Community discussions

MikroTik App
 
fsd
just joined
Topic Author
Posts: 5
Joined: Fri Jul 09, 2021 9:49 am

Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Fri Jul 09, 2021 10:18 am

Absolute beginner with basic networking knowledge here!

In my home setup I have a D-Link DSL-2888a Router/Modem combo with ac wifi and gigabit ports and a 750gr3 Routerboard. I am on a PPPoE VDSL connection. As the Mikrotik router is connected after the DSL-2888a, I can't utilize the features of the RouterOS for clients directly connected to the Modem. I am on a tight budget so I won't be buying any new hardware and this is a good use-case for many home users who have Router-Modem combo from their ISPs.

I was wondering if I could create static routes for all the ethernet and wlan traffic on the DSL-2888a to the 750gr3 and then route it back to the wan port on the DSL-2888a modem, therefore managing all the traffic of clients connected to the DSL-2888a.

Of course, if there is a more elegant solution that does NOT involve buying new hardware, please let me know!

Also, can the 750gr3 USB port support installing a wifi dongle to enable wifi features on it?
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19104
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Fri Jul 09, 2021 2:06 pm

Sounds like a question for a D-Link forum.
 
fsd
just joined
Topic Author
Posts: 5
Joined: Fri Jul 09, 2021 9:49 am

Re: Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Sat Jul 10, 2021 7:33 pm

Sounds like a question for a D-Link forum.
Care to elaborate? That’s a non-answer.

Pretty sure Mikrotik products are deployed in environments with other vendors’ devices. My question was if such a setup is possible and not about how the “D-Link” router is supposed to be configured.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19104
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Sat Jul 10, 2021 7:43 pm

Yes, sure, dont have a clue about the USB question.

As to the reply, let me quote you
"I was wondering if I could create static routes for all the ethernet and wlan traffic on the DSL-2888"

Cannot help you there as I stated this is not a D-link forum, in terms of the MT device you can apply routes to traffic and you can apply destination nat to traffic so lots of ways to direct flow.
On top of that one can mark, and mangle traffic for many purposes and one can always assign bridges/vlans to traffic.
The weakest and unknown link is the DSL product...........
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11439
Joined: Thu Mar 03, 2016 10:23 pm

Re: Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Sat Jul 10, 2021 8:42 pm

It might be possible, but as @anav already wrote, it mostly depends on what D-link allows you to do and how exactly ISP delivers internet to you.

Here's my example: my ISP gave me xDSL/router/wifi all-in-one box (some minor vendor) while internet service is on top of PPPoE. In this case using that device as simple media converter is easy, I simply disabled all of its functionality. I'm running PPPoE client on my Mikrotik. For IPTV, ISP offers that as multicasts over VLAN and Mikrotik handles that with honours as well.
Now come my assumptions (I never actually tried it): I guess the combo box bridges LAN ports and wireless in a manner similar to what most MT users do. If I'd add physical port on Mikrotik connecting the ISP gadget to rest of LAN ports, then I guess the rest of gadget's LAN ports and wireless would become part of my LAN. For sure the rest of ISP router's LAN functions (e.g. DHCP server, ...) have to be disabled not to interfere with Mikrotik's offering.
Such setup would represent a possible attack path (ISP has their own way of accessing and managing the gadget and there wouldn't exist FW between gadget and MT anymore). And this is all possible because of PPPoE which in this case transparently passes the ISP router and ISP router doesn't have its own WAN IP.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Sat Jul 10, 2021 8:47 pm

Care to elaborate? That’s a non-answer.

..question was if such a setup is possible and not about how the “D-Link” router is supposed to be configured...
How reply without know how that D-Link device work?

On short word: this is MikroTik User Forum, ignoring Mikrotik Staff,
the Forum Users are neither required to know how a D-Link works, nor to go and find out.

Whatever happens, you ask to run something from another competing brand.
 
fsd
just joined
Topic Author
Posts: 5
Joined: Fri Jul 09, 2021 9:49 am

Re: Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Sun Jul 11, 2021 11:18 am

It might be possible, but as @anav already wrote, it mostly depends on what D-link allows you to do and how exactly ISP delivers internet to you.
.
.
Such setup would represent a possible attack path (ISP has their own way of accessing and managing the gadget and there wouldn't exist FW between gadget and MT anymore). And this is all possible because of PPPoE which in this case transparently passes the ISP router and ISP router doesn't have its own WAN IP.
The router/modem is actually mine and is not provided by the ISP, I just plug in the user name and password provided and it works fine. I really don't think there are any limitations from the ISP side.

