MikroTik

jbl42

Assuming we are now talking about IPv4/IGMP and not IPv6/MLD: Yes, IGMP snooping with l2hw works on my RB5009 with mDNS, mDNS forwarding btw. VLANs and IPTV at my home network. I suggest to use ROS packet capturing to see how mDNS packets flow and if the mDNS forwarder works as intended.

jbl42

Not sure how your RB4011 setup was with working mDNS. IGMP snooping is a l2 traffic optimization feature (by forwarding multicast packages only to ports with at least on subscribed member) and as such works per VLAN. It does not forward btw. VLANs. Starting with ROS 7.16, ROS has mDNS forwarder whic...

jbl42

In my experience IGMP Snooping and using VLANs and IPv6 at the same time can work if there is an external MLD querier running on every VLAN using IPv6, disabling the ROS integrated one. In my case it is a 3rd party switch having a mld querier with 30s interval configured on every VLAN. With this RB5...

jbl42

I’ve have the same problem and after hours of looking around I found the solution: Funny how people just do not read instructions: https://support.google.com/mail/answer/185833?hl=en Google's support page clearly indicates how it works and what to do. It also clearly states 2f authentication is req...

jbl42

I'm not sure what you expect from Mikrotik regarding this. SFPs contain a vendor id in the internal EEPROM, and your Fortigate device does not accept modules with Mikrotik ID. Most big brands are doing this and only accept modules with certain IDs. You can try your luck with an fs.com module https:/...

jbl42

I keep getting hit automatic btest scripts testing to my btest server ... So I'm stopping my free btest service.

That's why we can't have nice things.
Also from my side: Thanks for the time it was!

jbl42

Yes, using smtp.gmail.com requires an app specific password which can be created on the gmail web interface. https://support.google.com/mail/answer/185833?hl=en It is much better for security, because the APP PW cannot be used to log into to your gmail/google account (if it leaks somehow out of your...

jbl42

Most posters here do not have SW development background, so we get those funny statements about "archaic tab characters". As I think we can agree that script edit in Winbox terminal should not mess up the code layout scrolling up and down in script code. So let's treat this as a bug report...

jbl42

how to use this? i created static lease, enable 'use reconfigure' in dhcp server, and after click send reconfigure in lease. shows error "send reconfigure error - no reconfigure parameters for this binding" Hopefully this means lack of DHCPAUTH. RFC3203 resp. the newer RFC6704 mandates DH...

jbl42

We had good experiences with Ubiquiti UACC-CM-RJ45-MG. It's about 60€ and we have it working fine in several MT device, including CRS309. https://eu.store.ui.com/eu/en/category/accessories-modules-fiber/collections/accessories-pro-direct-attach-cables/products/uacc-cm-rj45-mg It uses one of the late...

jbl42

It seems that either all ports on a switch would have Hw Offload status or none of them would -- or that ether9 - ether15 would keep their Hw Offload status, and ether16 would lose it. I think there are still a lot of things about how hardware offloading works on the CCR2004 I don't understand. In ...

jbl42

As an engineer, I would like to go back to stuff we know: 1. (At least) on RB5009, l2hw bridges without CPU facing interfaces drop ingress DHCP offers on tagged bridge members, despite DHCP snooping disabled 2. Adding a CPU facing interface to affected bridge VLAN solves the problem 3. Enabling DHCP...

jbl42

I see. The described limitation seems to be about VTEPs directly on top of a VLAN interface. Your question is about forwarding VTEP packets to tagged ports on the same bridge. Good question and I don't know the answer. Depending on the switch ASIC, this technically should work if done right. The bes...

jbl42

Underlay (routing encapsulated VXLAN packets): [...] 2. VTEPs are not supported over bond, VLAN interfaces, As I understand it, these restriction only apply for hw-offloaded VXLAN, which is not supported on CRS310. Passing vlan100(vxlan(packet)) on CRS310 should work. And as you have experienced, d...

jbl42

VLAN 124 is tagged on ether1 and ether2, and untagged on ether5. OpenWrt LAN is connected to ether1 on VLAN 124 (tagged). Not-VLAN-aware devices connected to ether5, or VLAN-aware devices consuming VLAN 124 connected to ether2 all fail to get DHCP lease, but have full IPv6 internet connectivity via...

jbl42

The links always come up with RouterOS 7.17.2 and lower. From 7.18 change log: *) sfp,qsfp - improved initialization and linking; Seems like the improvement is not so much an improvement for S+RJ10. And it also seems MT does not test test their own SFP modules with their own ROS releases on their o...

jbl42

Good point, missed that: Indeed since ROS 7.17 switch rules matching IP properties silently (and invisibly) set mac-protocol=ip resp. mac-protocol=ipv6 . This makes sense and explains the changed behavior seen by the OP. But it would be better if this would be indicated by the mac-protocol property ...

jbl42

Whatever happens in your captures, it is some strange stuff. Something for MT to investigate.

jbl42

„If multiple/many windows are open then simplest way to navigate between them is a dropdown“ My point is not about changing the active window using a menu. I want to open and arrange multiple windows so they do not overlap to se different things at the same time for troubleshooting and debugging. An...

jbl42

If you use PSK (password common for all clients using the same SSID), 802.11r does not matter. Despite common believe 802.11r only makes a difference if enterprise WPA is used (user specific password provided by a radius server or similar). There it shortens reauthentification of STAs changing the A...

jbl42

That’s a good question and hard to answer without knowing how ROS handles rule properties not making sense for the mac-protocol. Like IP src for ARP. My guess is the rule with only the IP src does not match any non-IP packet. While the rule with mac-protocol=arp ignores the IP src part and matches a...

jbl42

The active tab visibility was improved for normal mode, but not for dark mode. For the window borders: If an inactive window overlaps with another inactive windows, it is hardly visible where the border is. This makes it hard to klick the border to resize an inactive window. Maybe its just me, but I...

jbl42

it is understood that if I do not select any mac protocol it should be all of them Yes, it does. But still for ex. an ARP packet does not have a src-address, as it is not using IP. So it does not match the 1st pass rule, but does match the 2nd "block all" rule and hence gets dropped. I wo...

jbl42

In Desktop use, Dark mode is equivalent to orange phosphor screen... A hype! At the end, it's a matter of personal preference. Callings things a hype just because they do not match one's personal preference is a sign of getting old and grumpy ;-) My father back in the 70ties hated computers and cal...

