High-level RouterOS PPPoE Server/Client Configuration Example

Products ePMP
1

High-level RouterOS PPPoE Server / ePMP Client Configuration Example

See below for a high-level view of a basic PPPoE connection between a MikroTik PPPoE Server (Access Concentrator) and ePMP SM (traversing the ePMP AP and AP-SM wireless link)

RouterOS PPPoE Access Concentrator Configuration

PPP Profile - General

PPP profiles are a convenient mechanism for defining default values to be applied to various PPPoE configuration components.  In this case, we are creating a profile called "Cambium_profile" which is associated with the Local Address 192.168.0.254 (the IP address assigned to the RouterBoard switch port associated with the PPPoE service).  If the server is to assign IP addresses to clients, define a pool of IP addresses adn spcifiy it in the Remote Address Field. If the PPPoE clients will be configured with a static IP address, leave this field blank.

MikroTik PPPoE parameters_profile.png
MikroTik PPPoE parameters_profile.png1122×606 391 KB

PPP Profile - Protocols

MPLS, Compression, VJ Compression, and Encryption options may be left at "default" as  these protocols are not supported on the ePMP PPPoE implementation.  

MikroTik PPPoE parameters_profile_protocol.png
MikroTik PPPoE parameters_profile_protocol.png1118×609 374 KB

PPP Profile - Limits

The LImits tab may be used to configure the maximum connection time "Session Timeout" (no limit by default) and the amount of time after which the link will be terminated if there is no activity.  Operators may also assign receive and transmit data limits for the connection via "Rate Limit (rx/tx)".

MikroTik PPPoE parameters_limits.png
MikroTik PPPoE parameters_limits.png1117×603 401 KB

PPPoE Services

Each PPPoE Service in RouterOS can be configured wih a specific Service Name (e.g. "ABC") and can be assigned to an interface (e.g. "ether3").  The MTU for the PPPoE connection is configured here ("1492" - this is the maximum supported MTU on the ePMP PPPoE implementation).  The configured Default Profile "Cambium_profile" specified in this example contains additional connection configuration options which are discussed above in this article.  Lastly, the ePMP system supports PAP or CHAP authentication, so ensure that these parameters are ticked in the RouterOS PPPoE Service.

MikroTik PPPoE parameters1.png
MikroTik PPPoE parameters1.png1122×607 391 KB

PPP Secret (PPPoE Crendentials)

In the PPP Secret dialogue configure the associated username and password for the PPPoE service.  As in the PPPoE Service configuration above, operators may add a custom Profile  or configure Local Address (tunnel address or name of the pool from which the server's IP address is assigned) and a Remote Address (tunnel address or name of the pool from which the remote PPP client's address is assigned) 

MikroTik PPPoE parameters2.png
MikroTik PPPoE parameters2.png1121×605 412 KB

ePMP PPPoE Client Configuration

Network -> Point-to-Point Protocol over Ethernet (PPPoE) Parameters

The example below depicts an ePMP SM PPPoE client configuration corresponding to the RouterBoard PPPoE Access Concentrator defined above.  For MikroTik switches, operators must use the name assigned to the switch (MikroTik, in this case) as the PPPoE Access Concentrator name.

ePMP_mikrotik_sm_PPPoE_example.PNG
ePMP_mikrotik_sm_PPPoE_example.PNG728×398 9.78 KB

Parameter reference:

  • Service Name -  An optional entry to set a specific service name to connect to for thePPPoE session. If this is left blank the SM accepts the first service option that comes back from the Access Concentrator specified below, if any. This is limited to 32 characters.
  • Access Concentrator - An optional entry to set a specific Access Concentrator to connect to for the PPPoE session. If this is blank, the SM accepts the first Access Concentrator which matches the service name (if specified). This is limited to 32 characters.
  • AuthenticationALL: This means that CHAP authentication will be attempted first, then PAP authentication. The same password is used for both types.
    CHAP: This means that CHAP authentication will be attempted.
    PAP: This means that PAP authentication will be attempted.
  • Username This is the username associated with this PPPoE client. The username must exist in the PPPoE server. This is limited to 32 characters.
  • Password This is the password associated with the username for this PPPoE client. The password must match the one associated with the username at the PPPoE server.  This is limited to 32characters.
  • MTU Size Maximum Transmission Unit; the size in bytes of the largest data unit that the device is configured to process inside the PPPoE tunnel. Users may enter a MTU value up to 1492 bytes. However, if the MTU determined during link negotiations with the PPPoE server is less than this user-specified value, the PPPoE client uses the smaller value as its MTU for the PPPoE link.
  • Keep Alive Time Keep Alive Time is used to determine the timeout for the PPPoE link Keep-Alive procedure and to determine when to declare that the link is down and needs to be recovered. As an example, if this field is set to 5, the PPPoE client will send a Keep Alive request to the server up to 4 more times (for a total of 5 times) before tearing down the PPPoE session and initiating recovery of the link. 
  • MSS Clamping: Disabled: The PPPoE client allows any MSS (Maximum Segment Size) advertized during TCP connection hand-shaking by devices connected to the SM
    Enabled: The PPPoE client enforces a maximum MSS advertized during TCP connection hand-shaking by devices connected to the SM which is determined by the MTU in use by the PPPoE link.
2 Likes