Community discussions

MikroTik App

Search found 348 matches

  • 1
  • 2
by ConradPino
Tue Feb 06, 2024 3:09 am
Forum: General
Topic: User poll about using Winbox
Replies: 102
Views: 74978

Re: User poll about using Winbox

  • CLI is only built-in script friendly configuration mechanism
  • WebFig and Winbox are both script hostile GUI tools
  • WebFig is built-in and sufficiently useful
  • Winbox is not built-in and superfluous
Winbox has an audience but it's not universal.
by ConradPino
Sat Sep 30, 2023 3:22 am
Forum: Forwarding Protocols
Topic: radvd invalid mtu log spam
Replies: 4
Views: 1923

Re: radvd invalid mtu log spam

Example from hAP ax3 core router deployment:
/ipv6 firewall raw
add action=drop chain=prerouting icmp-options=134:0-255 in-interface=vlanIX protocol=icmpv6
Neighbor Discovery packets received from upstream router are dropped.
by ConradPino
Wed Sep 27, 2023 7:05 am
Forum: Beginner Basics
Topic: My IoT project for my home
Replies: 2
Views: 727

Re: My IoT project for my home

Try these ping tests between the following devices:
  • wlan1 192.168.0.10 and PC 192.168.0.2
  • wlan1 192.168.0.10 and Mobile Phone 192.168.0.n
If wlan1 is reachable from those Clients (PC & Mobile) then adding routes to Client routing tables makes IoT and RP reachable from Clients.
by ConradPino
Sat Sep 23, 2023 11:44 pm
Forum: General
Topic: Should moderators redact sensitive info, and how much?
Replies: 49
Views: 3968

Re: Should moderators redact sensitive info, and how much?

Never infringe the original poster's right to be stupid! :lol:
by ConradPino
Fri Sep 22, 2023 3:34 am
Forum: General
Topic: simple routing problem
Replies: 2
Views: 471

Re: simple routing problem

What are the distance values for all routes?
Try a larger distance value for backup route.
by ConradPino
Fri Sep 22, 2023 2:49 am
Forum: General
Topic: How to merge 2 differents trunk + VLANs to one trunk?
Replies: 18
Views: 1434

Re: How to merge 2 differents trunk + VLANs to one trunk?

@maxspeed this is a classic XY Problem I have better uses for my time.
Disabling Spanning Tree Protocol is an issue; VLAN aware MSTP is best choice.
Parting thought: Layer2 misconfiguration § Bridges on a single switch chip
by ConradPino
Fri Sep 22, 2023 1:30 am
Forum: General
Topic: How to merge 2 differents trunk + VLANs to one trunk?
Replies: 18
Views: 1434

Re: How to merge 2 differents trunk + VLANs to one trunk?

Use one bridge on the CCR2116, not two separate ones, and configure the /interface bridge vlan membership accordingly on the two trunks. General agreement but I suggest holding off on big changes until requirements are completely known. You do not need /interface vlan and /ip address entries for ev...
by ConradPino
Fri Sep 22, 2023 1:20 am
Forum: General
Topic: How to merge 2 differents trunk + VLANs to one trunk?
Replies: 18
Views: 1434

Re: How to merge 2 differents trunk + VLANs to one trunk?

OSPF operates over IP / layer 3, VLANs operate over ethernet /layer 2 - they are completely unrelated to each other. Technically correct. The block on the diagram "OSPF link with 8 subnet with1 Trunk inside of ccr2116 - 8 vlans id:100-107" makes absolutely no sense. One broadcast domain (...
by ConradPino
Thu Sep 21, 2023 2:12 pm
Forum: General
Topic: How to merge 2 differents trunk + VLANs to one trunk?
Replies: 18
Views: 1434

Re: How to merge 2 differents trunk + VLANs to one trunk?

Suggested documentation answers questions posed but the experience to recognize them as such suggests appears absent and coming here can help fill that gap. It's not uncommon for users to share a problem and leave with working solution developed from a dialogue between original poster (OP) and forum...
by ConradPino
Wed Sep 20, 2023 3:47 pm
Forum: General
Topic: Webfig Enhancement
Replies: 24
Views: 6784

Re: Webfig Enhancement

Webfig and Winbox are very similar, but Winbox is more user friendly, it has side by side windows and such features. It was an honest question. If one thing has something you need, why keep using the other thing ... Winbox is an extra download an extra installation an extra learning curve an extra ...
by ConradPino
Wed Sep 20, 2023 3:12 pm
Forum: General
Topic: Webfig Enhancement
Replies: 24
Views: 6784

Re: Webfig Enhancement

I only used CLI to export/import large sections of configuration
Welcome brother, sorry you hear your escape attempt failed.
by ConradPino
Mon Sep 18, 2023 11:11 pm
Forum: General
Topic: How to merge 2 differents trunk + VLANs to one trunk?
Replies: 18
Views: 1434

Re: How to join several VLANs from 2 switches to one Bridge?

could you just explain your idea please, i try to figure the way
No, a short explanation is not possible. The solution is Bridge VLAN Filtering.
Start reading here: https://help.mikrotik.com/docs/display/ ... NFiltering
by ConradPino
Mon Sep 18, 2023 11:03 pm
Forum: Virtualization
Topic: Unable to upgrade CHR license
Replies: 2
Views: 1590

Re: Unable to upgrade CHR license

What I am doing wrong?
IMO probably nothing. I concluded that function "needs substantial improvement".
by ConradPino
Mon Sep 18, 2023 10:52 pm
Forum: General
Topic: How to merge 2 differents trunk + VLANs to one trunk?
Replies: 18
Views: 1434

Re: How to join several VLANs from 2 switches to one Bridge?

I would like to know if it's possible to join several VLANs from 2 differents switches to only one Bridge with another switch? Question : is it possible to do that or do you have a better solution TL;DR Yes, IMO it's possible. However a VLAN specification for EVERY PORT on EVERY SWITCH is needed to...
by ConradPino
Mon Sep 18, 2023 10:18 pm
Forum: General
Topic: Webfig Enhancement
Replies: 24
Views: 6784

Re: Webfig Enhancement

Why are you using Webfig and not Winbox? @normis - What an incredibly arrogant question! Worse you've asked this elsewhere with similar tone . Winbox is another learning curve not worth learning when CLI is best tool and Webfig is good visual tool. IMO RouterOS CLI is eventually inescapable and a v...
by ConradPino
Mon Sep 18, 2023 9:25 pm
Forum: RouterBOARD hardware
Topic: CRS309 + Intel X520 no link
Replies: 2
Views: 2591

Re: CRS309 + Intel X520 no link

CRS309-1G-8S+IN operates with eight (8) Arista Networks SFP-10G-SR at 10Gbps.
by ConradPino
Sun Sep 10, 2023 10:54 am
Forum: Scripting
Topic: Traffic-Generator not stopping
Replies: 1
Views: 1680

Re: Traffic-Generator not stopping

The quick command has duration property defined as "how long to run the test".
by ConradPino
Sat Sep 09, 2023 10:31 pm
Forum: Announcements
Topic: Newsletter #114 | September 2023
Replies: 72
Views: 15386

Re: Newsletter #114 | September 2023

Zero PoE please or models with and without like RB5009.
by ConradPino
Sat Sep 09, 2023 9:55 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 165489

Re: v7.11.2 [stable] is released!

From MikroTik Devices Controller topic, post #293 : https://forum.mikrotik.com/viewtopic.php?t=186352#p1023643 Before making a big commitment to a new software product; let's get the bread and butter products in order: RouterOS 7 "stable" becomes truly stable ( not just a label ) first and...
by ConradPino
Sat Sep 09, 2023 10:25 am
Forum: Virtualization
Topic: RouterOS CHR 7.11 Wifiwave2 Training
Replies: 4
Views: 3142

Re: RouterOS CHR 7.11 Wifiwave2 Training

virtualized radio hardware
Thank you! Can you elaborate on how the above might be done?

hAP ax3 is my core router. Is hAP ax2 a suitable configuration testing proxy for ax3?
by ConradPino
Sat Sep 09, 2023 4:10 am
Forum: Wireless Networking
Topic: hAP as Station?
Replies: 5
Views: 1803

Re: hAP as Station?

If Tasmota device has working default gateway then port NAT may be enough. If not then full IP address NAT is the next option I'd consider.
by ConradPino
Sat Sep 09, 2023 3:57 am
Forum: RouterBOARD hardware
Topic: Mikrotik S+RJ10 third party switch compatibility [SOLVED]
Replies: 2
Views: 4011

Re: Mikrotik S+RJ10 third party switch compatibility [SOLVED]

I use one in CRS326-24G-2S+IN (passive cooling) running at 2.5G to hAP ax3. At 86F ambient RouterOS monitor shows 86C : name: sfp-sfpplus1 status: link-ok auto-negotiation: done rate: 2.5Gbps full-duplex: yes tx-flow-control: no rx-flow-control: no advertising: 10M-half,10M-full,100M-half,100M-full,...
by ConradPino
Fri Sep 08, 2023 11:07 pm
Forum: General
Topic: Hardware offloaded vlan traffic counters
Replies: 3
Views: 1474

Re: Hardware offloaded vlan traffic counters

@boydsoftprez Congratulations; I call your research a significant accomplishment. IMO you have the right question but I have no answer. This is a user forum and some user may know. MikroTik staff watch the forum, participate on occasion but make no commitment to do so. Getting a definitive answer fr...
by ConradPino
Fri Sep 08, 2023 9:14 pm
Forum: Beginner Basics
Topic: OS 7.11 and old Mikrotik HAP lite
Replies: 8
Views: 2489

Re: OS 7.11 and old Mikrotik HAP lite

7.11.1 fixed 7.11 bugs but introduced DHCP server bug resolved in 7.11.2 version.
by ConradPino
Fri Sep 08, 2023 9:21 am
Forum: RouterBOARD hardware
Topic: Waiting for wAP ax...
Replies: 4
Views: 3314

Re: Waiting for wAP ax...

Gods punish mortals by granting their prayers. :lol: Be aware of the ongoing Wifiwave2 melodrama.
I'm happy with new hAP ax3 but then my WiFi use is just for the toys; real work happens over cables.
by ConradPino
Fri Sep 08, 2023 7:32 am
Forum: Beginner Basics
Topic: Bridge dst-nat packets disappear
Replies: 4
Views: 1830

Re: Bridge dst-nat packets disappear

Anyway. I wanted to try using layer 2 dst-nat instead of hairpins, like how DSR operates with load balancers: instead of substitution the dst IP address, the dst-nat rule replaces the dst MAC in the packet with that of the server, leaving the dst IP address alone. The server gets the packet, and re...
by ConradPino
Fri Sep 08, 2023 6:18 am
Forum: Forwarding Protocols
Topic: Load Balancing via BGP routes
Replies: 6
Views: 2392

Re: Load Balancing via BGP routes

@silence012 I defer to @clambert advice as better.
by ConradPino
Fri Sep 08, 2023 5:21 am
Forum: Forwarding Protocols
Topic: Load Balancing via BGP routes
Replies: 6
Views: 2392

Re: Load Balancing via BGP routes

Current RougerOS documentation has 11 steps but I don't know the significance. I suggest consult both keeping in mind wiki is deprecated. Also keep in mind current documentation is a work in progress, and sometimes incomplete where the wiki says more. Current RouterOS BGP § Best-Path Selection : htt...
by ConradPino
Fri Sep 08, 2023 3:37 am
Forum: RouterBOARD hardware
Topic: UK Power Supply for hAP AX3
Replies: 20
Views: 4630

Re: UK Power Supply for hAP AX3

@normis I find your and others reassurances credible and apologize for being unclear about what motivated my alarm. US law has product liability provisions that some dumb consumer or a cash hungry litigator might try to exploit. I hope such a thing never happens to my favorite network equipment vend...
by ConradPino
Fri Sep 08, 2023 3:15 am
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 165489

Re: v7.11, 7.11.1 and more [stable] are released!

7.11 or 7.11.1 broke my terminal/console in my RB4011. (Both through terminal in winbox and ssh). But after emailing with support they convinced me to try the latest development version (v7.12beta3 atm). That fixed the problem. Now let's hope it doesn't break other stuff. :) Did 7.11.2 play a part ...
by ConradPino
Fri Sep 08, 2023 3:03 am
Forum: RouterBOARD hardware
Topic: CRS3xx: switching vs bridging ?
Replies: 12
Views: 3429

Re: CRS3xx: switching vs bridging ?

