Community discussions

MikroTik App

Search found 425 matches

  • 1
  • 2
by sid5632
Fri Oct 16, 2020 1:00 pm
Forum: Announcements
Topic: v6.48beta [testing] is released!
Replies: 128
Views: 50831

Re: v6.48beta [testing] is released!

Why don't you link to this from https://mikrotik.com/download instead of burying it away on the Wiki?
by sid5632
Tue Oct 13, 2020 1:21 am
Forum: Beginner Basics
Topic: need help with VLAN guest wireless on router and ap
Replies: 7
Views: 328

Re: need help with VLAN guest wireless on router and ap

And move the IP address that's on ether2 onto the bridge (why's it even on ether2 in the first place, which isn't mentioned in the diagram?).
And create a firewall rule on the input chain that allows access from VLAN_987654321 otherwise its DHCP server isn't going to work.
by sid5632
Fri Oct 02, 2020 2:58 pm
Forum: Beginner Basics
Topic: Cant' renew license---could not resolve DNS name error
Replies: 3
Views: 202

Re: Cant' renew license---could not resolve DNS name error

Why is it strange when you look what he's doing with the port 53 traffic? In fact the whole configuration is bizarre (to me).

And defining mikrotik.com is not a lot of use when (I think) it's licence.mikrotik.com and upgrade.mikrotik.com that are needed.
by sid5632
Mon Sep 28, 2020 1:16 pm
Forum: General
Topic: Search Domain (DHCP Option 119) not working
Replies: 5
Views: 316

Re: Search Domain (DHCP Option 119) not working

Is this a typo.:
dhcp-option=domain-search-option
when you earlier had:
name=domain-search-list
by sid5632
Sun Sep 20, 2020 7:44 pm
Forum: Beginner Basics
Topic: Configure CRS328-24P-4S+RM Initial config?
Replies: 14
Views: 628

Re: Configure CRS328-24P-4S+RM Initial config?

Ah apologies. So it should be like this? /interface bridge port add bridge=bridge1 interface=ether1 hw=yes comment=WiFi add bridge=bridge1 interface=ether2 hw=yes comment=WiFi add bridge=bridge1 interface=ether3 hw=yes comment=WiFi add bridge=bridge1 interface=ether4 hw=yes pvid=10 comment=NAS add ...
by sid5632
Tue Sep 08, 2020 5:46 pm
Forum: The Dude
Topic: Dude device bulk password change
Replies: 6
Views: 329

Re: Dude device bulk password change

The data in the database is just a big blob, and nobody knows the format (outside of MikroTik, obviously, and they aren't telling).
So the answer is no.
by sid5632
Mon Sep 07, 2020 9:59 am
Forum: General
Topic: Slow routing, fixed by reboot - how to troubleshoot?
Replies: 13
Views: 629

Re: Slow routing, fixed by reboot - how to troubleshoot?

Got a CRS125-24G-1S router
It's a switch, with some low-powered routing capability.

An obvious configuration error, change:
/ip address add address=10.0.1.1/24 interface=ether16 network=10.0.1.0
to:
/ip address add address=10.0.1.1/24 interface=bridge1 network=10.0.1.0
by sid5632
Thu Sep 03, 2020 3:29 pm
Forum: Announcements
Topic: v6.47.3 [stable] is released!
Replies: 50
Views: 9962

Re: v6.47.3 [stable] is released!

Looking forward to 6.47.4 on Monday then... :-)
by sid5632
Sun Aug 16, 2020 12:10 pm
Forum: General
Topic: RB951g-2HnD issues - strange boot sound/beep
Replies: 5
Views: 1470

Re: RB951g-2HnD issues - strange boot sound/beep

I guess there is a hardware defect in some way, which causes it to forget its config. - that's probably why it was being sold, so try returning it.
by sid5632
Fri Aug 14, 2020 9:36 pm
Forum: General
Topic: RB951g-2HnD issues - strange boot sound/beep
Replies: 5
Views: 1470

Re: RB951g-2HnD issues - strange boot sound/beep

I've definitely heard that before. I think it's the noise it makes when it's applying the default configuration i.e. when new, or after Netinstall.
by sid5632
Fri Aug 14, 2020 3:52 am
Forum: Beginner Basics
Topic: VNC with MikroTik LMT LTE18 router
Replies: 20
Views: 2912

Re: VNC with MikroTik LMT LTE18 router

This whole thread seems a bit pointless, because you really don't want to be running an unencrypted protocol with poor security open to the world in the first place.
Unless you want to get hacked or have information stolen of course...
by sid5632
Tue Aug 11, 2020 4:00 pm
Forum: Forwarding Protocols
Topic: CRS112 and IGMP snooping - problem
Replies: 5
Views: 939

Re: CRS112 and IGMP snooping - problem

IPTV arrives at CRS112 in vlan 675, then traffic is to go directly to the connected STBs without tagging.
Which interface is which?
by sid5632
Mon Aug 10, 2020 3:32 pm
Forum: Beginner Basics
Topic: Change DCHP pool
Replies: 3
Views: 819

Re: Change DCHP pool

I mean everywhere on every device.
Look at your config. export on the MikroTik.
by sid5632
Mon Aug 10, 2020 11:18 am
Forum: Beginner Basics
Topic: Change DCHP pool
Replies: 3
Views: 819

Re: Change DCHP pool

Yes.
You obviously need to change your /24 to /23 everywhere else too.
by sid5632
Mon Aug 10, 2020 11:09 am
Forum: General
Topic: "Management access configuration" from wiki with VLANs [SOLVED]
Replies: 3
Views: 839

Re: "Management access configuration" from wiki with VLANs [SOLVED]

You are running untagged on the switch-CPU link currently. There is an implicit "untagged=bridge1" on your bridge vlan statement by virtue of setting the pvid on the bridge itself. If you want to run tagged on the link, then you need to set "tagged=bridge1,ether48" on the bridge vlan statement, as w...
by sid5632
Sat Aug 08, 2020 9:02 pm
Forum: General
Topic: CRS VLAN / Management IP
Replies: 4
Views: 1312

Re: CRS VLAN / Management IP

Thanks for the reply - however this is not working. What is not working? And what does "not working" mean anyway? The reason for hardware offload is that the CRS cannot handle 1Gbps tagging/untagging without it. Indeed. Adding a VLAN to the bridge, so far as I know, will cause all hardware offloadi...
by sid5632
Sat Aug 08, 2020 1:47 pm
Forum: Beginner Basics
Topic: Migrating from x86 to CHR with hyper-v, winbox stuck at logging in
Replies: 5
Views: 1358

Re: Migrating from x86 to CHR with hyper-v, winbox stuck at logging in

Restore is only valid on the exact same device it was backed up from.
Not even the same device type is valid.
Different device type... forget it.

Configure the new one using the export from the old one as a guide.
by sid5632
Sat Aug 08, 2020 2:22 am
Forum: Beginner Basics
Topic: Migrating from x86 to CHR with hyper-v, winbox stuck at logging in
Replies: 5
Views: 1358

Re: Migrating from x86 to CHR with hyper-v, winbox stuck at logging in

If you're completely new to this, then why are you using an ancient version of Winbox (3.0rc6) and where/when did you get it?
Something doesn't quite ring true...

You didn't mention which version of CHR you're trying to use either.
by sid5632
Thu Aug 06, 2020 9:20 pm
Forum: General
Topic: SYN filtering
Replies: 5
Views: 1174

Re: SYN filtering

Look up in-interface= and out-interface= on the Wiki
Presumably you only need to protect against DoS from the incoming internet interface (whatever that is).
Then your outgoing connections to Speedtest shouldn't be affected.
by sid5632
Thu Aug 06, 2020 1:58 pm
Forum: General
Topic: Internet in a VLAN [SOLVED]
Replies: 1
Views: 492

Re: Internet in a VLAN [SOLVED]

You just set up an internet VLAN in the same way as your other VLANs. There is nothing magic about it. Do not create another bridge. It is unnecessary and you will lose hardware offload.
by sid5632
Thu Aug 06, 2020 1:49 pm
Forum: General
Topic: SYN filtering
Replies: 5
Views: 1174

Re: SYN filtering

You probably ought to add some interface matchers to those rules.
by sid5632
Thu Aug 06, 2020 10:46 am
Forum: Scripting
Topic: help getting id in python api
Replies: 3
Views: 992

Re: help getting id in python api

NatRule.get(comment='RDP')[0]["id"]
by sid5632
Thu Aug 06, 2020 10:32 am
Forum: General
Topic: CRS VLAN / Management IP
Replies: 4
Views: 1312

Re: CRS VLAN / Management IP

Delete the IP address from the bridge and add something like: /interface vlan add interface=bridge name=vlan40 vlan-id=40 /ip address add address=192.168.88.1/24 interface=vlan40 I also add the equivalent of this (presuming ether2,4,8,10,20 are trunk ports): /interface ethernet switch set drop-if-in...
by sid5632
Thu Jul 30, 2020 12:42 pm
Forum: General
Topic: Can Only Discover Neighbors from AP Interfaces
Replies: 10
Views: 1980

Re: Can Only Discover Neighbors from AP Interfaces

The first post clearly mentioned MNDP, not LLDP, so why muddy the waters with the latter?
by sid5632
Thu Jul 30, 2020 1:10 am
Forum: General
Topic: Can Only Discover Neighbors from AP Interfaces
Replies: 10
Views: 1980

Re: Can Only Discover Neighbors from AP Interfaces

A bridge should not "pass" Neighbor-Discovery packets
Says who? And why not?
by sid5632
Mon Jul 20, 2020 3:42 am
Forum: The Dude
Topic: Can Dude monitor a Win10 PC with firewall on?
Replies: 6
Views: 1429

Re: Can Dude monitor a Win10 PC with firewall on?

Monitor what?
It's difficult to monitor anything if it doesn't respond.
Usually Ping works in the same subnet.
by sid5632
Mon Jul 13, 2020 5:08 pm
Forum: General
Topic: CRS125 and VLAN on 1Gbps internet.. many questions
Replies: 13
Views: 2288

Re: CRS125 and VLAN on 1Gbps internet.. many questions

/interface ethernet switch ingress-vlan-translation add customer-vid=0 new-customer-vid=10 ports=ether2,switch1-cpu add customer-vid=0 new-customer-vid=20 ports=ether3,switch1-cpu It all looks OK. The only thing I would change is this: /interface ethernet switch ingress-vlan-translation add custome...
by sid5632
Sat Jul 11, 2020 8:31 pm
Forum: General
Topic: firefox 78.0.2 can not connect to mikrotik sites ...
Replies: 10
Views: 2341

Re: firefox 78.0.2 can not connect to mikrotik sites ...

"unable to connect" doesn't exactly convey much information.
by sid5632
Fri Jul 10, 2020 5:21 pm
Forum: Announcements
Topic: Winbox v3.24 released!
Replies: 106
Views: 57445

Re: Winbox v3.24 released!

