Community discussions

MUM Europe 2020

Search found 41 matches

by cartes
Tue May 08, 2012 4:35 pm
Forum: General
Topic: Good Firewall Alternative?
Replies: 5
Views: 1565

Re: Good Firewall Alternative?

Thanks Brian for the reply. We were hoping to get a Quad Port of the same chipset (82576), but the Mikrotik Support page says not supported on version 4.5. But, the support for the Dual Port mentions version 5.8.

Would it be safe to get the quad port one?
by cartes
Wed Dec 21, 2011 2:19 am
Forum: General
Topic: Clear user command history
Replies: 13
Views: 12431

Re: Clear user command history

I think this is a very critical issue here. We were doing some digging, and found that this is not possible at all. Even if we create another user, as suggested by sergejs, any command line history still stays in memory, and returns once the user is recreated, even after reboots! We were creating an...
by cartes
Sun Mar 21, 2010 4:29 pm
Forum: General
Topic: trafr doesn't work
Replies: 15
Views: 7681

Re: trafr doesn't work

While the tcpdump or wireshark capture works, it makes certain analysis (like finding only UDP packets) almost impossible with filters. It would immensely helpful if someone could point to an online reference of a tool that would strip the packets off the tzsp headers.
by cartes
Sun Feb 21, 2010 1:35 am
Forum: General
Topic: Largest Matchable Address List
Replies: 6
Views: 787

Re: Largest Matchable Address List

Aah... You're the man! :)

Do you recommend I move to the latest 4.5? Or stick with 3.30? I'm running a production system consisting of 24 MTs, of which 3 have quite a complex setup (lots of rules, queues, etc).
by cartes
Sun Feb 21, 2010 12:44 am
Forum: General
Topic: Largest Matchable Address List
Replies: 6
Views: 787

Re: Largest Matchable Address List

Thanx for the quick response! I'm using RouterOS 3.6. Is that known to have that issue? I don't want to match every packet with that list also, but when I tried to do this: /ip fir man add chain=prerouting src-address-list=ggnn action=jump jump-target=mychain /ip fir man add chain=mychain src-addres...
by cartes
Sat Feb 20, 2010 11:13 pm
Forum: General
Topic: limiting the number of udp sessions
Replies: 10
Views: 3794

Re: limiting the number of udp sessions

UDP is a connection-less protocol, meaning there is no concept of "connection", and therefore, "connection-limit" cannot be applied.
by cartes
Sat Feb 20, 2010 10:56 pm
Forum: General
Topic: Largest Matchable Address List
Replies: 6
Views: 787

Largest Matchable Address List

Hi, I have created a rule that puts some matching IP addresses on an address list, then use the list to do other stuff. However, during the day, I have seen that the rule that "matches" the address list (using it in the scr-address-list field), does not seem to work, and the next rule comes into pla...
by cartes
Wed Apr 15, 2009 8:00 pm
Forum: Wireless Networking
Topic: RB411AH + R52H AP Power Issue vs. D-LINK DWL-2100AP
Replies: 13
Views: 4048

Re: RB411AH + R52H AP Power Issue vs. D-LINK DWL-2100AP

Hi,

Did you change to R52 and try out your adventure into Mikrotik? :)

--- Hassan
by cartes
Sun Feb 22, 2009 3:16 pm
Forum: General
Topic: Traffic shaper
Replies: 17
Views: 4851

Re: Traffic shaper

Thx for the quick answer NetworkPro. Here is my response to your remarks, I'm just putting in my answer, without quoting your reply to avoid making a long email: Q1: I also think he is doing PCQ or something elsewhere which is not in this config. Q2: Yes, I have tested this. Actually I was burnt ver...
by cartes
Sun Feb 22, 2009 8:32 am
Forum: General
Topic: Traffic shaper
Replies: 17
Views: 4851

Re: Traffic shaper

Excellent work Fatonk. This is such an eye opener! However, I have the following questions: Q1: I couldn't find out where you control the speed of individual customers at 1Mbit or 2Mbit, as you said at the beginning of your article. Or are you doing it somewhere else in your config that you didn't p...
by cartes
Tue Feb 03, 2009 12:26 am
Forum: General
Topic: WCCP on Mikrotik
Replies: 6
Views: 1920

WCCP on Mikrotik

Hi,

I apologize before hand if I'm asking the mundane... But, can someone explain why it is not possible?

If it is possible, would it be too difficult to implement? Anyone else think this could help them in their usage scenario?