jbl42

You are right, the issue still exists when using the Asus as an AP connected to the ax2. Dou you also see the delay of TV-box IGMP Group query response if connected with the ASUS WiFi to the ax2? As you have a MacBook, did you use monitor mode of the integrated WiFi to capture all packets on your S...

jbl42

Reading trough all of this, I think there are several issues at hand: The ROS IGMP proxy querier encodes the max response time field wrong: First, the value is modulo 25.5 (255 = 0xFF), hence for 30s it is 4.4 = 30 - 25.5. Second, the max response time field is not just a 8bit binary value in 0.1s i...

jbl42

Yes, how much routes fit into the switch ASIC's TCAM for l3hw depends on the kind of routes and the specific TCAM implementation. There is AFAIK also no way to show the available TCAM space on MT switches with l3hw. Still it is a reasonably expectation that routes are loaded into the switch ASIC's T...

jbl42

Beside netinstall:
In all our devices with specific PW on the bottom label, there is a 2nd label with the PW inside the box on the PCB.
Also MT support can tell you the PW if you provide them device with type and serial number.

jbl42

Updated a Lab RB5009 to 7.19b2 and enabled DHCP snooping. With the same results: The router is not accessible from LAN. L3 forwarding works, DHCP clients get an address. It looks like L2 broadcasts are forwarded to the CPU port, but packets from LAN going to the CPU port MAC address are dropped eith...

jbl42

Do not see this on RB5009 running 7.17.2

Linux
> dig +short -t AAAA @192.168.42.1 medium.com
2606:4700:7::a29f:9904
2606:4700:7::a29f:9804

ROS, about 5s later

> :put [/ip dns cache find where (name="medium.com" && type="AAAA")] 
*b280;*b281

jbl42

I just had another "DNS outage" and today evening caused by many DoH requests to quad9 timing out. My DNS server log is full of timed out entries like DnsClient failed to resolve the request '<some.host.com>. A IN': request timed out for name servers [https://dns.quad9.net/dns-query (9.9.9...

jbl42

btw: I have a friend being an audio professional and according to him the most recommended switches for DANTE are CBS250-8 and it's predecessor SG250-8. While affordable, the provide everything required for DANTE and have a reputation to be rock-stable, also for live events. This is based on what he...

jbl42

Other wrote that changing the registry URL might help:
viewtopic.php?p=1124233&hilit=v2#p1124233

jbl42

Sometimes Quad9 DoH on Mikrotik works perfectly for many weeks at a time, then it gets bad (stops resolving queries), I sometimes see the same on RB5009. One of the reasons I started to run 3rd party DNS servers in a container was to have better logging the investigate DoH issues with quad9. In the...

jbl42

An older thread says, by confirming with a Cisco device on the other end, that the RB5009 does have EEE enabled, but nothing in the Mikrotik documentation nor the CLI on any of my accessible devices shows anything related to that. That probably was me. RB5009 has EEE enabled on eth1-eth8. I can see...

jbl42

While it might be temperature issue, one additional side note: I'm not sure, our logs are only in volatile memory .. Routers leaving large swaths of customers without internet. Sounds strange to run routers "leaving large swaths of customers without internet" in case of issues without at l...

jbl42

I would be grateful if you could provide me with some guidance on configuring IGMP snooping on multiple VLANs without forwarding IGMP messages between VLANs. I'm not really sure what is meant with "forwarding IGMP messages between VLANs". On ROS bridges with active VLAN filtering, ports t...

jbl42

That's why I prefer to write native non-multiplatform apps and use direct WinAPI calls to draw text (DrawTextW) without any libraries. Never had any drawing issues with such approach. May be some day they'll realize it... I dare to conquer. Plain old WinAPI is based on physical screen pixels and ha...

jbl42

I had good experience with PiHole, but my personal favorite for small local DNS with or without filtering is Technitium (https://github.com/TechnitiumSoftware/DnsServer). It supports UDP/TCP, DOH with http2/3, DNS over TLS and DNS over QUIC all both as server and client. I'm running it in in both my...

jbl42

jbl42

It's so funny to hear about "improvements". Where are these improvements? From the very beginning almost all changes are related to fixing the bugs and fixing consequences of silly "modern design" decisions. And even despite of this, there are still lots of problems and it's sti...

jbl42

Why is device-mode even being discussed in this 7.18beta topic? As far as I can see, there hasn’t been a single changelog item related to device-mode in 7.18. It would make more sense to discuss this in the 7.17 thread or in a dedicated topic. A separate, well-focused discussion with significant at...

jbl42

We actually don't know what kind of "abuse by vendor" can come out of this device-mode can of worms. They can even force the override of user-defined settings of device-mode on every subsequent upgrade - if they want to get rid of more customers... The whole auto-enabled device mode is a ...

jbl42

I agree, but I also want to stress that loading 4 full tables on an internet border gateway is not the only use-case for BGP. Absolutely. Similar to what you described, we are using BGP inside our network to manage routing btw. different sites and locations. Our 2 main border routers are owned and ...

jbl42

I feel MikroTik has not fully adapted its SW development processes to use cases where newer flagships like CCR2x16 make sense and also are marketed for. While I can live with some hiccups on RB5009 devices (especially regarding its unbeatable price point for what you get), having BGP and other routi...

jbl42

Is MT DNS buggy? ... "N", as a negative, and 0.0.0.0 IP address. Turning WG clients against the same Windows server directly, it resolves all internal domains / servers just flawlessly ..... Do you see something similar to "syn flood detected on port" in your logs? Other have re...

jbl42

https://help.mikrotik.com/docs/spaces/R ... LAN-Q-in-Q

jbl42

I found the same: rx/tx values in simple queue are swapped compared to what one would expect: RX is target interface upload and TX is target interface download The configuration below works well on 1000/100 cable connections with users complaining about downloads or uploads of many and/or large file...

jbl42

On both RB5009 and CCR2004 if running containers from external storage, using an USB3 to SATA adapter connected to a 2.5" notebook SATA SSD is recommended. In our experience (even old) notebook 2.5" SSDs are much more reliable compared to USB sticks. 256 and 512 GB SATA SSDs are dirt cheap...

jbl42

With the row padding option set to 0 I get the required density of table rows and I start to like the new Winbox and actually using it. Please reconsider the font used for table values: The decimal dots are tiny and almost invisible between the digits. This makes reading of IP addresses and speeds u...

jbl42

The cache size is default, 2048, 346 items recently. Looking into the ip/dns output though, it seems, that the cache is full ..... The strange thing is your device shows 2MB of used cache for 346 DNS entries. This is unreasonable large (>5kB/entry). As an example, the DNS cache of my RB5009 current...

