Learn RouterOS - Second Edition
Table of ContentsCopyright and TrademarksAll trademarks and copyrights are held by therespective copyright holder.Copyright 2011 by Dennis BurgessAll rights reserved. No part of this book may bereproduced, stored, or transmitted by any means ‐auditory, graphic, mechanical, or electronic—withoutwritten permission of both publisher and author,except in the case of brief excerpts used in criticalarticles and reviews. Unauthorized reproduction of anypart of this work is illegal and is punishable by law.ISBN:2978-1-105-06959-8Learn RouterOS – Second Edition by Dennis Burgess
Table of Contents3
Table of ContentsTable of ContentsTable of Contents. 4Introduction . 10Who Should Use This Book . 11About the Author . 12Link Technologies, Inc. 13What is RouterOS? . 13How This Book is Organized. 15RouterOS Reference Version . 15Second Edition . 16Special Thanks . 16Credits . 16RouterOS Hardware . 18RouterBOARD Devices . 18Solar Power and RouterBOARDs . 22X86 Based RouterOS Systems. 23RouterOS Fiber Optic Interfaces . 24T1/E1 Interfaces . 24Supported x86 Hardware . 25RouterOS Licensing . 25Extended Frequency Licenses . 27Ways to Lose your RouterOS License . 28RouterOS Installation . 30Using NetInstall on RouterBOARD Products . 31ISO – CD Installation . 38DOM / Flash Card / Hard Disk Installation via NetInstall . 40Accessing RouterOS . 42RouterOS Access Methods . 43Default User and Password . 43Using Neighborhood Viewer . 43Using Telnet . 45SSH – Secure Shell Access . 45WebBox . 48WebFig. 58Using WinBox . 59Managing RouterOS . 66User Management . 66RouterOS Services . 69Working with Files . 714Learn RouterOS – Second Edition by Dennis Burgess
Table of ContentsLogging. 76Flashfig. 78Basic RouterOS Setup . 80Configuring IP Addresses . 80Default Routes . 82DNS Caching / Service. 82DHCP‐Client . 85DHCP‐Server . 86DHCP‐Relay . 94Masquerading ‐ NAT . 96Home Router . 98Common Wireless Configurations . 101RouterOS and IP . 106Why Routing . 106IP Addresses . 107Interface ARP – Address Resolution Protocol Settings . 107IPv6 . 110Routing and Routes. 116Policy Based Routing . 120Firewalling . 124Traffic Identification . 124Rules . 125Understanding Connection States . 125Packet Flow in RouterOS . 128Chains . 131Address‐lists . 134How to Match Data . 136Protecting Your Router . 148Protecting Networks . 149Using Mangle . 156NAT – Network Address Translation. 161Basic Interfaces . 170Ethernet . 170Virtual Ethernet Interfaces . 174Bridge Interfaces. 176Virtual LAN (VLANs) . 183Bonding. 185MESH . 188VRRP . 191Wireless and RouterOS . 194WIC – Wireless Interface Cards . 194Basic Configuration of Wireless Interface Cards . 1955
Table of ContentsWireless Tools . 197Wireless Operational Modes . 202Security Profiles (Securing your Wireless Connection) . 205Access Lists . 209Registration Table. 211Connection Lists . 212Area / Area Prefixes. 213Virtual Access Points . 214Nstreme . 216Nstreme Dual. 217Using WDS (Wireless Distribution System) . 219Wireless Link Optimization / Best Practices . 222NV2 . 231Troubleshooting Wireless Links . 236Tunnels . 240EoIP. 241IPIP. 243PPP System . 244L2TP/PPTP Servers . 252SSTP . 256PPPoE Server . 258OpenVPN . 262IPSec . 265Choosing a Tunnel Type . 269Traffic Control . 270Identifying Queue Data . 271Hierarchical Token Bucket– HTB . 272Queue Types . 275Simple Queues. 284Bursting . 285Creating Advanced Queues . 289Controlling P2P (Peer‐to‐Peer) Traffic . 293Hotspots. 296Wireless and Hotspots. 296Paid Hotspots . 297Free Hotspots . 297RouterOS and Hotspots . 298Setup of a Hotspot Interface in RouterOS . 300Radius Client . 312Multiple Radius Servers . 313Troubleshooting Radius Client Issues . 314MPLS . 3166Learn RouterOS – Second Edition by Dennis Burgess
Table of ContentsGetting Started with MPLS . 317MPLS Configuration . 319VPLS . 323BGP based VPLS . 331RouterOS Extras . 334IP Accounting . 334M3P – MikroTik Packet Packing Protocol . 335IP Pools . 335Socks . 336NTP . 336Clock . 338System Identity . 338TFTP Server . 338Traffic‐Flow . 339Web Proxy . 340Universal Plug and Play ‐ UPnP . 344Store System . 345CALEA. 346MetaRouters . 349Non‐RouterOS MetaRouters . 350RouterOS Tools . 352Neighbors . 352Logging. 353System Configuration Reset . 354Scripting . 355Auto Upgrades . 356Watchdog . 357Bandwidth Test Server . 357Bandwidth Test Client . 358E‐Mail System . 359Using Fetch Commands . 359Graphing . 360PPPoE Scan . 361Packet Sniffer. 361Profiler . 362IP Scan . 363Dynamic Routing . 364If Installed vs. Always. 364RIP . 364OSPF. 366BGP . 368Routing Filters. 3717
Table of ContentsBGP Configurations . 372The Dude NMS . 378Installation . 379Dude Agents . 380Dude Layout . 381Running a Server . 382Resetting Configuration. 382Menus and Options . 383Server Configuration . 384Admins. 389Charts . 389Devices . 390Files. 394Links . 395Logs. 396Network Maps . 397Notifications . 403Outages . 406Probes. 406Tools . 408User Manager . 412Hardware / License Requirements . 412Installation of User Manager . 413Configuration of User Manager . 414User Sign‐Ups . 421User Sign‐In Page . 421Active Sessions . 422Vouchers. 422V5 of User Manager. 424Command Line Interface. 430Command Line Hotkeys . 432Quick Reference Guide . 434NetInstall of RouterBOARD Products . 434NetInstall your Flash / DOM / Hard Disk . 435Creating a Active/Backup Bridged Auto‐Fail Link . 435Setup Transparent Web Proxy System . 436Redirect Non‐Paying Customer . 436Per Connection Load Balancing . 437Create a Private VPN . 438Appendix . 440Features Only Available via Command Line Interface . 440Index . 4428Learn RouterOS – Second Edition by Dennis Burgess
