RouterBOARD Wireless Hacks - MikroTik
RouterBOARD Wireless HacksJessetoClickLiuedit Master subtitle styleConvergingstream
MikroTik Distributor2
MikroTik certified Integrator3
MikroTik Application Examples Wireless Access PointWireless BridgeRouterFirewallVPN ConcentratorsBandwidth ManagementLink Load BalancingHotspot GatewayUser ManagerNetwork Monitor4
Agenda Hack 1. Wireless client isolateHack 2. Frequency SelectionHack 3. Access list and Security profileHack 4. Wireless client bandwidth controlHack 5. Virtual AP and VLANHack 6. Wireless Distribution SystemHack 7. Turbo mode (up to 108Mbps)Hack 8. 802.11n (up to 300Mbps)Hack 9. Dual radio Point-to-Point mode5
Hack 1. Wireless client isolateIf set to 'no', the registered clients will not be able tocommunicate with each other.6
Hack 2. Frequency Selectionlimits wireless settings (frequency and transmitpower) to those which are allowed in therespective countryno country set - no regulatory domainlimitations7
Hack 2. Frequency SelectionIf no country is set, these frequencies are used (FCC compliant set of channels)2.4GHz mode: 2412, 2417, 2422, 2427, 2432, 2437, 2442, 2447, 2452, 2457, 24622.4GHz-g-turbo mode: 24375GHz mode: 5180, 5200, 5220, 5240, 5260, 5280, 5300, 5320, 5745, 5765, 5785, 5805, 58255GHz-turbo mode: 5210, 5250, 5290, 5760, 5800If China is set, these frequencies are used2.4GHz mode: 2412, 2417, 2422, 2427, 2432, 2437, 2442, 2447, 2452, 2457, 2462, 2467, 24722.4GHz-g-turbo mode: 24375GHz mode: 5745, 5765, 5785, 5805, 58255GHz-turbo mode: unknown8
Hack 2. Frequency Selectionfrequency-mode: superchannel Conformance Testing Mode. Allow allchannels supported by the card.Allowed ranges on R52: [4920;6100],[2192;2539].This mode should only be used in controlled environments, or if you have a specialpermission to use it in your region. Before v4.3 this was called Custom FrequencyUpgrade or Superchannel. Since RouterOS v4.3 this mode is available withoutspecial key upgrades to all installations.9
Hack 2. Frequency 10
Hack 2. Frequency Selection11
Hack 2. Frequency SelectionWhile scanning, the card unregisters itself from the access point (in station mode), orunregisters all clients (in bridge or ap-bridge mode). Thus, network connections arelost while scanning.12
Hack 2. Frequency SelectionApproximately shows how loaded are thewireless channels.13
Hack 2. Frequency SelectionDFS (Dynamic Frequency Selection) - used for APs todynamically select frequency at which this AP willoperate.no-radar-detect - AP scans channel list from "scanlist" and chooses the frequency which is with thelowest amount of other networks detected.14
Spectrum Analyzer The spectrum analyzer can scan all frequencies supported by your wireless card,and plot them directly in console. Exact frequency span depends on card. Allowedranges on R52N: [4790; 6085], [2182; 2549].Currently this feature is supported only R52N and R2N.http://wiki.mikrotik.com/wiki/Spectrum analyzerhttp://www.tiktube.com/index.php?video 30115
Spectrum Analyzer16
Spectrum Analyzer17
Spectrum Analyzer18
Hack 3. Access list and Security profileAccess list is used by access point to restrict allowedconnections from other devices, and to controlconnection parameters.default-authentication - this is the value ofauthentication for clients that do not match anyentry in the access-list.19
Hack 3. Access list and Security profileaes-ccm - more secure WPA encryption protocol,based on the reliable AES (Advanced EncryptionStandard).private-pre-shared-key - private Preshared key for that station.wpa-pre-shared-key, wpa2-pre-shared-key which is used as the WPA Pre Shared Key.Use 8-63 alphanumeric characters (0-9, a-z)20
Hack 4. Wireless client bandwidth controlap-tx-limit - limits data rate for this wireless client(in bps)client-tx-limit - limits this client's transmit data rate(in bps). Works only if the client is also aRouterBOARD21
