This post is part of the Home network v2 series.

Back in August I wrote about connecting my ISP (Altibox) fiber straight into the Mikrotik CCR1009. I’ve since decided not to include the CCR in my network stack, but instead use my EdgeRouter 4 as, well — the edge router, and VyOS to route the local networks.

So I moved the SFP module and fiber from the CCR — to the EdgeRouter 4 👇

Table of contents

SFP module

I’m happy to report that the SFP module that came with the Altibox VMG8825-B60C router/home central, also works perfectly in the EdgeRouter 🙂

  • Vendor: Tsuhan
  • Part no.: THMPRS-3511-10A
  • Connector type: SC
  • Wavelength: Tx 1310 nm / Rx 1550 nm

Fiber patch

I have a 1 meter fiber patch cable between the patch panel and the SFP module — with the following specifications:

  • SC to SC (UPC)
  • Single mode 9/125
  • OS2
  • Simplex
  • Outer diameter 2.0mm
  • LSZH (low smoke zero halogen)
Fibers in patch panel

EdgeRouter configuration changes

We just need to adjust a few settings on the EdgeRouter:

  • Create VLAN 102 and change MAC address on eth3
  • Update firewall and NAT rules

Interface

First we create a new VLAN 102 on eth3, set IP address to Use DHCP:

Altibox uses VLAN 101 for IPTV and 102 for internet.
EdgeOS interface configuration

Then we go into the Config Tree -> interfaces/ethernet/eth3 and set the MAC address. This must be the MAC address on the Altibox router/home central:

EdgeOS eth3 interface configuration

Remember to change the interfaces on the WAN_x filewall policies:

EdgeOS WAN firewall policies

The interface configuration for eth3 should look something like this:

interfaces {
    ethernet eth3 {
        duplex auto
        mac xx:xx:xx:xx:xx:xx
        speed auto
        vif 102 {
            address dhcp
            firewall {
                in {
                    name WAN_IN
                }
                local {
                    name WAN_LOCAL
                }
            }
            mtu 1500
        }
    }
}

Port forwarding

Next we need to change the WAN interface for port forwarding:

EdgeOS port forwarding

The wan-interface parameter in the port-forward configuration:

port-forward {
    wan-interface eth3.102
}

NAT masquerade

And lastly we need to set NAT masquerade on the eth3.102 interface:

EdgeOS source NAT configuration

NAT masquerade rule configuration:

service {
    nat {
        rule 5000 {
            description "masquerade for WAN"
            log disable
            outbound-interface eth3.102
            protocol all
            type masquerade
        }
    }
}

Future plans

I’ve been playing with VyOS lately and want to use it more 🙂 My initial plan was to put my lab behind VyOS, but now I’m thinking I’ll put everything behind it. But still use the EdgeRouter as my edge router 😛

I’ll explain this better once I start setting it up 🖖

Last commit 2024-04-05, with message: Tag cleanup.

Home network v2 series

  1. Replacing Unifi switches with MikroTik
  2. Getting started with MikroTik CCR1009 and RouterOS
  3. Altibox fiber — straight into Mikrotik CCR1009
  4. Running underground CAT6 to detached garage
  5. Plans for my home network
  6. Running two CAT6 cables to the play room
  7. Running three CAT6 cables to the living room TV bench
  8. Moving CAT6 cable for access point; inside the wall
  9. Altibox fiber — straight into Ubiquiti EdgeRouter
  10. Two CAT6 cables and a fiber — from the basement to the attic
  11. A few Wi-Fi improvements
  12. Updated plans for my home network
  13. Knot Resolver — with ad blocking
  14. Pulling CAT6 cable in existing conduit
  15. Running CAT6 to the twins' rooms — inside interior wall
  16. Running CAT6 to the 2nd floor den — another interior wall