Aside from the modem's brand, what I'm specifically asking about is the general use-case where common router-modem combos could be configured to pass all their lan and wlan traffic to the Routerboard connected down the network and then the traffic would be forwarded to the wan port on the same router-modem after passing through the RB. The clients connected to the build-in AP of the router modem would see the RB as the internet gateway. Most router-modems provide at least some static routing functionality. I wanted to know if, from a topological perspective using static routes (or some other means) that this is a valid case or not.

I'll attempt to draw the diagram in ascii to clarify my objective (sorry for my crude ascii art skills :) :


(Internet).........x..no direct route.x...............(Home clients)
___|____________________________________\/______ ........................______________
| PTM0(WAN interface)|..............................| LAN interface..|..Static Route?...| RB 750gr3........|
|...................................|<-Modem||Router->| (eth1-4 - wlan)|<----------------->|...........................|
|_________________ |_______________|____________| .........................|_____________|
................ /\________________________________________________________/\

(Dots are used instead of spaces because somehow multiple spaces are treated as one space on this forum.)

Most of Mikrotik's hardware don't have a modem built-in and have to rely on a modem from an external vendor, and it's very common for those modems to have wifi and extra ethernet ports as well as static routing. If what I'm proposing could be done, at the very least the router modem capabilities could be put to use as an extra AP and it could be managed by the robust RouterOS features.

The reason I ask here and not anywhere else is that I could be off-mark with using static routes and somehow RouterOS has a feature that could more elegantly fulfill what I am trying to do. As I said in the post, I'm an absolute beginner here!
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11439
Joined: Thu Mar 03, 2016 10:23 pm

Re: Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Sun Jul 11, 2021 1:09 pm

Not many SOHO routers can be configured the way you are describing ... MT is a rare exception because even entry-level routers run full-featured ROS (which means that it comes with associated configuration complexity which puzzles most newbies). Which means that most probably D-link doesn't allow to set arbitrary number of arbitrary routes, the biggest problem being two default routes (one routing all traffic from LAN towards mikrotik and then all traffic from mikrotik towards internet).

If I understand your goal correctly, then you want to use D-link as
  1. media converter from VDSL to ethernet
  2. switch/AP combo serving LAN hosts

As I wrote in my example, you can probably achieve both if D-link allows PPPoE pass-through (manuals indicate that it does). Then you'd disable all if D-link's WAN features, most of D-link's LAN features (e.g. DHCP server, any snooping, ...), configure D-link LAN IP settings to match LAN subnet of MT and set single default route (using MT as default gateway). On MT you would run PPPoE client off bridge (but remember to add pppoe-out1 interface to WAN interface list so that firewall works as desired). If you don't reconfigure MT to remove any WAN setup from ether1 and add it to the bridge, then ether1 will be useless.
 
User avatar
Smoerrebroed
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Mon Feb 12, 2018 10:21 am

Re: Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Sun Jul 11, 2021 2:00 pm

As I understand it, you want to keep the D-Link for its DSL modem and WiFi capabilities. However, if you want the MT to act as the default gateway in your network, you'd need to assign separate IP addresses (from separate subnets) to the D-Link LAN and the D-Link AP. I am almost certain that this isn't possible with a SOHO device. Why would you not just let the D-Link do its WiFi and have the MT with a separate subnet as a simple client in the D-Link's network? That should at least be possible to set up with what you have.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19104
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Sun Jul 11, 2021 3:51 pm

Not many SOHO routers can be configured the way you are describing ... MT is a rare exception because even entry-level routers run full-featured ROS (which means that it comes with associated configuration complexity which puzzles most newbies). Which means that most probably D-link doesn't allow to set arbitrary number of arbitrary routes, the biggest problem being two default routes (one routing all traffic from LAN towards mikrotik and then all traffic from mikrotik towards internet).

If I understand your goal correctly, then you want to use D-link as
  1. media converter from VDSL to ethernet
  2. switch/AP combo serving LAN hosts

As I wrote in my example, you can probably achieve both if D-link allows PPPoE pass-through (manuals indicate that it does). Then you'd disable all if D-link's WAN features, most of D-link's LAN features (e.g. DHCP server, any snooping, ...), configure D-link LAN IP settings to match LAN subnet of MT and set single default route (using MT as default gateway). On MT you would run PPPoE client off bridge (but remember to add pppoe-out1 interface to WAN interface list so that firewall works as desired). If you don't reconfigure MT to remove any WAN setup from ether1 and add it to the bridge, then ether1 will be useless.
Hi MKX, sounds good, but I reiterate, this is out of our hands to accomplish. and has nothing to do with MT forum support and quite frankly annoying that the OP (phucknuts) hasnt bothered to explore these issues before coming here. As initially stated the MT can handle most scenarios but it cannot control non MT routers.........

