Someone more versed in this should answer this, but from my understanding ; you could imagine it like that.
Like @Aug said, you just make sure the computer has two ethernet ports. And you can use a switch or another router for more ports and wifi.
What you are intending to do is what the video is showing. But it is not as simple for everyone. If you get fibre to your home then you should figure out what kind of signal it is receiving like in the video. But id you have a fibre to ethernet converter then you might not look into the video.
This I get, but wondered how a nic card with 4 ports even looks like. The wireless network addition falls under the same question of curiosity. Because I can imagine running a network aimed os on a pc, but I fail to see how to actually have all the needed interfaces.
Interesting. Does this theoretically mean that the whole traffic may stutter if qos is configured to prioritize packages, which can have bad communication from the other side? Iâm basically trying to reverse engineer the problem I faced, when I âtouchedâ the qos configuration, and it somehow resulted in an arduino\c webclient opening the connection, and what would seem like not receiving any dataâŚbut still holding the connection.
Basically, you get a device for each function. Like how you can run a specific OS to do routing duties on a network by using a PC with a couple NICs.
You would still use a (managed) switch to connect that for more wired connections. And you would generally place it in between your WAN and LAN connections. You woud then run your firewall on the router as well, to protect your network.
Like: WAN â router â LAN
It could be done by setting up specific port access and/or vlans, but thatâs more trouble than just keeping the device order in mind.
With your basic ISP/consumer all in one device, they do that as well. Just look at their marking of the âwanâ and âlanâ ports on those. Thatâs the same setup, but in one device.
When youâre pulling all those apart though, you need to keep in mind how you order that yourself.
And the same thing with adding an AP; you need a separate device for that which connects to your router/switch. It is quite a hassle if you go for all different types of APs because they might not work together well or youâd have to configure them all one by one. Thatâs why vendors like MikroTik or Ubiquity have products which you can centrally manage and all play nice together. Convenience sells!
For most home uses, it isnât convenient to have all those devices separated. That pretty deep into homelab territory!
You can separate out some things, but it really depends on what you want to do with a homelabâŚ
Yes, I replaced my ISPs router with a hAP ax².
I have fibre and I did keep the converter active, so I could just plug in an ethernet cable from the converter to my ax². Otherwise it would go to an ISP provided model.
ISPs here are required to provide users the settings they need to replace their devices. It takes some digging around, because they donât exactly want you to do that⌠But if youâre savvy enough to replace it, you should be savvy enough to find the info they provide
Just today I started watching Crosstalk Solutions, the playlist for networking from start. Already feel that I have caused some people in this thread mental pain by the whole router-switch-modem-firewall shinanigan (for which I apologize ).
I finally got it(started to see a difference between a switch and a router). The suggestion was, as Iâm on the first step of beginning to understand, to have the router part done as a pc, and simply hook up a switch to handle the rest.
This is kinda cool, and brings me the understanding why products like Odroid H series comes with 2 LAN connectors. Maybe Iâll use the H3 I have (I am using it as a small linux machine with Fedora to run non dockerized apps), and finally find an excuse to buy an H4âŚif Odroid didnât come up with a H5 already.
But for now, I feel like I want to try and configure my home network using MicroTik (Iâm that kind of person, that the moment the mind is set, the only thing that can stop it⌠is a brick wall).
Well. Similar to watercooling. When I finally gave up on aircooling, I started looking at what was needed. Tubes, connectors, reservoirs, waterblocks, drain ports⌠and all of them have varieties. So the first loop ended up in ordering everything from one vendor (rip ekwb). And only after I started looking in other directions, comparing whatâs better and whats not (I basically crushed on the bed 10 minutes ago after a 5 hour session with replacing a reservoir to a German one⌠and watercooling the new gpuâŚalso with a German part )
The thing is⌠I would love to have one of those server racks⌠but a rented aparment, with no space to allocate for it.
Today I decided to contact my ISP in regards of a gigabit connection. Yeah, also the fiber optics with some converter. It even costs only a few bucks a month more. But the clearly what looks like a 100mbps cable, which goes through the house (and mounted inâŚ) is a âgame overâ (what was the year, when 1gbps cables were introduced?).
