eoip_manual.pdf

(38 KB) Pobierz
299040059 UNPDF
EoIP Tunnel Interface
Document revision 1.3 (Tue Mar 09 08:15:37 GMT 2004)
This document applies to MikroTik RouterOS V2.8
Table of Contents
Table of Contents
General Information
Summary
Quick Setup Guide
Specifications
Related Documents
Description
EoIP Setup
Property Description
Notes
Example
EoIP Application Example
Description
Example
Troubleshooting
Description
General Information
Summary
Ethernet over IP (EoIP) Tunneling is a MikroTik RouterOS protocol that creates an Ethernet tunnel
between two routers on top of an IP connection. The EoIP interface appears as an Ethernet
interface. When the bridging function of the router is enabled, all Ethernet traffic (all Ethernet
protocols) will be bridged just as if there where a physical Ethernet interface and cable between the
two routers (with bridging enabled). This protocol makes multiple network schemes possible.
Network setups with EoIP interfaces:
Possibility to bridge LANs over the Internet
Possibility to bridge LANs over encrypted tunnels
Possibility to bridge LANs over 802.11b 'ad-hoc' wireless networks
Quick Setup Guide
To make an EoIP tunnel between 2 routers which have IP addresses 10.5.8.1 and 10.1.0.1 :
1. On router with IP address 10.5.8.1 , add an EoIP interface and set its MAC address:
/interface eoip add remote-address=10.1.0.1 tunnel-id=1 mac-address=00-00-5E-80-00-01 \
\... disabled=no
Page 1 of 5
299040059.002.png 299040059.003.png
2. On router with IP address 10.1.0.1 , add an EoIP interface and set its MAC address::
/interface eoip add remote-address=10.5.8.1 tunnel-id=1 mac-address=00-00-5E-80-00-02 \
\... disabled=no
Now you can add IP addresses to the created EoIP interfaces from the same subnet.
Specifications
Packages required: system
License required: level1 (limited to 1 tunnel), level3
Home menu level: /interface eoip
Standards and Technologies: GRE (RFC1701)
Hardware usage: Not significant
Related Documents
Package Management
IP Addresses and ARP
Bridge Interfaces
PPTP Interface
Description
An EoIP interface should be configured on two routers that have the possibility for an IP level
connection. The EoIP tunnel may run over an IPIP tunnel, a PPTP 128bit encrypted tunnel, a
PPPoE connection, or any connection that transports IP.
Specific Properties:
Each EoIP tunnel interface can connect with one remote router which has a corresponding
interface configured with the same 'Tunnel ID'.
The EoIP interface appears as an Ethernet interface under the interface list.
This interface supports all features of an Ethernet interface. IP addresses and other tunnels may
be run over the interface.
The EoIP protocol encapsulates Ethernet frames in GRE (IP protocol number 47) packets (just
like PPTP) and sends them to the remote side of the EoIP tunnel.
Maximal count of EoIP tunnels is 65536.
EoIP Setup
Home menu level: /interface eoip
Property Description
name ( name ; default: eoip-tunnelN ) - interface name for reference
mtu ( integer ; default: 1500 ) - Maximum Transmission Unit. The default value provides maximal
compatibility
Page 2 of 5
299040059.004.png 299040059.005.png
arp ( disabled | enabled | proxy-arp | reply-only ; default: enabled ) - Address Resolution Protocol
tunnel-id ( integer ) - a unique tunnel identifier
remote-address - the IP address of the other side of the EoIP tunnel - must be a MikroTik router
mac-address ( MAC address ) - MAC address of the EoIP interface. You can freely use MAC
addresses that are in the range from 00-00-5E-80-00-00 to 00-00-5E-FF-FF-FF
Notes
tunnel-id is method of identifying tunnel. There should not be tunnels with the same tunnel-id on
the same router. tunnel-id on both participant routers must be equal.
mtu should be set to 1500 to eliminate packet refragmentation inside the tunnel (that allows
transparent bridging of Ethernet-like networks, so that it would be possible to transport full-sized
Ethernet frame over the tunnel).
For EoIP interfaces you can use MAC addresses that are in the range from 00-00-5E-80-00-00 to
00-00-5E-FF-FF-FF .