Thx.
by cartes
Sun Jan 11, 2009 5:11 am
Forum: General
Topic: How to redirect to external proxy
Replies: 30
Views: 38601

Re: How to redirect to external proxy

Give this info:

1. What is your Local LAN Network
2. What is your Squid IP
3. What are the IP in the 3 interfaces of Mikrotik.
by cartes
Wed Jan 07, 2009 8:20 pm
Forum: General
Topic: Router Freezes on Bridging Interfaces
Replies: 7
Views: 1283

Re: Router Freezes on Bridging Interfaces

Thank you for your suggestions. We're in an early weekend session right now. We'll come to office again on Saturday, and try without bridge. Takes almost 5 - 6 hours before the problem occurs. Let's hope it works!
by cartes
Wed Jan 07, 2009 4:32 pm
Forum: General
Topic: Router Freezes on Bridging Interfaces
Replies: 7
Views: 1283

Router Freezes on Bridging Interfaces

I've been trying to make a transparent traffic shaper using MT. I've got a Core 2 Quad with 1 GB RAM system with 3 LAN cards using the Realtek RTL 8169 Gigabit LAN cards. I made a bridge interface, and added 2 ether ports to the bridge. I then "diverted" the local part of my core router pushing 50 M...
by cartes
Wed Jan 07, 2009 4:08 pm
Forum: General
Topic: How to redirect to external proxy
Replies: 30
Views: 38601

Re: How to redirect to external proxy

Let us say you've got three interface, as you say you have, on the MT with the following IPs assigned to them: 1_ether1 => a.b.c.d (Real IP) 2_ether2 => 192.168.100.1/24 (Private IP) 3_ether3 => 10.100.100.1/29 (Private IP for Squid) Put 10.100.100.2/29 IP on squid box and connect to 3_ether3 Put 19...
by cartes
Sun Jan 04, 2009 6:05 am
Forum: General
Topic: Any plans for the future of Mikrotik and the Broadband 2.0
Replies: 38
Views: 3826

Re: Any plans for the future of Mikrotik and the Broadband 2.0

We're doing Fibre to the Business (FTTB) at the moment using active optics as opposed to passive optics. The last mile is also fibre, and usually the drop cable ends in a safe place of the customer's premises, from where the link is converted to RJ45 copper media before connecting to the customer's ...
by cartes
Fri Jan 02, 2009 9:21 pm
Forum: General
Topic: BUG(?) v3.1x - Prerouting chain (mangle) freezes router.
Replies: 8
Views: 2378

Re: BUG(?) v3.1x - Prerouting chain (mangle) freezes router.

Hi, shouldn't the mangle rules have "passthrough=no"? It looks like your packets are getting through the complete chain. Can you explain in more detail on what you do? We've done policy based routing before where we had to market packets / connection through mangle then route them to different upstr...
by cartes
Fri Jan 02, 2009 8:48 pm
Forum: General
Topic: Any plans for the future of Mikrotik and the Broadband 2.0
Replies: 38
Views: 3826

Re: Any plans for the future of Mikrotik and the Broadband 2.0

While you are correct in your statement that optics is the connection method of choice when it comes to maximizing speed, in many scenarios such is not an option because of exorbitant costs. In rural areas, where density is low, cost per customer for laying down fibre is very expensive. So, Wireless...
by cartes
Fri Jan 02, 2009 4:49 am
Forum: General
Topic: PCQ limit & total limit settings
Replies: 36
Views: 43101

Re: PCQ limit & total limit settings

I just found another post in the forum: http://forum.mikrotik.com/viewtopic.php?f=2&t=27555 which has some interesting suggestions. I'll try to get my hands wet using these principles in the coming days and let you know how it goes. In the meantime, if you do get around doing these things, I would b...
by cartes
Thu Jan 01, 2009 10:55 pm
Forum: General
Topic: How to redirect to external proxy
Replies: 30
Views: 38601

Re: How to redirect to external proxy

Ok, first, what I see from your config is, Squid Proxy and the MT are connected to a switch, which in turn is connected to your uplink. What you should ensure first is: 1. You have a working squid. For this, try connecting a PC to the same "uplink switch", and use IP 10.10.10.2 or some other in the ...
by cartes
Thu Jan 01, 2009 10:27 pm
Forum: General
Topic: Does Mangle rules slows down the router?
Replies: 4
Views: 1263

Re: Does Mangle rules slows down the router?

