Community discussions

MikroTik App

Search found 91 matches

by emunt6
Tue Mar 12, 2024 12:47 pm
Forum: Virtualization
Topic: SR-IOV with CHR - What hypervisors are you using ?
Replies: 22
Views: 2068

Re: SR-IOV with CHR - What hypervisors are you using ?

If you're not using the vSphere HA stuff (like vMotion etc)... then it should be easy to switch away from VMWare. Personally, I really only use snapshot feature in ESXi to be able to rollback something. I've used ESXi for, well, decades. But just not much value VMWare at those prices & the &quo...
by emunt6
Tue Mar 12, 2024 12:17 pm
Forum: Virtualization
Topic: SR-IOV with CHR - What hypervisors are you using ?
Replies: 22
Views: 2068

Re: SR-IOV with CHR - What hypervisors are you using ?

Btw, here is the new Broadcom VMware licensing model for those unlucky ones who lack the original perpetual licenses. "Foundation" is needed to enable SR-IOV, DirektPath (PCI Passthroug) etc. A one-year subscription is about 40% more expensive. VMware lic.jpg You miss something: 16core/so...
by emunt6
Sat Mar 02, 2024 7:35 pm
Forum: Announcements
Topic: v7.14.1 [stable] is released!
Replies: 418
Views: 68822

Re: v7.14 [stable] is released!

Warning! CCR2004-pcie doesn't come back after upgrade. it's crazy what You do at mikrotik, to release fw *STABLE* that bricks cloud core unit. looks like boot-loop. HOW to get it working back on remote location!??? This is the exact reason why Mikrotik need implement OOB (Out of Band Management - I...
by emunt6
Thu Feb 22, 2024 12:13 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 427
Views: 120571

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

Is it the fact that the 24 ports are arm, and this one is not? It's a sick joke from Mikrotik guys: https://mikrotik.com/product/crs354_48p_4s_2q_rm CPU: QCA9531 (MIPSBE) Switch chip model: 98DX3257 Size of RAM: 64 MB Storage size: 16 MB https://mikrotik.com/product/crs328_24p_4s_rm CPU: 98DX3236 (...
by emunt6
Wed Feb 21, 2024 10:24 pm
Forum: General
Topic: PPPoE over vlan [SOLVED]
Replies: 6
Views: 746

Re: PPPoE over vlan [SOLVED]

Hi! Simple, use MACVLAN: https://help.mikrotik.com/docs/display/ROS/MACVLAN So, you need to add "virtual interfaces" on ether1-port, so this add "clone" interfaces the physical interface, thus you can "reuse" (you can add as may as you want) - the system will see this v...
by emunt6
Sun Feb 18, 2024 11:20 pm
Forum: Beginner Basics
Topic: Bridge filter rules not working
Replies: 26
Views: 1680

Re: Bridge filter rules not working

I'm having a problem with bridge rules on my L009 that is used as a switch. In my testing I wanted to block access for a device with some MAC address. I created rule, added option to log and when I connect device to ether6 for which I created rule to block that device, that device connects to netwo...
by emunt6
Sun Feb 18, 2024 10:48 pm
Forum: Beginner Basics
Topic: PPPoE authentication then passthrough to firewall
Replies: 2
Views: 275

Re: PPPoE authentication then passthrough to firewall

Hi, i was wounding how i could setup a mikrotik router running V7 to do the PPPoE authentication then pass the dynamic IP address onto a firewall, ie. ISP --> Mikrotik --> Firewall(watchguard) i have correctly configured PPPoE and see i get a IPv4 address, im just unsure how to pass the IP on. ive ...
by emunt6
Sun Jan 28, 2024 12:57 am
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624770

Re: Feature requests - CHR on Bare Metal for faster Network throughput

So , I ask ... Would Mikrotik please consider creating a CHR platform that can be installed on bare metal - and have drivers for 40-Gig, 100-Gig, 200-Gig and 400-Gig network cards -and- also include support for SR-IOV network interfaces? Let me explain, you start digging by hand you hit a rock, you...
by emunt6
Sun Dec 03, 2023 2:51 pm
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49139

Re: v7.13rc [testing] is released!

RouterOS version 7.13rc has been released on the "v7 testing" channel! Notice - Starting from RouterOS version 7.13, significant changes have been made to the RouterOS wireless packages. This is done due to a new product developemnt which will require more disk space for hardware drivers ...
by emunt6
Mon Nov 06, 2023 9:58 pm
Forum: RouterBOARD hardware
Topic: Mini PC with 2x 10G
Replies: 10
Views: 4192

Re: Mini PC with 2x 10G

Hello, Can somebody suggest me a mini PC that can support PPPOE 10G at full speed? I Need 2x 10g ports and some 1gbit ports PPPOE is CPU intensive task, if you get rid of the PPPOE you have plenty options. Mikrotik doesn't have hardware like you requested, look the CISCO ASR line ( example: CISCO A...
by emunt6
Sun Nov 05, 2023 12:46 am
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624770

Re: Feature requests

Feature request:
- SOC/ASIC Hardware accelerated multi-bridge/interface support
(example: Microchip SparX-5 / Marvell OCTEON TX2 CN9670 + RouterOS)
by emunt6
Sun Nov 05, 2023 12:44 am
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624770

