.:Bedah Default Config RB750 dan RB750G:.

**uburcumi** · 01-03-2010, 10:45

Sekian lama jualan RB750, baru kali meneliti configurasi defaultnya... Click here to enlarge

Oke langsung saja...

Code:

#| ether1 is renamed ether1-gateway, rest of interfaces are switched
#| IP address 192.168.88.1/24 is on switch
#| DHCP client is on ether1-gateway
#| DHCP server is on switch, with address pool 192.168.88.10-192.168.88.254
#| masquerade on ether1-gateway
:global action

# these commands are executed after installation or configuration reset
:if ($action = "apply") do={
    /interface set ether1 name=ether1-gateway
    /interface set ether2 name=ether2-local-master
    /interface set ether3 name=ether3-local-slave
    /interface set ether4 name=ether4-local-slave
    /interface set ether5 name=ether5-local-slave

    /interface ethernet set ether3-local-slave master-port=ether2-local-master
    /interface ethernet set ether4-local-slave master-port=ether2-local-master
    /interface ethernet set ether5-local-slave master-port=ether2-local-master

    /ip address add address=192.168.88.1/24 interface=ether2-local-master comment="default configuration"

    :if ([:len [/system package find name="dhcp" !disabled]] != 0) do={
        /ip dhcp-client add interface=ether1-gateway disabled=no comment="default configuration";
        /ip pool add name=default-dhcp ranges=192.168.88.10-192.168.88.254;
        /ip dhcp-server add name=default address-pool=default-dhcp interface=ether2-local-master disabled=no;
        /ip dhcp-server network add address=192.168.88.0/24 gateway=192.168.88.1 dns-server=192.168.88.1 comment="default configuration";
    }

    /ip firewall {
    	filter add chain=input action=accept protocol=icmp comment="default configuration"
	filter add chain=input action=accept connection-state=established in-interface=ether1-gateway comment="default configuration"
	filter add chain=input action=accept connection-state=related in-interface=ether1-gateway comment="default configuration"
	filter add chain=input action=drop in-interface=ether1-gateway comment="default configuration"
        nat add chain=srcnat out-interface=ether1-gateway action=masquerade comment="default configuration"
    }

    /ip dns {
    	set allow-remote-requests=yes
    	static add name=router address=192.168.88.1
    }

    /tool mac-server remove [find]
    /tool mac-server add interface=ether2-local-master disabled=no
    /tool mac-server add interface=ether3-local-slave disabled=no
    /tool mac-server add interface=ether4-local-slave disabled=no
    /tool mac-server add interface=ether5-local-slave disabled=no

    /tool mac-server mac-winbox disable [find]
    /tool mac-server mac-winbox add interface=ether2-local-master disabled=no
    /tool mac-server mac-winbox add interface=ether3-local-slave disabled=no
    /tool mac-server mac-winbox add interface=ether4-local-slave disabled=no
    /tool mac-server mac-winbox add interface=ether5-local-slave disabled=no

    /ip neighbor discovery set [find name=ether1-gateway] discover=no
}

# these commands are executed if user requests to remove default configuration
:if ($action = "revert") do={
    /ip firewall {
        :local o [nat find comment="default configuration"]
        :if ([:len $o] != 0) do={ nat remove $o }

        :local o [filter find comment="default configuration"]
        :if ([:len $o] != 0) do={ filter remove $o }
    }

    :if ([:len [/system package find name="dhcp" !disabled]] != 0) do={
        :local o [/ip dhcp-server network find comment="default configuration"]
        :if ([:len $o] != 0) do={ /ip dhcp-server network remove $o }

        :local o [/ip dhcp-server find name="default" address-pool="default-dhcp" interface=ether2-local-master !disabled]
        :if ([:len $o] != 0) do={ /ip dhcp-server remove $o }

        /ip pool {
            :local o [find name=default-dhcp ranges=192.168.88.10-192.168.88.254]
            :if ([:len $o] != 0) do={ remove $o }
        }

