Community discussions

MikroTik App
 
lavv17
Member Candidate
Member Candidate
Posts: 120
Joined: Sat Sep 01, 2007 9:01 am

Re: Feature requests

Fri May 11, 2012 11:48 am

well, now (v6, AFAIR) ROS can send mutlicast paskets as unicast frames, so udpxy is not actual just for wifi
If I understand correctly, multicast-helper works only for point-to-point radio links. Udpxy can help if there is a standard home WiFi network with multiple client devices.
 
mcrose
Frequent Visitor
Frequent Visitor
Posts: 60
Joined: Wed May 06, 2009 8:00 pm

Re: Feature requests

Sat May 12, 2012 12:54 am

Granular control over OSPF metrics of redistributed routes. c/f http://forum.mikrotik.com/viewtopic.php?f=14&t=57641
 
neko
just joined
Posts: 13
Joined: Thu Apr 19, 2012 7:22 pm

Re: Feature requests

Sun May 13, 2012 3:26 am

Registering for the wiki and voting seems like something disabled right now (there's only Log In, no create account, or signup link at the login page) so I'm just going to post the features I would really really like here;

[*] Automatic mapping of DHCP client hostnames into the DNS server, such that if my system jumps in and says it's "dave", I can resolve "dave" and "dave.mydomain.com" immediately saving having to create static entries for every box on the network. In a hardware/software development environment where we do a lot of system testing and integration (usually remote console over SSH or file transfers) it's a pain to look for IP addresses when we know the hostname the system will give out, and a royal pain to add a static entry to every system we want to run and test, both in DNS and DHCP to lock it down for testing. Removal of the entry on DHCP release also means we would immediately know (no resolution) if the system got turned off (actually very useful for VMs, too, since we do a lot of development inside VMWare on our desktop systems, to produce software for the target hardware). This actually happens automatically on much crappier "router" software such as present on most home modems, or DD-WRT or Tomato, which makes it all the more painful not to have (since nearly everyone in the office gets the feature at home for free)

[*] Wizards for setting up various VPN types, especially things like servers for IPSec "Road Warrior" configurations which are nefarious and difficult to get right when the settings are spread across many, many sections of the configuration tree (/ip ipsec, /interface *-server, /ppp)

[*] Already in the Wiki but I'll vote for it here; certificate generation on the router :)

[*] Web Proxy: ability to rewrite web addresses to match other web addresses (therefore, for instance, if I go to ftp.*.debian.org over HTTP, it rewrites it to use our proxy or points it at some fast local mirror, or even redirects the ftp.uk.debian.org mirror to the ftp.us.debian.org mirror, without playing with DNS (essentially because if we all end up going to a different mirrored site, we get the same files cached multiple times)

[*] Web Proxy: pass through caching to some other system for certain domains, or paths, such that the router will use the "parent proxy" for that task and just act as a gobetween. You might have guessed we fetch a lot of Linux distribution packages in the office, but we can't set every client to use a local mirror (since they're shipped to customers and need the public repo addresses.. no preset proxies or "office internal" data can be applied to these systems)

[*] Web Proxy: don't commit to SD card so much! On our RB1100AH we can see the effects of the Linux caches being flushed to SD card doing transfers which should be at ~gigabit speeds from memory to the client, basically run up to a few megabytes and then the speed drops to SD card speed (and then goes up and then goes down again). This is especially evident on sites like SpeedTest.net which transfer files over HTTP via Flash to do bandwidth testing - 400mbit/s to 3mbit/s to 40mbit/s to 1gbit/s to 10mbit/s and then a steady rate which is far, far below the actual connection speed for the final stretch. Our connection is much faster than our SD card which we would have hoped would just be used for backing store of files fetched every couple days and therefore not soaking up RAM, but it seems to pull from it rather a large amount. It also, weirdly, alters the ping values (I guess Flash can't send an ICMP packet so it's guessing over an HTTP connection) from ~10ms to 200ms and also SEEMS to do the same for a real ICMP ping via PingTest.net (which is Java and are real ICMP..) when enabled as a transparent proxy via srcnat. Since we can't know the server SpeedTest.net will use at any one time, we can't override it (nor can we "bypass" the proxy in any way anyway, only "accept" or "deny" proxying)

[*] Probably my favorite: DHCP option support that doesn't get set in EVERY DHCP packet going out. We should be able to add options for every static lease entry that do not affect others, for example if I am provisioning many types of IP Phones or other similar systems, some support option 66 and require a full firmware path, others just the location of the directory and will seek their correct firmware path. The only alternative right now is to create a special new DHCP server and lease pool for each set, right? This annoys me because I'm looking at 30 pools to configure, 27 of them containing only a single lease. Every other DHCP server I've used lets me customize options per lease or per MAC address and not per-pool.

[*] Ability to backup and restore config to/from a TFTP server as many IP phones (and Cisco routers..) do.
 
User avatar
docmarius
Forum Guru
Forum Guru
Posts: 1222
Joined: Sat Nov 06, 2010 12:04 pm
Location: Timisoara, Romania
Contact:

Re: Feature requests

Sun May 13, 2012 1:46 pm

I would really love to have a AYIYA tunnel client in RouterOS (something like AICCU).

Jeroen Massar from SixXS, the maintainer of AICCU, is really a nice person and would probably be willing to provide full support for implementing such thing.
 
MimiFleX
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Tue Jun 13, 2006 2:36 pm
Location: France

Re: Feature requests

Tue May 15, 2012 1:13 pm

Enable the TEE iptable target to allow ROS to become a network probe, and to mirror any kind of IP traffic to an analyser.

From iptables man page :
   TEE
       The  TEE  target  will  clone  a packet and redirect this clone to another machine on the local network segment. In
       other words, the nexthop must be the target, or you will have to configure the nexthop to forward it further if  so
       desired.

       --gateway ipaddr
              Send  the cloned packet to the host reachable at the given IP address.  Use of 0.0.0.0 (for IPv4 packets) or
              :: (IPv6) is invalid.

       To forward all incoming traffic on eth0 to an Network Layer logging box:

       -t mangle -A PREROUTING -i eth0 -j TEE --gateway 2001:db8::1
Edit: and please don't reply me (as the support did) this feature is already implemented using switch mirror feature. Tee let one to use very complex filters as for every mangle rule based on conntrack, address lists, and so on... And moreover switch mirror is only available on few hardware.
 
JanezFord
Member Candidate
Member Candidate
Posts: 269
Joined: Wed May 23, 2012 10:58 am

Re: Feature requests

Wed May 23, 2012 12:05 pm

feature request: implement certificate revocation lists (CRL) in OpenVPN server.

explanation: when client certificate used for OVPN connection is compromised/revoked by CA, mikrotik OVPN server has no option to block it (except to change username/password in /ppp secrets).
+1 :)
+1

+ UDP, LZO, push route, optional (not mandatory) user/pass
 
User avatar
docmarius
Forum Guru
Forum Guru
Posts: 1222
Joined: Sat Nov 06, 2010 12:04 pm
Location: Timisoara, Romania
Contact:

Re: Feature requests

Sun Jun 10, 2012 3:15 pm

Playing around with some scripts for dyndns i have an idea...

Since all tool fetches create temporary files which are used once, wouldn't it make sense to have a temp folder or something in files which links to a RAM file system, so the flash memory doesn't get tortured with multiple writes?

Something like a temp or tmp folder in the file structure (which looses its content on restart but this is no issue with temporary files).
AFAIK the Linux kernel has all provisions for that.
 
User avatar
mahnet
Long time Member
Long time Member
Posts: 654
Joined: Tue Jul 07, 2009 9:11 pm

Re: Feature requests

Sun Jun 10, 2012 5:20 pm

think many would have thought of a CMOS battery in routerboards.
 
tamilmaran
Frequent Visitor
Frequent Visitor
Posts: 74
Joined: Mon Sep 05, 2011 9:36 pm

Re: Feature requests

Sun Jul 22, 2012 12:33 pm

provide sms gateway support for send sms ,in sms tool option
 
WirelessRudy
Forum Guru
Forum Guru
Posts: 3119
Joined: Tue Aug 08, 2006 5:54 pm
Location: Spain

Re: Feature requests

Sun Jul 22, 2012 1:11 pm

SXT with two or three Ethernet ports.
If possible PoE input delivered by two (or the 3) ports.

With present high wireless connection rates one antenna could easily serve two or three families/houses with internet.
One (or two) extra Eth. ports would keep the unit cheap while serving two (or three) neighbors. This would make MT a preferred solution for duo or triple house connection.

If than all ports can be PoE input where one is master and the others are slave this would give redundant system where it is not depending on power of one house only....

Such unit would finally give some advance on competition... something we need desperately.
 
rodolfo
Long time Member
Long time Member
Posts: 553
Joined: Sat Jul 05, 2008 11:50 am

Re: Feature requests

Sun Jul 22, 2012 3:26 pm

in winbox show inline comments by default
and in interfaces>eoip show tunnel-id by default
 
WirelessRudy
Forum Guru
Forum Guru
Posts: 3119
Joined: Tue Aug 08, 2006 5:54 pm
Location: Spain

Re: Feature requests

Sun Jul 22, 2012 4:14 pm

In winbox; add a notepad for general notiticions related to that routerboard. The usual "comment" fields are for specific use, general comment (like "This rb is housed in staircase") would be very handy.
 
User avatar
honzam
Forum Guru
Forum Guru
Posts: 2394
Joined: Wed Feb 27, 2008 10:27 pm
Location: Czech Republic

Re: Feature requests

Mon Jul 23, 2012 5:57 pm

in winbox show inline comments by default
+1 and show CPU usage and Uptime by default
 
taduikis
Member
Member
Posts: 436
Joined: Sat Jul 07, 2007 12:09 pm

Re: Feature requests

Mon Jul 23, 2012 11:56 pm

Having a per device notepad would be awesome. I have alot of devices configured in a manner that would be difficult to understand without separate explanation. The general device notebook would help alot. It would also be helpful to write down initial signal strenghts to cpe's, etc..

BTW, I've heard new winbox is under developement. I really hope they listen to all our suggestions while developing it.
 
WirelessRudy
Forum Guru
Forum Guru
Posts: 3119
Joined: Tue Aug 08, 2006 5:54 pm
Location: Spain

Re: Feature requests

Tue Jul 24, 2012 12:57 am

Having a per device notepad would be awesome. I have alot of devices configured in a manner that would be difficult to understand without separate explanation. The general device notebook would help alot. It would also be helpful to write down initial signal strenghts to cpe's, etc..

BTW, I've heard new winbox is under developement. I really hope they listen to all our suggestions while developing it.
This option is mentioned in the past before. I am afraid it got snowed under a bit since the development of the web based UI.
But I, and with me lots of others, still prefer winbox but I got the feeling the developments in winbox were a bit on a side track.

So you say they are working on a new winbox? That would be nice if they than also will read all the old gestures made by many on the improvements winbox could use to make it a very handy, yet simple, tool to use.

The 'device general notepad' would be a great pre since like you said a lot of device depending notes could be made which helps a lot if a unit after months of seamless undisturbed working suddenly give problems and you completely forgot that this special unit had some specialties in its install or config. Would not be the first time I erased a strange looking setting only to find out later this specific unit had a means for it!!
 
taduikis
Member
Member
Posts: 436
Joined: Sat Jul 07, 2007 12:09 pm

Re: Feature requests

Tue Jul 24, 2012 1:42 am

Well, normis recently gave out that they are working on a new winbox, so I assume they are making non-plugin based program which I hope will have quite alot of improvements and it's a perfect opportunity to listen to community suggestions and feature requests, me think.

And honestly, I have used webfig less times that I have fingers on single hand. It's a good thing, no doubt, but I don't imagine RouterOS without winbox control. The Dude integration, mac level comm, simple and easy to use..winbox is a vital part of ROS.
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2096
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow
Contact:

Re: Feature requests

Tue Jul 24, 2012 5:01 am

What's new in 6.0beta5
*) ipsec - add support for Virtual Tunnel Interfaces;
It's a wish, and has been for many, many years. Maybe if I keep suggesting it, Mikrotik might eventually add it !

It's one of the most wanted features on the Wiki feature requests page.
 
User avatar
erebusodora
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Mon Jan 23, 2012 3:46 pm
Location: Bulgaria

Re: Feature requests

Tue Jul 24, 2012 9:00 am

If possible, include the option to LAN or LAN chat server for better communication with customers. Or it can be circulated notes of the type IM. To add the ability to upload files on a MAC-TELNET
 
ttaiw
just joined
Posts: 18
Joined: Mon Jun 29, 2009 5:48 pm

Re: Feature requests

Tue Jul 24, 2012 8:35 pm

if possible, I need feature Cisco ezvpn client support.
 
User avatar
honzam
Forum Guru
Forum Guru
Posts: 2394
Joined: Wed Feb 27, 2008 10:27 pm
Location: Czech Republic

Re: Feature requests

Thu Jul 26, 2012 12:04 pm

It would be good see in log Radio Name and last signal strenght
You do not have the required permissions to view the files attached to this post.
 
CyberT
Member Candidate
Member Candidate
Posts: 172
Joined: Tue Feb 01, 2011 1:39 pm
Location: Johannesburg, South Africa
Contact:

Re: Feature requests

Mon Jul 30, 2012 12:03 pm

Hi Guys

I would like to suggest an "notes" menu item in router os that displays when u log into winbox/telnet reason would be very close to "comments" on links and so forth, we have a multitude of admins in our network, and it would be nice to have an function like

1) "last 5 changes to device/setting"
2) Notes, aka "link x disabled, link is dropping, needs to be checked, or contact numbers for High Site under notes or whatever really, you can do all this in comments, but its hard.

I know there is "welcome message" but its hard to edit and so forth.

like a place to store "facts" like "$date - Link x tx/rx strength at ccq on freq.

will give anyone the ability to quickly and easily say that an link has deteriorated without even knowing anything about the HS/link
 
zloty
just joined
Posts: 1
Joined: Mon Jul 30, 2012 12:16 pm

Re: Feature requests

Mon Jul 30, 2012 12:19 pm

notes a brilliant idea
You do not have the required permissions to view the files attached to this post.
 
linek1980
newbie
Posts: 34
Joined: Thu Feb 03, 2011 1:39 pm

Re: Feature requests

Mon Jul 30, 2012 5:50 pm

great idea. In conjunction with webfig have great potential
You do not have the required permissions to view the files attached to this post.
 
proggams2
Member Candidate
Member Candidate
Posts: 140
Joined: Wed Mar 14, 2007 10:15 pm

Re: Feature requests

Mon Jul 30, 2012 11:15 pm

a good feature is the ability to scan by a remote site cpe
(for example we can set scan into this channel or this range and when the scan is done, it should save the list of scanned ap's)
because if we click on scan on any station it will drop the link.
 
taduikis
Member
Member
Posts: 436
Joined: Sat Jul 07, 2007 12:09 pm

Re: Feature requests

Tue Jul 31, 2012 1:09 am

You can scan for about 5-6seconds via terminal. Or you can use a script to scan for as long as you want and put the results into a text file.

As for notepad, count me in too.
 
WirelessRudy
Forum Guru
Forum Guru
Posts: 3119
Joined: Tue Aug 08, 2006 5:54 pm
Location: Spain

Re: Feature requests

Tue Jul 31, 2012 1:39 am

You can scan for about 5-6seconds via terminal. Or you can use a script to scan for as long as you want and put the results into a text file.

As for notepad, count me in too.
We don't want to write scripts. We want usability without the need to write scripts in an ever changing script language. Everytime when I upgrade my ROS I am worried the few scripts I made did survive...

The Scan option with output is been asked for many times and promised some times, but still not there. Many other vendor devices have this just as an available tool that even works remotely over the wireless link. Just click on 'scan' or similar and after 20 secs or so the output is printed in a window.
I understand that this might break a winbox session but let the boys of MT than make an underlying script that in case of a scan command the disconnect timer is set to 25 secs... so the winbox session just stays alive.

I hate it when the user has to develop scripts to make something to work. That should come from the manufacturer. We are not all script kiddies, probably most of us are not. Most of us just want a good product that can stand the comparison or do better than the competition....
 
taduikis
Member
Member
Posts: 436
Joined: Sat Jul 07, 2007 12:09 pm

Re: Feature requests

Tue Jul 31, 2012 8:28 am

This reminded me of yet another feature worth mentioning. I'd like to have an ability to export scan results to a file (from winbox mostly). I'm collecting site surveys during client installs recently. This sometimes gives useful information about channel usage in that area. Screenshooting is very inconvenient.
Mikrotik, please go and write 'export wireless scan results to a file' on your added feature list for next release.. It's a must have and I'm sure very easy to implement.
 
