I wanted to check if I have a router without SFP/SFP+ but I have a switch that has a 10Gb SFP port and a regular router would that work with the GPON stick? How would the router know where to get the PPoE via the GPON?

Ah got it, so means would need a managed switch I assume to setup the VLAN correctly for the WAN port?

Realtek V2 SoC with DDM
The Intel Lantiq SoC no more new, also have issue with FHTT which I still haven't figure it out,
but for Realtek V2, still active and has year March 2025 firmware which need extended test

Indeed, many cheap ONT now use Realtek
also D-Link base board, with secureboot keys


I try with White D-Link ONR if can really pair with OpenWRT

hi, sorry to interrupt, can i know what is the purpose of you guys doing this? i meant all the hacking... to get ploam password or voip password? All the passwords can easily get from during TM installation. i meant all those useful info like LOID, Poam/SN, voip user and password etc.

I got both old BTU extra siting in store room, almost want to throw already.



If the purpose is to get some settings to push to 2Gbps, then normal combo also can get easily max speed as long as NIC card, switch, PC is correct.

Hi sifus, I need some pointers thats related to GPON ONU.

I have signed up Digi fiber (2gb dl and 1gb ul) a month ago but I notice during certain usage periods eg: evening to midnight - high usage periods, websites stop working, certain apps such as wechat don't work, and sites like speedtest and fast.com tend to show unstable or incomplete tests. Of course if I restart both the ONU and the router (mikrotik) it goes back to normal, but after some time (maybe high usage? maybe Digi fiber FUP? maybe ONU problem? maybe wrong config for 2gb for mikrotik rb5009?) it will get laggy/have intermittent network connections especially during night periods of high usage.
Before you might point out that it is mainly due to high usage, I have gone through all sorts of checks to figure out what are the issues; because most importantly, on another property in the same location, I am using Maxis fiber 1gb package (1gb dl 500mb ul) under the exact same conditions (same hardware, wiring, and users) and I don't have such issue even with very high concurrent device usage.

Used under maxis fiber 1gb plan (public wan usage, very high number of concurrent users during peak hours evening-night with no issue on internet connectivity):
- Mikrotik RB4011 as core router - with settings, handling probably 120 devices combined (mobile/computer)
- Skyworth GPON GN630E
- Subsequent APs are either asus or tenda routers catering up to max 10 devices at a time.
The above setup did not give me any problems at all. All internet usage is smooth like butter.

But as I was setting up digi fiber at another property (just behind, it uses the same TM pole even!) and signed up with Digi Fiber, and I tried:
- Mikrotik RB5009 first, then swap RB4011 to see if RB5009 is faulty (but outcome the same)
- Skyworth GPON GN630E - speedtest does give me 2gb dl/1gb ul if I connect to the provided tplink digi router if i use 1 to 1 eth connection (right now I am testing an older fiberhome ONU that goes up to 800mbps to see if the GN630E is causing the issue? although TM contractor says its not the issue)
- Same subsequent APs are either asus or tenda routers catering up to max 10 devices at a time.
- mikrotik firewall configs are the same as the ones used under maxis fiber 1gb plan. so i presume it shouldnt be affecting this.

For this particular network I only have usage up to probably 15-20 devices before the network goes bonkers, compared to the one right behind which goes up to on average 120 devices with no issue.
There were other multiple problems with Digi fiber initially:
problems with TM dl & ul settings on backend that they did not open to 2gb dl and 1gb ports and had to contact "FTC" to open it. Then there was the PPPOE repeated disconnections which I think is because digi fiber uses ipv6, and the disconnections stop after I disabled ipv6 in mikrotik.
Other things that were done were:
- redoing of pigtail fiber cable by TM
- changing eth cables to confirm its not the cable issues. (confirm 1gbps/2.5gbps shown on mikrotik)
- using older backup RB4011 as end APs to confirm if its the tenda/asus router issue (same)

My location is at Kampar (Perak) - so the infra is under TM.

So my remaining steps I can figure out on:
1) change the ONU to the SFP type presumably sold here? Or the ONU bridge? Would it be the problem you think?
2) maybe somehow there's someone hogging the bandwidth very badly in this particularly property compared to the other one? (detailed traffic monitoring)
3) give up about Digi fiber? Maybe its their FUP?