        :local o [/ip dhcp-client find comment="default configuration"]
        :if ([:len $o] != 0) do={ /ip dhcp-client remove $o }
    }

    /ip dns {
    	set allow-remote-requests=no
        :local o [static find name=router address=192.168.88.1]
        :if ([:len $o] != 0) do={ static remove $o }
    }

    /ip address {
        :local o [find comment="default configuration"]
        :if ([:len $o] != 0) do={ remove $o }
    }

    /tool mac-server remove [find]
    /tool mac-server add interface=all disabled=no

    /tool mac-server mac-winbox remove [find interface!=all]
    /tool mac-server mac-winbox set [find] disabled=no 

    /ip neighbor discovery set [find name=ether1-gateway] discover=yes

    /interface ethernet set ether3-local-slave master-port=none
    /interface ethernet set ether4-local-slave master-port=none
    /interface ethernet set ether5-local-slave master-port=none

    /interface set ether1-gateway name=ether1
    /interface set ether2-local-master name=ether2
    /interface set ether3-local-slave name=ether3
    /interface set ether4-local-slave name=ether4
    /interface set ether5-local-slave name=ether5
}

itu default config, lalu saya bagi lagi menjadi beberapa bagian :

1.

/interface set ether1 name=ether1-gateway
/interface set ether2 name=ether2-local-master
/interface set ether3 name=ether3-local-slave
/interface set ether4 name=ether4-local-slave
/interface set ether5 name=ether5-local-slave

/interface ethernet set ether3-local-slave master-port=ether2-local-master
/interface ethernet set ether4-local-slave master-port=ether2-local-master
/interface ethernet set ether5-local-slave master-port=ether2-local-master

/ip address add address=192.168.88.1/24 interface=ether2-local-master comment="default configuration"

2.

/ip dhcp-client add interface=ether1-gateway disabled=no comment="default configuration";
/ip pool add name=default-dhcp ranges=192.168.88.10-192.168.88.254;
/ip dhcp-server add name=default address-pool=default-dhcp interface=ether2-local-master disabled=no;
/ip dhcp-server network add address=192.168.88.0/24 gateway=192.168.88.1 dns-server=192.168.88.1 comment="default configuration";

3.

filter add chain=input action=accept protocol=icmp comment="default configuration"
filter add chain=input action=accept connection-state=established in-interface=ether1-gateway comment="default configuration"
filter add chain=input action=accept connection-state=related in-interface=ether1-gateway comment="default configuration"
filter add chain=input action=drop in-interface=ether1-gateway comment="default configuration"
nat add chain=srcnat out-interface=ether1-gateway action=masquerade comment="default configuration"

4.

/tool mac-server remove [find]
/tool mac-server add interface=ether2-local-master disabled=no
/tool mac-server add interface=ether3-local-slave disabled=no
/tool mac-server add interface=ether4-local-slave disabled=no
/tool mac-server add interface=ether5-local-slave disabled=no

/tool mac-server mac-winbox disable [find]
/tool mac-server mac-winbox add interface=ether2-local-master disabled=no
/tool mac-server mac-winbox add interface=ether3-local-slave disabled=no
/tool mac-server mac-winbox add interface=ether4-local-slave disabled=no
/tool mac-server mac-winbox add interface=ether5-local-slave disabled=no

/ip neighbor discovery set [find name=ether1-gateway] discover=no

nah itu saja yg mau kita bahas di beginer basic ini mengingat beberapa setingan tersebut sangat sederhana..

Sooooo.....bagi yg mau belajar memahami mkrotik silahkan di jelaskan satu-persatu point point di atas...untuk yg udah master, berikan waktu untuk yg masih belajar agar memahami terlebih dahulu... Click here to enlarge

Silahkan mas-mas mbak-mbak yg masih belum paham betul dari setingan2 yg ada di mkrotik...

