Bridge Over Routed Network

Presented at:Mikrotik User Meeting, Krakow, 2008

By:Valens Riyadi, Citraweb, Indonesiainfo@mikrotik.co.id

Citraweb

Introduction

� Name: Valens Riyadi

� Country: Indonesia� Graduated as Architect 1998

� Work at Citraweb (Citranet)�ISP, Web Developer, Mikrotik Reseller

� Photographer�Administrator of www.fotografer.net

� Head of Security Dept, Indonesian ISP Association

� Volunteer for Airputih Foundation, IT Emergency Task Force

� Steering Committee for ID-SIRTIIIndonesia Security Incident Response Team on Information Infrastructure

� Mikrotik Certified Consultant & Trainner

Citraweb

My Company

�Citraweb Nusa Infomedia�Web Developer (since 2000)

�Small ISP (since 2001)

�Mikrotik Reseller (since 2002)

�Located at : Yogyakarta Indonesia

�Using RouterOS since 2.3.15

Citraweb

Yogyakarta City

�3,4 million of population� Tourism City

� Student City

�Almost 50% of population are students from other cities.

� Finally ……. Cyber café City

Citraweb

In the begining

� When someone starts his (wireless) network, probably 99% he will choose bridge network then routed network.� Yes, bridge is easier then routing

� Most of wireless equipments in the low end market doesn’t support full routing protocol

Citraweb

Simple Bridge Network

� Using IP in the same subnet

� Using same gateway

ROUTER

GATEWAY

WIRELESS

CLIENT

192.168.0.1

192.168.0.2

192.168.0.100-254

Citraweb

� the network grows…..

Citraweb

Wireless Installation

a lot of clients…. need more APs…. more repeaters and base stations

Citraweb

Complex Bridge Network

ROUTER

GATEWAY

WIRELESS

CLIENT

192.168.0.2

192.168.0.100-254

Citraweb

Imagine Later …..

� When one client has virus…. it will affect whole subnet (network)

� Sometimes… bridge loop happens

� It’s complicated to make a failover and load balance network across many base station and repeater

Citraweb

How about using routed network?

� Then… start thinking about migration to routed network

Citraweb

Routed Network

ROUTER

GATEWAY

WIRELESS

192.168.0.0/24

192.168.1.0/24

192.168.2.0/24

192.168.3.0/24

every network segment have different

ip address subnet.

Citraweb

Network Simulation

GATEWAY

Citraweb

Dynamic Routing

� More clients ….. more routing rules

� We can use OSPF to automate routing distribution to all routers in the network.

� Use OSPF priority and cost to arrange how load balance and fail over will affect your network

Citraweb

OSPF Cost Setting

GATEWAY

PRIMARY LINK

BACKUP LINK

By default, C will go through F, not B-A.For D, we have to adjust cost setting on link E-D so D will go through B-A, not E-F.

OSPF COST=10

OSPF COST=15

OSPF COST=10

Citraweb

OSPF on Winbox

Citraweb

Fail Over (1)

GATEWAY

PRIMARY LINK

BACKUP LINK

OSPF COST=10

OSPF COST=15

OSPF COST=10

Citraweb

Fail Over (2)

GATEWAY

PRIMARY LINK

BACKUP LINK

OSPF COST=10

OSPF COST=15

OSPF COST=10

Citraweb

Oh….. still have problems

� As we have more base stations and repeaters, network hop from client to NOC will increase.

� Some clients don’t like network hop.

� Client will see route change when fail over work.

Citraweb

Back to bridge

� You can make bridge over routed network

� Client will not see :� hop in your network

� hop differentiate cause by fail over

� You can utilize:� single PPPoE gateway right on the NOC

� deliver hotspot gateway to several nodes in the network

Citraweb

Using EoIP

GATEWAY

CLIENT

Citraweb

EoIP Setting

� At Gateway Router:� Make EoIP tunnel to Router D

� Put IP Address Gateway at EoIP interface

� At Router D:� Make EoIP Tunnel to Gateway Router

� Make bridge, and set EoIP interface and client interface as the bridge port

Case Study

Using several EoIPs over 1 bonding

Citraweb

Case Study

� We are in the process to move our NOC to another location

� We have several microwave links and fiber connections from telco operators. It’s difficult to manage they move all the links in time.