My main conclusion is that, if VLAN features (802.1q) are fully offloaded, I should not care if CRS312 has slower CPU/bridging than CRS309. Generally true if VLAN 802.1Q is the only bridge feature in play, it should be hardware offloaded. Perform due diligence on possible future bridge features fal...
by ConradPino
Thu Sep 07, 2023 9:23 pm
Forum: Wireless Networking
Topic: nvidia shield can't connect to 5 GHz Wi-Fi on hAP ac2
Replies: 8
Views: 2673

Re: nvidia shield can't connect to 5 GHz Wi-Fi on hAP ac2

@mkx Thank you; an excellent response!
by ConradPino
Thu Sep 07, 2023 8:32 pm
Forum: Wireless Networking
Topic: nvidia shield can't connect to 5 GHz Wi-Fi on hAP ac2
Replies: 8
Views: 2673

Re: nvidia shield can't connect to 5 GHz Wi-Fi on hAP ac2

Well done.
Agreed!

the effect of USB3 on WiFi 2.4GHz is known and understood,
Please educate the uninformed with a brief description or suggest Google Search terms.
by ConradPino
Thu Sep 07, 2023 8:23 pm
Forum: RouterBOARD hardware
Topic: CRS3xx: switching vs bridging ?
Replies: 12
Views: 3429

Re: CRS3xx: switching vs bridging ?

But that still doesn't make these two "not distinct" ...
If the line is drawn at hardware offload or not then I agree.
Are these idiomatic distinctions helpful to the OP?
by ConradPino
Thu Sep 07, 2023 7:53 pm
Forum: RouterBOARD hardware
Topic: CRS3xx: switching vs bridging ?
Replies: 12
Views: 3429

Re: CRS3xx: switching vs bridging ?

Since the RouterOS bridge is the management device for the underlying switch chip, that blurs a sharp distinction IMO.
by ConradPino
Thu Sep 07, 2023 7:28 pm
Forum: RouterBOARD hardware
Topic: CRS3xx: switching vs bridging ?
Replies: 12
Views: 3429

Re: CRS3xx: switching vs bridging ?

CRS3xx devices use the Bridge VLAN Filtering model. I recommend these RouterOS documentation pages: Bridging and Switching - https://help.mikrotik.com/docs/display/ROS/Bridging+and+Switching Bridge VLAN Filtering - https://help.mikrotik.com/docs/display/ROS/Bridging+and+Switching#BridgingandSwitchin...
by ConradPino
Thu Sep 07, 2023 10:25 am
Forum: Beginner Basics
Topic: CRS125-24G-1S and a Dell 6224 managed switch [SOLVED]
Replies: 7
Views: 2780

Re: CRS125-24G-1S and a Dell 6224 managed switch [SOLVED]

Consider CRS125-24G-1S-IN Block Diagram: https://i.mt.lv/cdn/product_files/CRS125-24G-1S-160620160458_160658.png Single 26 port Switch Chip suggests different subnets on different ports requires isolating ports with a VLAN implementation. Review RouterOS CRS1xx/2xx series switches page for design gu...
by ConradPino
Thu Sep 07, 2023 10:10 am
Forum: Beginner Basics
Topic: Lan in bridge2 cannot ping Lan in bridge3 (router is reset no default configuration) [SOLVED]
Replies: 9
Views: 1682

Re: Lan in bridge2 cannot ping Lan in bridge3 (router is reset no default configuration) [SOLVED]

RB951G-2HnD incorporates Atheros8327 switch chip; see Block Diagram: https://i.mt.lv/cdn/product_files/RB951G-150611115818_150618.png Multiple bridges is a documented error; see Bridges on a single switch chip: https://help.mikrotik.com/docs/display/ROS/Layer2+misconfiguration#Layer2misconfiguration...
by ConradPino
Thu Sep 07, 2023 1:50 am
Forum: Beginner Basics
Topic: RB5009 RouterOS License 6 [SOLVED]
Replies: 19
Views: 3144

Re: RB5009 RouterOS License 6 [SOLVED]

i disagree, the main diferentiator between L5 and L6 is User manager active sessions Limit, Which in L5 is 50, in L6 is Unlimited
You are correct; I failed to look further down time table and ignored two other differences.
by ConradPino
Thu Sep 07, 2023 1:44 am
Forum: RouterBOARD hardware
Topic: UK Power Supply for hAP AX3
Replies: 20
Views: 4630

Re: UK Power Supply for hAP AX3

@normis, @mkx is making an excellent point and it's worse than what's said so far. My hAP ax3 US PSU has a 1.3A rating. At 15W typical and 24V the draw is 0.625A. IMO I'm good. But at 38W maximum and 24V, the draw is 1.58A which exceeds 1.2A and 1.5A ratings seen so far. If MikroTik is serious about...
by ConradPino
Wed Sep 06, 2023 10:45 pm
Forum: Beginner Basics
Topic: RB5009 RouterOS License 6 [SOLVED]
Replies: 19
Views: 3144

Re: RB5009 RouterOS License 6 [SOLVED]

Level can be upgraded, it simply cannot be upgraded with discount , but can be purchased for full price. Well, now we know why that doesn't happen very often. Not a good value IMO. Can you clarify (OP) which Level 6 features you need in this device, that are not present in Level 5? I never said I n...
by ConradPino
Wed Sep 06, 2023 10:11 pm
Forum: RouterBOARD hardware
Topic: UK Power Supply for hAP AX3
Replies: 20
Views: 4630

Re: UK Power Supply for hAP AX3

I call that one similar but not the same model except for color due to the differing current rating.
I'm in the United States ... maybe the question was a small troll on a useful marketing message.
by ConradPino
Wed Sep 06, 2023 5:30 pm
Forum: Beginner Basics
Topic: MikroTik Forum Private Messages [SOLVED]
Replies: 2
Views: 1449

Re: MikroTik Forum Private Messages [SOLVED]

There is "zero level" messaging on the forum.
Clear, concise, and so complete. Thank you!
by ConradPino
Wed Sep 06, 2023 5:12 pm
Forum: Beginner Basics
Topic: MikroTik Forum Private Messages [SOLVED]
Replies: 2
Views: 1449

MikroTik Forum Private Messages [SOLVED]

The User Control Panel page, Board preferences tab, has Allow users to send you private messages: options.
phpBB documentation has Communicate with Private Messages page: https://www.phpbb.com/support/docs/en/3 ... e/user_pm/

What level of private messaging is practiced here?
by ConradPino
Wed Sep 06, 2023 4:39 pm
Forum: Beginner Basics
Topic: RB5009 RouterOS License 6 [SOLVED]
Replies: 19
Views: 3144

Re: RB5009 RouterOS License 6 [SOLVED]

L5 and L6 differences are three specialized tunnel protocols I may not use but that's not my topic.

My topic is how do I get a given MT hardware device from L5 to L6 should I ever really need to do so.
by ConradPino
Wed Sep 06, 2023 4:27 pm
Forum: General
Topic: Bridge Ethernet1 Port can set 2 pvid
Replies: 6
Views: 1289

Re: Bridge Ethernet1 Port can set 2 pvid

PVID is the VLAN id
  • assigned to untagged ingress packets
  • allowed to egress as untagged packets
Bridge ports have one and only one PVID.
Second statement is just overriding the first.
by ConradPino
Wed Sep 06, 2023 4:15 pm
Forum: Beginner Basics
Topic: RB5009 RouterOS License 6 [SOLVED]
Replies: 19
Views: 3144

Re: RB5009 RouterOS License 6 [SOLVED]

Also take into account AX3 costs about 50% for HW and license then L6 license purchased separately.
IMO hAP ax3 is a sweet spot and I'm very pleased with mine.
hAP ax3 just lacks dual SFP+ ports to be "perfect".
RB5009 L6 with one SFP+ port is good enough.
by ConradPino
Wed Sep 06, 2023 4:11 pm
Forum: Beginner Basics
Topic: RB5009 RouterOS License 6 [SOLVED]
Replies: 19
Views: 3144

Re: RB5009 RouterOS License 6 [SOLVED]

So the problem is hAP ax3 having L6 License,
No, hAP ax3 at L6 is quite nice which makes RB5009 at L5 seem odd.
by ConradPino
Wed Sep 06, 2023 3:52 pm
Forum: General
Topic: HW3 CCR 2116 Problem
Replies: 9
Views: 1443

Re: HW3 CCR 2116 Problem

I don't have Loop problems, they are different broadcasts, there is no Router bridge. My problem is with the HW3 option Consider that if you were correct you would not be here. Consider that you just destroyed any incentive to help you. Getting the most out of this forum by normis, MikroTik Support
by ConradPino
Wed Sep 06, 2023 3:26 pm
Forum: General
Topic: HW3 CCR 2116 Problem
Replies: 9
Views: 1443

Re: HW3 CCR 2116 Problem

RSTP is not VLAN aware whereas MSTP is: https://help.mikrotik.com/docs/display/ ... eeProtocol
by ConradPino
Wed Sep 06, 2023 3:23 pm
Forum: Beginner Basics
Topic: RB5009 RouterOS License 6 [SOLVED]
Replies: 19
Views: 3144

Re: RB5009 RouterOS License 6 [SOLVED]

The License Levels section is clear enough. The Obtaining Licenses and Working With Them section seems woefully incomplete. Can I upgrade a hardware device license level at all? How is that done without actually doing so? If possible then at what price? I am also advocating the RB5009 standard licen...
by ConradPino
Wed Sep 06, 2023 3:04 pm
Forum: Beginner Basics
Topic: RB5009 RouterOS License 6 [SOLVED]
Replies: 19
Views: 3144

RB5009 RouterOS License 6 [SOLVED]

hAP ax3 at RouterOS License 6 is perfect with current Comcast 1.2G download service. Sonic.com is coming to my street with symmetric 10G fiber service. RB5009 at RouterOS License 6 matches a Sonic future well. I don't understand the product design where better RB5009 is licensed at lower level where...
by ConradPino
Wed Sep 06, 2023 1:51 pm
Forum: Wireless Networking
Topic: PSK2 passphrase based VLANs + capsman
Replies: 6
Views: 1961

Re: dynamic VLANs + capsman

No, not so far. Both versions can coexist in same LAN, but on two different devices.
Thank you; greatly appreciated.
by ConradPino
Wed Sep 06, 2023 1:44 pm
Forum: RouterBOARD hardware
Topic: UK Power Supply for hAP AX3
Replies: 20
Views: 4630

Re: UK Power Supply for hAP AX3

We supply the hAP AX3 with the following UK Mikrotik PSU as standard:
Do you have it in black?
by ConradPino
Wed Sep 06, 2023 1:18 pm
Forum: RouterBOARD hardware
Topic: UK Power Supply for hAP AX3
Replies: 20
Views: 4630

Re: UK Power Supply for hAP AX3

Don't overlook current (Ampere) rating.
by ConradPino
Wed Sep 06, 2023 12:47 pm
Forum: Wireless Networking
Topic: PSK2 passphrase based VLANs + capsman
Replies: 6
Views: 1961

Re: dynamic VLANs + capsman

CapsMAN has split into two branches to follow the WiFi driver split: The Wireless package (legacy driver) The Wifiwave2 package (new hardware) CapsMAN for each driver supports it's driver version alone. I believe but not sure both CapsMAN versions can coexist on same host. Consider describing WiFi d...
by ConradPino
Wed Sep 06, 2023 12:36 pm
Forum: Virtualization
Topic: CHR + ESXi 6.7 U3 tx-drops with VLANs
Replies: 3
Views: 6919

Re: CHR + ESXi 6.7 U3 tx-drops with VLANs

Consider testing with e1000e driver instead of VMXNET3.
by ConradPino
Wed Sep 06, 2023 4:53 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

https://roll.urown.net/ . Says nothing regarding VLAN or Layer 2 Broadcast Domains ; see: https://en.wikipedia.org/wiki/Broadcast_domain The parapgraphs upto the table of contents are the key points for this topic. Broadcast domains are the IPv4 ARP and IPv6 ND boundaries: https://en.wikipedia.org/...
by ConradPino
Wed Sep 06, 2023 4:44 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Google Docs supports these sharing models:
  • Private to Google account owner.
  • Public to anyone and Google Search.
  • Visible to anyone with the obscure link
  • Visible to selected authenticated Google accounts.
I propose the latter and after we're done, redacting for publication is an option.
by ConradPino
Wed Sep 06, 2023 3:05 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 239109

Re: MikroTik Devices Controller

Before making a big commitment to a new software product; let's get the bread and butter products in order: RouterOS 7 "stable" becomes truly stable ( not just a label ) first and foremost before all else. RouterOS 7 becomes feature complete first and foremost before new software products....
by ConradPino
Wed Sep 06, 2023 2:45 am
Forum: RouterBOARD hardware
Topic: x86 Mikrotik v7 performance - choosing the x86 CPU
Replies: 9
Views: 5784