Table of Contents9
IntroductionIntroductionMikroTik RouterOS is a routing software that has been growing in popularityextremely quickly. When it is combined with reliable, powerful hardware,RouterOS can quickly surpass many routers that are currently available on themarket. Many businesses, Wireless Internet Service Providers (WISPs) andother end‐users have found that the cost savings that RouterOS offers is thekey to their business success.In this book, we are going to give you both knowledge plus examples ofconfiguration of the MikroTik RouterOS software. You will end up learningRouterOS, and have working examples that you can emulate and change tomeet your needs. We will cover many aspects of the software, includingMikroTik specific systems, Wireless Networking, Routing, as well as virtuallyall of the features included in the RouterOS software.We are going to give you code examples, screen shots and real worldapplication designs that you can do right on your own RouterOS system.These items will enable you to apply RouterOS work in your business, orcompany. You will gain the knowledge to use RouterOS as a router, wirelessaccess point, client premise device, web caching system, and even a VPN(Virtual Private Network) server.10Learn RouterOS – Second Edition by Dennis Burgess
IntroductionWho Should Use This BookThis book is designed as a reference guide. I want to help you learn directionon what features you need to use, and why. If you need to know what afeature or command does, you will need to use the command reference thatMikroTik offers on their website at http://www.MikroTik.com. If you want tolearn how to take these features and put them together , common bestpractices, as well as how to ways of configure systems to make them do whatyou want them to do, then this book is for you.We will cover lots of topics, some are simple topics and we will show you theoptions you have, but more importantly, we will show you why to use thefeatures! Some features are packed with comments and suggestions on howto use that feature in combination with other features, and why to use thesefeature combinations.This second edition expands upon the existing content of the original book;however, RouterOS is constantly changing, being updated, and adding newfeatures. It's always improving, and therefore, we need to keep updating thisbook to ensure that we give you the latest information!11
About the AuthorAbout the AuthorDennis Burgess started learning about computers at a young age. Using aTRS‐80 Dennis started using Basic programming to create small computerprograms. At the age of 13 he started a multi‐line BBS (Bulletin BoardSystem), using small Dell computers and 9600 baud modems. He wasintroduced to networking by the need to network his BBS computerstogether. After high school, Dennis attended a local technical college andgraduated with an Associate’s Degree in Computer Electronics andNetworking Technologies.Mr. Burgess went to work for a number of consulting companies, focusing onservers, and wide‐area networks. He designed and deployed a number ofnetworks for law firms, construction companies and other small‐to‐mediumbusinesses. He deployed Microsoft solutions as well as Cisco routers on aroutine basis. During this time, Dennis obtained his Microsoft CertifiedProfessional status, as well as his A Computer Technician, N NetworkTechnician, and also became a Cisco Certified Network Associate or (CCNA).After working for a number of years as an Enterprise network and serverconsultant, Mr. Burgess worked for a number of dealerships in the St. Louisarea building a private network for their needs. During this time he startedhis first wireless Internet Service Provider. This company introduced him intothe world of MikroTik RouterOS. The WISP needed a method to controlbandwidth for subscribers, so they built their first RouterOS x 86 systems.After realizing the power and performance of RouterOS, including well asusing them in tower installations for 802.11b/g access‐points in the WISP, hecontinued to use RouterOS to deploy a fully redundant virtual network for thegroup of dealerships he worked for. This network, still using RouterOS, isworking as intended, since 2001.Mr. Burgess, ended up selling his Wireless Internet Service Provider Companylater, and focused on creating a company that could assist other WISPs,businesses and ISPs with RouterOS. Dennis’s company, Link Technologies,Inc, is now a world‐wide MikroTik consulting company. Consulting clientsinclude small WISPs as well as Enterprises using RouterOS.12Learn RouterOS – Second Edition by Dennis Burgess
