SlideShare a Scribd company logo

Using Mikrotik Switch Features to Improve Your Network

GLC Networks
GLC Networks

Webinar topic: Using Mikrotik Switch Features to Improve Your Network Presenter: Achmad Mardiansyah In this webinar series, we will discuss about Using Mikrotik Switch Features to Improve Your Network Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback Check our schedule for future events: https://www.glcnetworks.com/en/schedule/ Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram also discord Recording available on Youtube https://youtu.be/mqrI_szjzR0

1 of 50
Download to read offline
www.glcnetworks.com Using Mikrotik switch features to improve your network GLC Webinar, 9 dec 2021 Achmad Mardiansyah achmad@glcnetworks.com GLC Networks, Indonesia 1 Source:
www.glcnetworks.com Agenda ● Introduction ● Review prerequisite knowledge ● Mikrotik switch ● Switch features ● Live practice ● Q & A 2
www.glcnetworks.com introduction 3
www.glcnetworks.com What is GLC? ● Garda Lintas Cakrawala (www.glcnetworks.com) ● Based in Bandung, Indonesia ● Areas: Training, IT Consulting ● Certified partner for: Mikrotik, Ubiquity, Linux foundation ● Product: GLC radius manager ● Regular event 4
www.glcnetworks.com Trainer Introduction ● Name: Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user since 1999, mikrotik user since 2007, UBNT 2011 ● Mikrotik Certified Trainer (MTCNA/RE/WE/UME/INE/TCE/IPv6) ● Mikrotik/Linux Certified Consultant ● Website contributor: achmadjournal.com, mikrotik.tips, asysadmin.tips ● More info: http://au.linkedin.com/in/achmadmardiansyah 5
www.glcnetworks.com Past experience 6 ● 2021 (Congo DRC, Malaysia): network support, radius/billing integration ● 2020 (Congo DRC, Malaysia): IOT integration, network automation ● 2019, Congo (DRC): build a wireless ISP from ground-up ● 2018, Malaysia: network revamp, develop billing solution and integration, setup dynamic routing ● 2017, Libya (north africa): remote wireless migration for a new Wireless ISP ● 2016, United Kingdom: workshop for wireless ISP, migrating a bridged to routed network
www.glcnetworks.com About GLC webinar? ● First webinar: january 1, 2010 (title: tahun baru bersama solaris - new year with solaris OS) ● As a sharing event with various topics: linux, networking, wireless, database, programming, etc ● Regular schedule ● Irregular schedule: as needed ● Checking schedule: http://www.glcnetworks.com/schedule ● You are invited to be a presenter ○ No need to be an expert ○ This is a forum for sharing: knowledge, experiences, information 7
www.glcnetworks.com Please introduce yourself ● Your name ● Your company/university? ● Your networking experience? ● Your mikrotik experience? ● Your expectation from this course? 8
www.glcnetworks.com Prerequisite ● This presentation some prerequisite knowledge ● We assume you already understand: ○ Python programming ○ Machine learning 9
www.glcnetworks.com Review prerequisite knowledge 10
www.glcnetworks.com 7 OSI layer & protocol 11 ● OSI layer Is a conceptual model from ISO (International Standard Organization) for project OSI (Open System Interconnection) ● When you send a message with a courier, you need to add more info to get your message arrived at the destination (This process is called encapsulation) ● What is protocol ○ Is a set of rules for communication ○ Available on each layer ● Communication consist of series encapsulation ○ SDU: service data unit (before PDU) ○ PDU: protocol data unit (after header is added)
www.glcnetworks.com Layered model (TCP/IP vs ISO) and encapsulation 12 / datagram
www.glcnetworks.com Layer 4 header (which one is TCP?) 13
www.glcnetworks.com Layer 3 header (which one is IPv4?) 14
www.glcnetworks.com Ethernet header (which is the MTU?) 15
www.glcnetworks.com 802.11 header 16
www.glcnetworks.com Did you notice? ● There is a big overhead on encapsulation process ● More encapsulation means less payload? 17
www.glcnetworks.com Connecting Network devices 18
www.glcnetworks.com Typical network hardware ● End-devices ● Intermediary devices ● Media 19
www.glcnetworks.com Typical connection (physical topology) 20 R2 R1 R3 ● Router connects layer 2 segments ● Router works on layer 3 ● Meaning, each layer 2 segment has network ID
www.glcnetworks.com Typical connection (logical topology) Routing table: ● A table at router that is used to forward packet ● Available on every devices (router and host) ● Entry is executed sequentially 21 192.168.0.0/26 R1 192.168.0.1/26 192.168.0.3/26 192.168.0.2/26 R3 R2 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.3.3/24 192.168.3.9/24 192.168.2.9/24 192.168.2.2/24 192.168.1.1/24 192.168.1.9/24 destination gateway 192.168.0.0/26 direct 192.168.1.0/24 direct 192.168.2.0/24 192.168.0.2 192.168.3.0/24 192.168.0.3 192.168.16.3/32 192.168.0.2 0.0.0.0/0 (default gw) 192.168.0.3
www.glcnetworks.com Layer 2 technology: Ethernet 22
www.glcnetworks.com Ethernet specs ● Defined by IEEE 802.3 ● Media: ○ Coaxial cable ○ Twisted pair ○ Fiber optic ● Devices required: ○ Bridge / switch ○ HUB ● Everyone likes it!! ○ Affordable ○ Easy to install ○ Easy maintenance 23
www.glcnetworks.com How ethernet works (CSMA/CD) ● Carrier Sense Multiple Access / Collision Detection (CSMA/CD) ○ Every host do not know when other send data ○ Before sending data, host check the shared medium ○ Every host only knows when collision happens ● You will have: ○ Collision domain ■ Area where collision happens ■ Can use any frame ○ Broadcast domain ■ Area when broadcast happens ■ Using broadcast frame ● CSMA/CD != CSMA/CA 24
www.glcnetworks.com How ethernet works (ARP) ● ARP = Address resolution protocol ● A mapping between IPv4 and MAC address ● Requires broadcast frame ● Will be eliminated in IPv6 25 Source: ipcisco.com
