Community discussions

MUM Europe 2020
 
Sparkling
just joined
Topic Author
Posts: 6
Joined: Sun Jul 06, 2014 9:38 pm

Share cable IPTV & Internet RB951G/CRS125

Sat Jul 12, 2014 5:01 pm

Hi guys,

I've been using a RB951G-2HnD for about a year now, as my primary router.

My ISP sends 2 VLANs for the services:
-VLAN 6 as transport for the PPPoE session
-VLAN 4 for multicast IPTV traffic

My RB951G has 2 bridges (bridge-local & bridge-iptv). This means I have to connect 2 wires from the router to my apartment: 1 is connected to bridge-local and the other to bridge-iptv, obviously.
This configuration works, however it would be great if I could share both services on 1 UTP cable. I've ordered a CRS125 to accomplish this, yet I'm not sure how to set it all up.

I don't use a VLAN for my local network & VLAN 4 is delivered to my STB's, untagged.

Is it possible to configure the RB951G the way I would like, or should I use the CRS125 for it?

This is the relevant config of my RB951G:
/interface ethernet
#
# Port 1 (ether1) = NTU 
#
set 0 arp=proxy-arp auto-negotiation=yes  \
    disabled=no full-duplex=yes l2mtu=1598  \
    mtu=1500 name=ether1-gateway speed=1Gbps
#
# Port 2 (ether2) = LAN
#

set 1 arp=enabled auto-negotiation=yes \
    disabled=no full-duplex=yes l2mtu=1598 \
    mtu=1500 name=ether2 speed=1Gbps

#
# VLAN 4 = iptv
# VLAN 6 = internet
#

/interface vlan
add arp=enabled disabled=no interface=ether1-gateway l2mtu=1594 mtu=1500 \
    name=vlan1.6 use-service-tag=no vlan-id=6
add interface=ether1-gateway l2mtu=1594 name=vlan1.4 vlan-id=4

#
# PPPoE profile
#

/ppp profile
set 0 change-tcp-mss=yes name=default only-one=default use-compression=\
    default use-encryption=default use-mpls=default use-vj-compression=\
    default

#
# PPPoE Client
#

/interface pppoe-client
add add-default-route=yes allow=pap,mschap2 \
    dial-on-demand=no disabled=no interface=vlan1.6 keepalive-timeout=20 max-mru=1480 max-mtu=1480 \
    mrru=disabled name=pppoe password=xxx profile=default \
    use-peer-dns=no user=xx-xx-xx-xx-xx-xx
	
#
# Bridges
#

/interface bridge
add name=bridge-local arp=proxy-arp
add name=bridge-iptv

/interface bridge port
add bridge=bridge-local interface=ether2
add bridge=bridge-local interface=ether3
add bridge=bridge-local interface=ether4
add bridge=bridge-local interface=wlan1
add bridge=bridge-iptv interface=vlan1.4
add bridge=bridge-iptv interface=ether5
Image
 
User avatar
Etz
Member Candidate
Member Candidate
Posts: 159
Joined: Thu Mar 27, 2014 10:09 am
Location: Estonia

Re: Share cable IPTV & Internet RB951G/CRS125

Thu Jul 17, 2014 12:33 am

Well, IGMP Proxy should resolve that problem, so you can put everything behind the NAT... ;)

For example I use CRS125 for the very same purpose, only difference is that my ISP doesnt use PPPoE but plain DHCP.
And 10.0.0.0/23 is ISP IPTV servers network.

Relevant config:

ros code

/interface vlan
add interface=sfp1 l2mtu=1584 name=sfp1.4 vlan-id=4

/ip dhcp-client
add default-route-distance=0 dhcp-options=clientid,hostname disabled=no \
    interface=sfp1
add add-default-route=special-classless dhcp-options=clientid,hostname disabled=no \
    interface=sfp1.4

/ip firewall nat
add action=masquerade chain=srcnat out-interface=sfp1
add action=masquerade chain=srcnat out-interface=sfp1.4

