Community discussions

MikroTik App

Search found 438 matches

  • 1
  • 2
by fatonk
Tue Nov 29, 2011 5:24 pm
Forum: General
Topic: Issue with Hotspot setup
Replies: 1
Views: 746

Re: Issue with Hotspot setup

Strange, when I let the default IP pools in Hotspot Gateway 10.5.50.x/24 everything is working !!!
by fatonk
Tue Nov 29, 2011 11:08 am
Forum: General
Topic: Issue with Hotspot setup
Replies: 1
Views: 746

Issue with Hotspot setup

Hi, Does anyone faced the same issue with Hotspot that I currently have, I have a problem with Hotspot setup; my scenario is that Hotspot Gateway is 1U server with all Ethernet interfaces and the access part is a RB411 with one wireless interface acting in the bridge mode, the problem that I’m facin...
by fatonk
Sat Mar 12, 2011 5:23 pm
Forum: General
Topic: 10G with Mikrotik WORKING
Replies: 18
Views: 9124

Re: 10G with Mikrotik WORKING

I have faced the same issue when I tried to setup some kind of QoS/traffic prioritizing solution. The server I used was Dell power-edge Xeon quad core and six 1gigabit ethernet pci-x cards (one card was dual port) configured in bridge mode in between two cisco switches configured with etherchannel t...
by fatonk
Wed Feb 02, 2011 2:09 pm
Forum: General
Topic: Radius bypass for PPPoE authentication
Replies: 3
Views: 4438

Re: Radius bypass for PPPoE authentication

I'm aware of the solution with second radius, but I was wondering is there a way to completely bypass Radius, since Finepoint ServPoET pppoe servers have such ability.
by fatonk
Wed Feb 02, 2011 1:55 pm
Forum: General
Topic: Radius bypass for PPPoE authentication
Replies: 3
Views: 4438

Radius bypass for PPPoE authentication

Hello,

Is there any workaround how to bypass Radius for authenticating in case that Radius servers has crashed and it takes time to recovery, this means to let free access for PPPoE user until server is back in production.

Best regards.

Faton.
by fatonk
Mon Dec 20, 2010 3:28 pm
Forum: General
Topic: poweredge 2300
Replies: 2
Views: 975

Re: poweredge 2300

RouterOS supports SATA from version 3.x, can you give more information about the hardware configuration of your server.
by fatonk
Thu Dec 02, 2010 12:38 am
Forum: General
Topic: Wher to mangle for QoS in bridge mode
Replies: 15
Views: 14211

Re: Wher to mangle for QoS in bridge mode

Hi, I have setup such "QoS" device in the network forwarding 1.2 gbit/s, and honestly I have no issues with it, what I have used is as follows; Mangle rules are in forward chain (in bridge mode it's recommended chain to mark traffic). Traffic is classified in different ways, by connection ...
by fatonk
Thu Nov 25, 2010 3:02 pm
Forum: General
Topic: Mikrotik log
Replies: 10
Views: 10520

Re: Mikrotik log

I prefer having syslog server in the network and store logs remotely.
by fatonk
Tue Nov 02, 2010 5:31 pm
Forum: General
Topic: Shaper for torrents
Replies: 11
Views: 4755

Re: Shaper for torrents

you should define different priorities between these two queues since both have the same priority, and torrents can suck all your bandwidth. In order that your queue in-not-torrent get more bandwidth just give higher priority like: queue=pcq priority=4 The colors are just to show how close to the ma...
by fatonk
Tue Nov 02, 2010 2:06 pm
Forum: General
Topic: Shaper for torrents
Replies: 11
Views: 4755

Re: Shaper for torrents

For that you should define priorities in both queues

Regards.

Faton
by fatonk
Tue Nov 02, 2010 11:40 am
Forum: General
Topic: Shaper for torrents
Replies: 11
Views: 4755

Re: Shaper for torrents

Hi,

There is nothing wrong,
just that parent queue has limit of 1900k, and queue in-not torrent utilizes 220.5k and the rest of 1680.5k is being utilized by in-torrent queue, so in fact 220.5k+1680.5k=1901k what matches your max limit in parent queue in-wan.

Regards.

Faton
by fatonk
Wed Oct 20, 2010 5:56 pm
Forum: General
Topic: RDP and VNC connections freeze
Replies: 7
Views: 3829

Re: RDP and VNC connections freeze

Hello,

fewi is right,
these symptoms are related to MTU, previously I had experience with RDP and VNC both were freezing, after the MSS and IP Fragmentation were put in place the problem was solved.

Regards.

Faton
by fatonk
Fri Oct 08, 2010 4:55 pm
Forum: General
Topic: Problem to boot: "Loading E"
Replies: 6
Views: 1782

Re: Problem to boot: "Loading E"

Make sure you are using official image or package set, not anything unofficial cracked images.

BR.

Faton
by fatonk
Tue Oct 05, 2010 2:29 pm
Forum: General
Topic: Script for Not Paying User
Replies: 2
Views: 819

Re: Script for Not Paying User

You do not need script for that, what you need is a simple page on a web server towards whom you will redirect all these customers.

BR.

Faton
by fatonk
Tue Oct 05, 2010 11:00 am
Forum: General
Topic: Where Europe MUM'11 will TakePlace?SOLVED.10-11marchBudapest
Replies: 64
Views: 12825

Re: Where Europe MUM'11 will take place?

Budapest is nice.
by fatonk
Tue Sep 21, 2010 9:11 am
Forum: General
Topic: Problem with Etherchannel
Replies: 1
Views: 832

Re: Problem with Etherchannel

The problem persists even in ver5rc1, nothing was solved with the latest upgrade.
by fatonk
Mon Sep 20, 2010 11:30 am
Forum: General
Topic: Problem with Etherchannel
Replies: 1
Views: 832

Problem with Etherchannel

Hello, I have a problem with EtherChannel and RouterOS ver5.6, please refer to the attached drawing for setup information. What is happening is that the server with RouterOS is being rebooted each approx. 30 minutes what is not the case with ver4.11, what I have notices is that if I disable one brid...
by fatonk
Wed Sep 08, 2010 9:24 am
Forum: General
Topic: Automated Billing Solutions
Replies: 18
Views: 6532

Re: Automated Billing Solutions

Hi,

Radius Manger is all you need, my few months experience with it is excellent.

Regards.

Faton.
by fatonk
Fri Aug 27, 2010 9:20 am
Forum: General
Topic: Queue size pfifo
Replies: 3
Views: 2815

Re: Queue size pfifo

Hi,

Any idea ?

Regards.

Faton
by fatonk
Tue Aug 24, 2010 2:39 pm
Forum: General
Topic: Queue size pfifo
Replies: 3
Views: 2815

Queue size pfifo

Hello, I'm wondering is there a way to calculate how big should be the queue size of pfifo in RouterOS. My scenario is that, I have 1.2 Gbps (12,000 clients) of traffic traveling through a RouterOS bandwidth management platform (dell server running RouterOS in bridge mode), which is connected in bet...
by fatonk
Mon Jul 12, 2010 2:03 pm
Forum: General
Topic: Non Internet Range , Howto !!?
Replies: 3
Views: 1269

Re: Non Internet Range , Howto !!?

Hi,

It is very simple, just assign the IP range for that service and than make sure that you do not NAT that IP prefix, also you can put some filter rules where you will allow only the given service to run on that IP prefix.

Regards.

Faton
by fatonk
Fri Apr 16, 2010 4:11 pm
Forum: General
Topic: Block Lan Over Wireless Network !
Replies: 11
Views: 2356

Re: Block Lan Over Wireless Network !

Hi,

/ip firewall filter
add chain=forward in-interface=ether3 src-addres=172.16.16.0/24 dst-address=192.168.168.0/24 action=drop

Regards

Faton
by fatonk
Wed Mar 10, 2010 10:28 am
Forum: General
Topic: Network interface Rx Drops
Replies: 40
Views: 18974

Re: Network interface Rx Drops

No, I don't use PCQ for other rules, it was just one rule with PCQ and now I have none.

Regards.

Faton.
by fatonk
Mon Mar 08, 2010 4:03 pm
Forum: General
Topic: Network interface Rx Drops
Replies: 40
Views: 18974

Re: Network interface Rx Drops

Hello, I will explain in more detail: I have installed a RouterOS based server for QoS delivery, and the setup involves lot of mangle rules that later apply at queue-tree rules. This server is configured in bridge mode, and it forwards around 900 Mbit/s of traffic, from all queue-tree rules only one...
by fatonk
Fri Mar 05, 2010 11:04 am
Forum: General
Topic: Network interface Rx Drops
Replies: 40
Views: 18974

Re: Network interface Rx Drops

Hi,

I have faced the same issue, what I have done is that I disabled the single PCQ rule out of all rules in the queue tree and the problem was solved.

Regards.

Faton
by fatonk
Thu Jan 14, 2010 3:47 pm
Forum: General
Topic: NAT issue
Replies: 9
Views: 1867

Re: NAT issue

Hi, First you have to mark connections destined for the router itself, than you should mark the routing also you should make sure that other mangle rules do not interfere with these rules. Below you have an example that works fine for me. /ip firewall mangle add action=mark-connection chain=input co...
by fatonk
Tue Dec 22, 2009 8:16 pm
Forum: Wireless Networking
Topic: Virtual-AP with Vlan tagging
Replies: 4
Views: 2116

Re: Virtual-AP with Vlan tagging

that would be perfect, reason why I asked about this configuration was that ethernet of my Cisco 1200AP just died, so I had to replace it fast with something robust as such, but the difference is that in Cisco AP you can specify Vlan ID in wireless interface. By the way I will let you know about the...
by fatonk
Tue Dec 22, 2009 7:19 pm
Forum: Wireless Networking
Topic: Virtual-AP with Vlan tagging
Replies: 4
Views: 2116

Re: Virtual-AP with Vlan tagging

OK I've got it working, very simple: Create Vlan interfaces with appropriate vlan IDs, than create Virtual-APs with appropriate SSIDs, after this create bridge interfaces and add Vlan and Virtual-AP to desired bridge, but never add Ethernet or Wireless interface to a bridge, aslo you should not conf...
by fatonk
Tue Dec 22, 2009 2:16 pm
Forum: Wireless Networking
Topic: Virtual-AP with Vlan tagging
Replies: 4
Views: 2116

Virtual-AP with Vlan tagging

Is it possible to tag packets with certain tag in Vitrual-AP, for example three Virtual-APs with different Vlan tags in the routerboard configured as a bridge ?

Regards

Faton
by fatonk
Thu Nov 05, 2009 12:08 pm
Forum: Wireless Networking
Topic: R52n and Nstream
Replies: 0
Views: 682

R52n and Nstream

Hello,

Is there any know issue with R52n cards and Nstream when one antena is used, the problem I face is that when I enable Nstream it starts connecting and disconnecting every 2 seconds.

Regards.