It affects most if not all windows.
by sid5632
Sun Jun 28, 2020 4:03 am
Forum: The Dude
Topic: (BUG) Dude Client crashing on device details and charts
Replies: 22
Views: 3574

Re: (BUG) Dude Client crashing on device details and charts

I'd really like The Dude client to stop crashing, and to be able to continue using it normally, again.
Wouldn't we all...
But there's seemingly zero interest from the only people who can fix it.
by sid5632
Thu Jun 18, 2020 2:59 pm
Forum: Beginner Basics
Topic: RB1100Ahx2 (Atheros8327) tagged and untagged vlans
Replies: 8
Views: 1302

Re: RB1100Ahx2 (Atheros8327) tagged and untagged vlans

I've never looked at an 1100, but I'd have thought you'd want to change this: /interface ethernet switch port # ether1,ether2,ether3,ether4,ether5,switch2-cpu set 0 default-vlan-id=2 vlan-header=always-strip vlan-mode=fallback # error here? /interface ethernet switch vlan add independent-learning=ye...
by sid5632
Thu Jun 04, 2020 2:31 pm
Forum: General
Topic: 'New' status in RAW
Replies: 9
Views: 1296

Re: 'New' status in RAW

So you want to use connection tracking to avoid using connection tracking?
by sid5632
Wed May 27, 2020 3:00 am
Forum: General
Topic: CRS125 vlan the new way [SOLVED]
Replies: 2
Views: 663

Re: CRS125 vlan the new way [SOLVED]

Yes, but the performance will be terrible as everything goes via the weak CPU. So don't do it. Stick to the old way.
by sid5632
Tue May 05, 2020 1:58 am
Forum: General
Topic: MSTP Support on CRS1XX Switch
Replies: 1
Views: 710

Re: MSTP Support on CRS1XX Switch

When hell freezes over.
by sid5632
Mon May 04, 2020 1:44 am
Forum: The Dude
Topic: How to show Interfaces on network map
Replies: 1
Views: 1006

Re: How to show Interfaces on network map

Just create the interfaces as static objects. Then you can join them with a real link using any interface you like.
by sid5632
Sun Apr 12, 2020 3:02 am
Forum: Beginner Basics
Topic: CRS125 Routing Performance
Replies: 9
Views: 2003

Re: CRS125 Routing Performance

Wrong. Vlan switching can be handled in hardware. Vlan routing not. Ok, then you can take a look at the manual https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_Hardware_Offloading CRS1xx/CRS2xx series do not support Hardware offloading along with VLANs... Only CRS3xx series do... No, i...
by sid5632
Mon Apr 06, 2020 2:53 am
Forum: RouterBOARD hardware
Topic: HEX VLAN configuration question
Replies: 8
Views: 2446

Re: HEX VLAN configuration question

Here is my non working configuration:
Not surprising seeing as you didn't enable bridge vlan-filtering.
by sid5632
Thu Apr 02, 2020 3:29 pm
Forum: Forwarding Protocols
Topic: OSPF disabling all ports on 'state change from Full to Down'
Replies: 10
Views: 3536

Re: OSPF disabling all ports on 'state change from Full to Down'

Logs are written asynchronously
Why? That makes problems a lot harder to diagnose and you can never be sure what is a cause and what is an effect.
by sid5632
Mon Mar 23, 2020 2:37 pm
Forum: The Dude
Topic: Unwanted admin user
Replies: 3
Views: 2164

Re: Unwanted admin user

You need to change the Settings for the Discovered Network's Router object on the client.
by sid5632
Tue Mar 17, 2020 12:53 pm
Forum: Announcements
Topic: Winbox v3.22 released!
Replies: 117
Views: 50898

Re: Winbox v3.22 released!

Also the last (and most important one) line of the log is very hard to read - it almost always stay "between" lines, auto scroll doesn't always work.
Yes, I'm seeing that too. Most irritating.
by sid5632
Sun Mar 15, 2020 2:21 pm
Forum: General
Topic: VLAN help
Replies: 4
Views: 1173

Re: VLAN help

Your description and config. don't match the diagram for Wi-Fi Disc. It would be useful if you referred to VLAN10 and VLAN20 instead of VLAN1 and VLAN2. /interface bridge vlan add vlan-ids=10 tagged=bridge,ether1 add vlan-ids=20 tagged=bridge,ether1 You don't need to specify the untagged ones - they...
by sid5632
Thu Mar 12, 2020 12:17 pm
Forum: Announcements
Topic: Winbox v3.22 released!
Replies: 117
Views: 50898

Re: Winbox v3.22 released!

I'm still getting this flip-flopping of window sizes when starting winbox64.exe (on Wine under Linux Mint 19): creating Window Class routeros_null creating Window Class routeros_connect DPI=100 EMS=13 ERROR: bad bmp format id=2329 biPlanes=1, biBitCount=1, biCompression=0 ERROR: bad bmp format id=33...
by sid5632
Sun Mar 08, 2020 3:15 pm
Forum: General
Topic: Intermittent Power Cycle - RB2011
Replies: 13
Views: 3354

Re: Intermittent Power Cycle - RB2011

Read post #3 and understand it.
by sid5632
Sun Mar 08, 2020 12:42 pm
Forum: General
Topic: Intermittent Power Cycle - RB2011
Replies: 13
Views: 3354

Re: Intermittent Power Cycle - RB2011

He never got the chirping sound. Read carefully.
by sid5632
Wed Feb 26, 2020 3:06 am
Forum: RouterBOARD hardware
Topic: multigigabit desktop router
Replies: 113
Views: 21732

Re: multigigabit desktop router

vortex,

IIMHO i's time to stop increasing your post counter.
That's anav and vortex in the kill file then. Perhaps it's the same person.
by sid5632
Tue Feb 25, 2020 7:30 pm
Forum: General
Topic: Dstnat with IP address rewrite [SOLVED]
Replies: 1
Views: 1911

Re: Dstnat with IP address rewrite [SOLVED]

Add something like this as well:
add action=masquerade chain=srcnat dst-address=192.168.0.2 dst-port=22,80,161,443 protocol=tcp src-address-list=OnlyFromHere
by sid5632
Sat Feb 22, 2020 3:01 pm
Forum: General
Topic: interface is slave
Replies: 2
Views: 1164

Re: interface is slave

Is your ? key stuck?

Put the server on the bridge or take the port out of the bridge.
by sid5632
Thu Feb 06, 2020 5:46 pm
Forum: Announcements
Topic: Winbox v3.21 released!
Replies: 55
Views: 18239

Re: Winbox v3.21 released!

Actually, now I tried it multiple times, it alternates between DPI=100 mode and DPI=120 mode.
It doesn't matter whether "wine" or "wine64" is used.
Also, it shrinks the window every time (relative to the previous time it picked the same DPI mode). This is quite irritating.
by sid5632
Thu Feb 06, 2020 5:38 pm
Forum: Announcements
Topic: Winbox v3.21 released!
Replies: 55
Views: 18239

Re: Winbox v3.21 released!

I found "wine winbox64.exe" produced this to standard output: creating Window Class routeros_null creating Window Class routeros_connect DPI=100 EMS=13 ERROR: bad bmp format id=2329 biPlanes=1, biBitCount=1, biCompression=0 ERROR: bad bmp format id=3329 biPlanes=1, biBitCount=1, biCompression=0 crea...
by sid5632
Mon Feb 03, 2020 3:05 am
Forum: The Dude
Topic: The client is frozen [SOLVED]
Replies: 3
Views: 6560

Re: The client is frozen [SOLVED]

It's an off-by-one type bug in the Dude which seems to cause it to attempt to poll 4.29G services (4.29G being -1 as a unsigned number). It's been reported many times but MikroTik do nothing about it (nor about any other bugs in the Dude). You can temporarily cure it by deleting the device and then ...
by sid5632
Sun Jan 26, 2020 6:23 pm
Forum: Beginner Basics
Topic: vlan tagging between router and switch not working [SOLVED]
Replies: 8
Views: 2541

Re: vlan tagging between router and switch not working [SOLVED]

You need to add switch1-cpu to the VLAN table:

/interface bridge vlan add bridge=bridge1 tagged=bridge1,ether5,switch1-cpu vlan-ids=100


Ugh, confused myself by mixing switch chip and bridge config. (and I don't have a 4011!).
Switch VLAN table is non-functional anyway on these devices.
by sid5632
Thu Jan 23, 2020 7:32 pm
Forum: General
Topic: After few minutes PPPOE Client downstream speed cut in half
Replies: 3
Views: 731

Re: After few minutes PPPOE Client downstream speed cut in half

Are you sure you aren't just being hammered by unsolicited traffic causing things like DNS amplification attacks?
Your firewall protection is non-existent.
I would suggest you start from scratch with the default configuration and customise (with sanity checks) from there.
by sid5632
Thu Jan 23, 2020 12:29 am
Forum: General
Topic: My public IP is getting raped by port scanners - is that normal?
Replies: 24
Views: 4000

Re: My public IP is getting raped by port scanners - is that normal?

restart your router to get new IP Did he say he was on a dynamic address? No. So it's not the most sensible suggestion. Did he say he is on static? So you can take you comment and shove it He didn't, but has now, so that makes you look like a complete jerk doesn't it? A rude, ignorant jerk, who mak...
by sid5632
Thu Jan 23, 2020 12:00 am
Forum: Beginner Basics
Topic: Wireless Wire Connectivity issues from device itself
Replies: 5
Views: 1757

Re: Wireless Wire Connectivity issues from device itself

sorry no idea
So why exactly did you reply to this particular 20 day old thread to add that gem of uselessness?
At least you didn't post any spam links this time.
by sid5632
Wed Jan 22, 2020 2:23 am
Forum: General
Topic: My public IP is getting raped by port scanners - is that normal?
Replies: 24
Views: 4000

Re: My public IP is getting raped by port scanners - is that normal?

restart your router to get new IP
Did he say he was on a dynamic address?
No. So it's not the most sensible suggestion.
by sid5632
Thu Jan 16, 2020 12:21 am
Forum: RouterOS v7 BETA
Topic: CHR 7.0 beta4 vrrp kernel panic
Replies: 6
Views: 2695

Re: CHR 7.0 beta4 vrrp kernel panic

Because that's what it says here:
https://forum.mikrotik.com/viewtopic.php?f=1&t=152006

Send them an email referencing this thread. Not hard is it?
by sid5632
Mon Jan 13, 2020 5:17 pm
Forum: RouterOS v7 BETA
Topic: CHR 7.0 beta4 vrrp kernel panic
Replies: 6
Views: 2695

Re: CHR 7.0 beta4 vrrp kernel panic

Anyway, other boxes with 6.46 does not crash with mask /24 on vrrp interface
Agreed, but you need to report it to MikroTik support.
by sid5632
Sun Jan 12, 2020 5:24 pm
Forum: RouterOS v7 BETA
Topic: CHR 7.0 beta4 vrrp kernel panic
Replies: 6
Views: 2695

Re: CHR 7.0 beta4 vrrp kernel panic

Address on VRRP interface should be a /32 not a /24.
by sid5632
Sat Jan 11, 2020 6:51 pm
Forum: The Dude
Topic: service monitor of cpu is always down
Replies: 2
Views: 2653

Re: service monitor of cpu is always down

Deleted
by sid5632
Sat Jan 11, 2020 6:33 pm
Forum: General
Topic: VLANs setup (the new way)
Replies: 21
Views: 4879

Re: VLANs setup (the new way)

I would actually discourage setting "untagged=etherx" for any /interface bridge vlan - leave it unset, and set the correct PVID for the etherx port in /interface bridge port and that etherx port will also be added dynamically as an untagged port for that /interface bridge vlan without you needing t...
by sid5632
Sat Jan 11, 2020 6:29 pm
Forum: Scripting
Topic: find enable and disable ppp secret
Replies: 2
Views: 1808

Re: find enable and disable ppp secret

I don't quite understand, due to your poor English, but assume it to be this:
/ppp secret set caller-id=ACTIVE [find disabled=no]
by sid5632
Thu Jan 09, 2020 5:23 pm
Forum: General
Topic: ipsec established, but gre tunnel not
Replies: 6
Views: 1065

Re: ipsec established, but gre tunnel not

Why don't you just provide a config. export of both ends instead of whining?
What do you expect anybody to do without this BASIC information?
by sid5632
Wed Jan 08, 2020 9:51 pm
Forum: General
Topic: Bring Tapatalk back
Replies: 32
Views: 4359

Re: Bring Tapatalk back

BTW, not only that relative time format is ugly and non-informative, it also doesn't work on some browser/OS combinations. Yes, it's driving me mad. On my browser it display the timestamp properly and then a fraction of a second later it changes to this hideous, meaningless, dumbed-down relative fo...
by sid5632
Wed Jan 08, 2020 1:21 am
Forum: RouterBOARD hardware
Topic: How Does the CRS328-24P-4S+RM Perform as a Router?
Replies: 8
Views: 3747

Re: How Does the CRS328-24P-4S+RM Perform as a Router?