Re: x86 Mikrotik v7 performance - choosing the x86 CPU

I believe this relationship has some merit: 14 * 2.6 = 36.4 22 * 2.2 = 48.4 I expect lower clock speed to affect single packet latency. I expect 22 cores to have more concurrent packets in flight. RouterOS v6 v7 have Linux kernels at differing versions I don't recall. When port speed is the bottlene...
by ConradPino
Wed Sep 06, 2023 2:34 am
Forum: General
Topic: Everything on latest OS version [SOLVED]
Replies: 10
Views: 1995

Re: Everything on latest OS version [SOLVED]

Tell me how foolish this is.
Tell us about the pain or absence thereof please.
by ConradPino
Wed Sep 06, 2023 1:59 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Manual Path MTU Discovery examples: /tool ping count=4 address=184.105.253.10 do-not-fragment size=1500 /tool ping count=4 address=184.105.253.10 do-not-fragment size=1501 /tool ping count=4 address=2001:470:1f0e:1cc::1 do-not-fragment size=1500 /tool ping count=4 address=2001:470:1f0e:1cc::1 do-not...
by ConradPino
Wed Sep 06, 2023 1:50 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

This is fine tuning for when ever is convenient. This is the vanilla HE tunnel recipe: /interface 6to4 add !keepalive local-address=162.191.217.57 mtu=1280 name=sit1 remote-address=184.105.253.10 1280 is minimum MTU specified in IPv6 standard and avoids MTU related trouble reports. The local-addres...
by ConradPino
Wed Sep 06, 2023 1:16 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

It's time to consider network design taking into account: Current IPv4 subnet implementation Future IPv4 subnet considerations Future VLAN considerations Future IPv6 subnet design I keep my life simple: IPv4 and IPv6 subnets are paired one to one. IPv46 subnet pairs share one VLAN Simple enough so V...
by ConradPino
Wed Sep 06, 2023 1:05 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Your HE IPv6 link is working. I can ping both ends from my Windows client: C:\ops>ping 162.191.217.57 Pinging 162.191.217.57 with 32 bytes of data: Reply from 162.191.217.57: bytes=32 time=115ms TTL=42 Reply from 162.191.217.57: bytes=32 time=117ms TTL=42 Reply from 162.191.217.57: bytes=32 time=11...
by ConradPino
Wed Sep 06, 2023 12:11 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

If you'd like to wrap up this thread and send efforts in a new direction, please reply with a suggestion. As far as I'm concerned, it's all the same issue; this topic is fine and the story in one place helps others. T-Mobile is still rolling out IPv6 and they haven't got it ready for prime time jus...
by ConradPino
Tue Sep 05, 2023 11:47 pm
Forum: Beginner Basics
Topic: VLAN setup check + dashboard connection to cloud switch gone when connecting via ethernet to HeX PoE
Replies: 7
Views: 2440

Re: VLAN setup check + dashboard connection to cloud switch gone when connecting via ethernet to HeX PoE

My devices hAP ax3 CRS309 CRS326 CRS326 all use Bridge VLAN Filtering model: RouterOS https://help.mikrotik.com/docs/display/ROS/Bridging+and+Switching#BridgingandSwitching-BridgeVLANFiltering But that VLAN model is not universal, see Bridge VLAN filtering on non-CRS3xx : RouterOS https://help.mikro...
by ConradPino
Tue Sep 05, 2023 11:17 pm
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

I had an actual full IPv6 address at the router. But I've since lost it, possibly due to ham-handed configuration errors. Friday was also about the same time that my VoIP phone service stopped working; it looks as if the changeover broke CallCentric's configuration. I'm supposed to have a telephone...
by ConradPino
Tue Sep 05, 2023 4:11 pm
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

The step after Router Advertisements (RA) is IPv6 DHCP client: # Remove existing IPv6 DHCP client /ipv6 dhcp-client remove [ find where comment=defconf ] # Add IPv6 DHCP client request address and IPv6 prefix delegation - known to work with Comcast /ipv6 dhcp-client add interface=ether1 pool-name=TM...
by ConradPino
Tue Sep 05, 2023 3:47 pm
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Okay...
We know the RB4011 IPv6 stack is running and SLAAC didn't work. Let's accept router advertisements:
/ipv6 settings set accept-router-advertisements=yes
After a decent pause, let's print IPv6 addresses and routes again.
by ConradPino
Tue Sep 05, 2023 11:39 am
Forum: Virtualization
Topic: Install on new Hetzner Cloud CCXx3 VMs fails
Replies: 6
Views: 3869

Re: Install on new Hetzner Cloud CCXx3 VMs fails

I am surprised Hetzner omits OVA and OVF from their documentation.
Router OS CHR OVA template proved useful with VMware ESXi 6.7u3 local host.
by ConradPino
Tue Sep 05, 2023 11:08 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Let us see if we added an IPv6 address and added IPv6 gateway. Post RB4011 output from:
/ipv6 address print
/ipv6 route print

P.S. Consider adding empty line before opening code block tag to get the standard look.
by ConradPino
Tue Sep 05, 2023 6:30 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Goal: RB4011 enable IPv6 SLAAC on ether1 interface; see: https://en.wikipedia.org/wiki/IPv6#Stateless_address_autoconfiguration_(SLAAC) Expect RB4011 ether1 to negotiate an IPv6 address. Any firewall must allow IPv6 Neighbor Discovery; allowing all ICMPv6 is considered safe. RB4011 configuration has...
by ConradPino
Tue Sep 05, 2023 6:10 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Yes. (You mean I didn't make that clear, yet?) If there's anything in the RB4011 which is disabling IPv6, I don't know what it is. Please educate me. The reading so far made T-Mobile IPv6 unattractive to me but it may be enough for your purposes. RB4011 IPv4 firewall looks good enough on vary casua...
by ConradPino
Tue Sep 05, 2023 6:00 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Hurricane Electric IPv4 address for endpoint: 184.105.253.10 (Also says to make sure that 66.220.2.74 is allowed through firewall.) I see a Dynamic entry for 28.192.116.242/24 for ether1...even though What's My IP and Hurricane Electric agree that the IP I show to the world is 172.56.48.36. Tomorro...
by ConradPino
Tue Sep 05, 2023 5:40 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

I also tried changing the PDP setting to dual IPv4/IPv6, but that didn't make a difference...the restriction is upstream. RB4011 configuration disables IPv6. Exploring T-Mobile IPv6 capability is an option while Public IPv4 situation continues. Inseego FX2000 manual Page 60, IPv6 section, Turn on I...
by ConradPino
Tue Sep 05, 2023 5:23 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Hurricane Electric tunnel uses 6in4 - https://en.wikipedia.org/wiki/6in4
Inseego FX2000 firewall must allow IP Protocol 41 in both directions.
The alternative is disable the Inseego FX2000 firewall altogether.
Hold off on either until we understand Public IPv4 situation.
by ConradPino
Tue Sep 05, 2023 5:14 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

We might be flogging a dead horse today. Read the T-Mobile sections here: https://isc.sans.edu/diary/Why+I+Gave+Up+on+IPv6+And+no+it+is+not+because+of+security+issues/27814 On the other hand Reddit suggests static IPv4 can work but expect a bumpy road; https://www.reddit.com/r/tmobileisp/comments/11...
by ConradPino
Tue Sep 05, 2023 4:49 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Please share Hurricane Electric IPv4 address for tunnel server you've chosen.
Inseego FX2000 doesn't say anything of internal ping test which is a common feature.

Let's verify Public IPv4 the world sees agrees with RB4011 value: http://checkip.dyndns.org/
by ConradPino
Tue Sep 05, 2023 4:28 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

@ehbowen I don't see RB4011 major breakage; I do see one suspect item and several unused resources. To save time I shall ignore firewall issues (NAT excepted; it's routing) and ignore scheduler and scripting. I don't see how this firewall NAT rule will work: /ip firewall nat add action=dst-nat chain...
by ConradPino
Tue Sep 05, 2023 4:13 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

By The Way, I just found out that my Tunnelbroker account with Hurricane Electric is still active even though I haven't used it since I went to the /29 static block. I'm eligible to create up to 5 tunnels. T-Mobile IPv6 overview has their ASN (AS1239) which you can use to check their peering relati...
by ConradPino
Tue Sep 05, 2023 1:49 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

I couldn't do anything with this on IPv6 or IPv4. I believe it requires a login and I've had difficulty establishing one. My service is very new and my account rep has encountered 'issues.' Perhaps tomorrow after the holiday Holiday? What's that? Any other suggestions for testing/evaluating? If I c...
by ConradPino
Tue Sep 05, 2023 1:32 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Google Search suggests T-Mobile does not support IPv6 Prefix Delegation (PD): https://en.wikipedia.org/wiki/Prefix_delegation Rattle T-Mobile's cage for a definitive support statement as Internet information is often correct when published but no longer so. IPv6 PD doesn't require authentication (lo...
by ConradPino
Tue Sep 05, 2023 1:14 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

IP Passthrough is selected and the RB4011 is seeing and routing the outside IP address. I also do have IPv6 activated in the FX2000 and I'm showing a 'Link-Local' address, but it seems that nothing downstream is obtaining an IPv6 address through the router. But possibly I have something set incorre...
by ConradPino
Tue Sep 05, 2023 12:58 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Look T-Mobile For Business has IPv6: https://solutions.t-mobile.com/support/ipv6
Let's pursue this first; it restores global end-point connectivity enjoyed with public /29 static subnet.
by ConradPino
Tue Sep 05, 2023 12:45 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

Download Inseego FX2000 User Guide https://inseego.com/download/FX2000_user_guide.pdf
Some gateway devices have "bypass" mode which I didn't see in this manual.
I do see "IP Passthrough" in several places. Where are you with that?
by ConradPino
Tue Sep 05, 2023 12:38 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

RB5009UPr+S+IN has PoE-out on all ports. https://mikrotik.com/product/rb5009upr_s_in
Compare performance with current router and consider for the core router role.
by ConradPino
Tue Sep 05, 2023 12:31 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

My gateway device is an Inseego FX2000, connected directly to ether1 of my RB4011.
This is bad news. Do you have full control of Inseego FX2000?
Do you care about the Inseego FX2000 WiFi capability?
by ConradPino
Tue Sep 05, 2023 12:19 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

@ehbowen NetVanta 1531P plays same role as CRS326-24G-2S+IN does for me. I have deployed CRS326-24G-2S+RM at collocation data center. Both are fan-less. https://mikrotik.com/product/crs326_24g_2s_in https://mikrotik.com/product/CRS326-24G-2SplusRM Please note both are "switch" products; th...
by ConradPino
Tue Sep 05, 2023 12:04 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

@ehbowen You mention IPv6 in passing and as an aspiration. IMO it's the simplest technical solution.
IPv6 tunnels work well but require semi-stable public IPv4 address.

Please describe what role IPv6 had in past network operations, if any.
Please describe key locations and their current IPv6 state.
by ConradPino
Mon Sep 04, 2023 11:57 pm
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

@ehbowen Thank you; an excellent start; let's elaborate specifics as needed. I believe I see a wireless upstream ISP, and Carrier-grade NAT is often use by such carriers. https://en.wikipedia.org/wiki/Carrier-grade_NAT Let's establish the IPv4 subnet characteristics between your equipment and upstre...
by ConradPino
Mon Sep 04, 2023 5:16 pm
Forum: Virtualization
Topic: Problem while installing RouterOS on OpenNebula
Replies: 2
Views: 2266

Re: Problem while installing RouterOS on OpenNebula

Look deeper in the Download page in Cloud Hosted Router section and try OVA template.
by ConradPino
Mon Sep 04, 2023 5:03 pm
Forum: RouterBOARD hardware
Topic: IPQ6010 internal switch features
Replies: 5
Views: 4216

Re: IPQ6010 internal switch features

VLAN feature is always supported by CPU alone as the worst case. Switch Chip Features page is about hardware level acceleration. Switch chip features vary from no hardware support to fully hardware offloaded. Be aware other functions like firewall interact with hardware offload. IPQ6010 switch chip ...
by ConradPino
Mon Sep 04, 2023 12:58 pm
Forum: Wireless Networking
Topic: Multiple hap ax2 issues...
Replies: 47
Views: 5613

Re: Multiple hap ac2 issues...

Topic title and first post don't agree on product. Which is it? hAP ac2 or hAP ax2
This topic suggests hAP ax2 issues are making progress viewtopic.php?t=191304
What is the goal here? Emotional catharsis (rant)? Technical issue resolution? Both?
by ConradPino
Mon Sep 04, 2023 11:30 am
Forum: General
Topic: Identify physical interface from DHCP client script
Replies: 4
Views: 1320

Re: Determining physical port that a DHCP lease was obtained from

by ConradPino
Mon Sep 04, 2023 11:26 am
Forum: General
Topic: Multiple SSIDs for station
Replies: 8
Views: 2614

Re: Multiple SSIDs for station

For road warrior devices, certainly look at connect list.
Is Connect List one of the Lost Features in Wifiwave2?
by ConradPino
Mon Sep 04, 2023 11:16 am
Forum: General
Topic: Multiple Physical Hosts behind Single (dynamic) IP?
Replies: 56
Views: 4555

Re: Multiple Physical Hosts behind Single (dynamic) IP?

