Hi,
A canopy noob here and one who got tasked with evaluating the different vendor options for a wisp so please dont judge too harshly at my silly questions.
I am trying to determine the IP addressing scheme of the actual setup, therefore what devices in a WISP solution would require an ip address.
I presume that the AP would as well as the BH but would the SM too?
If the SM does require it, would it be placed on the ethernet interface, with the router behind it using the SM ip as the “default-gateway”?
Also can you assign an IP address from the BAM server when the user authenticates and tries to retrieve an IP address via DHCP and if so, is there a facility to assign IP ranges to it.
One last question, honest 
.
If the subscriber was to perform a traceroute from their PC, would they see the Canopy IP addresses or does it act at layer 2 from the perspective of the end user.
Cheers for any help given.
H
CANOPY ADDRESSES:
All Canopy units – AP, SM, & BH – are assigned an IP address of 169.254.1.1 as the factory default. When installed, every unit should be assigned a unique address within a private addressing structure – 10.x.x.x, 172.16.x.x-172.31.x.x, or 192.168.x.x – chosen by the installer. This is the IP address used for managing and configuring the Canopy units.
A public IP addressing structure can also be used, but there is an issue with the Canopy web interface that can cause it to lock up when bombarded with either legitimate ping requests or outside hacker attacks. Motorola recommends using private addresses.
APs and BH-Masters must have a unique IP address assigned, but it’s optional for SMs and BH-Slaves. SMs and BHSs can also be accessed through their associated AP or BHM, via both web and telnet interfaces, using what Canopy calls an “RF Private Interface”.
The RF Private Interface is assigned the default IP address 192.168.101.1 on all APs and BHMs. The connected SMs and BHSs are accessed with the address 192.168.101.x, where “x” is the Session or LUID number. The RF Private address can be changed, but there’s no need to; all APs and BHMs can use the same addresses for their RF Private structure because these addresses cannot be accessed from the Ethernet port directly.
The RF Private Interface can be a convenient method for accessing Canopy SMs and BHSs, but I also always assign unique management addresses to be able to access every unit directly via the connected Ethernet networks. Also, be careful not to confuse Motorola Canopy’s RF Private addresses with the concept of private and public addresses on the Internet.
CUSTOMER ADDRESSES:
The IP addresses assigned to your customers can be, and possibly should be, part of a different IP network – either public or private.
LAYER-2 or LAYER-3:
Canopy units are self-learning, layer-2 Ethernet bridges in their factory-default configuration. When NAT is enabled in the Canopy SM, it becomes a layer-3 router and would therefore be the customer’s “default gateway”. The SM would only be recognized in a Trace Route when NAT is enabled.
The outside NAT address can be either private (and NATed again in another router) or public. This address is assigned separately from the management address discussed above.
BAM:
I’m not familiar with BAM and whether it can function as a DHCP Server.
I have a question, is it possible not to assign an IP address to a SM?, is it possible to assign it the IP address 0.0.0.0 and go into the unit through the RF private interface?.
Regards.
WOW. Thank you for the detailed answer Teknix.
Elucidated quite a few points. I have one more query regarding what you advised below:
+++++++++++++++++++++++++
LAYER-2 or LAYER-3:
Canopy units are self-learning, layer-2 Ethernet bridges in their factory-default configuration. When NAT is enabled in the Canopy SM, it becomes a layer-3 router and would therefore be the customer’s “default gateway”. The SM would only be recognized in a Trace Route when NAT is enabled.
The outside NAT address can be either private (and NATed again in another router) or public. This address is assigned separately from the management address discussed above.
+++++++++++++++++++++++++
So basically if I was to run the SM in no-NAT mode and assign it a non-RFC1918 address as provided by RIPE, would I be able to do that and also have the customer’s own router’s WAN interface behind the SM in the same VLSM subnet so they could run their own NAT?
Cheers,
H
Maritinki:
Your conclusion is logical, based on my statements, but one that might get you into trouble. Assigning an address of 0.0.0.0 will disable the Ethernet port on the SM; the SM also will not register with the AP. You can try it, but make sure you have a default-plug available and the SM on your desk, not on your roof! I’ve only tested this on v4.2.3, not on any later versions.
My suggestion was to simply leave all the SMs with their factory-default address of 169.254.1.1. You can try other invalid addresses – 255.255.255.255 isn’t accepted by the web interface, but 0.0.0.1 is – just don’t use 0.0.0.0 as the address. You can set the mask and gateway to anything at all.
If your purpose is to restrict customer access to the SM, you’ll have to rely on password protection.
Hmoussa:
Yes, with NAT disabled, the SM’s management interface can be assigned an IP address in the same network as the customer’s PC or router. With NAT disabled, a Canopy AP and its SMs are just a extended-area Ethernet switch.
Yes, this network can either be public (non-RFC-1918) or private (RFC-1918), but keep in mind the Canopy web access lockup issue if you choose public IP addressing.
Thanks for the input Teknix. Appreciate the advice.
As regards the GUI lockup, I am a CLI man myself 
so it might not be too bad unless the CLI is not as indepth as a Cisco or Juniper box?
Cheers,
H
There are no documented commands for configuration changes via telnet. You must use the web interface.
Thank you. Only GUI config access. I was not aware of that.
Will continue doing my research.
Cheers,
H
We assign all network devices an IP address so we can monitor uptime.
We use the following scheme:
10.0.tower_number.21through26 for LOS 5.2 GHz
10.0.tower_number.41through46 for LOS 2.4GHz
10.0.tower_number.71through76 for LOS for 5.7 GHz
10.0.tower_number.91through96 for 900
10.0.tower_number.20 for a switch
10.0.tower_number.21-29 for any servers
10.0.tower_number.100 for monitoring power
10.0.tower_number.101 - 200 for CPE radios
10.0.tower_number.201-224 for back haul radios
10.0.tower_number.225-250 for Hot Spot access points
Thanks wtkirk for the addressing scheme.
I was looking at the 82.x.x.x global range for ALL SMs.
With a privage range asssigned to the APs and BHs as from my reading, they should not be visible to users, and then finally a global IP to the router that is the first hop for all those SMs.
I like your addressing scheme, will prolly use something in the same framework.
Cheers,
H