Hack 4. Wireless client bandwidth control Per Connection Queue (PCQ) is a queuing discipline that can be used todynamically equalize or shape traffic for multiple users, using little administration.It is possible to divide PCQ scenarios into three major groups: equal bandwidth fora number of users, certain bandwidth equal distribution between users, unknownbandwidth equal distribution between users.http://wiki.mikrotik.com/wiki/PCQ /QoS Megis.pdf22
Hack 4. Wireless client bandwidth control23
Hack 4. Wireless client bandwidth control24
Hack 5. Virtual AP and VLAN Virtual Access Point (VAP) interface is used to have an additional AP. You can createa new AP with different ssid and mac-address. It can be compared with a VLANwhere the ssid from VAP is the VLAN tag and the hardware interface is the VLANswitch.You can add up to 128 VAP interfaces for each hardware interface.The VAP MAC address is set by default to the same address as the physicalinterface has, with the second bit of the first byte set (i.e., the MAC address wouldstart with 02). If that address is already used by some other wireless or VAPinterface, it is increased by 1 until a free spot is found. When manually assigningMAC address, keep in mind that it should have the first bit of the first byte unset(so it should not be like 01, or A3). Note also that it is recommended to keep theMAC adress of VAP as similar (in terms of bit values) to the MAC address of thephysical interface it is put onto, as possible, because the more different theaddresses are, the more it affects performance.25
Hack 5. Virtual AP and VLAN26
Hack 5. Virtual AP and VLAN27
Hack 5. Virtual AP and VLAN28
Hack 5. Virtual AP and VLAN29
Hack 5. Virtual AP and VLANhttp://wiki.mikrotik.com/wiki/802.1q Trunk extension over Wireless P2P Link30
Hack 6. Wireless Distribution System The IEEE 802.11 standard limitation makes it impossible for wireless cardsin station mode to work as expected when bridged. That means that if youneed to create a bridge, you should not use station mode on thatmachine. In case you need a bridge on a wireless station, use station-wdsmode (may only be used in the AP supports WDS). Bridging on the AP sideworks fine.WDS (Wireless Distribution System) allows packets to pass from onewireless AP (Access Point) to another, just as if the APs were ports on awired Ethernet switch. APs must use the same standard (802.11a, 802.11bor 802.11g) and work on the same frequencies in order to connect to eachother.As the routers which are in WDS mode have to communicate at equalfrequencies, it is not recommended to use WDS and DFS simultaneously it is most probable that these routers will not connect to each other.31
Hack 6. Wireless Distribution System There are two possibilities to create a WDS interface:–dynamic - is created 'on the fly'–static - is created manuallyIf you want to use dynamic WDS in a bridge, set the wds-default-bridgevalue to desired bridge interface name. When the link will go down andthen it comes up, the dynamic WDS interface will be put in the specifiedbridge automatically.32
Hack 7. Turbo mode (up to 108Mbps)5ghz-turbo - IEEE 802.11a in Atheros proprietaryturbo mode (up to 108Mbps)frequency: 5210, 5250, 5290, 5760, 58002.4ghz-g-turbo - IEEE 802.11g in Atherosproprietary turbo mode (up to 108Mbps)frequency: 243733
Hack 7. Turbo mode (up to 108Mbps)5ghz-turbo - IEEE 802.11a inAtheros proprietary turbomode (up to 108Mbps)5ghz - IEEE 802.11a up to 54Mbps34
