# 1. Raw table rule to bypass conntrack for public-IP PPPoE users
/ip firewall raw
add chain=prerouting src-address-list=pppoe_public_users action=notrack
# 2. Use src-nat instead of masquerade (if NAT needed)
/ip firewall nat
add chain=srcnat src-address=172.16.0.0/16 out-interface=WAN1 \
action=src-nat to-addresses=PUBLIC_IP_POOL
# 3. PPPoE server profile tweaks
/ppp profile
set pppoe-profile one-session-per-host=yes \
on-down="/ppp secret disable [find name=\$user]; :delay 30s; /ppp secret enable [find name=\$user]"
# 4. Avoid injecting PPPoE user routes into OSPF
/routing ospf interface-template
set [find interface=pppoe-server] passive=yes
রবিবার, ১৬ নভেম্বর, ২০২৫
Mikoritk PPPOE Optimization
এতে সদস্যতা:
মন্তব্যসমূহ (Atom)