Projet

Général

Profil

Historique

Wiki » Divers »

Mikrotik

RouterOS

http://wiki.mikrotik.com/wiki/MikroTik_RouterOS
http://wiki.mikrotik.com/wiki/Manual:TOC
http://wiki.mikrotik.com/wiki/Manual:Webfig

http://www.mikrotik.com/download.html
http://wiki.mikrotik.com/wiki/Upgrading_RouterOS

http://wiki.mikrotik.com/wiki/Supported_Hardware
http://wiki.mikrotik.com/wiki/Manual:Password_reset
http://wiki.mikrotik.com/wiki/Manual:PoE-Out

Boitiers

Montage

PoE

Password

From: Le Net du Kermeur
Utilitaire mtpass, ça se trouve là : http://manio.skyboo.net/mikrotik/
Ca se compile sous g++, donc sur n'importe quel Linux ou *BSD.
Testé sous OpenBSD, il fait le boulot.

RB433L and RB433UAHL

NPK

http://routing.explode.gr/node/96
https://forum.openwrt.org/viewtopic.php?id=32320&p=3
https://forum.openwrt.org/viewtopic.php?pid=165526#p165526
https://github.com/lqez/npk
Easy install of OpenWrt on MikroTik's devices https://forum.openwrt.org/viewtopic.php?id=39171
http://wp.ayufan.eu/2013/02/the-rb951g-and-openwrt/

Misc

TODO
http://i.mt.lv/routerboard/files/rb433L-series-qg_1377089307.pdf

http://forum.mikrotik.com/viewtopic.php?t=65977&p=336057
RF antenna and close miniPCI ?

Power Consuption

eth1 = PoE        192.168.88.101/24
eth2 = milieu     192.168.102.1/24
eth3 = oppose PoE 192.168.103.1/24
wlan1 = minipci du bas 172.31.31.43/24

http://dslrouter.sourceforge.net/stuff/mikrotik/mikrotik/AirMax5_and_Mikrotik_Router_Board_Connection_Guide_revised.pdf

netboot 
rb750up http://forum.mikrotik.com/viewtopic.php?f=3&t=57943&start=50

USB RB750UP http://patchwork.openwrt.org/patch/3252/

http://wiki.openwrt.org/toh/mikrotik/rb750
http://blog.poettner.de/2011/05/27/openwrt-trunk-on-mikrotik-routerboard-411750/

http://wiki.mikrotik.com/wiki/Manual:Netinstall
http://routerboard.com/pricelist/download_file.php?file_id=118

http://www.gowifi.co.nz/userguides/perform-a-netinstall.pdf

http://forum.mikrotik.com/viewtopic.php?f=2&t=66093
reset longer than 20 seconds

https://forum.openwrt.org/viewtopic.php?id=41490

RB433L
idle 108 mA 12V 
+1 eth 130mA 173 mA max au boot

RB433L + ethernet branché RouterOS 5.11
conso identique RouterOS 5.26
RouterOS 6.6 ?
Volt    mA  mW
(*  5.0 259)1295.0
(*  6.0 227)1362.0
(*  7.0 200)1400.0
(*  8.0 180)1440.0
(*  8.5 175)1487.5
(*  9.0 165)1485.0
(*  9.5 160)1520.0
(* 10.0 152)1520.0
(* 11.0 142)1562.0
(* 11.5 138)1587.0
(* 12.0 132)1584.0 152 pendant file upload  firmware (* 12.0 152)1824.0
(* 12.5 129)1612.5
(* 13.0 125)1625.0
(* 14.0 119)1666.0
(* 15.0 112)1680.0
(* 18.0  99)1782.0
(* 21.0  90)1890.0
(* 24.0  83)1992.0
(* 26.0  79)2054.0
(* 27.0  77)2079.0

RB433L sans ethernet
   V    mA  mW
4.0 off
(*  5.0 206)1030.0
(*  6.0 181)1086.0
(*  7.0 162)1134.0
(*  8.0 146)1168.0
(*  9.0 133)1197.0
(* 10.0 124)1240.0
(* 11.0 116)1276.0
(* 12.0 110)1320.0
(* 13.0 104)1352.0
(* 14.0  99)1386.0
(* 15.0  94)1410.0

diff ethernet pas ethernet constant en watt sur la plage de 265 mW a 260 mW

eth+ R52n-M  5180 AP-bridge 17dBm = 50 mW
(* 12.0 165)1980.0
vs (* 12.0 132)1584.0