www.glcnetworks.com Ethernet evolution (1) 26
www.glcnetworks.com Ethernet evolution (2) 27
www.glcnetworks.com Ethernet issue: Collision domain ● Area where collision happens. See CSMA/CD ● Some ideas: ○ Using bridged/switched network ○ Now is very hard to find a HUB 28 Source: devto.com
www.glcnetworks.com Ethernet issue: Broadcast domain ● An area where broadcast happens ● Try use 5-4-3-2-1 rules ● Broadcast can go wild (especially on infected hosts) ● Some ideas: ○ Using router to split segments ○ Port isolation on switch ○ Use storm control on switch 29
www.glcnetworks.com Ethernet issue: Loop ● A condition when frame is forwarded in the media ● Will stop until one of cable is removed ● Some ideas: ○ Do not use traditional switch ○ activate STP between switch ○ Port isolation 30
www.glcnetworks.com Layer 2 technology: VLAN 31
www.glcnetworks.com Without VLAN trunk link VLAN 10 VLAN 20 VLAN 10 VLAN 20 SITE A SITE B with VLAN
www.glcnetworks.com VLAN terms ● VLAN: a feature on layer 2 device (switch) to do virtual segmentation on physical switch ● The segmentation can be extended to other switch using “trunk” link. Borrowed from telco terms “trunk” (a link to connects 2 telco exchanges) ● Port types: ○ Access port -> to connect to end-devices (non-tag frame only) ○ Trunk port -> to connect to other VLAN switch (tagged frame only) ○ Hybdrid port -> allow tagged and non-tagged frame access port trunk port trunk port VLAN 10 VLAN 20 VLAN 10 VLAN 20 SITE A SITE B trunk line
www.glcnetworks.com What happened on trunk ports ● The layer-2-header of outgoing frame will be modified by adding VLAN tag on the header ● This tag will be recognised at the other end access port trunk port trunk port SITE A SITE B VLAN 10 VLAN 20 VLAN 10 VLAN 20
www.glcnetworks.com R41 EXAMPLE VLAN TOPOLOGY 1 interface with 3 networks : - no TAG - TAG to NON-TAG - TAG to TAG PC61 E3 E2 E2 SW51 E2 PC71 E3 E4 br1 e2 e3 br2 vlan10-e2 e4 E2 PC81 E5 br3 vlan20-e2 vlan20-e5
www.glcnetworks.com Mikrotik switches 36
www.glcnetworks.com Mikrotik switch ● Start produce switches in late 2000s -> small switch 5 ports ● Introduce SWOS (switch OS) only on mikrotik hardware ● Produce large scale switches since 2014 ● switch features and configurations are based on chipset used (less comfy) ○ switch 1XX / 2XX family ○ switch 3XX family 37
www.glcnetworks.com Mikrotik switches CRS (Cloud Router Switch) - use RouterOS - layer3 switch (can do routing) - many interfaces for access (winbox, web, ssh, telnet, ftp, api) CSS (Cloud Smart Switch) - use SWOS (switchOS) - only layer 2 functions - only web interface 38
www.glcnetworks.com Mikrotik: router → bridge ● By default, mikrotik is a router ● But we can turn mikrotik to be a layer 2 device. implementation: ○ Bridge → processed by CPU ○ Switch → processed by hardware chip ● all physical mac will be replaced by a single bridge mac address ● Example configuration 39 Source: praktekit.com
www.glcnetworks.com Switch features: VLAN ● Connections: ○ physical interface and logical interface (vlan interface) ○ A logical interface and other logical interface (vlan interfaces) ● Implementation ○ Put vlan interface on physical interface OR ○ Put vlan interface on bridge interface 40
www.glcnetworks.com Switch features: VLAN filtering ● Better ways to allowing vlan into: ○ physical interface and logical interface (vlan interface) ○ A logical interface and other logical interface (vlan interfaces) ● Implementation ○ Bridge interface ○ Bridge vlan filtering 41
www.glcnetworks.com Switch features: HW offloading ● HW offload can reduce CPU processing on bridge 42
www.glcnetworks.com switch features: loop protect ● A frame SHOULD NOT return back to its original switch ● This can lead to ENDLESS switching loop ● Loop will stop until a cable is unplugged ● Mikrotik detects returned frame, and disable the port that receive the frame to stop looping ● Can be implemented on bridge/routed mode ● STP/RSTP is recommended than this 43 Source: netgear.com, www.networkacademy.io
www.glcnetworks.com switch features: STP / RSTP ● R(STP): Rapid Spanning Tree Protocol ● A BPDU (Bridge Protocol Data Unit) frame is sent by switches to develop a spanning tree topology (without loop) ● Started from root → branches. No links between branches (this considered loop) ● Switch will disable ports that is involved in loop ● For compatibility, use priorities in steps of 4096 (0, 4096, 8192, 12288…) ● Will be discussed later in next webinar ● 44 Source: netgear.com, www.networkacademy.io
www.glcnetworks.com switch features: mirror port ● In case you want to sniff on a switch port 45
www.glcnetworks.com LIVE practice 46
www.glcnetworks.com preparation ● SSH client ● SSH parameters ○ SSH address ○ SSH port ○ SSH username ○ SSH password 47
www.glcnetworks.com Q & A 48
www.glcnetworks.com Interested? Just come to our training... ● Topics are arranged in systematic and logical way ● You will learn from experienced teacher ● Not only learn the materials, but also sharing experiences, best-practices, and networking 49
www.glcnetworks.com End of slides ● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Find our further event on our website : https://www.glcnetworks.com/en/ ● Like our facebook page: https://www.facebook.com/glcnetworks ● Slide: https://www.slideshare.net/glcnetworks/ ● Discord (bahasa indonesia): (https://discord.gg/6MZ3KUHHBX) ● Recording (youtube): https://www.youtube.com/c/GLCNetworks ● Stay tune with our schedule ● Any questions? 50

Recommended

Mikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveMikrotik Bridge Deep Dive
Mikrotik Bridge Deep Dive
GLC Networks
 
VLAN on mikrotik
VLAN on mikrotikVLAN on mikrotik
VLAN on mikrotik
Achmad Mardiansyah
 