Re: Feature requests

Add Support for "Virtual Interfaces" -MACVLAN -IPVLAN More info https://developers.redhat.com/blog/2018/10/22/introduction-to-linux-interfaces-for-virtual-networking +2, a little rediculous that RouterOS doesn't already have this. Finally What's new in 7.12rc1 (2023-Oct-05 08:46): *) inte...
by emunt6
Fri Nov 03, 2023 7:34 pm
Forum: General
Topic: KNOT Modbus TCP/RTU gateway bug
Replies: 1
Views: 1028

Re: KNOT Modbus TCP/RTU gateway bug

Hi! Just a question: - Why not using "Serial To IP" Converters over pure Ethernet/IP network? The Converters connected to the industrial grade switches, thus building pure Ethernet/IP network (ring/star topology). The "Virtual" COM-port emulation for the legacy application is not...
by emunt6
Wed Sep 27, 2023 1:39 am
Forum: Beginner Basics
Topic: Redundant L2 and L3 with MLAG and VRRP
Replies: 2
Views: 1212

Re: Redundant L2 and L3 with MLAG and VRRP

The only drawbacks is the NAT - session table doesn't get sync between the routers - Mikrotik does not have this feature ( HA mode / cluster-mode ),
so the "hitless switchover" not possible, there will be always some "connect/reconnect" event.
by emunt6
Sun Sep 24, 2023 4:17 pm
Forum: Beginner Basics
Topic: 32bit OS on 64bit CPU architecture?
Replies: 16
Views: 2768

Re: 32bit OS on 64bit CPU architecture?

Like I said, the lack of RAM is not a problem. There is no benefit for device with only 512MB RAM. You need 2GB to feel any difference. 64Bit OS takes up more space and can be even slower if you only have 512MB The 32bit systems "vulnerability" is the "2038 year problem - Y2K38"...
by emunt6
Sat Sep 16, 2023 4:43 pm
Forum: Beginner Basics
Topic: VLAN for second IP from ISP
Replies: 3
Views: 1697

Re: VLAN for second IP from ISP

Hi! There are multiple methods to this "bridge + vlan filltering" or "interface-vlan + bridge" You need the 2nd method to correctly work with your ISP. 1x Physical cable: > VLAN 1 = default vlan , untagged > VLAN 338 = SIP-TRUNK Do the following: /interface vlan add name=eth1-vla...
by emunt6
Sat Sep 16, 2023 4:27 pm
Forum: Beginner Basics
Topic: LEOX LXT-010S-H SFP GPON
Replies: 10
Views: 3820

Re: LEOX LXT-010S-H SFP GPON

The "IGMP Snooping" feature is required on Mikrotik side to work this setup correctly ( just a few device supports this ).
( simply saying: ISP side port Multicast-streams -IPTV- "redirecting" to VLANs )

https://help.mikrotik.com/docs/pages/vi ... getreemode
by emunt6
Sat Sep 16, 2023 4:19 pm
Forum: Beginner Basics
Topic: Mikrotik IPTV VLAN IGMP configuration
Replies: 27
Views: 4884

Re: Mikrotik IPTV VLAN IGMP configuration

Half baked Solution will not work for others. The "IGMP Snooping" feature is required on Mikrotik side to work this setup correctly ( just a few device supports this ). ( simply saying: ISP side port Multicast-streams -IPTV- "redirecting" to VLANs ) https://help.mikrotik.com/docs...
by emunt6
Sat Sep 16, 2023 3:54 pm
Forum: Beginner Basics
Topic: No 802.3ad response from the link partner for any adapters in the bond - HAP AX3
Replies: 1
Views: 1976

Re: No 802.3ad response from the link partner for any adapters in the bond - HAP AX3

Hi! /etc/network/interfaces auto bond0 iface bond0 inet manual bond-primary enp10s0 bond-slaves enp10s0 enp9s0 bond-miimon 100 bond-mode 802.3ad bond-xmit-hash-policy layer2+3 Can you check the contents of the following? cat /proc/net/bonding/bond0 Even if you get links, this Mikrotik device doesn't...
by emunt6
Fri Sep 15, 2023 1:39 am
Forum: General
Topic: CRS326 loop-protect with pvid != 1 and VLAN filtering
Replies: 18
Views: 5220

Re: CRS326 loop-protect with pvid != 1 and VLAN filtering

I'm currently looking for loop protect in Mikrotik. I'm using RouterOs v7.11.2 ; model RB1100AHx4 I have one bridge and 3 VLANs. Loop protect in the /interface/vlan does not blocked or ...wrong blocked. I plugged 1st LAN cable to switch and then 2nd to the same switch for VLAN 101. I have loop prot...
by emunt6
Sat Aug 12, 2023 1:41 am
Forum: General
Topic: RouterOS bridge mysteries explained
Replies: 86
Views: 26139

Re: RouterOS bridge mysteries explained

Although I understand how to configure bridges correctly to ensure: 1. Zero performance problems 2. FastPath/FastForward 3. Hardware offloading 4. CPU usage close to 0% for inter-VLAN switching/routing Can someone explain why MikroTik is the ONLY networking vendor that requires a bridge to accompli...
by emunt6
Sat Aug 12, 2023 1:10 am
Forum: General
Topic: Downgrade To LongTerm
Replies: 24
Views: 3239

