Projet

Général

Profil

Mikrotik » Historique » Version 139

Version 138 (Laurent GUERBY, 17/05/2015 09:08) → Version 139/142 (Laurent GUERBY, 24/03/2016 17:53)

{{>toc}}

h1. Mikrotik

RouterOS

http://wiki.mikrotik.com/wiki/MikroTik_RouterOS
http://wiki.mikrotik.com/wiki/Manual:TOC
http://wiki.mikrotik.com/wiki/Manual:Webfig

http://www.mikrotik.com/download.html
http://wiki.mikrotik.com/wiki/Upgrading_RouterOS

http://wiki.mikrotik.com/wiki/Supported_Hardware
http://wiki.mikrotik.com/wiki/Manual:Password_reset
http://wiki.mikrotik.com/wiki/Manual:PoE-Out

h2. Boitiers

* Nice box : http://forum.mikrotik.com/viewtopic.php?p=297825#p297825
* http://www.mikrotik.com/mfm
* http://www.aerial.net/shop/product_info.php?products_id=1085
* http://www.stationbox.info/

* Boîtiers Rexel très chers
* http://www.technic-achat.com/coffret-electrique-ip66-imo,fr,4,144T_XX.cfm (144T0010)
* http://www.interprojekt.com.pl/gold-alubox-outdoor-waterproof-case-p-472.html
* http://www.materielelectrique.com/coffret-polyester-marina-ip66-ik10-7035-300x220x160-p-6579.html

h2. Montage

* http://shop.varia-store.com/product_info.php?info=p1390_RF-Elements-EasyBracket---EasyBracket-Universal.html

h2. PoE

* http://www.i4wifi.eu/en/EU-230V-powering/PoE-convertor-48-V-24-V-802-3af-at.html

h2. Password

From: Le Net du Kermeur
Utilitaire mtpass, ça se trouve là : http://manio.skyboo.net/mikrotik/
Ca se compile sous g++, donc sur n'importe quel Linux ou *BSD.
Testé sous OpenBSD, il fait le boulot.

h2. RB433L and RB433UAHL

h3. NPK

http://routing.explode.gr/node/96
https://forum.openwrt.org/viewtopic.php?id=32320&p=3
https://forum.openwrt.org/viewtopic.php?pid=165526#p165526
https://github.com/lqez/npk
Easy install of OpenWrt on MikroTik's devices https://forum.openwrt.org/viewtopic.php?id=39171
http://wp.ayufan.eu/2013/02/the-rb951g-and-openwrt/

h3. Misc

TODO
http://i.mt.lv/routerboard/files/rb433L-series-qg_1377089307.pdf

http://forum.mikrotik.com/viewtopic.php?t=65977&p=336057
RF antenna and close miniPCI ?

h3. Power Consuption

<pre>
eth1 = PoE 192.168.88.101/24
eth2 = milieu 192.168.102.1/24
eth3 = oppose PoE 192.168.103.1/24
wlan1 = minipci du bas 172.31.31.43/24

http://dslrouter.sourceforge.net/stuff/mikrotik/mikrotik/AirMax5_and_Mikrotik_Router_Board_Connection_Guide_revised.pdf

netboot
rb750up http://forum.mikrotik.com/viewtopic.php?f=3&t=57943&start=50

USB RB750UP http://patchwork.openwrt.org/patch/3252/

http://wiki.openwrt.org/toh/mikrotik/rb750
http://blog.poettner.de/2011/05/27/openwrt-trunk-on-mikrotik-routerboard-411750/

http://wiki.mikrotik.com/wiki/Manual:Netinstall
http://routerboard.com/pricelist/download_file.php?file_id=118

http://www.gowifi.co.nz/userguides/perform-a-netinstall.pdf

http://forum.mikrotik.com/viewtopic.php?f=2&t=66093
reset longer than 20 seconds

https://forum.openwrt.org/viewtopic.php?id=41490

RB433L
idle 108 mA 12V
+1 eth 130mA 173 mA max au boot

RB433L + ethernet branché RouterOS 5.11
conso identique RouterOS 5.26
RouterOS 6.6 ?
Volt mA mW
(* 5.0 259)1295.0
(* 6.0 227)1362.0
(* 7.0 200)1400.0
(* 8.0 180)1440.0
(* 8.5 175)1487.5
(* 9.0 165)1485.0
(* 9.5 160)1520.0
(* 10.0 152)1520.0
(* 11.0 142)1562.0
(* 11.5 138)1587.0
(* 12.0 132)1584.0 152 pendant file upload firmware (* 12.0 152)1824.0
(* 12.5 129)1612.5
(* 13.0 125)1625.0
(* 14.0 119)1666.0
(* 15.0 112)1680.0
(* 18.0 99)1782.0
(* 21.0 90)1890.0
(* 24.0 83)1992.0
(* 26.0 79)2054.0
(* 27.0 77)2079.0

