« Previous 1 2 3
Discover the power of RouterBOARDS
Self-Control
Other Features
RouterOS provides a number of interesting capabilities, such as modifying your routing tables manually. Network interfaces can be bridged the same way you would in a regular Linux system. Hardware offloading is supporting for some configurations, which means in certain circumstances you can take load off the CPUs and let the network cards do the packet switching to improve performance. The routers that have a WiFi interface can have it configured as a client, so you could, for example, connect a number of computers in a lab to a router that is not connected to a gateway and then establish a WiFi connection from this router to another router that does have Internet access, therefore making the lab able to reach the Internet without wires.
Recent versions have a so-called Kid Control (Figure 6), which is a mechanism for restricting the time per day that devices can make use of the Internet. In this way you can define which times of the day to allow certain users to connect.
In addition to DNS and NTP servers, RouterOS includes an HTTP proxy. In fact, RouterOS can be used to implement network-level ad blocking by generating a blacklist from the EasyList [12] or StevenBlack [13] host file and loading it to the DNS server or the proxy server for your clients to use. Personally, I use a separate device for this task for performance reasons, but the option is always available.
Additionally, RouterOS can run scripts [14] and set scheduled tasks [15].
Beyond RouterOS
If you buy a router from MikroTik and discover you don't like RouterOS, you might find yourself with a not-so-cheap piece of hardware and firmware you don't really like. What do you do then? Fortunately, you can flash a different operating system on your router. For example, OpenWrt [16], a Linux distribution for routers, is a valid alternative.
Conclusion
MikroTik offers routers with an impressive set of capabilities that let you control the tiniest aspects of your network. The price of this power is knowing how computer networks operate; you don't need to be an engineer, but you do need to know more than the basics.
Infos
- MikroTik: https://mikrotik.com/
- MikroTik EULA: https://mikrotik.com/downloadterms.html
- RouterOS firewall filters: https://help.mikrotik.com/docs/display/ROS/Filter
- "Killing Ads with the LAN-Level Privoxy Web Proxy" by Rubén Llorente, Linux Magazine , issue 232, March 2020, pg. 24, https://www.linux-magazine.com/Issues/2020/232/Privoxy
- ARP spoofing: https://en.wikipedia.org/wiki/ARP_spoofing
- Creative Commons Attribution-Share Alike 4.0 International: https://creativecommons.org/licenses/by-sa/4.0/
- "Build a VPN Tunnel with WireGuard" by Ferdinand Thommes and Christoph Langner, Linux Magazine , issue 237, August 2020, pg. 46, https://www.linux-magazine.com/Issues/2020/237/WireGuard
- "Why not WireGuard" by Michael Tremer, IPFire Blog , February 18, 2020; revised June 15, 2021, https://blog.ipfire.org/post/why-not-wireguard
- WireGuard: https://help.mikrotik.com/docs/display/ROS/WireGuard
- Advanced traffic control: https://wiki.archlinux.org/title/Advanced_traffic_control
- Simple Queues: https://wiki.mikrotik.com/wiki/Manual:Queue
- EasyList: https://easylist.to/
- StevenBlack lists: https://github.com/StevenBlack/hosts
- Scripting: https://help.mikrotik.com/docs/display/ROS/Scripting
- Scheduler: https://help.mikrotik.com/docs/display/ROS/Scheduler
- OpenWrt wiki: https://openwrt.org/toh/mikrotik/common
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)