jbl42

It's 2025 and Mikrotik finally shows some love for IPv6. And starts working on l3hw and mlag again. Both of if which hopelessly broken since many releases. And still wondering who is after all this rose file sharing stuff on a router. But better late than never, so i'll stop complaining and look for...

jbl42

TLDR: ROS DNS forwarder should not switch upstream DNS server just because a single request was answered with status SERVFAIL, because SERVFAIL not necessarily indicates a problem with the specific DNS server. Long story: I'm not sure if this is new with the DNS refactoring listed in the 7.17 releas...

jbl42

I had the same problem on my CCR2004, make sure you don't have any features in use that will get disabled by the new device-mode settings. In my case, i had the device partitioned. After removing the second partition the update went flawlessly. What takes away the possibility to easy switch back to...

jbl42

How to configure and enable Ethernet bonding on Linux differs with distributions. All major Linux distributions have instructions in their online docs on how to to it. Best to start with that. For example https://wiki.debian.org/Bonding https://docs.redhat.com/en/documentation/red_hat_enterprise_lin...

jbl42

There is also still no HW support for VXLAN on 2216, although the switch ASIC would support it.
L3HW has issues, same for BGP. ROS on CCR2216 is not ready for prime time.

But it got DLNA support while routing is still broken. Why not use it as a DLNA server

?

jbl42

As other have explained you cannot block URLs on packet level where router L7 filters work. It is possible if run a http(s) proxy and force users to use by blocking outgoing ports 80/443 if internal source IP is not from proxy. The proxy works on http(s) instead of packet level and hence has access ...

jbl42

It's definitely a challenge for managing MikroTik devices, especially in enterprise settings. A cloud provisioning portal would be a great solution for easier management. There seems to be different meanings of "Enterprise". My "Enterprise" employer (and all others I know) has a...

jbl42

The 5009 has some sad design choices such as a front power connector This. I'm still wondering in what setup someone would want to have the power plug sticking out of the front. But the RB5009 has a screw terminal for power on the side which I usually use in rack setups to avoid having power barrel...

jbl42

Some call it space-wasting, others call it easier readability because text ist not squished together. This is an interesting topic, debated among all different kind of SW. We have our large screens to show more data with less scrolling and less windows overlap. But nowadays, UI designers and also S...

jbl42

Happy to have the treeviews back! Interface list is much more accessible if VLANs etc. are grouped underneath the bridges they belong to. What would be nice is an option to make things in the UI narrower for displaying lots of data for debugging and similar. As shown in the screenshot below there ar...

jbl42

I'm suggesting that this odd/even approach could serve as a temporary solution until v7 reaches long-term status, addressing both user groups' needs without requiring changes to development processes, as it would be controled by product management. - even releases would focus on stability, reliabil...

jbl42

As others have stated, MT delivered batches where they used a font with hard to distinguish numbers/letters (i,1,l,0,O etc). This is fixed for recent badges. You also can ask Mikrotik support for the specific default password if you provide them type and serial number of your device. And your init s...

jbl42

Is is usually not possible to "decide" btw. 1Gb and 10Gb by auto negotiation. RB5009 has a SFP+ port which is in 10Gb mode by default.

jbl42

A get works on exactly one item only. Less (none) or more will give an error. Code like this should work for the condition: :if ([ :len [ /ip/route/find where active=yes ] ] > 0) do={ ... I think what happened is find returning a different number of routes matching the filter. So by accident it wor...

jbl42

Tested it again and you are right. Bottom-line, it looks like the active property is broken in 7.15. It always returns nothing. Also interesting: /ip/route/print where active=yes prints out all routes with active=yes property But put [/ip/route/get [find active=yes]] returns "invalid internal i...

jbl42

It could also could help to enable flow control on both the server network card and the CCR2004 Ethernet port facing the server.

jbl42

Previously, in RouterOS 7.14.x and earlier, I used the following command to check if a route was active: /ip/route/get value-name=active [find distance=1] This command typically returned true or nothing, allowing my scripts to function correctly. Seems like there now is a property called inactive w...

jbl42

Yes, you are correct. Thanks.
baseT for copper, baseX for optical
For DACs, both should work as long as configured the same on both ends.

While 2.5G optics exist, it is very rare so I wrongly automatically assumed copper.

jbl42

Any ideas?

Even two

check mt documentation at https://help.mikrotik.com/docs/display/ROS/Ethernet

press tab key after speed=

Both will tell you it should be

/interface ethernet set sfp1 auto-negotiation=no speed=2.5G-baseT

jbl42

In devices supporting l2hw for VLAN filterig, using bridge rules disables l2hw. Depending on the device and network topology, this might be an issue or not. For simple setups were it is only about getting mDNS and/or UPnP passed between two different L3 routed VLANs, switch rules also work and are H...

jbl42

Bought a new Cisco Nexus router/switch a month ago, 48 x 10/25Gbps + 6 40/100Gbps ports. Closest Mikrotik comes is the CRS512 which is more expensive and has less ports. That's interesting. The cheapest Switchzilla Nexus with 48 x 10/25Gbps + 6 40/100Gbps I'm aware of is more than 10'000€... Which ...

jbl42

Updated the RB5009 in my home and several RB4011 in the lab from 7.13.5 to 7.14. No peculiarities so far, except the known bridge-MTU-change-on-reboot fixed in 7.15rc The ccr2004-pcie should not even have been released with a reset button that needs you to open the server up. Yes, a button/switch wo...

jbl42

I'm not sure what's meant with "tailor". It's just about the usual release notes. Something like limitations, resolved issues, known issues, precautions (for ex a warning for configs with non default bridge port MTU in 7.14 to wait for 7.15). With issues having unique IDs so they can be tr...

jbl42

But many change descriptions are pretty useless: "Improve something with something" No description of the actual problem solved, no description of potential impact on existing configs, backward compatibility, no updates of related documentation etc. We need more details to assess for our s...

jbl42

It is also the acknowledging reply from support when they can reproduce an issue: "We are aware of this issue, and we look forward to fixing it on an upcoming RouterOS versions." Breaking MTU handling on bridges should not be a known issues but a showstopper as it has the potential to put...

jbl42

As there is obviously not much testing, it is hard for them to know about known issues.
The current history of 7.13.1 to 7.15.5 has 26 (!!) bugs introduced with 7.13.x releases.

jbl42

Yes, having the link going up and down on device reboot confuses Windows and/or Netinstall. One way to avoid this is to use a dumb (unmanaged) switch in-between. Another way is to boot your MT device into netboot mode and wait until link is up again before staring netinstall. Once the MT device is i...

jbl42

I'm using wine-8.21-staging on macOS 14.2.1
Of course different macOS and wine versions might have different problems.

