MikroTik简单上网与阿里DDNS设置

作者 : 七界传说 发布时间: 2023-11-7 文章热度:2.14K 共5136个字,阅读需13分钟。

目 录

MikroTik简单上网与阿里DDNS设置-七界传说丨关注分享网络、硬件、维护、游戏、主题、虚拟化、软件分享!

简单上网

创建pppoe

/interface pppoe-client add name=pppoe-out1 interface=wan user=**** password=**** add-default-route=no use-peer-dns=no

注:*为宽带帐号与密码

创建路由

/ip route add dst-address=0.0.0.0/0 gateway=pppoe-out1

创建DNS缓存

/ip dns set servers=223.5.5.5,119.29.29.29 allow-remote-requests=yes

/ip dns static add name=ros.lan type=A address=192.168.99.1

注:address地址为你路由网关

Doh设置参考:点击访问

创建nat模式

/ip firewall address-list add list=Src_Nat address=192.168.99.0/24 dynamic=no

/ip firewall nat add chain=srcnat src-address-list=Src_Nat out-interface=pppoe-out1 action=src-nat to-addresses=171.212.253.39 comment="Src_A"

/ip firewall raw add chain=prerouting protocol=udp dst-port=53 in-interface=pppoe-out1 action=drop

注:to-addresses填你公网IP,无公网环境改为masquerade

创建Mss (双栈同时启用加载图片卡顿,解决办法)

例pppoe-out1拨号mtu=1480

(IPv4)Mss值计算方法是Mtu-40  即IP报头20 TCP报头20
(IPv6)Mss值计算方法是Mtu-60  即IPv6头部固定长度40 TCP报头20

IPv4

/ip firewall mangle add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=1440 comment="Chang Mss IPv4" passthrough=yes place-before=0

IPv6

/ipv6 firewall mangle add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=1420 comment="Chang Mss IPv6" passthrough=yes place-before=0

创建ddns解析

/system scheduler add name=ddns interval=00:10:00 start-time=startup

脚本如下:

# 域名
:local domainName "域名";
# wan接口名称
:local wanInterface "pppoe-out1";
# 要使用的服务 (aliyun/dnspod)
:local service "aliyun";
# API接口 Access ID
:local accessID "***";
# API接口 Access Secret
:local accessSecret "***";

# 腾讯云 (dnspod) 设置
#
# 一般情况下无需设置此内容
# 服务器会自动识别 domainID 和 recordID
#
# 如一直提示 "当前域名无权限,请返回域名列表。"
# 则需要手动设置
:local domainID "";
:local recordID "";

# ==== 以下内容无需修改 ====
# =========================

:local publicIP;
:local dnsIP;
:local epicFail false;

# 获取当前外网IP
:do {
:local interfaceIP [ /ip address get [ find interface=$wanInterface ] address ];
:set $interfaceIP [ :pick $interfaceIP 0 [ :find $interfaceIP "/" ] ];

:if ($interfaceIP ~ "^(10|100|172|192)\\.") \
do={
:local fetchResult [/tool fetch url="http://ip.3322.net/" mode=http as-value output=user];
:set $publicIP ($fetchResult->"data")
:set $publicIP [ :pick $publicIP 0 [ :find $publicIP "\n" ] ];
:set $publicIP [ :toip $publicIP ]
} \
else={ \
:set $publicIP [ :toip $interfaceIP ];
}
} \
on-error {
:set $epicFail true;
:log error ("DDNS: Get public IP failed.");
}

# 获取当前解析的IP
:do {
:set $dnsIP [ :resolve $domainName ];
} \
on-error {
:set $epicFail true;
:log error ("DDNS: Resolve domain " . $domainName . " failed.");
}

# 如IP有变动,则更新解析
:if ($epicFail = false && $publicIP != $dnsIP) \
do={
:local callUrl ("https://ddns.vsean.net/ddns.php");
:local postData ("service=" . $service . "&domain=" . $domainName . "&access_id=" . $accessID . "&access_secret=" . $accessSecret . "&domain_id=" . $domainID . "&record_id=" . $recordID);
:local fetchResult [/tool fetch url=$callUrl mode=https http-method=post http-data=$postData as-value output=user];
:log info ("DDNS: " . $fetchResult->"data");
}