Faton
by fatonk
Wed Nov 04, 2009 2:56 pm
Forum: General
Topic: Queue Tree Shaping & Masquerading (RB 493AH v.3.30)
Replies: 12
Views: 3715

Re: Queue Tree Shaping & Masquerading (RB 493AH v.3.30)

sorry my mistake, rule number 3 is in postrouting chain.
by fatonk
Wed Nov 04, 2009 2:55 pm
Forum: General
Topic: Queue Tree Shaping & Masquerading (RB 493AH v.3.30)
Replies: 12
Views: 3715

Re: Queue Tree Shaping & Masquerading (RB 493AH v.3.30)

In fact you need 4 rules, something like this, amd small correction in postrouting you should use dst-address-list: 0 chain=prerouting action=mark-connection new-connection-mark=mark_1090_Up passthrough=yes src-address-list=SHAPE_LIST_1090 1 chain=postrouting action=mark-connection new-connection-ma...
by fatonk
Wed Nov 04, 2009 2:17 pm
Forum: General
Topic: Queue Tree Shaping & Masquerading (RB 493AH v.3.30)
Replies: 12
Views: 3715

Re: Queue Tree Shaping & Masquerading (RB 493AH v.3.30)

Hi, For correct flow marking and traffic shaping, you should use chain prerouting for Upload and Postrouting for Download, use of Forward chain can be usable only when the traffic is bridged not routed. The Masquerade rule can affect you in upload because the src-address will change from 192.168.X.X...
by fatonk
Wed Oct 21, 2009 6:41 pm
Forum: Scripting
Topic: Script for UDP port 5000
Replies: 1
Views: 936

Script for UDP port 5000

Hello,

We need to implements the following functionality on MT, is it possible via scripting
1. open udp port 5000
2. on every received packet on this port, return string "false" (length 5 bytes)

Regards

Faton
by fatonk
Sun Oct 04, 2009 8:37 pm
Forum: General
Topic: MikroTik MNDP can shut down Cisco APs
Replies: 5
Views: 1766

Re: MikroTik MNDP can shut down Cisco APs

Wow,
there are BUGS on CISCO IOS, that's why for that purpose, cisco for registered users have service called BUG TOOL where you can find BUG related to your, and the IOS version when it was solved. Because of bugs Cisco is bringing on versions of IOS-es same as RouterOS does.

Regard.

Faton
by fatonk
Thu Sep 17, 2009 5:40 pm
Forum: General
Topic: Transparent traffic shaper
Replies: 7
Views: 1759

Re: Transparent traffic shaper

Hi, We are using for that purpose, a DELL PowerEdge 1U server with 1 Quad core Xeon 2.4GHz CPU, 2 GB RAM, 2 integrated Broadcom Gig NICs, traffic that passes through reaches around 700 Mbit/s, different priorities for different traffic type etc etc, and we have no problem with that setup, RouterOS w...
by fatonk
Fri Aug 21, 2009 3:00 pm
Forum: General
Topic: IP Multicast RouterOS and Cisco
Replies: 0
Views: 660

IP Multicast RouterOS and Cisco

Hello, I'm trying to install a RouterOS based router in Cisco Multicast environment, bu I'm failling to do it. The Mikrotik router is NAT enabled I have enabled PIM in local and public interfaces but it doesent forward multicast, si I'm wondering does anyone has a working scenario for multicast with...
by fatonk
Thu Aug 06, 2009 11:01 am
Forum: General
Topic: 10 Gig hardware
Replies: 3
Views: 1364

Re: 10 Gig hardware

Thanx for the reply, but I'm concerned about these particular interfaces:

Intel EXPX9501AFXSR (Single-Port SR)
Intel EXPX9502AFXSR (Dual-Port SR)
Intel EXPX9501AFXLR (Single-Port LR)

Does RouterOS support these?

Regards

Faton
by fatonk
Wed Aug 05, 2009 10:24 am
Forum: General
Topic: 10 Gig hardware
Replies: 3
Views: 1364

Re: 10 Gig hardware

Anyone knows which 10 Gbit interfaces supports RouterOS ?

Regards.

Faton
by fatonk
Tue Aug 04, 2009 11:59 am
Forum: General
Topic: 10 Gig hardware
Replies: 3
Views: 1364

10 Gig hardware

Hi,

Anyone has in production 10 Gig hardware that supports RouterOS, I'm interested for a server that has two 10 Gigabit interfaces and that can handle traffic more than 1 gigabit/s.

Thnx.

Faton
by fatonk
Wed Jun 17, 2009 11:01 am
Forum: Beginner Basics
Topic: DSL PPPoe PCQ solution
Replies: 1
Views: 1247

Re: DSL PPPoe PCQ solution

You should have 4 different IP subnets, meaning one subnet per class. Than configure four different PCQ queues for Download speed per class, and 4 PCQ queues for upload per class. If you are using radius, than configure Radius to assign IPs based on class of user. Regards. Faton P.S. There are some ...
by fatonk
Wed Jun 17, 2009 10:51 am
Forum: Beginner Basics
Topic: how to block youtube on mikrotik 3.23
Replies: 11
Views: 17806

Re: how to block youtube on mikrotik 3.23

If you want to filter by IP addresses, use this address-list it filters most of the WEB Video, Youtube, Redtube, Youporn, Dailymotion etc ... /ip firewall address-list add address=208.117.224.0/24 comment="" disabled=no list=Youtube add address=208.117.225.0/24 comment="" disable...
by fatonk
Tue Jun 16, 2009 6:53 pm
Forum: General
Topic: Intel Atom vs RB1000
Replies: 12
Views: 7690

Re: Intel Atom vs RB1000

These two types of hardware can't be compared as such, RB1000 is designed as networking platform and has almost nothing in common with "desktop boards" like this one with atom CPU. The RB1000 is optimized for IPSec encryption with onboard addons, while atom board will have to use all CPU r...
by fatonk
Tue Jun 16, 2009 6:37 pm
Forum: General
Topic: aggregate links, how?
Replies: 4
Views: 1454

Re: aggregate links, how?

Post your configurations, and lets see what is wrong with it, otherwise I had no problem with such scenarios of link aggregation. Now the PCC feature should solve the problem.

Regards

Faton
by fatonk
Wed Apr 29, 2009 11:49 am
Forum: General
Topic: Well is it possible or not? PPPoE over L2TP?
Replies: 6
Views: 1791

Re: Well is it possible or not? PPPoE over L2TP?

I never tried with RouterOS, but I have implemented PPPoE over l2tp-v3 with cisco.

Regards

Faton
by fatonk
Tue Apr 21, 2009 4:48 pm
Forum: General
Topic: Queue simple Bursts on CISCO router
Replies: 2
Views: 1076

Re: Queue simple Bursts on CISCO router

Tung Bledar,

Me shkruaj ne fatonk@ipko.net, dhe te jap detaje lidhur me kerkesen tende.

Regards

Faton
by fatonk
Thu Apr 16, 2009 3:31 pm
Forum: General
Topic: RB1000 vs L3 switch routing performance
Replies: 3
Views: 2737

Re: RB1000 vs L3 switch routing performance

Backplane of L3 switch is very fast, and it can handle a heavy load of traffic. But you cannot compare things like that, everything depends on your needs and budget. The one of the cheapest L3 switch is Cisco 3560, and it costs with 24 ports around 5000$ and 48 ports around 9000$, where the RB 1000 ...
by fatonk
Wed Mar 11, 2009 6:41 pm
Forum: General
Topic: Kernel Panic RB411AH
Replies: 1
Views: 862

Re: Kernel Panic RB411AH

NETINSTALL solved the problem.

regards


faton
by fatonk
Wed Mar 11, 2009 6:14 pm
Forum: General
Topic: Kernel Panic RB411AH
Replies: 1
Views: 862

Kernel Panic RB411AH

Hi,

I'm getting this error:

Kernel panic - not syncing: No init found. Try passing init= option to kernel.


Any idea how to fix it. it's a brand new Routerboard.

Regards.

Faton
by fatonk
Thu Mar 05, 2009 2:57 pm
Forum: General
Topic: Limiting TCP 80 But Unlimited HTTP ???
Replies: 7
Views: 1976

Re: Limiting TCP 80 But Unlimited HTTP ???

Let's assume that to open a web page you will download 512KB, so when you mangle traffic use connection-bytes=1-512000 for WEB, and for the downloads connection-bytes=512000-0, this is just an example the bytes you can divide as you wish.

Regards.

Faton
by fatonk
Thu Mar 05, 2009 12:46 pm
Forum: General
Topic: Limiting TCP 80 But Unlimited HTTP ???
Replies: 7
Views: 1976

Re: Limiting TCP 80 But Unlimited HTTP ???

Use connection-bytes in mangle rules.
by fatonk
Thu Feb 26, 2009 11:58 pm
Forum: General
Topic: help can't restart or shutdown my reuteros v.3.20
Replies: 3
Views: 1194

Re: help can't restart or shutdown my reuteros v.3.20

Have you installed routerboard package ?
by fatonk
Wed Feb 25, 2009 8:58 pm
Forum: General
Topic: help me traffic control
Replies: 7
Views: 2050

Re: help me traffic control

I don't understand !!!
by fatonk
Mon Feb 23, 2009 4:31 pm
Forum: General
Topic: Bridge - same port in, same port out, possible?
Replies: 3
Views: 1066

Re: Bridge - same port in, same port out, possible?

Please be more specific, otherwise I do not understand your question.

Regards

Faton
by fatonk
Sun Feb 22, 2009 10:21 pm
Forum: Forwarding Protocols
Topic: Cheapest MPLS router?
Replies: 15
Views: 10242

Re: Cheapest MPLS router?

I think the cheapest Cisco MPLS capable router is ISR 1841 and cost is arround 1000 US $
by fatonk
Sun Feb 22, 2009 10:08 pm
Forum: General
Topic: Traffic shaper
Replies: 17
Views: 6198

Re: Traffic shaper

Hi, I'm glad you like this wiki, I hope that all together here in this forum will get it to more perfection. Let's go back to questions of Cartes: First, the individual limit per user is applied in PPPoE Servers not here, Radius sends attributes for limiting the rate of users based on particular pro...
by fatonk
Thu Feb 19, 2009 3:04 pm
Forum: General
Topic: IPSec with several networks
Replies: 5
Views: 1749

Re: IPSec with several networks

It shouldn't be the problem to configure that policy, src=192.168.1.0/24 dst=192.168.0.0/16 and the same at the main office src=192.168.0.0/16 dst=192.168.1.0/24 this should work without any prblem.

You should give more information about your setup.

Regards

Faton
by fatonk
Thu Feb 19, 2009 1:06 pm
Forum: General
Topic: Bridge Firewall for PPPOE and IP-Sec
Replies: 2
Views: 1322

Re: Bridge Firewall for PPPOE and IP-Sec

Regarding VNC and Remote Desktop it looks like MTU problem, try to adjust mss for IPSec connections.

Regards

Faton
by fatonk
Thu Feb 19, 2009 9:37 am
Forum: General
Topic: Signal not improved when changed from 2.4ghz to 5ghz :-(
Replies: 11
Views: 2120

Re: Signal not improved when changed from 2.4ghz to 5ghz :-(

What is the distance of this link ? and do you have any obstacles in the Fresenel Zone refer to: http://www.zytrax.com/tech/wireless/fresnel.htm

Regards

Faton
by fatonk
Wed Feb 18, 2009 12:54 am
Forum: General
Topic: Traffic shaper
Replies: 17
Views: 6198

Re: Traffic shaper

I just edited the wiki, there are more information about this setup, there are more to come as soon as I grab some time to work on it.

Regards.