Re: Downgrade To LongTerm

I know about Downgrading RouterOS . But i have all infrastructure on LongTerm & bought new device rb4011igs_rm for new point with factory 7.8 I am not ready grade infrastructure to 7.x && don`t wan testing problems using different firmware/software... Maybe possible make downgrade witho...
by emunt6
Sat Aug 12, 2023 12:52 am
Forum: General
Topic: Year 2038 problem (32 bits)
Replies: 21
Views: 2704

Re: Year 2038 problem (32 bits)

It will be fixed with a Linux kernel update.
Its already fixed long time ago. You need 64bit CPU and 64bit OS.
The other thing, many network equipment doesn't have RTC clock hardware, simply garbage.
by emunt6
Sat Jul 15, 2023 2:41 am
Forum: General
Topic: ERSPAN with GRE-tunnel
Replies: 2
Views: 558

ERSPAN with GRE-tunnel

Hi! Does RouterOS 7.x series supports some kind of "ERSPAN"? ERSPAN (Encapsulated Remote Switching Port Analyzer) - Sending "raw port-mirrorred traffic" over GRE-tunnel to remote-endpoint Example in Cisco Nexus - Reference switch(config-erspan-src)# monitor session 1 type erspan-...
by emunt6
Sat May 27, 2023 5:52 pm
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624770

Re: Feature requests

OOB interface:
> IPMI/Redfish - management (no more "Netinstall")

https://www.dmtf.org/standards/redfish
by emunt6
Thu May 11, 2023 12:28 am
Forum: General
Topic: VRRP and ISP Failover
Replies: 131
Views: 8158

Re: VRRP and ISP Failover

Hi! The solution for your problem is 2 router with the same configuration, when 1st is down, the 2nd will take over (or vice versa). Other topology just causes complexity. You can do the traffic selection using "fwmark" which gateway to use. There is another drawback which is currently lac...
by emunt6
Sat Apr 29, 2023 1:54 pm
Forum: RouterOS beta
Topic: Feature Request - NAT64/DNS64 CGN
Replies: 27
Views: 21615

Re: Feature Request - NAT64/DNS64 CGN

i'm looking for something simple, example: iptables -t nat -A PREROUTING -d <ipv4> -j DNAT <ipv6> iptables -t nat -A POSTROUTING -s <ipv6> -j SNAT <ipv4> For what it's worth, when you translate between IP versions, then both source and destination address have to be translated in some way (usually ...
by emunt6
Thu Mar 23, 2023 12:26 am
Forum: General
Topic: CRS3XX and Cisco Links
Replies: 2
Views: 389

Re: CRS3XX and Cisco Links

HI!

Change the following on the Cisco ports:
interface gi1/0/x
switchport mode trunk
switchport trunk nonegotiate
switchport trunk encapsulation dot1q 
by emunt6
Sun Mar 19, 2023 10:21 pm
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 40
Views: 18272

Re: 802.1AE MACsec Progress or Examples ?

Da mein Status auf den Mikrotik Routern "open-encrypted" anzeigt vermute ich, das meine Konfiguration LAN MACSec konform. Ich wollte dieses nun bestärtigt wissen und gleichzeitig nachfragen was ich konfigurieren müsste um den WAN Mode zu bekommen. Danke und Gruß Marco okay. also natively ...
by emunt6
Sun Mar 19, 2023 7:33 pm
Forum: RouterOS beta
Topic: VxLAN example configuration
Replies: 19
Views: 34760

Re: VxLAN example configuration

Here is a blog post I did with a VxLAN lab in EVE-NG between 3 routers and 3 linux servers: The blog and configurations are available here: https://stubarea51.net/2020/02/15/mikro ... ook-vxlan/ https://stubarea51.net/wp-content/uploads/2020/02/VxLAN-EVE.png The article forgot to mention some key p...
by emunt6
Sun Mar 19, 2023 6:49 pm
Forum: RouterOS beta
Topic: Using WifiWave2 to bridge two Audience wirelessly, thoughts? == 4-address mode
Replies: 56
Views: 22700

Re: Using WifiWave2 to bridge two Audience wirelessly, thoughts? == 4-address mode

https://help.mikrotik.com/docs/display/ROS/WifiWave2 Lost features The following notable features of the bundled wireless package do not yet have equivalents in the wifiwave2 package Station-bridging or other 4-address modes Nstreme and Nv2 wireless protocols Your only option left, change firmware t...
by emunt6
Sat Mar 18, 2023 2:48 am
Forum: Beginner Basics
Topic: QSFP Bonding
Replies: 17
Views: 2452

Re: QSFP Bonding

I have the same issue but with a CCR2216. The QSFP28 are represented as 4 separate interfaces. Using a DAC 100G cable between 2 mikrotiks, the negotiation show 100G but the bandwidth test only passed 12G. Not even 40G. I try with a bundle adding all the interfaces qspf28 but still down. Only the fi...
by emunt6
Sat Mar 18, 2023 2:25 am
Forum: Beginner Basics
Topic: Can't get source NAT to work
Replies: 3
Views: 871

