Im sorry could you maybe give me the exact command for that..I got the same.
My advice is;
- search for specific subnet, (by using Y next to the comment), or
- user terminal
How exactly did you do this ? I try and do ingress/egress rates on the ports and they just preform horribly.. I mean the egress I ok.. but the ingress doesnt match at all.Well done! Thanks for sharing solution!!
Find anything ?I was once told not to worry about the TX Drops, I will search this reply...
/ip firewall mangle
add action=mark-routing chain=prerouting dst-address-list=!PrivateIps new-routing-mark=WAN21 passthrough=yes src-address-list=130Production
4 ;;; AllowWireguard
chain=input action=accept in-interface-list=Wireguard log=no
log-prefix=""
Does that work similar to PfSense 1kb per state/connection ?As far as I remember, the conntract table gets resized automatically when you are reaching its current size limit.
The real limit is the ammount of RAM on the router.
If you get problems with syn floods, enable syn cookie.
could you show me a quick example of the print where command ?I respect your wishes. But suggested change is not the best. IMO better solution would be adding sort capability to print command. It could work similarly to the filtering option (print where) ...
add action=log chain=input dst-address=255.255.255.255
add action=drop chain=input dst-address=255.255.255.255
CRS326-24S+2QRMWhat gear have you already purchased?
I was joking,, just trying to learn... sorry I didnt make that clear.. jeez...Why would someone wait 17 years, wait, is your name Rip Van Joshhboss ???
Ahh man thanks!! You are so helpful… kind of have a 14 year old wearing a headset playing Call of Duty energy going on..Probably should of researched the answer to that question before you switched in the first place.
$$$$ lolmy question was more about the core switch, why chose a MikroTik instead of Cisco ?
I just made that change and i am still not getting out.. besides that is there anything that looks off with the routes? or nat?If you want to route all traffic, you'll need to allow more than just 10.55.124.0/24, i.e. you want allowed-address=0.0.0.0/0.
Wait sorry are you saying that if i have a admit untagged and priority tagged only port.. i shouldnt have all the vlans tagged on that portSorry to bug but where did i do this ?
on what port did i do this ?
lol im trying to find it now