Example
To add and enable an EoIP tunnel named to_mt2 to the 10.5.8.1 router, specifying tunnel-id of 1 :
[admin@MikroTik] interface eoip> add name=to_mt2 remote-address=10.5.8.1 \
\... tunnel-id 1
[admin@MikroTik] interface eoip> print
Flags: X - disabled, R - running
0 X name="to_mt2" mtu=1500 arp=enabled remote-address=10.5.8.1 tunnel-id=1
[admin@MikroTik] interface eoip> enable 0
[admin@MikroTik] interface eoip> print
Flags: X - disabled, R - running
0 R name="to_mt2" mtu=1500 arp=enabled remote-address=10.5.8.1 tunnel-id=1
[admin@MikroTik] interface eoip>
EoIP Application Example
Description
Let us assume we want to bridge two networks: 'Office LAN' and 'Remote LAN'. The networks are
connected to an IP network through the routers [Our_GW] and [Remote]. The IP network can be a
private intranet or the Internet. Both routers can communicate with each other through the IP
network.
Example
Our goal is to create a secure channel between the routers and bridge both networks through it. The
network setup diagram is as follows:
Page 3 of 5
To make a secure Ethernet bridge between two routers you should:
1. Create a PPTP tunnel between them. Our_GW will be the pptp server:
[admin@Our_GW] interface pptp-server> /ppp secret add name=joe service=pptp \
\... password=top_s3 local-address=10.0.0.1 remote-address=10.0.0.2
[admin@Our_GW] interface pptp-server> add name=from_remote user=joe
[admin@Our_GW] interface pptp-server> server set enable=yes
[admin@Our_GW] interface pptp-server> print
Flags: X - disabled, D - dynamic, R - running
# NAME
USER
MTU CLIENT-ADDRESS UPTIME ENC...
0 from_remote joe
[admin@Our_GW] interface pptp-server>
The Remote router will be the pptp client:
[admin@Remote] interface pptp-client> add name=pptp user=joe \
\... connect-to=192.168.1.1 password=top_s3 mtu=1500 mru=1500
[admin@Remote] interface pptp-client> enable pptp
[admin@Remote] interface pptp-client> print
Flags: X - disabled, R - running
0 R name="pptp" mtu=1500 mru=1500 connect-to=192.168.1.1 user="joe"
password="top_s2" profile=default add-default-route=no
[admin@Remote] interface pptp-client> monitor pptp
status: "connected"
uptime: 39m46s
encoding: "none"
[admin@Remote] interface pptp-client>
See the PPTP Interface Manual for more details on setting up encrypted channels.
2. Configure the EoIP tunnel by adding the eoip tunnel interfaces at both routers. Use the ip
addresses of the pptp tunnel interfaces when specifying the argument values for the EoIP
Page 4 of 5
299040059.001.png
tunnel:
[admin@Our_GW] interface eoip> add name="eoip-remote" tunnel-id=0 \
\... remote-address=10.0.0.2
[admin@Our_GW] interface eoip> enable eoip-remote
[admin@Our_GW] interface eoip> print
Flags: X - disabled, R - running
0 name=eoip-remote mtu=1500 arp=enabled remote-address=10.0.0.2 tunnel-id=0
[admin@Our_GW] interface eoip>
[admin@Remote] interface eoip> add name="eoip" tunnel-id=0 \
\... remote-address=10.0.0.1
[admin@Remote] interface eoip> enable eoip-main
[admin@Remote] interface eoip> print
Flags: X - disabled, R - running
0 name=eoip mtu=1500 arp=enabled remote-address=10.0.0.1 tunnel-id=0
[Remote] interface eoip>
3. Enable bridging between the EoIP and Ethernet interfaces on both routers.
On the Our_GW:
[admin@Our_GW] interface bridge> add forward-protocols=ip,arp,other \
\... disabled=no
[admin@Our_GW] interface bridge> print
Flags: X - disabled, R - running
0 R name="bridge1" mtu=1500 arp=enabled mac-address=00:00:00:00:00:00
forward-protocols=ip,arp,other priority=1
[admin@Our_GW] interface bridge> port print
Flags: X - disabled
# INTERFACE
BRIDGE
0 eoip-remote
none
1 office-eth
none
2 isp
none
[admin@Our_GW] interface bridge> port set "0,1" bridge=bridge1
And the same for the Remote:
[admin@Remote] interface bridge> add forward-protocols=ip,arp,other \
\... disabled=no
[admin@Remote] interface bridge> print
Flags: X - disabled, R - running
0 R name="bridge1" mtu=1500 arp=enabled mac-address=00:00:00:00:00:00
forward-protocols=ip,arp,other priority=1
[admin@Remote] interface bridge> port print
Flags: X - disabled
# INTERFACE
BRIDGE
0 ether
none
1 adsl
none
2 eoip-main
none
[admin@Remote] interface bridge> port set "0,2" bridge=bridge1
4. Addresses from the same network can be used both in the Office LAN and in the Remote
LAN.
Troubleshooting
Description
The routers can ping each other but EoIP tunnel does not seem to work!
Check the MAC addresses of the EoIP interfaces - they should not be the same!
Page 5 of 5

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin