I also have the following ranges to supply to customers routers, *.*.138.0 - 128 /25, 126 Useable IP's and *.*.138.128 - 192 /26, 62 usable IP's .129 to .191, these are the addresses I am trying to assign to customers routers using a PPPoE server and I can do it no problem with a bridge configured, without the bridge it will not work.
Will try to get it together to PM
Ok - on the backhaul router, you will need to create a static route:
dst=x.x.138.128/26 gateway=x.x.137.24? (I got lost in your description of the locally-attached networks on the backhaul router - whatever IP is the WAN ip of the PPPoE router)
Now on the PPPoE router - create a static route type=blackhole, dst=x.x.138.128/26
This will cause any IP that's not currently in use to just "disappear" while idle, so no bouncing back and forth....
Then make a pool PPPOEPOOL with x.x.138.128 - x.x.138.191 (yes, include the first and last addresses, they're useful in this scenario)
For your PPPoE profile that the customers will use:
- set local address = IP address of wan interface of the PPPoE server.
- set remote address = PPOEPOOL
- leave bridge stuff blank.
- Optionally set the DNS server address(es) here also.
- In the protocols tab, un-check IPv6/MPLS (unless you're using them, I assume you're not)
- queue tab- set this up or not, according to your needs, it has no bearing on reachability.
If your accounts are assigned by RADIUS, then you can use framed-ip-address=255.255.255.254 to tell the pppoe server "use whatever pool you want" - if have a customer with a static IP address, you can put it here - make sure the backhaul router knows to route the static IP to this server.
Make sure the PPPoE server configuration itself is bound to the correct interface (and not a bridge) - remove the interface from the bridge - Done.
If a customer is supposed to receive a /29 or some small prefix, then make sure the prefix is correctly routed to the PPPoE server, that the PPPoE server has the proper black hole route, this time with distance=254, and finally, on the user's secret set routes = "x.x.x.x/29 0.0.0.0 1" or in RADIUS set framed-ip-route to that value. Yes, really use 0.0.0.0 in the framed route...
So in summary:
make sure the master pool prefix is correctly routed to the EoIP server.
The EoIP server has the prefix routed to black hole, and has the pool configured to include the entire range of IPs.
PPP profile is configured to use that pool as remote, pppoe server's wan IP as local. (note that they're not even in the same network, and that's fine. PPP is basically a wormhole)
PPP secrets / RADIUS profile have no special configurations for standard dynamic customers.
Static customers get specific IP addresses / routes on their secret / RADIUS profile, and those should be SEPARATE from the pool!