PS
I'm not sure what those version numbers in your screenshot are referring to. Current wine version is 8.x (9.0 is in RC state)

jbl42

Winbox with Gcenx built wine has one big problem on Mac which screws up all field entries containing commas and periods

On my Mac (M2Pro, Sonoma), winbox 3.40 runs without issues using Gcenx wine builds available at
https://github.com/Gcenx/macOS_Wine_builds
Even winbox self update works.

jbl42

The whole MT country specific WIFI regulation thing is currently in a bad state. 7.13.1 just broke it again in a new way. At least they are working on it. It seems confusing to have country settings for VAPs. It makes no sense for VAPs sharing the same channel and radio HW to broadcast different cou...

jbl42

What does it mean "skip 10 min CAC" , if choosing a wheater radar channel is exactly what the device then does on its own The regulatory Channel Availability Check (CAC) time before an AP is allowed to broadcast beacons on a DFS channel is 1 min. For 5'600 to 5'650 MHz (116 to 128), EU re...

jbl42

If I have control over my device connected to your network, i just connect to the https based VPN server running on one of my servers.
For your firewall it is just encrypted https traffic on usual dest port 443. For me it is a tunnel to my server from where I can go everywhere. Including youtube.

jbl42

There is a chance this will improve in the future. The switch ASICs in CCR22xx support many HW features not implemented/exposed in ROS. Not only MPLS, also VXLAN and more. (VXLAN currently also lacks HW support on CCR22xx although the ASICs could do it). As you described, with the recent IPv6 l3hw f...

jbl42

There's another "gem" with regard to firewall: new drop rules only affect new connections This is based on how iptables work: existing connections are in established stated what us usually handled by "established, related, (untracked)" rules before drop rules. So new drop rules ...

jbl42

This is possible on Mikrotik devices where the switch ASIC supports DSCP to PCP mapping (CRS3xx and upwards)
https://help.mikrotik.com/docs/pages/vi ... S)-DSCPMap

jbl42

This is a Mikrotik specialty: The switch/bridge port towards the CPU has the same name as the bridge itself. Adding this port as tagged makes the CPU facing switch port a tagged member of the VLAN. While adding a VLAN interface to the bridge adds a VLAN (virtual interface) on the CPU Ethernet port g...

jbl42

200 users with ONE-TO-ONE NAT and in total 400 mbps of internet We have RB4011 and RB5009 in production and in our experience both will be able to handle this with reasonable CPU load. For pure NAT/routing, we see both of them maxing out at 1.5-2.5GBit/s. It will be less depending on amount of addi...

jbl42

I would say "unbound", others maybe say "dnsmasq" I would also say "powerdns" ;-) While I agree with your sentiments, at least since we have Docker this can be solved easily. I started to run PowerDns and dnsmasq images, both working with almost no issues. Especially o...

jbl42

This means ROS can see the USB device but does not have a driver to actually use it as a cellular modem.
ROS is limited to a set of supported devices and no additional drivers can be added by the user.
There is a list of supported devices:
https://help.mikrotik.com/docs/display/ROS/Peripherals

jbl42

Mikrotik EU Store has 5pcs on stock:
https://www.mikrotik-store.eu/en/mikrot ... 48p-4s2qrm

No need to by from a distributor having them from an importer, both putting their own margin on top of the price for doing nothing else then forwarding your order.

jbl42

When are you releasing 7.12? I need those IKEv2 rekey fixes in the stable version :) After the buggy 7.10.0 (breaking OpenVPN on all devices) and 7.11.0 (breaking VLAN filtering on many devices) releases, taking their time to release 7.12 without major regressions and earning the "stable"...

jbl42

Many MT WiFi APs occasionally just cease operation in noisy environments. They still broadcast, but do not let stations connect. There is no other way to bring them back to operation than a power cycle. The only improvement is MT stopped denying it, as they did for a long time. The root cause is poo...

jbl42

we will be running bare metal x86_64 .. not virtualization CHR May I ask why? We stopped doing this and run all CHRs in VMs. It is so much easier to maintain, and ROS x86_64 constantly lacks behind with support of HW, especially recent network cards. And it can easily be moved from one server to an...

jbl42

be careful with using .local for your internal domains. .local is reserved for MDNS/Bonjour (RFC6762) used by many Apple Devices, Google Chromecast,Smarthome stuff etc. and using it for your internal domain might cause hard to track issues. https://en.wikipedia.org/wiki/.local If you have an officia...

jbl42

Yep. I had a similar issue with RB5009: Netinstall only works on ether1. After the following reboot, the default config is loaded and ether1 becomes the WAN port not allowing Winbox/Webfig connections. So the cable must be changed to one of the LAN ports, in case of RB5009 ether2-8. This should be b...

jbl42

That is how to deal with it.......... just need one example be made.......... That's exactly what was meant with "different way than using firewalls" ;-) And blocking in companies depends in my experience on the region. Many US companies have not much filtering in place (if at all mostly ...

jbl42

If there is any authentication required, and if yes it is using DHCP option 82 and if so what to fill in there is something only the provider can tell you.

jbl42

If it is about shaping all traffic, you can attach it to the interface. Interface queues only applies to egress traffic. Shaping ingress traffic is less helpful, as it is already to late. It the upstream device priorities incoming traffic "wrong", there is not much to be done on the WAN in...

jbl42

PUPG servers are run in AWS cloud using many IPs, some unofficial lists are around, for ex here https://gist.github.com/0n3la57k155/ce590e8692b9b04a89df42aeeb0d077c Theoretically you could add all of them to an address list and filter them in you firewall. But practically this will hardly work. The ...

jbl42

Maybe I'm missing something, but flow control does not change the fact that packets are dropped. It just changes where they are dropped. Without flow control packets are dropped at the receiving end because the RX buffer overruns. With flow control in case of backpressure packets are dropped at the ...

jbl42

I still struggle to understand why so many people fail to understand the MT single bridge VLAN filtering and state it is much more complicated than Cisco etc al. A normal Cisco switch is the same: you have one implicit bridge (the ASIC) and you add VLANs, than add ports to VLANs as tagged or untagge...