Nah pertanyaan saya...di sana tidak ada IP-ROUTE yang biasanya di gunakan untuk jalur routing (wajib ada di setingan mkrotik)....lalu sebagai pengganti dari IP-ROUTE terletak dimana? Dan kenapa IP-ROUTE tidak ada???

Hayo sapa yang mau jadi PERTAMAX???silahkan post dengan pemahaman dan logika anda...cmiw...

YUP....kalo ini REPOST mohon maap ya mod.... Click here to enlarge

Salam,

**flazh** · 01-03-2010, 11:39

dhcp-client add default route

**uburcumi** · 01-03-2010, 12:00

Originally Posted by flazh

dhcp-client add default route

jawaban udah bener cuma terlalu singkat, silahkan di jelaskan lagi fungsi dari rule itu apa...biar yg masih belum paham bisa mengerti...dapet pahala loh....hehehehhe Click here to enlarge

ato point2 yg lain...1 2 3 4??mungkin mau membedah??? Click here to enlarge

terutama yg masih baru gabung neh....mana???hayo semangat2...

**singkong77** · 01-03-2010, 19:59

kalo ga salah karena mengikuti yang atasnya udah dikasih ip pool ditambah range buat ipnya jadi tinggal mengikuti aja kaka ether 2 sebagai master..

point 1,2 ngerti..point 3,4 engga kaka.. Click here to enlarge

**faradilanaureen** · 03-03-2010, 04:29

pemula menunggu penjelasan dari para senior semua ah

**budihermanto** · 08-04-2010, 08:32

Iseng .... sapa tahu jadi bener ... Click here to enlarge

1. ether2 jadi master nya ether3, ether4, ether5 jadi semua nya dalam 1 range ip address 192.168.88.1/24

2. ether 1 sebagai gateway, akses di berikan untuk rang dhcp ip 192.168.88.10-192.168.88.254, ether2 sebagai dhcp server, range dhcp 192.168.88.0/24 dgn 192.168.88.1 (ether2) sebagai ip server

3. default setting dapat menerima icmp, establish conn dari ether 1 (makanya set standar kudu psg modem di ether1), dan di NAT di ether1 untuk koneksi

4. kalo gak salah mirip no1 cuma buat mesin MAC

mohon koreksi Click here to enlarge

**m_amien** · 08-04-2010, 16:41

ikut ah... itung2 belajar Click here to enlarge

....

Code:

/interface set ether1 name=ether1-gateway   
merobah nama interface ether1 menjadi ether1-gateway 

/interface set ether2 name=ether2-local-master
merobah nama interface ether2 menjadi ether2-local-master

/interface set ether3 name=ether3-local-slave
merobah nama interface ether3 menjadi ether3-local-slave

/interface set ether4 name=ether4-local-slave
merobah nama interface ether4 menjadi ether4-local-slave


/interface set ether5 name=ether5-local-slave
merobah nama interfaceether5 menjadi ether5-local-slave



/interface ethernet set ether3-local-slave master-port=ether2-local-master
/interface ethernet set ether4-local-slave master-port=ether2-local-master
/interface ethernet set ether5-local-slave master-port=ether2-local-master
melakukan bonding ether3-local-slave,ether4-local-slave,ether5-local-slave
ke ether2-local-master

/ip address add address=192.168.88.1/24 interface=ether2-local-master comment="default configuration"

merobah ip ether2-local-master menjadi 192.168.88.1/24

Code:

/ip dhcp-client add interface=ether1-gateway disabled=no comment="default configuration";
membuat ether1-gateway sebagai client dhcp dari  ether2-local-master(dhcp server)

/ip pool add name=default-dhcp ranges=192.168.88.10-192.168.88.254;
range dhcp ip antara 192.168.88.10-192.168.88.254

/ip dhcp-server add name=default address-pool=default-dhcp interface=ether2-local-master disabled=no;
ther2-local-master(dhcp server)

