Community discussions

MikroTik App

Search found 20 matches

by doctorrock
Mon May 28, 2018 10:59 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 105427

Re: VPNfilter official statement

Technical details of the worm here : https://blog.talosintelligence.com/2018 ... ilter.html
by doctorrock
Sat May 26, 2018 3:23 am
Forum: General
Topic: Can't get DNSv6 from SLAAC
Replies: 27
Views: 5712

Re: Can't get DNSv6 from SLAAC

Ok thx for informations
by doctorrock
Thu May 24, 2018 10:28 pm
Forum: General
Topic: Can't get DNSv6 from SLAAC
Replies: 27
Views: 5712

Re: Can't get DNSv6 from SLAAC

Well what happens is that : If I say I use SLAAC (managed=0) My Windows hosts uses SLAAC just all right, but has no DNS If I say I use SLAAC (managed=0) and want to provide DNS throught DHCPV6 (other=1) My Windows hosts uses SLAAC just all right, but still has no DNS : it performs no DHCPV6 request ...
by doctorrock
Thu May 24, 2018 12:30 am
Forum: General
Topic: Can't get DNSv6 from SLAAC
Replies: 27
Views: 5712

Re: Can't get DNSv6 from SLAAC

With SLAAC , it works
by doctorrock
Wed May 23, 2018 1:10 am
Forum: General
Topic: Can't get DNSv6 from SLAAC
Replies: 27
Views: 5712

Re: Can't get DNSv6 from SLAAC

I have the same configuration yes :-p
by doctorrock
Mon May 21, 2018 5:02 pm
Forum: General
Topic: Can't get DNSv6 from SLAAC
Replies: 27
Views: 5712

Re: Can't get DNSv6 from SLAAC

That's what I do , but my Windows client asks for an address , even if I say that I use SLAAC. And it won't get an adress through DHCP , thus it stucks at renewing its IPV6.

Windows 8.1 is the target.
by doctorrock
Sun May 20, 2018 11:21 pm
Forum: General
Topic: Can't get DNSv6 from SLAAC
Replies: 27
Views: 5712

Re: Can't get DNSv6 from SLAAC

Strange, doesn't work for me. I get in the mkt logs "handling only prefix delegation discarding" , Mkt seems to only delegate prefix through DHCP, no IA for single stations. I can't make DHCPV6-server work for hosts (tried Windows host) , and I can't make DNS pass through DHCP for Windows ...
by doctorrock
Mon Sep 04, 2017 9:44 pm
Forum: Announcements
Topic: v6.40.3 [current]
Replies: 95
Views: 33318

Re: v6.40.3 [current]

Hi. What about OVPN stopping to work in 6.40.3 ? I made some investigations, and have my OVPN work back now. OVPN clients on PC log that certificate expired, which obviously is not true (worked in 6.40.2 , as a reminder. And certificates dates are OK, obviously). To make them work again, I had to se...
by doctorrock
Sat Sep 02, 2017 9:46 pm
Forum: Announcements
Topic: v6.40.3 [current]
Replies: 95
Views: 33318

Re: v6.40.3 [current]

Hi, after upgrading, I can't connect my OVPN tunnels any more. It says "TLS failed" in log messages. From 6.40.2 (client) to 6.40.3 (server) and from 6.40.3 (client) to 6.40.3 (server) , impossible. I'm OVPN server with CCR1009-7G-1C-1S+ and got different ROS clients , one being a 2011UAS-...
by doctorrock
Sun Apr 02, 2017 10:04 pm
Forum: General
Topic: ECMP with RouterOS' DNS bug ?
Replies: 19
Views: 2743

Re: ECMP with RouterOS' DNS bug ?

The prefer-source is only set on connected routes, not on any static one.
by doctorrock
Sun Apr 02, 2017 5:58 pm
Forum: General
Topic: ECMP with RouterOS' DNS bug ?
Replies: 19
Views: 2743

Re: ECMP with RouterOS' DNS bug ?

Another torch here that seems to show a problem.