Faton
by fatonk
Tue Feb 17, 2009 8:46 pm
Forum: General
Topic: Traffic shaper
Replies: 17
Views: 6198

Re: Traffic shaper

I just paisted my config, I will start to work on the wiki with all explanations and necessary information.
by fatonk
Tue Feb 17, 2009 2:54 am
Forum: General
Topic: Traffic shaper
Replies: 17
Views: 6198

Re: Traffic shaper

OK guys, I have just paisted my exported configuration at wiki, so lets make it look good :) I will give all the info that is necessary, here is the link:

http://wiki.mikrotik.com/wiki/Traffic_P ... lemetation

Regards

Faton
by fatonk
Mon Feb 16, 2009 6:45 pm
Forum: General
Topic: Traffic shaper
Replies: 17
Views: 6198

Re: Traffic shaper

I didn't had any significant problem, just sometimes it was queuing also packets from the higher priority. I'm still using this setup but I had to tweak it a little bit, now it works fine and I'm happy with it. I also added some scripts to enable different rates for certain traffic in certain period...
by fatonk
Sat Feb 14, 2009 11:57 pm
Forum: Wireless Networking
Topic: how to maximize the throughput
Replies: 12
Views: 5871

Re: how to maximize the throughput

Your problem is with quality of signal, signal to noise 16 db is low and TX -87 dbm is not very promising to have throughput tha your are seeking. You have check the physical part (cables, pigtails etc), or tune your signal it may happen that you receive a reflection, by the way what is distance of ...
by fatonk
Thu Feb 12, 2009 6:07 pm
Forum: Wireless Networking
Topic: Strange wireless signal problem
Replies: 1
Views: 772

Re: Strange wireless signal problem

Hi,

nstreme did his job, now it works perfectly.

Regards

Faton
by fatonk
Thu Feb 12, 2009 3:57 pm
Forum: Wireless Networking
Topic: Strange wireless signal problem
Replies: 1
Views: 772

Strange wireless signal problem

Hello, I'm experiencing a very strange wireless problem, I have installed a point to point wireless link with two RB411AH and R52 radios with AR5413 chip and Mikrotik Panel antena, the link is configured as bridge with EoIP, the RouterOS version used is 3.20. The receive signal is -47, rate=54Mb/54M...
by fatonk
Sat Feb 07, 2009 2:39 pm
Forum: Wireless Networking
Topic: Prism wireless cards and RouterOS 3.20
Replies: 1
Views: 1034

Prism wireless cards and RouterOS 3.20

Hello Is there a known issue with PCMCIA Prism cards and ver 3.20. I have upgraded two of my access-points from 2.9.51 to 3.20, and none of the Prism cards were transmiting at all, cards were just identified as a hardware with all settings enabled, I could configure Prisms but no signal, I tried to ...
by fatonk
Fri Feb 06, 2009 6:02 pm
Forum: General
Topic: 5000 PPPoE simultanous connections on MikroTik PPPoE server
Replies: 28
Views: 9875

Re: 5000 PPPoE simultanous connections on MikroTik PPPoE server

shame, it could have replace very expensive pppoe-servers like FinePOINT ServPoET.
by fatonk
Fri Feb 06, 2009 4:01 pm
Forum: General
Topic: 5000 PPPoE simultanous connections on MikroTik PPPoE server
Replies: 28
Views: 9875

Re: 5000 PPPoE simultanous connections on MikroTik PPPoE server

Again I will repeat myself, if Mikrotik developers will achieve to make RouterOS to have clustering feature, for 5000 clients I will not save to install RB1000 as many as it needs to operate at optimal mode. But, I still didn't get any answer.

Regards

Faton
by fatonk
Thu Feb 05, 2009 11:58 am
Forum: General
Topic: 5000 PPPoE simultanous connections on MikroTik PPPoE server
Replies: 28
Views: 9875

Re: 5000 PPPoE simultanous connections on MikroTik PPPoE server

Normis, can we expect clustering feature in the near future ?
by fatonk
Tue Feb 03, 2009 4:37 pm
Forum: General
Topic: mikrotik bandwidth management without nat
Replies: 3
Views: 2312

Re: mikrotik bandwidth management without nat

I may say without any doubt that Mikrotik can act as a wonderful traffic shaper, I have replaced a very expensive bandwidth manager with Mikrotik based Server.
There are plenty of examples how you can implement different Bandwidth management solutions.
Regards.

Faton
by fatonk
Tue Feb 03, 2009 12:28 pm
Forum: General
Topic: WCCP on Mikrotik
Replies: 6
Views: 2788

Re: WCCP on Mikrotik

No it is not supported by RouterOS, but I agree with macgaiver it depends what you want to achieve. In Cisco, WCCP is used with external Cache servers (Squid or Cisco Cache Engine), with RouterOS you can do things regarding Caching, but depending on scenario.

Regards.

Faton
by fatonk
Tue Feb 03, 2009 10:49 am
Forum: General
Topic: WCCP on Mikrotik
Replies: 6
Views: 2788

Re: WCCP on Mikrotik

It's a Web Cache Communication Protocol, developed by Cisco, here is a link for more details:

http://en.wikipedia.org/wiki/Web_Cache_ ... n_Protocol

Regards.

Faton
by fatonk
Mon Feb 02, 2009 6:38 pm
Forum: Scripting
Topic: Check average rate script
Replies: 4
Views: 2019

Re: Check average rate script

Ok, I have edited the script it works fine, just the first part: :global checkrate [/queue tree get PRIO8 rate] :local rate 20000000 :if ( $checkrate < $rate ) do={ /queue tree enable PRIO8-19h; /queue tree disable PRIO8 } But the second part where if the result is > than rate doesn't work; :global ...
by fatonk
Mon Feb 02, 2009 6:12 pm
Forum: Scripting
Topic: Check average rate script
Replies: 4
Views: 2019

Re: Check average rate script

Should this be the script for this: :global check_rate [/queue tree get PRIO8 rate] :local rate 20000000 :if ( $check_rate < $rate ) do={ /queue tree enable PRIO8-19h; /queue tree disable PRIO8 :if ( $check_rate > $rate ) do={ /queue tree enable PRIO8; /queue tree disable PRIO8-19h But, with this co...
by fatonk
Mon Feb 02, 2009 4:41 pm
Forum: Scripting
Topic: Check average rate script
Replies: 4
Views: 2019

Re: Check average rate script

Thanks mrz, what about the complete script solution ?

Regards.

Faton
by fatonk
Mon Feb 02, 2009 4:25 pm
Forum: Scripting
Topic: Check average rate script
Replies: 4
Views: 2019

Check average rate script

Hello, I was trying to make a script, which will check the rate of the particular queue in queue tree. The idea is, that starting from 19h until 01h every 30 minutes to check the current rate of that queue, if the rate is less than the rate configured in the same but disabled queue, than to enable i...
by fatonk
Mon Feb 02, 2009 12:03 pm
Forum: General
Topic: Address List and rate-limiting
Replies: 0
Views: 565

Address List and rate-limiting

Hello, I have installed a traffic shaper in bridge mode, despite the QoS rules that I have configured for overall traffic I also want here to limit the rate of each user. The problem is that we have few different rates with different number of PCs per user, for users with two PCs we have achieved in...
by fatonk
Mon Jan 26, 2009 5:18 pm
Forum: General
Topic: 5000 PPPoE simultanous connections on MikroTik PPPoE server
Replies: 28
Views: 9875

Re: 5000 PPPoE simultanous connections on MikroTik PPPoE server

Shall we expect in the future clustering feature in RouterOS.

Faton
by fatonk
Mon Jan 26, 2009 1:37 pm
Forum: General
Topic: A gift to our best forum users
Replies: 23
Views: 11293

Re: A gift to our best forum users

Thanks a lot, but unfortunately I cant attend MUM at this time, I hope that in any of upcoming I will arrange to attend it.

Anyway it is my honor to be part of this community.

Regards.

Faton
by fatonk
Mon Jan 26, 2009 1:01 pm
Forum: General
Topic: 5000 PPPoE simultanous connections on MikroTik PPPoE server
Replies: 28
Views: 9875

Re: 5000 PPPoE simultanous connections on MikroTik PPPoE server

We use as PPPoE servers FinePoint ServPoET BMS, this hardware supports 3000 pppoe sessions. In our infrastructure of more than 10000 clients we have installed 5 of these servers as cluster, since they are able to be clustered and of course works very good. I think it will be good to have the cluster...
by fatonk
Sat Jan 17, 2009 2:59 pm
Forum: General
Topic: Caching YouTube Content with Squid
Replies: 12
Views: 5492

Re: Caching YouTube Content with Squid

If you like to implement videocache with squid, you ca use this link: http://cachevideos.com/installation To achieve some results you need to have some TB of storage installed in cache farm, and make good bandwidth management, because it can utilize lot of your bandwidth while cacheing the files. Re...
by fatonk
Thu Jan 15, 2009 12:05 am
Forum: General
Topic: is worth upgrade from pentium d 2.8ghz to Xeon 2.66?
Replies: 14
Views: 4048

Re: is worth upgrade from pentium d 2.8ghz to Xeon 2.66?

We are running RouterOS on DELL power edge server 1U with 2x dual core Xeon 2.4 GHz CPUs, the server is used as traffic shaper in a bridge mode, and forwards 500 Mbit/s through it. With 30 mangle rules ad 42 queue tree rules, and the CPU utilisation is around 30%, regarding the netwrok cards we are ...
by fatonk
Wed Jan 14, 2009 2:53 pm
Forum: General
Topic: how to redirect some sites to an external proxy
Replies: 3
Views: 2104

Re: how to redirect some sites to an external proxy

Hi, This may help you. it is address list that contains quite few youtube, redtube, metacafe and youporn servers, you can make DNAT ruiles for these destination IPs or you can add static routes towards your proxy: /ip firewall address-list add address=208.117.224.0/24 comment="" disabled=n...
by fatonk
Tue Jan 13, 2009 3:50 pm
Forum: General
Topic: Bridge & Traffic Shaping
Replies: 5
Views: 1796

Re: Bridge & Traffic Shaping

Correct marlow, with version 3.18 it is possible, I just put traffic shaper (bridge mode) between PPPoE-Server and PPPoE-Client, and all my mangle and queue tree rules are matching correctly, in the earlier versions it was not possible.

Regards.

Faton
by fatonk
Mon Jan 12, 2009 3:41 pm
Forum: General
Topic: Bridge & Traffic Shaping
Replies: 5
Views: 1796

Re: Bridge & Traffic Shaping

RouterOS has no abilty to look in PPPoE and has no deep packet inspection feature, what you can limit is only IP based traffic.

Regards.

Faton
by fatonk
Thu Dec 11, 2008 11:38 am
Forum: General
Topic: Traffic shaper
Replies: 17
Views: 6198

Traffic shaper

Hi, I have setup a kind of bandwidth manger, a RouterOS based PC in a bridge mode with setup like this: /ip firewall mangle add action=mark-packet chain=forward comment="" disabled=no dscp=26 new-packet-mark=voip-sip passthrough=no add action=mark-packet chain=forward comment="" ...
by fatonk
Sat Nov 22, 2008 11:00 pm
Forum: General
Topic: High CPU utilisation with web proxy
Replies: 1
Views: 1072

High CPU utilisation with web proxy

Hi, I'm using an Intel board with 2.4 GHz Intel Pentium 4 CPU and 512 MB RAM and also two disks, one disk for the system (70 GB) and second for web proxy (160 GB), but at 12 Mbit/s of traffic the CPU is at 100% utilised, so the CPU never gets below 70%. When I disable web proxy the CPU never gets hi...
by fatonk
Wed Nov 19, 2008 10:22 am
Forum: General
Topic: Gigabit FX interfaces
Replies: 4
Views: 1204

Re: Gigabit FX interfaces

Thanks a lot, I've got it.

