Community discussions

Search found 33 matches

by riggerman
Tue Oct 09, 2012 9:57 pm
Forum: General
Topic: Changing PPPoE Mikrotik-Rate-Limit with CoA
Replies: 2
Views: 889

Re: Changing PPPoE Mikrotik-Rate-Limit with CoA

Hi CoA is not directly supported as I recall. For our neoRADIUS platform we've pre-coded Mikrotik support to rather use a PoD. Its not ideal but from past experience Mikrotik will only apply changes as a disconnect. For that reason simply send a PoD and the customer will reconnect and get your new c...
by riggerman
Tue Oct 09, 2012 9:53 pm
Forum: General
Topic: VRRP on PPPOE Server
Replies: 5
Views: 1784

Re: VRRP on PPPOE Server

Hi Max. Welcome to the forum. Lets see if we can quickly solve this one for you ;-) Ok, so PPPoE is an L2 protocol so VRRP doesn't help you at all as far as redundancy is concerned. Simplest solution here is to simply place both servers in the same L2 domain (likely a single VLAN). Both will respond...
by riggerman
Tue Oct 09, 2012 9:45 pm
Forum: Forwarding Protocols
Topic: BGP and routing filter improvement suggestions
Replies: 58
Views: 16916

Re: BGP and routing filter improvement suggestions

BGP groups most likely will not be implemented, but we will think of some way to make configuration easy if you have peers with common settings. Some of common parameters can be set in instance. That's a shame :( BGP groups are a very very important feature if you're taking part at large IXes, like...
by riggerman
Tue Oct 09, 2012 9:40 pm
Forum: General
Topic: Authentication of PPPOE sessions when Radius or SQL is down
Replies: 8
Views: 3749

Re: Authentication of PPPOE sessions when Radius or SQL is d

Savage's suggestion is quite plausible. The mikrotik API comes to the rescue here. Bear in mind that the ppp secrets is simply the failback here - so its quite practical to wipe and re-add if required ie a one-way sync. If you have many thousands of sessions terminating on a single TIK that will bec...
by riggerman
Tue Oct 09, 2012 9:35 pm
Forum: General
Topic: Feature request: MLPPP server
Replies: 30
Views: 7632

Re: Feature request: MLPPP server

This would be a reasonably big +1 for us too.

Obviously can be worked around using other systems for this but having Mikrotik as preferred deployment option it would be a very welcome addition.
by riggerman
Tue Oct 09, 2012 9:32 pm
Forum: General
Topic: Feature request - TCP optimalization
Replies: 7
Views: 2493

Re: Feature request - TCP optimalization

Hi Guys *indirect advert here - but for the purpose of answering your question ;-) * We've extensively deployed our neoCACHE ( http://www.neology.co.za/products/neocache/ ) solution using both TPROXY and WCCP. TPROXY on Mikrotik works absolutely perfectly if you realise that the solution on the TIK ...
by riggerman
Tue Oct 09, 2012 12:41 am
Forum: Forwarding Protocols
Topic: BGP and routing filter improvement suggestions
Replies: 58
Views: 16916

Re: BGP and routing filter improvement suggestions

Hi mrz, If we are able to do some pie in the sky 'nice to have one day stuff' for your list: (if any of this is already doable plz point me in the right direction ;-) ) 1) BGP default propagate - Likely my biggest request other than not having routes stuck in the cache ;-) - If I receive a default f...
by riggerman
Fri Oct 05, 2012 11:25 am
Forum: Beginner Basics
Topic: Noob script question
Replies: 6
Views: 1503

Re: Noob script question

As ditonet indicated use: /import file-name="thescript.rsc" . So, to repeat. 1) Name your file as a .rsc file such as thescript.rsc". 2) Upload file 3) From terminal run "/import file-name="thescript.rsc" 4) This will then essentially "run" whatever code you had in the file. If you wanted the upload...
by riggerman
Fri Oct 05, 2012 10:40 am
Forum: General
Topic: Routeros intercepting web traffic
Replies: 5
Views: 1852

Re: Routeros intercepting web traffic

Hi John,

I'd look in your mangle and NAT (/ip firewall) sections.

You likely have a DST-NAT or a mark routing which is directing customers to a specific site. If you're unsure what to look for I'd suggest you do an "/ip firewall export" and paste here.
by riggerman
Fri Oct 05, 2012 1:18 am
Forum: Beginner Basics
Topic: Cannot browse all websites
Replies: 12
Views: 4375

Re: Cannot browse all websites

Hi, Have you made sure you're using the correct MTU and have turned on MSS clamping on your upstream connection? What you are describing sounds like a classic case of too big packets being sent down the wire to your router without being correctly fragmented. If you have a pptp/pppoe connection: /int...
by riggerman
Fri Oct 05, 2012 1:02 am
Forum: General
Topic: PPTP Disconnects and Reconnects continuously
Replies: 3
Views: 1675