WirelessRudy
Forum Guru
Forum Guru
Posts: 3119
Joined: Tue Aug 08, 2006 5:54 pm
Location: Spain

Re: Feature requests

Tue Jul 31, 2012 10:27 am

This reminded me of yet another feature worth mentioning. I'd like to have an ability to export scan results to a file (from winbox mostly). I'm collecting site surveys during client installs recently. This sometimes gives useful information about channel usage in that area. Screenshooting is very inconvenient.
Mikrotik, please go and write 'export wireless scan results to a file' on your added feature list for next release.. It's a must have and I'm sure very easy to implement.
I think this remote 'scan' and print to screen/file function is one of the highest valued reature requests. I know MT said once they are working on it but probably that is going to be ROSv.6.
What means yet again to get something like that you have to upgrade which than gives new. other problems again.....
 
Ivoshiee
Member
Member
Posts: 483
Joined: Sat May 06, 2006 4:11 pm

Re: Feature requests

Wed Aug 01, 2012 9:27 am

As much I've seen the ROS documentation the scripting is static by nature. That will make it relatively easy to implement (run time) script compiling. That way scripts will run more like native applications and will not consume insane amount of CPU time for doing almost nothing. Also, those compiled scripts can be cached (in memory) for even greater system speed.
 
dada
Member Candidate
Member Candidate
Posts: 245
Joined: Tue Feb 21, 2006 1:44 pm

Re: Feature requests

Wed Aug 01, 2012 4:11 pm

1) allow changes of WIFI settings without restarting the card - i.e. without losing the connection whenever possible (changing max TX power level, etc). Maybe even detect that the new settings) of ssid, channel etc) is the same as old one so the connection restart is not needed too.
2) ATPC - i.e. automatic TX signal power adjusting for AP and client stations.
 
viperbmw69
just joined
Posts: 2
Joined: Wed Aug 01, 2012 9:32 pm

Re: Feature requests

Thu Aug 02, 2012 12:34 am

Please add the ability to peer with bgp neighbors within a VRF (Not MPBGP) basically in the ipv4 address-family vrf XXX.
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2096
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow
Contact:

Re: Feature requests

Thu Aug 02, 2012 2:59 pm

Please add the ability to peer with bgp neighbors within a VRF (Not MPBGP) basically in the ipv4 address-family vrf XXX.
This functionality already exists, it is CLI only though. You need to configure the "Routing Instance" against a "routing table", which is Mikrotik's pseudo-VRF system. Any peering sessions associated with this BGP instance will now occur within the "vrf"
 
User avatar
hassibi
Trainer
Trainer
Posts: 130
Joined: Wed Jun 13, 2012 5:58 am
Location: Iran,Kerman

Re: Feature requests

Mon Aug 06, 2012 9:43 pm

Hi
Please add fault tolerance feature with keeping connections.
and a solution for aggregate internet links from different ISPs.
 
bawolek
Frequent Visitor
Frequent Visitor
Posts: 61
Joined: Thu Mar 29, 2007 3:33 pm
Location: Poland/Wroclaw

Re: Feature requests

Tue Aug 21, 2012 11:33 am

It will be usefull if in Web Proxy access can I use parameter
"src-address list" and "dst-address list" to new rules :)
 
User avatar
NoXy
just joined
Posts: 15
Joined: Thu Sep 15, 2005 11:07 am
Location: Hungary

Feature requests

Fri Sep 07, 2012 7:15 pm

My suggestions for ROS6:
- dhcp options per lease (also by radius)

RB wishes:
- 751UPG-2HnD - with POE output
- hardware button to trigger audible antenna align mode (speaker) - It would be nice to have a user button on every RB product, which role could be set in ROS
- 2011LS-INP - with POE output
- Metal for 2.4Ghz (HP)
 
User avatar
ohara
Member
Member
Posts: 387
Joined: Mon Jun 13, 2011 11:30 pm
Location: Warsaw

Re: Feature requests

Fri Sep 07, 2012 7:30 pm

- Metal for 2.4Ghz (HP)
It is on it's way, please see: http://www.mikrotik.com/download/share/du12.pdf

+1 for power output!
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Sun Sep 09, 2012 3:23 am

- dhcp options per lease
just create a dedicated entry under Networks for the address of your lease
(also by radius)
huh... "[Ticket#2008092966000257] Receive Options for DHCP Server from RADIUS" - the last answer was almost three years ago:
Currently we are very busy in other projects, but this feature is on our todo list.
 
unrandomsam
just joined
Posts: 1
Joined: Thu Sep 13, 2012 1:27 pm

Re: Feature requests

Thu Sep 13, 2012 2:34 pm

Proper udev or hotplug support (So you can create things to happen on certain events - e.g a link going down or coming up etc).
(Running scripts every x mins is an awful idea.)
udp support for openvpn.
proper ipsec support. (Terribly out of date compared to *BSD or Openswan / Strongswan).
WINS support for the smb server. (Don't get why it wouldn't be done when the smb support was added). Even just a simple enable / disable would be fine.
Openvswitch support. (Xen and the combination of mikrotik bridging or trying to use the hardware switch is disaster - Xen itself has poor support for routed vm's).
Support for mobile ipv6.
Enable a tunnel broker or 6to4 when the wan ip is dynamic.
 
Rockyboa
Member Candidate
Member Candidate
Posts: 106
Joined: Tue Jul 14, 2009 10:52 pm

Re: Feature requests

Fri Sep 14, 2012 9:22 pm

+1 for better IPSec support.

Would like to get mode-config push pull for road warrior

http://forum.mikrotik.com/viewtopic.php?f=2&t=45516
 
zalexp
just joined
Posts: 10
Joined: Thu Jul 19, 2012 12:47 pm
Location: Russia, Stavropol

Re: Feature requests

Fri Nov 16, 2012 9:49 am

It would be handy to set pcc values in percent (or probability) too. something like per-connection-classifier=both-address:30%.
The same for child queues in tree: limit-at=30% max-limit=100%
 
User avatar
otgooneo
Trainer
Trainer
Posts: 581
Joined: Tue Dec 01, 2009 3:24 am
Location: Mongolia
Contact:

Re: Feature requests

Fri Nov 16, 2012 10:29 am

in winbox show inline comments by default
and in interfaces>eoip show tunnel-id by default
+1 like. Also /interface vlan show vlan-id by default at winbox.
 
1001001
Frequent Visitor
Frequent Visitor
Posts: 70
Joined: Mon Sep 24, 2012 12:46 pm

Re: Feature requests

Fri Nov 16, 2012 12:27 pm

Request:

implement tar in order to e.g. copy a archive (via ssh) to a client connected to an ovpn server untar it on the client. Needed in case of full portalpage overhaul.

The implemente fetch function is just not flexible enough for tasks like the above mentioned.
Imagine a portal pages consisting of html pages and subfolders with html pages, no way anybody would want to replace every file in that structure one by one.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Fri Nov 16, 2012 1:07 pm

Request:

implement tar in order to e.g. copy a archive (via ssh) to a client connected to an ovpn server untar it on the client. Needed in case of full portalpage overhaul.

The implemente fetch function is just not flexible enough for tasks like the above mentioned.
Imagine a portal pages consisting of html pages and subfolders with html pages, no way anybody would want to replace every file in that structure one by one.
you'd better use scp, I think - it's more secure than fetching
 
1001001
Frequent Visitor
Frequent Visitor
Posts: 70
Joined: Mon Sep 24, 2012 12:46 pm

Re: Feature requests

Fri Nov 16, 2012 1:13 pm

Request:

implement tar in order to e.g. copy a archive (via ssh) to a client connected to an ovpn server untar it on the client. Needed in case of full portalpage overhaul.

The implemente fetch function is just not flexible enough for tasks like the above mentioned.
Imagine a portal pages consisting of html pages and subfolders with html pages, no way anybody would want to replace every file in that structure one by one.
you'd better use scp, I think - it's more secure than fetching
Thats a problem when dealing with MT devices connected to a vpn server. Anyways fetch is fine as long as the is a way to uncompress e.g. tar files.
 
User avatar
mahnet
Long time Member
Long time Member
Posts: 654
Joined: Tue Jul 07, 2009 9:11 pm

Re: Feature requests

Sat Nov 17, 2012 4:01 am

RB 750UP good enough for the SOHO but something similar for the enterprise also. Like say RB2000 series or atleast 4 POE enabled ports on the RB1100AH or CCR. We need to remotely cut power supply at times. Disabling the said POE ports should do the job.
 
User avatar
saaremaa
Member Candidate
Member Candidate
Posts: 162
Joined: Tue Feb 02, 2010 7:48 pm
Location: Baltijos šalių miestas

Re: Feature requests

Sat Nov 17, 2012 8:06 pm

I propose to discuss the possibility of implementing user authorization in Winbox, using SSL-certificate. Our company uses a lot of RouterBoard and we need a more flexible management of passwords on all RouterBoard.
 
dada
Member Candidate
Member Candidate
Posts: 245
Joined: Tue Feb 21, 2006 1:44 pm

Re: Feature requests

Sun Nov 18, 2012 10:36 am

I propose to discuss the possibility of implementing user authorization in Winbox, using SSL-certificate. Our company uses a lot of RouterBoard and we need a more flexible management of passwords on all RouterBoard.
Note: maybe you can use this - you can run a winbox with a command line parameter (IP, name, password) so it is very easy to run winbox from browser (for example) and then it connect without asking for user credentials etc.
The SSL certificate based login could be a dangerous thing IMHO. it could be a problem to secure the certificate. In the case the certificate is stollen you have to change it on all boxes...
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Sun Nov 18, 2012 1:17 pm

Our company uses a lot of RouterBoard and we need a more flexible management of passwords on all RouterBoard.
use RADIUS?..
 
User avatar
saaremaa
Member Candidate
Member Candidate
Posts: 162
Joined: Tue Feb 02, 2010 7:48 pm
Location: Baltijos šalių miestas

Re: Feature requests

Sun Nov 18, 2012 2:13 pm

Our company uses a lot of RouterBoard and we need a more flexible management of passwords on all RouterBoard.
use RADIUS?..
Yes, we use Radius, but only for PPP authentication. You talk about this point → Radius Server settings: Service = Login?
You do not have the required permissions to view the files attached to this post.
 
ropeba
Member Candidate
Member Candidate
Posts: 220
Joined: Sat Jul 29, 2006 4:13 pm

Re: Feature requests

Sun Nov 18, 2012 7:02 pm

I think that mikrotik should base their attention on the correction of current bugs instead of adding new options. It's a waste of time that you develop a product that is semi useful.. First fix the bugs and then continue with the development, only then you will have the opportunity to stay in the market. Way you are doing it now is taking you down slowly.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Mon Nov 19, 2012 1:22 pm

Yes, we use Radius, but only for PPP authentication. You talk about this point → Radius Server settings: Service = Login?
yes, plus "System -> Users -> AAA -> Use RADIUS"
 
User avatar
rezamoghadam
Trainer
Trainer
Posts: 33
Joined: Wed Mar 02, 2011 1:01 pm
Location: Iran , Ahvaz
Contact:

Re: Feature requests

Mon Nov 19, 2012 7:01 pm

Hi !

I have Two Basic Request , But Is Very Useful .

1. Please Make Authentication For Socks , Authentication Based on Username & Password , Mac , ...

2. Please Set Limit Byte IN & Out in PPP Secret Based on Traffic Usage and User After Finished His Traffic , Can Not Connect Again , Same as Hotspot Users .
" Currently User After Finished His Traffic Limitation Get Disconnect and Then Can Also Connect Again "

3. Make a Full Update , Complete , Simple Wiki and Manual !

Thanks !
 
nicuro
just joined
Posts: 2
Joined: Thu Nov 03, 2011 2:22 am

Re: Feature requests

Wed Nov 21, 2012 10:57 pm

Add an option to /tool fetch to save output to a variable
 
Moogman
just joined
Posts: 13
Joined: Sat Nov 24, 2012 2:03 am

Re: Feature requests

Sat Nov 24, 2012 10:15 am

Hi,

we would need for our customers the following:

1. DyndnsClient with a customizable updateserver (cause we run our very own dyndns server).
This is cause all of our customers did have an ADSL2+ connection with a dynamic IP,

2. IPsec with dynamic IP´s for both, the initiator and the responder. This is very important for us.
It should also be possible to define the ID type (not only FQDN, what about IPv4) and this should be settable for both sides
like on other routher (Lancom, cisco, bintec, draytec, ...)....
It should look like this:
Own ID Type
Own ID:
Responder ID Type:
Responder ID:

The networksettup looks lik this:

Customer Side (Dynamic ip ADS2+):
Its a custom router with open SWAN, and a dynamic IP but with a resolvable DNS name.

Home office (Dynamic ip ADS2+):
here we want to place the mikrotik router.


The router on the customers side can only does the following:
IPSEC PSK (MAIN MODE):
Ph1:
3DES / SHA1 / DH 2
Lifetime 3600

Ph2:
3DES /MD5
Lifetime 1200

Nat-T is used.
The router sends as ID-Type: FQDN with its own DYNDNS name.
And expects on the other side ID-Type FQDN with DYNDNS.

But i have not found a possibility to enter both ID´s in the RouterOS.

Can anybody help me?
 
laneovcc
just joined
Posts: 4
Joined: Tue Nov 27, 2012 3:15 pm

Re: Feature requests

Wed Nov 28, 2012 7:17 am

aria2 aria2~
 
wbeld
just joined
Posts: 1
Joined: Wed Nov 28, 2012 2:54 pm

Re: Feature requests

Wed Nov 28, 2012 6:16 pm

Many interesting suggestions here. I'm wishing for a walled garden configuration that allows an entire web site to be accessed. Seems to be too narrow, now. How about wild card support in the URL field?
 
User avatar
omega-00
Forum Guru
Forum Guru
Posts: 1167
Joined: Sat Jun 06, 2009 4:54 am
Location: Australia
Contact:

Re: Feature requests

Thu Nov 29, 2012 12:34 am

Many interesting suggestions here. I'm wishing for a walled garden configuration that allows an entire web site to be accessed. Seems to be too narrow, now. How about wild card support in the URL field?
The walled garden options support regular expressions so there's nothing stopping you from doing this already.

Eg: (this is taken from the usermanager setup page but gives multiple examples of direct domain, and wildcard matching)

ros code

/ip hotspot walled-garden add dst-host=":^www\\.paypal\\.com\$" dst-port=443 action=allow 
/ip hotspot walled-garden add dst-host=":^content\\.paypalobjects\\.com\$" dst-port=443 action=allow 
/ip hotspot walled-garden add dst-host=*.akamaiedge.net action=allow
/ip hotspot walled-garden add dst-host=paypal.112.2O7.net
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

Re: Feature requests

Wed May 01, 2013 7:36 pm

kerberos ssh login

this would be a really secure and nice alternative to radius.
 
ege
just joined
Posts: 17
Joined: Thu May 28, 2009 4:58 am

Re: Feature requests

Wed May 08, 2013 9:15 am

Xtables-Addons with GeoIP for Firewall
 
User avatar
erebusodora
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Mon Jan 23, 2012 3:46 pm
Location: Bulgaria

Re: Feature requests

Tue May 21, 2013 8:32 am

Is there a possibility to add a option or separate to PPPoE conections like a Hotspot cookies. For Tracking ,statistics
tics , MAC adress, uptime total, etc. ...........clients.
 
User avatar
EMOziko
Member Candidate
Member Candidate
Posts: 129
Joined: Mon Aug 23, 2010 9:42 pm
Location: Georgia

Re: Feature requests

Mon May 27, 2013 8:08 pm

1) Enterprise authorisation in wireless (802.11, nstreme, nv2) like EAP-TTLS, PEAP. We cant deploy mikrotik as client stations without that things.

2) Mass management software for routerOS devices (like ubnt aircontrol).
 
lprot
just joined
Posts: 9
Joined: Mon May 27, 2013 7:56 am

Re: Feature requests

Sun Jun 02, 2013 7:52 pm

Please add to WiFi ACL ability to enforce 20MHz mode when 20MHz/40MHz Above/Below is on in WiFi settings.
 
HaPe
Member Candidate
Member Candidate
Posts: 239
Joined: Fri Feb 10, 2012 10:24 pm
Location: Poland

Re: Feature requests

Sun Jun 02, 2013 7:54 pm

Hi,
What do you think about ability to change predefinied speed limits in SQ? Yes, we can enter eg. 4096k there, but it will be great to add option to change default entries.
Default are 64k, 128k...2M.
 
