Some work in the aftermath of Sunday's DSL troubles:
To recap: my "CPE machinery" consists of
A Fritz!BOX WLAN 3170 in modem mode. (The routing/NAT and WLAN features are not active.) The FB provides 4 ethernet ports.
A MikroTik RouterBoard 2011
(billy.marshlabs.gaertner.de) is acting as PPPoE
client and is the actual Internet gateway for the marshlabs.
The PPPoE packets between the RB-2011 and FB-3170 travel over a dedicated 7 meter ethernet cable.
The FB-3170 ist still manageable via IP. I defined its IP
address to be 192.168.77.1/24 instead of the default
192.168.178.1/24 (which my neighbor's WLAN already
uses -- another FritzBox in da house, and within reach :-). For
trouble-shooting on Sunday/Monday, I moved my laptop close to the
FB and plugged an extra cable into one of the three remaing free
LAN ports.
Today, I reconfigured the RB-2011 to have things a bit more convenient.
Before: the PPPoE was defined on top of Ethernet port with the cross-link to the FB. This uplink port (number 10) was not part of any other bridge. (Bridges are the RouterBoard-RouterOS way to tie ports together.)
After: there is now a new small "cpe-bridge" defined on the
RouterBoard, with ports 9 and 10 as members. So port 9 becomes
another option to attach to the FB management LAN, right next to my
desk. Packets travel over the existing 7m crosslink cable. The
pppoe-client interface had to be moved a little bit: now it sits on
top of the cpe-bridge, not anymore on top of the
single port.
With this setup, it was already possible to keep the laptop at the desk when connecting to the FB-3170.
Even more luxury was possible by making the RB-2011 an active
player in and router for the mgmt LAN: just add a IP address to the
bridge. I decided on the static 192.168.77.2/24
instead of some DHCP assignment from the FB.
I then tested two alternatives to connect to the FB-3170 (192.168.77.1/24) from my real LAN (217.13.64.128/26):
Let the RouterBoard do the work and hide my LAN via NAT behind
its 192.168.77.2 bridge address:
[neitzel@billy] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade dst-address=192.168.77.1
out-interface=cpe-bridge log=no log-prefix=""
Let FB3170 do the work: even in "modem-only" mode, it will take additional static routes to extend the "LAN" side.
Of course I settled on the latter. Let's avoid NAT wherever possible.
My first actual "management action" today was to install new firmware to the FB-3170. I went from 49.04.24 to 49.04.58. The release notes promised "more stable DSL". Well, it turns out that the downstream now syncs at only 10.700 Kbps instead of 11.300 as before. (Nope, there is no Go Faster! option; I could just throttle things further down.)
And there is now an "energy monitor". Fancy.
On the lucky side: they didn't nuke the modem-only operational mode.
TODO: in four weeks, check if April and May differ noticably in
the RIPE ATLAS measurements. Will
atlas.marshlabs.gaertner.de aka
p2781.probes.atlas.ripe.net be more reachable than
before?