289 lines
11 KiB
Text
289 lines
11 KiB
Text
# 2023-07-21 18:48:02 by RouterOS 7.10
|
|
# software id = 56R5-PRTF
|
|
#
|
|
# model = RB5009UG+S+
|
|
# serial number = EC190E3732EA
|
|
/interface bridge
|
|
add frame-types=admit-only-vlan-tagged name=bridge1 protocol-mode=none \
|
|
vlan-filtering=yes
|
|
/interface ethernet
|
|
set [ find default-name=ether1 ] advertise="10M-half,10M-full,100M-half,100M-f\
|
|
ull,1000M-half,1000M-full,2500M-full,5000M-full" disabled=yes
|
|
set [ find default-name=ether2 ] comment=\
|
|
"zur FritzBox fuer PPPoE; VLAN-ID 7 wird in der FB gesetzt"
|
|
set [ find default-name=ether3 ] disabled=yes mtu=1492
|
|
set [ find default-name=ether4 ] comment=PVE5
|
|
set [ find default-name=ether5 ] disabled=yes
|
|
set [ find default-name=ether6 ] comment=CRS305
|
|
set [ find default-name=ether7 ] comment=nanoHD
|
|
set [ find default-name=ether8 ] comment=Notfall-Port
|
|
set [ find default-name=sfp-sfpplus1 ] auto-negotiation=no disabled=yes
|
|
/interface pppoe-client
|
|
add add-default-route=yes disabled=no interface=ether2 name=pppoe-out-fb \
|
|
password=ZfkMtG1o229!GgEJ5agCj user=H1und1/ui4261-771@online.de
|
|
/interface veth
|
|
add address=172.19.19.2/24 gateway=172.19.19.1 name=mDNSTrunk
|
|
/interface wireguard
|
|
add listen-port=13231 mtu=1420 name=wireguard_clients private-key=\
|
|
"cKGib4gV3YwrrMH/brCMl+kBVpblWbJJwmAp1oDfYVs="
|
|
add listen-port=13232 mtu=1420 name=wireguard_s2s_hex private-key=\
|
|
"AJfWyeEq406pHeZmIDsUPQmb2cPAIhSKr2VJP47CkG4="
|
|
/interface vlan
|
|
add comment=Home/MGMT interface=bridge1 name=vlan2 vlan-id=2
|
|
add comment=External interface=bridge1 name=vlan10 vlan-id=10
|
|
add comment="No Internet" interface=bridge1 name=vlan20 vlan-id=20
|
|
/interface list
|
|
add name=LAN
|
|
add name=WAN
|
|
add name=VPN
|
|
add name=VLAN
|
|
add name=winbox-access
|
|
/interface wireless security-profiles
|
|
set [ find default=yes ] supplicant-identity=MikroTik
|
|
/ip pool
|
|
add name=pool_subnet2 ranges=192.168.2.35-192.168.2.200
|
|
add name=pool_subnet10 ranges=192.168.10.35-192.168.10.200
|
|
add name=pool_subnet20 ranges=192.168.20.35-192.168.20.200
|
|
add name=pool_subnet40 ranges=192.168.40.35-192.168.40.200
|
|
/ip dhcp-server
|
|
add add-arp=yes address-pool=pool_subnet2 interface=vlan2 lease-script=":local\
|
|
\_DHCPtag\r\
|
|
\n:set DHCPtag \"#DHCP\"\r\
|
|
\n\r\
|
|
\n:if ( [ :len \$leaseActIP ] <= 0 ) do={ :error \"empty lease address\" }\
|
|
\r\
|
|
\n\r\
|
|
\n:if ( \$leaseBound = 1 ) do=\\\r\
|
|
\n{\r\
|
|
\n :local ttl\r\
|
|
\n :local domain\r\
|
|
\n :local hostname\r\
|
|
\n :local fqdn\r\
|
|
\n :local leaseId\r\
|
|
\n :local comment\r\
|
|
\n\r\
|
|
\n /ip dhcp-server\r\
|
|
\n :set ttl [ get [ find name=\$leaseServerName ] lease-time ]\r\
|
|
\n network\r\
