The document consists of 11 main parts. Parts can be divided further into sections. Each section (or a part if it doesn't consist of sections) of this document is divided into three subsections. In the first subsection, management from the Java Console is described. Management from the Console is described in the second subsection. The third subsection is devoted to description of the parameters. However some sections are not divided if it is not necessary.
In this publication, the following conventions are used:
to the contents |
To make a PC based router running MikroTik™ Router Software, it is necessary to:
The MikroTik™ Router Software installs on a standard PC system with a hard disk or flash disk. Hardware requirements are as follows:
Processor - 486DX or higher CPU with math co-processor. Pentium (AMD, Cyrix,
IDT WinChip or Intel) 100MHz or higher suggested;
RAM - at least 16 MB (preferably 32 MB);
Video - Color or Monochrome VGA video card or on-board VGA port;
HDD controller - IDE hard drive controller;
HDD - Hard disk or flash disk (preferably at least 32 MB);
FDD - 1,44 MB Floppy Drive. This is not needed after installation, and can be
safely removed;
Keyboard - may also be removed after the software installation, if BIOS allows
the PC to boot without a keyboard.
Monitor - may be removed after installation. You should keep the keyboard and
monitor attached if you want to administer the system locally from the console.
Network Interface - NE2000 or compatible NIC. For more supported network cards
and devices, please see 'Supported Hardware' section.
Check the BIOS settings of your router. Make sure that the boot sequence is 'A: C:', and 'Floppy drive seek at boot' is enabled.
Check that the BIOS settings for PNP OS are disabled and PCI and ISA allocation of IRQs correspond to your interface installation plans. Disable the paralell port to free resources. Check the IO and IRQ assignments for Serial Interfaces, which should be as follows:
COM1 - IO 0x3f8 and IRQ 4
COM2 - IO 0x2f8 and IRQ 3
If you use 20MB SanDisk 3.5" FlashDrive as the target HDD for your router installation, use the recommended BIOS settings for it:
Cylinders 612, Heads 2, Sectors 32, Mode NORMAL
Put 'Disk #1' in the floppy drive, and boot up your router. The installation will be looking for hard drives. You will see something like this:
Found harddrive on IDE primary master (disk C)
To install software properly, it needs to be reformatted.
Format it? [y/n]:
Press yes to FORMAT your HDD.
Note that the primary hard disk of your router will be OVERWRITTEN, and any existing data on it will be destroyed.
You will be asked to insert all next three installation floppies:
Please insert 2nd installation floppy.
Press ENTER when ready
and so on until the last floppy drive will be inserted and you will be asked to reboot your computer:
Software installed.
Press ENTER to reboot
Remove the installation disk from the floppy disk drive and press ENTER.
While booting up the router for the first time you will see your software ID, and you will be asked to enter your software key. This key is unique depending on several variables including the particular data carrier (flash disk or hard drive) and information from your MikroTik registered account. Please enter the software key obtained from MikroTik - www.MikroTik.com. Register with our "Account Server" to obtain a key.
The software installation is complete.
Log on to your PC router running MikroTik™ Router Software for
the first time using login name 'admin' and blank password (just press
Note There is no way to replace a lost password, so be careful! You
will need to re-install the router if the password is lost.
If you have an NE2000 Ethernet card then it was loaded automatically on boot all you have to do is to enable this interface and make all necessary IP settings. You can do that using the setup command:
Command | Parameters | Description |
---|---|---|
setup | Basic system setup | |
Enable interface | Enable an interface | |
IP address | Set router's IP address | |
Netmask | Set network mask | |
Gateway | Set a default gateway of the router |
Here is an example for PCI Ethernet card:
[MikroTik]> setup
Enable interface [ether1]: ether1 ip address: 10.5.8.161
Netmask [255.255.255.0]: 255.255.255.0
Gateway [10.5.8.254]: 10.5.8.1
[MikroTik]>
Try to ping some host on your network to test the initial configuration, for example:
[MikroTik]> ping 10.5.8.1
If you get responses from the host, your network connection works properly, and you should be able to access the router remotely via network.
If you have some other network card please read the "Device Driver Management" section in the User Manual for details on a specific driver you are using, whether it is loaded automatically or not. If it was loaded automatically then the setup command would work as described above.
If the driver was not loaded automatically then the setup command will ask you to do that. Also you will be prompted to enter IP parameters:
Command | Parameters | Description |
---|---|---|
setup | Basic system setup | |
Load driver | Load network device driver. You can choose one of the following: arlan, c101, ne2k-isa, pc-isa, radiolan, 3c509 | |
driver io | Set input/output port range base address. Can be omitted if device does not use IO ports | |
driver irq | Set Interrupt Request Number. Can be omitted if device does not use IRQ. For IRQ probing enter 0 | |
IP address | Set router's IP address | |
Netmask | Set network mask | |
Gateway | Set a default gateway of the router |
Here is an example for 3C509 ISA card:
[MikroTik]> setup
Load driver: 3c509
driver io: 0x300
driver irq: 11
IP address: 10.5.8.161
Netmask [255.255.255.0]: 255.255.255.0
Gateway [10.5.8.254]: 10.5.8.1
[MikroTik]>
Use ping command as described above to check your settings.
If you get responses from the host, your network connection works properly, and you should be able to access the router remotely via network.
Please read appropriate sections of this manual for more detailed description of configuration options.
A connection via console port is established using an RS-232 null modem cable. Standard PCs have a 9 pin male serial port built-in. Use any VT100 terminal emulation program on your PC or Laptop. The required communication settings are:
9600 bps, 8 bit, No parity, 1 stop bit
For PC with Windows running, set the COM port to your corresponding serial port. Usually it is COM2.
to the contents |
MikroTik Java Console requires Java 2 browser plug-in. This may be downloaded from the "Download" page at www.mikrotik.com or www.sun.com.
In the Web Browser open the page with the address http://<IPAddressOfTheRouter>. Then start the applet.
When you type your login name and password you are logged in the router via Java Console.
All operations are performed via the main menu that is situated on the left of the main window. It consists of twelve items. If a menu item has an arrow sign then it contains submenu. Each of menu item is described in the User Manual in the corresponding chapters, excluding menu item "Help". The table below describes the correlation.
Menu Item | Chapter Name |
---|---|
Interfaces | Network Interface Management |
IP | Internet Protocol Management |
Router | Advanced Routing Management |
Bridge | Bridge Configuration |
Drivers | Device Drivers Management |
SNMP Server | SNMP Service Configuration |
System | System Configuration |
Logs | System Configuration |
Users | System Configuration |
Tools | Tools |
Password | System Configuration |
Here are the most common actions that you perform on the entries:
Action | Description |
---|---|
Open | To open the required window simply click on the corresponding menu item. |
Add | To add a new entry you should click on the icon in the corresponding window. |
Remove | To remove an existing entry click on the icon. |
Edit | Click twice on the icon on the left of each line. |
Enable | To enable interface, address etc. click the icon. |
Disable | To disable interface, address etc. click the icon. |
Comment | To save a comment an entry click the icon. |
Refresh | Click on the icon in the corresponding window. |
Undo | Click on the icon above the main menu. |
Redo | Click on the icon above the main menu. |
Logout | Click on the icon above the main menu. |
Main Menu
When you log into the router via console or telnet you get a base level prompt. As it is in Java almost every command has the corresponding chapter in the Manual. In the table below base level commands are described:
Command Name | Description | Chapter in the Manual |
---|---|---|
ping | Send ICMP Echo packets | Tools |
tool | System tools | Tools |
user | User management | System Configuration/ User Management |
log | View system logs | System Configuration/ System Logs Management |
quit | Quit console | |
setup | Do basic setup of the system | Basic System Setup |
password | Change user password | System Configuration/ Change Password |
undo | Undo previous action | |
redo | Redo previous action | |
export | Export router settings | User Interconnection Description |
interface | Interface configuration | Network Interface Management |
driver | Driver management | Device Driver Management |
system | System configuration | System Configuration |
bridge | Bridge configuration | Bridge Configuration |
snmp-server | SNMP server configuration | SMNP Service Configuration |
terminal | Set terminal type | Terminal Setup and Basic System Setup |
ip | IPv4 specific settings | Internet Protocol Management |
router | Routing settings | Advanced Routing Management |
The table below describes how you can execute commands, move through the levels in the console, etc.
Command | Action |
---|---|
command [Enter] | Execute the command |
[?] | Show the list of all available commands |
command [?] | Display help on the command and the list of arguments |
command argument [?] | Display help on the command's argument |
[Tab] | Complete the command/word. If the input is ambiguous, a second [Tab] gives possible options |
/ | Move up to the base level |
/command | Execute the base level command |
.. | Move up one level |
"" | Enter an empty string |
"word1 word2" | Enter 2 words that contain a space |
You can abbreviate names of levels, commands and arguments.
The console allows configuration of the router settings using text commands. The command structure is similar to the Unix shell. Since there's a whole lot of available commands, they're split into hierarchy. For example, all commands that work with routes start with "ip route":
[drax]> ip route print
#
|
DST-ADDRESS | NETMASK | GATEWAY | PREF-ADDRESS | INTE... |
0
|
0.0.0.0
|
0.0.0.0
|
10.0.0.1
|
0.0.0.0
|
ether1 D
|
1
|
10.0.0.0
|
255.255.255.0
|
0.0.0.0
|
10.0.0.65
|
ether1 D K
|
[drax]> ip route set 1 netmask 255.255.0.0
[drax]> ip route print
#
|
DST-ADDRESS | NETMASK | GATEWAY | PREF-ADDRESS | INTE... |
0
|
0.0.0.0
|
0.0.0.0
|
10.0.0.1
|
0.0.0.0
|
ether1 D
|
1
|
10.0.0.0
|
255.255.0.0
|
0.0.0.0
|
10.0.0.65
|
ether1 D K
|
Instead of typing "ip route" before each command, "ip route" can be typed once to "change into" that particular branch of command hierarchy. Thus, the example above could also be executed like this:
[drax]> ip route
[drax] ip route> print
#
|
DST-ADDRESS | NETMASK | GATEWAY | PREF-ADDRESS | INTE... |
0
|
0.0.0.0
|
0.0.0.0
|
10.0.0.1
|
0.0.0.0
|
ether1 D
|
1
|
10.0.0.0
|
255.255.255.0
|
0.0.0.0
|
10.0.0.65
|
ether1 D K
|
[drax] ip route> set 1 netmask 255.255.0.0
[drax]> ip route print
#
|
DST-ADDRESS | NETMASK | GATEWAY | PREF-ADDRESS | INTE... |
0
|
0.0.0.0
|
0.0.0.0
|
10.0.0.1
|
0.0.0.0
|
ether1 D
|
1
|
10.0.0.0
|
255.255.0.0
|
0.0.0.0
|
10.0.0.65
|
ether1 D K
|
Notice that prompt changes to show where in the command hierarchy you are located at the moment. To change to top level, type "/"
[drax] ip route> /
[drax]>
To move up one command level, type ".."
[drax] ip route> ..
[drax] ip>
You can also use "/" and ".." to execute commands from other levels without changing the current level:
[drax] ip route> /ping 10.0.0.10
timeout: ping reply not recieved after 1000 mss
timeout: ping reply not recieved after 1000 mss
ping interrupted 2 packets transmitted, 0 packets received, 100% packet loss
interrupted
Or alternatively, to go back to the base level you could use the ".." twice:
[drax] ip route> .. .. ping 10.0.0.10
10.0.0.10 pong: ttl=128 time=2 ms
10.0.0.10 pong: ttl=128 time=1 ms
ping interrupted 2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 1/1.5/2 ms
interrupted
[drax] ip route>
- Lists -
Many of the command levels operate with arrays of items: interfaces, routes, users etc. Such arrays are displayed in similar looking lists. All items in the list have an item number followed by it's parameter values. For example:
[drax]> interface print
# NAME STATE TYPE MTU
# |
NAME
|
STATE
|
TYPE
|
MTU
|
0 |
ether5
|
up
|
ethernet
|
1500
|
1 |
ether1
|
up
|
ethernet
|
1500
|
To change parameters of an item (interface in this particular case), you have to specify it's number:
[drax]> interface set 1 mtu 1234
[drax]> interface print
# |
NAME
|
STATE
|
TYPE
|
MTU
|
0 |
ether5
|
up
|
ethernet
|
1500
|
1 |
ether1
|
up
|
ethernet
|
1234
|
Numbers are assigned by "print" command and are not constant - it is possible that two successive "print" commands will order items differently. Thus, you must use the print command before any other command that works with list items, to assign numbers.
