HEX1.KUI: Difference between revisions

From OCARC
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 69: Line 69:
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH5-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH5-HAMWAN-PRIVATE
/ip address
/ip address
add address=10.246.1.1/16 comment=defconf interface=BRIDGE-HAMWAN-PRIVATE \
add address=10.246.3.1/16 comment=defconf interface=BRIDGE-HAMWAN-PRIVATE \
     network=10.246.0.0
     network=10.246.0.0
/ip dhcp-client
/ip dhcp-client
Line 75: Line 75:
     ether1
     ether1
/ip dns
/ip dns
set allow-remote-requests=yes
set allow-remote-requests=no
/ip dns static
/ip dns static
add address=192.168.88.1 name=router
add address=192.168.88.1 name=router
Line 104: Line 104:
set [ find default=yes ] disabled=yes
set [ find default=yes ] disabled=yes
add
add
[admin@MikroTik] >
/system identity
set name=HEX1.KUI
</pre>
</pre>

Latest revision as of 06:04, 4 July 2017

Sites

Edit This

<img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=1" style="width: 48px">
LMK		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=2" style="width: 48px">
BKM		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=3" style="width: 48px">
KUI		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=4" style="width: 48px">
BGM		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=5" style="width: 48px">
TUR		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=12" style="width: 48px">
OKM		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=6" style="width: 48px">
ROK		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=0" style="width: 48px">
CED		 <img src="http://portal.hamwan.ca/status/icon/site.svg?siteID=0" style="width: 48px">
ELI

Ports

DC IN SFP
 eth1
PoE IN 		eth2
PoE OUT 		eth3
PoE OUT 		eth4
PoE OUT 		eth5
PoE OUT
not used not used not used not used not used not used
Power no 12v
battery

Configuration

This configuration has not been tested on a physical device
This configuration is a work in progress

/interface bridge
add name=BRIDGE-HAMWAN-PRIVATE
add name=BRIDGE-HAMWAN-PUBLIC
/ip neighbor discovery
set ether1 discover=no
/interface vlan
add interface=ether1 name=ETH1-HAMWAN-PRIVATE vlan-id=601
add interface=ether1 name=ETH1-HAMWAN-PUBLIC vlan-id=600
add interface=ether2 name=ETH2-HAMWAN-PRIVATE vlan-id=601
add interface=ether2 name=ETH2-HAMWAN-PUBLIC vlan-id=600
add interface=ether3 name=ETH3-HAMWAN-PRIVATE vlan-id=601
add interface=ether3 name=ETH3-HAMWAN-PUBLIC vlan-id=600
add interface=ether4 name=ETH4-HAMWAN-PRIVATE vlan-id=601
add interface=ether4 name=ETH4-HAMWAN-PUBLIC vlan-id=600
add interface=ether5 name=ETH5-HAMWAN-PRIVATE vlan-id=601
add interface=ether5 name=ETH5-HAMWAN-PUBLIC vlan-id=600
add interface=sfp1 name=SFP1-HAMWAN-PRIVATE vlan-id=601
add interface=sfp1 name=SFP1-HAMWAN-PUBLIC vlan-id=600
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface bridge port
add comment=defconf interface=ether2
add comment=defconf interface=sfp1
add bridge=BRIDGE-HAMWAN-PUBLIC interface=SFP1-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH1-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH2-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH3-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH4-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PUBLIC interface=ETH5-HAMWAN-PUBLIC
add bridge=BRIDGE-HAMWAN-PRIVATE interface=SFP1-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH1-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH2-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH3-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH4-HAMWAN-PRIVATE
add bridge=BRIDGE-HAMWAN-PRIVATE interface=ETH5-HAMWAN-PRIVATE
/ip address
add address=10.246.3.1/16 comment=defconf interface=BRIDGE-HAMWAN-PRIVATE \
    network=10.246.0.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
    ether1
/ip dns
set allow-remote-requests=no
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
    connection-state=established,related
add action=drop chain=input comment="defconf: drop all from WAN" \
    in-interface=ether1
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
    connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    out-interface=ether1
/system routerboard settings
set cpu-frequency=800MHz protected-routerboot=disabled
/tool mac-server
set [ find default=yes ] disabled=yes
add
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add
/system identity
set name=HEX1.KUI
Retrieved from "http://wiki.ocarc.ca/index.php?title=HEX1.KUI&oldid=1095"