Difference between revisions of "Manual:Interface/EoIP"

From MikroTik Wiki
Jump to: navigation, search
m (Reverted edit of Huri, changed back to last version by HarvSki)
Line 1: Line 1:
=This is how to set up EoIP to bridge two (or more) Mikrotik routers for central PPPoE authentication=
+
<div class=manual>
  
Using 2 routers called R1 and R2 that have an IP connection between them and R2 has 2 ethernet ports, i.e. you can ping rB from R1 and R1 from R2 where the R1 facing eth port is called eth1 and its other port is called eth2.
+
<h2>Summary</h2>
 +
<p><b>Sub-menu:</b> <code>/interface eoip</code></p>
 +
<p><b>Standards:</b> <code>GRE RFC 1701</code></p>
 +
<br />
 +
<p>
  
1. create a new EoIP tunnel on R1.<br>
+
Ethernet over IP (EoIP) Tunneling is a MikroTik RouterOS protocol that creates an Ethernet tunnel between two routers on top of an IP connection. The EoIP tunnel may run over [[IPIP]] tunnel, [[PPTP]] tunne or any other connection capable of transporting IP. <br />
2. create a new EoIP tunnel on R2, where the tunnel ID is the same as the one on R1 but the MAC addreses are different.<br>
+
When the bridging function of the router is enabled, all Ethernet traffic (all Ethernet protocols) will be bridged just as if there where a physical Ethernet interface and cable between the two routers (with bridging enabled). This protocol makes multiple network schemes possible.
4. create a new bridge on R1 and R2<br>
+
<br />
3. add a PPPoE server to the Bridge on R1.<br>
+
<br />
4. on R2 and add eth2 and the EoIP tunnel to the bridge.<br>
+
Network setups with EoIP interfaces:
5. put an IP address onto eth2 (any address seems to work, but it maybe better to use a different subnet for routing purposes).<br>
+
<ul class="bullets">
 +
<li>Possibility to bridge LANs over the Internet
 +
<li>Possibility to bridge LANs over encrypted tunnels
 +
<li>Possibility to bridge LANs over 802.11b 'ad-hoc' wireless networks
 +
</ul>
 +
<br />
  
Now you should be able to establish a PPPoE connection from a PC plugged into the eth2 port on router R2, this PPPoE connection will terminate on router R1.
+
The EoIP protocol encapsulates Ethernet frames in GRE (IP protocol number 47) packets (just like PPTP) and sends them to the remote side of the EoIP tunnel.
  
This is not the most efficient method of using the available bandwidth on a network, but is perhaps easier than having a PPPoE A/C on every Mikrotik router and using RADIUS as you can just have PPP secrets setup on one router.
+
</p>
 +
 
 +
<h2>Properties</h2>
 +
 
 +
<table class="styled_table">
 +
<tr>
 +
  <th width="40%">Property</th>
 +
  <th >Description</th>
 +
</tr>
 +
<tr>
 +
    <td><var><b>arp</b></var> (<em>disabled | enabled | proxy-arp | reply-only</em>; Default: <b>enabled</b>)</td>
 +
    <td>Address Resolution Protocol mode</td>
 +
</tr>
 +
<tr>
 +
    <td><var><b>mac-address</b></var> (<em>MAC</em>; Default: <b></b>)</td>
 +
    <td>Media Access Control number of an interface. The address numeration authority allows to use MAC addresses in the range from <b>00:00:5E:80:00:00 - 00:00:5E:FF:FF:FF</b> freely</td>
 +
</tr>
 +
<tr>
 +
    <td><var><b>mtu</b></var> (<em>integer</em>; Default: <b>1500</b>)</td>
 +
    <td>Layer3 Maximum transmission unit</td>
 +
</tr>
 +
<tr>
 +
    <td><var><b>name</b></var> (<em>string</em>; Default: <b></b>)</td>
 +
    <td>Interface name</td>
 +
</tr>
 +
<tr>
 +
    <td><var><b>remote-address</b></var> (<em>IP</em>; Default: <b></b>)</td>
 +
    <td>IP address of remote end of EoIP tunnel</td>
 +
</tr>
 +
<tr>
 +
    <td><var><b>tunnel-id</b></var> (<em>integer: 65536</em>; Default: <b></b>)</td>
 +
    <td>Unique tunnel identifier, which must match other side of the tunnel</td>
 +
</tr>
 +
</table>
 +
 
