From 91d6eac9c7ce4025185ce4a7c62e9a112ce4a114 Mon Sep 17 00:00:00 2001
From: Nico Schottelius <nico@nico-notebook.schottelius.org>
Date: Mon, 3 Aug 2020 20:51:29 +0200
Subject: [PATCH] add script to "standard" configure a mikrotik-crs326

---
 mikrotik-configure-crs326.sh | 103 +++++++++++++++++++++++++++++++++++
 1 file changed, 103 insertions(+)
 create mode 100755 mikrotik-configure-crs326.sh

diff --git a/mikrotik-configure-crs326.sh b/mikrotik-configure-crs326.sh
new file mode 100755
index 0000000..5f3b330
--- /dev/null
+++ b/mikrotik-configure-crs326.sh
@@ -0,0 +1,103 @@
+#!/bin/sh
+# Nico Schottelius, 2020-08-03
+# Setup a standard crs326
+
+
+
+if [ $# -ne 3 ]; then
+    echo "$0 <ip> <hostname-to-be-setup>"
+    echo "Example:"
+    echo "$0 fe80::764d:28ff:fe09:9355%eth1 mikrotik-crs326-8 $(pass place6-linthal/mikrotik)"
+    exit 1
+fi
+
+ip=$1; shift
+hostname=$1; shift
+password=$1; shift
+
+target=$ip
+bridge=bridgevlans
+
+internal=10
+coworking=15
+server=11
+other="8 16 18 33 34"
+
+tagged="ether23 ether24 sfp-sfpplus1"
+
+net_internal=2a0a:e5c0:2::/64
+
+conf() {
+    echo $@
+    ssh admin@${target} "$@"
+}
+
+commastring() {
+    echo $@ | sed 's/ /,/g'
+}
+
+set -x
+
+
+# do this out of band -- see mikrotik-setup.sh
+#conf "/password new-password=$password confirm-new-password=$password old-password=\"\""
+
+conf "/system identity set name=$hostname"
+conf "/interface bridge add name=$bridge"
+
+################################################################################
+# MTU
+
+for i in $(seq 1 24); do
+    conf "/interface ethernet set ether$i mtu=9200 l2mtu=9204"
+done
+
+
+for i in $(seq 1 2); do
+    conf "/interface ethernet set sfp-sfpplus$i mtu=9200 l2mtu=9204"
+done
+
+
+################################################################################
+# VLANs
+
+# Internal ports 1-16
+ifaces=""
+for i in $(seq 1 16); do
+    conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$internal"
+    ifaces="ether$i ${ifaces}"
+done
+
+# also tag the bridge for the vlan interface we need later
+conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged),$bridge untagged=$(commastring $ifaces) vlan-ids=$internal"
+
+# Coworking 17-18
+ifaces=""
+for i in $(seq 17 18); do
+    conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$coworking"
+    ifaces="ether$i ${ifaces}"
+done
+conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) untagged=$(commastring $ifaces) vlan-ids=$coworking"
+
+# Server 19-20
+ifaces=""
+for i in $(seq 19 20); do
+    conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$server"
+    ifaces="ether$i ${ifaces}"
+done
+conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) untagged=$(commastring $ifaces) vlan-ids=$server"
+
+# Not modified 21-22
+
+# Tagged 23-24, sfp-sfpplus1
+for iface in ; do
+    conf "/interface bridge port add bridge=$bridge interface=$iface hw=yes"
+done
+
+conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) lan-ids=$(commastring $other)"
+conf "/interface vlan add interface=$bridge vlan-id=$internal name=MGMT"
+conf "/ipv6 address add eui-64=yes advertise=no address=$net_internal interface=MGMT"
+conf "/interface bridge set $bridge vlan-filtering=yes"
+
+# Show neigh
+conf "/interface bridge host print where !local"