/ip dhcp-server network add address=192.168.88.0/24 gateway=192.168.88.1 dns-server=192.168.88.1 comment="default configuration";
network : 192.168.88.0
mask:24(255.255.255.0)
gateway 192.168.88.1 & DNS 192.168.88.1 ((ether2-local-master)

Code:

filter add chain=input action=accept protocol=icmp comment="default configuration"
filter add chain=input action=accept connection-state=established in-interface=ether1-gateway comment="default configuration"
filter add chain=input action=accept connection-state=related in-interface=ether1-gateway comment="default configuration"
filter add chain=input action=drop in-interface=ether1-gateway comment="default configuration"
nat add chain=srcnat out-interface=ether1-gateway action=masquerade comment="default configuration"


pada bagian ini jujur ngga nyambung :th_beaten:

Code:

/tool mac-server remove [find]
/tool mac-server add interface=ether2-local-master disabled=no
/tool mac-server add interface=ether3-local-slave disabled=no
/tool mac-server add interface=ether4-local-slave disabled=no
/tool mac-server add interface=ether5-local-slave disabled=no

ngabungin mac buat konax nya winbox tanpa ip .....kale yaaah ????

/tool mac-server mac-winbox disable [find]
/tool mac-server mac-winbox add interface=ether2-local-master disabled=no
/tool mac-server mac-winbox add interface=ether3-local-slave disabled=no
/tool mac-server mac-winbox add interface=ether4-local-slave disabled=no
/tool mac-server mac-winbox add interface=ether5-local-slave disabled=no
??? mungkin ini bener.... untuk remote winbox pada ether2,3,4,5

/ip neighbor discovery set [find name=ether1-gateway] discover=no

tidak bisa di cari..????? tetangga...???

Setelah melihat2 dan mencoba menjawab... kok lelet adul sih gw. Click here to enlarge

Yang siap menjadi guru private Mikrotik untuk wilayah Banjarmasin (kalsel). bisa PM saya !..!!.
Click here to enlarge

Br.

amien

**m_amien** · 08-04-2010, 16:47

1. ganti nama ether
bonding ether 3,4,5 ke ether 2
2. dhcp client ether1 terhubung ke dhcpserver ether2
dhcpserver ether2 config
3.?????????? ngga nyambung --belum bisa-- Click here to enlarge

4. koneksi winbox dengan mac(tanpa ip) bisa dari ether2,3,4,5
koneksi winbox dgn IP bisa dari ether2,3,4,5
gateway mode tersembunyi

---------------

**uburcumi** · 08-04-2010, 20:02

yup betul.... Click here to enlarge

**mempphis** · 12-04-2010, 12:52

mantap ne....aku baru mau beli RB750G...semoga ilmu2 dia atas dapat membantu saya dalam meng config mikrotik Click here to enlarge

**bocor** · 12-04-2010, 14:32

wah makin keren ne om ubur+cumi jadi Click here to enlarge

**vgate** · 12-04-2010, 14:59

Code:

# these commands are executed after installation or configuration reset
:if ($action = "apply") do={
    /interface set ether1 name=ether1-gateway
    /interface set ether2 name=ether2-local-master
    /interface set ether3 name=ether3-local-slave
    /interface set ether4 name=ether4-local-slave
    /interface set ether5 name=ether5-local-slave

Setting up nama2 interface

Code:

    /interface ethernet set ether3-local-slave master-port=ether2-local-master
    /interface ethernet set ether4-local-slave master-port=ether2-local-master
    /interface ethernet set ether5-local-slave master-port=ether2-local-master

Set-up ether2 sebagai master port mode switch, dengan menjadikan ether3, 4 dan 5 sebagai slave dari ether2, master-slave mode bukan bonding, mirip bridge tp maennya di layer hardware.

Code:

    /ip address add address=192.168.88.1/24 interface=ether2-local-master comment="default configuration"

memberikan IP address pada interface ether2.