you can probably achieve both if D-link allows PPPoE pass-through (manuals indicate that it does). Then you'd disable all if D-link's WAN features, most of D-link's LAN features (e.g. DHCP server, any snooping, ...), configure D-link LAN IP settings to match LAN subnet of MT and set single default route (using MT as default gateway).
 
fsd
just joined
Topic Author
Posts: 5
Joined: Fri Jul 09, 2021 9:49 am

Re: Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Sun Jul 11, 2021 4:08 pm

As I understand it, you want to keep the D-Link for its DSL modem and WiFi capabilities. However, if you want the MT to act as the default gateway in your network, you'd need to assign separate IP addresses (from separate subnets) to the D-Link LAN and the D-Link AP. I am almost certain that this isn't possible with a SOHO device. Why would you not just let the D-Link do its WiFi and have the MT with a separate subnet as a simple client in the D-Link's network? That should at least be possible to set up with what you have.
I already have that as my setup and doesn't need any special setup to run, I just connected the MT to a LAN port on the D-Link and it "did it's thing" for all clients connected further down the network (I have another AP connected to the MT. The D-Link does have Gigabit ports and solid 5Ghz antennas so it's quite a waste to disable them just so I can properly manage the network through the MT. As I said, it's a solid use-case for enthusiasts who want to augment their SOHO device's capabilities with a RB and not have to necessarily have a dedicated modem and access point. I mainly want to use the MT for it's firewall and bandwidth management, maybe even install a network-wide adblocking script on it.
Not many SOHO routers can be configured the way you are describing ... MT is a rare exception because even entry-level routers run full-featured ROS (which means that it comes with associated configuration complexity which puzzles most newbies). Which means that most probably D-link doesn't allow to set arbitrary number of arbitrary routes, the biggest problem being two default routes (one routing all traffic from LAN towards mikrotik and then all traffic from mikrotik towards internet).

If I understand your goal correctly, then you want to use D-link as
  1. media converter from VDSL to ethernet
  2. switch/AP combo serving LAN hosts

As I wrote in my example, you can probably achieve both if D-link allows PPPoE pass-through (manuals indicate that it does). Then you'd disable all if D-link's WAN features, most of D-link's LAN features (e.g. DHCP server, any snooping, ...), configure D-link LAN IP settings to match LAN subnet of MT and set single default route (using MT as default gateway). On MT you would run PPPoE client off bridge (but remember to add pppoe-out1 interface to WAN interface list so that firewall works as desired). If you don't reconfigure MT to remove any WAN setup from ether1 and add it to the bridge, then ether1 will be useless.
You seem to be on to something I'll poke around and see if I can do that. I was envisioning that I would create a static route to say all traffic from 192.168.88.3-254 to anything outside the subnet to go to the MT as a gateway (which would be on 192.168.88.2) and then create route from the MT to go to the d-link's IP on 192.168.88.1. Or even have the d-link and MT on the separate subnet and use the MT as a dhcp server to all the lan traffic on the d-link. It seems plausible that logical routes like this could be set up.

I have yet to own a SOHO device that didn't have at least static routing capabilities and dhcp relay.

My D-Link has those options for static routes:
  • Destination Network
  • Mask
  • Gateway
  • Metric
  • Interface (PTM0, ATM0, Eth0, LAN)
Last edited by fsd on Sun Jul 11, 2021 4:58 pm, edited 1 time in total.
 
fsd
just joined
Topic Author
Posts: 5
Joined: Fri Jul 09, 2021 9:49 am

Re: Route lan and wlan traffic on Router/Modem to Routerboard and back to WAN

Sun Jul 11, 2021 4:24 pm

Hi MKX, sounds good, but I reiterate, this is out of our hands to accomplish. and has nothing to do with MT forum support and quite frankly annoying that the OP (phucknuts) hasnt bothered to explore these issues before coming here. As initially stated the MT can handle most scenarios but it cannot control non MT routers.........
I don't understand where the annoyance is coming from, as this is the Beginner's forum and this about using MT hardware in conjunction with other hardware. I did extensive search on google and unfortunately the keywords 'router' and 'modem' trip up the search and bring about topics related modems being separate. I specifically worded the title so if a solution is achieved, it would show up on the search and other MT users could benefit from it!

If it's a matter of creating a PPPoE passthrough or as I was suggesting creating static routes to force the traffic to flow through the MT then while it can not specifically control non MT routers, all clients on the network whether on the SOHO device or further down the network topology after the MT router could have their traffic controlled by the RouterOS. Everybody wins :)

Who is online

Users browsing this forum: 0xAA55, cmmike, Nullcaller, TheCat12 and 46 guests