jbl42

Buffering towards slower interfaces only helps for short bursts. For constant streams like iperf or large file transfers, even large buffers only can help for a short period. If there is more data arriving than possible to output on the egress port, buffers will overflow. Only flow control can help,...

jbl42

Can I reasonably extrapolate that into two bridges with RB4011iGS+ as a sound design? The RB4011 is actually a 3-port router: 1x 10GBit Port (SFP+), and 2x 2.5GB Ports with attached extenders(ether1-5/6-10) To take full advantage of l2hw capabilities, there should be one ROS bridge per switch chip....

jbl42

Independent of protocol reserved multicast bridging, your VLAN should not be in a bridge with a physical interface /interface ethernet set [ find default-name=sfp1 ] comment="1Gbps Ethernet Link to Test CPE" mtu=9192 set [ find default-name=sfp-sfpplus1 ] comment="10Gbps Ethernet Link...

jbl42

hw=yes in ROS bridging means L2 packet forwarding in HW btw. physical ports of switch ASICs, aka l2hw This is only possible for ports on the same switch chip. RB4001 has two switch chips , one for ether1-5 and one for ether6-10. No HW forwarding is possible ether2 <-> ether9. This is one of the adv...

jbl42

If I'm not missing something here, this should be possible using FWD static DNS entries instead of NAT. regex entries are processed before "normal" static entries. If clients use ROS DNS first, adding a regex FWD entry matching urls not going to your internal domain(s) should work /ip/dns/...

jbl42

I don't know the video, but this forum post

Bridge different VLANs together [SOLVED]
viewtopic.php?t=178614

jbl42

So if even if mDNS reaches a subnet... the AirPlay "client" and "server" must be in same IP address range. My MacBook Pro streams video and audio over airplay to an AppleTV in a different VLAN/subnet without problems. Running an mDNS forwarder for discovery. Don't know about Son...

jbl42

Not sure where our disconnect is here. Yes, it is about bridging the IPTV box on L2 to the ISP WAN, same as the dedicated IPTV port of the original ISP CPE would do. Special VLANs or not (of course in case of special tagged VLANs, assuming all tagged VLANs are properly configured to be forwarded btw...

jbl42

No. Just different VLANs on the same bridge. One for WAN (10), one for LAN (20). ether1/2 as access (untagged ports) for WAN(10), ether3-8 as access port on LAN (20). With WAN/LAN NAT routing happening btw. CPU bridge interfaces for 10 and 20 VLANs. This works because my ISP uses no special VLANs fo...

jbl42

I do something similar on my home RB5009 to directly bridge my ISP's IPTV box to the ISP WAN so I 1) don't have to bother with multicast routing and b) can keep the ISP controlled IPTV box out of my private LAN. I can't not provide a direct config export as my actual setup is more complicated (WAN g...

jbl42

Dynamic DHCP leases are persited to FLASH in a configurable interval (default is 5min) or on proper shutdown/reboot. But static DNS entries, added manual or by a script, are persisted immediately. But still the wear out is negligible for the usual home network's rate of DHCP lease script driven stat...

jbl42

As is the case with most software, you will learn that it is usually not a good idea to install a .0 release, at least not immediately. I conquer. With SW, it is usually safe to upgrade from a stable minor release to the next. Like form *stable* 7.10.2 to *stable* 7.11. But with Mikrotik you have t...

jbl42

For each VLAN requiring mDNS "routing" by the container, add a veth and addd it to the bridge with matching PID.
If your main bridge uses default VLAN1 for untagged traffic, add a veth with PID1 to the bridge.

jbl42

While this can be achieved with PIM, it is quite a big gun to get AirPlay/Chrome/IoT working among routed VLANs. All those systems rely on mDNS (a simple multicast based DNS system, aka as Bonjour in the Apple world) for devices to find each other. mDNS is designed to work inside an IP subnet resp. ...

jbl42

The scripts do NOT receive any of the agent id information I never tried using DHCP options in lease scripts so far, but my understanding of the documentation " lease-options - array of received options" always was lease-options provides an array of DHCP options sent by the client and wou...

jbl42

"All (1) CRS3xx, (2) CRS5xx series switches, and (3) Ccr2116, (4) CCR2216 devices can be configured with MLAG using RouterOS version 7." As far as I understand, MLAG in ROS7 is only available on devices featuring a Marvell Prestera family switch ASIC. There is no protocol standardization ...

jbl42

Looks like this is not caused by capsman itself, but handling of dynamic interfaces in bridge. > I have had the issue reported by AdB and eworm that my 5009 running my capsman is "dropping" the VLANs for any VLAN edge ports on the 5009 On my RB5009 running 7.11 it indeed seems like VLAN H...

jbl42

DHCP server lease scripts receive all necessary information (including the DHCP options sent by the client) to do such things as pseudo global variables. The problem is the script is called *after* the lease is created and the offer is sent to the client. A more flexible way to would be a script hoo...

jbl42

There is no standardization on what value modules/DACs without temp sensor return for temperature. Some report 0x00 (0 decimal), some 0x14 (20 decimal), some 0xff (255 decimal) It obviously would make sense for ROS sense to ignore a reported SFP temp of 255 degrees (0xff) for fan control. Yet not im...

jbl42

QSFP28 vs QSFP+ is actually SFP28 vs SFP+ SFP+ is 10G max, QSFP28 is 25G max. Both are electrically and mechanically compatible, but not all (Q)SFP28 ports support 10G. So technically it should work in your case. For cable, also have a look at fs.com, where you can get active optical DACs for less t...

jbl42

I'm not really familiar with the CRS326-24G-2S+, but as far as I understand switch rules should work the same way as on RB5009 ROS supports CDP , LLDP and MNDP for discovery protocols. The switch rule only applies for LLDP, as CDP does not use e special EtherType but a reserved multicast dest MAC (0...

jbl42

/ip/firewall/nat/print where disabled=no src-address-list=[:nothing]

jbl42

Copper Ethernet is based on differential signals on twisted pairs. Those signals have +/- polarity which is detected between link partners on link establishment. Some chips (like 88E6193X in CSS610 and RB50009) can report the chosen polarity for a link as "normal" or "reversed". ...

jbl42

https://mikrotik.com/product/hex_s#fndtn-testresults

Depending on the packet size the HEX S can reach 1GB for routing with firewalling. I suggest to give it a try for your usage scenario.
Depending on the number of parallel connections and packet sizes, it might be enough or not.

