Difference Mode Wireless

Difference Mode Wireless

One of the media or the interfaces contained in the proxy and is used to connect one network device to another of them is wireless, there are several wireless modes are used in accordance with its function, whether it wishes functioned as an access point (transmitter) or functioned as a station (receiver), we need to know also that not all modes can be used in the wireless bridge network because not all wireless mode support with L2 bridging primarily as a mode wireless station (receiver)

1. Alignment Mode Only
Alignment mode only, commonly used to help when the indicator pointing to the beeper / buzzer on RouterBoard, for example, we could add a script where when getting a good signal then the beeper will sound.

2. Modes AP-Bridge
AP-bridge mode used as an access point or transmitter that can serve multiple clients or also called PTMP (Point To Multi Point), we can use this mode for network routing or bridging nature. To use the AP-Bridge mode RouterBOARD devices must have a minimum level 4 license.

3. Modes Bridge
Bridge mode is used as an access point or transmitter but could only serve one client or also called PTP (Point To Point), this mode also we can use to network routing or bridging nature. To use this mode RouterBOARD device has at least a level 3 license, for example for the type of product types SXT-Embedded 5.xGHz 5HnD that only licensed level 3, we can make a point to point connection using 2 pieces of the device.

4. Nstreme dual mode slave
Basically working mechanisms on the wireless interface is half duplex, but by using this mode we can enable full duplex mechanism of action, this mode is a proprietary wireless in the proxy, of course, we also need a second wireless card and 2 antennas at each wireless router mikrotik

5. Modes Station
Wireless Mode This station is used as a wireless client / receiver topology PTP (Point To Point) or PTMP (Point To Multi Point), the wireless station mode can only be used to shape the nature of network routing, so this mode is one of the effective mode and fuel-efficient if the wireless client side / station is not required bridging

6. Modes Station-Bridge
Station-Bridge mode is a mode on the wireless interface that serves as a receiver / client and support for the bridge network, needs to know that for this mode can only be used if it Mikrotik AP device as well.

7. Modes Station-Psudobridge
Fashion Station-pseudobridge Modes Station is a development of the standard, the same make as the wireless receiver / client, the difference is in Fashion Station-pseudobridge support to create a network that nature Bridge Network, In the use of this mode where there are consequences for not bridging the L2 can be done in full, in terms mac-address of a device that is under the wireless device (PC end user) is not legible on the side of the Access Point.

8. Modes Station-Pesudobridge-Clone
Fashion Station-pseudobridge-Clone Mode is similar to Station-pseudobridge difference is in this mode can clone the mac-address, usually on a wireless link, which is read on the access point is the mac-address of the wireless client interface, but if using Fashion Station-readable Pesudobridge-Clone is the mac-address of the device connected to the station (end user), readable by default which is the mac-address in the header of the first frame in the forward, or can be specified on the "station-bridge-clone- mac "

9. Fashion Station-WDS
Station-WDS mode serves as a receiver / client of a protocol to enable Access Point WDS, WDS protocol deficiency is a decrease wireless throughput of up to 50%, please note that between one vendor with another vendor WDS function is not necessarily compatible, as well as with WDS the proxy.

10. WDS-Slave Mode
WDS-Slave mode serves as a transmitter (Access Point) as well as the receiver (Station) or also called repeaters, this mode is one solution if you want to build a repeater but owned devices only use 1 card wireless card.

Auxiliary Wireless Application

Auxiliary Wireless Application

In this article we will discuss how to use the applications provided by Mikrotik.com to calculate the signal from the wireless capabilities that we use is based on its specification. In addition, we discuss the application to take into account the altitude of the tower that we need if going to build a wireless link.
The first application, the posibility Link Calculator, you can open the following page http://www.mikrotik.co.id/test_link.php
Before we start using these, of course, we already know or at least have a hope of how the distance between wireless devices that we are building, and how much data traffic will we spend in our wireless link. But have you ever read the datasheet of a wireless device? If not, it's time you get used to reading the datasheet, why this is important, because of the datasheet we can find out in detail the specifications / capabilities of the wireless card will be used.
For Mikrotik wireless device, you can download the pdf datasheetnya on page www.routerboard.com
Let us try to count for example the case:
Will set up a wireless link to the District / County-Net as far as 3km, with a throughput of 54Mbps halfduplex semaximal possible that using the miniPCI R52 and Omni 15db antenna side of the AP. For client side we suppose to use the R52 miniPCI also with 15db grid antenna. Used jumper cables connecting using a wireless card with antenna cable LMR400 1M round. The wireless link will we wake up to a frequency of 2.4 GHz or 802.11b / g.
From R52 datasheet we can see that for the datarate of 54Mbps, the tx-power the card uses R52 at 15dBm with minimal signal should we get (rx-sensitivity) of-73dBm.

