Could it have been an issue with jumbo frames? I see you had 9000 MTU enabled on your bond @ the NAS but the RB2011 switches do 4k/2k MTU max. I usually use balance-rr as opposed to 802.3ad since that involves hashing on a per connection/device basis whereas balance-rr just throws ethernet frames across 2 or more interfaces.. so it's possible to go over 1Gbps for a single TCP connection.

Your port forwarding config seems fine..

1. Within your LAN, can you access https://192.168.88.150:5001 ?

2. What does http://canyouseeme.org/ say when you enter 5001 as the test port?

You can't really test port forwarding by connecting to your WAN IP from within the same network unless you've setup a specific configuration.. use an external host to verify.

I don't think it's possible at the moment.. not unless you can find a fully implemented GPON ONU on an SFP matching your current ONU vendor. You would also need the GPON password for your current device and maybe some reconfiguration on the TM side to get it to authenticate.

Yeah, passing the VOIP VLAN to the Thompson will work. The Thompson should grab a DHCP lease and the SIP client should REGISTER without any issues.

Astro/Maxis IPTV is the only issue where it requires the STB to have both IPTV multicast VLAN as well as Internet access via the Thompson .. so that will need to be moved over to the Mikrotik with the IGMP snooper. If you wanna keep IPTV on the Thompson but have the Mikrotik only handle Internet traffic, I think you need to setup an internal PPPoE server on VLAN 621 so the Thompson has something to connect to

This post has been edited by rizvanrp: Nov 5 2014, 01:12 AM

1000mW on the RB951Ui-2HnD vs 150mW~ on the DIR-615

I walked out of the MUM during the BGP presentation -- had to deal with some work. Met some people I haven't seen in 5 years+. I wish they had more than 2 vendors though.. Got to keep the hAP lite and blue t-shirt

Oh and some photos for those who missed it :

Event registration desk for 'Mikrotikls' (that's what the staff at Le Meridien called it) :




View from the front row



This post has been edited by rizvanrp: Mar 12 2016, 10:55 PM

Just ordered a CCR1009 from Sublime in anticipation of the 800Mbps upgrade. Will probably be selling off my old RB750Gr3 for cheap if anyone is interested in getting one

It's somewhat inadequate based on my testing with iperf3. The CPU usage runs high even with basic routing between two interfaces and no VLANs, PPPoE encapsulation or NAT. Individual connections tend to slow down for whatever reason when there's a high amount of connections being tracked. You also need to make sure you use ports 1/3/5 and 2/4 for your WAN ingress/egress due to how the components are wired or you might be bottlenecked.

You should be able to swap your GPON ONU with other units from Aliexpress as long as the brand matches and you have the 10 digit authentication key from your existing unit. Unlikely a GPON SFP module would work unless it's from the same vendor and they allow you to edit the authentication key via the SFP I2C bus or an IP interface. I've already done this on the Fiberhome OLT's with a tiny single gigabit port ONU I picked up but YMMV with other vendors.

COD in Klang Valley is perfect, will PM you once I receive the new unit . I'm a bit concerned on the temperatures of the passive unit as I saw a few reviews from Singapore where it was averaging 65+ degrees C on the passive heatsink. Alternatively I'll just order the active cooled units and swap the fans with 40mm Noctuas/NoiseBlockers or go with an ESXi based CHR setup.

.. of course this is all assuming TM doesn't drop the ball again and decide the 800Mbps can only be used for FB live bawang streaming

I think the RB750Gr3, HAP AC2 and RB3011 should be sufficient for the traffic mix of most home users. I have a friend on TIME 500Mbps who torrents a lot (20TB+ ZFS backed seedbox in the closet) and he's using the older RB750Gr2 without any noticable issues. With fasttrack enabled it does the 500Mbps up/down single connection speedtest individually with the CPU usage peaking around 50-60%~. Of course, if he tries to fully saturate his upload and download simultaneously it becomes a bottleneck.

I'm just going with the CCR route so I don't run into any bottlenecks once I start terminating my site to site VPNs on the unit, enabling IPSEC (being forced to turn off fasttrack occasionally), OSPF routing, etc.

...

At least these are all the things I tell myself because I've been eyeing a CCR for the home since the 1036 came out and never really had a solid reason to get one

Yep, those numbers are about right for routing throughput on those models. Even then, it's at 1500 byte packet sizes so the CPU requirements will only increase if you have P2P/BitTorrent traffic on the network. The UDP variant of BitTorrent (UTP) averages between 400-1500 bytes for its control and data packets so most users will wanna get something beefier for more headroom if their traffic mix includes the BT protocol.