One of the reasons I have been literally calling my ISP and asking if âaddress abc is covered by their networkâ before moving to a new apartment, was that over the years I switched quite a few ISPâs with deadweight admins/hardware, and found the only ISP that actually does the job right. Even had a few cases, where I would call the support, tell that âsomething is working fishyâ, and actually get a technical conversation with being asked ipâs, and asked to run stuff like âwinMTRâ.
I know that finetuning would be a benefit, but for now I will stick to what the connection brings âout-of-the-boxâ.
Well. There is such a practice where Iâm currently living. A âconnect to us and buy our router for 25câ. But Iâve seen a few of those routers, and 25c was their price on the day they released⌠So I never even considered touching one of those abominations.
That is the difference between âadaptive QoSâ and âstatic QoSâ.
Static is on all the time, and every âpackageâ gets sorted by priority. If there are only a few packages going through then they just get waived through the line cause nothing needs to get held up. But once you get enough connections that packages are starting to try and go through at the same time the ones with priority go first or at least at a higher ratio of being let through than the packages with lower priority. But regardless, the line is always there even if they are just being âwaived throughâ at low traffic, so your maximum throughput is limited by the speed of the person waiving things through. If you have a CPU running at 200MHz then this can slow everything down a lot even when traffic is very low. Or if you had a CPU at 2000MHz then while you are still limited by what the 2000MHz can do, it is so fast it is effectively invisible to your throughput.
Adaptive QoS is similar in that it does nothing to help at low traffic going through, but the difference is that it is completely off at low traffic. Whereas static is on and everything goes through the line at all times even if they just get waived through, Adaptive shuts the line off at low traffic so they just head through with no care in the world. When traffic gets heavy enough, then the line gets turned on and everything needs to queue up now and get let through by priority. So adaptive sounds better, but the problem is that it only activates when total throughput reaches a specific threshold of your bandwidth. It doesnât take everything into account like actual connections. This is the problem you ran into on your Asus. Even through torrents were only taking up 1mbps, they had a ton of connections open and passing tiny packages around to maintain those connections. Adaptive QoS sees âoh there is only 5mb of traffic no need to set the line upâ and so your torrents drown out your game. Static fixes this by keeping the line always on even at low traffic.
Thanks. Not I get a glimpse of understanding the QoS topic.
I do still wonder what the hell happened to that Arduino connection, which was connecting to a linux device in the lan. Tweaking the QoS triggered it (although I suspect this may have somehow be related to the fact that I updated the firmware a few days before).
Canât really compare the configs, since the config dumb is written in the tongue of the machine spirit.
I have been looking/reading/watching through some tutorials, materials and guides on how to setup what I need.
But maybe you could point me to some trusted material in this regard. I am looking for something practical like a âhow to setup pppoeâ. Although there are quite a few guides for that⌠but since I am fresh to the subject, I feel that it would be quite easy to select a more âshinyâ guide, instead of one, that actually has things done right.
Here is what I wish to achieve:
PPPoE client (eth1)
1.1. I want to make a slow shift, so at first I wish to connect the new router to my existing one, bridging the internet. I did find quite a few âhow to setup PPPoEâ, but have troubles formulating the right wording for just bridging the connection (guess people will say âbridge!â).
Make eth 2,3,5 into vlan-1.
eth4 is a working station, so I only need internet to it.
Two wireless vlans - one âgeneralâ for the IoT, and one âtrustedâ. I guess I can have multiple vlanâs inside 2.4/5.
4.1. Plot twist. There is one device, eth5, which I need to be visible/accessible from all vlanâs (hosts a MQTT server⌠and basically is a small sbc, where I have non-dockerized apps, which are accessed from my arduino and other projects). Is it possible to have one device, accessible from different vlanâs?
Theoretically, I do feel that this should be possible, but I would like to have several DHCPâs for each vlan (I do feel like this is a âduh!â question).
This will be the first time I approach the question of firewalls in a router, but âdo I need to do something besides vlanâs and simply creating NAT with masquerade?â.
I can help you with 1, because I had to set that up for my own ISP router replacement! The others⌠Pointing along the way for a bit, but youâll have to do some reading and testing for those.
