# routerboard: yes # model: CRS317-1G-16S+ # revision: r2 # serial-number: D7ED0E8E1D4B # firmware-type: dx3230L # factory-firmware: 6.47.9 # current-firmware: 7.19.4 # upgrade-firmware: 7.19.4 # # channel: stable # installed-version: 7.19.4 # latest-version: 7.19.6 # status: New version is available # # Flags: U - UNDOABLE # Columns: ACTION, BY, POLICY, TIME # ACTION BY POLICY TIME # U item added marcos write 2025-09-26 11:27:42 # U device changed marcos write 2025-09-22 16:29:35 # U item changed marcos write 2025-09-22 16:28:07 # U device changed marcos write 2025-09-22 16:27:35 # U item changed andres write 2025-09-19 15:24:37 # U item changed andres write 2025-09-19 15:13:56 # U item changed marcos write 2025-09-16 10:42:32 # U item changed marcos write 2025-09-16 10:42:31 # U item removed marcos write 2025-09-16 10:41:58 # U item changed marcos write 2025-09-15 20:55:31 # U item changed marcos write 2025-09-15 19:42:06 # # 2025-10-01 06:17:54 by RouterOS 7.19.4 # software id = U33D-4FL1 # # model = CRS317-1G-16S+ # serial number = D7ED0E8E1D4B /interface bridge add fast-forward=no igmp-snooping=yes igmp-version=3 ingress-filtering=no mld-version=2 multicast-querier=yes name=bridge_MAIN port-cost-mode=short vlan-filtering=yes /interface ethernet set [ find default-name=ether1 ] comment="MGMT - UNTAGGED VLAN99" set [ find default-name=sfp-sfpplus1 ] comment=TRUNK_SB_PPPoE loop-protect=on set [ find default-name=sfp-sfpplus2 ] comment=TRUNK_R60 loop-protect=on set [ find default-name=sfp-sfpplus3 ] comment=LIBRE loop-protect=on set [ find default-name=sfp-sfpplus4 ] comment=TRUNK_NETVIDEO+IPTV loop-protect=on set [ find default-name=sfp-sfpplus5 ] comment="TRUNK_R50_JDN_SR - VQZ" loop-protect=on set [ find default-name=sfp-sfpplus6 ] comment=TRUNK_EPOINT2 loop-protect=on rx-flow-control=auto tx-flow-control=auto set [ find default-name=sfp-sfpplus7 ] comment="TRUNK_SB (CBL - BNT - ISG - MEC-CMP)" loop-protect=on set [ find default-name=sfp-sfpplus8 ] comment=TRUNK_FLB loop-protect=on set [ find default-name=sfp-sfpplus9 ] comment="TRUNK_FO_VQZ (FLB-BCK - VQZ-BCK)" loop-protect=on set [ find default-name=sfp-sfpplus10 ] comment=TRUNK_BNT loop-protect=on set [ find default-name=sfp-sfpplus11 ] comment=LIBRE loop-protect=on set [ find default-name=sfp-sfpplus12 ] comment=TRUNK_SB-1_GPON loop-protect=on set [ find default-name=sfp-sfpplus13 ] comment=LIBRE loop-protect=on set [ find default-name=sfp-sfpplus14 ] comment=TRUNK_SB_NOC set [ find default-name=sfp-sfpplus15 ] comment="BOND_MAIN - (SW0_L3_SB)" /interface vlan add interface=bridge_MAIN name=vlan99 vlan-id=99 /interface bonding add comment=TRUNK_MAIN mode=802.3ad name=bonding_MAIN slaves=sfp-sfpplus15,sfp-sfpplus16 transmit-hash-policy=layer-2-and-3 /interface list add name=MGMT /interface lte apn set [ find default=yes ] ip-type=ipv4 use-network-apn=no /ip smb users set [ find default=yes ] disabled=yes /port set 0 name=serial0 /routing bgp template set default disabled=no output.network=bgp-networks /routing ospf instance add disabled=no name=default-v2 /routing ospf area add disabled=yes instance=default-v2 name=backbone-v2 /snmp community add addresses=192.168.200.253/32,192.168.200.155/32 authentication-protocol=SHA1 encryption-protocol=AES name=pnet /system logging action add disk-file-count=5 disk-file-name=Critical name=CriticalLogs target=disk add disk-file-count=5 disk-file-name=Error name=ErrorLogs target=disk add disk-file-count=5 disk-file-name=Info name=InfoLogs target=disk add disk-file-count=5 disk-file-name=Interfaces name=InterfacesLogs target=disk add disk-file-count=5 disk-file-name=Warning name=WarningLogs