Vraag

maandag 17 januari 2022 13:33

Acties:
  • 0 Henk 'm!
  • martinschilder
  • Registratie: December 2014
  • Laatst online: 13-05 07:52

martinschilder

Topicstarter
Beste

Ik ben onlangs overgestapt naar een mikrotik router. Nu heb ik vele fora al gelezen maar ik heb wat heel vreemds.. Dat is dat wanneer ik 2 stb's tegelijk start de stb-nmc-400 code naar voren komt.
Ik kan niet ontdekken wat ik nou fout doen.
code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127

# jan/17/2022 13:28:03 by RouterOS 7.1.1
# software id = KEJT-1NW0
#
# model = RB5009UG+S+
# serial number = EC190F233065
/interface bridge
add arp=proxy-arp igmp-snooping=yes name=bridge-local
/interface ethernet
set [ find default-name=ether1 ] arp=proxy-arp l2mtu=1598 loop-protect=off
set [ find default-name=ether2 ] l2mtu=1598
/interface wireguard
add disabled=yes listen-port=13231 mtu=1420 name=wireguard1
add listen-port=13231 mtu=1420 name=wireguard2
/interface vlan
add interface=ether1 name=KPNIPTV vlan-id=4
add interface=bridge-local name=iptv_intern vlan-id=4
add interface=bridge-local name=vlan1 vlan-id=1
add interface=ether1 loop-protect=off name=vlan1.6 vlan-id=6
add interface=bridge-local name=vlan20 vlan-id=20
/interface pppoe-client
add add-default-route=yes allow=pap disabled=no interface=vlan1.6 keepalive-timeout=20 max-mru=1500 max-mtu=1500 name=KPN user=1234@provider
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-client option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
/ip dhcp-server option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
add code=28 name=option28-broadcast value="'172.22.0.127'"
add code=3 name=Alternate-gateway value="'172.22.0.1'"
add code=6 name=AlternateDNS value="'172.22.0.1'"
/ip dhcp-server option sets
add name=IPTV options=option60-vendorclass,Alternate-gateway,AlternateDNS,option28-broadcast
/ip pool
add name=thuisnetwerk ranges=192.168.1.2-192.168.1.254
add name=IOT ranges=172.16.2.2-172.16.2.254
add name=IPTV ranges=172.16.22.2-172.16.22.126
/ip dhcp-server
add address-pool=thuisnetwerk interface=bridge-local lease-time=1h30m name=dhcp-thuis
add address-pool=IOT interface=vlan20 name=IOT
add address-pool=IPTV interface=iptv_intern lease-time=2h10m name=dhcp1
/lora servers
add address=eu.mikrotik.thethings.industries down-port=1700 name=TTN-EU up-port=1700
add address=us.mikrotik.thethings.industries down-port=1700 name=TTN-US up-port=1700
add address=eu1.cloud.thethings.industries down-port=1700 name="TTS Cloud (eu1)" up-port=1700
add address=nam1.cloud.thethings.industries down-port=1700 name="TTS Cloud (nam1)" up-port=1700
add address=au1.cloud.thethings.industries down-port=1700 name="TTS Cloud (au1)" up-port=1700
add address=eu1.cloud.thethings.network down-port=1700 name="TTN V3 (eu1)" up-port=1700
add address=nam1.cloud.thethings.network down-port=1700 name="TTN V3 (nam1)" up-port=1700
add address=au1.cloud.thethings.network down-port=1700 name="TTN V3 (au1)" up-port=1700
/ppp profile
set *0 only-one=yes use-compression=yes use-ipv6=no use-upnp=no
add name=default-ipv6 only-one=yes use-compression=yes use-upnp=no
/zerotier
set zt1 comment="ZeroTier Central controller - https://my.zerotier.com/" disabled=yes disabled=yes name=zt1 port=9993
/interface bridge port
add bridge=bridge-local interface=ether2
add fast-leave=yes interface=ether3
add bridge=bridge-local interface=ether4
add bridge=bridge-local interface=ether5
add bridge=bridge-local interface=ether6
add bridge=bridge-local interface=ether7
add bridge=bridge-local interface=ether8
add interface=KPNIPTV
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface bridge vlan
add bridge=bridge-local comment=IOT vlan-ids=20
add bridge=bridge-local vlan-ids=1
add bridge=bridge-local comment=IPTV_STB vlan-ids=4
/interface detect-internet
set detect-interface-list=all
/ip address
add address=192.168.1.1/24 interface=bridge-local network=192.168.1.0
add address=172.16.2.1/24 interface=vlan20 network=172.16.2.0
add address=172.16.22.1/25 interface=iptv_intern network=172.16.22.0
add address=10.138.138.5/24 interface=wireguard1 network=10.138.138.0
add address=172.22.0.1/24 interface=wireguard2 network=172.22.0.0
/ip dhcp-client
add default-route-distance=210 dhcp-options=option60-vendorclass interface=KPNIPTV use-peer-ntp=no
/ip dhcp-server config
set store-leases-disk=15m
/ip dhcp-server lease
add address=192.168.1.216 mac-address=D8:9E:F3:74:18:A0 server=dhcp-thuis
/ip dhcp-server network
add address=172.16.2.0/24 dns-server=172.16.2.1 gateway=172.16.2.1
add address=172.16.22.0/25 gateway=172.16.22.1
add address=192.168.1.0/24 dns-server=192.168.1.1 domain=thuis.local gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes cache-max-ttl=1d servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=accept chain=input in-interface=KPN protocol=icmp
add action=accept chain=input connection-state=related
add action=accept chain=input connection-state=established
add action=accept chain=input dst-port=22 in-interface=KPN protocol=tcp
add action=accept chain=input dst-port=500,4500 in-interface=KPN protocol=udp
add action=accept chain=input in-interface=KPN protocol=ipsec-esp
add action=reject chain=input in-interface=KPN protocol=tcp reject-with=icmp-port-unreachable
add action=reject chain=input in-interface=KPN protocol=udp reject-with=icmp-port-unreachable
add action=accept chain=input comment="IPTV IGMP" dst-address=224.0.0.0/8 in-interface=KPNIPTV protocol=igmp