RB433L sans ethernet
V mA mW
4.0 off
(* 5.0 206)1030.0
(* 6.0 181)1086.0
(* 7.0 162)1134.0
(* 8.0 146)1168.0
(* 9.0 133)1197.0
(* 10.0 124)1240.0
(* 11.0 116)1276.0
(* 12.0 110)1320.0
(* 13.0 104)1352.0
(* 14.0 99)1386.0
(* 15.0 94)1410.0

diff ethernet pas ethernet constant en watt sur la plage de 265 mW a 260 mW

eth+ R52n-M 5180 AP-bridge 17dBm = 50 mW
(* 12.0 165)1980.0
vs (* 12.0 132)1584.0

0 dBm = 1 mW ou 7 dBm
conso inchangee
(* 12.0 163)1956.0
163-166

tout en bridge cote RB433L 7 dBm = 5 mW avec iperf 100M UDP
175-180
(* 12.0 (- 180 163))204.0 mW

serial http://forum.mikrotik.com/viewtopic.php?f=3&t=76194
http://wiki.openwrt.org/toh/mikrotik/rb433

http://wiki.mikrotik.com/wiki/Manual:Password_reset
http://wiki.mikrotik.com/wiki/MikroTik_Password_Recovery

http://wireless.kernel.org/en/users/Drivers/ath9k/devices
WLM200NX dual band
http://wireless.kernel.org/en/users/Drivers/ath5k

R52n-M
R52Hn

http://download2.mikrotik.com/routeros/5.26/routeros-mipsbe-5.26.npk
http://download2.mikrotik.com/routeros/6.6/routeros-mipsbe-6.6.npk

http://wiki.mikrotik.com/wiki/Netinstall

</pre>

!conso-rb433l.png!

h2. RB433 and RB433UAH and RB435G

h3. Links

http://routerboard.com/RB433
http://routerboard.com/RB433UAH
http://routerboard.com/RB435G

http://wiki.openwrt.org/toh/mikrotik/rb435
http://wiki.openwrt.org/toh/mikrotik/rb433

h3. Power Consumption

<pre>
RB433 MikroTik RouterOS 5.24

V mA avec 1 eth
24.0 123 (* 24 0.123)2.952 (112 sans eth diff 0.264W)
16.0 149 (* 16 0.149)2.384
13.9 162 (* 13.9 0.162)2.2518 (142 sans eth diff 0.278W)
12.0 178 (* 12.0 0.178)2.136
10.0 207 (* 10.0 0.207)2.07
8.0 250 (* 8.0 0.250)2.0

en dessous de 8 V : coupure

RB433UAH MikroTik RouterOS 5.24
avec 1 eth
24.0 189 (* 24 0.189)4.536
12.0 249 (* 12 0.249)2.988
8.0 366 (* 8 0.327)2.616 292 sans eth

RB435G MikroTik RouterOS 5.24

avec 1 eth

24.0 117 (* 24.0 0.117)2.808 112 sans eth (* 0.005 24)0.12
12.0 187 (* 12.0 0.187)2.244
10.0 216 (* 10.0 0.216)2.16
8.0 261 (* 8.0 0.261)2.088 255 sans eth (* 0.006 8.0)0.048
7.0 303 (* 7.0 0.303)2.121

8.0
[admin@MikroTik] > system health print
fan-mode: auto
use-fan: main
active-fan: none
current: 172mA
temperature: 20C

12.0
[admin@MikroTik] > system health print
fan-mode: auto
use-fan: main
active-fan: none
voltage: 11.3V
current: 108mA => 192
temperature: 20C
power-consumption: 1.2W

24.0
[admin@MikroTik] > system health print
fan-mode: auto
use-fan: main
active-fan: none
voltage: 24V
current: 50mA => 119
temperature: 20C
power-consumption: 1.2W

</pre>

h2. RB750UP

http://routerboard.com/RB750UP

http://blog.lekermeur.net/wp-content/uploads/2012/03/Printemps2012_RB750.pdf

Attention : problèmes lors que le RB750UP est alimenté en PoE : http://forum.mikrotik.com/viewtopic.php?f=3&t=57943
> we are working on new FW that would add useful features that are currently missing. One of them is reworked power management.

