Community discussions

MikroTik App

Search found 477 matches

  • 1
  • 2
by loloski
Fri Jun 14, 2024 12:25 pm
Forum: General
Topic: Long Term release or new functions?
Replies: 7
Views: 412

Re: Long Term release or new functions?

We need both stability and new feature focus specially on service provider just my humbly opinion
by loloski
Thu Jun 13, 2024 11:08 am
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 74
Views: 15802

Re: v7.16beta [testing] is released!

*) bgp - fixed cluster-list and originator-id;
Cisco peer will now be happy
by loloski
Tue Jun 11, 2024 6:11 pm
Forum: General
Topic: QA of software releases
Replies: 22
Views: 1028

Re: QA of software releases

Am i kidding hell no! we are not a hobby shop and we need real stability on ROS I know money is hard to come by these days that's why we are lock into their ecosystem if we can motivate them by giving some premium or extra why not? a lot of small and medium size business depends on ROS whether we li...
by loloski
Tue Jun 11, 2024 4:47 pm
Forum: General
Topic: QA of software releases
Replies: 22
Views: 1028

Re: QA of software releases

@normis Don't you think it's about time to charge extra premium to ROS I know a lot of people is willing to shell out money us included and the money you gather on this can fund ROS even further to improve not only the software stack but to improved the product overall?, I hate to admit that sometim...
by loloski
Thu Jun 06, 2024 7:07 pm
Forum: Beginner Basics
Topic: /29 for customer
Replies: 1
Views: 216

Re: /29 for customer

it's a network route the /29 that you hand over to them via PPPoE should be assign on their CPE as LAN IP and the /29 that you assign to your customer should be advertise going to your edge with your IGP of choice to make a proper routing /29 Public IP (X.X.Y.Y) WWW -> EDGE -> BRAS -> CPE 100.64.X.X...
by loloski
Mon Jun 03, 2024 10:28 am
Forum: General
Topic: Feature Request: IP source guard / arp inspection
Replies: 9
Views: 5473

Re: Feature Request: IP source guard / arp inspection

+1 on this, I hope they won't forgot this important feature
by loloski
Fri May 31, 2024 7:36 am
Forum: Announcements
Topic: v7.15.1 [stable] is released!
Replies: 309
Views: 55753

Re: v7.15 [stable] is released!

if you have OSPF and assign some local address like 10.255.255.1/32 on loopback (lo) interface this is connected route is this allowed or not? or just the hardcoded (127.0.0.1) is not allowed?
by loloski
Sun May 26, 2024 3:49 am
Forum: General
Topic: NAT Pool with afinity
Replies: 3
Views: 364

Re: NAT Pool with afinity

use netmap instead of src-nat it will work
by loloski
Sat May 25, 2024 10:35 am
Forum: Forwarding Protocols
Topic: Graceful restart
Replies: 13
Views: 9773

Re: Graceful restart

GR is not supported atm no one knows where this could be implemented
by loloski
Thu May 23, 2024 1:22 pm
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 44
Views: 20061

Re: 802.1AE MACsec Progress or Examples ?

I believed if you are passing traffic less than 1G i think you are safe, I think someone test this on CCR2004 if my memory serves correctly they were able to get 1G speed, you can certainly try this on your environment before going live
by loloski
Tue May 21, 2024 4:20 pm
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 44
Views: 20061

Re: 802.1AE MACsec Progress or Examples ?

even if it remotely possible don't do it because macsec and vxlan encapsulation/decapsulation is process by CPU for now, some of the marvel hardware is capable but the codebase of mikrotik does not support it that's what I'm reading here in the forum all the time look at what post https://forum.mikr...
by loloski
Tue May 21, 2024 8:44 am
Forum: Announcements
Topic: WinBox v3.40 released!
Replies: 164
Views: 157620

Re: WinBox v3.40 released!

Nope, can't reproduce your issue, did you try to remove your cache and try again?
by loloski
Tue May 21, 2024 5:48 am
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54899

Re: Feature Request : IPv6 Fasttrack

I'm just genuinely curious can someone from MT camp/support can tell us why they are having a hard time to implement this very important feature for SOHO markets, if they can do it in IPV4 why not in IPV6 been using other gears for the last 5 to 6 years and never seen this is an issue, Is this purel...
by loloski
Sun May 19, 2024 8:20 am
Forum: Beginner Basics
Topic: Is it public IP OR not
Replies: 2
Views: 398

Re: Is it public IP OR not

you have private IP and it's being natted in the ISP router
by loloski
Sat May 18, 2024 8:22 am
Forum: General
Topic: Mikrotik.com error 503
Replies: 1
Views: 276

Mikrotik.com error 503

Please check your main site
by loloski
Fri May 17, 2024 3:39 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 671
Views: 209237

Re: v7.14.3 [stable] is released!

Indeed I agree with pe1chl, I once hit this limit 1000 customers with individual /32 learned route from OSPF because of a misconfigured BNG router i believed the router can handle more load if only this connection tracking is settable, not some magic dynamic hard limit based on free memory from the ...
by loloski
Sun May 12, 2024 3:10 am
Forum: General
Topic: Struggling to get src-nat masquerade to work on hAP AC Lite [SOLVED]
Replies: 12
Views: 6000

Re: src-nat - reply IP packets are forwarded to WAN instead of WAN [SOLVED]

that's how NAT works, it's a return packet from 8.8.8.8 going to LAN host that's why it's outgoing interface is ether1 which is your WAN interface isn't it?
by loloski
Fri May 10, 2024 2:14 pm
Forum: Forwarding Protocols
Topic: default route check with BFD
Replies: 10
Views: 602

Re: v7.15rc [testing] is released!

@Infabo This is not a routing filter issue because the syntax is working fine, the issue that I want to raise is clear, if you apply that rule in in-filter-chain in OSPF instance, the adjacency between neighbor will teardown what MT should do is don't allow the user to set "gw-check bfd" s...
by loloski
Fri May 10, 2024 10:42 am
Forum: Forwarding Protocols
Topic: default route check with BFD
Replies: 10
Views: 602

Re: v7.15rc [testing] is released!

Thanks for the heads up, but it doesn't warrant why the adjacency between ospf neighbor will teardown for me it's a bug. I think the bug here is set gw-check bfd; when you just accept everything Adjacency formed and stable I file a support ticket for this https://help.mikrotik.com/servicedesk/servic...
by loloski
Fri May 10, 2024 6:02 am
Forum: Forwarding Protocols
Topic: default route check with BFD
Replies: 10
Views: 602

Re: v7.15rc [testing] is released!

I hope they don’t in this RC OSPF adjacency is tearing down if bfd is enabled and you have in-filter-chain in your ospf instance with this rule chain=ospf-in rule=“if(protocol ospf && dst==0.0.0.0/0) { set gw-check bfd; } accept;” I try latest 7.14 stable same thing in my understanding BFD f...
by loloski
Thu May 02, 2024 4:29 pm
Forum: Forwarding Protocols
Topic: received advertisements from devices to be forwarded to a web based BMS
Replies: 2
Views: 321

Re: received advertisements from devices to be forwarded to a web based BMS

make a REST services/api that will post process the data after receiving from your MT devices, problem solved
by loloski
Thu May 02, 2024 3:29 pm
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 343
Views: 108606

Re: v7.15rc [testing] is released!

Is that PPP accounting radius issue is not covered with unit testing so that you can catch that early and minimize releasing software that has birth defects? hahaha just kidding, I'm just curious
by loloski
Thu May 02, 2024 2:53 pm
Forum: Beginner Basics
Topic: Unable to block YOUTUBE,FAEBOOK,...
Replies: 4
Views: 423

Re: Unable to block YOUTUBE,FAEBOOK,...

If this is in a corporate settings, talk to HR and help them craft a policy that watching youtube or doing anything outside the scope of work is subject for expulsion, we've done this and it works 100% of time sometimes technology is not answer for a modern tech world, just my 0.2$
by loloski
Sat Apr 27, 2024 11:29 am
Forum: Forwarding Protocols
Topic: eBGP v6.x to v7.x migration
Replies: 5
Views: 574

Re: eBGP v6.x to v7.x migration

Just read the manual mate, make a lab and learn it it's hard to config something without a real context
by loloski
Sat Apr 27, 2024 11:26 am
Forum: Forwarding Protocols
Topic: Question with BGP
Replies: 4
Views: 647

Re: Question with BGP

This is just pure routing then let your L7 load balancer handle the routing to your apps problem solved you don't have to worry the IP or NAT issues if that what's worries you, just my 0.2$
by loloski
Fri Apr 26, 2024 12:41 pm
Forum: Forwarding Protocols
Topic: eBGP v6.x to v7.x migration
Replies: 5
Views: 574

Re: eBGP v6.x to v7.x migration

/routing/filter/rule/add chain=BGP-IN rule="if(dst==0.0.0.0/0) { accept; } else { reject; }"
by loloski
Fri Apr 26, 2024 8:54 am
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 343
Views: 108606

Re: v7.15rc [testing] is released!

@mkx

Thanks i don't know what i'm thinking i download the wrong extra package :)
by loloski
Fri Apr 26, 2024 7:18 am
Forum: Forwarding Protocols
Topic: Question with BGP
Replies: 4
Views: 647

Re: Question with BGP

In prolexic we got a 2 byte AS number and established a bgp peer with them if there's an attack they are going to notify you and ask for confirmation since this is a manage service they are going to annouce your prefix to them and they are going to mitigate DDoS in their scrubbing center and pass yo...
by loloski
Fri Apr 26, 2024 2:41 am
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 343
Views: 108606

Re: v7.15rc [testing] is released!

Where did wifi-qcom-ac package go? can't seems to find in extra package and why?
by loloski
Thu Apr 25, 2024 3:20 pm
Forum: Forwarding Protocols
Topic: eBGP v6.x to v7.x migration
Replies: 5
Views: 574

Re: eBGP v6.x to v7.x migration

#### Put your prefix here that you want to announce /ip/firewall/address-list/add list=MYSUBNET address=122.23.0.0/24 ### this is just a sample #### i assume that you have point to point connection to your peer so this is not a multihop host and address families is IP #### assumption your peer addr...
by loloski
Wed Apr 24, 2024 4:54 am
Forum: Forwarding Protocols
Topic: BGP confederation
Replies: 3
Views: 2662

Re: BGP confederation

Did it work in previous version rosv6?, I'm also interested into this at least in a lab setting because our network is not as big as yours, we don't need it today :)
by loloski
Wed Apr 24, 2024 1:42 am
Forum: Forwarding Protocols
Topic: As Override vs Allow-As-In Behavior
Replies: 1
Views: 317

Re: As Override vs Allow-As-In Behavior

routing/bgp/session/refresh 0 address-family=ip
found it at least it doesn't tear down the whole connection
by loloski
Tue Apr 23, 2024 10:40 pm
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 343
Views: 108606

Re: v7.15rc [testing] is released!

