MikroTik awọsanma Ti gbalejo olulana Itọsọna olumulo

Awọn akoonu tọju

1 MikroTik awọsanma ti gbalejo olulana

2 Awọn ilana Lilo ọja

3 Lo Awọn ọran

4 Fifi sori Itọsọna

5 Standart (Gun) Afọwọkọ fun aládàáṣiṣẹ fifi sori

6 ỌKAN-ILA (Kukuru) SCRiPT fun Awọn fifi sori ẹrọ Aifọwọyi

7 Awọn imudojuiwọn ati Awọn alaye Awọn iwe afọwọkọ adaṣe

8 FAQ

9 Awọn iwe aṣẹ / Awọn orisun

9.1 Awọn itọkasi

10 jẹmọ Posts

MikroTik awọsanma ti gbalejo olulana

Awọn pato

Orukọ ọja: MikroTik CHR (Olulana Awọsanma ti gbalejo)

Apejuwe: Awọsanma-orisun foju olulana fun nẹtiwọki afisona awọn iṣẹ-ṣiṣe
Awọn ẹya ara ẹrọ: Isakoso nẹtiwọki, awọn iṣẹ VPN, aabo ogiriina, iṣakoso bandiwidi

Awọn ilana Lilo ọja

Fifi sori Itọsọna

Ṣetan Ayika Rẹ: Rii daju pe agbegbe awọsanma rẹ pade awọn ibeere fun fifi sori CHR.

Ṣe igbasilẹ aworan MikroTik CHR: Gba aworan CHR lati ọdọ MikroTik osise webaaye tabi ibi ipamọ.
Mu CHR ṣiṣẹ ni Ayika Awọsanma Rẹ: Tẹle awọn ilana-ipilẹ kan pato lati mu CHR ṣiṣẹ ninu iṣeto awọsanma rẹ.

Iṣeto akọkọ: Tunto awọn eto ipilẹ gẹgẹbi awọn atọkun nẹtiwọọki ati awọn adirẹsi IP lẹhin imuṣiṣẹ.
Iṣeto ni ilọsiwaju (Aṣayan): Ṣe akanṣe awọn eto CHR ti o da lori awọn ibeere nẹtiwọọki rẹ ati awọn ilana iṣakoso.

Isakoso ati Abojuto: Lo awọn irinṣẹ MikroTik lati ṣakoso, ṣe atẹle, ati laasigbotitusita apẹẹrẹ CHR rẹ.
Itọju deede: Ṣe awọn iṣẹ ṣiṣe itọju igbagbogbo lati rii daju iṣẹ ti o dara julọ ati aabo.

IdiMikroTik CHR jẹ olulana foju ti o da lori awọsanma ti a ṣe apẹrẹ lati pese awọn iṣẹ ṣiṣe ti nẹtiwọọki ni awọn agbegbe ti o ni agbara. O gba ọ laaye lati lo awọn ẹya MikroTik's RouterOS ni awọn amayederun awọsanma, jẹ ki o jẹ apẹrẹ fun iṣakoso nẹtiwọọki, awọn iṣẹ VPN, aabo ogiriina, ati iṣakoso bandiwidi ni ipilẹ agbara tabi ipilẹ-awọsanma.

Lo Awọn ọran

Nẹtiwọọki Aladani Foju (VPN): CHR le ṣee lo lati ṣakoso ati ipa ọna opopona VPN, ni idaniloju aabo ati asopọ daradara laarin awọn ipo jijin.

Isakoso nẹtiwọki: Apẹrẹ fun ṣiṣakoso awọn agbegbe nẹtiwọọki eka, pẹlu ipa-ọna, yi pada, ati apẹrẹ ijabọ.
Ogiriina ati Aabo: Pese awọn agbara ogiriina ti o lagbara lati ni aabo ijabọ nẹtiwọọki ati aabo lodi si iraye si laigba aṣẹ.

Iṣakoso bandiwidi: Wulo fun ibojuwo ati iṣakoso lilo bandiwidi lati mu iṣẹ nẹtiwọọki pọ si.

