Track5Wireless: exercises-mikrotik-ptp.htm

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <meta http-equiv="Content-Style-Type" content="text/css" />
  <meta name="generator" content="pandoc" />
  <title>Mikrotik Point to Point Links</title>
  <style type="text/css">code{white-space: pre;}</style>
  <link href="data:text/css;charset=utf-8,%0A%0A%0A%0Adiv%23header%2C%20header%0A%7B%0A%0Aborder%2Dbottom%3A%201px%20solid%20%23aaa%3B%0Amargin%2Dbottom%3A%200%2E5em%3B%0A%7D%0A%2Etitle%20%0A%7B%0Atext%2Dalign%3A%20center%3B%0A%7D%0A%2Eauthor%2C%20%2Edate%20%0A%7B%0Atext%2Dalign%3A%20center%3B%0A%7D%0A%0Adiv%23TOC%2C%20nav%23TOC%0A%7B%0A%0Aborder%2Dbottom%3A%201px%20solid%20%23aaa%3B%0Amargin%2Dbottom%3A%200%2E5em%3B%0A%7D%0A%40media%20print%0A%7B%0Adiv%23TOC%2C%20nav%23TOC%0A%7B%0A%0Adisplay%3A%20none%3B%0A%7D%0A%7D%0A%0Ah1%2C%20h2%2C%20h3%2C%20h4%2C%20h5%2C%20h6%0A%7B%0Afont%2Dfamily%3A%20%22Helvetica%20Neue%22%2C%20Helvetica%2C%20%22Liberation%20Sans%22%2C%20Calibri%2C%20Arial%2C%20sans%2Dserif%3B%20%0A%0Apage%2Dbreak%2Dafter%3A%20avoid%3B%20%0A%7D%0A%0Adiv%20div%2C%20section%20section%20%0A%7B%0Amargin%2Dleft%3A%202em%3B%20%0A%7D%0Ap%20%7B%7D%0Ablockquote%0A%7B%20font%2Dstyle%3A%20italic%3B%0A%7D%0Ali%20%0A%7B%0A%7D%0Ali%20%3E%20p%20%0A%7B%0Amargin%2Dtop%3A%201em%3B%20%0A%7D%0Aul%20%0A%7B%0A%7D%0Aul%20li%20%0A%7B%0A%7D%0Aol%20%0A%7B%0A%7D%0Aol%20li%20%0A%7B%0A%7D%0Ahr%20%7B%7D%0A%0Asub%20%0A%7B%0A%7D%0Asup%20%0A%7B%0A%7D%0Aem%20%0A%7B%0A%7D%0Aem%20%3E%20em%20%0A%7B%0Afont%2Dstyle%3A%20normal%3B%0A%7D%0Astrong%20%0A%7B%0A%7D%0A%0Aa%20%0A%7B%0A%0Atext%2Ddecoration%3A%20none%3B%0A%7D%0A%40media%20screen%0A%7B%0Aa%3Ahover%0A%7B%0A%0Atext%2Ddecoration%3A%20underline%3B%0A%7D%0A%7D%0A%40media%20print%0A%7B%0Aa%20%7B%0A%0Acolor%3A%20black%3B%0Abackground%3A%20transparent%3B%0A%7D%0Aa%5Bhref%5E%3D%22http%3A%2F%2F%22%5D%3Aafter%2C%20a%5Bhref%5E%3D%22https%3A%2F%2F%22%5D%3Aafter%0A%7B%0A%0Acontent%3A%20%22%20%28%22%20attr%28href%29%20%22%29%20%22%3B%0Afont%2Dsize%3A%2090%25%3B%0A%7D%0A%7D%0A%0Aimg%0A%7B%0A%0Avertical%2Dalign%3A%20middle%3B%0A%7D%0Adiv%2Efigure%20%0A%7B%0A%0Amargin%2Dleft%3A%20auto%3B%0Amargin%2Dright%3A%20auto%3B%0Atext%2Dalign%3A%20center%3B%0Afont%2Dstyle%3A%20italic%3B%0A%7D%0Ap%2Ecaption%20%0A%7B%0A%0A%7D%0A%0Apre%2C%20code%20%7B%0Abackground%2Dcolor%3A%20%23fdf7ee%3B%0A%0A%0A%0Awhite%2Dspace%3A%20pre%2Dwrap%3B%20%0Awhite%2Dspace%3A%20%2Dmoz%2Dpre%2Dwrap%20%21important%3B%20%0Awhite%2Dspace%3A%20%2Dpre%2Dwrap%3B%20%0Awhite%2Dspace%3A%20%2Do%2Dpre%2Dwrap%3B%20%0Aword%2Dwrap%3A%20break%2Dword%3B%20%0A%0A%7D%0Apre%20%0A%7B%0A%0Apadding%3A%200%2E5em%3B%20%0Aborder%2Dradius%3A%205px%3B%20%0A%0Aborder%3A%201px%20solid%20%23aaa%3B%0A%0Amargin%2Dleft%3A%200%2E5em%3B%0Amargin%2Dright%3A%200%2E5em%3B%0A%7D%0A%40media%20screen%0A%7B%0Apre%0A%7B%0A%0Awhite%2Dspace%3A%20pre%3B%0Aoverflow%3A%20auto%3B%0A%0Aborder%3A%201px%20dotted%20%23777%3B%0A%7D%0A%7D%0Acode%20%0A%7B%0A%7D%0Ap%20%3E%20code%2C%20li%20%3E%20code%20%0A%7B%0A%0Apadding%2Dleft%3A%202px%3B%0Apadding%2Dright%3A%202px%3B%0A%7D%0Ali%20%3E%20p%20code%20%0A%7B%0A%0Apadding%3A%202px%3B%0A%7D%0A%0Aspan%2Emath%20%0A%7B%0A%0A%7D%0Adiv%2Emath%20%0A%7B%0A