[user@DCCJ-POP1-R1-EDGESW] > /interface/bridge/port export # 2024-04-24 03:36:24 by RouterOS 7.14.1 # software id = 12DQ-9QUD # # model = CRS326-24G-2S+ # serial number = HCQXXXXX /interface bridge port add bridge=DISTRIBUTION frame-types=admit-only-untagged-and-priority-tagged \ interface=ether1 p...
by loloski
Tue Apr 23, 2024 3:03 pm
Forum: Wireless Networking
Topic: Radius-Disconnect will not Disconnect the client
Replies: 2
Views: 673

Re: Radius-Disconnect will not Disconnect the client

Change of Authority is half bake in RouterOS afaict, I'm happy to be corrected by anyone, I haven't seen anyone claim that it's working without a quirk
by loloski
Tue Apr 23, 2024 2:55 pm
Forum: Scripting
Topic: Telegram inline keyboard
Replies: 3
Views: 320

Re: Telegram inline keyboard

What that program does you can communicate to your Mikrotik device from telegram in the form of chat / bot and you can execute any script stored in your MT just want to set the expectation
by loloski
Tue Apr 23, 2024 9:19 am
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 343
Views: 108606

Re: v7.15rc [testing] is released!

You can always go back to v7.14.X DHCP snooping is working as expected on this version
by loloski
Tue Apr 23, 2024 8:59 am
Forum: Scripting
Topic: Telegram inline keyboard
Replies: 3
Views: 320

Re: Telegram inline keyboard

I think this is the closes you can get and for me at least it works great!
https://github.com/eworm-de/routeros-scripts/blob/main/doc/telegram-chat.md
by loloski
Tue Apr 23, 2024 7:16 am
Forum: Forwarding Protocols
Topic: As Override vs Allow-As-In Behavior
Replies: 1
Views: 317

As Override vs Allow-As-In Behavior

Hi All, Good day, Just want to ask if I use As Override on both PE1 or PE2 the effect is instantaneous both loopback address was learned and installed on each CE's rib, while Allow-As-In if you set in to 1 on CE side the effect is not immediate you have to disable and tear down the peer connection b...
by loloski
Tue Apr 23, 2024 4:11 am
Forum: Forwarding Protocols
Topic: BGP Feature Status
Replies: 0
Views: 287

BGP Feature Status

Hi MT,

May we ask if any of this feature will be on the pipeline?, care to share if you do have some crazy workaround?
2.png
by loloski
Mon Apr 22, 2024 8:25 am
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 343
Views: 108606

Re: v7.15rc [testing] is released!

@strods

like i said this is on GNS3 but on real device i haven't seen this issue, will send the file momentarily

edit: done SUP-150754
by loloski
Fri Apr 19, 2024 3:31 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 671
Views: 209237

Re: v7.14.3 [stable] is released!

Thanks for heads up
by loloski
Fri Apr 19, 2024 2:07 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 671
Views: 209237

Re: v7.14.3 [stable] is released!

*) queue - improved system stability (introduced in v7.6);

Can someone elaborate on this please?, thanks
by loloski
Fri Apr 19, 2024 1:02 pm
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 343
Views: 108606

Re: v7.15rc [testing] is released!

using this RC in GNS3 you can't login via winbox it just simply saying logging even ssh connection it's not working :(, never seen this before
2.png
edit: webfig works
1.png
by loloski
Thu Apr 18, 2024 7:25 pm
Forum: Forwarding Protocols
Topic: BGP no-export attribute
Replies: 10
Views: 5895

Re: BGP no-export attribute

no-export will be passed to the peer in new routing version. But for v6, most likely it will stay as it is.
May we ask for the progress on this?
by loloski
Wed Apr 17, 2024 5:28 pm
Forum: Beginner Basics
Topic: Upgrade not booting
Replies: 7
Views: 445

Re: Upgrade not booting

i'm afraid you have to netinstall and be it on site
by loloski
Tue Apr 16, 2024 6:08 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 503
Views: 132398

Re: v7.15beta [testing] is released!

Yeah it's working fine with cisco in GNS3
2.png
1.png
by loloski
Mon Apr 15, 2024 11:29 am
Forum: General
Topic: Unstable CRS326-4C+20G+2Q [SOLVED]
Replies: 16
Views: 1531

Re: Unstable CRS326-4C+20G+2Q [SOLVED]

add bridge=main tagged=qsfpplus1-1,combo4 untagged=\ ether1,ether2,ether3,ether4,ether5,ether7,ether14,ether15,ether16,ether17 \ vlan-ids=1 for some vlans your ether1 is a tagged port but for vlan-ids=1 it's an access port for can you disabled this first and try again? not unless this is hybrid por...
by loloski
Mon Apr 15, 2024 10:12 am
Forum: General
Topic: Unstable CRS326-4C+20G+2Q [SOLVED]
Replies: 16
Views: 1531

Re: Unstable CRS326-4C+20G+2Q [SOLVED]

I don't think if this will help you or not, but can you make a single vlan aware bridge and remove a bridge dedicated for the management?
by loloski
Sat Apr 13, 2024 6:54 pm
Forum: Virtualization
Topic: QEMU vm speed problem
Replies: 1
Views: 529

Re: QEMU vm speed problem

that is expected PNET/GNS3 is just for lab/simulation only what do you expect? and even it can route properly, CHR is limited to 1MB only if you don't have a valid license, you can obtain a demo P1 license and try again if you are that persistent :)
by loloski
Sat Apr 13, 2024 5:25 pm
Forum: Beginner Basics
Topic: netinstall for ax2
Replies: 7
Views: 549

Re: netinstall for ax2

I have higher chance of doing netinstall in linux VS windows 10/11 but if your hands are tied make it sure that you disable all lan adapters in windows except for the wired LAN and disable windows firewall to make it sure, ether1 is the port you are going to use for netinstall, In my experience you ...
by loloski
Fri Apr 12, 2024 9:41 pm
Forum: Wireless Networking
Topic: CAPsMANv2 configuration for secondary SSIDs on different VLANs
Replies: 40
Views: 10864

Re: CAPsMANv2 configuration for secondary SSIDs on different VLANs

I really love MT for what is worth and the value it bring to a lot of company startup whether it's big and small, but this wireless radio/driver issues and capsman drama makes a lot of users look elsewhere, luckily for us we don't have use case for wireless other than out of band management connecti...
by loloski
Fri Apr 12, 2024 3:09 pm
Forum: Beginner Basics
Topic: Routing Query
Replies: 4
Views: 592

Re: Routing Query

if this is the subnet behind cisco (10.0.0.0/24) via ether1 you are trying to reach? i would suggest make a point to point connection /30 between mikrotik and cisco like e.g 10.100.10.1/30 on ether1 and 10.100.10.2/30 on cisco and route the LAN subnet 10.0.0.0/24 to 10.100.10.2 ip route add dst-addr...
by loloski
Wed Apr 10, 2024 10:14 pm
Forum: Beginner Basics
Topic: Using NAT on Mikrotik
Replies: 5
Views: 576

Re: Using NAT on Mikrotik

Please don't double post, I believed the issue here is the same with your other post which i reply as well It is common issue with new user is that they don't RTFM i believed it was mentioned in the docs that you should enumerate your WAN and LAN interface in the interface list , so that you are not...
by loloski
Wed Apr 10, 2024 9:46 pm
Forum: Beginner Basics
Topic: Can't ping with firewall (nat)
Replies: 9
Views: 651

Re: Can't ping with firewall (nat)

you don't need NAT for them to reach each other make sure both raspberry pi and the pc has their appropriate default gateway and you are set, In the Router see to it the firewall rules (filter) in FORWARD chain should allows this two subnet 10.10.1.0/24 and 10.10.5.0/24 to traverse, if you do have a...
by loloski
Wed Apr 10, 2024 9:28 pm
Forum: Scripting
Topic: Script add user from LOG
Replies: 3
Views: 491

Re: Script add user from LOG

to be honest it would be better if you ship the logs to a remote syslog server and parse it from there like a small VM perhaps, you have full blown scripting language at your disposal when it's outside MT device, even it's possible you have to store it somehow the previously stored e-mail for post p...
by loloski
Wed Apr 10, 2024 8:55 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 3663

Re: BGP VPLS with route reflector [SOLVED]

I redo this using eBGP approach between PE BGP is up OSPF is up VPLS is up and still can't ping :), i'll attach all configs except for CE1 and CE2 because they are just static IP
1.png
by loloski
Wed Apr 10, 2024 7:03 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 3663

Re: BGP VPLS with route reflector [SOLVED]

Hard to say without full config dumps, but yes, the P router should just do two things: ospf underlay to learn/export loopbacks of each PE loopback and LDP/MPLS enabled on both interfaces facing each PE. Then eBGP signalling from PE to PE with AS900 and AS901 should work. I just tested this again i...
by loloski
Wed Apr 10, 2024 6:44 pm
Forum: Forwarding Protocols
Topic: Passive Interfaces MPLS - VPLS RouterOS v7
Replies: 6
Views: 649

Re: Passive Interfaces MPLS - VPLS RouterOS v7

This works for me, it worked but not really great because you still have ros v6 at play
1.png
by loloski
Wed Apr 10, 2024 6:33 pm
Forum: Forwarding Protocols
Topic: Passive Interfaces MPLS - VPLS RouterOS v7
Replies: 6
Views: 649

Re: Passive Interfaces MPLS - VPLS RouterOS v7

I have a similar post to you, as per some folks here they said v7 has still some bug in VPLS even though everything seems right the VPLS tunnel is up IGP is up and BGP sessildons is all up it still won't work... If you really want to make VPLS work make the P router as Route Reflector with v6.49.X i...
by loloski
Wed Apr 10, 2024 4:27 pm
Forum: Beginner Basics
Topic: Help in traffic redirection
Replies: 3
Views: 446