� We have 30 clients point directly to NOC, we can not move them all in the same time.

Citraweb

Network Topology

INDONESIA-IX

YOGYA-IX

SERVERS

PROXIES

GATEWAY

ROUTER

BANDWIDTH

MANAGEMENT

DISTRIBUTION

ROUTER

CUSTOMER

E1 ROUTER

BACKBONE

ROUTER

INTERNET

BALANCER

Citraweb

Configuration (Old NOC)

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

SERVER FARM

INDONESIA

INTERNET

EXCHANGEBACKBONE A BACKBONE B BACKBONE C

TO CLIENT

Citraweb

Migration Process

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

SERVER FARM

INDONESIA

INTERNET

TO CLIENT

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

TO CLIENT

SERVER FARM

NEW NOC

Citraweb

How we do it?

� Using several EoIPs over one Bonding

� We use it for temporary solution when we migrate our NOC to another location.

Citraweb

Migration Process

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

SERVER FARM

INDONESIA

INTERNET

TO CLIENT

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

TO CLIENT

SERVER FARM

NEW NOC

WIRELESS2 * RB600BONDING

~100 mbps

Citraweb

Wireless for Bonding

� Using 2 RB600 on each side

Citraweb

SWITCH

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

TO CLIENT

BONDING

ROUTER

VLAN-ID:100

BRIDGE-100VLAN100 EoIP:100 BONDING OVER2 WIRELESS LINKS

BACKBONE C

SERVER FARM

Citraweb

EoIP for Backbone

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

SERVER FARM

INDONESIA

INTERNET

TO CLIENT

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

TO CLIENT

SERVER FARM

NEW NOC

~100 mbps

EoIP for BACKBONE

Citraweb

SWITCH

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

TO CLIENT

BONDING

ROUTER

VLAN-ID:200

VLAN-ID:100

BRIDGE-100

BRIDGE-200

VLAN100

VLAN200

EoIP:100

EoIP:200

BONDING OVER2 WIRELESS LINKS

BACKBONE C

SERVER FARM

Citraweb

EoIP for Server

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

SERVER FARM

INDONESIA

INTERNET

TO CLIENT

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

TO CLIENT

SERVER FARM

NEW NOC

~100 mbps

EoIP for BACKBONE

EoIP for SERVER FARM

Citraweb

SWITCH

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

TO CLIENT

BONDING

ROUTER

VLAN-ID:300

VLAN-ID:200

VLAN-ID:100

BRIDGE-100

BRIDGE-200

BRIDGE-300

VLAN100

VLAN200

VLAN300

EoIP:100

EoIP:200

EoIP:300

BONDING OVER2 WIRELESS LINKS

BACKBONE C

SERVER FARM

Citraweb

EoIP Over Bonding

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

SERVER FARM

INDONESIA

INTERNET

TO CLIENT

DISTRIBUTION

ROUTER

GATEWAY

ROUTER

BACKBONE

ROUTER

TO CLIENT

SERVER FARM

NEW NOC

~100 mbps

EoIP for BACKBONE

EoIP for CLIENT

EoIP for SERVER FARM

Citraweb

Interface Setting

Citraweb

Bridge Ports Setting

Citraweb

Bonding Setting

Citraweb

Special Appreciations

� To my fellow ISP Manager RizaTantular, to do research and designing the migration process using EoIP

� To all my engineers to make simulation how the design will work.

Citraweb

Thank You!