0 dBm = 1 mW ou 7 dBm
conso inchangee
(* 12.0 163)1956.0
163-166

tout en bridge cote RB433L 7 dBm = 5 mW avec iperf 100M UDP
175-180
(* 12.0 (- 180 163))204.0 mW

serial http://forum.mikrotik.com/viewtopic.php?f=3&t=76194
http://wiki.openwrt.org/toh/mikrotik/rb433

http://wiki.mikrotik.com/wiki/Manual:Password_reset
http://wiki.mikrotik.com/wiki/MikroTik_Password_Recovery

http://wireless.kernel.org/en/users/Drivers/ath9k/devices
WLM200NX dual band
http://wireless.kernel.org/en/users/Drivers/ath5k

R52n-M
R52Hn

http://download2.mikrotik.com/routeros/5.26/routeros-mipsbe-5.26.npk
http://download2.mikrotik.com/routeros/6.6/routeros-mipsbe-6.6.npk

http://wiki.mikrotik.com/wiki/Netinstall

RB433 and RB433UAH and RB435G

Links

http://routerboard.com/RB433
http://routerboard.com/RB433UAH
http://routerboard.com/RB435G

http://wiki.openwrt.org/toh/mikrotik/rb435
http://wiki.openwrt.org/toh/mikrotik/rb433

Power Consumption

RB433 MikroTik RouterOS 5.24

V    mA avec 1 eth
24.0 123 (* 24 0.123)2.952  (112 sans eth diff 0.264W)
16.0 149 (* 16 0.149)2.384
13.9 162 (* 13.9 0.162)2.2518  (142 sans eth diff 0.278W)
12.0 178 (* 12.0 0.178)2.136
10.0     207 (* 10.0 0.207)2.07
 8.0     250 (*  8.0 0.250)2.0

en dessous de 8 V : coupure

RB433UAH MikroTik RouterOS 5.24
avec 1 eth
24.0 189 (* 24 0.189)4.536
12.0 249 (* 12 0.249)2.988
 8.0 366 (* 8  0.327)2.616 292 sans eth

RB435G MikroTik RouterOS 5.24

avec 1 eth

24.0 117 (* 24.0 0.117)2.808 112 sans eth (* 0.005 24)0.12
12.0 187 (* 12.0 0.187)2.244
10.0 216 (* 10.0 0.216)2.16
 8.0 261 (*  8.0 0.261)2.088 255 sans eth (* 0.006 8.0)0.048
 7.0 303 (*  7.0 0.303)2.121

8.0
[admin@MikroTik] > system health print
     fan-mode: auto
      use-fan: main
   active-fan: none
      current: 172mA
  temperature: 20C

12.0
[admin@MikroTik] > system health print
           fan-mode: auto
            use-fan: main
         active-fan: none
            voltage: 11.3V
            current: 108mA => 192
        temperature: 20C
  power-consumption: 1.2W

24.0
[admin@MikroTik] > system health print
           fan-mode: auto
            use-fan: main
         active-fan: none
            voltage: 24V
            current: 50mA => 119
        temperature: 20C
  power-consumption: 1.2W

RB750UP

http://routerboard.com/RB750UP

http://blog.lekermeur.net/wp-content/uploads/2012/03/Printemps2012_RB750.pdf

Attention : problèmes lors que le RB750UP est alimenté en PoE : http://forum.mikrotik.com/viewtopic.php?f=3&t=57943

we are working on new FW that would add useful features that are currently missing. One of them is reworked power management.