%7D%0Aspan%2ELaTeX%20%0A%7B%0A%7D%20eq%20%0A%7B%0A%7D%20%0A%0Atable%0A%7B%0Aborder%2Dcollapse%3A%20collapse%3B%0Aborder%2Dspacing%3A%200%3B%20%0Aborder%2Dbottom%3A%202pt%20solid%20%23000%3B%0Aborder%2Dtop%3A%202pt%20solid%20%23000%3B%20%0A%0Amargin%2Dleft%3A%20auto%3B%0Amargin%2Dright%3A%20auto%3B%0A%7D%0Athead%20%0A%7B%0Aborder%2Dbottom%3A%201pt%20solid%20%23000%3B%0Abackground%2Dcolor%3A%20%23eee%3B%20%0A%7D%0Atr%2Eheader%20%0A%7B%0A%7D%20tbody%20%0A%7B%0A%7D%0A%0Atr%20%7B%0A%7D%0Atr%2Eodd%3Ahover%2C%20tr%2Eeven%3Ahover%20%0A%7B%0Abackground%2Dcolor%3A%20%23eee%3B%0A%7D%0A%0Atr%2Eodd%20%7B%7D%0Atr%2Eeven%20%7B%7D%0Atd%2C%20th%20%0A%7B%20vertical%2Dalign%3A%20top%3B%20%0Avertical%2Dalign%3A%20baseline%3B%20%0Apadding%2Dleft%3A%200%2E5em%3B%0Apadding%2Dright%3A%200%2E5em%3B%0Apadding%2Dtop%3A%200%2E2em%3B%0Apadding%2Dbottom%3A%200%2E2em%3B%0A%7D%0A%0A%0Ath%20%0A%7B%0Afont%2Dweight%3A%20bold%3B%20%7D%0Atfoot%20%0A%7B%0A%7D%0Acaption%20%0A%7B%0Acaption%2Dside%3A%20top%3B%0Aborder%3A%20none%3B%0Afont%2Dsize%3A%200%2E9em%3B%0Afont%2Dstyle%3A%20italic%3B%0Atext%2Dalign%3A%20center%3B%0Amargin%2Dbottom%3A%200%2E3em%3B%20%0Apadding%2Dbottom%3A%200%2E2em%3B%0A%7D%0A%0Adl%20%0A%7B%0Aborder%2Dtop%3A%202pt%20solid%20black%3B%0Apadding%2Dtop%3A%200%2E5em%3B%0Aborder%2Dbottom%3A%202pt%20solid%20black%3B%0A%7D%0Adt%20%0A%7B%0Afont%2Dweight%3A%20bold%3B%0A%7D%0Add%2Bdt%20%0A%7B%0Aborder%2Dtop%3A%201pt%20solid%20black%3B%0Apadding%2Dtop%3A%200%2E5em%3B%0A%7D%0Add%20%0A%7B%0Amargin%2Dbottom%3A%200%2E5em%3B%0A%7D%0Add%2Bdd%20%0A%7B%0Aborder%2Dtop%3A%201px%20solid%20black%3B%20%0A%7D%0A%0Aa%2Efootnote%2C%20a%2EfootnoteRef%20%7B%20%0Afont%2Dsize%3A%20small%3B%20vertical%2Dalign%3A%20text%2Dtop%3B%0A%7D%0Aa%5Bhref%5E%3D%22%23fnref%22%5D%2C%20a%2Ereversefootnote%20%0A%7B%0A%7D%0A%40media%20print%0A%7B%0Aa%5Bhref%5E%3D%22%23fnref%22%5D%2C%20a%2Ereversefootnote%20%0A%7B%0A%0Adisplay%3A%20none%3B%0A%7D%0A%7D%0Adiv%2Efootnotes%20%0A%7B%0A%7D%0Adiv%2Efootnotes%20li%5Bid%5E%3D%22fn%22%5D%20%0A%7B%0A%7D%0A%0A%40media%20print%0A%7B%0A%2Enoprint%0A%7B%0Adisplay%3Anone%3B%0A%7D%0A%7D%0A" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="header">
<h1 class="title">Mikrotik Point to Point Links</h1>
<h3 class="date">Wireless Networking</h3>
</div>
<div id="TOC">
<ul>
<li><a href="#creating-point-to-point-links-with-mikrotik"><span class="toc-section-number">1</span> Creating Point to Point Links with Mikrotik</a><ul>
<li><a href="#connect-to-your-router"><span class="toc-section-number">1.1</span> Connect to your router</a></li>
<li><a href="#set-your-routers-wireless-interface-to-5ghz-mode"><span class="toc-section-number">1.2</span> Set your router's wireless interface to 5GHz mode</a></li>
<li><a href="#negotiate-radio-spectrum-with-your-environment-neighbours"><span class="toc-section-number">1.3</span> Negotiate radio spectrum with your environment &amp; neighbours</a></li>
<li><a href="#set-one-of-your-radio-units-to-bridge-mode"><span class="toc-section-number">1.4</span> Set one of your radio units to Bridge Mode</a></li>
<li><a href="#set-the-other-radio-to-station-mode"><span class="toc-section-number">1.5</span> Set the other radio to Station Mode</a></li>