Re: Help in traffic redirection

If you are behind a CGNAT you are mostly out of luck, there are few ways to overcome this with various degree of hassle / difficulty on your part option A first get a business line and ask your ISP to provide you /30 or /29 V4 address or even better get IPV6 address allocation option B pop a VM to a...
by loloski
Wed Apr 10, 2024 2:33 pm
Forum: General
Topic: Recommend me a VPN
Replies: 4
Views: 958

Re: Recommend me a VPN

This is mikrotik forum, you can instantly google it if you need to
by loloski
Tue Apr 09, 2024 2:57 pm
Forum: Forwarding Protocols
Topic: DT - Wp Flags MPLS RouterOS v7.14.2 [SOLVED]
Replies: 2
Views: 2384

Re: DT - Wp Flags MPLS RouterOS v7.14.2 [SOLVED]

it's either use static routing or use IGP like OSPF so that each router will learn each router's loopback address and also you don't need a separate bridge to emulate loopback interface lo is now exposed by default on 7.14.2
by loloski
Sun Apr 07, 2024 2:18 am
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 3663

Re: BGP VPLS with route reflector [SOLVED]

Yeah you are both right it's unrelated i follow what clambert suggest i change the "P" address to something else the passive flag is gone and still not working :), thanks mrz for the confirmation
by loloski
Sat Apr 06, 2024 6:22 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 3663

Re: BGP VPLS with route reflector [SOLVED]

Thanks a lot for the post at least i have a workaround for now running the "P" router in ros v6. I can now finally rest literally :) and replicate this combo in production, I hope this VPLS issue will get the right attention it deserved and finally put to end
by loloski
Sat Apr 06, 2024 4:03 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 3663

Re: BGP VPLS with route reflector [SOLVED]

I recently learnt there are folks who opt for eBGP based networks and played with it, in my lab, I ran BGP signalled VPLS with eBGP and no route reflectors, loopback IPs for BGP peer with OSPF underlay. And it works fine, no problems. I redo the lab and try your approach it doesn't work because the...
by loloski
Sat Apr 06, 2024 1:48 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 3663

Re: BGP VPLS with route reflector [SOLVED]

@Darknate

Thanks will try that approach, I think mikrotik knows this that's why they don't want to create an LTS release yet because v7 still not feature parity with V6
by loloski
Sat Apr 06, 2024 1:09 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 3663

Re: BGP VPLS with route reflector [SOLVED]

I think this is an LDP issue after all because with v6.49.14 all LDP interface in P1 is in DO (Dynamic,Operational) state while in v7.15b9 it's in DOp (Dynamic,Operational,Passive) I already file a bug report SUP-149275 I think i'm one on a few if not many encounter this issue, this is really a sad ...
by loloski
Sat Apr 06, 2024 8:47 am
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 3663

Re: BGP VPLS with route reflector [SOLVED]

I redo the whole thing and change P1 to v6.49.14 and it work, my conclusion is v7 BGP RR + v7 BGP signal VPLS is not working, but v7 route reflector alone is working as advertise.

@ MT could someone from your end confirm this behavior?

1.png
2.png
by loloski
Sat Apr 06, 2024 3:47 am
Forum: Beginner Basics
Topic: Can someone share a full working /29 config
Replies: 6
Views: 641

Re: Can someone share a full working /29 config

your diagram/networks It's fine as it is but really depends on what you are doing and trying to achieve, but i will do it differently because public ip is very scarce i will conserve it if i have to as much as possible, if some servers or workstation can be behind a NAT i'll do it.
1.png
by loloski
Fri Apr 05, 2024 5:14 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 3663

Re: BGP VPLS with route reflector [SOLVED]

This is really red herring I’m just going in circles, could someone please confirm if BGP signal VPLS with rosv7 route reflector still not supported till this day? Just a hint will do thanks
by loloski
Fri Apr 05, 2024 2:37 am
Forum: Beginner Basics
Topic: Virtualized VLANs (for Proxmox) [SOLVED]
Replies: 7
Views: 2852

Re: Virtualized VLANs (for Proxmox) [SOLVED]

There are many ways how to make a VLAN in mikrotik, even if it works it doesn't mean it's correct because if you are doing that on non CRS 3xx series it will consume CPU, so be careful
by loloski
Fri Apr 05, 2024 1:09 am
Forum: Beginner Basics
Topic: Virtualized VLANs (for Proxmox) [SOLVED]
Replies: 7
Views: 2852

Re: Virtualized VLANs (for Proxmox) [SOLVED]

You need a trunk port on both router and proxmox, this is how you are going to do it if your equipment is a CRS 3xx switch this is device specific , this is just a bare minimum and assume that your tagged port is ether1 [admin@RT] > export # 2024-04-04 22:01:36 by RouterOS 7.15beta9 # software id = ...
by loloski
Thu Apr 04, 2024 6:42 am
Forum: Forwarding Protocols
Topic: No neighbors with OSPF [SOLVED]
Replies: 2
Views: 2449

Re: No neighbors with OSPF [SOLVED]

Please check if you are blocking OSPF incorporate this rule with your existing firewall
ip firewall filter add action=accept chain=input protocol=ospf
by loloski
Thu Apr 04, 2024 6:04 am
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 3663

BGP VPLS with route reflector [SOLVED]

Good day to all, i want to migrate our small production MPLS/VPLS setup to v7 but before we do that we want to lab it first with GNS3 but I hit a snag, all bgp session is up and VPLS interface is all up but can't seems to pass tagged vlan100 from CE1 to CE2, all mtu on all participating LDP interfac...
by loloski
Tue Apr 02, 2024 7:34 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 671
Views: 209237

Re: v7.14.2 [stable] is released!

Yes 2216 and 2116 is a different beast :) I hope MT support would be able to help you out along the way
by loloski
Tue Apr 02, 2024 7:07 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 671
Views: 209237

Re: v7.14.2 [stable] is released!

We don't do NAT. Everything is routed, there's one forward chain FW rule to deal with private addresses. Sure there are ~1000 queues, but it is, as you say, a big box! (for our heavier traffic we've moved In our experience 1072 is more suitable as edge router doing BGP and OSPF only and disable con...
by loloski
Tue Apr 02, 2024 6:39 pm
Forum: Forwarding Protocols
Topic: Shortest Path Bridging (SPB)
Replies: 12
Views: 8628

Re: Shortest Path Bridging (SPB)

+1
+100 for EVPN/VXLAN

We can dream on :)
by loloski
Tue Apr 02, 2024 6:27 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 671
Views: 209237

Re: v7.14.2 [stable] is released!

Please create a different thread so that others might be able to help you and by the looks of it is this a one big box doing everything how about NAT? if yes you might rethink your strategy
by loloski
Tue Apr 02, 2024 6:11 pm
Forum: General
Topic: Bandwith problem
Replies: 2
Views: 306

Re: Bandwith problem

Please check if this is not a cable issue (check for negotiated speed on port) or You need better device like RB4011 or RB5009 if you need SFP interface, otherwise you can opt to choose hapac2 at least for less pricey option

Please see MT test result page
1.png
by loloski
Tue Apr 02, 2024 3:22 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 503
Views: 132398

Re: v7.15beta [testing] is released!

IS-IS is available for v4 and v6 as early as 7.13.3 if my memory serves correctly in CLI not winbox though
by loloski
Tue Apr 02, 2024 3:18 pm
Forum: General
Topic: Connectivity to customers mikrotiks via Wireguard. Good idea? [SOLVED]
Replies: 34
Views: 1887

Re: Connectivity to customers mikrotiks via Wireguard. Good idea? [SOLVED]

just use zerotier + romon is much simpler and use routing if you need to reach LAN subnet, just my 0.2$
by loloski
Tue Apr 02, 2024 1:26 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 503
Views: 132398

Re: v7.15beta [testing] is released!

I hope this 7.15 release once become "battle tested" in the field will become the LTS release this is long time coming and badly needed
by loloski
Tue Apr 02, 2024 12:41 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 503
Views: 132398

Re: v7.15beta [testing] is released!

MVRP appear to work correctly on my initial test :) I can't hold my excitement the vlan is withdrawn automatically in the other switch if for some reason a specific vlanids is no longer in-use :)
by loloski
Tue Apr 02, 2024 10:30 am
Forum: RouterBOARD hardware
Topic: CRS317-1G-16S+RM MPLS Support
Replies: 62
Views: 27595

Re: CRS317-1G-16S+RM MPLS Support

Any progress in this front please or we just keep on dreaming?
by loloski
Tue Apr 02, 2024 5:58 am
Forum: The User Manager
Topic: Vouchers Template
Replies: 1
Views: 1081

Re: Vouchers Template

well first look for the obvious, check your disk space
by loloski
Sat Mar 30, 2024 3:55 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

Re: VRF Route Leaking between VRF network and Main [SOLVED]

Will try that in the future
by loloski
Sat Mar 30, 2024 12:08 pm
Forum: General
Topic: Feature Request: LACP Monitoring via SNMP
Replies: 0
Views: 241

Feature Request: LACP Monitoring via SNMP

Today we are monitoring this in our NMS periodically via SSH is there any plans that active-ports and inactive-ports will be available via SNMP? [user@POP1-R2-CORESW] > /interface/bonding/monitor numbers: 0 mode: 802.3ad active-ports: sfp-sfpplus1,sfp-sfpplus2 inactive-ports: lacp-system-id: 78:9A:1...
by loloski
Fri Mar 29, 2024 12:59 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

Re: VRF Route Leaking between VRF network and Main [SOLVED]

Thanks I hope the workaround is soon to be implemented
by loloski
Fri Mar 29, 2024 3:06 am
Forum: General
Topic: Wi‑Fi 7 / 802.11be
Replies: 36
Views: 13984

Re: Wi‑Fi 7 / 802.11be

I've seen in Normis post since they are not using their in-house Wi-Fi driver anymore they can jump on the wifi7 band wagon with ease, I guess the demand will only be the limiting factor here time will tell of course
by loloski
Fri Mar 29, 2024 3:00 am
Forum: Scripting
Topic: "Wait" and reboot [SOLVED]
Replies: 4
Views: 2496

Re: "Wait" and reboot [SOLVED]

Shameless plug, I personally use e-worm collection for this purpose https://github.com/eworm-de/routeros-sc ... reboot.rsc
by loloski
Thu Mar 28, 2024 5:24 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

Re: VRF Route Leaking between VRF network and Main [SOLVED]


It is not possible to leak "main" connected routes and be able to reach local addresses.
May i ask if it is fixable in the future or it is what it is?
by loloski
Thu Mar 28, 2024 1:35 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

Re: VRF Route Leaking between VRF network and Main [SOLVED]

I attach the config from "P - Router" to wrap your head around on it. a friendly tip read the routing table entries per VRF for you to grasp the concept, feel free to ask if you have question
by loloski
Thu Mar 28, 2024 3:06 am
Forum: RouterOS beta
Topic: Routing mark and Os7 with two isp [SOLVED]
Replies: 10
Views: 7357

Re: Routing mark and Os7 with two isp [SOLVED]

Actually this easy a few routing rules and routing adjustment to your environment it's done, People think this is hard because they don't know how routing works there are two ways to achieved this in RouterOS by using routing rules or mangle for a start you should watch this video to get the concept...
by loloski
Wed Mar 27, 2024 7:07 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

Re: VRF Route Leaking between VRF network and Main [SOLVED]

I found a way through trial and error and I don't think i know enough how VRF works in MT in low level because there's no documentation at all just config snippets
1.png
by loloski
Wed Mar 27, 2024 5:34 am
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 503
Views: 132398

Re: v7.15beta [testing] is released!

