This post is part of the Home network v2 series.

Back in August I wrote about connecting my ISP (Altibox) fiber straight into the Mikrotik CCR1009. I’ve since decided not to include the CCR in my network stack, but instead use my EdgeRouter 4 as, well — the edge router, and VyOS to route the local networks.

So I moved the SFP module and fiber from the CCR — to the EdgeRouter 4 👇

Table of contents

SFP module

I’m happy to report that the SFP module that came with the Altibox VMG8825-B60C router/home central, also works perfectly in the EdgeRouter 🙂

  • Vendor: Tsuhan
  • Part no.: THMPRS-3511-10A
  • Connector type: SC
  • Wavelength: Tx 1310 nm / Rx 1550 nm

Fiber patch

I have a 1 meter fiber patch cable between the patch panel and the SFP module — with the following specifications:

  • SC to SC (UPC)
  • Single mode 9/125
  • OS2
  • Simplex
  • Outer diameter 2.0mm
  • LSZH (low smoke zero halogen)
Fibers in patch panel

EdgeRouter configuration changes

We just need to adjust a few settings on the EdgeRouter:

  • Create VLAN 102 and change MAC address on eth3
  • Update firewall and NAT rules

Interface

First we create a new VLAN 102 on eth3, set IP address to Use DHCP:

Altibox uses VLAN 101 for IPTV and 102 for internet.
EdgeOS interface configuration

Then we go into the Config Tree -> interfaces/ethernet/eth3 and set the MAC address. This must be the MAC address on the Altibox router/home central:

EdgeOS eth3 interface configuration

Remember to change the interfaces on the WAN_x filewall policies:

EdgeOS WAN firewall policies

The interface configuration for eth3 should look something like this:

interfaces {
    ethernet eth3 {
        duplex auto
        mac xx:xx:xx:xx:xx:xx
        speed auto
        vif 102 {
            address dhcp
            firewall {
                in {
                    name WAN_IN
                }
                local {
                    name WAN_LOCAL
                }
            }
            mtu 1500
        }
    }
}

Port forwarding

Next we need to change the WAN interface for port forwarding:

EdgeOS port forwarding

The wan-interface parameter in the port-forward configuration:

port-forward {
    wan-interface eth3.102
}

NAT masquerade

And lastly we need to set NAT masquerade on the eth3.102 interface:

EdgeOS source NAT configuration

NAT masquerade rule configuration:

service {
    nat {
        rule 5000 {
            description "masquerade for WAN"
            log disable
            outbound-interface eth3.102
            protocol all
            type masquerade
        }
    }
}

Future plans

I’ve been playing with VyOS lately and want to use it more 🙂 My initial plan was to put my lab behind VyOS, but now I’m thinking I’ll put everything behind it. But still use the EdgeRouter as my edge router 😛

I’ll explain this better once I start setting it up 🖖

Last commit 2023-02-07, with message: Make home network v2 series, with intro text.