Staying we enter these values ​​in the application, and calculated:

It turns out that we get -66 signal. In such applications Unreliable said. This means that although it may be connected but are approaching the lower limit value of rx-sensitivity. We need to anticipate if an interruption occurs that causes the signal decreased slightly, the connection can be disconnected. Safe side we should be able to get 10 - rx-sensitivity above 20db.
In the above case, the solution is usually to replace the miniPCI device with tx-greater power, because with the larger reference tx-power, the more distant wireless signal coverage. Let us recondition the case above, we replace the AP to use the card R2SHPN.

From the datasheet we can know, for 54mbps throughput, will use the tx-power 29dBm (2x greater than R52) and rx-sensitivitynya -77
We re-count,

But the result is still "Unreliable". You see the difference signal is received on both sides.
Is one of the larger theory tx-power on the farther reach of our wireless signal? The theory is correct, but you have to remember that wireless communication was done in 2 directions. By replacing tx-power that the greater the AP side, just fix the signal from the AP to the station. But the signal from the station to the AP remains weak.
Why do not we return to the first case, the AP side still using R52, but we change from the use of the antenna. We use antenna fox
flat panel at 20db.
If the recalculated results become:

Reliable .. You notice the signal changes on both sides of what?
Antenna is an amplifier of your wireless signal either at the time of your wireless cards emit a signal or receiving signals from the opponent.
So in fact, from the above calculation, the wisest move if you have a small signal constraints are replacing one one side of the first antenna rather than wasting your time and the cost to replace the wireless card that has a great power.
We proceed to the second application, the application for Antenna Height Calculation, to help this application you can open the following page http://www.mikrotik.co.id/test_tower.php
To calculate the height of the antenna malakukan trial, we can use the previous case, namely for the frequency in use is 2412, the distance between the wireless device to be connected is 3 km, and the average barrier height is 10m.

Seen from the results in the calculation to get the recommended minimum antenna height is 17.9 meters.
If the height of the tower is used less, automatic fresnel zone area (area of ​​signal propagation) is blocked, can be implemented later experienced problems but good signal passing data (throughput) can not be maximal.
Of the two applications could be your first step before starting to build wireless infrastructure in your network. But keep in mind is the second application only theoretical calculations under normal conditions. There are many external factors that can lead to not maximalnya our wireless performance that can not be included in the calculation, such as interference, weather, electromagnetic fields and so on.

Note:
1. Use of any series routerboard (RB4xx, RB8xx, RB7xx etc.) does not affect the wireless range, but from the wireless card and antenna gain to be used.
2. Familiarize read the datasheet for the device you will use, because of the datasheet you can find out the details of the features of the device capabilities.

 

Bandwidth Test Using Mikrotik

Bandwidth Test Using Mikrotik

Besides the main function of network management, Mikrotik Router also has a tool that can be used to determine how much traffic can be passed on a link or connection point.

Tool question is BTEST Server and Bandwidth Test. Can be accessed on the menu / tool.

Proxy will generate traffic that will then be sent to another device via a connection line. This process is commonly called the Bandwidth test. A process consists of a test Bandwidth Bandwidth Bandwidth test servers and test client.
All versions can be used as a RouterOS Mikrotik Bandwidth Test or Bandwidth test server client.

Here is an explanation for both the tool.
1. BTEST Server (/ tool BTEST server)
By default the proxy already contained Bandwidth Test Server and can be used. So enough with the default configuration can be done on the Router Mikrotik bandwidth test.

