User guide
Security
86
1/1551-HSC 901 35/3 Uen C 2005-12-02
verify that the upstream traffic actually uses the returned MAC address of
the default gateway as destination address in subsequent frames.
The ARP proxy function implementing Forced Forwarding is an optional
security feature that ensures layer-2 separation (rules for the Forced
Forwarding are configurable through the management system). However, it
is also a way to optimize the utilization of the downstream bandwidth. The
ARP proxy will also respond to downstream requests so they will not take
up bandwidth on the ADSL link. Finally, Forced Forwarding can be viewed
as a way of associating subscribers with a given Service Provider, thus
providing a simple method of service selection. This is described in more
details in section 9 on page 81.
9.3 DHCP Relay Agent Information Option
In access scenarios where the end-users IP address is obtained by use of
DHCP the EDA solution offers a feature to authenticate the DHCP request
send from the end-user equipment.
To obtain an IP address the equipment at the end-user premises will send
a DHCP request to a DHCP server. The IP DSLAM will insert an identifier
in all DHCP requests from the end-user on a PVC basis. This allows the
Service Provider to authenticate and control the rights for assigning IP
addresses to the end-user. This function is known as DHCP Relay Agent
Information Option (Option 82) according to RFC 3046.
Figure 57 on page 87 shows an end-user PC sending a DHCP request to
obtain an IP address from a Service Provider (SP). The End-user Profile in
the IP DSLAM has been configured through the PEM system to insert a
unique Option 82 identification in the DHCP request. This identifier could
for example be the end-users phone number of the ADSL line or a
password, specified by the Service Provider.