/ip firewall nat
add action=masquerade chain=srcnat comment="Nat om te internetten" out-interface=KPN src-address=192.168.1.0/24
add action=masquerade chain=srcnat comment="Nat om te internetten" disabled=yes out-interface=KPN src-address=172.22.0.0/24
add action=masquerade chain=srcnat comment="Nat om te internetten" out-interface=KPN src-address=172.16.22.0/25
add action=masquerade chain=srcnat comment="Nat om te internetten" out-interface=KPN src-address=172.16.2.0/24
add action=masquerade chain=srcnat dst-address=213.75.0.0/16 out-interface=KPNIPTV
add action=masquerade chain=srcnat dst-address=10.60.0.0/16 out-interface=KPNIPTV
add action=masquerade chain=srcnat dst-address=217.166.0.0/16 out-interface=KPNIPTV
add action=masquerade chain=srcnat out-interface=KPNIPTV
/ip upnp
set show-dummy-rule=no
/ip upnp interfaces
add interface=bridge-local type=internal
add interface=KPN type=external
/ipv6 dhcp-client
add add-default-route=yes interface=KPN pool-name=pool pool-prefix-length=48 rapid-commit=no request=prefix use-peer-dns=no
/routing igmp-proxy
set quick-leave=yes
/routing igmp-proxy interface
add alternative-subnets=0.0.0.0/0 interface=KPNIPTV upstream=yes
add alternative-subnets=0.0.0.0/0 interface=iptv_intern
/system clock
set time-zone-name=Europe/Amsterdam
/system routerboard settings
set cpu-frequency=auto
/tool sniffer
set filter-interface=KPNIPTV streaming-enabled=yes streaming-server=192.168.1.173


Verder heb ik ook igmp snooping aan staan

HELP

[ Voor 0% gewijzigd door martinschilder op 18-01-2022 09:59 . Reden: code netjes gezet ]

Beste antwoord (via martinschilder op 18-01-2022 09:53)

dinsdag 18 januari 2022 08:31

  • Thralas
  • Registratie: December 2002
  • Laatst online: 22:20

Thralas

Je hebt IGMP quick leave aanstaan. Dat kan deze problemen veroorzaken met méér dan 1 STBs.

