So I have a little bit of an interesting setup.
I have a Mikrotik (192.168.1.1) dialing up to a PPPoE account over a bridge netgear modem. This works just fine and provide internet to my house perfectly. I have a flat at the end of my garden that I used to share internet directly through a wireless link connected to another Mikrotik which then dished out IP Addresses on a seperate subnet 192.168.2.0. Flat was muching too much of my data so I decided to get a seperate data account for the other mikrotik.
Want I would like the second mikrotik to do is dialup to the new PPPoE account by bridging through the existing mikrotik and dialup through the netgear. Is this at all possible?
I realise that I could have the wireless link go straight to the netgear modem bypassing the mikrotik physically but i still want to have access between PC’s on each subnet as we use other LAN services between the buildings.
I have just had an idea whilst writing this out. If i was to connect the HUB in my house directly to the Netgear router would that give me the ability to dialup to the new PPPoE account from the second Mikrotik?
Or is it possible to create a virtual link from the second mikrotik using the existing physical connections and then have original mikroik spit that out of one of the ports straight to the modem. So that basically you have a virtual link between the modem and the second mikrotik and the second mikrotik thinks it is connected directly to the modem bypassing everything else?
This is easy. On the Mikrotiks, create a VLAN sub-interface on whichever interface connects to the Ubiquiti.
Create a new bridge on the upstream Mikrotik (wan-bridge1) and add the vlan subinterface to it, and the ethernet interface your first pppoe account is on.
Then on the second mikrotik, build the pppoe-client on the vlan subinterface.
This should leave the existing topology in place without any hevy-duty changes.
Thanks for the reply. I think I understand what to do on the mikrotiks and will try so tonight. Could you please explain in english what is actually happening to make it work? Is the VLAN now a seperate connection bridging the main mikrotik? Allowing PPPoE packets to flow freely bypassing the mikrotik?
Yes. That’s exactly right.
The VLAN tag on the wireless links between the Mikrotiks is how they can keep the two networks separated - think of the VLAN almost like a tunnel.
So when Mikrotik2 sends a PPPoE request on the vlan, Mikrotik1 sees the VLAN tag, realizes that you want this packet to be bridged to ether1 (or whichever port is the WAN port) and copies the frame onto ether1 just like a switch would do.
When the reply comes from the PPPoE server, with the destination MAC address of Router2, Mikrotik1 will realize that this should be bridged onto the wireless and will copy it onto the wireless link and add the VLAN tag. When Mikrotik2 sees the packet with the VLAN tag, it knows this packet is intended for its VLAN sub-interface, which then opens the packet and sees that it has PPPoE inside of it - which is then processed by PPPoE client, and passed onward up the stack to IP, TCP, NAT, etc.
When mikrotik2 receives a frame with no vlan tag, it will handle it according to whatever services you already have configured on that wireless interface.
Thanks a lot for the explanation. These little mikrotiks are pretty impressive. So do I need to tell the wireless devices how to handle the tags or will it pass this information freely to the second mikrotik?
I think they will happily pass along whatever VLAN tags are in your traffic.
UBNT has quite an intricate vlan configuration screen in advanced mode, but I think by default they’ll just pass everything.