Note Although numbers can change each time you use the "print" command, they don't change between these uses. Once assigned, they will remain the same until you quit the console or until the next "print" command. Also, numbers are assigned separately for every item list, so "ip address print" won't change numbers for interface list.
Let's assume "ip address print" hasn't been executed already. In this case:
[drax]> ip address set 123 netmask
255.255.0.0
Error: number : (no numbers assigned)
To understand better how do item numbers work, you can play with "from" argument of "print" commands:
[drax]> interface print from 1
# |
NAME
|
STATE
|
TYPE
|
MTU
|
1 |
ether1
|
up
|
ethernet
|
1500
|
The "from" argument specifies what items to show. Numbers are assigned by every "print" command, thus, after executing command above there will be only one item accessible by number - interface "ether1" by number 0.
- Item names -
Some lists have items that have specific names assigned to each. Examples are "interface" or "user" levels. There you can use item names instead of numbers:
[drax]> interface set ether1 mtu 1234
You don't have to use the "print" command before accessing items by name - as opposed to numbers, names are not assigned by the console internally, but are one of the items' parameters. Thus, they won't change on their own (But there are all kinds of obscure situations possible when several users are changing router configuration at the same time). Generally, item names are more "stable" than numbers, and also more informative, so you should prefer them ver numbers when writing console scritps. Also, <tab> completions work on item names, making them easy to type.
- Quick typing -
There are two features in router console that help entering commands a lot quicker and easier - tab key completions and abbreviations of command names. Completions work similarly to the bash shell in UNIX. If you press the tab key after part of word, console tries to find command in current context that begins with this word. If there's only one match, it is automatically appended, followed by space character:
/inte<tab>_ becomes /interface _
(where "_" is cursor position)
If there's more than one match, but they all have a common beginning which is longer that what you've typed, then the word is completed to this common part, and no space is appended:
/interface set e<tab>_ becomes
/interface set ether_
(because "e" matches both "ether5" and "ether1" in this example)
If you've typed just the common part, pressing the tab key once has no effect. However, pressing it second time shows all possible completions in compact form:
[drax]> /interface set e<tab>_
[drax]> /interface set ether<tab>_
[drax]> /interface set ether<tab> ether1 ether5
[drax]> /interface set ether_
The tab key can be used almost in any context where the console might have a clue about possible values - command names, argument names, arguments that have only several possible values (like names of items in some lists or name of protocol in firewall and NAT rules). You can't complete numbers, IP addresses and similar values.
Another way to press less keys while typing is to abbreviate command and argument names. You can type only beginning of command name, and if it is not ambiguous console will accept it as a full name:
[drax]> ip f s r 1 equals to [drax]> ip firewall static-nat remove 1
[drax]> pi 10.1 c 3 s 100 equals to [drax]> ping 10.0.0.1 count 3 size 100
Note ".." can be shortened to ".", because no other words in command levels begin with dot.
- Help -
The console has a built-in help, which can be accessed by typing '?'. General rule is that help shows what you can type in position where the '?' was pressed (similarly to pressing tab key twice, but in verbose form and with explanations).
- Internal item numbers -
Items can also be addressed by their internal numbers. These numbers are generated by console for scripting purposes and, as the name implies, are used internally. Although you can see them if you print return values of some commands (internal numbers look like hex number preceded by '*' - for example "*100A"), there's no reason for you to type them in manually. Use of invalid internal numbers can result in severe injury of your router configuration.
- Multiple items -
You can specify multiple items as targets of some commands. Almost everywhere, where you can write the number of items, you can also write a list of numbers:
[drax]> interface print
# |
NAME
|
STATE
|
TYPE
|
MTU
|
0 |
ether5
|
up
|
ethernet
|
1500
|
1 |
ether1
|
up
|
ethernet
|
1234
|
# |
NAME
|
STATE
|
TYPE
|
MTU
|
0 |
ether5
|
up
|
ethernet
|
1600
|
1 |
ether1
|
up
|
ethernet
|
1600
|
This is handy when you want to perform same action on several items, or do a selective export. However, this feature becomes really useful when combined with scripting.
- Return values -
The router console has limited scripting capability. Syntax is simple and similar to TCL. There's a new command "find" added to many of the command levels for scripting use. This command doesn't print anything on screen. Instead, it creates a return value that contains internal numbers of items that match parameters of the "find" command. This return value can be used in another command, by placing "find" in square brackets:
[drax]> interface
[drax] interface> print from [find name ether5]
# |
NAME
|
STATE
|
TYPE
|
MTU
|
0 |
ether5
|
up
|
ethernet
|
1600
|
# |
NAME
|
STATE
|
TYPE
|
MTU
|
0 |
ether5
|
up
|
ethernet
|
1001
|
If you don't give "find" any arguments, it returns internal numbers of all items:
[drax] interface> set [find] mtu 1500
[drax] interface> print
# |
NAME
|
STATE
|
TYPE
|
MTU
|
0 |
ether5
|
up
|
ethernet
|
1500
|
1 |
ether1
|
up
|
ethernet
|
1500
|
You can see the return value of "find" command (and other router commands) using ":put" command:
[drax] interface> :put [find]
*10002 *10001
These are internal numbers of all router interfaces. Also, there's a trailing space after last number, so you can concatenate results of several "find" commands:
[drax] interface> print from [find][find]
# |
NAME
|
STATE
|
TYPE
|
MTU
|
0 |
ether5
|
up
|
ethernet
|
1500
|
1 |
ether1
|
up
|
ethernet
|
1500
|
3 |
ether5
|
up
|
ethernet
|
1500
|
4 |
ether1
|
up
|
ethernet
|
1500
|
- Time Setting -
In the console time can be set in various ways. If it is just a number, then it is in seconds. You can also enter the following values:
"d", "da", "day", "days" - 86400 seconds (1 day) |
"h", "ho" ... "hours" - 3600 seconds (1 hour) |
"m", "mi", "min" - 60 seconds (1 minute) |
"s" - 1 seconds (1 second) |
"ms" - 1 millisecond |
If the is no number before the letters, it will be one unit. You also can use decimal numbers. Multiple time intervals can be written consequently - they will be summarized.
- Variables -
The console has variables that can store string values. Assigning such a variable is done by ":set" command:
[drax]> :set var1 J.Random.String
If the value is assigned to a non-existing variable, it's created, otherwise current value is replaced. To access the value of variable, you have to type "$" followed by the name of the variable, and it will be replaced by the value of the variable:
[drax]> :put $var1
J.Random.String
[drax]> :put $var1-$var1-yo-ho-ho-$var1
J.Random.String-J.Random.String-yo-ho-ho-
J.Random.String
- Magic Variables -
There are two magic variables in the console. "_" (underscore) has the last valid command entered.
[drax]> /system clock print
jun/16/2000 17:06:57
[drax]> :put $_
/system clock print
[drax]> :put $_
:put $_
The second magic variable is the "^" (caret). It contains the return value of the last executed command. Note that all commands return values (even if they're empty strings), so if you want to use the return value of some command (say, "find") several times, you have to assign it to normal variable. In the console, "^" is used to export some items:
[drax]> ip firewall static-nat
[drax] ip firewall static-nat> print
(0)
|
;;; blah-blah |
;;; yadda-yadda | |
src-address: 0.0.0.0 src-netmask: 0.0.0.0 src-port: 0-65535 | |
dst-address: 0.0.0.0 dst-netmask: 0.0.0.0 dst-port: 0-65535 interface: all | |
translate: no direction: in protocol: all to-src-address: 0.0.0.0 | |
to-dst-address: 0.0.0.0 to-src-netmask: 0.0.0.0 to-dst-netmask: 0.0.0.0 | |
to-src-port: 0 to-dst-port: 0 |
[drax] ip firewall static-nat> export
/ip firewall static-nat
add interface all src-address 0.0.0.0 src-netmask
0.0.0.0 \
dst-address 0.0.0.0 dst-netmask 0.0.0.0 protocol
all \
src-port 0-65535 dst-port 0-65535 to-src-address
0.0.0.0 \
to-dst-address 0.0.0.0 to-src-netmask 0.0.0.0 \
to-dst-netmask 0.0.0.0 to-src-port 0 to-dst-port 0
translate no \ direction in
comment $^ blah-blah\nyadda-yadda
disable $^
[drax] ip firewall static-nat>
Here, "add" returns internal number of item the it has added, and "comment" command returns list of internal numbers of items it received as the first argument. Thus "comment $^" will add comment to the item created by "add", and "disable $^" will disable this item.
- General layout of command levels -
There are two different kinds of command levels. First, there are levels that allow you to work with lists of similar items - routes, interfaces, users and the like. Second, there are levels that allow you to change some general parameters - time, bridge settings etc.
Most command groups have some or all of these commands:
print
set
remove
add
find
export
enable
disable
comment
These commands have similar behaviour in all hierarchy.
- print -
The "print" command shows all information that's accessible from particular command level. Thus, "/system time print" shows system time, "/ip route print" shows all routes etc. If there's a list of items in this level and they are not read-only, i.e. you can change/remove them (example of read-only item list is "/system history", which shows history of executed actions), then "print" command also assigns numbers that are used by all commands that operate on items in this list. Thus, "print" usually must be executed before any other commands in the same command level.
If there's list of items then "print" usually can have a "from" argument. The "from" argument accepts space separated list of item numbers, names (if items have them). and internal numbers. The action (printing) is performed on all items in this list in the same order in which they're given.
- set -
The "set" command allows you to change values of general parameters or item parameters. The "set" command has arguments with names corresponding to values you can change. Use "?" or double tab to see list of all arguments. If there is list of items in this command level, then set has one unnamed argument that accepts the number of item (or list of numbers) you wish to set up. Values for unnamed arguments must follow right after the name of the command, and their order can't be changed. Example: in firewall rules, the "set" command has two unnamed arguments - first is the name of chain and second is the number of rule in this chain. "set" returns internal numbers of items it has set up.
- remove -
"remove" has one unnamed argument which contains number(s) of item(s) to remove.
- add -
"add" usually has the same arguments as "set", minus the unnamed number argument. It adds new item with values you've specified, usually to the end of list (in places where order is relevant). There are some values that you have to supply (like interface for new route), and other values that are set to defaults if you don't supply them. The "add" command returns internal number of item it has added.
- find -
The "find" command has the same arguments as "set", and an additional "from" argument which works like the "from" argument with the "print" command. The "find" command returns internal numbers of all items that have the same values of arguments as specified.
- export -
The "export" command prints a script that can be used to restore configuration. If it has the argument "from", then it is possible to export only specified items. Also, if the "from" argument is given, "export" does not descend recursively through the command hierarchy. "export" also has the argument "file", which allows you to save the script in file on router to retrieve it later via ftp. Argument "noresolve" is used to disable reverse resolving of IP addresses if it proves to be problem.
- enable/disable -
You can enable/disable some items (like ip address or default route). Is an item is disabled, it number is shown in parenthesis. If an item is inactive, but not disabled, it number is shown in brackets.
- comment -
You can add comments to any item. If item is commented, comments are shown after item number before all parameters and prefixed with ";;;".
to the contents |
Device drivers represent the software interface part of installed network devices. For example, the MikroTik system includes device drivers for NE2000 compatible Ethernet cards and other network devices. If you need a device driver for a device, which is not on the list, please suggest it at our suggestion page on our web site.
Most device drivers are loaded automatically. For instructions on specific device drivers see the supported interfaces below.
Unloading of device driver is useful when changing network devices - this can be useful to save system resources in avoiding loading drivers for devices which have been removed from the system. This may be done automatically by removing the card and rebooting before inserting the new network device. The device drivers can be removed only if the appropriate interface has been disabled first.
Select the "Drivers" menu to display the currently installed drivers. New drivers can be installed by selecting the . Existing drivers can be removed by selecting the as long as their status is 'disabled' (set in the Interface menu). PCI drivers cannot be removed.
Driver management commands are located in the "driver" menu.
