Community discussions

MikroTik App
 
Rockyboa
Member Candidate
Member Candidate
Topic Author
Posts: 106
Joined: Tue Jul 14, 2009 10:52 pm

PPPoE Server

Mon Sep 26, 2011 9:41 pm

Question from a customer running a small ISP of 5000 users. Is the RB1100 will handle PPPoE services correctly for this number of user, if not can someone tell me best practice or average we are looking at? Also can we use a combination of RB1100 for clustering the PPPoE server in a way that we have load balancing and failover capability, maybe with HSRP?

We allready have our LDAP database, I guess we should not have problem connecting to it.

Thank you

Martin
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: PPPoE Server

Mon Sep 26, 2011 9:51 pm

A single RB1100 will not be able to connect 5000 PPPoE tunnels, no. You also shouldn't have broadcast domains that span 5000 clients. Break your network up into smaller broadcast domains, and put them onto different RB1100s, or x86 servers if you need higher user counts.

HSRP is a Cisco proprietary first hop redundancy protocol. It doesn't balance load at all, and cannot be used with PPPoE.

You cannot directly connect RouterOS to an LDAP database for authentication purposes. You will need to build a RADIUS server that hooks into your LDAP database (FreeRADIUS is very capable, and free) and have the router authenticate against RADIUS.
 
Rockyboa
Member Candidate
Member Candidate
Topic Author
Posts: 106
Joined: Tue Jul 14, 2009 10:52 pm

Re: PPPoE Server

Mon Sep 26, 2011 11:51 pm

For load balancing I tought about using DNS round-robin and for redundancy VRRP (sorry.)

The ISP just wish to get a gross figure of how many RB1100 or RB1200 (since just dicovered that RB1100 is eol and can't wait till RB1000AHx2

You are right about the broacast domain, but can the PPPoE server many, for instance many /24?

They allready have their Radius server, so we should be fine as long long as the PPPoE auth can leverage this, as you mention.

Thank you.
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: PPPoE Server

Tue Sep 27, 2011 12:13 am

PPPoE connections get established before there's any DNS, or VRRP. Those work via IP address. You get an IP address via the PPPoE mechanism. Therefore PPPoE happens before IP, so you can't use IP load balancing mechanism to load balance PPPoE end points.

It's impossible to state how many users you can put on an RB1100. It depends on how many packets per second will traverse the router, and what it has to do to each packets. Will there be queueing? If so, simple queues or queue trees? Will there be firewalling? What else is the router doing? And so on. If you really, really, really want a number go with 750 connections per router. That should be safe. It's also a really wild and probably hopelessly inaccurate guess. The most important number is pps. Find out, and look at routerboard.com where the specs for each router state how many pps it can handle. Then figure out which tasks you're going to put on the router for each packet, and how it would impact load scenarios.

I'm not being difficult here. It sounds easy to ask "how many users can I put on this router", but you have to realize that it's an extraordinarily difficult question to answer, despite it sounding like such a simple question.

One router can of course terminate multiple broadcast domains, and can act as a PPPoE server for multiple broadcast domains.

Yes, PPPoE can make use of RADIUS just fine.
 
Rockyboa
Member Candidate
Member Candidate
Topic Author
Posts: 106
Joined: Tue Jul 14, 2009 10:52 pm

Re: PPPoE Server

Wed Sep 28, 2011 4:53 am

Good point, how could I contact DNS without first establishing the PPPoE connection. I guess the best I could do is still use VRRP in a n+1 fashion and distributing manually those subnet across many RB1100 for example 2x /24 subnet per router and havin a hot standby in case of a unit break down. Would that be possible? Maybe with some sripting?

I understand that maximum user per router depends on all the overall usage. Yes simple queues will be use, but thats about it. No NAT, No firewall... we will aim at 750 users per devices and buy enough unit just in case... and will go from there.

Thank you again for your advices.

Martin
 
magnavox
Member
Member
Posts: 357
Joined: Thu Jun 14, 2007 1:03 pm

Re: PPPoE Server

Thu Nov 12, 2015 1:04 pm

Good point, how could I contact DNS without first establishing the PPPoE connection. I guess the best I could do is still use VRRP in a n+1 fashion and distributing manually those subnet across many RB1100 for example 2x /24 subnet per router and havin a hot standby in case of a unit break down. Would that be possible? Maybe with some sripting?

I understand that maximum user per router depends on all the overall usage. Yes simple queues will be use, but thats about it. No NAT, No firewall... we will aim at 750 users per devices and buy enough unit just in case... and will go from there.

Thank you again for your advices.

Martin
That hardware and solution have you implemeted? :)

Who is online

Users browsing this forum: baragoon, Guntis, sch and 84 guests