Network Monitoring with The Dude and Whatsapp
Network Monitoring with The Dude and WhatsappNetwork Monitoring with The Dude and Whatsapp
Network Monitoring with The Dude and Whatsapp
GLC Networks
 
Mikrotik firewall filter
Mikrotik firewall filterMikrotik firewall filter
Mikrotik firewall filter
Achmad Mardiansyah
 
Mikrotik firewall raw table
Mikrotik firewall raw tableMikrotik firewall raw table
Mikrotik firewall raw table
Achmad Mardiansyah
 
GLC webinar: limiting bandwidth using mikrotik
GLC webinar: limiting bandwidth using mikrotikGLC webinar: limiting bandwidth using mikrotik
GLC webinar: limiting bandwidth using mikrotik
Achmad Mardiansyah
 
Detecting network virus using mikrotik
Detecting network virus using mikrotikDetecting network virus using mikrotik
Detecting network virus using mikrotik
Achmad Mardiansyah
 
Mikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCMikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCC
GLC Networks
 

Recommended

Mikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveMikrotik Bridge Deep Dive
Mikrotik Bridge Deep Dive
GLC Networks
 
VLAN on mikrotik
VLAN on mikrotikVLAN on mikrotik
VLAN on mikrotik
Achmad Mardiansyah
 
Network Monitoring with The Dude and Whatsapp
Network Monitoring with The Dude and WhatsappNetwork Monitoring with The Dude and Whatsapp
Network Monitoring with The Dude and Whatsapp
GLC Networks
 
Mikrotik firewall filter
Mikrotik firewall filterMikrotik firewall filter
Mikrotik firewall filter
Achmad Mardiansyah
 
Mikrotik firewall raw table
Mikrotik firewall raw tableMikrotik firewall raw table
Mikrotik firewall raw table
Achmad Mardiansyah
 
GLC webinar: limiting bandwidth using mikrotik
GLC webinar: limiting bandwidth using mikrotikGLC webinar: limiting bandwidth using mikrotik
GLC webinar: limiting bandwidth using mikrotik
Achmad Mardiansyah
 
Detecting network virus using mikrotik
Detecting network virus using mikrotikDetecting network virus using mikrotik
Detecting network virus using mikrotik
Achmad Mardiansyah
 
Mikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCMikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCC
GLC Networks
 
Best Current Practice (BCP) 38 Ingress Filtering for Security
Best Current Practice (BCP) 38 Ingress Filtering for SecurityBest Current Practice (BCP) 38 Ingress Filtering for Security
Best Current Practice (BCP) 38 Ingress Filtering for Security
GLC Networks
 
IPsec on Mikrotik
IPsec on MikrotikIPsec on Mikrotik
IPsec on Mikrotik
GLC Networks
 
Mikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and SecurityMikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and Security
GLC Networks
 
BGP filter with mikrotik
BGP filter with mikrotikBGP filter with mikrotik
BGP filter with mikrotik
Achmad Mardiansyah
 
Mikrotik Hotspot
Mikrotik HotspotMikrotik Hotspot
Mikrotik Hotspot
GLC Networks
 
BGP tuning: Peer with loopback
BGP tuning: Peer with loopbackBGP tuning: Peer with loopback
BGP tuning: Peer with loopback
GLC Networks
 
Mikrotik VRRP
Mikrotik VRRPMikrotik VRRP
Mikrotik VRRP
Achmad Mardiansyah
 
Routing fundamentals with mikrotik
Routing fundamentals with mikrotikRouting fundamentals with mikrotik
Routing fundamentals with mikrotik
Achmad Mardiansyah
 
BGP on RouterOS7 -Part 1
BGP on RouterOS7 -Part 1BGP on RouterOS7 -Part 1
BGP on RouterOS7 -Part 1
GLC Networks
 
EOIP Deep Dive
EOIP Deep DiveEOIP Deep Dive
EOIP Deep Dive
GLC Networks
 
Mikrotik firewall mangle
Mikrotik firewall mangleMikrotik firewall mangle
Mikrotik firewall mangle
Achmad Mardiansyah
 
Layer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikLayer 7 Firewall on Mikrotik
Layer 7 Firewall on Mikrotik
GLC Networks
 
Mikrotik fastpath
Mikrotik fastpathMikrotik fastpath
Mikrotik fastpath
Achmad Mardiansyah
 
BGP on mikrotik
BGP on mikrotikBGP on mikrotik
BGP on mikrotik
Achmad Mardiansyah
 
ISP Load Balancing with Mikrotik ECMP
ISP Load Balancing with Mikrotik ECMPISP Load Balancing with Mikrotik ECMP
ISP Load Balancing with Mikrotik ECMP
GLC Networks
 
IPv6 with Mikrotik
IPv6 with MikrotikIPv6 with Mikrotik
IPv6 with Mikrotik
GLC Networks
 
OSPF On Router OS7
OSPF On Router OS7OSPF On Router OS7
OSPF On Router OS7
GLC Networks
 
Network LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikNetwork LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with Mikrotik
GLC Networks
 
Tunnel vs VPN on Mikrotik
Tunnel vs VPN on MikrotikTunnel vs VPN on Mikrotik
Tunnel vs VPN on Mikrotik
GLC Networks
 
Connection load balancing with mikrotik [workshop]
Connection load balancing with mikrotik [workshop]Connection load balancing with mikrotik [workshop]
Connection load balancing with mikrotik [workshop]
Achmad Mardiansyah
 
MTCNA : Intro to RouterOS - Part 1
MTCNA : Intro to RouterOS - Part 1MTCNA : Intro to RouterOS - Part 1
MTCNA : Intro to RouterOS - Part 1
GLC Networks
 
MTCNA Intro to routerOS
MTCNA Intro to routerOSMTCNA Intro to routerOS
MTCNA Intro to routerOS
GLC Networks
 

More Related Content

What's hot

Best Current Practice (BCP) 38 Ingress Filtering for Security
Best Current Practice (BCP) 38 Ingress Filtering for SecurityBest Current Practice (BCP) 38 Ingress Filtering for Security
Best Current Practice (BCP) 38 Ingress Filtering for Security
GLC Networks
 
IPsec on Mikrotik
IPsec on MikrotikIPsec on Mikrotik
IPsec on Mikrotik
GLC Networks
 
Mikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and SecurityMikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and Security
GLC Networks
 
BGP filter with mikrotik
BGP filter with mikrotikBGP filter with mikrotik
BGP filter with mikrotik
Achmad Mardiansyah
 
Mikrotik Hotspot
Mikrotik HotspotMikrotik Hotspot
Mikrotik Hotspot
GLC Networks
 
BGP tuning: Peer with loopback
BGP tuning: Peer with loopbackBGP tuning: Peer with loopback
BGP tuning: Peer with loopback
GLC Networks
 
Mikrotik VRRP
Mikrotik VRRPMikrotik VRRP
Mikrotik VRRP
Achmad Mardiansyah
 
Routing fundamentals with mikrotik
Routing fundamentals with mikrotikRouting fundamentals with mikrotik
Routing fundamentals with mikrotik
Achmad Mardiansyah
 
BGP on RouterOS7 -Part 1
BGP on RouterOS7 -Part 1BGP on RouterOS7 -Part 1
BGP on RouterOS7 -Part 1
GLC Networks
 
EOIP Deep Dive
EOIP Deep DiveEOIP Deep Dive
EOIP Deep Dive
GLC Networks
 
Mikrotik firewall mangle
Mikrotik firewall mangleMikrotik firewall mangle
Mikrotik firewall mangle
Achmad Mardiansyah
 
Layer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikLayer 7 Firewall on Mikrotik
Layer 7 Firewall on Mikrotik
GLC Networks
 
Mikrotik fastpath
Mikrotik fastpathMikrotik fastpath
Mikrotik fastpath
Achmad Mardiansyah
 
BGP on mikrotik
BGP on mikrotikBGP on mikrotik
BGP on mikrotik
Achmad Mardiansyah
 
ISP Load Balancing with Mikrotik ECMP
ISP Load Balancing with Mikrotik ECMPISP Load Balancing with Mikrotik ECMP
ISP Load Balancing with Mikrotik ECMP
GLC Networks
 
IPv6 with Mikrotik
IPv6 with MikrotikIPv6 with Mikrotik
IPv6 with Mikrotik
GLC Networks
 
OSPF On Router OS7
OSPF On Router OS7OSPF On Router OS7
OSPF On Router OS7
GLC Networks
 
Network LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikNetwork LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with Mikrotik
GLC Networks
 
Tunnel vs VPN on Mikrotik
Tunnel vs VPN on MikrotikTunnel vs VPN on Mikrotik
Tunnel vs VPN on Mikrotik
GLC Networks
 
Connection load balancing with mikrotik [workshop]
Connection load balancing with mikrotik [workshop]Connection load balancing with mikrotik [workshop]
Connection load balancing with mikrotik [workshop]
Achmad Mardiansyah
 

What's hot (20)

Best Current Practice (BCP) 38 Ingress Filtering for Security
Best Current Practice (BCP) 38 Ingress Filtering for SecurityBest Current Practice (BCP) 38 Ingress Filtering for Security
Best Current Practice (BCP) 38 Ingress Filtering for Security
 
IPsec on Mikrotik
IPsec on MikrotikIPsec on Mikrotik
IPsec on Mikrotik
 
Mikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and SecurityMikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and Security
 
BGP filter with mikrotik
BGP filter with mikrotikBGP filter with mikrotik
BGP filter with mikrotik
 
Mikrotik Hotspot
Mikrotik HotspotMikrotik Hotspot
Mikrotik Hotspot
 
BGP tuning: Peer with loopback
BGP tuning: Peer with loopbackBGP tuning: Peer with loopback
BGP tuning: Peer with loopback
 
Mikrotik VRRP
Mikrotik VRRPMikrotik VRRP
Mikrotik VRRP
 
Routing fundamentals with mikrotik
Routing fundamentals with mikrotikRouting fundamentals with mikrotik
Routing fundamentals with mikrotik
 
BGP on RouterOS7 -Part 1
BGP on RouterOS7 -Part 1BGP on RouterOS7 -Part 1
BGP on RouterOS7 -Part 1
 
EOIP Deep Dive
EOIP Deep DiveEOIP Deep Dive
EOIP Deep Dive
 
Mikrotik firewall mangle
Mikrotik firewall mangleMikrotik firewall mangle
Mikrotik firewall mangle
 
Layer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikLayer 7 Firewall on Mikrotik
Layer 7 Firewall on Mikrotik
 
Mikrotik fastpath
Mikrotik fastpathMikrotik fastpath
Mikrotik fastpath
 
BGP on mikrotik
BGP on mikrotikBGP on mikrotik
BGP on mikrotik
 
ISP Load Balancing with Mikrotik ECMP
ISP Load Balancing with Mikrotik ECMPISP Load Balancing with Mikrotik ECMP
ISP Load Balancing with Mikrotik ECMP
 
IPv6 with Mikrotik
IPv6 with MikrotikIPv6 with Mikrotik
IPv6 with Mikrotik
 
OSPF On Router OS7
OSPF On Router OS7OSPF On Router OS7
OSPF On Router OS7
 
Network LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikNetwork LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with Mikrotik
 
Tunnel vs VPN on Mikrotik
Tunnel vs VPN on MikrotikTunnel vs VPN on Mikrotik
Tunnel vs VPN on Mikrotik
 
Connection load balancing with mikrotik [workshop]
Connection load balancing with mikrotik [workshop]Connection load balancing with mikrotik [workshop]
Connection load balancing with mikrotik [workshop]
 

Similar to Using Mikrotik Switch Features to Improve Your Network

MTCNA : Intro to RouterOS - Part 1
MTCNA : Intro to RouterOS - Part 1MTCNA : Intro to RouterOS - Part 1
MTCNA : Intro to RouterOS - Part 1
GLC Networks
 
MTCNA Intro to routerOS
MTCNA Intro to routerOSMTCNA Intro to routerOS
MTCNA Intro to routerOS
GLC Networks
 
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
GLC Networks
 
Zabbix for Monitoring
Zabbix for MonitoringZabbix for Monitoring
Zabbix for Monitoring
GLC Networks
 