/routing igmp-proxy
set query-interval=1m5s

/routing igmp-proxy interface
add alternative-subnets=10.0.0.0/23 interface=sfp1.4 upstream=yes
add interface=ether01
This is CRS specific and as Mikrotik doesnt support IGMP Snooping I`m forced to use multicast-fdb
As I dont want to flood multicast out to all interfaces, but only to STB`s. (Filtering by STB MAC addresses)

ros code

/interface ethernet switch multicast-fdb
add address=00:02:XX:XX:XX:XX bypass-vlan-filter=yes svl=yes
add address=00:02:XX:XX:XX:XX bypass-vlan-filter=yes svl=yes
add address=00:02:XX:XX:XX:XX bypass-vlan-filter=yes svl=yes
As a sidenote, I dont use bridge interface. Local network IP and DHCP is directly configured to ether01, which is master for all other ports.
SFP1 is is Internet vlan form ISP which is untagged, SFP1.4 is IPTV vlan 4 tagged.
Local network is "flat", no separate vlan`s, everything is in the same subnet (very same way as you want to achieve this)
 
i4jordan
Frequent Visitor
Frequent Visitor
Posts: 76
Joined: Mon Sep 02, 2013 1:42 am

Re: Share cable IPTV & Internet RB951G/CRS125

Thu Jul 17, 2014 2:13 am

Sharing multiple networks one cable can be done with VLAN's.
But you need a VLAN capable device on both sides of the network.
There are simple 8 of 16 port switches which support Layer2 VLAN. Like TPLInk TL-SG1016DE (http://nl.tp-link.com/products/details/ ... 016DE#spec)
Pricing around € 95 (https://www.4launch.nl/shop/#p-4-productid-347477)

On the MKT side you maken 2 tagged VLAN interfaces on a ethernet port.
And add those tagged VLAN interface to the bridges you have.
On the switch side you define 2 VLAN and put those tagged on the single uplink port and untaged on the other ports you wish to use for TV and for computer/LAN.
The VLAN ID's on the link between teh MKT and the switch are free to choose. Like 100 and 200. They do not need to be the same as the VLAn4/6 you have on your WAN side.
 
User avatar
Etz
Member Candidate
Member Candidate
Posts: 159
Joined: Thu Mar 27, 2014 10:09 am
Location: Estonia

Re: Share cable IPTV & Internet RB951G/CRS125

Thu Jul 17, 2014 9:37 am

IMHO, I dont see any reasonable point to use different internal vlan`s on a such small network...especially when you only have couple of STB`s... :)
Also that would require changing switch config every time, when you unplug STB and plug it in somwhere else.

When you have one "flat" Lan, you can just connect and disconnect devices without even logging in into router or switch and it would just work. ;)
 
i4jordan
Frequent Visitor
Frequent Visitor
Posts: 76
Joined: Mon Sep 02, 2013 1:42 am

Re: Share cable IPTV & Internet RB951G/CRS125

Thu Jul 17, 2014 12:59 pm

@Etz

Yes flat would be perfect but is not working in his situation.
The STB's are not using a 'standard' internet connection. They have a separate network on the provider network and should have direct IP's from the provider. So also no NAT.
The LAN devices require a 'normal' internet connection and also should use NAT.
This is why you need 2 separate networks internally. The 2 internal networks must be connected to the 2 external ISP VLAN networks.

I have made a lot of this kind of constructions for customers who have KPN or XS4ALL (Dutch ISP's) who are working with VLAN 4 (TV), 6 (PPPoE internet) and 7 (VoIP).
 
User avatar
Etz
Member Candidate
Member Candidate
Posts: 159
Joined: Thu Mar 27, 2014 10:09 am
Location: Estonia

