PPPoE With Mikrotik and Radius

15,902 views
15,329 views

Published on

How to manage internet clients of an ISP with PPPoE and MikroTik. For
centralized AAA (Authentication, Authorization and Accounting), freeRadius is used.

1 Comment
8 Likes
Statistics
Notes
  • Thank you for share
    please visit

    EasyZone Mikrotik Billing
    http://www.easyzonecorp.net/product_detail.php?id=47
    http://www.easyzonecorp.net/install/How-To-Use-EasyZone-Mikrotik-Billing.pdf

    website : http://www.easyzonecorp.net
    keyword: hotspot,mikrotik,billing,truemoney,radius
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
15,902
On SlideShare
0
From Embeds
0
Number of Embeds
13
Actions
Shares
0
Downloads
353
Comments
1
Likes
8
Embeds 0
No embeds

No notes for slide

PPPoE With Mikrotik and Radius

  1. 1. Managing Internet Connections PPPoE, MikroTik and Radius Dashamir Hoxha <dashohoxha@gmail.com> Artur Nurja <tatanka@albaniaonline.net>● How to manage internet clients of an ISP● With PPPoE and MikroTik and Radius● Based on the work done at AlbaniaOnline
  2. 2. Managing PPPoE Connections with Mikrotik is Easy ● PPPoE = Point-to-Point Protocol over Ethernet ● Why PPPoE and not Ethernet? ● Configuring Mikrotik for PPPoE 1.Install package PPP 2. Create PPP profiles 3. Create a PPPoE service and enable it 4. Create user accounts
  3. 3. However it Doesnt Scale Up Well● A single Mikrotik can serve only a limited number of clients (400-500).● Managing clients and their profiles in Mikrotik cannot be integrated easily with CRM apps.● Managing clients manually in more than one Mikrotik server is difficult and error prone.● If a Mikrotik fails, the service to the clients is interrupted, until a new Mikrotik is prepared and a backup of the clients is restored.
  4. 4. Centralized AAA is Required
  5. 5. Centralized AAA is Required● AAA = Authentication, Authorization, Accounting● FreeRadius is used to check username/password, to provide client profiles, and to get usage statistics.● Client details are stored in a MySql database.● Mikrotik-s are dumb gateways with simple configs. No client details are stored on them!● Mikrotik-s use the central Radius for authentication, authorization, and for storing usage statistics.● Clients can connect through any Mikrotik available.
  6. 6. Clients are Managed by anExternal CRM Application ● CRM = Customer Relationship Management ● SugarCRM is used to keep all the client details ● SugarCRM is integrated with the database of freeRadius ● Decisions about clients are taken by Customer Care on SugarCRM ● They are automatically enforced by applying them on Radius
  7. 7. We Need Also High Availability and Load Balancing
  8. 8. We Need Also High Availability and Load Balancing● There are 2 MySQL databases, replicating in Master-->Slave mode; if the first one fails, it is replaced by the second one, in order to minimise the service down time.● Each Mikrotik is configured with a primary and a secondary Radius server; if the primary server does not reply, the second one is tried. This provides HA.● Almost half of mikrotiks have the first radius as primary, and the others have the second one. This provides Load Balancing.
  9. 9. Implementation Steps1. Install freeRadius2. Test freeRadius installation3. Set up freeRadius to use a MySQL database4. Test freeRadius with MySQL backend5. Configure Mikrotik for being a PPPoE server6. Test the PPPoE Service7. Get Mikrotik to work with Radius8. Add a second Radius server in Mikrotik9. Replicate MySQL databases of freeRadius
  10. 10. SQL API for Radius Manager● API = Application Programing Interface● Helps to access the database of Radius Manager from an outside program (SugarCRM).● Encapsulates (hides) the complexity of the database from the outside programmer.● Makes simpler the code of the outside program.● The programmer is relived from the fear of touching something inappropriately in the database.● If structure of DB is modified in future releases, only the API needs to take them into account.
  11. 11. SQL API for Radius Manager● user_get(user);● user_add(user, passwd, service_id, nr_conn, expiration_date);● user_update(user, service_id, nr_conn, expiration_date);● user_set_password(user, passwd);● user_change_service(old_srvid, new_srvid);● user_del(user);● service_get(service_id, service_name);● service_add(service_name, download_rate, upload_rate);● service_update(service_id, service_name, download_rate, upload_rate, enabled);● service_del(service_id);
  12. 12. Managing Internet Connections PPPoE, MikroTik and RadiusDashamir Hoxha <dashohoxha@gmail.com> Artur Nurja <tatanka@albaniaonline.net> Thank you for your attention! Are there any questions?

×