Home > MikroTik > Router > MikroTik Router OS V3.0 User Manual

MikroTik Router OS V3.0 User Manual

Add to Favourites
    Download as PDF Print this page Share this page

    Have a look at the manual MikroTik Router OS V3.0 User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1 MikroTik manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    View all the pages
    Page
    of 491
    Add page 361 to Favourites
    image text
    Enable zoom 
    								



 	
(	  
( M E   	 
 +3 	 

Example
 	
 /. printFlags: X - disabled, R - radius, D - dynamic, B - blocked# ADDRESS MAC-ADDRESS HOST-NAME SERVER RATE-LIMIT STATUS0 D 10.5.2.90 00:04:EA:C6:0E:40 switch bound1 D 10.5.2.91 00:04:EA:99:63:C0 switch bound[admin@MikroTik] ip dhcp-server lease> add copy-from=0 address=10.5.2.100[admin@MikroTik] ip dhcp-server lease> printFlags: X - disabled, R - radius, D - dynamic, B - blocked# ADDRESS MAC-ADDRESS HOST-NAME SERVER RATE-LIMIT STATUS0 D 10.5.2.91 00:04:EA:99:63:C0 switch bound1 10.5.2.100 00:04:EA:C6:0E:40 switch bound[admin@MikroTik] ip dhcp-server lease>
DHCP Alert
Home menu level:/ip dhcp-server alert
Description
 
 	
  5,3$ ( 	 
 	 
 		 
  

 5,3$ +
 
 	
   *
 


 


  	 5,3$  	
  
 
    	 (	 5,3$ ( * 
 


 5,3$ (  

 	
 
 

[admin@MikroTik] ip dhcp-server alert>/log print00:34:23 dhcp,critical,error,warning,info,debug dhcp alert on Public:discovered unknown dhcp server, mac 00:02:29:60:36:E7, ip 10.5.8.236[admin@MikroTik] ip dhcp-server alert>
6
 
 
 	
 	
 	  5,3$ ( 
 	
 
 	 
 

+ 5,3$  	
  
	
   

 	 

 ( 	
  
 
  

 	
 	
 	 
 
   

 	
 	 	  

 	  7 
 
 
  ( 8


 	 


Property Description
alert-timeout(nonetime; default:none) - time, after which alert will be forgotten. If after that time
the same server will be detected, new alert will be generated
•none- infinite time
interface(name) - interface, on which to run rogue DHCP server finder
on-alert(text) - script to run, when an unknown DHCP server is detected
unknown-server(read-only: text) - list of MAC addresses of detected unknown DHCP servers.
Server is removed from this list after alert-timeout
valid-server(text) - list of MAC addresses of valid DHCP servers
Page 350 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
    Add page 362 to Favourites
    image text
    Enable zoom 
    							Notes
+ 	
 
 	
 

	 	
  	 	
 	
 
 
 	

   
 

Q

	D
9
 
	
 7	 	
  

 
/system logging action add target=email
DHCP Option
Home menu level:/ip dhcp-server option
Description
6
   5,3$  

 
 
   
 
 	

	 
 

  5,3$ !( 
 	(

Property Description
code(integer: 1..254) - dhcp option code. All codes are available at
http://www.iana.org/assignments/bootp-dhcp-parameters
name(name) - descriptive name of the option
value(text) - parameters value in form of a string. If the string begins with 0x, it is assumed as a
hexadecimal value
Notes
 
 

  	
  
/ip dhcp-server network

+
 
 
 5,3$ 
 	 		
  

 
 
 5,3$ 

 
  
 8
 

		
 
 
 
(  
 5,3$ 8
 $		
7A
 & 
0 
 

 
 5,3$ ( 

 

[admin@MikroTik] ip dhcp-server network> add address=10.1.0.0/24 \\... gateway=10.1.0.1 dhcp-option=Option-Hostname dns-server=159.148.60.20[admin@MikroTik] ip dhcp-server network> print detail0 address=10.1.0.0/24 gateway=10.1.0.1 dns-server=159.148.60.20dhcp-option=Option-Hostname
Page 351 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
    Add page 363 to Favourites
    image text
    Enable zoom 
    							[admin@MikroTik] ip dhcp-server network>
9 
 5,3$ (   
 
 ,
	
.
 5,3$ 

 & 8

DHCP Relay
Home menu level:/ip dhcp-relay
Description
5,3$ 	  4
 	  
	
  	 
 ( 	 5,3$ 8
 	
 
 
 
 
 	 5,3$ (
Property Description
delay-threshold(time; default:none) - if secs field in DHCP packet is smaller than
delay-threshold, then this packet is ignored
dhcp-server(text) - list of DHCP servers IP addresses which should the DHCP requests be
forwarded to
interface(name) - interface name the DHCP relay will be working on
local-address(IP address; default:0.0.0.0) - the unique IP address of this DHCP relay needed for
DHCP server to distinguish relays:
•0.0.0.0- the IP address will be chosen automatically
name(name) - descriptive name for relay
Notes
5,3$ 	  

  
 	
	 5,3$ ( 
 
 7( 
 
 4
 
 
 


8
 
 	 
 
 (
Example
 	 	 5,3$ 	 
	

 !