It is a switch, so yes you can use it as such.
by sid5632
Mon Dec 30, 2019 12:27 pm
Forum: Forwarding Protocols
Topic: OSPF PTP link showing 0 Neighbors
Replies: 4
Views: 2108

Re: OSPF PTP link showing 0 Neighbors

is there anything from the attached screenshots I'm doing wrong.
Yes, posting stupid screenshots instead of config. exports.
by sid5632
Fri Dec 20, 2019 12:11 pm
Forum: General
Topic: Winbox +CRS326 - "unknown" port name in switch host table
Replies: 5
Views: 1525

Re: Winbox +CRS326 - "unknown" port name in switch host table

It's a bit intermittent (sometimes it shows the correct names, sometimes it doesn't), but I managed to reproduce it: eth-unknown.png /interface ethernet switch port print Flags: I - invalid # NAME SWITCH VLAN-MODE VLAN-HEADER DEFAULT-VLAN-ID 0 ether1-wan switch1 secure always-strip 10 1 ether2 switc...
by sid5632
Tue Dec 17, 2019 9:02 pm
Forum: General
Topic: Winbox +CRS326 - "unknown" port name in switch host table
Replies: 5
Views: 1525

Re: Winbox +CRS326 - "unknown" port name in switch host table

I've just had an instance of something similar... This was on a 951G-2HnD running 6.44.6 (long-term) and Winbox 3.20. The VLAN tab showed "unknown" for all the ports apart from switch1-cpu. When I attempted to Copy an entry (vlan 12 to vlan 13) it got the port wrong, as this export shows: /interface...
by sid5632
Fri Dec 13, 2019 6:10 pm
Forum: Wireless Networking
Topic: Bridge Loopbacks bridge mode ( NONE : STP : RSTP : MSTP) ?
Replies: 1
Views: 1648

Re: Bridge Loopbacks bridge mode ( NONE : STP : RSTP : MSTP) ?

I use NONE, but it probably makes no practical difference as the bridge isn't connected to anything.
by sid5632
Thu Dec 12, 2019 11:24 am
Forum: Beginner Basics
Topic: CRS1xx/2xx suuuuuuuuuuuuucks. Help with configuring VLANs?
Replies: 4
Views: 1588

Re: CRS1xx/2xx suuuuuuuuuuuuucks. Help with configuring VLANs?

This is what I ended up with when I knew a lot less about the 125 and RouterOS in general: /interface bridge add name=bridge /interface bridge port add bridge=bridge interface=ether1 /interface bridge port add bridge=bridge interface=ether2 /interface bridge port add bridge=bridge interface=ether3 /...
by sid5632
Sat Dec 07, 2019 10:24 pm
Forum: Beginner Basics
Topic: Fallen at the first hurdle!
Replies: 9
Views: 1582

Re: Fallen at the first hurdle!

It's fairly obvious what the problem was:
/interface bridge port add bridge=bridge comment=defconf interface=ether2
/ip address add address=192.168.1.1/24 comment=defconf interface=ether2 network=192.168.1.0

If you can't work it out then you need to do some more reading,..
And don't use Quick Set!
by sid5632
Sat Dec 07, 2019 5:57 pm
Forum: Beginner Basics
Topic: Connecting to an existing WLAN (Wireless bridge?)
Replies: 8
Views: 1186

Re: Connecting to an existing WLAN (Wireless bridge?)

1. Because the bridge's MAC address will default to that of ether2, it being the first port therein.
by sid5632
Fri Dec 06, 2019 5:42 pm
Forum: Scripting
Topic: Replace value in specific item [SOLVED]
Replies: 2
Views: 3261

Re: Replace value in specific item [SOLVED]

I haven't specifically tested it, but something like this ought to work:

/system logging action set remote=192.168.0.254 [find remote=192.168.1.253]
by sid5632
Fri Nov 08, 2019 3:42 am
Forum: General
Topic: All interfaces go down for 3 seconds
Replies: 7
Views: 1742

Re: All interfaces go down for 3 seconds

I discovered this week that if I plug a MikroTik S-RJ01 copper SFP into a CRS125, then all the ports go down for 3 seconds. Same happens when I take it out again.
It doesn't do it on a CCR, so I wonder if it's something switch chip related.
by sid5632
Thu Oct 17, 2019 2:01 pm
Forum: General
Topic: Maximum number of interface in Bridge - VLAN
Replies: 3
Views: 726

Re: Maximum number of interface in Bridge - VLAN

I think that's just another one of those really stupid Winbox limitations where once you hit the maximum height of the window/display you're stuffed.
Why they can't make these dialogs scrollable is beyond me.
It'll work just fine using the command line, as you say, or use Webfig to do this.
by sid5632
Sat Oct 12, 2019 10:52 pm
Forum: Beginner Basics
Topic: CRS309-1G-8S+IN RouterOS functionality
Replies: 4
Views: 806

Re: CRS309-1G-8S+IN RouterOS functionality

No. A switch is not a router. Performance would be very poor.
by sid5632
Wed Oct 09, 2019 8:21 pm
Forum: General
Topic: Mikrotik RB951Ui-2HnD Switch VLAN
Replies: 1
Views: 931

Re: Mikrotik RB951Ui-2HnD Switch VLAN

/interface ethernet switch vlan add ports=switch1-cpu,ether2,ether3,ether4,ether5 switch=switch1 vlan-id=50 /interface ethernet switch port set 1 vlan-mode=secure /interface ethernet switch port set 2 default-vlan-id=50 vlan-header=always-strip vlan-mode=secure /interface ethernet switch port set 3 ...
by sid5632
Fri Aug 23, 2019 7:37 pm
Forum: SwOS
Topic: Failover capabilities with unmanaged switches involved [SOLVED]
Replies: 11
Views: 5054

Re: Failover capabilities with unmanaged switches involved [SOLVED]

unmananged switches don't participate in lldp, as said before they don't even have own mac When you state that, I'm not so sure if you know what is going on... I'm not sure you do either... Even unmanaged switches do drop some traffic and LLDP for sure is one of them! That is a sweeping generalisat...
by sid5632
Mon Aug 19, 2019 3:53 pm
Forum: RouterBOARD hardware
Topic: RB951Ui and RB750R2 not able to netinstall
Replies: 2
Views: 1237

Re: RB951Ui and RB750R2 not able to netinstall

but no luck at all.
That doesn't convey any useful information. Where are you getting the firmware upgrade package from? Direct download, or upload to device from some previous download?
What does the log say when you reboot?
by sid5632
Mon Aug 19, 2019 10:44 am
Forum: General
Topic: Routerboards on DHCP leases [SOLVED]
Replies: 2
Views: 889

Re: Routerboards on DHCP leases [SOLVED]

Turn off all that detect-internet stuff.
by sid5632
Sat Aug 03, 2019 1:46 pm
Forum: General
Topic: NAT-T flag missing in 6.45.3
Replies: 7
Views: 1440

Re: NAT-T flag missing in 6.45.3

I'm not using NAT Traversal. Active-peers doesn't exist the same way in 6.44 due to all the changes between 6.44 and 6.45.
by sid5632
Sat Aug 03, 2019 12:47 pm
Forum: General
Topic: NAT-T flag missing in 6.45.3
Replies: 7
Views: 1440

Re: NAT-T flag missing in 6.45.3

I was just confirming that I don't get the black hole in either direction with 6.44.5
1423 does generate "packet too large".
by sid5632
Sat Aug 03, 2019 12:29 pm
Forum: Beginner Basics
Topic: Access DSL modem in "bridge mode" behind Mikrotik [SOLVED]
Replies: 12
Views: 2715

Re: Access DSL modem in "bridge mode" behind Mikrotik [SOLVED]

But no success. No Access to the modem...
You haven't said where you're testing FROM, and WHAT test you are performing.
by sid5632
Sat Aug 03, 2019 12:20 pm
Forum: General
Topic: NAT-T flag missing in 6.45.3
Replies: 7
Views: 1440

Re: NAT-T flag missing in 6.45.3

The blackhole is making TCP connections impossible unless I trim the MTU in the initiator side. I'd say that this was not happening pre-6.45, but it is hard to remember if I tried to do tcp connections using IPsec this way while running previous releases. I have an IPSec link between two devices on...
by sid5632
Fri Aug 02, 2019 3:50 am
Forum: RouterBOARD hardware
Topic: 1100x4 unexpected downgrade
Replies: 4
Views: 1350

Re: 1100x4 unexpected downgrade

Did it ever happen to anyone that, following power issues, an 1100x4 gets downgraded to an older RouterOS version (and sometimes even to an older config)? I've seen it on several devices in several locations, and I've only seen it on 1100x4s I had that on a 951G when I pulled the power out half way...
by sid5632
Tue Jul 30, 2019 1:43 am
Forum: The Dude
Topic: One Device - Multiple Network Maps?
Replies: 1
Views: 1921

Re: One Device - Multiple Network Maps?

Is it possible for a Device to be member of multiple Network maps?
No.
I don't want to have one device added twice and then just to assign each to different map.
Don't do that either. It causes all sorts of weird crashy type problems.
by sid5632
Sun Jul 28, 2019 2:37 pm
Forum: Beginner Basics
Topic: Vlan config and bridging
Replies: 3
Views: 979

Re: Vlan config and bridging

Where have I gone wrong.
In not providing a configuration export.
by sid5632
Fri Jul 26, 2019 10:51 pm
Forum: The Dude
Topic: Unable to install dude server
Replies: 13
Views: 4757

Re: Unable to install dude server

Go to users under sytem and check the permission of the full group. Admin should be a member of the full group
It's kinda irrelevant when you can't get a TCP connection, doncha think?
Did you not see the 10061 error?
by sid5632
Wed Jul 24, 2019 1:46 am
Forum: Announcements
Topic: v6.45.2 [stable] is released!
Replies: 206
Views: 52475

Re: v6.45.2 [stable] is released!

On 16M flash devices upgrade happens in RAM, so that should be fine. Should be, but it isn't. But you may occasionally need to reboot your device right before the upgrade to free some RAM. Occasionally? It's every time and even then it doesn't work. Also switching from bundle to individual packages...
by sid5632
Sun Jul 21, 2019 12:32 pm
Forum: Announcements
Topic: v6.45.2 [stable] is released!
Replies: 206
Views: 52475

Re: v6.45.2 [stable] is released!