� Valens Riyadi

� Citraweb Nusa Infomedia

� info@mikrotik.co.id

Bridge Over Routed Network - MikroTik

Transcript of Bridge Over Routed Network - MikroTik

Bridge Over Routed Network - MikroTik

Documents

Transcript of Bridge Over Routed Network - MikroTik

MikroTik RouterOS v3 - Linkshoplinkshop.gr/pdf/RouterOS_v3_presentation.pdf · © MikroTik RouterOS 2007 MikroTik RouterOS v3 New Obvious and Obscure Mikrotik RouterOS v3.x features

Wireless Client and Wireless Access Point Manual - MikroTik · chipset based cards compression (yes | no; default: no) - if enabled on AP (in ap-bridge or bridge mode), it advertizes

MikroTik Labs - Jobsheet MikroTik

V-Lab MikroTik Academymum.mikrotik.com/presentations/ID12/19_Muhti.pdf · About • MikroTik&Reseller& & • MikroTik&Consultant • MikroTik&Cer5ﬁed&Training&Partner& &

MikroTik User Meeting - MikroTik Routers and Wirelessi.mt.lv/eu15.pdf · MikroTik User Meeting. More than 80 MUM events . MikroTik ... • Arnis Rieksti ...

Routing Routed

PICO-STATION M2HP AS BRIDGE MIKROTIK HOTSPOTraisa.web.id/conten/dok/ubiquiti/PICO-STATION_M2HP... · how to config picostation m2hp as bridge mikrotik hotspot ... radius mac authentication

Modul Mikrotik MTCNAindex-of.es/z0ro-Repository-2/Data/jaringan/Mikrotik...Halaman 1 mikrotik.smkn2tambusaiutara.sch.id | Revisi 0.1 Modul Mikrotik MTCNA Mikrotik Academy SMK N 2 Tambusai

MikroTik Quality of Service in wireless Point-to-Point Links · 2018-02-02 · My Successful Project Story 6. MikroTik ROS Configuration Steps 7. Conclusion . WIRELESS BRIDGE PTP

MikroTik Router OS Firewall Strategies - SourceForgedslrouter.sourceforge.net/stuff/mikrotik/MUM PL 2010... · MikroTik Router OS Firewall Strategies MikroTik Router OS Network Threats

Bridge transparente utilizando WDS-Mikrotik - Michigan Brasilmichigan.com.br/downloads/mikrotik/Bridge transparente utilizando... · BRIDGE TRANSPARENTE ENTRE DOIS PONTOS UTILIZANDO

Manual:Interface/Bridge - MikroTik Wiki · From MikroTik Wiki < Manual:Interface Summary Ethernet-like networks (Ethernet, Ethernet over IP, IEEE802.11 in ap-bridge or bridge mode,

MODUL MIKROTIK MTCNAindex-of.es/z0ro-Repository-2/Data/jaringan/Mikrotik...5 Bab 1. Konfigurasi Dasar Mikrotik Lab 1. Akses ke Routerboard Mikrotik Akses ke perangkat mikrotik dapat

VLAN in MikroTik - The Swiss Bay in MikroTik... · About Me.. Mohammed Khomeini Bin Abu MikroTik Certified Engineer (MTCINE, MTCRE, MTCWE, MTCTCE, MTCUME) MikroTik Certified Trainer

Certified Mikrotik Training Advance Wireless Classebook.konfigurasi.net/MikroTik/MTCWE/05-MTCWE-WirelessSecurity.pdf · Wireless Security Certified Mikrotik Training Advance Wireless

Peranan MikroTik - Seminar MikroTik STIMIK MDP Palembang

Routed Systems Update WILDFIRE 2.0 Routed Systems Designer 5.0.

Transparently Bridge Two Networks Without Using WDS (EoIP) - MikroTik Wiki

Mikrotik Help

Wireless Workshop - MikroTik · Wireless Workshop MUM 2012 – New Orleans ... • If the bridge port gets invalid the bridge takes ... RB711, RB SXT and RB Groove: – 1 LED ...