Difference between revisions of "SWITCH-mikrotik"

From Fixme.ch
Jump to: navigation, search
(VLANs)
(Config)
 
(23 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
= SW-FIXME-MIKROTIK =
 
= SW-FIXME-MIKROTIK =
== VLANs ==
+
== Decoupage Public - NAT ==
 
+
On utilise pas de Vlan, mais on a deux bridges virtuelle qui font chacun des réseaux.
 +
<s>
 
* 130: FIXME-NAT
 
* 130: FIXME-NAT
 
* 135: FIXME-PUBLIC
 
* 135: FIXME-PUBLIC
 +
</s>
  
== Ports / VLAN ==
+
== Ports / Reseau ==
  
 
<table cellpadding=10 cellspacing=0 border=1>
 
<table cellpadding=10 cellspacing=0 border=1>
 
<tr>
 
<tr>
 
   <td>Port</td>
 
   <td>Port</td>
   <td>VLAN</td>
+
   <td>Réseau</td>
 
   <td>Equipement</td>
 
   <td>Equipement</td>
 
</tr>
 
</tr>
Line 16: Line 18:
 
   <td>1</td>
 
   <td>1</td>
 
   <td>FIXME-NAT</td>
 
   <td>FIXME-NAT</td>
   <td></td>
+
   <td>[[Bellatrix]] PMI</td>
 
</tr>
 
</tr>
 
<tr bgcolor=FloralWhite>
 
<tr bgcolor=FloralWhite>
 
   <td>2</td>
 
   <td>2</td>
 
   <td>FIXME-PUBLIC</td>
 
   <td>FIXME-PUBLIC</td>
   <td></td>
+
   <td>[[Bellatrix]]</td>
 
</tr>
 
</tr>
 
<tr bgcolor=Cornsilk>
 
<tr bgcolor=Cornsilk>
 
   <td>3</td>
 
   <td>3</td>
 
   <td>FIXME-NAT</td>
 
   <td>FIXME-NAT</td>
   <td></td>
+
   <td>Fablab link</td>
 
</tr>
 
</tr>
 
<tr bgcolor=FloralWhite>
 
<tr bgcolor=FloralWhite>
 
   <td>4</td>
 
   <td>4</td>
 
   <td>FIXME-PUBLIC</td>
 
   <td>FIXME-PUBLIC</td>
   <td></td>
+
   <td>Raspi [[Orbital]]</td>
 
</tr>
 
</tr>
 
<tr bgcolor=Cornsilk>
 
<tr bgcolor=Cornsilk>
 
   <td>5</td>
 
   <td>5</td>
 
   <td>FIXME-NAT</td>
 
   <td>FIXME-NAT</td>
   <td></td>
+
   <td>Multifonction</td>
 
</tr>
 
</tr>
 
<tr bgcolor=FloralWhite>
 
<tr bgcolor=FloralWhite>
 
   <td>6</td>
 
   <td>6</td>
 
   <td>FIXME-PUBLIC</td>
 
   <td>FIXME-PUBLIC</td>
   <td></td>
+
   <td>RIPE NCC</td>
 
</tr>
 
</tr>
 
<tr bgcolor=Cornsilk>
 
<tr bgcolor=Cornsilk>
 
   <td>7</td>
 
   <td>7</td>
 
   <td>FIXME-NAT</td>
 
   <td>FIXME-NAT</td>
   <td></td>
+
   <td>ATA</td>
 
</tr>
 
</tr>
 
<tr bgcolor=FloralWhite>
 
<tr bgcolor=FloralWhite>
Line 86: Line 88:
 
   <td>15</td>
 
   <td>15</td>
 
   <td>FIXME-NAT</td>
 
   <td>FIXME-NAT</td>
   <td></td>
+
   <td>?nano?</td>
 
</tr>
 
</tr>
 
<tr bgcolor=FloralWhite>
 
<tr bgcolor=FloralWhite>
Line 93: Line 95:
 