Did you not read the error log which should have told you about the dependency of one of the other packages on the dhcp package?
by sid5632
Fri Jul 12, 2019 12:41 am
Forum: SwOS
Topic: three new CSS326 on existing network
Replies: 6
Views: 2473

Re: three new CSS326 on existing network

I don't see any problem with chain of switches, specially not in context presented by OP.
Apart from the multiple single points of failure?
by sid5632
Thu Jul 11, 2019 12:26 pm
Forum: SwOS
Topic: three new CSS326 on existing network
Replies: 6
Views: 2473

Re: three new CSS326 on existing network

i understand that , if no router is seen the switches autoconfigure their config console to 192.168.88.1 You understand wrongly. even then : if all three power up there will be a network conflict as there will be more than one device at 192.168.88.1 There won't. So how do i avoid these problems. ? ...
by sid5632
Wed Jul 10, 2019 11:06 pm
Forum: General
Topic: Very high sector writes
Replies: 26
Views: 3258

Re: Very high sector writes

It was only a guess based on almost zero information.
You will only find out if it's cured by Netinstalling it.
by sid5632
Wed Jul 10, 2019 9:45 pm
Forum: The Dude
Topic: Devices Showing Offline After Upgrade to 6.44.5
Replies: 8
Views: 2891

Re: Devices Showing Offline After Upgrade to 6.44.5

That's not something I ever use, but I tried on one of my routers, and it comes up OK.
by sid5632
Wed Jul 10, 2019 9:24 pm
Forum: The Dude
Topic: Devices Showing Offline After Upgrade to 6.44.5
Replies: 8
Views: 2891

Re: Devices Showing Offline After Upgrade to 6.44.5

Mine's working OK.
What Service or Services, specifically, are you using?
by sid5632
Mon Jul 08, 2019 10:20 pm
Forum: Announcements
Topic: v6.45.1 [stable] is released!
Replies: 416
Views: 125321

Re: v6.45.1 [stable] is released!

You can't see what's taking the space.
Netinstall it and use the unbundled packages (just the ones you need, not all of them).
by sid5632
Mon Jul 08, 2019 7:08 pm
Forum: General
Topic: Very high sector writes
Replies: 26
Views: 3258

Re: Very high sector writes

Yes, hacked.
by sid5632
Sun Jul 07, 2019 9:10 pm
Forum: General
Topic: Very high sector writes
Replies: 26
Views: 3258

Re: Very high sector writes

Netinstall it then. I expect it's been compromised.
by sid5632
Sun Jul 07, 2019 8:58 pm
Forum: General
Topic: VLAN offload issue on Atheros 8227
Replies: 2
Views: 599

Re: VLAN offload issue on Atheros 8227

This works OK on my 941: /interface ethernet switch vlan add ports=switch1-cpu,ether1,ether2,ether4 switch=switch1 add ports=switch1-cpu,ether3 switch=switch1 vlan-id=12 /interface ethernet switch port set 0 vlan-header=always-strip vlan-mode=secure set 1 vlan-header=always-strip vlan-mode=secure se...
by sid5632
Sat Jul 06, 2019 12:37 pm
Forum: General
Topic: Winbox 3.19 does not see Neighbors
Replies: 4
Views: 997

Re: Winbox 3.19 does not see Neighbors

Mine works just as it did before.
by sid5632
Wed Jul 03, 2019 1:29 am
Forum: Scripting
Topic: Script to disable Wlan when no user are logged on
Replies: 8
Views: 2263

Re: Script to disable Wlan when no user are logged on

All it does is make your life more difficult by having to keep turning it back on
No, no, no. The WLAN will automatically turn on as soon as someone connects to it. It's so obvious.
by sid5632
Sun Jun 30, 2019 2:43 am
Forum: General
Topic: Forum reliability
Replies: 18
Views: 3506

Re: Forum reliability

It could be related to our email server, which is having issues. The forum is trying to send notification emails to people who subscribed to a certain topic, so some delays happen. But emails should be queued and sent asynchronously. Trying to do it synchronously just ends up jamming up the forum w...
by sid5632
Wed Jun 26, 2019 2:02 am
Forum: Beginner Basics
Topic: WInBox Shuts down whenever I click on Quickset
Replies: 4
Views: 791

Re: WInBox Shuts down whenever I click on Quickset

Whenever I login to winbox and click on Quickset the software shutsdown.
I need to access quickset to enable me configure my router for internet access.
You may wish to delete some (or all) of the junk that gets stored in the %appdata%\mikrotik\winbox folder.
by sid5632
Sat Jun 15, 2019 3:13 am
Forum: The Dude
Topic: Dude Client - Slow to open device settings
Replies: 5
Views: 3091

Re: Dude Client - Slow to open device settings

Vacuuming DB does not help I never understand why people think it would. All vacuuming does is shrink the unused areas of the database to minimise the file size. It doesn't change any of the actual data. Is there any solution yet? Does Mikrotik still update/develop on The dude? No and not currently...
by sid5632
Wed Jun 12, 2019 1:46 am
Forum: Scripting
Topic: Script to disable Wlan when no user are logged on
Replies: 8
Views: 2263

Re: Script to disable Wlan when no user are logged on

Are you going to enable the WLAN as soon as somebody logs on as well then?
by sid5632
Mon Jun 10, 2019 11:35 am
Forum: Beginner Basics
Topic: CPU % while using RB750Gr3 as vlan enabled switch
Replies: 2
Views: 707

Re: CPU % while using RB750Gr3 as vlan enabled switch

The RB750Gr3 doesn't have a VLAN table in the switch chip anyway, so you can't implement VLANs properly except on the bridge.
50 Mbps is hardly a strenuous test. Try switching 1Gbps on the bridge and see what the CPU figures are...
by sid5632
Sat Jun 08, 2019 11:10 pm
Forum: General
Topic: Some wrong with the forum or my post?
Replies: 3
Views: 757

Re: Some wrong with the forum or my post?

Works OK for me.
Posts #5 and #7 have links to the site you mention.
by sid5632
Sun Jun 02, 2019 3:01 am
Forum: Virtualization
Topic: CHR: Duplicate default-name on interfaces
Replies: 1
Views: 2063

Re: CHR: Duplicate default-name on interfaces

You didn't even say which version you are running...
by sid5632
Thu May 30, 2019 3:52 pm
Forum: Wireless Networking
Topic: Which mode do I need?
Replies: 15
Views: 3793

Re: Which mode do I need?

If I read it right, he wants it to be a station to some other access point, not be an access point itself (which is what I presume HomeAP actually does - again I haven't tried it).
by sid5632
Thu May 30, 2019 12:26 pm
Forum: The Dude
Topic: Dude Client - Slow to open device settings
Replies: 5
Views: 3091

Re: Dude Client - Slow to open device settings

One of Dude's many problems is that it gets confused sometimes and ends up with an "off by 1" error. This is a problem when 0 suddenly becomes -1, and -1 represented as an unsigned number is roughly 4.3 billion. So it tries doing whatever it's trying to do with 4.3 billion items of whatever informat...
by sid5632
Thu May 30, 2019 12:21 pm
Forum: Wireless Networking
Topic: Which mode do I need?
Replies: 15
Views: 3793

Re: Which mode do I need?

Mostly not. Just us users. Documentation for Quickset is here: https://wiki.mikrotik.com/wiki/Manual:Quickset It's terrible though, and doesn't tell you much. Most people don't bother with Quickset, because it usually makes a complete mess. But if you want to persist, then CPE would appear to be the...
by sid5632
Thu May 30, 2019 10:04 am
Forum: General
Topic: Simple config but Internet not working.
Replies: 8
Views: 1084

Re: Simple config but Internet not working.

Just do this:
/ip address add address=208.83.199.242/30 interface=ether13WAN

Ignore netmask and network. You've already specified it as part of the address.

You need to fix your firewall as well, before connecting this thing to the big wide world.
by sid5632
Mon May 27, 2019 1:38 pm
Forum: Scripting
Topic: Call a webhook on dhcp allocation
Replies: 4
Views: 1113

Re: Call a webhook on dhcp allocation

Doesn't seem too difficult. All the information about DHCP lease-scripting is here: https://wiki.mikrotik.com/wiki/Manual:IP/DHCP_Server
You just need to write/test it using a "tool fetch" command.
by sid5632
Wed May 22, 2019 8:38 am
Forum: RouterBOARD hardware
Topic: RBLHGG-60adkit fell from a height of 10 meters
Replies: 3
Views: 1043

Re: RBLHGG-60adkit fell from a height of 10 meters

fell from a height of 10 meters to the ground and never broke
Yes it did.
What is the problem
It's broken.
and what is the solution ?????
Buy a new one.
by sid5632
Wed May 08, 2019 8:58 pm
Forum: Scripting
Topic: need script to enable Fast Forward on all bridges
Replies: 2
Views: 1072

Re: need script to enable Fast Forward on all bridges

/interface bridge set fast-forward=yes [find]
by sid5632
Thu May 02, 2019 10:23 am
Forum: General
Topic: CRS112-8P-4S-IN cannot block MAC Winbox
Replies: 5
Views: 906

Re: CRS112-8P-4S-IN cannot block MAC Winbox

Your IP address should be on the bridge, not on ether2.
You didn't even specify what version of RouterOS you're running.
What response do you expect?
by sid5632
Thu May 02, 2019 3:13 am
Forum: The Dude
Topic: dude server api
Replies: 1
Views: 2155

Re: dude server api

No. MikroTik never finished the interface. They haven't said why they can't make any development progress, but there hasn't been any for at least a couple of years.
It's all rather pathetic.
by sid5632
Tue Apr 30, 2019 10:22 am
Forum: Scripting
Topic: [newbie] How to get a script to run automatically
Replies: 3
Views: 790

Re: [newbie] How to get a script to run automatically

On the DHCP server's settings dialog, you need to run the script in the "Lease Script" box.
e.g.
/system script run "myScriptName"
by sid5632
Sun Apr 28, 2019 2:46 pm
Forum: General
Topic: mikrotik power on hours
Replies: 6
Views: 1053

Re: mikrotik power on hours

SNMP
by sid5632
Fri Apr 26, 2019 10:34 am
Forum: Beginner Basics
Topic: Router hAP ac2 on stick (VLANs) [SOLVED]
Replies: 12
Views: 1516

Re: Router hAP ac2 on stick (VLANs) [SOLVED]

On the Zyxel, you would seem to need to set the PVID parameter on ports 3,5,15,16 to 10 or 20 as appropriate. I would change port 1 as well to only allow tagged frames, eventually, after you've got it working. (Your diagram is wrong too - the line pointing to port 5 actually seems to point to port 6...
by sid5632
Tue Apr 23, 2019 2:35 am
Forum: Beginner Basics
Topic: 0.0.0.253 ip
Replies: 10
Views: 1538

Re: 0.0.0.253 ip

This tesme33 person is an ignorant idiot. There were obvious configuration errors in the export provided, which is why I said to fix them.
Just ignore post #6 and anything else he posts.
by sid5632
Sat Apr 20, 2019 11:25 pm
Forum: Beginner Basics
Topic: 0.0.0.253 ip
Replies: 10
Views: 1538

Re: 0.0.0.253 ip

Ignore post #4.
Remove sfp1 from bridge.
Put IP address on bridge instead of ether1.
by sid5632
Sun Apr 14, 2019 12:03 pm
Forum: Beginner Basics
Topic: Virtual Environment for Testing/Training
Replies: 1
Views: 585

Re: Virtual Environment for Testing/Training

You can run CHRs under GNS3.
by sid5632
Wed Apr 10, 2019 2:03 am
Forum: The Dude
Topic: Dude Installation instructions don't work
Replies: 6
Views: 2935

Re: Dude Installation instructions don't work

Strewth. I think I said most of that in post #4, somewhat more concisely!
And he still never answered the question. It's the usual story...
by sid5632
Tue Apr 09, 2019 3:51 am
Forum: The Dude
Topic: Dude Installation instructions don't work
Replies: 6
Views: 2935

Re: Dude Installation instructions don't work

it did upload the file
What file?
You cannot run Dude on an RB750. You can on an RB750Gr3.
by sid5632
Wed Apr 03, 2019 1:45 am
Forum: The Dude
Topic: Programmatically adjust devices?
Replies: 8
Views: 2808

Re: Programmatically adjust devices?

