EOIP Deep Dive
0 likes485 views
The document outlines a webinar conducted by GLC Networks on Mikrotik's Ethernet over Internet Protocol (EOIP), covering various aspects including prerequisites, EOIP functionality, practical tips, and a live practice session. It introduces the speaker, Achmad Mardiansyah, and highlights GLC Networks' background and training offerings. The presentation aims to enhance understanding of networking concepts and EOIP configuration while inviting participants to engage and share their knowledge.
EOIP Deep Dive
- 1. www.glcnetworks.com Mikrotik EOIP Deep dive GLC Webinar, 10 Mar 2022 Achmad Mardiansyah achmad@glcnetworks.com GLC Networks, Indonesia
- 2. www.glcnetworks.com Agenda ● Introduction ● Review prerequisite knowledge ● EOIP ● Tips and trick ● Live practice ● Q & A 2
- 4. www.glcnetworks.com What is GLC? ● Garda Lintas Cakrawala (www.glcnetworks.com) ● Based in Bandung, Indonesia ● Areas: Training, IT Consulting ● Certified partner for: Mikrotik, Ubiquity, Linux foundation ● Product: GLC radius manager ● Regular event 4
- 5. www.glcnetworks.com Trainer Introduction ● Name: Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user since 1999, mikrotik user since 2007, UBNT 2011 ● Mikrotik Certified Trainer (MTCNA/RE/WE/UME/INE/TCE/IPv6) ● Mikrotik/Linux Certified Consultant ● Website contributor: achmadjournal.com, mikrotik.tips, asysadmin.tips ● More info: http://au.linkedin.com/in/achmadmardiansyah 5
- 6. www.glcnetworks.com Past experience ● 2020-2022 (Congo DRC, PNG, Malaysia): network support, radius/billing integration ● 2019, Congo (DRC): build a wireless ISP from ground-up ● 2018, Malaysia: network revamp, develop billing solution and integration, setup dynamic routing ● 2017, Libya (north africa): remote wireless migration for a new Wireless ISP ● 2016, United Kingdom: workshop for wireless ISP, migrating a bridged to routed network ● 2015, Kalimantan, wireless support ● See our website for more details 6
- 7. www.glcnetworks.com About GLC webinar? ● First webinar: january 1, 2010 (title: tahun baru bersama solaris - new year with solaris OS) ● As a sharing event with various topics: linux, networking, wireless, database, programming, etc ● Regular schedule ● Irregular schedule: as needed ● Checking schedule: http://www.glcnetworks.com/schedule ● You are invited to be a presenter ○ No need to be an expert ○ This is a forum for sharing: knowledge, experiences, information 7
- 8. www.glcnetworks.com Please introduce yourself ● Your name ● Your company/university? ● Your networking experience? ● Your mikrotik experience? ● Your expectation from this course? 8
- 9. www.glcnetworks.com Prerequisite ● This presentation requires some prerequisite knowledge ● We assume you already know: ○ Computer network ○ Mikrotik RouterOS 9
- 11. www.glcnetworks.com 7 OSI layer & protocol ● OSI layer Is a conceptual model from ISO (International Standard Organization) for project OSI (Open System Interconnection) ● When you send a message with a courier, you need to add more info to get your message arrived at the destination (This process is called encapsulation) ● What is protocol ○ Is a set of rules for communication ○ Available on each layer ● Communication consist of series encapsulation ○ SDU: service data unit (before PDU) ○ PDU: protocol data unit (after header is added) 11
- 12. www.glcnetworks.com Layered model (TCP/IP vs ISO) and encapsulation 12 / datagram
- 15. www.glcnetworks.com Layer 2 header, ethernet 15
- 16. www.glcnetworks.com Layer 2 header, 802.11 16
- 17. www.glcnetworks.com Did you notice? ● There is a big overhead on encapsulation process ● More encapsulation means less payload? 17
- 19. www.glcnetworks.com Tunnel / VPN ● an overlay network ● network above network ● Usually point-to-point 19
- 21. www.glcnetworks.com After VPN 21 HOME 192.168.1.0/24 3 . 3 . 3 . 0 / 2 4 2.2.2.0/24 OFFICE 172.18.1.0/24 1.1.1.0/24 cafe 192.168.1.0/24 VPN network 192.168.9.0/ 24 @VPN network: server: 192.168.9.1 router: 192.168.9.11 laptop: 192.168.9.12
- 22. www.glcnetworks.com Generic Routing Encapsulation (GRE) 22
- 23. www.glcnetworks.com Generic Routing Encapsulation (GRE) ● A tunneling protocol, developed by Cisco Systems ● can encapsulate a wide variety of network layer (layer 3) protocols inside virtual PTP links or PTMP links over an Internet Protocol network ● RFC: 1701, 2784 ● Usage: tunnel, PPTP, IPsecVPN, etc 23
- 24. www.glcnetworks.com GRE tunnel on Mikrotik ● Local-address ● Remote-address ● Ipsec-secret (to activate encryption) 24
- 25. www.glcnetworks.com Ethernet over Internet Protocol (EoIP) 25
- 26. www.glcnetworks.com Ethernet over Internet Protocol (EoIP) ● Mikrotik proprietary protocol for tunneling, using GRE protocol (RFC1701) ● Creates an Ethernet tunnel between two routers on top of an IP connection. ● The EoIP tunnel may run over IPIP tunnel, PPTP tunnel or any other connection capable of transporting IP. ● When configure bridge with eoip, it will create a virtual layer 2 segment → This protocol makes multiple network schemes possible. ● Scenarios: ○ Possibility to bridge LANs over the Internet ○ Possibility to bridge LANs over encrypted tunnels ○ Possibility to bridge LANs over 802.11b 'ad-hoc' wireless networks ● The EoIP protocol encapsulates Ethernet frames in GRE (IP protocol number 47) packets (just like PPTP) and sends them to the remote side of the EoIP tunnel. 26
- 27. www.glcnetworks.com EoIP tunnel on Mikrotik ● MAC address ● ARP mode ● Local address ● Remote address ● Tunnel id ● Ipsec secret (for encryption) ● 27
- 28. www.glcnetworks.com EoIP tips and tricks 28
- 29. www.glcnetworks.com EoIP tips ● Use static ip for local and remote address ● Assign IP address on EoIP interface for testing ● Allow GRE protocol on firewall ● Make sure IPsec configuration is same on both side 29
- 30. www.glcnetworks.com Live practice ● SSH client ● SSH parameters ○ SSH address ○ SSH port ○ SSH username ○ SSH password 30
- 32. www.glcnetworks.com Interested? Just come to our training... ● Topics are arranged in systematic and logical way ● You will learn from experienced teacher ● Not only learn the materials, but also sharing experiences, best-practices, and networking 32
- 33. www.glcnetworks.com End of slides ● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Find our further event on our website : https://www.glcnetworks.com ● Like our facebook page: https://www.facebook.com/glcnetworks ● Slide: https://www.slideshare.net/glcnetworks/ ● Discord (bahasa indonesia): (https://discord.gg/6MZ3KUHHBX ) ● Recording (youtube): https://www.youtube.com/c/GLCNetworks ● Stay tune with our schedule 33