Community discussions

MikroTik App
 
sarky
newbie
Topic Author
Posts: 37
Joined: Wed Jun 30, 2004 3:32 am

Using PPPOE with Real and Fake IPs.

Wed Jun 30, 2004 3:39 am

Hello all

At the moment i have pppoe working fine with fake IP and all is masqueraded but i want to be able to give real routable ips to customers but for some reason when the customer logs on with the real IP he can not ping anything outside the PPPOE server.


I have proxy-ARP on the bridge network which takes all the traffic to the Switch or the Gateway.

Checked all possible config and still cant figure it out.

Thank you

Sarky
 
nhalachev
Frequent Visitor
Frequent Visitor
Posts: 99
Joined: Fri May 28, 2004 4:41 pm
Location: Bulgaria

Wed Jun 30, 2004 11:00 am

Please give us more detailed explanation...
Post output of following commands:

/ip route print
/ip address print
/interface ethernet print detail
/interface pppoe-server server print
/ppp profile print
 
sarky
newbie
Topic Author
Posts: 37
Joined: Wed Jun 30, 2004 3:32 am

Wed Jun 30, 2004 10:39 pm

/ip route print
0 S 0.0.0.0/0 r 192.116.xxx.1 1 link
1 DC 192.116.xxx.0/25 r 0.0.0.0 0 link
2 DC 80.179.xxx.0/24 r 0.0.0.0 0 link

/ip address print

# ADDRESS NETWORK BROADCAST INTERFACE
0 192.116.xxx.115/25 192.116.xxx.0 192.116.xxx.127 link
1 80.179.xxx.3/24 80.179.xxx.0 80.179.xxx.255 link

/interface ethernet pr detail

0 R name="ether1" mtu=1500 mac-address=00:80:C8:F7:7D:7C arp=enabled
disable-running-check=yes auto-negotiation=yes full-duplex=yes
long-cable=no speed=100Mbps

1 R name="ether2" mtu=1500 mac-address=00:80:C8:F7:7D:7D arp=proxy-arp
disable-running-check=yes auto-negotiation=yes full-duplex=yes
long-cable=no speed=100Mbps

2 R name="Midwest3" mtu=1492 mac-address=00:80:C8:F7:7D:7E arp=proxy-arp
disable-running-check=yes auto-negotiation=yes full-duplex=yes
long-cable=no speed=100Mbps

3 R name="OMNI4" mtu=1492 mac-address=00:80:C8:F7:7D:7F arp=proxy-arp
disable-running-check=yes auto-negotiation=yes full-duplex=yes
long-cable=no speed=100Mbps

4 R name="PTI7" mtu=1492 mac-address=00:80:C8:F7:7D:24 arp=proxy-arp
disable-running-check=yes auto-negotiation=yes full-duplex=yes
long-cable=no speed=100Mbps

5 R name="ENE6" mtu=1492 mac-address=00:80:C8:F7:7D:25 arp=proxy-arp
disable-running-check=yes auto-negotiation=yes full-duplex=yes
long-cable=no speed=100Mbps

6 R name="WAR5" mtu=1492 mac-address=00:80:C8:F7:7D:26 arp=proxy-arp
disable-running-check=yes auto-negotiation=yes full-duplex=yes
long-cable=no speed=100Mbps

7 R name="EFF8" mtu=1492 mac-address=00:80:C8:F7:7D:27 arp=proxy-arp
disable-running-check=yes auto-negotiation=yes full-duplex=yes
long-cable=no speed=100Mbps


/interface pppoe-server server print

0 service-name="Omni" interface=Midwest3 mtu=1492 mru=1492
authentication=mschap2,mschap1,chap,pap keepalive-timeout=disabled
one-session-per-host=no default-profile=OMNI

1 service-name="WAR2" interface=OMNI4 mtu=1492 mru=1492
authentication=mschap2,mschap1,chap,pap keepalive-timeout=disabled
one-session-per-host=yes default-profile=WAR

2 service-name="PTI" interface=PTI7 mtu=1492 mru=1492
authentication=mschap2,chap,pap keepalive-timeout=disabled
one-session-per-host=yes default-profile=EFF

3 service-name="ENE" interface=ENE6 mtu=1492 mru=1492
authentication=mschap2,mschap1,chap,pap keepalive-timeout=disabled
one-session-per-host=yes default-profile=ENE

4 service-name="EFF" interface=EFF8 mtu=1492 mru=1492
authentication=mschap2,mschap1,chap,pap keepalive-timeout=disabled
one-session-per-host=yes default-profile=EFF

5 service-name="WAR" interface=WAR5 mtu=1492 mru=1492
authentication=mschap2,chap,pap keepalive-timeout=disabled
one-session-per-host=yes default-profile=WAR

/ppp profile print

0 * name="WAR2" local-address=192.116.xxx.3 remote-address=WAR2
session-timeout=0s idle-timeout=10m use-compression=no
use-vj-compression=no use-encryption=no require-encryption=no
only-one=yes change-tcp-mss=yes tx-bit-rate=0 rx-bit-rate=0
incoming-filter="" outgoing-filter="" dns-server="" wins-server=0.0.0.0

1 name="MIDWEST" local-address=192.116.xxx.6 remote-address=MIDWEST
session-timeout=0s idle-timeout=10m use-compression=no
use-vj-compression=no use-encryption=no require-encryption=no
only-one=yes change-tcp-mss=yes tx-bit-rate=0 rx-bit-rate=0
incoming-filter="" outgoing-filter="" dns-server="" wins-server=""