Controlling Access Between Devices in the same Layer 2 Segment
Controlling Access Between Devices in the same Layer 2 SegmentControlling Access Between Devices in the same Layer 2 Segment
Controlling Access Between Devices in the same Layer 2 Segment
GLC Networks
 
VLAN vs VXLAN
VLAN vs VXLANVLAN vs VXLAN
VLAN vs VXLAN
GLC Networks
 
BGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP PeeringBGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP Peering
GLC Networks
 
Networking in Telecommunication (signalling, tcp, ucp, ss7, sctp, sigtran)
Networking in Telecommunication (signalling, tcp, ucp, ss7, sctp, sigtran)Networking in Telecommunication (signalling, tcp, ucp, ss7, sctp, sigtran)
Networking in Telecommunication (signalling, tcp, ucp, ss7, sctp, sigtran)
GLC Networks
 
RouterOS Migration From v6 to v7
RouterOS Migration From v6 to v7RouterOS Migration From v6 to v7
RouterOS Migration From v6 to v7
GLC Networks
 
Queue Type on Mikrotik
Queue Type on MikrotikQueue Type on Mikrotik
Queue Type on Mikrotik
GLC Networks
 
Building Local-loop Services for Customers
Building Local-loop Services for CustomersBuilding Local-loop Services for Customers
Building Local-loop Services for Customers
GLC Networks
 
Stable OSPF: choosing network type.pdf
Stable OSPF: choosing network type.pdfStable OSPF: choosing network type.pdf
Stable OSPF: choosing network type.pdf
GLC Networks
 
CCNA : Intro to Cisco IOS - Part 1
CCNA : Intro to Cisco IOS - Part 1CCNA : Intro to Cisco IOS - Part 1
CCNA : Intro to Cisco IOS - Part 1
GLC Networks
 
Up and Running SSH Service - Part 1
Up and Running SSH Service - Part 1Up and Running SSH Service - Part 1
Up and Running SSH Service - Part 1
GLC Networks
 
Using protocol analyzer on mikrotik
Using protocol analyzer on mikrotikUsing protocol analyzer on mikrotik
Using protocol analyzer on mikrotik
Achmad Mardiansyah
 
Internet Protocol Deep-Dive
Internet Protocol Deep-DiveInternet Protocol Deep-Dive
Internet Protocol Deep-Dive
GLC Networks
 
Tuning OSPF: Bidirectional Forwarding Detection (BFD)
Tuning OSPF: Bidirectional Forwarding Detection (BFD)Tuning OSPF: Bidirectional Forwarding Detection (BFD)
Tuning OSPF: Bidirectional Forwarding Detection (BFD)
GLC Networks
 
Firewall mangle PBR: steering outbound path similar to inbound
Firewall mangle PBR: steering outbound path similar to inboundFirewall mangle PBR: steering outbound path similar to inbound
Firewall mangle PBR: steering outbound path similar to inbound
GLC Networks
 
Automatic Backup via FTP - Part 1
Automatic Backup via FTP - Part 1Automatic Backup via FTP - Part 1
Automatic Backup via FTP - Part 1
GLC Networks
 
Building Indoor Wireless Network
Building Indoor Wireless NetworkBuilding Indoor Wireless Network
Building Indoor Wireless Network
GLC Networks
 

Similar to Using Mikrotik Switch Features to Improve Your Network (20)

MTCNA : Intro to RouterOS - Part 1
MTCNA : Intro to RouterOS - Part 1MTCNA : Intro to RouterOS - Part 1
MTCNA : Intro to RouterOS - Part 1
 
MTCNA Intro to routerOS
MTCNA Intro to routerOSMTCNA Intro to routerOS
MTCNA Intro to routerOS
 
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
 
Zabbix for Monitoring
Zabbix for MonitoringZabbix for Monitoring
Zabbix for Monitoring
 
Controlling Access Between Devices in the same Layer 2 Segment
Controlling Access Between Devices in the same Layer 2 SegmentControlling Access Between Devices in the same Layer 2 Segment
Controlling Access Between Devices in the same Layer 2 Segment
 
VLAN vs VXLAN
VLAN vs VXLANVLAN vs VXLAN
VLAN vs VXLAN
 
BGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP PeeringBGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP Peering
 
Networking in Telecommunication (signalling, tcp, ucp, ss7, sctp, sigtran)
Networking in Telecommunication (signalling, tcp, ucp, ss7, sctp, sigtran)Networking in Telecommunication (signalling, tcp, ucp, ss7, sctp, sigtran)
Networking in Telecommunication (signalling, tcp, ucp, ss7, sctp, sigtran)
 
RouterOS Migration From v6 to v7
RouterOS Migration From v6 to v7RouterOS Migration From v6 to v7
RouterOS Migration From v6 to v7
 
Queue Type on Mikrotik
Queue Type on MikrotikQueue Type on Mikrotik
Queue Type on Mikrotik
 
Building Local-loop Services for Customers
Building Local-loop Services for CustomersBuilding Local-loop Services for Customers
Building Local-loop Services for Customers
 
Stable OSPF: choosing network type.pdf
Stable OSPF: choosing network type.pdfStable OSPF: choosing network type.pdf
Stable OSPF: choosing network type.pdf
 
CCNA : Intro to Cisco IOS - Part 1
CCNA : Intro to Cisco IOS - Part 1CCNA : Intro to Cisco IOS - Part 1
CCNA : Intro to Cisco IOS - Part 1
 
Up and Running SSH Service - Part 1
Up and Running SSH Service - Part 1Up and Running SSH Service - Part 1
Up and Running SSH Service - Part 1
 
Using protocol analyzer on mikrotik
Using protocol analyzer on mikrotikUsing protocol analyzer on mikrotik
Using protocol analyzer on mikrotik
 
Internet Protocol Deep-Dive
Internet Protocol Deep-DiveInternet Protocol Deep-Dive
Internet Protocol Deep-Dive
 
Tuning OSPF: Bidirectional Forwarding Detection (BFD)
Tuning OSPF: Bidirectional Forwarding Detection (BFD)Tuning OSPF: Bidirectional Forwarding Detection (BFD)
Tuning OSPF: Bidirectional Forwarding Detection (BFD)
 
Firewall mangle PBR: steering outbound path similar to inbound
Firewall mangle PBR: steering outbound path similar to inboundFirewall mangle PBR: steering outbound path similar to inbound
Firewall mangle PBR: steering outbound path similar to inbound
 
Automatic Backup via FTP - Part 1
Automatic Backup via FTP - Part 1Automatic Backup via FTP - Part 1
Automatic Backup via FTP - Part 1
 
Building Indoor Wireless Network
Building Indoor Wireless NetworkBuilding Indoor Wireless Network
Building Indoor Wireless Network
 

More from GLC Networks

Internal BGP tuning: Mesh peering to avoid loop
Internal BGP tuning: Mesh peering to avoid loopInternal BGP tuning: Mesh peering to avoid loop
Internal BGP tuning: Mesh peering to avoid loop
GLC Networks
 
BGP security tuning: pull-up route
BGP security tuning: pull-up routeBGP security tuning: pull-up route
BGP security tuning: pull-up route
GLC Networks
 
BGP troubleshooting: route origin
BGP troubleshooting: route originBGP troubleshooting: route origin
BGP troubleshooting: route origin
GLC Networks
 
Steering traffic in OSPF: Interface cost
Steering traffic in OSPF: Interface costSteering traffic in OSPF: Interface cost
Steering traffic in OSPF: Interface cost
GLC Networks
 
Tuning OSPF: Prefix Aggregate
Tuning OSPF: Prefix AggregateTuning OSPF: Prefix Aggregate
Tuning OSPF: Prefix Aggregate
GLC Networks
 
Tuning OSPF: area hierarchy, LSA, and area type
Tuning OSPF: area hierarchy, LSA, and area typeTuning OSPF: area hierarchy, LSA, and area type
Tuning OSPF: area hierarchy, LSA, and area type
GLC Networks
 
GIT as Mikrotik Configuration Management
GIT as Mikrotik Configuration ManagementGIT as Mikrotik Configuration Management
GIT as Mikrotik Configuration Management
GLC Networks
 
Building a Web Server with NGINX
Building a Web Server with NGINXBuilding a Web Server with NGINX
Building a Web Server with NGINX
GLC Networks
 
Policy Based Routing with Indirect BGP - Part 2
Policy Based Routing with Indirect BGP - Part 2Policy Based Routing with Indirect BGP - Part 2
Policy Based Routing with Indirect BGP - Part 2
GLC Networks
 
Policy Based Routing with Indirect BGP - Part 1
Policy Based Routing with Indirect BGP - Part 1Policy Based Routing with Indirect BGP - Part 1
Policy Based Routing with Indirect BGP - Part 1
GLC Networks
 
Automatic Backup via FTP - Part 2
Automatic Backup via FTP - Part 2Automatic Backup via FTP - Part 2
Automatic Backup via FTP - Part 2
GLC Networks
 
Voice Services, From Circuit Switch to VoIP
Voice Services, From Circuit Switch to VoIPVoice Services, From Circuit Switch to VoIP
Voice Services, From Circuit Switch to VoIP
GLC Networks
 
MPLS on Router OS V7 - Part 2
MPLS on Router OS V7 - Part 2MPLS on Router OS V7 - Part 2
MPLS on Router OS V7 - Part 2
GLC Networks
 
MPLS on Router OS V7 - Part 1
MPLS on Router OS V7 - Part 1MPLS on Router OS V7 - Part 1
MPLS on Router OS V7 - Part 1
GLC Networks
 
BGP on RouterOS7 - Part 2
BGP on RouterOS7 - Part 2BGP on RouterOS7 - Part 2
BGP on RouterOS7 - Part 2
GLC Networks
 
OSPF On Router OS7 - Part 2
OSPF On Router OS7 - Part 2OSPF On Router OS7 - Part 2
OSPF On Router OS7 - Part 2
GLC Networks
 
Using Zettabyte Filesystem (ZFS)
Using Zettabyte Filesystem (ZFS)Using Zettabyte Filesystem (ZFS)
Using Zettabyte Filesystem (ZFS)
GLC Networks
 

More from GLC Networks (17)

Internal BGP tuning: Mesh peering to avoid loop
Internal BGP tuning: Mesh peering to avoid loopInternal BGP tuning: Mesh peering to avoid loop
Internal BGP tuning: Mesh peering to avoid loop
 
BGP security tuning: pull-up route
BGP security tuning: pull-up routeBGP security tuning: pull-up route
BGP security tuning: pull-up route
 
BGP troubleshooting: route origin
BGP troubleshooting: route originBGP troubleshooting: route origin
BGP troubleshooting: route origin
 
Steering traffic in OSPF: Interface cost
Steering traffic in OSPF: Interface costSteering traffic in OSPF: Interface cost
Steering traffic in OSPF: Interface cost
 
Tuning OSPF: Prefix Aggregate
Tuning OSPF: Prefix AggregateTuning OSPF: Prefix Aggregate
Tuning OSPF: Prefix Aggregate
 
Tuning OSPF: area hierarchy, LSA, and area type
Tuning OSPF: area hierarchy, LSA, and area typeTuning OSPF: area hierarchy, LSA, and area type
Tuning OSPF: area hierarchy, LSA, and area type
 
GIT as Mikrotik Configuration Management
GIT as Mikrotik Configuration ManagementGIT as Mikrotik Configuration Management
GIT as Mikrotik Configuration Management
 
Building a Web Server with NGINX
Building a Web Server with NGINXBuilding a Web Server with NGINX
Building a Web Server with NGINX
 
Policy Based Routing with Indirect BGP - Part 2
Policy Based Routing with Indirect BGP - Part 2Policy Based Routing with Indirect BGP - Part 2
Policy Based Routing with Indirect BGP - Part 2
 
Policy Based Routing with Indirect BGP - Part 1
Policy Based Routing with Indirect BGP - Part 1Policy Based Routing with Indirect BGP - Part 1
Policy Based Routing with Indirect BGP - Part 1
 
Automatic Backup via FTP - Part 2
Automatic Backup via FTP - Part 2Automatic Backup via FTP - Part 2
Automatic Backup via FTP - Part 2
 
Voice Services, From Circuit Switch to VoIP
Voice Services, From Circuit Switch to VoIPVoice Services, From Circuit Switch to VoIP
Voice Services, From Circuit Switch to VoIP
 