Voltage : http://forum.mikrotik.com/viewtopic.php?f=3&t=58124

limit on power out port is 500mA regardless of output voltage. so at 12V you will be able to power only MAX 6W device. while at 30V 15W.
If you power RB570UP with PoE 24V adapter over 100m cable, then resulting output voltage at full load (all 4 ports giving out 500mA totaling to 2A) then voltage to powered ports at RB750UP end will be around 21V then losses on cable and protections you end up with around 19V at the end device. and cables stretching for 200m from PSU brick.
PoE in port has no input limitation only output is limited to 500mA and with 4 prots it is 2A

Upgrade to 5.20

/ip arp print
# print MAC IP

/interface bridge host print
# print MAC

/interface ethernet switch host print
# print MAC-port table

/interface ethernet set ether5 poe-out=forced-on
# force PoE

/interface ethernet poe set ether2-master-local poe-priority=5
# lower number = highest priority

/interface ethernet poe pr   
# print prio settings

/interface ethernet poe monitor [find]
# monitor watt and voltage

system identity set name=totoRB750UP
# hostname

system resource print 
                   uptime: 3h54m51s
                  version: 5.26
              free-memory: 19124KiB
             total-memory: 29696KiB
                      cpu: MIPS 24Kc V7.4
                cpu-count: 1
            cpu-frequency: 400MHz
                 cpu-load: 0%
           free-hdd-space: 90528KiB
          total-hdd-space: 126976KiB
  write-sect-since-reboot: 157
         write-sect-total: 31910
               bad-blocks: 0%
        architecture-name: mipsbe
               board-name: RB750UP
                 platform: MikroTik



[admin@MikroTik] /interface ethernet poe settings> upgrade
Do you really want to upgrade PoE firmware? [y/n] 
y
Please reboot to finish PoE firmware upgrade.

[admin@MikroTik] /interface ethernet poe settings> pr
                   version: 2.0
  ether1-poe-in-long-cable: no

[admin@MikroTik] /interface ethernet poe> monitor [find]
               name: ether2-master-local ether3-slave-local ether4-slave-local ether5-slave-local
    poe-out-voltage:                                                           23.5V
    poe-out-current:                                                           160mA
      poe-out-power:                                                           3.7W
  • http://wiki.mikrotik.com/wiki/Manual:Upgrading_RouterOS
  • To update firmware (latest RouterOS 5.12):
  • Files / upload choose file : routeros-mipsbe-5.12.npk (12MB)
  • Attendre la fin de upload
  • System / Packages / IPv6 schedule for update
  • System / Reboot
  • about 90 seconds. Note: PoE will be cut during the reboot

chiwa admin VLAN 3175
192.168.3.20

telnet login admin pass (vide)
web

[admin@rb750up-chiwawa] > interface ethernet print                                                                 
Flags: X - disabled, R - running, S - slave 
 #    NAME                               MTU MAC-ADDRESS       ARP        MASTER-PORT                            SWITCH                           
 0    ether1-gateway                    1500 00:0C:42:E9:BA:8A enabled   
 1 R  ;;; To chiwa's router *** NO POE ***
      ether2-master-local               1500 00:0C:42:E9:BA:8B enabled    none                                   switch1                          
 2 RS ;;; to Vince' NS5M -  To Myrys
      ether3-slave-local                1500 00:0C:42:E9:BA:8C enabled    ether2-master-local                    switch1                          
 3 RS ;;; to NS5M east - To CDRX
      ether4-slave-local                1500 00:0C:42:E9:BA:8D enabled    ether2-master-local                    switch1                          
 4 RS ;;; to beaconing NS5M (port balcon.3)
      ether5-slave-local                1500 00:0C:42:E9:BA:8E enabled    ether2-master-local                    switch1

RouterOS v2
http://wiki.mikrotik.com/wiki/Manual:PoE-Out#RouterOS_2
http://wiki.mikrotik.com/wiki/Manual:PoE-Out#Changes_between_1.x_and_2.0_PoE-Out_controller_firmware

[admin@MikroTik] > interface ethernet poe monitor [find]
              name: ether2 ether3 ether4 ether5
   poe-out-voltage: 23.2V  23.2V  23.2V  
   poe-out-current: 224mA  116mA  64mA   
     poe-out-power: 5.1W   2.6W   1.4W

http://wiki.mikrotik.com/wiki/PoE-Out

/interface ethernet set ether2 poe-out=on
/interface ethernet set ether2 poe-out=off
/interface ethernet set ether2 poe-out=auto

Note:
<obinou> Le poe-out, il faut le mettre à "on" , et pas à "auto".
<obinou> sans ça, j'ai l'impression que le RB fait un power-cycle si il détecte une perte de link
<obinou> or, quand la NSM5 démarre, entre le bootloader & le firmware ca perd le link
<obinou> conclusion: reboot en boucle.