Re: PPTP Disconnects and Reconnects continuously

Hi, To make sure I understand, let me repeat ;-): - The client has a 3G connection and a default route out to their operator - Client dials a PPTP session to a static IP on the end of an ADSL line - Session establishes but then drops after a period. If the above is all correct I'd say the 1 thing I'...
by riggerman
Fri Oct 05, 2012 12:55 am
Forum: Beginner Basics
Topic: Better Failover
Replies: 4
Views: 1035

Re: Better Failover

Hi Simplest method is to define 2 static host routes; one via each ISP. Lets say a dns server of each of the ISPs. With those static routes in place you know that if you can ping a specific DNS server then that route is UP. Now add a netwatch script for each of the DNS servers. If one of the routes ...
by riggerman
Fri Oct 05, 2012 12:41 am
Forum: Forwarding Protocols
Topic: BGP Communities from out
Replies: 1
Views: 822

Re: BGP Communities from out

Hi, I presume you are referring to 'peering'. You can use communities but I suspect the simplest method for you at this stage would be to utilise the bgp "Out Filter" for the new 5'th peer. I'm not going to go into extensive detail but I'd suggest the filter is maybe applied based on AS path of the ...
by riggerman
Thu Oct 04, 2012 4:56 pm
Forum: General
Topic: RouterOS for x86 board is corrupted
Replies: 2
Views: 579

Re: RouterOS for x86 board is corrupted

Hi, Most x86 platforms will have a console or similar access method so I'd hope you can use one of those to see what's going on. In regards the license key - yes, its stored on the hdd of the device and linked to the drive serial number amongst other things. If the actual device is corrupt (MBR/phys...
by riggerman
Thu Oct 04, 2012 11:03 am
Forum: General
Topic: Router export file to server on LAN
Replies: 10
Views: 1206

Re: Router export file to server on LAN

hehe, you will tend to find that I keep my posts to an absolute minimum. Glad you sorted out the issue.
by riggerman
Thu Oct 04, 2012 10:11 am
Forum: General
Topic: Router export file to server on LAN
Replies: 10
Views: 1206

Re: Router export file to server on LAN

Wild Guess time: Mikrotik has a number of instances in which it tends to select the wrong source IP :shock: for communications. A prime example is when you poll the router on SNMP on 1 IP it then responds to that query with a different source address to the one you requested it on....Maybe the initi...
by riggerman
Thu Oct 04, 2012 10:07 am
Forum: Scripting
Topic: How can I print DNS cache from SSH with full addresses?
Replies: 1
Views: 849

Re: How can I print DNS cache from SSH with full addresses?

Hi there. Technically what you're seeing is correct :( Since you're not opening a full terminal window on the RouterOS box Mikrotik makes some sane assumptions as to your screen width. IT then concatenates (...) the text to fit that width. The easiest fix for you is to use the following: ssh admin@r...
by riggerman
Thu Oct 04, 2012 2:12 am
Forum: General
Topic: RouterOS v6 release candidate 1
Replies: 96
Views: 30186

Re: RouterOS v6 release candidate 1 - SIMPLE QUEUES

Hi All, Reading scrollback I see others also have issues with simple queues and time ranges. I can confirm that I HAVE checked my clock settings and there really IS an issue with simple queues and time ;-) There's 2 issues that occur (one Mikrotik needs to fix ;-): Issue that needs fixing 1st: I hav...
by riggerman
Tue Aug 07, 2012 2:13 pm
Forum: General
Topic: NAT improve performance
Replies: 7
Views: 6793

Re: NAT improve performance

connection tracking will expand as required. Also note that limiting factor usually is about of available memory,.
Hi Janisk,

Does Mikrotik still have the same memory limits on x86 - or is bigmem support available yet?
by riggerman
Fri Jun 29, 2012 5:24 pm
Forum: General
Topic: snmp v3
Replies: 2
Views: 3042

Re: snmp v3

Hi,

Can confirm RouterOS 5.19rc1 fixes the issue - so should be fixed as soon as that's released formally.

;-)
by riggerman
Tue Jun 26, 2012 12:38 am
Forum: General
Topic: snmp v3
Replies: 2
Views: 3042

Re: snmp v3

Hi I am actually experiencing something similar at this stage with SNMP v3. Using snmpwalk I get similar behaviour - in essence it appears that the "Engine ID" must be explicitly specified but the software polling the router, as example: Router OS /snmp community add addresses=0.0.0.0/0 authenticati...
by riggerman
Fri Jun 01, 2012 12:28 am
Forum: General
Topic: Feature Request: WCCP
Replies: 4
Views: 1735

Re: Feature Request: WCCP

You could simply use IP redirection -- or use an L2 redirect to most of the caches quite effectively.

