Community discussions

MUM Europe 2020
 
Hazim
just joined
Topic Author
Posts: 2
Joined: Sat Dec 10, 2011 4:42 pm

MikroTik P-To-P configuration

Sat Dec 10, 2011 5:02 pm

Hi,

I have P-To-P wireless MikroTik Link (Router 711), I want to configure it as a following:
1- From my side as a Internet provider (Config static private IP).
2- From customer side (DHCP IPs) with out using another router.
3- Between two Routers as a bridge.

Kindly I need HELP...

Thanks
 
User avatar
ojsa
Member Candidate
Member Candidate
Posts: 181
Joined: Tue Jan 27, 2009 8:53 pm
Location: Norway

Re: MikroTik P-To-P configuration

Sat Dec 10, 2011 5:38 pm

Something like this?

router 1 - management in your lan
ether1 - your router
ether2 - customer router
ether3 - your lan side


router2 - management in your lan
ether1 - customer

setup router1 as AP-Bridge and vlan, assign a bridge to carrier for all tagged vlans, assign vlan to you and your customer, make bridges for untagged side of the vlans and connect this to your ethernet ports - configure wireless wds to the tagged bridge, and set management ip to the untagged bridge for you lan side.

setup router2 as station wds, use tagged bridge as your bridge in wds, vlan to untagged bridge and connect your customer to its untagged bridge and set your ip on the router to your untagged bridge for your lan.

thats about it.. do want to try this or should i provide some configurations examples?
Network professional - Certified MTCNA, MTCWE MTCTCE, MTCRE, MTCUME and MTCINE. - Wiki Profile
 
Hazim
just joined
Topic Author
Posts: 2
Joined: Sat Dec 10, 2011 4:42 pm

Re: MikroTik P-To-P configuration

Sat Dec 10, 2011 8:09 pm

Thank you very much dear (ojsa),

I'll be thankfully if you provide me some configuration examples...
 
User avatar
ojsa
Member Candidate
Member Candidate
Posts: 181
Joined: Tue Jan 27, 2009 8:53 pm
Location: Norway

Re: MikroTik P-To-P configuration

Sat Dec 10, 2011 10:00 pm

ok, here it goes, tried to comment all the way..

First name your router
/system identity set name=Router1
Add some bridges that vi are going to use.
/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes comment=\
    "All vlan tagges travels here, like a cisco trunk." disabled=no forward-delay=15s l2mtu=\
    65535 max-message-age=20s mtu=1500 name=bridge_tagged_side priority=0x8000 protocol-mode=\
    none transmit-hold-count=6
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes comment=\
    "Customer WAN side (ADSL customer internet router)" disabled=no forward-delay=15s l2mtu=\
    65535 max-message-age=20s mtu=1500 name=bridge_untagged_vlan_10 priority=0x8000 \
    protocol-mode=none transmit-hold-count=6
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes comment=\
    "Private WAN side (ADSL internet router)" disabled=no forward-delay=15s l2mtu=65535 \
    max-message-age=20s mtu=1500 name=bridge_untagged_vlan_20 priority=0x8000 protocol-mode=\
    none transmit-hold-count=6
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes comment=\
    "Private LAN Side" disabled=no forward-delay=15s l2mtu=65535 max-message-age=20s mtu=1500 \
    name=bridge_untagged_vlan_30 priority=0x8000 protocol-mode=none transmit-hold-count=6
Add a ip address to you lan side bridge.
/ip address
add address=192.168.99.10/24 disabled=no interface=bridge_untagged_vlan_30 network=\
    192.168.99.0
The we add some vlan before we connects the dots with adding ports to the bridges. All the vlans are set to use one bridge as tagged side, this bridge is the one we want to travel across the wireless link with the help of wds.
/interface vlan
add arp=enabled comment="private wan" disabled=no interface=bridge_tagged_side l2mtu=65531 \
    mtu=1500 name=vlan10 use-service-tag=no vlan-id=10
add arp=enabled comment="customer wan" disabled=no interface=bridge_tagged_side l2mtu=65531 \
    mtu=1500 name=vlan20 use-service-tag=no vlan-id=20
add arp=enabled comment="private lan" disabled=no interface=bridge_tagged_side l2mtu=65531 \
    mtu=1500 name=vlan30 use-service-tag=no vlan-id=30
And then the dots, I mean the ports ;-)
/interface bridge port
add bridge=bridge_untagged_vlan_10 comment=\
    "Private WAN port untagged bridge" disabled=no edge=auto external-fdb=\
    auto horizon=none interface=ether1 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge_untagged_vlan_20 comment=\
    "Customer WAN port untagged bridge" disabled=no edge=auto external-fdb=\
    auto horizon=none interface=ether2 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge_untagged_vlan_30 comment=\
    "Private LAN port untagged bridge" disabled=no edge=auto external-fdb=\
    auto horizon=none interface=ether3 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge_untagged_vlan_10 disabled=no edge=auto external-fdb=auto horizon=none \
    interface=vlan10 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge_untagged_vlan_20 disabled=no edge=auto external-fdb=auto horizon=none \
    interface=vlan20 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge_untagged_vlan_30 disabled=no edge=auto external-fdb=auto horizon=none \
    interface=vlan30 path-cost=10 point-to-point=auto priority=0x80
Since I under vlan and bridge said that vlan 10 is for private wan, vlan 20 for customer wan and vlan 30 for private lan, you could tells from the table above that private adsl router are connected to ether1, customer adsl router connected to ether2 and private lan is connected to ether3.

This example is done in metarouters I don't have the ability to use wireless. So here is a printout without to many details from one of my operational routers.
Flags: X - disabled, R - running
0 R name="wlan1" mtu=1500 mac-address=00:0C:42:xx:xx:0B arp=enabled
interface-type=Atheros AR5413 mode=ap-bridge ssid="s2b" frequency=5070
band=5ghz-a channel-width=40mhz-turbo scan-list=default wireless-protocol=nv2-nstreme
antenna-mode=ant-a wds-mode=dynamic wds-default-bridge=bridge_tagged_side wds-ignore-ssid=no
bridge-mode=enabled default-authentication=yes default-forwarding=yes
default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no
security-profile=s2b compression=no
Setup your wireless link accordingly and after I haved walked the dog I will upload router2 config. I hope the wireless part is good enough.
Network professional - Certified MTCNA, MTCWE MTCTCE, MTCRE, MTCUME and MTCINE. - Wiki Profile
 
User avatar
ojsa
Member Candidate
Member Candidate
Posts: 181
Joined: Tue Jan 27, 2009 8:53 pm
Location: Norway

Re: MikroTik P-To-P configuration

Sat Dec 10, 2011 10:53 pm

Start by naming the router.
/system identity set name=Router2
Add the bridges you need, this router don't need your private ADSL, only your lan side and customer ADSL.
/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes comment=\
    "All vlan tagges travels here, like a cisco trunk." disabled=no forward-delay=15s l2mtu=\
    65535 max-message-age=20s mtu=1500 name=bridge_tagged_side priority=0x8000 protocol-mode=\
    none transmit-hold-count=6
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes comment=\
    "Customer WAN side (ADSL customer internet router)" disabled=no forward-delay=15s l2mtu=\
    65535 max-message-age=20s mtu=1500 name=bridge_untagged_vlan_10 priority=0x8000 \
    protocol-mode=none transmit-hold-count=6
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes comment=\
    "Private LAN Side" disabled=no forward-delay=15s l2mtu=65535 max-message-age=20s mtu=1500 \
    name=bridge_untagged_vlan_30 priority=0x8000 protocol-mode=none transmit-hold-count=6
Add a ip address to your lan side bridge.
/ip address
add address=192.168.99.20/24 disabled=no interface=bridge_untagged_vlan_30 network=192.168.99.0
And setup the wireless like this, I pointed out the most important this in bold.
0 R ;;; link til sorsetra - r52
name="wlan2" mtu=1500 mac-address=00:0C:42:2B:6D:14 arp=enabled
interface-type=Atheros AR5413 mode=station-wds ssid="s2b" frequency=5070
band=5ghz-a channel-width=40mhz-turbo scan-list=5070 wireless-protocol=nv2-nstreme
antenna-mode=ant-a wds-mode=dynamic wds-default-bridge=bridge_tagged_side
wds-ignore-ssid=no bridge-mode=enabled default-authentication=yes
default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no
security-profile=s2b compression=no
Add the need vlan, and again you don't need the vlan10 on this router.
/interface vlan
add arp=enabled comment="customer wan" disabled=no interface=bridge_tagged_side l2mtu=65531 \
    mtu=1500 name=vlan20 use-service-tag=no vlan-id=20
add arp=enabled comment="private lan" disabled=no interface=bridge_tagged_side l2mtu=65531 \
    mtu=1500 name=vlan30 use-service-tag=no vlan-id=30
Then we connect the vlan and the ethernet with bridge ports. And we don't need to connect the internal lan bridge out to a interface since your only need a ip address on the bridge.
/interface bridge port
add bridge=bridge_untagged_vlan_20 comment=\
    "Customer WAN port untagged bridge" disabled=no edge=auto external-fdb=\
    auto horizon=none interface=ether1 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge_untagged_vlan_20 disabled=no edge=auto external-fdb=auto horizon=none \
    interface=vlan20 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge_untagged_vlan_30 disabled=no edge=auto external-fdb=auto horizon=none \
    interface=vlan30 path-cost=10 point-to-point=auto priority=0x80
And from this the only ports vi actually take out from all the bridges to a physical ethernet port is ether1 with the customer wan net.
Network professional - Certified MTCNA, MTCWE MTCTCE, MTCRE, MTCUME and MTCINE. - Wiki Profile

Who is online

Users browsing this forum: No registered users and 26 guests