If this would help you, we've got the following on our MT: 2000+ Mangle rules (mostly doing Nth as per the load balancing wiki) 500+ NAT rules 300+ Queues Hardware is generic Intel Core 2 Quad 2.4 GHz with 2 GB RAM. The one thing that we have separately is the Proxy. We've got a separate squid array...
by cartes
Thu Jan 01, 2009 10:22 pm
Forum: General
Topic: Any plans for the future of Mikrotik and the Broadband 2.0
Replies: 38
Views: 3826

Re: Any plans for the future of Mikrotik and the Broadband 2.0

We are not in a radio deployment at all, as we live in a very densely populated city (13M living on 200sq km). But, this year in Communicasia, I came across a company based in SG called SmartBridges who does seem to offer much power CPEs at quite reasonable costs. I did have a preliminary talk with ...
by cartes
Thu Jan 01, 2009 10:17 pm
Forum: General
Topic: LoadBalancing on MikroTik V3
Replies: 24
Views: 3942

Re: LoadBalancing on MikroTik V3

Thx Chupaka, that was a great hint on how Random works! We use Nth extensively for src-nat'ting. We have 4000+ users, who are distributed to 252 different groups using Nth. Each group is the src-nat'ted through different Real IPs. The problem we face is, the 252 groups are not evenly loaded, meaning...
by cartes
Thu Jan 01, 2009 9:59 pm
Forum: General
Topic: Any plans for the future of Mikrotik and the Broadband 2.0
Replies: 38
Views: 3826

Re: Any plans for the future of Mikrotik and the Broadband 2.0

Yes, dankerr. That is certainly possible, adding ethernet interfaces to PCs. But, what I would love to see is Fibre Optic offerings like RouterBoard. I would like to have CPEs from Mikrotik that have Fibre Optic interface on the Wan side. Granted it is going to be more expensive, but for wired netwo...
by cartes
Thu Jan 01, 2009 9:29 pm
Forum: General
Topic: Any plans for the future of Mikrotik and the Broadband 2.0
Replies: 38
Views: 3826

Re: Any plans for the future of Mikrotik and the Broadband 2.0

Thx for the links desertadmin, but as jp pointed out, Fibre is going to be the king of last-mile for the next 15 - 20 years, if not more. Fibre Optic has immense possibilities, and we're working hard to build a fibre optic network for the last mile in our country. Mikrotik has a great product, and a...
by cartes
Thu Jan 01, 2009 4:59 pm
Forum: General
Topic: Any plans for the future of Mikrotik and the Broadband 2.0
Replies: 38
Views: 3826

Re: Any plans for the future of Mikrotik and the Broadband 2.0

It would be nice though to see MT offering Fibre Optic based alternatives as well. We are planning to deploy a moderate (5000+ clients) FTTH test roll out this year, and would definitely give MT a preference if they had something to offer.

Regards
HASSAN
by cartes
Thu Jan 01, 2009 4:54 pm
Forum: General
Topic: PCQ limit & total limit settings
Replies: 36
Views: 43101

Re: PCQ limit & total limit settings

Hi, This is an interesting discussion. To answer Janisk about a more specific requirement, my scenario is as follows: Total BW is 10 Mbps, and total 500 customers 3 Classes of Shared Clients (kbps down / kbps up) SC1 => 512 / 128 SC2 => 256 / 64 SC3 => 128 / 64 2 Classes of Dedicated Clients (kbps d...
by cartes
Mon Dec 01, 2008 9:33 pm
Forum: General
Topic: PCQ issue
Replies: 41
Views: 9300

Re: PCQ issue

Thank you for this tip! Will try it out definitely and let you know the results.

On this note, which value do you suggest we try? max-limit? Or limit-at?
by cartes
Mon Dec 01, 2008 3:12 pm
Forum: General
Topic: PCQ issue
Replies: 41
Views: 9300

Re: PCQ issue

In our case we're not doing PPPoE. We are just doing traffic shaping using PCQ. When the user gets this error, we simply disable and re-enable the simple queue. That solves the problem.
by cartes
Mon Dec 01, 2008 4:45 am
Forum: General
Topic: Dual Core problem in 3.14 and 3.15 versions
Replies: 45
Views: 4918

Re: Dual Core problem in 3.14 and 3.15 versions

gustkiller: You're running 3.7, which is also not causing these clocking issues on our Intel Core 2 Quad systems running on Asus motherboards. These problems started to happen when we upgraded to 3.13 and above. Since then, we've gone back to using 3.6 / 3.7 and no more clocking issues. However, tho...
by cartes
Thu Nov 27, 2008 7:02 am
Forum: Scripting
Topic: Users filtering & binding MAC-to-IP
Replies: 5
Views: 2135

Re: Users filtering & binding MAC-to-IP

Yes, we're doing that too. All our interfaces that connect to the LAN are configured as "reply-only" ARP type. Then, we're putting static ARP entries into the ARP table. I guess the best way to move forward would be to use PPPoE. We want to use PPPoE too, but we want to use it using a separate Radiu...
by cartes
Thu Nov 27, 2008 6:10 am
Forum: Scripting
Topic: Users filtering & binding MAC-to-IP
Replies: 5
Views: 2135

Re: Users filtering & binding MAC-to-IP

Hi,

We also provide static IP to the user, but how do we authenticate once we provide them static IP?