Sunsun
just joined
Posts: 3
Joined: Mon Jun 03, 2013 9:47 am

Re: Feature requests

Mon Jun 03, 2013 9:56 am

Please, add feature, that allows easy use special dns for subnets like in dnsmasq!
More specific domains take precendence over less specific domains, so: --server=/google.com/1.2.3.4 --server=/www.google.com/2.3.4.5 will send queries for *.google.com to 1.2.3.4, except *www.google.com, which will go to 2.3.4.5
 
User avatar
THG
Member
Member
Posts: 472
Joined: Thu Oct 15, 2009 1:05 am

Re: Feature requests

Mon Jun 03, 2013 10:42 am

Add a feature to the dhcp server that makes it possible to change the default gateway for static leases.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Mon Jun 03, 2013 5:47 pm

Add a feature to the dhcp server that makes it possible to change the default gateway for static leases.
you need to set static IP address for that lease and add /32 network for that address with necessary gateway
 
User avatar
THG
Member
Member
Posts: 472
Joined: Thu Oct 15, 2009 1:05 am

Re: Feature requests

Mon Jun 03, 2013 10:18 pm

Add a feature to the dhcp server that makes it possible to change the default gateway for static leases.
you need to set static IP address for that lease and add /32 network for that address with necessary gateway
Okay, I saw that it is indeed possible to add another gateway in RouterOS version 6. Too bad that I can't upgrade right now until a few other issues has been resolved in the latest release.
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

Re: Feature requests

Tue Jun 04, 2013 12:57 am

loopback interface address assignment.
[admin@Mikrotik] > ping 127.0.0.1 count=2
HOST                                     SIZE TTL TIME  STATUS                                                                                                         
127.0.0.1                                  56  64 6ms  
127.0.0.1                                  56  64 5ms  
    sent=2 received=2 packet-loss=0% min-rtt=5ms avg-rtt=5ms max-rtt=6ms 
HOST                                     SIZE TTL TIME  STATUS            
you can ping it but can not add more addresses. only solution is to add a dummy bridge interface.
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

Re: Feature requests

Tue Jun 04, 2013 1:01 am

swap mrtg with rrd
it will be possible to specify different time ranges when viewing history
also posiibility todownload rrd files for some other possibilities.
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

Re: Feature requests

Tue Jun 04, 2013 1:07 am

considder this example. you monitor some interface. that interface is no longer present on the routeros. mrtg image url is then invalid.
error 404 should be putbut instead you get an image with text "ERROR: invalid id"
i considder this a bug. when using wget you will not be able to distinguish errors fro actual images.
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

Re: Feature requests

Tue Jun 04, 2013 1:13 am

source address selection with /tool fetch
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

Re: Feature requests

Tue Jun 04, 2013 1:23 am

"trigger" events.
example:
when an entry appears in /ip dhcp-server lease you could then launch a script passing internal *id as parameter and do some actions based on it.
add custom firewall rule etc.
i know this is a "BIG" feature request, but imagine the possibilities.
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

Re: Feature requests

Tue Jun 04, 2013 2:05 am

changing of firewall default policy
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Tue Jun 04, 2013 7:02 pm

when an entry appears in /ip dhcp-server lease you could then launch a script passing internal *id as parameter and do some actions based on it.
add custom firewall rule etc.
i know this is a "BIG" feature request, but imagine the possibilities.
there's some undocumented feature :)
/ip dhcp-server set 0 lease-script=
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

Re: Feature requests

Tue Jun 04, 2013 8:51 pm

when an entry appears in /ip dhcp-server lease you could then launch a script passing internal *id as parameter and do some actions based on it.
add custom firewall rule etc.
i know this is a "BIG" feature request, but imagine the possibilities.
there's some undocumented feature :)
/ip dhcp-server set 0 lease-script=
1 why is it undocumented ?
2 you did not understand me clearly. i meant triggers not only in dhcp. in interfaces,ip addresses etc.
 
HaPe
Member Candidate
Member Candidate
Posts: 239
Joined: Fri Feb 10, 2012 10:24 pm
Location: Poland

Re: Feature requests

Tue Jun 04, 2013 11:08 pm

when an entry appears in /ip dhcp-server lease you could then launch a script passing internal *id as parameter and do some actions based on it.
add custom firewall rule etc.
i know this is a "BIG" feature request, but imagine the possibilities.
there's some undocumented feature :)
/ip dhcp-server set 0 lease-script=
Wiki includes info about that. I wrote on the board about variables for lease-script, before it was published on wiki.
-
Feature requests:
  • switch function in scripts
  • running scripts with parameters(running with :global isn't sufficient)
PS Have you also have a proble with SQ in ros6? After reboot, ros lost stats for queues and for interfaces.
 
sashavl
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Mon Nov 01, 2010 8:19 pm
Contact:

Re: Feature requests

Tue Dec 03, 2013 8:26 pm

I have basic request, but it can be very useful.

From time to time i wish i can hide "disabled" interfaces in winbox "Interface list" menu. I think this can be useful when working with new CCR switches and even 2011 RB's.

Thank you.
 
AndreaWGR
just joined
Posts: 2
Joined: Wed Dec 04, 2013 5:28 pm

Re: Feature requests

Wed Dec 04, 2013 5:49 pm

Hi, an other basic request:
I work for an ISP, we have to manage a very high number of mikrotik devices.
We have been using winbox.exe but in our situation looking for the correct device is becoming really frustrating...

Add a "search button" on winbox applicaton could help us..

Thank you!
 
AndreaWGR
just joined
Posts: 2
Joined: Wed Dec 04, 2013 5:28 pm

Re: Feature requests

Wed Dec 04, 2013 5:52 pm

Hi, an other basic request:
I work for an ISP, we have to manage a very high number of mikrotik devices.
We have been using winbox.exe but in our situation looking for the correct device is becoming really frustrating...

Add a "search button" on winbox applicaton could help us..

Thank you!
 
User avatar
armandfumal
Member Candidate
Member Candidate
Posts: 158
Joined: Wed Apr 25, 2012 5:50 pm
Location: Weiswampach,LUX
Contact:

Re: Feature requests

Wed Dec 04, 2013 6:20 pm

Xtables-Addons with GeoIP for Firewall
+1
 
ste
Forum Guru
Forum Guru
Posts: 1924
Joined: Sun Feb 13, 2005 11:21 pm

Re: Feature requests

Thu Dec 05, 2013 7:39 am

Hi, an other basic request:
I work for an ISP, we have to manage a very high number of mikrotik devices.
We have been using winbox.exe but in our situation looking for the correct device is becoming really frustrating...

Add a "search button" on winbox applicaton could help us..

Thank you!
We use TheDude to manage MT Devices. Makes things much easier than using winbox alone.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Thu Dec 05, 2013 11:15 am

From time to time i wish i can hide "disabled" interfaces in winbox "Interface list" menu. I think this can be useful when working with new CCR switches and even 2011 RB's.
use 'Filter' button, 'Enabled' -> 'is' -> 'yes' :)
 
23q
Frequent Visitor
Frequent Visitor
Posts: 57
Joined: Thu Sep 02, 2010 2:54 pm
Location: Ukraine

Re: Feature requests

Thu Dec 05, 2013 9:30 pm

use 'Filter' button, 'Enabled' -> 'is' -> 'yes' :)
if you close the window, not saved\если закрыть окно -не сохраняется
 
fernandolcx
newbie
Posts: 47
Joined: Fri Sep 06, 2013 6:51 pm

Re: Feature requests

Sun Dec 08, 2013 10:41 pm

Native support for Dynamic DNS updates?
Any decent router have support for it...
 
efaden
Forum Guru
Forum Guru
Posts: 1708
Joined: Sat Mar 30, 2013 1:55 am
Location: New York, USA

Re: Feature requests

Sun Dec 08, 2013 11:26 pm

Does MT support Multiple DHCP Scopes and Multiple IP's on the LAN interface?
Or at least an on lease script call out for the dhcp client

Sent from my SCH-I545 using Tapatalk
 
samsung172
Forum Guru
Forum Guru
Posts: 1191
Joined: Sat Apr 04, 2009 3:45 am
Location: Østfold - Norway
Contact:

Re: Feature requests

Mon Dec 09, 2013 2:10 am

Remove the new feture having scanlist listed as separate rows. If not, make a drag window button to make it possible to read all settings on a device have a lot of channels in scanlist. I use this as standard, and the wlan menu in 6.x just is wired

ros code

:global ifslink 5180,5750,5770,5790,5810,5830,5850,5870,5890
:global ifs5ghz 5390,5410,5430,5450,5470,5490,5510,5530,5550,5570,5590,5610,5630,5650,5670,5690,5180,5750,5770,5790,5810,5830,5850,5870,5890
:global ifs2ghz 2409,2429,2414,2434,2419,2439,2424,2444,2449,2469,2454,2474,2459,2479,2464,2484
(example have even more channels) But how do i configure this device in winbox? :)
You do not have the required permissions to view the files attached to this post.
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6263
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: Feature requests

Mon Dec 09, 2013 1:36 pm

please check how this works and then start to abuse it:
http://wiki.mikrotik.com/wiki/Manual:Wi ... d_Channels

here you can define channels list, and then use this as the value for channel list.

so create entries in '/interface wireless channel' with the same list set. In wireless configuration in scan-list set this up as list, or if you require as separate names if you do not want to use whole list.
 
ste
Forum Guru
Forum Guru
Posts: 1924
Joined: Sun Feb 13, 2005 11:21 pm

Re: AW: Feature requests

Mon Dec 09, 2013 2:09 pm

Channel List does not respect local regulations. There is no way to limit power.
 
fernandolcx
newbie
Posts: 47
Joined: Fri Sep 06, 2013 6:51 pm

Re: Feature requests

Sat Jan 04, 2014 1:29 am

I can't understand why all decent routers I have met in my life can update DDNS/No-IP hosts and with MikroTik I need to rely on scripting to do this.
 
andriys
Forum Guru
Forum Guru
Posts: 1526
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: Feature requests

Mon Jan 06, 2014 4:02 pm

I can't understand why all decent routers I have met in my life
You mean SOHO routers? RouterOS is in no way a SOHO software, even despite the fact that quite a few of Mikrotik routers are targeting SOHO market.

And, by the way, what Dyn DNS protocol do you want Mikrotik guys to implement?
I doubt you're referring to RFC2136, and HTTP-based protocols used by dyndns.com and similar services are
a) in no way standardized,
b) proprietary by their nature,
c) easily scriptable.

And what's wrong with the script approach after all?
 
Djlobster
just joined
Posts: 2
Joined: Sun Dec 22, 2013 11:51 am

Re: Feature requests

Thu Jan 09, 2014 11:48 am

Good day,I have mikrotik rb750gl with the OpenVPN server and the telephone Galaxy Note 3 with OpenVPN Client (https://play.google.com/store/apps/deta ... eb.openvpn)
't associate these 2 devices on the VPN so I was told that in Mikrotik old libraries Opensll --- I have firmware V6.7 -- I was told that this firmware Openssl 0.9.8 --it's 2005,and today already have Openssl 1.0.1, --- and Android does not understand the old libraries of Openssl ))) please tell me what should I do??? and why in the new firmware de add new Openssl library ? thanks in advance!
 
23q
Frequent Visitor
Frequent Visitor
Posts: 57
Joined: Thu Sep 02, 2010 2:54 pm
Location: Ukraine

Re: Feature requests

Fri Jan 31, 2014 6:57 pm

 
JanezFord
Member Candidate
Member Candidate
Posts: 269
Joined: Wed May 23, 2012 10:58 am

Re: Feature requests

Mon Feb 03, 2014 8:48 pm

UPS package should be refreshed with more options ... event reporting (mail) would be nice and also possibility to share ups status with other routerboards (and linux boxes running for example apcupsd) over the network so all units could be safely shutdown in case of ups battery exhaustion. After power restoration WOL commands could be issued and so on ...

JF
 
User avatar
saaremaa
Member Candidate
Member Candidate
Posts: 162
Joined: Tue Feb 02, 2010 7:48 pm
Location: Baltijos šalių miestas

Re: Feature requests

Mon Feb 03, 2014 8:54 pm

 
User avatar
otgooneo
Trainer
Trainer
Posts: 581
Joined: Tue Dec 01, 2009 3:24 am
Location: Mongolia
Contact:

Re: Feature requests

Tue Feb 04, 2014 3:49 am

MT please please. We need more queue options in PPP profile. For example we need different values in max-limit and limit-at. When using Radius for AAA, now dynamic simple queues create with same value at limit-at. It restricts us to do some QoS and it fights off RouterOS`s powerful, intelligent queue features.
 
rajo
newbie
Posts: 45
Joined: Tue Aug 16, 2011 11:12 pm

Re: Feature requests

Wed Feb 05, 2014 12:57 pm

Please add bidirectional PIM support

It would be great if MikroTik would support bidirectional PIM, as we deploy for our 2-way radio over IP networks. As is, when sending multicast traffic back to the original sender (i.e. the receiver is also a sender) we get RouterOS complaining that it has no RP for the reverse path.

This is one issue that might drive us towards Cisco; however, I would prefer not going with a Cisco solution because power can be an issue at some remote mountain top sites where a small MikroTik router would otherwise be better suited.
 
lavv17
Member Candidate
Member Candidate
Posts: 120
Joined: Sat Sep 01, 2007 9:01 am

Re: Feature requests

Tue Feb 11, 2014 4:25 pm

MT please please. We need more queue options in PPP profile. For example we need different values in max-limit and limit-at. When using Radius for AAA, now dynamic simple queues create with same value at limit-at. It restricts us to do some QoS and it fights off RouterOS`s powerful, intelligent queue features.
I uphold this. I also need in ppp profile an option to specify default packet-marks for simple queue.
 
nickjail
just joined
Posts: 15
Joined: Mon Feb 17, 2014 9:26 pm

Re: Feature requests

Mon Feb 17, 2014 9:43 pm

UPS package should be refreshed with more options ... event reporting (mail) would be nice and also possibility to share ups status with other routerboards (and linux boxes running for example apcupsd) over the network so all units could be safely shutdown in case of ups battery exhaustion. After power restoration WOL commands could be issued and so on ...

JF
+1
 
johjoh
just joined
Posts: 3
Joined: Tue Feb 18, 2014 11:21 am

Re: Feature requests

Wed Feb 19, 2014 3:58 pm

If possible, in the future release of ROS would be great if there are the ability to turn off all leds on all RouterBoard.
I have a RB2011UiAS-2HnD-IN and seem Christmas, by night there is a lot of brightness!

Thank you
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

Re: Feature requests

Wed Feb 19, 2014 7:33 pm

why this wiki pade have been removed ?
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

Re: Feature requests

Wed Feb 19, 2014 7:43 pm

ssh-rsa encoding for ssh client

this is an exact error message on cisco switch when i try to log in with ssh client on ros 6.10
SSH2 0: hostkey algo not supported: client ssh-dss, server ssh-rsa
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

kerberos

Wed Feb 19, 2014 7:46 pm

kerberos support for ssh logging.
i may be bombarded her to use radius with user-manager. problem is that radius is not as secure as kerberos. if you want to have same password for winbox and ssh you have to store and send passwords in plain-text !!!

don't you think that is a security hole ?
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

secure store local users passwords

Wed Feb 19, 2014 7:49 pm

it is verry simple to crack local user password once you have access to binnary backup for example.
Store them in sha or blowfish.
If you do this they can be exportable via /export. Also please note that importing them would be a really nice feature.


as a side note please read this and THIS.
please read my post again, because you completely missed my point. I said - why even bother encrypting it? it will just take a little more time to read. Better deal with your other security hole - why can somebody take your router and do what he pleases?
Are really so ignorant ? Why even bother ?
Last edited by luqasz on Wed Feb 19, 2014 8:09 pm, edited 3 times in total.
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

connection lists. split ports in separate columns

Wed Feb 19, 2014 7:55 pm

/ip firewall connection
25    tcp      212.77.100.128:80     91.xxx.xxx.xxx:52378  established 2h47m39s  
issuing below command:
print where src-address=212.77.100.128
will not print src addres becouse you have to write it with port. what if you do not know the port or you are just not interested in it ?

under winbox you can filter it by src-address and it works. why there are differences in console experience and winbox ?



-----------------------------


ok scratch this one. i have figured out to use scripting
/ip firewall connection print where src-address~"212.77.100.128"
Last edited by luqasz on Wed Feb 19, 2014 9:21 pm, edited 1 time in total.
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

general purpouse prefix lists

Wed Feb 19, 2014 8:10 pm

prefix lists for bgp, ospf etc. not only rip. once done you can store prefixes in some separate place making filters refer to them and resulting in more clear configuration
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

disable BFD interfaces

Wed Feb 19, 2014 8:12 pm

/routing bfd interface> disable 0
failure: cannot disable 'all' interface config
remove all interface as a default configuration. you just do not use it always.
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

physically disable port

Wed Feb 19, 2014 8:17 pm

if you set an ethernet/sfp interface as disabled link is still up. how about phisically (elecrically) disable it as well. just like a decent switch does
Last edited by luqasz on Wed Feb 19, 2014 9:19 pm, edited 1 time in total.
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

case insensitive mac address formats acceptance

Wed Feb 19, 2014 8:19 pm

if you want to find a mac address on a bridge host table you have to write it case sensitive. how about accepting it in case insensitive ?
This may be for some people a cosmetic feature but still noce one.
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

/file mv,cp,mkdir

Wed Feb 19, 2014 8:26 pm

/file mv,cp,mkdir

it is in my opinion self explanatory....
 
User avatar
luqasz
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Aug 16, 2007 9:53 pm
Location: Poland

loopback interface access.

Wed Feb 19, 2014 8:50 pm

simply show loopback interface in interface lists.
then you will be able to add addresses to it and not make a dirty empty bridge hack.
 
nickjail
just joined
Posts: 15
Joined: Mon Feb 17, 2014 9:26 pm

Re: Feature requests

Wed Feb 26, 2014 8:52 pm

Hi!