MPLS on Router OS V7 - Part 2
MPLS on Router OS V7 - Part 2MPLS on Router OS V7 - Part 2
MPLS on Router OS V7 - Part 2
 
MPLS on Router OS V7 - Part 1
MPLS on Router OS V7 - Part 1MPLS on Router OS V7 - Part 1
MPLS on Router OS V7 - Part 1
 
BGP on RouterOS7 - Part 2
BGP on RouterOS7 - Part 2BGP on RouterOS7 - Part 2
BGP on RouterOS7 - Part 2
 
OSPF On Router OS7 - Part 2
OSPF On Router OS7 - Part 2OSPF On Router OS7 - Part 2
OSPF On Router OS7 - Part 2
 
Using Zettabyte Filesystem (ZFS)
Using Zettabyte Filesystem (ZFS)Using Zettabyte Filesystem (ZFS)
Using Zettabyte Filesystem (ZFS)
 

Recently uploaded

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 

Recently uploaded (20)

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 

Using Mikrotik Switch Features to Improve Your Network

  • 1. www.glcnetworks.com Using Mikrotik switch features to improve your network GLC Webinar, 9 dec 2021 Achmad Mardiansyah achmad@glcnetworks.com GLC Networks, Indonesia 1 Source:
  • 2. www.glcnetworks.com Agenda ● Introduction ● Review prerequisite knowledge ● Mikrotik switch ● Switch features ● Live practice ● Q & A 2
  • 4. www.glcnetworks.com What is GLC? ● Garda Lintas Cakrawala (www.glcnetworks.com) ● Based in Bandung, Indonesia ● Areas: Training, IT Consulting ● Certified partner for: Mikrotik, Ubiquity, Linux foundation ● Product: GLC radius manager ● Regular event 4
  • 5. www.glcnetworks.com Trainer Introduction ● Name: Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user since 1999, mikrotik user since 2007, UBNT 2011 ● Mikrotik Certified Trainer (MTCNA/RE/WE/UME/INE/TCE/IPv6) ● Mikrotik/Linux Certified Consultant ● Website contributor: achmadjournal.com, mikrotik.tips, asysadmin.tips ● More info: http://au.linkedin.com/in/achmadmardiansyah 5
  • 6. www.glcnetworks.com Past experience 6 ● 2021 (Congo DRC, Malaysia): network support, radius/billing integration ● 2020 (Congo DRC, Malaysia): IOT integration, network automation ● 2019, Congo (DRC): build a wireless ISP from ground-up ● 2018, Malaysia: network revamp, develop billing solution and integration, setup dynamic routing ● 2017, Libya (north africa): remote wireless migration for a new Wireless ISP ● 2016, United Kingdom: workshop for wireless ISP, migrating a bridged to routed network
  • 7. www.glcnetworks.com About GLC webinar? ● First webinar: january 1, 2010 (title: tahun baru bersama solaris - new year with solaris OS) ● As a sharing event with various topics: linux, networking, wireless, database, programming, etc ● Regular schedule ● Irregular schedule: as needed ● Checking schedule: http://www.glcnetworks.com/schedule ● You are invited to be a presenter ○ No need to be an expert ○ This is a forum for sharing: knowledge, experiences, information 7
  • 8. www.glcnetworks.com Please introduce yourself ● Your name ● Your company/university? ● Your networking experience? ● Your mikrotik experience? ● Your expectation from this course? 8
  • 9. www.glcnetworks.com Prerequisite ● This presentation some prerequisite knowledge ● We assume you already understand: ○ Python programming ○ Machine learning 9
  • 11. www.glcnetworks.com 7 OSI layer & protocol 11 ● OSI layer Is a conceptual model from ISO (International Standard Organization) for project OSI (Open System Interconnection) ● When you send a message with a courier, you need to add more info to get your message arrived at the destination (This process is called encapsulation) ● What is protocol ○ Is a set of rules for communication ○ Available on each layer ● Communication consist of series encapsulation ○ SDU: service data unit (before PDU) ○ PDU: protocol data unit (after header is added)
  • 12. www.glcnetworks.com Layered model (TCP/IP vs ISO) and encapsulation 12 / datagram
  • 13. www.glcnetworks.com Layer 4 header (which one is TCP?) 13
  • 14. www.glcnetworks.com Layer 3 header (which one is IPv4?) 14
  • 17. www.glcnetworks.com Did you notice? ● There is a big overhead on encapsulation process ● More encapsulation means less payload? 17
  • 19. www.glcnetworks.com Typical network hardware ● End-devices ● Intermediary devices ● Media 19
  • 20. www.glcnetworks.com Typical connection (physical topology) 20 R2 R1 R3 ● Router connects layer 2 segments ● Router works on layer 3 ● Meaning, each layer 2 segment has network ID
  • 21. www.glcnetworks.com Typical connection (logical topology) Routing table: ● A table at router that is used to forward packet ● Available on every devices (router and host) ● Entry is executed sequentially 21 192.168.0.0/26 R1 192.168.0.1/26 192.168.0.3/26 192.168.0.2/26 R3 R2 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.3.3/24 192.168.3.9/24 192.168.2.9/24 192.168.2.2/24 192.168.1.1/24 192.168.1.9/24 destination gateway 192.168.0.0/26 direct 192.168.1.0/24 direct 192.168.2.0/24 192.168.0.2 192.168.3.0/24 192.168.0.3 192.168.16.3/32 192.168.0.2 0.0.0.0/0 (default gw) 192.168.0.3
  • 23. www.glcnetworks.com Ethernet specs ● Defined by IEEE 802.3 ● Media: ○ Coaxial cable ○ Twisted pair ○ Fiber optic ● Devices required: ○ Bridge / switch ○ HUB ● Everyone likes it!! ○ Affordable ○ Easy to install ○ Easy maintenance 23
  • 24. www.glcnetworks.com How ethernet works (CSMA/CD) ● Carrier Sense Multiple Access / Collision Detection (CSMA/CD) ○ Every host do not know when other send data ○ Before sending data, host check the shared medium ○ Every host only knows when collision happens ● You will have: ○ Collision domain ■ Area where collision happens ■ Can use any frame ○ Broadcast domain ■ Area when broadcast happens ■ Using broadcast frame ● CSMA/CD != CSMA/CA 24