Fifi sori Itọsọna

Ṣetan Ayika Rẹ:
Rii daju pe o ni agbegbe awọsanma tabi ipilẹ agbara agbara nibiti o le mu CHR ṣiṣẹ. Awọn iru ẹrọ atilẹyin pẹlu AWS, Azure, Google Cloud, VMware, Hyper-V, ati awọn miiran.

Ṣe igbasilẹ aworan MikroTik CHR:
Ṣabẹwo si osise MikroTik webojula tabi MikroTik.com lati ṣe igbasilẹ aworan CHR ti o yẹ. Yan laarin awọn ẹya oriṣiriṣi ti o da lori awọn iwulo rẹ (fun apẹẹrẹ, iduroṣinṣin tabi idanwo).
Mu CHR ṣiṣẹ ni Ayika Awọsanma Rẹ:
- AWS: Ṣẹda apẹẹrẹ tuntun ki o gbe aworan CHR silẹ. Tunto apẹẹrẹ pẹlu awọn orisun ti o yẹ (CPU, Ramu, ibi ipamọ).
- AzureLo Ibi ọja Azure lati ran ẹrọ foju MikroTik CHR ṣiṣẹ.
- VMware/Hyper–V: Ṣẹda ẹrọ foju tuntun kan ki o so aworan CHR mọ.
Iṣeto akọkọ:
- Wiwọle CHR: Sopọ si apẹẹrẹ CHR nipa lilo SSH tabi asopọ console kan.
- Ipilẹṣẹ Iṣeto ni: Ṣeto awọn atọkun nẹtiwọọki, awọn adirẹsi IP, ati awọn ilana ipa-ọna bi o ṣe nilo. Tọkasi awọn iwe MikroTik fun awọn aṣẹ ati awọn atunto kan pato.

Iṣeto ni ilọsiwaju (Aṣayan):
- VPN Ṣeto: Tunto VPN tunnels fun aabo latọna wiwọle.
- Ofin ogiriina: Ṣeto awọn ofin ogiriina lati daabobo nẹtiwọki rẹ.
- Bandiwidi Isakoso: Ṣe imuse awọn ọna gbigbe ati awọn ilana iṣakoso bandiwidi.

Isakoso ati Abojuto:
Lo MikroTik's WinBox tabi WebỌpọtọ lati ṣakoso ati abojuto apẹẹrẹ CHR. Awọn irinṣẹ wọnyi pese wiwo ayaworan fun iṣeto ni ati ibojuwo.
Itọju deede:
Jeki apẹẹrẹ CHR rẹ ni imudojuiwọn pẹlu awọn idasilẹ sọfitiwia tuntun ati awọn abulẹ lati rii daju aabo ati iṣẹ ṣiṣe.

Awọn ero:

Iwe-aṣẹ: MikroTik CHR n ṣiṣẹ labẹ awọn ipele iwe-aṣẹ oriṣiriṣi. Yan iwe-aṣẹ ti o da lori iṣẹ rẹ ati awọn ibeere ẹya.
Awọn oluşewadi Pipin: Rii daju pe agbegbe foju rẹ pese awọn orisun to peye lati mu ijabọ nẹtiwọọki rẹ ati awọn iwulo ipa-ọna.

Awọn orisun:

Iwe MikroTik: MikroTik CHR Iwe
Awọn apejọ Agbegbe: Ṣe ajọṣepọ pẹlu agbegbe MikroTik fun atilẹyin ati awọn imọran afikun.

