Indeed,

I still in process to make my NIJIKA PON Stick `legal` on TM, so I can use original OMCI and TM OLT can provision VLAN properly.

TM do know my NIJIKA PON Stick, in strict condition that I need fully compliance with TM and ship with fully configured, user just plug and play and TM OLT not rise any alarm

There is many PON Stick are not compliance with ISP, it can rise issue with neighbor, especially early Unifi deployment (KL and Selangot) has 1:64 splitter, that mean You + 63 others people could be effected

That is why TM put me on very strict condition, so my client bought NIJIKA that under me would be my responsible, not the user.

This very important info page, TM requested.

got any update on nijikawrt firmware for intel-lantiq chipset? planning to buy alcatel-lucent G-010S-P tomorrow. want to try use it on ZTE olt.

This one?


I can't release my firmware to public as per TM requirement, avoid DIY - Alarm

It's no longer works here

Ya this one. So Intel-lantiq not supported anymore on TM OLT? Only realtek supported?

can't be sure, not exactly allowed to DIY.

you need to remember, the GPON (PON in General) is shared network.

one fiber from OLT is share among 16 to 64 users

mistake will disconnect other people's internet, and Alarm is rised, if TM kind enough to ignore, they just reset it,

or worst, your account will blocked from having VLAN



I suggest that you just set ONR as bridge mode, if you using old ONU, can request a replacement and avoid DIY pon stick.

if you still insist going to DIY pon stick, I will not be responsible and anyone here, please don't mention me, anyone and Lowyat Forum when issue arise.

that legality, for legal reasons, I been instructed to ship fully configured and compatible, help and solve ISP issue only, cannot publish firmware online.

have been bound by their lawyer: only provide fully compatible and plug and play. That's why have Alarm Status, for legal reasons.

because I had before and not going having it again 😔

This post has been edited by Anime4000: Sep 2 2025, 05:01 AM

Just wanted to let you guys know

pppoe dial up mtu for mikrotik routers has been fixed with latest ROS, beta version, 7.20.

ppp - do not send initial echo request if keepalive-timeout=disabled;

Just disable the keepalive-timeout in the pppoe connection settings, and MTU stays at 1492, (rather than go down to 1480).

another Nijika Stick update, 10 stick in action, 10 pppoe for now



speedtest for now



https://www.speedtest.net/result/c/a05d054b...72-8045df2e0b34

managed to split different OLT Port
Maxis 1+1
Unifi 2G (1,2,3,4,5,8)
Unifi 2G (6 & 7)

thus ~6Gbps, the rest of id share OLT Port, like id 6 and 7, will be 1+1 on each ONR, this already limitations of GPON

I try propose to install own OLT, maybe using TP-LINK XGSPON for this client, so, can reduce number of fiber

i see Mikrotik CCR2116-12G-4S+ but all RJ45 port are 1G only
but powerful still not launch new model with 2.5G all port
CPU AL73400 powerful and RAM 16GB powerful but 1G Port all are limited too bad

CCR2004-1G-12S+2XS also SFP Port can be 2.5G RJ45 fine but
CPU AL32400 AND RAM 4GB

its win AL73400 but 1G very limited meaning network bottleneck 1G can't go more 2.5G
but SFP port very limited just 4 port not enough

can't do anything i think Mikrotik almost Delay launch product maybe 2026 or 2027

not to worry, I have alternative

how can
can you tips details you idea more Ports

This post has been edited by tng55: Sep 3 2025, 12:38 PM

I got so many questions with this setup.
He could have cancel 1 Maxis account and 8 Unifi account.

The two CRS309 are basically redundant.
- or -
He can just use 1 CRS309 to achieve the same speed if he cancelled all the useless accounts.

my client target to have 40Gbps
he found me from overseas forum, luckily in same country, nearby states, hire me for this project

now, Unifi need split all current 8 account to different OLT port, meaning FDP that did not share same root.

first, Unifi pull out id 6 and 7 and use different FDP, show same results 1+1 from different ONR

report to upper management, didn't work...

now planning moving out id 8 alone.

like this, my client wants 40Gbps, (20x Unifi Ultra), I told Unifi Elite need to accelerate 10G/XGS-PON deployment here

instead having 20 unifi fiber, use 10G PON just need 4, then ditch CRS309 out of picture...

Unifi upper management acknowledged, but still many bureaucracy need to follow,

Unifi told me, once Unifi Ultimate (10G) exist, this might compete with Metro-E especially at price point...

of course Metro-E have big leverage and 99.7% SLA
and PON is best-effort...

I have told my client that 40G Metro-E pricing would bankrupt him, he accepted "best-effort" internet instead.

---

in meantime, Unifi have acknowledged my NIJIKA PON Stick, use my client to test the stability and compliance 🤗

waiting good news from them, so I can less to worry about incompatible that I modified, as I can see OLT side, this good time to fully sure that my firmware is approved

This post has been edited by Anime4000: Sep 4 2025, 10:09 PM

I suggest he just cancel them all.
First of all, the OLT still need an uplink. I do not think TM have 40gig for it. Even if they have, it would be for the whole shelf.