Thanks in advance for your help.
by cartes
Thu Nov 27, 2008 5:31 am
Forum: Scripting
Topic: Custom App for Mikrotik needed
Replies: 9
Views: 1543

Re: Custom App for Mikrotik needed

Hi, This sounds interesting. Did you get around making this app? Could you specify what changes in the interface are you looking for?
by cartes
Tue Nov 25, 2008 9:06 pm
Forum: General
Topic: 3.17 Problems
Replies: 12
Views: 1947

Re: 3.17 Problems

Hi,

Could you be elaborate on what problems this version is supposed to have fixed? Your graphs were not very clear.

Thanx in advance for your input.

Regards
HASSAN
by cartes
Tue Nov 25, 2008 4:18 pm
Forum: General
Topic: WEB-PROXY Always Crash
Replies: 1
Views: 599

Re: WEB-PROXY Always Crash

Hi, If the crash follows the 6th day rule religiously, then this might be a different problem that what I think it is. Otherwise, I think web-proxy under MT could give problems after a certain load. In my testing, links over 5 Mbps and more than 200 customers should avoid using web-proxy in MT, and ...
by cartes
Tue Nov 25, 2008 3:42 pm
Forum: General
Topic: Dual Core problem in 3.14 and 3.15 versions
Replies: 45
Views: 4918

Re: Dual Core problem in 3.14 and 3.15 versions

We are also having clock problems on versions 3.14 and up (even with 3.16). We are back to using 3.6, which does not have this problem. Our mobo is Asus P5KPL-AM (G31 Chipset) http://www.asus.com/products.aspx?modelmenu=2&model=2266&l1=3&l2=11&l3=563&l4=0 We're not doing any overclocking or anything...
by cartes
Tue Nov 25, 2008 9:06 am
Forum: General
Topic: PCQ issue
Replies: 41
Views: 9300

Re: PCQ issue

Hi, We also have a similar problem, but not exactly the same. On a random basis, some users would get no ping replies from this MT server. And, usually, these users would belong to a handful of subnets, say around 5 - 10 subnets would occassionally have users complaining. To explain our network, we ...
by cartes
Tue Nov 25, 2008 8:39 am
Forum: General
Topic: High CPU utilisation with web proxy
Replies: 1
Views: 666

Re: High CPU utilisation with web proxy

Hi, I'm not a MT Guru, but in our experience, MT is good as a proxy for lower speeds / user-base. We've moved our proxy to a separate box since the day we went beyond 10 Mbps. Today we're at 70 Mbps, and we've got 2 separate dedicated proxy boxes to handle our load. Just my two cents. Hope it helps....
by cartes
Tue Nov 25, 2008 8:36 am
Forum: General
Topic: WEBPROXY with multiple output address
Replies: 7
Views: 1755

Re: WEBPROXY with multiple output address

Hi, I had run into similar situations as you have, and have found my solution (as you've mentioned) in a 2 box setup with 1 box running MT and 1 box running squid. In my testing while I was setting this up, the following is important: 1. MT box is not good at handling proxy for "very large" (I had 8...
by cartes
Tue Nov 25, 2008 8:24 am
Forum: General
Topic: Dual xeon or P4 for PPPoE concetrator?
Replies: 7
Views: 1432

Re: Dual xeon or P4 for PPPoE concetrator?

Thank you normis for your answer. We have an MT router (Core 2 Quad 2.33 GHz and 2 GB RAM) running as BW Manager, and also doing NAT using http://wiki.mikrotik.com/wiki/Load_Balancing_Persistent as a guideline to src-nat our home users of over 4,000 to 250+ real IPs. Our total backbone is 70 Mbps an...
by cartes
Sat Nov 15, 2008 4:06 pm
Forum: General
Topic: 3.15 Problems
Replies: 4
Views: 1207

Re: 3.15 Problems

We have been having the same issues with 3.15. We have around 3,000 uses whose BW we manage through using PCQ for both upload and download. When we used to be on 3.6 or 3.7 version, the queues worked pretty fine, and all users would get the proper bandwidth. However, as soon as we migrated to 3.15, ...