Community discussions

MikroTik App
 
User avatar
GlueGuy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 62
Joined: Tue May 16, 2006 10:57 pm
Location: San Francisco Bay Area California (CA)
Contact:

network bifurcation

Tue Apr 03, 2007 10:19 pm

We have a customer that has a "remote" building in which they provide
fee-based network access for their customers. Because of the distance,
we set them up with a VDSL connection to this building over one of their
own in-house twisted pairs. Works pretty good, the VDSL provides up to
16 Mbps throughput for the remote building, which far exceeds their own
uplink speed.

They have two issues.

1. bandwidth sharing
2. privacy for in-house computers

They want to limit total bandwidth used by their customers over the
shared uplink through our service. This part should be a piece of cake
except that they have one of their own computers that shares the VDSL
link. This sales computer needs to be able to access the rest of their
computers, as well as the uplink.

Is there a way to:

1. Limit their "guest" computers total bandwidth usage to some fraction
of their total
2. "Private-ize" their own network from the guest network
3. Provide a tunnel to the one computer that is attached to the guest
network, so that it can access the in-house network without restriction


Maybe a diagram:

guest computers --/-----  guest segment -----------(+)-------uplink
                 /                                 /
sales computer--/                                 /
                               in-house segment--/
So we would plunk a 'Tik where the (+) is, and hopefully be able to
accomplish all three of the goals?

Or do we need to create a second segment to the remote building?


-- Bill Prince
Skyline Broadband Service
 
User avatar
GlueGuy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 62
Joined: Tue May 16, 2006 10:57 pm
Location: San Francisco Bay Area California (CA)
Contact:

Wed Apr 04, 2007 4:07 pm

So this is either too easy or too hard?

Which?
 
User avatar
GlueGuy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 62
Joined: Tue May 16, 2006 10:57 pm
Location: San Francisco Bay Area California (CA)
Contact:

Got ya all stumped?

Thu Apr 05, 2007 3:13 am

What's the deal? Have I got you all stumped?
 
User avatar
GlueGuy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 62
Joined: Tue May 16, 2006 10:57 pm
Location: San Francisco Bay Area California (CA)
Contact:

Thu Apr 05, 2007 6:13 am

nudge
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6263
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Thu Apr 05, 2007 2:36 pm

so, if you have 2 different areas that needs to be connected use any of available solutions of tunnels, also, there are mangle and everything else available for you to use.

there is 100+1 solutions available, look un manual and in wiki.

of course there will not be solution for you that 100% will work in your case, but you can adapt, if you know how networking works
 
User avatar
samsoft08
Long time Member
Long time Member
Posts: 613
Joined: Sat Nov 26, 2005 10:52 pm

Thu Apr 05, 2007 11:01 pm

if he knows he wouldnt be here asking for a solution or an idea ..
 
User avatar
tneumann
Member
Member
Posts: 394
Joined: Sat Apr 16, 2005 6:38 pm
Location: Germany

Thu Apr 05, 2007 11:37 pm

if he knows he wouldnt be here asking for a solution or an idea ..
Well, yeah, for sure, but your comment did not help either.

Ok, so the original question did not get any answers for several days by now. Can you think of reasons why this might be the case while at the same time several other discussions are active and valuable answers are published?

The point is that there is a very, very direct correlation between the quality of the question and the amount and quality of the answers you're likely to get. You're also much more likely to receive high quality answers from the wizards around here if it can be seen that you already tried to really understand the problem yourself, give a clear and detailed description of what you already did or did not try, what you wanted to achieve with what you already did, what worked and what did not, what detailed errors did come up (if any) etc. and most important that you at least have a tiny glimpse of fscking clue of what for goods sake you're planning to do - or at least have a plan/concept behind this at all.

Some questions in this forum make me think of someone who has just discovered how a hammer works, sees that other people are already flying their own Boing 747 and now he wants to fly one as well. ASAP! Pronto! And without paying for support! After all, now that he knows how to use a hammer there can not be much more to learn until he can fly that 747, or can there?

Folks, learn the basics, try, try more, try even more, then read some more books and then post here with meaningful questions that even can be answered without having to explain everything starting with the Big Bang of The Universe...

--Tom
 
User avatar
GlueGuy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 62
Joined: Tue May 16, 2006 10:57 pm
Location: San Francisco Bay Area California (CA)
Contact:

Thu Apr 05, 2007 11:55 pm

Well... I _thought_ it was a good question, complete with an ascii drawing.

Sure there is a way to make this work with a couple of mT routers, one at the main building, and another at the remote building. Set up a VPN for the one computer over there to tunnel into the main network.

However, because there is only one computer at the remote end, it seems extravagant to put in two, especially if there is a way to tunnel from the one computer at the remote end into the main network segment. I just don't know, as I've read the manual, and all the VPN-type examples show two microTiks involved (one at each end).

_THATS_ why I asked the question. We haven't bought any equipment yet, I was trying to gauge the feasibility _BEFORE_ I started flailing around. Is that unreasonable? What kind of a fool would buy the equipment before having a plan?

sheesh