Command syntax | Description |
---|---|
load <driver name>
[irq <IRQ>] [io <IO range start>] [mem <shared memory>] |
Load driver |
unload <number> | Unload driver |
Show loaded drivers | |
find [from] [inactive] [name] [irq] [memory] [io] | Search driver configuration |
Where <number> is number of a loaded driver, which can be viewed in the list, generated by the "print" command.
Name in Console | Name in Java | Description |
---|---|---|
name | Driver | Neme of driver to install* |
irq | IRQ | Interrupt Request Number. Can be omitted if device does not use IRQ. For IRQ probing enter 0 in Java Box. |
io | IO | Input/Output port range base address. Can be omitted if device does not use IO ports. If you want to enter I/O port range base address in hexadecimal form, you should put "0x" before it, e.g. 0x300 |
mem | MEM | Shared Memory base address. Can be omitted if device does not use Shared Memory. |
*- In console use abbreviated form of driver name, available from help.
PCI Cards (loaded automatically, can't be loaded by name)
Driver name: ne2k-pci
Interfaces: | RealTek RTL-8029 Winbond 89C940 Compex RL2000 KTI ET32P2 NetVin NV5000SC Via 86C926 SureCom NE34 Winbond Holtek HT80232 Holtek HT80229 |
Driver name: 3c95x (3Com 3c590/3c900 series Vortex/Boomerang driver)
This device driver is designed for the 3Com FastEtherLink and FastEtherLink XL, 3Com's PCI to 10/100baseT adapters. It also works with the 10Mbs versions of the FastEtherLink cards. The supported product IDs are shown in the following table:
Interfaces: | 3c590, 3c592, 3c595, 3c597, 3c900, 3c905 3c590 Vortex 10Mbps 3c595 Vortex 100baseTx 3c595 Vortex 100baseT4 3c595 Vortex 100base-MII 3Com Vortex 3c900 Boomerang 10baseT 3c900 Boomerang 10Mbps Combo 3c900 Cyclone 10Mbps Combo 3c900B-FL Cyclone 10base-FL 3c905 Boomerang 100baseTx 3c905 Boomerang 100baseT4 3c905B Cyclone 100baseTx 3c905B Cyclone 10/100/BNC 3c905B-FX Cyclone 100baseFx 3c905C Tornado 3c980 Cyclone 3cSOHO100-TX Hurricane 3c555 Laptop Hurricane 3c575 Boomerang CardBus 3CCFE575 Cyclone CardBus 3CCFE656 Cyclone CardBus 3c575 series CardBus (unknown version) 3Com Boomerang (unknown version) |
Driver name: lmc
Interfaces: | LanMedia LMC5200 LanMedia LMC5245 LanMedia LMC1000 |
Driver name: eepro100 (Intel i82557/i82558 PCI EtherExpressPro driver)
This device driver is designed for the Intel i82557 "Speedo3" chip, Intel's single-chip fast Ethernet controller for PCI, as used on the IntelEtherExpressPro 100 adapter.
Driver name: tulip
This device driver is designed for the DECchip "Tulip", Digital's single-chip ethernet controllers for PCI. Supported members of the family are the 21040, 21041, 21140, 21140A, 21142, and 21143. Similar work-alike chips from Lite-On, Macronics, ASIX, Compex and other listed below are also supported.
Interfaces: | Digital DC21040 Tulip Digital DC21041 Tulip Digital DS21140 Tulip Digital DS21143 Tulip D-Link DFE 570TX Lite-On 82c168 PNIC Macronix 98713 PMAC Macronix 98715 PMAC Macronix 98725 PMAC ASIX AX88140 Lite-On LC82C115 PNIC-II ADMtek AN981 Comet Compex RL100-TX Intel 21145 Tulip Xircom Tulip clone |
Driver name: rtl8139
This device driver is designed for the RealTek RTL8129, the RealTek Fast Ethernet controllers for PCI. This chip is used on a few clone boards.
Interfaces: | RealTek RTL8129 Fast Ethernet RealTek RTL8139 Fast Ethernet SMC1211TX EZCard 10/100 (RealTek RTL8139) Accton MPX5030 (RealTek RTL8139) |
Driver name: winbond-840
This driver is for the Winbond w89c840 chip.
Interfaces: | Winbond W89c840 Compex RL100-ATX |
ISA Cards
Driver name: ne2k-isa
Interface: | NE2000 |
Driver name: 3c509
Interface: | 3c509 |
ISDN Cards
Only PCI ISDN cards are supported.
to the contents |
An Interface is physical or virtual device which provides a connection to an external network. Network interfaces are created automatically when the Network Interface Card driver is loaded. Virtual (software) interfaces can be created manually.
Managing Network Interfaces from Java
Select the "Interfaces" menu to open the interface list window. The interfaces list displays basic interface parameters. Interface type specific parameters can be changed from interface details windows (opened by double clicking on icon to the left from interface name). The Interface details window has a standard "Traffic" tab which displays traffic that enters and leaves router through the interface. It can also contain other tabs with interface type specific parameters.
The Interfaces list window also contains a "blink" button. Selecting this button causes traffic to be generated on the highlighted interface and therefore blink the LEDs (light emitting diodes) on the card so that an administrator can determine which Interface name corresponds to the actual interface (when there are multiple interfaces of the same type). Some interfaces must have an Ethernet cable connected before the lights will blink. Note that not all interfaces support this function.
Managing Network Interfaces from Console
Network interface commands and submenus are located in the "interface" menu. It contains several commands that are common to all interfaces:
Command syntax | Description |
---|---|
Show interface summary | |
set <interface
number> [up] [down] [name <new name>] [mtu <MTU>] |
Change basic interface properties |
find [from] [name] [mtu] [up][down] | |
export [file <name>] [noresolve] | |
blink <interface number> | Generate traffic to blink LEDs |
monitor-traffic <interface number> | Monitor traffic on interface |
Whre <interface> is interface name or number obtained from "print" command.
The "interface" menu also contains device type specific submenus with device type specific commands. The following device type submenus can be available, depending on what features are licensed for a particular installation:
Submenu | Description |
---|---|
ethernet | Ethernet interfaces |
ppp | Async PPP interfaces |
synchronous | Moxa Sync interfaces |
pptp-client | PPTP dial-out interfaces |
pptp-server | PPTP server connections |
bridge | Bridge interface |
arlan | Arlan IC2200 interfaces |
radiolan | RadioLAN interfaces |
wavelan | WaveLAN IEEE 802.11 interfaces |
pc | Aironet 35/45/4800 interfaces |
samsung | Samsung IEEE 802.11 interfaces |
Basic Interface Parameter Description
Name in Console | Name in Java | Description |
---|---|---|
name | Name | Human friendly name for the interface. Maximum 31 character. |
up | Enbled (yes) | Enable interface |
down | Enabled (no) | Disable interface |
mtu | MTU | Maximum Transfer Unit (in bytes) |
arp | ARP | Address Resolution Protocol Settings |
disabled
|
Disable ARP protocol, use only static ARP entries | |
enabled
|
Enable ARP protocol for an interface (send ARP requests and replies) | |
proxy-arp
|
Enable ARP protocol for an interface and also reply on ARP requests about IP addresses for which the router is a gateway |
Ethernet interfaces include standard 10/100 Mbit Ethernet network interface. Ethernet interfaces do not have any device type dependent parameters. Each Ethernet interface has its MAC-address (Medium Access Control).
Managing Ethernet Interfaces from Java
Ethernet interface parameters can be changed from interface list window or from interface details window "General" tab.
Managing Ethernet Interfaces from Console
Ethernet interface management is done in submenu "interface ether".
Command syntax | Description |
---|---|
print [<interface>] | Show interface(s) information |
set <interface>
[up] [down] [name <new name>] [mtu <MTU>] [arp disabled|enabled|proxy-arp] |
Change interface properties |
find | |
export |
Where <interface> is interface name or number obtained from "print" command.
Name in Console | Name in Java | Description |
---|---|---|
up/ down | Enabled (yes/ no) | Set Ethernet interface up or down |
mtu | MTU | Maximum Transfer Unit. Maximum packet size to be transmitted |
arp | ARP | Address Resolution Protocol Settings |
mac-address
|
MAC Address | Medium Access Control Address |
PPP (or Point-to-Point Protocol) provides a method for transmitting datagrams over serial point-to-point links. The 'com1' and 'com2' ports from standard PC hardware configurations will appear as 'serial0' and 'serial1' automatically. It is possible to add thirty-two additional serial ports with the Moxa C168 PCI multiport asynchronous card (eight ports each) to use the router for a modem pool.
To add PPP server interface, you have to choose "Interfaces" and click "Add New" . Then choose PPP Server and set all PPP server settings. When next time you want to change PPP server settings or check out status or traffic of the PPP server you have to double click on PPP server interface you added in the Interfaces list.
Managing PPP Server from Console
PPP server management is done in the submenu "interface ppp-server".
Command syntax | Description |
---|---|
Show interface(s) information | |
set <interface>
[up] [down] [name<new name>] [mtu <MTU>] [mru <MRU>] [port-id <id>] [pap no|yes] [chap no|yes] [ms-chap no|yes] [ms-chapv2 no|yes] [encryption none|optional|required| stateless] [ring-count <rings>] [idle-timeout <time>] [null-modem <on|off>] [modem-init <string>] [local-address <address>] [remote-address <address>] |
Change interface properties |
find | |
export | |
monitor <interface> | Monitor interface status in real time |
Where <interface> is interface name or number obtained from "print" command.
Managing PPP Client from JAVA
To add PPP client interface, you have to choose "Interfaces" and click "Add New" . Then choose PPP Client and set all PPP client settings. When next time you want to change PPP client settings or check out status or traffic of the PPP client you have to double click on PPP client interface you added in the Interfaces list.
Managing PPP Client from console
PPP server management is done in the submenu "interface ppp-server".
Command syntax | Description |
---|---|
Show interface(s) information | |
set <interface>
[up] [down] [name<new name>] [mtu <MTU>] [mru <MRU>] [port-id <id>] [pap no|yes] [chap no|yes] [ms-chap no|yes] [ms-chapv2 no|yes] [user <name>] [encryption none|optional|required| stateless] [tone-dial <enable|disable>] [dial-on-demand <enable|disable>] [add-default-route <address>] [phone <number>] [idle-timeout <time>] [null-modem <on|off>] [modem-init <string>] [local-address <address>] [remote-address <address>] [use-peer-dns <enable|disable>] |
Change interface properties |
find | |
export | |
monitor <interface> | Monitor interface status in real time |
Name in Console | Name in Java | Description |
---|---|---|
mtu | MTU | Maximum Transfer Unit. Maximum packet size to be transmitted |
mru | MRU | Maximum Size of received packets |
pap/ms-chap/ chap/ms-chapv2 | Authentication Allow | Authentication protocol type |
encryption | Encryption | Which encryption to use. |
none
|
none | No encryption is used. If the other end supports compression, it will be used |
optional
|
optional | If the other end supports encryption, it will be used |
required
|
required | Encryption is required, without it connection won't be established |
stateless
|
stateless | Stateless-MPPE is required. Router will use MPPE-128bit or MPPE-40bit depending on the other end of connection. In stateless mode password will be changed before every packet is transmitted |
user | User | User name to use to log into server when dialing out. Can contain letters, digits, "@", "-",".", or be "*" |
phone | Phone Number | Phone number to call when dialing out |
tone-dial | Tone Dial | Enable/Disable tone dial |
ring-count | Rings | Number of rings to wait before answering phone |
null-modem | Null Modem | Enable/Disable null-modem mode (when enabled, no modem initialization strings are sent). Default value is "on" (for COM1 and COM2 only). So by default null-modem is turned on. |
dial-on-demand | Dial On Demand | Enable/Disable dial on demand |
idle-timeout | Idle Time | Idle time after which close connection |
modem-init | Modem Init | Modem Initialization String |
add-default-route | Add Default Route | Add PPP remote address as a default route. Other settings are: destination=0.0.0.0 netmask=0.0.0.0 interface=ppp, preferred source=0.0.0.0 |
local-address | Local Address | Local IP Address |
remote-address | Remote Address | Remote IP Address |
Moxa Sync interfaces supports the Moxa C101 Sync adapters. Moxa C101 hardware specific instructions come together with the C101 when purchased from "MirkoTikls".
Managing Moxa Sync Interfaces from Java
Moxa Sync specific parameters can be controlled from "Synchronous" tab in interface details window. Current status (status of modem control lines, time since last keepalive and sequence number difference) can be monitored in real time under the "Status" tab in interface details window.