Code:

    :if ([:len [/system package find name="dhcp" !disabled]] != 0) do={
        /ip dhcp-client add interface=ether1-gateway disabled=no comment="default configuration";
        /ip pool add name=default-dhcp ranges=192.168.88.10-192.168.88.254;
        /ip dhcp-server add name=default address-pool=default-dhcp interface=ether2-local-master disabled=no;
        /ip dhcp-server network add address=192.168.88.0/24 gateway=192.168.88.1 dns-server=192.168.88.1 comment="default configuration";
    }

Cek jika package DHCP tidak ter-disable, kemudian setup DHCP client pada ether1 (WAN port), set pool address dengan range IP yang akan dibagikan oleh DHCP server, set DHCP server untuk menggunakan pool address tersebut pada ether2 (private LAN), assign default gateway, dns-server yang akan digunakan client.

Code:

    /ip firewall {
    	filter add chain=input action=accept protocol=icmp comment="default configuration"
	filter add chain=input action=accept connection-state=established in-interface=ether1-gateway comment="default configuration"
	filter add chain=input action=accept connection-state=related in-interface=ether1-gateway comment="default configuration"
	filter add chain=input action=drop in-interface=ether1-gateway comment="default configuration"

Setup filter firewall default, menerima semua packet icmp, menerima semua koneksi yang sedang berjalan pada port WAN, mendrop semua paket lainnya yang masuk dari arah WAN.

Code:

        nat add chain=srcnat out-interface=ether1-gateway action=masquerade comment="default configuration"
    }

Masquerade semua koneksi yang masuk lewat ether1 (WAN), client hanya akan melihat koneksi datang dari satu IP WAN yang sama (masquerade).

Code:

    /ip dns {
    	set allow-remote-requests=yes
    	static add name=router address=192.168.88.1
    }

set-up DNS proxy, set router address sesuai IP router.

Code:

    /tool mac-server remove [find]
    /tool mac-server add interface=ether2-local-master disabled=no
    /tool mac-server add interface=ether3-local-slave disabled=no
    /tool mac-server add interface=ether4-local-slave disabled=no
    /tool mac-server add interface=ether5-local-slave disabled=no

enablekan untuk mac-telnet hanya pada interface ether2 hingga 5,

Code:

    /tool mac-server mac-winbox disable [find]
    /tool mac-server mac-winbox add interface=ether2-local-master disabled=no
    /tool mac-server mac-winbox add interface=ether3-local-slave disabled=no
    /tool mac-server mac-winbox add interface=ether4-local-slave disabled=no
    /tool mac-server mac-winbox add interface=ether5-local-slave disabled=no

enablekan akses winbox hanya dari ether2 hingga 5.

Code:

    /ip neighbor discovery set [find name=ether1-gateway] discover=no
}

matikan discovery untuk neighbourhood dari port ether1 (WAN port), discovery dari winbox hanya terlihat dari ether2-5.

Code:

# these commands are executed if user requests to remove default configuration
:if ($action = "revert") do={
    /ip firewall {
        :local o [nat find comment="default configuration"]
        :if ([:len $o] != 0) do={ nat remove $o }

        :local o [filter find comment="default configuration"]
        :if ([:len $o] != 0) do={ filter remove $o }
    }

    :if ([:len [/system package find name="dhcp" !disabled]] != 0) do={
        :local o [/ip dhcp-server network find comment="default configuration"]
        :if ([:len $o] != 0) do={ /ip dhcp-server network remove $o }

        :local o [/ip dhcp-server find name="default" address-pool="default-dhcp" interface=ether2-local-master !disabled]
        :if ([:len $o] != 0) do={ /ip dhcp-server remove $o }

        /ip pool {
            :local o [find name=default-dhcp ranges=192.168.88.10-192.168.88.254]
            :if ([:len $o] != 0) do={ remove $o }
        }

        :local o [/ip dhcp-client find comment="default configuration"]
        :if ([:len $o] != 0) do={ /ip dhcp-client remove $o }
    }

    /ip dns {
    	set allow-remote-requests=no
        :local o [static find name=router address=192.168.88.1]
        :if ([:len $o] != 0) do={ static remove $o }
    }