Thanks for your advice. I'm keen to try if its the ONU problem, or whether its some other settings problem..

1) I didn't do any config. thats the thing. Just normal stock setup with some minor firewall config. Skyworth modem connect into rb5009 port.
2) before this it had the same issue even with their stock tplink router, I saw frequent disconnections until I think they did something from the backend to update/close the issue.
3) okay let me see how to track the sessions and see how it works.
4) morning probably unable to replicate because concurrent real user sessions lesser. mikrotik has tools to replicate this? let me research.
5) possible you mention congestion (from my end), I did, but I also isolated each end AP to just 100mbps to limit (6 APs) that totals up to 600mbps ul dl max concurrent, same thing.
6) not 100% sure what ASN means, but since I sign under digi so I think Digi ASN.

I'm going to order 1 SFP from @anime4000 to try, and conclude if its the PON unit issue.

Otherwise I will conclude its either as you mention: digi putting a cap on how many concurrent session a subscriber can open.

But quick update: I found a spare fiberhome ONU and currently testing it (old version caps to 800mbps dl speed), so far no weird issues last night! (of course if congestion type of surfing then unavoidable). Will do stress testing next few days when user session capacity comes in on weekday to see what happens. cross fingers.

Based on my checks last night, using the fiber home modem option does not work as well. I now believe as you suggest, that under a certain maximum number of connections as you have pointed out, they start to fail (blocking by Digi fiber). Normal web surfing, WeChat, Microsoft teams, shopee app failed to load/lag/need to keep refreshing during the down time(meaning it did not load right away on the first time) - approx 10pm onward range.

I haven't tracked it onsite at night yet(I am away from the site at night) - but currently during daytime it's between 300-700 range.

This is what you meant right? the 209 number.


I have enabled graphing also to see the data usage.



And as per the rpki test result:

Is there a way/script I can enable tracking for number of open sessions in logging? *nevermind - I setup a script to log active connections every minute.

And is there a way I can use the remote DNS to login to mikrotik? I enabled Cloud > DDNS enabled but it writes: Router is behind a NAT. Remote connection might not work. *nevermind - I found the way to get this to work with zerotier.

I will do a remote login and do a comparison on the number of active connections to see what's the limitation.

Are there some specific settings I should do to enable ipv6? Since I did not "Disable Ipv6" i just run it as it is.



This is what I see in Addresses in IPV6:



I am pointing it to 8.8.8.8 and 8.8.4.4, any pointers on how to point them to mikrotik? (i will search online in the meantime).

Your assumption is correct - and actually it is not a swap, it is a different site, but it is at the same area. The devices are essentially the same except the ISP is digi fiber.

Devices are connected via wifi, however me personally connecting via wired gives the same outcome.

Strangely: I have setup the SFP by @anime4000 today following his configurations, and using RB5009. Although I hit the speeds of 2gb dl and 1gb ul from speedtests, the outcome seem to be far worse than using the fiberhome + rb4011. Far worse meaning all attempts to try using fast.com usually fail, most attempts to open websites fail, and all forms of apps such as wechat, etc fail. funnily the speedtest I did lead me to attempt to do it with kuching isp, even though I am located in perak. But then again rb4011 and fiberhome also gives problems sporadically, during certain time/usage patterns. Even the RPKI website you shared cannot be loaded.

From remote monitoring into the routers I confirm: there is no overusage - the speeds are well below the 2gb/1gb provided. I don't think users ever get a chance to even surf the speeds.

To answer your questions:

1) they are the latest versions. 7.19.3 For the routers handling maxis fiber & digi fiber.
2) Yes they are swapped. As mentioned funnily fiberhome seem to work better. I have not swap the skyworth yet due to avoiding any disruption. But, testing anime4000's SFP ONU unit proves that either my RB5009 is giving problems, or that after a certain number of connections (as you mention about NAT limit), then maybe packets start to get lost.
3) Yes, if I disconnect and reconnect it usually gets fast again, but only for a short time during peak periods, as the connections quickly rush back in.

So you reckon the "NAT limit' is something imposed by digi fiber correct? And there's nothing I can do to bypass this limit or I can mitigate this by setting up queues/etc?

