OK, no firewall filter rules at all so VRRP packets from the other router can definitely get in if they make it through the LAN.Here are the two test routers I have set up.
We finally made it work. What's your current issue with that setup, and what do you need to achieve besides the basic load distribution?How did it end up going?
I forgot again that you cannot set MSS in prerouting or input, so yes, might make sense to set it in output on the CHR as well. The most likely bottleneck is the ISP end of the PPPoE tunnel so it should not be necessary to do that, but who knows.I'm not using any mangling on CHR side tho
The thing is that the choice between R10 and R11 is random, so the fact that your certificate is signed using R10 doesn't mean that @josephny's one will be too; actually, it even doesn't mean that your next one will be signed using R10.I try it on my Mikrotik router using your script:
Look at viewtopic.php?p=980927#p980927Have supout bug reports been sent to MT, on these issues??
Given the above, I agree with the below.for the last 2-3 years ap has been running from a poe switch and I have tried changing ports and using with the adapter and power supply from the kit and the behaviour persists.
Well, it seems it's time to switch to ax
The topic, please. This one is not the right place for discussing this, create a new one.What else should I change?
If the intention is to get the same behavior like a single VLAN-aware hardware switch, then yes.Is my statement (at high level) correct?
Set the level of all the policies you've added to unique. If that does not help, post the configuration exports from both devices.If I configured more that one subnet on the polices and the nat settings, but only one subnet has communication end to end.
Somehow there is an IPv6 DNS query that got responded in the sniff above... so I wonder what the mode setting is actually worthIn easy things to try... setting the mode to "IPv4" instead "auto" in the APN is worth a shot.
Here's why and how.how can i get the configurtaion ?
/interface/wireguard/peers/print detail shows items like current-endpoint-address, current-endpoint-port, rx, tx, last-handshake.how can i check if the wireguard connection was working ?