Differences

This shows you the differences between two versions of the page.

--- hardware:mikrotik [2021/04/04 15:17] – [Mikrotik logstash] admin
+++ hardware:mikrotik [2024/02/26 16:25] (current) – [Microtik VLAN] admin
@@ Line 1: / Line 1: @@
 ====== Mikrotik ======
+Mikrotik script example
+<WRAP tip 60%>
+<code>
+[admin@MikroTik] > :global a {x=1; y=2}
+[admin@MikroTik] > :set ($a->"x") 5
+[admin@MikroTik] > :environment print
+a={x=5; y=2}
+/interface bridge port {:put [get [find interface=ether2] ]}
+.id=*7;.nextid=*8;auto-isolate=false;bpdu-guard=false;bridge=bridge-agp;broadcast-flood=true;debug-info= prio 0x8000 num
+...
+# by id
+/interface bridge port {:put [get *7 ]}
+[admin@MikroTik] /interface bridge port> /interface bridge port {:put [get *7 ]}
+.id=*7;.nextid=*8;auto-isolate=false;bpdu-guard=false;bridge=bridge-agp;broadcast-flood=true;debug-info= prio 0x8000 num 2
+....
+print all key values of config
+[admin@MikroTik] /interface bridge port> /interface bridge port {:foreach k,v in=[get *7 ] do={:put ("$k=$v")}}
+.id=*7
+.nextid=*8
+auto-isolate=false
+bpdu-guard=false
+bridge=bridge-agp
+broadcast-flood=true
+debug-info= prio 0x8000 num 2
+                              role:Dis (0) learn 0 forward 0 infoIs Dis edge 0 sendRSTP 1
+                                                                                          proposing 0 agreed 0 agree 0 synced 1 isolate 0 newInfo 0
+                                                                                                                                                    migration:CHK_RSTP tc:INACTIVE
+                                                                                                                                                                                   ptimes: Msg:1668247142 Max: 0 FD: 80 HT: 2004064648
+                                                                                                                                                                                                                                       pprio: RBI: 8000:0000
+00000000 RPC: 0 BI: 8000:000000000000 tP: 0x0 rP: 0x0
+                                                      dtimes: Msg:0 Max: 5120 FD: 3840 HT: 512
+                                                                                               dprio: RBI: 8000:000000000000 RPC: 0 BI: 8000:000000000000 tP: 0x0 rP: 0x0
+disabled=false
+</code>
+</WRAP>
+  * https://www.youtube.com/watch?v=hFwqnH8c7A0 - http://mkrtk.ru/wbpfd - routing decision - diagram
+  * https://pnetlab.com/pages/main - laboratory
   * [[https://serveradmin.ru/category/mikrotik/| статьи для начала]]
   * [[https://gregory-gost.ru/routers/mikrotik/| настройка с 0]]
+  * https://mikrotik.com/product/rb5009ug_s_in rb5009ug
   * [[https://mum.mikrotik.com/presentations/RU18M/presentation_6157_1554717194.pdf||как правильно делать multi wan]]
@@ Line 11: / Line 61: @@
   * -- [[https://interface31.ru/tech_it/2019/05/rasshirennaya-nastroyka-dns-i-dhcp-v-routerah-mikrotik.html|split dns]]
+===== mikrotik simulating симуляция обучение =====
+  * https://www.eve-ng.net/ eve
+===== mikrotik.configure.vip sip =====
+  * https://www.youtube.com/watch?v=_q1-_dNzlig&list=PLvQ2ZHtskbolPgUdIGHSk_Zk5D_OVDRoF&index=2
+===== mikrotik.packet sniffer tcpdump =====
+  * для работы torch + sniffer нужно отключить ''hardware offload в bridge -> ports -> eth0 -> hardware offload ''
+  * https://wiki.mikrotik.com/wiki/Manual:Layer2_misconfiguration - если нужно перехватывать на уровне layer 2 - раздел "Packet flow with hardware offloading and MAC learning"
+  * https://wiki.merionet.ru/seti/6/perexvat-paketov-na-mikrotik/
 ==== Mikrotik security ====
   * https://www.youtube.com/watch?v=FsCN6a65otM
@@ Line 47: / Line 107: @@
   * BGP for РКН[[https://habr.com/ru/post/413049/]]
   * mikrotik redudant VRRP - [[https://mum.mikrotik.com/presentations/HR13/ramires.pdf]]
+==== Microtik VLAN ====
+<code BASH>
+# Пример настройки VLAN  с SWITCH  chip, native vlan - :!: в mikrotik NATIVE VLAN = VID:0
+[admin@MikroTik-304] > /interface/ethernet/switch/vlan/
+[admin@MikroTik-304] /interface/ethernet/switch/vlan> export
+# feb/25/2024 19:05:42 by RouterOS 7.8beta2
+# software id = W523-SWBT
+#
+# model = RBD52G-5HacD2HnD
+# serial number = BEEB0A75E122
+/interface ethernet switch vlan
+add independent-learning=yes ports=ether1,switch1-cpu switch=switch1 vlan-id=112
+add independent-learning=yes ports=ether1,ether5,switch1-cpu switch=switch1 vlan-id=111
+add independent-learning=yes ports=ether1,switch1-cpu,ether2,ether3,ether4,ether5 switch=switch1
+[admin@MikroTik-304] /interface/ethernet/switch/vlan> /interface/ethernet/switch/port
+[admin@MikroTik-304] /interface/ethernet/switch/port> export
+# feb/25/2024 19:05:54 by RouterOS 7.8beta2
+# software id = W523-SWBT
+#
+# model = RBD52G-5HacD2HnD
+# serial number = BEEB0A75E122
+/interface ethernet switch port
+set 0 default-vlan-id=0 vlan-header=add-if-missing
+set 1 default-vlan-id=0
+set 2 default-vlan-id=0
+set 3 default-vlan-id=0
+set 4 default-vlan-id=111 vlan-header=always-strip vlan-mode=secure
+set 5 default-vlan-id=0
+[admin@MikroTik-304] /interface/ethernet/switch/port>
+#  WIFI configure
+# Under /interface ethernet switch vlan switch1-cpu passes traffic from the switch chip to the CPU, only required for VLANs connected to services provided by the CPU such as IP address, routing, DHCP server and software-based # interfaces (tunnels, wireless).
+# Under /interface ethernet switch port use vlan-header=leave-as-is for the switch chip in the hAP ac as mentioned in the wiki and help pages.
+# Under interface wireless use both vlan-mode=use-tag AND vlan-id= to specify which VLAN the interface should be connected to.
+# Under /interface bridge port setting hw=yes for the wireless interfaces is pointless, the drivers are implemented in software.
+</code>
+  - https://danservices.com.au/support/mikrotik-vlan-configuration-2020/
+  - https://www.youtube.com/watch?v=pdpFAxwocTo
+  - https://mum.mikrotik.com/presentations/HU19/presentation_6775_1559545769.pdf