	 

 	 ( 8
 
 
!+%+%+%!
5,3$ (
[admin@MikroTik] ip dhcp-relay> add name=relay interface=ether1 \\... dhcp-server=10.0.0.1 disabled=no[admin@MikroTik] ip dhcp-relay> printFlags: X - disabled, I - invalid# NAME INTERFACE DHCP-SERVER LOCAL-ADDRESS0 relay ether1 10.0.0.1 0.0.0.0
[admin@MikroTik] ip dhcp-relay>
Question&Answer-Based Setup
Command name:/ip dhcp-server setup
Questions
Page 352 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
    Add page 364 to Favourites
    image text
    Enable zoom 
    							addresses to give out(text) - the pool of IP addresses DHCP server should lease to the clients
dhcp address space(IP addressnetmask; default:192.168.0.0/24) - network the DHCP server will
lease to the clients
dhcp relay(IP address; default:0.0.0.0) - the IP address of the DHCP relay between the DHCP
server and the DHCP clients
dhcp server interface(name) - interface to run DHCP server on
dns servers(IP address) - IP address of the appropriate DNS server to be propagated to the DHCP
clients
gateway(IP address; default:0.0.0.0) - the default gateway of the leased network
lease time(time; default:3d) - the time the lease will be valid
Notes
5

 
 

 


 	
 	
 
 
 ( 8

 	
 (	  
 8


	  

 ! 8

 	 		  
  
	

 & 	 
  
  
	
  %	% 
 
 (  
 
 
 


 


Example
 
 5,3$ ( 

 !

	 
 
 	  /...- 
 /...- setupSelect interface to run DHCP server on
dhcp server interface: ether1Select network for DHCP addresses
dhcp address space: 10.0.0.0/24Select gateway for given network
gateway for dhcp network: 10.0.0.1Select pool of ip addresses given out by DHCP server
addresses to give out: 10.0.0.2-10.0.0.254Select DNS servers
dns servers: 159.148.60.20Select lease time
lease time: 3d[admin@MikroTik] ip dhcp-server>
 2	 	 	 
 
 
	

 	 
 
 	
 	(
[admin@MikroTik] ip dhcp-server> printFlags: X - disabled, I - invalid# NAME INTERFACE RELAY ADDRESS-POOL LEASE-TIME ADD-ARP0 dhcp1 ether1 0.0.0.0 dhcp_pool1 3d no
[admin@MikroTik] ip dhcp-server> network print# ADDRESS GATEWAY DNS-SERVER WINS-SERVER DOMAIN0 10.0.0.0/24 10.0.0.1 159.148.60.20
[admin@MikroTik] ip dhcp-server> /ip pool print# NAME RANGES
Page 353 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
    Add page 365 to Favourites
    image text
    Enable zoom 
    							0 dhcp_pool1 10.0.0.2-10.0.0.254
[admin@MikroTik] ip dhcp-server>
Application Examples
Dynamic Addressing, using DHCP-Relay
A
  
 
	
  	( (	 *$ 

 %
% 
 
 
  	

 
  	 5,3$
( 
 	 
 
   
  
 	 5,3$ 	 
  

   5,3$ 8

 

 
 5,3$ (
 	     
 
 	 5,3$ ( 	
 	 5,3$ 	  ( - *$ 

 7
!&%!)(%!%+&1	
!&%!)(%&%+&1
	
 	 
 	 
/,53
Page 354 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
    Add page 366 to Favourites
    image text
    Enable zoom 
    							*$ 	 /,50
[admin@DHCP-Server] ip address> printFlags: X - disabled, I - invalid, D - dynamic# ADDRESS NETWORK BROADCAST INTERFACE0 192.168.0.1/24 192.168.0.0 192.168.0.255 To-DHCP-Relay1 10.1.0.2/24 10.1.0.0 10.1.0.255 Public[admin@DHCP-Server] ip address>
*$ 	 /,53
[admin@DHCP-Relay] ip address> printFlags: X - disabled, I - invalid, D - dynamic# ADDRESS NETWORK BROADCAST INTERFACE0 192.168.0.1/24 192.168.0.0 192.168.0.255 To-DHCP-Server1 192.168.1.1/24 192.168.1.0 192.168.1.255 Local12 192.168.2.1/24 192.168.2.0 192.168.2.255 Local2[admin@DHCP-Relay] ip address>
 
