This can be done the following way: /ipv6 pool add name=text_description prefix=[IPv6 address]/[length] prefix-length=[length] You will need one pool per client if you want to do static assignments. In this case both of the above length attributes would be equal. In Freeradius, etc: attribute = Mikr...

Setting up peering by itself isn't enough. Both your uplines and possibly their uplines will need to allow your route announcements through their filters.

BGP filters do not accept > 16 bit ASN numbers.

Obviously, this is an issue of importance.

Platform = CCR1009 with 6.45.6

First of all 10.10.... looks like is an Private IP, you cannot advertise them to BGP! Of course you can You probably won't find an ISP willing to take your 10.0.0.0/8 (or other RFC1918 addresses), but if you do then there's nothing to say you can't do it. If you publicly announce RFC1918 space - in...

Platform - CCR1009 / ROS 6.45.5

Under interfaces / VLAN -

I accidentally typed "remove 11" instead of "remove numbers=11" and the router became unresponsive and required a reboot.

Using ROS 6.45.5 on CCR1009 If the admin changes the name of a filter, this does not propagate through to any peers using the filter. What happens is the peer simply starts acting as if there were no filter. Of course, this is an undesirable situation. My suggested behaviour would be for either- 1. ...

When you say that you need to "account" for it, what does that mean exactly?

Traffic In and Traffic Out. At present I do this with Firewall / Mangle and connection marking + packet marking. But I am not clear how to do this over an IX interface with multiple bilateral peers.

I have a CCR1009 and multiple BGP peers. Some I peer with through dedicated interfaces so this is easy to traffic-account for. However, some peers I reach via bilateral-peering through an IX and I need a way to account individually for this traffic. How can this be achieved to the point of the packe...

@bmann has made some very good points which I can relate to. I come from the Cisco camp and I was amazed when I bought my RB1100AHx4 what I was getting for the money... and it's made in Latvia, not China! Personally, I think Mikrotik products are possibly a bit too cheap and I would be happy to pay ...

I have been spreading the word around in other forums.

If it's of any interest / help I am happy to act as a remote test case providing no harm is done.

I can report I had (now disabled) IPv6 connectivity and a few days ago my router rebooted for no obvious reason. A couple of days later I was alerted to this issue.

As a consequence, I am now assuming the exploit is out there in the wild and is being used.

viewtopic.php?f=2&t=122420

i also submitted a ticket to support. Hope this can be fixed soon.

Thanks for that. Clearly, it's not just me.

I am running 6.43.8 though this issue has persisted over several previous versions.

On a restart, the IPV6 DHCP client gets stuck on status "binding". I have to manually disable, then enable, and then IPV6 works.

Is there any way to fix this for reliable restarts?

Ok. Worked it out now thanks.

For some reason, SFP was not in the port list so I had to add it.

Thinking a bit outside the square - will your ISP offer you a public subnet? There is usually an extra charge for this. $2 per IPV4 address per month is the going rate. So a /29 (8 IP's of which 5 are usable for hosts) would be $16 per month. Otherwise, if you can get IPV6 space and can do end-to-en...

Can this be done?

First things first -

Did you secure your hAP ac before connecting it to the internet?

I have fixed the issue by doing both of the following: 1. Disabling auto-addressing on the relevant VLAN 2. Disabling Slackware NetworkManager and setting my IP address manually in rc.inet1 (IPV4) and rc.local (IPV6) as follows: /etc/rc.d/rc.networkmanager stop chmod 600 /etc/rc.d/rc.networkmanager ...

The 5311 also suppprts ADSL2/2+ though no mention of ADSL1 support- https://www.metanoia-comm.com/admin/product_en/front/index2.php?id=119&upid=73 Here in New Zealand, most VDSL (strictly speaking it's VDSL2) connections are deployed from fibre-fed cabinets. But ours is a very small rural townsh...

Blocking ports is useless. Youtube and Facebook use the normal ports 80 and 443.

are you using Dt. Telekom? You must take care on the dynamic IPv6 prefix change (Zwangstrennung). It's better to internally address via ULA address. Also you must decrease the GUA lifetime by hand as RouterOS does not care about the lifetime given by DHVP6. Thanks for that. I am a customer of Inspi...

Prior to doing this I reinstated auto config and ND. IPV6 / Addresses [admin@MikroTik] /ipv6 address> print Flags: X - disabled, I - invalid, D - dynamic, G - global, L - link-local # ADDRESS FROM-POOL INTERFACE ADVERTISE 0 DL fe80::dceb:95ff:fe38:7658/64 bridge-wlan no 1 DL fe80::1c37:82ff:fe40:ebb...

I have been allocated a /56 IPV6 from my ISP. I have DHCPv6 setup on the pppoe0 interface (PPPoE over VDSL2) and a /64 from the pool on the LAN interface (Vlan40). When I use address auto config, it works fine. When I try to set a static IP on the host and Vlan40, it works for a few minutes to an ho...

Sorry about the delay in responding. I was not aware this site would not email me a reply notification. I eventually tracked the problem to the SFP settings. The 5311 requires the port is set as 1Gbps full duplex. Fibre is popular and we have only few sites still use VDSL It is here as well but cons...

Hi all. This is my first post to the Mikrotik forum and I hope to become a regular here. My background is Linux Systems Admin - predominantly using Cisco. When it comes to Miktotik, I will assume I am a beginner. I have a Metanoia VT5311 VDSL SFP and a hAP AC. I am located in New Zealand. If someone...