Combining 8 ISPs with a single mikrotik device

Combining 8 ISPs with a single mikrotik device

GPON, layer 2, Layer 3, load balancing, PCC
Hello all, this time, we would like to share our project of combining 8 ISPs with a single Mikrotik device. So, our client already subscribes to internet connections from 8 different ISPs, and want to use them to provide internet connections to his customers. The reasons are simple: For availability purposes. If one connection is down, the customer is still able to connect via other links (there are eight connections in total, you know that, right? :-p) To increase capacity and also sharing traffic load among the connections. These mean let say if each link has a 100 Mbps datarate, having 8 of them will result in 800 Mbps in total. Sounds good, right? so this is what we did: configure ONU modems to be in the bridge-mode. The upstream…
Read More
Observing the DDOS/probing attack with Mikrotik device

Observing the DDOS/probing attack with Mikrotik device

DDOS attack, firewall, probing attack, security
We got a question from students, how the DDOS attack looks like? are they similar to probing attack? In this article, we will talk about it and monitor the attack with the MikroTik router. In order to observe, we need to set up a network topology that allows us to see all packets that are flowing on the network, by having a central point as the main connection hub, it gives us better observability as inbound and outbound traffic will go through the same place, not scattered through different links. Now, let's talk about the tools we are using. The first tool we can use to monitor the traffic flows is the firewall connection. It has a filter where you can use it to focusing on a particular connection like…
Read More
FULL-routes vs partial-routes on BGP

FULL-routes vs partial-routes on BGP

BGP, Layer 3, routing table
In the previous articles, we already talk about setting up a BGP session between routers in the form of peering. When a BGP session established, the routers will start to exchange their routing prefix, put them into the main routing table, apply BGP best-path algorithm, and the router will have optimized routes that will be used for FIB (Forwarding Information Base).  FULL-routes vs partial-routes on BGP. A question arises, are those routes full or partial? What's the difference between them? Which one should I pick? Ok here it is: FULL-routes a FULL-routes is a whole prefix in the (BGP) world, meaning a collection of all prefix/routes of any AS in the world. in 2018, there are 700 thousand routing entries in FULL-routes, and it keeps growing. It will stop growing…
Read More
January 2018, MUM Manila, Philipines, GLC Networks Presentation : BGP vs OSPF

January 2018, MUM Manila, Philipines, GLC Networks Presentation : BGP vs OSPF

BGP, BGP session, internet, ISP, Layer 3, Layer 4, Layer 5, load balancing, Router
This is a presentation from GLCNetworks at Mikrotik User Meeting, Manila, 15 january 2018. We talked about the essential differences from BGP and OSPF routing protocol, which is important for those who plan to operate both. MUM agenda is available here: https://mum.mikrotik.com/2018/PH/info/EN This topic is part of GLC Networks training. For more information, please contact us here or stay tuned with our schedule. Recording is available here: Presentation slide can be accessed here: Mikrotik User Meeting Manila: bgp vs ospf from Achmad Mardiansyah    
Read More
Why it is a bad idea to block youtube IP address?

Why it is a bad idea to block youtube IP address?

IP address, L7-filter, layer 7
[caption id="attachment_1136" align="alignleft" width="251"] no youtube in our office[/caption] so, at my client's office, there was a need to block youtube access during working hours (08:00-17:00). the local administrator there tried to create rules on mikrotik router OS firewall, using layer7-filter, block youtube ip address, and the result is more complaints from user :-( (more…)
Read More
September 2017, GLC webinar: Integrating Radius with Mikrotik

September 2017, GLC webinar: Integrating Radius with Mikrotik

webinar
Integrating Radius with Mikrotik. In this webinar, we started the discussion from the introduction of radius, AAA concept, and typical RADIUS implementation. We then move forward on example configuration on NAS (to connect to radius), radius server (to allow NAS query the RADIUS server), creating services on radius server, and last create account on radius server. At the end of presentation, we discuss about the benefits of using GLC radius compared to traditional radius server. (more…)
Read More
combining 2 ISP with one mikrotik routerboard

combining 2 ISP with one mikrotik routerboard

load balancing, PCC
In this project (click here for the detail), our client requests to combining 2 ISP with one mikrotik. This case is different from the previous one that was using BGP protocol and whole end devices are using public IP address. This project is challenging because both ISP gives Public IP address which is just enough for point-to-point connection only. End-devices (laptop, PC, etc) will use private IP address, where router will do NAT (Network Address Translation) on these private IP when they are going out to internet. Topology of the network can be seen at the picture above. So, the technical plan would be: (more…)
Read More