About the AuthorLink Technologies, Inc. also started producing the PowerRouter series ofRouterOS devices after seeing a need for Enterprise‐Class RouterOS routers.These 1U carrier‐grade systems are designed with Ethernet routing, andsupport high‐performance applications, and web caching as well. ThePowerRouter 732 is also a homeland security approved device.Link Technologies, IncLink Technologies, Inc was formed with the purpose of helping Wireless ISPsas well as providing high‐quality consulting services for RouterOS systems. Inthe USA, available options for RouterOS systems administration andconsulting services for were very limited to small home businesses were verylimited and technician level admins trying to help out businesses and ISPswith RouterOS. Dennis formed Link Technologies, Inc. to help give thesebusinesses with the needed level of technical support, engineering andconsulting services that they needed.Link Technologies, Inc offers multiple certified RouterOS engineers, MikroTikCertified Trainers, RouterOS Training Programs, as well as general networkengineering, consulting and support. We are one of the largest MikroTikconsulting companies in the world, with clients ranging from start‐up WISPoperations, to publicly traded enterprises with over 35,000 end‐users.In addition to On top of MikroTik, we also offer business support, MotorolaCanopy, Cisco, Microsoft, mail servers, DNS servers and can help you with justabout any type of consulting services that you may need for your networkingbusiness.When you need any type some form of RouterOS consulting, engineering ortraining, be sure to contact us. We have several engineers’ on‐staff who canassist you!Link Technologies, Inc.House Springs, MO 314‐735‐027013
What is RouterOS?What is RouterOS?Simply put, it is an infinitely configurable routing software package. Thissoftware allows you to use common hardware to perform high‐end routingapplications. MikroTik creates this software, as well as many differenthardware platforms to run the software on. These industrial hardwareplatforms provide you many options including ultra‐low cost business andhome devices, all the way to core routing functions of large Internetproviders and enterprises.So what can you do with RouterOS? It can do virtually anything when itcomes to Internet addressing and data traffic management. In the world of IProuting, there is not much that RouterOS cannot do! Many routers andnetwork devices only perform certain functions. One device may be a PPPoEserver/concentrator. Another device may control bandwidth and the way thedata flows across your network. Yet another device may do caching of thedata that flows to save bandwidth. All of these devices can add up in costs,not only the upfront hardware costs, but the upkeep, the maintenance, andthe system administration for to understand each device.RouterOS contains all of the above mentioned features! With all of thispow
10 Learn RouterOS – Second Edition by Dennis Burgess Introduction MikroTik RouterOS is a routing software that has been growing in popularity extremely quickly. When it is combined with reliabl
How to use RouterOS on GNS3 Amnuay Pintong (MTCNA,MTCTCE,MTCUME) - Otik Nework Co.,Ltd. Start emulator for install RouterOS from ISO file. Start to install RouterOS Press ‘ a ‘ for select all package (you can choose some items fo
What is RouterOS ? RouterOS is an operating system that will make your device: a dedicated router a bandwidth shaper a (transpa
RESET RouterOS reset jumper hole (RESET, marked with a black circle in the diagram above, below S301) – resets RouterOS software to defaults. Must short circuit the metallic sides of the hole (with a screwdriver, for example) and boot the device. Hold screwdriver in place until RouterOS
RP 2K, Second Edition RP 2L, Third Edition RP 2M, First Edition Bul 2N, First Edition RP 2P, Second Edition RP 2Q, Second Edition RP 2R, First Edition RP 2T, First Edition Bul 2U, First Edition Bul 2V, First Edition Spec 2W, First Edition RP 2X, First Edition, with Supp 1 Spec 2Y, First Edition
Document revision 1.10 (June 22, 2007, 16:49 GMT) This document applies to MikroTik RouterOS V3.0 Table of Contents Table of Contents Summary Description System Backup Description Command Description Example Example Exporting Configuration Description Command Description Example Importing Configuration Description Command Description Example .
Basic guidelines on RouterOS configuration and debugging Martins Strods MikroTik, Latvia Ho Chi Minh City, Vietnam April 2017. . Try to re-install any other router . Make new files after configuration changes
We have released RouterOS v7.0beta8 with the implementation of many features you have been asking for: the latest Linux Kernel 5.6.3 featuring new up-to-date driver and security options new routing engine that will substantially improve the performance of newer MikroTik devices. vastly
2 For referenced ASTM standards, visit the ASTM website, www.astm.org, or contact ASTM Customer Service at service@astm.org. For Annual Book of ASTM Standards volume information, refer to the standard’s Document Summary page on the ASTM website. 3 National Fenestration Rating Council, 84884 Georgia Ave., Suite 320, Silver Spring, MD 20910. 1