Re: Share cable IPTV & Internet RB951G/CRS125

Thu Jul 17, 2014 1:04 pm

Yes flat would be perfect but is not working in his situation.
Why not?
The STB's are not using a 'standard' internet connection. They have a separate network on the provider network and should have direct IP's from the provider. So also no NAT.
Actually they do not. I have pretty similar setup myself, and it will work just fine behind the NAT you just need to provide connectivity for STB`s via IGMP Proxy.
Also UDP connectivity is needed to recieve stream.
The LAN devices require a 'normal' internet connection and also should use NAT.
This is why you need 2 separate networks internally. The 2 internal networks must be connected to the 2 external ISP VLAN networks.
You dont need multiple Internal networks for this, routes received via DHCP or even static routes would resolve this.
Only thing you need is 2 NAT`s one for every uplink and IGMP Proxy for IPTV vlan.
I have made a lot of this kind of constructions for customers who have KPN or XS4ALL (Dutch ISP's) who are working with VLAN 4 (TV), 6 (PPPoE internet) and 7 (VoIP).
I have done multiple setups in Telia networks also worked for years of one of ISP`s belonging to Telia. ;)
 
i4jordan
Frequent Visitor
Frequent Visitor
Posts: 76
Joined: Mon Sep 02, 2013 1:42 am

Re: Share cable IPTV & Internet RB951G/CRS125

Thu Jul 17, 2014 1:28 pm

@Etz

I do not say your solution is not working.
It is more that I have not worked with IGMP Proxy. I will take some time to learn more about these features.

Thank you for your explanations.
 
Sparkling
just joined
Topic Author
Posts: 6
Joined: Sun Jul 06, 2014 9:38 pm

Re: Share cable IPTV & Internet RB951G/CRS125

Mon Jul 28, 2014 12:28 am

Well, IGMP Proxy should resolve that problem, so you can put everything behind the NAT... ;)

For example I use CRS125 for the very same purpose, only difference is that my ISP doesnt use PPPoE but plain DHCP.
And 10.0.0.0/23 is ISP IPTV servers network.

Relevant config:

ros code

/interface vlan
add interface=sfp1 l2mtu=1584 name=sfp1.4 vlan-id=4

/ip dhcp-client
add default-route-distance=0 dhcp-options=clientid,hostname disabled=no \
    interface=sfp1
add add-default-route=special-classless dhcp-options=clientid,hostname disabled=no \
    interface=sfp1.4

/ip firewall nat
add action=masquerade chain=srcnat out-interface=sfp1
add action=masquerade chain=srcnat out-interface=sfp1.4

/routing igmp-proxy
set query-interval=1m5s

/routing igmp-proxy interface
add alternative-subnets=10.0.0.0/23 interface=sfp1.4 upstream=yes
add interface=ether01
This is CRS specific and as Mikrotik doesnt support IGMP Snooping I`m forced to use multicast-fdb
As I dont want to flood multicast out to all interfaces, but only to STB`s. (Filtering by STB MAC addresses)

ros code

/interface ethernet switch multicast-fdb
add address=00:02:XX:XX:XX:XX bypass-vlan-filter=yes svl=yes
add address=00:02:XX:XX:XX:XX bypass-vlan-filter=yes svl=yes
add address=00:02:XX:XX:XX:XX bypass-vlan-filter=yes svl=yes
As a sidenote, I dont use bridge interface. Local network IP and DHCP is directly configured to ether01, which is master for all other ports.
SFP1 is is Internet vlan form ISP which is untagged, SFP1.4 is IPTV vlan 4 tagged.
Local network is "flat", no separate vlan`s, everything is in the same subnet (very same way as you want to achieve this)
At the last rules, which port(s) did you add, since it seems to be required? I've tried ether2, ether2 & ether22 (connected to STB) and just ether22. None of those combinations worked. My ISP sends me encrypted multicast traffic (I _need_ the STB do decrypt & watch tv), would that matter regarding this configuration?

ros code

/interface ethernet switch multicast-fdb
add address=00:02:XX:XX:XX:XX bypass-vlan-filter=yes svl=yes
add address=00:02:XX:XX:XX:XX bypass-vlan-filter=yes svl=yes
add address=00:02:XX:XX:XX:XX bypass-vlan-filter=yes svl=yes
I've changed my setup & configured my CRS125 as switch, ether1 as gateway, the other ports use master-port=ether2. Althought I've still created a bridge, to add to wlan1. Could I also use the dhcp-server of ether2 on wlan1 (configured as AP) without creating a bridge?
 