Re: Can't get source NAT to work

Hi!
You configured the WAN addresses on multiple different ethernet interfaces, however your "WAN link" -probably- using only ONE interface.
You need to setup one WAN interface and add every IP addresses to that interface ( you can use bridge/vlan interface for that ).
by emunt6
Sat Mar 18, 2023 2:00 am
Forum: Beginner Basics
Topic: CCR2216-1G-12XS-2XQ QSPF28 connection [SOLVED]
Replies: 5
Views: 2066

Re: CCR2216-1G-12XS-2XQ QSPF28 connection [SOLVED]

Hi! When you connected the qsfp-to-qsfp cable, did you to set the speed manually on both sides ? ( DELL/Mikrotik: 1x100G duplex, autoneg off, ) ( Static settings maybe work to get link ) Cable test: -When you connect the 2xQSFP ports together ( loopback ) locally on Mikrotik, did you get any link? -...
by emunt6
Wed Mar 15, 2023 2:45 am
Forum: General
Topic: WireGuard and placing a client on the LAN segment of my network
Replies: 34
Views: 4334

Re: WireGuard and placing a client on the LAN segment of my network

Another option: -Does the OpenVPN in ROSv7 supports "bridge-mode" ? If yes, then you can use to solve the problem ( the remote client directly bridged to the LAN network - pure L2 connectivity just like "bridge-to-lan" in WIFI ). If no, then you need a small PC that running OpenV...
by emunt6
Fri Mar 03, 2023 2:00 am
Forum: General
Topic: MLAG Issue - MLAG functionality flaps LACP system-id of secondary when primary reboots
Replies: 15
Views: 6028

Re: MLAG Issue - MLAG functionality flaps LACP system-id of secondary when primary reboots

Hi!
As a workaround, can you use the "static-LAG = bonding+balance-rr" ?
/interface bonding add name=bond0 slaves=ether1,ether2 mode=balance-rr
by emunt6
Fri Mar 03, 2023 1:01 am
Forum: RouterOS beta
Topic: v7 and BFD, any ETA?
Replies: 148
Views: 26290

Re: v7 and BFD, any ETA?

What about Latency and Jitter ?
This is not possible to measure/solve with "in-band".
by emunt6
Fri Mar 03, 2023 12:49 am
Forum: RouterOS beta
Topic: v7 and BFD, any ETA?
Replies: 148
Views: 26290

Re: v7 and BFD, any ETA?

I'm just curious. Why do you want to monitor the link/circuit using software based "in-band" solution? The answer is the hardware based "out-band" link/circuit monitoring. This means, the "monitoring" is an underlay L1 hardware, top of it the "network" ( route...
by emunt6
Thu Mar 02, 2023 11:30 pm
Forum: Announcements
Topic: Newsletter 111
Replies: 24
Views: 19510

Re: Newsletter 111

Is there any plan to add CF-card slot for secondary storage?
(or you planning to keep 16MB flash storage :D)
by emunt6
Sat Feb 25, 2023 6:04 pm
Forum: General
Topic: Error in log: Detected conflict by arp response [SOLVED]
Replies: 8
Views: 42027

Re: Error in log: Detected conflict by arp response [SOLVED]

What would cause such a pattern of behaviors? There are many options: -Some device using "Proxy ARP" function -Hypervisor HOST/Guest-VM using "Proxy ARP" function -Misconfigured machine "bridged ethernet card" -Attacker ARP spoofing / Man-in-middle - Rough device -Swit...
by emunt6
Sat Feb 25, 2023 4:42 pm
Forum: General
Topic: CRS326-24S+2Q+ : 100% CPU utilization bridging when a port goes up or down
Replies: 10
Views: 1860

Re: CRS326-24S+2Q+ : 100% CPU utilization bridging when a port goes up or down

Hi! Try the following: "vlan-ids=7-4094" replace "vlan-ids=4095" The id 4095 is the "trunk" but i don't think it is needed to configure this way, There is a better solution would be the following: /interface add bridge=bridge-main vlan-filering=yes /interface bridge por...
by emunt6
Sat Dec 31, 2022 2:04 am
Forum: Forwarding Protocols
Topic: IEEE1588 PTPv2 support for CRS317
Replies: 24
Views: 82589

Re: IEEE1588 PTPv2 support for CRS317

It is possible with extra SFP-modul:
> OSA 5401 - Small form-factor pluggable (SFP) GNSS receiver and PTP grandmaster clock.
by emunt6
Wed Dec 28, 2022 1:49 pm
Forum: Announcements
Topic: v7.6 [stable] is released!
Replies: 279
Views: 141849

Re: v7.6 [stable] is released!

*) macsec -
Is there any documentation about it?

Questions:
- MKA support (MACsec Key Agreement protocol) ?
- Topology support ( point-to-point , point-to-multipoint aka WAN MACSEC ) ?
- Performance (GCM-AES-128 / GCM-AES-256 / GCM-AES-XPN-128 / GCM-AES-XPN-256 )?
- Hardware support ?

