enable this
feature.
NOTE:
The DHCP server is typically maintained and operated by the NSP for its
address domain. The HotWire RTU routing tables and the DSLAM routing
tables are automatically updated by the DSLAM.
Also, an RTU will not be able to obtain its address dynamically if the DHCP
server assigns an address for which there is a static route (destination)
already configured on the card.
How Does Dynamic IP Addressing Work?
The following illustration shows an example of a basic IP address request and
assignment. This illustration assumes there are no problems associated with the
request or assignment of the IP address.
97-15721
Authentication
Server
DSLAM
End-user
System
1
2
3
4
5
6
7
DHCP
Server
C
Yes
No
DHCP Request
DHCP ACK
DHCP Release
Authentication Response
Original DHCP Request
DHCP ACK
2
2 A
B