Regards


Faton
by fatonk
Tue Nov 18, 2008 9:05 pm
Forum: General
Topic: Gigabit FX interfaces
Replies: 4
Views: 1204

Re: Gigabit FX interfaces

Can you give me the exact model number of your interface that you are using.


Regards.

Faton
by fatonk
Tue Nov 18, 2008 4:39 pm
Forum: General
Topic: Gigabit FX interfaces
Replies: 4
Views: 1204

Gigabit FX interfaces

Which Gigabit FX PCI supports RouterOS, and are there any known issues with that kind of hardware and RouterOS?

Regards

Faton
by fatonk
Sat Nov 08, 2008 12:18 am
Forum: General
Topic: Clustering RouterOS PPPoE Servers
Replies: 10
Views: 3085

Re: Clustering RouterOS PPPoE Servers

I have tried to have two pppoe servers at the same broadcast domain with the same service name, but it is not balanced equally. I think RouterOS developers should add this ability, it is good to have it. At our company we use Finepoint ServPoet pppoe servers and they support clustering, but I,m very...
by fatonk
Thu Nov 06, 2008 3:47 pm
Forum: General
Topic: Clustering RouterOS PPPoE Servers
Replies: 10
Views: 3085

Re: Clustering RouterOS PPPoE Servers

Is there a way of doing it ? any idea ?

Regards

Faton
by fatonk
Tue Nov 04, 2008 6:09 pm
Forum: General
Topic: Clustering RouterOS PPPoE Servers
Replies: 10
Views: 3085

Clustering RouterOS PPPoE Servers

Is it possible to cluster PPPoE servers based on RouterOS ?

Regards.

Faton
by fatonk
Fri Oct 31, 2008 12:51 pm
Forum: General
Topic: How to mangle PPPoE traffic
Replies: 0
Views: 877

How to mangle PPPoE traffic

Hi, I want to install between pppoe clients and pppoe server a transparent traffic shapper in bridge mode, but I can't see any of the pppoe traffic which passes through it. Now I want to know is there a way to mangle and identify pppoe traffic, to look inside each pppoe packet. With Allot NetEnforce...
by fatonk
Wed Oct 29, 2008 5:32 pm
Forum: General
Topic: RouterOS version for Traffic Shapper
Replies: 3
Views: 1370

Re: RouterOS version for Traffic Shapper

I'm experiencing some problem with mangle and queue tree, the rules below doesn't match at all in version 3.14 and 3.15 / ip firewall mangle add chain=forward connection-bytes=6000000-4294967295 action=mark-connection new-connection-mark=InfiniteBytes-conn passthrough=yes comment="" disabl...
by fatonk
Tue Oct 28, 2008 3:18 pm
Forum: General
Topic: Priority for Yputube and msn and other web video
Replies: 1
Views: 1382

Priority for Yputube and msn and other web video

Hi,

I want to prioritize youtube, msn messenger and other web video, but is there a firewall rules to mangle or identify this kind of traffic or any L7 rule.

Regards.

Faton
by fatonk
Mon Oct 27, 2008 4:54 pm
Forum: General
Topic: RouterOS version for Traffic Shapper
Replies: 3
Views: 1370

RouterOS version for Traffic Shapper

Hi I just want to build a transparent traffic shaper based on RouterOS, which will operate in bridge mode and will shape around 200 MB. What I'm interested is which RouterOS version should I use, I know that the latest is always the best, but I'm wondering is there a version which used to perform al...
by fatonk
Fri Oct 24, 2008 4:20 pm
Forum: General
Topic: Need Help to set unlimited speed for local LAN?
Replies: 3
Views: 1152

Re: Need Help to set unlimited speed for local LAN?

You have queues applied for traffic sourced from 10.0.0.0/24 subnet ?
If yes, just put a rule above all other rules which will match traffic as sourced 10.0.0.0/24 and as destination has 10.0.0.0/24 subnet and do not apply any limit.

Regards

Faton
by fatonk
Fri Oct 24, 2008 1:26 pm
Forum: General
Topic: Need Help to set unlimited speed for local LAN?
Replies: 3
Views: 1152

Re: Need Help to set unlimited speed for local LAN?

Why ?

They shouldn't hit the router for traffic between them, or you have a bridge in the middle?

Regards.

Faton
by fatonk
Thu Oct 16, 2008 3:53 pm
Forum: General
Topic: Port-protected in EoIP Bridge environment
Replies: 2
Views: 1282

Re: Port-protected in EoIP Bridge environment

Thanks a lot,
it looks fine, but as far as I see it is only applicable in ver.3.x and not in any ver.2.9, but anyway if it is necessary I will upgrade the EoIP-concetrator to ver.3.14

Regrads, and thanks again for your feedback.

Faton
by fatonk
Mon Oct 13, 2008 11:07 am
Forum: General
Topic: Port-protected in EoIP Bridge environment
Replies: 2
Views: 1282

Port-protected in EoIP Bridge environment

Hi,

Is there a way to turn on something like cisco port-protected in RouterOS EoIP Bridge environment ?

Regards.

Faton
by fatonk
Wed Oct 08, 2008 5:12 pm
Forum: General
Topic: HOW TO USE PUBLIC IP IN A HOTSPOT ENVIROMENT!! PLEASE HELP!
Replies: 12
Views: 3804

Re: HOW TO USE PUBLIC IP IN A HOTSPOT ENVIROMENT!! PLEASE HELP!

HI,

What you can do is, that you can assign a private IP to the client (always the same IP) and than you can dst-nat one public IP to that private IP

Regards.

Faton
by fatonk
Wed Oct 01, 2008 6:03 pm
Forum: General
Topic: Vlan Tagging on Bridge mode
Replies: 1
Views: 895

Vlan Tagging on Bridge mode

I have e Routerboard 411 with one wireless interface and one ethernet both interfaces are in bridge, what I need is to tag all the frames with VLAN tag 702, is it possible in this mode to do this.

regards

faton
by fatonk
Wed Sep 24, 2008 5:38 pm
Forum: General
Topic: Automatically move a new rule to the beginning
Replies: 6
Views: 1353

Re: Automatically move a new rule to the beginning

use terminal for adding rules, there you have option place-before=XX for accept rules you have no problem but if by any chance or accidentally you drop traffic, you can lose access to the router.

Regards.

Faton
by fatonk
Tue Sep 23, 2008 3:37 pm
Forum: General
Topic: Best practice with pppoe+MTU
Replies: 17
Views: 33154

Re: Best practice with pppoe+MTU

You can calculate the MTU, it depends on technology that you use, if you are using only PPPoE you should adjust the MTU at 1480, but if you have after PPPoE some IPIP tunnel or EoIP that will give more overhead, because of new headers etc etc.

Regards.

Faton
by fatonk
Sat Sep 20, 2008 6:13 pm
Forum: General
Topic: bad driver in 3.14 with realtek lan card
Replies: 7
Views: 2296

Re: bad driver in 3.14 with realtek lan card

For which realtek chip this problem occurs, for 8139 I have no problems as such.
by fatonk
Thu Sep 18, 2008 11:57 am
Forum: General
Topic: Tunnel with multiple gateway
Replies: 13
Views: 4127

Re: Tunnel with multiple gateway

Q: When you use this system does selecting the local IP address on the tunnel ensure the traffic leaves from that local interface? I always use static routes for remote peers, so that ensures that you will reach the remote peer through the next hop you want. Q: Do you need to apply routing rules to...
by fatonk
Wed Sep 17, 2008 10:45 am
Forum: General
Topic: Tunnel with multiple gateway
Replies: 13
Views: 4127

Re: Tunnel with multiple gateway

Here is my setup I hope it will help you. Router1 ISP1 Interface: 10.128.1.100/24 gateway 10.128.1.1 ISP2 Interface: 10.255.1.100/24 gateway 10.255.1.1 Local Interface: 192.168.1.1/24 Remote Router ISP1 Interface: 10.24.1.150/24 gateway 10.24.1.1 ISP2 Interface: 10.240.1.50/24 gateway 10.240.1.1 Loc...
by fatonk
Tue Sep 16, 2008 2:19 pm
Forum: General
Topic: Tunnel with multiple gateway
Replies: 13
Views: 4127

Re: Tunnel with multiple gateway

Can you just put here a simple drawing of what you intent to do? Do you get from your ISP static IPs or IPs are obtained automatically?

I will post later my setup with all configuration.

Regards.

Faton
by fatonk
Mon Sep 15, 2008 6:12 pm
Forum: General
Topic: Tunnel with multiple gateway
Replies: 13
Views: 4127

Re: Tunnel with multiple gateway

What kind of traffic you want to sent through the tunnels, Internet, VPN ?
by fatonk
Mon Sep 15, 2008 3:09 pm
Forum: General
Topic: Tunnel with multiple gateway
Replies: 13
Views: 4127

Re: Tunnel with multiple gateway

I have a similar scenario, and what I have done is that, all internet traffic leaves the router through the default gateway, and if main gateway fails than traffic is routed via the second gateway, but at the same time all the traffic between remote sites goes through the IPIP tunnels. I'm using two...
by fatonk
Fri Aug 08, 2008 6:20 pm
Forum: General
Topic: Multiple Masquerades
Replies: 5
Views: 1669

Re: Multiple Masquerades

I prefer to use src-nat instead of masquerade, with src-nat you can define which source address to SNAT to specific address and so one, masquerade is useful only when you have a load balance or failover links where the NAT rules will pick address dynamically according to the out interface, but with ...
by fatonk
Wed Aug 06, 2008 4:44 pm
Forum: General
Topic: winbox login - RADIUS PAP vs CHAP
Replies: 15
Views: 12371

Re: winbox login - RADIUS PAP vs CHAP

PAP authentication is a clear text, so that is why you have an option to add MD5 at your radius mysql table to encrypt the unencrypted password, but in CHAP the password is already encrypted and uses MD5 by default, and you cannot force it to use or not encryption in CHAP it just does by default. re...
by fatonk
Fri Aug 01, 2008 10:13 am
Forum: General
Topic: How to block MAC addresses..
Replies: 5
Views: 2347

Re: How to block MAC addresses..

Leave ip arp list intact, no entries should be added there, just under ip dhcp-server make static entries of leased IP addresses and all addresses that are statically configured won't be served, just these dhcp static entries.

regards

faton
by fatonk
Sat Jul 26, 2008 11:49 am
Forum: General
Topic: ipsec problem inside lan
Replies: 1
Views: 1076

Re: ipsec problem inside lan

Hi, What I do in this kind of scenarios, is that I use ipip tunnels and encrypt the traffic which goes through it, you have an example how it works, here: http://wiki.mikrotik.com/wiki/IPSec_VPN_with_Dynamic_Routing_/_Mikrotik_and_Cisco You do not need dynamic routing, you can just use static routes...
by fatonk
Tue Jul 15, 2008 10:15 am
Forum: General
Topic: IPSec VPN - Bankdwidth problems
Replies: 3
Views: 1187

Re: IPSec VPN - Bankdwidth problems

Just do bandwidth tests from and to the router, it looks like you have upload problem to router 1.