But we also can do the policy settings on the Mikrotik Bandwidth Test Server. This setting can be done in the menu / tool BTEST server. There are several parameters that can be used.


a. Enabled parameter (default: yes)
used to enable bandwidth test server on the router. If the position enabled = no (disable) or not checked (uncheck) it can not be done to test the bandwidth of the router.

b. Authenticate (default: yes)
As the regulator granting Bandwidth test for client authentication. Authenticate: yes (check), to be able to do the bandwidth test, Bandwidth Test Client must enter a username and password as the one used to perform remote server config Router BTEST.
Authenticate: no (unchecked), Bandwidth Test Client does not need to enter your username and password to perform the bandwidth test.

c. Parameter Max session
Used to set limitations on how Max session / bandwidth connection test which took place simultaneously.

2. Bandwidth Test Tool (/ tool Bandwidth Test)
In addition to the bandwidth test server, Mikrotik Bandwidth can also be used as a test client. Mikrotik Bandwidth test as Client can be configured on the menu / tool bandwidth test

As a test client bandwidth setting can also be done with the existing parameters.


a. Test Parameters To
Used to designate the IP address of Router bandwidth test server.

b. Protocol
We can change the protocol to be used in a bandwidth test on the parameters of the protocol (TCP / UDP)

c. Direction
Used to specify the direction of traffic. There are 3 choices of direction of traffic to be generated

• upload (send)
• download (receive)
• uploading and downloading (both)

d. Local and remote tx tx speed speed
Used to determine the current transfer speed bandwidth test. Units bps (bits per second).

e. Username and password
Adjust the router settings Btestserver. If the router BTEST server authentication parameters: yes then enter the username and password you use for the remote router.

Now we are trying to do the bandwidth test. There is a network with a topology as follows. The main requirement of the bandwidth test server and the client previously had been able to communicate using IP Address.


BTEST Mikrotik Router on each server using the default settings.

We are trying to do bandwidth tests between MikroTik router with the following conditions:
IP Router Server = 192.168.5.215, tests using UDP protocol with the direction of traffic upload (send).
We try to skip traffic with data transfer rate of 10Mbps. Fill in the username and password as the BTEST Server.



If the value of Local and Remote tx speed is determined, then the router will generate traffic with a maximum speed in accordance with the value of the local and remote tx speed.
Whereas if the value is not specified then both routers will try to generate traffic to limit the ability of the device or the maximum traffic that can be passed on the connection path.

In addition to using Mikrotik Routers, Bandwidth test client could also use a PC with the help of Mikrotik Btest.exe applications. This application can be used to make Windows-based PCs as client and server bandwidth test. Can be downloaded free of charge here .

As bandwidth test client, setting the Btest.exe almost the same as when using Mikrotik Router.

,

At the time of the bandwidth test, note the router that serves as BTEST Server on the menu / tool BTEST server session. It would appear that the information bandwidth test is in progress.


This is where the use of the parameter Max Session. If in the example image max session = 2 then the number of sessions / connections test bandwidth that can run concurrently only 2 connections.

If the test is usually bandwidth on the network that is running is done with the help of a website, then the test tools bandwidth proxy can be done with no internet connection.

Bandwidth test is also usually done in the construction of a wireless link before it is used to handle the actual network traffic (real traffic).

Setting Time On Mikrotik

Setting Time On Mikrotik

Setting time (hour / day / month / year) on Mikrotik Router is absolutely necessary when you are implementing some rules based on time parameters, where the rule is configured to run at a certain time. For example scheduler.
Time discrepancy between Mikrotik Router with real circumstances, will result in the rule does not go according to needs. In addition, recording log on the Router is also information at the time the log was made, so it would be confusing readings if the information does not match the time the real situation.
The timing on Mikrotik Router can be performed on the System> Clock. By default time on Mikrotik Router shows the date Jan/02/1970 0:00:00 hours. Should be an adjustment time on the Router.

In RouterBoard, manual settings on the System> Clock will return to the default settings when the router reboots. RouterBoard hardware is not designed to be able to perform its storage time as a computer case.
Alternatively, can use the service NTP (Network Time Protocol) which allows the router to synchronize time to other devices on the network.
Mikrotik can function as an NTP server and NTP client or his second simultaneously.

Mikrotik As an NTP Client
On Mikrotik RouterOS package system already has features SNTP (Simple Network Time Protocol) client that can be used to enable the router as an NTP client. When lit, the Router will automatically synchronize the time on the NTP server that is designated so that the timing will remain updated.
There are many NTP servers on the Internet that can be used. Example: id.pool.ntp.org, ntp.nasa.gov, etc.. Use mode = unicast.