Need snmpget, snmpwrite, snmpwalk tools to monitor and control status of remote network hardware via router. For example, monitor UPS via snmp, reboot hardware and so on.
Yes, ups package already exist but it capable with APC only and interface cable lenth is limiting factor...
Really need. Thx!
 
Diamond
newbie
Posts: 26
Joined: Tue Mar 19, 2013 7:11 pm
Location: RU

Copy cell feature

Thu Feb 27, 2014 11:27 am

Often MAC or IP address should copy manually from winbox. I suggest to make "cell copying" command for more convenient work...
Image
 
User avatar
mishaM
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Sun Oct 25, 2009 1:48 pm
Location: Georgia

Re: Feature requests

Thu Feb 27, 2014 4:01 pm

Hi all,

this feature will be good:
on CLI -> command alias support , (make group of line commands to one command )

make poe monitor oids( for 750 up ) or support on api monitor function.
 
User avatar
mishaM
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Sun Oct 25, 2009 1:48 pm
Location: Georgia

Re: Feature requests

Fri Feb 28, 2014 8:08 am

also on CLI insert privileged modes ( enable ,config ..etc) will be good
 
markom
Member Candidate
Member Candidate
Posts: 112
Joined: Thu Dec 17, 2009 10:42 pm

Re: Feature requests

Fri Feb 28, 2014 10:33 am

mikrotik as LNS server with LAC support and l2tp secret tor tunnel.
 
vortex
Forum Guru
Forum Guru
Posts: 1092
Joined: Sat Feb 16, 2013 6:10 pm

Re: Feature requests

Fri Feb 28, 2014 12:12 pm

HFS+ formatted storage, AFP, Spotlight indexing, Time Machine support, SMB 2.0

Working Bonjour (mDNS) intra-router (not inter) routing across subnets with example
Last edited by vortex on Fri Feb 28, 2014 12:39 pm, edited 3 times in total.
 
vortex
Forum Guru
Forum Guru
Posts: 1092
Joined: Sat Feb 16, 2013 6:10 pm

Re: Feature requests

Fri Feb 28, 2014 12:18 pm

Suricata on CCR
 
nosovk
Frequent Visitor
Frequent Visitor
Posts: 63
Joined: Wed Jan 25, 2012 11:25 am
Location: Ukraine
Contact:

Re: Feature requests

Sat Mar 01, 2014 9:16 pm

hyper-v nic support!
 
nickjail
just joined
Posts: 15
Joined: Mon Feb 17, 2014 9:26 pm

Feature requests

Sun Mar 02, 2014 8:58 pm

Please add support of receiving SNMP Traps and run scripts on this events
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2096
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow
Contact:

Re: Feature requests

Mon Mar 03, 2014 2:34 am

Suricata on CCR
Rumor has it ;)
 
IlCarletto
newbie
Posts: 33
Joined: Mon May 10, 2010 3:09 pm
Location: Milan
Contact:

Re: Feature requests

Thu Mar 06, 2014 1:05 pm

set the syslog remote address as fqdn or domain name and not only IP.
 
abstract
just joined
Posts: 3
Joined: Mon Apr 12, 2010 11:36 am

Re: Feature requests

Wed Mar 26, 2014 2:06 pm

We tried CAPsMAN this week. It seems us a good tool, We haven't tried all features at the moment and we are planning to use it without SSL certificates exchange in an hotel in the next week.

We would like to suggest some enhancements for radio parameters managements.
  • The frequency provisioning does not permit to set the "auto" frequency value
  • The frequency provisioning does not permit to set the country value resulting in illegal frequency channel (in fact we cannot use the channels 2467 and 2472 that are permitted in italy)
  • Generally speaking it will be usefull having a greater control on CAP's radio parameters setting (country, power, frequency mode, antenna gain, DFS mode, etc...)
  • May result usefull let the CAP use its own radio parameters configuration, when implicit default provisioning rule is applied, or when configurations without radio parameters explicitly setted are used.
 
DShmelev
just joined
Posts: 4
Joined: Sat Mar 22, 2014 2:13 am

Re: Feature requests

Sun Apr 13, 2014 2:37 am

Address lists of Address lists!
Urgent! :)
 
User avatar
blackhold
just joined
Posts: 11
Joined: Tue Apr 15, 2014 3:12 am
Location: Catalonia
Contact:

Re: Feature requests

Tue Apr 15, 2014 3:13 am

NAT64: Tayga

More info:
http://www.litech.org/tayga/
http://blackhold.nusepas.com/2014/04/nat64dns64/

it should be easy to implement, install tayga package (121kb) and configure twice firewall rules...

please, it is really important due ipv4 is out and now if you want to redirect users from a wisp you need to use policy routing and you need IPv4 inside your network to make it work.

thanks you much!
Last edited by blackhold on Tue Apr 15, 2014 3:12 pm, edited 1 time in total.
 
markom
Member Candidate
Member Candidate
Posts: 112
Joined: Thu Dec 17, 2009 10:42 pm

Re: Feature requests

Tue Apr 15, 2014 11:46 am

ADSL capable RB.
 
jmetcalf
just joined
Posts: 1
Joined: Fri Oct 21, 2011 7:29 pm

Re: Feature requests

Tue Apr 15, 2014 11:47 pm

I would love to get a url-server/filter command implementation what Cisco provides. (Do a search for "PIX/ASA URL Filtering" for an example of what I am referring to).

The basic idea being any website being accessed first does a quick hand-off to the filter server for a yes/no response. If yes is returned then the router allows the access to continue. If a No response is returned than the Router passes you back to the url-filter server for a block reason.

I realize that you can proxy, but this feature would open up RouterOS to the possibility alternate content control without the need of proxy servers.

Just a thought.
 
User avatar
blackhold
just joined
Posts: 11
Joined: Tue Apr 15, 2014 3:12 am
Location: Catalonia
Contact:

Re: Feature requests

Thu Apr 17, 2014 2:18 pm

IPv6 policy routing - really important if nat64:tayga will not be implemented yet
 
User avatar
blackhold
just joined
Posts: 11
Joined: Tue Apr 15, 2014 3:12 am
Location: Catalonia
Contact:

Re: Feature requests

Thu Apr 17, 2014 3:17 pm

winbox: group connections by categories
 
User avatar
cdiedrich
Forum Veteran
Forum Veteran
Posts: 997
Joined: Thu Feb 13, 2014 2:03 pm
Location: Basel, Switzerland // Bremen, Germany
Contact:

Re: Feature requests

Thu Apr 17, 2014 3:29 pm

Next feature request for Access Points (Like metal, BaseBox, etc) and their LEDs:

It'll be just fantastic for us to be able to not only add wireless signal strength to LED1-LED5 (which is somehow pointless when they're configured as access point) but alternativly CPU load and/or bandwidth utilization (in % of the theoretical configured maximum)... THIS would really help us a big deal.

Thanks,
-Chris
 
User avatar
brauser
Trainer
Trainer
Posts: 32
Joined: Sat Aug 21, 2010 6:36 am
Location: Brazil, SP, Valinhos
Contact:

Re: Feature requests

Thu Apr 17, 2014 6:11 pm

Some features have already been requested before, to better manage this, you can register on the Wiki and cast your vote there:

http://wiki.mikrotik.com/wiki/MikroTik_ ... e_Requests

Of course, in addition, it would be great if you also posted a message here, explaining why you need that particular feature. And as usual - search before you post, maybe a topic exists already.
normis,

Wiki link is down, there is some other specific place to do feature request or here's the right/official place?
My feature request would be to have an option to turn on/off (checkbox) dynamic mode on "/ip pool" so we can have the opposite behaviour of:
Note: Whenever possible, the same ip address is given out to each client (OWNER/INFO pair).
Better if it could be possible for each pool :)

It would be very appreciated by many. Big thanx!
 
User avatar
ofendt
just joined
Posts: 23
Joined: Mon Jun 20, 2011 10:17 pm

Re: Feature requests

Fri Apr 25, 2014 1:22 pm

Would be perfect in IP/ROUTES Check-Gateway to be able to specify an IP-Adress other the the default Gateway.

In Germany we get more - and more proconfigured AVM Fritzboxes as a DSL Connecting-Point.

The box is always Pingable - even if the connection behind is down. Script is possible but complicated.

---

And by the way...
Optical nice (something like UNIFI with hidden cables) RB with (RB95xxx) with 2,4 AND 5 GHz would be perfect.

And... don't forget the perfect DUDE. Its still in beta and send's me email's even if the server is down for only some seconds.
Would be perfect to give a time-limitt (if down 1 minute...)

Thanks. RB is "nearly" perfect - good stuff.
 
andriys
Forum Guru
Forum Guru
Posts: 1526
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: Feature requests

Fri Apr 25, 2014 1:41 pm

Would be perfect in IP/ROUTES Check-Gateway to be able to specify an IP-Adress other the the default Gateway.
It should already be possible using so called "Recursive routes".
Read more about it here. I seem to have seen an example somewhere in the wiki as well, but can't find it at the moment.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Mon Apr 28, 2014 6:17 pm

I seem to have seen an example somewhere in the wiki as well, but can't find it at the moment.
http://wiki.mikrotik.com/wiki/Advanced_ ... _Scripting
 
quux
just joined
Posts: 2
Joined: Fri May 09, 2014 4:59 am

IPv6 DNS Router advertisement

Sun May 11, 2014 4:31 pm

I hope the title says it all.

We bought the CRS125-24G-1S-2HnD for the express purpose of getting IPv6 running properly on our network. Getting everything up and running, only to find that we could not advertise local DNS servers via RAs, was very disappointing! I am however very impressed by the device and by RouterOS in all other respects.

If anyone knows a clean way to do this from Windows, feel free to reply here or email me directly. I'll be very thankful!

In the meantime I'll hope this feature comes to RouterOS!
 
andryan
newbie
Posts: 40
Joined: Fri Nov 30, 2007 10:33 pm
Location: Jakarta, Indonesia
Contact:

Re: Feature requests

Thu May 22, 2014 12:23 pm

More /ip ssh settings: TCPKeepAlive, ClientAliveInterval, and ClientAliveCountMax.
 
User avatar
otgooneo
Trainer
Trainer
Posts: 581
Joined: Tue Dec 01, 2009 3:24 am
Location: Mongolia
Contact:

Re: Feature requests

Tue May 27, 2014 6:01 am

Please implement logging possibility when bridge port interface role changes. If something happen in my STP enabled network, I can`t see where was an issue and which of my routerboard changed it`s port state. Furthermore debug log should show BPDU message detail logs. But now even debug log can`t show nothing regarding bridge interface role changes.
 
wisp625
just joined
Posts: 5
Joined: Fri Aug 30, 2013 6:58 pm

Re: Feature requests

Sun Jun 01, 2014 11:26 pm

Feature request: would be nice if there was a VoIP implementation section and a POE out port as a WAN port so we could have a customer router provide power for the radio and be able to plug a telephone into it as well. A lot of Wisps are looking for this as a solution. :)
 
Valerio5000
Frequent Visitor
Frequent Visitor
Posts: 92
Joined: Fri Dec 06, 2013 2:38 am

Re: Feature requests

Thu Jul 03, 2014 1:58 am

I realize that my request is not "technical" but it is possible to integrate a DLNA server for example nell'RB951 with USB that is proposed as a router at home?
 
joncolby
newbie
Posts: 40
Joined: Wed Nov 13, 2013 8:09 am
Location: Southern California

Re: Feature requests

Fri Jul 04, 2014 6:00 am

Please add Dynamic V-Lan Assignment so we can run 3rd Party Network Access Control Software like Packetfence Please.
 
digidax
just joined
Posts: 13
Joined: Fri May 30, 2014 10:15 am

Re: Feature requests

Wed Jul 23, 2014 4:41 pm

If I have opened a firewall rule, a Button to clone this rule.

I have a lot of INPUT rules, which are only different by the src IP Address.
So I can clone the rule, change the SRC IP and apply the rule.
Webmin (www.webmin.com) have it implemented for the firewall settings.

thanks
Frank
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Wed Jul 23, 2014 5:05 pm

If I have opened a firewall rule, a Button to clone this rule.
you mean, 'Copy' button, which is there for may years already?..
 
Utomo
just joined
Posts: 5
Joined: Sat Jul 05, 2014 8:42 am

Re: Feature requests

Sun Jul 27, 2014 6:23 am

Some features have already been requested before, to better manage this, you can register on the Wiki and cast your vote there:

http://wiki.mikrotik.com/wiki/MikroTik_ ... e_Requests

Of course, in addition, it would be great if you also posted a message here, explaining why you need that particular feature. And as usual - search before you post, maybe a topic exists already.
The pages already deleted

My Feature request:
1. Utilize the USB for NAS and Cache.
so we can connect a Hard disk and use as NAS and cache (to save bandwidth)
2. Support PHP please. so we can run the PHP script on Mikrotik Router.
Now the memory size already big enough and also the Processor also fast enough.
By allowing PHP Script it will make the Router more flexible and powerful.

And also Better WEB UI / More user friendly.

Thank you .
 
User avatar
Davis
Member Candidate
Member Candidate
Posts: 117
Joined: Mon Aug 01, 2011 12:27 pm
Location: Latvia, Riga
Contact:

Re: Feature requests

Mon Jul 28, 2014 9:21 pm

I want to suggest adjustable boot-delay (under /system routerboard settings), up to 255 seconds, for all RouterBOARDs.
This would allow some safety against bricking by repeated power loss (i.e. in case electrician connects power only for a few seconds router won't yet start to boot and there would be no risk of data corruption due to power loss during boot).
 
User avatar
LarryPotter
just joined
Posts: 2
Joined: Fri Jun 21, 2013 9:22 pm
Location: UK

Re: Feature requests

Fri Aug 08, 2014 9:48 am

Would NETCONF be of use to anyone else?
 
hzdrus
Frequent Visitor
Frequent Visitor
Posts: 51
Joined: Mon May 14, 2012 3:58 pm

Re: Feature requests

Fri Aug 08, 2014 1:40 pm

We find inability to trigger commands/scripts based on events to be very limiting, especially in MPLS VPN deployment.

The following is necessary:
1) Ability to specify inside RADIUS reply which commands/scripts to execute (e.g. similar to Cisco-AVPair)
2) Logging target to send every new log line to a script (so there is no need to use a hack with scheduler executing a script every N seconds)
 
rsaf
just joined
Posts: 4
Joined: Fri Dec 27, 2013 1:37 am

Relatively cheap FTTH CPE

Tue Aug 19, 2014 3:22 pm

Somethink lie RB951Ui-2HnD or RB951G-2HnD with SFP slot. We really need:
-single SFP slot for optical UPLINK
-SFP slot in confiurable VLAN aware switch (we have trunk on optical uplink with IPTV in separate vlan and we need to pass IPTV to one or two ethernet ports)
-at least 5 ports (5 ethernet ports and 1 sfp port will be much better)
-integrated 2.4GHz wifi
-one type with plastic case (like RB260GS) with integrated wifi antennas
-second type "board only" with U.FL antena connectors - we have own design of metal wall-mount case in which we can splice optical cable and put optical CPE (switch or mediaconverter) in it, we can put bare board in this case and use pigtails to pass antennas outside this box
-maybe mikrotik can design their own wallmount box where optical cable can be spliced and integraded routerboard in this box...
 
whippy
just joined
Posts: 1
Joined: Tue Aug 26, 2014 4:27 am

Re: Feature requests

Tue Aug 26, 2014 4:32 am

Followed the link to the wiki - doesn't look like anyone's using it though...

CAPsMAN extended to allow other interface types to be assigned to datapaths.
 
skibi82
newbie
Posts: 43
Joined: Fri Mar 22, 2013 7:09 pm

Re: Feature requests

Tue Aug 26, 2014 12:19 pm

Give MACVLAN to add the power to create Virtual interfaces.
Useful for testing or the separation of traffic.
 
Komerad
just joined
Posts: 12
Joined: Wed Jul 30, 2014 6:05 pm

Re: Feature requests

Tue Aug 26, 2014 10:57 pm

- All openvpn features.
- Auto dns lookup when non ip value is entered. Would be very handy to have router os to accept domain names for more features.
- Make adressess list true lists that can hold all kind of unique ip adresses or even hostnames in a list. Not just ranges.
^- and/or make it possible to add more sources and destinations at certain places. (Like mangle.)
 
xhaos
just joined
Posts: 10
Joined: Tue May 28, 2013 11:29 pm

Re: Feature requests

Wed Aug 27, 2014 9:22 am

Expand graphing, to show wireless connection statistics such as SnR, CCQ, Rx/Tx for AP clients and for p2p connections
 
jarda
Forum Guru
Forum Guru
Posts: 7756
Joined: Mon Oct 22, 2012 4:46 pm

Re: Feature requests

Wed Aug 27, 2014 11:27 am

Please, create universal versatile graphing that allows user to set whatever value that is readable in ROS to be graphed. Combined graphing (e.g. CPU, memory and number of connected clients together in one graph) would be something extra!

