yes thats my customer.If 103.75.41.217 is your customer, you're not looking at smtp traffic to them, it's traffic from them to many remote mail servers. So either they went into spamming business or got hacked or something.
Thats what we did finally.The solution to the problem is switching to a routed network.
You will also have more control of the traffic flowing through the network
we experienced same problem recently, one of our pop switch unreachable from trunk side .
we isolate switch port by port and find out the problem is looping in one of access port of particular vlan.
Hahahaha..What answer do you expect on Mikrotik forum ? Do you ask Toyota dealer which model of Ford or Volvo does he suggest ?
Oh wow, may be the sales person did not know.The NE20E-S series can hold 12M IPv4 routes in RIB and 4M IPv4 routes in FIB.
But my DNS is only open for my own internal network, means my 5 blocks of /22 , not for outside world.Yes, very bad!
You are probably being used as a DDoS reflector because of inappropriate firewalling of your internal DNS resolver.
oh badluckNo.
Did you get it working ?thanks alot very good topic
yes perfect, as its listing the ether traffic fine, as Im monitoring each ether traffic from same cacti too.Is snmp configuration correct both on device and NMS sides?
So there is no way to get usage traffic graphs of PPPoE customers ?You cannot. PPPOE client would start using static interface on next reconnect.
Sorry, that is confusing.From winbox PPP > Interfaces > Double Click in a dynamic interface > Copy > Apply > OK
Before applying make sure you REMOVE the previos PPP Interface you are copying.
how to do that without diturbing the clients ?Only by creating static server bindings for those pppoe users you would get them to stick with one and the same oids on each connection time.
Oops.Chances are you have the rules in the wrong order, below one that permits the traffic you are trying to log and filter out.
110,995,143,993,25,465,585
I had checked it since weeks.Have you looked at the mikrotik/routerboard website at all? All of the specifications are on there. The amount of memory does not equate to speed/throughput
Wow, you are making me happy!Clearly you need an understanding of how before you do, but yes.You mean, we can do OSPF + MPLS on a 850Gx2 also ?
You mean, we can do OSPF + MPLS on a 850Gx2 also ?I would suggest you check your facts
1) you can run RouterOS 6.x on an RB850Gx2
2) see http://routerboard.com/RB850Gx2 for performance specs
whats the error ?Hi, i have the same isue i cant open some bank web pages yahoo mail etc. Did anyone find a solution to this problem. I am using MIKROTIK CCR1036
RB850Gx2 is not OS6 capable and also cannot handle more than 200Mbps.Look at RB850Gx2, RB1100AHx2 or CCR1009-8G-1S-PC
Amazing.Rules 1,2 collect data in forward and output chains
Rules 3,4 filter mails in forward and output chains
You can use all of them at the same time.
You wrote it OR.Read this once again: http://forum.mikrotik.com/viewtopic.php ... 84#p544328
So Block Port 25 on Border or Core or PPPoE router alone ?You are checking if port 25 at your site is open. Simply: some server in the Internet tries to open port 25 at your site.
You are not checking if you are transmitting to port 25 somwhere in the internet.
Oops, I still fear.Yes try that, however not to disturb service first monitor how the script behaves and if it yields results then implement it.
Don't just jump right in
Whats your story ?same problem, so sad
The hardware is 1036 16GB RAM and hardly 2600 PPPoE sessions.Yes, it should. Set it as "auto" and get bigger hardware if load is an issue.Ouch.
But everything is working fine.
So, do you mean, Connection tracking should be on for PPPoE router ?
Yes, one NAS router and then switch and then customers.How are you distributing to your customers. Do you have one central router. then a managed switch or wireless ap's. if you have a managed switch look for a port with with errors.
Please message me your email or SKYPE or whatsapp ID.I can try to help You. As I said, my knowledge of Mikrotik and Routerboard is zero. There's the network part.
Did You find the problematic router/AP?
Mac, that is his own Wireless router IP, I guess.What is 192.168.0.100? Problem is between that and next router. It was specially designed that way, so you can start finding problems. Also use traceroute.
Did you solve this ?This was a problem with Active directory settings. (of which I know nothing, our windows nerd fixed it)
Remove the DHCP Client from ether1- my PPPoE Interface. Then BOOM in the room.
Okay thanks, will surely plan for it.Exactly.
Just to think about it.
With nagios network monitor.
Thanks!
You mean, have each Pop site with a router ?You can start thinking about moving from bridged to routed network architecture.
I agree with scampbell - you should use routing and not bridging for your backhaul.
A large broadcast domain can lead to all kinds of problems.
He said, ECMP doesnt happen in CCR1009 , which he is using now.Search for pcc load balancing. Start here. http://wiki.mikrotik.com/wiki/Load_Balancing
Okay!It will easily fulfil your needs as described.
So possible to do with CCR ?I would try using a L7 firewall rule but these are high CPU cost. Lucky you have a ccr
need the terminal paste command, so I can paste and reboot.I already told you. Read again...
MTU problem ?And did it help? Isn't such issue maybe a MTU problem?
See torch of wan port. See firewall connection list. See the firewall filter rules if you are blocking the incoming traffic to port 53 both tcp and udp from the wan.
How to know ?Aren't the dns requests coming from the outside of the network?
Friend, tell me which Microtik can handle ?
off course we are not talking about similar price switches, 2960-x cost 50% more than a sg300
yes, already enrolled the Microtik training in our country.User traffics goes through forward - this is input, it affects only traffic to router itself.
I really suggest to get some training or hire some consultant.