Standart (Gun) Afọwọkọ fun aládàáṣiṣẹ fifi sori

# Ṣe ipinnu oluṣakoso package
ti o ba ti pipaṣẹ -v yum &> /dev/null; lẹhinna pkg_manager =”yum”; elif pipaṣẹ -v apt &> /dev/null; lẹhinna pkg_manager =”apt”; miiran
- iwoyi “Bẹni yum tabi deede ko ri. Iwe afọwọkọ yii ko ni atilẹyin.”; jade 1; fi
# Ṣe imudojuiwọn awọn idii ati fi sori ẹrọ unzip, pwgen, ati awọn ipilẹ ti o ba [“$ pkg_manager” == “yum”]; lẹhinna sudo yum -y imudojuiwọn && sudo yum -y fi sori ẹrọ unzip pwgen coreutils; elif [“$pkg_manager”== “dara”]; lẹhinna sudo apt-get -y imudojuiwọn && sudo apt-get -y fi sori ẹrọ unzip pwgen coreutils; fi
- iwoyi “Eto naa ti ni imudojuiwọn ati fi sori ẹrọ awọn idii ti o nilo.”
# Pinnu root file ẹrọ eto root_device=$(df / | awk 'NR==2 {titẹ $1}') root_device_base=$(echo $root_device | sed 's/[0-9]\+$//')
- iwoyi “Root fileeto wa lori ẹrọ: $root_device”
- iwoyi "Ona ẹrọ: $root_device_base"
# Ṣẹda ati gbe itọsọna igba diẹ mkdir /mt_ros_tmp && mount -t tmpfs tmpfs /mt_ros_tmp/ && cd /mt_ros_tmp
# Gba adiresi IP ati ẹnu-ọna
INTERFACE=$(ipa-ọna ip | aiyipada grep | awk '{tẹ $5}')
ADDRESS=$(ip addr show “$INTERFACE” | grep agbaye | ge -d' ' -f 6 | ori -n 1)
GATEWAY=$(akojọ ipa ọna ip | aiyipada grep | ge -d' -f 3) iwoyi "Jọwọ tẹ ikanni naa (aiyipada='iduroṣinṣin', tabi='idanwo'):"ka ikanni

# Aiyipada si 'iduroṣinṣin' ti ko ba si igbewọle ti a pese ti [-z “$ikanni”]; lẹhinna ikanni =”iduroṣinṣin” fi
iwoyi “Fi sori ẹrọ RouterOS CHR lati ikanni '$ikanni'…”
# Ṣe igbasilẹ URL da lori ti a ti yan ikanni
ti [“$ikanni” == “idanwo”]; lẹhinna rss_feed=”https://download.mikrotik.com/routeros/latest-testing.rss"elserss_feed="https://download.mikrotik.com/routeros/latest-stable.rss” fi
# Ṣe igbasilẹ ẹya tuntun ti MikroTik RouterOS rss_content=$(curl -s $rss_feed) latest_version=$(echo “$rss_content” | grep -oP '(?<= RouterOS )[\d\.] +rc\d+' | ori -1) ti [-z “$ latest_version”]; lẹhinna
- iwoyi "Ko le gba nọmba ẹya tuntun pada." jade 1 fi
- iwoyi "Ẹya tuntun: $ latest_version" download_url= ”https://download.mikrotik.com/routeros/$latest-version/chr-$latest-version.img.zip“
- Echo “Gbigba lati ayelujara lati $download_url…” wget –ko-ṣayẹwo-ẹri -O “chr-$titun_version.img.zip” “$download_url"ti o ba jẹ [$? -eq 0]; lẹhinna tun ṣe"File ti gba lati ayelujara ni aṣeyọri: chr-$latest_version.img.zip” miiran
- iwoyi"File download kuna.” jade 1 fi
# Unzip ki o mura aworan gunzip -c “chr-$ latest_version.img.zip” > “chr-$ latest_version.img”
# Oke aworan naa -o loop “chr-$latest_version.img” /mnt