Gave it a fair bit of thought before pulling the trigger on the CCR1009. Here's a video from Kai Hendry with the CCR1009-7G-1C-1S+PC hooked up to a 10Gbps package in Singapore. I picked up the passive CCR1009 without the SFP+ port as I figured I'd need a model with at minimum 2 SFP+ ports to fully utilize a 1Gbps+ offering in the future. The alternative would be to place a SFP+ VLAN switch in between a future ONU and the CCR1009 to utilize the single 10Gbps port at the cost of total throughput. I'm hoping they could offer a 1Gbps+ package via MLPPP or bonded ports in the future. I did make sure to get the model with individual 1Gbps lines routed to the Tilera without a switch chip in between though

As for people still looking for a 'replacement' solution for the TM stock ONU, here's a China ISP Fiberhome w/ English firmware running on the TM network :






Starting sometime last year after an OLT upgrade on TM's side, you could just register a matching vendors ONU to the network as long as you had the 10 digit password from your existing one. Here's my spare single gigabit port China ISP Fiberhome ONU sitting next to its TM counterpart. Again, YMMV in Alcatel or Huawei OLT based areas. I was told by a TM tech that TM doesn't enforce serial number checks on the OLTs -- I'm guessing to facilitate faster ONU replacements without having to call ANOC every single time. This isn't to say that they can't see that you're using an unknown ONU model as all of that information is still relayed to the OLT via the underlying OMCI protocol.

The downside to this configuration is that you effectively lose your VOIP VLAN. The stock config from TM binds it to an internal interface on the ONU and using a single port ONU replacement with no SIP protocol stack or RJ11 POTS ports results in the VLAN just being ignored (and not trunked to the router, as I had initially hoped).

I'm not sure why so many people have requested for a GPON ONU on an SFP stick. Plain SFPs and GPON ONU optics without the modem component already run hot, sticking a full GPON stack on it is just asking for higher equipment failure rates IMO. Not to mention your only means of configuring it to talk to your ISP would be via flashing, the I2C bus or a virtual IP interface (if you're lucky)

I don't really get what you mean because I never mentioned getting a CCR1036 .. ? My point was that the CCR1009 even without the 10Gbps port would be sufficient for TMs latest offering. If they had a package above 1Gbps, I'd most likely switch to something with 2 SFP+ ports or more to fully utilize the service. The alternative would be using an SFP+ switch with VLANs to reuse a single 10Gbps+ port on the CCR1009 at the cost of total throughput. Neither of those setups would require link aggregation.

MLPPP and bonding was in reference to what they could potentially do to provide 2Gbps+ service on their existing infrastructure without switching to 10GPON or another access network technology -- so the aggregation would only be on the WAN interface. Of course, as you mentioned, it wouldn't be ideal for TM as you'd probably run into issues with imbalanced or out of order traffic flows depending on the implementation.

How exactly were you referring to using the CCR for internal routing in what I'm assuming is a router-on-a-stick configuration considering I clearly stated I would be purchasing mine in anticipation of the 800Mbps TM upgrade? You also mentioned throughput testing with fasttrack+PPPoE, a protocol that's generally not deployed on internal LANs, along with symmetric/asymmetric upload speeds .. nothing to do with internal routing or firewalls.

I'll 'forget what you said' but I really have no idea why you said it in the first place :/

*deleted*

CBA to argue

This post has been edited by rizvanrp: Aug 4 2018, 10:13 PM

Your bridge config .. sounds wrong? Your PPPoE interface should be set to use the VLAN500 interface off the Ethernet port facing your BTU.


You only want to bridge the interfaces if you don't have a switch on your CCR1009 and want to use it as one (at the cost of CPU resources).

Not really possible on your CCR1009-7G-1C-1S+PC since all the interfaces are directly wired into the CPU without a switch chip :



The older CCR1009-8G-1S-1S+'s with the Atheros switch chip should be able to do it. You don't really need it for HyppTV anyway, you're got more than enough CPU power on the CCR1009 to handle the load from the CPU bridging. Most people only use the Mikrotik switch chip VLAN tagging/untagging on the lower end models to perform VLAN switching without bogging down the slower CPU.