Managing Moxa Sync Interfaces from Console
Moxa Sync interface management is done in submenu "interface sync".
Command syntax | Description |
---|---|
print [<interface>] | Show interface(s) information |
set <interface>
[up] [down] [name<new name>] [mtu <MTU>] [keepalive-interval <keepalive>] [speed <speed>] [rx-clock-source <internal|line>] [tx-clock-source <internal|line|rxc>] [ignore-dcd <yes|no>] |
Change interface properties |
monitor <interface> | Monitor interface status in real time |
Where <interface> is an interface name or number obtained from "print" command.
Interface status includes status of modem control lines (DTR, RTS, CTS, DSR, DCD), time since last keepalive, and sequence number difference.
Moxa Sync Interface Parameters
Name in Console | Name in Java | Description |
---|---|---|
keepalive | Keepalive | Interval after which keepalive is sent (in seconds) |
speed | Speed | Speed of internal clock |
rx-clock-source | Rx Clock Source | Receive clock source |
tx-clock-source
|
Tx Clock Source | Transmit clock source |
ignore-dcd | Null Modem | Enable/Disable null-modem mode (ignore DCD signal) |
PPTP (Point-to-Point Tunneling Potocol) provides a method for transmitting datagrams over IP network encapsulated into PPP protocol. Configuring PPTP server is much like configuring PPP server.
PPTP tunnels are used to create virtual private networks. You can connect two private networks via PPTP tunnel.
Managing PPTP Server from Java
You can configure PPTP Server settings by clicking icon. Then set all parameters as necessary. Read about PPTP Server parameters below.
Managing PPTP Server from Console
Go to the “interface pptp-server” menu.
Command syntax | Description |
---|---|
monitor <interface number> |
Monitor interface |
|
Print PPTP server information |
set <interface name> [name][up] [down] |
Set PPTP server name and status |
find |
Find |
export |
Export PPTP server settings |
"ip pptp-server" menu commands:
Command syntax | Description |
---|---|
set [enabled no|yes] |
Configure PPTP settings |
|
Print PPTP server information |
export |
Export PPTP server settings |
Name in Console | Name in Java | Description |
---|---|---|
enabled |
Enabled |
Enable/disable PPTP server |
pap |
PAP |
Use PAP authentication |
chap |
CHAP |
Use CHAP authentication |
ms-chap |
MS-CHAP |
Use MS-CHAP authentication |
ms-chapv2 |
MS-CHAP v2 |
Use MS-CHAP v2 authentication |
encryption |
Encryption |
Which encryption to use. Encryption works only with MS-CHAP and MS-CHAP v2. |
none |
none |
No encryption is used. If the other end supports compression, it will be used |
optional |
optional |
If the other end supports encryption, it will be used |
required |
required |
Encryption is required, without it connection won’t be established |
stateless |
stateless |
Stateless-MPPE is required. Router will use MPPE-128bit or MPPE-40bit depending on the other end of connection. In stateless mode password will be changed before every packet is transmitted |
mtu |
MTU |
Maximum Transfer Unit (in bytes) |
mru |
MRU |
Maximum Size of received packets |
idle-timeout |
Idle Time |
Connection time out |
local-address-from |
Local Addr. From/To |
Range of local IP addresses for PPTP connection |
remote-address-from |
Remote Addr. From/To |
Range of remote IP addresses for PPTP connection |
Managing PPTP Client from Java
You can configure PPTP Client settings by clicking icon. Then set all parameters as necessary. Read about PPTP Client parameters below.
Managing PPTP Client from Console
Go to the "interface pptp-client" menu. The following commands are possible there:
Command Syntax | Description |
---|---|
monitor <interface number> |
Monitor interface |
|
Print PPTP client information |
set <number> |
Configure PPTP client |
add [name <interface name>]
[up] [down] |
Add new PPTP client |
remove <number> |
Remove PPTP client |
find |
Find |
export |
Export PPTP client settings |
Name in Console | Name in Java | Description |
---|---|---|
up/down |
Enabled |
Enable/disable PPTP interface |
name |
Name |
PPTP client interface name |
pap/chap/ |
PAP/CHAP/ |
Authentication type to be used |
encryption |
Encryption |
Which encryption to use. Encryption works only with MS-CHAP and MS-CHAP v2. |
none |
none |
No encryption is used. If the other end supports compression, it will be used |
optional |
optional |
If the other end supports encryption, it will be used |
required |
required |
Encryption is required, without it connection won’t be established |
stateless |
stateless |
Stateless-MPPE is required. Router will use MPPE-12bit or MPPE-40bit depending on the other end of connection. |
user |
User |
User name to use to log into server when dialing out. Can contain letters, digits, “@”, “-“,”.”, or be “*” |
connect-to |
Connect To |
PPTP server address to connect to |
mtu |
MTU |
Maximum Transfer Unit (in bytes) |
mru |
MRU |
Maximum Size of received packets |
idle-timeout |
Idle Time |
Connection time out |
PPPoE (Point-to-Point Potocol over Ethernet) provides a method for transmitting datagrams over ethernet encapsulated into PPP protocol. Configuring PPPoE server is much like configuring PPP server.
Example PPPoE server configuration:
/ip pppoe-server set ether1 server-name
ExampleServer pap yes chap yes ms-chapv2 yes encryption optional compression
no mtu 1460 mru 1460 idle-timeout 0 local-address-from 10.0.0.1 local-address-to
10.0.0.127 remote-address-from 10.0.0.128 remote-address-to 10.0.0.254
/ip pppoe-server enable ether1
This configures PPPoE server on ether1 interface. ether1 interface should be
up. No ip address configuration is required on interface. Next thing is to add
users with group PPP. We will add user test with password seCreT in this example:
/user add name test password seCreT
group ppp
Next, configure general PPP settings - name server addresses that will be provided
to PPPoE client. For example:
/ip ppp set primary-dns 159.148.60.2
secondary-dns 159.148.108.1 authentication local
Managing PPPoE Server from JAVA
PPPoE server from JAVA you can manage in Interface list window by choosing General settings and then PPPoE server.
Managing PPPoE Server from console
It is done from "interface pppoe-server" submenu.
Command syntax | Description |
---|---|
monitor <interface number> |
Monitor interface |
|
Print PPPoE server information |
set <interface name> [name][up] [down] |
Set PPPoE server name and status |
find |
Find |
export |
Export PPPoE server settings |
And "ip pppoe-server" submenu.
Command Syntax | Description |
---|---|
<enable | disable> <interface> |
Enable or disable PPPoE server on interface |
|
Print PPPoE server configuration |
set <interface name> [server-name
<name>] |
Configure PPPoE server |
Managing PPPoE Client from JAVA
You can configure PPPoE Client settings by clicking icon. Then set all parameters as necessary.
Managing PPPoE Client from console
It is done from "interface pppoe-client" submenu.
Command Syntax | Description |
---|---|
monitor <interface number> |
Monitor interface |
|
Print PPPoE client information |
set <number> |
Configure PPPoE client |
remove <number> |
Remove PPPoE client |
find |
Find |
export |
Export PPPoE client settings |
Where <interface> is an interface name or number obtained from "print" command.
Managing IP Tunnel from JAVA
IP Tunnel you can manage from Interfaces list. To add IP Tunnel interface you have to click add and choose IP Tunnel. To modify IP Tunnel interface you have to double click on added IP Tunnel interface in interfaces list.
Managing IP Tunnel from console
It is done from "interface ipip" submenu.
Command Syntax | Description |
---|---|
|
Print IP Tunnel information |
set <number> |
Configure IP Tunnel |
remove <number> |
Remove IP Tunnel |
find |
Find |
export |
Export IP Tunnel settings |
Managing EOIP from JAVA
EOIP management from JAVAis done from Interfaces menu. EOIP interface you can add by choosing add and EOIP Tunnel. EOIP Tunnel settings you can change by double clicking on added EOIP Tunnel interface in Interfaces list.
Managing EOIP from Console
It is done from "interface eoip" submenu.
Command Syntax | Description |
---|---|
|
Print EOIP Tunnel information |
set <number> [name <interface
name>] |
Configure EOIP Tunnel |
remove <number> |
Remove EOIP Tunnel |
find |
Find |
export |
Export EOIP Tunnel settings |
Managing ISDN Server from Console
It is done from "interface isdn-server" submenu.
Command Syntax | Description |
---|---|
|
Print ISDN Server information |
set <number> [name <interface
name>] |
Configure ISDN Server |
remove <number> |
Remove ISDN Server |
find |
Find |
export |
Export ISDN Server settings |
monitor <interface> | Monitor ISDN server in real time |
Where <interface> is an interface name or number obtained from "print" command.
Managing ISDN Client from JAVA
It is done from Interfaces list. To add isdn client you have to choose add and then ISDN client. If you want to change isdn client settings you have to double click on added isdn client interface in Interace list.
Managing ISDN Client from Console
It is done from "interface isdn-client" submenu.
Command Syntax | Description |
---|---|
|
Print ISDN Client information |
set <number> [name <interface
name>] |
Configure ISDN Client |
remove <number> |
Remove ISDN Client |
find |
Find |
export |
Export ISDN Client settings |
monitor <interface> | Monitor ISDN Client in real time |
Where <interface> is an interface name or number obtained from "print" command.
Managing LMC- WAN from Console
It is done from "lmc-wan" submenu.
Command Syntax | Description |
---|---|
|
Print LMC-WAN information |
set <number> [name <interface
name>] |
Configure LMC-WAN |
find |
Find |
export |
Export LMC-WAN settings |
monitor <interface> | Monitor LMC-WAN in real time |
Where <interface> is an interface name or number obtained from "print" command.
Aironet 35/45/4800 interfaces include Aironet 3500, 4500, 4800, and Cisco 349 ISA and PCI adapters. If you have an ISA adapter, than make sure to configure DIP switches correctly.
Configuring DIP Switches (ISA Only)
The Aironet/Cisco ISA adapter contains DIP switches for setting Plug and Play Mode (PnP), Base Address, and Interrupt Levels (IRQ). The switches are set for PnP mode by default.
Devices cannot share the same Base address or IRQ. Check the switch settings on the adapter to ensure the do not conflict with other devices in the computer.
PnP mode is controlled by the 6th switch:
6th DIP Switch |
|
On (Non-PnP) |
Off (PnP) |
If you set PnP mode on then all other settings are not taken into account. If you still want to use PnP mode make sure that the default IRQ and Base Address do not conflict with the other devices. The default are:
Base Address |
IRQ Level |
140 |
5 |
If you want to configure other IRQ and Base Address values, make sure PnP mode is turned off, i.e. 6th switch is On.
Managing Aironet 35/45/4800/Cisco 340 Interfaces from Java
Aironet 35/45/4800 specific parameters can be controlled from “General”, “RF Network,” and “Advanced” tabs in interface details window. Current status (current signal quality, channel frequency, synchronization and association status, name of Access Point, and MAC address of Access Point) can be monitored in real time under the “Status” tab in interface details window.
Managing Aironet 35/45/4800/Cisco 340 Interfaces from ConsoleAironet 35/45/4800 interface management is done in the submenu “interface pc“.
Command syntax | Description |
---|---|
print [<interface>] |
Show interface(s) information |
set <interface> [up] [down] |
Change interface properties |
monitor <interface> |
Monitor interface status in real time |
Where <interface> is interface name or number obtained from “print“ command.
Interface status includes current signal quality, channel frequency, synchronization, association, name of Access Point, and MAC address of Access Point.
