Superlab 9
Topology
Topology
[admin@IDN-R1]>
/interface bridge
add name=br_eoip
/interface eoip
add !keepalive mac-address=FE:6D:E4:8C:A5:DF name=R1-R5 remote-address=\
10.10.10.2 tunnel-id=15
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool1 ranges=101.101.101.2-101.101.101.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether3 name=dhcp1
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
#error exporting /dude
/interface bridge port
add bridge=br_eoip interface=R1-R5
add bridge=br_eoip interface=ether1
/ip address
add address=11.11.11.2/24 interface=ether1 network=11.11.11.0
add address=12.12.12.1/24 interface=ether2 network=12.12.12.0
add address=101.101.101.1/24 interface=ether3 network=101.101.101.0
add address=111.111.111.1/24 interface=br_eoip network=111.111.111.0
/ip dhcp-server network
add address=101.101.101.0/24 dns-server=8.8.8.8 gateway=101.101.101.1
/ip dns
set allow-remote-requests=yes servers=11.11.11.1
/ip firewall filter
add action=log chain=input log-prefix=ping-input-r1 protocol=icmp
/ip firewall nat
# in/out-interface matcher not possible when interface (ether1) is slave - use m ster instead (br_eoip)
add action=masquerade chain=srcnat out-interface=ether1
/ip route
add distance=1 gateway=11.11.11.1
add distance=1 dst-address=23.23.23.0/24 gateway=12.12.12.2
add distance=1 dst-address=24.24.24.0/24 gateway=12.12.12.2
add distance=1 dst-address=34.34.34.0/24 gateway=12.12.12.2
add distance=1 dst-address=105.105.105.0/24 gateway=111.111.111.2
add distance=1 dst-address=192.168.1.0/24 gateway=12.12.12.2
add distance=1 dst-address=192.168.2.0/24 gateway=12.12.12.2
/system identity
set name=IDN-R1
[admin@IDN-R2]> /ip address add address=12.12.12.2/24 interface=ether1 network=12.12.12.0 add address=24.24.24.1/24 interface=ether2 network=24.24.24.0 add address=23.23.23.1/24 interface=ether3 network=23.23.23.0 /ip dns set allow-remote-requests=yes servers=12.12.12.1 /ip route add distance=1 gateway=12.12.12.1 add distance=1 dst-address=34.34.34.0/24 gateway=23.23.23.2 add distance=2 dst-address=34.34.34.0/24 gateway=24.24.24.2 add distance=1 dst-address=192.168.1.0/24 gateway=23.23.23.2 add distance=2 dst-address=192.168.1.0/24 gateway=24.24.24.2 add distance=1 dst-address=192.168.2.0/24 gateway=24.24.24.2 add distance=2 dst-address=192.168.2.0/24 gateway=23.23.23.2 /system identity set name=IDN-R2
[admin@IDN-R3]>
/ip pool
add name=dhcp_pool1 ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether3 name=dhcp1
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
#error exporting /dude
/ip address
add address=23.23.23.2/24 interface=ether1 network=23.23.23.0
add address=34.34.34.1/24 interface=ether2 network=34.34.34.0
add address=192.168.1.1/24 interface=ether3 network=192.168.1.0
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes servers=12.12.12.1
/ip firewall filter
add chain=forward dst-address=192.168.1.0/24 src-address=192.168.2.0/24
add action=drop chain=forward in-interface=ether1
add action=reject chain=forward in-interface=ether2
/ip route
add distance=1 gateway=23.23.23.1
add distance=2 gateway=34.34.34.2
add distance=1 dst-address=24.24.24.0/24 gateway=34.34.34.2
add distance=2 dst-address=24.24.24.0/24 gateway=23.23.23.1
add distance=1 dst-address=192.168.2.0/24 gateway=34.34.34.2
add distance=2 dst-address=192.168.2.0/24 gateway=23.23.23.1
/system identity
set name=IDN-R3
[admin@IDN-R4]>
/ip pool
add name=dhcp_pool1 ranges=192.168.2.2-192.168.2.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether3 name=dhcp1
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
#error exporting /dude
/ip address
add address=24.24.24.2/24 interface=ether1 network=24.24.24.0
add address=34.34.34.2/24 interface=ether2 network=34.34.34.0
add address=192.168.2.1/24 interface=ether3 network=192.168.2.0
/ip dhcp-server network
add address=192.168.2.0/24 gateway=192.168.2.1
/ip dns
set allow-remote-requests=yes servers=12.12.12.1
/ip route
add distance=1 gateway=24.24.24.1
add distance=2 gateway=34.34.34.1
add distance=1 dst-address=23.23.23.0/24 gateway=34.34.34.1
add distance=2 dst-address=23.23.23.0/24 gateway=24.24.24.1
add distance=1 dst-address=192.168.1.0/24 gateway=34.34.34.1
add distance=2 dst-address=192.168.1.0/24 gateway=24.24.24.1
