MikroTik CCR1016-12G

Posted on by Nicolas

MikroTik CCR 1016-12G: A Powerful Cloud Core Router for Small Businesses

I had the chance to get one of this devices for Christmas and I’ve playing around with its configuration.

Below I’ll show you the basics to get started with it and I will add some photos from the guts so we can have a peek under the hood.

The MikroTik CCR 1016-12G is a high-performance cloud core router designed for small to medium-sized businesses (SMBs) and home networks. With its impressive specifications and robust features, this router can handle demanding network requirements while providing an affordable solution.

Key Features:

  • CPU: Dual-core X76 1.4 GHz
  • RAM: 512 MB
  • Ports:
    • 12 Gigabit Ethernet (10/100/1000) ports with PoE+
    • 2 SFP+ ports for 10GbE connectivity (on CCR1036-12G-4S models)
    • 1 GbE port for management access
  • Storage: 16 GB eMMC storage (great for DNS cache)
  • Operating System: RouterOS, a proprietary operating system offering advanced networking features

RouterOS Configuration Options

RouterOS is the operating system that powers the MikroTik CCR 1016-12G. It offers an extensive range of configuration options, including:

  • Advanced routing protocols (e.g., OSPF, BGP)
  • Firewall and NAT configurations
  • Quality of Service (QoS) policies for prioritizing traffic
  • IPv6 support
  • Support for virtual routers, Virtual LAN and bridge interfaces

Basic Configuration for a 12-Port SOHO Network

The device comes preinstalled with RouterOS and is ready to use. The ETH1 port has a default IP address for connecting: 192.168.88.1. The username is admin and there is no password (or, for some models, check user and wireless passwords on the sticker). Please connect with your web browser to this IP address and choose Webfig to configure it. In case the IP connection is not available, the Winbox tool (https://mt.lv/winbox) can be used to connect to the MAC address of the device.

Here is a basic configuration for setting up a simple SOHO network on the CCR 1016-12G:

  • Initial Setup
    • Connect to the router using a computer with an Ethernet cable.
    • Access the web-based interface at http://192.168.88.1/winbox
    • By default (after router’s reset) the configuration IP is 192.168.88.1. This can be change from within the system

===========================================SIDE NOTE========================================

What you will need is 2 ports to basically do what you want them to do.

In any Un-Managed switch, we can connect the internet from out home router to the first port and a computer in the second port and voila! it just works. This is due to DHCP (Dynamic Host Configuration Protocol). You see, in this un-managed switches there’s a DHCP Client (port 1 in this case) and a DHCP Server (port 2 in this scenario)

To be able to get the same behaviour from our Mikrotik Router, we need to configure it’s ports to be able to receive and serve DHCP.  Now, there are Network professionals who will advise against this, me being one of them, but this is because we don’t know what or how the client wnats to use this network for.

The simplest way to get this working is by connecting a ethernet cable to the laptop and to port1 in the MikroTik CCR1016 then accessing to 192.168.88.1 and login in with the admin user and no password, then updating the password for a new one.

Once logged in, go to IP > DHCP Client > Add New > and choose ether1 as your DHCP Client

Then go to IP > DHCP Server > Add New and choose ether2 as your DHCP Server 

Before finishing, go to IP > Firewall > NAT > Add New > choose your ether1 and configure it as Chain: srcnat and Action: masquerade

Done, now your port 1 (ether1) will receive incoming connections and your port 2 (ether2) will serve machines the addresses on it pool of addresses (this pool can be configured in ether2 individual configuration section:

IP > Addresses > click on ether2. In there you can configure interface ether2 to use the address 10.10.10.1/24 on network 10.10.10.0

This will give ether2 a range between 10.10.10.1 to 10.10.10.254 IP addresses to use on its DHCP leassing

===========================================END OF SIDE NOTE=======================================

  • Basic Configuration

a. Set the LAN IP address range: 192.168.1.0/24
b. Set the WAN IP address: auto-detect (the router will configure itself)
c. Configure the firewall rules:
* Allow incoming and outgoing traffic on all ports
* Block incoming traffic from 192.168.2.0/24 (assuming this is a separate network) rule of thumb is anything outside your LAN network can be blocked, to be sure of the spread of your network, you can open your current router/modem configuration page (usually at 192.168.1.1 depending on the brand) and login in with your credentials, there you can check your connected devices and the IP’s that have been assigned to them. If none of them are over 192.168.2.x then, you can assume that your current modem/router is giving out addresses between 192.168.1.0 to 192.168.1.254

 
Connecting via the terminal to the MikroTik router will let you configure different aspects of it, you can do the same via the GUI http://192.168.88.1/winbox
 
/ip firewall nattole
add chain=forward action=accept /src-address=192.168.1.0/24 /dst-address=192.168.1.0/24
add chain=forward action=accept /src-address=auto /dst-address=auto
add chain=forward action=block /src-address=192.168.2.0/24 /dst-address=auto
 
  • Port Configuration

a. Configure the 12 Ethernet ports as follows:

/ip address
add address=192.168.1.1/24 interface=ether1
add address=192.168.1.2/24 interface=ether2
...
add address=192.168.1.12/24 interface=ether12
 

b. Configure the PoE+ ports:

/poe
enable ether1,2,3,4,5,6,7,8,9,10,11,12
PoE+ will be automatically assigned to the devices requiring this feature from the Router.
 
 

c. Configure the SFP+ ports for 10GbE connectivity: (on the CCR1036-12G-4S  or similar models with the -S ports)

/sfp
set interface=ether13,14,15,16,17,18,19,20,21,22,23,24, #and so on
#this can vary by model, in the  CCR1036-12G-4S model this will be
/sfp
set interface=ether1,2,3,4,
 
  • Quality of Service (QoS) Configuration

a. Create a new QoS policy:

/qos
add priority=1 interface=ether1
add priority=2 interface=ether2
...
add priority=12 interface=ether12
 

b. Apply the QoS policies to specific services:

/qos service
set ether1 1000 priority=1
set ether2 2000 priority=2
...
set ether12 12000 priority=12
 

This configuration provides a basic setup for a simple SOHO network with 12 Ethernet ports, PoE+, and SFP+ connectivity.

This is just the first steps and basic configuration of your RouterOS operating system that offers advanced networking features that can be customized to meet the specific needs of your network.

For more information related with this particular device you can visit: https://mikrotik.com/product/CCR1016-12G

Leave a Reply

Your email address will not be published. Required fields are marked *