Aironet 35/45/4800 Interface Parameters
Name in Console | Name in Java | Description |
---|---|---|
mode |
Infrastructure Mode |
Operation mode of card (ad hoc or infrastructure). Default value is “infrastructure” |
mac-address |
MAC Address |
Medium Access Control address |
rts-threshold |
RTS threshold |
RTS Threshold |
fragmentation-threshold |
Fragmentation threshold |
Fragmentation threshold |
tx-power |
Transmit Power |
Transmit power |
rx-diversity |
Receive Antenna |
Receive diversity |
tx-diversity |
Transmit Antenna |
Transmit diversity |
long-retry-limit |
Long Retries |
Long retry limit |
short-retry-limit |
Short Retries |
Short retry limit |
channel |
Channel |
Channel frequency |
data-rate |
Data Rate |
Data rate |
ap1 |
Access Point 1 |
Access Point 1 (MAC Address) |
ap2 |
Access Point 1 |
Access Point 2 (MAC Address) |
ap3 |
Access Point 1 |
Access Point 3 (MAC Address) |
ap4 |
Access Point 1 |
Access Point 4 (MAC Address) |
ssid1 |
SSID1 |
Service Set Identifier 1 |
ssid2 |
SSID2 |
Service Set Identifier 2 |
ssid3 |
SSID3 |
Service Set Identifier 3 |
modulation |
Modulation |
Modulation mode |
client-name |
Client name |
Client name |
join-net |
Join-net |
Timeout after which the router will make it’s own network and wont search for existing ones. Can be entered as "12h", "34m", "34s", or "12h23m3s". |
arp |
ARP |
Address Resolution Protocol |
Read the User Guide for details how to connect to the Access Point.
Arlan IC2200 interfaces include Aironet’s Arlan IC2200 (655) 2.4GHz 2Mbps ISA Client Cards. This hardware line has been discontinued.
Managing Arlan IC2200 Interfaces from Java
Arlan IC2200 specific parameters can be controlled from the “Radio” tab in interface details window. Current status (registration status and registered router and backbone) can be monitored in real time on “Status” tab in interface details window.
Managing Arlan IC2200 Interfaces from Console
Arlan IC2200 interface management is done in the submenu “interface arlan”.
Command syntax | Description |
---|---|
print [<interface>] |
Show interface(s) information |
set <interface> [up] [down]
|
Change interface properties |
monitor <interface> |
Monitor interface status in real time |
find |
|
export |
Where <interface> is interface name or number obtained from “print“ command.
Interface status includes registration status and registered router and backbone.
Arlan IC2200 Parameter Description
Name in Console | Name in Java | Description |
---|---|---|
frequency |
Frequency |
Channel frequency in MHz. |
bitrate |
Bitrate |
Data Transmission speed in Mbits |
card-name |
Card Name |
Name of the client to be shown in the registration table of the Access Point or Bridge. Maximum 15 characters. |
sid |
SID |
Value of System Identifier. Should be the same for all nodes on the radio network. Maximum 31 character. |
mac-address |
MAC Address |
Medium Access Control Address |
tma-mode |
TMA mode |
Enable/Disable registration mode when client has to register to an AP2000 Access Point or BR2000-E Bridge. |
arp |
ARP |
Address Resolution Protocol settings |
RadioLAN interface supports the RadioLAN ISA CardLINK – Model 101 10Mbit radio card.
Managing RadioLAN Interfaces from Java
RadioLAN specific parameters can be controlled from the “Radio” tab in interface details window. Current status (current default destination) can be monitored in real time on “Status” tab in interface details window.
RadioLAN interfaces have an additional capability of low level radio connection testing. Test can be started and results monitored in real time under the “Ping” tab.
Managing RadioLAN Interfaces from Console
RadioLAN interface management is done in submenu “interface radiolan”.
Command syntax | Description |
---|---|
print [<interface>] |
Show interface(s) information |
set <interface> [up] [down]
|
Change interface properties |
find |
|
export |
|
monitor <interface> |
Monitor interface status in real time |
neighbors [export][print <interface>] |
Show/export neighbors |
Where <interface> is an interface name or number obtained from the “print“ command. Interface status includes current default destination.
Name in Console | Name in Java | Description |
---|---|---|
distance |
Distance |
Distance to remote end of point to point link |
tx-diversity |
Tx Diversity |
Enable/Disable transmit diversity |
rx-diversity |
Rx Diversity |
Enable/Disable receive diversity |
default-dst |
Default destination |
Operation mode |
max-retries |
Maximum Retries |
Maximum retries to use when sending |
sid |
SID |
System Identifier (4 chars max) |
card-name |
Name |
Client name string. 15 characters maximum. |
mac-address |
MAC Address |
Medium Access Control address |
cfg-destination |
(Default destination string) |
Configured destination. Used only in operation mode when default destination is configured. |
WaveLAN interfaces support 802.11 standard, i.e. it works with Aironet access points and works at 11Mbps rate. Tx power: 35 mW.
This interfaces needs the same license as for Aironet 4800 interfaces. The driver is loaded automatically when you boot up the router with the PCMCIA WaveLAN Network Adapter.
Managing WaveLAN Interfaces from Console
WaveLAN interface management is done in the submenu “interface wavelan“.
Command syntax | Description |
---|---|
print [<interface>] |
Show interface(s) information |
set <interface> [up] [down] |
Change interface properties |
export |
|
monitor <interface> |
Monitor interface status in real time |
Where <interface> is interface name or number obtained from “print“ command.
Name in Console | Name in Java | Description |
---|---|---|
mtu |
MTU |
Maximum Transfer Unit (in bytes) |
mru |
MRU |
Maximum Size of received packets |
mode |
Infrastructure Mode |
Operation mode of card (ad hoc or infrastructure). Default value is “infrastructure” |
rts-threshold |
RTS threshold |
RTS Threshold. Value can be from 0 till 2347 |
fragmentation-threshold |
Fragmentation threshold |
Fragmentation threshold. Values can be from 256 till 2346 |
channel |
Frequency Channel |
Frequency for a network in Ad-Hoc mode. |
data-rate |
Data Rate |
Data rate. Can be 1, 2, 5.5, 11 or auto. |
ssid |
SSID |
Network name. You should write in Access Point ssid. If not define, can connect to any AP |
client-name |
Client Name |
Card nickname |
key1 – key4 |
Key1 – Key4 |
Four passwords to be used to decrypt incoming packets. Interface can receive packets from 4 different places that uses 4 different passwords (HEX encoded) |
tx-key |
TX-key |
Which key (of key1 – key 4) to use to encrypt outgoing packets |
encryption |
Encryption |
Enable/disable encryption |
Managing Samsung Wireless Interfaces from Console
Samsung wireless interfaces can be configured from “interface samsung” submenu.
Command syntax | Description |
---|---|
print [<interface>] |
Show interface(s) information |
set <interface> [up] [down] |
Change interface properties |
find |
|
export |
|
monitor <interface> |
Monitor interface status in real time |
Where <interface> is interface name or number obtained from “print“ command.
Samsung Wireless Interface Parameters
Name in Console | Name in Java | Description |
---|---|---|
mtu |
MTU |
Maximum Transfer Unit (in bytes) |
mru |
MRU |
Maximum Size of received packets |
mode |
Infrastructure Mode |
Operation mode of card (ad hoc or infrastructure). Default value is “infrastructure” |
rts-threshold |
RTS threshold |
RTS Threshold. Value can be from 0 till 2347 |
fragmentation-threshold |
Fragmentation threshold |
Fragmentation threshold. Values can be from 256 till 2346 |
channel |
Frequency Channel |
Frequency for a network in Ad-Hoc mode. |
data-rate |
Data Rate |
Data rate. Can be 1, 2, 5.5, 11 or auto. |
ssid |
SSID |
Network name. You should write in Access Point ssid. If not define, can connect to any AP |
card-name |
Card Name |
Card nickname |
create-ibss |
||
system-scale |
System Scale |
Access Point density. How occupied is AP area. High, Low or Medium. |
arp |
ARP |
Address Resolution Protocol |
to the contents |
Bridging is used to pass MAC layer packets between interfaces without any routing. When the routers are used in bridging mode, Spanning Tree Protocol is used to avoid bridging loops and to communicate information between routers/bridges. Bridgingworks only for Ethernet and RadioLan interfaces. You can bridge between Ethernet and RadioLan networks, only the router should be a default destination (on MAC level) for others clients of the radio network. Also you can bridge Ethernet networks through RadioLan network (point-to-point).
Select the Bridge menu. Various protocols can be enabled or disabled.
Bridge configuration commands are located in “bridge” menu.
Command syntax | Description |
---|---|
|
Show bridge configuration |
set [bridge <on|off>]
[ip <on|off>] [ipx <on|off>] [ipv6 <on|off>] |
Change bridge configuration |
export [file <name>] [noresolve] |
|
interface |
Interface submenu |
“bridge interface” submenu commands:
Commands syntax | Description |
---|---|
set <number> forward yes|no |
Set bridge functions for an interface |
|
Print bridge configuration |
find [forward] [from] |
Search in bridging rules |
export |
Export bridge settings |
Name in Console | Name in Java | Description |
---|---|---|
bridge |
Enabled |
Enable/disable bridge |
ip |
IP |
Enable/disable bridging of IP protocol |
ipx |
IPX |
Enable/disable bridging of IPX protocol |
ipv6 |
IPv6 |
Enable/disable bridging of IPv6 protocol |
atalk |
AppleTalk |
Enable/disable bridging of AppleTalk protocol |
other |
Other protocols |
Enable/disable bridging for all other protocols |
priority |
Bridge priority |
Bridge priority |
to the contents |
The Internet Protocol Management section includes configuration of all IP level settings such as IP addresses, DHCP, static routes, and so on.
Addresses serve as identification when communicating with other network devices. It is possible to add multiple IP addresses to each of the interfaces or to leave interfaces without addresses assigned to them.
Select the IP/Addresses menu. The “Addresses List” list shows all IP addresses with basic settings. From the ”Address List” window addresses can be edited, added (), removed (), enabled (), disabled () and commented (). You can also disable and enable addresses and comment them. Some addresses (when using PPP) can appear and disappear dynamically. Dynamic addresses are marked with blue icon, others with yellow. Inactive addresses (their interfaces are disabled) are shown in gray and italic.
Managing Addresses from ConsoleSelect “address” in the “ip” menu.
Command syntax | Description |
---|---|
add interface <name> |
Add new address |
set <number> interface
<name> |
Change address properties |
find [from] [dynamic] [inactive] |
|
remove <number> |
Remove address |
|
Show addresses |
comment <number> <comments> |
Add comments to address |
enable |
Enable IP address |
disable |
Disable IP address |
export [file <filename>] |
Export addresses |
Name in Console | Name in Java | Description |
---|---|---|
interface |
Interface |
Name of interface the address will be used with |
address |
Local Address |
Local IP address for the interface |
netmask |
Network Mask |
Network Mask to be used with the prefix |
network |
Network Prefix |
(optional) Network Prefix to be used with the address. It shows what network can be reached through the interface with the given IP address. If not specified, will be the same as the local address |
broadcast |
Broadcast Address |
(optional) Broadcast Address to be used with the address. If not specified, will be calculated from Local Address and Network Mask. |
Routes are needed for communicating with networks that are not directly attainable via the router’s local interfaces. Routes to locally connected interfaces and networks are created automatically based on the IP address assigned to local interfaces. Static routes, including the default route, are set in the IP/Routes menu. Other automatic routes are created by routing daemons, such as RIP and OSPF, which can be found in the Routing menu from the base level. Dynamic routes are shown in IP/Routes, too.
Select the “Routes” menu under the “IP” menu. The “Routes List” shows current routes settings which can be edited, added, and deleted. Disabled routes (interface they are using is disabled) are shown in gray and italic. Dynamic routes are marked with blue icon, others with green.
Select the submenu “ip route”.
Command Syntax | Description |
---|---|
add interface <name> |
Add new route |
set <number> interface
<name> |
Change route properties |
find [from] [dynamic] |
|
remove <number> |
Remove route |
comment <number> |
Add comments to route (only permanent ones) |
enable <number> |
Enable address (only permanent ones) |
disable <number> |
Disable address (only permanent ones) |
|
Show routes |
export [file <filename>] |
Export routes |
Name in Console | Name in Java | Description |
---|---|---|
dst-address |
Dst. Address |
Destination IP address of a host or network |
netmask |
Netmask |
Network Mask of the destination |
gateway |
Gateway |
Next gateway to the destination |
interface |
Interface |
Interface to be used |
pref-address |
Pref. Source |
(optional) Source Address of packets leaving the router via this route |
ARP (Address Resolution Protocol) displays IP addresses and respective MAC addresses of interfaces which are physically connected to local interface. The ARP table entries appear automatically as it sends broadcast messages to all interfaces physically connected to the local interfaces. It is possible to manually assign static ARP entries.
Select the ‘ARP’ menu under the ‘IP’ menu. The ‘ARP List’ displays IP addresses, MAC addresses, and interface names and allows to edit, add, and remove ARP entries. Inactive entries are shown in gray color and italic font.