Alle reacties

maandag 17 januari 2022 13:43

Acties:
  • 0 Henk 'm!
  • jeroen3
  • Registratie: Mei 2010
  • Laatst online: 22:43

jeroen3

Heb je de volgordes van de firewall goed staan?

code:
1
2
3
4
5
6
7
8
9
10

/ip firewall filter
add action=accept chain=input in-interface=KPN protocol=icmp
add action=accept chain=input connection-state=related
add action=accept chain=input connection-state=established
add action=accept chain=input dst-port=22 in-interface=KPN protocol=tcp
add action=accept chain=input dst-port=500,4500 in-interface=KPN protocol=udp
add action=accept chain=input in-interface=KPN protocol=ipsec-esp
add action=reject chain=input in-interface=KPN protocol=tcp reject-with=icmp-port-unreachable
add action=reject chain=input in-interface=KPN protocol=udp reject-with=icmp-port-unreachable
add action=accept chain=input comment="IPTV IGMP" dst-address=224.0.0.0/8 in-interface=KPNIPTV protocol=igmp

Hier zie ik een accept achter een reject staan.

Ik heb bridge ook in de igmp proxy staan, maar ik heb tv al een tijdje uit het pakket gehaald.
code:
1
2
3

/routing igmp-proxy interface
add alternative-subnets=0.0.0.0/0 interface=vlan1.4-iptv upstream=yes
add interface=bridge


edit: Volgorde geldt ook voor de masquerade, bij mij: (ze staan disabled, want tv eruit)
code:
1
2
3
4

/ip firewall nat
add action=masquerade chain=srcnat comment=IPTV disabled=yes dst-address=213.75.112.0/21 out-interface=vlan1.4-iptv
add action=masquerade chain=srcnat comment=IPTV disabled=yes dst-address=217.166.0.0/16 out-interface=vlan1.4-iptv
add action=masquerade chain=srcnat comment="MAIN NAT...


Ik heb het toen op basis van deze guide ingesteld:
https://netwerkje.com/routed-iptv

[ Voor 19% gewijzigd door jeroen3 op 17-01-2022 13:50 ]

maandag 17 januari 2022 13:56

Acties:
  • 0 Henk 'm!
  • martinschilder
  • Registratie: December 2014
  • Laatst online: 13-05 07:52

martinschilder

Topicstarter
Ik ga de boel van scratch opbouwen eens kijken of het dan wel lukt.

dinsdag 18 januari 2022 08:31

Acties:
  • Beste antwoord
  • 0 Henk 'm!
  • Thralas
  • Registratie: December 2002
  • Laatst online: 22:20

Thralas

Je hebt IGMP quick leave aanstaan. Dat kan deze problemen veroorzaken met méér dan 1 STBs.

dinsdag 18 januari 2022 09:58

Acties:
  • 0 Henk 'm!
  • martinschilder
  • Registratie: December 2014
  • Laatst online: 13-05 07:52

martinschilder

Topicstarter
Oke ik zal dat eens in de gaten houden echter denk ik ook omdat ik een vrij nieuw type router heb (RB5009) de settings iets anders zijn TOV van de andere modellen

Omdat mijn setup nog vrij "Basis" is en er geen prive informatie in staat hierbij de config:

code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94

# jan/18/2022 09:49:31 by RouterOS 7.1.1
# software id = KEJT-1NW0
#
# model = RB5009UG+S+
# serial number = EC190F233065
/interface bridge
add arp=proxy-arp igmp-snooping=yes multicast-querier=yes name=bridge-local
/interface ethernet
set [ find default-name=ether1 ] arp=proxy-arp l2mtu=1598 loop-protect=off
set [ find default-name=ether2 ] l2mtu=1598
/interface vlan
add interface=bridge-local name=DTV vlan-id=4
add interface=bridge-local name=IoT vlan-id=20
add interface=ether1 name=vlan1.4 vlan-id=4
add interface=ether1 loop-protect=off name=vlan1.6 vlan-id=6
/interface pppoe-client
add add-default-route=yes allow=pap disabled=no interface=vlan1.6 \
    keepalive-timeout=20 max-mru=1500 max-mtu=1500 name=pppoe-client user=\
    1234@provider
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-client option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
/ip dhcp-server option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
/ip pool
add name=dhcp_pool0 ranges=192.168.1.2-192.168.1.254
add name=dhcp_pool1 ranges=172.16.22.2-172.16.22.126
/ip dhcp-server
add address-pool=dhcp_pool0 interface=bridge-local lease-time=2h10m name=\
    dhcp1
add address-pool=dhcp_pool1 interface=DTV lease-time=1h10m name=dhcp2
/ppp profile
set *0 only-one=yes use-compression=yes use-ipv6=no use-upnp=no
add name=default-ipv6 only-one=yes use-compression=yes use-upnp=no
/zerotier
set zt1 comment="ZeroTier Central controller - https://my.zerotier.com/" \
    disabled=yes disabled=yes name=zt1 port=9993
/interface bridge port
add bridge=bridge-local interface=ether2
add bridge=bridge-local interface=ether3
add bridge=bridge-local interface=ether4
add bridge=bridge-local interface=ether5
add bridge=bridge-local interface=ether6
add bridge=bridge-local interface=ether7
add bridge=bridge-local interface=ether8
/interface bridge vlan
add bridge=bridge-local vlan-ids=20
add bridge=bridge-local vlan-ids=4
/ip address
add address=192.168.1.1/24 interface=bridge-local network=192.168.1.0
add address=172.16.22.1/25 interface=DTV network=172.16.22.0
/ip dhcp-client
add default-route-distance=210 dhcp-options=option60-vendorclass interface=\
    vlan1.4 use-peer-dns=no use-peer-ntp=no
/ip dhcp-server network
add address=172.16.22.0/25 gateway=172.16.22.1
add address=192.168.1.0/24 gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes cache-max-ttl=1d servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=accept chain=input in-interface=pppoe-client protocol=icmp
add action=accept chain=input connection-state=related
add action=accept chain=input connection-state=established
add action=reject chain=input in-interface=pppoe-client protocol=tcp \
    reject-with=icmp-port-unreachable
add action=reject chain=input in-interface=pppoe-client protocol=udp \
    reject-with=icmp-port-unreachable
/ip firewall nat
add action=masquerade chain=srcnat comment="Needed for IPTV" dst-address=\
    213.75.112.0/21 out-interface=vlan1.4
add action=masquerade chain=srcnat comment="Needed for IPTV" dst-address=\
    217.166.0.0/16 out-interface=vlan1.4
add action=masquerade chain=srcnat comment="Needed for internet" \
    out-interface=pppoe-client src-address=192.168.1.0/24
add action=masquerade chain=srcnat comment="Needed for internet" \
    out-interface=pppoe-client src-address=172.16.22.0/25
/ip upnp
set show-dummy-rule=no
/ip upnp interfaces
add interface=bridge-local type=internal
add interface=pppoe-client type=external
/routing igmp-proxy
set quick-leave=yes
/routing igmp-proxy interface
add alternative-subnets=0.0.0.0/0 interface=vlan1.4 upstream=yes
add interface=DTV
/system clock
set time-zone-name=Europe/Amsterdam
/system logging
add disabled=yes topics=igmp-proxy
add topics=firewall
/system routerboard settings
set cpu-frequency=auto


De truuk lijkt hem te zitten in

code:
1
2

/interface bridge
add arp=proxy-arp igmp-snooping=yes multicast-querier=yes name=bridge-local

woensdag 19 januari 2022 15:21

Acties:
  • 0 Henk 'm!
  • martinschilder
  • Registratie: December 2014
  • Laatst online: 13-05 07:52

martinschilder

Topicstarter
Helaas probleem nog steeds aanwezig. Zodra een 2e stb gaat zappen dan crasht de boel
Ik heb echt geen idee meer waar ik moet zoeken..

woensdag 19 januari 2022 18:24

Acties:
  • 0 Henk 'm!
  • Thralas
  • Registratie: December 2002
  • Laatst online: 22:20

Thralas

Thralas in "Mikrotik iptv multicast crash"

donderdag 20 januari 2022 10:34

Acties:
  • 0 Henk 'm!
  • martinschilder
  • Registratie: December 2014
  • Laatst online: 13-05 07:52

martinschilder

Topicstarter
Thralas schreef op woensdag 19 januari 2022 @ 18:24:
Thralas in "Mikrotik iptv multicast crash"
Dat staat uit. Gedrag blijft het zelfde

donderdag 20 januari 2022 21:55

Acties:
  • 0 Henk 'm!
  • Thralas
  • Registratie: December 2002
  • Laatst online: 22:20

Thralas

Dan was ik in de war, omdat je je config hebt gepost nádat ik die suggestie deed en daar nog steeds quick leave aanstaat - ongeveer het enige dat dit probleem kan veroorzaken.

