Mikrotik SXT LTE Modem (US) with T-Mobile for Backup Internet | Homelab Operations Center

Подписаться 60 тыс.

Просмотров 11 тыс.

50% 1

I've wanted to play with multi-WAN routing setups in my homelab for awhile. I thought about buying Starlink, but it's a bit pricey as a purely backup solution, and I'm in a situation where my primary internet is very reliable for about the same price. So I settled for LTE backup. I looked around for awhile, trying to decide what the right solution is for me. I really wanted to pass through the IPv4 address and IPv6 prefix from the ISP through to my OPNsense router, since I don't want to deal with triple-NAT and dual layer firewall. A lot of LTE hotspots, even those that support wired Ethernet, still act as firewall routers, and I didn't want that hassle.
I ended up selecting the Mikrotik SXT US Kit, which includes a US band LTE modem, decently directional antenna, wired Ethernet with PoE, and RouterOS. RouterOS is .... dense with configuration options, and I'm not that good at managing it, but it's supposed to be able to do a pure passthrough of the LTE modem to an interface without interfering with the network at all.
I was able to configure this in RouterOS eventually. I'm happy with the hardware so far. I stuck it in a window facing roughly the direction of my nearest T-mobile tower and it just worked. I'm sure if I was more on the fringes of cell service I would have needed an actual pole and to actually aim it.
I tested with a temporary server connected directly to the modem and was able to successfully receive inbound connections to my IPv6 address, although I've heard T-mobile blocks ICMP (ping) packets. HTTP inbound worked fine. There's sometimes a huge latency (~1sec) in getting the first packet through, followed by much more reasonable latency. So, yes, you should be able to host games on this without NAT issues if your game supports native IPv6 and you configure your firewall appropriately.
Blog post with the RouterOS commands:
www.apalrd.net/posts/2022/net...
I made a big oof in the video and used fast.t-mobile.net instead of fast.t-mobile.com. oops.
Eventually I'll release a video on setting up failover routing in OPNsense using this as the secondary connection. Stay tuned for that adventure.
I'm ready for you RouterOS experts to tell me what I did wrong in the comments.
My Discord server:
/ discord
If you find my content useful and would like to support me, feel free to here: ko-fi.com/apalrd
Timestamps:
00:00 - Hardware Overview
02:37 - RouterOS Setup
07:46 - SLAAC with IPv6 rant
08:49 - OPNsense Basic Setup
10:45 - Conclusions
#LTE
#Mikrotik
#TMobile
#OPNsense

Наука

Опубликовано:

31 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 30

@Mjoll87 2 дня назад

Thanks for the great video. I'm looking into using one of those modems as a failover / backup for a fixed fiber line. There are a lot of options out there, but being able to do a direct modem passthrough over ethernet is what makes this one very interesting. I'm running OPNsense as well, this being priced around €100 in Europe makes it a very competitive solution with all the bells and whistles we ask for. Thanks!

@blevenzon 2 года назад

Dude this is so informative and awesome. Thanks so much

@apalrdsadventures 2 года назад

Glad you like it!

@jspafford Год назад

You should get tmobiles 5G home internet. $30 a month if you have T-Mobile phone. $50 without. And price lock. And actually is unlimited. You can get 500Mbps and higher even in rural places. I’ve gotten 800Mbps. Down. Up is 100Mbps. And you can attach external antennas to their modem you get that’s free. There are RU-vid videos of people demoing this. And the external antennas you need if you don’t live near a tower. But I was 7 miles from a tower with line of sight through trees and was getting 800Mbps. I get 500-600 on my phone on the low band.

@LampJustin 2 года назад

Yay more routing^^ Been doing some iBGP to announce public ips on my Kubernetes cluster with MetalLB. VyOS does a great job with that... But it was such a sink hole into ip rules / tables vrfs, L3 networking and BGP. Now that I am somewhat familiar with VyOS I might eventually completely switch my trusty (FreeBSD) Opnsense to it. I especially like the zone based firewalling it's miles ahead the basic fw in pf/opnsense and most fws. It's awesome 🤩

@apalrdsadventures 2 года назад

So far I've been happy with the policy routing on OPNsense as a good balance of having a good GUI (AFAIK VyOS still is CLI/API only?) and working.

@LampJustin 2 года назад

@@apalrdsadventures yeah they're working on a GUI but it still is in a state where you don't really want to use it.

@apalrdsadventures 2 года назад

That's what I've found, it's a separate project at this point?

@LampJustin 2 года назад

@@apalrdsadventures the vycontrol project is community driven, but they do have it on the roadmap to build one .

@apalrdsadventures 2 года назад

Yeah, I saw the roadmap plan as well and wasn't sure if vycontrol was at all related to official development.

@foobar9761 2 года назад

Does not concern me directly, but still interesting! Thanks!

@apalrdsadventures 2 года назад

Glad you watched anyway! I'm still making plenty of Proxmox, thin client, etc. videos

@ShinyTechThings 2 года назад

Dude, I love the painters tape! It just needs to be functional especially for the initial testing. Then pole mount it when you are happy with it. Any recommendations for a 5G cellular directional one?

@apalrdsadventures 2 года назад

In theory you could get the non-kit version and put your own modem inside, and it should work with higher category LTE modems that are supported by RouterOS

@nekotherion7317 2 года назад

Make sure you do a video on winbox as you tweak it on those, their LTE interface is slick.

@apalrdsadventures 2 года назад

I've never actually used Winbox (I have a mac), but WebFig was not terrible and the CLI was very usable. I'm just using the SXT as a modem though, so actual routing will be done in OPNsense, not RouterOS.

@nekotherion7317 2 года назад

@@apalrdsadventures pretty much how I operate too. 10gb mikrotik switch, poe Cisco switch, proxmox, pfsense, truenas :)

@apalrdsadventures 2 года назад

I use the CRS328 as both my 10G switch and PoE switch, but I use it with SwOS

@LampJustin 2 года назад

@@apalrdsadventures ah that's a bummer, Those CRS32xxx switches can even do some L3 HW offloading, it's pretty cool to tinker with it! But yeah SwOS is miles ahead in terms of usability... But if you think of the Switch like any other Linux box the bridge workflow makes sense.

@apalrdsadventures 2 года назад

I might have to move to RouterOS for an upcoming project where I set VLAN tags dynamically from Home Assisistant (via ssh to the cli), SwOS doesn't have an API. But that's still a few months out at this point.

@KeithTingle Год назад

I wish there was a 5G version of this thing, I am using t-mobile's $50/month option, the speeds are very good where I live, I send 1/2 my traffic through the 5G so its more than just a backup, but the device is a router with wifi etc and I have to double NAT :x

@gustersongusterson4120 2 года назад

Wow that's cool, I didn't know that Meekrotick made these. i'd be curious if these worked with google fi since they use the tmobile network.

@apalrdsadventures 2 года назад

I don't think anything would prevent it from working with Google Fi unless they block hotspot type devices on their end. I got a hotspot-specific plan for this from t-mobile, and I know a lot of carriers limit the device models which can be used with tablet data plans. You basically just have to find towers in your area and make sure they are using one of the bands it supports - 2, 4, 5, 12