MikroTik

Hominidae

...I have a set of about 8-10 Tasmota devices running fine in a network with 2 cAP-ac, separate "IoT"-SSID on a VLAN...capsman runs on a RB4011....no problems at all. What version of tasmota are you running? Only since the later 8.x and now 9.1 I see the devices connection status return be...

Hominidae

...thanks, so no HW-NAT.....that sort of explains the recommendations for a beefy CPU.

Hominidae

...try this; create a rule with action = log with the connection state set to an appropriate value you wish to track

Hominidae

....indeed, there will be a few VLANs active, but mainly only 1 will be used with inter-VLAN routing (holding common resources as printers and the like for users in the other two VLANs and anything better than 100Mbps wil be fine here). I am more concerned about access from the other 2 VLANs (for wh...

Hominidae

...all required parts combined, the RB450Gx4 is only 25% cheaper, from a good, reputable source than the RB4100 (which I already have in use, hence already knowing what it can do).

Hominidae

...many thanks for your fast response!

Looks like that RB450 variant comes with the same CPU and performance test results as the hap-ac2, but with much more RAM...which, economically doubles its retail price in comparison (adding enclosure and power supply).

Hominidae

Hi Folks & merry X-Mas to you all, I am looking for a router that will be able to sustain 1Gbps towards ISP connection, hence including enabled NAT/masquerading,., while on LAN side hostinbg a smaller set (approx 5) VLANs, where two of these will be simultaneously allocate bandwidth towards the ...

Hominidae

...no problems here after upgrading 24hrs ago, for

- RB4011, running capsman
- CRS326-24G-2S+-RM, including bond-Interface, VLANs and SFP+ (AOC connect to RB4011)
- cAP-ac

Hominidae

+1 ...

Hominidae

...if you are on a budget, consider the following: - check out this switch: https://mikrotik.com/product/RB260GSP (only 5+1-SFP ports but all passive PoE, good enough for MT CAP-ac) - why using a hap-ac2, a router with WiFi, if you can on run 3x cap-ac devices in a 3 story building, with optimal pla...

Hominidae

...I'd use a different VLAN for each SSID. Works for me on the same datapath/bridge....the setting is done in CAPsMAN -> Configuration for each SSID.
Each VLAN needs to be set-up in the main Router (and/or switches) as well, of course.

Hominidae

It's just about the STP on the AP-bridge.

interesting find, but how do you go about that, when the CAP is manged with CAPsman?
Modifying the local bridge in the AP is not OK,.as the bridge gets declared/created from the datapath setting in CAPSman, isn´t it?

Hominidae

I just received a RB4011iGS+RM ... the extra sticker on the package said "RB4011iGS+RM - new" and under System - Routerboard, the dialoge states "Revision: r2". Shipped with Firmware revision "6.45.9 stable" ...will monitor closely and report how this thing will perfor...

Hominidae

...hmmm, maybe not important in this topic, but what is the difference between "factory-firmware" and "factory-software" ?

Nevertheless, my RB4011 carries the revision info in its hardware (routerboard) firmware/config.

Hominidae

...this is from my new device: [admin@MT-RB4911] /system routerboard> print routerboard: yes model: RB4011iGS+ revision: r2 serial-number: D4480C22538F firmware-type: al2 factory-firmware: 6.45.9 current-firmware: 6.45.9 upgrade-firmware: 6.45.9 Edit: /system/resource states a different version of f...

Hominidae

I just received a RB4011iGS+RM ... the extra sticker on the package said "RB4011iGS+RM - new" and under System - Routerboard, the dialoge states "Revision: r2". Be really interesting to see some internal pics. We could compare with rev1 and see what any visible differences could...

Hominidae

I just received a RB4011iGS+RM ... the extra sticker on the package said "RB4011iGS+RM - new" and under System - Routerboard, the dialoge states "Revision: r2". Shipped with Firmware revision "6.45.9 stable" ...will monitor closely and report how this thing will perform...

Hominidae

OK, thank you very much for your fast response! That's what I thought, too..I already have a 16-port 802.3af/at injector in my cabinet, but it is not able to offer passive PoE. Being in need for a new switch, I thought of getting the CRS328 (also getting some more load on its PSU in order to boost o...

Hominidae

I wonder if it is possible to power a RB4011 via POE-Out from a CRS328-24P-4S+RM Accoring to specs, the RB4011 has the ability to be powered from passive POE-Input, which the CRS328-24P-4S+RM is able to provide. However, the RB4011 has an overall power consumption of up to 33W, while passive POE pro...

Hominidae

Most new china clones are fakes, as far as my personal experience is concerned. And I agree, using a quad-NIC in x1 means stretching it far....you can get a real i350AT Quad, like the one I am using, like "dirt cheap", pulled from an server via a respectable reseller at "the bay"...

Hominidae

I wouldn*t limit the problem to the chipset of the NIC. I am using an i350AT-Quad...this one from Fujitsu https://sp.ts.fujitsu.com/dmsp/Publications/public/ds-eth-ctrl-4x1Gbit-PCIe-x4-D3045-Cu.pdf However your mileage my vary, depending of Hypervisor and type of passthrough/virtualisation options u...