Kun je de config die je had gepost nog eens actualiseren naar wat er nu staat?

Als je heel, heel zeker weet dat quick leave uitstaat: verwijder vlan 4 van je bridge-local, die hoort daar niet thuis, Daarna: je had al debugging aangezet voor de igmp proxy, zet dat weer eens aan en laat eens zien wat deze print vlak nadat je wegzapt op één STB (en het dus op de andere wegvalt)?

En op welke poorten zijn de STBs aangesloten?

zaterdag 22 januari 2022 08:04

Acties:
  • 0 Henk 'm!
  • martinschilder
  • Registratie: December 2014
  • Laatst online: 13-05 07:52

martinschilder

Topicstarter
Thralas schreef op donderdag 20 januari 2022 @ 21:55:
Dan was ik in de war, omdat je je config hebt gepost nádat ik die suggestie deed en daar nog steeds quick leave aanstaat - ongeveer het enige dat dit probleem kan veroorzaken.

Kun je de config die je had gepost nog eens actualiseren naar wat er nu staat?

Als je heel, heel zeker weet dat quick leave uitstaat: verwijder vlan 4 van je bridge-local, die hoort daar niet thuis, Daarna: je had al debugging aangezet voor de igmp proxy, zet dat weer eens aan en laat eens zien wat deze print vlak nadat je wegzapt op één STB (en het dus op de andere wegvalt)?

En op welke poorten zijn de STBs aangesloten?
Ik denk dat het probleem in versie7 zit.

ik heb een rb750 bijgekocht welke op versie 6.47.6 draait met de volgende code er in

code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

# jan/22/2022 07:45:56 by RouterOS 6.48.6
# software id = ZHBK-Z20S
#
# model = RB750Gr3
# serial number = CC210FD0471F
/interface bridge
add arp=proxy-arp igmp-snooping=yes name=bridge-local protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] arp=proxy-arp l2mtu=1598 loop-protect=off
set [ find default-name=ether2 ] l2mtu=1598
/interface vlan
add interface=ether1 name=vlan1.4 vlan-id=4
add interface=ether1 loop-protect=off name=vlan1.6 vlan-id=6
/interface pppoe-client
add add-default-route=yes allow=pap disabled=no interface=vlan1.6 \
    keepalive-timeout=20 max-mru=1500 max-mtu=1500 name=pppoe-client \
    password=1234 user=1234@provider
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-client option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
/ip dhcp-server option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
/ip dhcp-server option sets
add name=IPTV options=option60-vendorclass
/ip pool
add name=dhcp_pool0 ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge-local lease-time=\
    1h30m name=dhcp1
/ppp profile
set *0 only-one=yes use-compression=yes use-upnp=no
/routing bgp instance
set default disabled=yes
/tool user-manager customer
set admin access=\
    own-routers,own-users,own-profiles,own-limits,config-payment-gw
/interface bridge port
add bridge=bridge-local interface=ether2
add bridge=bridge-local interface=ether3
add bridge=bridge-local interface=ether4
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ip address
add address=192.168.1.1/24 interface=bridge-local network=192.168.1.0
/ip dhcp-client
add default-route-distance=210 dhcp-options=option60-vendorclass disabled=no \
    interface=vlan1.4 use-peer-dns=no use-peer-ntp=no
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes cache-max-ttl=1d servers=8.8.8.8,8.8.4.4
/ip firewall filter
# pppoe-client not ready
add action=accept chain=input in-interface=pppoe-client protocol=icmp
add action=accept chain=input connection-state=related
add action=accept chain=input connection-state=established
# pppoe-client not ready
add action=reject chain=input in-interface=pppoe-client protocol=tcp \
    reject-with=icmp-port-unreachable
# pppoe-client not ready
add action=reject chain=input in-interface=pppoe-client protocol=udp \
    reject-with=icmp-port-unreachable
/ip firewall nat
add action=masquerade chain=srcnat comment="Needed for IPTV" dst-address=\
    213.75.112.0/21 out-interface=vlan1.4
add action=masquerade chain=srcnat comment="Needed for IPTV" dst-address=\
    217.166.0.0/16 out-interface=vlan1.4
# pppoe-client not ready
add action=masquerade chain=srcnat comment="Needed for internet" \
    out-interface=pppoe-client src-address=192.168.1.0/24
/ip upnp
set show-dummy-rule=no
/ip upnp interfaces
add interface=bridge-local type=internal
add interface=pppoe-client type=external
/routing igmp-proxy interface
add alternative-subnets=0.0.0.0/0 interface=vlan1.4 upstream=yes
add interface=bridge-local
/system clock
set time-zone-name=Europe/Amsterdam
/system logging
add topics=igmp-proxy
/tool user-manager database
set db-path=flash/user-manager