The protocol is intended to be compatible with other vendors, but it is still undergoing testing to ensure compatibility. Let us know if you have any feedback. Will going to test this thoroughly if it's working properly with CHR, I don't have a spare equipment at the moment to lab this up in actual...
by loloski
Wed Mar 27, 2024 2:58 am
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

Re: VRF Route Leaking between VRF network and Main [SOLVED]

It seems the limitation is real you can't reach a subnet subnet if the flag is not "DAC" / directly connected even though it is reachable in Main Routing Table. What a bummer, in other platform this is well supported I hope this limitation has a fix in sight :(, This is really unfortunate ...
by loloski
Tue Mar 26, 2024 7:01 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

Re: VRF Route Leaking between VRF network and Main [SOLVED]

I slightly modify the topology and have a loopback address 10.0.0.1/32 on R1 so in theory I should be able to reach 192.168.50.1 and 10.0.0.1/32 from C1 and C2 if this this route leaking feature was really working as advertise
1.png
by loloski
Tue Mar 26, 2024 6:18 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

Re: VRF Route Leaking between VRF network and Main [SOLVED]

I don't think that's the case look carefully the VRF and the routing table of main evidently 192.168.50.0/24 on ether4 is on main routing table and it's working properly
1.png
by loloski
Tue Mar 26, 2024 3:11 pm
Forum: General
Topic: REQ: batman-adv interface
Replies: 1
Views: 1521

Re: REQ: batman-adv interface

+1 on this, this is game changer for wISP
by loloski
Tue Mar 26, 2024 1:16 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 503
Views: 132398

Re: v7.15beta [testing] is released!

@MT quick question if MVRP implementation is working properly in the next few beta/rc, is it compatible with other implementation like Juniper or it will never be?
by loloski
Tue Mar 26, 2024 12:40 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 503
Views: 132398

Re: v7.15beta [testing] is released!

Yes RouterOS lite it is and allow big files like drivers (wifi-qcom/wifi-qcom-ac) or any extra package to be loaded in external place like USB if present in the device. /* Dream On */
by loloski
Tue Mar 26, 2024 12:22 pm
Forum: Beginner Basics
Topic: How to configure LAN IP Pool
Replies: 15
Views: 4948

Re: How to configure LAN IP Pool

Substitute to your real subnet 1.png [admin@R1] > export # 2024-03-26 10:18:18 by RouterOS 7.14.1 # software id = # /interface vlan add interface=ether1 name=VLAN1530 vlan-id=1530 /port set 0 name=serial0 /ip address add address=117.1.1.218/29 interface=VLAN1530 network=117.1.1.216 add address=117.2...
by loloski
Tue Mar 26, 2024 8:17 am
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

Re: VRF Route Leaking between VRF network and Main [SOLVED]

Hooraahh... i made it to work the routing entries for subnet 192.168.50.0/24 the gateway should be the ether4@main :)
1.png
by loloski
Tue Mar 26, 2024 7:23 am
Forum: Forwarding Protocols
Topic: BCP 38: Routing Filters and Address lists
Replies: 2
Views: 497

Re: BCP 38: Routing Filters and Address lists

I believed there were similar request in the past that rp_filter can be turned on/off per interface but nothing come up to a fruition from MT camp
by loloski
Tue Mar 26, 2024 6:31 am
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

Re: VRF Route Leaking between VRF network and Main [SOLVED]

I now add a routing entries to each VRF that I think might solve the issue but still is not working, the C2 router can reach internet and VRF_CUSTOMER-A and VRF_CUSTOMER-B but not 192.168.50.0/24 subnet in the main routing table of the Provider Router
1.png
2.png
3.png
by loloski
Tue Mar 26, 2024 5:43 am
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

Re: VRF Route Leaking between VRF network and Main [SOLVED]

1.png 2.png This is how far I go from R1 192.168.50.1 using this routing rules above I was able to reach 192.168.0.1 and 192.168.1.1 but not the whole subnet I know I'm missing a routing entries for 192.168.50.0/24 subnet in both vrf_cusotmer_a and vrf_customer_b routing table to make this work I j...
by loloski
Tue Mar 26, 2024 5:23 am
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 16
Views: 3448

VRF Route Leaking between VRF network and Main [SOLVED]

In Ros v7.14.1 Route leaking between VRF is so easy I just follow the Simple VRF Setup in the mikrotik documents and it works like a charm, however the docs never mentioned or give a snippet config on how to leak between the VRF network with the Main routing table on the Provider Router https://help...
by loloski
Sat Mar 23, 2024 12:37 pm
Forum: Beginner Basics
Topic: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]
Replies: 32
Views: 3882

Re: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]

Draw a basic network diagram including vlan assignment so that we can easily help you, I just interpret what you said
by loloski
Sat Mar 23, 2024 12:15 pm
Forum: Beginner Basics
Topic: Subdomain redirection (NAT) to the local IP address.
Replies: 1
Views: 399

Re: Subdomain redirection (NAT) to the local IP address.

You need reverse proxy for that like nginx or haproxy, you can do port forwarding on port 80 to a local reverse proxy from there handle the routing logic
by loloski
Sat Mar 23, 2024 3:18 am
Forum: Beginner Basics
Topic: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]
Replies: 32
Views: 3882

Re: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]

-- The problem is, that on ports ether46, ether47, ether48 I'm not seeing any traffic that goes into corresponding ports ether6, ether5, ether7. /interface/bridge/port add bridge=bridge comment="Bistro in" frame-types=admit-only-untagged-and-priority-tagged interface=ether5 pvid=119 add br...
by loloski
Fri Mar 22, 2024 4:03 pm
Forum: Beginner Basics
Topic: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]
Replies: 32
Views: 3882

Re: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]

if qsfpplus1-1 is your trunk port
/interface/bridge/vlan/add vlan-ids=111 tagged=bridge,qsfpplus1-1 untagged=ether7,ether48 bridge=bridge
by loloski
Fri Mar 22, 2024 3:45 pm
Forum: Beginner Basics
Topic: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]
Replies: 32
Views: 3882

Re: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]

try this and adapt to your situation you missed where the bridge should be tagged as well /interface/bridge/add pvid=4094 frame-types=admit-only-vlan-tagged name=bridge # Best practice don't set pvid=1 /interface/bridge/port add interface=ether7 frame-types=admit-only-untagged-and-priority-tagged pv...
by loloski
Thu Mar 21, 2024 5:02 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 503
Views: 132398

Re: v7.15beta [testing] is released!

Do you have at least initial draft document for MVRP?
by loloski
Tue Mar 19, 2024 8:19 am
Forum: Scripting
Topic: RouterOS get uptime days [SOLVED]
Replies: 10
Views: 4355

Re: RouterOS get uptime days [SOLVED]

:put [/system/resource/get uptime
11w2d15:59:17
]
by loloski
Tue Mar 19, 2024 3:53 am
Forum: General
Topic: bandwidth managment
Replies: 2
Views: 356

Re: bandwidth managment

Please don't do it CRS112 is geared toward as a switch not a router it has very weak CPU, what you can do put router upfront then Make a Queue in the router
by loloski
Thu Feb 22, 2024 11:29 am
Forum: General
Topic: CCR1072 - ROSv6 - TCP single-stream performance
Replies: 5
Views: 520

Re: CCR1072 - ROSv6 - TCP single-stream performance

For us we learned the hardway, We are only using 1072 for EDGE routing purposes BGP/OSPF no NAT/Firewall and Queues they are fine, for Access Concentrators we stick for a dozen of 1036 with rule of thumb of 950 customers per 1036 doing NAT and Queue, For some of our PoP with premium customers which ...
by loloski
Sun Feb 18, 2024 11:17 am
Forum: Beginner Basics
Topic: netpower 16p with bonding CPU issue
Replies: 1
Views: 322

Re: netpower 16p with bonding CPU issue

check your switch chip 98DX226S if bonding is ever supported

https://help.mikrotik.com/docs/display/ ... Offloading
by loloski
Sun Feb 18, 2024 10:54 am
Forum: Forwarding Protocols
Topic: Route Filter v6 to v7
Replies: 3
Views: 584

Re: Route Filter v6 to v7

discard is not supported in v7
by loloski
Thu Feb 08, 2024 1:43 am
Forum: Beginner Basics
Topic: CRS3xx (low?) Bandwidth Test Performance
Replies: 3
Views: 724

Re: CRS3xx (low?) Bandwidth Test Performance

please use iperf it was a known fact that bandwidth test inside mikrotik will eat your CPU
by loloski
Thu Feb 08, 2024 1:21 am
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

On beta 8
*) bgp - allow to leak routes between local VRFs;

If you are looking for proper implementation through RD i don't think it will happen today :(
by loloski
Thu Feb 08, 2024 12:16 am
Forum: General
Topic: CRS310-8G-2S+-IN expected internet performance?
Replies: 6
Views: 843

Re: CRS310-8G-2S+-IN expected internet performance?