User avatar
Etz
Member Candidate
Member Candidate
Posts: 159
Joined: Thu Mar 27, 2014 10:09 am
Location: Estonia

Re: Share cable IPTV & Internet RB951G/CRS125

Mon Jul 28, 2014 8:34 am

At the last rules, which port(s) did you add, since it seems to be required? I've tried ether2, ether2 & ether22 (connected to STB) and just ether22. None of those combinations worked.
What do you mean by last rules?
If you use firewall then you have to allow IGMP & UDP trough it. (My example doesnt contain those)
My ISP sends me encrypted multicast traffic (I _need_ the STB do decrypt & watch tv), would that matter regarding this configuration?
Doesnt matter, it will still work. My ISP does exactly the same.
I've changed my setup & configured my CRS125 as switch, ether1 as gateway, the other ports use master-port=ether2. Althought I've still created a bridge, to add to wlan1. Could I also use the dhcp-server of ether2 on wlan1 (configured as AP) without creating a bridge?
Without bridge, your WLAN probably wont work, so you need a bridge. (I dont, as my device doesnt have Wireless AP built-in)
And if you use Bridge, just replace ether01 in my configs with corresponding bridge interface ;)
 
Sparkling
just joined
Topic Author
Posts: 6
Joined: Sun Jul 06, 2014 9:38 pm

Re: Share cable IPTV & Internet RB951G/CRS125

Mon Jul 28, 2014 11:50 pm

At the last rules, which port(s) did you add, since it seems to be required? I've tried ether2, ether2 & ether22 (connected to STB) and just ether22. None of those combinations worked.
What do you mean by last rules?
If you use firewall then you have to allow IGMP & UDP trough it. (My example doesnt contain those)
After entering the command regarding multicast-fdb, the console echo'ed "Ports:", so I assumed it was required.

I've reverted to a bridge configuration, to attach wlan1 to the bridge. This time, my STB receives a lease in the same pool of my LAN: 192.168.2.244/24.
Normally, the STB is connected with IP 10.15.69.146/16, gateway 10.15.0.1. This time the STB seemed to boot like it should: normal bootscreen (loading software - loading EPG) and when it would normally switch to a broadcast, an error code appears, stating the STB isn't connected to the IPTV network.

ros code

/ip dhcp-client print 
Flags: X - disabled, I - invalid 
 #   INTERFACE                                     USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS        ADDRESS           
 0   vlan1.4                                       yes          special-classless searching...

ros code

/interface vlan
add interface=ether1-gateway l2mtu=1594 name=vlan1.4 vlan-id=4
add interface=ether1-gateway l2mtu=1594 name=vlan1.6 vlan-id=6

/interface pppoe-client
add add-default-route=yes allow=pap,mschap2 \
    dial-on-demand=no disabled=no interface=vlan1.6 keepalive-timeout=20 max-mru=1480 max-mtu=1480 \
    mrru=disabled name=pppoe password=xxx profile=default \
    use-peer-dns=no user=xx-xx-xx-xx-xx-xx

/ip dhcp-client
add add-default-route=special-classless dhcp-options=clientid,hostname \
    disabled=no interface=vlan1.4

/routing igmp-proxy
set query-interval=1m5s

/routing igmp-proxy interface
add alternative-subnets=10.0.0.0/16 interface=vlan1.4 upstream=yes
add interface=br-local

/interface ethernet switch multicast-fdb
add address=00:02:9b:88:20:05 bypass-vlan-filter=yes svl=yes

/interface bridge
add arp=proxy-arp l2mtu=1588 name=br-local

/interface bridge port
add bridge=br-local interface=ether2
add bridge=br-local interface=ether3
add bridge=br-local interface=wlan1

/ip firewall nat
add action=masquerade chain=srcnat out-interface=vlan1.4

/ip firewall filter
add chain=input comment="iptv igmp" in-interface=vlan1.4 protocol=igmp
add chain=input comment="iptv udp" in-interface=vlan1.4 protocol=udp

/interface ethernet switch multicast-fdb
add address=00:02:XX:XX:XX:XX bypass-vlan-filter=yes svl=yes

Flags: X - disabled, R - radius, D - dynamic, B - blocked 
 #   ADDRESS                                                                        MAC-ADDRESS       HOST-NAME                                       SERVER                                       RATE-LIMIT                                       STATUS 
 0 D 192.168.2.250                                                                  XX:XX:XX:XX:XX:XX                                                 dhcp-lan                                                                                      bound  
 1 D 192.168.2.244                                                                  00:02:XX:XX:XX:XX                                                 dhcp-lan                                                                                      bound
ps. In the above config, 192.168.2.250 is my own PC.
 