target=disk add name=DudeLogs remote=192.168.200.253 target=remote add name=GrafanaLogs remote=192.168.200.168 remote-log-format=syslog target=remote add name=GrafanaLogsAlert remote=192.168.200.168 remote-log-format=syslog syslog-facility=local1 syslog-severity=alert target=remote add name=GrafanaLogsInfo remote=192.168.200.168 remote-log-format=syslog syslog-facility=local1 syslog-severity=info target=remote /user group add name=dude policy="local,reboot,read,write,test,winbox,web,rest-api,!telnet,!ssh,!ftp,!policy,!password,!sniff,!sensitive,!api,!romon" add name=oxidized policy="ssh,read,!local,!telnet,!ftp,!reboot,!write,!policy,!test,!winbox,!password,!web,!sniff,!sensitive,!api,!romon,!rest-api" /interface bridge port add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus1 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus2 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus3 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus4 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus5 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus6 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus7 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=ether1 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus9 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus10 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus11 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus12 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus14 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus8 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=sfp-sfpplus13 internal-path-cost=10 path-cost=10 add bridge=bridge_MAIN ingress-filtering=no interface=bonding_MAIN internal-path-cost=10 path-cost=10 /ip neighbor discovery-settings set discover-interface-list=MGMT /interface bridge vlan add bridge=bridge_MAIN comment=TRUNK_FO_Nodo tagged=sfp-sfpplus9,bonding_MAIN vlan-ids=100,101,102,104,107,111 add bridge=bridge_MAIN comment=TRUNK_FLB_Nodo tagged=sfp-sfpplus8,sfp-sfpplus9,bonding_MAIN vlan-ids=20,21,22,24,26,27,28,29,30-36,105,542 add bridge=bridge_MAIN comment=TRUNK_BNT_Nodo tagged=sfp-sfpplus7,sfp-sfpplus10 vlan-ids=140 add bridge=bridge_MAIN comment=TRUNK_R50 tagged=sfp-sfpplus5,sfp-sfpplus6,bonding_MAIN vlan-ids=23,80,81,82 add bridge=bridge_MAIN comment=VLAN99 tagged="bridge_MAIN,sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus14,bonding_MAIN" untagged=ether1 vlan-ids=99 add bridge=bridge_MAIN comment=TRUNK_R60_Nodo tagged=sfp-sfpplus6,sfp-sfpplus2,bonding_MAIN vlan-ids=10,108 add bridge=bridge_MAIN comment=SR tagged=sfp-sfpplus5,sfp-sfpplus6,bonding_MAIN vlan-ids=109 add bridge=bridge_MAIN comment=TRUNK_JDN_Nodo tagged=sfp-sfpplus5,sfp-sfpplus6,bonding_MAIN vlan-ids=150,151,152,153 add bridge=bridge_MAIN comment=MEC-CMP tagged=sfp-sfpplus6,sfp-sfpplus7,bonding_MAIN vlan-ids=110 add bridge=bridge_MAIN comment=SB tagged=sfp-sfpplus7,bonding_MAIN vlan-ids=70,71,106,320 add bridge=bridge_MAIN comment=3RA tagged=sfp-sfpplus6,bonding_MAIN vlan-ids=130,131,210,501 add bridge=bridge_MAIN comment=SB_GPON tagged=sfp-sfpplus7,sfp-sfpplus12 vlan-ids=600 add bridge=bridge_MAIN comment=SB tagged=sfp-sfpplus6,sfp-sfpplus7 vlan-ids=60 add bridge=bridge_MAIN comment=TRUNK_CBL tagged=sfp-sfpplus7,sfp-sfpplus11,sfp-sfpplus12 vlan-ids=180 add bridge=bridge_MAIN comment=TRUNK_VQZ_Nodo tagged=sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus9,bonding_MAIN vlan-ids=170 add bridge=bridge_MAIN comment=TEMP tagged=sfp-sfpplus1,sfp-sfpplus9 vlan-ids=601 add bridge=bridge_MAIN comment=TRUNK_PUBLICAS_NOC tagged=sfp-sfpplus14,bonding_MAIN vlan-ids=2,198,199 add bridge=bridge_MAIN