/system identity
set name=IDN-R4
[admin@IDN-R5]>
/interface bridge
add name=br_eoip
/interface eoip
add !keepalive mac-address=FE:AB:D9:FA:ED:B3 name=R5-R1 remote-address=\
11.11.11.2 tunnel-id=15
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=poolbdg ranges=57.57.57.7-57.57.57.100
add name=pooljkt ranges=58.58.58.8-58.58.58.100
add name=dhcp_pool1 ranges=105.105.105.2-105.105.105.254
/ip dhcp-server
add address-pool=pooljkt disabled=no interface=ether2 name=serverjkt relay=\
58.58.58.1
add address-pool=poolbdg disabled=no interface=ether2 name=serverbdg relay=\
57.57.57.1
add address-pool=dhcp_pool1 disabled=no interface=ether3 name=dhcp1
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
/user group
add name=monitoring policy="read,winbox,!local,!telnet,!ssh,!ftp,!reboot,!writ\
e,!policy,!test,!password,!web,!sniff,!sensitive,!api"
#error exporting /dude
/interface bridge port
add bridge=br_eoip interface=R5-R1
add bridge=br_eoip interface=ether1
/ip address
add address=10.10.10.2/24 interface=ether1 network=10.10.10.0
add address=56.56.56.1/24 interface=ether2 network=56.56.56.0
add address=105.105.105.1/24 interface=ether3 network=105.105.105.0
add address=111.111.111.2/24 interface=br_eoip network=111.111.111.0
/ip dhcp-server network
add address=57.57.57.0/24 dns-server=8.8.8.8 gateway=57.57.57.1
add address=58.58.58.0/24 dns-server=8.8.8.8 gateway=58.58.58.1
add address=105.105.105.0/24 dns-server=8.8.8.8 gateway=105.105.105.1
/ip firewall filter
add action=drop chain=input src-address=192.168.3.0/24
add chain=input src-address=57.57.57.0/24
add action=reject chain=input src-address=58.58.58.0/24
add action=log chain=input log-prefix=ping-input-r5 protocol=icmp
/ip route
add distance=1 gateway=10.10.10.1
add distance=1 dst-address=101.101.101.0/24 gateway=111.111.111.1
/routing ospf network
add area=backbone network=10.10.10.0/24
add area=backbone network=56.56.56.0/24
add area=backbone network=105.105.105.0/24
/system identity
set name=IDN-R5
[admin@IDN-R6]>
/ip address
add address=56.56.56.2/24 interface=ether1 network=56.56.56.0
add address=57.57.57.1/24 interface=ether2 network=57.57.57.0
add address=58.58.58.1/24 interface=ether3 network=58.58.58.0
/ip dhcp-relay
add dhcp-server=56.56.56.1 disabled=no interface=ether3 local-address=\
58.58.58.1 name=relayjkt
add dhcp-server=56.56.56.1 disabled=no interface=ether2 local-address=\
57.57.57.1 name=relaybdg
/ip route
add distance=1 gateway=56.56.56.1
/routing ospf network
add area=backbone network=56.56.56.0/24
add area=backbone network=57.57.57.0/24
add area=backbone network=58.58.58.0/24
/system identity
set name=IDN-R6
[admin@IDN-R7]>
/interface bridge
add name=br1
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool1 ranges=192.168.3.2-192.168.3.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=br1 lease-time=3d name=\
dhcp1
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
#error exporting /dude
/interface bridge port
add bridge=br1 interface=ether2
add bridge=br1 interface=ether3
/ip address
add address=192.168.3.1/24 interface=br1 network=192.168.3.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.3.0/24 dns-server=8.8.8.8 gateway=192.168.3.1
/routing ospf network
add area=backbone network=192.168.3.0/24
add area=backbone network=57.57.57.0/24
/system identity
set name=IDN-R7
[admin@IDN-R8]>
/interface bridge
add name=br1
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
#error exporting /dude
/interface bridge port
add bridge=br1 interface=ether2
add bridge=br1 interface=ether3
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
add dhcp-options=hostname,clientid disabled=no interface=br1
/routing ospf network
add area=backbone network=192.168.3.0/24
add area=backbone network=58.58.58.0/24
/system identity
set name=IDN-R8
[admin@ISP]> /ip address add address=19.19.19.10/16 interface=ether1 network=19.19.0.0 add address=11.11.11.1/24 interface=ether2 network=11.11.11.0 add address=10.10.10.1/24 interface=ether3 network=10.10.10.0 /ip dns set allow-remote-requests=yes servers=8.8.8.8 /ip firewall nat add action=masquerade chain=srcnat out-interface=ether1 /ip route add distance=1 gateway=19.19.19.4 /system identity set name=ISP
Komentar
Posting Komentar