vyos mikrotik openwrt vlan config

vyos@vyos:~$ show configuration all
firewall {
    all-ping enable
    broadcast-ping disable
    config-trap disable
    ipv6-receive-redirects disable
    ipv6-src-route disable
    ip-src-route disable
    log-martians enable
    name wan-in {
        default-action drop
        rule 10 {
            action accept
            state {
                established enable
                related enable
            }
        }
    }
    name wan-lo {
        default-action drop
        rule 10 {
            action accept
            state {
                established enable
                related enable
            }
        }
        rule 20 {
            action accept
            icmp {
                type-name echo-request
            }
            protocol icmp
            state {
                new enable
            }
        }
        rule 30 {
            action drop
            destination {
                port 22
            }
            protocol tcp
            recent {
                count 4
                time 60
            }
            state {
                new enable
            }
        }
        rule 31 {
            action accept
            destination {
                port 22
            }
            protocol tcp
            state {
                new enable
            }
        }
    }
    receive-redirects disable
    send-redirects enable
    source-validation disable
    syn-cookies enable
    twa-hazards-protection disable
}
interfaces {
    bridge br100 {
        address 10.225.0.33/29
        description lan-network
        enable-vlan
        member {
            interface eth1 {
                allowed-vlan 1
                native-vlan 1
            }
            interface eth2 {
                allowed-vlan 832
                native-vlan 832
            }
            interface eth3 {
                allowed-vlan 832
                allowed-vlan 1
                native-vlan 1
            }
            interface eth4 {
                allowed-vlan 832
                allowed-vlan 1
                native-vlan 1
            }
        }
        stp
        vif 832 {
            address 100.72.0.33/29
        }
    }
    ethernet eth0 {
        address dhcp
        description wan-dhcp
        hw-id 50:00:00:01:00:00
    }
    ethernet eth1 {
        hw-id 50:00:00:01:00:01
    }
    ethernet eth2 {
        hw-id 50:00:00:01:00:02
    }
    ethernet eth3 {
        hw-id 50:00:00:01:00:03
    }
    ethernet eth4 {
        hw-id 50:00:00:01:00:04
    }
    loopback lo {
        address 2.2.2.2/32
    }
}
nat {
    destination {
        rule 101 {
            destination {
                port 9082
            }
            inbound-interface eth0
            protocol tcp
            translation {
                address 10.225.0.34
                port 22
            }
        }
        rule 102 {
            destination {
                port 9083
            }
            inbound-interface eth0
            protocol tcp
            translation {
                address 10.225.0.34
                port 80
            }
        }
    }
    source {
        rule 101 {
            outbound-interface eth0
            source {
                address 100.72.0.32/29
            }
            translation {
                address masquerade
            }
        }
    }
}
service {
    dhcp-server {
        shared-network-name vid1-network {
            subnet 10.225.0.32/29 {
                default-router 10.225.0.33
                domain-name vid1-network
                lease 120
                name-server 10.225.0.33
                range pool {
                    start 10.225.0.36
                    stop 10.225.0.38
                }
                static-mapping ros-vid1 {
                    ip-address 10.225.0.34
                    mac-address 50:00:00:02:00:00
                }
            }
        }
        shared-network-name vid832-network {
            subnet 100.72.0.32/29 {
                default-router 100.72.0.33
                domain-name vid832-network
                lease 120
                name-server 100.72.0.33
                range pool {
                    start 100.72.0.36
                    stop 100.72.0.38
                }
                static-mapping ros-vid832 {
                    ip-address 100.72.0.34
                    mac-address 50:00:00:02:00:01
                }
            }
        }
    }
    dns {
        forwarding {
            allow-from 100.72.0.32/29
            cache-size 0
            listen-address 100.72.0.33
            system
        }
    }
    ssh {
        port 22
    }
}
system {
    config-management {
        commit-revisions 100
    }
    conntrack {
        modules {
            ftp
            h323
            nfs
            pptp
            sip
            sqlnet
            tftp
        }
    }
    console {
        device ttyS0 {
            speed 115200
        }
    }
    host-name vyos
    login {
        user vyos {
            authentication {
                encrypted-password ****************
                plaintext-password ****************
            }
        }
    }
    name-server 223.5.5.5
    name-server 4.2.2.1
    ntp {
        server time1.vyos.net {
        }
        server time2.vyos.net {
        }
        server time3.vyos.net {
        }
    }
    option {
        ctrl-alt-delete ignore
        reboot-on-panic
    }
    syslog {
        global {
            facility all {
                level info
            }
            facility protocols {
                level debug
            }
        }
        user all {
            facility all {
                level emerg
            }
        }
    }
    time-zone Asia/Shanghai
}
vyos@vyos:~$

