secq.ru — tiklan

— —

— bridge name / — broadcast domain — router count — VPN protocol — tunnel id seed — address pool — reserved pool — password seed — new router	# HELP: * Tiklan is available on github * This app makes broadcast domains between Mikrotik routers * Minimum requirements: 2 routers + 1 public ip address * You can use a default configuration from scratch * Just correct public ip addresses * In the end you get "TikLAN" bridge * Test it, add ports, enjoy! * Contact — deem@deem.ru

— router name — public address — router path cost / — local range — LAN address — VPN address — DHCP pool	# Bridge (Tik-01) interface bridge add name="TikLAN" comment="TikLAN" protocol-mode=none mtu=1500 ip address add address=172.17.1.1/20 interface="TikLAN" ip route add dst-address=172.17.0.0/24 type=unreachable # OSPF Routes (Tik-01) routing ospf instance add name="TikLAN" router-id=172.17.0.1 routing ospf area add name="TikLAN" instance="TikLAN" area-id=172.17.0.0 routing ospf network add network=172.17.0.0/24 area="TikLAN" # DHCP (Tik-01) ip pool add ranges=172.17.1.10-172.17.1.254 name="TikLAN (Tik-01) Pool" ip dhcp-server network add address=172.17.0.0/20 gateway=172.17.1.1 dns-server=172.17.1.1 ip dhcp-server add name="TikLAN (Tik-01) DHCP" interface="TikLAN" address-pool="TikLAN (Tik-01) Pool" ip dhcp-server enable "TikLAN (Tik-01) DHCP" # Bridge Filters (Tik-01) interface list add name="TikLAN-Remotes" interface bridge nat add chain=srcnat out-interface-list="TikLAN-Remotes" mac-protocol=ip dst-address=224.0.0.0/4 action=drop interface bridge nat add chain=srcnat out-interface-list="TikLAN-Remotes" mac-protocol=ipv6 action=drop interface bridge nat add chain=srcnat out-interface-list="TikLAN-Remotes" mac-protocol=ip ip-protocol=udp src-port=67-68 action=drop # PPP Server (Tik-01) interface l2tp-server server set enabled=yes keepalive-timeout=7 ppp secret add name="TikLAN-Tik-02" password="e63223ef_54c1d45b" profile=default-encryption local-address=172.17.0.1 remote-address=172.17.0.2 ppp secret add name="TikLAN-Tik-03" password="e63223ef_076ff311" profile=default-encryption local-address=172.17.0.1 remote-address=172.17.0.3 interface l2tp-server add name="TikLAN-L2TP-Server-Tik-02" user="TikLAN-Tik-02" interface l2tp-server add name="TikLAN-L2TP-Server-Tik-03" user="TikLAN-Tik-03" # OSPF Costs (Tik-01) routing ospf interface add interface="TikLAN-L2TP-Server-Tik-02" network-type=point-to-point cost=10 routing ospf interface add interface="TikLAN-L2TP-Server-Tik-03" network-type=point-to-point cost=10 # EoIP (Tik-01) interface eoip add name="TikLAN-EoIP-Tik-02" !keepalive remote-address=172.17.0.2 tunnel-id=51617 interface eoip add name="TikLAN-EoIP-Tik-03" !keepalive remote-address=172.17.0.3 tunnel-id=51618 # EoIP to Bridge (Tik-01) interface bridge port add bridge="TikLAN" interface="TikLAN-EoIP-Tik-02" horizon=24 interface bridge port add bridge="TikLAN" interface="TikLAN-EoIP-Tik-03" horizon=24 # EoIP Filters (Tik-01) interface list member add interface="TikLAN-EoIP-Tik-02" list="TikLAN-Remotes" interface list member add interface="TikLAN-EoIP-Tik-03" list="TikLAN-Remotes"