And please, ensure that power loss, reboot or ROS upgrade will not erase old graphs. It is still unsolved bug that emmerges very often still in 6.18 (contemporary latest).
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 26322
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: Feature requests

Wed Aug 27, 2014 11:42 am

Please, create universal versatile graphing that allows user to set whatever value that is readable in ROS to be graphed. Combined graphing (e.g. CPU, memory and number of connected clients together in one graph) would be something extra!

And please, ensure that power loss, reboot or ROS upgrade will not erase old graphs. It is still unsolved bug that emmerges very often still in 6.18 (contemporary latest).
we already have it, it is called SNMP
 
jarda
Forum Guru
Forum Guru
Posts: 7756
Joined: Mon Oct 22, 2012 4:46 pm

Re: Feature requests

Wed Aug 27, 2014 2:40 pm

Normis,

you know very well that this is not the requested functionality - getting values via snmp takes time and resources, what is worse, it needs active connection to the device. I talk about autonomous graphing that will work within the ROS even if the device is disconnected from the network.

At least, I wish the graphs were stop disappearing. Finaly. Some day.

And anyway - are you working on speeding up usb storage opertions and usb storage reliability? It is tragical and too much CPU time hungry.
 
AlexS
Member Candidate
Member Candidate
Posts: 272
Joined: Thu Oct 10, 2013 7:21 am

Re: Feature requests

Sat Aug 30, 2014 9:54 am

I would like a graceful BGP and OSPF shutdown

when I reboot my router it doesn't bring down the OSPF and BGP connections and I have to wait for its peers to realize its dead

That can take a while.

and you can't just stop the BGP / OSPF instances as they will not restart on reboot !
 
roadracer96
Forum Veteran
Forum Veteran
Posts: 730
Joined: Tue Aug 25, 2009 12:01 am

Re: Feature requests

Sun Aug 31, 2014 3:54 am

Both of my other brands of firewalls and routers support graceful ospf/bgp restart. It's very nice when you are making a change to the routing process but don't want to dump all routes.
 
AlexS
Member Candidate
Member Candidate
Posts: 272
Joined: Thu Oct 10, 2013 7:21 am

Re: Feature requests

Mon Sep 01, 2014 12:21 am

Sorry miss understanding

I mean shutdown of the router not ospf/bgp processes
 
roadracer96
Forum Veteran
Forum Veteran
Posts: 730
Joined: Tue Aug 25, 2009 12:01 am

Re: Feature requests

Mon Sep 01, 2014 5:38 am

That isn't graceful restart. Graceful restart means "hold your routes until I come back, wait up to x seconds for me to finish my operation then update routes after we reestablish adjacency". The change you requested is best handled with bfd.
 
AlexS
Member Candidate
Member Candidate
Posts: 272
Joined: Thu Oct 10, 2013 7:21 am

Re: Feature requests

Mon Sep 01, 2014 6:18 am

That isn't graceful restart. Graceful restart means "hold your routes until I come back, wait up to x seconds for me to finish my operation then update routes after we reestablish adjacency". The change you requested is best handled with bfd.
I would have to disagree.

By using BFD (i looked at it, it just makes convergence faster. Good, doesn't work for me as 1 device doesn't do BFD ..)

A graceful shutdown, would do a graceful shutdown of OSPF/BGP, which would mean removing them from the network, not just turning it off.

when I work on a OSPF node, i usually disable the ospf instance, leave it for a bit till all the routes have been recalced. then I can reboot as need.
 
roadracer96
Forum Veteran
Forum Veteran
Posts: 730
Joined: Tue Aug 25, 2009 12:01 am

Re: Feature requests

Mon Sep 01, 2014 6:29 pm

BFD detects when the peer goes away based on the interval of the BFD messages x multiplier.. So .25 second message X 3 multiplier = .75 second detection time. If OSPF is shut down on an interface, BFD will get shut down and in .75 seconds, the routes on the other end will get dropped.

Graceful restart is an rfc defined here: http://tools.ietf.org/html/rfc3623

It lets you take the OSPF process on a router offline for reconfiguration or some other reason and it notifies the remote peers to NOT drop routes for a default of 120 seconds. This is helpful if you need to make a change to the OSPF processes but still want to forward traffic through the router while the reconfiguration takes place.

If Im hearing you right, you want the remote peers to drop routes FASTER when you stop the ospf process on a router or reboot the router (faster than the ospf hello intervals). This would be BFD. So yes, BFD does speed up convergence. The second a router goes offline, everything needs to reconverge. BFD makes this happen faster.
 
pochbba
newbie
Posts: 26
Joined: Mon Jun 19, 2006 10:00 pm
Location: Argentina

Re: Feature requests

Mon Sep 08, 2014 9:38 pm

Hi there Normis,

I would really appreciate having an save file/export ping/traceroute log function of each individual winbox ping/traceroute test.

Sometimes it comes handy when doing small tests and keeping them logged.

I know there are several 3rd party applications that actually do this. But having it integrated on ROS would make my life easier.

Regards
 
Trekkie
newbie
Posts: 37
Joined: Thu Feb 07, 2013 1:48 am

Re: Feature requests

Mon Sep 08, 2014 10:17 pm

Is OVPN Client side LZO Compression and UDP support somewhere out there in plan? the wiki link is missing.
 
xhaos
just joined
Posts: 10
Joined: Tue May 28, 2013 11:29 pm

Re: Feature requests

Tue Sep 09, 2014 10:21 am

It would be very useful, to be able to setup a queue with target not only the interface name, but the interface's ingoing / outgoing /both direction.

for example I wish to configure mangle for internet QoS. Now we have to configure different mangle marking for incoming and outgoing traffic. But it would be much simpler, easier and fault-proof, if we could just mark the QoS priority markings in mangle and could have different queues for each traffic direction.
RouterOS as is, works perfectly for symmetric ethernet environments. But since we can use it for adsl router or even asymmetric wireless links, I think routerOS could provide some better tools.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Tue Sep 09, 2014 3:00 pm

you mean, simple queues? but they create up to three (upload, download and total) queues - why don't you use them all?..
 
Zorro
Long time Member
Long time Member
Posts: 675
Joined: Wed Apr 16, 2014 2:43 pm

Zabbix package for ROS ? more updated/actual Active queues ?

Thu Sep 11, 2014 1:26 am

is anyway to have native Zabbix support by RouterOS in frsbl future of it ?
also would personally welcome more updated/actual Active queues in RouterOS to handle/combat/prevent Network congestion. rather than static/notorious RED algo/type present already, which unsuable for production for number of reasons.
for example, RRED would be nice. aswell as other adaptive, attack/flooding-proof variants of AQM.
also bout moving RouterOS from vanilla Linux kernels to Zero Overhead Linux gossips - is actually such plans, yet ?
(this thing http://www.tilera.com/sites/default/fil ... aper_0.pdf meant, to be exact/specific)
also finishing/completing BFG routing implementation (auth and echo ?) also may be handy.
Last edited by Zorro on Fri Sep 19, 2014 9:26 am, edited 1 time in total.
 
Ciambot
Member Candidate
Member Candidate
Posts: 144
Joined: Thu Jan 22, 2009 5:22 pm

Re: Feature requests

Fri Sep 12, 2014 10:18 am

Request:
RFC 5185 OSPF Multi-Area Adjacency
 
bds1904
Frequent Visitor
Frequent Visitor
Posts: 63
Joined: Tue Sep 10, 2013 2:52 am

Re: Feature requests

Fri Sep 12, 2014 4:49 pm

Enable the openvpn client to accept an ipv6 address as a valid target address
 
taduikis
Member
Member
Posts: 436
Joined: Sat Jul 07, 2007 12:09 pm

Re: Feature requests

Wed Sep 17, 2014 10:46 am

Add some planned upgrade feature, that gets done upon next RouterOS start, no matter if shutdown/reboot was graceful or not. This of course should be voluntarily and separately triggered with required packages being uploaded in advance. It does add some risks of course, but I bet some people would/might be willing to take them.

I know this could be done at some level using v6 partitioning or achieved with scripts, but either way, having such function that you can choose not to use if you don't want, is still better, IMO.
 
namake
just joined
Posts: 1
Joined: Fri Jan 23, 2015 11:09 am

Re: Feature requests

Fri Jan 23, 2015 11:21 am

Normis, can you add support of vmxnet adapters (that vmware esxi provide to virtual machines) ?
 
User avatar
wagguRQ
just joined
Posts: 11
Joined: Sun Feb 01, 2015 9:00 am
Location: /RUSSIA/

Re: Feature requests

Sun Feb 01, 2015 11:09 am

I would like that you will add a counter of errors (crc,drop,oversitse,collisions, e.t.c.).
It is desirable that you will add the iperf with the standard features, as well as the possibility
of using as a client or server. This tool needed for monitoring and diagnostic as well as will use
in a bundle with iperf which was installed on radios from the Ubiquiti Networks.
 
erlt
just joined
Posts: 9
Joined: Sun Oct 12, 2014 3:51 pm

Re: Feature requests

Sat Feb 14, 2015 9:37 am

MAC Address List . This is very useful especially in a topology where there are multiple subnets.
 
Buzz
just joined
Posts: 13
Joined: Sat Aug 09, 2014 11:44 am

Re: Feature requests

Sun Feb 15, 2015 1:54 am

I need to show comments from users section at active tab in hotspot (comments r missing in active tab) , because my users are login with their mac address (MAC login method) so they appear in the active tab only with their mac not with there name nor their comments , it will be more easy if these mac address appear with their comment to easily know who is online

by the way if you comment any record in ip binding the comments will appear in hosts tab with this comment

thank u in advance
 
bronx
newbie
Posts: 39
Joined: Wed Feb 11, 2015 1:04 am
Location: Turin, Italy

Re: Feature requests

Sun Feb 15, 2015 8:55 pm

Add a command in script that allow us to read string from console and save it in one variable.

It's allow us to create user interactive script, useful on setup
 
remkolodder
just joined
Posts: 3
Joined: Mon Feb 16, 2015 12:43 pm

Re: Feature requests

Mon Feb 16, 2015 12:52 pm

Hi,

I would like to request a feature to extend the OpenVPN possibilities.
I would like to run multiple OpenVPN instances on the mikrotik. One for my incoming clients, and a few for peer2peer vpn links between servers.

Setup:
Clients: share some IP space on IPv4 and IPv6 front, /27 and /64.
P2P links: use unique /30's between eachother. Used as connection point to offer OSPF routing over the links (and traffic).
 
micromaxi
newbie
Posts: 43
Joined: Fri Feb 06, 2015 10:32 am

Re: Feature requests

Mon Feb 16, 2015 7:39 pm

Please, create universal versatile graphing that allows user to set whatever value that is readable in ROS to be graphed. Combined graphing (e.g. CPU, memory and number of connected clients together in one graph) would be something extra!

And please, ensure that power loss, reboot or ROS upgrade will not erase old graphs. It is still unsolved bug that emmerges very often still in 6.18 (contemporary latest).
I would love to see uptime graph added to the graphing section. That way we dont have to run an extra snmp machine.
 
JanezFord
Member Candidate
Member Candidate
Posts: 269
Joined: Wed May 23, 2012 10:58 am

Re: Feature requests

Tue Feb 17, 2015 8:24 pm

Please add ability to set WMM, HW Protection Mode, Preamble Mode, HW Retries, Adaptive noise immunity and other advanced mode parameters with CAPsMAN (v2) ... capsman is supposed to be used as controller in hotels, conference centres and similar scenarios and these options are useful in highly congested areas.

JF
 
User avatar
pants6000
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Fri Sep 26, 2014 5:30 am

Re: Feature requests

Wed Feb 18, 2015 3:22 am

I've got some:

Configurable view of ip/firewall fields in webfig like in winbox (I really could use to see the "address list" fields in the list!)

text config export from webfig's file menu

per-interface RPF & RPF logging

"safe mode by default" option so I can *never* be locked out of a remote router (unless I want to turn safe mode off, of course)

configurable COS/DSCP mapping
 
User avatar
spippan
Member
Member
Posts: 333
Joined: Wed Nov 12, 2014 1:00 pm
Location: Austria

Re: Feature requests

Wed Feb 18, 2015 2:40 pm

I would be nice that in /ip service I could set more ip address or one addres-list
erm, you actually can do this (not with ACLs but with multiple IPs)
Image
 
Rudios
Forum Veteran
Forum Veteran
Posts: 972
Joined: Mon Mar 11, 2013 12:58 pm
Location: The Netherlands

Re: Feature requests

Wed Feb 18, 2015 3:01 pm

I would be nice that in /ip service I could set more ip address or one addres-list
erm, you actually can do this (not with ACLs but with multiple IPs)
Image
Why not just block unwanted access by firewall?
 
User avatar
pants6000
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Fri Sep 26, 2014 5:30 am

Re: Feature requests

Tue Feb 24, 2015 8:34 pm

PPTP/PPPOE interfaces (all PPP? more?) are disconnected then re-connected when clicking "OK" on their /webfig/#Interfaces.Interface page, even if nothing has changed. It probably shouln't do that.
 
grisina
just joined
Posts: 2
Joined: Wed Feb 25, 2015 10:40 am
Contact:

Re: Feature requests

Wed Feb 25, 2015 10:44 am

For ease of use and functionality i would suggest to use TheDude for this - just remove probes, so no additional load anywhere, just network device map, where you can create device groups and operate with them (upgrade devices, for example). And if required, you can monitor your key routers in the network.
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2865
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: Feature requests

Wed Feb 25, 2015 11:45 am

Please add ability to set comment for dynamically added entries in address list.
This feature let for e.g. make script which resolves blocked IP addresses to their FQDN and puts it into comment field.
 
peper
Frequent Visitor
Frequent Visitor
Posts: 56
Joined: Tue Sep 11, 2012 8:45 pm

Linking scripts to VPN connection events

Fri Feb 27, 2015 3:42 am

There are couple of threads where users request feature to link scripts to firewall rules.
Those requests are logically rejected by developers cause this opens a pretty straightforward way to DDOSisng devices.

But there are other posts (in this thread inclusive) to link scripts to VPN events.
IMHO, this idea makes a lot of sense and is not open for DDOS attacks.
The need to use Scheduler or Netwatch for such simple task as "wake up my computer when I connect externally with VPN" is not very cool.

I've seen some requests to implement in ROS more global event triggering mechanism. It would be nice-to-have, but pretty sure, that it requires a huge development (and testing!) effort in comparison with enabling scripts for couple of selected objects, requested more often than others.
 
kraic
Frequent Visitor
Frequent Visitor
Posts: 76
Joined: Tue Oct 19, 2010 10:31 am
Location: Croatia
Contact:

Re: Feature requests

Fri Feb 27, 2015 9:54 am

background scan please
 
JOFO
just joined
Posts: 4
Joined: Wed Feb 18, 2015 3:41 pm

Re: Feature requests

Fri Feb 27, 2015 8:58 pm

Could you please add latest drivers for Realtek RTL8111 ethernet controller? With actial ROS v6.27 it's randomly freezing eth interface. It's in the iface list, but no traffic can pass through.. Only reboot resolves this state, but only for short time (sometimes it's 3 days, sometimes it crashes after couple of hours). It's useless with such behavior..
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4047
Joined: Wed May 11, 2011 6:08 pm

Re: Feature requests

Sat Feb 28, 2015 12:39 am

Ability to specify which prefix from-pool to use on a specific interface.

Suppose ISP assigns a /60 and I want to specify WHICH of my /64s goes to which interface....
Currently, Mikrotik ignores the bits 61-64 and chooses on its own which of the 16 prefixes to use.