Thx.
by emunt6
Thu Oct 27, 2022 1:32 am
Forum: General
Topic: Best Hardware for MPLS Networking
Replies: 14
Views: 1614

Re: Best Hardware for MPLS Networking

Moderator note: last time removed ads of other brands.
by emunt6
Wed Oct 26, 2022 9:50 pm
Forum: RouterOS beta
Topic: Feature Request: VRF bindings
Replies: 5
Views: 3141

Re: Feature Request: VRF bindings

Bump. I see we have the following per: https://help.mikrotik.com/docs/display/ROS/Routing+Protocol+Overview telnet, ssh, api, www services can be set to listen on specific VRF But we still need management VRF support for polling SNMP when the management IP is in a VRF and we want to query it for SN...
by emunt6
Tue Oct 25, 2022 2:42 am
Forum: General
Topic: QinQ from CHR on Vmware with ethertype swap
Replies: 12
Views: 1206

Re: QinQ from CHR on Vmware with ethertype swap

vmware esxi does not support QinQ.
The portgroup "vlan id 4095" as buggy as hell (some traffic will not arrive as it should be).
by emunt6
Sat Sep 24, 2022 11:33 pm
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624770

Re: Feature requests

Hardware request:
- DIN rail mounted 12port switch ( 8x1G RJ45 + 4x1G/10G SFP )
- Ethernet Ring Protection Switching (ERPS G8032 v2 )
- MACSEC
- dual power input
- industrial hardened (-40 to +70 C) environment
- virtual chassis
by emunt6
Sat Sep 24, 2022 5:12 pm
Forum: General
Topic: How local traffic can jump throught NAT ?
Replies: 4
Views: 674

Re: How local traffic can jump throught NAT ?

/ip firewall filter add action=accept chain=forward This rule allow traffic going trough between interfaces, unless you make some rule that block it. You can fix that, last rule needs to be DROP. /ip firewall filter add action=accept chain=forward src-ip=10.10.0.0/16 /ip firewall filter add action=...
by emunt6
Sat Sep 24, 2022 12:38 pm
Forum: General
Topic: Switch CRS112-8P-4S as a media converter [SOLVED]
Replies: 42
Views: 4141

Re: Switch CRS112-8P-4S as a media converter [SOLVED]

Hi! 1., On the "CRS112-8P-4S" side: > br-ISP1 member SFP-9, eth1 > br-ISP2 member SFP-10, eth2 > br-LAN member eth3 > Add ip address to "br-LAN" interface "172.22.0.X" On this side, the interfaces in the different bridges - it will not forward any packet between the bri...
by emunt6
Mon Aug 01, 2022 1:15 am
Forum: RouterOS beta
Topic: v7 inter VRF route leak doesn't work for local IPs
Replies: 38
Views: 12306

Re: v7 inter VRF route leak doesn't work for local IPs

Thank you, why would routes exchanged by BGP work and static ones not ? VRF needs "physical/loopback" interface to make the "transit" to work. I checked the "RouterOS 6.x" what vrf implementation had, that was "bunch of hacks/route-marking" as it seemed like ...
by emunt6
Sun Jul 31, 2022 2:57 pm
Forum: RouterOS beta
Topic: Feature Request - NAT64/DNS64 CGN
Replies: 27
Views: 21615

Re: Feature Request - NAT64/DNS64 CGN

Is there any update on this ? I'm looking for something "usable", but I couldn't find any. I tried "jool", but not suited for my task, prefer something like "integrated" - not something like "kernel hacks/mods". i'm looking for something simple, example: iptab...
by emunt6
Sun Jul 31, 2022 2:31 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 427
Views: 120571

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

You can use the "smaller brother 24Gig+4TenGig " ( CRS328-24P-4S+RM ) - it doesn't have this port/CPU problem.
The price is skyrocketed :O
by emunt6
Sun Jul 31, 2022 2:11 am
Forum: General
Topic: Firewall filter and VRF
Replies: 12
Views: 2394

Re: Firewall filter and VRF

I can see how it can be useful to have simple way how to select some interfaces and have separate routing for them. Almost like separate routers. Or to have some services on router available only in some of these separate areas. That's all fine. But then I have same problem as you do. With things n...
by emunt6
Sun Jul 31, 2022 1:42 am
Forum: General
Topic: Mikrotik devices and UPS / NUT ?
Replies: 5
Views: 2121

Re: Mikrotik devices and UPS / NUT ?

HI!

Use proper UPS device that has IP-card ( LAN connection ), other options just real pain (USB/RS232).
There are tons of option on the IP-card for doing shutdown/restart/poweron based on triggers.
by emunt6
Sun Jul 31, 2022 12:56 am
Forum: General
Topic: understanding and fixing MTU/MSS/PMTU with IPsec
Replies: 36
Views: 40321

Re: understanding and fixing MTU/MSS/PMTU with IPsec

HI! Maybe some of you will be help: Under Linux the following solves the PMTU problem: /etc/sysctl.conf -------------------------------------------------------- net.ipv4.ip_no_pmtu_disc = 1 -------------------------------------------------------- iptables -t filter -A INPUT --fragment -j ACCEPT ipta...
by emunt6
Sat Jul 30, 2022 7:44 pm
Forum: General
Topic: MSTP root port discarding when edge port status changes
Replies: 6
Views: 2213

