Newbie question - is the 6100 directly compatible with this fiber connection?
-
Urgh that sucks. Not easy to pcap on the WAN side to see what's happening either.
Maybe they require a VLAN or some priority tagging that doesn't happen in bridge mode?
Steve
-
Indeed. The default configuration loaded in to the router has one option for bridge pre-configured, but by default is not bound to any port so does nothing from what I can see. Interestingly, it's IPoE, not PPPoE. I tried to bind to LAN port pfSense and connect via DHCP, but there was no DHCP reply. So I'm not sure why it's preloaded and what purpose it is for.
The top profile is the standard routed which I currently use. If I create a new bridged profile, set it to PPPoE and use the same VLAN (400) as the routed profile, that's when I can connect and get a PPPoE auth, but all is captured by the ISP portal. I could not get a PPPoE auth when trying this using the VLAN from the IPoE bridge config that is pre-loaded (417.)
So is it possible the ISP can simply detect an unauthorised bridge connection and filter all traffic? Or is it more likely there is something I haven't figured out yet to achieve a sneaky bridge?
Pre-loaded bridge profile:
-
You may want to check with your ISP. I recently had fiber hooked up and the CPE also uses GPON, but the router had to be put into bridge mode by techs at the ISP. There is no way a user can do it locally.
It's possible yours is similar. That CPE may support a half bridge or full bridge mode but it may take some sweet talking of the ISP techs to make it happen.
-
In Canada, for all the lucky NEW customers Bell's modem (HH 4000) essentially cannot be put in bridge mode and has a non-removable GPON ONT. However, if you had the older generation modem (HH 3000) it has a removable GPON ONT. Asked to downgrade the modem and they said sorry we cant. Even if you go to a store they will replace a HH 4000 only with another HH 4000 and for a HH 3000 with another HH 3000.
Called a Bell Store and ironically all they have are HH 3000's and the HH 4000 are backordered (yet that is what Tech's are installing). Got customer service to allow HH 3000 on my account and picked it up at the store only to not have a GPON ONT in it. A Bell tech came out and put the GPON ONT module in the modem and I plugged it back into my Netgate 6100.
Rogers on the other hand which is slower with cable allows bridge mode for now but their new service went from 1Gbit/s|50Mbit/s to 1Gbit/s|30Mbit/s... basically backwards.
Mexico is not so backwards... I think ISPs are just real jerks with locked firmware and disabled bridge mode... and now are going crazy selling all their wifi mesh extenders to make up for the crappy modem WIFI... so people put their junk router in the basement where concrete absorbs the signal only so they can sell you all these WIFI mesh extenders. Very unethical.
So it seems I may have worked around the system here but it was a pain. We have family in Mexico... would love to have a Cell plan that doesn't cost an arm and a leg like here in Canada.
--Nikolaos
-
@nikolaosinlight said in Newbie question - is the 6100 directly compatible with this fiber connection?:
A Bell tech came out and put the GPON ONT module in the modem and I plugged it back into my Netgate 6100.
Nice! How does that appear to the 6100? What does
ifconfig -vvvm ix3
show? (assuming you used WAN1).Steve
-
I am using the WAN3 port as the service is 1.5Gbit/s down and 1Gbit/s up.
ifconfig -vvvm ix0 ix0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=e53fbb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6> capabilities=f53fbb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,NETMAP,RXCSUM_IPV6,TXCSUM_IPV6> ether 90:ec:77:1c:a5:fc inet6 fe80::92ec:77ff:fe1c:a5fc%ix0 prefixlen 64 scopeid 0x5 media: Ethernet autoselect (Unknown <rxpause,txpause>) status: active supported media: media autoselect nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> plugged: SFP/SFP+/SFP28 100G SWDM4 (SC) vendor: ALCATELLUCENT PN: 3FE46541AA SN: ALCLF9792D2C DATE: 2021-07-27 module temperature: 49.85 C Voltage: 3.30 Volts RX: 0.01 mW (-18.45 dBm) TX: 1.64 mW (2.17 dBm) SFF8472 DUMP (0xA0 0..127 range): 03 04 01 00 00 00 02 00 00 00 00 03 20 00 28 FF 00 00 00 00 41 4C 43 41 54 45 4C 4C 55 43 45 4E 54 20 20 20 20 20 20 20 33 46 45 34 36 35 34 31 41 41 20 20 20 20 20 20 30 30 30 31 05 1E FF DC 00 1A 00 00 41 4C 43 4C 46 39 37 39 32 44 32 43 20 20 20 20 32 31 30 37 32 37 20 20 68 F0 05 60 41 4C 43 41 54 45 4C 20 33 46 45 34 36 35 34 31 41 41 30 31 32 42 56 4C 33 41 38 4A 4E 41 41 97
If from my 1Gbit/s LAN if I run speed test from my iMac I get:
907Mbit/s down and 934Mbit/s upSo I figured the LAN is limiting so ran speed test from shell and get:
/usr/local/bin/speedtest Retrieving speedtest.net configuration... Testing from Bell Canada (X.X.X.X)... Retrieving speedtest.net server list... Selecting best server based on ping... Hosted by Bell Mobility (Ottawa, ON) [11.73 km]: 4.881 ms Testing download speed................................................................................ Download: 715.68 Mbit/s Testing upload speed...................................................................................................... Upload: 441.08 Mbit/s
I consistently get about 15% lower on the downstream when testing from the 6100 where I thought I would see something in excess of 1Gbit/s and up to 1.5Gbit/s AND more strange on the downstream I get like 50% instead of around the 1Gbit/s.