In Cisco, prefix and pool are masked together, and I am spoiled by this feature:
e.g. Loop0 -> ipv6 address ISP1POOL ::ff:0:0:0:1/64

If ISP assigns /60 I would like an ability like this:
ISP --> 2001:db8:0:c000::/60 -> pool ISP
I want to be able to hard-code:
ether1 = ::1:0:0:0:1/64 from-pool ISP -> 2001:db8:0:c001::1
ether2 = ::2:0:0:0:1/64 from-pool ISP -> 2001:db8:0:c002::1
ether3 = ::3:0:0:0:1/64 from-pool ISP -> 2001:db8:0:c003::1
GuestBridge = ::f:0:0:0:1/64 from-pool ISP -> 2001:db8:0:c00f::1

With current behavior, if I disable ether2 and reboot, ether3 would get 2001:db8:0:c002::1
 
User avatar
BartoszP
Forum Guru
Forum Guru
Posts: 2865
Joined: Mon Jun 16, 2014 1:13 pm
Location: Poland

Re: Feature requests

Mon Mar 02, 2015 8:32 pm

Please add ability to assign interface to DHCP network as now there is no possibility to define same subnets for different interfaces which are in different L2 domains defined by VLANs.
See this thread: http://forum.mikrotik.com/viewtopic.php ... 8b#p471529
 
User avatar
spippan
Member
Member
Posts: 333
Joined: Wed Nov 12, 2014 1:00 pm
Location: Austria

Re: Feature requests

Tue Mar 03, 2015 1:08 pm

I would be nice that in /ip service I could set more ip address or one addres-list
erm, you actually can do this (not with ACLs but with multiple IPs)
Image
Why not just block unwanted access by firewall?

exactly ... IMHO also the way more serious and clean solution

i just wanted to point out, that if someone does not want to "struggle" with firewall rules, there is also a specific ACL("-like") option here ;)
 
Garga220
just joined
Posts: 7
Joined: Wed Jan 21, 2015 1:53 pm

Re: Feature requests

Wed Mar 04, 2015 5:04 pm

Is it possible to get OIDs for average CPU, like 5min average or 1h average to be used with different monitoring tools ?
Or maby some kind od print command to get average value?
 
roli
just joined
Posts: 2
Joined: Wed Jun 28, 2006 9:49 pm

Re: Feature requests

Thu Mar 12, 2015 12:47 pm

Functionality such as DNETMAP
 
Garga220
just joined
Posts: 7
Joined: Wed Jan 21, 2015 1:53 pm

Re: Feature requests

Thu Mar 12, 2015 1:55 pm

Functionality such as DNETMAP
+1
 
avlipa
just joined
Posts: 3
Joined: Thu Mar 12, 2015 7:11 pm

Re: Feature requests

Thu Mar 12, 2015 8:49 pm

Could you please add Proxy support for the OpenVPN client on RouterOS?
Winbox utility doesn't have this option.
 
novaquadri
just joined
Posts: 1
Joined: Thu May 16, 2013 10:21 am

Re: Feature requests

Fri Mar 13, 2015 12:56 pm

Please integrate some functions to measure parameters such as swr or return loss
 
avlipa
just joined
Posts: 3
Joined: Thu Mar 12, 2015 7:11 pm

Re: Feature requests

Mon Mar 16, 2015 10:55 pm

Please add TLS-AUTH in RouterOS OpenVPN Client. AFAIK there is no possibility to connect to OpenVPN Access Server software solution without this feature.
 
User avatar
hossain2004a
Member Candidate
Member Candidate
Posts: 247
Joined: Mon Dec 22, 2014 7:34 pm
Location: Iran

Re: Feature requests

Tue Mar 17, 2015 7:51 pm

I don't know if someone tell this before.
But is it possible when you shutdown/reboot the RB, the COUNTERS wouldn't reset at all and continue working?
Last edited by hossain2004a on Fri Apr 03, 2015 9:24 pm, edited 1 time in total.
 
User avatar
dohmniq
Frequent Visitor
Frequent Visitor
Posts: 78
Joined: Sat Nov 17, 2012 12:17 pm

Re: Feature requests

Fri Apr 03, 2015 6:33 pm

New property for /ip firewall mangle rules:

tcp-length(integer[-integer]:0..65535; Default: ) Matches tcp packets with specified tcp payload length or length range in bytes.

Useful for prioritizing zero-length ack packets over other upstream traffic.

As a rough hack/work-around we can use:

packet-size=40-52

(most TCP 0-payload-length packets I've seen are either 40 or 52 bytes depending on TCP options)
 
karwos
Frequent Visitor
Frequent Visitor
Posts: 96
Joined: Thu Apr 02, 2015 7:28 pm
Location: Poland

Re: Feature requests

Sat Apr 04, 2015 5:36 pm

Add new attributes to PCQ classifier:
dst-mac-addr, src-mac-addr

IP working only on plain IP packets (etherType=0x800),
when device working in bridge mode and passing VLAN, VLAN-in-VLAN, PPPoE packets - it's not properly placing packets in queue (they are bpassed).
Solution is to make few other checks on packet (need more clock cycles), so simplier will be to add src/dst hw addr policier ...
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Mon Apr 06, 2015 8:19 pm

Functionality such as DNETMAP
+1
isn't it already here?.. just use 'action=netmap" in 'dstnat' chain...
Please add ability to set comment for dynamically added entries in address list.
This feature let for e.g. make script which resolves blocked IP addresses to their FQDN and puts it into comment field.
[admin@TestPlace] > /ip firewall address-list 
[admin@TestPlace] /ip firewall address-list> add list=mylist address=1.1.1.1 dynamic=yes comment="FQDN.HERE"
[admin@TestPlace] /ip firewall address-list> print where list=mylist 
Flags: X - disabled, D - dynamic 
 #   LIST                                                 ADDRESS                         TIMEOUT             
 0 D ;;; FQDN.HERE
     mylist                                               1.1.1.1                        
[admin@TestPlace] /ip firewall address-list> 

 
IntrusDave
Forum Guru
Forum Guru
Posts: 1286
Joined: Fri May 09, 2014 4:36 am
Location: Rancho Cucamonga, CA

Re: Feature requests

Tue Apr 07, 2015 6:44 am

MAC Address List . This is very useful especially in a topology where there are multiple subnets.
+1 on the MAC address Lists.

Even better would be MAC Address Lists with a wildcard option.
 
Buganah
just joined
Posts: 6
Joined: Wed Oct 01, 2014 6:52 pm

Re: Feature requests

Wed Apr 08, 2015 11:25 am

hi if it is possible to have the pppoe server listens to serveral interfaces instead of one interface ..
i have 7 vlans and i have to have 7 pppoe servers for each vlan interface it would be nice to have one pppoe server for 7 interfaces
 
User avatar
tomaskir
Trainer
Trainer
Posts: 1162
Joined: Sat Sep 24, 2011 2:32 pm
Location: Slovakia

Re: Feature requests

Wed Apr 08, 2015 11:49 am

hi if it is possible to have the pppoe server listens to serveral interfaces instead of one interface ..
i have 7 vlans and i have to have 7 pppoe servers for each vlan interface it would be nice to have one pppoe server for 7 interfaces
Create a bridge, use split bridge horizon to isolate the ports, and create a PPPoE server on that bridge.
 
Zorro
Long time Member
Long time Member
Posts: 675
Joined: Wed Apr 16, 2014 2:43 pm

Re: Feature requests

Thu Apr 09, 2015 10:00 am

would be nice to had offline RouterOS wiki WITHIN routerboards and CCR. so consumers may configure it, to be ONLINE,to read online version of it, without throwing hair away or running panicking in circles.
wouldn't be much space in internal storage(flash is cheap as dirt, btw). even infrequently updated/obsolete/refernce version would help, but better it become part of ROS and keept up-to date with RoS itself, consitently/smoothly.
or had credit-card-sized CD-R disc with manul in html/pdf in it, but thats less cool/easy to use(and CD/DVD drives slowly become rare/uncommon in consumers desktops/portables).

and to fix ARP filtering(mysteriously work not always). and now bout NDP filtering its work?

how about ad-hoc routing protocols. batman, open garden alike non-propretary counterparts and etc variations.

grasshopper/stribot chiper for WiFi and VPN's (and for SSH and for rest stuff).
 
jarda
Forum Guru
Forum Guru
Posts: 7756
Joined: Mon Oct 22, 2012 4:46 pm

Feature requests

Wed Apr 15, 2015 3:53 pm

I don't think there should be wiki inside the devices or on enclosed cd as it cannot be updated on live so it would make big mess.

I would suggest to have wiki according the ros version together with the ability to show differences between two ros versions directly on wiki pages. It would be very helpful for migration of configurations and scripts that normally fail and need to be debugged many times after an update.
 
PtDragon
Frequent Visitor
Frequent Visitor
Posts: 80
Joined: Sun Apr 26, 2009 8:52 pm

Re: Feature requests

Fri Apr 17, 2015 1:45 pm

Please don't forget to add for VPN clients ability to use specific IP.
Please add good load balancing for VPNs(got lot of problems with it).
 
nickjail
just joined
Posts: 15
Joined: Mon Feb 17, 2014 9:26 pm

Re: Feature requests

Wed Jun 10, 2015 12:55 pm

Hi!

Need snmpget, snmpwrite, snmpwalk tools to monitor and control status of remote network hardware via router. For example, monitor UPS via snmp, reboot hardware and so on.
Yes, ups package already exist but it capable with APC only and interface cable lenth is limiting factor...
Really need. Thx!
 
pqatsi
just joined
Posts: 5
Joined: Thu Jun 18, 2015 3:03 pm

Re: Feature requests

Thu Jun 18, 2015 3:24 pm

Is OVPN Client side LZO Compression and UDP support somewhere out there in plan? the wiki link is missing.
OVPN Server+Client LZO+UDP+AES
 
dancms
Member Candidate
Member Candidate
Posts: 101
Joined: Fri Oct 06, 2006 5:03 am

Re: Feature requests

Thu Jul 02, 2015 11:11 pm

Feature request:

Ability to specify boot-file-name on a per static lease basis. This would add much needed flexibility for rather than using the global setting at the 'ip dhcp-server networ' level where all clients receive the same file.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Fri Jul 03, 2015 1:59 am

Feature request:

Ability to specify boot-file-name on a per static lease basis. This would add much needed flexibility for rather than using the global setting at the 'ip dhcp-server networ' level where all clients receive the same file.
for now you should be able to create Network entry per IP with changed settings (just set address=x.y.z.h/32 netmask=24 or something)
 
dancms
Member Candidate
Member Candidate
Posts: 101
Joined: Fri Oct 06, 2006 5:03 am

Re: Feature requests

Fri Jul 03, 2015 2:06 am

Creates a little more clutter than needed but good work around. Much appreciated!
 
jexem
just joined
Posts: 1
Joined: Fri Jul 03, 2015 11:02 am

Re: Feature requests

Fri Jul 03, 2015 11:07 am

Hi!

It would be fine to Support UAPSD. All Voip Wifi Phones did support and need this to work. I think many People need this to integrate in Offices an Hospitality Sector. Also Power Drain of Smartphones should be better. Is there any Progress about this thing?

Thank you
Juergen
 
User avatar
miasik
newbie
Posts: 29
Joined: Sun Mar 18, 2012 10:15 am
Location: Kiev, Ukraine

Re: Feature requests

Sat Jul 04, 2015 11:24 am

Add method POST and custom headers(as curl -H) support to /tools fetch.
Need for Yandex API, for example.
 
dukejjjj
just joined
Posts: 4
Joined: Fri Dec 23, 2011 6:00 pm

Re: Feature requests

Mon Jul 06, 2015 4:07 am

hi

Can add Shadowsocks server & client ?
 
User avatar
Bigfoot
Frequent Visitor
Frequent Visitor
Posts: 76
Joined: Sat Jan 15, 2011 10:41 am
Location: South Africa

Re: Feature requests

Mon Jul 06, 2015 8:23 am

Hi

Can you add a Column with Src IP address in the Web Proxy Cache Contents. :)

Bigfoot
Last edited by Bigfoot on Tue Aug 18, 2015 12:40 pm, edited 1 time in total.
 
User avatar
Bigfoot
Frequent Visitor
Frequent Visitor
Posts: 76
Joined: Sat Jan 15, 2011 10:41 am
Location: South Africa

Re: Feature requests

Tue Aug 18, 2015 12:40 pm

Hi

On the Resource Graphs is possible to add voltage and temperature , UPS like the CPU, HDD & Memory on the resource graphs in web interface.

Bigfoot
 
agrevtcev
just joined
Posts: 5
Joined: Wed Jul 17, 2013 9:37 am

Re: Feature requests

Tue Aug 18, 2015 6:06 pm

It would be nice to implement ECDSA certificates support. So we could finally mitigate IPSEC IKE UDP fragmentation issue, without sacrificing certificate security level, as cryptoanalysts say. Thanks alot.
 
UMarcus
Frequent Visitor
Frequent Visitor
Posts: 95
Joined: Wed Jan 21, 2015 10:11 am
Location: Europe

Re: Feature requests

Fri Sep 04, 2015 10:22 am

 
Ivoshiee
Member
Member
Posts: 483
Joined: Sat May 06, 2006 4:11 pm

Re: Feature requests

Mon Sep 07, 2015 10:15 am

The ROMON tool should have an ability to discover IP-addresses as well.
 
mchoco
just joined
Posts: 3
Joined: Wed Jul 22, 2015 4:56 am

Re: Feature requests

Mon Sep 07, 2015 5:09 pm

Provide a simple way to use switch chip to do wire-speed IP routing. Although the switch chips can only support limited routing rules, it can serve smaller setups well.
 
marrold
Member
Member
Posts: 427
Joined: Wed Sep 04, 2013 10:45 am

Re: Feature requests

Mon Sep 07, 2015 6:21 pm

Ability to 'fetch' and save into variable without saving to file.

E.G -

$ curl ifconfig.co
45.212.4.56
 
vortex
Forum Guru
Forum Guru
Posts: 1092
Joined: Sat Feb 16, 2013 6:10 pm

Re: Feature requests

Mon Sep 07, 2015 6:51 pm

Provide a simple way to use switch chip to do wire-speed IP routing. Although the switch chips can only support limited routing rules, it can serve smaller setups well.
This is interesting. Could you please elaborate?
 
User avatar
ahmedramze
Member Candidate
Member Candidate
Posts: 111
Joined: Mon Feb 21, 2005 9:29 am
Location: IRAQ
Contact:

Re: Feature requests

Sun Sep 13, 2015 12:38 pm

Hello

Please Can Add service name on PPP active to be able to sort users according to the port or re-sellers
sermik.PNG
You do not have the required permissions to view the files attached to this post.
 
mmmigoro
newbie
Posts: 39
Joined: Mon Feb 14, 2011 3:48 pm
Location: PRAHOVA, Romania

Re: Feature requests

Mon Sep 14, 2015 9:13 am

Add option to set BGP origin in Action-Filters see: http://forum.mikrotik.com/viewtopic.php?f=14&t=98807
 
zoj
just joined
Posts: 10
Joined: Sat Aug 18, 2012 12:33 am

Re: Feature requests

Mon Sep 14, 2015 2:41 pm

Add option to define in radius configuration tab, IP by which will be sending always request to Radius server

I have 30 IP's and MT always is sending request to radius server via first IP. Sometimes something is wrong and MT is trying send request via other IP.
Problem is that on radius server i have configured rules to only received radius request from one IP.
 
User avatar
tomaskir
Trainer
Trainer
Posts: 1162
Joined: Sat Sep 24, 2011 2:32 pm
Location: Slovakia

Re: Feature requests

Mon Sep 14, 2015 3:39 pm

Add option to define in radius configuration tab, IP by which will be sending always request to Radius server

I have 30 IP's and MT always is sending request to radius server via first IP. Sometimes something is wrong and MT is trying send request via other IP.
Problem is that on radius server i have configured rules to only received radius request from one IP.
You can already do this...
/radius
add address=1.1.1.1 secret=123456 service=login src-address=10.0.0.100
 
zoj
just joined
Posts: 10
Joined: Sat Aug 18, 2012 12:33 am

Re: Feature requests

Tue Sep 15, 2015 6:42 am

Add option to define in radius configuration tab, IP by which will be sending always request to Radius server

I have 30 IP's and MT always is sending request to radius server via first IP. Sometimes something is wrong and MT is trying send request via other IP.
Problem is that on radius server i have configured rules to only received radius request from one IP.
You can already do this...
/radius
add address=1.1.1.1 secret=123456 service=login src-address=10.0.0.100
Thank you, so if I'm using ppp, my configuration should look like that:
add address=1.1.1.1 secret=passwd service=ppp,login src-address=212.121.121.121
1.1.1.1 - Radius IP
212.121.121.121 - IP address on MT which i would like use to send request to Radius server

That's mean that MT always sends request to Radius server by this IP ( 212.121.121.121), is it ?
 
gcsuri
newbie
Posts: 35
Joined: Wed Sep 03, 2008 10:20 am

Re: Feature requests

Tue Sep 15, 2015 7:35 am

Hi All,

could you add a "skip" option to netwatch system, please?
So when netwatch pings a host and sometimes it has a timeout the host goes down immediately... and goes up on the next ping. It occurs because of a transmission timeout or something else but the host doesn't inaccessible.
If we had a "skip" option to be set to "3" for example then the system could skip 3 timeouts and the host doesn't get down on a simple ping timeout until it has 3 timeouts. When "skip" is "0" all goes the same than before.

thank you much!

Gabor
 
WirelessRudy
Forum Guru
Forum Guru
Posts: 3119
Joined: Tue Aug 08, 2006 5:54 pm
Location: Spain

Re: Feature requests

Tue Sep 15, 2015 1:22 pm

Hi All,

could you add a "skip" option to netwatch system, please?
So when netwatch pings a host and sometimes it has a timeout the host goes down immediately... and goes up on the next ping. It occurs because of a transmission timeout or something else but the host doesn't inaccessible.
If we had a "skip" option to be set to "3" for example then the system could skip 3 timeouts and the host doesn't get down on a simple ping timeout until it has 3 timeouts. When "skip" is "0" all goes the same than before.

thank you much!