|
|
\n :set domain [ get [ find \$leaseActIP in address ] domain ]\r\
|
|
\n\r\
|
|
\n .. lease\r\
|
|
\n :set leaseId [ find address=\$leaseActIP ]\r\
|
|
\n\r\
|
|
\n # Check for multiple active leases for the same IP address. It's wei\
|
|
rd and it shouldn't be, but just in case.\r\
|
|
\n\r\
|
|
\n :if ( [ :len \$leaseId ] != 1) do={\r\
|
|
\n :log info \"[DHCP2DNS] not registering domain name for address \
|
|
\$leaseActIP because of multiple active leases for \$leaseActIP\"\r\
|
|
\n :error \"multiple active leases for \$leaseActIP\"\r\
|
|
\n }\r\
|
|
\n\r\
|
|
\n :set hostname [ get \$leaseId host-name ]\r\
|
|
\n :set comment [ get \$leaseId comment ]\r\
|
|
\n /\r\
|
|
\n\r\
|
|
\n :if ( [ :len \$hostname ] <= 0 ) do={ :set hostname \$comment }\r\
|
|
\n\r\
|
|
\n :if ( [ :len \$hostname ] <= 0 ) do={\r\
|
|
\n :log error \"[DHCP2DNS] not registering domain name for address \
|
|
\$leaseActIP because of empty lease host-name or comment\"\r\
|
|
\n :error \"empty lease host-name or comment\"\r\
|
|
\n }\r\
|
|
\n :if ( [ :len \$domain ] <= 0 ) do={\r\
|
|
\n :log error \"[DHCP2DNS] not registering domain name for address \
|
|
\$leaseActIP because of empty network domain name\"\r\
|
|
\n :error \"empty network domain name\"\r\
|
|
\n }\r\
|
|
\n\r\
|
|
\n :set fqdn \"\$hostname.\$domain\"\r\
|
|
\n\r\
|
|
\n /ip dns static\r\
|
|
\n :if ( [ :len [ find name=\$fqdn and address=\$leaseActIP and disable\
|
|
d=no ] ] = 0 ) do={\r\
|
|
\n add address=\$leaseActIP name=\$fqdn ttl=\$ttl comment=\$DHCPtag\
|
|
\_disabled=no\r\
|
|
\n } else={\r\
|
|
\n :log error \"[DHCP2DNS] not registering domain name \$fqdn for a\
|
|
ddress \$leaseActIP because of existing active static DNS entry with this \
|
|
name or address\"\r\
|
|
\n }\r\
|
|
\n /\r\
|
|
\n} else={\r\
|
|
\n /ip dns static\r\
|
|
\n :local dnsDhcpId\r\
|
|
\n :set dnsDhcpId [ find address=\$leaseActIP and comment=\$DHCPtag ]\r\
|
|
\n :if ( [ :len \$dnsDhcpId ] > 0 ) do={\r\
|
|
\n remove \$dnsDhcpId\r\
|
|
\n }\r\
|
|
\n /\r\
|
|
\n}\r\
|
|
\n" lease-time=1d name=dhcp_server_subnet2_vlan2 use-framed-as-classless=\
|
|
no
|
|
add add-arp=yes address-pool=pool_subnet10 interface=vlan10 lease-script=":loc\
|
|
al DHCPtag\r\
|
|
\n:set DHCPtag \"#DHCP\"\r\
|
|
\n\r\
|
|
\n:if ( [ :len \$leaseActIP ] <= 0 ) do={ :error \"empty lease address\" }\
|
|
\r\
|
|
\n\r\
|
|
\n:if ( \$leaseBound = 1 ) do=\\\r\
|
|
\n{\r\
|
|
\n :local ttl\r\
|
|
\n :local domain\r\
|
|
\n :local hostname\r\
|
|
\n :local fqdn\r\
|
|
\n :local leaseId\r\
|
|
\n :local comment\r\
|
|
\n\r\
|
|
\n /ip dhcp-server\r\
|
|
\n :set ttl [ get [ find name=\$leaseServerName ] lease-time ]\r\
|
|
\n network\r\
|
|
\n :set domain [ get [ find \$leaseActIP in address ] domain ]\r\
|
|
\n\r\
|
|
\n .. lease\r\
|
|
\n :set leaseId [ find address=\$leaseActIP ]\r\
|
|
\n\r\
|
|
\n # Check for multiple active leases for the same IP address. It's wei\
|
|
rd and it shouldn't be, but just in case.\r\
|
|
\n\r\
|
|
\n :if ( [ :len \$leaseId ] != 1) do={\r\
|
|
\n :log info \"[DHCP2DNS] not registering domain name for address \
|
|
\$leaseActIP because of multiple active leases for \$leaseActIP\"\r\
|
|
\n :error \"multiple active leases for \$leaseActIP\"\r\
|
|
\n }\r\
|
|
\n\r\
|
|
\n :set hostname [ get \$leaseId host-name ]\r\
|
|
\n :set comment [ get \$leaseId comment ]\r\
|
|
\n /\r\
|
|
\n\r\
|
|
\n :if ( [ :len \$hostname ] <= 0 ) do={ :set hostname \$comment }\r\
|
|
\n\r\
|
|
\n :if ( [ :len \$hostname ] <= 0 ) do={\r\
|
|
\n :log error \"[DHCP2DNS] not registering domain name for address \
|
|
\$leaseActIP because of empty lease host-name or comment\"\r\
|
|
\n :error \"empty lease host-name or comment\"\r\
|
|
\n }\r\
|
|
\n :if ( [ :len \$domain ] <= 0 ) do={\r\
|
|
\n :log error \"[DHCP2DNS] not registering domain name for address \
|
|
\$leaseActIP because of empty network domain name\"\r\
|
|
\n :error \"empty network domain name\"\r\
|
|
\n }\r\
|
|
\n\r\
|
|
\n :set fqdn \"\$hostname.\$domain\"\r\
|
|
\n\r\
|
|
\n /ip dns static\r\
|
|
\n :if ( [ :len [ find name=\$fqdn and address=\$leaseActIP and disable\
|
|
d=no ] ] = 0 ) do={\r\
|
|
\n add address=\$leaseActIP name=\$fqdn ttl=\$ttl comment=\$DHCPtag\
|
|
\_disabled=no\r\
|
|
\n } else={\r\
|
|
\n :log error \"[DHCP2DNS] not registering domain name \$fqdn for a\
|
|
ddress \$leaseActIP because of existing active static DNS entry with this \
|
|
name or address\"\r\
|
|
\n }\r\
|
|
\n /\r\
|
|
\n} else={\r\
|
|
\n /ip dns static\r\
|
|
\n :local dnsDhcpId\r\
|
|
\n :set dnsDhcpId [ find address=\$leaseActIP and comment=\$DHCPtag ]\r\
|
|
\n :if ( [ :len \$dnsDhcpId ] > 0 ) do={\r\
|
|
\n remove \$dnsDhcpId\r\
|
|
\n }\r\
|
|
\n /\r\
|
|
\n}\r\
|
|
\n" lease-time=1d name=dhcp_server_subnet10_vlan10
|
|
add add-arp=yes address-pool=pool_subnet20 interface=vlan20 lease-script=":loc\
|
|
al DHCPtag\r\
|
|
\n:set DHCPtag \"#DHCP\"\r\
|
|
\n\r\
|
|
\n:if ( [ :len \$leaseActIP ] <= 0 ) do={ :error \"empty lease address\" }\
|
|
\r\
|
|
\n\r\
|
|
\n:if ( \$leaseBound = 1 ) do=\\\r\
|
|
\n{\r\
|
|
\n :local ttl\r\
|
|
\n :local domain\r\
|
|
\n :local hostname\r\
|
|
\n :local fqdn\r\
|
|
\n :local leaseId\r\
|
|
\n :local comment\r\
|
|
\n\r\
|
|
\n /ip dhcp-server\r\
|
|
\n :set ttl [ get [ find name=\$leaseServerName ] lease-time ]\r\
|
|
\n network\r\
|
|
\n :set domain [ get [ find \$leaseActIP in address ] domain ]\r\
|
|
\n\r\
|
|
\n .. lease\r\
|
|
\n :set leaseId [ find address=\$leaseActIP ]\r\
|
|
\n\r\
|
|
\n # Check for multiple active leases for the same IP address. It's wei\
|
|