Voltage : http://forum.mikrotik.com/viewtopic.php?f=3&t=58124
> limit on power out port is 500mA regardless of output voltage. so at 12V you will be able to power only MAX 6W device. while at 30V 15W.
> If you power RB570UP with PoE 24V adapter over 100m cable, then resulting output voltage at full load (all 4 ports giving out 500mA totaling to 2A) then voltage to powered ports at RB750UP end will be around 21V then losses on cable and protections you end up with around 19V at the end device. and cables stretching for 200m from PSU brick.
> PoE in port has no input limitation only output is limited to 500mA and with 4 prots it is 2A

Upgrade to 5.20

<pre>
/ip arp print
# print MAC IP

/interface bridge host print
# print MAC

/interface ethernet switch host print
# print MAC-port table

/interface ethernet set ether5 poe-out=forced-on
# force PoE

/interface ethernet poe set ether2-master-local poe-priority=5
# lower number = highest priority

/interface ethernet poe pr
# print prio settings

/interface ethernet poe monitor [find]
# monitor watt and voltage

system identity set name=totoRB750UP
# hostname

system resource print
uptime: 3h54m51s
version: 5.26
free-memory: 19124KiB
total-memory: 29696KiB
cpu: MIPS 24Kc V7.4
cpu-count: 1
cpu-frequency: 400MHz
cpu-load: 0%
free-hdd-space: 90528KiB
total-hdd-space: 126976KiB
write-sect-since-reboot: 157
write-sect-total: 31910
bad-blocks: 0%
architecture-name: mipsbe
board-name: RB750UP
platform: MikroTik

</pre>

<pre>

[admin@MikroTik] /interface ethernet poe settings> upgrade
Do you really want to upgrade PoE firmware? [y/n]
y
Please reboot to finish PoE firmware upgrade.

[admin@MikroTik] /interface ethernet poe settings> pr
version: 2.0
ether1-poe-in-long-cable: no

[admin@MikroTik] /interface ethernet poe> monitor [find]
name: ether2-master-local ether3-slave-local ether4-slave-local ether5-slave-local
poe-out-voltage: 23.5V
poe-out-current: 160mA
poe-out-power: 3.7W
</pre>

* http://wiki.mikrotik.com/wiki/Manual:Upgrading_RouterOS
* To update firmware (latest RouterOS 5.12):
* Files / upload choose file : routeros-mipsbe-5.12.npk (12MB)
* Attendre la fin de upload
* System / Packages / IPv6 schedule for update
* System / Reboot
* about 90 seconds. Note: PoE will be cut during the reboot

chiwa admin VLAN 3175
192.168.3.20

telnet login admin pass (vide)
web

<pre>
[admin@rb750up-chiwawa] > interface ethernet print
Flags: X - disabled, R - running, S - slave
# NAME MTU MAC-ADDRESS ARP MASTER-PORT SWITCH
0 ether1-gateway 1500 00:0C:42:E9:BA:8A enabled
1 R ;;; To chiwa's router *** NO POE ***
ether2-master-local 1500 00:0C:42:E9:BA:8B enabled none switch1
2 RS ;;; to Vince' NS5M - To Myrys
ether3-slave-local 1500 00:0C:42:E9:BA:8C enabled ether2-master-local switch1
3 RS ;;; to NS5M east - To CDRX
ether4-slave-local 1500 00:0C:42:E9:BA:8D enabled ether2-master-local switch1
4 RS ;;; to beaconing NS5M (port balcon.3)
ether5-slave-local 1500 00:0C:42:E9:BA:8E enabled ether2-master-local switch1
</pre>

RouterOS v2
http://wiki.mikrotik.com/wiki/Manual:PoE-Out#RouterOS_2
http://wiki.mikrotik.com/wiki/Manual:PoE-Out#Changes_between_1.x_and_2.0_PoE-Out_controller_firmware
<pre>
[admin@MikroTik] > interface ethernet poe monitor [find]
name: ether2 ether3 ether4 ether5
poe-out-voltage: 23.2V 23.2V 23.2V
poe-out-current: 224mA 116mA 64mA
poe-out-power: 5.1W 2.6W 1.4W
</pre>

http://wiki.mikrotik.com/wiki/PoE-Out

/interface ethernet set ether2 poe-out=on
/interface ethernet set ether2 poe-out=off
/interface ethernet set ether2 poe-out=auto

Note:
<obinou> Le poe-out, il faut le mettre à "on" , et pas à "auto".
<obinou> sans ça, j'ai l'impression que le RB fait un power-cycle si il détecte une perte de link
<obinou> or, quand la NSM5 démarre, entre le bootloader & le firmware ca perd le link
<obinou> conclusion: reboot en boucle.