jbl42

What I wanted is to isolate VLAN2 and VLAN5 of anyone else. But they need to be able to go to internet. You need to add the CPU port towards the bridge port itself as tagged interface for your VLANs so the switch forwards tagged packets to the CPU. After that, you will be able to enable VLAN filter...

jbl42

the rb5009 seems to be the lone device that has a capable marvell switch that doesn't seem to have a hardware routing option in routeros. The 88E6393X chip is part of the LinkStreet familiy which is much simpler (and cheaper and cooler) than the Prestera Familiy used in CRS devices. Presteras have ...

jbl42

As others have explained, RB5009 switch chip fully supports L2 offloading for VLANs and IGMP/DHCP snooping in HW. (aka L2hw). For routing, there is no HW support (aka L3hw). Fasttrack bypasses parts of ROS. Data is directly passed in low level SW. This is still CPU based, but with less load. Fasttra...

jbl42

The ROS DHCP server can run a script on creation and removal of DHCP leases. Inside those scripts, DNS entries can be added or removed.
Find an example here:
viewtopic.php?t=119469
There are also other similar scripts which you can find using the forum search function.

jbl42

Off topic: on which version are your devices ? Since, I think, 7.8 or so, I haven't seen this happening anymore.

I still see this occasionally on 7.9.2. It is much better than it was with 7.7 where it happened on every reboot. But it still happens rarely.

jbl42

I use two different USB storage on two RB5009 without problems so far (except the occasional USB drive renaming on reboot breaking containers, but that's a ROS issue): A Startech USB to SATA adapter connected to a Samsung 860 EVO 2.5" 256GB SATA SSD I had lying around from a disfunct notebook P...

jbl42

Could this potentially be used to flash a lightweight Linux distro onto an arm-based routerBOARD? No. RouterBOOT (Mikrotik bootloader) only boots up signed Mikrotik SW installed uing NPKs. To boot a 3rd party Linux kernel, you need a modified RouterBOOT. See here for an example on how to install op...

jbl42

But MikroTik script has a syntax all its own. It's certainly not like C or PHP. In some ways its closer to Assembly. Mikrotik scripts is basically shell automation and hence is more similar to bash/zsh (Unix shell) scripts. There you would write "${qplan}M" The difference is MT scripts us...

jbl42

I'm thinking to put in the unifi controller to control the APS

RB5009 has 1GB RAM in total. A running unifi controller instance requires 1-2GB RAM (can be more depending on number of managed devices), so most likely you will run into out of memory issues.

jbl42

If you need BFD and BGP, use Cisco or Juniper Yeah, thanks. You must be fun at parties. Same as pe1chl, I really do not get all those stupid comments. There are large installations based of ROS6 using BFD. Without BFD, there is no way to upgrade to ROS7 and most important not possible to use any of...

jbl42

As Ca6ko wrote, it is important that the network interface used for netinstall is the one and only active network interface on the host running netinstall. All others must be disabled before netinstall is started. My usual setup to run netinstall is to run in a virtual machine with an USB Ethernet a...

jbl42

Make sure you specify a session file (e.g. <own>) in your connection.

After wiping out sessions and creating a new one it indeed works.
I'm happy to stand corrected!

jbl42

I'm not ;-) I only apply such filters for stupid paying customers wanting it. Because they only know YouTube for video and Facebook for social media. So they think trying to block those two sites helps anything. What I sometimes do on sites with low bandwidth uplink is using tls-host rules to apply ...

jbl42

add software-id column in winbox neighbors discovery section. software-id column is available in neighbor window in Show Columns... menu (down looking arrow on the right) But a long standing feature request is that WinBox keeps selected columns and does not set them back to defaults for every new s...

jbl42

What I do on "important" RB5009 is to sacrifice ether8 for mgmt port. I make it not part of the main bridge nor part of the LAN interface group and bind a static ip directly to ether8, allow winbox/webui/ssh on it. So if I mess up bridge settings or FW rules in a way not even MAC access is...

jbl42

Beside running services, I can also see value in Docker for testing and debugging: Temporary starting up a minimal Debian or Ubuntu image on a remote router to run tools like flent, cacti or nagios from the router's remote point of view could come in handy.

jbl42

Yes, using tls-host is in my experience the best result with least effort add action=reject chain=forward in-interface-list=LAN protocol=tcp reject-with=tcp-reset tls-host=*.googlevideo.com Plus a rule to block quic. It is resistant to DoHS, but not against VPN. It requires only one simple and easy ...

jbl42

As always with technical problems: It is not about who is right. It is about what works. In summary: Youtube can be blocked to a certain extend for the average user by forwarding DNS to a commercial DNS service like Cloudflare, Umbrella etc. They have the abilities to track and adapt to the constant...

jbl42

To add something more constructive to all the complaints: I'm happy with the state of ROS 7.x on RB5009. For heavy SOHO and small branch applications, they work reliable with not much complaints except some SFP+ module issues solvable by using other SFPs. Also Docker is appreciated to run services l...

jbl42

jbl42

I read something about using switch ACLs but this doesn´t seem to be supported on my switch cpus (QCA 8513L) According to https://help.mikrotik.com/docs/pages/viewpage.action?pageId=103841835 CRS125 should have switch ACLs available in /interface ethernet switch acl At the other hand, LLDP should n...

jbl42

I don't think it is the heat in my case. In the interface it shows the temperature of the sfp around 30 celcius while it shuts down at 95 No, it's not. The RB5009 is quite picky with SFP(+) modules. Many do not work, but do work on RB4011 (which also required many ROS upgrades to solve SFP problem ...

jbl42

Bugs and things like BFD have no "enabled=yes" switch in RouterOS configuration files, sorry Sorry Normis, but writing nonsense like "there is no enabled=true for BFD" after 18+ months of claiming to work on it is just pathetic. If 18 months is not enough for MikroTik to bring B...

jbl42

Eh, Jletti42

My Italian is rusty, but still I think I got that one

jbl42

Beside protocol issues, the important thing to know is that youtube content is delivered using a world wide CDS (content delivery system). Most of it runs on Google's own infrastructure, part of it is also rented from Akamai and similar. So the list of youtube hosts is a) large and b) constantly cha...

jbl42

It's been odd to me that rb4011 sporting a fairly powerful hw lacks usb port and now it's disappointing to know there's no workaround for it either. Yes. Especially regarding the fact the RB4011 SoC features a USB3.0 controller. Still for some reason MikroTik decided not to add a USB port for RB401...