Requests from ROS (output) select an interface to get out, but don't select the right source IP.

Aka, I can see DNS requests from ROS leaving from WAN1 , but having as source IP the one of WAN2 , and opposite.

Pretty strange.
by doctorrock
Thu Mar 23, 2017 1:18 am
Forum: General
Topic: ECMP with RouterOS' DNS bug ?
Replies: 19
Views: 2743

Re: ECMP with RouterOS' DNS bug ?

Packets are already masqueraded when they leave using a private src-addr , so they get translated
by doctorrock
Sat Mar 18, 2017 10:57 pm
Forum: General
Topic: ECMP with RouterOS' DNS bug ?
Replies: 19
Views: 2743

Re: ECMP with RouterOS' DNS bug ?

My INPUT is correct because I can make it work by forcing DNS to bypass ECMP. Then all is right in such a case.

I have an Accept Established-related on INPUT.
by doctorrock
Sat Mar 18, 2017 5:31 pm
Forum: General
Topic: ECMP with RouterOS' DNS bug ?
Replies: 19
Views: 2743

Re: ECMP with RouterOS' DNS bug ?

You're right on this, I was just pointing out that there are scenarios (if you were to provide any service from the mikrotik router to the Internet, or dst-nat internal servers) where you need to keep track even on the output chain. Yes I know, I already did that for incoming traffic , to let the a...
by doctorrock
Fri Mar 17, 2017 7:10 pm
Forum: General
Topic: ECMP with RouterOS' DNS bug ?
Replies: 19
Views: 2743

Re: ECMP with RouterOS' DNS bug ?

mmmm , I still dont get it. In my case, RouterOS doesn't answer anyone. It doesn't answer an incoming request coming from WANs. It issues itself a DNS request to a DNS forwarder, using ECMP WANs as output So for this, it will output a packet to some DNS forwarder. This packet will be ECMP'ed , it wi...
by doctorrock
Fri Mar 17, 2017 4:05 pm
Forum: General
Topic: ECMP with RouterOS' DNS bug ?
Replies: 19
Views: 2743

Re: ECMP with RouterOS' DNS bug ?

No I did not. But the prefer source is filled-in for connected routes. Aka : flags dst addr gateway pref.source AS 0.0.0.0/0 1.2.3.4, 4.5.6.7 DAC 1.2.3.1/24 eth10 1.2.3.4 DAC 4.5.6.1/24 eth9 4.5.6.7
by doctorrock
Fri Mar 17, 2017 2:03 pm
Forum: General
Topic: ECMP with RouterOS' DNS bug ?
Replies: 19
Views: 2743

Re: ECMP with RouterOS' DNS bug ?

Traffic for input , needs mangle tracking , so that the answer takes the same route as the source packet. I agree , but this is not my actual problem. Why would it need some rules for output traffic ? Output traffic should just get generated, then be routed like any other traffic (forward traffic f....
by doctorrock
Fri Mar 17, 2017 12:15 pm
Forum: General
Topic: ECMP with RouterOS' DNS bug ?
Replies: 19
Views: 2743

Re: ECMP with RouterOS' DNS bug ?

No provider-locked DNS.
Only public ones as IPs , like 8.8.8.8 etc...
by doctorrock
Fri Mar 17, 2017 11:24 am
Forum: General
Topic: Feature Request: Multipath TCP
Replies: 17
Views: 6777

Re: Feature Request: Multipath TCP

Just adding a +1 to say that I would be delighted to see MPTCP support added to RouterOS.
by doctorrock
Fri Mar 17, 2017 11:22 am
Forum: General
Topic: ECMP with RouterOS' DNS bug ?
Replies: 19
Views: 2743

ECMP with RouterOS' DNS bug ?

Hi everyone. I experimented ECMP yesterday, and I think I did hit a bug in RouterOS. The setup is really simple. I'm talking IPV4 here. I got 2 ISP , so I added one default 0.0.0.0 route with two gateways. src-NAT at the end, and we are done. Manual add as static routes, no routing protocol involved...