Indeed, another viewer brought it to my attention and I tweaked some settings on my PC and Microphone to get things more "normal" Happy it's better now.
Great series, thank you. Most wisps (and I noticed local fibre providers) use a shared public ip for clients. How does an ISP assign a static public IP to a client? Do they buy it from icann? and put it in a pool? We on the other side usually use the private range, so I would like to know how the public range is implemented on the ISP side. Hope you understand my question.
Thanks for the kind words, it really depends on how you want to provide connectivity to your customers. If you provide private IPs to your customers and they get breakout via a public IP(/s) at your core network that's typically seen as CGNAT (Carrier Grade NAT) and is a completely fine way to provide access to customers. If you want to give each customer their own unique public IP address or even a pool of IPs that lives on their router there are multitudes of different ways to get that done. The short of it is: You will apply for a IP range from a regional internet registry. I take it you're also in ZA so that would essentially be AFRINIC. There's actually a bit of a process involved in getting this as you will have to 1) Become a member of AFRINIC 2) Apply for your own ASN so that you can peer with other networks with BGP 3) Apply for your IP pool This seems pretty straightforward, but there's always some extra steps to be aware of that can take time such as you will need to be peering or be planning to peer with transit providers or an IXP. It is also preferred for your setup to be multihomed. You will need to supply planning on how you are going to be using the IP addresses. And if everything is accepted and provisioned to you then you will have to actually decide where you want to run BGP for the internet. Now this is what tends to throw a lot of people off the first time doing this they get the peering and everything done right, although they do not expect the hundreds of thousands of routes that they will be learning from the internet if they request for a full routing table or peer at the IXP directly. This might even be why it is wiser for smaller companies to just have a transit provider and just ask them to send them a default route so that their routers do all of the heavy routing table processes, and you just have a nice clean 0.0.0.0/0 route. But if everything goes alright and your BGP peering to the internet is setup correctly you can start allocating your IP addresses as you see fit. Your pool will at a minimum consist of a /24 network, and it might be as high as a /22 (might be considered low, but we live in a time of IPv4 starvation) So in essence you should keep track if your addressing using something like IPAM. Unless you plan on having the entire pool be assigned dynamically with PPP services, though this might be ill advised since you won't be able to bundle up IP ranges to provide to customers since SMEs tend to have needs for multiple IP addresses and generally at a minimum would like a /29 network. So if you do get a /22 network I might suggest something like EXAMPLE: 192.0.0.0/23 - Dynamic Addressing PPP 192.0.2.0/24 - Reserved for growth 192.0.3.0/25 - Static Addressing (Reserve /29 or /28 networks pending customer requirements) 192.0.3.128/26 - Reserved for growth (additional pools pending addressing/management network growth) 192.0.3.192/26 - Public facing addressing for provider network This is just a very broad example, but once you have your pools figured out you can in essence start allocating IPs from these pools to your customers to have the public IPs actually live on their routers so that they can do whatever they want to do. Since you find many times customers wanting to add their own NAT on their equipment to their servers. Might even be gamers trying to host their own server, and if you are doing CGNAT then that is sadly something that they can't do. Hopefully this gives you some answers, though I might have also added more questions too.
I have a CCR-2004-16G-2S+ with RouterOS 7.8. I am using a 10G RJ45 SFP to connect via PPPOE to my ISP (Bell Fibe). This configuration seems to work perfectly. When I upgrade to RouterOS 7.9 or RouterOS 7.10, I start getting dhcp critical errors (lease expired) every 15 minutes. I have switched back and forth between RouterOS versions and the on RouterOS 7.9 and 7.10 a dhcp client is dynamically created for my sfp-sfpplus1 [WAN] interface. In RouterOS 7.8 there is no dhcp client at all. Is there any way to stop the dynamic dhcp client creation in the newer RouterOS versions? Or can I configure the PPPOE differently to not receive the errors?
Hi sir, thanks a lot for this tutorial. It's very easy to understand. However, I'm a bit confused because you set up an IP address on Ether2(for PPPOE Server) but then you removed it and I didn't see you set an IP on the PPPOE-Bridge as well. Does that mean the PPPOE Server interface does not need an IP on it? Only the pool to assign the IPs to the PPPOE clients?
Yes, as long as the path is connecting over Layer 2 completely, meaning if you bridged the interfaced of the middle router between the server and client they would be able to communicate at Layer 2 and a PPPoE connection could be established from the client to the server.
I have no idea honestly, I 've never configured PPPoE servers on Ubiquiti before. You're welcome to check out this article community.ui.com/questions/HOWTO-configure-PPPoE-server/1516d9db-1943-4740-8dad-2cb929653b18, else I would just suggest putting down a MikroTik to do your PPPoE for you.
Thanks for making mikrotik series
It's my pleasure
Thank you so much for making these mikrotik videos.
Have used them for years but still pick up many good tips from you.
regards
Glad you like them!
sir, ur course very well explained. thanks a lot
Pleasure Hannz
Thank you. Good information. Just a note your audio level on previous videos was set to low. It's much better in this video.
Indeed, another viewer brought it to my attention and I tweaked some settings on my PC and Microphone to get things more "normal" Happy it's better now.
