FibreData GPON

Service configuration with Mikrotik

FibreData GPON
Service configuration
with Mikrotik

1
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. www.televes.com
2017 © Copyright, Televés S.A.
 FibreData GPON
Service configuration with Mikrotik

▸ Introduction The brand’s official website is:

https://wiki.mikrotik.com/
Most of the installations associated with a GPON network have
a Mikrotik router for network administration. This guide will use one of the configuration methods for con-
The basic steps required to create a service using a Mikrotik figuring a Mikrotik router: the Winbox application running on
router are described below. Windows.
The multiple functions and tools included in the Mikrotik OS Winbox may be downloaded from:
(RouterOS) are widely documented on the Internet. https://mikrotik.com/download

▸ 1 - First steps It is recommended that the default configuration is removed,

Right out of its original packaging, a Mikrotik router - depend-
ing on the model - has a default configuration equipped with a
DHCP server available in all the ports except for ETH1, which is
considered as a WAN port.
since besides the DHCP server, it also includes Firewall rules
and Bridge configurations.
When connecting a computer equipped with a DHCP client,
Winbox displays the following screen:

•Login: admin
•Password:

2
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. 2017 © Copyright, Televés S.A.

The method for accessing a router is either via IP or via MAC. If the
router assigns an IP to the computer running Winbox, the method
used will be IP connection. If the router doesn’t have any config-
ured option and therefore does not assign any IP to the computer
where the configuration will be carried out, access will have to be
done via MAC.
To select one of the methods, we simply need to put the mouse
cursor over MAC or over IP.
Default configuration Removing the default configuration
▸ 2 - VLAN creation
In GPON traffic is segmented, so each service has to be propagated
over a VLAN.
In addition to creating the VLAN in the OLT, the VLAN may be cre-
ated by means of an external device like a switch or a router, which
allows for a more comprehensive management.
In this document, a VLAN will be registered, linked to a sub-net-
work, and assigned a DHCP server.
A VLAN has to be created in a physical interface.
In the example, a VLAN will be created with TAG 100 (VLAN100) in
the Eth2 interface.
•Interfaces (1)
•VLAN (2)
•+ (3)
3
COMMUNICATIONS INFRASTRUCTURES SALES DEPT.
FibreData GPON
Service configuration with Mikrotik
The following screen shoes the MAC connection.
When the router is accessed for the first time, it will ask whether
the default configuration should be adopted or removed.
As mentioned earlier, the second option is better. When this option
is selected, the router restarts and displays the home screen again,
but without the IP (since it doesn’t have a DHCP server anymore).
In this state, the connection method used to connect with the
router is MAC.
The data to be filled in the New Interface window are the TAG
associated with the service and the physical interface.
The name of the physical interface is up to the network administra-
tor to decide, however it is advisable that he/she indicates the tag
and the physical interface. In the example, a VLAN was created with
identification ETH2_VLAN100_INTERNET, which includes the name
of the service associated with the VLAN.
2017 © Copyright, Televés S.A.
 FibreData GPON
Service configuration with Mikrotik

1 3 2

Name: VLAN identification

VLANID: Tag used
Interface: Physical interface where the VLAN is

Once created, a screen displays all the VLAN data:

4
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. 2017 © Copyright, Televés S.A.
 FibreData GPON
Service configuration with Mikrotik

▸ 3 - Bridge To do this:

Sometimes a VLAN needs to be associated with other physical •Bridge (1)

interfaces. For example, if the sub-network of the INTERNET ser- •Bridge (2)
vice involves other interfaces (e.g. to connect a server associated •+ (3)
with the mentioned sub-network), creating a Bridge between the
VLAN and the physical interfaces is necessary. The displayed window asks for the bridge name. In this case, the
Creating a Bridge is equivalent to creating a new interface. name of the associated service (INTERNET) will be used.

1 3 2

5
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. 2017 © Copyright, Televés S.A.
 FibreData GPON
Service configuration with Mikrotik

Once the Bridge is created, its physical and virtual ports have to be •+
associated to it. In this example, a Bridge will be created between The window displays the ports that were created. Note that
VLAN100 and the physical interface Eth3 (where a server or any VLAN100 is already treated as yet another interface.
other device associated with the Internet sub-network would be
connected).
To do this, we need to access:
•Ports

The ports that make the Bridge are added.