comment=ACCESS_TRR tagged=sfp-sfpplus6,sfp-sfpplus14 vlan-ids=502 add bridge=bridge_MAIN comment="TRUNK_NETVIDEO+IPTV - INET" tagged=bridge_MAIN,sfp-sfpplus4,bonding_MAIN vlan-ids=1004 add bridge=bridge_MAIN comment=TRUNK_NETVIDEO+IPTV+CAMARAS tagged="bridge_MAIN,sfp-sfpplus2,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus14" vlan-ids=1005,1020 add bridge=bridge_MAIN comment=SB tagged=sfp-sfpplus6,bonding_MAIN vlan-ids=72 add bridge=bridge_MAIN comment=TRUNK_RED_NOC tagged=bridge_MAIN,sfp-sfpplus4,sfp-sfpplus14 vlan-ids=1002 add bridge=bridge_MAIN comment=SB_PPPoE tagged=bonding_MAIN,sfp-sfpplus1,sfp-sfpplus7,sfp-sfpplus14 vlan-ids=1070 add bridge=bridge_MAIN comment=WESTNET_FTTH tagged=sfp-sfpplus9,sfp-sfpplus1 vlan-ids=2861 add bridge=bridge_MAIN comment=TRUNK_HOUSING tagged=bridge_MAIN,sfp-sfpplus4,bonding_MAIN vlan-ids=1008 /interface ethernet switch rule add ports=sfp-sfpplus14 rate=75.0Mbps switch=switch1 vlan-id=198 add ports=sfp-sfpplus14 rate=75.0Mbps switch=switch1 vlan-id=199 /interface list member add interface=vlan99 list=MGMT add interface=ether1 list=MGMT /interface ovpn-server server add auth=sha1,md5 mac-address=FE:26:D0:51:BE:73 name=ovpn-server1 /ip address add address=10.99.0.4/24 comment=MGMT interface=vlan99 network=10.99.0.0 /ip dns set servers=1.1.1.1,8.8.8.8 /ip firewall service-port set ftp disabled=yes set tftp disabled=yes set h323 disabled=yes set sip disabled=yes set pptp disabled=yes set udplite disabled=yes set dccp disabled=yes set sctp disabled=yes /ip ipsec profile set [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5 /ip route add disabled=no dst-address=0.0.0.0/0 gateway=10.99.0.1 /ip service set ftp disabled=yes set ssh address=192.168.200.155/32 set telnet disabled=yes set www disabled=yes set api disabled=yes set api-ssl disabled=yes /ip smb shares set [ find default=yes ] directory=/flash/pub /routing bfd configuration add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5 /snmp set contact=noc@puntonetinternet.com enabled=yes location="NOC SB" trap-community=pnet trap-generators=interfaces trap-interfaces=vlan99 trap-version=2 /system clock set time-zone-name=America/Argentina/Mendoza /system identity set name=SW0_L2_SB /system logging set 0 action=InfoLogs set 1 action=ErrorLogs set 2 action=WarningLogs set 3 action=CriticalLogs add action=InterfacesLogs topics=interface add action=InfoLogs topics=info /system ntp client set enabled=yes /system ntp client servers add address=192.168.200.1 /system routerboard settings set auto-upgrade=yes /system scheduler add name=Reinicio-1 on-event="/system reboot" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=2025-09-12 start-time=06:00:00 add name=Reinicio-2 on-event="/system reboot" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=2025-09-12 start-time=06:10:00 add interval=2w1d name="Envio de backup" on-event=backup_mail policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=2023-04-05 start-time=14:04:00 /system script add dont-require-permissions=no name=backup_mail owner=marcos policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":log info \"backup beginning now\"\r\n:global backupfile ([/system identity get name] . \"-\" . [/system clock\_get time])\r\n/system backup save name=\$backupfile\r\n:log info \"backup pausing for 10s\"\r\n:delay 10s\r\n:log info \"backup being emailed\"\r\n/tool e-mail send to=puntonetinet@gmail.com subject=([/system identity get name] . \\ \" Backup\") from=\"MKT SB_317 \" file=\$backupfile \r\n:log info \"backup finished\"" /tool e-mail set from="SW0_L2_SB " port=465 server=mail.puntonetinternet.com tls=starttls user=noc@puntonetinternet.com