Mikrotik
RouterOS Features!
see
version3 for the latest in features
see
version2.9 for the v2.9 features
TCP/IP protocol suite:
Firewall and NAT
- stateful packet filtering; Peer-to-Peer protocol
filtering; source and destination NAT; classification by
source MAC, IP addresses (networks or a list of
networks) and address types, port range, IP protocols,
protocol options (ICMP type, TCP flags and MSS),
interfaces, internal packet and connection marks, ToS (DSCP)
byte, content, matching sequence/frequency, packet size,
time and more...
Data Rate
Management - Hierarchical HTB QoS system with
bursts; per IP / protocol / subnet / port / firewall
mark; PCQ, RED, SFQ, FIFO queue; CIR, MIR, contention
ratios, dynamic client rate equalizing (PCQ), bursts,
Peer-to-Peer protocol limitation
HotSpot -
HotSpot Gateway with RADIUS authentication and
accounting; true Plug-and-Play access for network users;
data rate limitation; differentiated firewall; traffic
quota; real-time status information; walled-garden;
customized HTML login pages; iPass support; SSL secure
authentication; advertisement support
Point-to-Point
tunneling protocols - PPTP, PPPoE and L2TP Access
Concentrators and clients; PAP, CHAP, MSCHAPv1 and
MSCHAPv2 authentication protocols; RADIUS authentication
and accounting; MPPE encryption; compression for PPPoE;
data rate limitation; differentiated firewall; PPPoE
dial on demand
Simple tunnels
- IPIP tunnels, EoIP (Ethernet over IP)
IPsec - IP
security AH and ESP protocols; MODP Diffie-Hellman
groups 1,2,5; MD5 and SHA1 hashing algorithms; DES,
3DES, AES-128, AES-192, AES-256 encryption algorithms;
Perfect Forwarding Secrecy (PFS) MODP groups 1,2,5
Proxy - FTP and
HTTP caching proxy server; HTTPS proxy; transparent DNS
and HTTP proxying; SOCKS protocol support; DNS static
entries; support for caching on a separate drive; access
control lists; caching lists; parent proxy support
DHCP - DHCP
server per interface; DHCP relay; DHCP client; multiple
DHCP networks; static and dynamic DHCP leases; RADIUS
support
VRRP - VRRP
protocol for high availability
UPnP -
Universal Plug-and-Play support
NTP - Network
Time Protocol server and client; synchronization with
GPS system
Monitoring/Accounting - IP traffic accounting,
firewall actions logging, statistics graphs accessible
via HTTP
SNMP -
read-only access
M3P - MikroTik
Packet Packer Protocol for Wireless links and Ethernet
Wireless -
IEEE802.11a/b/g wireless client and access point (AP)
modes; Nstreme and Nstreme2 proprietary protocols;
Wireless Distribution System (WDS) support; virtual AP;
40 and 104 bit WEP; WPA pre-shared key authentication;
access control list; authentication with RADIUS server;
roaming (for wireless client); AP bridging
Bridge -
spanning tree protocol; multiple bridge interfaces;
bridge firewalling, MAC NATting
VLAN -
IEEE802.1q Virtual LAN support on Ethernet and wireless
links; multiple VLANs; VLAN bridging
Synchronous -
V.35, V.24, E1/T1, X.21, DS3 (T3) media types; sync-PPP,
Cisco HDLC, Frame Relay line protocols; ANSI-617d (ANDI
or annex D) and Q933a (CCITT or annex A) Frame Relay LMI
types
Asynchronous -
serial PPP dial-in / dial-out; PAP, CHAP, MSCHAPv1 and
MSCHAPv2 authentication protocols; RADIUS authentication
and accounting; onboard serial ports; modem pool with up
to 128 ports; dial on demand
ISDN - ISDN
dial-in / dial-out; PAP, CHAP, MSCHAPv1 and MSCHAPv2
authentication protocols; RADIUS authentication and
accounting; 128K bundle support; Cisco HDLC, x75i,
x75ui, x75bui line protocols; dial on demand
SDSL -
Single-line DSL support; line termination and network
termination modes
IA32 Hardware
requirements
CPU and motherboard
- advanced 4th generation (core frequency 100MHz or
more), 5th generation (Intel Pentium, Cyrix 6X86, AMD K5
or comparable) or newer uniprocessor (multi-processor
systems are not supported) Intel IA-32 (i386) compatible
architecture with PCI local bus
RAM - minimum
32 MiB, maximum 1 GiB; 64 MiB or more recommended
Non-volatile
storage medium - standard ATA/IDE interface
controller and drive (SCSI and USB controllers and
drives are not supported; RAID controllers that require
additional drivers are not supported; SATA is only
supported in legacy access mode) with minimum of 64 Mb
space; Flash and Microdrive devices may be connected
using an adapted with ATA interface
MIPS Hardware
requirements
Supported systems
- RouterBOARD 500 series (532, 512 and 511)
RAM - minimum
32 MiB
Non-volatile
storage medium - onboard NAND device, minimum 64Mb
Hardware
needed for installation time only
Depending on installation
method chosen the router must have the following hardware:
Floppy-based
installation - standard AT floppy controller and
3.5'' disk drive connected as the first floppy disk
drive (A); AT, PS/2 or USB keyboard; VGA-compatible
video controller card and monitor
CD-based
installation - standard ATA/ATAPI interface
controller and CD drive supporting "El Torito" bootable
CDs (you might need also to check if the router's BIOS
supports booting from this type of media; if El Torito
is not supported by the BIOS, you can still boot up from
the CD using Smart Boot Manager Floppy); AT, PS/2
or USB keyboard; VGA-compatible video controller card
and monitor
Floppy-based
network installation - standard AT floppy controller
and 3.5'' disk drive connected as the first floppy disk
drive (A); PCI Ethernet network interface card supported
by MikroTik RouterOS (see the Device Driver List for the
list)
Full network-based
installation - PCI Ethernet network interface card
supported by MikroTik RouterOS (see the Device Driver
List for the list) with PXE or EtherBoot extension
booting ROM (you might need also to check if the
router's BIOS supports booting from network)
Configuration
possibilities
RouterOS provides powerful
command-line configuration interface. You can also manage
the router through WinBox - the easy-to-use remote
configuration GUI for Windows -, which provides all the
benefits of the command-line interface, without the actual
"command-line", which may scare novice users. Web-based
configuration is provided for some most popular
functionality. Major features:
Clean and consistent
user interface
Runtime configuration
and monitoring
Multiple connections
User policies
Action history,
undo/redo actions
safe mode operation
Scripts can be
scheduled for executing at certain times, periodically,
or on events. All command-line commands are supported in
scripts
Router may be managed through
the following interfaces (note that until a valid IP
configuration is enteres, telnet and SSH connections are not
possible):
Local teminal
console - AT, PS/2 or USB keyboard and
VGA-compatible video controller card with monitor
Serial console
- any (you may choose any one; the first, also known as
COM1, is used by default) RS232 asynchronous serial
port, which is by default set to 9600bit/s, 8 data bits,
1 stop bit, no parity, hardware (RTS/CTS) flow control
Telnet - telnet
server is running on 23 TCP port by default
SSH - SSH
(secure shell) server is running on 22 TCP port by
default (available only if security package is
installed)
MAC Telnet -
MikroTik MAC Telnet potocol server is by default enabled
on all Ethernet-like interfaces
Winbox - Winbox
is a RouterOS remote administration GUI for Windows,
that uses 8291 TCP port. It may also connect routers by
their MAC addresses
