hardware:mikrotik

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
hardware:mikrotik [2022/05/18 08:40] – [Mikrotik] adminhardware:mikrotik [2024/02/26 16:25] (current) – [Microtik VLAN] admin
Line 1: Line 1:
 ====== Mikrotik ====== ====== Mikrotik ======
 +Mikrotik script example
  
 <WRAP tip 60%> <WRAP tip 60%>
 <code> <code>
-[admin@MikroTik] /interface bridge port> :put [get *7 ] + 
 +[admin@MikroTik] > :global a {x=1; y=2} 
 +[admin@MikroTik] > :set ($a->"x") 5  
 +[admin@MikroTik] > :environment print  
 +a={x=5; y=2} 
 + 
 + 
 +/interface bridge port {:put [get [find interface=ether2] ]} 
 +.id=*7;.nextid=*8;auto-isolate=false;bpdu-guard=false;bridge=bridge-agp;broadcast-flood=true;debug-info= prio 0x8000 num   
 +... 
 + 
 +# by id 
 +/interface bridge port {:put [get *7 ]} 
 +[admin@MikroTik] /interface bridge port> /interface bridge port {:put [get *7 ]}
 .id=*7;.nextid=*8;auto-isolate=false;bpdu-guard=false;bridge=bridge-agp;broadcast-flood=true;debug-info= prio 0x8000 num 2 .id=*7;.nextid=*8;auto-isolate=false;bpdu-guard=false;bridge=bridge-agp;broadcast-flood=true;debug-info= prio 0x8000 num 2
-role:Dis (0) learn 0 forward 0 infoIs Dis edge 0 sendRSTP 1 +.... 
- proposing 0 agreed 0 agree 0 synced 1 isolate 0 newInfo 0 + 
-migration:C HK_RSTP tc:INACTIVE +print all key values of config 
-ptimes: Msg:1668247142 Max: 0 FD: 80 HT: 2004064648 +[admin@MikroTik] /interface bridge port> /interface bridge port {:foreach k,v in=[get *7 ] do={:put ("$k=$v")}} 
-pprio: RBI: 8000:000000000000 RPC: 0 BI: 8000:000000000000 tP: 0x0 rP: 0x0 +.id=*7 
-dtimes: Msg:0 Max: 5120 FD: 3840 HT: 512 +.nextid=*8 
-dprio: RBI: 8000:000000000000 RPC: 0 BI: 8000:000000000000 tP: +auto-isolate=false 
-x0 rP: 0x0 +bpdu-guard=false 
-;disabled=false;dynamic=false;edge=auto;edge-port=false;edge-port-discovery=true;external-fdb-status=false;fast-leave=false;forwarding=false;frame-types=admit-all;horizon=0;hw=true;hw-offload=false;inactive=true;ingress-filtering=false;interf +bridge=bridge-agp 
-ace=ether2;internal-path-cost=10;learn=auto;learning=false;multicast-router=temporary-query;path-cost=10;point-to-point=auto;point-to-point-port=true;port-number=2;priority=128;pvid=1;restricted-role=false;restricted-tcn=false;role=disabled-port;sendin +broadcast-flood=true 
-g-rstp=true;status=in-bridge;tag-stacking=false;trusted=false;unknown-multicast-flood=true;unknown-unicast-flood=true+debug-info= prio 0x8000 num 2 
 +                              role:Dis (0) learn 0 forward 0 infoIs Dis edge 0 sendRSTP 1 
 +                                                                                          proposing 0 agreed 0 agree 0 synced 1 isolate 0 newInfo 0 
 +                                                                                                                                                    migration:CHK_RSTP tc:INACTIVE 
 +                                                                                                                                                                                   ptimes: Msg:1668247142 Max: 0 FD: 80 HT: 2004064648 
 +                                                                                                                                                                                                                                       pprio: RBI: 8000:0000 
 +00000000 RPC: 0 BI: 8000:000000000000 tP: 0x0 rP: 0x0 
 +                                                      dtimes: Msg:0 Max: 5120 FD: 3840 HT: 512 
 +                                                                                               dprio: RBI: 8000:000000000000 RPC: 0 BI: 8000:000000000000 tP: 0x0 rP: 0x0 
 + 
 +disabled=false 
 </code> </code>
 </WRAP> </WRAP>
Line 35: Line 60:
   * -- mikrotik sip shaping [[https://mum.mikrotik.com/presentations/US16/presentation_3004_1462512668.pdf]]   * -- mikrotik sip shaping [[https://mum.mikrotik.com/presentations/US16/presentation_3004_1462512668.pdf]]
   * -- [[https://interface31.ru/tech_it/2019/05/rasshirennaya-nastroyka-dns-i-dhcp-v-routerah-mikrotik.html|split dns]]   * -- [[https://interface31.ru/tech_it/2019/05/rasshirennaya-nastroyka-dns-i-dhcp-v-routerah-mikrotik.html|split dns]]
 +
 +===== mikrotik simulating симуляция обучение =====
 +  * https://www.eve-ng.net/ eve
  