Using WinBox, you go to âinterfacesâ and look at the tab âInterfaceâ, there you can add a new interface. You add a PPPoE client by clickign âNewâ and selecting âPPoE Clientâ:
Once there, you get a new window where you can give the general info in the âgeneralâ tab on your PPPoE interface, like giving it a recognisable name and specifying general things like the MTU and such.
Donât forget to connect it to the interface you have your WAN connection plugged in, which tends to be âether1â.
And in the âDial Outâ tab, you fill in any user and/or password info you need to connect to your ISPs network.
Then you click âApplyâ or âOKâ and it should switch over!
That should be enough to set up a connection to your ISPâŚ
For some general info on PPPoE in RouterOS, just read their documentation. It doesnât have a full guide on how to set it up, because there are loads of different kinds of connections to set up. But the above seems to be pretty general for ISPs from that Iâve found.
You can also take a look at the documentation in the First Time Configuration - PPPoE section of the documentation. But I personally found it easier to go through the Interfaces list, because there it also gets listed and you have a good overview of the interfaces you have active/connected. There are multiple routes to the same thing in RouterOS, depending on how you want to approach things. All fine as far as Iâm concerned, but can be confusing when first encountering it.
When looking through the same page for setting up your wireless connection(s), do keep in mind that the docs havenât been updated to the latest WinBox interface. The section they call âWirelessâ is just called âWiFiâ now The rest of the configuration options they present there are the same thoughâŚ
When you have those set up, head over to the VLAN section of the docs⌠There you get some examples about how to set it up as well. I might need some tinkering, depending on how you want to configure it, but Iâd advise you to keep the connection where you connect to the router free of settings changes while youâre tinkering. If all is right on one interface, you can always add others when it works.
When you have those different interfaces set up, you can head over to IP > IP Pool to set up some new pools for addresses you want to use. But first read up on the documentation about how all those settings interact though, because you donât want to shut yourself out of your device.
Anyway⌠welcome to the MikroTik world and do post a topic somewhere here if you run into issues. Or head over to the MikroTik forums to ask questions there! I found loads of information even without having to post anything myself. So posting might not even be needed if you can just find what youâre looking for.
Do the wiki articles, as opposed to the help articles, still work fine for ROS 7?
I know about them, but never really looked through those because I thought they were made for (only) the older versions.
The new WinBox version is still in beta, so I think that theyâll update it once it gets a full release. It is a very nice improvement on the old version though!
Donât⌠Just go from the default configuration, thatâs fine for most home use cases anyway.
This is what stopped me (although I downloaded both). âBetaâ usually means that things can go wrong (and what happens when one just enters the world of winbox, and âbetaâ results into some behavior, different from the regular one? )
Once more, my thanks.
Now to wait tuesday+ for the device to arrive (and let the games begin!). Even decided to give ISPâs gigabit a try (if they manage to hook it up to my cat 5e cord⌠which I simply cannot replace without much much effort).
I wouldnât worry about the beta status. It performs just fine and has a lot of quality of life improvements compared to the old one. Iâve been using it since they released it (because I donât need to run Wine to use it in Linux anymore ) and I havenât looked back at the old one since.
Their video instructions all use the new one as well, they donât seem to be using the stable branch internally anymore
I think Iâll be doing things differently. I do remember about the âjump overâ, but starting to feel that the darkness, in which Iâm staring, is staring back at me with a hint of amusement.
Instead of replacing asus (will use name ârouter0â), I want to connect mikrotik(ârouter1â) to it by ethernet, and try to do build my zero knowledge on top of that.
And, as a first step of conquest, I want to have only my home pc connected to it.
As I understand, one of the options would be âDHCP clientâ. I do understand correctly that it will simply link with the DHCP server, provided by router0.
And make a regular bridge out of router1âs eth2-4 ports.
But I want to make things more interesting, and instead of connecting to an existing network of router0, I want to make something, more related to having eth1 as WAN, having eth2-4 in a bridge, which has a separate DHCP, and has NAT as a layer for communication with WAN.
Would appreciate some pointers, guidance, âuse xyz, dammit!â.