jbl42

This issue was introduced with 7.5, and still happening with 7.6: https://forum.mikrotik.com/viewtopic.php?t=190072#p964372 It was reported to be fixed, but is still appears in the current 7.7 beta https://forum.mikrotik.com/viewtopic.php?t=190351#p965140 For our three CCR2216, we had to go back to ...

jbl42

Two pieces of metal, one cast and one sheet, two sets of LAN terminals, an USB, SFP, and some other connectors, plus a printed board with some chips on it. Always funny when some random guys know things better. The shortage affects especially "simple" chips. Like small uCs, voltage contro...

jbl42

The UBNT are much more stable (and you have to like the UniFi controller thing), but if you need an AP running reliable in a busy bar or office, with 10+ neighbor SSIDs fighting each other, they still have issues. In such locations, it is worth to spend some £200 - £250 for a lower end professional ...

jbl42

I have a RB5009 in "production" at home running 7.6 (7.5 and 7.4 before). 1Gbit fiber, SFP+ module, NAT, some medium firewalling, 4 VLANs with HW filtering on the bridge, some simple queues and wireguard server. 2 persons frequently working from home, with heavy VPN usage, Teams/Zoom confe...

jbl42

*) sfp - added 2.5G SFP module support for RB5009;

Thanks. If AutoNeg is disabled and speed fixed to 2.5GB, it works with an ISP provided PON-ONT in RB5009 SFP+ port.

jbl42

For RB5009, we were able to get our hands on some rb5009upr+s+in. We do not need the PoE, but better than nothing. We also had to bite the bullet and buy some expensive Cisco boxes, because CCR2216 is available nowhere with unknown date of restocking. We still have global chip shortage. My employer ...

jbl42

The last email from support... they recommended changing the lease time on the router and Extending the Key Exchange time out to something longer than the 5 min default. This is sheer desperation. There are long standing issues with key exchange on MT WiFi, but this is not related to noise/HD probl...

jbl42

the fact that Wifi 6 ax is still not fully baked at Mikrotik

WiFi in general at MikroTik is not even closed to be baked.
I'm a MikroTik router proponent, but do yourself a favor and stay away from any MikroTik WiFi.

jbl42

I'm going to evaluate for the coming days...luckily an RB5009 has 1Gbytes so there is some headroom ... but stil.... If I read your chart right, the memory consumption increased by about 4MB in about 6h and seems to stabilize towards the end of the available data. PiHole is caching things like reso...

jbl42

No, I did not try to disable L3HW.
I don't see any value in running a ROS version with broken L3HW on a CCR2216. As you mentioned, the large scale L3HW capabilities are the reason to pay the extra money for a CCR2216 in the first place.

jbl42

I think I have to rephrase my question: what´s better in 6.47.9 wifiwise than with 6.49.7 ?

Nothing we know about, and hardly related to TX power.
But everything after 6.47.9 is worse than 6.47.9.
No more details known beyond what is mentioned in the (incomplete and sketchy) ROS release notes.

jbl42

Its not MTs fault, its Apple fault to use mDNS. As a hobbyist, this might be a valid point. As a professional: Have you ever tried to sell gear not supporting the managements beloved iThings to a company? Ever tried to explain to a "important" manager that his shiny new iPad Pro cannot co...

jbl42

Is it related to the TX power setting, which is not available in newer versions? No, it is related to issues with the ROS 7.x WiFi driver for hAP lite and hAP mini. TX power was removed to comply with regulation. But contrary to popular belief, increasing TX power does not help much anyway. WiFi is...

jbl42

Installed 7.6 without issues on several RB4011(no WiFi) and R5009. Basic setups (NAT, VLAN filtered bridge, some simple queues, basic firewalling, DHCP client/server), all working fine so far. Different on CCR2216: BPG/OSPF with large (300'000+) tables and L3HW enabled is unstable and peer connectio...

jbl42

It is and was a sad story: Never put MT WiFi APs into noisy environments, especially not if you are the one being called if things do not work: The 2.4Ghz Radio will kind of lock up every few hours or days, requiring a reboot to get clients connecting again For 5Ghz, if using DFS channels (what is i...

jbl42

Yes, 224.0.0.0/24 addresses shall not be and are not routed by normal routing. That's why an additional mDNS reflector is required in the first place to propagate mDNS among subnets. Technically, it is an odd thing to do. But practically there are many add-on implementations by Cisco et al to make A...

jbl42

At least for the Zyxel APs I used so far, intra-bss blocking blocks communication between clients (STAs) on the same AP using the same SSID, independent of 2.4/5GHz band. Other brands calls the same feature client isolation. This is often used for public APs in Hotels, Bars, Shops etc. for security ...

jbl42

"NIST compliance" is a very broad term. NIST (National Institute of Standards and Technology, a US Federal Organization) has many different standards in different revisions. Some of them also combine or overlap with US federal standards like FIPS . I suggest to ask for the exact standard n...

jbl42

The price difference mainly comes from thw 2216 providing 25GBit local links with 100Gbit uplinks vs. 2116 with 1Gbit local links and 10Gbit uplinks. 25/100 Gbit vs 1/10Gbit switch chip makes a big price difference. If your routing/QOS is CPU based and the load high enough for the CPU being the bott...

jbl42

SFP(+) is an unofficial standard and only specifies the mechanical and electrical interface. There are different protocols possible between the SFP port and the inserted module. Depending on speed and copper vs optical: MII, GMII, SGMII, raw 4b5b, raw 8b10b, and many more. Technically, a SFP(+) host...

jbl42

1. I'm not sure the OP is talking about RB5009UPr. The "normal" RB5009 also has PoE in on ether1 2. The 7.6beta6 release notes do not mention any PoE in related fix 3. Running betas on production devices is a no-go. So are you telling us RB5009UPr is not ready for production yet? An then t...

jbl42

Updated two RB4011 and one RB5009 in our testlab and one RB5009 at my home network 7.4.1 -> 7.5 without issues so far. Used features: intra VLAN routing (no BGP/OSPF) with srcNAT towards WAN, bridging 5-7 VLANs with HW filtering, 30-50 FW rules, some simple queues, NTP server/client, DHCP server/cli...

jbl42

As I said before, free filtering platform or software (ex. Pi-Hole) are suitable if the Organization has a skilled admin supporting the service. And if there is no need for enterprise features (such as Active Directory integration, Google workspace synchronization, etc). Most companies using MT equ...

jbl42

I would like to be able to access the same VLANs of building B, basically as if I were connected directly to the router of building B. How can I go about transporting VLANs through NAT? (The masquerade is involved) VLAN is Layer2, NAT happens on Layer3. You need a L2 over L3 tunnel, like EoIP and s...