  • Getting the most out of this forum by normis, MikroTik Support
  • The more we know, the more we can offer creative suggestions.
  • Such as Nginx (real reverse proxy) runs in RouterOS Container.
by ConradPino
Mon Sep 04, 2023 11:10 am
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 165489

Re: v7.11, 7.11.1 and more [stable] are released!

Let's go a step further and remove 7.11.1 from the title and make clear it should be ignored.
by ConradPino
Mon Sep 04, 2023 11:06 am
Forum: Containers
Topic: CLIGAMES - container with UNIX CLI games & playable with /system/telnet
Replies: 5
Views: 4048

Re: CLIGAMES - container with UNIX CLI games & playable with /system/telnet

Here is the Dockerfile if anyone wanted to build it locally:
Thank you! I remain grateful for my continuing education from The Wise Ones.
by ConradPino
Mon Sep 04, 2023 2:37 am
Forum: General
Topic: Container as VPN
Replies: 18
Views: 4022

Re: Container as VPN

But I'm skeptical if openvpn can work in /container in the first place – just hadn't seen anyone successful with that. Once the container has full network connectivity it can be treated as just another server (virtual or physical is irrelevant). Routing differences occur when container host is the ...
by ConradPino
Mon Sep 04, 2023 12:31 am
Forum: General
Topic: Container as VPN
Replies: 18
Views: 4022

Re: Container as VPN

Inadequate information destroys the incentive to help. Good luck!
by ConradPino
Sun Sep 03, 2023 11:44 pm
Forum: General
Topic: Container as VPN
Replies: 18
Views: 4022

Re: Container as VPN

I have ubuntu/bind9 Docker image running on RouterOS CHR 7.11.2 and hAP ax3 7.11 using two bridge network pattern. Both have full IPv4 and IPv6 connection to Internet and LAN clients. I solved the container network routing issues. OpenVPN container adds another virtual router providing a gateway to ...
by ConradPino
Sun Sep 03, 2023 11:25 pm
Forum: RouterBOARD hardware
Topic: IPQ6010 internal switch features
Replies: 5
Views: 4216

Re: IPQ6010 internal switch features

The Introduction section has two tables. The second table has this row: | C52iG-5HaxD2HaxD-TC (hAP ax2), C53UiG+5HPaxD2HPaxD (hAP ax3) , Chateau ax series | IPQ-PPE (ether1-ether5) | On that page IPQ-PPE is the switch chip model number used in 7th column of first table. Look here as well https://hel...
by ConradPino
Sun Sep 03, 2023 11:13 pm
Forum: General
Topic: Container as VPN
Replies: 18
Views: 4022

Re: Container as VPN

Describe all the subnets (IPv4 & IPv6) in use and list critical IP addresses, servers and specifically gateways for all subnets.
Read about Policy Routing https://help.mikrotik.com/docs/display/ ... cy+Routing
A network diagram could help a lot or a good network topology description.
by ConradPino
Sun Sep 03, 2023 6:30 pm
Forum: General
Topic: 2.5Gig hardware advice
Replies: 3
Views: 1286

Re: 2.5Gig hardware advice

Run fiber between CRS310-8G+2S+IN and enjoy 10G.
10G over Cat 6 works but RJ45 SFP+ runs HOT https://mikrotik.com/product/s_rj10
https://wiki.mikrotik.com/wiki/S%2BRJ10 ... l_guidance
by ConradPino
Sun Sep 03, 2023 4:42 pm
Forum: General
Topic: 2.5Gig hardware advice
Replies: 3
Views: 1286

Re: 2.5Gig hardware advice

CRS310-8G+2S+IN https://mikrotik.com/product/crs310_8g_2s_in is a switch, not a router.
It can route but with limited performance outside its Layer 3 Hardware Offload envelope.
hAP ax3 is a router and the two together could be interesting.
by ConradPino
Sun Sep 03, 2023 10:23 am
Forum: Beginner Basics
Topic: VLAN setup check + dashboard connection to cloud switch gone when connecting via ethernet to HeX PoE
Replies: 7
Views: 2440

Re: VLAN setup check + dashboard connection to cloud switch gone when connecting via ethernet to HeX PoE

I don't use SwOS so I can't comment there. The RouterOS Bridge VLAN Filtering looks incomplete: /interface bridge vlan add bridge=bridge tagged=bridge,ether1,ether2,ether3,ether4,ether5 vlan-ids=11 add bridge=bridge tagged=bridge,ether2,ether3,ether4,ether5 vlan-ids=12 Add bridge to every VLAN beari...
by ConradPino
Sun Sep 03, 2023 9:59 am
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 176
Views: 52331

Re: Feature Request : IPv6 Fasttrack

+1 for IPv6 FastTrack
by ConradPino
Sun Sep 03, 2023 6:24 am
Forum: General
Topic: DHCP suddenly broken with no change to Mikrotik config
Replies: 5
Views: 1628

Re: DHCP suddenly broken with no change to Mikrotik config

Thank you for taking the time to grow our collective knowledge.
by ConradPino
Sun Sep 03, 2023 3:38 am
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 165489

Re: v7.11, 7.11.1 and more [stable] are released!

AFAICT 7.11.2 release has calmed the waters. Avoiding 7.11.1 altogether is smart.
Who sees compelling reasons to make the 7.11 to 7.11.2 move?
Who sees compelling reasons to stay put at 7.11 version?
by ConradPino
Sun Sep 03, 2023 3:29 am
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 165489

Re: v7.11, 7.11.1 and more [stable] are released!

Reading forum posts here and other topics suggest some bugs are product model specific. This topic's opening post is where MikroTik maintains the official announcement content. The 7.11.1 portion has bridge fixed items but without product specific information. Multiple forum topics report VLAN issue...
by ConradPino
Sat Sep 02, 2023 8:17 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 165489

Re: v7.11, 7.11.1 and more [stable] are released!

It's likely RouterOS 6 Linux kernel doesn't have new hardware support.
Back port v6 or new kernel v7 or both?
Can MikriTik afford both?
by ConradPino
Sat Sep 02, 2023 6:44 am
Forum: Beginner Basics
Topic: when to upgrade ROS (7.xx)
Replies: 24
Views: 3730

Re: when to upgrade ROS (7.xx)

@en1gm4 Thank you; I appreciate the useful tidbits.
by ConradPino
Sat Sep 02, 2023 6:39 am
Forum: General
Topic: DHCP suddenly broken with no change to Mikrotik config
Replies: 5
Views: 1628

Re: DHCP suddenly broken with no change to Mikrotik config

viewtopic.php?t=198641#p1022791 is announcement post showing DHCP is only 7.11.2 fix.
by ConradPino
Sat Sep 02, 2023 6:27 am
Forum: Beginner Basics
Topic: Directly accessing SVG real-time traffic graphs?
Replies: 5
Views: 2957

Re: Directly accessing SVG real-time traffic graphs?

You're welcome. As time permits, consider posting what your learn here as your adventure proceeds.
by ConradPino
Sat Sep 02, 2023 6:14 am
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 165489

Re: v7.11, 7.11.1 and more [stable] are released!

Let's be clear about reality. MikroTik, VyOS, Cumulus Linux are in the same segment of whatever “enterprise” means for you. "Enterprise" - high margin, high reliability, high testing vendors requiring never ending licensing and support agreements but with enforceable service levels. I dis...
by ConradPino
Fri Sep 01, 2023 11:54 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 165489

Re: v7.11, 7.11.1 and more [stable] are released!

Let's be clear about where the insanity lays. MikroTik has laid down a consistent track record; they are not an enterprise vendor. Everyone sets their expectation; repeatedly expecting enterprise results from MikroTik is insane. Marry the enterprise vendor that provides what you really want, whateve...
by ConradPino
Fri Sep 01, 2023 9:18 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 165489

Re: v7.11, 7.11.1 and more [stable] are released!

@Guscht Impressive! The MT Force is strong with this one!!
by ConradPino
Fri Sep 01, 2023 9:06 pm
Forum: Beginner Basics
Topic: hAP ax3 WiFi Station Mode Help [SOLVED]
Replies: 9
Views: 3107

Re: hAP ax3 WiFi Station Mode Help [SOLVED]

@mkx Thank you. Actionable ideas and useful power criteria.
by ConradPino
Fri Sep 01, 2023 8:43 pm
Forum: General
Topic: IPv6 via HurricaneElectric tunnel with VLAN
Replies: 5
Views: 1987

Re: IPv6 via HurricaneElectric tunnel with VLAN

@mfocko Last configuration is better but still incomplete. I don't see interface definitions for WLAN sit1 /interface bridge port add bridge=bridge interface=WLAN multicast-router=disabled /ipv6 address add address=2001:470:11:2c::2 advertise=no interface=sit1 The IPv6 address blocks are Hurricane E...
by ConradPino
Fri Sep 01, 2023 7:59 pm
Forum: Beginner Basics
Topic: hAP ax3 WiFi Station Mode Help [SOLVED]
Replies: 9
Views: 3107

Re: hAP ax3 WiFi Station Mode Help [SOLVED]

@mkx Thank you.
What's a best practice separation distance for hAP ax3 (AP mode only) and hAP ax2 (Station mode only) on same wired network?
The third AT&T gateway AP that the hAP ax2 will connect with is 2 rooms away with 2 gypsum board walls in between.
by ConradPino
Fri Sep 01, 2023 1:27 pm
Forum: Containers
Topic: Manually Specify Container MAC or IPv6 Address
Replies: 4
Views: 4682

Re: Manually Specify Container MAC or IPv6 Address

RouterOS CHR 7.11.1 veth interface has new MAC Address after every reboot and container virtual interface does same.
by ConradPino
Fri Sep 01, 2023 12:55 pm
Forum: Beginner Basics
Topic: when to upgrade ROS (7.xx)
Replies: 24
Views: 3730

Re: when to upgrade ROS (7.xx)

sigh... and hours after I installed 7.11.1 they released 7.11.2 due to a dhcp server error that crept in. isn't that always the way :lol:
Same here RouterOS CHR 7.11.1 and glad hAP ax3 still at 7.11 as it runs two dhcp-server instances. Thanks for the head's up!
by ConradPino
Fri Sep 01, 2023 12:52 pm
Forum: Beginner Basics
Topic: when to upgrade ROS (7.xx)
Replies: 24
Views: 3730

Re: when to upgrade ROS (7.xx)

@en1gm4 Small home users are not MT's market though. I am intensely curious to learn your thoughts as to where their market falls. I set up an IPv6 tunnel via hurricane electric which worked great apart from geolocation so sites always thought I was in the US (I'm in the UK) which was irritating and...
by ConradPino
Fri Sep 01, 2023 12:09 pm
Forum: Beginner Basics
Topic: hAP ax3 WiFi Station Mode Help [SOLVED]
Replies: 9
Views: 3107

Re: hAP ax3 WiFi Station Mode Help [SOLVED]

Will hAP ax3 and hAP ax2 play well together on the same shelf side by side?
by ConradPino
Fri Sep 01, 2023 10:47 am
Forum: Beginner Basics
Topic: hAP ax3 WiFi Station Mode Help [SOLVED]
Replies: 9
Views: 3107

Re: hAP ax3 WiFi Station Mode Help [SOLVED]

@mkx Thank you so much; absolutely perfect information; it makes further progress possible. IMO a dedicated radio could prove useful. Does RouterOS support USB connected radios? How is RouterOS with external USB hub for both external storage and external radio? Forum search suggests RouterOS USB WiF...
by ConradPino
Fri Sep 01, 2023 8:08 am
Forum: Beginner Basics
Topic: Directly accessing SVG real-time traffic graphs?
Replies: 5
Views: 2957

Re: Directly accessing SVG real-time traffic graphs?