Although this is much more advances and complex, I actually found winbox and the whole config process much more enjoyable. Feels like a Router, but without bloatware(huh).
For now I made a simple config - pppoe, bridge, firewall, nat and qos. I realized why people like this stuff.
For the âsimple queueâ, I have only one thing to say - ânoice!â. Have played the whole day (I do love having a vacation), with torrent doing torrent stuff on the media pc, and having that clean stable latency.
Did find one interesting thing, which I will attempt later - whenever I use static dns, internet connection is no longer capable to connect to anything (I could be mistaking, but even stuff like âping 8.8.8.8â dies) after 10 minutes or so. The pppoe connection doesnât show any error. But doing a reconnect brings it back to life for another interval.
But this is somehow specific to my ISP. Iâve had this strange behavior (could wait up to a minute before a webpage would start loading) on my asus router as well.
But once I figured out how to use ISPâs DNS, removing 8.8.8.8, things started to work like a charm.
Now Iâm interested in two questions:
VLAN (by mac). Is cool, but doâs I even needs its.
Can I actually define rules in the firewall, disabling LAN access to a specific eth port. And can I do something similar, but for IoT devices on the wifi interface (make them as static ips), making it not possible for them to view the lan, except a specific eth.
And, while I was typing, a 3rd question reminded of itself.
As I understand, I can define static entries in DNS, right?
Can I do something like
192.168.10.25:8080 â app1.myhomelab
so I could move all my static iot to use app1.myhomelab?
Cache used is quite high because I have been playing around with the Adlist function.
There are a few scripts that add DNS-entries for each DHCP-lease generated.
Park the below as a file under System > Scripts, then add an entry for it in the script-field of the DHCP-Server you want it to run on.
I canât remember where I got this one from:
:local DHCPtag
:set DHCPtag "#DHCP"
:if ( [ :len $leaseActIP ] <= 0 ) do={ :error "empty lease address" }
:if ( $leaseBound = 1 ) do=\
{
:local ttl
:local domain
:local hostname
:local fqdn
:local leaseId
:local comment
/ip dhcp-server
:set ttl [ get [ find name=$leaseServerName ] lease-time ]
network
:set domain [ get [ find $leaseActIP in address ] domain ]
.. lease
:set leaseId [ find address=$leaseActIP ]
# Check for multiple active leases for the same IP address. It's weird and it shouldn't be, but just in case.
:if ( [ :len $leaseId ] != 1) do={
:log info "DHCP2DNS: not registering domain name for address $leaseActIP because of multiple active leases for $leaseActIP"
:error "multiple active leases for $leaseActIP"
}
:set hostname [ get $leaseId host-name ]
:set comment [ get $leaseId comment ]
/
:if ( [ :len $hostname ] <= 0 ) do={ :set hostname $comment }
:if ( [ :len $hostname ] <= 0 ) do={
:log error "DHCP2DNS: not registering domain name for address $leaseActIP because of empty lease host-name or comment"
:error "empty lease host-name or comment"
}
:if ( [ :len $domain ] <= 0 ) do={
:log error "DHCP2DNS: not registering domain name for address $leaseActIP because of empty network domain name"
:error "empty network domain name"
}
:set fqdn "$hostname.$domain"
/ip dns static
:if ( [ :len [ find name=$fqdn and address=$leaseActIP and disabled=no ] ] = 0 ) do={
:log info "DHCP2DNS: registering static domain name $fqdn for address $leaseActIP with ttl $ttl"
add address=$leaseActIP name=$fqdn ttl=$ttl comment=$DHCPtag disabled=no
} else={
:log error "DHCP2DNS: not registering domain name $fqdn for address $leaseActIP because of existing active static DNS entry with this name or address"
}
/
} else={
/ip dns static
:local dnsDhcpId
:set dnsDhcpId [ find address=$leaseActIP and comment=$DHCPtag ]
:if ( [ :len $dnsDhcpId ] > 0 ) do={
:log info "DHCP2DNS: removing static domain name(s) for address $leaseActIP"
remove $dnsDhcpId
}
/
}
).
The rest of the configuration options they present there are the same thoughâŚ
)