Regards

Faton
by fatonk
Thu Jun 12, 2008 11:24 am
Forum: General
Topic: IPsec between 2 RouterOS (Vs.3.10)
Replies: 7
Views: 2250

Re: IPsec between 2 RouterOS (Vs.3.10)

can you ping 10.10.1.1 from 10.10.2.1 and vice versa, check default routes in MT Boxes.
by fatonk
Thu Jun 12, 2008 10:59 am
Forum: General
Topic: IPsec between 2 RouterOS (Vs.3.10)
Replies: 7
Views: 2250

Re: IPsec between 2 RouterOS (Vs.3.10)

Do you have IP connectivity WAN to WAN
by fatonk
Thu Jun 05, 2008 6:37 pm
Forum: General
Topic: IPSec
Replies: 2
Views: 992

Re: IPSec

On Server 2 try to put the masquerade rule after accept rule.
by fatonk
Fri May 30, 2008 5:28 pm
Forum: General
Topic: Cannot change hotmail Pasword behind mikrotik
Replies: 7
Views: 1710

Re: Cannot change hotmail Pasword behind mikrotik

is your upload traffic OK,
by fatonk
Fri May 30, 2008 3:12 pm
Forum: General
Topic: Cannot change hotmail Pasword behind mikrotik
Replies: 7
Views: 1710

Re: Cannot change hotmail Pasword behind mikrotik

Try to decrease the MSS

regards

faton
by fatonk
Fri May 30, 2008 2:35 pm
Forum: General
Topic: Can RouterOS and ISA Server co-exist?
Replies: 9
Views: 2679

Re: Can RouterOS and ISA Server co-exist?

You as ISP it is better to install RB1000 before ISA, and there you can do all the QOS, Queueing, Routing, and then leave the ISA server to manage Proxying, Filtering, Cache-ing, NAT etc etc, and of course leave it as a responsibility of your client so with this you create Demarc point between RB100...
by fatonk
Mon May 12, 2008 10:09 pm
Forum: General
Topic: ServeRAID not supported on ROS 3.x?
Replies: 1
Views: 806

Re: ServeRAID not supported on ROS 3.x?

No SCSI support in ROS.
by fatonk
Mon May 12, 2008 6:55 pm
Forum: General
Topic: ROS 3.7 and graphing
Replies: 9
Views: 1927

Re: ROS 3.7 and graphing

After the upgrade to version 3.9 the graphs are looking normal as they should, so it seems I had faulty installation which got fixed with upgrade.

Regards.

Faton
by fatonk
Mon May 12, 2008 6:54 pm
Forum: General
Topic: Proxy ROS v3.7 & v3.8.
Replies: 28
Views: 4616

Re: Proxy ROS v3.7 & v3.8.

OK, with upgrade to 3.9 my problem of interface disappearing has gone, it seems that I had a faulty installation so after the upgrade probably the system got fixed, and the problem went away.

Regards.

Faton
by fatonk
Sat May 10, 2008 11:57 am
Forum: General
Topic: ROS v3.9 THANK YOU
Replies: 6
Views: 2109

Re: ROS v3.9 THANK YOU

Do immediate upgrade only if you are experiencing issues with that version of ROS, if everything is fine up 'n running, just wait for few days and see if someone is reporting any problem, this is to be at the safe side.
by fatonk
Sat May 10, 2008 12:16 am
Forum: General
Topic: Proxy ROS v3.7 & v3.8.
Replies: 28
Views: 4616

Re: Proxy ROS v3.7 & v3.8.

I already have a cluster of SQUID servers, using wccp, but this router is in another network segment where the SQUID cache farm can't be reached, but anyway I upgraded to 3.9 and for the time being it looks very stable it seems that upgrade itself solved the problem. Wait and see.
by fatonk
Fri May 09, 2008 6:38 pm
Forum: General
Topic: Proxy ROS v3.7 & v3.8.
Replies: 28
Views: 4616

Re: Proxy ROS v3.7 & v3.8.

My problem started after 3.7 upgrade, yesterday I have upgraded to 3.8 for time being have no problem, will see if it occurs again.

regards

faton
by fatonk
Fri May 09, 2008 6:13 pm
Forum: General
Topic: ROS 3.7 and graphing
Replies: 9
Views: 1927

Re: ROS 3.7 and graphing

I'm planing to replace ethernet cards, I suspect that it is a hardware issue.
by fatonk
Fri May 09, 2008 6:11 pm
Forum: General
Topic: ROS 3.7 and graphing
Replies: 9
Views: 1927

Re: ROS 3.7 and graphing

No I do not run anything like that, that router is in production connects around 200 clients mostly PPPoE, but in all interfaces graphs register traffic that exceeds 300 Mbit/s ???
by fatonk
Fri May 09, 2008 3:04 pm
Forum: General
Topic: ROS 3.7 and graphing
Replies: 9
Views: 1927

Re: ROS 3.7 and graphing

in the winbox or CLI mode I see normal traffic nothing like in the graphs, that's why I'm very confused.
by fatonk
Fri May 09, 2008 3:01 pm
Forum: General
Topic: Proxy ROS v3.7 & v3.8.
Replies: 28
Views: 4616

Re: Proxy ROS v3.7 & v3.8.

Why ? because this happened after I have started web-proxy, before that I had no problem with that router.
by fatonk
Fri May 09, 2008 12:37 pm
Forum: General
Topic: Proxy ROS v3.7 & v3.8.
Replies: 28
Views: 4616

Re: Proxy ROS v3.7 & v3.8.

ethernet interfaces, I have 4 of them one Public and three local interfaces, after a certain time the interfaces disappear from the list of interfaces, if I want to monitor bandwidth the only thing that I can see is aggregate, no dynamic interfaces PPPOE no any other ethernet interface is shown just...
by fatonk
Fri May 09, 2008 9:30 am
Forum: General
Topic: ROS 3.7 and graphing
Replies: 9
Views: 1927

Re: ROS 3.7 and graphing

Even after 3.8 upgrade, the graphs are the same with 100 Mbit interfaces I see traffic of 1.5 Gig/s
Very Strange !!!
by fatonk
Fri May 09, 2008 9:18 am
Forum: General
Topic: Proxy ROS v3.7 & v3.8.
Replies: 28
Views: 4616

Re: Proxy ROS v3.7 & v3.8 ....SUCKS !!!

I'm facing similar problem, but in my case the interfaces disappear I thought that with version 3.8 the problem will go away but it is still present, for me restarting the web proxy doesn't work I have to reboot the whole machine. My proxu settings are : enabled: yes src-address: 0.0.0.0 port: 8080 ...
by fatonk
Mon May 05, 2008 9:12 am
Forum: General
Topic: I need some help with 2 diferent subnets
Replies: 3
Views: 1211

Re: I need some help with 2 diferent subnets

What you have to do is to flow mark the traffic generated from the second loccal subnet, like: ip firewall mangle add chain=prerouting src-address=second-subnet action=mark-packet new-packet-mark=second then place this mark in the default route ip route add gateway=second-ISP mark=second Do not forg...
by fatonk
Sat May 03, 2008 10:07 pm
Forum: General
Topic: Cisco C3500XL and MT Vlan
Replies: 4
Views: 2257

Re: Cisco C3500XL and MT Vlan

sorry I forgot the cisco config, switch port should look like this:

Cisco config:
interface FastEthernet0/39
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,100,122,367,1002-1005
switchport mode trunk
by fatonk
Sat May 03, 2008 10:03 pm
Forum: General
Topic: Cisco C3500XL and MT Vlan
Replies: 4
Views: 2257

Re: Cisco C3500XL and MT Vlan

port on your cisco switch is missconfigured
by fatonk
Fri May 02, 2008 11:31 pm
Forum: General
Topic: Public IP's on LAN (over several routers?)
Replies: 6
Views: 1529

Re: Public IP's on LAN (over several routers?)

Don't forget to avoid NAT for public subnet.
by fatonk
Fri May 02, 2008 11:30 pm
Forum: General
Topic: Public IP's on LAN (over several routers?)
Replies: 6
Views: 1529

Re: Public IP's on LAN (over several routers?)

yes, just route public subnet via private IPs of your routers.
by fatonk
Fri May 02, 2008 9:15 pm
Forum: General
Topic: Password Recovery
Replies: 3
Views: 3718

Password Recovery

I think it is good to have some kind of password recovery solution, maybe using only rs232 console connection COM port.
by fatonk
Fri May 02, 2008 9:02 pm
Forum: General
Topic: Public IP's on LAN (over several routers?)
Replies: 6
Views: 1529

Re: Public IP's on LAN (over several routers?)

Probably your ISP has routed this public subnet 208.180.93.0/23 via 66.76.60.154, what you can do is that you can divide in smaller prefixes this /23 subnet and route via your different routers. For example if your other routers connects directly to this first router, than use e.g. 208.180.93.0/28 f...
by fatonk
Fri May 02, 2008 8:33 pm
Forum: General
Topic: Problem with routing RB333
Replies: 2
Views: 949

Re: Problem with routing RB333

Have you tried to traceroute and see what happens, does th trace use the right path.
by fatonk
Fri May 02, 2008 8:21 pm
Forum: General
Topic: How do I set up which one of option to IP package encrypt?
Replies: 2
Views: 1037

Re: How do I set up which one of option to IP package encrypt?

PPPoE will solve your issue, just for tighten security do not use pap authentication.
by fatonk
Fri May 02, 2008 8:17 pm
Forum: General
Topic: ROS 3.7 and graphing
Replies: 9
Views: 1927

Re: ROS 3.7 and graphing

Here you have daily graph of public Interface FastEthernet
daily.gif
This is weekly graph
weekly.gif
and this is CPU
cpu monthly.gif
regards
by fatonk
Fri May 02, 2008 8:08 pm
Forum: General
Topic: Bandwidth management - 200 Mbit throughput
Replies: 8
Views: 2716

Re: Bandwidth management - 200 Mbit throughput

yes I'm using for accounting a separate system, this will be only for purpose of traffic shaping, and yes the number of clients on the peak hours will reach 3000, regarding the hardware I'm not sure of RB1000 but maybe I will use some quad core IBM or any other enterprise server with 2 gigabit ether...
by fatonk
Fri May 02, 2008 7:41 pm
Forum: General
Topic: ISP Bandwidth Management
Replies: 4
Views: 2409

Re: ISP Bandwidth Management

In cisco it is not useful to use rate-limit it will have lot of dropped packets, even in cisco you can shape the traffic instead of rate limit, but the RouterOS can be used as a wonderful traffic shapper.
by fatonk
Fri May 02, 2008 7:36 pm
Forum: General
Topic: Public IP's on LAN (over several routers?)
Replies: 6
Views: 1529

Re: Public IP's on LAN (over several routers?)