Google Search: RouterOS API traffic graph Top result was PDF with MUM 2017 presentation slides: Live Bandwidth Monitoring using the Mikrotik API https://mum.mikrotik.com/presentations/ZA17/presentation_4837_1511767244.pdf Beyond that further down Google Search results are several bloggers. There's a...
by ConradPino
Fri Sep 01, 2023 7:34 am
Forum: General
Topic: Block Ads
Replies: 3
Views: 1299

Re: Block Ads

RouterOS Container page uses Pi-hole as an example: https://help.mikrotik.com/docs/display/ROS/Container
Container support is RouterOS version and device hardware specific. Your device mileage may vary.
by ConradPino
Fri Sep 01, 2023 6:23 am
Forum: RouterBOARD hardware
Topic: Wap 60gx3
Replies: 1
Views: 2732

Re: Wap 60gx3

https://mikrotik.com/product/wap_60gx3_ap
The product page says Discontinued
Google Search: wAP 60Gx3
by ConradPino
Thu Aug 31, 2023 11:38 pm
Forum: General
Topic: veth deleted, cannot create new interface
Replies: 6
Views: 1559

Re: veth deleted, cannot create new interface

@Amm0 *sigh* Create Network is so incomplete https://help.mikrotik.com/docs/display/ROS/Container#Container-Createnetwork Tips and Tricks is only place IPv6 is shown https://help.mikrotik.com/docs/display/ROS/Container#Container-Tipsandtricks IMO address parameter worst; it accepts (A) multiple addr...
by ConradPino
Thu Aug 31, 2023 11:26 pm
Forum: Wireless Networking
Topic: Hap ax2 Wireless Bridge
Replies: 5
Views: 2296

Re: Hap ax2 Wireless Bridge

Create your own thread and provide more context.
I did; it's in benign neglect mode: viewtopic.php?t=198845
by ConradPino
Thu Aug 31, 2023 10:46 pm
Forum: Wireless Networking
Topic: Hap ax2 Wireless Bridge
Replies: 5
Views: 2296

Re: Hap ax2 Wireless Bridge

I want to route (not bridge) from hAP ax3 station mode to AT&T gateway but wifi virtual interface never gets past "scanning" and I don't know how to diagnose over the air packets.
by ConradPino
Thu Aug 31, 2023 10:16 pm
Forum: General
Topic: Hardware offloaded vlan traffic counters
Replies: 3
Views: 1474

Re: Hardware offloaded vlan traffic counters

If current switch chips don't have the feature there is no software fix.
by ConradPino
Thu Aug 31, 2023 9:53 pm
Forum: General
Topic: veth deleted, cannot create new interface
Replies: 6
Views: 1559

Re: veth deleted, cannot create new interface

Oy, this works:
/interface veth
add address=192.168.45.200/24,2001:470:8248:2d:c086:31ff:fe24:851a/64 gateway=192.168.45.1 gateway6=2001:470:8248:2d::e name=vbind9
Intuitively obvious but only if known.

Similar parameter check behavior for add and set would be nice.
by ConradPino
Thu Aug 31, 2023 9:38 pm
Forum: General
Topic: veth deleted, cannot create new interface
Replies: 6
Views: 1559

Re: veth deleted, cannot create new interface

The same pattern occurs in 7.11 with gateway6 parameter. This fails: /interface veth add address=192.168.45.200/24 gateway=192.168.45.1 gateway6=2001:470:8248:2d::e name=vbind9 This works: /interface veth add address=192.168.45.200/24 gateway=192.168.45.1 name=vbind9 /interface veth set [ find where...
by ConradPino
Thu Aug 31, 2023 9:05 pm
Forum: Wireless Networking
Topic: Hap ax2 Wireless Bridge
Replies: 5
Views: 2296

Re: Hap ax2 Wireless Bridge

Be sure you're use case is outside the "Lost Features" world:
https://help.mikrotik.com/docs/display/ ... stfeatures
by ConradPino
Thu Aug 31, 2023 8:53 pm
Forum: Beginner Basics
Topic: ETH7 -> to Guest VLAN
Replies: 6
Views: 1498

Re: ETH7 -> to Guest VLAN

Leave device model number in configuration please.
by ConradPino
Thu Aug 31, 2023 8:50 pm
Forum: RouterBOARD hardware
Topic: Chateau LTE12 D53G-5HacD2HnD - Lack of storage space
Replies: 9
Views: 3503

Re: Chateau LTE12 D53G-5HacD2HnD - Lack of storage space

Modern flash storage has limited write endurance whereas spinning rust media is unlimited.
Plug a storage device into USB port and use that device for storage.
by ConradPino
Thu Aug 31, 2023 9:09 am
Forum: Wireless Networking
Topic: hAP ax3 Generated Comment
Replies: 8
Views: 2174

Re: hAP ax3 Generated Comment

@Amm0 suggestions applied: /interface wifiwave2 channel add band=2ghz-ax name=ch2g skip-dfs-channels=all width=20mhz add band=5ghz-ax name=ch5g skip-dfs-channels=all width=20mhz /interface wifiwave2 datapath add bridge=bridge client-isolation=yes name=path-guest vlan-id=403 add bridge=bridge client-...
by ConradPino
Thu Aug 31, 2023 7:32 am
Forum: Wireless Networking
Topic: hAP ax3 Generated Comment
Replies: 8
Views: 2174

Re: hAP ax3 Generated Comment

All devices with Ethernet ports on my network get wired; no exceptions. If you don't care about seeing top speed in a speed test, might just want to set the channel size to 20Mhz for both. At least to see if that make your Android phone happy. Reliability over speed please. Chromecast stays busy wit...
by ConradPino
Thu Aug 31, 2023 2:28 am
Forum: Wireless Networking
Topic: CAPSMAN with WifiWave2 does not work as intended
Replies: 9
Views: 2173

Re: CAPSMAN with WifiWave2 does not work as intended

I am not using CapsMAN, just experimenting with CapsMAN patterns. This hAP ax3 VLAN configuration is working: /interface wifiwave2 channel add band=2ghz-ax name=ch2g skip-dfs-channels=10min-cac width=20/40mhz add band=5ghz-ax name=ch5g skip-dfs-channels=10min-cac width=20/40/80mhz /interface wifiwav...
by ConradPino
Thu Aug 31, 2023 2:17 am
Forum: Virtualization
Topic: RouterOS CHR 7.11 Wifiwave2 Training
Replies: 4
Views: 3142

RouterOS CHR 7.11 Wifiwave2 Training

I'm hosting RouterOS CHR 7.11 with VMware ESXi 6.7u3 free license and making great progress learning Containers and ROSE-Storage. Does RouterOS CHR with extra Wifiwave2 package have enough there to test Wifiwave2 configurations without radio hardware? In particular learning Wifiwave2 device configur...
by ConradPino
Thu Aug 31, 2023 1:47 am
Forum: Wireless Networking
Topic: CAPSMAN with WifiWave2 does not work as intended
Replies: 9
Views: 2173

Re: CAPSMAN with WifiWave2 does not work as intended

@chg123 You've been here much longer than I but perhaps not following closely of late. My first MT wirieless (hAP ax3 Wifiwave2 only) arrived recently and I'm pretty lost myself. I can say new posts often languish then The Wise Ones and The Wise Guys arrive and ... I am ignoring CapsMAN but trying o...
by ConradPino
Thu Aug 31, 2023 12:52 am
Forum: Wireless Networking
Topic: CAPSMAN with WifiWave2 does not work as intended
Replies: 9
Views: 2173

Re: CAPSMAN with WifiWave2 does not work as intended

Everything learned for RouterOS 6.x Wireless should be reserved for RouterOS 6 devices alone.
RouterOS 7.x Wifiwave2 driver is chip vendor code and many ROS 6 features couldn't be fit in.
Study Wifiwave2 documentation like fresh novice student as that is how this field plays.
by ConradPino
Thu Aug 31, 2023 12:37 am
Forum: Wireless Networking
Topic: hAP ax3 Generated Comment
Replies: 8
Views: 2174

Re: hAP ax3 Generated Comment

Neighborhood is California suburban small single family homes.
SSID smart phone shows is around 25 plus or minus a few.
Chromecast and Chromecast Audio both very stable.
Google Nexus 6 phone is a horror show.
by ConradPino
Thu Aug 31, 2023 12:22 am
Forum: Beginner Basics
Topic: when to upgrade ROS (7.xx)
Replies: 24
Views: 3730

Re: when to upgrade ROS (7.xx)

@en1gm4 my comfort zone improved tremendously when I learned how to downgrade RouterOS. Conceptually simple and astonishingly poorly documented falling into information class known as: Intuitively obvious but only if known . It's right there with learning how mouse and GUI work. I admit once learned...
by ConradPino
Wed Aug 30, 2023 11:37 pm
Forum: Wireless Networking
Topic: hAP ax3 Generated Comment
Replies: 8
Views: 2174

Re: hAP ax3 Generated Comment

I followed default configuration values and Wifiwave2 documentation. What can I improve? /interface wifiwave2 channel add band=2ghz-ax name=ch2g skip-dfs-channels=10min-cac width=20/40mhz add band=5ghz-ax name=ch5g skip-dfs-channels=10min-cac width=20/40/80mhz /interface wifiwave2 datapath add bridg...
by ConradPino
Wed Aug 30, 2023 9:18 pm
Forum: Wireless Networking
Topic: hAP ax3 Generated Comment
Replies: 8
Views: 2174

hAP ax3 Generated Comment

I am so new to hAP ax3 and 5G in particular that I have no idea what changed intended channel to 5805/ax/eeeC means: /interface/wifiwave2/print Flags: M - MASTER; B - BOUND; R - RUNNING Columns: NAME, MASTER-INTERFACE, CONFIGURATION.MODE, CONFIGURATION.SSID # NAME MASTER-INTERFACE CONFIGURATION.MODE...
by ConradPino
Wed Aug 30, 2023 8:32 pm
Forum: Beginner Basics
Topic: when to upgrade ROS (7.xx)
Replies: 24
Views: 3730

Re: when to upgrade ROS (7.xx)

@en1gm4 IMO you understand the RouterOS environment well and already practice the best strategy possible.
Asking MikroTik to release software like enterprise vendors requires they raise prices to become an enterprise vendor.
by ConradPino
Wed Aug 30, 2023 8:23 pm
Forum: Containers
Topic: Dear Containers Experts Your support required.
Replies: 1
Views: 3295

Re: Dear Containers Experts Your support required.

CCR2004-1G-12S+2XS doesn't have external storage interface like USB and running container from internal storage risks it's early demise. ROSE-storage adds network storage which is another box. Given another 24/7 box then serving WWW content from there may work better. Docker Hub has images: Nginx ht...
by ConradPino
Wed Aug 30, 2023 7:36 pm
Forum: General
Topic: How to get hostname from /ip arp
Replies: 6
Views: 3149

Re: How to get hostname from /ip arp

Nobody disagrees with the utility and attractive time efficiency.
It's just one of those issues that cant' be executed error free in practice.
by ConradPino
Wed Aug 30, 2023 7:31 pm
Forum: Beginner Basics
Topic: cli commands automaticly generated ?
Replies: 7
Views: 1531

Re: cli commands automaticly generated ?

@normis is correct, that is the current best documentation which is a work in progress and incomplete in some areas.
I will say it covers Command Line Interface § Item Names and Numbers at some length of which I wrote far more briefly.
by ConradPino
Wed Aug 30, 2023 7:20 pm
Forum: General
Topic: type of M.2 memory of Mikrotik
Replies: 4
Views: 1236

Re: type of M.2 memory of Mikrotik

Unexpected this is, different they all are: CCR1072-1G-8S+ The CCR1072 has PCIe Gen 2.0 x4 connections to the two M.2 slots. Recommended are NVMe M.2 2280mm M key SSD disks with a capacity of up to 1TB. CCR2116-12G-4S+ The CCR2116-12G-4S+ has PCIe Gen 3.0 x4 connection to the M.2 slot. Recommended a...
by ConradPino
Wed Aug 30, 2023 1:40 pm
Forum: General
Topic: type of M.2 memory of Mikrotik
Replies: 4
Views: 1236

Re: type of M.2 memory of Mikrotik

Recommended are SATA3 M.2 2280mm B+M key SSD disks with a capacity of up to 1TB.
From https://help.mikrotik.com/docs/display/ ... G-12XS-2XQ
Perhaps the other devices respective user manual are helpful.
by ConradPino
Wed Aug 30, 2023 1:33 pm
Forum: General
Topic: How to get hostname from /ip arp
Replies: 6
Views: 3149

Re: How to get hostname from /ip arp

arp table information is reliable but limited to devices seen on local network only recently. Translating IP address to hostname is typically unreliable. The mechanism is https://en.wikipedia.org/wiki/Reverse_DNS_lookup. It's unreliable because while it is IP address block owner's responsibility, it...
by ConradPino
Wed Aug 30, 2023 1:17 pm
Forum: Beginner Basics
Topic: How do I create an L2 bridge between two SXT 5AS ac units?
Replies: 1
Views: 1115

Re: How do I create an L2 bridge between two SXT 5AS ac units?