Note:
Après essais il est préférable d'éviter le 12V: Si au départ ça semble marcher, les pics de courants
dépassent parfois la limite autorisé par port de 500mA, et le port se coupe immédiatement.
Le 24V n'a pas montré ce souci.

Note 2:
Dans les derniers firmwares Microtik, l'option "poe-out" prend comme option "auto", "forced-on", ou "forced-off".

http://forum.mikrotik.com/viewtopic.php?f=3&t=49976&sid=40ea9661791968a896ab35214dc18f15&start=50
http://forum.mikrotik.com/viewtopic.php?f=3&t=57608

<pre>
[admin@MikroTik-Ouin] > /interface ethernet print detail
Flags: X - disabled, R - running, S - slave
0 R name="ether1-gateway" mtu=1500 l2mtu=1600 mac-address=00:0C:42:D3:94:D5 arp=enabled auto-negotiation=yes full-duplex=yes speed=100Mbps
1 name="ether2-master-local" mtu=1500 l2mtu=1598 mac-address=00:0C:42:D3:94:D6 arp=enabled auto-negotiation=yes full-duplex=yes speed=100Mbps master-port=none bandwidth=unlimited/unlimited switch=switch1 poe-out=auto
2 name="ether3-slave-local" mtu=1500 l2mtu=1598 mac-address=00:0C:42:D3:94:D7 arp=enabled auto-negotiation=yes full-duplex=yes speed=100Mbps master-port=none bandwidth=unlimited/unlimited switch=switch1 poe-out=auto
3 R name="ether4-slave-local" mtu=1500 l2mtu=1598 mac-address=00:0C:42:D3:94:D8 arp=enabled auto-negotiation=yes full-duplex=yes speed=100Mbps master-port=none bandwidth=unlimited/unlimited switch=switch1 poe-out=on
4 R name="ether5-slave-local" mtu=1500 l2mtu=1598 mac-address=00:0C:42:D3:94:D9 arp=enabled auto-negotiation=yes full-duplex=yes speed=100Mbps master-port=none bandwidth=unlimited/unlimited switch=switch1 poe-out=on
</pre>

<pre>
[admin@MikroTik-Ouin] > sys resource pr
uptime: 6m6s
version: 5.12
free-memory: 17880KiB
total-memory: 29708KiB
cpu: MIPS 24Kc V7.4
cpu-count: 1
cpu-frequency: 400MHz
cpu-load: 0%
free-hdd-space: 30844KiB
total-hdd-space: 61440KiB
write-sect-since-reboot: 214
write-sect-total: 96113
bad-blocks: 0%
architecture-name: mipsbe
board-name: RB750UP
platform: MikroTik
</pre>

h3. NTP

<pre>
/system ntp client set primary-ntp=172.31.31.254 enabled=yes
</pre>

h3. rsyslog

http://randomtweaks.blogspot.fr/2013/03/mikrotik-remote-logging-using-ubuntu.html

<pre>
/system log action set 3 remote=172.31.31.252
/system log add action=remote disabled=no
</pre>

h3. Bridging sur le 750UP

Le RB750UP est conçu dans l'idée d'en faire un CPE multi-antennes. Par défaut, le port 1 (POE-in ou LAN) n'est pas bridgé sur le switch des 4 ports POE-out, on s'en sert plutôt en mode routé.

Pour l'utiliser comme un simple switch et non comme un routeur il suffit de créer un bridge entre les interfaces :

<pre>
interface bridge add name=bridge1
interface bridge port add bridge=bridge1 interface=ether1-gateway
interface bridge port add bridge=bridge1 interface=ether2-master-local
</pre>

<pre>
ip address print
ip address add address=172.31.31.24/24 interface=bridge1

ip address print
ip address remove 0
</pre>

h3. DHCP sur le 750UP

Note: Attention, un serveur DHCP est actif par défaut sur les ports 2 à 5. Il faut le désactiver
pour passer en mode switch.