2 name="WAR" local-address=192.116.xxx.2 remote-address=WAR
session-timeout=0s idle-timeout=10m use-compression=no
use-vj-compression=no use-encryption=no require-encryption=no
only-one=yes change-tcp-mss=yes tx-bit-rate=0 rx-bit-rate=0
incoming-filter="" outgoing-filter="" dns-server="" wins-server=""

3 name="EFF" local-address=192.116.xxx.7 remote-address=EFF
session-timeout=0s idle-timeout=10m use-compression=no
use-vj-compression=no use-encryption=no require-encryption=no
only-one=yes change-tcp-mss=yes tx-bit-rate=0 rx-bit-rate=0
incoming-filter="" outgoing-filter="" dns-server="" wins-server=0.0.0.0

4 name="ENE" local-address=192.116.xxx.5 remote-address=ENE
session-timeout=0s idle-timeout=10m use-compression=no
use-vj-compression=no use-encryption=no require-encryption=no
only-one=yes change-tcp-mss=yes tx-bit-rate=0 rx-bit-rate=0
incoming-filter="" outgoing-filter="" dns-server="" wins-server=""

5 name="PTI" local-address=192.116.xxx.4 remote-address=PTI
session-timeout=0s idle-timeout=10m use-compression=no
use-vj-compression=no use-encryption=no require-encryption=no
only-one=yes change-tcp-mss=yes tx-bit-rate=0 rx-bit-rate=0
incoming-filter="" outgoing-filter="" dns-server="" wins-server=0.0.0.0

6 name="OMNI" local-address=192.116.xxx.8 remote-address=OMNI
session-timeout=0s idle-timeout=10m use-compression=no
use-vj-compression=no use-encryption=no require-encryption=no
only-one=yes change-tcp-mss=yes tx-bit-rate=0 rx-bit-rate=0
incoming-filter="" outgoing-filter="" dns-server="" wins-server=0.0.0.0




The address on link are 2 Public ips assigned, i have 1 subnet 25 and 1 subnet 24.

Thank you and hope that can help solve my problem


sarky
 
sarky
newbie
Topic Author
Posts: 37
Joined: Wed Jun 30, 2004 3:32 am

Wed Jun 30, 2004 10:41 pm

i forgot the /interface bridge print detail

Flags: X - disabled, R - running
0 R name="link" mtu=1500 arp=proxy-arp mac-address=00:80:C8:F7:7D:7C
forward-protocols=ip,arp,appletalk,ipx,ipv6,other stp=no priority=1
ageing-time=5m forward-delay=15s garbage-collection-interval=4s
hello-time=2s max-message-age=20s
 
ionut
newbie
Posts: 30
Joined: Wed Jun 30, 2004 4:52 pm

Thu Jul 01, 2004 2:31 pm

don't forget to route the real ips on the interface with gateway .. the routing table on mikrotik is good but the rel ip are nor routed from your gateway to your ip an mikrotik!

Try tu route real ip on 192.116.x.x to work !
 
nhalachev
Frequent Visitor
Frequent Visitor
Posts: 99
Joined: Fri May 28, 2004 4:41 pm
Location: Bulgaria

Thu Jul 01, 2004 3:25 pm

Why are you using bridge interface in case of proxy-arp bridging ? It will be more clear to use one of them.
post /interface bridge port print
Maybe is good idea to start configuration from scratch ...
 
sarky
newbie
Topic Author
Posts: 37
Joined: Wed Jun 30, 2004 3:32 am

Fri Jul 02, 2004 2:26 am

/interface bridge port print

[admin@link] > /interface bridge port print
# INTERFACE BRIDGE PRIORITY PATH-COST
0 ether1 link 128 10
1 ether2 link 128 10
2 Midwest3 none 128 10
3 OMNI4 none 128 10
4 PTI7 none 128 10
5 ENE6 none 128 10
6 WAR5 none 128 10
7 EFF8 none 128 10

The reason i am using bridge is to save me using 2 real ips on Ether1 and Ether2 and then split my network subnets.

anyways if there is anything you would like me to try let me know.

Plus i have a txt version of the way my network looks but i dont know where to post it .

Thanx

Sarky
 
sarky
newbie
Topic Author
Posts: 37
Joined: Wed Jun 30, 2004 3:32 am

Fri Jul 02, 2004 2:47 am

ionut What do you mean route the real ip, how can i route it, 3 ips from the /24 is out of the box and the balance i want to use it in the box.

Sarky
 
nhalachev
Frequent Visitor
Frequent Visitor
Posts: 99
Joined: Fri May 28, 2004 4:41 pm
Location: Bulgaria

Fri Jul 02, 2004 10:32 am

sarky,
read carefully http://www.mikrotik.com/docs/ros/2.8/ip/address.main
and there is also very good simple example about proxy-arp feature.
This example is exactly what you need i think.

Make test MT box with 2 ethernet interfaces and follow example.[/quote]
 
sarky
newbie
Topic Author
Posts: 37
Joined: Wed Jun 30, 2004 3:32 am

Fri Jul 02, 2004 2:44 pm

I saw the example it looks very similar to my setup apart from the example using ether-LAN and mine is using a bridge.

the odd thing was with the setup i have i managed to get it working for one night but when the system crashed and needed a reboot it came back up blocking all real ips out.

maybe it is time to remove the bridge and put ether1 directly to the switch :)

Sarky

Who is online

Users browsing this forum: Ahrefs [Bot] and 65 guests