You just have to route your subnets through your local routers, and just be aware to void NAT for the public subnets.

regards

Faton
by fatonk
Fri May 02, 2008 11:36 am
Forum: General
Topic: Bandwidth management - 200 Mbit throughput
Replies: 8
Views: 2716

Re: Bandwidth management - 200 Mbit throughput

Thanks Hellbound, I'm thinking of using something like that probably IBM Server, but I'm wondering about any issue with RouterOS regarding this traffic load.
by fatonk
Fri May 02, 2008 10:00 am
Forum: General
Topic: Bandwidth management - 200 Mbit throughput
Replies: 8
Views: 2716

Re: Bandwidth management - 200 Mbit throughput

Through that Shaper it will pass the traffic of around 3000 clients and more or less 20000 packets per second, the configuration will be tweaked just for traffic shaping nothing else will be configured just bandwidth management, and as I mentioned before just 3 rates 512k, 1M and 2M products. The se...
by fatonk
Thu May 01, 2008 10:25 pm
Forum: General
Topic: Bandwidth management - 200 Mbit throughput
Replies: 8
Views: 2716

Bandwidth management - 200 Mbit throughput

What I want to setup in very near future, is a transparent traffic shaper, which will have three different rates for clients like 512K, 1Mbit and 2Mbit, and the overall bandwidth which will passthrough it is 200 Mbit/s, so what I'm wondering before I begin with this, does anyone of you guys has any ...
by fatonk
Thu May 01, 2008 10:01 pm
Forum: General
Topic: Backup ISP service in case of outage
Replies: 7
Views: 2511

Re: Backup ISP service in case of outage

ok, the question was " Backup ISP service in case of outage" so it has nothing to do with international links, that is something else, what was said here is a backup to directly connected gateway. Regards. Faton P.S. use interface routing i p route add gateway=WAN2 distance=10 check-gatewa...
by fatonk
Thu May 01, 2008 9:53 pm
Forum: General
Topic: Load-Balance with dynamic gatway setings
Replies: 8
Views: 2856

Re: Load-Balance with dynamic gatway setings

Yes bunrsa is right, you cannot use action=src-nat because then you will have to specify to-addresses=X.X.X.X and in your case you do not know which address you will get from DHCP, just use masquerade out the interface. So, just follow the bunrsa example and you will solve this issue.

Regards.

Faton
by fatonk
Thu May 01, 2008 9:42 pm
Forum: General
Topic: VPN between Mikrotik & Cisco
Replies: 5
Views: 6207

Re: VPN between Mikrotik & Cisco

yes, you need static route of each local subnet via tunnel interfaces.

regards.

faton
by fatonk
Wed Apr 30, 2008 6:44 pm
Forum: General
Topic: ROS 3.7 and graphing
Replies: 9
Views: 1927

ROS 3.7 and graphing

Is anybody facing an issue with graphs in ROS 3.7, because I'm facing some trouble I have three interfaces Fast ethernets so on my graphs I see traffic reaches 800 Mbit/s !!!! when I refer to my CPU graph I see that didn't hit the CPU, is it any kind of bug or just me.

Regards.

Faton
by fatonk
Wed Apr 30, 2008 6:04 pm
Forum: General
Topic: NAT with IPSEC
Replies: 4
Views: 1265

Re: NAT with IPSEC

Ok, what I have done in some really necessary cases, I do not use any NAT from LAN to LAN, but put another router connected to LAN interface of the customer and there you NAT packets from the PCs, so the LAN to LAN communication is not NATed.

Regards

Faton
by fatonk
Wed Apr 30, 2008 1:02 am
Forum: General
Topic: Multipoint GRE and DMVPN
Replies: 0
Views: 2562

Multipoint GRE and DMVPN

What about the multipoint GRE and Dynamic VPNs, it is good to have something like this, I don't know that this is possible with preset releases of RoputerOS.
by fatonk
Wed Apr 30, 2008 1:00 am
Forum: General
Topic: Webproxy decreasing RAM memory
Replies: 5
Views: 1616

Re: Webproxy decreasing RAM memory

web proxies request more RAM, i'm using SQUID and to get a satisfied result I installed 1 GB of RAM, it is normal for these kind of service to reques more RAM.

Just increase the amount of RAM and allocate more for webproxy, and you will see the difference.

Regards

Faton
by fatonk
Wed Apr 30, 2008 12:55 am
Forum: General
Topic: Whats wrong with Yahoomail not Opening
Replies: 16
Views: 4243

Re: Whats wrong with Yahoomail not Opening

in winbox on the left, somewhere at the end you have Make Supout.rif, just before the Manual

regards


faton
by fatonk
Wed Apr 30, 2008 12:51 am
Forum: General
Topic: Queue
Replies: 2
Views: 895

Re: Queue

can you post your configuration of that simple queue
by fatonk
Mon Apr 28, 2008 10:00 pm
Forum: General
Topic: PPTP throught Destination NAT forward problem with GRE?
Replies: 6
Views: 12105

Re: PPTP throught Destination NAT forward problem with GRE?

Just correct the NAT rules, it is good to configure as action=src-nat to-addresses=X.X.X.X and also out-interface=PUBLIC, make sure that you avoid masquerade.
by fatonk
Mon Apr 28, 2008 9:15 pm
Forum: General
Topic: Stupid question regarding VLANs
Replies: 2
Views: 1452

Re: Stupid question regarding VLANs

What kind of switch you are using.
by fatonk
Mon Apr 28, 2008 6:32 pm
Forum: General
Topic: Routes
Replies: 5
Views: 1629

Re: Routes

Yes, but I do not want to advertise all the pppoe customers like /32, I want to summarize and these has to be fixed.

thanks
by fatonk
Sun Apr 27, 2008 10:34 pm
Forum: General
Topic: VPN between Mikrotik & Cisco
Replies: 5
Views: 6207

Re: VPN between Mikrotik & Cisco

Probably you need NAT for your LAN to reach the Internet, but just exclude the VPN traffic from the NAT rules.

Regards.

Faton
by fatonk
Fri Apr 25, 2008 11:34 am
Forum: General
Topic: Loopback Interface
Replies: 3
Views: 7052

Re: Loopback Interface

and that should be the loopback or just the bridge without any ports ? there is a difference.
by fatonk
Fri Apr 25, 2008 11:08 am
Forum: General
Topic: Loopback Interface
Replies: 3
Views: 7052

Loopback Interface

In the next release of RouterOS, it will be good to have a loopback interface.
by fatonk
Thu Apr 24, 2008 7:19 pm
Forum: General
Topic: PCQ and global-in, global-out
Replies: 5
Views: 1951

Re: PCQ and global-in, global-out

Just refer to my rules that I have posted above.
by fatonk
Thu Apr 24, 2008 7:02 pm
Forum: General
Topic: interface errors not in SNMP
Replies: 5
Views: 2751

Re: interface errors not in SNMP

does the version 3.x requests any new MIB ?
by fatonk
Thu Apr 24, 2008 6:59 pm
Forum: General
Topic: PCQ and global-in, global-out
Replies: 5
Views: 1951

Re: PCQ and global-in, global-out

Thanks alessio,
I should rephrase my question, it's not the problem of the packet being queued twice leaving the router, The question is, it going to be limited twice? this is the issue, and I want to avoid that, otherwise twice queued is a normal routine.

Regards.

Faton
by fatonk
Thu Apr 24, 2008 6:02 pm
Forum: General
Topic: 2 ISP in 1 Lan
Replies: 12
Views: 3346

Re: 2 ISP in 1 Lan

it depends if you have any persistent route than use that example, if not just continue with load balance only.

(Albanian) versioni me persistent route eshte vetem nese ke te till, nese jo atehere vazhdo me vetem load balance.

tung

Fatoni
by fatonk
Thu Apr 24, 2008 3:24 pm
Forum: General
Topic: Low ethernet speed using MK
Replies: 11
Views: 2947

Re: Low ethernet speed using MK

Target address means your local addresses not destination throughout internet.

regards

faton
by fatonk
Thu Apr 24, 2008 10:37 am
Forum: General
Topic: MRU MTU
Replies: 5
Views: 8022

Re: MRU MTU

I'm very surprised, when you create an pppoe server in mikrotik automatically will set the max MTU and max MRU at 1488
by fatonk
Thu Apr 24, 2008 10:35 am
Forum: General
Topic: Routes
Replies: 5
Views: 1629

Re: Routes

I'm facing this same issue, and could not find a way to resolve it. I hope there is a way to do it in RouterOS.
by fatonk
Thu Apr 24, 2008 10:21 am
Forum: General
Topic: VPN between Mikrotik & Cisco
Replies: 5
Views: 6207

Re: VPN between Mikrotik & Cisco

You can setup very easy IPIP vpn connection, also there is an example if you want to use dynamic routing:

http://wiki.mikrotik.com/wiki/IPSec_VPN ... _and_Cisco

regards

faton
by fatonk
Wed Apr 23, 2008 11:45 pm
Forum: General
Topic: Clock BUG!!!
Replies: 3
Views: 1304

Re: Clock BUG!!!

which version of RouterOS you have ?
by fatonk
Wed Apr 23, 2008 10:58 pm
Forum: General
Topic: MRU MTU
Replies: 5
Views: 8022

Re: MRU MTU

Leave it to its default, PPPoE has 20 bytes overhead that's why it decreases MTU at 1480 bytes. If you have something else configured in your network like tunnels ect or by any chance facing MTU trouble, try adjusting it in the mangle.

Regards

Faton
by fatonk
Wed Apr 23, 2008 10:21 pm
Forum: General
Topic: Help with public subnet
Replies: 21
Views: 3370

Re: Help with public subnet

Here you have an example: /interface bridge add name="MyBridge" disabled=no /interface bridge port add interface=ether1 bridge=MyBridge /interface bridge port add interface=ether2 bridge=MyBridge /ip address add address=10.0.0.1/24 interface=MyBridge /ip route add gateway=10.0.0.254 Regard...
by fatonk
Wed Apr 23, 2008 10:09 pm
Forum: General
Topic: Low ethernet speed using MK
Replies: 11
Views: 2947

Re: Low ethernet speed using MK

Check for errors on interfaces, and do you by any chance have TC applied in the Linux.

Regards.


Faton
by fatonk
Wed Apr 23, 2008 5:54 pm
Forum: General
Topic: PCQ and global-in, global-out
Replies: 5
Views: 1951

Re: PCQ and global-in, global-out

anyone has any idea ?
by fatonk
Wed Apr 23, 2008 12:29 pm
Forum: General
Topic: Question regarding OSPF and dynamic PPPoE IPs
Replies: 1
Views: 949

Re: Question regarding OSPF and dynamic PPPoE IPs

Yes that's right it creates lot of overhead, what you can do is that do not advertise connected networks, instead add a static route where you sumarize pppoe clients and then you can advertise that static route.

Regards.

Faton
by fatonk
Tue Apr 22, 2008 7:13 pm
Forum: General
Topic: PCQ and global-in, global-out
Replies: 5
Views: 1951

PCQ and global-in, global-out

Hi, I just want to clarify an issue about the queueing. below I is my setup of how I'm limiting clients, and also here is a drawing of how I understood PCQ and globa-in and global-out "virtual interfaces". /ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=all pass...
by fatonk
Mon Apr 21, 2008 11:05 pm
Forum: General
Topic: Load Balancing - Backup route.
Replies: 7
Views: 3995

Re: Load Balancing - Backup route.