They look like very simple RouterOS devices: https://i.mt.lv/cdn/product_files/RBSXTG-5HPacD-SA_230706.png All I know about these devices is above. I'm providing a generic RouterOS answer. Choose two static IP address from your house subnet for assignment to both devices. On both devices create a br...
by ConradPino
Wed Aug 30, 2023 12:41 pm
Forum: Beginner Basics
Topic: cli commands automaticly generated ?
Replies: 7
Views: 1531

Re: cli commands automaticly generated ?

i hope i can see the commands when i delete or modify a config with winbox. so i can lear more about the cli commands By design WinBox closely follows Command Line Interface and Command Line Interface documentation is the WinBox documentation. I can't say how WinBox or The Dude interact with Router...
by ConradPino
Wed Aug 30, 2023 11:14 am
Forum: RouterBOARD hardware
Topic: MikroTik CRS309-1G-8S+INL -- 10G RJ45 Transceiver?
Replies: 54
Views: 7856

Re: MikroTik CRS309-1G-8S+INL -- 10G RJ45 Transceiver?

I already have cat 7, 50cm one.
50 cm! :D Very short, very sweet!!
by ConradPino
Wed Aug 30, 2023 1:32 am
Forum: Beginner Basics
Topic: cli commands automaticly generated ?
Replies: 7
Views: 1531

Re: cli commands automaticly generated ?

Yes, experiment with these: /export /export terse /export verbose /export terse verbose /export show-sensitive Export is supported at all nodes in the command tree: /ip firewall export /ip firewall export terse /ip firewall export verbose /ip firewall export terse verbose I'm a die hard command line...
by ConradPino
Wed Aug 30, 2023 12:53 am
Forum: RouterBOARD hardware
Topic: CRS305 fan mod
Replies: 3
Views: 2999

Re: CRS305 fan mod

You might find this experience helpful: https://forums.unraid.net/topic/79595-r ... ent=875360
by ConradPino
Wed Aug 30, 2023 12:32 am
Forum: Forwarding Protocols
Topic: Unable to ping IP on another interface [SOLVED]
Replies: 3
Views: 2835

Re: Unable to ping IP on another interface [SOLVED]

RouterOS CHR 7.11 example: /ip address print Columns: ADDRESS, NETWORK, INTERFACE # ADDRESS NETWORK INTERFACE 0 192.168.45.1/24 192.168.45.0 brcont 1 192.168.41.15/24 192.168.41.0 bridge 2 192.168.40.15/24 192.168.40.0 ether2 3 192.168.44.15/24 192.168.44.0 ether3 4 192.168.42.15/24 192.168.42.0 eth...
by ConradPino
Wed Aug 30, 2023 12:28 am
Forum: Forwarding Protocols
Topic: Unable to ping IP on another interface [SOLVED]
Replies: 3
Views: 2835

Re: Unable to ping IP on another interface [SOLVED]

I don't buy the ether2 route table entry:
DAc 192.168.1.1/29      ether2                       0

I expect it to look like:
DAc 192.168.1.0/29      ether2                       0

Take a look at corresponding
/ip address add network=
by ConradPino
Wed Aug 30, 2023 12:11 am
Forum: Beginner Basics
Topic: Router Request
Replies: 1
Views: 1167

Re: Router Request

by ConradPino
Tue Aug 29, 2023 11:36 pm
Forum: RouterBOARD hardware
Topic: MikroTik CRS309-1G-8S+INL -- 10G RJ45 Transceiver?
Replies: 54
Views: 7856

Re: MikroTik CRS309-1G-8S+INL -- 10G RJ45 Transceiver?

So, a UTP cable would be better... and then preferrably a long one? I just use a 50cm one for bridging between the Mikrotik and the Modem. NO, not longer, length matters. Total capacitance and resistance rise with length. UTP shielding has no effect on energy efficiency is the prior point. High cap...
by ConradPino
Tue Aug 29, 2023 8:07 pm
Forum: RouterBOARD hardware
Topic: MikroTik CRS309-1G-8S+INL -- 10G RJ45 Transceiver?
Replies: 54
Views: 7856

Re: MikroTik CRS309-1G-8S+INL -- 10G RJ45 Transceiver?

SFP+ module make and model: MikroTik S+RJ10 in CRS326 port 25 Arista Networks SFP-10G-SR in CRS326 port 26 Arista Networks SFP-10G-SR in CRS309 port 5,6,7,8 Note the module temperature readings in ambient 75F room . The S+RJ10 is very warm, almost hot to the touch. CRS326 port 25,26 /interface ethe...
by ConradPino
Tue Aug 29, 2023 7:46 am
Forum: Containers
Topic: hAP ax3 - supported containers / docker
Replies: 23
Views: 6931

Re: hAP ax3 - supported containers / docker

@Amm0 NLnet Labs unbound documentation is clear, caching resolver only.
IMO the good news is NLnet Labs NSD covers the authoritative side.
Similar to PowerDNS which is separate daemons.
by ConradPino
Tue Aug 29, 2023 7:32 am
Forum: Containers
Topic: hAP ax3 - supported containers / docker
Replies: 23
Views: 6931

Re: hAP ax3 - supported containers / docker

@tangent Wikipedia § NSD doesn't say much. I find NSD § Configuration § Setting up a secondary zone potentially useful.
by ConradPino
Tue Aug 29, 2023 7:13 am
Forum: General
Topic: ARP Table issues
Replies: 2
Views: 1112

Re: ARP Table issues

You're welcome. Well done!
by ConradPino
Tue Aug 29, 2023 6:53 am
Forum: General
Topic: CRS326 ROS VLAN Tagging Traffic [SOLVED]
Replies: 14
Views: 2220

Re: CRS326 ROS VLAN Tagging Traffic [SOLVED]

Read this first if not done already: Bridging and Switching § Bridge VLAN Filtering WARNING: CRS326 management access can be lost when /intefrace bridge port and /interface bridge vlan sections are incomplete. Be sure which VLAN and ports support the management subnet are known. Always use Safe Mode...
by ConradPino
Tue Aug 29, 2023 6:13 am
Forum: Containers
Topic: hAP ax3 - supported containers / docker
Replies: 23
Views: 6931

Re: hAP ax3 - supported containers / docker

@* Thank you! I feel like I'm reading gold. ... As the hijack continues:
A casual Google Search suggests unbound doesn't zone transfer either way.
by ConradPino
Mon Aug 28, 2023 11:28 pm
Forum: Containers
Topic: hAP ax3 - supported containers / docker
Replies: 23
Views: 6931

Re: hAP ax3 - supported containers / docker

@tangent Thank you!

My long standing beet with Canonical is any Ubuntu distribution is always far heavier than it's Debian progenitor. I prefer small attack surface.

In this case the heavier image is conserving my time. *sigh*
Are we hijacking @MWBSystems topic?
by ConradPino
Mon Aug 28, 2023 11:02 pm
Forum: Containers
Topic: hAP ax3 Container Networking Model
Replies: 0
Views: 3449

hAP ax3 Container Networking Model

Context: I am sucessfully running https://hub.docker.com/r/ubuntu/bind9 image using RouterOS Container § Create network two bridge model. The following forum topics suggest the possibility of a one bridge model: 02 Apr 2023 How can I bind a container straight to the bridge? 21 Sep 2022 A noob VS MT ...
by ConradPino
Mon Aug 28, 2023 10:46 pm
Forum: Containers
Topic: hAP ax3 - supported containers / docker
Replies: 23
Views: 6931

Re: hAP ax3 - supported containers / docker

I'm confident mjkaye/bind9-alpine is sufficient despite it's 9.14 vs 9.18 version based on long BIND 9 experience. Canonical is updating frequently. I am deployed on 16 GiB USB device: /disk/print Flags: B - BLOCK-DEVICE; M - MOUNTED Columns: SLOT, MODEL, SERIAL, INTERFACE, SIZE, FREE, FS, RAID-MAST...
by ConradPino
Mon Aug 28, 2023 9:47 pm
Forum: Containers
Topic: hAP ax3 - supported containers / docker
Replies: 23
Views: 6931

Re: hAP ax3 - supported containers / docker

In neither case do you need sshd inside the container. Under the first plan, the zone files get uploaded to the router along with a fresh copy of BIND when either one changes. In the second plan, it's RouterOS running the SSH server that receives the scp'd zone files when they change, since it is t...
by ConradPino
Mon Aug 28, 2023 8:42 pm
Forum: Containers
Topic: hAP ax3 - supported containers / docker
Replies: 23
Views: 6931

Re: hAP ax3 - supported containers / docker

Gentle souls, thank you so much for your experienced words and valuable time. Please don't mistake my direction as disagreement with good advice. The only problem with containers in this regard is that the technology's now eight years old, leaving you a lot to catch up on if you're starting today. T...
by ConradPino
Mon Aug 28, 2023 7:46 pm
Forum: General
Topic: Brought two HAP ax3, but different RAM memrories. What is your ax3's RAM size? [SOLVED]
Replies: 19
Views: 2220

Re: Brought two HAP ax3, but different RAM memrories. What is your ax3's RAM size? [SOLVED]

/system resource print uptime: 18h17m6s version: 7.11 (stable) build-time: Aug/15/2023 06:33:51 factory-software: 7.5 free-memory: 478.1MiB total-memory: 928.0MiB cpu: ARM64 cpu-count: 4 cpu-frequency: 864MHz cpu-load: 0% free-hdd-space: 91.1MiB total-hdd-space: 128.5MiB write-sect-since-reboot: 74...
by ConradPino
Mon Aug 28, 2023 7:29 pm
Forum: General
Topic: Long cable speed drop help needed
Replies: 6
Views: 1199

Re: Long cable speed drop help needed

The cable is long and old and goes to another house and the station connects to the switch @100mbps even though both of them are capable of 1gbps. But that's not the problem. IMO presuming cable is not the issue is premature. At 50 meters old Category 3 cables are problematic as link speeds rise. S...
by ConradPino
Mon Aug 28, 2023 6:27 pm
Forum: General
Topic: What is SwOS 2.13p?
Replies: 2
Views: 1168

Re: What is SwOS 2.13p?

It is SwOS's primary version, or you can also call it a backup SwOS version. The primary version feature set is identical to the non-primary version, but we recommend using the non-primary one.
Quoting @EdPa MikroTik Support from viewtopic.php?p=931425#p1021792
by ConradPino
Mon Aug 28, 2023 9:40 am
Forum: Beginner Basics
Topic: Can't ping IPv6 address with MikRouterOS [SOLVED]
Replies: 17
Views: 2953

Re: Can't ping IPv6 address with MikRouterOS [SOLVED]

@ThomasJefferson you're welcome and I want to point out adapting to how this forum works is a commendable accomplishment. Thank you for helping us help you. :D
by ConradPino
Mon Aug 28, 2023 9:17 am
Forum: SwOS
Topic: What is the 2.13p version?
Replies: 4
Views: 4658

Re: What is the 2.13p version?

What is SwOS 2.13p? See viewtopic.php?p=1021750
by ConradPino
Mon Aug 28, 2023 9:16 am
Forum: General
Topic: What is SwOS 2.13p?
Replies: 2
Views: 1168

Re: What is SwOS 2.13p?

What is the 2.13p version? See viewtopic.php?p=931425
by ConradPino
Mon Aug 28, 2023 8:22 am
Forum: Containers
Topic: Create container store directory ?
Replies: 1
Views: 3934

Re: Create container store directory ?

I'm bringup https://hub.docker.com/r/ubuntu/bind9 on hAP ax3. I'll share what I've learned so far. Mounts have two flavors: (1) file mount, typically configuration file with predefined content, and (2) directory mount, typically empty directory work area to persist content beyond container removal. ...
by ConradPino
Mon Aug 28, 2023 7:57 am
Forum: Containers
Topic: NGINX Container returns me Forbidden 403
Replies: 3
Views: 4924

Re: NGINX Container returns me Forbidden 403

Read RouterOS Containers § Tips and tricks Look for:
  • Enable logging to get output from container:
  • It is possible to get to running container shell:

Use the container shell to view these files:
/var/log/nginx/access.log
/var/log/nginx/error.log
by ConradPino
Mon Aug 28, 2023 7:38 am
Forum: Containers
Topic: openwrt on mikrotik arm64
Replies: 3
Views: 4147

Re: openwrt on mikrotik arm64

can you help me?
Your case is close to this example: b) import image from PC The key operative part:
After the file has been downloaded and extracted - upload it to Your RouterOS device. Create a container from tar image.
by ConradPino
Mon Aug 28, 2023 5:25 am
Forum: Containers
Topic: hAP ax3 - supported containers / docker
Replies: 23
Views: 6931

Re: hAP ax3 - supported containers / docker

@Amm0 thank you. That's really appreciated. Before containers there were bare metal hypervisors; I boarded VMware ESXi free license train at version 3.5. I agree containers are lighter weight and far more versatile but containers too have a steep learning curve. Right now an ESXi host has failing HD...
by ConradPino
Mon Aug 28, 2023 5:13 am
Forum: Containers
Topic: hAP ax3 - supported containers / docker
Replies: 23
Views: 6931

Re: hAP ax3 - supported containers / docker

I'm trying https://hub.docker.com/r/ubuntu/bind9 right now. It starts but I haven't solved all the networking issues. The image could use more networking tools. *sigh* OMG This image is a jewel! First things first: I'm using RouterOS example pattern: add bridge, add IPv4 subnet, add IPv6 subnet. On...
by ConradPino
Mon Aug 28, 2023 4:26 am
Forum: Containers
Topic: hAP ax3 - supported containers / docker
Replies: 23
Views: 6931

Re: hAP ax3 - supported containers / docker

I'm trying https://hub.docker.com/r/ubuntu/bind9 right now.
It starts but I haven't solved all the networking issues.
The image could use more networking tools. *sigh*
by ConradPino
Sun Aug 27, 2023 8:42 am
Forum: SwOS
Topic: Is SwOS dead?
Replies: 6
Views: 5525

Re: Is SwOS dead?