   <td></td>
 
   <td></td>
 
</tr>
 
</tr>
<tr bgcolor=Cornsilk>
+
<tr bgcolor=SlateGrey>
 
   <td>17</td>
 
   <td>17</td>
   <td>FIXME-NAT</td>
+
   <td>reserved for FIXME-NAT</td>
   <td></td>
+
   <td>disable</td>
 
</tr>
 
</tr>
<tr bgcolor=FloralWhite>
+
<tr bgcolor=LightSlateGrey>
 
   <td>18</td>
 
   <td>18</td>
   <td>FIXME-PUBLIC</td>
+
   <td>reserved for FIXME-PUBLIC</td>
   <td></td>
+
   <td>disable</td>
 
</tr>
 
</tr>
 
<tr bgcolor=SlateGrey>
 
<tr bgcolor=SlateGrey>
 
   <td>19</td>
 
   <td>19</td>
   <td>FIXME-NAT</td>
+
   <td>reserved for FIXME-NAT</td>
   <td>DON'T USE!</td>
+
   <td>disable</td>
 
</tr>
 
</tr>
 
<tr bgcolor=LightSlateGrey>
 
<tr bgcolor=LightSlateGrey>
 
   <td>20</td>
 
   <td>20</td>
   <td>FIXME-PUBLIC</td>
+
   <td>reserved for FIXME-PUBLIC</td>
   <td>DON'T USE!</td>
+
   <td>disable</td>
 
</tr>
 
</tr>
 
<tr bgcolor=SlateGrey>
 
<tr bgcolor=SlateGrey>
 
   <td>21</td>
 
   <td>21</td>
   <td>FIXME-NAT</td>
+
   <td>reserved for FIXME-NAT</td>
   <td>DON'T USE!</td>
+
   <td>disable</td>
 
</tr>
 
</tr>
 
<tr bgcolor=LightSlateGrey>
 
<tr bgcolor=LightSlateGrey>
 
   <td>22</td>
 
   <td>22</td>
   <td>FIXME-PUBLIC</td>
+
   <td>reserved for FIXME-PUBLIC</td>
   <td>DON'T USE!</td>
+
   <td>disable</td>
 
</tr>
 
</tr>
 
<tr bgcolor=IndianRed>
 
<tr bgcolor=IndianRed>
 
   <td>23</td>
 
   <td>23</td>
   <td>TRUNK-NAT</td>
+
   <td>"TRUNK-NAT"</td>
   <td>DON'T USE!</td>
+
   <td>[[ROUTER-Edge]]</td>
 
</tr>
 
</tr>
 
<tr bgcolor=LightCoral>
 
<tr bgcolor=LightCoral>
 
   <td>24</td>
 
   <td>24</td>
   <td>TRUNK-PUBLIC</td>
+
   <td>"TRUNK-PUBLIC"</td>
   <td>DON'T USE!</td>
+
   <td>[[ROUTER-Edge]]</td>
 
</tr>
 
</tr>
 
</table>
 
</table>
  
 
== Config ==
 
== Config ==
work in progress...
 
  
 +
<pre>
 +
/user set 0 password="***********"
 +
 +
/system identity set name=SW-FIXME-MIKROTIK
 +
 +
/interface bridge
 +
 +
add name=bridge4Nat
 +
add name=bridge4Public
 +
 +
/interface bridge port
 +
 +
add bridge=bridge4Nat interface=ether1
 +
add bridge=bridge4Nat interface=ether3
 +
add bridge=bridge4Nat interface=ether5
 +
add bridge=bridge4Nat interface=ether7
 +
add bridge=bridge4Nat interface=ether9
 +
add bridge=bridge4Nat interface=ether11
 +
add bridge=bridge4Nat interface=ether13
 +
add bridge=bridge4Nat interface=ether15
 +
add bridge=bridge4Nat interface=ether23
 +
 +
 +
add bridge=bridge4Public interface=ether2
 +
add bridge=bridge4Public interface=ether4
 +
add bridge=bridge4Public interface=ether6
 +
add bridge=bridge4Public interface=ether8
 +
add bridge=bridge4Public interface=ether10
 +
add bridge=bridge4Public interface=ether12
 +
add bridge=bridge4Public interface=ether14
 +
add bridge=bridge4Public interface=ether16
 +
add bridge=bridge4Public interface=ether24
  