There are only two modes in the SNTP Client, broadcast and unicast. For another mode (Multicast and Manycast) can use the NTP Client install package ntp.npk.

Looks SNTP Client has been successfully synchronize. After successful sync, not necessarily when the Router is correct. Checks on the System> Clock. You will notice that the date was appropriate but the hour is not yet. Adjust to set the Time Zone Name.

Mikrotik As an NTP Server
NTP Server on Mikrotik functions not found in the default package RouterOS, so it must be installed manually ntp.npk package.
With NTP Server function we could have a server in our network so that other RouterBoard enough time searching for information on the local network, no need to use the bandwidth for public access to the NTP server on the internet.
NTP servers we can build on a hardware that can perform the storage time, ie the router.
We can determine the time dissemination methods, can use the Broadcast, Multicast or Manycast.
Here's an example of setting the NTP server to be heard on a network segment 192.168.30.0/24 IP Address.

Setting the NTP server using Broadcast deployment type, so that the NTP client must use the same mode in order to synchronize the time on the NTP server.

 

Maintain Security Router First Step

Maintain Security Router First Step

When finished with the setting of the required features, network admins often ignore the security side of the router. It would be very risky attack against the router, especially when the router is directly connected to the internet and has a public ip. But make no mistake, the attack against the router does not always come from the Internet, could also originate from the local network. We will try to discuss the first steps that need to be done to keep the router from people who are not responsible.

Services

Mikrotik router running multiple services to facilitate the user in how to access the router, or use other features. The by-default service will be run by the router continuously. We can check the service is run by proxy at the IP menu -> Services

There are several services that run by default mikrotik router. The following information details the MikroTik router service and usefulness.

• API: Application Programmable Interface, a service that allows users to create custom software or applications that communicate with the router, for example to retrieve the information in the router, or even configure the router. Using port 8728.
• API-SSL: It has the same functionality as the API, it's just for the API SSL more secure because it comes with a ssl certificate. API is running SSL using port 8729.
• FTP: FTP Mikrotik provides a standard service that uses ports 20 and 21. Commonly used FTP to upload or download the data router, eg backup files. Authorisation to use the FTP user account and password of the router.
• SSH: remote is one way to secure the router console. Almost the same as telnet, only is more secure because the data is encrypted SSH ditrasmisikan by. MikroTik SSH uses port 22 by default.
• Telnet: It has functions similar to ssh only has a few limitations and a low level of security. Usually used as a router for remote console. MikroTik telnet service uses port 23.
• Winbox: Service that allows connection to the router Winbox application. Of course we are familiar with the Winbox application that is used to remotely graphically router. Winbox connection using port 8291.
• WWW: In addition to the remote console and Winbox, the proxy also provides a means of access via a web-base router using a browser. Ports used are standard HTTP port, which is port 80.
• WWW-SSL: Same as the WWW service that allows access to the router using the web-base, www-ssl but it is more secure because it uses SSL certificae to establish a connection between the router and client that will perform remote. By default it uses port 443.

Next is the question for the network administrator, whether then all of them will be used?. Sometimes network admins do not really care, service is still running when not needed, so that the service can be used by people who are not responsible at all times. Have you ever opened a terminal MikroTik router then appear notice "failure for user root from xx.xx.x.xxx via ssh"? The error informs that a user tries to access the router by guessing the username and password of the router.

Disable Service

To minimize user trying to access the router using a particular service, the network administrator can turn off services that are found to be used. Suppose we just need memngakses router via winbox and web-base, then we can turn off the service in addition to two earlier services.

Available From

The network administrator can restrict which network routers can be accessed on a particular service by specifying the parameter "Available From" in the service setting. to determine the "Available From", then the service can only be accessed from a specified network. When someone tries to access the router from outside the network-address allowed, will automatically be rejected by the router. Parameters "Available From" can be filled with the IP address or network address.

Change Port

In addition to determining the allowed addresses, network administrators can also change the port used by a particular service. A person working in the world of networking can easily guess the default port used by the service - limited service.

User Management

Some administrators sometimes think that by giving a password alone is enough. Then to share your username and password to some fellow technicians, even for technicians who only have access router monitoring also granted admin permissions. It would be very risky when the router is a router that is handled is important. Here are some tips wise user management.