WirelessRudy follow the example that changeip has given, that's the simply way to resolve your issue.

Regards.

Faton
by fatonk
Mon Apr 21, 2008 10:11 am
Forum: General
Topic: 2 ISP in 1 Lan
Replies: 12
Views: 3346

Re: 2 ISP in 1 Lan

Here you have some additional confoguration:

http://wiki.mikrotik.com/wiki/Two_gatew ... _balancing
by fatonk
Mon Apr 21, 2008 10:07 am
Forum: General
Topic: Help with public subnet
Replies: 21
Views: 3370

Re: Help with public subnet

Yes you can configure Mikrotik as a bridge and do the bandwidth shaping.
by fatonk
Sun Apr 20, 2008 11:13 pm
Forum: General
Topic: Help with public subnet
Replies: 21
Views: 3370

Re: Help with public subnet

I work for ISP te biggest in my country and we do provide for our clients these kind of solutions, so just ask you ISP to solve your issue.

Regards.

Faton
by fatonk
Sun Apr 20, 2008 10:39 pm
Forum: General
Topic: Help with public subnet
Replies: 21
Views: 3370

Re: Help with public subnet

Another solution is that you configure Cisco as a bridge and connect your router as PPPoE Client, but your ISP should give you another IP for PPPoE interface and then route your /29 via that new IP.
by fatonk
Sun Apr 20, 2008 10:31 pm
Forum: General
Topic: Help with public subnet
Replies: 21
Views: 3370

Re: Help with public subnet

that's right the cisco's eth0 is your gateway, what I was saying is that maybe your ISP can give you another /30 which you can use to connect your router with cisco and your preset /29 to route via your new IP.
by fatonk
Sun Apr 20, 2008 10:10 pm
Forum: General
Topic: Help with public subnet
Replies: 21
Views: 3370

Re: Help with public subnet

In this setup you can not route your public subnet, only if your router and modem connect with different IP, like /30 between modem and router and then you ISP should route your /29 towards your new IP. Like this it works, but as a present scenario your /29 is directly connected to your WAN interfac...
by fatonk
Sun Apr 20, 2008 10:06 pm
Forum: General
Topic: How to use ip pool and ppp routes at the same time in VPN?
Replies: 4
Views: 1693

Re: How to use ip pool and ppp routes at the same time in VPN?

I don't know if I understood you well, but if you want your ppp routers to have a static IP from the IP pool, just at the ppp secret as remote address assign an IP form the pool, and this router will connect using the same IP always.

Regards.

Faton
by fatonk
Sun Apr 20, 2008 8:53 pm
Forum: General
Topic: Help with public subnet
Replies: 21
Views: 3370

Re: Help with public subnet

Your ISP should give you a single IP for your router WAN interface and than route the /29 subnet towards your WAN IP. With this you can have your /29 subnet inside your Router and do what ever you want with it, even route it further down.

Regards.

Faton
by fatonk
Sun Apr 20, 2008 11:45 am
Forum: General
Topic: Help with public subnet
Replies: 21
Views: 3370

Re: Help with public subnet

You can do this if yor ISP use the cisco only as a bridge and than you can PPPoE with Mikrotik, but you should check with your ISP does they allow this.

Regards.

Faton
by fatonk
Sun Apr 20, 2008 11:28 am
Forum: General
Topic: 2 ISP in 1 Lan
Replies: 12
Views: 3346

Re: 2 ISP in 1 Lan

here you have one of the solutions, there you have some more examples:

http://wiki.mikrotik.com/wiki/Load_Balancing_Persistent

Regards

Faton
by fatonk
Sat Apr 19, 2008 11:14 pm
Forum: General
Topic: Bandwidth Queues with VLANS
Replies: 12
Views: 7919

Re: Bandwidth Queues with VLANS

OK, here it is another example: ip firewall mangle add chain=prerouting src-address=192.168.0.0/16 dst-address=192.168.0.0/16 action=accept ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=queue passthrough=yes src-address=192.168.0.0/16 dst-address=0.0.0.0/0 queue simple n...
by fatonk
Sat Apr 19, 2008 10:34 pm
Forum: General
Topic: Bandwidth Queues with VLANS
Replies: 12
Views: 7919

Re: Bandwidth Queues with VLANS

have you try to put on top of all queue rules, the rule with 100 Mbit/s target address=192.168.0.0/24 dst-address=192.168.0.0/16, put this rule should be number "0" no rules before.

Regards.

Faton
by fatonk
Sat Apr 19, 2008 9:59 pm
Forum: General
Topic: 2 ISP in 1 Lan
Replies: 12
Views: 3346

Re: 2 ISP in 1 Lan

there are several examples in the mikrotik's wiki,

regards

faton
by fatonk
Wed Apr 16, 2008 1:19 pm
Forum: General
Topic: Back up link
Replies: 2
Views: 1250

Re: Back up link

You can achive this by adding the second gateway with higher metric meaning distance=5 e.g and also allow check-gateway=ping in both default routes. With this as soon as primary link goes down it will activate the back-up link, than as soon as primary link comes up you will be redirected through pri...
by fatonk
Wed Apr 16, 2008 1:13 pm
Forum: General
Topic: Bandwidth Queues with VLANS
Replies: 12
Views: 7919

Re: Bandwidth Queues with VLANS

Correct, that's what I was telling you. Good Job

Regards.

Faton
by fatonk
Wed Apr 16, 2008 10:08 am
Forum: General
Topic: Bandwidth Queues with VLANS
Replies: 12
Views: 7919

Re: Bandwidth Queues with VLANS

What you can do is that mark the traffic that you do not want to limit, and than mark the rest of traffic and lastly add that packet mark to the simple queue, or create new simple queue rules where you will limit traffic between VLANs at 100 Mbit/s and put these rules before the rules that limit tra...
by fatonk
Tue Apr 15, 2008 11:03 am
Forum: General
Topic: divition
Replies: 2
Views: 918

Re: divition

Create simple queue rule with desired bandwidth and as a target address put the address you want to limit, but should match as /32.

Regards.

Faton
by fatonk
Mon Apr 14, 2008 11:19 pm
Forum: General
Topic: Whats wrong with Yahoomail not Opening
Replies: 16
Views: 4243

Re: Whats wrong with Yahoomail not Opening

to alternativi: fatonkurteshi@yahoo.com
by fatonk
Mon Apr 14, 2008 11:00 pm
Forum: General
Topic: there is must be a solution (arp spoofers)
Replies: 14
Views: 4186

Re: there is must be a solution (arp spoofers)

PPPoE Implementation has solved these kind of issues in our network.

Regards.

Faton
by fatonk
Mon Apr 14, 2008 10:44 pm
Forum: General
Topic: Whats wrong with Yahoomail not Opening
Replies: 16
Views: 4243

Re: Whats wrong with Yahoomail not Opening

you should try to decrease the MTU here is the syntax for you: /ip firewall mangle add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=1400 comment="" disabled=no add chain=forward protocol=tcp tcp-flags=syn,ack action=change-mss new-mss=1400 comment="" disable...
by fatonk
Thu Apr 10, 2008 4:02 pm
Forum: General
Topic: RouterOS IPSEC VPN Transport issue.
Replies: 3
Views: 5752

Re: RouterOS IPSEC VPN Transport issue.

here you have the complete solution, just instead of the dynamic routing you can use static routes.

http://wiki.mikrotik.com/wiki/IPSec_VPN ... _and_Cisco

Regards.

Faton
by fatonk
Thu Apr 10, 2008 10:26 am
Forum: General
Topic: RouterOS IPSEC VPN Transport issue.
Replies: 3
Views: 5752

Re: RouterOS IPSEC VPN Transport issue.

This means that your policy encrypts traffic from your local network to remote local network, in the transport mode you should change the policy that mathes traffic from WAN to WAN , that's why it requests /32 IP your WAN IP like: 78.52.1.36 -> 178.5.23.2 I hope this helps you. Regards. Faton. P.S. ...
by fatonk
Wed Apr 09, 2008 10:14 am
Forum: General
Topic: Bandwidth Shaping - Internet Access and Local LOOP Traffic
Replies: 12
Views: 3941

Re: Bandwidth Shaping - Internet Access and Local LOOP Traffic

What you can do is that you can create ipip tunnels between branches, and than create a simple queue with target address=local-address and destination address=remote-local-address, than create second queue with target address=local-address and destination address=any. But, be sure to line up queues ...
by fatonk
Tue Apr 08, 2008 12:17 pm
Forum: General
Topic: Transparent shaping with Queues for tagged VLAN traffic
Replies: 6
Views: 6184

Re: Transparent shaping with Queues for tagged VLAN traffic

can you explain how it is all connected physically, it is very important to know is there any way that VLAN 2 bypasses the traffic shapper.

regards.

Faton
by fatonk
Tue Mar 25, 2008 6:22 pm
Forum: General
Topic: How many clients (RB153 3xR52H)
Replies: 12
Views: 2781

Re: How many clients (RB153 3xR52H)

Problem is with the number of clients not with bandwidth, number of clients is what saturates the capacity of the hardware. I do not use more than 30 clients per AP of that sort as yours.

Regards.

Faton
by fatonk
Tue Mar 25, 2008 5:52 pm
Forum: General
Topic: mtu pppoe
Replies: 2
Views: 1210

Re: mtu pppoe

You are not clear about your request, can you be more specific.

Regards.

Faton
by fatonk
Tue Mar 25, 2008 5:33 pm
Forum: General
Topic: Public IP's on LAN
Replies: 9
Views: 3097

Re: Public IP's on LAN

Your ISP should route your /23 public subnet via your IP 123.123.100.146/30 and than it should work.

Regards.

Faton
by fatonk
Tue Nov 27, 2007 12:23 pm
Forum: General
Topic: IPSec error
Replies: 20
Views: 7403

Re: IPSec error

Is this a VPN between two Mikrotik Routers or between different vendors.
by fatonk
Mon Nov 26, 2007 5:46 pm
Forum: General
Topic: IPSec error
Replies: 20
Views: 7403

Re: IPSec error

You should not NAT the traffic between peers, you should add accept rules before the masquerade rule.
by fatonk
Mon Nov 26, 2007 5:38 pm
Forum: General
Topic: IPSec error
Replies: 20
Views: 7403

Re: IPSec error

What about NAT do ypu have any NAT rules ?
by fatonk
Mon Nov 26, 2007 4:42 pm
Forum: General
Topic: IPSec error
Replies: 20
Views: 7403

Re: IPSec error

Check your IPSec policy, or if you can post your config it may help us to find the error.


Regards

Faton
by fatonk
Tue Nov 20, 2007 12:28 pm
Forum: General
Topic: IPSec VPN with Dynamic Routing / Mikrotik and Cisco
Replies: 9
Views: 3922

Re: IPSec VPN with Dynamic Routing / Mikrotik and Cisco

Just check the latest update of the wiki regarding this issue, and there you will find the solution.

Regards.

Faton
by fatonk
Mon Nov 19, 2007 4:38 pm
Forum: General
Topic: IPSec VPN with Dynamic Routing / Mikrotik and Cisco
Replies: 9
Views: 3922

Re: IPSec VPN with Dynamic Routing / Mikrotik and Cisco

Just try without encryption to reach side to side connection, I have a dozen of connections in this setup and have no problem. One thing to stress here , do not copy paiste configuration but just write all, I had an issue with cisco 831 in copy paiste method of configuration.

