MikroTik

whatever

Is it safe to downgrade from 6.44?
Edit: Did it, appears to work fine.

whatever

Once you start to change settings outside of quickset you should stop using quickset.

whatever

Are you 100% sure that your converter outputs standard Ethernet frames?

whatever

Personally, I get > 100Mbps using wAP AC + RB3011 running CAPsMAN, local forwarding.

But you shouldn't you expect > 500Mbps with three chains on 5GHz ac? I consider 100Mbps with that hardware pretty slow, that speed is already achievable with 2.4GHz dual chain n.

whatever

You really shouldn't try to use only local addresses and NAT with IPv6. If you want local addresses use them additionally to your public prefix. For public routable addresses enable IPv6 prefix delegation on your Fritz Box, add DHCPv6 client on your Fritz Box facing mikrotik interface to request pre...

whatever

Try local forwarding

whatever

How do you decide how fast your wireless speed is supposed to be? My hap ac2 802.11ac 2x2 speed with capsman and local forwarding is indeed about half of what you would expect from the standard under perfect conditions, until now I've been blaming it on cheap hardware and poor drivers. But consideri...

whatever

Are there still people dumb enough to expose winbox to anything but an isolated management vlan? Don't do it, the winbox protocol obviously is not designed to be secure.

whatever

Did you try to change your MAC address to something that doesn't look like mikrotik? Like use your phone mac and increment the last byte?

whatever

Local forwarding means the traffic is forwarded to a bridge on the cap itself, not on capsman. You can select the bridge in the cap settings on your cap.

whatever

In optimal conditions I get up to ~230 Mbit/s WiFi downstream with hap ac2 as AP on a 400 Mbit/s Internet Connection. 5 GHz, 80 Mhz channel (Ceee), dual chain, ac-only, 1-2m distance without any obstacles. It should be possible to achieve more than 400Mbit/s in this conditions (I maxed out 400 with ...

whatever

@Darman: if your device got infected you should reset it to factory defaults to ensure all the nasty stuff is removed.

whatever

You can raise the "antenna gain" setting on the 2.4GHz interface by some db, this will lower its tx power and cause most clients to prefer the now stronger 5GHz network.
However, this will also reduce your 2.4GHz signal range, so this "solution" isn't always feasible.

whatever

Afaik there is no way to change it. Other models like hap ac2 are similarly affected.

whatever

So do not make this big change in "long-term". This is not a bugfix, but a change in function....... I guess releasing a "new" version which doesn't respect country regulations might cause legal trouble. But a simple notice in the changelog wouldn't hurt either: "Make sure you are compliant with yo...

whatever

https://cxsecurity.com/issue/WLB-2018120151

Wow. Does every process in routeros run with unrestricted root privileges?

whatever

Thank you for that info, it's rather interesting that wifi is still usable with 36 sec update interval.
I really hope that the fix gets backported to long-term soon.

whatever

*) capsman - fixed "group-key-update" parameter not using correct units;

Can we get some details on this?
How was the parameter interpreted before this fix? Is the long-term release affected by the same bug? If yes: when can we expect a backport of this bugfix to long-term?

whatever

As already mentioned: You can only benefit from features which are supported by AP and client. If your client only supports 80 MHz with dual chain you will not benefit from all four chains which are available on the 4011.

whatever

It's highly unlikely that your dst-address=127.0.0.1 rule will match traffic to 192.168.0.1:5246. Try to use a dst-address-type=local src-address-type=local rule like documented at https://wiki.mikrotik.com/wiki/Manual:S ... in_CAPsMAN

whatever

RTSP or WDS is completely unrelated to your problem. I had some ARP issues that disappeared as soon as I set multicast-helper on the wireless interfaces to "full", you might try if that helps your usecase. In order to support your client devices in roaming you should rather lower the tx-power of you...

whatever

Didn't even know they were doing this, that's definitely something I'd like to turn off. +1

whatever

You dont!?
Nowadays the majority of websites uses https which is designed to be non-interceptable.