CRS310 is geared toward as a switch not much of a router
Screenshot 2024-02-08 060857.png
by loloski
Wed Feb 07, 2024 12:16 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 274803

Re: v7.13.3 [stable] is released!

it would be best, if they allow the package to be stored and install via external USB or make a ROS lite package as suggested by others here, our HAPAC2 CPE fleet would surely welcome this change if this happen :)
by loloski
Tue Jan 23, 2024 1:08 pm
Forum: General
Topic: IPOE with User-Manager
Replies: 1
Views: 436

Re: IPOE with User-Manager

By the way forgot to say thanks in advance for the people who could chime in
by loloski
Tue Jan 23, 2024 12:46 pm
Forum: General
Topic: IPOE with User-Manager
Replies: 1
Views: 436

IPOE with User-Manager

In our quest to ditch PPPoE in our network we decided to give it a whim and put a LAB generally it was ok, the client computer can authenticate it's MAC in user-manager via radius but I found it odd that you can authenticate the same mac address at the same time this is a no go for ISP setup, well h...
by loloski
Mon Jan 22, 2024 2:01 pm
Forum: Beginner Basics
Topic: Renew License CHR ERROR: bad http response [SOLVED]
Replies: 24
Views: 3642

Re: Renew License CHR ERROR: bad http response [SOLVED]

wait is over, I was able to activate the license just an hour ago
by loloski
Mon Jan 22, 2024 5:47 am
Forum: General
Topic: CHR LICENSING SERVER IS DOWN
Replies: 17
Views: 2202

Re: CHR LICENSING SERVER IS DOWN

this cause us trouble because we have a scheduled deployment yesterday and send me 2 people in the DC doing nothing in the middle of the night in the end we pull out the server and will try again somewhere next week not really a big deal but a nuisance indeed
by loloski
Sun Jan 21, 2024 2:24 pm
Forum: General
Topic: CHR LICENSING SERVER IS DOWN
Replies: 17
Views: 2202

Re: CHR LICENSING SERVER IS DOWN

I already contact them via Support Ticket and no one is responding and even in discord this was reported as well on #CHR channel and I'm not alone
by loloski
Sun Jan 21, 2024 2:16 pm
Forum: General
Topic: CHR LICENSING SERVER IS DOWN
Replies: 17
Views: 2202

CHR LICENSING SERVER IS DOWN

MT,

Please take a look into this we can't activate CHR license, there was a bad http response when you try to login your account in the renewal license dialog, thanks!!!!
by loloski
Thu Jan 18, 2024 8:00 am
Forum: Beginner Basics
Topic: Use public IPs from remote router [SOLVED]
Replies: 7
Views: 1445

Re: Use public IPs from remote router [SOLVED]

Established VPN of your choice, then use mangle or routing rules to route your internal subnet to the other side of the tunnel then use srcnat NAT
by loloski
Tue Jan 16, 2024 7:42 am
Forum: Forwarding Protocols
Topic: BGP Filters translate from ros6 to ros7 not working
Replies: 9
Views: 1554

Re: BGP Filters translate from ros6 to ros7 not working

you can use this as a starting point and also discard is no longer available please read the document

https://help.mikrotik.com/docs/display/ ... h+examples
https://help.mikrotik.com/docs/display/ ... nd+Filters
by loloski
Mon Jan 15, 2024 4:13 am
Forum: General
Topic: Incoming SSH being dropped/delayed on 7.13.1, can you reproduce (easy to try)
Replies: 4
Views: 650

Re: Incoming SSH being dropped/delayed on 7.13.1, can you reproduce (easy to try)

This was tested on 7.12, though i seldom open ssh from external but this needs to be look into :(
ss.png
by loloski
Mon Jan 15, 2024 3:22 am
Forum: Forwarding Protocols
Topic: routing filter set administrative distance question
Replies: 0
Views: 833

routing filter set administrative distance question

We have a situation where our 2 edge router is both originating default route in OSPF domain we want to match the gateway and set appropriate distance just like i shown below is this possible? it was not clear in the documentation how to use the "gw" or can it be used in OSPF context, than...
by loloski
Wed Jan 10, 2024 5:12 am
Forum: Beginner Basics
Topic: Check for Updates: could not resolve DNS name [SOLVED]
Replies: 5
Views: 1875

Re: Check for Updates: could not resolve DNS name [SOLVED]

Download and import this cert if you are using cloudflare DNS it should work
https://cacerts.digicert.com/DigiCertGl ... G2.crt.pem
by loloski
Fri Jan 05, 2024 11:45 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 274803

Re: v7.13 [stable] is released!

https://stubarea51.net/2016/01/21/put-5 ... r-testing/

This is life saver luckily I was able to save the VM, the tool is not downable anymore :) I hope kevin will re-upload this again
by loloski
Fri Jan 05, 2024 11:42 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 274803

Re: v7.13 [stable] is released!

I think you are right :), I stand corrected this design flaw is really a punch in the gut they should fix this, we are going to do some more pre-flight test otherwise we are going to call off again the deployment :( if you have single peer you can get away with it but multiple peer this will blow ou...
by loloski
Fri Jan 05, 2024 11:11 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 274803

Re: v7.13 [stable] is released!

I don't think that's the case i load more than 300K routes and that few /32 slips into crack, if I follow what you say all on that list will be accepted but it's not I think they just made a string match there literally, will going to retest again and remove 0.0.0.0/0 i think I can still reproduce it
by loloski
Fri Jan 05, 2024 9:08 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 274803

Re: v7.13 [stable] is released!

Input Accept NLRI bug

It accept some prefix not in the list of prefix allowed to be accepted i stumble this bug in a lab
ss.png
by loloski
Fri Jan 05, 2024 7:20 am
Forum: RouterOS beta
Topic: Feedback on RouterOSv7 route filtering
Replies: 28
Views: 14109

Re: Feedback on RouterOSv7 route filtering

MT Any chances on improving router filtering in UI/winbox now?, we are not asking for v6 like for like UI but at least some semblance of having a more polish product rather than as if the UI was design after having a drinking session in the party :) the routing filter is v7 is more powerful in v6 bu...
by loloski
Thu Jan 04, 2024 12:26 pm
Forum: Forwarding Protocols
Topic: ipsec Preformance
Replies: 2
Views: 1357

Re: ipsec Preformance

This is impossible with ROS v7 today or in the future, that kind of traffic you are looking for is not for a SOHO environment
by loloski
Wed Jan 03, 2024 3:13 pm
Forum: General
Topic: RB5009 intermittent boot issue
Replies: 1
Views: 994

RB5009 intermittent boot issue

Hi guys, Just want to ask if somebody encounter this issue, where most of the time i reboot the router it doesn't boot properly you have to properly power cycle the router at least 3 times to work, the 2nd port always lit but dim and it's doing nothing, i already netinstall the device still the prob...
by loloski
Tue Jan 02, 2024 4:09 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

ok thanks a ton, really excited to put this in the field next week

BR
by loloski
Tue Jan 02, 2024 3:40 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

yeah we have our own instance of routinator too, that's good to hear that it was working well, you are in 2216 i'm on 1072 this is what really scare me now :)
by loloski
Tue Jan 02, 2024 3:31 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

Hmm.... that's reassuring but we need to test this thoroughly specially rpki validation this will surely a showstopper to us, BFD is working properly glad it was sorted out.
by loloski
Tue Jan 02, 2024 2:30 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

@rpingar I hope if you don't mind asking hpw's all your ticket related to BGP issues? did MT respond or fix most of your issues? we are going to retry again to put MT in IX scenario and i just feared we are going to pull it again and replace it with Juniper platform inadvertly due to instability I'v...
by loloski
Mon Jan 01, 2024 7:43 am
Forum: Beginner Basics
Topic: Force the router to use a specific WAN
Replies: 5
Views: 1219

Re: Force the router to use a specific WAN

set the distance/cost of your preferred next-hop to 1 and the other remaining link to 2 in this way all traffic generated by the router itself will go to the default gateway with distance/cost of 1 no mangles involved, I hope this suffice enough to meet your requirement and use PBR to steer your tra...
by loloski
Sun Dec 31, 2023 4:04 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

info !wireguard
by loloski
Sat Dec 30, 2023 2:13 pm
Forum: RouterOS beta
Topic: Routing filter to discard routes
Replies: 16
Views: 12981

Re: Routing filter to discard routes

I hope this functionality can be restored in OSPF at least, this is what set apart from MT to other big brand where dynamic routing protocols is rock solid, another grief is when you have millions of routing entries in routing tables winbox start to crawl well that's for another day totally unrelate...
by loloski
Sat Dec 30, 2023 1:25 pm
Forum: RouterOS beta
Topic: Routing filter to discard routes
Replies: 16
Views: 12981

Re: Routing filter to discard routes

sorry for beating the dead horse, can someone shed some light on why discard is no longer available in ros v7?
by loloski
Fri Dec 29, 2023 9:26 am
Forum: Forwarding Protocols
Topic: V7 Route Filter Deny-ALL
Replies: 2
Views: 978

Re: V7 Route Filter Deny-ALL

In v7 it was rejected / deny by default
by loloski
Mon Dec 25, 2023 1:00 am
Forum: Forwarding Protocols
Topic: Force ZeroTier over specific Internet/WAN connection
Replies: 7
Views: 1829

Re: Force ZeroTier over specific Internet/WAN connection

as a last resort though it's not the _real_ solution he/she could install zerotier in the other device using his/her 2nd ISP as a next-hop then use ROMON if the purpose of this zerotier is just for management purposes no more fiddling with mangle :)
by loloski
Sun Dec 24, 2023 1:58 am
Forum: Forwarding Protocols
Topic: Force ZeroTier over specific Internet/WAN connection
Replies: 7
Views: 1829

Re: Force ZeroTier over specific Internet/WAN connection

you can try to use mangle output and routing mark to make host outbound traffic of the router to go on specific ISP on udp port 9993
/ip firewall mangle
add action=mark-routing chain=output dst-port=9993 new-routing-mark=UG3 passthrough=no protocol=udp
by loloski
Sat Dec 23, 2023 8:58 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

Ok i stand corrected back to the v6 version where it was still not bundled :)
by loloski
Sat Dec 23, 2023 8:53 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

wifi-qcom-ac is already out of the door a year ago who have thought this is possible?, who knows? maybe just maybe they break again the taboo and make v7 semi modular again like what we have in v6 where you can uninstall something at some extent to free up some space or resource.
by loloski
Sat Dec 23, 2023 8:35 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

