Home > Others

Four steps to build a PPPOE server by ROS

Source: Internet
Author: User
Tags winbox
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

After learning the basics of PPPoE, we need to learn some applications of PPPoE protocol. Today, we will introduce how to use ROS to build a PPPOE server and implement operations such as dial-up authorization and bandwidth limit on Intranet machines through account management.

Step 1: Create an address pool

The so-called address pool is a dial-up IP address allocated to the customer by the server after the user dials the server. This IP address is used to achieve Internet sharing. It is assumed that the IP address segment is 10.0.0.0/24.

 
 
    
  
  
  1. [admin@MikroTik] > ip pool  
    2. 
  
  
  2. [admin@MikroTik] /ip pool> add name=pppoe ranges=10.0.0.2-10.0.0.254  
    3. 
  
  
  3. [admin@MikroTik] /ip pool> print  
    4. 
  
  
  4. # NAME                                         RANGES                        
    5. 
  
  
  5. 0 pppoe                                     10.0.0.2-10.0.0.254  
    6.

Create an address pool named "pppoe"

Step 2 of building a PPPOE server using ROS: create a user type

The user type is a user group, which first classifies users based on bandwidth.

 
 
    
  
  
  1. [admin@MikroTik] > ppp  
    2. 
  
  
  2. [admin@MikroTik] /ppp> profile   
    3. 
  
  
  3. [admin@MikroTik] /ppp profile> print  
    4. 
  
  
  4. Flags: * - default   
    5. 
  
  
  5. 0 * name="default" use-compression=default use-vj-compression=default   
    6. 
  
  
  6.     use-encryption=default only-one=default change-tcp-mss=yes   
    7. 
  
  
  7. 1 * name="default-encryption" use-compression=default   
    8. 
  
  
  8.     use-vj-compression=default use-encryption=yes only-one=default   
    9. 
  
  
  9.     change-tcp-mss=yes   
    10. 
  
  
  10. [admin@MikroTik] /ppp profile>  
    11.

In the initial state, two default attribute types are available: "default" and "default-encryption", which are not allowed for deletion.

Assume that we need to add two user groups with bandwidth of KB and 1 Mbit/s.

 
 
    
  
  
  1. [admin@MikroTik] /ppp profile> add name=512K local-address=10.0.0.1 remote-address=pppoe dns-server=61.139.2.69 rate-limit=512K/512K only-one=yes idle-timeout=00:10:00  
    2. 
  
  
  2. [admin@MikroTik] /ppp profile> add name=1M local-address=10.0.0.1 remote-address=pppoe dns-server=61.139.2.69 rate-limit=1M/1M only-one=yes idle-timeout=00:10:00         
    3. 
  
  
  3. [admin@MikroTik] /ppp profile> print  
    4. 
  
  
  4. Flags: * - default   
    5. 
  
  
  5. 0 * name="default" use-compression=default use-vj-compression=default   
    6. 
  
  
  6.     use-encryption=default only-one=default change-tcp-mss=yes   
    7. 
  
  
  7. 1 name="512K" local-address=10.0.0.1 remote-address=pppoe idle-timeout=10m   
    8. 
  
  
  8.     use-compression=default use-vj-compression=default   
    9. 
  
  
  9.     use-encryption=default only-one=yes change-tcp-mss=default   
    10. 
  
  
  10.     rate-limit=512K/512K dns-server=61.139.2.69   
    11. 
  
  
  11. 2 name="1M" local-address=10.0.0.1 remote-address=pppoe idle-timeout=10m   
    12. 
  
  
  12.     use-compression=default use-vj-compression=default   
    13. 
  
  
  13.     use-encryption=default only-one=yes change-tcp-mss=default   
    14. 
  
  
  14.     rate-limit=1M/1M dns-server=61.139.2.69   
    15. 
  
  
  15. 3 * name="default-encryption" use-compression=default   
    16. 
  
  
  16.     use-vj-compression=default use-encryption=yes only-one=default   
    17. 
  
  
  17.     change-tcp-mss=yes  
    18.