User avatar
Etz
Member Candidate
Member Candidate
Posts: 159
Joined: Thu Mar 27, 2014 10:09 am
Location: Estonia

Re: Share cable IPTV & Internet RB951G/CRS125

Tue Jul 29, 2014 1:17 am

ros code

/ip dhcp-client print 
Flags: X - disabled, I - invalid 
 #   INTERFACE                                     USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS        ADDRESS           
 0   vlan1.4                                       yes          special-classless searching...
Aparently your IPTV upstream interface didnt obtain IP from ISP ;)

ros code

/ip firewall filter
add chain=input comment="iptv igmp" in-interface=vlan1.4 protocol=igmp
add chain=input comment="iptv udp" in-interface=vlan1.4 protocol=udp
This may be rather unsafe, I for example use those rules in conjunction with src-adress, permitting them only from Multicast servers, here is the example:

ros code

chain=input action=accept protocol=igmp src-address=10.0.0.0/23 in-interface=sfp1.4
And don`t forget to add them to forward chain aswell, if you use it.
 
tapalcapo
just joined
Posts: 12
Joined: Sat Mar 24, 2012 5:38 pm

Re: Share cable IPTV & Internet RB951G/CRS125

Fri Aug 01, 2014 9:46 pm

Hi, I need help please.

It's simple:

PC1 192.168.7.254 WITCH VLC STREAMING UDP 224.0.23.10 In router eth2 192.168.7.1

PC2 192.168.6.254 With VLC CLient in router eth3 192.168.6.1

Igmp proxy set up.
But in client I can't see the streaming.
I test all.
[img]1.jpg[/img]
[img]2.jpg[/img]
[img]3.jpg[/img]
You do not have the required permissions to view the files attached to this post.
 
freshworks
just joined
Posts: 2
Joined: Sat Aug 23, 2014 1:15 am

Re: Share cable IPTV & Internet RB951G/CRS125

Thu Sep 04, 2014 3:49 pm

At the last rules, which port(s) did you add, since it seems to be required? I've tried ether2, ether2 & ether22 (connected to STB) and just ether22. None of those combinations worked.
What do you mean by last rules?
If you use firewall then you have to allow IGMP & UDP trough it. (My example doesnt contain those)
My ISP sends me encrypted multicast traffic (I _need_ the STB do decrypt & watch tv), would that matter regarding this configuration?
Doesnt matter, it will still work. My ISP does exactly the same.
I've changed my setup & configured my CRS125 as switch, ether1 as gateway, the other ports use master-port=ether2. Althought I've still created a bridge, to add to wlan1. Could I also use the dhcp-server of ether2 on wlan1 (configured as AP) without creating a bridge?
Without bridge, your WLAN probably wont work, so you need a bridge. (I dont, as my device doesnt have Wireless AP built-in)
And if you use Bridge, just replace ether01 in my configs with corresponding bridge interface ;)
Hi,

Currently i'am trying to accomplish the very same situation, using the fiber from KPN on my CRS125. I Switched from a RB2011 to a CRS125. The main reason was to get more speed of my router. We have 500/500mbit over here, but with the RB2011 we only get ~200mbit d/u. So i though the CRS125 could accomplish more cause of the switch function.

Already tried some config's but still i only got around 200/mbit up/down. Almost same config as the RB2011 with bridges and firewall rules. I would like to see that my CRS125 is using more of it's switch-cpu capacities so i can get a higher speed down and up.

@Sparkling Could you probably share your config, so i could test it on my CRS125 (With WLAN1), thanks!
 