LOL, you can upgrade beyond 7.12.1 and still have zerotier. What is your point? I can't upgrade to past/beyond 7.12.1 because this is the last version I can have a wireless + zerotier on this device, I'm just wondering why some people here is very apprehensive if all you want is to get the last oun...
by loloski
Sat Dec 23, 2023 12:49 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

Yeah that's why we might stay indefinitely in 7.12.1 because we can't eat our cake and have it too :) unfortunately wireguard is not an option for us :p
by loloski
Sat Dec 23, 2023 11:18 am
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

Well, I certainly consider it a step backward that almost all functionality is now in a single "routeros" package. I can fully understand why packages like "DHCP", "PPP", "ipv6", "security" were merged with the system package! They often have nasty ...
by loloski
Fri Dec 22, 2023 7:49 am
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

Question does MVRP implementation will be vendor neutral? Once it become stable?
by loloski
Thu Dec 21, 2023 11:55 am
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 13295

Re: Status of ROS V7 for BGP, MPLS, VPLS

You are right and spot on, I'm responsible with Engineering In perfect world I got the final say on most things related to network from Core,CO,Pop down to Last mile, but still can be vetoed once there was a big Asian money at stake down to a drain pipe, Cap-ex is hard to come by in emerging market ...
by loloski
Thu Dec 21, 2023 8:51 am
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 13295

Re: Status of ROS V7 for BGP, MPLS, VPLS

Care to share how much MPLS traffic you have at peak and is it in tile arch?, we have a pilot MPLS implementation base on v6 (mpls atom/pseudowire) in one of our PoP and just running < 500mb at peak
by loloski
Thu Dec 21, 2023 8:26 am
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

There's a bug in bridge where a port role is blank in CHR and hapac2 in my limited testing at least
by loloski
Thu Dec 21, 2023 7:42 am
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 13295

Re: Status of ROS V7 for BGP, MPLS, VPLS

@Darknate I can feel you and I can clearly see your point and that was really obvious, but I don't need reasons to ditch MT because the company I work for already accept that fact that MT as a company is not perfect, my personal only sour grape with them is they don't layout their roadmap on what th...
by loloski
Wed Dec 20, 2023 3:47 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

Just notice push route is in the ovpn server setting not per secret/user basis? I hope MT would make it more flexible
by loloski
Wed Dec 20, 2023 3:30 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 158556

Re: v7.14beta [testing] is released!

*) bridge - added MLAG support for MSTP bridges; *) bridge - added MVRP support (CLI only); *) bridge - improved bridge VLAN configuration validation; *) bridge - improved configuration speed on large VLAN setups; *) bridge - improved protocol-mode MSTP functionality; *) bridge - improved protocol-...
by loloski
Wed Dec 20, 2023 4:31 am
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 13295

Re: Status of ROS V7 for BGP, MPLS, VPLS

@DarkNate As a band aid solution whilst we are still waiting for proper EVPN/VXLAN to come in Mikrotik, our tech stack revolves around mikrotik for 3 years now lots of investment already from hardware to people training and we don't want to go back to pure Juniper shop if we can fight for it for cos...
by loloski
Tue Dec 19, 2023 7:02 pm
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 13295

Re: Status of ROS V7 for BGP, MPLS, VPLS

Yeah, Q3 next year if MT can't still produce a decent implementation for all of this critical technologies in ISP space we are going to re-think our strategies, If only LAC mode not just LNS is readily available today we can duct tape our network and still can still wait for another 3 years more, ev...
by loloski
Tue Dec 19, 2023 5:21 pm
Forum: General
Topic: Multi-Wan Concept
Replies: 2
Views: 773

Re: Multi-Wan Concept

you need policy based routing, as a primer check this out https://www.youtube.com/watch?v=1oawZUqB_Eo If i were you since you really want to learn look read network primer in other platforms as well because the learning curve is steep in MIkrotik if you don't have previous solid background in networ...
by loloski
Tue Dec 19, 2023 4:39 pm
Forum: General
Topic: 7.13 wireless package split question
Replies: 90
Views: 24866

Re: 7.13 wireless package split question

at least for me this is fair enough
by loloski
Tue Dec 19, 2023 3:35 pm
Forum: General
Topic: Feature Request: Restore ability to remove dynamic Queue
Replies: 0
Views: 1120

Feature Request: Restore ability to remove dynamic Queue

MT, Would you be so kind if you could restore the functionality that we can remove dynamic simple queue on the fly via up/down script in PPPoE profile and create the simple queue to our liking?, our solution relies on this heavily and we can't move our BRAS/PPPoE concentrator to v7 latest stable ver...
by loloski
Tue Dec 19, 2023 1:25 pm
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 13295

Re: Status of ROS V7 for BGP, MPLS, VPLS

@mrz, if you could be so kind could you please confirm if MP-BGP/EVPN + VXLAN is now on horizon since IS-IS was in too? just a nugget please because this will be very critical to us in near feature
by loloski
Wed Dec 06, 2023 10:51 am
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 13295

Re: Status of ROS V7 for BGP, MPLS, VPLS

Wow, that's good news but the million dollar question is when this going to see the light of the day :) most of the Chinese cheapos switches now a days support this like Rujie/Maipu et al, please add Q-in-Q in hardware in the pipeline please :)
by loloski
Sun Dec 03, 2023 3:07 pm
Forum: Virtualization
Topic: Passthrough - Interface Queue
Replies: 1
Views: 1513

Re: Passthrough - Interface Queue

If your motherboard and NIC support SR-IOV used that instead just my 0.2$
by loloski
Thu Nov 30, 2023 7:33 am
Forum: General
Topic: Feature Request: MRTG / Graphing option
Replies: 0
Views: 1886

Feature Request: MRTG / Graphing option

expose growright or any other MRTG option to MT graphing via CLI or winbox
by loloski
Tue Nov 14, 2023 9:42 am
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 95883

Re: v7.13beta [testing] is released!

Sorry for not filling a proper bug report don't have a good experience of doing it for some occasions now, it's either no one answer or the support claims it's a support issues I'm tired already sorry
by loloski
Tue Nov 14, 2023 9:35 am
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 95883

Re: v7.13beta [testing] is released!

In Hapac2 DOH is working fine for a few minutes then all of the sudden the configuration revert back to the original setting prior of the change, at first I thought I'm just crazy but it happen to me more than 3 times now
by loloski
Tue Nov 14, 2023 7:17 am
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 95883

Re: v7.13beta [testing] is released!

7.12 stable to 7.13beta1 will fail to update if zerotier package was install on hapac2
by loloski
Tue Nov 14, 2023 7:01 am
Forum: Beginner Basics
Topic: Upgrading without 2 reboots
Replies: 6
Views: 1610

Re: Upgrading without 2 reboots

as per MT, flat out that's not possible
by loloski
Sat Nov 11, 2023 2:57 am
Forum: Beginner Basics
Topic: Control device by MAC and DHCP
Replies: 1
Views: 858

Re: Control device by MAC and DHCP

by loloski
Mon Oct 30, 2023 11:43 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 95503

Re: v7.12rc is released!

system - fixed process multithreading (introduced in v7.9);
care to elaborate please?
by loloski
Mon Oct 16, 2023 6:45 pm
Forum: Forwarding Protocols
Topic: ROS 7.11.2 CHR BGP not Multithreaded and V. Slow
Replies: 16
Views: 3324

Re: ROS 7.11.2 CHR BGP not Multithreaded and V. Slow

@DarkNate As far as I know at least in our region (Asia), ROA record is a _must_ now a days if you are advertising your prefix to upstream that's why pe1chl is suggesting that let the upstream handle this RPKI validation, I personally has this mentality too are we really out of touch on reality? Alm...
by loloski
Mon Oct 16, 2023 5:27 pm
Forum: General
Topic: ROMON + EX4200 Juniper SW
Replies: 13
Views: 1741

Re: ROMON + EX4200 Juniper SW

@holvoetn

what a clever workaround, hehehe let me try that approach and will update this post :), thanks a ton

Edit: @holvoetn you're a genius it works! like what you said EOIP interface doesn't need to be a member of a bridge
by loloski
Mon Oct 16, 2023 5:09 pm
Forum: General
Topic: ROMON + EX4200 Juniper SW
Replies: 13
Views: 1741

Re: ROMON + EX4200 Juniper SW

a shorthand syntax if you want to set ge-0/0/18 as access port with vlan member 20 for example the right syntax would be at least on Juniper with legacy Junos (NON ELS)
set interfaces ge-0/0/18 unit 0 family ethernet-switching port-mode access vlan members 20
by loloski
Mon Oct 16, 2023 3:54 pm
Forum: General
Topic: ROMON + EX4200 Juniper SW
Replies: 13
Views: 1741

Re: ROMON + EX4200 Juniper SW

root@EX4200# set ethernet-switching-options secure-access-port interface ge-0/0/18 ? Possible completions: + allowed-mac Allowed MAC address on this interface + apply-groups Groups from which to inherit configuration data + apply-groups-except Don't inherit configuration data from these groups dhcp...
by loloski
Mon Oct 16, 2023 3:52 pm
Forum: General
Topic: ROMON + EX4200 Juniper SW
Replies: 13
Views: 1741

Re: ROMON + EX4200 Juniper SW

I already tried removing storm control and still doesn't work :)
by loloski
Mon Oct 16, 2023 3:51 pm
Forum: General
Topic: ROMON + EX4200 Juniper SW
Replies: 13
Views: 1741

Re: ROMON + EX4200 Juniper SW

Out of desperation I ask bing chat and this should do it but unfortunately not for EX4200 because ether-type-list is not available in EX4200 set ethernet-switching-options secure-access-port vlan members INTERNAL set ethernet-switching-options secure-access-port interface ge-0/0/18 mac-limit 1 set e...
by loloski
Mon Oct 16, 2023 3:24 pm
Forum: General
Topic: ROMON + EX4200 Juniper SW
Replies: 13
Views: 1741

Re: ROMON + EX4200 Juniper SW

@Amm0 Thanks for the input to answer your question both device in question that participate in ROMON their interface are both _not_ part of the bridge, so the problem really lies on Juniper (None ELS) security default policy, I'm really stuck since this device does not have J-Care support contract :...
by loloski
Mon Oct 16, 2023 9:35 am
Forum: General
Topic: IPSec VPN Stops Working - Ready To Send
Replies: 7
Views: 9521

Re: IPSec VPN Stops Working - Ready To Send

We have seen this today on one of our CCR2004 L2TP + IPSEC, there's no workaround on this other than restarting the whole device which is very annoying we don't know what the condition needs to reproduce the issue, but other installation is working fine for months without the issue with the same con...
by loloski
Mon Oct 16, 2023 6:03 am
Forum: General
Topic: ROMON + EX4200 Juniper SW
Replies: 13
Views: 1741

Re: ROMON + EX4200 Juniper SW

Yeah I read that too, but we haven't turned on any security of the switch because this was a temporary thing [root@EX4200# show ethernet-switching-options secure-access-port { interface ge-0/0/8.0 { dhcp-trusted; } interface ge-0/0/12.0 { dhcp-trusted; } } voip; storm-control { interface all; } {mas...
by loloski
Mon Oct 16, 2023 2:14 am
Forum: General
Topic: ROMON + EX4200 Juniper SW
Replies: 13
Views: 1741

ROMON + EX4200 Juniper SW

Good day, does anyone from you guys know the knobs to turn on/off in Juniper so that it can forward romon traffic? we deploy this switch as an interim edge switch while we are waiting for the proper hardware to be delivered in DC, the switch has a couple of VLAN and nothing spectacular, thanks in ad...
by loloski
Fri Oct 06, 2023 12:23 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 95503

Re: v7.12rc is released!

