Universal Client Interface
Document revision: | 2.2 (Fri Mar 05 08:39:12 GMT 2004) |
Applies to: | V2.8 |
General Information
Summary
Universal Client Interface allows to work with clients regardless of their IP addresses, translating these addresses to the ones the router is able to work with. It gives a possibility to provide a network access (for example, Internet access) to mobile clients that are not willing to change their networking settings. The feature is intended to use with HotSpot, but may be useful even without HotSpot.
Specifications
Packages required: systemLicense required: Level1
Submenu level: /ip hotspot universal
Hardware usage: Not significant
Description
Universal client accepts any incoming address from a connected network interface and does one to one network address translation so that data may be routed through standard IP networks. Clients may use any preconfigured addresses. If the Universal client feature is set to translate a client's address to a public IP address, then the client may even run a server or any other service that requires a public IP address. It is possible to add static entries, so that some clients will get the specified addresses.
Universal client is changing source address of each packet just after it is received by the router (even mangle 'sees' the translated address).
Note also that arp mode must be enabled on the interface you set Universal Client Interface on.
Universal Client Interface Setup
Submenu level: /ip hotspot universalProperty Description
interface (name) - interface to run universal client on address-pool (name) - IP address pool name arp (all-arp | no-arp; default: all-arp) - ARP handling mode:no-arp - respond to ARP requests normally
Notes
Setting arp in all-arp is generally a good idea because in most cases you cannot know what is the gateway's IP address configured on the clients, but it can potentially disturb some network protocols.
Example
To enable Universal Client Interface on ether1 interface that will take the addresses to translate to from the exp pool:
[admin@MikroTik] ip hotspot universal> add address-pool=exp interface=ether1 [admin@MikroTik] ip hotspot universal> print Flags: X - disabled, I - invalid # INTERFACE ADDRESS-POOL ADDRESSES-PER-MAC ARP USE-DHCP IDLE-TIMEOUT 0 X ether1 exp 2 all-arp yes 5m [admin@MikroTik] ip hotspot universal> enable 0 [admin@MikroTik] ip hotspot universal> print Flags: X - disabled, I - invalid # INTERFACE ADDRESS-POOL ADDRESSES-PER-MAC ARP USE-DHCP IDLE-TIMEOUT 0 ether1 exp 2 all-arp yes 5m [admin@MikroTik] ip hotspot universal>
Universal Host List
Submenu level: /ip hotspot universal hostDescription
The list shows the current translation table. There are three ways a client may be added to the table:
- Each time router receives a packet from an unknown client (determined by three properties: mac-address, address and interface), it adds the client to the list
- Client may be added by DHCP server
Property Description
mac-address (read-only: MAC address) - client's MAC address address (read-only: IP address) - client's IP address to-address (read-only: IP address) - IP address to translate the address to interface (read-only: name) - interface name the client is connected to idle-time (read-only: time) - inactivity time uptime (read-only: time) - how long the client is active bytes-in (read-only: integer) - the amount of bytes received from the client bytes-out (read-only: integer) - the amount of bytes sent to the client packets-in (read-only: integer) - the amount of packets received from the client packets-out (read-only: integer) - the amount of packets sent to the clientExample
To check the current translation table:
[admin@MikroTik] ip hotspot universal host> print Flags: I - invalid, H - DHCP, D - dynamic # MAC-ADDRESS ADDRESS TO-ADDRESS INTERFACE 0 D 00:05:5D:5F:4E:34 10.1.0.144 192.168.0.254 int [admin@MikroTik] ip hotspot universal host>
Universal Access List
Submenu level: /ip hotspot universal accessDescription
You can specify manually what IP address will a given IP and/or MAC addresses get.
Property Description
mac-address (MAC address) - client's MAC address address (IP address) - client's IP address to-address (IP address) - IP address to translate the address to interface (nameempty) - interface name the client is connected toExample
To add an entry specifying that IP address 10.20.30.40 should be translated to 10.0.0.20 for packets coming from ether1 interface:
[admin@MikroTik] ip hotspot universal access> add address=10.20.30.40 \ \... interface=ether1 to-address=10.0.0.20 [admin@MikroTik] ip hotspot universal access> print Flags: X - disabled, I - invalid, H - DHCP, D - dynamic # MAC-ADDRESS ADDRESS TO-ADDRESS INTERFACE IDLE-TIME 0 10.20.30.40 10.0.0.20 ether1 1s [admin@MikroTik] ip hotspot universal access>
Service Port
Submenu level: /ip hotspot universal service-portDescription
Just like for classic NAT, the Universal Client Interface 'breaks' some protocols that are incompatible with address translation. To leave these protocols consistent, helper modules must be used. For the Universal Client Interface the only such a module is for FTP protocol.
Property Description
name (read-only: name) - protocol name ports (read-only: integer) - list of the ports on which the protocol is workingExample
To set the FTP protocol uses bot 20 and 21 TCP port:
[admin@MikroTik] ip hotspot universal service-port> print Flags: X - disabled # NAME PORTS 0 ftp 21 [admin@MikroTik] ip hotspot universal service-port> set ftp ports=20,21 [admin@MikroTik] ip hotspot universal service-port> print Flags: X - disabled # NAME PORTS 0 ftp 20 21 [admin@MikroTik] ip hotspot universal service-port>