Group Policies

Technicians who only have the responsibility of monitoring the network does not require full access rights to the router. Usually full access rights are owned only by the person most knowledgeable about the condition and configuration of the router. Network administrator can create a user in accordance with their job responsibilities - each with the group and determining policies on user settings. If using Winbox, go to System -> Users -> Tab Group.

There are several policy options that will be given to determine the user privilege. The following details the policy options and rights held:

• local: a policy that allows the user login via the local console (keyboard, monitor)
• telnet: use policies that allow remote login via telnet
• ssh: policies that allow the user to log in remotely via secure shell protocol
• ftp: Policies that allow login via FTP full rights, including the dar file transfer to / from the router. Users with this policy have the right read, write, and delete files.
• reboot: Policies that allow the user to restart the router.
• read: Policies that allow to see the router configuration. All console command that is not accessible configuration.
• write: Policies that allow to configure the router, except for user management. This policy does not allow the user to read the configuration of the router, the user is given wirte policy is also given policy is also recommended read.
• policy: The policy for the management of user rights meemberikan. Should be used together with write policy. Allows also to see the global variables created by other users (requires also 'test' policy).
• test: Policies that give the right to run ping, traceroute, bandwidth-test, wireless scan, sniffer, snooper and test other commands.
• Web: Policies that give the right to a remote router via WebBox
• Winbox: Policies that give the right to a remote router via WinBox
• password: Policies that give the right to change passwords
• sensitive: policy which entitles the router to see sensitive information, such as secret radius-key authentication, etc..
• Fire: Policies that give the right to a remote router via the API.
• Sniff: Policies that give the right to use a packet sniffer tool.

Allowed Address

"Allowed Address" is used to determine which network the user is allowed access to the router. Suppose the network admin has a policy that technicians may only mengankses router via a local network, should not be through the public network. in such cases, we can use the option "Allowed Address".

Allowed to address the ip address or network addresss. If we are content with the ip address, then the user can only login when using a particular IP address, if we fill the network address, the user can be used to segment a specific Ip address.

MikroTik Neighbor Discovery Protocol (MNDP)

Is a Layer 2 broadcast domain that allows devices that support MNDP or CDP for each "find". The simplest example when we scan Winbox to the router remotely. By performing a scan, will appear mac address information, identity, and the ip address of the router. So when this MNDP running, users in the network, the router can easily find the router, and the router knows some information. In Mikrotik routers, routers that are running can be seen in the menu MNDP IP -> Neighbors. It would seem that the router was connected and running MNDP.

So that the router does not display information when a user scans discovery protocols, network administrators are advised to disable discovery interface. If using Winbox, go to IP -> neighboor -> Tab Discovery Interfaces.

For example, we disable the setting ether2 discovery interfaces, the router can not be scanned or "found" on the network that is connected to ether2.

 

Dissecting Details MikroTik Router Default Configuration

Dissecting Details MikroTik Router Default Configuration

 At the moment we first MikroTik router settings that are new, we sometimes difficult to remote in ether1, or when we've managed remote router, in the router configuration seen already there are not so familiar. This is not because malfuction MiktoTik router, but because of the default configuration. For some people, it's easier than the initial configuration of a router when no configuration at all. But for those who are still learning MiktoTik settings, the default configuration will be very helpful. We will try to describe more details about the default configuration.

router has a default configuration will typically show that there is a default configuration information after login console or display a dialog box when the remote using Winbox. Examples of the dialog box when the remote with Winbox:

This dialog box displays 3 options. "Remove Configuration" will remove the default configuration so that the router will be clean, without any configuration at all. The option "Show Script" will display the default configuration script. And the option "OK" to install the default configuration into the router.

Each type of router has a different configuration defaults depending on the condition of the device hardware. Scripts default router configuration can be displayed with the command / system default-configuration print

Now we try to describe in general the default configuration.

Ethernet

Default configuration will give the name of the user interface that is intended to be easier to determine which interface cable will be installed.

• Ether 1 will be named ether1-gateway assuming the user will install the cable that connects to the Internet to ether1.
• Ether 2, will be named etherx-master-local.
• Ether until the ether last 3 will be named ether3-slave-local. At this interface, setting master-port will be redirected to ether2 that are in the same network segment with ether2 interface.

