Bridged to Routed

8/10/2019 Bridged to Routed

1/65

Burning Bridges - Routing Your

Bridged WISP Network WithMikroTik

855-WISP-PRO

855-WISP-PRO


2/65

Introduce Yourself

Name

Company & position there

855-WISP-PRO


3/65


4/65

About ISP Supplies

Entering our third year of business.

We sell MikroTik, Ubiquiti, Cambium and all ofthe accessories.

Also sell custom built products includingsilkscreened indoor and outdoor enclosures, RFshielding and antennas

855-WISP-PRO


5/65

Master MikroTik

Stockin Distributor

855-WISP-PRO


6/65

Largest Problem Facing

Growin WISPs

Number one consulting question Iam asked is how do I convert mybridged wireless network to arouted one?

855-WISP-PRO


7/65

One Size Fits All

A roach

There is none.

Today, establish an attack plan using generalprocesses.

You will need to adapt to your particularscenario.

855-WISP-PRO


8/65

Todays Presentation1. Why is excessive bridging a problem?2. Routing - the solution to excessively bridged

networks.

3. Network redesign, topology, IP planning androuting.

4. Protocols to be used.

5. Rollout plan.

6. Equipment selection.

855-WISP-PRO


9/65

The Problem

Why are bridged wirelessnetworks difficult to scale?

855-WISP-PRO


10/65

Network Organic Growth and Evolution

855-WISP-PRO


11/65


855-WISP-PRO


12/65


855-WISP-PRO


13/65


855-WISP-PRO


14/65


855-WISP-PRO


15/65

855-WISP-PRO

Somewhere around 300 customers on the averagebroadcast traffic reaches an unmanageable level

Large Broadcast Domain


16/65

Broadcasts Broadcasts are a necessary part of an Ethernet

network

Switches use a process called flood andlearn and then switch packets based onlookup tables, those entries in the lookuptables age out, then they flood again

As network grows, lookup tables get too large,constantly flushed, once again broadcasts areflooded

855-WISP-PRO


17/65

Broadcast Traffic in a Bridged Network

855-WISP-PRO


18/65


855-WISP-PRO


19/65


855-WISP-PRO


20/65


21/65


855-WISP-PRO


22/65



23/65

855-WISP-PRO

One broadcast from one customer utilizesevery wireless device in our infrastructure!

Broadcast traffic is retransmitted by APs andback-hauls thereby wasting valuable networkresources


24/65

The Solution Routing, adding routers into the network Why? Routers block broadcast traffic, reduce the

size of the collision domain

More efficiently utilize resources by allowing you totransmit only necessary traffic across links it needsto cross

Utilize traffic shaping and customer rate controls Offload workload like NAT to less utilized devices

closer to the network edge

855-WISP-PRO


25/65

The Solution Adding routers can increase security by the

addition of firewalls

Prevent Layer 2 switch loops Prevent customer viruses from taking your

network down

Prevent rogue DHCP servers from infiltratingthe entire network Increase the scalability of the network

855-WISP-PRO


26/65

The Solution

Simplify troubleshooting

Allow the creation of redundancy andfailover

855-WISP-PRO


27/65

The Solution

With so many

benefits from

routing over bridging

why do we resist?

855-WISP-PRO


28/65

Routing vs Bridging

Bridging is faster, easier to learn especially

at first.

Using routers requires me to learn routing.

Using routers requires me to learnsubnetting.

Administration will be more difficult.

855-WISP-PRO


29/65

Network Redesign

Redesigning a bridged network as a routednetwork requires:

A network diagram.

An IP plan.

Proper equipment. Coordinated rollout.

855-WISP-PRO


30/65

855-WISP-PRO

Flat Bridged Network

Large collision domain


31/65

855-WISP-PRO

Add Routers in Place of Switches

Many small collision domains


32/65

855-WISP-PRO

Client Broadcasts and Traffic to Internet


33/65

855-WISP-PRO

Typical Tower Detail - Bridged


34/65

855-WISP-PRO

Typical Tower Detail - Routed

Bridged

BridgedBridged

BridgedBridged


35/65

855-WISP-PRO


Bridged

BridgedBridged

BridgedBridged

BridgedLaye

r3Wirele

ss


36/65

IP Planning

Why? Public IP addresses are no longer a

limitless resource Requires knowledge of subnetting

Organized method of documentation - IPPlan, spreadsheet, etc.

Organized methodology in deployment

855-WISP-PRO


37/65

IP Planning

Example:

We have one /24 of public addresses

Will use private addresses whereverpossible and publics for customers as

required

855-WISP-PRO


38/65

IP Planning

Estimate the maximum planned number oftowers with current public IP allocation,

current + growth

Subnet your /24 into enough /30 subnets toaccommodate current + growth

Our example network has 6 towers, so weneed six /30s

855-WISP-PRO


39/65

855-WISP-PRO

Example 66.76.13.0/24 Block

66.76.