[admin@MikroTik] > /export 
# feb/23/2024 02:20:32 by RouterOS 7.2.3
# software id = 
#
/interface bridge
add name=br1 vlan-filtering=yes
/interface vlan
add interface=br1 name=br1-vif832 vlan-id=832
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/port
set 0 name=serial0
/interface bridge port
add bridge=br1 interface=ether1
add bridge=br1 interface=ether2
add bridge=br1 interface=ether3 pvid=832
add bridge=br1 interface=ether4 pvid=832
add bridge=br1 interface=ether5
/interface bridge vlan
add bridge=br1 tagged=ether5 untagged=ether1,ether2 vlan-ids=1
add bridge=br1 tagged=ether5 untagged=ether3,ether4 vlan-ids=832
/ip address
add address=100.72.0.34/29 interface=br1-vif832 network=100.72.0.32
/ip dhcp-client
add interface=br1
[admin@MikroTik] >

=============== End

标签：00,name,100.72,vlan,interface,address,mikrotik,config
From： https://www.cnblogs.com/lsgxeva/p/18028915

<kubernetes_sd_config>
-source_labels:[__meta_kubernetes_service_annotation_prometheus_io_path]action:replacetarget_label:__metrics_path__regex:(.+) 您提供的配置片段是一个Prometheus的relabeling规则。Prometheus使用relabeling来动态地修改......
k8s-configmap
1.1什么是ConfigMap和Secret ConfigMap和Secret是Kubernetes系统上两种特殊类型的存储卷，ConfigMap对象用于为容器中的应用提供配置文件等信息。但是比较敏感的数据，例如密钥、证书等由Secret对象来进行配置。它们将相应的配置信息保存于对象中，而后在Pod资源上以存储卷的形式挂载......
运行Xmind出现invalid configuration location报错的解决办法
问题说明安装了XMind后，直接点击*.xmind文件，提示报错“invalidconfigurationlocation”。错误提示内容为：Theconfigurationareaat‘C:\Windows\systems.\configuration’isnotwritable.Pleasechooseawritablelocationusingthe‘-configuration’commandlineo......
可视化视频监控平台EasyCVR如何配置服务参数以免getbaseconfig接口信息泄露？
可视化云监控平台/安防视频监控系统EasyCVR视频综合管理平台，采用了开放式的网络结构，平台支持高清视频的接入和传输、分发，可以提供实时远程视频监控、视频录像、录像回放与存储、告警、语音对讲、云台控制、平台级联、磁盘阵列存储、视频集中存储、云存储等丰富的视频能力，同时还具......
xbl xbl_config last_parti QFIL
CN:/#fdisk-l/dev/block/sdbNote:sectorsizeis4096(not512)FoundvalidGPTwithprotectiveMBR;usingGPTDisk/dev/block/sdb:8192sectors,32.0MLogicalsectorsize:4096Diskidentifier(GUID):6231a3fe-971e-e980-9a6a-ed770c389cacPartitiontableho......
【阅读笔记】边缘损耗率评价指标《A New Hardware-Efficient Algorithm and Reconfigu
论文《ANewHardware-EfficientAlgorithmandReconfigurableArchitectureforImageContrastEnhancement》提到对对比度增强的图像进行客观评价，引用论文《ImageEnhancementforBacklight-ScaledTFT-LCDDisplays》中的边缘损耗率指标（Theedgelossrate）。原文：Contrast......
Secret，configmap的定义及使用，探针
目录Secret，configmap的定义及使用secretsecret的定义secret的使用configmap探针Secret，configmap的定义及使用其实这两者是差不多的，只要搞懂了secret，那么configmap也是很好理解的。这两个是干什么的呢？有什么作用呢？我们在创建有些容器的时候，比如mysql，你在创建的时候他就要求你给......
VLANIF
VLANIF接口是指在虚拟局域网（VirtualLAN，VLAN）中创建的虚拟接口，用于实现VLAN的逻辑隔离和通信。它是在三层交换机或路由器上创建的，用于连接不同VLAN之间的通信。VLANIF接口的主要特点和用途如下：逻辑隔离：VLANIF接口可以将不同的VLAN划分到不同的逻辑接口上，实现彼此之间的逻辑隔离......
使用AgileConfig统一管理多项目配置
使用AgileConfig统一管理多项目配置背景一个设备的数字化管理软件系统，需要涵盖来料检验，部件装配，自动检验，装机激活，日常运营，维修保养，退役更换等生命周期流程，应用于生产车间，装机现场，客服运营等应用场景，业务复杂，角色众多，涉及的时间和空间范围都比较大，需要开发一系列的软件去解决......
SecurityConfiguration
packagecom.oep.backend.config;importcom.oep.backend.config.filter.JwtAuthenticationTokenFilter;importorg.springframework.beans.factory.annotation.Autowired;importorg.springframework.context.annotation.Bean;importorg.springframework.context.annot......

vyos mikrotik openwrt vlan config

vyos mikrotik openwrt vlan config

相关文章

赞助商

阅读排行