Note:
Après essais il est préférable d'éviter le 12V: Si au départ ça semble marcher, les pics de courants
dépassent parfois la limite autorisé par port de 500mA, et le port se coupe immédiatement.
Le 24V n'a pas montré ce souci.

Note 2:
Dans les derniers firmwares Microtik, l'option "poe-out" prend comme option "auto", "forced-on", ou "forced-off".

http://forum.mikrotik.com/viewtopic.php?f=3&t=49976&sid=40ea9661791968a896ab35214dc18f15&start=50
http://forum.mikrotik.com/viewtopic.php?f=3&t=57608

[admin@MikroTik-Ouin] > /interface ethernet print detail            
Flags: X - disabled, R - running, S - slave 
 0 R  name="ether1-gateway" mtu=1500 l2mtu=1600 mac-address=00:0C:42:D3:94:D5 arp=enabled auto-negotiation=yes full-duplex=yes speed=100Mbps 
 1    name="ether2-master-local" mtu=1500 l2mtu=1598 mac-address=00:0C:42:D3:94:D6 arp=enabled auto-negotiation=yes full-duplex=yes speed=100Mbps master-port=none bandwidth=unlimited/unlimited switch=switch1 poe-out=auto 
 2    name="ether3-slave-local" mtu=1500 l2mtu=1598 mac-address=00:0C:42:D3:94:D7 arp=enabled auto-negotiation=yes full-duplex=yes speed=100Mbps master-port=none bandwidth=unlimited/unlimited switch=switch1 poe-out=auto 
 3 R  name="ether4-slave-local" mtu=1500 l2mtu=1598 mac-address=00:0C:42:D3:94:D8 arp=enabled auto-negotiation=yes full-duplex=yes speed=100Mbps master-port=none bandwidth=unlimited/unlimited switch=switch1 poe-out=on 
 4 R  name="ether5-slave-local" mtu=1500 l2mtu=1598 mac-address=00:0C:42:D3:94:D9 arp=enabled auto-negotiation=yes full-duplex=yes speed=100Mbps master-port=none bandwidth=unlimited/unlimited switch=switch1 poe-out=on 

[admin@MikroTik-Ouin] > sys resource pr
                   uptime: 6m6s
                  version: 5.12
              free-memory: 17880KiB
             total-memory: 29708KiB
                      cpu: MIPS 24Kc V7.4
                cpu-count: 1
            cpu-frequency: 400MHz
                 cpu-load: 0%
           free-hdd-space: 30844KiB
          total-hdd-space: 61440KiB
  write-sect-since-reboot: 214
         write-sect-total: 96113
               bad-blocks: 0%
        architecture-name: mipsbe
               board-name: RB750UP
                 platform: MikroTik

NTP

/system ntp client set primary-ntp=172.31.31.254 enabled=yes

rsyslog

http://randomtweaks.blogspot.fr/2013/03/mikrotik-remote-logging-using-ubuntu.html

/system log action set 3 remote=172.31.31.252
/system log add action=remote disabled=no

Bridging sur le 750UP

Le RB750UP est conçu dans l'idée d'en faire un CPE multi-antennes. Par défaut, le port 1 (POE-in ou LAN) n'est pas bridgé sur le switch des 4 ports POE-out, on s'en sert plutôt en mode routé.

Pour l'utiliser comme un simple switch et non comme un routeur il suffit de créer un bridge entre les interfaces :

interface bridge add name=bridge1 
interface bridge port add bridge=bridge1 interface=ether1-gateway 
interface bridge port add bridge=bridge1 interface=ether2-master-local 

ip address print
ip address add address=172.31.31.24/24 interface=bridge1

ip address print
ip address remove 0

DHCP sur le 750UP

Note: Attention, un serveur DHCP est actif par défaut sur les ports 2 à 5. Il faut le désactiver
pour passer en mode switch.

ip dhcp-server print
ip dhcp-server remove 0

ip dhcp-client print
ip dhcp-client remove 0

Routing sur le 750UP

ip route add dst-address=0.0.0.0/0 gateway=172.16.0.254

RB750UP en mode BOX pour les nanostation

Connection to the routerboard

ssh admin@192.168.88.1

Reset the RouterBoard :