Users can connect to the local network ether2, ether3, and so on except ether1. Local network segment should also be in the same segment.

IP Address

The default configuration will put up the IP address for the interface connected to the local network with the IP address 192.168.88.1/24. So that would use the local network segment 192.168.88.0/24 network.

But these hi not apply to products that have 1 ethernet interface, series RB411, RB433 series, series RB435, RB800 series, CCR series and RB1000 series. Fixed IP address on ether1 interface installed.

DHCP

DHCP Server will diajalankan by default in the configuration interface connected to the local network. Client quite connect to the ethernet interface in addition to ether1, it will automatically get the ip address.

The default configuration is also running DHCP Client service on ether1 interface is assumed to be connected to the internet. ISP usually provides the IP address dynamically so that the client does not need kesulitasn setting the IP address, gateway, dns, etc.. If the ISP or modem automatically assigns ip address, then simply connect the cable from the Internet / ISP to ether1 MikroTik router, the router was able to get an IP address and connected to the internet.

Wireless

For devices that have embedded wireless interface, there is also the default configuration for multiple settings depending on the condition of the router hardware.

• Mode, which has a license for the device leve 4 and above, by default will use the mode "AP Bridge", while for a router that has a level 3 license using station mode.
• Band, if the router only support at 2GHz and support MIMO, it will use the band "2Ghz-b/g/n" and routers only support 5GHz band and MIMO will use "-5GHz a / n".
• Frequency, on the support Roiter 2GHz will use the 2412 frequency. And the router will use the 5GHz frequency support 5300.
• Chain, for which the router supports dual chain, will use the default settings enable the chain 0.1. and for routers that are still single chain, will only use the chain 0.
• Security Profile, the default config will create a security profile with the serial number of the router as WPA and WPA2 Key.
• SSID, will be determined based on the wireless interface mac-address. usually will set the SSID "MikroTik-[Six Digit Last MAC-address]"

In addition to providing some of the above settings, the wireless interface will be bridged with ethernet interface so that the local wireless networks are in the same segment of the cable network.

For devices with additional wireless interface installed in MiniPCI port will be disabled.

Firewall
There are some firewall rules to be made by the default security configuration for the router and the router to save resources by conducting drop packets that are not needed. Here's the default firewall rule configuration:

/ Ip firewall filter add chain = input action = accept protocol = icmp comment = "default configuration" filter add chain = input action = accept connection-state = established in-interface = ether1-gateway comment = "default configuration" filter add chain = input action = accept connection-state = related in-interface = ether1-gateway comment = "default configuration" filter add chain = input action = drop in-interface = ether1-gateway comment = "default configuration" nat add chain = srcnat out-interface = ether1-gateway action = masquerade comment = "default configuration"

The first rule in the firewall will menijinkan bound ICMP connection to the router. The second rule allows connections that already have established status heading into the router. The third rule allows connections that already have a status that is also related to the router. The fourth rule will do drop any incoming connection to the router through interface ether1-gateway. And the last rule is a NAT rule that allows a client to borrow under the ip router router to be connected to the Internet.

DNS

Static DNS configuration is created by default with the dns name "router" and the IP address 192.168.88.1. This means that the router is also running as a DNS server. If we open our browser and then type in the address bar with the address of the addressee http://router by the browser is 192.168.88.1 and the display will show a web-base MikroTik router.

Tips

The default configuration can be edited or removed as needed. If it turns out the default configuration makes it difficult or even confusion in setting up the features we need, we can eliminate a number of ways.

First, the remote router must necessarily first, ktika dialog box appears informing about the default configuration as the first picture in this article, select the option "Remove Configuration". Or if you find that the default configuration is installed, can be removed by a reset or netinstall.

So, from now on do not be confused or even panic when the remote router could not be the first time.

 

Monitoring & Graphing Tool in Mikrotik

Monitoring & Graphing Tool in Mikrotik

Routers that have completed our setting and already running, it does not mean we will abandon. The first router is a backbone router. In most ISPs will even monitor for 24 hours nonstop to ensure the good condition of the router - either alone. And if anything happens that makes the network router does not run properly, can be addressed properly.

Likewise network admins also need to record the bandwidth usage for the material in the report whether the bandwidth to get the appropriate information from the ISP bandwidth services, or simply recorded by the client bandwidth usage statistics. To keep records in graph format in MikroTik, network admins can use the "Graphing".

