Creating a “travel” router

November 19th, 2009 Mikrotik

When I travel, and it seems like that happens WAY to much, I like to carry a MikroTik Router with me.  I use this router to simplify many of the problems I encounter with various “free” wifi spots in hotels.  In this article, I will describe how my “travel” router is configured.

Read the rest of this entry »

Mikrotik’s True Full Duplex Wireless – NStreme Dual

April 19th, 2009 Mikrotik

There are numerous full duplex options available on the market today when you go looking for wireless devices.  Most of these devices will cost in the multiple thousands of dollars.  With NStreme Dual, Mikrotik’s proprietary FDX protocol, you can build a true full duplex link for under $1000.  This article is a tutorial walkthrough on configuring an NStreme Dual link, along with some helpful hints on how to tweak it.

Read the rest of this entry »

Spam trojan detection with Mikrotik RouterOS

December 14th, 2008 Mikrotik

One major issue facing ISPs today is the difficulty in obtaining sufficient IP space for every customer.  For many, it’s a matter of cost and for some it is simply a choice to NAT their customers behind their router/firewall.  For the most part, NAT behaves much better today than in days gone by, but there is one issue that is very problematic for those that choose to NAT their customers.  There is a significant proliferation of a new generation of trojans that turns  a user’s computer into a menace to the Internet community.  This new generation of trojans (collectively known as “botnets”) can cause problems for not only the owner, but for other customers of the ISP that chooses to NAT.  Since a significant number of these botnets are used to send spam all over the internet, we, as service providers, have to find a way to protect our networks from being blacklisted, while still allowing our customers to utilize the internet in a way that does not set too many boundries.  In this article, I will discuss two approaches to setting these limits which have shown to be both effective AND relatively mantenance free.

Read the rest of this entry »

Using the layer 7 filters – instant messaging example

December 14th, 2008 Mikrotik

In this article, I will describe one functional use for the layer-7  filters that MikroTik offers.  This feature can be very useful if used with caution.  The main problem with L7 filters is that they require much more processor time than many of the firewall functions.  I am not saying this just to “scare” you away from using them, but you need to be aware of this issue.  The scripts in this article have been tested and DO work as written.  They are in no way complete, but they are certainly functional as posted.

Read the rest of this entry »

Using OSPF to create full duplex behaviour for wireless links

October 23rd, 2008 Mikrotik

One reality that all WISPs face is that all radio communications are half-duplex.  When one end of a link is “speaking”, the other end must be “listening”.  For many applications, this is sufficient for our purpose.  When a link becomes busy, however, some types of communications are negatively impacted by the delays caused by this behaviour.  Mikrotik RouterOS offers some options to help you alleviate this congestion without breaking the bank. In this article, I will discuss the details for how to configure Mikrotik RouterOS and OSPF to provide a simulated full-duplex link with the added benefit of failover to half-duplex in the event of a single link failure.

This idea is taken from an article I wrote on my main website back in November of 2006.

Read the rest of this entry »

Training classes scheduled ONLINE

October 17th, 2008 Basic Routing, Mikrotik, Training

I recently announced 2 new training courses that I will be offering online.  Details can be found at the registration pages linked below.  You can view ALL currently available courses HERE

The first course is a WISP Basics course.  This course is a discussion of IP basics and an RF Primer.  The IP Basics portion is a detailed look at network fundamentals.  This course is perfect for those that are new to the WISP business or anyone who wishes to learn more about how data flows over an IP network, including wired and wireless networks.  There is a lot of detail in this course and it is possible that it will extend to about 2.5 days.  Registration for this course is HERE

The second course is our Mikrotik Standard training course adapted for use online.  The online course is not exactly the same as our live training, however, it is similar in many ways.  The content of the course is mostly the same, however, the labs are rewritten to accomodate an online environment.  This is a 4 day training and is a detailed look at most of the features in RouterOS.  Registration and more information is HERE.

Because the training is online, there is no need to make travel arrangements.  Online training offers you the ability to have multiple employees trained for the price of one.  Online training offers you the ability to learn from the comfort of your own office space.  The training we are offering is of the highest quality and should not be confused with other training offers currently in the marketplace.  We offer:
* The most mature (over 4 years in development) training material
* An expert in networking as trainer (not just Mikrotik)
* An experienced trainer (I’ve been teaching in one form or another since 1998)
* An experienced ISP with the expertise to adapt materials to the WISP network

You don’t have to spend HUNDREDS of dollars more in order to get quality training.  You don’t have to spend MONTHS learning this material.  If you’ve ever considered attending a live training, but have been waiting for one to be “near you”, then this is your chance to see what it’s all about.  Registration information is available for both courses HERE.  Seating is limited and the special discounts won’t last long, so don’t hesitate.

What opportunities does Mobile IP offer WISPs?

September 23rd, 2008 Mikrotik

In my recent article regarding the implementation of a MIP solution with Mikrotik RouterOS clients, I described some of the issues surrounding the a MIP solution as well as some of the solutions.  This article generated quite a bit of response and I wanted to take the time to now offer some business ideas for how this can be useful to WISPs.

Read the rest of this entry »

Mobile IP? Some thoughts on how to make it happen with Mikrotik RouterOS.

September 18th, 2008 Mikrotik

It seems to be “all the rage”.  Mobile IP.  In reality, mobile IP, describes the ability for a user to move across a network without having to renumber his devices.  This definition holds true even if a user moves from one network to another.  In other words, a user is able to keep his IP address without regard to where his device exists on the internet.  That’s not exactly what I’m gonna describe here, but it is a very close approximation.

The solution you are about to read is real and tested….names (and IPs) may be changed to protect the innocent…

Read the rest of this entry »

Mikrotik RouterOS transparent bridge using PPtP and EoIP

September 14th, 2008 Mikrotik

In this article, I want to describe how to tunnel EoIP over a PPtP connection.  EoIP is a Mikrotik specific method of bridging ethernet traffic over a routed network.  The problem with using EoIP as a “VPN”, is that it is not encrypted.  The network we will build in this article will tunnel the EoIP traffic over an encrypted PPtP tunnel.  There are other methods available in later versions of Mikrotik RouterOS to accomplish this functionality (OpenVPN, for one example) and I will be adding articles on some of these at a later time.  the method described in this article will work in any version of Mikrotik RouterOS.  It has been tested under 2.8.28, 2.9.51 and 3.13.

Read the rest of this entry »