 - 5,3$ !( 
/,50
 	 -  # 

!&%!)(%!%+&1	

!&%!)(%&%+
/ip pool add name=Local1-Pool ranges=192.168.1.11-192.168.1.100/ip pool add name=Local1-Pool ranges=192.168.2.11-192.168.2.100
[admin@DHCP-Server] ip pool> print# NAME RANGES0 Local1-Pool 192.168.1.11-192.168.1.1001 Local2-Pool 192.168.2.11-192.168.2.100[admin@DHCP-Server] ip pool>
3	
 5,3$ !(
/ip dhcp-server add interface=To-DHCP-Relay relay=192.168.1.1 \address-pool=Local1-Pool name=DHCP-1 disabled=no/ip dhcp-server add interface=To-DHCP-Relay relay=192.168.2.1 \address-pool=Local2-Pool name=DHCP-2 disabled=no
[admin@DHCP-Server] ip dhcp-server> printFlags: X - disabled, I - invalid# NAME INTERFACE RELAY ADDRESS-POOL LEASE-TIME ADD-ARP0 DHCP-1 To-DHCP-Relay 192.168.1.1 Local1-Pool 3d00:00:001 DHCP-2 To-DHCP-Relay 192.168.2.1 Local2-Pool 3d00:00:00[admin@DHCP-Server] ip dhcp-server>
3
 
( 


/ip dhcp-server network add address=192.168.1.0/24 gateway=192.168.1.1 \dns-server=159.148.60.20/ip dhcp-server network add address=192.168.2.0/24 gateway=192.168.2.1 \dns-server 159.148.60.20
[admin@DHCP-Server] ip dhcp-server network> print# ADDRESS GATEWAY DNS-SERVER WINS-SERVER DOMAIN0 192.168.1.0/24 192.168.1.1 159.148.60.201 192.168.2.0/24 192.168.2.1 159.148.60.20[admin@DHCP-Server] ip dhcp-server network>
3
	

 /,50 
 9 
% 
/,53
/ip dhcp-relay add name=Local1-Relay interface=Local1 \dhcp-server=192.168.0.1 local-address=192.168.1.1 disabled=no/ip dhcp-relay add name=Local2-Relay interface=Local2 \dhcp-server=192.168.0.1 local-address=192.168.2.1 disabled=no
[admin@DHCP-Relay] ip dhcp-relay> printFlags: X - disabled, I - invalid# NAME INTERFACE DHCP-SERVER LOCAL-ADDRESS
Page 355 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
    Add page 367 to Favourites
    image text
    Enable zoom 
    							0 Local1-Relay Local1 192.168.0.1 192.168.1.11 Local2-Relay Local2 192.168.0.1 192.168.2.1[admin@DHCP-Relay] ip dhcp-relay>
IP Address assignment, using FreeRADIUS Server
A
  
 
	
  	

 
 	
 *$ 	  

 
 
 +5*0! (
6 	 
	
  		 	( 

	 #+5*0! P
 	 
 
 
  
 
00:0B:6B:31:02:4B Auth-Type := Local, Password == Framed-IP-Address = 192.168.0.55



 
client 172.16.0.1 {secret = MySecretshortname = Server}
3
 	 3

 
 
 !
/radius add service=dhcp address=172.16.0.2 secret=MySecret
[admin@DHCP-Server] radius> print detailFlags: X - disabled0 service=dhcp called-id= domain= address=172.16.0.2 secret=MySecretauthentication-port=1812 accounting-port=1813 timeout=00:00:00.300accounting-backup=no realm=[admin@DHCP-Server] radius>
!
 5,3$ !(
1.3	
 	
 	 
Page 356 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
    Add page 368 to Favourites
    image text
    Enable zoom 
    							/ip pool add name=Radius-Clients ranges=192.168.0.11-192.168.0.100
2.+ 	 5,3$ (
/ip dhcp-server add address-pool=Radius-Clients use-radius=yes interface=Local \disabled=no
3.3
 5,3$ 


/ip dhcp-server network add address=192.168.0.0/24 gateway=192.168.0.1 \dns-server=159.148.147.194,159.148.60.20
9 
 

 
 +3 	++P+IP)IP2!P+&P1I 		 ( *$ 	!&%!)(%+%**
Page 357 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
    Add page 369 to Favourites
    image text
    Enable zoom 
    							DNS Client and Cache
Document revision 1.3 (November 28, 2007, 10:44 GMT)
This document applies to MikroTik RouterOS V3.0
Table of Contents
TableofContents
Summary
Specifications
Description
AdditionalDocuments
DNSCacheSetup
Description
PropertyDescription
Notes
Example
CacheMonitoring
Description
PropertyDescription
AllDNSEntries
Description
PropertyDescription
StaticDNSEntries
Description
PropertyDescription
Notes
Example
FlushingDNScache
CommandDescription
Example
General Information
Summary
59! 	   
 
2 59! 8
 
 	
 

	 59! ( 	  	 
 
2 59!


 
   	  ( 59! ( 
 	 

Specifications
Packages required:system
License required:level1
Home menu level:/ip dns
Standards and Technologies:DNS
Hardware usage:Not significant
Description
Page 358 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
    Add page 370 to Favourites
    image text
    Enable zoom 
    							+  
 
 59! 	
 
	 	
  
 	 	 59! (  	
 59!7	

 


(  
 	
   	 	 	 59! ( 
 
 7( 


 6
 


 8
 	 
	 
  
 
 
 3$ 	
 05$ 59! 8
 
 
  printprimary-dns: 159.148.60.2secondary-dns: 0.0.0.0allow-remote-requests: yescache-size: 2048KiBcache-max-ttl: 1w
Page 359 of 480Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
    All MikroTik manuals Comments (0)