Gabor
I second this! It has been asked before but it might serve to post this again. Same counts for `watchdog` feature. We should have the option to set the 'time' of a timeout and the amount of timeouts.
Now a single missing ping immediately reboots the router. At times this is not desirable....
 
jarda
Forum Guru
Forum Guru
Posts: 7756
Joined: Mon Oct 22, 2012 4:46 pm

Tue Sep 15, 2015 5:18 pm

...
Last edited by jarda on Tue Sep 15, 2015 5:20 pm, edited 1 time in total.
 
jarda
Forum Guru
Forum Guru
Posts: 7756
Joined: Mon Oct 22, 2012 4:46 pm

Feature requests

Tue Sep 15, 2015 5:19 pm

I asked very long time ago for implementing full set of ping features to netwatch tool. This would solve all such particular requests at once.
 
zoj
just joined
Posts: 10
Joined: Sat Aug 18, 2012 12:33 am

Re: Feature requests

Wed Sep 16, 2015 8:59 pm

Do you have a plan to add IPSec Road Warrior + AAA via Radius ?
I know that i can configure it on MT but it doesn't support Radius
 
jondavy
Member Candidate
Member Candidate
Posts: 143
Joined: Tue May 12, 2009 11:14 pm
Location: Brasil

Re: Feature requests

Sat Sep 26, 2015 11:08 pm

it would be interesting to show comments in the active dynamic PPPoE interfaces registered in Secrets
and also the comments registered in hotspot users to appear in Active users

as with the wireless tables
 
metricmoose
newbie
Posts: 48
Joined: Sat Nov 21, 2015 2:03 am

Re: Feature requests

Thu Dec 03, 2015 10:02 pm

I would appreciate the ability to use multiple radius servers simultaneously. For example, having a Hotspot setup that can use the built-in Userman package as well as say, a FreeRADIUS server. Right now, if you add multiple radius servers, RouterOS will use the first one unless it times out or otherwise fails. If the first radius server replies to RouterOS telling it that the user wasn't found, then it will stop looking despite there being multiple entries for hotspot radius servers.
 
User avatar
pants6000
Frequent Visitor
Frequent Visitor
Posts: 86
Joined: Fri Sep 26, 2014 5:30 am

Re: Feature requests

Fri Dec 04, 2015 7:32 pm

Being able to set the RADIUS source IP to an interface instead of an explicit IP address would be useful... for me, at least!

We have ROS boxen that speak RADIUS over a VPN to our freeradius servers; if I could set the RADIUS request source IP to the VPN interface, it would make for simpler "cookie cutter" config when rolling such things out or making changes.
 
User avatar
omega-00
Forum Guru
Forum Guru
Posts: 1167
Joined: Sat Jun 06, 2009 4:54 am
Location: Australia
Contact:

Re: Feature requests

Mon Dec 07, 2015 2:34 am

Being able to set the RADIUS source IP to an interface instead of an explicit IP address would be useful... for me, at least!

We have ROS boxen that speak RADIUS over a VPN to our freeradius servers; if I could set the RADIUS request source IP to the VPN interface, it would make for simpler "cookie cutter" config when rolling such things out or making changes.
If you're doing this as part of the deployment it's probably better (IMHO) to use part of the config script to determine the IP address for that interface and set it up because it's a once off, while your IP address on an interface could change (or an interface could have multiple IP's)
 
Zorro
Long time Member
Long time Member
Posts: 675
Joined: Wed Apr 16, 2014 2:43 pm

Zorp instead of "Web proxy"

Tue Dec 08, 2015 1:10 am

would be nice to had zorp in (future versions of?)ROS, cuz for 95% "Web Proxy" usage by networkers - its do Better. faster, low resource footpring, Way more secure, extendable/manageable, etc.
 
tr00g33k
Frequent Visitor
Frequent Visitor
Posts: 89
Joined: Sun Mar 29, 2015 3:58 pm

Winbox SSL Certificate

Tue Dec 08, 2015 7:53 pm

It would be really great if you could add feature, that certificate is needed on client to directly connect to winbox from anywhere. We have a lot of client, and sometimes its realy annoying to always setup vpn, or always have to coonect to office and then to clients. It would be much easies, if i would have one certificate for all client, that I could connect directly to client via winbox securly.

Maybe anybody else opinion? :)
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Tue Dec 08, 2015 11:07 pm

Use ssh with key, then forward WinBox port to local router :)
 
Zorro
Long time Member
Long time Member
Posts: 675
Joined: Wed Apr 16, 2014 2:43 pm

Re: Feature requests

Thu Dec 10, 2015 5:23 am

for primarily "emergency networking management" perhaps SSTP would b better choice because its more traversable, despite overhead, delays, IMHO.
otherwise, ROS support various things starting from IPIP and other stuff, which combined with (any kind of prefered)crypto would do trick.

p.s.
perhaps would make sense for mikotik - etend ipip to ipipv2 with gcm/eax/cwc/ocb-ciphers(aside cbc/xts legacy, ought to be deprecated soon)
 
poizzon
Member Candidate
Member Candidate
Posts: 113
Joined: Fri Jun 21, 2013 12:53 pm

Re: Feature requests

Sun Dec 13, 2015 9:33 pm

request for RFC 4578
https://tools.ietf.org/html/rfc4578

DHCP option, Arch type for PXE.

RouterOS, has everything for it, very useful for pc's with UEFI bios
 
odge
Member Candidate
Member Candidate
Posts: 110
Joined: Mon Nov 29, 2010 2:53 pm

Re: Zabbix package for ROS ? more updated/actual Active queues ?

Mon Dec 14, 2015 10:59 pm

also would personally welcome more updated/actual Active queues in RouterOS to handle/combat/prevent Network congestion. rather than static/notorious RED algo/type present already, which unsuable for production for number of reasons.
for example, RRED would be nice. aswell as other adaptive, attack/flooding-proof variants of AQM.
also bout moving RouterOS from vanilla Linux kernels to Zero Overhead Linux gossips - is actually such plans, yet ?
(this thing http://www.tilera.com/sites/default/fil ... aper_0.pdf meant, to be exact/specific)
also finishing/completing BFG routing implementation (auth and echo ?) also may be handy.
AQM... codel and fq_codel... the power that this can add, to the power user, and to a wizard setup, would just be insane seller...
 
78mzm
just joined
Posts: 1
Joined: Sun Jul 20, 2014 7:36 am

Re: Feature requests

Mon Dec 21, 2015 10:13 am

thenk you for sbjtect
 
sney
just joined
Posts: 2
Joined: Sat Oct 10, 2015 8:35 pm

Re: Feature requests

Mon Feb 08, 2016 9:05 pm

More verbose DNS lookups. Like you can do with dig on *nix systems. It would be immensely helpful for dns troubleshooting to get more than just an ip back, e.g. record types, responding server.
 
reitblatt
just joined
Posts: 1
Joined: Fri Feb 12, 2016 10:05 pm

Re: Feature requests

Fri Feb 12, 2016 10:18 pm

Layer 2 tunneling over GRE.

Right now only IP (Layer 3) over GRE is supported, and EoIP uses the GRE protocol number, but is actually a different protocol w/ a similar header layout. Linux already support for L2 GRE (gretap), so hopefully not too onerous development.
 
lormayna
just joined
Posts: 2
Joined: Tue Apr 07, 2015 7:04 pm

Re: Feature requests

Mon Feb 22, 2016 5:28 pm

PPPoE PADO Delay.
It would perfect to provide BRAS redundancy and load balancing when you have different backhauling with different latency and load.
 
User avatar
omidkosari
Trainer
Trainer
Posts: 640
Joined: Fri Sep 01, 2006 4:18 pm
Location: Canada, Toronto

Re: Feature requests

Mon Feb 22, 2016 5:39 pm

http://forum.mikrotik.com/viewtopic.php ... 50#p235456
Umetered Content for PPPoE . 'Unmetered Content' services aren't counted against your monthly download inclusion

http://forum.mikrotik.com/viewtopic.php?t=59745
 
User avatar
isolnet
newbie
Posts: 45
Joined: Sat Jan 30, 2016 7:28 am
Location: India

Re: Feature requests

Wed Feb 24, 2016 5:52 am

I think User Manager needs improvement....
 
andersonlich
Frequent Visitor
Frequent Visitor
Posts: 55
Joined: Thu Feb 26, 2009 1:05 pm

Re: Feature requests

Tue Mar 01, 2016 3:46 pm

Separated or dedicated vcpu at CCR to process control-plane and data-plane. Or maybe the next ccr platfrom has 2 socket CPU, which separated to process control-plane and data-plane.

I know it seems silly but please consider the benefit of it.
 
Florian
Member Candidate
Member Candidate
Posts: 117
Joined: Sun Mar 13, 2016 9:45 am
Location: France

Re: Feature requests

Wed Mar 23, 2016 12:59 pm

Hi.

Is this topic still read by the devs ?
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Wed Mar 23, 2016 4:02 pm

devs don't visit this forum
 
andersonlich
Frequent Visitor
Frequent Visitor
Posts: 55
Joined: Thu Feb 26, 2009 1:05 pm

Re: Feature requests

Tue Mar 29, 2016 5:09 pm

We know that in mikrotik is able to do DHCP with radius. But the missing tool is the accounting request in DHCP is not available yet. Can we have this feature ?
 
dendzo
just joined
Posts: 11
Joined: Mon Aug 05, 2013 11:39 pm

Re: Feature requests

Fri Jun 17, 2016 2:49 am

Route availability base on an remote IP.

I would like to have route availability based on some other IP. Let's say you add a new option below Check Gateway that would be something like check another gateway (my gateway's gateway for example) or just any other IP like 8.8.8.8. And if that IP becomes unavailable over that specific route it can make it unreachable/inactive so other route with higher Distance can became in charge. Check Gateway option does not work when your provider puts router on your premises. And if provider's router loses connection to it's remote router, you still have your gateway (because you have a router on your premises) and so for you, gateway is reachable, but you actually don't have internet access and that route looks good.

It would help very much in regards to failover.
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4047
Joined: Wed May 11, 2011 6:08 pm

Re: Feature requests

Fri Jun 17, 2016 5:43 am

Route availability base on an remote IP.
...
It would help very much in regards to failover.
You can do it using a recursive next hop/net watch.
 
teddyhsu
just joined
Posts: 2
Joined: Sun Nov 16, 2014 5:56 pm

Re: Feature requests

Mon Jun 20, 2016 11:52 am

Hi,

I need a sequence number for ip hotspot wall-garden and wall-garden ip list on winbox.
It can be very useful on debug wall-garden list issue.
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1140
Joined: Tue Oct 11, 2005 4:53 pm

Re: Feature requests

Mon Jun 20, 2016 3:52 pm

Route availability base on an remote IP.

I would like to have route availability based on some other IP. Let's say you add a new option below Check Gateway that would be something like check another gateway (my gateway's gateway for example) or just any other IP like 8.8.8.8. And if that IP becomes unavailable over that specific route it can make it unreachable/inactive so other route with higher Distance can became in charge. Check Gateway option does not work when your provider puts router on your premises. And if provider's router loses connection to it's remote router, you still have your gateway (because you have a router on your premises) and so for you, gateway is reachable, but you actually don't have internet access and that route looks good.

It would help very much in regards to failover.
+1

I know that currently this can be achieved by using Netwatch and some scripting but it would be much easier if it were available directly on the route's properties.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Mon Jun 20, 2016 4:33 pm

I know that currently this can be achieved by using Netwatch and some scripting but it would be much easier if it were available directly on the route's properties.
it is available even without scripting: http://wiki.mikrotik.com/wiki/Advanced_ ... _Scripting
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1140
Joined: Tue Oct 11, 2005 4:53 pm

Re: Feature requests

Mon Jun 20, 2016 4:39 pm

Thanks, I wasn't aware of that!

Still, it would be easier to just be able to define what IP to probe for a specific route, rather than having to create extra static routes and play with scope to achieve this (if I understand the wiki page correctly)
 
toodark
just joined
Posts: 2
Joined: Sat Jun 27, 2015 1:06 am

Re: Feature requests

Tue Jun 21, 2016 12:35 pm

nginx package/service

I'd really like to have an nginx server inside (or at least as an add on package) in routeros. It opens up endless possibilities for application level based forwarding, reverse proxying, caching etc. I believe it's also useful for home users when they have only a single public ip: this way internal http based services could be easily mapped into a single ip.
I'm aware that one might achieves this by installing an openwrt meta package then install nginx into it, but I feel that would be a huge waste of resources.
thanks
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4047
Joined: Wed May 11, 2011 6:08 pm

Re: Feature requests

Tue Jun 21, 2016 9:30 pm

Thanks, I wasn't aware of that!

Still, it would be easier to just be able to define what IP to probe for a specific route, rather than having to create extra static routes and play with scope to achieve this (if I understand the wiki page correctly)
Well, even with the option to ping some specific address (other than the GW) you would still need to create a /32 route that forces the test target via a particular interface, or else the route will flap as the GW points to failed link, ping fails, route changes to backup path, ping starts working (via backup), primary route re-activated, pings fail, etc etc etc.
 
freemannnn
Forum Veteran
Forum Veteran
Posts: 700
Joined: Sun Oct 13, 2013 7:29 pm

Re: Feature requests

Tue Jun 21, 2016 9:47 pm

I want a color like blue when queue is in burst mode
 
User avatar
Cha0s
Forum Guru
Forum Guru
Posts: 1140
Joined: Tue Oct 11, 2005 4:53 pm

Re: Feature requests

Tue Jun 21, 2016 10:12 pm

Well, even with the option to ping some specific address (other than the GW) you would still need to create a /32 route that forces the test target via a particular interface, or else the route will flap as the GW points to failed link, ping fails, route changes to backup path, ping starts working (via backup), primary route re-activated, pings fail, etc etc etc.
The idea is that for the 'ping address' you define on the route, the pings to it will always go through that route's gateway address/interface.
If that route's gateway/interface is unreachable/down then the 'ping address' shouldn't get routed via any other route (even if there is another route to it). Otherwise it would be useless apparently (as you described).

In terms of the linux kernel and its networking, yes, obviously there needs to be a /32 route to that 'ping address' via that gateway/interface, and I would also add a second 'unreachable' route with distance 2 so that it won't get routed via another less specific route when the first route is down.
But all that could be handled/abstracted by routeros iteself in the background and not shown in /ip route (that would be confusing otherwise).
And all that in a way that those /32s don't interfere with other traffic to that IP (ie different/hidden routing tables).

The end result would be less work for the end user/admin, less room for errors and a much cleaner/intuitive configuration.

It believe it shouldn't be that difficult to implement.
But I wouldn't really mind if it weren't (since it can be achieved by other means, as mentioned already).
I just find it a useful feature :)

Besides, many things were added over the years that could be implemented via scripting or other methods and simplified our lives. Just to name a few: dns names on vpn intefaces, interface lists, dynamic dns client, automatic tcp mss clamping on tunnels, automatic ipsec setup on tunnels, etc, etc, etc).
Did anybody object to those because they already had scripts for them? ;) I know I didn't (even if it took me a looong time to replace my already stable scripts to those new features - which are very useful of course!)
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4047
Joined: Wed May 11, 2011 6:08 pm

Re: Feature requests

Wed Jun 22, 2016 3:56 am

Oh I'm ALWAYS in favor of making things 'just work right' via the usual config, especially overy scheduled scripts.

I think the suggestion is a good idea. I was simply adding to the other comment that a netwatch can accomplish the goal - noting that even specifying a remote ping target requires one more piece.

If implemented, I would expect to see a dynamic static /32 route in the routing table, and a dynamic secondary /32 blackhole.
 
parham
Frequent Visitor
Frequent Visitor
Posts: 62
Joined: Sun Feb 15, 2015 11:35 pm

Re: Feature requests

Wed Jun 22, 2016 11:58 am

I don't know if anyone requested adding  DPI  or User activity monitor but anyway can we have this feature Please.
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2096
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow
Contact:

Re: Feature requests

Wed Jun 22, 2016 2:11 pm

I don't know if anyone requested adding  DPI  or User activity monitor but anyway can we have this feature Please.
RouterOS is for routing, DPI is part of a UTM or NGFW solution.
 
MikeFF
just joined
Posts: 14
Joined: Sun Apr 20, 2014 7:27 pm

Re: Feature requests

Thu Jun 23, 2016 12:21 am

I hope they can add two things for the new RouterOS versions

One, Is that the OVPN client could support UDP connections, this because the OpenVPN servers in Linux (used plenty in all over the world) use this as default, and it will be pretty good feature to choose one of those in the config

Two, support TLS connections trough OVP Client, ussing ta.key for authentication, this is a very good security feature that is used also in OpenVPN.
No hand shake, no risk to be hacked or steal the certificates.....

I hope you can consider my suggestions.

Thanks a lot
 
lavv17
Member Candidate
Member Candidate
Posts: 120
Joined: Sat Sep 01, 2007 9:01 am

Re: Feature requests

Fri Aug 26, 2016 1:07 pm

Some time ago the possibility to change dynamic simple queues was removed, so my script which adds "packet-marks" parameter stopped working.

Is it possible to create a template for the dynamic simple queues which are created for PPPoE users, so that I can specify some parameters like "packet-marks" or "queue" or "parent" there?
Last edited by lavv17 on Mon Dec 12, 2016 4:56 pm, edited 1 time in total.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Fri Aug 26, 2016 1:56 pm

Some time ago the possibility to change dynamic simple queues was removed, so my script which adds "packet-parks" parameter stopped working.
what do you use them for?
 