No. The interface has never been finished. It's pretty poor really.
by sid5632
Tue Apr 02, 2019 10:30 pm
Forum: General
Topic: Mikrotik not load from connected COM cable to UPS
Replies: 6
Views: 1162

Re: Mikrotik not load from connected COM cable to UPS

Are you using the correct cable? APC UPSs do not have a standard pin-out and you cannot just use any old cable without weird things such as this happening.
by sid5632
Tue Mar 26, 2019 1:39 am
Forum: Scripting
Topic: Basic scripts not working on 6.44.1 (work in 6.43.13)
Replies: 6
Views: 1532

Re: Basic scripts not working on 6.44.1 (work in 6.43.13)

set 0 and set 2 have been working fine since 3.x days. As long as the interface # listed on PRINT doesn't change I'm able to use it without issue on 6.43.13 in a script or under terminal mode
Why did you bother asking if you knew what the answer was better than anyone else then?
by sid5632
Sat Mar 23, 2019 5:02 pm
Forum: Beginner Basics
Topic: RB951G doesn't have gigabit ethernet all the time
Replies: 9
Views: 1850

Re: RB951G doesn't have gigabit ethernet all the time

The IP address that is on ether2 should be on the bridge, seeing as ether2 is a slave port.
by sid5632
Sat Mar 23, 2019 3:33 am
Forum: Scripting
Topic: Basic scripts not working on 6.44.1 (work in 6.43.13)
Replies: 6
Views: 1532

Re: Basic scripts not working on 6.44.1 (work in 6.43.13)

You can't use "set 0" and "set 2" and such like in scripts.
You have to do it using "find", as on the wireless bit.
by sid5632
Thu Mar 14, 2019 11:16 am
Forum: Wireless Networking
Topic: Wisp Insurance
Replies: 7
Views: 963

Re: Wisp Insurance

It would be helpful to know where you are.
I expect he's in the USA. Because there isn't anywhere else, is there?
by sid5632
Thu Mar 07, 2019 10:14 pm
Forum: General
Topic: hap lite, not enough disk space.
Replies: 12
Views: 13450

Re: hap lite, not enough disk space.

As I said on some other thread about exactly the same problem, I had to NetInstall it using the Extra packages - that allows you to remove the ones you don't want, so that upgrades will succeed next time.
I Netinstalled 6.43.12 a couple of weeks ago and I upgraded to 6.44 without problems.
by sid5632
Thu Feb 28, 2019 10:43 pm
Forum: General
Topic: hap Mini
Replies: 10
Views: 1764

Re: hap Mini

I have a hAP Lite (amongst others) and it complained there was 7.2MiB free and it required 7.2MiB of space to do the upgrade. It failed to download. There is no /flash on these units. Nor were there any files on it at all. I had NO choice but to NetInstall it (this was going from 6.43.8 to 6.43.12 a...
by sid5632
Tue Feb 26, 2019 4:07 am
Forum: Forwarding Protocols
Topic: MPLS/VPLS ECMP
Replies: 9
Views: 3065

Re: MPLS/VPLS ECMP

Let's see the config. then.
Are you sure the problem isn't at the other end of the link?
by sid5632
Mon Feb 25, 2019 1:28 pm
Forum: Forwarding Protocols
Topic: MPLS/VPLS ECMP
Replies: 9
Views: 3065

Re: MPLS/VPLS ECMP

You have the same MAC address on both interfaces.
It is probably not a good idea to use Winbox's Copy facility for this, which is what I assume you did to end up with it like that.
by sid5632
Mon Feb 25, 2019 10:51 am
Forum: Announcements
Topic: v6.44rc [testing] is released!
Replies: 67
Views: 20864

Re: v6.44rc [testing] is released!

!) ipsec - added new "identity" menu with common peer distinguishers; !) ipsec - removed "users" menu, XAuth user configuration is now handled by "identity" menu; The Settings button, which used to be on the "Users" tab, has now been moved to the "Keys" tab. This seems a very strange place to put i...
by sid5632
Sat Feb 23, 2019 11:14 am
Forum: General
Topic: CRS328-24P-4S+RM - health command will not work
Replies: 2
Views: 504

Re: CRS328-24P-4S+RM - health command will not work

Where do you think you are GETting this value to?
Have you read the script language manual?
If you want to display a value you need to use the :put command

:put [/system health get cpu-temperature]
by sid5632
Sat Feb 23, 2019 3:51 am
Forum: The Dude
Topic: DUDE LOSING SETTINGS
Replies: 2
Views: 2293

Re: DUDE LOSING SETTINGS

Don't store the database in volatile memory.
by sid5632
Mon Feb 11, 2019 5:33 pm
Forum: Beginner Basics
Topic: Wrong IP Leased for a bridged interfaces
Replies: 2
Views: 658

Re: Wrong IP Leased for a bridged interfaces

You didn't say which IP address pool you gave to the DHCP server.
Therein lies your answer.
by sid5632
Mon Feb 11, 2019 12:24 pm
Forum: General
Topic: crs125-24g strange problem...
Replies: 3
Views: 760

Re: crs125-24g strange problem...

Unless you provide the config., we will never know, will we?

It's pointless asking questions like this without providing any details. When will people learn?
by sid5632
Sun Feb 10, 2019 11:18 am
Forum: General
Topic: High CPU Load with broadcast traffic
Replies: 8
Views: 1640

Re: High CPU Load with broadcast traffic

How is anyone supposed to know unless you provide the configurations of both switches?
by sid5632
Sun Feb 10, 2019 11:16 am
Forum: General
Topic: crs125-24g strange problem...
Replies: 3
Views: 760

Re: crs125-24g strange problem...

Your configuration is wrong.
by sid5632
Fri Feb 08, 2019 4:10 pm
Forum: General
Topic: VLAN not working with new 6.41 [SOLVED]
Replies: 7
Views: 2754

Re: VLAN not working with new 6.41 [SOLVED]

Is this advice still valid? I mean, to remove the vlan tagging done by the switch CPU on a CRS125 and add vlan tagging using the Bridge?! I ask this because the MT wiki says specifically otherwise ?! Follow MikroTik's advice and do NOT do Vlan filtering on the Bridge unless you have a CRS-3xx. Do i...
by sid5632
Sat Feb 02, 2019 11:55 am
Forum: General
Topic: firewall [SOLVED]
Replies: 7
Views: 1214

Re: firewall [SOLVED]

Use dst-port instead of src-port and change forward to input.
by sid5632
Mon Jan 21, 2019 1:13 pm
Forum: General
Topic: /ip neighbor discovery-settings
Replies: 2
Views: 902

Re: /ip neighbor discovery-settings

It's a long-standing bug. It's still there in the latest beta 6.44beta61. Report it to Mikrotik support - point them to this thread. They might deign to fix it one of these years. It doesn't affect "export verbose" though: [admin@MikroTik] /ip neighbor discovery-settings> print discover-interface-li...
by sid5632
Fri Jan 18, 2019 3:06 pm
Forum: The Dude
Topic: The Dude server on CRS109-8G-1S-2HnD-IN
Replies: 1
Views: 2209

Re: The Dude server on CRS109-8G-1S-2HnD-IN

MMIPS is not MIBSPE is it?
It won't work.
by sid5632
Fri Jan 18, 2019 2:51 pm
Forum: Beginner Basics
Topic: How to shut down Router before Power Off?
Replies: 19
Views: 10408

Re: How to shut down Router before Power Off?

yes, it is. the shutdown command on RouterBOARD devices doesn't turn off the device.
It stops it working though, which is almost the same thing.
by sid5632
Wed Jan 09, 2019 3:06 am
Forum: Announcements
Topic: v6.43.8 [stable] is released!
Replies: 169
Views: 48464

Re: v6.43.8 [stable] is released!

Dude is full of annoying bugs like this. Try changing notification settings from Winbox instead of Dude client.
by sid5632
Mon Dec 17, 2018 3:27 am
Forum: Announcements
Topic: v6.43.7 [stable] is released!
Replies: 53
Views: 18316

Re: v6.43.7 [stable] is released!

Firmware is RouterBoot not RouterOS. It's not "weird". It's you that doesn't understand.
Just upgrade it.
by sid5632
Thu Dec 13, 2018 4:00 pm
Forum: Beginner Basics
Topic: Mikrotik reserving some of my bandwith and I don't want that
Replies: 18
Views: 2408

Re: Mikrotik reserving some of my bandwith and I don't want that

I know that the mikrotik is reserving bandwith... No, you really don't. You said you were a big networking noob, yet you claim to know this? These devices are not suitable for people who don't know what they are doing. It's a switch, not a router. But you will of course know the difference, won't y...
by sid5632
Thu Dec 13, 2018 2:48 am
Forum: Scripting
Topic: Auto upgrade script
Replies: 20
Views: 26942

Re: Auto upgrade script

Some of the Dude stuff on that page is well out of date...
by sid5632
Thu Dec 13, 2018 2:43 am
Forum: Beginner Basics
Topic: Choosing router+switch pair for home net
Replies: 7
Views: 1131

Re: Choosing router+switch pair for home net

It might be capable of wirespeed routing
It most certainly isn't.
by sid5632
Tue Dec 11, 2018 6:34 pm
Forum: General
Topic: RAW Table [SOLVED]
Replies: 15
Views: 2133

Re: RAW Table [SOLVED]

Elaborate what?
It's fairly obvious that setting notrack on everything that is NOT 10.0.0.0/8 following by setting notrack on everything that is NOT 172.16.0.0/16 effectively sets notrack on EVERYTHING.

(And then obviously the NAT doesn't work as it requires connection-tracking.)
by sid5632
Tue Dec 11, 2018 3:56 pm
Forum: General
Topic: RAW Table [SOLVED]
Replies: 15
Views: 2133

Re: RAW Table [SOLVED]

It seems that the ! (not) operator is not working somehow in RAW table.

Am I correct ?
No you aren't.
You just don't seem to understand how boolean logic works.
by sid5632
Sun Dec 02, 2018 10:43 am
Forum: General
Topic: Can't get 1Gbps on CRS125-24G-1S-2HnD
Replies: 7
Views: 1098

Re: Can't get 1Gbps on CRS125-24G-1S-2HnD

The OP hasn't bothered even to logon to the foum since between posts #3 and #4.
Tells you a lot doesn't it?
by sid5632
Tue Nov 27, 2018 8:48 pm
Forum: General
Topic: Upgrading old-ish 4.11 RB750
Replies: 1
Views: 518

Re: Upgrading old-ish 4.11 RB750

I tried upgrading one and ended up with it boot-looping somewhere around about version 5.08 or so.
I had to Netinstall it and it's now running the latest 6.43.x versions happily.
by sid5632
Tue Nov 27, 2018 8:42 pm
Forum: General
Topic: Mounting routers to boards - magnets?
Replies: 4
Views: 793

Re: Mounting routers to boards - magnets?

Why would you assume magnets interfere with electronics? Especially if static.
Even if they were moving it would make no practical difference.
Time to go back to physics lessons.
by sid5632
Sun Nov 25, 2018 9:40 pm
Forum: Beginner Basics
Topic: vlan on crs125-24g-1s-2hnd-in and crs125-25g-1s-rm
Replies: 5
Views: 937

Re: vlan on crs125-24g-1s-2hnd-in and crs125-25g-1s-rm

Do i need vlan-filtering for this router model? No. You don't use vlan-filtering on anything with a switch chip apart from a CRS3xx series. If you do, it disables Hardware Offload and kills the performance, as everything goes through the CPU (which isn't very powerful). And you don't use more than ...
by sid5632
Sun Nov 25, 2018 4:21 pm
Forum: Wireless Networking
Topic: hAP lite - connection problems
Replies: 3
Views: 2954

Re: hAP lite - connection problems

Get rid of the TP-Link and use another Mikrotik.
The IP address on ether2 should be on bridge1.
Get rid of the dhcp-client on ether1.
by sid5632
Fri Nov 23, 2018 4:33 pm
Forum: General
Topic: Vlans, trunks (tagged traffic)
Replies: 3
Views: 852

Re: Vlans, trunks (tagged traffic)

You can't put VLANs on slave interfaces. Put them on the bridge.
by sid5632
Fri Nov 23, 2018 11:20 am
Forum: General
Topic: Router Blocking Connections
Replies: 2
Views: 878

Re: Router Blocking Connections

Router was hacked, so I did a Reset Configuration and reprogrammed it. Not very well it seems. Your firewall rules are a mess and insecure (and some of the comments don't match the actions). You have a DHCP client AND a static address on ether1. You have a static address on ether2 which should be o...
by sid5632
Thu Nov 22, 2018 3:53 pm
Forum: The Dude
Topic: Keep pooling but no propage error ?
Replies: 2
Views: 2209

Re: Keep pooling but no propage error ?