While I'd like WCCP too I expect its not going anywhere since I've not seen any improvements to the protocol for ages and if I recall IPv6 redirection is not an option under WCCP - ie EOL
by riggerman
Fri Jun 01, 2012 12:12 am
Forum: General
Topic: not going to happen....
Replies: 0
Views: 336

not going to happen....

the hp custom controller is not recognised by the kernel -- this is a well known limitation - see http://forum.mikrotik.com/viewtopic.php?f=2&t=39280&hilit=raid+support Its been asked for repeatedly but based on the lack of feedback (see thread) I'm guessing its not going to make it back onto the Mi...
by riggerman
Thu May 31, 2012 11:43 pm
Forum: Forwarding Protocols
Topic: PPPoE on central router OR on each tower
Replies: 11
Views: 5696

Re: PPPoE on central router OR on each tower

Hi There, While both methods are certainly possible we typically use the following rule of thumb when providing our consulting as part of our core network platforms (http://www.neology.co.za). Relevant to Both Have a decent monitoring platform and make sure it dials you PPPoE platforms to ensure its...
by riggerman
Thu May 03, 2012 9:32 am
Forum: General
Topic: IPv6 Dynamic Routes Not Working
Replies: 1
Views: 447

Re: IPv6 Dynamic Routes Not Working

Welcome to the brokenness that is v5 routing module ;-( I've stopped submitting bugs for v5's routing - supposedly there is a mythical new routing-test (new routing engine) due at some stage.... and I'm placing high hopes on that. Issues we've had in no particular order: - OSPFv3 suddenly not workin...
by riggerman
Wed Mar 28, 2012 2:45 pm
Forum: Forwarding Protocols
Topic: Master backup link solution
Replies: 3
Views: 1431

Re: Master backup link solution

Simplest - if not most overhead effecient: Setup primary link on one /30 Setup secondary link on another /30 setup 2 static routes for EoIP remote end-point with different weights. The EoIP will then dial on the primary path. If that fails it will switch to the secondary path. The fail back to the p...
by riggerman
Tue Mar 27, 2012 12:41 pm
Forum: General
Topic: RouterBoard HDLC Encapsulation
Replies: 1
Views: 634

Re: RouterBoard HDLC Encapsulation

Hi, If you do a search in the forum you will come across a couple of posts relating to HDLC and there are solutions mentioned there - I'm not sure which if any of the line cards work in the latest ROS release and would suggest an alternative: Look at a Serial(HDLC) to IP converter - maybe similar to...
by riggerman
Tue Apr 21, 2009 2:04 pm
Forum: General
Topic: Feature Request: Cisco ISG style IP based auth
Replies: 0
Views: 906

Feature Request: Cisco ISG style IP based auth

Hi Guys, We're longtime users of both Mikrotik and Cisco.... of late there has been almost no reason to use Cisco... EXCEPT when trying to use some of the Cisco ISG features. Specifically: 1) When the Cisco ISG sees traffic on an interface from any IP it will trigger a radius auth request ( to some ...
by riggerman
Fri Feb 06, 2009 4:05 pm
Forum: General
Topic: [BUG] Radius Hotspot Authentication hangs RouterOS
Replies: 3
Views: 838

Re: [BUG] Radius Hotspot Authentication hangs RouterOS

*Bump*

Anyone else test or experience this?

Mikrotik moderators: As I've bought many a license but they are past 30 days ... do I need to buy another to send you this bug to get looked at/fixed?
by riggerman
Tue Feb 03, 2009 3:53 pm
Forum: General
Topic: WCCP on Mikrotik
Replies: 6
Views: 1911

Re: WCCP on Mikrotik

Hi, WCCP is very nice in that if a proxy becomes unavailable web-traffic is not affected. Also, it allows for multiple proxies to share the load etc - all features I'd use immediately if RouterOS supported it.... In the mean time you can do the following: 1) Use IP-->Web-Proxy and set your squid/cac...
by riggerman
Tue Feb 03, 2009 3:47 pm
Forum: General
Topic: [BUG] Radius Hotspot Authentication hangs RouterOS
Replies: 3
Views: 838

[BUG] Radius Hotspot Authentication hangs RouterOS

Good Day, We're running various Mikrotik Hotspot systems on i386 platforms. We are authenticating Hotspot users to radius. The moment Tik receives the "Access-Accept" the router hangs completely, no messages on console or elsewhere - physical reboot/power cycle is the only way to recover. In order t...
by riggerman
Mon Jun 04, 2007 2:21 am
Forum: General
Topic: Portwell 5060 LCD settings
Replies: 2
Views: 1009

Re: Portwell 5060 LCD settings

Hi,

This is just to report that we have 5 5060's all showing garbled output - tried all combinations of settings.

I recon the driver is at fault here ;-(
by riggerman
Mon Jun 04, 2007 2:18 am
Forum: General
Topic: Support for Intel 82573L ?
Replies: 5
Views: 1763

Re: Support for Intel 82573L ?

Hi,

In 2.9.43 vlan support is not working with these cards.

v8beta9 works well with them but they refuse to go to gige ....100meg max at the moment.