Re: MSTP root port discarding when edge port status changes

Hi! MSTI 0 ( instance 0 ) only need vlan "1" - so you need to separate - this is for interoperability. Other instances you can map as you want, other switches priority doesn't need to change from default value ( priority 32768 ). Example: instance 0 vlan: 1 instance 1 vlan: 2,3,4,5,6,7,8,9...
by emunt6
Thu Jun 30, 2022 8:41 pm
Forum: General
Topic: Spanning Tree question with Cisco 3750x and CRS326-24+
Replies: 2
Views: 435

Re: Spanning Tree question with Cisco 3750x and CRS326-24+

I was just messing around here in the lab and I have a ten gig link and 1 gig link both going to the same switch and for some reason it has decided to block the 10 gig link and forward on the 1 gig link. I thought that the 10 gig negotiation would of automatically cause the root port to be the 10 g...
by emunt6
Sat Jun 11, 2022 5:46 pm
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624770

Re: Feature requests

Add Support for "Virtual Interfaces"
-MACVLAN
-IPVLAN

More info
https://developers.redhat.com/blog/2018 ... networking
by emunt6
Sat Jun 11, 2022 5:17 pm
Forum: General
Topic: src-nat stops working after some time
Replies: 35
Views: 3811

Re: src-nat stops working after some time

Hi! This is a normal behavior like in Linux: > If you have an interface (eth1) with multiple addresses the first assigned address will be the default ( Example: "arp response srcip=first-assigned-ip"- even if it was request for 2nd ip arp) - You cannot change this behavior - You can add so...
by emunt6
Sun Feb 27, 2022 2:49 pm
Forum: General
Topic: [Feature Request] Use eBPF/XDP in the back-end of RouterOS
Replies: 3
Views: 1456

Re: [Feature Request] Use eBPF/XDP in the back-end of RouterOS

RouterOS can keep the current iptables-like syntax on the front-end, but the back-end should be using eBPF/XDP to do the actual work, something like this: https://polycube.readthedocs.io/en/latest/components/iptables/pcn-iptables.html I reckon all MikroTik devices would get doubled if not tripled o...
by emunt6
Sun Jan 16, 2022 4:14 pm
Forum: General
Topic: CRS109 VLANS issue - untagged are tagged
Replies: 3
Views: 3366

Re: CRS109 VLANS issue - untagged are tagged

Hi! This switch doesn't have a "real" switch-chip (CRS109 switch-ASIC: Qualcomm QCA-XXX) like the other CRS switches (CRS3xx: switch-ASIC: marvell dx ), so the "bridge-filter" will not work. Your configuration is not wrong, but your device physically cannot do what you asking fro...
by emunt6
Sun Jan 16, 2022 3:41 pm
Forum: General
Topic: Simple VLAN config doesn't work on a virtualized x86 routeros
Replies: 3
Views: 3067

Re: Simple VLAN config doesn't work on a virtualized x86 routeros

Hi!

This workaround maybe helps you,
Create a bridge interface and assign the vlan interface to it, use the bridge interface for the pppoe service.
( The bridge interface dont need any filtering, pvid, ... simple bridge ).

Example:
> bridge2
> member eth1.100

pppoe client interface=bridge2
by emunt6
Sun Jan 16, 2022 6:13 am
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624770

Re: Feature requests

Feature Request:
-ITU-T Y.1564 (EtherSAM) - in hardware implementation
> Throughput, Latency, Frame Loss, Back-to-Back

Maybe, the RouterOS v10 is came out :)
by emunt6
Sun Jan 16, 2022 5:48 am
Forum: General
Topic: Mikrotik bridge nat, does not work with STP / RSTP packets.
Replies: 2
Views: 1432

Re: Mikrotik bridge nat, does not work with STP / RSTP packets.

HI!

I think thats not possible, this is a router ( L3 ) device not ( L2 ).

You need a separate non-Mikrotik switch/router for igmp-snooping ( multicast router ).
https://help.mikrotik.com/docs/pages/vi ... d=59277403
by emunt6
Sat Jan 15, 2022 6:31 pm
Forum: RouterBOARD hardware
Topic: The big CCR2004 reboot thread (was 2004 hardware issues?)
Replies: 458
Views: 146159

Re: The big CCR2004 reboot thread (was 2004 hardware issues?)

It depends on use cases: > BGP/OSPF with VRF: i will definetly go with ARISTA ( example: ARISTA DCS-7050QX-32S ) > 10G NAT: hard question ( example: Cisco 6504E + 2x Sup2T; Juniper MX240/MX480; HPE HSR6804 ) > 1k PPPOE BRAS - no idea You can find companies who offer used/refurbished hardware with s...
by emunt6
Mon Jan 03, 2022 5:19 pm
Forum: RouterOS beta
Topic: v7 inter VRF route leak doesn't work for local IPs
Replies: 38
Views: 12306

