Community discussions

MUM Europe 2020

Search found 28 matches

by user8FJHFKFG8
Wed Apr 17, 2019 2:39 pm
Forum: General
Topic: Sofware VLAN/Bridge on RuterOS explained.
Replies: 62
Views: 20762

Re: Sofware VLAN/Bridge on RuterOS explained.

Yes, thank you both for the education. I didn't really need it, but it was interesting. I have a different solution. I use routers EXCLUSIVELY as routers and switches as switches. Each port of my routers is either a single LAN or a VLAN trunk port. Never does any LAN or VLAN appear on more than one...
by user8FJHFKFG8
Wed Apr 17, 2019 1:41 pm
Forum: General
Topic: Firewalling VLANS. New bridge filtering method re broadcasts etc
Replies: 3
Views: 342

Re: Firewalling VLANS. New bridge filtering method re broadcasts etc

also interesting that I have a new HP printer doing NetBIOS requests to an old nonexistant subnet, also this and other IP phones are making ntp requests from a NTP server I took out of the DHCP config many days ago... I actually had .110/24 being a /23 and had some issues with NetBIOS where a host (...
by user8FJHFKFG8
Wed Apr 17, 2019 1:22 pm
Forum: General
Topic: Firewalling VLANS. New bridge filtering method re broadcasts etc
Replies: 3
Views: 342

Re: Firewalling VLANS. New bridge filtering method re broadcasts etc

yes, 192.168.110.0/24 corresponds to VLAN 110, where 192.168.110.10 sits on VLAN110, a slave to my LAN bridge. My actual hardware port which is the trunk for these VLANS has no VLANS as slaves, all done through bridge -> VLAN (as in the initial linked forum post) re number 1, yes I meant catch... (r...
by user8FJHFKFG8
Wed Apr 17, 2019 8:11 am
Forum: General
Topic: Firewalling VLANS. New bridge filtering method re broadcasts etc
Replies: 3
Views: 342

Firewalling VLANS. New bridge filtering method re broadcasts etc

In order to properly firewall different VLANS from each other what is the best practice way with the new VLAN filtering method (as here )? I have several VLAN interfaces on my bridge for DHCP, and using those interfaces as a firewall doesnt block broadcasts coming in the the VLAN. So I guess I can't...
by user8FJHFKFG8
Sat Apr 13, 2019 12:24 am
Forum: General
Topic: DHCP for VLAN on bridge
Replies: 8
Views: 570

Re: DHCP for VLAN on bridge

Ah ha, yea I'm using TP-Link switches.. still quite confused..! Think I'll just try the standard way
by user8FJHFKFG8
Fri Apr 12, 2019 5:18 am
Forum: General
Topic: DHCP for VLAN on bridge
Replies: 8
Views: 570

Re: DHCP for VLAN on bridge

Sorry didn't explain 802.1Q on two external managed switches. I have basically given up on this idea due to it being outside of the standard of use case, but I'm wondering if I have 2 devices say: device A, VPID 16, VLAN 14 & 16 untagged. and device B VPID 14, VLAN 14 & 16 untagged, both in the same...
by user8FJHFKFG8
Thu Apr 11, 2019 3:19 pm
Forum: General
Topic: DHCP for VLAN on bridge
Replies: 8
Views: 570

Re: DHCP for VLAN on bridge

Yep I realise it is tricky, I was hoping to use 802.1Q to allow me to share a NVR with my LAN subnet and a camera subnet, thinking a single subnet could be possible with some tricky VLAN settings on the 802.1Q switch.. I may have to settle for normal VLANs with their own routed subnet.. much simpler...
by user8FJHFKFG8
Thu Apr 11, 2019 9:32 am
Forum: General
Topic: DHCP for VLAN on bridge
Replies: 8
Views: 570

DHCP for VLAN on bridge

tl;dr: I'm not sure of the packet flow to allow a port with tagged VLAN 14 access to my LAN bridge DHCP server, while still firewalling VLAN 14 from my LAN bridge... I already have a DHCP server on my LAN bridge, but I would like to give addresses from my LAN /24 DHCP server to clients on VLAN 14. I...
by user8FJHFKFG8
Tue Apr 09, 2019 2:52 am
Forum: General
Topic: Static Route fail
Replies: 4
Views: 357