I started home office with three dumb switches for WAN LAN DMZ with PC router. IMO price spread between similar CRS CSS models is affordable good value. I added one CRS309 for an iSCSI experiment with three ESXi hosts. I replaced dumb switches with two CRS326 and really like them. Recent add was hAP...
by ConradPino
Sun Aug 27, 2023 8:19 am
Forum: General
Topic: which switch used on CCR1036-8G-2S to reach 900 customers
Replies: 7
Views: 1408

Re: which switch used on CCR1036-8G-2S to reach 900 customers

Is " CCR1036-8G-2S " the correct model? All I found on MikroTik site were both discontinued: CCR1036-8G-2S+ CCR1036-8G-2S+EM IMO the " 2S" or " 2S + " matters if adding downstream switch or switch chain. What is the downstream Ethernet port speed target for the 900 clie...
by ConradPino
Sun Aug 27, 2023 8:02 am
Forum: Beginner Basics
Topic: Anyone ever have issues with Wireguard to mikrotik?
Replies: 10
Views: 2790

Re: Anyone ever have issues with Wireguard to mikrotik?

This forum topic's (Path MTU discovery) author ended with an potentially useful RouterOS script: viewtopic.php?t=125657
by ConradPino
Sun Aug 27, 2023 3:09 am
Forum: General
Topic: suggest hardware-solution
Replies: 4
Views: 1156

Re: suggest hardware-solution

And there are no budget money limit. There is no connection between network engineering technical advice and spending money for no particular purpose. Network designs with the fewest possible parts tend to improve operations stability and overall reliability. Consider the possibility this issue is ...
by ConradPino
Sun Aug 27, 2023 12:52 am
Forum: General
Topic: IPv6 via HurricaneElectric tunnel with VLAN
Replies: 5
Views: 1987

Re: IPv6 via HurricaneElectric tunnel with VLAN

There are a couple of issues in what's shared so far: MikroTik (MT) device model is missing; the hardware matters. Hurricane Electric (HE) setup is obfuscated into unintelligable. MT configuration is redacted into fairly incomplete as well. Questions so far are unanswerable with information so far. ...
by ConradPino
Sat Aug 26, 2023 10:59 pm
Forum: General
Topic: use mikrotik CCR1036-8G-2S as Switch?
Replies: 6
Views: 1359

Re: use mikrotik CCR1036-8G-2S as Switch?

For example price difference between these CRS CSS is $50 US: https://mikrotik.com/product/CSS326-24G-2SplusRM $159.00 https://mikrotik.com/product/CRS326-24G-2SplusRM $209.00 As switches their performance is very similar due to common chips. SwOS is easier to use but less capable and enjoys less Mi...
by ConradPino
Sat Aug 26, 2023 10:19 pm
Forum: Beginner Basics
Topic: Anyone ever have issues with Wireguard to mikrotik?
Replies: 10
Views: 2790

Re: Anyone ever have issues with Wireguard to mikrotik?

Internet MTU (Maximum Transmission Unit) is 1500 bytes. Packets <= MTU avoid Layer 3 fragmentation or Layer 2 packet drop. See MTU in RouterOS for more. All encapsulating protocols such as tunneling, VPN, Wiregauard, etc. add a header which increases packet size. The consequence is down stream inter...
by ConradPino
Sat Aug 26, 2023 8:43 pm
Forum: Beginner Basics
Topic: LEOX LXT-010S-H SFP GPON
Replies: 10
Views: 3958

Re: LEOX LXT-010S-H SFP GPON

Getting the most out of this forum by normis, MikroTik Support
by ConradPino
Sat Aug 26, 2023 1:10 pm
Forum: General
Topic: suggest hardware-solution
Replies: 4
Views: 1156

Re: suggest hardware-solution

Given Draytek is the router, IMO RB5009 is wasted money. Since Dratek and Ubiquity are 1G at best, connect Ubiquity and CRS326 directly with fiber. The CRS326 supports Layer 3 routing with L3 Hardware Offload so it alone can do additional subnet proposed. Be aware L3 HW Offload has limits. https://h...
by ConradPino
Sat Aug 26, 2023 12:20 pm
Forum: Beginner Basics
Topic: LEOX LXT-010S-H SFP GPON
Replies: 10
Views: 3958

Re: LEOX LXT-010S-H SFP GPON

Make that a configuration for ALL devices since there is no information about how they interact i.e. network design absent.
by ConradPino
Sat Aug 26, 2023 12:04 pm
Forum: Beginner Basics
Topic: LEOX LXT-010S-H SFP GPON
Replies: 10
Views: 3958

Re: LEOX LXT-010S-H SFP GPON

  • Getting the most out of this forum by normis, MikroTik Support
  • Topic is getting views but the homework just isn't there.
  • It's just what happens absent adequate information.
by ConradPino
Sat Aug 26, 2023 9:29 am
Forum: Wireless Networking
Topic: WiFi for large RV park?
Replies: 12
Views: 3621

Re: WiFi for large RV park?

If you follow MikriTik (MT) forum topics carefully you will discover experienced professional members saying MT WiFi can be buggy between RouterOS releases with occasional regressions, can be unstable and under performs in high client density environments. Some go so far as saying they don't use MT ...
by ConradPino
Sat Aug 26, 2023 9:11 am
Forum: General
Topic: Empty disk added every reboot on 7.11 x86
Replies: 2
Views: 1071

Re: Empty disk added every reboot on 7.11 x86

Great work, and thank you! :D Please consider marking topic "SOLVED" by your solution which helps anyone arriving later.
by ConradPino
Sat Aug 26, 2023 9:04 am
Forum: General
Topic: route specific LAN host connections to selected WAN
Replies: 22
Views: 3656

Re: route specific LAN host connections to selected WAN

I choose different default gateways by source IP address with Policy Routing alone. Policy Routing rules detect routing-mark settable with firewall Mangle rules. Route Selection and Filters look useful but IMO are over kill in this case. I disavow having an experienced opinion so do your own due di...
by ConradPino
Sat Aug 26, 2023 8:33 am
Forum: Beginner Basics
Topic: Automatically connect to my smartphone if there is no internet.
Replies: 3
Views: 1325

Re: Automatically connect to my smartphone if there is no internet.

IMO detecting primary link events to then control the secondary link while possible is both messy and unnecessary. Permanent link from hAP Lite to "Galaxy" with a higher default gateway metric is ignored while primary link is up with a lower default gateway metric. Most of the time "G...
by ConradPino
Sat Aug 26, 2023 7:49 am
Forum: General
Topic: CRS326 ROS VLAN Tagging Traffic [SOLVED]
Replies: 14
Views: 2220

Re: CRS326 ROS VLAN Tagging Traffic [SOLVED]

So do you mean I have to have 30/20 to 110, then two other rules to take 110 back to 30/20 in reverse direction for bi-directional communication? TL;DR Yes, I believe symmetric VLAN id translation is necessary for bi-directional forwarding but consider carefully : My MikroTik (MT) RouterOS experien...
by ConradPino
Fri Aug 25, 2023 8:52 pm
Forum: General
Topic: CRS326 ROS VLAN Tagging Traffic [SOLVED]
Replies: 14
Views: 2220

Re: CRS326 ROS VLAN Tagging Traffic [SOLVED]

On the main router the VLAN IDs don't match what we have on this, they cannot match, the main router vlan ID is 110, so I've used Rule in Switch to translate from 20 and 30 to 110. This strikes me as a design flaw since matching VLAN id are required to forward packets and I don't see switch rules t...
by ConradPino
Fri Aug 25, 2023 3:31 am
Forum: General
Topic: Sfp+ not working in Os7.11
Replies: 2
Views: 1130

Re: Sfp+ not working in Os7.11

Suggested for RouterOS platforms:
/interface ethernet monitor sfp-sfpplus1 once without-paging
by ConradPino
Fri Aug 25, 2023 3:23 am
Forum: Beginner Basics
Topic: VLAN not working with hw=yes
Replies: 22
Views: 3867

Re: VLAN not working with hw=yes

@tangent Agreed, this thread is for @gabscap's problem. Well said overall!
by ConradPino
Fri Aug 25, 2023 3:12 am
Forum: General
Topic: Filtering L3 based on DNS, ASN
Replies: 2
Views: 1183

Re: Filtering L3 based on DNS, ASN

filter traffic by DNS but not in DNS itself (filter layer 3 without being the resolver) as well as by whole ASNs Is this possible in RouterOS/CHR? IMO best RouterOS can do is IP address filter using dynamic firewall address-list updated by means difficult to implement in Router OS. If your objectiv...
by ConradPino
Fri Aug 25, 2023 2:46 am
Forum: Beginner Basics
Topic: VLAN not working with hw=yes
Replies: 22
Views: 3867

Re: VLAN not working with hw=yes

@tangent Before The MikriTik Way I used three desktop value switches for Internet, private, and DMZ subnets with ESXi VM as firewall router. With CRS309 CRS326 CRS326 I have similar number of 1G ports and sufficient 10G ports to support three ESXi hosts with iSCSI. hAP ax3 recently joined the family...
by ConradPino
Fri Aug 25, 2023 1:40 am
Forum: Beginner Basics
Topic: VLAN not working with hw=yes
Replies: 22
Views: 3867

Re: VLAN not working with hw=yes

@chechito @jbl42 @tangent
MikroTik documentation suggests at most one bridge per switch chip for various reasons.
Can I reasonably extrapolate that into two bridges with RB4011iGS+ as a sound design?
by ConradPino
Fri Aug 25, 2023 1:30 am
Forum: Beginner Basics
Topic: VLAN not working with hw=yes
Replies: 22
Views: 3867

Re: VLAN not working with hw=yes

@gabscap My device models are CRS309 CRS326 while similar are different enough to say our experiences will differ. @chechito suggested Bridging and Switching § Bridge Hardware Offloading and I concur. IMO @jbl42 and @tangent both make good sense in light of the following block diagram. Compare RB401...
by ConradPino
Thu Aug 24, 2023 8:16 pm
Forum: Beginner Basics
Topic: VLAN not working with hw=yes
Replies: 22
Views: 3867

Re: VLAN not working with hw=yes

I don't understand the critical part of your solution, which solves my problem. Is it possible without having VLAN 7 on the bridge? ether1 is my uplink which requires all packets to be tagged with VLAN 7. If this changes in the future, it can lead to problems, because I might use it already on my b...
by ConradPino
Thu Aug 24, 2023 2:29 pm
Forum: General
Topic: New RouterOS theme
Replies: 21
Views: 4144

Re: New RouterOS theme

@normis While we are talking about added buttons, let's talk about adding two (2) more! When narrow sub-frame was added, lengthy forms were divided into subsections and generally all but first are "collapsed". The ability to review the entire form added the burden to "expand" eac...
by ConradPino
Thu Aug 24, 2023 2:16 pm
Forum: General
Topic: New RouterOS theme
Replies: 21
Views: 4144

Re: New RouterOS theme

@normis You're a genius! Have you tried this button to fix the width issues? Let's make sure all newcomers know button was added in 7.11 and not present in 7.10.2 and prior versions. The default "narrow" width was increased for 7.11 so the raw packet dump doesn't line wrap using same font ...
by ConradPino
Thu Aug 24, 2023 2:42 am
Forum: Beginner Basics
Topic: VLAN not working with hw=yes
Replies: 22
Views: 3867

Re: VLAN not working with hw=yes

/interface vlan remove [ find where interface=ether1 name=vlan-ppp vlan-id=7 ] add interface=bridge name=VLAN_Telekom vlan-id=7 /interface list member remove [ find where interface=ether1 list=WAN ] add interface=VLAN_Telekom list=WAN /interface bridge port add bridge=bridge interface=ether1 pvid=7...
by ConradPino
Wed Aug 23, 2023 9:43 pm
Forum: General
Topic: New RouterOS theme
Replies: 21
Views: 4144