Zorro
Long time Member
Long time Member
Posts: 675
Joined: Wed Apr 16, 2014 2:43 pm

Re: Feature requests

Sat Aug 27, 2016 5:47 pm

I don't know if anyone requested adding  DPI  or User activity monitor but anyway can we have this feature Please.
RouterOS is for routing, DPI is part of a UTM or NGFW solution.
i would call that bullshit.
you can't leave "bare naked" even backbone( even within private, isolated corporate network of), let alone border and etc. proportions are differ and hardware resources to cruch them, but generally thats Essential ANYWHERE. and anyone who underestimates that - will get hard/harsh lesson, im afraid.
 
lavv17
Member Candidate
Member Candidate
Posts: 120
Joined: Sat Sep 01, 2007 9:01 am

Re: Feature requests

Tue Aug 30, 2016 12:03 pm

Some time ago the possibility to change dynamic simple queues was removed, so my script which adds "packet-parks" parameter stopped working.
what do you use them for?
I want to exclude some traffic from the rate limitation (so called local traffic). I used to mark non-local traffic and add the packet mark to all dynamic queues. Now it is not working. Please advise.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Tue Aug 30, 2016 5:11 pm

Some time ago the possibility to change dynamic simple queues was removed, so my script which adds "packet-parks" parameter stopped working.
what do you use them for?
I want to exclude some traffic from the rate limitation (so called local traffic). I used to mark non-local traffic and add the packet mark to all dynamic queues. Now it is not working. Please advise.
create a queue for local traffic and put it on the top. it will catch all local traffic, and all the rest will be caught by 'personal' queues

p.s. if you won't set any limits on that queue, don't forget to change at least something (like queue type) for this queue to actually work
 
lavv17
Member Candidate
Member Candidate
Posts: 120
Joined: Sat Sep 01, 2007 9:01 am

Re: Feature requests

Mon Sep 05, 2016 11:26 am

create a queue for local traffic and put it on the top. it will catch all local traffic, and all the rest will be caught by 'personal' queues
p.s. if you won't set any limits on that queue, don't forget to change at least something (like queue type) for this queue to actually work
Cool! It seems to work. Much simpler and (as I suspect) faster. Thanks a lot!
 
jarda
Forum Guru
Forum Guru
Posts: 7756
Joined: Mon Oct 22, 2012 4:46 pm

Re: Feature requests

Mon Sep 05, 2016 11:56 am

Fasttracking that traffic you want to be excluded from queues is much more efficient.
But keep the exclusion queue for the cases when some connections couldn't be fasttracked.
 
mpreissner
Member
Member
Posts: 357
Joined: Tue Mar 11, 2014 11:16 pm
Location: Columbia, MD

Re: Feature requests

Mon Sep 05, 2016 5:46 pm

Please add support for EAP types on VPN connections as you do for wireless. Without EAP support, many security features such as NAP enforcement (using Microsoft NPS as RADIUS) won't work. Specifically, we need support for PEAP and EAP-MSCHAPv2 to get NAP working.

Also consider allowing the ability to set the NAS-Port-Type RADIUS attribute for VPN connections. Currently, ROS sends a NAS-Port-Type of Async for VPN connections. While this might be appropriate for a Dial-Up PPPoE, it is not appropriate for non-Dial-Up VPN connections, and would give us more flexibility in configuring access policies when using Microsoft NPS as a RADIUS server.
 
kimdobranski
newbie
Posts: 43
Joined: Mon Aug 03, 2015 9:39 pm

Re: Feature requests

Mon Sep 05, 2016 10:42 pm

When setting up a radius server, I *really,really,really* need these

1) having a secondary (or multiple) IP address in the event the first IP becomes unavailable or times out.

2) i would like the option of putting a DNS instead if an IP (ie. radius1.myradiusserver.com, radius2.myradiusserver.com) in the address field.
You do not have the required permissions to view the files attached to this post.
 
kimdobranski
newbie
Posts: 43
Joined: Mon Aug 03, 2015 9:39 pm

Re: Feature requests

Mon Sep 05, 2016 10:45 pm

Need the WAN MAC address of the ROUTER (not the client) available as a hotspot variable.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8709
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Feature requests

Tue Sep 06, 2016 12:20 am

1) having a secondary (or multiple) IP address in the event the first IP becomes unavailable or times out.
just add one more Radius Server entry with the same settings
 
DmitryAVET
Member Candidate
Member Candidate
Posts: 112
Joined: Thu Mar 26, 2015 12:27 am
Location: Ukraine, Mukachevo
Contact:

Re: Feature requests

Tue Sep 06, 2016 10:53 am

please add custom name for MAC-adresses and some detailed info about wireless client, like in ubnt unifi
 
lavv17
Member Candidate
Member Candidate
Posts: 120
Joined: Sat Sep 01, 2007 9:01 am

Re: Feature requests

Tue Sep 06, 2016 12:28 pm

Fasttracking that traffic you want to be excluded from queues is much more efficient.
But keep the exclusion queue for the cases when some connections couldn't be fasttracked.
I have turned off connection tracking for most connections (using raw table), so it won't be efficient in my case.
 
opteron
just joined
Posts: 3
Joined: Tue Sep 06, 2016 4:36 pm

Re: Feature requests

Tue Sep 06, 2016 5:04 pm

Hi There,

We are using a Supermicro 5018 MLNT4 (https://www.supermicro.com/products/sys ... -MLTN4.cfm) with onboard C2000 SoC I354 Quad Nic.
This nic is not supportes... PLEASE ADD THE DRIVERS !
 
mpreissner
Member
Member
Posts: 357
Joined: Tue Mar 11, 2014 11:16 pm
Location: Columbia, MD

Re: Feature requests

Wed Sep 07, 2016 1:33 am

Hi There,

We are using a Supermicro 5018 MLNT4 (https://www.supermicro.com/products/sys ... -MLTN4.cfm) with onboard C2000 SoC I354 Quad Nic.
This nic is not supportes... PLEASE ADD THE DRIVERS !
You're best bet there is to install a hypervisor on that server and run the CHR rather than the standard x86 ROS. Not only will you be able to use the onboard NICs, but you'll also be able to use more than 2GB RAM, and set up multiple instances so you can run in high availability.

That being said, you should have researched hardware compatibility before buying a server.
 
SystemErrorMessage
Member
Member
Posts: 383
Joined: Sat Dec 22, 2012 9:04 pm

Re: Feature requests

Mon Sep 12, 2016 1:25 am

DNScrypt for those filtering ISPs and for added DNS security.
Allowing the installation of software and user made libraries (perhaps java?)
Switch based STP variants and fixing route learning (all devices connected to CRS lose internet connectivity but not LAN when changing port router uses).

I know these have been asked for but for DNScrypt nothing is being said anything about despite a significant number of request (even consumer routers are using it).

Mikrotik needs to be ahead when it comes to network related features compared to what openwrt and consumer routers offer. Cant call yourselves a cisco alternative if its missing features. it doesnt need to come with printer and file sharing in the box (but software from others if can be installed can provide this feature).
 
joca
just joined
Posts: 2
Joined: Sun Aug 26, 2012 1:29 am

Re: Feature requests

Mon Sep 12, 2016 4:07 pm

There is a possibility UPnP create firewall rules Only For Private ips ?
 
lavv17
Member Candidate
Member Candidate
Posts: 120
Joined: Sat Sep 01, 2007 9:01 am

Re: Feature requests

Mon Sep 12, 2016 4:12 pm

I'd like to have a new feature: "graceful reboot".

Things to do before actual reboot:
1. disconnect ppp users (while not accepting new ones)
2. transition vrrp to backup state
3. disable external bgp peers
4. wait for routing convergence

Without these, there is a time frame when traffic loops and/or goes to a black hole; ppp users experience an abnormal connection termination.
Currently I have a script to do it, but it would be better to have it in the RouterOS.
 
hoop-banger
just joined
Posts: 6
Joined: Tue Jun 13, 2006 2:33 pm

Re: Feature requests

Tue Sep 13, 2016 1:06 pm

This one is related to winbox. Please make internal taskbar in winbox that show opened windows.
Image

Please see attached picture, taskbar is added in photo editor.
 
Staj
just joined
Posts: 20
Joined: Tue Jun 04, 2013 9:35 am

Re: Feature requests

Wed Sep 14, 2016 8:49 am

DHCP Half-Bridge. LTE support is all well and good but without it, makes it hard to integrate into existing networks.
 
2dfx
newbie
Posts: 26
Joined: Tue Mar 05, 2013 6:30 pm

Re: Feature requests

Thu Sep 15, 2016 4:55 pm

Hi all!
What about grouping rules in Winbox like in Microsoft TMG?
It's will be a great features!


See "Web Access Policy Group"
Image
 
User avatar
ppereira
just joined
Posts: 9
Joined: Mon Sep 09, 2013 10:24 pm

Re: Feature requests

Thu Sep 15, 2016 6:27 pm

1) having a secondary (or multiple) IP address in the event the first IP becomes unavailable or times out.
just add one more Radius Server entry with the same settings
Hi guys,

Using it like this , the next radius server will be used only when the first did not answer.

There is a way to configure it to be distributed the radius events ... like i configure 4 radius server .. and all radius traffic be process / 4 ?
Client 1 -> radius 1
Client 2 -> radius 2
Client 3 -> radius 3
Client 4 -> radius 4
Client 5 -> radius 1 ....

got it ?

I´m not saying that the actual way it works is bad or good i´m just thinking that could be nice have this option.
 
User avatar
SiB
Forum Guru
Forum Guru
Posts: 1888
Joined: Sun Jan 06, 2013 11:19 pm
Location: Poland

Re: Feature requests

Fri Sep 16, 2016 12:51 pm

Add more details into System > History like:
  • More details in Action, the "filter rule changed" is to short, enter the details of the rule
  • Action Tab should write about "Delete/Insert/Add/Move 5 rules" with description like chain/comment/etc.
  • If I work on SafeMode then the history entry should be have a flag SafeMode - I know what will be safe or drop
 
kimdobranski
newbie
Posts: 43
Joined: Mon Aug 03, 2015 9:39 pm

Re: Feature requests

Sat Sep 17, 2016 12:44 am

1) having a secondary (or multiple) IP address in the event the first IP becomes unavailable or times out.
just add one more Radius Server entry with the same settings
I created a second Radius Server with identical settings and changed the ip to an IP that is actually held by the same server, then i disabled the first entry, but mikrotik reports "Radius Server not responding". When i check the radius server logs, it show its authenticates correctly.

The radius server is set to listen on all ips and that is working, but for some reason the mikrotik is not receiving the response after the radius authenticates.
 
lavv17
Member Candidate
Member Candidate
Posts: 120
Joined: Sat Sep 01, 2007 9:01 am

Re: Feature requests

Mon Sep 19, 2016 3:08 pm

Hello!

Nice features to have:
1. IP firewall address lists could include one another (or firewall rules could match multiple lists at once, e.g. "src-address-list=list1,list2").
2. NAT parameter to-addresses could refer to an IP pool.
Last edited by lavv17 on Wed Sep 21, 2016 10:02 am, edited 1 time in total.
 
LeoCombes
Frequent Visitor
Frequent Visitor
Posts: 78
Joined: Mon May 28, 2007 3:56 pm

Re: Feature requests

Tue Sep 20, 2016 6:34 pm

DHCP accounting through Radius

Would be nice if the routerOS dhcp-server allow logging with radius accounting.
We use dhcp-server from mikrotik (no radius auth) and we need have a log of each IP we offer to each client and when, through radius.

NOTE: accounting != auth

Accounting send "log" for each IP address leased or unleased to Radius server, regardless if IP address is served from external radius server or internal mikrotik DHCP server.

http://forum.mikrotik.com/viewtopic.php?f=19&t=85721
 
User avatar
payam124
Trainer
Trainer
Posts: 19
Joined: Thu Jan 07, 2016 11:44 pm
Location: https://MoLuke.net
Contact:

Re: Feature requests

Fri Oct 14, 2016 3:56 pm

CloudFlare is about removing its API version 1 which allowed users to use get-only requests to modify settings.
I used an script + cloudflare free account to run my dynamic DNS

now in their new API, it is required to send header and ... https://api.cloudflare.com/#dns-records ... dns-record

it would be great if curl support become available


another reference: http://forum.mikrotik.com/viewtopic.php?t=108480
 
Harlong
just joined
Posts: 1
Joined: Wed Oct 19, 2016 7:30 am

Re: Feature requests

Wed Oct 19, 2016 8:12 am

In any scripts for WAN failover, there's some difference for ipv4 and ipv6. When we test some host with /ping, we should know, what protocol (4 or 6) we use. For now, the only solution is to hardcode ipv4 or ipv6 addresses into script, hostnames can not be used, because we can not control, which address will be returned from :resolve.

So, it would be great, if :resolve command will have a parameter to resolve only ipv6(AAAA), only ipv4(A), or both(ANY).
 
Kevo
Frequent Visitor
Frequent Visitor
Posts: 67
Joined: Wed Oct 12, 2011 1:38 am

Re: Feature requests

Mon Nov 07, 2016 12:13 am

Could we get a quickset mode for travel router. I'd like to have a mode that let's someone take a map lite and go to quickset and use it to log into the hotel wireless and have wireless repeater mode setup with an SSID they can log into for their devices. Ethernet could be setup with an option for local device access or hotel internet access if wired access exists in the room.

Right now there isn't really a mode that fits and it seems to require some manual config that is beyond the scope of what I would expect to train a traveling sales rep to deal with. Maybe there's a simpler method I'm overlooking. If so, someone please point it out to me.
 
Wyz4k
Member Candidate
Member Candidate
Posts: 240
Joined: Fri Jul 10, 2009 10:23 am

Re: Feature requests

Tue Nov 08, 2016 4:59 am

Feature request: Wireless scan save-file should include all info

The current implementation of interface wireless scan 0 duration=5s save-file=temp.txt does not contain all of the information that you would see if you simply did a interface wireless scan 0 duration=5s.

More info: http://forum.mikrotik.com/viewtopic.php?f=1&t=114410
 
User avatar
saaremaa
Member Candidate
Member Candidate
Posts: 162
Joined: Tue Feb 02, 2010 7:48 pm
Location: Baltijos šalių miestas

Re: Feature requests

Wed Nov 09, 2016 7:39 pm

Support Radius attribute "Delegated-IPv6-Prefix"
 
soomanyquestions
newbie
Posts: 35
Joined: Sat Aug 20, 2016 6:35 pm

Re: Feature requests

Thu Nov 10, 2016 9:39 pm

It would be useful and cool to see aggregate statistics in the Graphing tool instead of just each individual interface. It should probably be quite easy to add cause all the data is allready there.
 
User avatar
jiminneworleans
just joined
Posts: 8
Joined: Wed Dec 30, 2015 11:19 pm

Re: Feature requests

Thu Nov 10, 2016 10:58 pm

I'd like to see more buttons in general. Seriously though it would be nice to have a few simple firewall scripts one could choose upon first configuration based on common home or small office scenarios for the cloud routers. I find myself excessively concerned over imagined gaping holes in my firewall scripts.
 
User avatar
tomasi
Frequent Visitor
Frequent Visitor
Posts: 99
Joined: Fri Oct 03, 2014 6:40 pm
Location: Brazil
Contact:

Re: Feature requests

Sat Dec 03, 2016 11:14 pm

Is there any chance of a Zabbix agent .npk listening on port 10050?

:lol: :lol: :lol:
 
lavv17
Member Candidate
Member Candidate
Posts: 120
Joined: Sat Sep 01, 2007 9:01 am

Re: Feature requests

Mon Dec 12, 2016 4:59 pm

Yet another feature request:

add netwatch options to send TCP port probes (e.g. check if port 80 is open on a server for load balancing)
 
rwf
Frequent Visitor
Frequent Visitor
Posts: 54
Joined: Fri Dec 22, 2006 11:38 pm

Re: Feature requests

Fri Dec 30, 2016 2:21 am

We operate a lot of hotspots, using an external AAA/RADIUS solution.
It needs a NASID from the Mikrotik, and unfortunately Mikrotik sets this using ROuter Identity field.

The problem is that this limits us to one hotspot per router which is a huge waste of resources. We sometimes have to put 3 routers at a location to run multiple hotspots.

Can it be added that we place the NASID in the Hotspot Profile, and if it is blank it uses the router identity instead. That way it performs as it does now, but those of us who need different NASIDs can choose to do so.


What do y'all think?
 
tri
just joined
Posts: 14
Joined: Tue Sep 01, 2015 6:23 pm

Re: Feature requests

Sun Jan 15, 2017 1:38 pm

hi

I'd like to see a dummy network interface like one available in generic Linux kernel (http://www.tldp.org/LDP/nag/node72.html).

If all physical interfaces are DHCP it might simplify things to be able to assign a static addresses to an internal interface to make routing and firewall rules simpler.

Who is online

Users browsing this forum: anav, Bing [Bot], Majestic-12 [Bot], muona, simonefil, TheCat12 and 97 guests