Re: Static Route fail

Possibly could implement a 'router subnet' I'm thinking this could even be on the LAN bridge between the two routers. The reason for two routers was really only to separate the two distinct WANs, which I guess could really be done on a single router as was the case previously. Creating a 'router sub...
by user8FJHFKFG8
Mon Apr 08, 2019 2:51 pm
Forum: General
Topic: Static Route fail
Replies: 4
Views: 357

Re: Static Route fail

ok not sure exactly best practices to avoid a routing triangle, in the past I have used a VLAN between routers.. Just discovered DHCP option 121, that may be best option I'm guessing. Is this an unusual layout to have a router for each seperate WAN on a LAN? Also wouldn't this be an issue for any ty...
by user8FJHFKFG8
Mon Apr 08, 2019 2:25 pm
Forum: General
Topic: Static Route fail
Replies: 4
Views: 357

Static Route fail

is there a simple reason a static route wouldn't be working on my LAN? I have a mikrotik default gateway which has a static route to a mikrotik LAN host for 10.0.0.0/8 which is a seperate WAN. only can access WAN if I set it as default GW..?
by user8FJHFKFG8
Thu Apr 04, 2019 6:33 am
Forum: General
Topic: One way traffic through VLAN
Replies: 2
Views: 309

Re: One way traffic through VLAN

perfect thankyou!
by user8FJHFKFG8
Thu Apr 04, 2019 2:22 am
Forum: General
Topic: One way traffic through VLAN
Replies: 2
Views: 309

One way traffic through VLAN

Is there such a practice where I will allow forwarding in one direction to a VLAN. My case is I have a network which I want to isolate with a VLAN, except that it has a printer on it I want to print to. So I can reach into this network, but it can only reach WAN and not other VLANs. The only other c...
by user8FJHFKFG8
Wed Apr 03, 2019 11:17 am
Forum: Beginner Basics
Topic: Block traffic between VLAN
Replies: 8
Views: 744

Re: Block traffic between VLAN

I am wondering a similar thing. I really like the clean way as things getting complicated has really been bugging me. I have noticed my VLAN wants to talk to itself a lot, where I have a rule accept forward VLAN18 in and VLAN18 out. No idea why. as far as allow homelan to WAN allow VLANS to WAN That...
by user8FJHFKFG8
Fri Sep 28, 2018 1:56 pm
Forum: General
Topic: DHCP over 802.1Q VLAN
Replies: 2
Views: 454

DHCP over 802.1Q VLAN

I have a switch with 802.1Q VLAN setup, where I want to use a mikrotik router for DHCP. If I have a DHCP server on a tagged VLAN interface, this should work fine going through the switch? Have an IP phone not picking up DHCP, I'll try a factory reset of the phone
by user8FJHFKFG8
Mon Sep 03, 2018 2:08 am
Forum: General
Topic: Chinese IP Cameras
Replies: 9
Views: 1041

Re: Chinese IP Cameras

Sounds like something I'd really love to have in my network. ;) Maybe in VLAN, completely isolated from everything else.
The worst part was how long I didn't have this rule :shock: even though I know I should have..
by user8FJHFKFG8
Mon Sep 03, 2018 2:07 am
Forum: General
Topic: Chinese IP Cameras
Replies: 9
Views: 1041

Re: Chinese IP Cameras

Without gateway they will not going outside. In theory yes. I'd be interested to see somebody verify that. And to verify that they still function properly if connected from within same LAN segment. Yea I was thinking they may not pull a DHCP address without a gateway, I plugged in an 'Anpvis' IP ca...
by user8FJHFKFG8
Sun Sep 02, 2018 10:59 am
Forum: General
Topic: Chinese IP Cameras
Replies: 9
Views: 1041

Chinese IP Cameras

I created a few IPs (a /28) in my DHCP range which I have set aside for IP Cameras (Hikvision, Dahua etc), then, I made a firewall rule for these IPs add action=drop chain=forward comment="No Outside Access" dst-address=!192.168.0.0/16 src-address=192.168.110.128/28 I have noticed a lot of attempts ...
by user8FJHFKFG8
Sun Jul 29, 2018 2:40 am
Forum: General
Topic: multiple gateways using mangle fault
Replies: 2
Views: 378