# Ṣe ipilẹṣẹ ọrọ igbaniwọle laileto PASSWORD=$(pwgen 12 1)
# Kọ iwe afọwọkọ autorun lati tunto apẹẹrẹ RouterOS
- iwoyi "Orukọ olumulo (Kullanıcı adı): abojuto"
- iwoyi "Ọrọigbaniwọle (Şifre): $PASSWORD"
- iwoyi "/ ip adirẹsi fi adiresi = $ ADDRESS ni wiwo = [/ ni wiwo ethernet wa nibiti orukọ = ether1]" > /mnt/rw/autorun.scr
- iwoyi "/ ip ipa ọna afikun ẹnu-ọna =$GATEWAY" >> /mnt/rw/autorun.scr
- iwoyi “/ip iṣẹ mu telnet ṣiṣẹ” >> /mnt/rw/autorun.scr
- iwoyi “/ olumulo ṣeto orukọ 0 = ọrọ igbaniwọle abojuto = $PASSWORD” >> /mnt/rw/autorun.scr
- iwoyi "/ip dns ṣeto olupin=8.8.8.8,1.1.1.1" >> /mnt/rw/autorun.scr

# Tun gbe gbogbo ti a gbe sori fileawọn ọna ṣiṣe lati muuṣiṣẹpọ ipo kika-nikan && echo u > /proc/sysrq-trigger
# Fi aworan naa han si disk dd if=”chr-$latest_version.img” of=$root_device_base bs=4M oflag=sync
# Atunbere eto ipa
- iwoyi 1> /proc/sys/kernel/sysrq
- iwoyi b > /proc/sysrq-trigger

ỌKAN-ILA (Kukuru) SCRiPT fun Awọn fifi sori ẹrọ Aifọwọyi

ti o ba ti pipaṣẹ -v yum &> /dev/null; lẹhinna pkg_manager =”yum”; elif pipaṣẹ -v apt &> /dev/null; lẹhinna pkg_manager =”apt”; miiran iwoyi “Bẹni yum tabi apt ri. Iwe afọwọkọ yii ko ni atilẹyin.”; jade 1; fi && \ [“$ pkg_manager” == “yum” ] && sudo yum -y update && sudo yum -y install unzip pwgen coreutils || [“$pkg_manager”== “apt”] && sudo apt-get -y update && sudo apt-get -y install unzip pwgen coreutils && \ root_device=$(df / | awk 'NR==2 {titẹ $1}' ) && root_device_base=$(echo $root_device | sed 's/[0-9]\+$//') && \ echo “Root fileeto wa lori ẹrọ: $root_device” && echo “Ona ẹrọ: $root_device_base” && \ mkdir /mt_ros_tmp && mount -t tmpfs tmpfs /mt_ros_tmp/ && cd /mt_ros_tmp && \ INTERFACE=$(ip ipa ọna |{p awk) tẹjade $5}') && ADDRESS=$(ifihan ip addr “$INTERFACE” | grep agbaye | awk '{tẹ $2}' | ori -n 1) && \ GATEWAY=$(akojọ ipa ọna ip | aiyipada grep | awk '{ tẹjade $3}') && \ read -p “Tẹ ikanni sii (aiyipada='iduroṣinṣin', tabi='idanwo'): ”ikanni; [-z “$ikanni”] && channel=”idurosinsin”;rss_feed=”https://download.mikrotik.com/routeros/latest-$channel.rss” && rss_content=$(curl -s $rss_feed) && \ latest_version=$(wo “$rss_content” | grep -oP '(?<= RouterOS )[\d\.] +rc\d+' | ori -1) && \ [-z “$ latest_version”] && echo “Ko le gba nọmba ẹya tuntun pada.” && jade 1 || \ echo "Ẹya tuntun: $ latest_version" && download_url= ”https://download.mikrotik.com/routeros/$latest_version/chr-$latest-version.img.zip" && \ echo" Gbigba lati ayelujara lati $download_url…” && wget –ko si-ṣayẹwo-ẹri -O “chr-$titun_version.img.zip” “$download_url” && [$? -eq 0] && iwoyi "File ti gba lati ayelujara ni aṣeyọri: chr-$latest_version.img.zip" || iwoyi"File download kuna.” && gunzip -c “chr-$latest_version.img.zip” > “chr-$latest_version.img” && mount -o loop “chr-$latest_version.img” /mnt && \ PASSWORD=$(pwgen 12 1) && iwoyi "Orukọ olumulo: abojuto" && echo "Ọrọigbaniwọle: $PASSWORD" && \ echo "/ ip adiresi fi adiresi = $ ADDRESS ni wiwo = [/ ni wiwo ethernet wa nibiti orukọ = ether1]" > /mnt/rw/autorun.scr && \ echo "/ ip ipa add gateway=$GATEWAY" >> /mnt/rw /autorun.scr && iwoyi “/ip iṣẹ mu telnet ṣiṣẹ” >> /mnt/rw/autorun.scr && \ echo “/ olumulo ṣeto orukọ 0 = ọrọ igbaniwọle abojuto = $PASSWORD” >> /mnt/rw/autorun.scr && echo “/ip dns ṣeto olupin=8.8.8.8,1.1.1.1″ >> /mnt/rw/autorun.scr && \ amuṣiṣẹpọ && iwoyi u > /proc/sysrq-trigger && dd if=”chr-$latest_version.img” of=$root_device_base bs=4M oflag=sync && \ echo 1 > /proc/sys/kernel/sysrq && echo b > /proc/sysrq-trigger

