Table Of ContentRouterOS by Example
Understanding MikroTik RouterOS
Through Real Life Applications
Stephen R.W. Discher
Editor: Bruce Pinnell
Cover Design: Enrique Gonzales
Illustrator: Phillip Crawford
Copyright © 2011 by Stephen R.W. Discher. All rights reserved.
This book or any portion thereof may not be reproduced or used in any manner whatsoever
without the express written permission of the author except for the use of brief quotations in a
book review.
Printed in the United States of America, first printing, 2011.
ISBN 978-0-615-54704-6
Stephen R.W. Discher
LearnMikroTik.com
10770 State Highway 30
Suite 200
College Station, Texas 77845
Table of Contents
Acknowledgement
INTRODUCTION
Who or What is MikroTik?
About The Author
What is RouterOS?
RouterBOARD – The MikroTik Hardware Platform
RouterBOARD Product Designations
About This Book
Chapter 1 -- First Time Access
WinBox
Navigating WinBox
Inside WinBox
Safe Mode
Example – Entering Safe Mode
Command Line Terminal Options
Telnet and SSH
Serial Terminal
Example-- Forgotten Password
Creating the Basic Configuration
Interfaces
Example – Add an IP Address
Chapter 2 – User Management
Example -- User and Group Assignments and Policy
Chapter 3 – Upgrading and Downgrading the Operating System, Package Management
Example – Upgrading the Operating System
Example – Downgrading the Operating System
Example – Upgrading using FTP
Example – Adding a Package
Example – Best Practice for Package Management
Chapter 4 – Router Identity
Example – Setting the System Identity
Chapter 5 – System Time and the NTP Protocol
NTP Client Setup
Example – Setting Up the NTP Client
System Clock
Example – Setting the System Clock Manually and Setting the Time Zone
Advanced NTP Server Setup
Example – Enabling NTP Server
Chapter 6 – Backups
Example – Creating a Binary Backup
Example – Restoring a Binary Backup
Text Based Backups
Example – Creating a Text Export (text backup)
Example – Importing a Text Backup
Chapter 7 – Licensing
Example – Determining Your License Level
Example – Install a License
Chapter 8 – Firewalls
Connections
Two Ways To Control Access
Forward Chain
Address Lists
Example – The Basic Firewall
Chapter 9 – NAT, Network Address Translation
Source NAT
Destination NAT
Special Types of NAT Rules
Source NAT With Multiple Public IP Addresses
Destination NAT with Action Redirect
Example – A Simple Masquerade Rule
Example – Destination NAT for a Web Server on the Private Network with Port
Translation
Example – Source NAT to Source Traffic From a Certain IP Address
Example – Destination NAT with the Action Redirect
Service Ports -- NAT Helpers
Connection Tracking (on and off)
Example – Disable Connection Tracking
Tools – Torch
Example – Determining the Source of Traffic on a Network
Chapter 10 -- Bandwidth Limits
Simple Queues
Bursting
Example – Creating a Simple Queue for Computers in an Office Network
Example – Creating a Queue for a Destination Host
Example – Create a Queue for Local Computers with Burst
Packet Mangling
Example – Packet Mangling Using Optimal Mangle
Traffic Prioritization
For Further Study: QOS
Example – Queue Priority for VoIP Traffic
PCQ – Per Connection Queuing
Example – Using PCQ with a Simple Queue, One Limit to All
Chapter 11 – Tools
Bandwidth Test Utility
Example -- Bandwidth Test Utility
Monitoring Tools
Example – Using Torch to Troubleshoot “Slow” Networks
Traffic Graphing
Example – Configure a Graph for all Users in a Subnet
SNMP – Simple Network Management Protocol
Chapter 12 – Local Area Networks
ARP
Example – Create a LAN that Requires Static ARP
DNS
Example – Configure DNS Client and Caching DNS Server
DHCP – Dynamic Host Configuration Protocol
DHCP Client
Example – Add a DHCP Client
DHCP Server
Example – Create a DHCP Server
Example – DHCP Static Leases
Example – DHCP Server Without an IP Pool
HotSpot – Instant Public Internet
Example – Set up HotSpot
Example – Create IP Bindings
Example – Create additional Users
Example – User Profiles
Example – Server Profiles
Example – Walled Garden
Example – Creating a Custom Login Page
Web Proxy
Example – Configuring a Transparent Web Proxy
Example – HTTP Firewall, Allowing or Blocking Certain Sites
Example – Redirect Users to Certain Sites
Example – Logging Web Traffic
Example – Logging to a Remote Syslog Server
Chapter 13 – Storage
System Stores
Example – Explore Stores
Example – Create a Store
Chapter 14 – More RouterOS Tools
Email Tool
Example – Configure the Email Tool
Example – Use a Script With the Email Tool and Scheduler to Create and Send a
Backup
Netwatch
Example – Reboot the Router Using Netwatch
Ping
Traceroute
Profile
Chapter 15 – Wireless
Wireless Theory
802.11b
802.11g
802.11n
Channelization – 2.4 GHz 802.11b/g/n
Small Channels
Bridged Versus Routed Access Points and Stations
Routed
Bridged
Configure an Access Point (PtMP) With DHCP Server
Example -- Initial Wireless Interface Configuration
Wireless Security
Controlling Access with MAC Lists
Example – Create an Access List on an AP
Example – Create a Connect List on a Station
Example -- Encryption Using WEP
Example – Encryption Using WPA(2)
Example -- IP Addressing, DNS, Masquerade
Example – Configure a Wireless Interface to be a Routed Station (client)
Example – Create a Virtual AP
Bridging – Point to Point or Point to Multi--Point
Example – Transparently Bridging a Link
Point to Point Links
Example – Pseudobridge Modes
Wireless Mode Station--Pseudobridge
Wireless Mode Station--Pseudobridge--Clone
Example – Bridge a Station Using Pseudobridge
Supporting Mixed Clients, Routed Stations and Bridged Stations
WDS, Wireless Distribution System
Example – Build a WDS System
NV2-- Nstreme Version Two
Example – Converting an 802.11n PtMP System to NV2
Example – Hiding the SSID
Chapter 16 – Routing
Simple Static Routes
Most Specific Route
Default Routes
Example -- Tying it All Together With Static Routes
Route Distance
Dynamic Routes
Routing Flags
OSPF – A Dynamic Routing Protocol
Link State Protocol
Areas
Configuring OSPF
Example – Add a Static Route
Example – Add a Default Route
Example – Set up OSPF, the Basics
Chapter 17 – VPN Tunnels
General
Point to Point Addressing
PPPoE – Point to Point Protocol over Ethernet, Applying PTP Addressing
Example -- IP Pools
Example -- PPP Profiles
Example – Create a PPPoE Server
Example – Create a User (Secret)
Example – Create a Client Profile
Example – Create a PPPoE Client
PPTP and L2TP Tunnels
Example – Create a PPTP or L2TP Server
Adding Routes for Tunnels
Tunnels With IP Addresses on Same Subnet as LAN Hosts
Configuring L2TP Server
PPP Status Tab
Bridging Tunnels
Example – Create a Bridged EoIP Tunnel
Example – Create a Transparent VPLS Tunnel
Near End of Tunnel (AP)
Far End of Tunnel (station)
Chapter 18 -- Conclusion
References
Appendix 1
Table of Figures
Index
