HEX1.KUI: Difference between revisions

From OCARC
Jump to navigation Jump to search
Line 27: Line 27:
! colspan="4" |
! colspan="4" |
|}
|}
== Configuration ==
{{Alert | type=Warning | message = This configuration has not been tested on a physical device}}
{{Alert | type=Warning | message = This configuration is a work in progress}}
<pre>
/interface bridge
add name=BRIDGE-HAMWAN-PRIVATE
add name=BRIDGE-HAMWAN-PUBLIC
/ip neighbor discovery
set ether1 discover=no
/interface vlan
add interface=ether1 name=ETH1-HAMWAN-PRIVATE vlan-id=601
add interface=ether1 name=ETH1-HAMWAN-PUBLIC vlan-id=600
add interface=ether2 name=ETH2-HAMWAN-PRIVATE vlan-id=601
add interface=ether2 name=ETH2-HAMWAN-PUBLIC vlan-id=600
add interface=ether3 name=ETH3-HAMWAN-PRIVATE vlan-id=601
add interface=ether3 name=ETH3-HAMWAN-PUBLIC vlan-id=600
add interface=ether4 name=ETH4-HAMWAN-PRIVATE vlan-id=601
add interface=ether4 name=ETH4-HAMWAN-PUBLIC vlan-id=600
add interface=ether5 name=ETH5-HAMWAN-PRIVATE vlan-id=601
add interface=ether5 name=ETH5-HAMWAN-PUBLIC vlan-id=600
add interface=sfp1 name=SFP1-HAMWAN-PRIVATE vlan-id=601
add interface=sfp1 name=SFP1-HAMWAN-PUBLIC vlan-id=600
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface bridge port
add comment=defconf interface=ether2
add comment=defconf interface=sfp1
add bridge=BRIDGE-HAMWAN-PUBLIC interface=SFP1-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH1-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH2-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH3-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH4-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH5-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PRIVATE interface=SFP1-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH1-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH2-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH3-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH4-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH5-HAMWAN-PRIVATE
/ip address
add address=10.246.1.1/16 comment=defconf interface=BRIDGE-HAMWAN-PRIVATE \
    network=10.246.0.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
    ether1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
    connection-state=established,related
add action=drop chain=input comment="defconf: drop all from WAN" \
    in-interface=ether1
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
    connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    out-interface=ether1
/system routerboard settings
set cpu-frequency=800MHz protected-routerboot=disabled
/tool mac-server
set [ find default=yes ] disabled=yes
add
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add
[admin@MikroTik] >
</pre>

Revision as of 23:55, 3 July 2017

Sites

Edit This

<img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=1" style="width: 48px">
LMK		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=2" style="width: 48px">
BKM		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=3" style="width: 48px">
KUI		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=4" style="width: 48px">
BGM		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=5" style="width: 48px">
TUR		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=12" style="width: 48px">
OKM		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=6" style="width: 48px">
ROK		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=0" style="width: 48px">
CED		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=0" style="width: 48px">
ELI

Ports

DC IN SFP
 eth1
PoE IN 		eth2
PoE OUT 		eth3
PoE OUT 		eth4
PoE OUT 		eth5
PoE OUT
not used not used not used not used not used not used
Power no 12v
battery

Configuration


/interface bridge
add name=BRIDGE-HAMWAN-PRIVATE
add name=BRIDGE-HAMWAN-PUBLIC
/ip neighbor discovery
set ether1 discover=no
/interface vlan
add interface=ether1 name=ETH1-HAMWAN-PRIVATE vlan-id=601
add interface=ether1 name=ETH1-HAMWAN-PUBLIC vlan-id=600
add interface=ether2 name=ETH2-HAMWAN-PRIVATE vlan-id=601
add interface=ether2 name=ETH2-HAMWAN-PUBLIC vlan-id=600
add interface=ether3 name=ETH3-HAMWAN-PRIVATE vlan-id=601
add interface=ether3 name=ETH3-HAMWAN-PUBLIC vlan-id=600
add interface=ether4 name=ETH4-HAMWAN-PRIVATE vlan-id=601
add interface=ether4 name=ETH4-HAMWAN-PUBLIC vlan-id=600
add interface=ether5 name=ETH5-HAMWAN-PRIVATE vlan-id=601
add interface=ether5 name=ETH5-HAMWAN-PUBLIC vlan-id=600
add interface=sfp1 name=SFP1-HAMWAN-PRIVATE vlan-id=601
add interface=sfp1 name=SFP1-HAMWAN-PUBLIC vlan-id=600
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface bridge port
add comment=defconf interface=ether2
add comment=defconf interface=sfp1
add bridge=BRIDGE-HAMWAN-PUBLIC interface=SFP1-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH1-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH2-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH3-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH4-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH5-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PRIVATE interface=SFP1-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH1-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH2-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH3-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH4-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH5-HAMWAN-PRIVATE
/ip address
add address=10.246.1.1/16 comment=defconf interface=BRIDGE-HAMWAN-PRIVATE \
    network=10.246.0.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
    ether1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
    connection-state=established,related
add action=drop chain=input comment="defconf: drop all from WAN" \
    in-interface=ether1
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
    connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    out-interface=ether1
/system routerboard settings
set cpu-frequency=800MHz protected-routerboot=disabled
/tool mac-server
set [ find default=yes ] disabled=yes
add
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add
[admin@MikroTik] >
Retrieved from "http://wiki.ocarc.ca/index.php?title=HEX1.KUI&oldid=1068"