Archives for My Lazy and Forgetful Mind

MikroTik PPPoE Bandwidth Management with RADIUS

Contents1 Step 1: Configure PPPoE2 Step 2: RADIUS Configuration3 Step 3: Mangle Rules Setup4 Step 4: Queue Tree Configuration5 Summary Step 1: Configure PPPoE Basic PPPoE Setup: Set up your PPPoE server as you normally would. Ensure that you have configured the necessary interfaces and settings. Step 2: RADIUS Configuration Add RADIUS Attributes: In your […]

MikroTik Hotspot Bandwidth Management

Contents1 Hotspot Configuration2 Mangle Jump Rules3 Queue Tree Configuration3.1 Example Queue Tree Entry: Hotspot Configuration Basic Settings: Configure the hotspot settings as usual. RADIUS Configuration (if applicable): In the server profile, enable the "Use RADIUS" option. Create a user profile and specify values in incoming[up]/outgoing-mark[down], such as packet-mark-download. This will dynamically add a packet mark […]

how to log mysql query that has long time to execute

To log slow-running MySQL queries, you can enable the Slow Query Log feature in MySQL. This log will record all queries that take longer than a specified amount of time to execute. Here's how to set it up: Contents1 Step 1: Enable Slow Query Logging2 Explanation:3 Step 2: Restart MySQL Service4 Step 3: Verify the […]

How to pull new branch from github

To pull a new branch from GitHub, follow these steps using Git: Contents1 1. Fetch the new branch from the remote repository:2 2. List all branches (optional):3 3. Check out the new branch:4 4. Pull the latest changes from the new branch: 1. Fetch the new branch from the remote repository: Run the following command […]

Setting WDS Openwrt

Contents1 problems2 cara :3 Allow Luci accessed via [wan/bridged] MIKROTIK HOTSPOT problems saat ubah network interface lan, perubahan subnet kadang bikin harus reboot dulu baru kedetek cara : set firewall zone to lan set wireless > edit > interface or something, from wwan to lan Allow Luci accessed via [wan/bridged] MIKROTIK HOTSPOT i add bracket […]

Batch Rename Images Using Windows PowerShell

Contents1 .JPG to .jpg2 .png to .jpg .JPG to .jpg To rename all .JPG files to .jpg in a directory using PowerShell, follow these steps: Open PowerShell. Navigate to the folder containing the .JPG files using the cd command. Run the following command: Get-ChildItem -Filter *.JPG | Rename-Item -NewName { $_.Name.ToLower() } This command will […]

SQL Injection Cheat Sheet

good reading to test our apps https://www.invicti.com/blog/web-security/sql-injection-cheat-sheet/

Setting Fiberhome hg6145d2 Bridge

Contents1 Setting Up FiberHome HG6145D2 as a Bridge with IndiHome Firmware1.1 Default Credentials1.2 Setup Steps Setting Up FiberHome HG6145D2 as a Bridge with IndiHome Firmware The FiberHome HG6145D2 modem with IndiHome firmware does not have a manual bridge mode setting. However, it can still be used as a bridge by default. When tested, DHCP did […]

HTTP Basic Authentication to secure phpMyAdmin

HTTP Authentication is a method of securing web resources by requiring users to provide valid credentials before accessing them. It operates at the HTTP protocol level and can be implemented using several authentication schemes. One common method for HTTP Authentication is Basic Authentication, which prompts users to enter their username and password in a dialog […]

Configure Two ISP on Mikrotik using VLAN with Openwrt

Why ? I want to load balance on Openwrt Openclash OPENWRT on STB has only one RJ45 port Mikrotik has multiple port, so we can use vlan to route two ISP into Openwrt Contents1 Mikrotik Setting2 OpenWRT Setting2.1 DHCP Server2.2 VLAN DHCP CLient2.2.1 Add Virtual Device2.2.2 Add Virtual Interface3 More setting to be configured3.1 opewrt4 […]

Configure Two ISP on Mikrotik using VLAN with Openwrt

27 February 2024 / by akozan / 0 Comments

Last Modified on 18 October 2024

Why ?

I want to load balance on Openwrt Openclash

OPENWRT on STB has only one RJ45 port

Mikrotik has multiple port, so we can use vlan to route two ISP into Openwrt

Contents

1 Mikrotik Setting
2 OpenWRT Setting
- 2.1 DHCP Server
- 2.2 VLAN DHCP CLient
  - 2.2.1 Add Virtual Device
  - 2.2.2 Add Virtual Interface
3 More setting to be configured
- 3.1 opewrt
4 Common Problem

Mikrotik Setting

Based on my current configuration, I use Ether1 as WAN2 and Ether2 as WAN1

Make sure we already setting ip> addresses, route, and nat masquerade on Ether1[wan2] and Ether2[wan1]. In this case i create DHCP client for both of them
- ether2
  
  ip dhcp-client add-default-route=yes
- ether1
  
  ip dhcp-client add-default-route=no
- Make route failover to WAN2 because we set add-default-route=no to wan 2
  
  ip route dst-address=0.0.0.0/0 gateway=[ip router WAN2] Check-gateway=ping distance=2
Add vlan on interface, on some article ,vlan naming convention use ip third subnet as name, In this case, I use 192.168.[88].1 so vlan id is 88
```
/interface vlan
add name=vlan-88  interface=ether2  vlan-id=88
```
Create address using vlan interface created above

ip addresses :192.168.88.1/24 interface=vlan-88
Configure MIkrotik DHCP server for vlan

ip dhcp-server interface : vlan-88
Create route to WAN2 and add routing mark to be used wiht IP pool from VLAN
this step is to make openwrt can use internet from wan2
```
/ip route
add dst-address=0.0.0.0/0 gateway=ip-gateway-isp-2 distance=2 check-gateway=ping routing-mark=wan2 ;
```
make route rule to route VLAN address list to ISP2
/ip route rule
add action=lookup disabled=no src-address=192.168.88.0/24 dst-address=0.0.0.0/0 table=wan2 ; <- the outgoing via wan2 always.

OpenWRT Setting

DHCP Server

default dhcp server setting on lan or bridge interface should works, on this case I set bridge-lan interface using ip 10.5.51.1/24

VLAN DHCP CLient

CLI version source Openwrt DOCs

Add Virtual Device

notes below are using LUCI.

Network > interfaces > devices > add new
device type choose vlan (802.1q)
base device use eth0 (or any physical eth on device)
Vlan id 88 (as per this notes)
device name eth0.88 (or any of your choices)

Add Virtual Interface

Network > interfaces > interfaces > add new
Name VLAN88 (or any of your choices)
Protocol DHCP Static
Device : eth0.88

Save and restart openwrt device.

More setting to be configured

opewrt

to make client to be able to ping wan MIKROTIK we need to add route
linux

ip route add <destination_ip> via <gateway_ip> dev <interface_name>

busybox

route add -net <destination_network> netmask <netmask> gw <gateway_ip>

above is not persistent,

To make the route persistent (survive reboots) on OpenWRT, you can add the route configuration to the network configuration files. For example, for a static route, edit the /etc/config/network file:

config route
    option interface '<interface_name>'
    option target '<destination_ip>'
    option gateway '<gateway_ip>'
    option netmask '<netmask>'

Replace <interface_name>, <destination_ip>, <gateway_ip>, and <netmask> with your specific values. After editing the file, save and apply the changes:

/etc/init.d/network restart

This ensures that the route configuration persists across reboots.

Common Problem

cant ping if using unmanaged switch, this is because unmanaged switch usually only has 1500 MTU, and VLAN add 4 more byte to 1504 making random error.