6
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. 2017 © Copyright, Televés S.A.
 FibreData GPON
Service configuration with Mikrotik

▸ 4 - DHCP server
All these aspects need to be specified in a list of IP addresses for
If the sub-network requires a DHCP server, it needs to be associat- use.
ed with the Bridge that was previously created.
In the example, a DHCP server will be created, associated
The following aspects have to be considered when creating a with network 192.168.10.0/24 and with a 192.168.10.10 -
DHCP server: 192.168.10.200 POOL.
•The server requires a “Gateway” interface associated with To assign an address to the interface we are going to use as gate-
an IP. way, we need to access:
•The server requires a pool of addresses for the devices as- •IP (1)
sociated with the sub-network. •Addresses
•The server has to be integrated within a sub-network
identified by an IP.

Gateway IP Interface functioning as

7
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. 2017 © Copyright, Televés S.A.
 FibreData GPON
Service configuration with Mikrotik

To create the POOL:

•IP (1)
•Pool
•+
1

First and last IP addresses POOL name Server name Gateway interface Associated

When creating the server, the previous steps have to be linked.

•IP (1)
•DHCP Server
•+

8
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. 2017 © Copyright, Televés S.A.
 FibreData GPON
Service configuration with Mikrotik

The network address is entered in:

Network Gateway IP Mask
•IP
•DHCP Server
•Networks
•+

At this point, the server would already be propagating IP through
the VLAN100 created in Eth2 and through Eth3, in other words,
through the ports that make the Bridge. Obviously, in order to
check that the IPs are actually delivered through VLAN100, the
computer has to be equipped with a VLAN100 virtual interface as-
sociated with the network card.
In Linux, this step is relatively easy. The screen shows how the in-
terface associated with VLAN100 is assigned one of the IPs in the
POOL.
If the computer was connected to Eth3, it would be assigned an IP

IP assigned to the virtual interface (VLAN100) of a PC connected to Eth2 IP assigned to a PC connected to Eth3

9
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. 2017 © Copyright, Televés S.A.
 FibreData GPON
Service configuration with Mikrotik

To check that the router is actually assigning IPs in the sub-net-

work, we need to use:
PI
•DHCP Server
•Leases
where all the assigned IPs display, as well as the data associated
with the devices to which they were assigned.

▸ 5 - DHCP client IP in the same network as the device providing it access (the ISP
router). That IP may be static or dynamic, and use a DHCP, PPPoE
The service we are using as an example requires Internet access. or other client.
For a sub-network to have Internet access, the router must have an
interface connected to the Internet. The sub-network of the INTER- In the case we are presenting, the router will be assigned a WAN IP
NET service and the WAN interface will be associated by means of from the ISP via DHCP. The WAN interface is Eth1.
a Firewall rule. •IP
The WAN interface connected to the Internet access must have an •DHCP Client
•+
WAN inter-

10
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. 2017 © Copyright, Televés S.A.
 FibreData GPON
Service configuration with Mikrotik

After a while, the router will be assigned an IP by the DHCP server of the ISP

WAN IP

These steps allow the configuration of interfaces and addresses, The rule we have to configure is:
but there is still no link between the WAN and the Bridge associat- •Chain: scrnat
ed with the INTERNET service. •Out Interface: Eth1
The link is done by means of a Firewall rule called NAT MASQUER- •Action
ADE: •Action: Masquerade
•IP
•Firewall
•NAT
•+

At this point, there should be Internet connectivity from a PC connected to a Bridge associated with the INTERNET service. The basic test
to verify this is to ping Google (8.8.8.8):

11
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. 2017 © Copyright, Televés S.A.
This step does not guarantee Internet access through a URL since DNS addresses. Otherwise, the DNS addresses should be entered
addresses have to be translated by means of a DNS service. manually.
Ideally the DHCP server of the ISP should dynamically assign the In this example, the first option is used:

Dynamic DNS

At this point, there should be Internet connectivity through DNS. The basic test for this is to ping Google (www.google.es):
 FibreData GPON
Service configuration with Mikrotik

Notes

13
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. 2017 © Copyright, Televés S.A.
 FibreData GPON
Service configuration with Mikrotik

TELEVES INTERNAL USE

www.televes.com

14
COMMUNICATIONS INFRASTRUCTURES SALES DEPT. www.televes.com
2017 © Copyright, Televés S.A.