Hominidae

...with "CHR box", you do mean a VM, right?
Based on the capabilities of your Hypervisor, you can set CPU pinning for each VM.
Setting/allocating up to 4 cores/threads do definitely work for a CHR instance...didn't use more in my setups.

Hominidae

I have a CHR, based on KVM with NIC on passthrough (vt-d) that works already for years an a self-build system with I3-8100 and i310AT Quad-NIC. Now I purchased a mini PC with i5-6200U and 6x i211AT NICs...and no joy. :( Running KVM and NIC passthrough, along with using pfsense/opensense works flawle...

Hominidae

not quite sure what you are saying you did....I'd gather this would reset the config of the current (possibly not working firmware) only. You*ll have to activate the (old), backup firmware that is also present in the board, Read the extra "Note" below the instructions. RouterBOARD reset bu...

Hominidae

...did you try the method using the on-board backup RouterBOOT firmware? -> https://wiki.mikrotik.com/wiki/Manual:RouterBOOT

Hominidae

I am having the same problem as the OP. I am using a linux/KVM based system with vt-d/IOMMU to pass through the hardware NICs to a Router-VM, running CHR This is a system, that works already for years an a self-build system with I3-8100 and i310AT Quad-NIC. Now I purchased a mini PC with i5-6200U an...

Hominidae

at least the x86 Version and CHR do support the i350...running a CHR instance on KVM and passtrough (vt-d) of a i350 Quad (Model Fujitsu Quadport GBit Ethernet Adapter D3045-A1 GS11) since 1.5years

Hominidae

...just use a GRE tunnel on either side to connect to the remote public IP, add IPs of a third net (i.e., 192.168.111.x/24) to the GRE interfaces and add IP routes for your remote networks on either side, using the GRE interfaces/IPs as gateway. You can optionally enable ipsec on the GRE tunnels, if...

Hominidae

...use dynDNS...it's as simple as that.
Most likely your MikroTik Router has already registered a DNS with the mikrotik cloud . look under /ip/cloud in the router config....it'll change when the main WAN interface switches over.

Hominidae

AFAIK there is no TLS-Auth option in OpenVPN implementation with routeros.

IMHO without TLS-Auth the device is more vulnerable to DOS-Attacks, reducing availability of the service and consuming more resources.

Hominidae

Please don't ask for functional changes in this thread - it is only about CHR features! Running a reset with script for initial installation is already supported! Besides, a CHR comes up with blank config so you could have been more careful in the sequence of configuration (e.g. set the password be...

Hominidae

...the easiest way would be to have a dual-homed NAS.

Hominidae

....this is on my wishlist for CHR: - support for two-factor-authentication (for a roaming admin) on Web-UI - post-install script securing the router automatically (disable all services) ...the last time I installed a fresh CHR on a V-Server, the bots were faster than I was able to secure it (took t...

Hominidae

....aparently you are based in Germany when you are referring to 1and1....I am running several CHR on vservers at netcup without problems. The CHR image does not support SCSI drivers, but VIRTIO seems to be supported. With the provider I mentioned above, you can select/swap drivers for the hdd used ...

Search found 34 matches

Re: If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Re: Which router with NAT/Masquerading Performance > 1Gbps

Re: Firewall connections

Re: Which router with NAT/Masquerading Performance > 1Gbps

Re: Which router with NAT/Masquerading Performance > 1Gbps

Re: Which router with NAT/Masquerading Performance > 1Gbps

Which router with NAT/Masquerading Performance > 1Gbps

Re: v6.48 [stable] is released!

Re: Successor to CRS210-8G-2S+ desktop switch?

Re: MikroTik recommendation for simple home network

Re: Datapath

Re: Tip: Faster Roaming without STP

Re: RB4011 and RB1100 AHx4 "bricks" randomly

Re: RB4011 and RB1100 AHx4 "bricks" randomly

Re: RB4011 and RB1100 AHx4 "bricks" randomly

Re: RB4011 and RB1100 AHx4 "bricks" randomly

Re: RB4011 and RB1100 AHx4 "bricks" randomly

Re: power RB4011 via POE from CRS328-24P-4S+RM?

power RB4011 via POE from CRS328-24P-4S+RM?

Re: Any Quad pcie nic that works for passthrough?

Re: Any Quad pcie nic that works for passthrough?

Re: CHR does not support more than two cores, is this true?

CHR: pls update/backport intel igb drivers to more recent version

Re: cAPac and wAPac bricked?

Re: cAPac and wAPac bricked?

Re: Mini PC With Intel nic I211AT

Re: intel i350 ether

Re: mikrotik router joining two subnets

Re: how to create 1 public IP on 2WAN setup

Re: OpenVPN only without static key

Re: CHR feature requests

Re: accessing NAS from behind mikrotik router

Re: CHR feature requests

Re: Hosting Mikrotik in the Cloud