Select the located in “address” menu that is in the “ip” menu.
Command Syntax | Description |
---|---|
add interface <name> |
Add static ARP entry |
set <number> |
Change ARP entry |
remove <number> |
Remove ARP entry |
comment <number> |
Comment ARP entry |
enable <number> |
Enable ARP entry |
disable <number> |
Disable ARP entry |
|
Show ARP entries |
export |
Export ARP entries |
Name in Console | Name in Java | Description |
---|---|---|
address |
IP Address |
IP address |
mac-address |
Hardware Address |
MAC address |
interface |
Interface |
Interface name |
DHCP is Dynamic Host Configuration Protocol. DHCP's purpose is to enable individual computers on an IP network to extract their configurations from a server (the 'DHCP server') or servers, in particular, servers that have no exact information about the individual computers until they request the information. The overall purpose of this is to reduce the work necessary to administer a large IP network.
Managing DHCP Server from Java
Select the “DHCP” menu under the ”IP” menu.
Managing DHCP Server from Console
DHCP management is controlled from the “dhcp-server” menu under the “ip” menu. The “dhcp-server” menu “lease” option shows all current DHCP leases.
“ip dhcp-server” menu commands:
Command Syntax | Description |
---|---|
lease |
DHCP leases menu |
|
Show DHCP interfaces |
find |
|
export |
Export DHCP settings |
set <number> [enabled on|off] |
Set DHCP interface properties |
“ip dhcp-server lease” menu commands:
Command Syntax | Description |
---|---|
|
Show current DHCP leases |
General DHCP Server Parameters
Name in Console | Name in Java | Description |
---|---|---|
number |
Interface |
Interface name/number |
enabled |
Enabled |
Enable/disable DHCP |
from-address |
Address |
The range of IP addresses that can be given to the clients |
lease-time |
Lease Time |
Time in hh:mm:ss the lease will be given out |
src-address |
Src. Address |
Source address of the router’s DHCP interface to be used by the client when contacting the router. Can be 0.0.0.0. Then the first address of that interface in the router will be used |
netmask |
Netmask |
Network mask to be used with the IP address |
gateway |
Gateway |
Default gateway to be used by the client |
domain |
Domain Name |
Domain name assigned to the client |
dns-server |
DNS Server Address |
DNS server address to be used by the client for address resolution |
Lease parameters (read only):
Name in Console | Name in Java | Description |
---|---|---|
Interface |
Interface |
Interface name |
IP address |
IP Address |
Client IP address |
MAC address |
Hw. Address |
Client MAC address |
Expires At |
Expires At |
Lease time. Value should be hh:mm:ss, where hh is hours, mm is minutes and ss is seconds. |
It is possible to set the MikroTik router as DHCP client, so it can obtain IP addresses automatically from a DHCP server.
Managing DHCP Client from Java
Select the “DHCP” menu under the ”IP” menu.
Managing DHCP Client from Console
DHCP client configuration is performed in the “dhcp-client” menu under the “ip” menu.
“ip dhcp-client” menu commands:
Command Syntax | Description |
---|---|
lease |
DHCP leases menu |
renew |
Renew DHCP client settings |
|
Show DHCP client settings |
export |
Export DHCP client settings |
set [enabled yes|no] |
Set DHCP client properties |
“ip dhcp-client lease” menu commands:
Command syntax | Description |
---|---|
|
Show current DHCP leases |
General DHCP Client Parameters
Name in Console | Name in Java | Description |
---|---|---|
interface |
Interface |
Interface name |
enabled |
Enabled |
Enable/disable DHCP client |
Name in console | Name in Java | Description |
---|---|---|
Address |
Address |
Obtained IP address |
Netmask |
Netmask |
Obtained network mask |
Gateway |
Gateway |
Obtained gateway |
Expiration Time |
Expiration Time |
Lease time. Value should be hh:mm:ss, where hh is hours, mm is minutes and ss is seconds. |
The firewall supports filtering and security functions that are used to manage data flows to the router and through it. Along with the Network Address Translation they serve as security tools for preventing unauthorized access to networks.
Filtering rules organized together in chains do packet filtering. Each chain can be considered as a set of rules. There are three default chains, which cannot be deleted. More chains can be added for grouping together filtering rules. When processing a chain, rules are taken from the chain in the order they are listed from the top to the bottom.
Packets entering the router through one of the interfaces are first matched against the filtering rules of the Input chain. If the packet is not dropped or rejected, and it is for the router itself, the packet is delivered locally. If the packet is not dropped or rejected, but it has to be delivered outside the router, then the packet is processed according to the routing table. If the processing is successful, then the packet is matched to the filtering rules of the forward chain. After that, packet is passed to the output interface and processed according to the rules of output chain.
Packets originated from the router are processed according to the output chain only.
Managing Firewall Functions from Java
Select the “Firewall” menu under the “IP” menu. Use and icons to add/remove chains. Double click on the chain to perform operations with rules: add, remove, comment. You can set policy of the chain by clicking on the following icon: .
Managing Firewall Functions from Console
Firewall management can be performed from the “ip firewall” menu.
Command syntax | Description |
---|---|
|
Print chains information |
set <chain number> |
|
find |
|
add |
|
remove |
|
comment |
|
export |
Export firewall settings |
rule |
Firewall chain rules menu |
masq |
Masquerading rules menu |
static-nat |
“ip firewall rule” menu commands:
Command syntax | Description |
---|---|
add <chain> |
Add new rule |
set <chain> <rule number>
|
Change rule |
remove <chain name or number>
|
Remove rule |
move <chain> <source> <destination> |
Move rule in this chain from source number to destination number |
find <chain name or number> |
|
comment |
|
enable |
|
disable |
|
export |
|
print <chain name or number> |
Show rules |
“ip firewall masq” menu commands:
Command Syntax | Description |
---|---|
|
Name in Console | Name in Java | Description |
---|---|---|
action |
Action |
Action to perform |
log |
Log |
Turns on or off logs writing option. |
src-address |
Source Address |
Source address, mask, and port of the packet. Default port 0 means all ports 1-65535. For ICMP packets, port parameter means ICMP packet type. |
dst-address |
Destination Address |
Destination address, mask, and port of the packet Default port 0 means all ports 1-65535. For ICMP packets, port parameter means ICMP packet code. |
protocols |
Protocol |
Protocol name of the packet: all, icmp, tcp, udp etc. |
interface |
Interface |
Interface name or all for any interface |
tcp |
TCP Options |
TCP Options. Can be all – include all TCP option packets; syn – include only connection establishing packets; nosyn – include all TCP option packets except connection establishing packets. Can be specified only if tcp is selected. |
target |
Target Chain |
Can be specified if action is ‘jump’ |
Actions to perform on rules:
Action name in console | Action name in Java | Description |
---|---|---|
accept |
Accept |
Accept everything |
reject |
Reject |
Reject everything and send ICMP reject message |
deny |
Deny |
Silently drop the packet (without sending the ICMP reject message) |
masq |
Masq |
Use masquerading |
return |
Return |
Return to the chain from which this rule has been invoked |
jump |
Jump |
Jump to another chain |
Name in console | Name in Java | Description |
---|---|---|
name |
Name |
Chain name |
policy |
Policy |
Chain policy. If no rules are added to this chain, or packet doesn’t match any rule, policy is taken into account |
Managing IP Accounting from JAVA
IP Accounting you can manage by choosing IP and then "accounting".
Managing IP Accounting from Console
It is done from "ip accounting" submenu.
Command Syntax | Description |
---|---|
|
Print accounting settings |
set
[enabled <yes|no>] [threshold <number>] |
Change accounting settings |
export | |
snapshot [take] [print] | Take or print accounting snapshot |
dropped print | Print dropped packets |
Command Syntax | Description |
---|---|
|
Print accounting web server configuration |
set
[enabled <yes|no>] [address <address>] [netmask <mask>] |
Change accounting settings |
export |
NAT (Network Address Translation) is the translation of an IP address used within one network to a different IP address known within another network. One network is designated the inside network and the other is the outside. Typically, an administrator maps the local inside network addresses to one or more global outside IP addresses and unmaps the global IP addresses on incoming packets back into local IP addresses. This helps ensure security since each outgoing or incoming request must go through a translation process that also offers the opportunity to qualify or authenticate the request or match it to a previous request. NAT also conserves the number of global IP addresses and it lets the whole network use a single IP address in its communication with the world.
Select the “Static NAT” menu under the “IP Firewall” by clicking on icon. The “Static NAT” list allows editing, adding, and removing NAT entries.
Managing Static NAT from Console
Network Address Translation management is performed in the “ip firewall static-nat” menu.
Command Syntax | Description |
---|---|
|
Show NAT rules |
enable <rule number> |
|
disable <rule number> |
|
comment <rule number> |
|
find |
|
export [file <filename] |
Export NAT rules |
move <source number> |
Move NAT rule from source number to destination number |
remove <rule number> |
Remove NAT rule |
add [interface <name>] |
Add NAT rule |
set <number> [interface
<name>] |
Change NAT rule |
Name in Console | Name in Java | Description |
---|---|---|
direction in|out |
Direction |
The direction of the packet, where in means from the interface into the router, and out means from the router to the interface. |
src-address |
Source Addr: |
Source address, mask, and port of the packet (default port 0 means all ports 1-65535) |
dst-address |
Destination Addr: |
Destination address, mask, and port of the packet (default port 0 means all ports 1-65535) |
interface |
Interface |
Name of the interface the packet is passing through |
protocol |
Protocol |
Protocol name of the packet: all, icmp, tcp, etc. |
translate |
Translate |
Designates the action to perform on packet – translate or leave unchanged |
to-src-address |
Source Addr: |
New source address, mask, and port of the packet (port 0 and address 0.0.0.0 mean: leave unchanged) |
to-dst-address |
Destination Addr: |
New destination address, mask, and port of the packet (port 0 and address 0.0.0.0 mean: leave unchanged) |
By using a DNS server, router administrators can use hostnames instead of IP addresses when setting up routes, filters, and other places where a numbered IP address is not required.
Select the “DNS” menu under the “IP” menu. The “DNS” box can be configured with the primary DNS and secondary DNS by selecting the DNS settings icon . Static DNS entries have higher priority than dynamic ones that received from DNS server.
“ip dns” menu commands:
Command syntax | Description |
---|---|
export |
Export DNS configuration and entries |
static |
Static DNS entries management menu |
set [primary-dns
<address>] |
Change DNS settings |
|
Show DNS settings |
“ip dns static” menu commands:
Command syntax | Description |
---|---|
|
Show static DNS entries |
export |
Export static DNS entries |
add name <hostname> |
Add static DNS entry |
find |
|
remove <entry number> |
Remove static DNS entry |
set <number> |
Change static DNS entry |
Name in Console | Name in Java | Description |
---|---|---|
primary-dns |
Primary DNS Server |
Primary DNS server address |
secondary-dns |
Secondary DNS Server |
Secondary DNS server address |
Static DNS parameters:
Name in Console | Name in Java | Description |
---|---|---|
name |
Name |
Host name |
address |
IP Address |
Host IP address |
to the contents |
The MikroTik router currently supports a limited implementation of the SNMP protocol. Currently SNMP can only be used to remotely monitor the network and collect statistics. The current MikroTik SNMP provides information about traffic on network interfaces and system information (name, location, contact, routes, addresses, interfaces, ARPs, and TCP connections). MikroTik router has only one community (others are not supported) of the type "public" and it is read-only. I.e. the router cannot be configured using SNMP management programs. It is possible only to set location and contact information parameters from the Console or the Java Console.
Select the SNMP menu to enabled or disabled and set SNMP service information.
SNMP configuration commands are located in "snmp-server" menu. It contains following commands:
Command syntax | Description |
---|---|
Show SNMP service configuration | |
set [enabled <no|yes>] [location <router location>] [contact-info <contact information>] |
Change SNMP service configuration |
export [file <filename>] [noresolve] | Export SNMP settings |
Name in Console | Name in Java | Description |
---|---|---|
status |
Enabled |
Enable/disable SNMP service |
location |
Location |
Router location. Maximum 255 characters |
contact-info | Contact Info | Administrator contact information. Maximum 255 characters |
to the contents |
Queuing is a mechanism that controls bandwidth allocation, delay variability, timely delivery, and delivery reliability.