/interface vlan
+
/ip address add address=192.168.130.11/24 interface=ether23
add name=FIXME-NAT vlan-id=130 interface=ether23
+
add name=FIXME-PUBLIC vlan-id=135 interface=ether24
+
  
 +
/interface ethernet
  
/interface ethernet
+
disable ether17
set ether3 vlan-mode=use-tag vlan-id=130
+
disable ether18
 +
disable ether19
 +
disable ether20
 +
disable ether21
 +
disable ether22
  
/interface ethernet print detail
+
</pre>
  
 +
Pour controler:
 +
<pre>
 +
/interface bridge print
 +
/interface bridge print detail
 +
</pre>
  
https://wiki.mikrotik.com/wiki/Manual:Basic_VLAN_switching
+
Et eventuellement:
 +
<pre>
 +
/user set 0 name = swadmin (si on veut changer le nom de l'admin)
 +
</pre>
  
https://help.mikrotik.com/docs/display/ROS/Bridging+and+Switching#BridgingandSwitching-BridgeVLANFiltering
+
Reference:
  
 
https://www.youtube.com/watch?v=4BOYqtV4MCY&list=PLJ7SGFemsLl1QUNkgAbGj9ldlWRrr8zMj&ab_channel=TheNetworkBerg
 
https://www.youtube.com/watch?v=4BOYqtV4MCY&list=PLJ7SGFemsLl1QUNkgAbGj9ldlWRrr8zMj&ab_channel=TheNetworkBerg
  
  
old:
+
https://wiki.mikrotik.com/wiki/Manual:Webfig
hostname SW-FIXME-02<br>
+
snmp-server location CH LSN FIXME SERV 1<br>
+
snmp-server contact FIXME<br>
+
snmp-server community FIXME ro<br>
+
<br>
+
username admin access-level 15<br>
+
username admin password 7 XXXXXXXXXXXXXXXXXXXXXXXXXX<br>
+
username guest access-level 0<br>
+
username guest password 7 XXXXXXXXXXXXXXXXXXXXXXXXXX<br>
+
enable password level 15 7 XXXXXXXXXXXXXXXXXXXXXXXXXX<br>
+
<br>
+
<br>
+
vlan database<br>
+
vlan 1 name DefaultVlan media ethernet state active<br>
+
vlan 130 name FIXME-NAT media ethernet state active<br>
+
vlan 135 name FIXME-PUBLIC media ethernet state active<br>
+
<br>
+
<br>
+
interface ethernet 1/1<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/2<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/3<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/4<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/5<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/6<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/7<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/8<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/9<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/10<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/11<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/12<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/13<br>
+
switchport allowed vlan add 130 untagged<br>
+
switchport native vlan 130<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/14<br>
+
switchport allowed vlan add 130 untagged<br>
+
switchport native vlan 130<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/15<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/16<br>
+
switchport allowed vlan add 135 untagged<br>
+
switchport native vlan 135<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/17<br>
+
switchport allowed vlan add 130,135 untagged<br>
+
switchport native vlan 130<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/18<br>
+
switchport allowed vlan add 130,135 untagged<br>
+
switchport native vlan 130<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/19<br>
+
switchport allowed vlan add 130,135 untagged<br>
+
switchport native vlan 130<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/20<br>
+
switchport allowed vlan add 130,135 untagged<br>
+
switchport native vlan 130<br>
+
switchport allowed vlan remove 1<br>
+
spanning-tree edge-port<br>
+
<br>
+
<br>
+
interface ethernet 1/21<br>
+
switchport allowed vlan add 1 untagged<br>
+
switchport native vlan 1<br>
+
switchport allowed vlan add 130,135 tagged<br>
+
<br>
+
<br>
+
interface ethernet 1/22<br>
+
switchport allowed vlan add 1 untagged<br>
+
switchport native vlan 1<br>
+
switchport allowed vlan add 130,135 tagged<br>
+
<br>
+
<br>
+
interface ethernet 1/23<br>
+
switchport allowed vlan add 1 untagged<br>
+
switchport native vlan 1<br>
+
switchport allowed vlan add 130,135 tagged<br>
+
<br>
+
<br>
+
interface ethernet 1/24<br>
+
switchport allowed vlan add 1 untagged<br>
+
switchport native vlan 1<br>
+
switchport allowed vlan add 130,135 tagged<br>
+
<br>
+
<br>
+
interface vlan 130<br>
+
ip address 192.168.130.252 255.255.255.0<br>
+
<br>
+
no ip http secure-server<br>
+
spanning-tree mode stp<br>
+
line console<br>
+
line vty<br>
+
end<br>
+
<br>
+