Hack 8. 802.11n (up to 300Mbps)ht-rxchains - which antennas to use for receive.ht-txchains - which antennas to use for transmit.ht-guard-interval - whether to allow use of short guard interval. "any" will use eithershort or long, depending on data rate, "long" will use long.ht-extension-channel - whether to use additional 20MHz extension channel and if itshould be located below or above control (main) channel. Extension channel allows11n device to use 40MHz of spectrum in total thus increasing max throughput.35
Hack 8. 802.11n (up to 300Mbps)Up to 200Mbps of actual throughput.36
Hack 9. Dual radio Point-to-Point mode The Nstreme protocol is MikroTik wireless protocol aimed to improve point-topoint and point-to-multipoint wireless links. Advanced version of Nstreme, calledNstreme2 works with a pair of wireless cards - one for transmitting data and onefor receiving.Two radios in nstreme-dual-slave mode can be grouped together to makenstreme2 Point-to-Point connection. To put wireless interfaces into a nstreme2group, you should set their mode to nstreme-dual-slave. Many parameters from/interface wireless menu are ignored, using the nstreme2, ��tx-power–tx-power-mode–antenna-mode37
Hack 9. Dual radio Point-to-Point mode38
Hack 9. Dual radio Point-to-Point modeWDS cannot be used on Nstreme-dual links.The difference between tx-freq and rx-freq should be about 200MHz (more isrecommended) because of the interference that may occur!You can use different bands for rx and tx links. For example, transmit in 2.4ghz-g-turboand receive data, using 5ghz-turbo band.39
EndClick to edit Master subtitle styleThank you for participating
Agenda Hack 1. Wireless client isolate Hack 2. Frequency Selection Hack 3. Access list and Security profile Hack 4. Wirele
Media Convertor AT-MC103XL-20 3 Mikrotik S-3553LC20D SFP 20km BiDir (pair) 4 Mikrotik S 31DLC10D SFP 10km 3 Mikrotik S 2332LC10D SFP 10km BiDir (pair) 3 Mikrotik SFP 3m direct attach cable 2 Mikrotik S-31DLC20D 2 D-Link DGE-528T 5 Dell Memory Upgrade - 32GB - 4Rx4 DDR
RouterOS history 2001 – MikroTik v2.2 Router Software – MikroTik v2.3 Router Software npk first mentioned as method for extending functionality Jan 2002 – MikroTik
check DHCP server configuration of MikroTik. 5. Check the IP range/subnet of LAN PC client. IP range should be as per prefix/subnet which is received from MikroTik (R-Series will get prefix/subnet from MikroTik router). if LAN IP of the subnet does not match with prefix/subnet, execute the IP and IP renew process in LAN PC to get new IP. 6.
AREDN Network Beginner's Guide - for the Absolute Newbie Mikrotik RBLHG-5nD - Routerboard Lite Head Grid - 390 mm dia., 24.5 dBi gain. 1.3 pounds. RBLHG-5HPnD-XL - Routerboard Lite Head Grid High Power - 550 mm dia, 27 dBi gain. 2.1 pounds. LDF 5 - Light Data Feed. This is a unique device. By itself, it only has 9 dBi gain. But it's made .
RouterOS MikroTik RouterOS is the operating system of MikroTik RouterBOARD hardware. It can also be installed on a PC and will turn it into a router with all the necessary features - routing, firewall, bandwidth management, wireless access point, backhaul link, hotspot gateway, VPN server
Linux 101 Hacks www.thegeekstuff.com Chapter 1: Powerful CD Command Hacks cd is one of the most frequently used commands during a UNIX session. The 6 cd command hacks mentioned in this chapter will boost your productivity
3 Course Objectives Provide an overview of RouterOS software and RouterBOARD products Hands-on training for MikroTik router configuration, maintenance and basic troubleshooting MTA Nikola Tesla Leposavić
32.33 standards, ANSI A300:Performance parameters established by industry consensus as a rule for the measure of quantity, weight, extent, value, or quality. 32.34 supplemental support system: Asystem designed to provide additional support or limit movement of a tree or tree part. 32.35 swage:A crimp-type holding device for wire rope. 32.36 swage stop: Adevice used to seal the end of cable. 32 .
