Sector Configuration

All sectors participate in OSPF routing so in addition to a subnet assignment for DHCP clients (typically a /28), we will also assign an address to the loopback interface that will serve as the router-id for this device in OSPF and as the primary address in DNS for the device. For PSDR, we allocate loobback addresses from the subnet 44.25.12.0/22.

Sample Configuration from S2.SnoDEM sector router

# 2025-08-21 09:00:20 by RouterOS 7.14.3
#
# model = RB912UAG-5HPnD
/interface wireless
set [ find default-name=wlan1 ] band=5ghz-onlyn channel-width=10mhz country=no_country_set disabled=no frequency=5900 frequency-mode=superchannel mode=ap-bridge nv2-cell-radius=100 radio-name=S2.MSV/K7WAN rx-chains=0,1 scan-list=5900 ssid=HamWAN \
    station-roaming=enabled tdma-period-size=4 tx-chains=0,1 wireless-protocol=nv2
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=44.25.137.50-44.25.137.62
/ip dhcp-server
add address-pool=dhcp authoritative=after-2sec-delay interface=wlan1 lease-time=1h name=dhcp1
/ip smb users
set [ find default=yes ] disabled=yes
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no in-filter-chain=Ham-default name=default-v2 originate-default=never out-filter-chain=Ham-default router-id=44.25.12.107
/routing ospf area
add disabled=no instance=default-v2 name=backbone-v2
/snmp community
set [ find default=yes ] addresses=44.25.0.0/16 name=hamwan
/system logging action
set 3 remote=44.25.0.8
/ip firewall connection tracking
set udp-timeout=10s
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface ovpn-server server
set auth=sha1,md5
/ip address
add address=44.25.137.49/28 interface=wlan1 network=44.25.137.48
add address=44.25.128.229/28 interface=ether1 network=44.25.128.224
add address=44.25.12.107 interface=loopback0 network=44.25.12.107
/ip dhcp-client
add add-default-route=no disabled=yes interface=ether1
/ip dhcp-server network
add address=44.25.137.48/28 dns-server=44.25.0.1,44.25.1.1 domain=HamWAN.net gateway=44.25.137.49 netmask=28 ntp-server=44.25.0.4,44.25.1.4
/ip dns
set servers=44.25.0.1,44.25.1.1
/ip firewall mangle
add action=change-mss chain=output new-mss=1378 protocol=tcp tcp-flags=syn tcp-mss=!0-1378
add action=change-mss chain=forward new-mss=1378 protocol=tcp tcp-flags=syn tcp-mss=!0-1378
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh port=222
set api disabled=yes
set api-ssl disabled=yes
/ip smb shares
set [ find default=yes ] directory=/pub
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/routing bfd configuration
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
/routing filter rule
add chain=Ham-default rule="if (dst in 44.0.0.0/9 && dst-len >= 9) { accept }"
add chain=Ham-default rule="if (dst in 44.128.0.0/10 && dst-len >= 10) { accept }"
add chain=Ham-default disabled=no rule="if (dst == 0.0.0.0/0) { accept; }"
/routing ospf interface-template
add area=backbone-v2 auth=md5 auth-id=1 auth-key=AABBCCDD disabled=no interfaces=ether1 priority=1 use-bfd=no
add area=backbone-v2 disabled=no interfaces=loopback0 passive
add area=backbone-v2 disabled=no interfaces=wlan1 passive
/snmp
set contact="#HamWAN-Support on irc.libera.chat" enabled=yes src-address=44.25.12.107
/system clock
set time-zone-name=America/Los_Angeles
/system identity
set name=S2.MSV
/system logging
add action=remote topics=info
add action=remote topics=warning
add action=remote topics=error
/system note
set show-at-login=no
/system ntp client
set enabled=yes
/system ntp client servers
add address=44.25.0.4
add address=44.25.1.4
/system routerboard settings
set auto-upgrade=yes