Re: multiple gateways using mangle fault

u da real MVP :)
CPU is maxing out at around 10Mbps but ehh that's fine, running total 3 VPNs anyway
by user8FJHFKFG8
Sat Jul 28, 2018 4:30 am
Forum: General
Topic: multiple gateways using mangle fault
Replies: 2
Views: 378

multiple gateways using mangle fault

I have a gateway GW1 which will work fine under normal conditions. If I use a second gateway GW2 and try to send an address list through GW1 using mangle and a routing mark the connection through GW1 will be slow to the point of not working. Doing a speed test, downloads will be markedly slower and ...
by user8FJHFKFG8
Tue Jul 24, 2018 12:58 pm
Forum: General
Topic: separate gateway host on LAN
Replies: 6
Views: 449

Re: separate gateway host on LAN

yep I've configured it as you mention - internet traffic from the dsl router is on VLAN 11 with 192.168.16.3/24 (although no DHCP..) I've cleaned up the diagram a little https://i.imgur.com/rbCA5P4.png So my issue I think was referred to in your first reply Sindy - having my dsl router in its normal...
by user8FJHFKFG8
Mon Jul 23, 2018 1:53 pm
Forum: General
Topic: separate gateway host on LAN
Replies: 6
Views: 449

Re: separate gateway host on LAN

https://i.imgur.com/S5qHDOT.png So I have been able to put my VDSL connection in it's own 'interface group' on the soho router, with its own IP, on a VLAN, which my mikrotik router (default gateway (running the only DHCP server)) can reach on that VLAN IP as a default route. I have a masquerading r...
by user8FJHFKFG8
Mon Jul 23, 2018 11:46 am
Forum: General
Topic: separate gateway host on LAN
Replies: 6
Views: 449

Re: separate gateway host on LAN

I'm wanting to keep everything on the same subnet which is the difficulty - having 2 routers with different WAN interfaces (wan and internet) on a single LAN. I could route between them, and be on different subnets, I guess that could work. I'm going to try a VLAN config using a separate subnet for ...
by user8FJHFKFG8
Mon Jul 23, 2018 11:43 am
Forum: General
Topic: recursive gateway
Replies: 2
Views: 532

Re: recursive gateway

awesome thankyou!
by user8FJHFKFG8
Sun Jul 22, 2018 1:59 pm
Forum: General
Topic: separate gateway host on LAN
Replies: 6
Views: 449

separate gateway host on LAN

I have a DSL router on my LAN as an internet gateway, but I want to use a mikrotik router as my default gateway on this LAN, which will then use the DSL gateway as its gateway. This config seems to introduce latency problems basically breaking the network.. why and is there a workaround. there is a ...
by user8FJHFKFG8
Sun Jul 22, 2018 1:35 pm
Forum: General
Topic: recursive gateway
Replies: 2
Views: 532

recursive gateway

In this example for Advanced Routing Failover without Scripting, there is the example
/ip route
add distance=1 gateway=Host1 routing-mark=ISP1 check-gateway=ping
We want the gateway to actually be GW1, which I assume happens.. why does this happen?
by user8FJHFKFG8
Thu Jun 21, 2018 1:09 am
Forum: General
Topic: VPN dropping packets
Replies: 1
Views: 323

VPN dropping packets

I have a Mikrotik GRE tunnel with IPsec between two routers joining two LANs. I believe the this VPN may be dropping packets due to the wireless connection quality of the WAN link. Is there a better option than a GRE tunnel for internet connection sharing that will prevent this?
by user8FJHFKFG8
Mon Jun 18, 2018 8:56 am
Forum: General
Topic: Best VPN for unreliable wifi link
Replies: 0
Views: 216

Best VPN for unreliable wifi link

I have a wifi link that gets about 6Mbps throughput. I think it may be the cause of syncing issues using Synology's Cloud Station ShareSync synchronisation app on 2 NAS devices across this network. The 2 LANs are linked by a Mikrotik GRE tunnel with IPsec. Is there a better VPN for this link?