Right click on the device on the map and click the "Ack" menu option. Next time it transitions from "up" to "down", it will turn blue instead of red.
by sid5632
Thu Nov 22, 2018 3:50 pm
Forum: General
Topic: Can't get 1Gbps on CRS125-24G-1S-2HnD
Replies: 7
Views: 1098

Re: Can't get 1Gbps on CRS125-24G-1S-2HnD

No-one's forcing anything. This is just what you WOULD get, IF you were to turn off auto-negotiation, which you haven't.
If it bothers you that much, then set the ports to the default speed (it seems to vary based on model and software version).
by sid5632
Wed Nov 21, 2018 7:35 pm
Forum: The Dude
Topic: The Dude client ACCESS VIOLATION on fresh install with Windows 10
Replies: 6
Views: 5288

Re: The Dude client ACCESS VIOLATION on fresh install with Windows 10

I get these crashes all the time. I sent a detailed report to Support. They replied that they'd keep it on file for when development re-started. That was about a year ago. Since then, nothing's happened, nothing's been fixed, and nothing is going to happen any time soon apparently. There appears to ...
by sid5632
Fri Nov 16, 2018 2:09 am
Forum: General
Topic: Management VLAN and DHCP distribution
Replies: 2
Views: 1030

Re: Management VLAN and DHCP distribution

set ether1 vlan-mode=secure vlan-header=add-if-missing I would change this to: set ether1 vlan-mode=secure vlan-header=leave-as-is 3. the interface "brige1" should receive its ip from the cisco router. Can i accomplish this? Yes, just create a DHCP client on the MGMT interface and remove the static...
by sid5632
Wed Nov 07, 2018 8:22 pm
Forum: Beginner Basics
Topic: User access to RouterBoard
Replies: 11
Views: 2148

Re: User access to RouterBoard

It's just a file in the skins folder, so you copy/move/delete it like any other file.
by sid5632
Tue Nov 06, 2018 1:07 am
Forum: Virtualization
Topic: CHR neighbour discovery problem
Replies: 13
Views: 7831

Re: CHR neighbour discovery problem

I suggest you all write to Mikrotik support, seeing as they clearly don't believe me - based on the fact that they have done NOTHING about this bug in the last 9 months.
Posting here is essentially pointless.
by sid5632
Thu Nov 01, 2018 11:56 am
Forum: Beginner Basics
Topic: "Strange" traffic from router
Replies: 5
Views: 2294

Re: "Strange" traffic from router

It's fairly obvious that things you didn't enter have been entered by someone else, is it not? 6.34.2 is ancient and insecure, which is why it happened. Did you search the forum or look in Announcements? Upgrade to a modern version, clear out all the junk, and set up a proper firewall (or preferably...
by sid5632
Tue Oct 30, 2018 8:26 pm
Forum: The Dude
Topic: Duplicate and old SNMP data in the database. Broken database?
Replies: 5
Views: 2874

Re: Duplicate and old SNMP data in the database. Broken database?

What's the point? Export and import does an implicit stop/start but takes longer.
by sid5632
Mon Oct 29, 2018 4:01 pm
Forum: The Dude
Topic: Duplicate and old SNMP data in the database. Broken database?
Replies: 5
Views: 2874

Re: Duplicate and old SNMP data in the database. Broken database?

It does this. It's just one of numerous bugs in this thing.
Depending on how long it's been running, I see 2, 3, 4, 5 or more duplicates.
Stop and restart the Dude server and it all gets cleaned up.
by sid5632
Mon Oct 22, 2018 4:40 pm
Forum: The Dude
Topic: The Dude 6.42.9 Cannot add files
Replies: 2
Views: 2628

Re: The Dude 6.42.9 Cannot add files

You upload files using Winbox/FTP etc. not via the Dude client.
by sid5632
Thu Oct 18, 2018 10:25 am
Forum: General
Topic: Upgrade to 6.43.2 current from 6.43.1 current on hAPLite
Replies: 3
Views: 959

Re: Upgrade to 6.43.2 current from 6.43.1 current on hAPLite

This is what happened on mine: oct/05 00:31:36 system,info installed routeros-smips-6.43.2 oct/05 00:31:36 system,error not enough space for upgrade oct/05 00:31:37 system,info router rebooted and it's still on 6.42.9, not surprisingly. I don't know what the answer is, short of Mikrotik making the p...
by sid5632
Tue Oct 09, 2018 9:43 pm
Forum: Virtualization
Topic: CHR license on router with no internet
Replies: 11
Views: 4432

Re: CHR license on router with no internet

There is no point purchasing a licence as you will never be able to activate it without internet access.
You might as well use the free one.
by sid5632
Fri Sep 21, 2018 3:20 am
Forum: Wireless Networking
Topic: Connect your MikroTik to regular WiFi, simply
Replies: 3
Views: 782

Re: Connect your MikroTik to regular WiFi, simply

You shouldn't have dhcp-client on wlan1 when wlan1 is a bridge port. This is a bit of a leftover from official guide. However, since wlan1 is in bridge, would it matter? It works either way... Yes it does matter and no it doesn't work. It complains about not creating on slave ports if you try it in...
by sid5632
Thu Sep 20, 2018 11:36 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 52115

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

At time of writing, these would seem to fit: Legacy: 5.26 Long-term/bugfix: 6.40.9 Stable: 6.42.7 Current: 6.43.2 Testing: 6.44beta9 Development: Who knows Winbox still seems to have the old 4 categories though (bugfix, current, testing, development) - but I've never seen anything in 'development' s...
by sid5632
Thu Sep 20, 2018 5:37 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 52115

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

Three "stable" releases in just over a week seems to be rather a contradiction in terms to me.
Perhaps "current" really was the correct name.
by sid5632
Thu Sep 20, 2018 5:30 pm
Forum: General
Topic: After upgrade firmware 6.40.5, Can't change admin's group to full
Replies: 6
Views: 1333

Re: After upgrade firmware 6.40.5, Can't change admin's group to full

What's the point of being unpleasant? You're paranoid. It was a perfectly reasonable question for the reasons I stated. It wasn't "unpleasant". Why do you care? I don't. But I do see someone who is cruising around the forum looking for virtually irrelevant things to answer. I expect you're trying t...
by sid5632
Thu Sep 20, 2018 12:02 pm
Forum: Wireless Networking
Topic: Connect your MikroTik to regular WiFi, simply
Replies: 3
Views: 782

Re: Connect your MikroTik to regular WiFi, simply

You shouldn't have dhcp-client on wlan1 when wlan1 is a bridge port.
It's good to see that useless firewall NAT rule is disabled. So why include it?
by sid5632
Thu Sep 20, 2018 11:51 am
Forum: RouterBOARD hardware
Topic: Status LED's on CRS326-24G-2S+RM?
Replies: 3
Views: 841

Re: Status LED's on CRS326-24G-2S+RM?

On the CRS125-24G the port numbers light up. I expect the 326 is the same.
by sid5632
Thu Sep 20, 2018 11:44 am
Forum: The Dude
Topic: The Dude 6.40.8 - db failure: database disk image is malformed
Replies: 37
Views: 12595

Re: The Dude 6.40.8 - db failure: database disk image is malformed

Have you got enough storage space for the database?
When this happens to me, it usually means I've forgotten to increase the disk space on the CHR VM.
by sid5632
Wed Sep 19, 2018 8:54 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 117288

Re: Winbox vulnerability: please upgrade

I don't think he meant Mikrotik but the likes of Microsoft and their stupid forced updates.
It is indeed Micro$oft I meant.
by sid5632
Wed Sep 19, 2018 8:28 pm
Forum: General
Topic: After upgrade firmware 6.40.5, Can't change admin's group to full
Replies: 6
Views: 1333

Re: After upgrade firmware 6.40.5, Can't change admin's group to full

What's the point in responding to this 7 month old post?
Especially as a lot of water how flowed under various RouterOS bridges since then.
by sid5632
Tue Sep 18, 2018 8:29 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 117288

Re: Winbox vulnerability: please upgrade

Automatic upgrade should be the default
No, it should not.
and is quickly becoming best practice.
Only if you're using the Micro$oft definition of 'best', which really means worst.
Upgrading in a controlled manner is best practice, not when some bone-head elsewhere in the world dictates.
by sid5632
Tue Sep 18, 2018 8:08 pm
Forum: General
Topic: CHR x86 ethernet interfaces random names
Replies: 6
Views: 1385

Re: CHR x86 ethernet interfaces random names

Running which version?
There's something about this in 6.44beta.
by sid5632
Mon Sep 17, 2018 12:32 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 117288

Re: Winbox vulnerability: please upgrade

It isn't MikroTik's job to update your router for you, it is only their job to make you able to update it easily and quickly. Sorry to disagree but you'r wrong, It is MIKROTIK job to update our router's software No, it you who is WRONG. Now why don't you toddle off to Microsoft and get a copy of Wi...
by sid5632
Sun Sep 16, 2018 7:50 pm
Forum: The Dude
Topic: Dude 6.41.2 lost SNMP interfaces
Replies: 26
Views: 7958

Re: Dude 6.41.2 lost SNMP interfaces

This is just a coincidence of stopping and restarting the server, which is what really fixes it.
Vacuuming the database has no effect in itself.
by sid5632
Sat Sep 15, 2018 7:56 pm
Forum: General
Topic: Router got hacked please help
Replies: 5
Views: 1227

Re: Router got hacked please help

And fix the firewall.
by sid5632
Sat Sep 15, 2018 3:14 pm
Forum: General
Topic: MikroTik WISP Design – An overview of adding IPv6 to your WISP
Replies: 2
Views: 830

Re: MikroTik WISP Design – An overview of adding IPv6 to your WISP

You've written OPSF rather than OSPF in several places!
by sid5632
Thu Sep 13, 2018 2:20 pm
Forum: General
Topic: Winbox via wine on Ubuntu 18.04
Replies: 5
Views: 3824

Re: Winbox via wine on Ubuntu 18.04

Discovering CHR via Winbox is very hit and miss. My CHR sometimes comes up if I refresh neighbours about 4 times and leave it for 5 mins. I wouldn't pin "all" of the blame on Winbox/WINE combo at this point.
See also viewtopic.php?f=15&t=130551
by sid5632
Wed Sep 12, 2018 1:37 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 117288

Re: Winbox vulnerability: please upgrade

Yeah, that configuration is not secure. Wide open to the internet and attackers. Yes. And this is fine. Everyone has his own vision of comfort and safety. You got hacked and started asking questions. Then when someone gives you a sensible answer and tells you where you went wrong, you disagree with...
by sid5632
Thu Sep 06, 2018 5:35 pm
Forum: General
Topic: Configuring firewall for use as NTP server
Replies: 2
Views: 2510

Re: Configuring firewall for use as NTP server

Assuming a /24 subnet (why do people asking these sort of questions never state important stuff like this?): 1. Use of source and broadcast addresses of 192.168.1.0 is completely invalid 2. There is no forwarding going on as it's on the same subnet 3. Access from the LAN subnet to the router is open...
by sid5632
Thu Sep 06, 2018 4:49 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 117288

Re: Winbox vulnerability: please upgrade

unless they have a time machine (and you guys don't, right?).
We are working on it.
Yeah, but when will it be released?
1985?
by sid5632
Thu Sep 06, 2018 4:44 pm
Forum: Scripting
Topic: Mikrotik synthesizer/piano programs
Replies: 18
Views: 7438

Re: Mikrotik synthesizer/piano programs

SSH.DLL and LIBEAY32.DLL both depend on MSVCR120.DLL
ZLIB1.DLL depends on both VCRUNTIME140D.DLL and UCRTBASED.DLL

Fixing the .EXE doesn't fix the .DLLs
by sid5632
Thu Sep 06, 2018 4:28 pm
Forum: Beginner Basics
Topic: Block emails from IP to a domain
Replies: 4
Views: 726

Re: Block emails from IP to a domain

Block everything from his IP. Then he'll soon be an ex-customer and problem solved.
by sid5632
Wed Sep 05, 2018 9:31 pm
Forum: Beginner Basics
Topic: How to bridge 2 bridges ?
Replies: 8
Views: 4390

Re: How to bridge 2 bridges ?

