I’ve had this problem and reported it to support. It started a few releases back and has stayed constant… in my case, any simple queue causes IPv6 traffic to fail. No matter the queue algorithm. Using interface queues works, as well as using queue tree. It’s a simple queue problem… I was told to try...

I don’t think the OP expects a single TCP stream to load balance. Speed tests themselves aren’t a single TCP stream… I read the expectation as - all connections use WAN1 until a threshold is reached, then new connections use WAN2. WAN1 is always used, except when the threshold is reached… WAN2 is us...

IPv6 traffic doesn't flow through the router when a Simple Queue is active. I setup a Simple Queue with target LAN Interface and Destination WAN interface - and queue type FQ_Codel. When the queue is active, IPv6 traffic doesn't work, queue inactive - it works again. This problem isn't new, also had...

+1 see also: https://forum.mikrotik.com/viewtopic.php?t=110925 https://forum.mikrotik.com/viewtopic.php?t=42614 https://forum.mikrotik.com/viewtopic.php?t=94291 Internet-Uplinks going IPv6 only. Small IoT devices stick to IPv4. Have you looked at using the web-proxy for this? I haven't tried it but...

In routing filter, is set-type=blackhole supported? I noticed it wasn't supported in previous betas.

Like this:

chain=malware-in address-family=ip invert-match=no action=accept set-type=blackhole set-bgp-prepend-path=""

ROS has a feature called fast-track. It decreases processing overhead for select packets, if configuration and traffic mix is right, more than 99% of packets qualify. This feature thus increases capacity of a device. In ROS v6 (currently stable and long-term versions) unfortunately it doesn't exist...

IPv6 stopped forwarding suddenly. Reboots didn't fix, neither did release/renew of the IPv6 DHCPv6 from the ISP. I checked that from the router I could ping outside IP's on IPv6, I could ping an internal host via IPv6, and viceversa, I could ping the router (even another router interface) from an in...

So I upgraded to 7.1beta3 and went into the drop down queue type options... Did they name it something other than Cake and FQ-Codel? No. They added Codel, FQ_Codel and Cake. However, you have to create a new queue type and assign one of those to that new queue type. It's not defined by default. (it...

Tested on my CCR1016 with both Cake and FQ_Codel. Cake performs poorly and limits my download a bit too hard.. perhaps it's CPU loading. FQ_Codel performs great and does the job. EDIT: Further testing - switched from simple queue to queue tree (upload on wan and download on lan) and Cake performs we...

Delivered on 7.1b3! Awesome, thanks Mikrotik.

Off to test!

lol this is a new low.. I'm getting trolled by a router vendor hahaha

I understand, but I never did! Would you be kind enough to help me? The mikrotik pc is immediately after a CLEAROS firewall, so mikrotik must be transparent and not block anything, only bandwidth on IP that I sign in the queues! No DHCP no firewall, nothing. Very simple but for me who have always u...

Why are you using a bridge? If you only have 2 nics, one for lan and one for wan, you route between them.. why did you configure a bridge? Afaik you can’t set queues on a bridge, they would have to be set on the physical interface. I have done it on plain Linux to use cake in transparent bridge mode...

There’s two separate things in your post. One is the performance of BGP in terms of convergence and updates. The other is packet forwarding rates. Based on feedback in the forum, you can expect decent BGP convergence performance using those Xeon CPUs. The bigger problem with the current Ros is the m...

This should help you all: viewtopic.php?f=23&t=73214

It did help.. there was tip in the thread to adjust the bucket size to 0.005 and that made a big difference in my network.

Since it seems Mikrotik will never implement this, I've been experimenting with the options we DO have .... I found that setting a simple queue and capping UL/DL to 80% of rated bandwidth , and using PCQ yields very good results. It's perceivably faster and more responsive in all my applications and...

Quick hack to get plain text threat feeds to feed into RouterOS via BGP (Quagga). I prefer this type of integration over using firewall filters because I believe it's faster than large address groups and firewall rules. This can be adapted to include more threat feeds, at the moment it's the Spamhau...

This is the way.

Untangle is a pretty good firewall/UTM. It's lacking in the routing department, so I'd be running Untangle plus a router like the Mikrotik anyway. Another alternative for firewall/UTM might be Ipfire or even PFsense/OPNsense (I've used PFsense before). I chose to go with a bump-in-the-wire queuing m...

I haven't found a suitable solution in other products either. The Ubiquiti solutions don't have enough throughput and have other problems. I don't IF/WHEN Mikrotik will ever get around to this, been waiting for a long time.. so I decided to bypass Mikrotik on this topic and built a Linux VM, passed ...