Thursday, November 19, 2020

Disable Neighbor Discovery Mikrotik

There is a feature available in the Mikrotik router to discover its neighbor router automatically. All the connected interface of the router is participating in this discovery process. The router sends its own information to other routers that are connected with its interfaces. In the same way, it receives information from other routers that are connected with its interfaces. Sometimes it's useful when we don't know the IP address of our neighbor router. Or maybe we want to take the layer-2 access into the router. 

To take the advantage of this feature we have to use the Mikrotik Winbox tool. In the Winbox, there is an option available called "Neighbor". Here we can see the list of our neighbor router.

This feature also has one drawback. It's about router security. During the neighbor router discovery process, our router interface sends some sensitive information to other routers. Such as router MAC address, router OS-Version, router IP address, router identity, and router up-time information. These pieces of information are enough for an attacker to attack a system. That's why it is the best practice to disable the router interface from being participating in the neighbor discovery process.

In this tutorial, we are going to discuss how to disable the router interface from being participating in the neighbor discovery process.

Login to your Mikrotik router and click on "IP" and then "Neighbor".


You will be appeared by the below interface. Just click on "Discovery Settings".


Now "Discovery Settings" will appear. Just click on the "drop-down" menu and select the "none" from the list.


That's it. From now on the Mikrotik router neither sends nor receive any data from its neighbor router. 




1 comment:

  1. if you set it to NONE, will you still be able to remote it via HOSTDDNS?

    ReplyDelete