Don't create bridge2. Put everything on bridge1. The VLAN setup should be all you need to segregate traffic at L2.
Don't use VLAN filtering on the bridge. VLANs have to be done on the switch chips on the 2011.
If you want segregation at L3 then use firewall rules.
by sid5632
Tue Sep 04, 2018 3:06 am
Forum: General
Topic: Could anyone help me to configure Untagged VLAN with Trunk?
Replies: 14
Views: 1515

Re: Could anyone help me to configure Untagged VLAN with Trunk?

Is that the output of "/export hide-sensitive" then?
No, it isn't.
Can you not read? Or do think you know better? In which case why are you asking for help?
by sid5632
Sun Sep 02, 2018 2:40 pm
Forum: Virtualization
Topic: /ip cloud on CHR [SOLVED]
Replies: 1
Views: 4107

Re: /ip cloud on CHR [SOLVED]

This was reported here, but no action seems to have been taken:
IP->Cloud has disappeared from menu in WebFig and WinBox.
It's unclear if it's deliberate or not.
It works from the CLI, but you need a later release of 6.43rc - it's not in 6.42.7
by sid5632
Thu Aug 30, 2018 3:55 pm
Forum: Beginner Basics
Topic: RB3011UiAS Password was changed?
Replies: 10
Views: 1347

Re: RB3011UiAS Password was changed?

Yes :(
No. Or "not necessarily" anyway.
by sid5632
Thu Aug 30, 2018 3:53 pm
Forum: Beginner Basics
Topic: RB3011UiAS Password was changed?
Replies: 10
Views: 1347

Re: RB3011UiAS Password was changed?

Go on then, amuse us by specifying what RouterOS release you are running.
And then go and upgrade it to something secure. And set your firewall properly.

It's almost certainly the standard Winbox vulnerability which you can easily find on the forum.
by sid5632
Thu Aug 30, 2018 3:49 pm
Forum: Scripting
Topic: e-mail /export script not working since upgrade to 6.40.8
Replies: 4
Views: 666

Re: e-mail /export script not working since upgrade to 6.40.8

Is this change maybe reverted in a later version?
Apparently not. It's still the same on 6.43rc56

The best thing is not to use a comma in the file name in the first place. Use a '-' or a '_' character, or similar.
by sid5632
Thu Aug 30, 2018 3:38 pm
Forum: Scripting
Topic: e-mail /export script not working since upgrade to 6.40.8
Replies: 4
Views: 666

Re: e-mail /export script not working since upgrade to 6.40.8

Try:
file="\"Customer-Lastname,Firstname.rsc\""
on the "/tool e-mail" command.
by sid5632
Thu Aug 30, 2018 3:11 pm
Forum: General
Topic: New wave of Winbox vuln. attacks
Replies: 20
Views: 5379

Re: New wave of Winbox vuln. attacks

Should untracked also be removed as it appears not to be part of defconf as well?
No. Untracked is part of defconf. Read the comment!
by sid5632
Thu Aug 30, 2018 10:10 am
Forum: General
Topic: New wave of Winbox vuln. attacks
Replies: 20
Views: 5379

Re: New wave of Winbox vuln. attacks

Why have you got "new" in this:
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,new,untracked
It certainly wasn't put there by "defconf" so you must have done it. Take it out!
by sid5632
Sun Aug 05, 2018 3:06 pm
Forum: Scripting
Topic: RouterOS SNMP Get
Replies: 10
Views: 5000

Re: RouterOS SNMP Get

This doesn't work... [admin@MikroTik] > :global x [admin@MikroTik] > env pr x=[:nothing] [admin@MikroTik] > :set x [/tool snmp-get address=192.168.0.1 oid=1.3.6.1.4.1.14988.1.1.11.1.1.4.3] OID TYPE VALUE 1.3.6.1.4.1.14988.1.1.11.1.1.4.3 octet-string 6.42.6 (stable) [admin@MikroTik] > env pr x=[]
by sid5632
Sun Aug 05, 2018 1:00 am
Forum: RouterBOARD hardware
Topic: Bricked RB750
Replies: 10
Views: 2355

Re: Bricked RB750

I tried updating a 750 from 4.x and got as far as something like 5.08
Attempts to upgrade further to 6.3x just gave me a boot loop.
Netinstall worked for me and the thing is now happily on 6.42.x
by sid5632
Fri Aug 03, 2018 1:04 am
Forum: General
Topic: How to display full time in the winbox log
Replies: 14
Views: 1819

Re: How to display full time in the winbox log

You're Warned.
How rude of you to threaten me. And who are you anyway?
by sid5632
Thu Aug 02, 2018 3:29 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 56
Views: 10715

Re: Mikrotik in the news..bad news

I'm not really sure what Mikrotik can do about the kit out there that still isn't patched. These routers probably haven't been logged into at all for years.
If hackers can login and change the config. then all anybody else needs to do is login and update the software. Job done. Simple.
by sid5632
Thu Aug 02, 2018 1:46 pm
Forum: General
Topic: How to display full time in the winbox log
Replies: 14
Views: 1819

Re: How to display full time in the winbox log

For me it looks correctly. It may be that you have increased your system fonts.
Who cares?
The point is that it should work correctly regardless of the system font. And why isn't it resizeable, like everything else?
by sid5632
Thu Aug 02, 2018 12:40 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 38336

Re: Blacklist Filter (Development Topic)

Use \?

The script in post #9 was wrong.
by sid5632
Tue Jul 31, 2018 8:26 pm
Forum: General
Topic: join two subnets [SOLVED]
Replies: 10
Views: 1612

Re: join two subnets [SOLVED]

Can't really be bothered to argue, but... mkx even put "see" in quotes, just like that, because he knew it was meaningless too, like me. The original poster has, of course, not bothered to reply, so who knows whether he's even read any of this thread after posting the meaningless drivel that was his...
by sid5632
Mon Jul 23, 2018 10:03 pm
Forum: Beginner Basics
Topic: Script to reduce Wi-Fi transmitter power on schedule/at night
Replies: 34
Views: 4921

Re: Script to reduce Wi-Fi transmitter power on schedule/at night

even setting a powervalue that is already selected, triggers a disconnect/reconnect. This is not nice....
This whole business is completely and utterly STUPID. STOP doing it. Then all the 'not nice' things go away as well.
by sid5632
Fri Jul 20, 2018 11:01 am
Forum: Forwarding Protocols
Topic: MPLS TE Bug?
Replies: 11
Views: 2352

Re: MPLS TE Bug?

It looks like some mess with 32 bit variable.
Write to Mikrotik support.
by sid5632
Thu Jul 19, 2018 9:02 pm
Forum: Announcements
Topic: Winbox v3.16 released!
Replies: 63
Views: 38079

Re: Winbox v3.16 released!

I left a CHR with just the Dude Settings dialog open and closed Winbox.
When I re-opened it, it had the IP Settings dialog open instead.
This is perfectly repeatable across at least ROS 6.42.6 and 6.43rc44 so I conclude it's another Winbox problem.
Bizarre!
by sid5632
Thu Jul 19, 2018 11:38 am
Forum: General
Topic: Disable announcing NTP server in DHCP
Replies: 4
Views: 1845

Re: Disable announcing NTP server in DHCP

This is like the DNS bug again, but in NTP.
You'd have thought they'd check both when fixing one, but it seems not.
by sid5632
Thu Jul 19, 2018 11:35 am
Forum: RouterBOARD hardware
Topic: Validate requirements for Mikrotik switch
Replies: 1
Views: 691

Re: Validate requirements for Mikrotik switch

CRS is primarily a switch, with a fairly weak CPU which means limited other capabilities i.e. routing, IPSEC etc.
It will work, but it depends how much performance you are expecting as to whether it will be adequate.
by sid5632
Tue Jul 17, 2018 3:02 am
Forum: General
Topic: SNTP Client GET returns nothing? [SOLVED]
Replies: 4
Views: 1048

Re: SNTP Client GET returns nothing? [SOLVED]

What am I doing wrong?
:put [get enabled]
:put [get primary-ntp]
etc.
by sid5632
Mon Jul 16, 2018 12:25 am
Forum: Beginner Basics
Topic: Script to reduce Wi-Fi transmitter power on schedule/at night
Replies: 34
Views: 4921

Re: Script to reduce Wi-Fi transmitter power on schedule/at night

Most people go around all day with a phone in their pocket, right next to their gonads, and that doesn't seem to bother anyone.
Might be useful if it did, as there are far too many people in the world already.

You do wonder where folk get their bizarre ideas from sometimes...
by sid5632
Sat Jul 14, 2018 10:13 pm
Forum: Beginner Basics
Topic: Script to reduce Wi-Fi transmitter power on schedule/at night
Replies: 34
Views: 4921

Re: Script to reduce Wi-Fi transmitter power on schedule/at night

I want to reduce Wi-Fi transmitter power on schedule/at night because the router is located in a bed room.
What on earth for?
Does the 'excess' power keep someone awake or what?
Or maybe you think it causes cancer or something?
by sid5632
Fri Jul 13, 2018 2:36 am
Forum: General
Topic: join two subnets [SOLVED]
Replies: 10
Views: 1612

Re: join two subnets [SOLVED]

What should I do to see the LAN host on LAN2 and LAN2 on the LAN? Thank you.
Define "see". It's meaningless.
by sid5632
Thu Jul 12, 2018 11:30 am
Forum: Announcements
Topic: Winbox v3.16 released!
Replies: 63
Views: 38079

Re: Winbox v3.16 released!

same... every one have this problem ?
Yep...
by sid5632
Mon Jul 09, 2018 7:20 pm
Forum: General
Topic: Privacy-oriented public blacklist?
Replies: 6
Views: 1165

Re: Privacy-oriented public blacklist?

Wonder if that is IP>Cloud related then as the CHR doesn't have that functionality (yet). Interestingly, turning off all IP cloud stuff and rebooting just gives 1 packet instead of the 3 or 4 it was doing before (they're blocked in the Output chain). Turning the Update Time setting back on and doin...
by sid5632
Mon Jul 09, 2018 1:41 pm
Forum: General
Topic: Privacy-oriented public blacklist?
Replies: 6
Views: 1165

Re: Privacy-oriented public blacklist?

I see outgoing UDP packets on port 15252 to 81.198.87.240 shortly after reboot on physical routers (e.g. 941 and 951).
This address maps to some telecom provider apparently in Riga.