自动修改NAT To-address公网IP

:log warning "====================================="
#获取PPPoE接口IP
:log error "获取公网Telecom IP地址"
:global addold1
:global addnew1

:set addnew1 [/interface get [/interface find name="pppoe-out1"] running]
:if ($addnew1=true) do={
:set addold1 [/ip address get [/ip address find dynamic=yes interface="pppoe-out1"] address]
:set addold1 [:pick $addold1 0 ([:len $addold1 ] -3)]

/tool netwatch add host=$addold1 interval=00:00:10 timeout=1s comment=Ping_Public down-script="delay 6s
/interface disable pppoe-out1
delay 3s
/interface enable pppoe-out1";

delay 3s
/ip firewall nat set [/ip firewall nat find comment="Src_A"] to-address=$addold1
delay 3s
/ip firewall nat set [/ip firewall nat find comment="Full Cone"] dst-address=$addold1
delay 3s
/ip firewall nat set [/ip firewall nat find comment="Port_Nat"] dst-address=$addold1;
}

FullCone(NAT1)最新V7.11.2可以用

/ip firewall nat add action=endpoint-independent-nat chain=srcnat protocol=udp out-interface=pppoe-out1 place-before=0 comment=FullCone_Nat
/ip firewall nat add action=endpoint-independent-nat chain=dstnat protocol=udp in-interface=pppoe-out1 place-before=0

快速硬件转发

/ip firewall filter add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related hw-offload=yes protocol=tcp in-interface=pppoe-out1
/ip firewall filter add action=fasttrack-connection chain=forward connection-state=established,related hw-offload=no in-interface=pppoe-out1
/ip firewall filter add chain=forward action=accept connection-state=established,related

IPv6配置:点击查看

备份发送邮箱

#SMTP服务器设置
:local smtps "xxx"
#邮件端口设置
:local ports "xxx"
#寄件人账号
:local Mailings "xxx"
#寄件人密码
:local pass "xxx"
#收件人账号设置
:local recipient "xxx"
#寄件人账号设置
:local Collection "xxx"
#发送主题设置
:local Themes "MikroTik-漏油器备份"
#服务器名称设置
:local smtpp [:resolve $smtps]
#修改邮件服务器
/tool e-mail set server=$smtpp port=$ports from=$Collection user=$Collection password=$pass
#设定日期格式
:local date [/system clock get date]
:local time [/system clock get time]
#获取路由运行时间
:local ROSUptime [/system resource get uptime]
#获取公网IP
:local ddnsinterface "pppoe-cmcc"
:local ipssfn [ /ip address get [/ip address find interface=$ddnsinterface ] address ]
:global ipss [:pick $ipssfn 0 [:find $ipssfn "/" ] ]
#获取路由版本
:local ROSVersion [/system resource get version]
#获取路由ID
:local RouterName [/system identity get name]
#导出备份
/export show-sensitive file="MikroTik.rsc"
/system backup save dont-encrypt=yes name="MikroTik"
#延时继续
:delay 3
/tool e-mail send to=$recipient tls=yes from=$Mailings subject=$Themes body=("当前公网: ".$ipss."\n稳定运行: ".$ROSUptime."\n设备名称: ".$RouterName."\n版本信息: ".$ROSVersion."\n备份时间:".$date."-".$time) file=("MikroTik.rsc","MikroTik.backup")
#延时继续
:delay 3
#删除备份文件
/file remove ("MikroTik.rsc","MikroTik.backup")
#日志提醒
:log warning "系统数据已备份,邮件已发送至($recipient)"

 

常见问题FAQ

免费下载或者VIP会员专享资源能否直接商用?
本站所有资源版权均属于原作者所有,这里所提供资源均只能用于参考学习用,请勿直接商用。若由于商用引起版权纠纷,一切责任均由使用者承担。更多说明请参考 VIP介绍。
版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 、作者信息和本声明。否则将追究法律责任。

发表评论

21
+2164天安全运行
主题分享
0
+0篇本周更新
更新我快乐

VIP免费下载全站资源

立即了解

本站支持IPv6访问 本站支持SSL安全访问

站点地图