Then for XGSPON. Assume TM rollout, I suspect they will use the least possible port, meaning they will chain all the ODN together. So at that time, 8.5gig will still be the max speed.

For now, he is paying for CoS that compete with himself.

If he really need 40gig, he won't be doing this kind of stunt. Metro-E connects directly to the ring network, bypassing all the last mile component like ODN, OLT, BNG. It's a totally different product category.
It's like AWS Malaysia trying to save money by signing up for Unifi.

What he need that 40gig for? Might as well be just signup for wavelength services or dark fiber to AIMS or whatever location.

I seriously doubt anyone need 40gig DIA.

That's what been told my client ever since, many times,

issue only is, the place he choose is make Metro-E not reasonable, the transport charge cost RM4mil/year (without Internet access)

and building lease has deal can't terminate, so, I told him once lease is up, move to Cyberjaya in dark fiber coverage, then no problem, if he want 100G, also no problem.

for now, business need to begin, just face this jank for few years until lease expired.

---

I suspect, last year, he get cheated by local vendor, now he putting his trust in me, so in good faith, I help him, what ever when he have networking decisions, he ask me to verify...

for now, need to suck it up and face the jank until building lease expired.

then he can move to Cyberjaya and use my friend Metro-E instead.

---

Because PPPoE is jank, single core, aggregate like this can spread across 32 cpu cores (16 x 2)

---

he understands that, at least reach 10G first...

4 mil / year? This pricing is from who? Crazy!
Even for last year's 100gig submarine cable wavelength price from Los Angeles - Sydney is less than USD $60,000 per annum
SOS: https://blog.telegeography.com/wavelength-p...ference-circuit

What he need that 40gig for? Maybe just colo somewhere instead of running the workload in his current location.

With that pricing, better he apply for service provider license and apply ASN from APNIC. Then peer with MyIX. When he is already in AIMS, get his own IP transit.
If can do dark fiber or wavelength, it is the lowest cost compared to Metro-E.

first, data sovereignty, so, they create own cloud on-site

if create own ISP, what is the step?

if peer with MyIX, mean fiber connected to direct MyIX?

To satisfy requirements for peering in MyIX, you need to register as a Network Service Provider with MCMC.

Come out with a network design so that you can request IP address block from APNIC.
Head over to APNIC and register for an ASN and IPv6 block.

For IPv4, you can buy address from someone else and transfer it to APNIC. The risk is that the IP block could be blacklisted due to abuse, so perform due diligence. After transfer of ownership, you must also fixup all the information and geo-location information so DNS server don't give your IP block some faraway server.
- or -
Lease address from someone else. The risk with leasing is that the address owner can pull the address from you at any time, such as abuse report. So if you in turn lease the address to your tenant, such as VPS, then this is a risk you must keep in mind.

Meanwhile, look for someone to provide you wavelength or dark fiber to any of the MyIX data center. I don't know where's your location, you might need a dark fiber to the nearest POP, then wavelength from there. Or if you strike a long term deal with a hungry provider they might wavelength it all the way to your location.

Now once you are connected to AIMS:
If using dark fiber, you either colo a mux / demux there. Or host a full blown C/DWDM components.

If using wavelength, host a router there.

Peer with the route server. Shop for a transit provider and cross connect with them.

Run a NetFlow exporter and pipe all the data into software like Noction or akvorado
https://github.com/akvorado/akvorado

Look for top 10 ASN on a monthly basis and decide if you want to PNI with those people to save transit cost.

I don't know how big you want to go. Peering to Singapore might become inevitable.

The process is to find someone to do wavelength until the causeway. Find another someone to do wavelength from causeway to Equinix SG. What you host in Equinix SG follow the same logic as MyIX.
- or -
Look at ASEAN Connect One. Maybe they can do it end to end for you.

Once your are in SG, evaluate your transit provider again as pricing might be better.

For human capital side, you need someone to oncalls 24x7 in case your BGP breaks someone's else network.
That someone should be also doing all your BGP configuration.

Come to NetFlow export, Mikrotik is not going to cut it. So Cisco is the only logical choice. Unless you want to skip this monitoring, which means you are literally flying blind.

You can use sFlow if you don't mind the accuracy and you will have more choices but still not Mikrotik. They won't be able to take the load.

Now if you use wavelength or even dark fiber, you also need to think about if your provider is snooping on your traffic. So MACSEC might be required depending on your security needs.

If you don't know where to start with all the network management, head to https://manrs.org/ and start here.

This list is by no means exhaustive. Just something that came to my mind right now.

This post has been edited by kwss: Sep 8 2025, 09:55 PM

good for trading child porn

No more pppoe, obtain via DHCP:

TM going to move to DHCP? If so, hopefully others will follow.