    /ip address {
        :local o [find comment="default configuration"]
        :if ([:len $o] != 0) do={ remove $o }
    }

    /tool mac-server remove [find]
    /tool mac-server add interface=all disabled=no

    /tool mac-server mac-winbox remove [find interface!=all]
    /tool mac-server mac-winbox set [find] disabled=no 

    /ip neighbor discovery set [find name=ether1-gateway] discover=yes

    /interface ethernet set ether3-local-slave master-port=none
    /interface ethernet set ether4-local-slave master-port=none
    /interface ethernet set ether5-local-slave master-port=none

    /interface set ether1-gateway name=ether1
    /interface set ether2-local-master name=ether2
    /interface set ether3-local-slave name=ether3
    /interface set ether4-local-slave name=ether4
    /interface set ether5-local-slave name=ether5
}

Mengembalikan "default-configuration" menjadi bener2 default empty configuration.

Semoga berguna,

**alherman** · 28-07-2010, 17:21

Originally Posted by vgate

[CODE]

Code:

    /interface ethernet set ether3-local-slave master-port=ether2-local-master
    /interface ethernet set ether4-local-slave master-port=ether2-local-master
    /interface ethernet set ether5-local-slave master-port=ether2-local-master

Set-up ether2 sebagai master port mode switch, dengan menjadikan ether3, 4 dan 5 sebagai slave dari ether2, master-slave mode bukan bonding, mirip bridge tp maennya di layer hardware.
maksudnya kalau eth 3-5 dijadikan slave dari eth 2 vs bride eth2-5 (kayanya sama) tp beda tapi sama...???(*(*&(*&*%%%$#%$@ ??? binun nih

Master suhu,
tanya donk untuk bedanya master-slave port dgn bride bedanya dimana? maksudnya kelebihan dan kekurangannya dimana? sama fungsinya atau gmana?

Thanks yg udah ngejelasin.

al

**oktama** · 30-07-2010, 16:56

apakah mungkin.... ternyata master-port dan slave-port ini jika diimplementasikan dengan VLAN kita bisa mengisolir client yang terhubung kesetiap port-slave sehingga data dari setiap slave-port hanya bisa terhubung ke master-port tapi tidak bisa antar sesama slave-port?

blm sempat nyoba sih, abis kekurangan perangkat dah pada disetorin ke client karena mereka dah siap untuk instalasi perangkat Click here to enlarge

**uburcumi** · 31-07-2010, 19:44

Originally Posted by mempphis

mantap ne....aku baru mau beli RB750G...semoga ilmu2 dia atas dapat membantu saya dalam meng config mikrotik Click here to enlarge

Originally Posted by bocor

wah makin keren ne om ubur+cumi jadi Click here to enlarge

saya cuman membantu membedah karena belum ada trit yg mengulas default config, pada intinya untuk bisa memakai default config, modem/router sebelum mikrotik harus di set DHCP server agak default config bisa berjalan sempurna. Click here to enlarge

Thread: .:Bedah Default Config RB750 dan RB750G:.

LinkBack

Thread Tools

.:Bedah Default Config RB750 dan RB750G:.

The Following 5 Users Say Thank You to uburcumi For This Useful Post:

The Following User Says Thank You to uburcumi For This Useful Post:

ikut belajar

The Following User Says Thank You to m_amien For This Useful Post:

The Following User Says Thank You to m_amien For This Useful Post:

The Following 2 Users Say Thank You to uburcumi For This Useful Post:

The Following User Says Thank You to vgate For This Useful Post:

tanya beda master-slave port 3-5 dgn bride port 3-5

The Following User Says Thank You to uburcumi For This Useful Post:

Thread Information

Users Browsing this Thread

Similar Threads

RB750/RB750G Proxy nya sering ngadat

RB750, sehabis restart tanggal kembali ke default

[ASK] Bedah Perut Sektoral Waveguide

Posting Permissions