 ===== mikrotik.configure.vip sip ===== ===== mikrotik.configure.vip sip =====
Line 40: Line 68:
  
 ===== mikrotik.packet sniffer tcpdump ===== ===== mikrotik.packet sniffer tcpdump =====
 +  * для работы torch + sniffer нужно отключить ''hardware offload в bridge -> ports -> eth0 -> hardware offload ''
   * https://wiki.mikrotik.com/wiki/Manual:Layer2_misconfiguration - если нужно перехватывать на уровне layer 2 - раздел "Packet flow with hardware offloading and MAC learning"   * https://wiki.mikrotik.com/wiki/Manual:Layer2_misconfiguration - если нужно перехватывать на уровне layer 2 - раздел "Packet flow with hardware offloading and MAC learning"
   * https://wiki.merionet.ru/seti/6/perexvat-paketov-na-mikrotik/   * https://wiki.merionet.ru/seti/6/perexvat-paketov-na-mikrotik/
Line 81: Line 110:
  
 ==== Microtik VLAN ==== ==== Microtik VLAN ====
 +<code BASH>
 +# Пример настройки VLAN  с SWITCH  chip, native vlan - :!: в mikrotik NATIVE VLAN = VID:0
 +[admin@MikroTik-304] > /interface/ethernet/switch/vlan/
 +[admin@MikroTik-304] /interface/ethernet/switch/vlan> export
 +# feb/25/2024 19:05:42 by RouterOS 7.8beta2
 +# software id = W523-SWBT
 +#
 +# model = RBD52G-5HacD2HnD
 +# serial number = BEEB0A75E122
 +/interface ethernet switch vlan
 +add independent-learning=yes ports=ether1,switch1-cpu switch=switch1 vlan-id=112
 +add independent-learning=yes ports=ether1,ether5,switch1-cpu switch=switch1 vlan-id=111
 +add independent-learning=yes ports=ether1,switch1-cpu,ether2,ether3,ether4,ether5 switch=switch1
 +[admin@MikroTik-304] /interface/ethernet/switch/vlan> /interface/ethernet/switch/port
 +[admin@MikroTik-304] /interface/ethernet/switch/port> export
 +# feb/25/2024 19:05:54 by RouterOS 7.8beta2
 +# software id = W523-SWBT
 +#
 +# model = RBD52G-5HacD2HnD
 +# serial number = BEEB0A75E122
 +/interface ethernet switch port
 +set 0 default-vlan-id=0 vlan-header=add-if-missing
 +set 1 default-vlan-id=0
 +set 2 default-vlan-id=0
 +set 3 default-vlan-id=0
 +set 4 default-vlan-id=111 vlan-header=always-strip vlan-mode=secure
 +set 5 default-vlan-id=0
 +[admin@MikroTik-304] /interface/ethernet/switch/port> 
 +#  WIFI configure 
 +# Under /interface ethernet switch vlan switch1-cpu passes traffic from the switch chip to the CPU, only required for VLANs connected to services provided by the CPU such as IP address, routing, DHCP server and software-based # interfaces (tunnels, wireless).
 +# Under /interface ethernet switch port use vlan-header=leave-as-is for the switch chip in the hAP ac as mentioned in the wiki and help pages.
 +# Under interface wireless use both vlan-mode=use-tag AND vlan-id= to specify which VLAN the interface should be connected to.
 +# Under /interface bridge port setting hw=yes for the wireless interfaces is pointless, the drivers are implemented in software.
 +</code>
 +
   - https://danservices.com.au/support/mikrotik-vlan-configuration-2020/   - https://danservices.com.au/support/mikrotik-vlan-configuration-2020/
   - https://www.youtube.com/watch?v=pdpFAxwocTo   - https://www.youtube.com/watch?v=pdpFAxwocTo
   - https://mum.mikrotik.com/presentations/HU19/presentation_6775_1559545769.pdf   - https://mum.mikrotik.com/presentations/HU19/presentation_6775_1559545769.pdf
  • hardware/mikrotik.1652863222.txt.gz
  • Last modified: 2022/05/18 08:40
  • by admin