Any reason why the speedtest-cli on the Netgate would perform so poorly and any way I can test my fiber Internet connection speed?
--Nikolaos
-
Mmm, that's cool!
The speetest-cli tool has always been a bit marginal at those speeds. It's useful for proving a link is functioning but the absolute values it returns are almost never accurate.
Can you connect a LAN client at 2.5G or 10G? Or just connect two LAN clients at 1G and run tests simultaneously?
Steve
-
I'm looking to do the same as you @nikolaosinlight, have any luck figuring out if you are able to get the full 1.5gbps down, or is it capped at 1gbps?
-
@nikolaosinlight could you share with us your configuration to make it work.
I have the same configuration with wan3 and the same Nokia GPON as you. But, I have a status: no carrier. I have a pppoe over vlan 35.
GPON is from HH3K.
Thank you,
-
@stephenw10
For those interested, I have been involved in getting a pfSense SG-2100 to replace a All-in-one ONT/Firewall/Router/Wifi box, from Orange in France on a 2.5Gbit FTTH GPON Service.I have read dusins of 1000+ forums and what not, and we got it all working by getting this GPON ONT SFP+ stick from fs.com:
https://www.fs.com/de-en/products/133619.html
It runs a OpenWRT on the ONT, so you can SSH to it clone your ISP box SerialNumber, VendorID, Mac-address and what not to it.
It works beautifully in the SG-2100 at 1Gbe speed, but I have seen dusins of posts from people using it in a 2.5Gbit capable port on a Microtik router. So it should be possible - however:
I believe the SG-6100 does not support 2.5/5Gbit on the SFP+ ports. It’s 1 or 10Gbe, and Fiber only as far as I recall.In France, there are a lot of other hoops to jump through - other than the ONT (with the right serialnumber).
You need to use the correct VLAN, use several pr. Customer individual DHCP options, and all DHCP packet COS marked as 6…..So very hostile indeed :-)
-
@initerworker I setup up a PPoE connection for my ISP with a MTU of 1492 (not sure if this was necessary or not but it works). For the ISP credentials I logged into my online account and reset the username and password and then used those credentials in my Netgate 6100.
In Interfaces -> Assignments -> VLANs (tab) make sure to select the interface corresponding to your PPoE assignment (e.g. ix0) and set the VLAN tag to 35 (priority can be left at 0).
It can take a few minutes to connect....
@boswall No unfortunately I have not been able to confirm that as I am quite happy with the 1Gbps up and down that I seem to be getting across my network.
-
My Nokia SFP seems to be older.
Mainly my behaviour looks like it. Sometimes, it can eventually read the correct voltage and temperature. But
status: no carrier
is stuck.GPON ONT SFP Class I Laser G-010S-A MREV: 02 ICS: 01
module temperature: 0.00 C Voltage: 0.00 Volts RX: 0.00 mW (-inf dBm) TX: 0.00 mW (-inf dBm)
Full output
ix0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: WAN options=e138bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,RXCSUM_IPV6,TXCSUM_IPV6> capabilities=f53fbb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,NETMAP,RXCSUM_IPV6,TXCSUM_IPV6> ... ... inet6 fe80::92ec:77ff:fe21:3bc6%ix0 prefixlen 64 scopeid 0x5 inet 0.0.0.0 netmask 0xff000000 broadcast 255.255.255.255 media: Ethernet autoselect status: no carrier supported media: media autoselect nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> plugged: SFP/SFP+/SFP28 100G SWDM4 (SC) vendor: ALCATELLUCENT PN: 3FE46541AA SN: ALCLF879CC63 DATE: 2018-06-22 module temperature: 0.00 C Voltage: 0.00 Volts RX: 0.00 mW (-inf dBm) TX: 0.00 mW (-inf dBm) SFF8472 DUMP (0xA0 0..127 range): 03 04 01 00 00 00 02 00 00 00 00 03 20 00 28 FF 00 00 00 00 41 4C 43 41 54 45 4C 4C 55 43 45 4E 54 20 20 20 20 20 20 20 33 46 45 34 36 35 34 31 41 41 20 20 20 20 20 20 30 30 30 31 05 1E FF DC 00 1A 00 00 41 4C 43 4C 46 38 37 39 43 43 36 33 20 20 20 20 31 38 30 36 32 32 20 20 68 F0 05 63 41 4C 43 41 54 45 4C 20 33 46 45 34 36 35 34 31 41 41 30 31 32 42 56 4C 33 41 38 4A 4E 41 41 97
MREV: 01 (I got it from the trash after installation by the bell agent).