$ setup 
$ r
$ y

Le routerboard reboot et on se reconnect

Configuration du WAN

$ ip address add address=91.224.149.194/24 interface=ether1-gateway
$ ip route add gateway=91.224.149.254
$ ip address print 
$ ip route print

RB250GS

VLAN http://wiki.mikrotik.com/wiki/SwOS/Router-On-A-Stick
Doc http://wiki.mikrotik.com/wiki/SwOS
vlan limitation mikrotik rb250gs http://forum.mikrotik.com/viewtopic.php?f=17&t=45721
Routeur, switch, VLAN et multi-modems (via rb250gs) http://doc.rhizome-fai.net/doku.php?id=technique:routeur:vlan

CRS226

VLAN

http://wiki.mikrotik.com/wiki/Manual:CRS_features
http://wiki.mikrotik.com/wiki/Manual:CRS_examples
http://wiki.mikrotik.com/wiki/Switch_Chip_Features#Example_-_802.1Q_Trunking_with_Atheros_switch_chip_in_RouterOS_v6
http://blog.scottlowe.org/2015/07/02/vlan-trunking-mikrotik-routeros/

Editer

/interface ethernet switch egress-vlan-tag pr
/interface ethernet switch egress-vlan-tag edit 5 tagged-ports

Renommer les interfaces, changer les ports maîtres/esclaves

Par défaut, les interfaces ont des noms comme "ether1-master-local", "ether4-slave-local", "ether8-slave-local" parce que le port 1 est un "master" et les autre des "slaves" (plus d'info : http://wiki.mikrotik.com/wiki/Switch_Chip_Features#Port_Switching ). Comme ça risque de changer, on renomme tout ça :

/interface set ether1-master-local name=ether1;
/interface ethernet set ether2-slave-local master-port=none;
/interface set ether2-slave-local name=ether2;
/interface ethernet set ether3-slave-local master-port=none;
/interface set ether3-slave-local name=ether3;
/interface ethernet set ether4-slave-local master-port=none;
/interface set ether4-slave-local name=ether4;
/interface ethernet set ether5-slave-local master-port=none;
/interface set ether5-slave-local name=ether5;
[...]

Se placer dans le menu des interfaces ethernet et définir un master port (ici ether2) pour les interfaces :

/interface ethernet
set ether3 master-port=ether2
set ether4 master-port=ether2
set ether5 master-port=ether2
set ether6 master-port=ether2
set ether7 master-port=ether2
set ether8 master-port=ether2

Pour voir le résultat, on peut utiliser la commande "print".

VLAN par ports

Créer des VLAN :
  • VLAN 200 : ether3, 4, et 8
  • VLAN 300 : ether5, 6, et 8
  • VLAN 400 : ether7, et 8

Access port
Si du traffic arrive "untagged" (customer-vid=0), on lui assigne un VLAN ID en fonction du port sur lequel il arrive :

/interface ethernet switch ingress-vlan-translation
add ports=ether3,ether4,ether8 customer-vid=0 new-customer-vid=200
add ports=ether5,ether6,ether8 customer-vid=0 new-customer-vid=300
add ports=ether7,ether8 customer-vid=0 new-customer-vid=400

Trunk port
port ether2 ici :

/interface ethernet switch egress-vlan-tag
add tagged-ports=ether2 vlan-id=200
add tagged-ports=ether2 vlan-id=300
add tagged-ports=ether2 vlan-id=400

VLAN

/interface ethernet switch vlan
add ports=ether2,ether3,ether4,ether8 vlan-id=200
add ports=ether2,ether5,ether6,ether8 vlan-id=300
add ports=ether2,ether7,ether8 vlan-id=400

MAC

/interface ethernet switch unicast-fdb print
/interface ethernet monitor ether10,ether11

IP en /32

Source : http://forum.mikrotik.com/viewtopic.php?t=61168

/ip address add address=89.234.156.71/32 network=91.224.148.0 interface=XXXXXX (interface WAN)
/ip route add dst-address=0.0.0.0/0 gateway=91.224.148.0