Re: v7 inter VRF route leak doesn't work for local IPs

HI! Thats normal, you can find more about: "linux namespace" If you want "interconnect" the VRF you have following options: - Physically connect the cable the to the Interfaces ( each interface is a different VRF, so need "link" ), - Exchange routes, assign each VRF to ...
by emunt6
Mon Jan 03, 2022 4:28 pm
Forum: RouterOS beta
Topic: Bridge filter rules do not work on RouterOS 7.x (7.0betaX, 7.1betaX, 7.1rcX) with CCR2004-1G-12S+2XS [SOLVED]
Replies: 5
Views: 9887

Re: Bridge filter rules do not work on RouterOS 7.x (7.0betaX, 7.1betaX, 7.1rcX) with CCR2004-1G-12S+2XS [SOLVED]

HI! As a workaround, you can try the "router-way" configuration ( you are using the "switch-way" configuration ). As I understand your WAN-link (sfp1) consists of: -internet ( untagged ) -SIP-TRUNK ( tagged vlan: 832 ) Router-way configuration is creating separate bridges for eac...
by emunt6
Tue Dec 14, 2021 2:06 am
Forum: RouterBOARD hardware
Topic: The big CCR2004 reboot thread (was 2004 hardware issues?)
Replies: 458
Views: 146159

Re: The big CCR2004 reboot thread (was 2004 hardware issues?)

CCR2004 trash hardware not usable in a professional network. What's the alternative? The equivalent Cisco would cost 100 times as much. It depends on use cases: > BGP/OSPF with VRF: i will definetly go with ARISTA ( example: ARISTA DCS-7050QX-32S ) > 10G NAT: hard question ( example: Cisco 6504E + ...
by emunt6
Tue Nov 23, 2021 11:25 pm
Forum: General
Topic: Autonegotiation issues between MikroTik switches and servers
Replies: 2
Views: 1184

Re: Autonegotiation issues between MikroTik switches and servers

Hi! Try the following: ( If the 1st is solve the problem, the 2nd one is not needed ) 1., Disable / Turn off - all power-saving options on the Windows Server Network card: "Allow the compter to turn off this device to save power" 2., Disable / Turn off - all offload options on the Windows ...
by emunt6
Tue Nov 23, 2021 11:07 pm
Forum: General
Topic: IP addresses in the same subnet across multiple interfaces? [SOLVED]
Replies: 8
Views: 3793

Re: IP addresses in the same subnet across multiple interfaces? [SOLVED]

Hi, I have tried to google the topic, but I can't somehow decide, if having two IP addresses from the same subnet on two different physical interfaces, is a problem or not. The situation is quite simple - imagine PC / notebook connected by both the ethernet cable and wi-fi to one MT router via a sw...
by emunt6
Sat Jul 03, 2021 6:16 pm
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624770

Re: Feature requests

I guess what I am asking for , is a Mikrotik ONIE compatible x86 ROS with optional ASIC drivers. Then I could install x86 Mikrotik with the correct ASIC package on some ONIE switches - such as the one in this picture ( qty 64 100-gig ports ) or any other x86 CPU based ONIE switch which has an optio...
by emunt6
Sun Jun 27, 2021 4:51 pm
Forum: RouterOS beta
Topic: v7 launch date
Replies: 156
Views: 48588

Re: v7 launch date

And Ubiquiti, for exalmple, has AirFiber 60-LR with 2Gbp/s link but only 1Gbp/s Copper ethernet...
Radio link is simplex,
cable link is duplex,
2Gbp/s simplex = 1Gbp/s duplex
:)
by emunt6
Sun Jun 27, 2021 3:28 am
Forum: General
Topic: Feature request for v7.x
Replies: 296
Views: 106605

Re: Feature request for v7.x

1., High Availability (HA) (example: two or more router devices) Stacking / Clustering - features: > control-plane states sync ( example: NAT ); > configuration sync ( filesystem ); > upgrade/downgrade firmware ( cluster all members ); > all devices like a "single logical device" ( exampl...
by emunt6
Wed May 12, 2021 4:20 pm
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624770

Re: Feature requests

*Feature Request

Mikrotik CCR products:
> Comformity againts the Telcordia NEBS (GR-63, GR-1089) requirements
( https://telecom-info.njdepot.ericsson.net/ )
by emunt6
Mon Apr 19, 2021 1:57 am
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624770

Re: Feature requests

What is the future replacement plan for CCR1072? ( Tilera CPU support is dropped by linux kernel - so its no future ). I would like to see a new CCR hardware like this: - Intel BareFoot TOFINO based ASIC - ARM64 CPU (example: Marvell OCTEON ) - 32GB ECC RAM - 2x msata / SATA port - 2x USB port - 2x ...
by emunt6
Tue Jan 05, 2021 2:02 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 427
Views: 120571

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

Update The Port problem its seems like a Marvell chip issue, i found this another forum ( http://forum.eltex-co.ru/viewtopic.php?t=9408 ) Same problem, the solution is RMA: replacement for a new one. After this, I dont think all of the CRS-354 swicthes are affected. It's not the Mikrotik's fault. Th...
by emunt6
Mon Jan 04, 2021 4:33 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 427
Views: 120571