Local-address refers to the server address for IP address allocation, which serves as the gateway for the customer to access the Internet after dialing, fill in the remote-address field in the address pool PPPOE created in step 1. When the customer dials, the server will assign an idle IP address from the address pool to the customer. The rate-limit bandwidth limit value, the only-one parameter is used to determine whether an account can be used by multiple customers at the same time. The idle-timeout parameter is the time after the user has no traffic, will be automatically disconnected from the server.

Step 3 of creating a PPPOE server using ROS: Create account information

Assume: Add a K account and a 1 m account

 
 
    
  
  
  1. [admin@MikroTik] /ppp profile> /  
    2. 
  
  
  2. [admin@MikroTik] > ppp secret   
    3. 
  
  
  3. [admin@MikroTik] /ppp secret> add name=111 password=111 profile=512K service=pppoe 
    4. 
  
  
  4. [admin@MikroTik] /ppp secret> add name=222 password=222 profile=1M service=pppoe 
    5. 
  
  
  5. [admin@MikroTik] /ppp secret> print  
    6. 
  
  
  6. Flags: X - disabled   
    7. 
  
  
  7. # NAME        SERVICE CALLER-ID     PASSWORD     PROFILE     REMOTE-ADDRESS   
    8. 
  
  
  8. 0 111       pppoe                 111       512K      
    9. 
  
  
  9. 1 222       pppoe                 222       1M    
    10.

Step 4 of building a PPPOE server using ROS: Create a PPPOE Server

 
 
    
  
  
  1. [admin@MikroTik] /ppp secret>/  
    2. 
  
  
  2. [admin@MikroTik] > interface pppoe-server server   
    3. 
  
  
  3. [admin@MikroTik] /interface pppoe-server server> add service-name=pppoe interface=lan defaultdefault-profile=default-encryption one-session-per-host=yes   
    4. 
  
  
  4. [admin@MikroTik] /interface pppoe-server server> print  
    5. 
  
  
  5. Flags: X - disabled   
    6. 
  
  
  6. 0 X service-name="pppoe" interface=lan max-mtu=1480 max-mru=1480 mrru=disabled   
    7. 
  
  
  7.     authentication=pap,chap,mschap1,mschap2 keepalive-timeout=10   
    8. 
  
  
  8.     one-session-per-host=yes max-sessions=0   
    9. 
  
  
  9.     defaultdefault-profile=default-encryption   
    10. 
  
  
  10. [admin@MikroTik] /interface pppoe-server server> enable 0  
    11. 
  
  
  11. [admin@MikroTik] /interface pppoe-server server> print  
    12. 
  
  
  12. Flags: X - disabled   
    13. 
  
  
  13. 0 service-name="pppoe" interface=lan max-mtu=1480 max-mru=1480 mrru=disabled   
    14. 
  
  
  14.     authentication=pap,chap,mschap1,mschap2 keepalive-timeout=10   
    15. 
  
  
  15.     one-session-per-host=yes max-sessions=0   
    16. 
  
  
  16.     defaultdefault-profile=default-encryption  
    17.

Explain the related parameters:

Interface specifies the Intranet Nic and provides the NIC interface of the PPPOE server, max-mtu and max-mru maximum transmission units and maximum receiving units. If some websites cannot be accessed, you can modify this parameter a little, such as 1460. Whether one-session-per-host limits the number of sessions at the same time on the host is based on the physical address. If yes, it indicates that when a new session is created, The old session will be disconnected and used with The keepalive-timeout parameter: "The default keepalive-timeout value of 10 is OK in most cases. if you set it to 0, the router will not disconnect clients until they explicitly log out or the router is restarted. to resolve this problem, the one-session-per-host property can be used"

ROS has built a PPPOE server. If you want to allow all users to access the Internet through PPPOE and do not allow users to access the Internet using static addresses, you can perform the drop operation on the ip address range 192.168.1.0/24 configured on the Intranet in ip-firewall-filter. As this operation involves the firewall function, it will be described later, this section describes how to build a PPPOE server.

If you are using winbox to connect to ROS, all the above commands can be directly pasted in the "new terminal" on the main menu of winbox.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
four post server rack how to build web server how to build internet server how to build hosting server how to build minecraft server how to build local server server troubleshooting steps

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More