jbl42

RB5009 does support EEE 802.3az on ether1 - ether8. I have several RB5009s connected to Cisco switches and EEE is supported and operational on Cisco <-> RB5009 1GB connections. It is not mentioned in the MT specs, It is not visible, cannot be disabled. But its there and it works. Here an example of ...

jbl42

In general: If the specs of a PoE source device do not explicitly mention galvanic isolation for PoE, there is none. It is quite expensive to build in. Devices like MikroTik, Ubnt, TP etc all miss galvanic isolation on the PoE outs. The PoE GND is directly connected to the power supply ground of the...

jbl42

I was able to pass the card through to a Linux VM running ubuntu 20.04 and it shows 1G but I can almost get 10G through it with iperf. I was hoping to be able have the card show up as vmnics. Glad to hear it worked. The AR8151 network chip is actually a 1GB chip, but the virtual chip as emulated by...

jbl42

The CSS610-8P (and CSS610-8G) is built based on the Marvell 88E6390X switch chip. SwitchOS lite runs on a small CPU integrated into the switch chip, what makes the very low price point possible, compared to other brand's managed PoE 2x10GB switches. But the drawback is it has not enough resources to...

jbl42

That's not true. It's called limiting access. For example, say you wanted to expose port 22 to another vlan, but not port 23, you can limit what can communicate. Exactly. Even Enterprise boxes from Cisco, Juniper and the usual suspects provide mDNS proxies to allow AppleTV based screen sharing amon...

jbl42

The CCR2004-1G-2XS-PCIe emulates a Atheros 1GB chip towards the host supported by the Linux atl1c driver. It requires a patch added by MikroTik so it is recognized as 10/25GB interface. Currently it is only supported by recent Linux kernels. Not in Windows , FreeBSD (yet) or VMWare7 (I suppose you a...

jbl42

Also of note, I have spun up a CHR and I am able to connect to it via MAC from a laptop on the same layer 2 but from the Windows 11 machine, I am unable. I have gone so far as to move ports on the CRS305 for this Window 11 machine and still see the same issue. Same here: Winbox-mac can not connect ...

jbl42

But on CRS-8P that have both 48 and 24, , if I plug non mikrotik device like a PMP450i are provided 48V, if I plug AF5XHD or AF60-LR, are provided 24V without force anything. The handshake do the choice....??? The PMP450i supports 802.at active PoE in. The CRS-8P supports 802.3af/at @48V and passiv...

jbl42

https://hub.docker.com/r/andrius/asterisk
should run on RB5009/RB4011 and similar arm/arm64 MT devices, but did not try it yet.

jbl42

Do we need to buy additional Power Supply? According to specs, RB5009UPr+S+IN reserves 20W for its own usage, leaving max 130W for devices running on PoE supply. Or 76W with the included PSU. So if the total power consumption of attached PoE devices stays below 76W (which is the case for many appli...

jbl42

Ping to the next hop timeout, and ping to any other IP say no route. I have a deadline this week to get it working, so I'm desperate for help! I have a deadline this week to get it working, so I'm desperate for help! No ROS version, no config export, no details on your setup, nothing about what you...

jbl42

We have some branches connected through Mikrotik PPTP As others have suggested, you might read about PPTP and consider switching to wireguard: https://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol#Security we have disabled their Internet usage by disabling masquerade nat. Disabling masque...

jbl42

Anyway, Mikrotik has worse issues with radars than others, as far as I can tell Absolutely. In noisy environments, MikroTik APs tend to "detect" radars all over the place and constantly jump DFS channels. There are many complaints about this in the forum. If non-DFS schannels are not an o...

jbl42

I would think the AP would send an appropriate errormessage and the clients would then go through the complete authentication cycle instead of using the fast PMKSA. Yes, obviously that is what's going wrong. According to 802.11r, it is not based on error codes, but by the AP initating a full IEEE 8...

jbl42

> *) wifiwave2 - added initial support for roaming (802.11r) between local AP interfaces; If 802.11r is enabled (`security.ft=yes`) some devices can't reconnect to an AP after the latter gets rebooted. In my case it was an iPhone with iOS 15.5. Logs show the following: mac-address@wifi2 rejected, c...

jbl42

I can remember a link to a thread were someone actually did soldering PCIe sockets onto an RB5009 board. It was either on reddit or here, could not find it in a quick search. He could not get it to work. Most likely there are other components in addition to the PCIe sockets required to be soldered. ...

jbl42

Bro, what are you smoking? Grow up. Netmap is NOT stateless. I use it on ISP BNGs and also in my personal home router for /32s and the same thing for normal home users who are my clients. I have given up to ask you how iptables netmap statefuly accepts incoming UDP content streams to a port request...

jbl42

And every freakin distributor loves to lock in the end user with their specific solution aka "triple play" and likes. And besides VLAN and other related stuff, all using specific port numbers, transport initialization, multiple streams using different transports and sometimes even proprie...

jbl42

Repeat after me: There Are No Standards, Not Even for IPTV. :D Sniffing the Transport field in the outgoing RTSP request as defined in RFC2326 is enough to have all those IPTV solutions working. Transport: RTP; unicast;client_port=12345 OpenWRT manages to handle all those IPTV services with just th...

jbl42

Bottom line, it's virtually impossible to implement a general RTSP "helper" since there isn't just one "standard". Quite the opposite there are many different ones including proprietary solutions and they all differ depending of intended application. While I agree on this, I thi...

jbl42

Isn't that just "architectures supported by dockerhub"? When you compile your own binaries, you could use any architecture, of course easiest is to use the architectures supported by gcc. Yes. Dockerd and associated utilities can be installed and/or built anywhere a recent enough working ...

jbl42

Only x86, arm and arm64 Architectures supported by Docker are ARM ARM 64 IBM POWER IBM Z PowerPC 64 LE x86 x86-64 Docker does not support MIPS or Tilera (TILE support anyway was removed from official Linux kernels in 2018 ). While technically Docker most likely could be ported to Linux/MIPS or Linu...

jbl42

Im getting this error in red now which I didn't have before the upgrade anyone know best way to resolve it?

Remove the bandwitdth from the cake queue type and configure traffic limits within the queue itself.

jbl42

If the users instead to submit problems to support@mikrotilk.com do a mess on user forum So reporting the same issue over and over to support is better than reporting the same issue again in the forum? And why is MT support telling me to report issues with betas in the forum? And how does it come y...

Search found 347 matches