Answer the question
In order to leave comments, you need to log in
P
P
permyakovfc2014-05-01 22:19:47
permyakovfc, 2014-05-01 22:19:47
Why do pppoe subscribers “leave” in timeout after the session break on the Mikrotik side?
Equipment available:
Eltex LTE-2X
(OLT is designed to organize broadband access over passive optical networks (PON).)
Eltex NTE-RG-1402G
(Subscriber terminals (ONT) are designed to communicate with the higher equipment of passive optical networks and provide broadband access services to the end user)
Mikrotik CCR1036
acts as an access server.
UTM5
billing.
The situation is as follows, through ONT, the subscriber connects via PPPoE connection to Mikrotik, therefore Mikrotik, via Radius`y, allows the subscriber access to the Internet.
The problem is that if you break the connection directly with the Mikrotik, or by rebooting, reconfiguring the OLT (or in simple language from the operator), then after reconnecting, the subscriber does not receive traffic, when the Mikrotik itself pings, it issues a timeout for requests. Moreover, the subscriber receives the correct addresses, and he connects to Mikrotik with the necessary parameters. If the subscriber reboots his ONT device himself, then when connecting after the reboot, the traffic "flows" normally.
With detailed settings, it turned out that the problem is not in the OLT and not in the ONT. There is an assumption that mikrotik itself does not give traffic for some reason, or billing does it, and does not give the ip to the subscriber to pass traffic on mikrotik.
With some tests, it turned out that if you restart the server with billing, and at this time, while it is rebooting, break the pppoe sessions of subscribers, then after the server with billing is loaded, then several sessions will connect normally, with the passage of traffic.
Plus, there was such a configuration in billing that would break the session once a day, so after he "breaks" it, the subscriber, after reconnecting, also goes into timeout.
Maybe someone faced a similar problem, I'll ask for help in solving it. Because sessions on the part of the operator, all the same, you sometimes need to break it off, not even intentionally.
Configs:
Mikrotik
Authorization
/ppp aaa> print
use-radius: yes
accounting: yes
interim-update: 3mppp profile
/ppp profile> print
1 name="UTM5" local-address=10.2.1.1 use-mpls=default
use-compression=default use-vj-compression=default
use-encryption=default only-one=defaultraffic flow
/ip traffic-flow> print
enabled: yes
interfaces: all
cache-entries: 512k
active-flow-timeout: 30m
inactive-flow-timeout: 15sThanks in advance!
2 answer(s)
@permyakovfc
@edinorog
P
permyakovfc, 2014-06-14 @permyakovfc
In general, the problem is solved.
Eltex subscriber devices were connected with MPPE 128 encryption, due to the fact that mschap1 and mschap2 were selected on Mikrotik, because of this, when the subscriber was reset, the encryption did not restore the session (there was a connection, but the data did not go) until the subscriber device was rebooted.
S
Sergey, 2014-05-02 @edinorog
Timeout is a politically correct thing. And does not violate the logic of things. And what can be done here if the problem is not in the service itself, but in user devices? =)
I understand that I want to pull the server every other time, but it's not like Feng Shui.
Similar questions
I
K
G
D
B
Beard2022-01-03 22:09:53
Is it possible to tunnel between Linux machine and Mikrotik behind NAT?
6Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question