PADI Packet Flood - Bridged Networks

Here's the situation that I am looking for help with.

We have been and WISP for a couple years, using internal LAN IP
addresses in the 192.168.XXX.XXX realm. We've recently had many
requests for businesses wanting public IP addresses. So I set up a
CentOS linux Bridge: one ethernet card in the internal network, the
other on the public network switch. Both network cards do not have an
IP address in them, but the bridge has a public IP so that I can SSH
into the box to monitor any problems.

It had been working great for a while, until we started having a
problem. Seemingly at random, the network performance just drops.
When I run a tcpdump, it is flooded with hundreds of PPPoE PADI
requests:

"PPPoE PADI [Service-Name] [Host-Uniq "ATWPPPOE"] [EOL]" Over and over
again.

The only way to get the network up and running again is to "ifconfig
bridge-name down" then "ifconfig bridge-name up". I can't sit and
monitor this all day and want to find a way around it. And if I do
this remotely, it knocks my bridge IP address out and I have to go to
location and reset it.

Any of the following work-around will do:
-filtering these packets so they stop flooding my network (with
iptables or something similar)
-responding to these packets in such a way as to stop them from
attempting to connect over and over
-finding the source of these packets and stopping whatever it is from
connecting
-finding the source of these packets and smacking whomever is
responsible upside the head

Any other advise or suggestion is welcome.

I've got a suggestion that's not on your list. I see this complaint
all too often from WISPs.

Segment your network.

I would recommend, highly, taking all business connections and
creating an individual VLAN/Subnet for those connections. This will
keep broadcasts from flooding your network, and taking everything
down. At most, you'll take a segment of the network down, but not the
whole thing.

If you want help, please feel free to call.

Chris Hutchison,CEO
NetSteady
1-866-678-WIFI

Thanks, I will suggest this to my bosses. Anyway I finally figured
out how to eliminate the issue. I set up ebtables on my bridge from
http://ebtables.sourceforge.net/ and used their "Simple Example" to
get it working. Since then, I've tweaked it to better suit our
needs. Other than that, we actually have decided to use an altogether
different frequency for our business customers, and just charge extra
for residential customers want public IP addresses.