Does it mean ISIS will slide to 7.13? normally when RC was release there's no other feature will come in
by loloski
Tue Oct 03, 2023 1:13 am
Forum: General
Topic: CRS354-48G-4S+2Q+ and bonding = high CPU and limited thoughput
Replies: 7
Views: 1177

Re: CRS354-48G-4S+2Q+ and bonding = high CPU and limited thoughput

since you don't put any network diagram or configuration i'm going to assume you use this switch as your NAT router therefore use hw offloaded nat since your device support that feature https://help.mikrotik.com/docs/display/ROS/L3+Hardware+Offloading if the assumption is wrong please put network di...
by loloski
Wed Sep 27, 2023 4:42 am
Forum: Beginner Basics
Topic: Redundant L2 and L3 with MLAG and VRRP
Replies: 2
Views: 1388

Re: Redundant L2 and L3 with MLAG and VRRP

There's a sync connection tracking available in Mikrotik i think conntrackd is working behind the scene, this is the CARP equivalent in OpenBSD, I'm more willing to be corrected if this was not the case:)
by loloski
Tue Sep 26, 2023 1:23 am
Forum: General
Topic: CCR2004-16G-2S+ NAT Performance
Replies: 4
Views: 789

Re: CCR2004-16G-2S+ NAT Performance

most likely he has queue in them + NAT that's why fasttrack was not enabled just speculation on my part :)
by loloski
Tue Sep 26, 2023 1:20 am
Forum: General
Topic: CCR2004-16G-2S+ NAT Performance
Replies: 4
Views: 789

Re: CCR2004-16G-2S+ NAT Performance

Realistically more or less that will be close, get CCR2116 if you need more power and you are not going to look back. we have seen in the field of 15GB of throughput with 50% CPU usage or better yet get Juniper MX platform if you need more :)

ss.png
by loloski
Sat Sep 23, 2023 9:00 am
Forum: General
Topic: can not upgrade to 7.11.2
Replies: 11
Views: 1916

Re: can not upgrade to 7.11.2

remove all this (Calea, gps,lora, routeros, tr069-client, ups, user-manager) then update to 7.11.2 except the base package of course (routeros)
by loloski
Sat Sep 23, 2023 8:43 am
Forum: General
Topic: can not upgrade to 7.11.2
Replies: 11
Views: 1916

Re: can not upgrade to 7.11.2

remove all addon package then upgrade it will work
by loloski
Wed Sep 20, 2023 1:37 am
Forum: Beginner Basics
Topic: Default config with reduced throughput
Replies: 2
Views: 670

Re: Default config with reduced throughput

check your port speed if it was 1G if not then replace your UTP cable and also make it sure that your PC / Laptop has support of 1G as well, good luck
by loloski
Sat Sep 16, 2023 5:28 am
Forum: Beginner Basics
Topic: I don't get Bridge gateway
Replies: 1
Views: 880

Re: I don't get Bridge gateway

call your ISP because that might be intentional, when in doubt try to plug your PC in lieu of MT and the behavior should be the same
by loloski
Fri Sep 15, 2023 4:10 am
Forum: General
Topic: MSTP + LACP as trunk port
Replies: 0
Views: 849

MSTP + LACP as trunk port

Hi All,

Good day, I’m not sure where I read it, could someone confirm if MSTP is compatible with LACP with 802.3ad mode, i know MLAG is not but don’t know if this holds true for LACP thanks
by loloski
Thu Sep 14, 2023 6:40 am
Forum: Beginner Basics
Topic: CRS112-8P-4S High CPU usage, need your help and suggestion
Replies: 2
Views: 1380

Re: CRS112-8P-4S High CPU usage, need your help and suggestion

CRS112 is geared toward a switch not much of a router remove Masquerade or NAT there and place a router in front, just my 0.2
by loloski
Mon Sep 11, 2023 5:12 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 168261

Re: v7.11.2 [stable] is released!

I hope the improved routing filters they promised should be _IN_ before they make an LTS v7, don't get me wrong the current routing filter is fine but it needs a lot of improvement specially if you compare it to V6, then pick up where they left off on some L2 functionality in marvel prestera hardwar...
by loloski
Sun Sep 10, 2023 1:40 pm
Forum: Forwarding Protocols
Topic: PPPOE and HOTPSOT
Replies: 1
Views: 1861

Re: PPPOE and HOTPSOT

by loloski
Fri Sep 08, 2023 1:27 am
Forum: General
Topic: 4/200+ dhcp leases are on the wrong bridge port
Replies: 2
Views: 1032

Re: 4/200+ dhcp leases are on the wrong bridge port

why multiple bridge? for the WAN connection you can straightly assign the ip address to the interface, please prepare a diagram so that others can help you
by loloski
Sat Sep 02, 2023 4:47 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 168261

Re: v7.11, 7.11.1 and more [stable] are released!

MT problem is simple they don't have at all or lack of sufficient unit test coverage in the code base, look at how brittle the SFP and Bridging code section where every release they claim improvement on this areas so frequently, I hate to say this I hope ROS v7 wasn't design by bunch of drunk engine...
by loloski
Tue Aug 29, 2023 8:30 am
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 127783

Re: v7.12beta [testing] is released!

This is how it look like, same for 1036,RB4011 i'll try to netinstall them later if i can reproduce the issue
2.PNG
netinstall solved the terminal issue
by loloski
Sat Aug 26, 2023 6:24 am
Forum: Wireless Networking
Topic: WiFi for large RV park?
Replies: 12
Views: 3751

Re: WiFi for large RV park?

Honestly there's a lot of variable here get a consultant that they do this thing for a living, there's no single right answer for your question. If you decided to do this on your own please consider this https://www.ekahau.com/ this will greatly help you in designing your wifi network not cheap but ...
by loloski
Fri Aug 25, 2023 5:50 am
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 127783

Re: v7.12beta [testing] is released!

Same with our CCR1072 spare in the lab :(
2.PNG
by loloski
Fri Aug 25, 2023 4:26 am
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 127783

Re: v7.12beta [testing] is released!

This is how it look like, same for 1036,RB4011 i'll try to netinstall them later if i can reproduce the issue
2.PNG
by loloski
Thu Aug 24, 2023 7:39 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 127783

Re: v7.12beta [testing] is released!

console died so far i can reproduce this on a spare CCR1036 and CRS317 so this is not architecture specific Is that on a physical console? (serial port and terminal program) As I cannot reproduce that on a terminal window... Terminal inside winbox, prior to upgrade both my 1036 and 317 devices is f...
by loloski
Thu Aug 24, 2023 5:22 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 127783

Re: v7.12beta [testing] is released!

RB4011 is also affected :( but hapac2 is working
by loloski
Thu Aug 24, 2023 5:05 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 127783

Re: v7.12beta [testing] is released!

console died so far i can reproduce this on a spare CCR1036 and CRS317 so this is not architecture specific
2.png
by loloski
Thu Aug 24, 2023 4:28 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 127783

Re: v7.12beta [testing] is released!

Interface - added "macvlan" interface support;
Wow this is quite a surprise
by loloski
Tue Aug 22, 2023 11:00 pm
Forum: Forwarding Protocols
Topic: IPV6 anycast support on ROS V7
Replies: 8
Views: 3189

Re: IPV6 anycast support on ROS V7

I'm not going to chase this on them any more, since they deny the existence of the NO DAD bug alone because they know that it will lead to a much bigger issue of which you confirm, thanks anyway for the update
by loloski
Mon Aug 21, 2023 1:51 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54899

Re: Feature Request : IPv6 Fasttrack

I hope you guys are right, but there's no indication that they moving in this direction
by loloski
Thu Aug 17, 2023 12:55 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 127783

Re: v7.12beta [testing] is released!

ovpn - added "tls-auth" option support for imported .ovpn profiles;
mpls - added option to match and set MPLS EXP with bridge and mangle rules;
been waiting this for a couple of years now :)
by loloski
Wed Aug 16, 2023 7:49 am
Forum: Forwarding Protocols
Topic: ROS7 CPU Load for Route Advertisement?
Replies: 2
Views: 2219

Re: ROS7 CPU Load for Route Advertisement?

With that number of peer our platform of choice is Juniper MX200 at least, you can certainly try CCR2216 if you have budget or leeway to make experiment :(, we have a few dozen of that CCR2004 that we loan to other or just collecting dust due underwhelming bgp performance
by loloski
Wed Aug 16, 2023 12:53 am
Forum: Forwarding Protocols
Topic: BGP High CPU Utilization
Replies: 5
Views: 2680

Re: BGP High CPU Utilization

If you are not using NAT please disable connection tracking and firewall rules and just like what pe1chl said play with affinity and check which settings works for your use case. you may also check this
https://www.daryllswer.com/edge-router-bng-optimisation-guide-for-isps/
by loloski
Tue Aug 15, 2023 3:45 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 168261

Re: v7.11 [stable] is released!

