Currently, we are operating 1000 PPPoE Customers on it with bandwidth utilization of 1.5G Approx, & CPU utilization for the same is below 10%.
We are having GPON & multiple OLTS under this Mikrotik,
All ONU/ONT is on default VLAN.
This is causing too much broadcast on the network.
To resolve this, Now we want to separate each ONU on separate VLANs, for that do we need to add all VLANS on Mikrotik & then on OLT?
If we add 4000 VLANs
4000 PPPOE Servers
4000 BRIDGE on the same Interface.
I’m not sure you’ll gain that much reduction of broadcast traffic by using 4000 VLANs - with PPPoE, the only broadcast traffic is the PADI from the client, so partitioning the network by means of VLANs just prevents the PADI from clients in one VLAN from reaching the clients in all other VLANs, and the same effect can be achieved without VLANs, by use of split horizon (which prevents forwarding among client-facing ports in general). But I don’t know your L2 hardware between the CHR and the OLTs, maybe the switches support VLANs but not split horizon.
If you assign management IP addresses to the ONUs themselves directly, i.e. not by means of PPPoE, split horizon is still sufficient to prevent ARP requests from one ONU from reaching the other ONUs; the ARP requests from the CHR will still reach all ONUs even with split horizon, but it’s still a significant reduction of broadcast traffic arriving to each individual ONU.
In any case, even if you choose the “4000 VLAN” way, there’s no need to set up 4000 bridges at the CHR, the 4000 VLAN interfaces can be attached to a single common bridge or even directly to the “ethernet” port if you only use a single one.
Any additional processing (like untagging and tagging) matters in large scale. Only a practical test can show whether the total load will become whole 2 times higher than with PPPoE encapsulation alone or just 1.1 times - the PPPoE encapsulation is more complex than mere tagging and untagging.
You should be able to test that in advance if you set the switch port adjacent to your router to send the only VLAN tagged, and do the same on the router, i.e. insert a corresponding /interface vlan between the physical interface and the /interface pppoe server. To make the test more realistic regarding the number of VLAN IDs to match against, I’d add all 4000 /interface vlan. No need to add the 3999 /interface pppoe server, though.
But the biggest issue with PPPoE seems to be the avalanche effect when a large number of client connections becomes unavailable at the same time - there are multiple threads about this here on the forum. Since all of them mention CCR10xx, an x86 may not be affected, but what I’m trying to say is that the CPU load during a stable regular operation state, even with high payload bandwidth, may be far lower than the one during such a transitional state.
Ok, Sir,
But if broadcasting is happening on 1 or 2 ONUs under the same PON, that will affect all ONU / ONT under that pon, right?
To overcome this, what necessary steps do we need to do sir?
Sir, nice to make your acquaintance as well but no need for further sir’s.
Since you mentioned VMware my guess is that you’re using a type 1 hypervisor that runs on “bare metal” on both machines like VMware ESX/ESXi.
Nowadays, there is no major difference in cpu runtime overhead between type 1 and type 2 (hosted hypervisor) where the latter consumes much more storage space and memory needed for the host operating system itself. Another big drawback of using a type 2 (hosted hypervisor) is that you need to restart more frequent due to updates of the host operating system, especially if you use Windows Server. If using Windows Server as a host one might reduce the vulnerability by setting up at least two servers with Hyper-V Live Migration. The corresponding solution for VMware is vSphere vMotion.
Also, I’m pretty sure you’re using Mikrotik Cloud Hosted Router (CHR) since there is no other way AFAIK to run RouterOS on other hardware than sold by Mikrotik.
Ok, would you mind explaining in more detail how you managed to install and run something from the download page as a “pure metal” installation on the Dell?
