Following my post on Installing Mikrotik RouterOS in VirtualBox, here is some basic configuration setup if you want to play around with RouterOS.
For real hand-on experience better to buy small a Mikrotik (e.g RB750, RB951G-2HnD) , they are very cheap. Check here for the products and prices.
One simple way to add more interface is to use USB-to-Ethernet adapters. Once installed check that they appear correctly under host OS Linux.
Then from VirtualBox goto the VM and under Network enable the other Ethernet Adapters. All the adapters enabled should appear on the right.
Start VM and check that they appear by issuing the commands "interface print".
I will used ether1 as my WAN uplink. Rename the interface name from ether1 to wan if you want.For real hand-on experience better to buy small a Mikrotik (e.g RB750, RB951G-2HnD) , they are very cheap. Check here for the products and prices.
Add more Ethernet Interfaces
ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 88:ae:1d:d8:79:6e brd ff:ff:ff:ff:ff:ff
inet 192.168.0.99/24 brd 192.168.0.255 scope global eth0
inet6 fe80::8aae:1dff:fed8:796e/64 scope link
valid_lft forever preferred_lft forever
16: eth2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 00:e0:4c:53:44:58 brd ff:ff:ff:ff:ff:ff
inet6 fe80::2e0:4cff:fe53:4458/64 scope link
valid_lft forever preferred_lft forever
17: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 00:13:3b:14:19:93 brd ff:ff:ff:ff:ff:ff
inet6 fe80::213:3bff:fe14:1993/64 scope link
valid_lft forever preferred_lft forever
Check the interfaces
[admin@MikroTik] > interface print
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE MTU L2MTU MAX-L2MTU MAC-ADDRESS
0 R ether1 ether 1500 08:00:27:AF:B1:EE
1 R ether2 ether 1500 08:00:27:00:FB:DD
2 R ether3 ether 1500 08:00:27:20:2C:C5 /interface set ether1 name=wan
[admin@MikroTik] > interface print
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE MTU L2MTU MAX-L2MTU MAC-ADDRESS
0 R ether2 ether 1500 08:00:27:00:FB:DD
1 R ether3 ether 1500 08:00:27:20:2C:C5
2 R wan ether 1500 08:00:27:AF:B1:EE
System Identity
[admin@MikroTik] > /system identity set name=MyHomeLab
[admin@MyHomeLab] >
DHCP Client
/ip dhcp-client add interface=wan disabled=no
In VirtualBox I have setup the network adapters in "Bridge" so the virtual Mikrotik machine can see my external router (with DHCP server) and get ip address on ether1 working as my WAN uplink.
[admin@MyHomeLab] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 D 192.168.0.102/24 192.168.0.0 wan
[admin@MyHomeLab] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 192.168.0.1 1
1 ADC 192.168.0.0/24 192.168.0.101 wan 0[admin@MyHomeLab] > ip dhcp-client print
Flags: X - disabled, I - invalid
# INTERFACE USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS ADDRESS
0 wan yes yes bound 192.168.0.101/24
Then we can check if the Internet is reachable.
[admin@MyHomeLab] > ping 8.8.8.8
HOST SIZE TTL TIME STATUS
8.8.8.8 56 49 62ms
8.8.8.8 56 49 63ms
8.8.8.8 56 49 63ms
8.8.8.8 56 49 62ms
sent=4 received=4 packet-loss=0% min-rtt=62ms avg-rtt=62ms max-rtt=63ms
STATIC IP ADDRESS
Or you can add static IP address on wan interface and default gateway IP address. /ip address add address=192.168.0.201/24 interface=wan
/ip route add gateway=192.168.0.1 [admin@MyHomeLab] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 192.168.0.201/24 192.168.0.0 wan [admin@MyHomeLab] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 192.168.0.1 1
1 ADC 192.168.0.0/24 192.168.0.201 wan 0 [admin@MyHomeLab] > ping 8.8.8.8
HOST SIZE TTL TIME STATUS
8.8.8.8 56 48 85ms
8.8.8.8 56 48 84ms
8.8.8.8 56 48 82ms
8.8.8.8 56 48 83ms
sent=4 received=4 packet-loss=0% min-rtt=82ms avg-rtt=83ms max-rtt=85ms
BRIDGE
Create a bridge and add all the remaining interfaces in the bridge. Then assign an IP address to the bridge./interface bridge add name=bridge-lan disabled=no
/interface bridge port add bridge=bridge-lan interface=ether2
/interface bridge port add bridge=bridge-lan interface=ether3 [admin@MyHomeLab] > interface print
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE MTU L2MTU MAX-L2MTU MAC-ADDRESS
0 RS ether2 ether 1500 08:00:27:00:FB:DD
1 RS ether3 ether 1500 08:00:27:20:2C:C5
2 R wan ether 1500 08:00:27:AF:B1:EE
3 R bridge-lan bridge 1500 65535 08:00:27:00:FB:DD /ip address add address=10.10.10.1/24 interface=bridge-lan[admin@MyHomeLab] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 D 192.168.0.101/24 192.168.0.0 wan
1 10.10.10.1/24 10.10.10.0 bridge-lan
[admin@MyHomeLab] > interface bridge port print
Flags: X - disabled, I - inactive, D - dynamic
# INTERFACE BRIDGE PRIORITY PATH-COST HORIZON
0 ether2 bridge-lan 0x80 10 none
1 ether3 bridge-lan 0x80 10 none NAT
Configuring NAT for Internet Access. NAT rule for masquerading traffic out wan
/ip firewall nat add chain=srcnat action=masquerade out-interface=wan
Also pinging from RouterOS we can reach Internet.
[admin@MyHomeLab] > ping 8.8.8.8 src-address=10.10.10.1
HOST SIZE TTL TIME STATUS
8.8.8.8 56 48 84ms
8.8.8.8 56 48 83ms
8.8.8.8 56 48 82ms
8.8.8.8 56 48 84ms
sent=4 received=4 packet-loss=0% min-rtt=82ms avg-rtt=83ms max-rtt=84ms
DHCP server
Configure a DHCP Server for your network:
ip dhcp-server [admin@MyHomeLab] /ip dhcp-server> setup
Select interface to run DHCP server on
dhcp server interface:
Interface ::= wan | ether2 | ether3 | bridge-lan
dhcp server interface: bridge-lan
Select network for DHCP addresses
dhcp address space: 10.10.10.0/24
Select gateway for given network
gateway for dhcp network: 10.10.10.1
Select pool of ip addresses given out by DHCP server
addresses to give out: 10.10.10.2-10.10.10.254
Select DNS servers
dns servers: 192.168.0.1
Select lease time
lease time: 3d
[admin@MyHomeLab] > ip dhcp-server lease print
Flags: X - disabled, R - radius, D - dynamic, B - blocked
# ADDRESS MAC-ADDRESS HOS.. SERVER RAT.. STATUS
0 D 10.10.10.254 00:1F:C6:75:58:8B des.. dhcp1 bound [admin@MyHomeLab] > ip pool print
# NAME RANGES
0 dhcp_pool1 10.10.10.2-10.10.10.254
NTP
/system ntp client set primary-ntp=europe.pool.ntp.org enabled=yes mode=unicast
/system clock set time-zone-name=Europe/Nicosia [admin@MyHomeLab] > system clock print
time: 10:10:55
date: dec/21/2013
time-zone-name: Europe/Nicosia
gmt-offset: +02:00
dst-active: no
No comments:
Post a Comment