Awọn imudojuiwọn ati Awọn alaye Awọn iwe afọwọkọ adaṣe

Fifi awọn idii afikun sii:
- Awọn aṣẹ fifi sori ẹrọ ti a ṣafikun fun pwgen ati awọn coreutils ni mejeeji yum ati awọn alakoso package ti o yẹ.
Àdírẹ́ẹ̀sì IP àti Ẹnu ọ̀nà àbájáde:
- Awọn akosile ya awọn eto ká IP adirẹsi ati ẹnu-ọna lilo IP addr ati ip ipa-.
Unzipping ati iṣagbesori:
- Aworan naa ti wa ni ṣiṣi silẹ ati fi sori ẹrọ ni lilo gunzip ati awọn pipaṣẹ gbe soke pẹlu awọn aṣayan ti o yẹ.

Ṣiṣẹda ati Ṣiṣeto Ọrọigbaniwọle:
- Ọrọ igbaniwọle ohun kikọ 12 laileto jẹ ipilẹṣẹ nipa lilo pwgen ati lẹhinna ṣeto sinu iwe afọwọkọ autorun fun RouterOS.
Iwe afọwọkọ Aifọwọyi:
- Iwe afọwọkọ autorun pẹlu awọn aṣẹ lati tunto apẹẹrẹ RouterOS, pẹlu fifi adiresi IP kun, ṣeto ẹnu-ọna, piparẹ telnet, ṣeto ọrọ igbaniwọle abojuto, ati tunto awọn olupin DNS.
Atunbere eto:
- Fileamuṣiṣẹpọ eto ni a ṣe ṣaaju ki o to fi ipa mu atunbere eto nipa lilo okunfa SysRq, ni idaniloju pe gbogbo data ti kọ si disk.

Iwari wiwo Nẹtiwọọki Aifọwọyi:
- INTERFACE=$(ipa-ipa ip | aiyipada grep | awk '{titẹ $5}'): Ṣe awari wiwo nẹtiwọọki ti nṣiṣẹ ni aladaaṣe nipasẹ wiwa wiwo ipa ọna aiyipada.
- Oniyipada ADDRESS ti ṣeto lẹhinna ni lilo wiwo ti a rii.

FAQ

Q: Kini awọn ọran lilo akọkọ ti MikroTik CHR?
A: MikroTik CHR jẹ lilo nigbagbogbo fun ṣiṣakoso ijabọ VPN, awọn agbegbe nẹtiwọọki, aabo ogiriina, ati iṣakoso bandiwidi ni awọn ipilẹ agbara tabi awọn ipilẹ-awọsanma.

Q: Bawo ni MO ṣe le gba atilẹyin fun MikroTik CHR?
A: O le tọka si iwe MikroTik tabi ṣe ajọṣepọ pẹlu awọn apejọ agbegbe fun atilẹyin ati awọn imọran afikun lori lilo CHR.