Dan de rb5009

code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

# jan/22/2022 07:42:16 by RouterOS 7.1.1
# software id = KEJT-1NW0
#
# model = RB5009UG+S+
# serial number = EC190F233065
/interface bridge
add arp=proxy-arp igmp-snooping=yes name=bridge-local protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] arp=proxy-arp l2mtu=1598 loop-protect=off
set [ find default-name=ether2 ] l2mtu=1598
/interface vlan
add interface=ether1 name=vlan1.4 vlan-id=4
add interface=ether1 loop-protect=off name=vlan1.6 vlan-id=6
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-client option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
/ip dhcp-server option
add code=60 name=option60-vendorclass value="'IPTV_RG'"
/ip dhcp-server option sets
add name=IPTV options=option60-vendorclass
/ip pool
add name=dhcp_pool0 ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add address-pool=dhcp_pool0 interface=bridge-local lease-time=1h30m name=\
    dhcp1
/ppp profile
set *0 only-one=yes use-compression=yes use-ipv6=no use-upnp=no
add name=default-ipv6 only-one=yes use-compression=yes use-upnp=no
/interface pppoe-client
add add-default-route=yes allow=pap disabled=no interface=vlan1.6 \
    keepalive-timeout=20 max-mru=1500 max-mtu=1500 name=pppoe-client profile=\
    default-ipv6 user=1234@provider
/zerotier
set zt1 comment="ZeroTier Central controller - https://my.zerotier.com/" \
    disabled=yes disabled=yes name=zt1 port=9993
/interface bridge port
add bridge=bridge-local interface=ether2
add bridge=bridge-local interface=ether3
add bridge=bridge-local interface=ether4
add bridge=bridge-local interface=ether5
add bridge=bridge-local interface=ether6
add bridge=bridge-local interface=ether7
add bridge=bridge-local interface=ether8
/ip address
add address=192.168.1.1/24 interface=bridge-local network=192.168.1.0
/ip dhcp-client
add default-route-distance=210 dhcp-options=option60-vendorclass interface=\
    vlan1.4 use-peer-dns=no use-peer-ntp=no
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes cache-max-ttl=1d servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=accept chain=input in-interface=pppoe-client protocol=icmp
add action=accept chain=input connection-state=related
add action=accept chain=input connection-state=established
add action=reject chain=input in-interface=pppoe-client protocol=tcp \
    reject-with=icmp-port-unreachable
add action=reject chain=input in-interface=pppoe-client protocol=udp \
    reject-with=icmp-port-unreachable
/ip firewall nat
add action=masquerade chain=srcnat comment="Needed for IPTV" dst-address=\
    213.75.112.0/21 out-interface=vlan1.4
add action=masquerade chain=srcnat comment="Needed for IPTV" dst-address=\
    217.166.0.0/16 out-interface=vlan1.4
add action=masquerade chain=srcnat comment="Needed for internet" \
    out-interface=pppoe-client src-address=192.168.1.0/24
/ip upnp
set show-dummy-rule=no
/ip upnp interfaces
add interface=bridge-local type=internal
add interface=pppoe-client type=external
/routing igmp-proxy interface
add alternative-subnets=0.0.0.0/0 interface=vlan1.4 upstream=yes
add interface=bridge-local
/system clock
set time-zone-name=Europe/Amsterdam
/system routerboard settings
set cpu-frequency=auto


Zelfde basis setup maar meteen gezeik als ik hem aansluit....
Pagina: 1
Reageer

Apple iPhone 16e LG OLED evo G5 Google Pixel 10 Samsung Galaxy S25 Star Wars: Outlaws Nintendo Switch 2 Apple AirPods Pro (2e generatie) Sony PlayStation 5 Pro

Tweakers is onderdeel van DPG Media B.V.
Alle rechten voorbehouden - Auteursrecht © 1998 - 2025 Hosting door TrueFullstaq