#!/bin/sh # Nico Schottelius, 2020-08-03 # Setup a standard crs326 if [ $# -ne 3 ]; then echo "$0 " echo "Example:" echo "$0 fe80::764d:28ff:fe09:9355%eth1 mikrotik-crs326-8 $(pass place6-linthal/mikrotik)" exit 1 fi ip=$1; shift hostname=$1; shift password=$1; shift target=$ip bridge=bridgevlans internal=10 coworking=15 server=11 other="8 16 18 33 34" tagged="ether23 ether24 sfp-sfpplus1" net_internal=2a0a:e5c0:2::/64 conf() { echo $@ ssh admin@${target} "$@" } commastring() { echo $@ | sed 's/ /,/g' } set -x # do this out of band -- see mikrotik-setup.sh #conf "/password new-password=$password confirm-new-password=$password old-password=\"\"" conf "/system identity set name=$hostname" conf "/interface bridge add name=$bridge" ################################################################################ # MTU for i in $(seq 1 24); do conf "/interface ethernet set ether$i mtu=9200 l2mtu=9204" done for i in $(seq 1 2); do conf "/interface ethernet set sfp-sfpplus$i mtu=9200 l2mtu=9204" done ################################################################################ # VLANs # Internal ports 1-16 ifaces="" for i in $(seq 1 16); do conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$internal" ifaces="ether$i ${ifaces}" done # also tag the bridge for the vlan interface we need later conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged),$bridge untagged=$(commastring $ifaces) vlan-ids=$internal" # Coworking 17-18 ifaces="" for i in $(seq 17 18); do conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$coworking" ifaces="ether$i ${ifaces}" done conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) untagged=$(commastring $ifaces) vlan-ids=$coworking" # Server 19-20 ifaces="" for i in $(seq 19 20); do conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$server" ifaces="ether$i ${ifaces}" done conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) untagged=$(commastring $ifaces) vlan-ids=$server" # Not modified 21-22 # Tagged 23-24, sfp-sfpplus1 for iface in ; do conf "/interface bridge port add bridge=$bridge interface=$iface hw=yes" done conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) lan-ids=$(commastring $other)" conf "/interface vlan add interface=$bridge vlan-id=$internal name=MGMT" conf "/ipv6 address add eui-64=yes advertise=no address=$net_internal interface=MGMT" conf "/interface bridge set $bridge vlan-filtering=yes" # Show neigh conf "/interface bridge host print where !local"