Tool Graphs

First, we will discuss the features of the first graph, this feature can be accessed via the menu Tools -> Graphing, or via the terminal with the command / tool graphing

With tools graph, we can do the monitoring of some parameters on the router and presenting it in graphical form. This graph can be seen by the access router via the web, the address format http:// [router ip] / graphs. For example 192.168.128.105/graphs

By default, the graph tool is not recording any data, when viewed via a web browser have not found any data. It takes any parameter settings to be recorded as well as additional policy if needed. We try to monitor the amount of traffic on one interface, eg for ether2 interface. First, set the settings on the first graphing / graphing tools. Setting this graph to determine how to record the data every minute. Then, add the interfaces to be monitored on the tab "interface rule". In this tab please add ether2 interface.

If it is, wait a moment, then returned Graphs access from a web browser. Will appear on the link in accordance with the interface name recorded in the graph. Click the link to view bandwidth graphs recorded by graphs.

In addition to a router interface, the graph can also record Resource hardware such as CPU, memory and RAM, or it could be to record Queue. If you are familiar with tools or other applications for network monitoring, display graph it can be said to be almost similar.

The Dude
Speaking of applications for network monitoring, Mikrotik has a tool that can display the network in the form of a folder. The tool is The Dude, and as usual MikroTik always provide a free application solutions as well as The Dude's palikasi. Can be downloaded for free directly from http://MikroTik.com

The Dude can be installed on RouterOS (the file format. Npk) or can be installed The Dude version of Windows on the PC executable format file (. Exe). Once we run the application Dude on a Windows PC, Dude we can use to scan and display the network topology in the form or folder. So that will facilitate the monitoring and network management.

Implementations are typically used, The Dude installed on the router, so the network folder will be stored in it, then to access the folder on the router, we need to install The Dude on the PC with the same version. In addition to monitoring the network, we can also do management / remote to the router directly by The Dude. For example, ping, traceroute, bandwidth test is performed directly from our remote router.

The Dude will give you a warning, usually a color change to red when the device is down. And one plus the value of The Dude, this application can not only be used for monitoring any Mikrotik device, as long as a device to enable SNMP, then The Dude can be used for monitoring and management.

SNMP

Then we try needs now reversed, can Mikrotik Router in the monitoring and management with a tool other than The Dude?. And it turns out Mikrotik can be monitored using other applications, for SNMP in Mikrotik active.

Simple Network Management Protocol (SNMP) is the Internet standard protocol for managing devices on a network. SNMP can be used for a variety of graph data. Examples of its use in applications like The Dude and Mikrotik order can be managed, then the SNMP must be enabled. Quite easy, enable SNMP pd Mikrotik, can with command: / snmp set enabled = yes

After setting the SNMP in Mikrotik, live sets in applications that will perform the monitoring and management of the router. If using The Dude, can be a way "Add Device". On the contents of the address with the IP address of the router. Do not forget to check the Secure Mode option.

If it is added, then double-click the device and make sure the status is up. If it is not up or does not show up status information, go to the Services tab, then click the "Discover".

For monitoring traffic running on the router, connect the device to the network by adding a link. Then double-click on the link.

Mastering Type please select SNMP. Then select the traffic on which interface is monitored. It will appear in real time bandwidth information. So, there are many ways to perform network monitoring and management. The Dude is a solution that is reliable and free.

 

Know the PoE function on RouterBoard

Know the PoE function on RouterBoard

Before making a purchase routerboard, it is advisable to look at the details of the product specifications. Have you seen the features PoE and PoE-In-Out on RouterBoard?, Or when we're looking at - see picture RouterBoard, there are several types of routerboard where there is yellow on one or more interfaces. Such information is an indication that the RouterBoard support PoE feature, a feature that is interesting enough to be implemented on our network.

PoE

Stands for Power Over Ethernet, in other words a method that utilizes twisted pair cable (UTP / STP) as the transmission medium power (power). PoE benefits will be felt when we did the installation of an outdoor wireless devices in the tower. With the PoE, we do not need to withdraw the power cord from the power supply to the tower above the existing router. Examples of installation topology that utilizes PoE devices.

PoE-In

Most of the users of MikroTik already quite familiar with the features PoE-In on RouterBoard. This means that if RouterBoard support PoE-In, then the routerboard can receive power from a PoE interface ether without power through the power jack. RouterBoard that support this feature RouterBoard mostly used for wireless needs.

With the PoE-In this feature, technicians no longer need to allocate power cable to provide power to the RouterBoard, just use PoE to pass power through UTP cable, UTP cable means will be used to pass data while skipping the power to RouterBoard. In outdoor wireless package usually includes passive PoE. Shape each passive PoE outdoor wireless packet sometimes differ depending on equipment specifications. Sample images Passive PoE.

On the outside there is usually some text information. For the passive POE port labeled LAN is connected to the local network, can be directly to a computer or to switching. LAN port in passive PoE only serves to pass data. Furthermore, passive PoE port labeled POE on RouterBoard connected to the information contained PoE port (usually ether1). Port is in addition to pass data, also sends power to be used by the RouterBoard. Jack and power port (DC), connect the adapter. RouterBoard will be lit by using a power supply via a UTP cable from PoE so they no longer require power from the power jack plugs.

PoE-Out

As we have seen before, some products MikroTik Support PoE output features. This feature serves to provide power supply to the devices connected to interfaces that support PoE-Out.

Examples of products that support PoE Out example RB750UP or Omnitik UPA. Routers that have this feature are usually equipped with different adaptop the usual adapter. Of course a power adapter that has a better capacity. Each - each device has a number of PoE-Put interface that is different - different. It is recommended to see the detailed specifications of each device if you need this feature.

Case suppose we'll plug in some wireless routers in a single tower. With regular router, then each - each wireless router will need an adapter and passive PoE, installation topology will be as follows:

Unlike when we are already use RouterBOARD with PoE feature out, eg Omnitik UPA. Then the power needs of other wireless routers can be supplied by the UPA Omnitik without having to add an adapter and PoE for each device. Topology installation will be as follows

PoE-Out can be configured via the command: / interface ethernet poe. Each port can be configured independently. In the fast ethernet cable, by default Blue and Brown wires will be used to pass power where the blue wire to the positive voltage while the brown wire going to miss the negative voltage. If using Winbox, PoE settings can be done by double-click interface, then click the PoE tab.

It would appear that some of the parameters can be determined according to the needs, the following details about pearameter that can be set:

• Auto-on - the router will attempt to detect whether power can be run / not on that port. The router will check using a low voltage, there are barriers ranged from 3kΩ to 26.5kΩ the PoE will be lit.
• Forced-on - Turns off and will make the detection function as PoE ports continuously for no overload and short circuit.
• Off - The function will be switched off and PoE detection will also be turned off. Ethernet port will function properly regular ethernet.

In RouterOS v.6.x if using a long cable to a power source on the router add the following command: / interface ethernet set ether1 poe-poe settings-in-long-cable = yes

PoE Priority

Used to determine the priority of PoE power per port. The highest priority is 0 and the lowest priority is 99. If there are two or more interfaces with the same priority then the ethernet port with the smallest number will automatically have higher priority. For example, ether2 and ether3 have the same priority, and if there is an overload ether3 the PoE will be turned off. The router will check every 6 seconds if ethernet is turned off because the priority could be given the power back.

Safety

To avoid hardware damage due to power, PoE feature equipped with several features.

• Port detection, auto-on mode can be said to be fairly safe mode where the router can malakukan checks whether the device is connected to the port requires and is capable of receiving power properly or not.
• Overload Protection, when Poe-Out run the router will check the occurrence oveload. In case of overload the PoE-Out will be turned off to avoid hardware damage caused by excessive power. PoE controller firmware version 2 allows the distribution of maximum 1 ampere at one port and a maximum of 2.2 amps for a total of all ports.
• Short Circuit Detection, checking is done at the time of the occurrence of short-out on the PoE-enabled. If the router detects the occurrence of short, then all PoE-Out port will be turned off.

Monitoring

For monitoring, simply double-click interface that runs as POE-Out, then the tab will display information PoE power is distributed on the port.

RouterBoard device that supports PoE-Out usually marked with the code "P" or "i" in the product name, eg Omnitik UPA, RB750UP, RB260GSP, RB2011UiAS, etc.. Code "P" means all ethernet besides ether1 on RouterbBoard support PoE-Out, while the product has the code "i" means having a support Ethernet PoE-Out.