<pre>
ip dhcp-server print
ip dhcp-server remove 0

ip dhcp-client print
ip dhcp-client remove 0
</pre>

h3. Routing sur le 750UP

<pre>
ip route add dst-address=0.0.0.0/0 gateway=172.16.0.254
</pre>

h3. RB750UP en mode BOX pour les nanostation

Connection to the routerboard

<pre>
ssh admin@192.168.88.1
</pre>

Reset the RouterBoard :
<pre>
$ setup
$ r
$ y
</pre>

Le routerboard reboot et on se reconnect

Configuration du WAN

<pre>
$ ip address add address=91.224.149.194/24 interface=ether1-gateway
$ ip route add gateway=91.224.149.254
$ ip address print
$ ip route print
</pre>

h2. RB250GS

VLAN http://wiki.mikrotik.com/wiki/SwOS/Router-On-A-Stick
Doc http://wiki.mikrotik.com/wiki/SwOS
vlan limitation mikrotik rb250gs http://forum.mikrotik.com/viewtopic.php?f=17&t=45721
Routeur, switch, VLAN et multi-modems (via rb250gs) http://doc.rhizome-fai.net/doku.php?id=technique:routeur:vlan

h2. CRS226

VLAN

http://wiki.mikrotik.com/wiki/Manual:CRS_features
http://wiki.mikrotik.com/wiki/Manual:CRS_examples
http://wiki.mikrotik.com/wiki/Switch_Chip_Features#Example_-_802.1Q_Trunking_with_Atheros_switch_chip_in_RouterOS_v6
http://blog.scottlowe.org/2015/07/02/vlan-trunking-mikrotik-routeros/


h3. Renommer les interfaces, changer les ports maîtres/esclaves

Par défaut, les interfaces ont des noms comme "ether1-master-local", "ether4-slave-local", "ether8-slave-local" parce que le port 1 est un "master" et les autre des "slaves" (plus d'info : http://wiki.mikrotik.com/wiki/Switch_Chip_Features#Port_Switching ). Comme ça risque de changer, on renomme tout ça :

<pre>/interface set ether1-master-local name=ether1;
/interface ethernet set ether2-slave-local master-port=none;
/interface set ether2-slave-local name=ether2;
/interface ethernet set ether3-slave-local master-port=none;
/interface set ether3-slave-local name=ether3;
/interface ethernet set ether4-slave-local master-port=none;
/interface set ether4-slave-local name=ether4;
/interface ethernet set ether5-slave-local master-port=none;
/interface set ether5-slave-local name=ether5;
[...]
</pre>

Se placer dans le menu des interfaces ethernet et définir un master port (ici ether2) pour les interfaces :
<pre>/interface ethernet
set ether3 master-port=ether2
set ether4 master-port=ether2
set ether5 master-port=ether2
set ether6 master-port=ether2
set ether7 master-port=ether2
set ether8 master-port=ether2
</pre>

Pour voir le résultat, on peut utiliser la commande "print".

h3. VLAN par ports

Créer des VLAN :
* VLAN 200 : ether3, 4, et 8
* VLAN 300 : ether5, 6, et 8
* VLAN 400 : ether7, et 8

Access port
Si du traffic arrive "untagged" (customer-vid=0), on lui assigne un VLAN ID en fonction du port sur lequel il arrive :
<pre>/interface ethernet switch ingress-vlan-translation
add ports=ether3,ether4,ether8 customer-vid=0 new-customer-vid=200
add ports=ether5,ether6,ether8 customer-vid=0 new-customer-vid=300
add ports=ether7,ether8 customer-vid=0 new-customer-vid=400
</pre>

Trunk port
port ether2 ici :
<pre>/interface ethernet switch egress-vlan-tag
add tagged-ports=ether2 vlan-id=200
add tagged-ports=ether2 vlan-id=300
add tagged-ports=ether2 vlan-id=400
</pre>

VLAN
<pre>/interface ethernet switch vlan
add ports=ether2,ether3,ether4,ether8 vlan-id=200
add ports=ether2,ether5,ether6,ether8 vlan-id=300
add ports=ether2,ether7,ether8 vlan-id=400
</pre>

h3. MAC

<pre>
/interface ethernet switch unicast-fdb print
</pre>