Re: New RouterOS theme

Do you use Web interface to configure your Juniper, Cisco or Arista box? Didn't think so. People are asking too much from MikroTik IMO. The D-Link smart switch web interface is very nice but their ssh console interface is very lame. A tool's productive utility always matters. I agree, MikroTik desi...
by ConradPino
Wed Aug 23, 2023 6:28 pm
Forum: General
Topic: New RouterOS theme
Replies: 21
Views: 4144

Re: New RouterOS theme

@normis Just look at the mess new theme does to Packet Sniffer output of Raw Data:
by ConradPino
Wed Aug 23, 2023 6:14 pm
Forum: General
Topic: Slow TCP/UDP since 7.11 update on RB760iGS
Replies: 9
Views: 1541

Re: Slow TCP/UDP since 7.11 update on RB760iGS

or should i provide any thing which helps to fix it?
I want to complement your willingness to support the collective RouterOS cause. Today we're lucky as another already did.
by ConradPino
Wed Aug 23, 2023 3:05 pm
Forum: General
Topic: Slow TCP/UDP since 7.11 update on RB760iGS
Replies: 9
Views: 1541

Re: Slow TCP/UDP since 7.11 update on RB760iGS

You are an excellent RouterOS Downgrade candidate: Downgrading RouterOS documentation page. MikroTik software All current and historical releases archive page. Correct steps to downgrade RouterOS? forum topic. It's effectively the fast performance recovery option until a bug fixed RouterOS release. ...
by ConradPino
Wed Aug 23, 2023 2:50 pm
Forum: Beginner Basics
Topic: Multiple Subnets with Bridge - What am I missing?
Replies: 5
Views: 1945

Re: Multiple Subnets with Bridge - What am I missing?

by ConradPino
Wed Aug 23, 2023 2:25 pm
Forum: General
Topic: Slow TCP/UDP since 7.11 update on RB760iGS
Replies: 9
Views: 1541

Re: Slow TCP/UDP since 7.11 update on RB760iGS

by ConradPino
Wed Aug 23, 2023 2:11 pm
Forum: General
Topic: IPv6 configuration on MikroTik working for Internet, but not ZeroTier
Replies: 1
Views: 1095

Re: IPv6 configuration on MikroTik working for Internet, but not ZeroTier

I have no experience with your issue so I can't do more than bring the above to your attention.
by ConradPino
Wed Aug 23, 2023 7:52 am
Forum: General
Topic: New RouterOS theme
Replies: 21
Views: 4144

Re: New RouterOS theme

I'm with patrick7 ; WebFig is valuable and constraining display width in HTML is counter productive. MirkiTik requiring yet another tool like "WinBox" or "The Dude" is unnecessary and not universally wanted. What did MikroTik accomplish besides imposing someone's unwanted concept...
by ConradPino
Tue Aug 22, 2023 5:13 pm
Forum: Beginner Basics
Topic: hAP ax3 WiFi Station Mode Help [SOLVED]
Replies: 9
Views: 3107

Re: hAP ax3 WiFi Station Mode Help [SOLVED]

Best approach known right now is to add EOIP or VXLAN connection on top of both connected interfaces. "Searched and though shalt find" I apologize for omitting wireless link to remote AP will hide local LAN IPv4 with NAT on hAP ax3 so remote router sees traffic only from single IPv4 the r...
by ConradPino
Tue Aug 22, 2023 2:51 am
Forum: Beginner Basics
Topic: hAP ax3 WiFi Station Mode Help [SOLVED]
Replies: 9
Views: 3107

hAP ax3 WiFi Station Mode Help [SOLVED]

I have a working quad SSID access point setup working in AP mode: # 2023-08-21 12:59:05 by RouterOS 7.11 # model = C53UiG+5HPaxD2HPaxD # /interface wifiwave2 channel add band=2ghz-ax name=ch2g skip-dfs-channels=10min-cac width=20/40mhz add band=5ghz-ax name=ch5g skip-dfs-channels=10min-cac width=20/...
by ConradPino
Tue Aug 22, 2023 2:08 am
Forum: General
Topic: ROSE Storage Feature Request Name Resolution
Replies: 0
Views: 1074

ROSE Storage Feature Request Name Resolution

RouterOS can resolve DNS names: [cpino@mtc53uiga.skyline.net] > /tool/ping count=4 address=serial.skyline.net SEQ HOST SIZE TTL TIME STATUS 0 192.168.41.22 56 64 467us 1 192.168.41.22 56 64 523us 2 192.168.41.22 56 64 454us 3 192.168.41.22 56 64 398us sent=4 received=4 packet-loss=0% min-rtt=398us ...
by ConradPino
Tue Aug 22, 2023 1:37 am
Forum: Beginner Basics
Topic: ROSE Storage NFS Client Mount Help
Replies: 0
Views: 1511

ROSE Storage NFS Client Mount Help

# 2023-08-21 15:18:47 by RouterOS 7.11 # model = C53UiG+5HPaxD2HPaxD # /disk set cf16ga slot=cf16ga type=hardware add nfs-address=192.168.41.22 nfs-share=pmnt/0256g0/esxi slot=nfs-serial type=nfs Looks like ROSE Storage NFS client is working: [cpino@c53uig] /disk> print Flags: B - BLOCK-DEVICE; M -...
by ConradPino
Mon Aug 21, 2023 8:42 pm
Forum: General
Topic: Ipv4 filtering vlans translated to IPv6
Replies: 2
Views: 942

Re: Ipv4 filtering vlans translated to IPv6

VLAN at Layer 2 is same for IPv4 and IPv6 at Layer 3 but the Layer 3 firewalls are distinct.
Generally clone IPv4 firewall rules one to one into IPv6 firewall except FastTrack is unsupported in IPv6.
by ConradPino
Mon Aug 21, 2023 8:32 pm
Forum: General
Topic: Static DNS records for DHCP leases - Flash Memory Wear
Replies: 3
Views: 1297

Re: Static DNS records for DHCP leases - Flash Memory Wear

The default Store Leases On Disk seems to be 5 minutes:
[admin@c53uig] > /ip dhcp-server config print
  store-leases-disk: 5m
         accounting: yes
     interim-update: 0s
    radius-password: empty
by ConradPino
Mon Aug 21, 2023 8:09 pm
Forum: General
Topic: Switch all ports [SOLVED]
Replies: 3
Views: 8862

Re: Switch all ports [SOLVED]

Switch Chip Features § Switch All Ports Feature Bridging and Switching § Bridge Hardware Offloading Questions: Item 1 says Changes ether1 switch group only on RB450G/RB435G/RB850Gx2 devices. If so, why does hAP ax3 support the option in both Console and WebFig ? Default is off. Is enabling option c...
by ConradPino
Sat Aug 19, 2023 11:56 pm
Forum: General
Topic: Multiple interfaces, same subnet - directing return traffic to proper interface
Replies: 21
Views: 2303

Re: Multiple interfaces, same subnet - directing return traffic to proper interface

Yeah, naturally, this is what I've started with, this would be the "normal" way of things. The issue is that the upstream switch downs our links because guards trigger. Either on BPDU packets or foreign traffic originating from our interfaces or something else (also see here ). Their own ...
by ConradPino
Sat Aug 19, 2023 11:46 pm
Forum: General
Topic: Flow control issue on RB5009 and CRS305 - NEED MIKROTIK SUPPORT
Replies: 6
Views: 2217

Re: Flow control issue on RB5009 and CRS305 - NEED MIKROTIK SUPPORT

RouterOS implements flow control with off as default; read: https://help.mikrotik.com/docs/display/ROS/Ethernet
Enable rx-flow-control & tx-flow-control on MikroTik ports to forward ONT pause frames is worth consideration.
by ConradPino
Sat Aug 19, 2023 11:28 pm
Forum: General
Topic: Multiple interfaces, same subnet - directing return traffic to proper interface
Replies: 21
Views: 2303

Re: Multiple interfaces, same subnet - directing return traffic to proper interface

Just sharing untested thoughts that may help: Remove all IP from ether[123] Add a bridge with member ports ether[123] Add the multiple IP to the bridge interface only You should have a single interface (bridge) reachable via ether[123] with one subnet per interface and one default gateway. Expected ...
by ConradPino
Fri Aug 18, 2023 10:01 pm
Forum: General
Topic: Get public IP when router is behind NAT and gets private IP
Replies: 22
Views: 5246

Re: Get public IP when router is behind NAT and gets private IP

@anav Cp please explain, what can this be used for? Assuming its something in the amazon cloud? Can you put RoS on it (CHR?) @Amm0 suggests AWS Route 53 ($0.50 monthly per domain) but IMO teaching RouterOS an AWS API is messy. @Amm0 points out: BIND9 supports RouterOS's /tool/dns-update (and the key...
by ConradPino
Fri Aug 18, 2023 9:03 pm
Forum: General
Topic: working VLAN but I have questions
Replies: 4
Views: 1283

Re: working VLAN but I have questions

Disagree, dont use vlan1 for data, its working in the background on the bridge already. Simply get rid of apples and oranges concept which is NOT in the artilcles you noted. Take your bridge LAN and create another vlan and have a consistent approach. Once you have vlans, the only thing the bridge s...
by ConradPino
Fri Aug 18, 2023 1:30 pm
Forum: General
Topic: Model suggestion
Replies: 24
Views: 1958

Re: Model suggestion

Firewall is the make or break L3 HW Offload issue for CRS3xx products. No firewall is the safe choice. Firewall with very limited rule set using FastTrack may work at or near wirespeed. MAC Address Learning requires close attention.
by ConradPino
Fri Aug 18, 2023 12:59 pm
Forum: General
Topic: How to manage Vlan on Rb3011 ?
Replies: 2
Views: 860

Re: How to manage Vlan on Rb3011 ?

Use the Bridge VLAN Filtering single bridge pattern and let RouterOS hardware offload what it can. Look for QCA8337 in Bridge Hardware Offloading
by ConradPino
Fri Aug 18, 2023 12:28 pm
Forum: General
Topic: Vlan in bridge vs bridge vlan filtering
Replies: 1
Views: 819

Re: Vlan in bridge vs bridge vlan filtering

  • Bridge VLAN Filtering has Layer 2 and Layer 3 Hardware Offloading features available in specific products.
  • Hardware Offloading varies quite a bit but RouterOS will gloss over such mostly but not always perfectly.
  • See Bridge Hardware Offloading and L3 Hardware Offloading
by ConradPino
Fri Aug 18, 2023 12:10 pm
Forum: General
Topic: Get public IP when router is behind NAT and gets private IP
Replies: 22
Views: 5246

Re: Get public IP when router is behind NAT and gets private IP

An AWS EC2 t4g.nano is an excellent BIND 9 server for less than $4 US monthly. We use 3 of them at work for that very purpose.
by ConradPino
Fri Aug 18, 2023 11:52 am
Forum: General
Topic: working VLAN but I have questions
Replies: 4
Views: 1283

Re: working VLAN but I have questions

Suggestions for consideration and I can't say all is syntax error free: # Prefer VLAN interface over physical interface /ip dhcp-client remove [ find where interface=ether1 ] /interface list member remove [ find where interface=ether1 ] /ip firewall nat remove [ find where chain=srcnat ] # Remember ...
by ConradPino
Fri Aug 18, 2023 10:40 am
Forum: General
Topic: No Internet
Replies: 2
Views: 1077

Re: No Internet

My ISP supports one direct connection. My cable modem memorizes client MAC address so I have to power cycle cable modem to connect with a different client device.
by ConradPino
Thu Aug 17, 2023 6:21 am
Forum: Wireless Networking
Topic: MikroTik WiFi AP For CRS309 CRS326 CRS326 Fleet
Replies: 22
Views: 4026

Re: MikroTik WiFi AP For CRS309 CRS326 CRS326 Fleet

hAP ax3 arrived Thursday and retired a LinkSys WRT54GL and WRT54GS today. WRT54GL... Did you send it to the Smithsonian? Both LinkSys still configured, and powered up but currently sitting idling and unused. They've been hardware trouble free all these years. I hate e-waste; would love a new home f...
by ConradPino
Thu Aug 17, 2023 1:04 am
Forum: General
Topic: creating route with gateway=interface
Replies: 7
Views: 9371

Re: creating route with gateway=interface

gateway=interface works only for ppp interface, it is not going to work on Ethernet interface, IP address is required for it. There are exceptions for IPv6 and IPv6 based on subnet size; for example: 8.8.4.4/32 2001:4860:4860::8844/128 are effectively point-to-point links and gateway=interface work...
  • 1
  • 2