Great series, thank you. Most wisps (and I noticed local fibre providers) use a shared public ip for clients. How does an ISP assign a static public IP to a client? Do they buy it from icann? and put it in a pool? We on the other side usually use the private range, so I would like to know how the public range is implemented on the ISP side. Hope you understand my question.
Thanks for the kind words, it really depends on how you want to provide connectivity to your customers. If you provide private IPs to your customers and they get breakout via a public IP(/s) at your core network that's typically seen as CGNAT (Carrier Grade NAT) and is a completely fine way to provide access to customers. If you want to give each customer their own unique public IP address or even a pool of IPs that lives on their router there are multitudes of different ways to get that done.
The short of it is:
You will apply for a IP range from a regional internet registry. I take it you're also in ZA so that would essentially be AFRINIC. There's actually a bit of a process involved in getting this as you will have to
1) Become a member of AFRINIC
2) Apply for your own ASN so that you can peer with other networks with BGP
3) Apply for your IP pool
This seems pretty straightforward, but there's always some extra steps to be aware of that can take time such as you will need to be peering or be planning to peer with transit providers or an IXP. It is also preferred for your setup to be multihomed. You will need to supply planning on how you are going to be using the IP addresses. And if everything is accepted and provisioned to you then you will have to actually decide where you want to run BGP for the internet.
Now this is what tends to throw a lot of people off the first time doing this they get the peering and everything done right, although they do not expect the hundreds of thousands of routes that they will be learning from the internet if they request for a full routing table or peer at the IXP directly. This might even be why it is wiser for smaller companies to just have a transit provider and just ask them to send them a default route so that their routers do all of the heavy routing table processes, and you just have a nice clean 0.0.0.0/0 route.
But if everything goes alright and your BGP peering to the internet is setup correctly you can start allocating your IP addresses as you see fit. Your pool will at a minimum consist of a /24 network, and it might be as high as a /22 (might be considered low, but we live in a time of IPv4 starvation) So in essence you should keep track if your addressing using something like IPAM. Unless you plan on having the entire pool be assigned dynamically with PPP services, though this might be ill advised since you won't be able to bundle up IP ranges to provide to customers since SMEs tend to have needs for multiple IP addresses and generally at a minimum would like a /29 network.
So if you do get a /22 network I might suggest something like
EXAMPLE:
192.0.0.0/23 - Dynamic Addressing PPP
192.0.2.0/24 - Reserved for growth
192.0.3.0/25 - Static Addressing (Reserve /29 or /28 networks pending customer requirements)
192.0.3.128/26 - Reserved for growth (additional pools pending addressing/management network growth)
192.0.3.192/26 - Public facing addressing for provider network
This is just a very broad example, but once you have your pools figured out you can in essence start allocating IPs from these pools to your customers to have the public IPs actually live on their routers so that they can do whatever they want to do. Since you find many times customers wanting to add their own NAT on their equipment to their servers. Might even be gamers trying to host their own server, and if you are doing CGNAT then that is sadly something that they can't do. Hopefully this gives you some answers, though I might have also added more questions too.
@@TheNetworkBerg thanks for this extensive answer. It was quite an interesting read! :)
I am thankful to you
I have a CCR-2004-16G-2S+ with RouterOS 7.8. I am using a 10G RJ45 SFP to connect via PPPOE to my ISP (Bell Fibe). This configuration seems to work perfectly.
When I upgrade to RouterOS 7.9 or RouterOS 7.10, I start getting dhcp critical errors (lease expired) every 15 minutes.
I have switched back and forth between RouterOS versions and the on RouterOS 7.9 and 7.10 a dhcp client is dynamically created for my sfp-sfpplus1 [WAN] interface. In RouterOS 7.8 there is no dhcp client at all.
Is there any way to stop the dynamic dhcp client creation in the newer RouterOS versions? Or can I configure the PPPOE differently to not receive the errors?
Thanks! do you have video on different way to cgnat in mikrotik?
Hi sir, thanks a lot for this tutorial. It's very easy to understand. However, I'm a bit confused because you set up an IP address on Ether2(for PPPOE Server) but then you removed it and I didn't see you set an IP on the PPPOE-Bridge as well. Does that mean the PPPOE Server interface does not need an IP on it? Only the pool to assign the IPs to the PPPOE clients?
The Profile sets a local IP that the clients will use as their gateway.
Please help me my internet not working for pppoe clent side
Sir that first Software that you use for Map please share the link of this we download
It is called EVE-NG, I have a playlist showing how to set it up, you can watch it here.
th-cam.com/play/PLJ7SGFemsLl1ZSsdcdYqeCFDM71dz97XS.html
If another router is connected to the router hosting the PPPoE Server will it be able to forward the PPPoE connections or terminate them?
Yes, as long as the path is connecting over Layer 2 completely, meaning if you bridged the interfaced of the middle router between the server and client they would be able to communicate at Layer 2 and a PPPoE connection could be established from the client to the server.
Hi I want to learn from you
How will you do it on ubiquiti?
I have no idea honestly, I 've never configured PPPoE servers on Ubiquiti before. You're welcome to check out this article community.ui.com/questions/HOWTO-configure-PPPoE-server/1516d9db-1943-4740-8dad-2cb929653b18, else I would just suggest putting down a MikroTik to do your PPPoE for you.
179