— router name — public address — router path cost / — local range — LAN address — VPN address — DHCP pool	# Bridge (Tik-02) interface bridge add name="TikLAN" comment="TikLAN" protocol-mode=none mtu=1500 ip address add address=172.17.2.1/20 interface="TikLAN" ip route add dst-address=172.17.0.0/24 type=unreachable # OSPF Routes (Tik-02) routing ospf instance add name="TikLAN" router-id=172.17.0.2 routing ospf area add name="TikLAN" instance="TikLAN" area-id=172.17.0.0 routing ospf network add network=172.17.0.0/24 area="TikLAN" # DHCP (Tik-02) ip pool add ranges=172.17.2.10-172.17.2.254 name="TikLAN (Tik-02) Pool" ip dhcp-server network add address=172.17.0.0/20 gateway=172.17.2.1 dns-server=172.17.2.1 ip dhcp-server add name="TikLAN (Tik-02) DHCP" interface="TikLAN" address-pool="TikLAN (Tik-02) Pool" ip dhcp-server enable "TikLAN (Tik-02) DHCP" # Bridge Filters (Tik-02) interface list add name="TikLAN-Remotes" interface bridge nat add chain=srcnat out-interface-list="TikLAN-Remotes" mac-protocol=ip dst-address=224.0.0.0/4 action=drop interface bridge nat add chain=srcnat out-interface-list="TikLAN-Remotes" mac-protocol=ipv6 action=drop interface bridge nat add chain=srcnat out-interface-list="TikLAN-Remotes" mac-protocol=ip ip-protocol=udp src-port=67-68 action=drop # PPP Client (Tik-02) interface l2tp-client add connect-to="Tik-01.sn.mynetname.net" name="TikLAN-L2TP-Client-Tik-01" user="TikLAN-Tik-02" password="e63223ef_54c1d45b" profile=default-encryption keepalive-timeout=7 disabled=no # OSPF Costs (Tik-02) routing ospf interface add interface="TikLAN-L2TP-Client-Tik-01" network-type=point-to-point cost=10 # EoIP (Tik-02) interface eoip add name="TikLAN-EoIP-Tik-01" !keepalive remote-address=172.17.0.1 tunnel-id=51617 interface eoip add name="TikLAN-EoIP-Tik-03" !keepalive remote-address=172.17.0.3 tunnel-id=51680 # EoIP to Bridge (Tik-02) interface bridge port add bridge="TikLAN" interface="TikLAN-EoIP-Tik-01" horizon=24 interface bridge port add bridge="TikLAN" interface="TikLAN-EoIP-Tik-03" horizon=24 # EoIP Filters (Tik-02) interface list member add interface="TikLAN-EoIP-Tik-01" list="TikLAN-Remotes" interface list member add interface="TikLAN-EoIP-Tik-03" list="TikLAN-Remotes"

— router name — public address — router path cost / — local range — LAN address — VPN address — DHCP pool	# Bridge (Tik-03) interface bridge add name="TikLAN" comment="TikLAN" protocol-mode=none mtu=1500 ip address add address=172.17.3.1/20 interface="TikLAN" ip route add dst-address=172.17.0.0/24 type=unreachable # OSPF Routes (Tik-03) routing ospf instance add name="TikLAN" router-id=172.17.0.3 routing ospf area add name="TikLAN" instance="TikLAN" area-id=172.17.0.0 routing ospf network add network=172.17.0.0/24 area="TikLAN" # DHCP (Tik-03) ip pool add ranges=172.17.3.10-172.17.3.254 name="TikLAN (Tik-03) Pool" ip dhcp-server network add address=172.17.0.0/20 gateway=172.17.3.1 dns-server=172.17.3.1 ip dhcp-server add name="TikLAN (Tik-03) DHCP" interface="TikLAN" address-pool="TikLAN (Tik-03) Pool" ip dhcp-server enable "TikLAN (Tik-03) DHCP" # Bridge Filters (Tik-03) interface list add name="TikLAN-Remotes" interface bridge nat add chain=srcnat out-interface-list="TikLAN-Remotes" mac-protocol=ip dst-address=224.0.0.0/4 action=drop interface bridge nat add chain=srcnat out-interface-list="TikLAN-Remotes" mac-protocol=ipv6 action=drop interface bridge nat add chain=srcnat out-interface-list="TikLAN-Remotes" mac-protocol=ip ip-protocol=udp src-port=67-68 action=drop # PPP Client (Tik-03) interface l2tp-client add connect-to="Tik-01.sn.mynetname.net" name="TikLAN-L2TP-Client-Tik-01" user="TikLAN-Tik-03" password="e63223ef_076ff311" profile=default-encryption keepalive-timeout=7 disabled=no # OSPF Costs (Tik-03) routing ospf interface add interface="TikLAN-L2TP-Client-Tik-01" network-type=point-to-point cost=10 # EoIP (Tik-03) interface eoip add name="TikLAN-EoIP-Tik-01" !keepalive remote-address=172.17.0.1 tunnel-id=51618 interface eoip add name="TikLAN-EoIP-Tik-02" !keepalive remote-address=172.17.0.2 tunnel-id=51680 # EoIP to Bridge (Tik-03) interface bridge port add bridge="TikLAN" interface="TikLAN-EoIP-Tik-01" horizon=24 interface bridge port add bridge="TikLAN" interface="TikLAN-EoIP-Tik-02" horizon=24 # EoIP Filters (Tik-03) interface list member add interface="TikLAN-EoIP-Tik-01" list="TikLAN-Remotes" interface list member add interface="TikLAN-EoIP-Tik-02" list="TikLAN-Remotes"

github/deemru/secqru