rd and it shouldn't be, but just in case.\r\
|
|
\n\r\
|
|
\n :if ( [ :len \$leaseId ] != 1) do={\r\
|
|
\n :log info \"[DHCP2DNS] not registering domain name for address \
|
|
\$leaseActIP because of multiple active leases for \$leaseActIP\"\r\
|
|
\n :error \"multiple active leases for \$leaseActIP\"\r\
|
|
\n }\r\
|
|
\n\r\
|
|
\n :set hostname [ get \$leaseId host-name ]\r\
|
|
\n :set comment [ get \$leaseId comment ]\r\
|
|
\n /\r\
|
|
\n\r\
|
|
\n :if ( [ :len \$hostname ] <= 0 ) do={ :set hostname \$comment }\r\
|
|
\n\r\
|
|
\n :if ( [ :len \$hostname ] <= 0 ) do={\r\
|
|
\n :log error \"[DHCP2DNS] not registering domain name for address \
|
|
\$leaseActIP because of empty lease host-name or comment\"\r\
|
|
\n :error \"empty lease host-name or comment\"\r\
|
|
\n }\r\
|
|
\n :if ( [ :len \$domain ] <= 0 ) do={\r\
|
|
\n :log error \"[DHCP2DNS] not registering domain name for address \
|
|
\$leaseActIP because of empty network domain name\"\r\
|
|
\n :error \"empty network domain name\"\r\
|
|
\n }\r\
|
|
\n\r\
|
|
\n :set fqdn \"\$hostname.\$domain\"\r\
|
|
\n\r\
|
|
\n /ip dns static\r\
|
|
\n :if ( [ :len [ find name=\$fqdn and address=\$leaseActIP and disable\
|
|
d=no ] ] = 0 ) do={\r\
|
|
\n add address=\$leaseActIP name=\$fqdn ttl=\$ttl comment=\$DHCPtag\
|
|
\_disabled=no\r\
|
|
\n } else={\r\
|
|
\n :log error \"[DHCP2DNS] not registering domain name \$fqdn for a\
|
|
ddress \$leaseActIP because of existing active static DNS entry with this \
|
|
name or address\"\r\
|
|
\n }\r\
|
|
\n /\r\
|
|
\n} else={\r\
|
|
\n /ip dns static\r\
|
|
\n :local dnsDhcpId\r\
|
|
\n :set dnsDhcpId [ find address=\$leaseActIP and comment=\$DHCPtag ]\r\
|
|
\n :if ( [ :len \$dnsDhcpId ] > 0 ) do={\r\
|
|
\n remove \$dnsDhcpId\r\
|
|
\n }\r\
|
|
\n /\r\
|
|
\n}\r\
|
|
\n" lease-time=1d name=dhcp_server_subnet20_vlan20
|
|
/ipv6 dhcp-server
|
|
add address-pool=pool1 interface=vlan2 name=server1
|
|
/routing ospf instance
|
|
add disabled=no name=ospf-instance-s2s redistribute=connected router-id=\
|
|
10.25.26.1
|
|
/routing ospf area
|
|
add area-id=0.0.0.1 disabled=no instance=ospf-instance-s2s name=ospf-area-1
|
|
/snmp community
|
|
set [ find default=yes ] read-access=no security=private
|
|
add addresses=::/0 authentication-password=9IEYe5R-usuhdH7y-LEcJpWcfeQ319 \
|
|
authentication-protocol=SHA1 encryption-password=\
|
|
GjYze03kkkeRMH3sDVbAJp9Gl6WC-I encryption-protocol=AES name=librenms-v3
|
|
/system logging action
|
|
set 0 memory-lines=10000
|
|
/container
|
|
add envlist=mdns hostname=mdns-test interface=mDNSTrunk logging=yes root-dir=\
|
|
/docker/container/mdns_repeater start-on-boot=yes
|
|
/container config
|
|
set registry-url=https://registry-1.docker.io/ tmpdir=/docker
|
|
/container envs
|
|
add key=VLANS name=mdns value="2 10"
|