[Reordering quotes for readability] On 13/09/17 18:18, Don Stokes wrote:
I don't believe anyone is actually using usernames/passwords to identify customers any more, but I won't be surprised if I'm wrong. It's not like dial-up where the customer could be coming from anywhere.
Part of what prompted my surprise is that this Mikrotik very much did have a username and password on the PPPoE configuration, apparently given to my client (setting it up for their customer) by the ISP in question -- and the password looks "password like" rather than just a placeholder. It's good to hear from you (and Nathan) that at least that part is less common.
[PPPoE] has the advantage that IP address management with PPPoE & friends is fairly straightforward, and you don't go wasting IP addresses, given that everything speaking native IP over Ethernet expects to see a subnet with a network, broadcast and gateway address in a /30 [....] This is important, because UFB is VLAN-per-circuit;
Unless I'm missing something, wouldn't the PVLAN sort of approach work out here? Put each customer into a isolated PVLAN, and put the ISP-end gateway into a community PVLAN, then the customer VLANs can talk to the ISP but not to each other -- and you can use a larger subnet for efficiency (/24, /22, etc). Possibly this would require some fibre provider/ONT assistance... but the whole UFB thing was built from scratch so doing it didn't have to be layers upon layers of abstraction to make it look like the past.
Note that PPPoE in most configurations has an MTU of 1492, not 1500
This particular one seems to have the Mikrotik defaulting the PPPoE interface MTU to 1480. I didn't investigate exactly why, but it didn't seem to be specified in the PPPoE client config on the Mikrotik. (VLAN 10 MTU was 1500.) 1492 MTU seems to be the best case for PPPoE if the parent ethernet interface MTU is 1500; and configuring for mini-jumbo frames on the ONT/UFB side would seem to be an obvious work around, but it's not clear if that's commonly done either. I'd be a little less bitter about forcing PPPoE on end users if it didn't force their user-data-MTU down below the assumed-in-end-user-equipment 1500 byte MTU.... Ewen