Latest revision as of 17:56, 2 January 2024

SW-FIXME-MIKROTIK

Decoupage Public - NAT

On utilise pas de Vlan, mais on a deux bridges virtuelle qui font chacun des réseaux.

  • 130: FIXME-NAT
  • 135: FIXME-PUBLIC

Ports / Reseau

Port Réseau Equipement
1 FIXME-NAT Bellatrix PMI
2 FIXME-PUBLIC Bellatrix
3 FIXME-NAT Fablab link
4 FIXME-PUBLIC Raspi Orbital
5 FIXME-NAT Multifonction
6 FIXME-PUBLIC RIPE NCC
7 FIXME-NAT ATA
8 FIXME-PUBLIC
9 FIXME-NAT
10 FIXME-PUBLIC
11 FIXME-NAT
12 FIXME-PUBLIC
13 FIXME-NAT
14 FIXME-PUBLIC
15 FIXME-NAT ?nano?
16 FIXME-PUBLIC
17 reserved for FIXME-NAT disable
18 reserved for FIXME-PUBLIC disable
19 reserved for FIXME-NAT disable
20 reserved for FIXME-PUBLIC disable
21 reserved for FIXME-NAT disable
22 reserved for FIXME-PUBLIC disable
23 "TRUNK-NAT" ROUTER-Edge
24 "TRUNK-PUBLIC" ROUTER-Edge

Config

/user set 0 password="***********"

/system identity set name=SW-FIXME-MIKROTIK

/interface bridge

add name=bridge4Nat
add name=bridge4Public

/interface bridge port 

add bridge=bridge4Nat interface=ether1
add bridge=bridge4Nat interface=ether3
add bridge=bridge4Nat interface=ether5
add bridge=bridge4Nat interface=ether7
add bridge=bridge4Nat interface=ether9
add bridge=bridge4Nat interface=ether11
add bridge=bridge4Nat interface=ether13
add bridge=bridge4Nat interface=ether15
add bridge=bridge4Nat interface=ether23


add bridge=bridge4Public interface=ether2
add bridge=bridge4Public interface=ether4
add bridge=bridge4Public interface=ether6
add bridge=bridge4Public interface=ether8
add bridge=bridge4Public interface=ether10
add bridge=bridge4Public interface=ether12
add bridge=bridge4Public interface=ether14
add bridge=bridge4Public interface=ether16
add bridge=bridge4Public interface=ether24

/ip address add address=192.168.130.11/24 interface=ether23

/interface ethernet

disable ether17
disable ether18
disable ether19
disable ether20
disable ether21
disable ether22

Pour controler: 

/interface bridge print
/interface bridge print detail

Et eventuellement: 

/user set 0 name = swadmin (si on veut changer le nom de l'admin)

Reference:

https://www.youtube.com/watch?v=4BOYqtV4MCY&list=PLJ7SGFemsLl1QUNkgAbGj9ldlWRrr8zMj&ab_channel=TheNetworkBerg


https://wiki.mikrotik.com/wiki/Manual:Webfig

Retrieved from "https://fixme.ch/w/index.php?title=SWITCH-mikrotik&oldid=15573"