Community discussions

MikroTik App
 
Wiky5
just joined
Topic Author
Posts: 2
Joined: Sun Aug 29, 2021 5:41 pm

Farm Network Help

Thu Sep 02, 2021 1:12 am

Hi

I am helping my parents build an internal network on their farm in Patagonia, in order to distribute internet to different sectors and install different cameras and network controlled devices.

Since I've never configured mikrotik devices for anything bigger than a soho, I'd like to ask for some help from you.

In the attached sketch you'll find an outline of what we have, but basically we built a 36m tower next to our house. On said tower we installed a dynadish 5 which connects to another dynadish we installed on another tower in the closest town to provide internet. The only installations we have in the town are a media converter (from the ISP), poe injector and the dynadish.

In the same tower on the farm we currently have an LHG 5 (which I want to replace for an omnitik) connected to another LHG 5 5300m away, providing internet there. The replacement for an omnitik is because we want to have several internet connections throughout the farm, and the only long link is that 5.3km one, which according to link.ui.com could be realized without any problems at a -67dB signal level. Other links are mostly shorter than 2km and the maximum throughput will never exceed 50Mbit/s

At the house I have a hAP ac lite with an ethernet cable coming from the dynadish in the tower, and an ethernet cable going to the LHG (which I want to replace with the omnitik). It acts as a router and although mine, both dynadishes are out of our network. I'd really like them to be inside though.

At the remote sites, every device works as an edge bridge/switch/dumb AP, the only router + DHCP server being the hAP ac lite at the house.

So, here come the problems:
At the "remote" location ethernet devices work wonderfully, computers and windows phone connect fine, but android devices start a never ending loop of connecting, obtaining IP Address, disconnected, connecting and so forth (changing state several times per second). How can I fix this, if I've already implemented the "set as edge connection" configuration?

How should I configure the network if I want to have everything within the farm to be in the same VLAN? We want to place cameras and controllers all around.

How can I get both dynadishes inside my network (for configuration and stuff) if the internet connection is provided as a pppoe client configured in the house's hAP lite?

Can I install a dumb non manageable poe switch at the tower's base connecting the dynadish, omnitik and hAP lite together? The current ethernet cables are about 60m long and although they work fine, the segments climbing the tower are starting to get sunburnt (bad quality cable sold as good...) and changing 30m of underground cable + 36m of tower cable isn't really practical, but since we operate on battery power I'd like to keep component count and power output to the bare minimum.

Thank you very much

Kind regards,

Willy
You do not have the required permissions to view the files attached to this post.
 
User avatar
deadkat
Frequent Visitor
Frequent Visitor
Posts: 57
Joined: Sun Nov 15, 2020 11:14 pm
Location: Alabama, USA

Re: Farm Network Help

Sun Sep 05, 2021 3:48 pm

In the order you listed for the problems here.

1) more info about mikrotik config is needed. Can you post an export with the “hide-sensitive” option?

2 and 3) I’m not comfortable enough with vlans on Mikrotik to do anything more than refer you to someone that knows more than me. viewtopic.php?t=143620

4) yes. You could consider a hEX poe or hEX poe lite and simply bridge all ports with no routes or firewall/nat rules in the hEX. The same product is available as the PowerBox (hEX poe lite) or PowerBox pro (hEX poe). Each PowerBox is the same hEX board indicated but is instead sold inside of a weatherproof enclosure. Be sure to consider power needs. The lite will be cheaper but also cannot output as much power via poe.
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Farm Network Help

Sun Sep 05, 2021 5:39 pm

Given that PoE-out versions of Omnitiks exist, I'd recommend not to use a separate switch (with its own share of power consumption) but the Omnitik itself to power the Dynadish. If I get it right, the battery power is available at the bottom of the mast, so I'd use one passive injector there to feed the Omnitik and via the Omnitik the Dynadish, and another passive injector to feed the hAP ac lite in the house. Besides, you'd need a "passive-PoE" switch, as hAP ac lite accepts max. 28 V PoE, and Omnitik 5 AC PoE's datasheet declares 802.3af/at support on output but not on input. OmniTIK 5 PoE ac comes bundled with a power adaptor that can feed all three, so you only need a forking cable for the DC barrel connectors and a passive interconnector for the power-less sides of the two injectors.

As for VLANs and PPPoE... in an extremely simplified case, you don't need tagged VLANs at all. Myself, I would definitely use dedicated VLANs for the utility devices (cameras etc.), the WiFi for your family, and the WiFi for anyone else, and define firewall rules to policy access among these three and the internet (something like "family can watch cameras but visitors/employees cannot, everyone but the cameras can access internet"). But as PPPoE uses different protocols at Ethernet level, you may opt to have all your Mikrotik devices just bridged together, including the DynaDish in the town, and the PPPoE client can run at either device at your tower or at the hAP ac lite in the house. I'd choose one of the devices on the tower simply because they have a more powerful CPU than the hAP ac lite and gigabit throughput, but if your internet uplink bandwidth is below 10 Mbit/s, it doesn't matter. You only need to use bridge filter rules at the DynaDish in the town, allowing only pppoe and pppoe-discover to be received/sent via the Ethernet interface, so that the IP traffic of your network would not leak/interfere with the one in the ISP's network and vice versa. The device running the PPPoE client would be the only router in the whole network (between the PPPoE client interface and the rest of the network), and a DHCP server and firewall. So this way, even the Dynadish in the town would be part of the farm network IP-wise.

Check the prices in (Argentina?Chile) - maybe an UV-stable protective sleeve is cheaper than an UV-stable Ethernet cable?

Who is online

Users browsing this forum: almdandi, baragoon, Bing [Bot], GoogleOther [Bot], HugoCar, loloski, pajapatak and 75 guests