These are the number of connections i logged using digi fiber. For maxis fiber it is at least 5 times higher, and no issues.

I have done as you mentioned, and I saw that I do not get any ipv6 at all.

Then I reconnected back the tplink digi modem provided, and its the same outcome even enabling ipv6. I reckon after the previous complaint to them, they have disabled ipv6 and hence "quietly solved" the pppoe disconnect issue previously.

Okay so I guess I'm stuck with the current configuration. Done all including setting up ipv6 on all APs but same. mikrotik and tplink does not show the ipv6 through the websites you provided.

Thanks kwss for your advice. I learned alot through this process. I will probably just move on and get another telco.

And yes as to your last question, yes this is a consumer plan, no business plan. Any idea whether signing up for business plan will remove the CGNAT session limit for any/all providers? Is Unifi business good for this?

Today I do something crazy

CCR2004 act like OLT






the SFP range is 8KM, to reduce power by mis-match UPC APC


No need set RG Mode


LAN Speedtest Results


the OLT support only 1:16

I went to Jabodetabek, meet my GPON team and got this

the OLT act like L2 Switch, simple, auto registration

Now, can create own FTTR

today I tried with old Unifi ONU, Huawei HG8420H5 with OLT SFP

without changing any settings, stock Unifi HWTC Firmware, untagged traffic work just fine!

This mean, I can turn HG8420H5 like Media Converter + Switch!


I tried Nokia ONU, it didn't allow untagged traffic,
I haven't tried ZTE, and Fiberhome ONU yet

based on ME 84 and 171, it pass as is and no VLAN entry on the table

ME 84, just 0x00 FwdOp with zero Entry
ME 171, just 0x1000 Filter (Wildcards = any VLAN) pair with RemoveTags 0 (no tag rewrite/stripping)

The OLT just push very basic and user side managed

on Huawei, I not configure anything, it just works! I think Unifi Firmware that Huawei made are bridge mode as always...

If you see the D-Link ONR B1, the VLAN also works.

at Mikrotik, just add VLAN as usual,
the OLT, just pass traffic as is (VLAN Aware)
at ONT, traffic come as Raw Layer 2.

the OMCI ME 171 didn't push any VLAN Entry, and ME 84 just simple 0x00 FwdOp

I bought an Ubiquiti router. Correct GPON SFP from few laying around earlier. The webui IP 192.168.1.1 for router and stick is the same . How to access the Stick GUI ? How to setup the Ubiquiti like static routing needed? The GPON doesn't go UP if fiber not connected ?

another Nijika Stick update, 10 stick in action, 10 pppoe for now



speedtest for now



https://www.speedtest.net/result/c/a05d054b...72-8045df2e0b34

managed to split different OLT Port
Maxis 1+1
Unifi 2G (1,2,3,4,5,8)
Unifi 2G (6 & 7)

thus ~6Gbps, the rest of id share OLT Port, like id 6 and 7, will be 1+1 on each ONR, this already limitations of GPON

I try propose to install own OLT, maybe using TP-LINK XGSPON for this client, so, can reduce number of fiber

my client target to have 40Gbps
he found me from overseas forum, luckily in same country, nearby states, hire me for this project

now, Unifi need split all current 8 account to different OLT port, meaning FDP that did not share same root.

first, Unifi pull out id 6 and 7 and use different FDP, show same results 1+1 from different ONR

report to upper management, didn't work...

now planning moving out id 8 alone.

like this, my client wants 40Gbps, (20x Unifi Ultra), I told Unifi Elite need to accelerate 10G/XGS-PON deployment here

instead having 20 unifi fiber, use 10G PON just need 4, then ditch CRS309 out of picture...

Unifi upper management acknowledged, but still many bureaucracy need to follow,

Unifi told me, once Unifi Ultimate (10G) exist, this might compete with Metro-E especially at price point...

of course Metro-E have big leverage and 99.7% SLA
and PON is best-effort...

I have told my client that 40G Metro-E pricing would bankrupt him, he accepted "best-effort" internet instead.

---

in meantime, Unifi have acknowledged my NIJIKA PON Stick, use my client to test the stability and compliance 🤗

waiting good news from them, so I can less to worry about incompatible that I modified, as I can see OLT side, this good time to fully sure that my firmware is approved