Regards


Faton
by fatonk
Sat Nov 17, 2007 12:54 pm
Forum: General
Topic: IPSec VPN with Dynamic Routing / Mikrotik and Cisco
Replies: 9
Views: 3922

Re: IPSec VPN with Dynamic Routing / Mikrotik and Cisco

Yes, I meant for IPSec.

Regards
by fatonk
Fri Nov 16, 2007 6:52 pm
Forum: General
Topic: IPSec VPN with Dynamic Routing / Mikrotik and Cisco
Replies: 9
Views: 3922

Re: IPSec VPN with Dynamic Routing / Mikrotik and Cisco

For the time being I don not see any problem with your configuration. But, can you debug a bit this connection and see if you are authenticating.

Regards.

Faton
by fatonk
Fri Nov 16, 2007 10:13 am
Forum: General
Topic: IPSec VPN with Dynamic Routing / Mikrotik and Cisco
Replies: 9
Views: 3922

Re: IPSec VPN with Dynamic Routing / Mikrotik and Cisco

Can you post your configuration here, in order to give you some assistance.

Regards

Faton
by fatonk
Tue Nov 13, 2007 6:33 pm
Forum: General
Topic: Firewall & TTL
Replies: 1
Views: 965

Re: Firewall & TTL

Hi, I have tried to do it with RouterOS, but unfortunately I have faild to do so. With gentoo linux there is a possibility to filter by TTL, here is example of what has been done in linux: /sbin/iptables -A USERS -s 10.1.4.0/22 -m ttl --ttl 127 -j ACCEPT /sbin/iptables -A USERS -s 10.1.4.0/22 -m ttl...
by fatonk
Tue Nov 13, 2007 12:59 pm
Forum: General
Topic: Manual IPSEC configuration Problem
Replies: 5
Views: 1439

Re: Manual IPSEC configuration Problem

You will have to specify authentication key and encryption key. For example, if you are using MD5 as a authentication alogorithm you will need to specify and spi and authentication key like AH In/Out Key: 476a316c346e314b334b787859313 AH In/Out SPI: 100/100 Than you will need an ecryption key, let s...
by fatonk
Sat Nov 10, 2007 10:32 am
Forum: General
Topic: How To encrypt voice traffic passing through MT ??
Replies: 12
Views: 2557

Re: How To encrypt voice traffic passing through MT ??

Dedicate a router just for the VoIP traffic, route all your VoIP traffic throughout that router, and the VoIP router should have a VPN tunnel with any other ISP outside your country, any neighbouring upstream provider with low latency and use that connection as VoIP gateway, you can check also with ...
by fatonk
Sat Nov 10, 2007 10:10 am
Forum: General
Topic: Manual IPSEC configuration Problem
Replies: 5
Views: 1439

Re: Manual IPSEC configuration Problem

You miss an encryption key.

Regards.
by fatonk
Fri Nov 09, 2007 6:50 pm
Forum: General
Topic: Is possible to find out if anybody is behind router???
Replies: 10
Views: 2627

Re: Is possible to find out if anybody is behind router???

You can monitor his traffic and check number of connections, number of new connections per second, if eh is using a router and sharing the connection with some other users, the numer of connection would be higher than with one PC. Just compare the traffic between your clients.

Regards.

Faton
by fatonk
Tue Oct 30, 2007 10:13 am
Forum: Wireless Networking
Topic: Transparent AP with two wireless interfaces
Replies: 6
Views: 1960

Re: Transparent AP with two wireless interfaces

I see no other solution than WDS, so I will setup WDS on both ends.

Regards.

Faton.
by fatonk
Mon Oct 29, 2007 12:44 pm
Forum: Wireless Networking
Topic: Transparent AP with two wireless interfaces
Replies: 6
Views: 1960

Re: Transparent AP with two wireless interfaces

I use cli mode a lot but unfortunately it is not problem in winbox, something is missing but should figure out waht.

Regards.
by fatonk
Sun Oct 28, 2007 11:20 pm
Forum: Wireless Networking
Topic: Transparent AP with two wireless interfaces
Replies: 6
Views: 1960

Re: Transparent AP with two wireless interfaces

Thanx for reply, I Have seen your wiki but that doesen't fit my scenario. Regarding your question, I'm sure that both interfaces are part of only one bridge interface, I have no other bridge interface except tha one interface is in station mode and the other ap-bridge mode.

Regards.

Faton
by fatonk
Sun Oct 28, 2007 11:59 am
Forum: Wireless Networking
Topic: Transparent AP with two wireless interfaces
Replies: 6
Views: 1960

Transparent AP with two wireless interfaces

Hello, I,m trying to setup a wireless AP whcih should be transparent and bridge between two wireless interfaces, one interface is on ap-bridge mode and second on station mode, as soon as I create a bridge interface and add both interfaces as a brdige ports, the port linked to ap-bridge mode gets dis...
by fatonk
Tue Oct 23, 2007 3:52 pm
Forum: General
Topic: Winbox stops responding in wine
Replies: 5
Views: 1408

Re: Winbox stops responding in wine

The problem disapeared with gutsy and latest wine.

Regards.

Faton
by fatonk
Mon Oct 22, 2007 8:31 pm
Forum: General
Topic: need configuration help...urgnet..
Replies: 8
Views: 1715

Re: need configuration help...urgnet..

OK I will give you some hints, so you can work on it.

For mac filtering you can use access-list under the interface, you can set arp in the wireless interface as reply-only, and than add static arp entries IP with associated mac address, use pppoe it is more secure.
by fatonk
Mon Oct 22, 2007 8:17 pm
Forum: General
Topic: need configuration help...urgnet..
Replies: 8
Views: 1715

Re: need configuration help...urgnet..

Too many questions at one time, you should refer to the RouterOS manual every answer to your question is there. Just have a look to the manual and if something you do not get right, somebody will help you through the forum.

Regards.

Faton
by fatonk
Mon Oct 22, 2007 8:01 pm
Forum: General
Topic: PCQ subqueues scenario
Replies: 11
Views: 2292

Re: PCQ subqueues scenario

Bok UsRb,

Can you explain more clearly what are you trying to achieve, because for me is not very clear what are your needs. I have to agree with jorj to put limit as closer to the client.

Regards.

Faton
by fatonk
Mon Oct 22, 2007 7:47 pm
Forum: General
Topic: VPN problem through Mikrotik
Replies: 3
Views: 1232

Re: VPN problem through Mikrotik

Where do you NAT traffic, in rb133 ore something else behind rb133 ?

Regards.

Faton
by fatonk
Thu Oct 18, 2007 2:11 pm
Forum: General
Topic: blocking all but a certain IP segment
Replies: 4
Views: 1363

Re: blocking all but a certain IP segment

For SSH you can change the port from 22 to something else, and also you can block certain traffic towards your WAN interface. Just use firewall in mikrotik and setup apopriate rules.
If you have trouble with configuring firewalling, just ask for help.

Regards.

Faton
by fatonk
Mon Oct 15, 2007 5:58 pm
Forum: General
Topic: Winbox stops responding in wine
Replies: 5
Views: 1408

Re: Winbox stops responding in wine

I will just wait for the release of gutsy in these two days, and than install the latest wine and see if this problem will disapear.

Thanks anyway.

Regards

Faton
by fatonk
Fri Oct 12, 2007 11:58 pm
Forum: General
Topic: Winbox stops responding in wine
Replies: 5
Views: 1408

Re: Winbox stops responding in wine

anyone had this problem, or knows about it.

regards.

faton
by fatonk
Thu Oct 11, 2007 6:26 pm
Forum: General
Topic: More ways to earn free licenses!
Replies: 162
Views: 84165

Re: More ways to earn free licenses!

I've got mine few days ago (L5)

Thanks Mikrotik Team.

Faton
by fatonk
Tue Oct 09, 2007 11:38 pm
Forum: General
Topic: Public IP's in "private" networks.
Replies: 4
Views: 2341

Re: Public IP's in "private" networks.

It will work, I have done this already, but make sure that you do not NAT the public subnet.

Regards.

Faton
by fatonk
Tue Oct 09, 2007 12:19 am
Forum: General
Topic: Winbox stops responding in wine
Replies: 5
Views: 1408

Winbox stops responding in wine

Hi,

Did anyone faced this kind of issuee, I'm using Kubuntu as a desktop but I have a problem with Winbox and wine after the winbox is executed it stops responding, this is not happening with other windows applications.

Regsrds.

Faton
:?:
by fatonk
Mon Oct 08, 2007 10:28 pm
Forum: General
Topic: RouterOS and Dell 2450 with U160 Scsi supported?
Replies: 1
Views: 812

Re: RouterOS and Dell 2450 with U160 Scsi supported?

RouterOS has no support for scsi disks.

Regards.

Faton
by fatonk
Mon Oct 08, 2007 10:49 am
Forum: General
Topic: VLAN on bridge problem
Replies: 1
Views: 816

Re: VLAN on bridge problem

It looks like having a problem with mtu, try to adjust mtu at lower size.

Regards.

Faton
by fatonk
Mon Oct 08, 2007 10:34 am
Forum: General
Topic: More ways to earn free licenses!
Replies: 162
Views: 84165

Re: More ways to earn free licenses!

after that date I have added an article in wiki under VPN, regarding to this article should I write to support for participating for free licence.
by fatonk
Mon Oct 08, 2007 10:12 am
Forum: General
Topic: More ways to earn free licenses!
Replies: 162
Views: 84165

Re: More ways to earn free licenses!

Hi,

Is this approved also for the rest of us who have added articles in wiki, or just for ashish.

Regards,

Faton
by fatonk
Fri Oct 05, 2007 5:30 pm
Forum: General
Topic: VPN problem
Replies: 14
Views: 2825

Re: VPN problem

sorry, my mistake I was thinking on IPSec not PPTP, I'll come back to this issue.

Regards.

Faton
by fatonk
Fri Oct 05, 2007 4:35 pm
Forum: General
Topic: VPN problem
Replies: 14
Views: 2825

Re: VPN problem

You should check that the subnets are not matching in the NAT rule, if you are using NAT.

Regards.

Faton
by fatonk
Thu Oct 04, 2007 6:54 pm
Forum: General
Topic: forwarding a port on external ip to internal ip
Replies: 4
Views: 3315

Re: forwarding a port on external ip to internal ip

They should connect t othe server with your local IP of the server.

Regards.
by fatonk
Thu Oct 04, 2007 5:23 pm
Forum: General
Topic: Rate limiting subnet with fixed per user bandwidth
Replies: 11
Views: 4811

Re: Rate limiting subnet with fixed per user bandwidth

tung,

adresa ime eshte:

fatonkurteshi@yahoo.com

pershendetje

fatoni
by fatonk
Tue Oct 02, 2007 4:57 pm
Forum: General
Topic: Rate limiting subnet with fixed per user bandwidth
Replies: 11
Views: 4811

Re: Rate limiting subnet with fixed per user bandwidth

your question: My question is: is there a way to create rate limiting rules applied to a subnet, that specify bandwidth limit per user individually? Has been answered, just check the wiki example for PCQ: http://wiki.mikrotik.com/wiki/PCQ_Examples I have used since a long time this queuing technique...
  • 1
  • 2