Community discussions

MikroTik App
 
nzjimmy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 54
Joined: Tue Oct 03, 2017 11:47 pm

My wisp network design is strange?

Sun Jan 20, 2019 4:31 am

Hello, I'm looking for feedback on my network design because I want it to be as good as I can make it, but think I may be making it strange. I see no other way of achieving what I want, but you may?!

Core mt router -> ptp link -> ptp link -> ptp link -> ptp link -> AP - - - - > subscribers. At each ptp link i'm also chucking up a single AP, because why not.

Core router - One vlan per customer, these vlans all sit on the same eth interface (LAN/trunk), a "customer bridge" has every customer vlan added to it, a /25 public subnet and dhcp server is added to the bridge itself, no addressing is applied to the customer vlans directly.

L2 - all switches between the core router and AP have all vlans added and all ports are trunks.

CPE radio - every CPE radio is in bridge mode and utilises the "data vlan" feature to strip the customer's unique vlan tag then pass the untagged traffic on.

CPE router - customer can plug WAN cable into PC to receive public ip directly, or plug into a CPE router.

The reason I ended up here is because; I want to control bandwidth all in one router. I want to use vlans for isolating customer traffic, keeping it L2. QoS will work as traffic across ptp links is L2. I wanted public IP to sit on customers WAN port so they can port forward etc. I wanted upnp to work for gamers. I didn't want to use PPPoE as that would be too easy, also, I have some Ignitenet radios that failover from 60Ghz to 5.8Ghz and I didn't want PPPoE to break each time it rained.

I have benched this network and it does work as expected, although I have only tried using private addressing. If customers plug their WAN cable into a switch they could get all the subnet's IPs - however, the radio has a function to limit mac addresses on eth port which fixes this problem. I was going to try using "horizon" to isolate customer vlans at core router but they cannot ping anyway it seems - I figured they would not be isolated as they share a subnet, even though they are on different vlans, but my bench test shows they are isolated. Finally, for some reason customer WAN ip cannot ping core router gateway unless I uncheck "broadcast storm" in the bridge port settings per customer vlan .... : / ?

Please pick my design apart and tell how to make it better :)

Thank you in advance!

Jimmy
 
mistry7
Forum Guru
Forum Guru
Posts: 1480
Joined: Tue Oct 13, 2009 11:57 am
Location: Germany

Re: My wisp network design is strange?

Sun Jan 20, 2019 2:33 pm

You put every VLAN into a bridge? And then use Bridge Filter for separation?

Why keep it in L2? If you network is getting bigger broadcast will be a problem for you AP‘s
 
fgoldstein
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Thu Aug 19, 2010 4:50 am

Re: My wisp network design is strange?

Sun Jan 20, 2019 9:05 pm

In general I agree with the design. By using VLANs, you don't have to worry about broadcast traffic, which old-fashioned flat bridged networks suffered from. The only thing that seems odd to me is using separate VLANs for each customer. You can cluster a group of users onto a single VLAN (not so many that broadcast traffic becomes an issue), and you could use a different VLAN for high-priority traffic such as VoIP. But doing the routing for hundreds of users at one place is a good idea. It means that changes in the backhaul topology, as could happen suddenly if you let RSTP manage redundant paths, won't impact the IP layer.
 
nzjimmy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 54
Joined: Tue Oct 03, 2017 11:47 pm

Re: My wisp network design is strange?

Thu Nov 11, 2021 6:35 am

Sorry I never replied. I built the WISP and 200 customers joined : )

Who is online

Users browsing this forum: No registered users and 107 guests