2.png
so far upgrade for 1036,1072,317,326,4011,HAPAC2 went without a hitch
by loloski
Thu Aug 10, 2023 7:56 pm
Forum: Announcements
Topic: v7.11rc is released!
Replies: 195
Views: 50725

Re: v7.11rc is released!

as they always say, if it's not mentioned in the changelog therefore they won't fix it
by loloski
Thu Aug 10, 2023 4:03 pm
Forum: Announcements
Topic: v7.11rc is released!
Replies: 195
Views: 50725

Re: v7.11rc is released!

I think the problem here with MT they should finished one thing at a time before jumping on to another task at hand and also they should published the roadmap at least people know what to expect or not, otherwise this will be a recurring theme MT will surely delete this post anytime soon just like w...
by loloski
Thu Aug 10, 2023 1:54 pm
Forum: Beginner Basics
Topic: CRS518-16XS-2XQ - pure VLAN switch with very high cpu usage [SOLVED]
Replies: 4
Views: 1876

Re: CRS518-16XS-2XQ - pure VLAN switch with very high cpu usage [SOLVED]

Please turn on RSTP unless you have a valid reason to turn it off and also turn on auto neg on interface as much as possible for those untagged/access port ensure you have frame-types=admit-only-untagged-and-priority-tagged Please export the whole configuration and attach it here so that other peopl...
by loloski
Thu Aug 10, 2023 5:51 am
Forum: Wireless Networking
Topic: PtP WiFi network best practice
Replies: 2
Views: 1729

Re: PtP WiFi network best practice

Please see this presentation from Kevin https://stubarea51.net/2020/03/03/start ... hitecture/
by loloski
Wed Aug 09, 2023 4:01 pm
Forum: Beginner Basics
Topic: NAT IPv6 to IPv4
Replies: 5
Views: 3467

Re: NAT IPv6 to IPv4

sorry to break the bubble but NAT64 is not supported at this point

They could implement and adopt this in their stack but I think they are not interested on this at this point to stabilized ROS v7, but who knows
https://www.jool.mx/en/run-nat64.html
by loloski
Mon Aug 07, 2023 9:01 am
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 155
Views: 56706

Re: IS-IS

Does segment routing is inherent with IS-IS or the traffic engineering part is where it got very exciting?
by loloski
Sat Aug 05, 2023 11:18 am
Forum: General
Topic: 2 WAN to 2 LAN
Replies: 6
Views: 1169

Re: 2 WAN to 2 LAN

Just do PBR (Policy base Route) and you're good to go. https://help.mikrotik.com/docs/display/ ... cy+Routing
by loloski
Fri Aug 04, 2023 4:33 am
Forum: Beginner Basics
Topic: CRS305-1G-4S+IN vs gigabit switch
Replies: 1
Views: 953

Re: CRS305-1G-4S+IN vs gigabit switch

if you are making CRS305 as a switch remove the IP address that you assign on it and create a bridge and add two ethernet ports in the bridge and assign IP on your server and the fiber modem as you may call it and it should work e.g /interface/bridge/add name=BRIDGE /interface/bridge/port add interf...
by loloski
Fri Aug 04, 2023 3:47 am
Forum: Forwarding Protocols
Topic: IPV6 anycast support on ROS V7
Replies: 8
Views: 3189

Re: IPV6 anycast support on ROS V7

Thanks for the insight at least I'm not alone but this is low priority given the circumstances of MT they want to stabilized ROS v7 in general which is a good thing
by loloski
Thu Aug 03, 2023 7:16 pm
Forum: Forwarding Protocols
Topic: IPV6 anycast support on ROS V7
Replies: 8
Views: 3189

Re: IPV6 anycast support on ROS V7

Yeah surely do certainly, what surprise me is it seems like no DAD (Duplicate address detection) option is not working even though you toggle it :) in cisco i try to lab this thing up in the most simple way possible that I could think of and it appears to work correctly afaic and not to pretend to k...
by loloski
Thu Aug 03, 2023 7:51 am
Forum: Forwarding Protocols
Topic: IPV6 anycast support on ROS V7
Replies: 8
Views: 3189

Re: IPV6 anycast support on ROS V7

I just want to lab up a potential use case where I do have a container with reverse proxy that will piggy back the traffic going back to the real server for HA purposes
by loloski
Wed Aug 02, 2023 10:31 pm
Forum: General
Topic: CRS326-24S+2Q+ 100% CPU Usage, drops connections
Replies: 3
Views: 995

Re: CRS326-24S+2Q+ 100% CPU Usage, drops connections

your device is geared toward as a switch with basic router functionality, please try to use different device
by loloski
Wed Aug 02, 2023 8:44 pm
Forum: Forwarding Protocols
Topic: IPV6 anycast support on ROS V7
Replies: 8
Views: 3189

IPV6 anycast support on ROS V7

Hi all,

Anyone know if MT does support anycast address? can anyone shed some light on this please, the manual doesn't say much on this topic
by loloski
Tue Aug 01, 2023 3:24 pm
Forum: Beginner Basics
Topic: Bridge/VLANs issues
Replies: 28
Views: 3003

Re: Bridge/VLANs issues

the OP refers to dumb switch / unmanage switch
by loloski
Sun Jul 30, 2023 10:16 am
Forum: General
Topic: netwatch instead of recursive routing
Replies: 5
Views: 1274

Re: netwatch instead of recursive routing

with more recent V7 you can now at least use src-address now for netwatch, i have yet to lab this as well just like you I also use recursive routing for WAN monitoring
by loloski
Thu Jul 27, 2023 2:24 pm
Forum: General
Topic: PPPoE Server + Bridge Horizon v7.10.2
Replies: 2
Views: 639

Re: PPPoE Server + Bridge Horizon v7.10.2

I see now back to the lab, thanks a ton
by loloski
Thu Jul 27, 2023 11:57 am
Forum: General
Topic: PPPoE Server + Bridge Horizon v7.10.2
Replies: 2
Views: 639

PPPoE Server + Bridge Horizon v7.10.2

Hi All, I've have been labing this since yesterday i can't seems to figure out how bridge horizon works on PPPoE server, The lab is so simple 1 PPPoE server with 2 PPPoe Client no switch in between the pppoe client plug straight to ether1 and ether2 of PPPoE server I've try to set the horizon value ...
by loloski
Wed Jul 26, 2023 11:06 pm
Forum: General
Topic: Error 500 Registering new forum account
Replies: 1
Views: 620

Error 500 Registering new forum account

Hey MT,

Please check my colleague alerted me just now that they can't register an account in the forum, just fyi
2.png
by loloski
Wed Jul 19, 2023 1:22 pm
Forum: General
Topic: Is 802.11ad bonding interface (by itself) hw offloaded?
Replies: 9
Views: 1266

Re: Is 802.11ad bonding interface (by itself) hw offloaded?

@Ed

That's how we do it for CCR2116 are you saying that it doesn't have real benefits? we just create a bridge for this purpose and put bonding interface on it :( sad can you made it clear in the docs please :)

2.png
by loloski
Mon Jul 17, 2023 4:35 pm
Forum: General
Topic: CGNAT assigned to local interface not working
Replies: 5
Views: 711

Re: CGNAT assigned to local interface not working

without config, I'm just guessing here check your local address see to it that they are unique for each pool e.g

Local Address 100.64.0.0 IP Pool 100.64.0.1-100.64.0.254
Local Address 100.64.1.0 IP Pool 100.64.1.1-100.64.1.254
by loloski
Sun Jul 02, 2023 3:46 pm
Forum: Forwarding Protocols
Topic: Routes from BGP are ignored
Replies: 1
Views: 2108

Re: Routes from BGP are ignored

Please check your routing filters, by default in ROS v7 the prefix will be rejected

https://help.mikrotik.com/docs/display/ ... nd+Filters
by loloski
Thu Jun 29, 2023 3:06 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ with RouterOS 7.10 stable - Unable to fast track connections
Replies: 6
Views: 768

Re: CRS354-48P-4S+2Q+ with RouterOS 7.10 stable - Unable to fast track connections

2.png Remove every rule and try this taken directly from the help page and retest to just to make sure you have a working fasttrack rule and perform basic NAT if you need to https://help.mikrotik.com/docs/display/ROS/L3+Hardware+Offloading#L3HardwareOffloading-OffloadingFasttrackConnections /ip/fir...
by loloski
Thu Jun 29, 2023 2:02 pm
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 293
Views: 44028

Re: FEATURE REQUEST: full cone NAT

Yeah we use Juniper mx40 for the edge and BNG exclusively and lots of 1036 for BRAS and 317 as L2 switch :)
by loloski
Thu Jun 29, 2023 1:49 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ with RouterOS 7.10 stable - Unable to fast track connections
Replies: 6
Views: 768

Re: CRS354-48P-4S+2Q+ with RouterOS 7.10 stable - Unable to fast track connections

how much bandwidth we are looking into? CRS354 is geared toward as a switch, don't expect to much on this device if you make it as your primary router
by loloski
Thu Jun 29, 2023 11:40 am
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 293
Views: 44028

Re: FEATURE REQUEST: full cone NAT

@pe1chl I hope this situation will be improved in the future, because ROS is not a toy lots of people depends on it every day to deliver what's being advertise, specially in the ISP space this is the part where our management didn't see (hidden cost), In as much as I loved MikroTik for what it's wor...
by loloski
Thu Jun 29, 2023 10:04 am
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 293
Views: 44028

Re: FEATURE REQUEST: full cone NAT

If they implement that code and they found it buggy why bother releasing it in the wild specially if the implementation is incomplete? this is just like the date format standardization stuff they release from past release, anyway I hope they were able to sort this out soon or just remove it if it's ...
by loloski
Thu Jun 29, 2023 7:02 am
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 293
Views: 44028

Re: FEATURE REQUEST: full cone NAT

If this indeed work https://github.com/LGA1150/openwrt-fullconenat why MT can't just patch their userland and kernel code tweak and adjust accordingly and moved on? just curious sometimes they have this attitude of NIH syndrome, since the underlying OS of ROS is Linux doesn't it make sense to go thi...
by loloski
Thu Jun 29, 2023 5:55 am
Forum: General
Topic: Combine the 2 ISP
Replies: 11
Views: 3852

Re: Combine the 2 ISP

I think the poster he/she is referring to is the venerable so called ISP merge they found in youtube with the so called network professional, which is half baked solution that leads to undesirable results specially in HTTPS traffic. I've dismantle a lot of customers setup here that rely on this abom...
  • 1
  • 2