Document revision 2.8 (September 7, 2007, 8:36 GMT) This document applies to V2.9
Table of Contents
Table of Contents Description
Major features • Firewall and NAT - stateful packet filtering; Peer-to-Peer protocol filtering; source and destination NAT; classification by source MAC, IP addresses (networks or a list of networks) andaddress types, port range, IP protocols, protocol options (ICMP type, TCP flags and MSS), interfaces, internal packet and connection marks, ToS (DSCP) byte, content, matching sequence/frequency, packet size, time and more... • Routing - Static routing; Equal cost multi-path routing; Policy based routing (classification done in firewall); RIP v1 / v2, OSPF v2, BGP v4 • Data Rate Management -Hierarchical HTB QoS system with bursts; per IP / protocol / subnet / port / firewall mark; PCQ, RED, SFQ, FIFO queue; CIR, MIR, contention ratios, dynamic client rate equalizing (PCQ), bursts, Peer-to-Peer protocol limitation • HotSpot - HotSpot Gateway with RADIUS authentication and accounting; true Plug-and-Play access for network users; data rate limitation; differentiated firewall; traffic quota;real-time status information; walled-garden; customized HTML login pages; iPass support; SSL secure authentication; advertisement support • Point-to-Point tunneling protocols - PPTP, PPPoE and L2TP Access Concentrators and clients; PAP, CHAP, MSCHAPv1 and MSCHAPv2 authentication protocols; RADIUS authentication and accounting; MPPE encryption; compression for PPPoE; data rate limitation;differentiated firewall; PPPoE dial on demand • Simple tunnels - IPIP tunnels, EoIP (Ethernet over IP) • IPsec - IP security AH and ESP protocols; MODP Diffie-Hellman groups 1,2,5; MD5 and SHA1 hashing algorithms; DES, 3DES, AES-128, AES-192, AES-256 encryption algorithms; Perfect Forwarding Secrecy (PFS) MODP groups 1,2,5 • Proxy - FTP and HTTP caching proxy server; HTTPS proxy; transparent DNS and HTTPproxying; SOCKS protocol support; DNS static entries; support for caching on a separate drive; access control lists; caching lists; parent proxy support • DHCP - DHCP server per interface; DHCP relay; DHCP client; multiple DHCP networks; static and dynamic DHCP leases; RADIUS support • VRRP - VRRP protocol for high availability • UPnP - Universal Plug-and-Play support
Page 1 of 4
Copyright1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA. Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
• NTP - Network Time Protocol server and client; synchronization with GPS system • Monitoring/Accounting - IP traffic accounting, firewall actions logging, statistics graphs accessible viaHTTP • SNMP - read-only access • M3P - MikroTik Packet Packer Protocol for Wireless links and Ethernet • MNDP - MikroTik Neighbor Discovery Protocol; also supports Cisco Discovery Protocol (CDP) • Tools - ping; traceroute; bandwidth test; ping flood; telnet; SSH; packet sniffer; Dynamic DNS update tool
• Wireless - IEEE802.11a/b/g wireless client and access point (AP) modes; Nstreme and Nstreme2proprietary protocols; Wireless Distribution System (WDS) support; virtual AP; 40 and 104 bit WEP; WPA pre-shared key authentication; access control list; authentication with RADIUS server; roaming (for wireless client); AP bridging • Bridge - spanning tree protocol; multiple bridge interfaces; bridge firewalling, MAC NATting • VLAN - IEEE802.1q Virtual LAN support on Ethernet and wireless links;multiple VLANs; VLAN bridging • Synchronous - V.35, V.24, E1/T1, X.21, DS3 (T3) media types; sync-PPP, Cisco HDLC, Frame Relay line protocols; ANSI-617d (ANDI or annex D) and Q933a (CCITT or annex A) Frame Relay LMI types • Asynchronous - serial PPP dial-in / dial-out; PAP, CHAP, MSCHAPv1 and MSCHAPv2 authentication protocols; RADIUS authentication and accounting; onboard serial ports; modem pool...