User avatar
Etz
Member Candidate
Member Candidate
Posts: 159
Joined: Thu Mar 27, 2014 10:09 am
Location: Estonia

Re: Share cable IPTV & Internet RB951G/CRS125

Thu Sep 04, 2014 7:43 pm

Currently i'am trying to accomplish the very same situation, using the fiber from KPN on my CRS125. I Switched from a RB2011 to a CRS125. The main reason was to get more speed of my router. We have 500/500mbit over here, but with the RB2011 we only get ~200mbit d/u. So i though the CRS125 could accomplish more cause of the switch function.
What did you expect?
Thy have the same CPU which means routing performance is pretty much equal.

If you want higher performance you should have bought RB1100AHx2 or CCR.
CRS series is a switch with additional routing capability, mainly included for management purposes.
 
freshworks
just joined
Posts: 2
Joined: Sat Aug 23, 2014 1:15 am

Re: Share cable IPTV & Internet RB951G/CRS125

Thu Sep 04, 2014 8:04 pm

Currently i'am trying to accomplish the very same situation, using the fiber from KPN on my CRS125. I Switched from a RB2011 to a CRS125. The main reason was to get more speed of my router. We have 500/500mbit over here, but with the RB2011 we only get ~200mbit d/u. So i though the CRS125 could accomplish more cause of the switch function.
What did you expect?
Thy have the same CPU which means routing performance is pretty much equal.

If you want higher performance you should have bought RB1100AHx2 or CCR.
CRS series is a switch with additional routing capability, mainly included for management purposes.
Yup indeed, qualify me as a rookie :) i thought it would be possible with the switch-cpu inside, but rather i have mistaken,. Time te sell the CRS125 then and go for the RB1100AHx2 then i guess.

Will the RB1100AHx2 put trough 500/500mbit with NAT and a couple of firewall rules ? Just so nice to have an all in one router with onboard WIFI and learning capabilities in it :)

Thanks
 
User avatar
Etz
Member Candidate
Member Candidate
Posts: 159
Joined: Thu Mar 27, 2014 10:09 am
Location: Estonia

Re: Share cable IPTV & Internet RB951G/CRS125

Fri Sep 05, 2014 11:00 pm

Will the RB1100AHx2 put trough 500/500mbit with NAT and a couple of firewall rules ? Just so nice to have an all in one router with onboard WIFI and learning capabilities in it :)
RB1100AHx2m should do it, but it does not have wireless so either you have to keep your CRS or buy separate access point.

If I would you, I would keep CRS aswell...it is actually very capable switch with very nice feature set... ;)
Only thing it lacks is raw routing performance, hence its primary purpose is switching so it has lots of switch features which other RB`s are missing.
 
Sparkling
just joined
Topic Author
Posts: 6
Joined: Sun Jul 06, 2014 9:38 pm

Re: Share cable IPTV & Internet RB951G/CRS125

Sat Mar 28, 2015 3:46 pm

Due to some other things, I haven't had the time to continue working on this configuration. So I still have 2 cables per apartment :lol:

Yesterday, I've started from scratch. Unfortunately, the setup still isn't working. With some help of wireshark (the pcap file: https://www.dropbox.com/s/kb6lv3335kx12 ... capng?dl=0, captured while the STB was connected to a bridge), I've been able to narrow down the actual STB subnet, yet the upstream interface still won't obtain an IP. The STB still receives an IP in my LAN.
/ip dhcp-client print
Flags: X - disabled, I - invalid
 #   INTERFACE                                     USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS        ADDRESS
 0   vlan1.4                                       yes          special-classless searching...
14:53:06 dhcp,debug,packet dhcp-client on vlan1.4 sending discover with id 811880031 to 255.255.255.255
14:53:06 dhcp,debug,packet     secs = 7
14:53:06 dhcp,debug,packet     flags = broadcast
14:53:06 dhcp,debug,packet     ciaddr = 0.0.0.0
14:53:06 dhcp,debug,packet     chaddr = D4:CA:6D:FA:6C:AE
14:53:06 dhcp,debug,packet     Msg-Type = discover
14:53:06 dhcp,debug,packet     Parameter-List = Subnet-Mask,Classless-Route,Router,Static-Route,Domain-Server,NTP-Server,CAPWAP-Server
14:53:06 dhcp,debug,packet     Client-Id = 01-D4-CA-6D-FA-6C-AE
14:53:06 dhcp,debug,packet     Host-Name = "MikroTik"

