Tuesday, 6 January 2015

Replacing Sky's SR102 modem / router

This post is mainly for my own knowledge as with age and NSX my brain doesn't seem to retain information as good as it use to.

** Please note it is against Sky's policies to use any other router / modem apart from the one supplied **

I recently moved house and was no longer in a Virgin Media area and since I was ordering Sky television I also opted for their Sky Fibre unlimited package as well.  I'm a big fan of the MikroTik routers and switches and use a RB751G in my lab as my default router and L3 gateway and obviously wanted to continue using this in my new house.

Sky Fibre unlimited now comes with the combined modem / router called the SR102 which is adequate for home use, but not for my lab:


When researching I found that I simply couldn't replace the SR102 with a standard BT OpenReach modem as Sky use DHCP option 61 as a client authentication as per ITEF:

"
9.14. Client-identifier

This option is used by DHCP clients to specify their unique identifier.  DHCP servers use this value to index their database of address bindings.  This value is expected to be unique for all clients in an administrative domain.

Identifiers SHOULD be treated as opaque objects by DHCP servers.

The client identifier MAY consist of type-value pairs similar to the 'htype'/'chaddr' fields defined in [3]. For instance, it MAY consist of a hardware type and hardware address. In this case the type  field SHOULD be one of the ARP hardware types defined in STD2 [22].  A hardware type of 0 (zero) should be used when the value field contains an identifier other than a hardware address (e.g. a fully qualified domain name).  

For correct identification of clients, each client's client-identifier MUST be unique among the client-identifiers used on the subnet to which the client is attached.  Vendors and system administrators are responsible for choosing client-identifiers that meet this requirement for uniqueness.

The code for this option is 61, and its minimum length is 2.

Code   Len   Type  Client-Identifier
+-----+-----+-----+-----+-----+---
|  61 |  n  |  t1 |  i1 |  i2 | ...
+-----+-----+-----+-----+-----+---
"

So, in order to replace the SR102 with an OpenReach modem and MikroTik router you first need to obtain the username and password used to authenticate with Sky's servers.  This can be achieved by using wireshark and sniffing the DHCP discover packets when powering on the SR102.  This video shows you how to extract the username and password:


Once you have it extracted in the form of MACADDRESS@skydsl|PASSWORD i.e. (00:00:00:00:00:00@skydsl|a34sdre6) you need to convert it from ASCII to HEX using an online converter (This worked for me - http://www.asciitohex.com/)

Once you have the client identifier in HEX format you need to configure option 61 on the DHCP client of your MikroTik router.  Log into WinBox and browse to IP and then DHCP Client and in the Option 61 option enter the value as 0xHEXVALUE (You need to put 0x at the front of the value)


Once finished ensure your MikroTik is set to DHCP and not PPPoE or static and you should recieve and IP address from Sky's DHCP servers:


I also configured the WAN port of my MikroTik with the same MAC address as my SR102 as I've read a few articles that say it can potentially take a few hours for the MAC address to time out which means if you need to swap back to the SR102 you potentially have wait before connectivity will be restored.