 +
<h2>Notes</h2>
 +
<code>tunnel-id</code> is method of identifying tunnel. It must be unique for each EoIP tunnel.
 +
<br /><br />
 +
<code>mtu</code> should be set to 1500 to eliminate packet refragmentation inside the tunnel (that allows transparent bridging of Ethernet-like networks, so that it would be possible to transport full-sized Ethernet frame over the tunnel).
 +
<br /><br />
 +
When bridging EoIP tunnels, it is highly recommended to set unique MAC addresses for each tunnel for the bridge algorithms to work correctly. For EoIP interfaces you can use MAC addresses that are in the range from <b>00:00:5E:80:00:00 - 00:00:5E:FF:FF:FF </b>, which IANA has reserved for such cases. Alternatively, you can set the second bit of the first byte to mark the address as locally administered address, assigned by network administrator, and use any MAC address, you just need to ensure they are unique between the hosts connected to one bridge.
 +
 
 +
<h2>Setup examples</h2>
 +
 
 +
</div>
 +
 
 +
[[Category:Manual]]

Revision as of 12:33, 19 October 2009

Summary

Sub-menu: /interface eoip

Standards: GRE RFC 1701


Ethernet over IP (EoIP) Tunneling is a MikroTik RouterOS protocol that creates an Ethernet tunnel between two routers on top of an IP connection. The EoIP tunnel may run over IPIP tunnel, PPTP tunne or any other connection capable of transporting IP.
When the bridging function of the router is enabled, all Ethernet traffic (all Ethernet protocols) will be bridged just as if there where a physical Ethernet interface and cable between the two routers (with bridging enabled). This protocol makes multiple network schemes possible.

Network setups with EoIP interfaces:

  • Possibility to bridge LANs over the Internet
  • Possibility to bridge LANs over encrypted tunnels
  • Possibility to bridge LANs over 802.11b 'ad-hoc' wireless networks


The EoIP protocol encapsulates Ethernet frames in GRE (IP protocol number 47) packets (just like PPTP) and sends them to the remote side of the EoIP tunnel.

Properties

Property Description
arp (disabled | enabled | proxy-arp | reply-only; Default: enabled) Address Resolution Protocol mode
mac-address (MAC; Default: ) Media Access Control number of an interface. The address numeration authority allows to use MAC addresses in the range from 00:00:5E:80:00:00 - 00:00:5E:FF:FF:FF freely
mtu (integer; Default: 1500) Layer3 Maximum transmission unit
name (string; Default: ) Interface name
remote-address (IP; Default: ) IP address of remote end of EoIP tunnel
tunnel-id (integer: 65536; Default: ) Unique tunnel identifier, which must match other side of the tunnel

Notes

tunnel-id is method of identifying tunnel. It must be unique for each EoIP tunnel.

mtu should be set to 1500 to eliminate packet refragmentation inside the tunnel (that allows transparent bridging of Ethernet-like networks, so that it would be possible to transport full-sized Ethernet frame over the tunnel).

When bridging EoIP tunnels, it is highly recommended to set unique MAC addresses for each tunnel for the bridge algorithms to work correctly. For EoIP interfaces you can use MAC addresses that are in the range from 00:00:5E:80:00:00 - 00:00:5E:FF:FF:FF , which IANA has reserved for such cases. Alternatively, you can set the second bit of the first byte to mark the address as locally administered address, assigned by network administrator, and use any MAC address, you just need to ensure they are unique between the hosts connected to one bridge.

Setup examples