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

Hi! I bought the "predecessor" of this switch - CRS-328 it has "Prestera-DX3236" chip with integrated CPU - rock solid since. The CRS356 released - i planned to buy it - but after seeing the specs and this topic, it is clearly a "NO-GO" situation. The problem is simple:...
by emunt6
Fri Sep 04, 2020 10:39 pm
Forum: General
Topic: CRS328-24P and 10GB SFP (Bridge Mode) Bandwidth slow
Replies: 2
Views: 867

Re: CRS328-24P and 10GB SFP (Bridge Mode) Bandwidth slow

HI!
The slow performance is because its using the CPU instead of the switch-chip.
The solution is you create one bridge and play with pvids/ tagged/ untagged.

https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge
>section: VLAN Example #3 (InterVLAN Routing by Bridge)
by emunt6
Wed Aug 26, 2020 4:40 pm
Forum: General
Topic: CRS328 - LLDP and BRIDGE
Replies: 0
Views: 500

CRS328 - LLDP and BRIDGE

Hi! The current LLDP implementation with BRIDGE interfaces is useless. PROBLEMS: -LLDP currently sending the bridge-interface name to the neighbor device - "FIX: send the physical interface-name" -LLDP filters - "FIX: need some fields to remove which is not necessary to advertise: dev...
by emunt6
Tue Aug 20, 2019 10:53 pm
Forum: General
Topic: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+
Replies: 213
Views: 69398

Re: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+

Hi! I just found this topic. Did you use the Mikrotik switch through an UPS(uninterruptible power supply - sinus wave type) hardware ? If not, then this maybe a main problem - the power supply might have receiving some OVP/OCP/SCP effects - causing the port flapping. In my case - yes, they were on ...
by emunt6
Tue Aug 20, 2019 10:28 pm
Forum: General
Topic: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+
Replies: 213
Views: 69398

Re: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+

If the problem is on power supply there will be port flapping always, no matter what OS is running. I have always port flapping when winning RouterOS (every single version on it) and never when running SwOS 2.7. We have a lot of 317 some connected to 326, 328 - different versions, all with SFP+ 10G...
by emunt6
Tue Aug 20, 2019 8:55 pm
Forum: General
Topic: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+
Replies: 213
Views: 69398

Re: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+

Hi! I just found this topic. Did you use the Mikrotik switch through an UPS(uninterruptible power supply - sinus wave type) hardware ? If not, then this maybe a main problem - the power supply might have receiving some OVP/OCP/SCP effects - causing the port flapping. In my case - yes, they were on ...
by emunt6
Tue Aug 20, 2019 8:41 pm
Forum: General
Topic: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+
Replies: 213
Views: 69398

Re: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+

Hi!

I just found this topic.

Did you use the Mikrotik switch through an UPS(uninterruptible power supply - pure sinus-wave type) hardware ?
If not, then this maybe a main problem - the power supply might have receiving some OVP/UVP/NOISE effects - causing the port flapping.
by emunt6
Fri Aug 16, 2019 12:13 am
Forum: RouterBOARD hardware
Topic: CRS326-24S+2Q+RM Question
Replies: 3
Views: 2278

Re: CRS326-24S+2Q+RM Question

Hi!

The "CRS326-24S+2Q+RM" is an L2 switch.
Do not consider as an L3 routing core - CPU resurces is not enough - you will end up serious lags/packet drops.
by emunt6
Thu Jul 19, 2018 12:45 am
Forum: Beginner Basics
Topic: CRS328-24P-4S+ VLAN Setup Problem
Replies: 21
Views: 5615

Re: CRS328-24P-4S+ VLAN Setup Problem

Hi! According to your setup: ---------------------------------------------------------------- VLAN10: management the switch VLAN20: should be for PCs eth1: router (trunk: tagged vlan10 and tagged vlan20) eth2- eth24: PC (vlan-20: untagged) ------------------------------------------------------------...
by emunt6
Sun Jul 08, 2018 2:02 am
Forum: SwOS
Topic: CRS328 - improvements
Replies: 1
Views: 3003

CRS328 - improvements

Hi!

Please add the following features to this kind of series switches - CRS-328xxx
(SOFTWARE)
-IP DHCP SNOOPING: L2 layer trusted / untrusted ports
-IP Source Guard: ARP with DHCP-SNOOPING
-Port Security: Group of MAC/IP list

(HARDWARE)
-Hot plug DUAL port removable PSU
Thx.
by emunt6
Sun Jun 10, 2018 1:51 am
Forum: RouterBOARD hardware
Topic: MUM Europe 2018 - New hardware incoming
Replies: 52
Views: 28056

Re: MUM Europe 2018 - New hardware incoming

Hi!

Is there any information when it will be available these switches?
CRS354-48P-4S+2Q+
CRS354-48G-4S+2Q+
by emunt6
Sun Feb 04, 2018 9:54 pm
Forum: General
Topic: I cant get more than 50 Mbps through a PtP Netmetal 5 link
Replies: 31
Views: 6038

Re: I cant get more than 50 Mbps through a PtP Netmetal 5 link

Hi, yes, it´s real... why I will false this test? 1434Mbps / 8 bits = About 180 MBytes, tomorrow will test with a Gigabit ethernet port computer and try to make a test with iperf... today make a iperf test but two sides PCs are connected through a wifi router and max speed are 3 Mbytes. The real te...