  • 25. www.glcnetworks.com How ethernet works (ARP) ● ARP = Address resolution protocol ● A mapping between IPv4 and MAC address ● Requires broadcast frame ● Will be eliminated in IPv6 25 Source: ipcisco.com
  • 28. www.glcnetworks.com Ethernet issue: Collision domain ● Area where collision happens. See CSMA/CD ● Some ideas: ○ Using bridged/switched network ○ Now is very hard to find a HUB 28 Source: devto.com
  • 29. www.glcnetworks.com Ethernet issue: Broadcast domain ● An area where broadcast happens ● Try use 5-4-3-2-1 rules ● Broadcast can go wild (especially on infected hosts) ● Some ideas: ○ Using router to split segments ○ Port isolation on switch ○ Use storm control on switch 29
  • 30. www.glcnetworks.com Ethernet issue: Loop ● A condition when frame is forwarded in the media ● Will stop until one of cable is removed ● Some ideas: ○ Do not use traditional switch ○ activate STP between switch ○ Port isolation 30
  • 32. www.glcnetworks.com Without VLAN trunk link VLAN 10 VLAN 20 VLAN 10 VLAN 20 SITE A SITE B with VLAN
  • 33. www.glcnetworks.com VLAN terms ● VLAN: a feature on layer 2 device (switch) to do virtual segmentation on physical switch ● The segmentation can be extended to other switch using “trunk” link. Borrowed from telco terms “trunk” (a link to connects 2 telco exchanges) ● Port types: ○ Access port -> to connect to end-devices (non-tag frame only) ○ Trunk port -> to connect to other VLAN switch (tagged frame only) ○ Hybdrid port -> allow tagged and non-tagged frame access port trunk port trunk port VLAN 10 VLAN 20 VLAN 10 VLAN 20 SITE A SITE B trunk line
  • 34. www.glcnetworks.com What happened on trunk ports ● The layer-2-header of outgoing frame will be modified by adding VLAN tag on the header ● This tag will be recognised at the other end access port trunk port trunk port SITE A SITE B VLAN 10 VLAN 20 VLAN 10 VLAN 20
  • 35. www.glcnetworks.com R41 EXAMPLE VLAN TOPOLOGY 1 interface with 3 networks : - no TAG - TAG to NON-TAG - TAG to TAG PC61 E3 E2 E2 SW51 E2 PC71 E3 E4 br1 e2 e3 br2 vlan10-e2 e4 E2 PC81 E5 br3 vlan20-e2 vlan20-e5
  • 37. www.glcnetworks.com Mikrotik switch ● Start produce switches in late 2000s -> small switch 5 ports ● Introduce SWOS (switch OS) only on mikrotik hardware ● Produce large scale switches since 2014 ● switch features and configurations are based on chipset used (less comfy) ○ switch 1XX / 2XX family ○ switch 3XX family 37
  • 38. www.glcnetworks.com Mikrotik switches CRS (Cloud Router Switch) - use RouterOS - layer3 switch (can do routing) - many interfaces for access (winbox, web, ssh, telnet, ftp, api) CSS (Cloud Smart Switch) - use SWOS (switchOS) - only layer 2 functions - only web interface 38
  • 39. www.glcnetworks.com Mikrotik: router → bridge ● By default, mikrotik is a router ● But we can turn mikrotik to be a layer 2 device. implementation: ○ Bridge → processed by CPU ○ Switch → processed by hardware chip ● all physical mac will be replaced by a single bridge mac address ● Example configuration 39 Source: praktekit.com
  • 40. www.glcnetworks.com Switch features: VLAN ● Connections: ○ physical interface and logical interface (vlan interface) ○ A logical interface and other logical interface (vlan interfaces) ● Implementation ○ Put vlan interface on physical interface OR ○ Put vlan interface on bridge interface 40
  • 41. www.glcnetworks.com Switch features: VLAN filtering ● Better ways to allowing vlan into: ○ physical interface and logical interface (vlan interface) ○ A logical interface and other logical interface (vlan interfaces) ● Implementation ○ Bridge interface ○ Bridge vlan filtering 41
  • 42. www.glcnetworks.com Switch features: HW offloading ● HW offload can reduce CPU processing on bridge 42
  • 43. www.glcnetworks.com switch features: loop protect ● A frame SHOULD NOT return back to its original switch ● This can lead to ENDLESS switching loop ● Loop will stop until a cable is unplugged ● Mikrotik detects returned frame, and disable the port that receive the frame to stop looping ● Can be implemented on bridge/routed mode ● STP/RSTP is recommended than this 43 Source: netgear.com, www.networkacademy.io
  • 44. www.glcnetworks.com switch features: STP / RSTP ● R(STP): Rapid Spanning Tree Protocol ● A BPDU (Bridge Protocol Data Unit) frame is sent by switches to develop a spanning tree topology (without loop) ● Started from root → branches. No links between branches (this considered loop) ● Switch will disable ports that is involved in loop ● For compatibility, use priorities in steps of 4096 (0, 4096, 8192, 12288…) ● Will be discussed later in next webinar ● 44 Source: netgear.com, www.networkacademy.io
  • 45. www.glcnetworks.com switch features: mirror port ● In case you want to sniff on a switch port 45
  • 47. www.glcnetworks.com preparation ● SSH client ● SSH parameters ○ SSH address ○ SSH port ○ SSH username ○ SSH password 47
  • 49. www.glcnetworks.com Interested? Just come to our training... ● Topics are arranged in systematic and logical way ● You will learn from experienced teacher ● Not only learn the materials, but also sharing experiences, best-practices, and networking 49
  • 50. www.glcnetworks.com End of slides ● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Find our further event on our website : https://www.glcnetworks.com/en/ ● Like our facebook page: https://www.facebook.com/glcnetworks ● Slide: https://www.slideshare.net/glcnetworks/ ● Discord (bahasa indonesia): (https://discord.gg/6MZ3KUHHBX) ● Recording (youtube): https://www.youtube.com/c/GLCNetworks ● Stay tune with our schedule ● Any questions? 50