13.0/30

66.76.13

.8/30

66.76.13.4/3

0

66.76.13.12/30

66.76.13.16/30

66

.7

6.1

3.2

0/30


40/65

855-WISP-PRO


66.76

.13.8/30

66.76.13.16/30

192.168.1.0/24192.1

68.2.0

/24

192.1

68.3.0/2

4


41/65

Protocols

Run dynamic Routing - OSPF on all towerrouters and head end router

BGP is an option but it is a bit of overkillfor this job, OSPF is fast and easy

Simplifies administration, adding a customer

requires no route additions, only adding

their address/subnet to the tower

855-WISP-PRO


42/65


43/65

Protocols

If PPPoE is not an option, DHCP withauthentication based on MAC address is the secondchoice

Allows more secure DHCP environment Allows the same automatic provisioning of rate

limits as PPPoE

May be more compatible with some billing packages Avoid unauthenticated DHCP and static addressing

for clients

855-WISP-PRO


44/65

Traffic Shaping and Rate

Limitin With routed networks, we now control the

traffic

Rate limit customers at the tower, as closeto the edge as possible, most efficient way

Rate limits can be dynamically created usingPPPoE or authenticated DHCP

855-WISP-PRO


45/65

Traffic Shaping and Rate

Limitin Rate queues can be added to each router in

the system to allocate bandwidth to highpriority traffic which we will identify and

mark using mangle rules

VOIP and video can have TOS bit set,

carried throughout the networkandprioritized

855-WISP-PRO


46/65

Plan Rollout

Goal - deploy the new configuration whileavoiding or reducing downtime

Process - work from the edge of thenetwork inward

855-WISP-PRO


47/65

855-WISP-PRO

Add Routers in Place of Switches

Start Here


48/65

Rollout Plan

855-WISP-PRO

66.76

.13.8/30

192.168.1.0/24192.1

68.2.0

/24

192.1

68.3.0/2

4

1. Add the new tower router to theexisting switch.

2. Temporarily use address A from

66.76.13.8/30 subnet on head endrouter and address Z on towerrouter. Address A will move to nexthop upstream from this tower later.

3. Move APs one at a time fromswitch to router, may require clients

to power cycle to get a new IP.

4.Once all clients have been rolledover, repeat for next tower upstreamand move address A from head endto next upstream.

See next slide...

A

Z


49/65

855-WISP-PRO

First Tower Deployment

66.76.13.20/30


50/65

855-WISP-PRO

Second Tower Deployment

66.7

6.1

3.2

0/30

66.76.13.16/30


51/65

855-WISP-PRO

Third Tower Deployment...

66.7

6.1

3.2

0/30

66.76.13.16/30


52/65

Plan Rollout

Process can be tedious, require somecoordination with crews at head end and tower

OSPF will take care of routing as APs are rolledover from switch to router

DHCP or PPPoE will take care of customeraddresses and rate limits

Once entire network is rolled over, QOS canbe added later

855-WISP-PRO


53/65

Equipment Selection

Specific equipment selected depends onwork load, number of physical portrequired and budget

Examples

855-WISP-PRO


54/65

Head End Router

855-WISP-PRO

$445 $395 $495Good Good Better

Thousands of Customers


55/65

Head End Router

855-WISP-PRO

$955Best

Many Thousands of Customers


56/65

Tower Router

855-WISP-PRO

$159 $199 $240Good Better Best

Less than 120 Customers


57/65

Small Tower Router

855-WISP-PRO

$99 $130Good Better

20 or Less Customers


58/65

Summary

Routed networks are infinitely scalable, bridgednetworks die at about 300 customers

Routing your network requires a plan, IP plan,network layout and coordinated rollout Routed networks will require knowledge of OSPF,

DHCP, Radius, PPPoE and possibly BGP later

Once network is routed, roll out traffic shaping/QOS

Product recommendations

855-WISP-PRO


59/65

Products in

Presentation MikroTik routers

IP Plan (http://iptrack.sourceforge.net) Cobian Backup, free auto FTP client to

backup your routers

Integrated radius based billing solution,Platypus, DMA Softlab, Freeside, others?

855-WISP-PRO


60/65

Get Trained

MikroTik / Ubiquiti training monthly:

MikroTik MTCINE Dallas, Feb 5-8 MikroTik MTCNA, College Station, Feb11-13

Ubiquiti airMAX Training, Houston, March5-7

855-WISP-PRO


61/65

Questions?

855-WISP-PRO


62/65

Thank You

855-WISP-PRO


63/65

855-WISP-PRO


64/65

855-WISP-PRO


65/65

855-WISP-PRO

Documents

Bridged to Routed