<li><a href="#set-the-ssid-of-both-of-your-radio-units"><span class="toc-section-number">1.6</span> Set the SSID of both of your radio units</a></li>
<li><a href="#create-a-security-profile"><span class="toc-section-number">1.7</span> Create a security profile</a></li>
<li><a href="#check-to-see-if-your-link-is-connected-adjust-power"><span class="toc-section-number">1.8</span> Check to see if your link is connected &amp; adjust power</a></li>
</ul></li>
</ul>
</div>
<h1 id="creating-point-to-point-links-with-mikrotik"><span class="header-section-number">1</span> Creating Point to Point Links with Mikrotik</h1>
<p>This set of exercises will help you learn the basic set of RouterOS commands required to configure and secure your Mikrotik switch or router.</p>
<h2 id="connect-to-your-router"><span class="header-section-number">1.1</span> Connect to your router</h2>
<p>Using your console cable, connect to your RB532 following the instructions from the Wireless Scanning &amp; Antenna Lab.</p>
<h2 id="set-your-routers-wireless-interface-to-5ghz-mode"><span class="header-section-number">1.2</span> Set your router's wireless interface to 5GHz mode</h2>
<p>The wireless cards in your Mikrotik RB532 are dual-band, 2.4 and 5 GHz radio cards. You can confirm they are dual band with this command:</p>
<pre><code>[admin@Mikrotik] &gt; /interface wireless info hw-info wlan1
    ranges: 4920-6100/5/a,a-turbo
            2192-2507/5/b,g,g-turbo
            2224-2539/5/b,g,g-turbo</code></pre>
<p>To set the card into 5GHz mode, issue this command:</p>
<pre><code>[admin@Mikrotik] &gt; /interface wireless set wlan1 band=5ghz-a frequency-mode=superchannel</code></pre>
<p>Now that you're in 5GHz mode, get a list of all the channels available to you:</p>
<pre><code>[admin@Mikrotik] &gt; /interface wireless info allowed-channels wlan1</code></pre>
<p>Not all of these channels are legal to use! Always consult your country's radio regulations before choosing a wireless channel.</p>
<h2 id="negotiate-radio-spectrum-with-your-environment-neighbours"><span class="header-section-number">1.3</span> Negotiate radio spectrum with your environment &amp; neighbours</h2>
<p>First perform a wireless scan as you did in the wireless scanning lab. Note the frequencies in use - you'll want to avoid using them!</p>
<p><code>In this lab, we'll assume the ability to use the ranges 5150-5350 and 5470-5875 at up to 1W EIRP.</code></p>
<p>Talk with your neighbours to determine how each of you can have a 20 MHz channel that's spaced 40 MHz away from the next used frequency. This leaves an empty channel above and below your radio.</p>
<p>When you've picked a channel, configure your wireless interface</p>
<pre><code>[admin@Mikrotik] &gt; /interface wireless set wlan1 channel-width=20mhz frequency=5320 disabled=no </code></pre>
<h2 id="set-one-of-your-radio-units-to-bridge-mode"><span class="header-section-number">1.4</span> Set one of your radio units to Bridge Mode</h2>
<p>Mikrotik wireless interfaces support a number of modes. AP mode supports point-to-multipoint topologies. Bridge mode supports Point to Point links. Set your wireless interface to Bridge mode.</p>