whatever

You don't. You can only toggle the QOS part, why do you want to disable it completely?

whatever

Shouldn't they have a WSUS server for centralized update management?

whatever

Changing identity to serial number via script should be possible.

whatever

That is not possible with the standard linux transmit hash policies for 802.3ad.
Thoughts: Why the hell would you want that???

whatever

Well, regex "79" does indeed match "179", etc., so the result you are experiencing is expected.
Try using "^" and "$" in your regexes to match beginning and end of your identity strings.

whatever

That's interesting, I guess the change happened with the switch to factory software 6.42+. I own several devices with factory software 6.40 and 6.41 and all of them have 233MB.

whatever

Has anyone ever received a unit with less than 230MB RAM?

whatever

While it's currently unavailable at all the large distributors, the smaller ones apparently have some stock left.

whatever

For local forwarding to work you got to setup your L2 network accordingly and configure the bridge to drop the traffic on the CAP.
Without local forwarding all your traffic will be tunneled (possibly encrypted) to the CapsMan, that's not a good idea on a device with low CPU power.

whatever

Try local forwarding

whatever

You have to set a different transmit hash policy on the Huawei router.

whatever

RSTP is enabled per default on the bridge. If you don't need it you may disable it in bridge settings.

whatever

RSTP
See https://wiki.mikrotik.com/wiki/Manual:S ... e_Protocol

whatever

My understanding is that per VLAN you need an associated bridge. You cannot have a single Bridge with multiple VLANs.

Your understanding is wrong, please read the manual.

whatever

If I remember correctly, the patch which dropped tile from the Linux Kernel explicitly stated, that nobody was using tile in current Kernels back then and that the vendors who are still shipping tile hardware had no interest in having it maintained for future Kernels. Therefore the chances that tile...

whatever

I think the device will always use the power input with the highest voltage. Having similar voltage on different inputs may cause flapping between them.

whatever

I think what you are asking for would negate any security benefits gained by using cap certificates in the first place.

whatever

Must have missed that, thank you for pointing it out.

whatever

How is it possible that I'm still able to login with my password after downgrading from 6.43.2 to 6.42.9? I thought 6.43 changed the authentication API in order to be able to save passwords as hashes and not as plaintext. However, the fact that I'm still able to login after downgrade to 6.42 clearly...

whatever

Try local forwarding (datapath) for even faster speed.

whatever

Agree its going to catch a few people out, but if you look at the link in my post 152 ( https://forum.mikrotik.com/viewtopic.php?p=688286#p687944 ) they are only €35 new, Are you using any of their products? They are offering 10GbE Multimode optics for 15€ while the competition is selling them for ...

whatever

Imho the lack of switch chip features could be neglected if you had the possibility to connect a "real" switch to the 10G port via a cheap cable. However, the lack of passive DAC support forces you to spend 100+€ for this connection instead of ~25€. Combining both these weaknesses into an otherwise ...

whatever

Footnote 4 says you can only use a SFP+ DAC at 10Gb

Doesn't it rather say that you cannot use passive SFP+ DAC at all? RB4011 seems to be the only Mikrotik SFP+ device which is incompatible with Mikrotik's own direct attach cables.

whatever

The only technical reason I can think of is, that the username is now part of the salt for the new password hashes. Otherwise it might just be a case of "not yet implemented".

whatever

Hi, do you know what wireless specs will this device have? How many chains on which bands?

2.4Ghz b/g/n, dual chain. See https://fccid.io/TV7PL64112ND

whatever

There's as slight bug in switch chip in IPQ4xxx which bit me and MT doesn't have a solution (yet).

What is the bug? Could you share some information?

whatever

One can argue about "router on a stick" SFP+ setup to lift possible limit to 15Gbps total, but i think those will not be numbers anyone is looking for.

Why not? That 15Gbps is exactly the number I'd expected to see as achievable benchmark limit for this block diagram.

Search found 83 matches