ros code

# mar/28/2015 13:58:02 by RouterOS 6.27
# software id = 2BXK-1C8B
#
/interface ethernet
set [ find default-name=ether1 ] name=ether1-gateway
set [ find default-name=ether2 ] speed=1Gbps
set [ find default-name=ether3 ] master-port=ether2
set [ find default-name=ether4 ] master-port=ether2
set [ find default-name=ether16 ] master-port=ether2
/interface vlan
add interface=ether1-gateway l2mtu=1584 name=vlan1.4 vlan-id=4
add interface=ether1-gateway l2mtu=1584 name=vlan1.6 vlan-id=6
/routing igmp-proxy
set query-interval=1m5s
/routing igmp-proxy interface
add alternative-subnets=10.32.128.0/17 interface=vlan1.4 upstream=yes
add interface=ether2
/interface ethernet switch multicast-fdb
add address=00:02:xx:xx:xx:05 bypass-vlan-filter=yes svl=yes
/ip address
add address=192.168.2.254/24 interface=ether2 network=192.168.2.0
/ip dhcp-client
add add-default-route=special-classless dhcp-options=clientid,hostname \
    disabled=no interface=vlan1.4
/ip dhcp-server config
set store-leases-disk=15m
/ip dhcp-server network
add address=192.168.2.0/24 dns-server=192.168.2.254 domain=local gateway=\
    192.168.2.254
/interface pppoe-client
add add-default-route=yes allow=pap,mschap2 disabled=no interface=vlan1.6 \
    keepalive-timeout=2 name=pppoe password=xxx user=\
    xx-xx-xx-xx-xx-xx
/ip neighbor discovery
set pppoe discover=no
set ether1-gateway discover=no
set vlan1.6 discover=no
/ip pool
add name=default ranges=192.168.2.50-192.168.2.240
/ip dhcp-server
add address-pool=default authoritative=yes disabled=no interface=ether2 \
    lease-time=1h30m name=default
/routing bgp instance
set default disabled=yes
/ip dns
set allow-remote-requests=yes cache-max-ttl=1d servers=8.8.4.4,8.8.8.8
/ip firewall filter
add chain=input connection-state=established
add chain=input connection-state=related
add action=drop chain=input connection-state=invalid
add chain=input in-interface=ether2
add chain=input in-interface=vlan1.4 protocol=igmp src-address=10.32.128.0/17
add chain=input in-interface=vlan1.4 protocol=udp src-address=10.32.128.0/17
add chain=forward in-interface=vlan1.4 protocol=igmp src-address=\
    10.32.128.0/17
add chain=forward in-interface=vlan1.4 protocol=udp src-address=\
    10.32.128.0/17
add action=drop chain=input
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe to-addresses=0.0.0.0
add action=masquerade chain=srcnat out-interface=vlan1.4
/tool sniffer
set filter-interface=vlan1.4 streaming-enabled=yes streaming-server=\
    192.168.2.239
 
jkaberg
just joined
Posts: 24
Joined: Sun Jul 17, 2016 5:00 am

Re: Share cable IPTV & Internet RB951G/CRS125

Wed Jul 27, 2016 8:57 am

I'd suggest dropping the /interface vlan and other CPU stuff, and doing this via the switch chip: http://forum.mikrotik.com/viewtopic.php ... 87#p549269
 
mjsabri
Trainer
Trainer
Posts: 109
Joined: Sat Dec 12, 2015 10:55 am

Re: Share cable IPTV & Internet RB951G/CRS125

Wed Jul 27, 2016 9:15 am

Hello
you used from Bridge for this scenario but it has overload on cpu.
i offer you , you use Switch Chip instead of Bridge.
Good Luck
Mikrotik Certified Consultant
[ MTCNA , MTCRE , MTCWE , MTCTCE , MTCUME , MTCINE ]

Who is online

Users browsing this forum: Google [Bot] and 91 guests