Open the “Queues” window by clicking on the corresponding menu. New queues are automatically added when an interface is inserted and set up. When a queue is set to type “split”, new sub-node queues can be added. Each new queue can be set to queuing type (or algorithm).
Queues can be configured in “ip queue” submenu.
Command Syntax | Description |
---|---|
|
Print all queues |
add [src-address <address>] |
Add new queue |
set <number> |
Set existing queue parameters |
find |
|
remove <number> |
Remove a queue |
comment <number> |
Comment a queue |
enable <number> |
Enable a queue |
disable <number> |
Disable a queue |
export |
Export queues settings |
move <from> <to> |
Move queue rule from place <from> to the place <to> |
Queue parameters:
Name in Console | Parameter | Description |
---|---|---|
src-address |
Src. Address / mask |
Queue packets source address and network mask |
src-port |
Port |
Source port number (0-65535) |
dst-address |
Dst. Address/mask |
Queue packets destination address and network mask |
dst-port |
Port |
Destination port number (0-65535) |
protocol |
Protocol |
Protocol name (can be chosen from the given list) |
interface |
Interface |
Interface name |
limit-at |
Limit at |
Maximum bandwidth for the stream |
queue |
Queue |
Available queue types |
max-burst |
Max Burst |
Maximal number of packets allowed for an occasional bursts of packets in the queue |
priority |
Priority |
Flow priority (1..15) |
weight |
Weight |
Flow weight |
allot |
Allot |
The number of bytes allocated for the bandwidth |
isolated |
Isolated |
Other queues wont be able take over this queue bandwidth |
bounded |
Bounded |
The queue can not occupy bandwidth of other queues. |
Queue types:
Queue type | Characteristics |
---|---|
PFIFO |
Packet First-In First-Out – is the simplest queuing algorithm. The packets are served in the same order as they are received |
BFIFO |
The same as PFIFO, except that this algorithm is byte-based but not packet-based |
RED |
Random Early Detection – an algorithm for congestion avoidance in packet-switched networks |
RED queue parameters:
Name in console | Name in Java | Description |
---|---|---|
red-limit |
Queue Size |
Queue size in bytes |
red-min-threshold |
Min Threshold |
Before this value is achieved no packets will be thrown away |
red-max-threshold |
Max Threshold |
When this value is achieved the queue will throw away the packets using maximum probability, where this probability is a function of the average queue size. |
red-burst |
Burst |
Number of packets allowed for an occasional bursts of packets in the queue |
PFIFO queue parameters:
Name in console | Name in Java | Description |
---|---|---|
pfifo-limit |
Queue Size (in packets) |
Maximum packet number that queue can hold |
BFIFO queue parameters:
Name in Console | Name in Java | Description |
---|---|---|
bfifo-limit |
Queue Size (in bytes) |
Maximum byte number that queue can hold |
to the contents |
Standard kernel routes are created when adding an address to the router and static routes are added by the user. A third type of route is created by routing protocol. For exchanging the routing information between the routers, MikroTik™ Router Software supports two interior routing protocols: the Routing Information Protocol (RIP) [Version 1 and Version 2] and the Open Shortest Path First (OSPF) protocol.
RIP selects the route with the lowest metric as the best route. The metric is a hop count representing the number of gateways through which data must pass through to reach its destination. To enable the exchange of routing information between two routers connected to the same network both routers should have RIP enabled on the interfaces to the network which connects them.
Managing RIP from JavaSelect the “Routing” menu and the “RIP” menu. Select the icon of the desired interface to change its RIP settings. To choose to redistribute static, connected and OSPF routes, click on the icon .
Go to the “router” menu by executing the command with the corresponding name from the base level. Then go to the “rip” menu.
Command syntax | Description |
---|---|
|
Show RIP settings |
interface |
Interface menu |
export |
Export RIP settings |
set [redistribute-static no|yes] |
Change RIP settings |
To set RIP for a specific interface, go to “interface” submenu. Here are the commands:
Command Syntax | Description |
---|---|
|
Show RIP settings for all interfaces |
set <interface> |
Set RIP for a specific interface |
find |
|
enable <interface> |
Enable RIP for a specific interface |
disable <interface> |
Disable RIP for a specific interface |
export |
Export RIP settings |
Name in Console | Name in Java | Description |
---|---|---|
interface |
Interface |
Interface name |
receive |
Receive |
Incoming RIP mode. Can be RIP1, RIP2 or both |
send |
Send |
Outgoing RIP mode. Can be RIP1, RIP2 or both |
authentication |
Authentication |
Authentication mode |
authentication-key |
Authentication Key |
Password string |
update-timer |
Update Timer |
How often the router will send routing information. Can be entered as "12h", "34m", "34s", or "12h23m3s". |
garbage-timer |
Garbage Timer |
When this time passes and the router doesn’t receive signal from some route, router sets hop number to maximal for that route. For possible values see garbage-timer |
timeout-timer |
Timeout Timer |
When this time passes and the router doesn’t receive signal from some route, router deletes that route. For possible values see garbage-timer |
metric |
Metric |
Metric used both outgoing and incoming routes (this metric is added to existing metric of route). Positive numbers greater than 0. |
OSPF is a shortest path first or link-state protocol. OSPF is an interior gateway protocol that distributes routing information between routers in a single autonomous system. OSPF chooses the least cost path as the best path. OSPF is better suited than RIP for complex networks with many routers. To enable OSPF for an interface, OSPF network with this interface network and mask. If interface has multiple logical networks all of these networks should be added as OSPF networks.
Managing OSPF from JavaSelect the “Routing” menu and then the “OSPF” menu. Four tabs can be used for configuration: “Interfaces”, “Areas”, “Networks” and “Virtual Links”. To change general OSPF settings (router ID and routes redistribution) click on the icon under “Interfaces” tag.
Managing OSPF from ConsoleGo to the “routing ospf” menu.
Command Syntax | Description |
---|---|
interface |
OSPF interfaces menu |
area |
OSPF areas menu |
network |
OSPF networks menu |
virtual-link |
OSPF virtual links menu |
set [router-id <address>] |
Change router ID (if this value is not set than the router will choose any of assigned IP addresses) |
|
Show router ID |
export |
Export OSPF settings |
OSPF interfaces menu commands:
Command Syntax | Description |
---|---|
print [detail] |
Show OSPF interfaces (you can use detailed form) |
set <interface> |
Change OSPF interface settings |
find |
|
export |
Export OSPF interface settings |
Command Syntax | Description |
---|---|
|
Show OSPF areas |
find |
|
export |
Export OSPF areas |
set <number> [name <name>] |
Change OSPF areas |
add area-id <address> |
Add new OSPF area |
remove <area name or number> |
Remove area |
Command Syntax | Description |
---|---|
|
Show OSPF networks |
set <number> |
Change network properties |
find |
|
add [address <address>] |
Add network |
remove <host number> |
Remove network |
comment <number> |
|
enable <number> |
|
disable <number> |
|
export |
Export OSPF networks |
OSPF virtual links menu commands:
Command Syntax | Description |
---|---|
|
Show virtual links |
set <number> |
Change virtual link properties |
find |
|
add [neighbour-id <address>] |
Add virtual link |
remove <link number> |
Remove virtual link |
comment <number> |
|
enable <number> |
|
disable <number> |
|
export |
Export OSPF virtual links |
Name in Console | Name in Java | Description |
---|---|---|
interface |
Interface |
Interface name |
area |
Area |
Area |
cost |
Cost |
Cost. Positive number greater than 0 |
priority |
Priority |
Priority. Number from 0 till 255 |
authentication-key |
Authentication Key |
Authentication Key |
retransmit-interval |
Retransmit Interval |
Retransmit Interval. Greater than 0. Default value is 5. |
transmit-delay |
Transit Delay |
Transit Delay. Greater than 0. Default value is 1. |
hello-interval |
Hello Interval |
Hello Interval. Greater than 0. Default value is 10. |
dead-interval |
Router Dead Interval |
Router dead interval. If the router doesn’t receive an answer from the neighbor router during that time it will regard it as not functioning. Greater than 0. Default value is 40. |
Name in Console | Name in Java | Description |
---|---|---|
area-id |
Area ID |
Area ID |
name |
Area Name |
Area name |
stub |
Stub Area |
Area that has only one link outside |
default-cost |
Default Cost |
Cost of a default route added to a stub area. Positive number greater than 0 |
authentication |
Authentication |
Authentication mode |
Name in Console | Name in Java | Description |
---|---|---|
address |
Network Address |
Host address |
netmask |
Network Mask |
Network mask |
area |
Area |
Area |
Name in Console | Name in Java | Description |
---|---|---|
neighbour-id |
Neighbor ID |
The other end router ID |
transit-area |
Transit Area |
Transit Area |
to the contents |
This action can be performed only in the console. The described below commands can be executed from the base level or from anywhere else if you type “/” before them.
Basic router setup can be done from the base level using setup command.
Set Terminal TypeTerminal setup is performed in the “terminal” menu.
Command Syntax | Description |
---|---|
set ansi|linux|rxvt-m|vt100| vt220|xterm|dumb|rxvt|sun|vt102|vt52 |
Set terminal type |
|
Show current terminal type |
reset |
Reset previous terminal type |
Packages are used to upgrade the router or add features. Packages should be obtained from the MikroTik web site. After rebooting the router, the packages will be installed.
Select the “System” menu. Information about packages is divided in two parts – one about installed packages (“Packages”) and the other about uploaded ones (“Store”). Press to refresh information, to remove uploaded package, to uninstall package and to cancel uninstall.
In the console installed and uploaded packages information can be found under the “system package” and “system store” menus.
“sys package” menu commands:
Command Syntax | Description |
---|---|
uninstall <number> |
Uninstall package |
|
Show installed packages |
Command Syntax | Description |
---|---|
remove <number> |
Remove an uploaded package |
|
Show uploaded packages |
General packages parameters:
Name in Console | Name in Java | Description |
---|---|---|
name |
Name |
Name of the package |
version |
Version |
Version number of the package |
build |
Build Number |
Build Number |
uninstall |
Uninstall |
Will be uninstalled after next reboot |
The system keeps a history of the configuration changes since last boot. The history is lost when the router is rebooted. The ‘history’ buttons on the Java panel (and ) allow the user to ‘undo’ and ‘redo’ actions.
Viewing System History from Java
Select the “History” menu. The system history can be viewed in the appeared “History” window. The information is read only. Use the buttons on the main widow to ‘undo’ and ‘redo’ actions. The action that is undone is marked with blue dot.
Viewing System History from Console
The system history can be viewed from the “system history” menu.
Command syntax | Description |
---|---|
|
Show command history |
Name in Console | Name in Java | Description |
---|---|---|
description |
History |
System history |
Policy |
Shows what privileges user privileges are needed to undo the changes |
User management includes adding users, removing users, setting names, access, access groups, and passwords.
User management can be performed from the “Users List” windows that appears after you select the “Users” menu. Under “Groups” tag click twice on a group to edit it’s policies.
Go to the “user” menu.
Command Syntax | Description |
---|---|
|
|
set <user number> |
Change user properties |
find |
|
add <user number> |
Add new user |
remove <user number> |
Remove user |
comment |
|
export |
Export PPP users |
group |
Groups configuration menu |
Command Syntax | Description |
---|---|
|
Print groups information |
set <number> [name <name>] |
Set group properties |
find |
|
add name <name> |
Add new group |
remove <number> |
Remove group |
comment <number> |
Comment group |
export |
Export groups settings |
Name in Console | Name in Java | Description |
---|---|---|
name |
Name |
Login name - this value cannot be changed for existing users. Can contain letters, digits, “*” and “_” |
group |
Group |
Indicates the access group the user belongs to |
password |
Password |
List box used to change the password for current user. It conforms to standard Unix characteristics of passwords. Can contain letters, digits, “*” and “_” |
Confirm |
For password confirmation |
|
address |
Address |
IP address/network mask to be assigned to the user’s dial-in client when logged in using PPP. If the remote address is specified in PPP interface settings then this address should match the specified address in order to enable client to log in |
Note user “*” will be used for PPP as any user
Name in Console | Name in Java / Description |
---|---|
ftp |
Ftp to the router |
pocily |
Manage user policies, add and remove user |
read |
Read router configuration |
ssh |
SSH to the router |
test |
Test network (ping, traceroute, etc.) |
write |
Write router configuration |
local |
Login to the router from console |
ppp |
PPP to the router |
reboot |
Reboot the router |
telnet |
Telnet to the router |
web |
Connect to the router via Web |
You can easily change password using this special command.