- It returns the right value temperature and voltage, Rx mW and Tx mW.
- But, I can't use it for PPPoE. I am getting no incoming packets.
I purchased today from amazon an SFP to Copper to try it out-of-the-box and be sure it's not a PPPoE issue. But, we are on the same line with PPPoE and VLAN. It seems heavily related to the physical layer.
We will see,
B. r
-
Mmm, the module firmware could change everything there. It's basically an entire router in itself and could be simply configured wrong.
Steve
-
@initerworker from what I heard and I could be wrong but copper modules do not work.
Also, you say the Bell technician threw it in the trash, if so that means it is likely not assigned to work on your network anymore. I really don't understand your scenario here as it really wouldn't make any sense that anyone could just buy a module on Amazon and automagically allow it to gain access to the Bell network if they were stealing fibre from a neighbour or something i.e. think of there being a mac address or something in these ONT's.
When I got a HH4000 and went to a store to get it swapped for a HH3000 they gave me a HH3000 without the ONT in it which I told them was completely useless but that is what they allowed and then I called a Bell technician who came out with an ONT, assigned it to my network and plugged it in and was done. When he left I pulled it out of the HH3000 and plugged it into the Netgate 6100 and configured the 6100 with VLAN, etc. and voila!
If you get it to work with a model from Amazon please do let me know but I would be surprised!
-
Hi,
I bought a TP-Link-MC220L-Converter... it works.
So, this is not a misconfiguration in PPPoE settings or VLAN ISP-specific tags.I would like to remove the TP-Link-MC220L-Converter from my setup. But, my current issue is the SFP doesn't seem to success in beeing an active carrieer at hardware level. I am betting on a driver issue.
I have an embedded and linux expertise. And, I know SFP can be a really mess of things. Could you, @stephenw10 or your team, support me with the 6100 netgate and the GPON ONT SFP Class I Laser G-010S-A MREV: 02 ICS: 01? Have you anything in mind that will helps us to investigate?
@nikolaosinlight, I don't known anything about the "myth" of hardware filtering. From now, I can't said anything. Maybe, the technician threw the defective SFP to the trash because the module is not working in "RX". From my reading only the IPTV is mac filtered to limite number of dhcp lease. By any chances, if you have a picture of your SFP, I would like to know the MREV written on it.
Best regards,
-
@initerworker said in Newbie question - is the 6100 directly compatible with this fiber connection?:
I bought a TP-Link-MC220L-Converter... it works.
So that was using the same GPON SFP module just in the media converter instead of the 6100 SFP port directly?
Do you see link LEDs on it when the fibre is connected? Do you see those when it's in the 6100?
You might try it in one the the combo ports (ix3, ix2) since those are fixed 1G.
Unfortunately we can't offer much support on this as we have no way of knowing if that can be made to work. Officially gpon modules are not supported.
Steve
-
So I'm in a similar situation.
I also have a Nokia GPON ONT SFP G-010S-A MREV: 01 ICS: 01. This was provided by my ISP. When plugged into an Adran 854-v6 they also provided, everything works.
I'd like to replace that Adtran with a Netgate 6100 running pfsense+ 24.03.
