Disclaimer:
I donot have professional level expertise with the mikrotik & specially Cisco. It’s just personnel R&D that sometimes leads me to a working solution. After posting on the internet, I got some clues & Alhamdoillah it worked !
Scenario: [example]
OP have mini ISP setup. Different areas are connected with Cisco 3750 switch where Vlan(s) for each port is configured. Trunk port is connected with Mikrotik Routerboard where vlan interfaces are configured accordingly. DHCP for each VLAN is configured on the Mikrotik RB which provides different subnet to each vlan with default gateway pointing to each VLAN IP.
PPPoE Server is configured on the RB to facilitate ppp dialing for each vlan. As per policy, user must dial pppoe dialer to connect with the mikrotik PPP server in order to access internet.
Problem:
OP have few media sharing server located on Vlan No 3. When user starts downloading heavy media files from the Vlan No 3, all of his traffic routes via Mikrotik Router which creates load on router.
Solution # 1: [that worked partially]
After some R&D, I implemented following
- Moved DHCP role to Cisco
- Setup intervlan routing. enabled ip routing
- Added default gateway in DHCP options pointing to Cisco local vlan ip respectively
This partially solves the problem. When user join the LAN, he gets IP address from the Cisco dhcp with default gateway to its respective vlan IP. all goes well , communication was happening fine with in vlan without touching the Mikrotik. But as soon as users dial the PPPOE dialer, his traffic starts routing via Mikrotik . after some troubleshooting it appears that when user dials pppoe dialer, his routes changes and ppp gets preference over other routes which force all traffic to go via RB.
As showed in the image below …
Solution # 2: [worked 100% as required]
In Cisco Switch DHCP settings for each vlan, Remove Default Gateway, and add static routes for the sharing media servers subnet via using DHCP classless static routes option
Sounds fair enough :~)
Working Example Config for Cisco Switch 3750
# Cisco Switch Part
[Model: ws-c3750e-24pd / Version 15.0(2)SE10a ]
! system mtu routing 1500 ip routing ! ip dhcp pool vlan2 network 192.168.2.0 255.255.255.0 dns-server 101.11.11.36 option 121 ip 24.192.168.3 192.168.2.1 ## This option provides route information , /24.x is the subnet info and other is gw ! ip dhcp pool vlan3 network 192.168.3.0 255.255.255.0 ## This is media server vlan, we have added manual ip & gateway pointing to vlan ip 192.168.3.0 ! ip dhcp pool vlan4 network 192.168.4.0 255.255.255.0 option 121 ip 24.192.168.3 192.168.4.1 ## This option provides route information , /24.x is the subnet info and other is gw ! ! This port is connected with the Mikrotik RB interface GigabitEthernet1/0/1 switchport trunk encapsulation dot1q switchport mode trunk ! This port is connected with user area 2 interface GigabitEthernet1/0/2 switchport access vlan 2 switchport mode access ! This port is connected with local FTP/Media sharing server's interface GigabitEthernet1/0/3 switchport access vlan 3 switchport mode access !This port is connected with user area 4 interface GigabitEthernet1/0/4 switchport access vlan 4 switchport mode access ! interface Vlan1 ip address 192.168.254.1 255.255.255.0 ! interface Vlan2 ip address 192.168.2.1 255.255.255.0 ! interface Vlan3 ip address 192.168.3.1 255.255.255.0 ! interface Vlan4 ip address 192.168.4.1 255.255.255.0 ! Following route is pointing to Mikrotik RB ip route 0.0.0.0 0.0.0.0 192.168.254.2 !
# Mikrotik Routerboard Part
/interface ethernet set [ find default-name=ether1 ] name=LAN-TRUNK /interface vlan add interface=LAN-TRUNK name=vlan2 vlan-id=2 add interface=LAN-TRUNK name=vlan3 vlan-id=3 add interface=LAN-TRUNK name=vlan4 vlan-id=4 # It is recommended to use small subnet, like /29 for below (zaib) /ip address add address=192.168.254.2/24 interface=LAN-TRUNK network=192.168.254.0 /interface pppoe-server server add default-profile=pppoe-profile disabled=no interface=vlan2 max-mru=1480 max-mtu=1480 mrru=1600 one-session-per-host=yes service-name=service2 add default-profile=pppoe-profile disabled=no interface=vlan3 max-mru=1480 max-mtu=1480 mrru=1600 one-session-per-host=yes service-name=service3 add default-profile=pppoe-profile disabled=no interface=vlan4 max-mru=1480 max-mtu=1480 mrru=1600 one-session-per-host=yes service-name=service4
# FTP / Media Sharing Server Part
at your FTP server, which is under vlan no 3, define static ip like 192.168.3.2 and point its gateway to 192.168.3.1, That’s It 
Results are showed as below …
Note:
I have posted minimalist configuration to reduce any complication. Most of parts are quite self explanatory. This exercise was done successfully in LAB & required results were achieved. However you must consult with some Cisco expert & conduct your own testing before implementing it on production.
Also you may want to use ACL in order to restrict access to shared resources, YKWIM
Regard’s
Syed Jahanzaib
Filed under: Cisco Related, Mikrotik Related