Doesn't seem to do it on CHR.
by sid5632
Thu Jun 21, 2018 2:38 am
Forum: Virtualization
Topic: CHR neighbour discovery problem
Replies: 13
Views: 7831

Re: CHR neighbour discovery problem

Looks to me like host configuration problem.
Configuration of what? My Windows machine? How? What? Where?
C'mon, give me something to go on.

It'll be nice if somebody actually said what exactly those 4 bytes mean in post #1.
by sid5632
Tue Jun 19, 2018 8:19 am
Forum: Virtualization
Topic: CHR neighbour discovery problem
Replies: 13
Views: 7831

Re: CHR neighbour discovery problem

Almost needless to say, support have not done anything about this. You might have thought they could have tried this on any CHR and hardware unit out of the box. But no, they demanded Supouts for this trivial, perfectly repeatable case. Sometimes you just wanna cry. I gave up. Why should I waste my ...
by sid5632
Mon Jun 18, 2018 5:28 pm
Forum: The Dude
Topic: Complete list of Dude Terminal/CLI commands?
Replies: 2
Views: 2613

Re: Complete list of Dude Terminal/CLI commands?

You can't.
It isn't finished and there's no documentation.
Yes, it's disappointing, and has been for a long time, but there seems to be no effort available to develop this thing or fix the many bugs.
by sid5632
Mon Jun 18, 2018 5:24 pm
Forum: General
Topic: S.O.S New vurnelabilty on 6.42.3 ????? NO [SOLVED]
Replies: 26
Views: 14907

Re: S.O.S New vurnelabilty on 6.42.3 ????? [SOLVED]

It was updated to 6.41.3 exactly because of this vulnerability but it didn't help. I believe 6.41.x doesn't have any vulnerability fix. You should be using 6.40.8 (or later in 6.40.x series - none yet) or 6.42.1 or later. So it's not surprising that updating to 6.41.3 doesn't help really. Why pick ...
by sid5632
Sun Jun 17, 2018 1:38 am
Forum: General
Topic: SIP client cannot re-register in the SIP server after switching ISP (different NAT) [SOLVED]
Replies: 58
Views: 15913

Re: SIP client cannot re-register in the SIP server after switching ISP (different NAT) [SOLVED]

There is a scenario I have run into where stale connection-tracking entries prevent SIP phones from re-registering, which to this day I do not understand: 1. Customer has a single WAN / internet connection. 2. WAN uses PPPoE. 3. Customer is assigned a STATIC ADDRESS on the PPPoE interface. 4. PPPoE...
by sid5632
Sat Jun 16, 2018 1:00 pm
Forum: General
Topic: VLAN Basic configuration
Replies: 8
Views: 1519

Re: VLAN Basic configuration

Complete with loads of errors...

R2 diagram shows ether2 not ether1 as per the script.
172.168.1.x should be 172.16.1.x

No wonder people get confused when the examples are often wrong.
by sid5632
Thu Jun 14, 2018 3:03 pm
Forum: RouterBOARD hardware
Topic: Wireless wire 60Ghz default password
Replies: 26
Views: 13265

Re: Wireless wire 60Ghz default password

Upgrade to Winbox 3.14 and next time post the version number you are using. Or do some very basic research on the forum first.
by sid5632
Tue Jun 12, 2018 2:24 am
Forum: General
Topic: SIP client cannot re-register in the SIP server after switching ISP (different NAT) [SOLVED]
Replies: 58
Views: 15913

Re: SIP client cannot re-register in the SIP server after switching ISP (different NAT) [SOLVED]

Users with a single fixed IP on a single WAN line should not be affected by the above, so they do not need a fix. The problem described above only occurs when there are multiple WAN lines and the router switches between them (e.g. due to some failover mechanism) without the client knowing about it....
by sid5632
Mon Jun 11, 2018 11:03 am
Forum: General
Topic: More than 254 IPs needed! What options do I have?
Replies: 16
Views: 2492

Re: More than 254 IPs needed! What options do I have?

some devices won't work correctly when you mix subnet classes. Mixing Classes isn't a good idea. This is just utter rubbish, at least for any modern device. "Classes" went out at least 2 decades ago. Anything that can't handle this (let's hear some specific examples of devices, rather than vague as...
by sid5632
Sun Jun 10, 2018 11:19 am
Forum: General
Topic: v6.43rc23 IPSec bug
Replies: 4
Views: 1436

Re: v6.43rc23 IPSec bug

"Proposals" appears to have been renamed "Policy Proposals" and a new tab added called "Peer Proposals". This is the source of your confusion, as your screen capture was for "Peer Proposals", although you helpfully cut off the title of the dialog box, and the command line print was for "Policy Propo...
by sid5632
Thu Jun 07, 2018 10:54 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 95810

Re: VPNfilter official statement

What is the functional difference or outcome of a. src-port=80 What is prevented, what are the outcomes positive and negative? vice dst-port=80 What is prevented, what are the outcomes positive and negative? If you don't even know the difference between source and destination ports, then you need t...
by sid5632
Thu Jun 07, 2018 10:41 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 95810

Re: VPNfilter official statement

That'll stop the check for upgrades of RouterOS from working, so not very clever.
You should at least add a white-list item for upgrade.mikrotik.com first.
by sid5632
Thu May 31, 2018 12:59 pm
Forum: General
Topic: How to change rate of an interface in mikrotik ?
Replies: 4
Views: 956

Re: How to change rate of an interface in mikrotik ?

What's a "Multiplexer"?
I expect that is the source of your problem. You need all 8 wires connected correctly in the cable for it to work at 1Gbps.
Don't mess around with the config. on the routers - it probably won't achieve anything. Auto should work.
by sid5632
Mon May 28, 2018 1:00 pm
Forum: Beginner Basics
Topic: winbox view
Replies: 6
Views: 1277

Re: winbox view

Both are ridiculous suggestions. No matter how big the screen, Winbox will always produce stupid dialogs like this that don't fit. It needs fixing properly, not telling people to use something else. If they wanted to use Webfig, then presumably they would have done so in the first place. What do you...
by sid5632
Sun May 27, 2018 4:17 pm
Forum: General
Topic: Router OS assiging DHCP addresses in reverse order
Replies: 5
Views: 1784

Re: Router OS assiging DHCP addresses in reverse order

I found that making a leased address static in the server (at the bottom of the pool range) will then cause it to allocate addresses in ascending order.
If they are all dynamic then it allocates in descending order.
by sid5632
Sun May 27, 2018 3:55 pm
Forum: General
Topic: CRS125 do I dare to upgrade from 6.37.4 to 6.41+ ?
Replies: 10
Views: 1697

Re: CRS125 do I dare to upgrade from 6.37.4 to 6.41+ ?

The upgrade made a mess of mine, but I knew it was going to as I had multiple bridges and VLANs.
Make sure your console cable works before you start! And definitely do them off-line.
by sid5632
Fri May 25, 2018 9:46 pm
Forum: General
Topic: Mikrotik bricked by backup, reset button not working anymore
Replies: 25
Views: 7012

Re: Mikrotik bricked by backup, reset button not working anymore

You cannot restore a backup to anything apart from the EXACT SAME ROUTER that it came from. You cannot restore backups to routers even of the same type.
by sid5632
Fri May 25, 2018 8:28 pm
Forum: General
Topic: BTest server for Linux
Replies: 28
Views: 22734

Re: BTest server for Linux

This worked for me:
git clone https://github.com/samm-git/btest-opensource
cd btest-opensource
gcc -o btest *.c -lpthread
by sid5632
Thu May 24, 2018 8:36 pm
Forum: Beginner Basics
Topic: Schedule disable ethernet interface?
Replies: 15
Views: 3406

Re: Schedule disable ethernet interface?

The whole point, as if I need to say it YET again, is that it was NOT unambiguous IF/WHEN things change. I really fail to see why so many people can't see this. It's not arrogance - it's just being right. The arrogant ones are those who continually stick their collective heads in the sand and bleat ...
by sid5632
Thu May 24, 2018 8:11 pm
Forum: Beginner Basics
Topic: Schedule disable ethernet interface?
Replies: 15
Views: 3406

Re: Schedule disable ethernet interface?

Ok, now do a print / export of that here? That WAS from an export. OK, you're obviously a sucker for punishment. Here's an export from my real router: > system ntp client print enabled: yes primary-ntp: 0.0.0.0 secondary-ntp: 0.0.0.0 server-dns-names: ntp1.npl.co.uk,uk.pool.ntp.org mode: unicast po...
by sid5632
Thu May 24, 2018 8:05 pm
Forum: Beginner Basics
Topic: Schedule disable ethernet interface?
Replies: 15
Views: 3406

Re: Schedule disable ethernet interface?

Routik, great helpful post! I enjoyed reading it and was not at all disturbed by the HORRIBLE conflict between a comment and code entry item. Overlooking this terrible crime, I give you a big thumbs up!! If you think the comment is not important, then try changing it to something else and see if th...
by sid5632
Thu May 24, 2018 6:43 pm
Forum: Beginner Basics
Topic: Schedule disable ethernet interface?
Replies: 15
Views: 3406

Re: Schedule disable ethernet interface?

But I didn't change the allocated port. I know you didn't. I did say if/when it gets changed... I only added "Guest as comment to it, which is what the script works with. I know, but it's vital to the operation, not just some side-issue. If somebody removed the comment from ether5 and added it to e...
by sid5632
Thu May 24, 2018 6:28 pm
Forum: Beginner Basics
Topic: Schedule disable ethernet interface?
Replies: 15
Views: 3406

Re: Schedule disable ethernet interface?

Hard coding IP addresses for NTP is stupid as well, when you've just said use pool.ntp.org Oh Master of Mikrotik, please teach us how to retain the FQDN in NTP Client on Mikrotik? /system ntp client set enabled=yes server-dns-names=uk.pool.ntp.org Now who looks stupid? If not, don't you think your ...
by sid5632
Thu May 24, 2018 4:28 pm
Forum: Virtualization
Topic: CHR(Vmware) update fails
Replies: 1
Views: 3056

Re: CHR(Vmware) update fails

Is this free or paid-for license?
Check the License screen to see if the Limited Upgrades box is ticked. If it is then your 2 month trial has expired.
Check the Log as well. It will also tell you if the upgrade failed due license expiry.
by sid5632
Thu May 24, 2018 4:14 pm
Forum: Beginner Basics
Topic: Schedule disable ethernet interface?
Replies: 15
Views: 3406

Re: Schedule disable ethernet interface?

Seeing as you went to the trouble to abstract Guest from ether5, you should call the scripts/scheduler items Disable_Guest and Enable_Guest. Calling them Disable_ether5 etc. is just stupid and potentially confusing if/when you change the port allocated to "Guest". Hard coding IP addresses for NTP is...
by sid5632
Thu May 17, 2018 8:08 pm
Forum: Announcements
Topic: v6.42.2 [current]
Replies: 65
Views: 20009

Re: v6.42.2 [current]

Seeing as the only thing that seems to change between most versions of RouterBoot is the version number, why not abandon the stupid policy that brought this ridiculous state of affairs about and only change the version number WHEN THERE IS SOMETHING THAT CHANGES (apart from the version number!)?
by sid5632
Sat May 05, 2018 12:55 am
Forum: Beginner Basics
Topic: Forwarding broadcast traffic between two networks
Replies: 13
Views: 3309

Re: Forwarding broadcast traffic between two networks

Yeah, and I want to turn water into wine as well. That's a very good example of a post that is both unhelpful and not related to the conversation, the exact reason posts like this become long and hard to traverse. But your requirements are completely non-sensical, hence my sarcastic reply. The whol...
  • 1
  • 2