<pre><code>[admin@Mikrotik] &gt; /interface wireless set wlan1 mode=bridge</code></pre>
<h2 id="set-the-other-radio-to-station-mode"><span class="header-section-number">1.5</span> Set the other radio to Station Mode</h2>
<p>There are a number of different station modes, including station, station-bridge, station-pseudobridge, station-pseudobridge-clone, and station-wds. The many modes are explained in the Mikrotik manual: <a href="http://wiki.mikrotik.com/wiki/Manual:Wireless_Station_Modes" class="uri">http://wiki.mikrotik.com/wiki/Manual:Wireless_Station_Modes</a> For this exercise we will be building ethernet tunnels across a Layer 3 infrastructure, so set your radio to <code>station</code> mode, which only handles L3 packets.</p>
<pre><code>[admin@Mikrotik] &gt; /interface wireless set wlan1 mode=station</code></pre>
<p>In order to ensure your station will find your access point, set its scan list to include the channel you've chosen for your link</p>
<pre><code>[admin@Mikrotik] &gt; /interface wireless set wlan1 scan-list=xxxx</code></pre>
<h2 id="set-the-ssid-of-both-of-your-radio-units"><span class="header-section-number">1.6</span> Set the SSID of both of your radio units</h2>
<p>Choose an SSID for your radio link, and set both radios to the same SSID.</p>
<pre><code>[admin@Mikrotik] &gt; /interface wireless set wlan1 ssid=groupxp2p</code></pre>
<p>Displaying an SSID for infrastructure is a security risk. Any curious or malicious party scanning wireless spectrum might find your SSID and try to connect to it. For production links, it can be a good idea to hide SSIDs.</p>
<pre><code>[admin@Mikrotik] &gt; /interface wireless set wlan1 hide-ssid=yes</code></pre>
<h2 id="create-a-security-profile"><span class="header-section-number">1.7</span> Create a security profile</h2>
<p>Create a security profile for your link so that traffic is encrypted. WPA2 is an ok choice for a point-to-point link. Create the same profile on both radio units.</p>
<pre><code>[admin@Mikrotik] &gt; /interface wireless security-profiles add name=p2plink wpa2-pre-shared-key=&quot;groupxkey&quot; mode=dynamic-keys authentication-types=wpa2-psk</code></pre>
<p>Apply the security profile to both radio units.</p>
<pre><code>[admin@MikroTik] &gt; /interface wireless set wlan1 security-profile=p2plink</code></pre>
<h2 id="check-to-see-if-your-link-is-connected-adjust-power"><span class="header-section-number">1.8</span> Check to see if your link is connected &amp; adjust power</h2>
<p>With matching frequencies, you should now have a connected link. You can check this with the registration table:</p>
<pre><code>[admin@MikroTik] &gt; /interface wireless registration-table print</code></pre>
<p>The registration table will also show you the power levels your link has achieved. Try to adjust the power of your link so that the received signal strength at each end is -50 dBm.</p>
<pre><code>[admin@MikroTik] &gt; /interface wireless set wlan1 tx-power-mode=all-rates-fixed tx-power=1</code></pre>
<p>Use the antennas you built earlier in the week to focus your limited transmit and receive power</p>
</body>
</html>