I've plugged the Nokia SFP into the 6100's WAN3 and
ifconfig -vvvm ix0
gives:[24.03-RELEASE][admin@pfSense.home.arpa]/root: ifconfig -vvvm ix0 ix0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: WAN3 options=4e138bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,RXCSUM_IPV6,TXCSUM_IPV6,HWSTATS,MEXTPG> capabilities=4f53fbb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,NETMAP,RXCSUM_IPV6,TXCSUM_IPV6,HWSTATS,MEXTPG> ether 90:ec:77:XX:XX:XX inet6 fe80::92ec:77ff:feXX:XXXX%ix0 prefixlen 64 scopeid 0x5 media: Ethernet autoselect status: no carrier supported media: media autoselect nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> drivername: ix0 plugged: SFP/SFP+/SFP28 100G SWDM4 (SC) vendor: ALCATELLUCENT PN: 3FE46541AA SN: ALCLF9XXXXXX DATE: 2019-10-12 module temperature: 0.00 C voltage: 0.00 Volts lane 1: RX power: 0.00 mW (-inf dBm) TX bias: 0.00 mA
So it does see it!
But is it a bad sign that temperature/voltage/power are zero/inf?
There appear to be little lights adjacent to the 6100's SFP port (or are they holes?), but they are not illuminated. What does that mean?
I've configured my WAN with VLAN and PPPoE per various forum threads, I believe correctly, and so I'm starting to think these two hardware are not compatible?
Thanks for any pointers...
-
-
@seanmcb said in Newbie question - is the 6100 directly compatible with this fiber connection?:
But is it a bad sign that temperature/voltage/power are zero/inf?
Not necessarily since it's pretending to be something else and probably doesn't pass the real fibre values anyway.
@seanmcb said in Newbie question - is the 6100 directly compatible with this fiber connection?:
There appear to be little lights adjacent to the 6100's SFP port (or are they holes?), but they are not illuminated. What does that mean?
Those are the link LEDs and should light if it links to the module.
It must show link in the NIC before pppoe will even start trying.
Since it offers no media options other than autoselect your options are limited.
Does it link in WAN1 or WAN2? The GPON module I have for testing does work there:
[24.08-DEVELOPMENT][admin@8200-2.stevew.lan]/root: ifconfig -vvm ix2 ix2: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 description: WAN2 options=4e138bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,RXCSUM_IPV6,TXCSUM_IPV6,HWSTATS,MEXTPG> capabilities=4f53fbb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,NETMAP,RXCSUM_IPV6,TXCSUM_IPV6,HWSTATS,MEXTPG> ether 00:08:a2:12:e2:c9 inet6 fe80::208:a2ff:fe12:e2c9%ix2 prefixlen 64 scopeid 0x7 media: Ethernet autoselect (1000baseT <full-duplex,rxpause,txpause>) status: active supported media: media autoselect media 10baseT/UTP media 100baseTX media 1000baseT nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> drivername: ix2
Though none of the module info is passed to it because it's a combo port.
It too fails to link in the 10G ports:
But it does pass the temp and voltage data:[24.08-DEVELOPMENT][admin@8200-2.stevew.lan]/root: ifconfig -vvm ix0 ix0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: WAN3 options=4e138bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,RXCSUM_IPV6,TXCSUM_IPV6,HWSTATS,MEXTPG> capabilities=4f53fbb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,NETMAP,RXCSUM_IPV6,TXCSUM_IPV6,HWSTATS,MEXTPG> ether 00:08:a2:12:e2:ca inet6 fe80::208:a2ff:fe12:e2ca%ix0 prefixlen 64 scopeid 0x5 media: Ethernet autoselect status: no carrier supported media: media autoselect nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> drivername: ix0 plugged: SFF 1X Copper Passive (Optical pigtail) vendor: UBNT PN: UF-INSTANT SN: UBNTb9999286 DATE: 2014-01-23 module temperature: 48.00 C voltage: 3.22 Volts lane 1: RX power: 0.00 mW (-inf dBm) TX bias: 6.87 mA
-
@stephenw10 said in Newbie question - is the 6100 directly compatible with this fiber connection?:
Those are the link LEDs and should light if it links to the module.
I've now tried all 4 sfp ports (WAN 1,2,3,4) and there are never any lights illuminated (WAN 1 & 2 seem to have no lights?).
It must show link in the NIC before pppoe will even start trying.
Ah, so I am at square one.
Does it link in WAN1 or WAN2? The GPON module I have for testing does work there:
No carrier in all 4 cases. In fact only in WAN3 does it identify the device at all.
Is there a different Netgate device where this is more likely to work? (I've been testing on a spare 6100 from work, and was going to buy one for home if I can get it working).
I'd be happy to have it work at "just" 1 gigabit.
-
The combo ports on WAN 1 and 2 use the LEDs on the RJ-45 port when it links. That port can only link at 1G though so I wonder if it's trying to link at 2.5G. Are there any settings available on the module if you boot it in something else?
If you use an external NIC it may provide more options like multiple connection rates. The Intel X550 NIC for example is known to allow 2.5 and 5G. But not necessarily for that module. No real way to know without trying it unfortunately.