How To Change Password Using JavaIn the main menu there is an item “Password”. You will be prompted to enter your old password and enter new password twice. When you logout and login for the next time, you must enter the new password. The old password is lost forever.
How To Change Password Using ConsoleGo to the base level and execute the following command:
Command syntax | Description |
---|---|
password |
Change user password. |
You will be prompted to enter your old password and enter new password twice. When you logout and login for the next time, you must enter the new password. The old password is lost forever.
System’s uptime, total memory, HDD/Flash drive size, CPU type, and CPU frequency are displayed.
Viewing System Resources from Java
Select the “System” menu and the “Resources” menu. Java gives you expanded possibilities in viewing the system resources. Under the ‘Monitor’ tab a window shows the utilization of system’s CPU and memory usage in graphical form. Under the ‘IRQ’ tab, the system’s hardware IRQ’s and their usage are shown. Under ‘IO’ tab, the system’s IO memory ranges used by various devices are shown.
Viewing System Resources from Console
In the console, system resources can be viewed in the “system resource” menu. There are three submenu there.
Command Syntax | Description |
---|---|
|
General system information |
io print |
I/O port range information |
irq print |
Interrupt request information |
monitor |
Monitor CPU and Memory Usage |
General parameters:
Name in Console | Name in Java | Description |
---|---|---|
uptime |
Uptime |
Time passed from the last restart |
total memory |
Total Memory |
RAM the router is using |
cpu type |
CPU |
Central Processing Unit type |
cpu freq |
CPU Frequency |
Central Processing Unit frequency |
hdd total |
HD Total Size |
Hard Disk Drive capacity |
hdd free |
HD Free Space |
Free space onnHard Disk Drive |
IRQ parameters:
Name in Console | Name in Java | Description |
---|---|---|
IRQ |
IRQ Number |
IRQ Line Number (from 0 to 15) |
U |
Used |
Used (yes or no) |
Owner |
Name |
Owning device name |
I/O parameters:
Name in Console | Name in Java | Description |
---|---|---|
IO |
Used IO Memory Ranges |
Memory addresses that a device can use to send or receive data |
owner |
Name |
Owning device name |
System shutdown (halt), reboot, and reset controls. For most systems, it is necessary to wait approximately 30 seconds for a safe power down.
Select the “System” menu then the “Shutdown” menu. The dialog box will appear asking you whether you want to reboot or shutdown the router. Warning: after entering ‘shutdown,’ it is necessary to manually restart the router.
The following commands can be executed in the “system” menu:
Command syntax | Description |
---|---|
reboot |
Reboot the system |
reset |
Reset the system. Note This command deletes all router configuration settings!!!!! New user name is admin with no password |
shutdown |
Halt the system. |
Set the identification name of the router.
Setting System Identity from Java
Select “System” menu and then “Identity” and enter the router name.
Setting System Identity from Console
Go to the “system identity” menu.
Command Syntax | Description |
---|---|
set <name> |
Set system identity |
|
|
export |
Name in Console | Name in Java | Description |
---|---|---|
<name> |
Router Name |
System identity string is used as human friendly name for router and also in SNMP queries. Maximum is 16 characters. |
View and change the system date and time settings.
Setting Date and Time from Java
Select the “System” menu and the “Clock” menu.
Setting Date and Time from Console
In the system console date and time settings can be change in two different menus. These commands can be executed from the “sys date” menu:
Command syntax | Description |
---|---|
set time [HH:MM:SS] |
Set system time |
set date [month/DD/YYYY] |
Set system date |
|
Shows current date and time |
Date and time settings become permanent and effect BIOS settings.
Date parameters:
Parameter name | Description |
---|---|
month |
Month should be entered using three first letters of its name |
day |
Day of a month |
year |
Year should be entered using all four digits |
Various system events and status information can be logged. Logs can be saved in a file on the router or sent to a remote server running a syslog daemon. MikroTik provides a shareware Windows Syslog daemon at www.MikroTik.com.
Managing System Logs from Java
Click on the “System” menu. If you want to view all system logs then go to the “Logs” menu. For configuring logs select the “Log Manager” menu. Select the “Log Default Settings” icon to set number of buffer lines, default IP address, and default port. To configure log sources select the icon of the corresponding line.
Managing System Logs from Console
Local logs can be viewed in the “log” menu:
Command syntax | Description |
---|---|
|
Display local log buffer |
Global logging management is performed in the “system logging” menu.
“system logging” menu commands:
Command syntax | Description |
---|---|
|
Show global logging configuration |
set |
Change global logging configuration |
export |
Export logging settings |
facility |
Log configuration menu |
“facility” submenu commands:
Command syntax | Description |
---|---|
|
Show configuration of log sources |
set <number> |
Change configuration of log sources |
find |
|
comment |
|
export |
Log facility parameters:
Name in Console | Name in Java | Description |
---|---|---|
group |
Group |
(Read-only) Name of the log group |
type |
Logging |
Type of logging. |
prefix |
Prefix |
Each line coming from this log facility is preceded by a prefix |
remote-address |
Remote Address |
Remote log server IP address. Used when logging type is remote. If not set, default log server IP address is used |
remote-port |
Remote Port |
Remote log server UDP port. Used when logging type is remote. If not set, default log server UDP port is used |
Type | Description |
---|---|
local |
When type "local" is used, logs are stored in local log buffer |
none |
When type "none" is used, logs from this source are discarded |
remote |
When type "remote" is used, logs are sent to remote log server |
Global logging parameters:
Name in Console | Name in Java | Description |
---|---|---|
buffer-lines |
Number of Buffer Lines |
Number of lines kept in local buffer. When number of lines in local log buffer is exceeded, lines from the beginning of buffer are deleted. |
default-remote-address |
Default IP Address |
Remote log server IP address. Used when remote logging is enabled but no IP address of the remote server is specified (IP=0.0.0.0) |
default-remote-port |
Default Remote Port |
Remote log server UDP port. Used when remote logging is enabled but no UDP port of the remote server is specified (UDP=0) |
You can view and set Software ID Number by executing the following commands in “system license” menu in console.
Command syntax | Description |
---|---|
unlock <key> |
Set new software key |
|
Show software ID number |
to the contents |
MikroTik tools include standard TCP/IP tools such as ping and trace-route and also custom made tools. MikroTik custom tools are designed to assist you in verifying the quality of links – stability and bandwidth. If you have any suggestion for improving these tools, please suggest it at our suggestion page on our web site.
Ping uses Internet Control Message Protocol (ICMP) Echo messages to determine if a remote host is active or inactive and to determine the round-trip delay when communicating with it.
Launching Ping Utility from Java
Select the “Ping” submenu in the “Tools” menu. The Ping utility sends four ping messages and displays them in real time in the Ping list box.
Launching Ping Utility from Console
From local console enter the command “ping” from the base level or us /ping from any location in the console.
Command syntax | Description |
---|---|
ping <address>
[size <packet size>] |
Send ICMP Requests |
Ping utility shows Time To Live value of the received packet (ttl) and Roundtrip time (time) in ms.
The console Ping session may be stopped when the Ctrl + C is pressed.
Ping Utility Parameter Description
Name in Console | Name in Java | Description |
---|---|---|
<address> |
Ping To |
IP address for the host you want to ping. |
size |
Packet Size |
(optional) Size of each ICMP packet (in bytes). |
interval |
Interval |
(optional) Delay between messages (in seconds). Default is 1 second. Can be set as 0.5s , 100 ms etc/ |
count |
(count is 4 by default) |
Console only. How many time ICMP packets will be sent. If not specified, ping continues till CTRL+C is pressed |
Traceroute is a TCP/IP protocol-based utility, which allows the user to determine how packets are being routed to a particular host. Traceroute works by increasing the time-to-live value of packets and seeing how far they get until they reach the given destination; thus, a lengthening trail of hosts passed through is built up.
Launching Traceroute Utility from Java
Select the “Traceroute” window in the “Tools” menu. When the trace is complete, the output indicates total number of hops to the host and corresponding TTL values per hop.
Launching Traceroute Utility from Console
Execute the command “traceroute“ from the base level:
Command syntax | Description |
---|---|
traceroute <address>
[timeout <timeout>] |
Trace route to a host |
Traceroute shows the number of hops to the given host address of every passed gateway. Traceroute utility sends packets three times to each passed gateway so it shows three timeout values for each gateway in ms.
General Traceroute Utility Parameters
Name in Console | Name in Java | Description |
---|---|---|
<address> |
Trace To |
IP address of the host you are tracing route to. |
timeout |
Timeout |
(optional) Response waiting timeout, i.e. delay between messages. Should be less than 5s (0.5s or 100ms) |
port |
Port number. Values are in range 0-65535 |
|
tos |
Type Of Service – parameter of IP packet. Values are from 0 till 7. |
|
size |
Packet Size |
(optional) Packet size in bytes (10..1500, default 64) |
The Bandwidth Tester can be used to monitor the throughput only to a remote MikroTik router (either wired or wireless) and thereby help to discover network ‘bottlenecks’.
The TCP test uses the standard TCP protocol with acknowledgments and follows the TCP algorithm on how many packets to send according to latency, dropped packets, and other features in the TCP algorithm. Please review the TCP protocol for details on its internal speed settings and how to analyze its behavior. Statistic for throughput are calculated using the entire size of the TCP packet. As acknowledgments are an internal working of TCP, their size and usage of the link are not included in the throughput statistics. Therefore this statistic is not as reliable as the UDP statistic when estimating throughput.
The UDP tester sends 110% or more packets than currently reported as received on the other side of the link. To see the maximum throughput of a link, the packet size should be set for the maximum MTU allowed by the links – usually this is 1500 bytes. There is no acknowledgment required by UDP, this implementation means that the closest approximation of the throughput can be seen.
Select the “Bandwidth” submenu of the “Tools” menu. Designate the IP address of the host to test and choose the test mode (either TCP or UDP).
For UDP, choose the desired Packet Size in the corresponding edit box. The test output is represented as two graphs showing current speed and the ten-second average.
Use the btest command from the base level.
Command syntax | Description |
---|---|
btest <address> |
Run bandwidth test to a remote MikroTik router |
Example:
[P46]> btest 10.0.0.56 protocol udp size 50
Bandwidth test to 10.0.0.56, protocol UDP, packet size 50
To stop bandwidth test use CTRL + C.
Name in Console | Name in Java | Description |
---|---|---|
<address> |
Test link to |
IP address of destination host |
protocol |
TCP / UDP |
Test type can be UDP or TCP |
size |
Packet Size (UDP only) |
Packet size (50 to 1500 bytes) |
Ping flood sends ICMP (Internet Control Message Protocol) echo requests to a remote host in the same manner as the ping utility but it sends the next request as soon as it receives a reply.
Launching Ping Flood from Java
Select the “Flood Ping” submenu in “Tools” menu. Flood ping shows sent packets percentage (from the given number), received packages percentage, minimum, average and maximal Roundtrip Time of the packages.
Launching Ping Flood from Console
Command fping should be executed from the base level with the following parameters:
Command Syntax | Description |
---|---|
fping <address>
|
Launch flood ping |
Name in Console | Name in Java | Description |
---|---|---|
<address> |
Ping To |
IP address of destination host |
size |
Packet Size |
Size of each ICMP packet (in bytes) |
count |
Packet Count |
Number of ICMP packets |
interval |
Interval |
Time after which in the packet is considered lost in case of no response (must be less than 5 seconds) |
Netwatch every specified time period sends ping packets to the specified IP address and checks whether it is up or down and the time how long it is up or down.
Select the “Netwatch” submenu in “Tools” menu. Netwatch shows status of the host (up/down) and the time since which the host is up/down.
Launching Netwatch from Console
Command netwatch should be executed from the base level with the following parameters:
Command syntax | Description |
---|---|
netwatch host
<address> |
Launch netwatch |
Name in Console | Name in Java | Description |
---|---|---|
host |
Host |
IP address of destination host |
interval |
Interval |
After each interval the router will send 3 ping packets. If the host replies, only one ping packet is sent (seconds) |
timeout |
Timeout |
How long to wait the answer of the host. If three times the router won’t receive an answer after timeout, the host will be considered to be down (milliseconds) |
to the contents |