Community discussions

Search found 1632 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 33
by macgaiver
Tue Apr 24, 2018 4:33 pm
Forum: Announcements
Topic: Significant improvement for 60 GHz solutions
Replies: 31
Views: 5783

Re: Significant improvement for 60 GHz solutions

@strods: does this apply to all units, since the beginning of product distributions or is it limited only to some HW version? I know it has been reached by SW modification and phase array patterns, just want to be sure it is not HW dependent. Thank you. Topic is clearly about software improvements
by macgaiver
Thu Mar 29, 2018 5:26 pm
Forum: General
Topic: RouterOS making unaccounted outbound winbox connections [SOLVED]
Replies: 57
Views: 7150

Re: RouterOS making unaccounted outbound winbox connections [SOLVED]

So far my testing show that only mipsbe devices are getting exploited. Anyone notice other architectures affected?

Also all of the devices actually required reboot to get the exploit part going, from what i read here i had idea that everything will happen straight away...
by macgaiver
Tue Mar 27, 2018 12:54 pm
Forum: General
Topic: RouterOS making unaccounted outbound winbox connections [SOLVED]
Replies: 57
Views: 7150

Re: RouterOS making unaccounted outbound winbox connections [SOLVED]

@macgaiver Isn't your proposal going hand-in-hand with the new sex trafficking law :-) ? https://www.wired.com/story/how-a-controversial-new-sex-trafficking-law-will-change-the-web/ I'm on the other side of the World, in here torrents and other file sharing is still at large, so some if not most re...
by macgaiver
Mon Mar 26, 2018 3:54 pm
Forum: General
Topic: RouterOS making unaccounted outbound winbox connections [SOLVED]
Replies: 57
Views: 7150

Re: RouterOS making unaccounted outbound winbox connections [SOLVED]

Don't you have a point in the user agreement, if they use Internet for illegal activities you have the right to disconnect them?

Allow only mikrotik.com domain for them until they have upgraded, and just redirect them to warning page that explains what is the problem.
Works like a charm here.
by macgaiver
Wed Mar 21, 2018 2:16 pm
Forum: RouterBOARD hardware
Topic: Can the CRS317 do LAG in hardware yet?
Replies: 3
Views: 219

Re: Can the CRS317 do LAG in hardware yet?

Thanks. I was trying to avoid using an 'rc' version in production. Can you give any clue as to when 6.42 will be released? When all the new features will be tested and confirmed, you should try it out on your test network, before 6.42 comes out. or else there is a big chance that in your setup some...
by macgaiver
Wed Mar 21, 2018 11:18 am
Forum: General
Topic: Queue tree problm
Replies: 14
Views: 442

Re: Queue tree problm

limit-at is guarantied traffic - it so guarantied that it "ignores" priority, parent's max limits etc. - it is just given to that queue. If some available bandwidth remains then queues will fight it out using priority.
by macgaiver
Wed Mar 21, 2018 10:41 am
Forum: RouterBOARD hardware
Topic: CSS326-24G-2S+RM and S-85DLC05D [SOLVED]
Replies: 1
Views: 134

Re: CSS326-24G-2S+RM and S-85DLC05D [SOLVED]

Yes! it is compatible with both.

in software you can also determine it by default interface names:

"sfp-sfpplus1" support both, "sfpplus1" is only SFP+ and "sfp1" is regular SFP.

as far as i can remember only CCR1016 had 10G only SFP+ port, other MikroTik devices usually support both speeds
by macgaiver
Tue Mar 20, 2018 3:21 pm
Forum: RouterBOARD hardware
Topic: hAP ac² - more RAM than in HW specification [SOLVED]
Replies: 50
Views: 4569

Re: hAP ac² - more RAM than in HW specification [SOLVED]

Please, insert in to Part Number a release code, p.e:
- release 1 with 128MB
- release 2 with 256MB

Like a RB750r2 and RB750Gr3....
Because they are different hardware.
Sure and double your effort with all the certifications all around the world... no thanks.
by macgaiver
Mon Mar 19, 2018 4:05 pm
Forum: RouterBOARD hardware
Topic: hAP ac² - more RAM than in HW specification [SOLVED]
Replies: 50
Views: 4569

Re: hAP ac² - more RAM than in HW specification [SOLVED]

I think you over-complicate things, sometimes it happens that during the manufacturing, some parts didn't arrive on time, doesn't pass the QC, or simply become unavailable. In those cases it is much more reasonable to use other, maybe even more expensive parts, than stop manufacturing process. These...
by macgaiver
Tue Mar 13, 2018 2:31 pm
Forum: General
Topic: 1Gb Bottleneck on a 10Gb SFP+ on CCR1072
Replies: 7
Views: 510

Re: 1Gb Bottleneck on a 10Gb SFP+ on CCR1072

Bandwidth test is limited to single CPU core, it can't generate more than ~2Gbps and even then with many connections.
by macgaiver
Tue Mar 13, 2018 1:35 pm
Forum: General
Topic: 1Gb Bottleneck on a 10Gb SFP+ on CCR1072
Replies: 7
Views: 510

Re: 1Gb Bottleneck on a 10Gb SFP+ on CCR1072

There are only one way to test 10Gbps connection in house: https://wiki.mikrotik.com/wiki/Manual:Performance_Testing_with_Traffic_Generator any external single connection tests like speedtest.com etc, because of round trip time will be limited to sub 1Gbps speeds anyway. There are only two ways to g...
by macgaiver
Thu Feb 08, 2018 12:50 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: "restrict upgrade from RouterOS older than v5.16" ?
Replies: 8
Views: 327

Re: "restrict upgrade from RouterOS older than v5.16" ?

When version gap is so large, you are better out with full Netinstall and configuration from 0 anyway.
by macgaiver
Tue Jan 23, 2018 6:03 pm
Forum: General
Topic: Help with No track Raw rule
Replies: 1
Views: 216

Re: Help with No track Raw rule

I usually do this
1) action=accept all traffic that needs NAT ( usually it is only traffic from local private subnets) in RAW table (it will send traffic to connection tracking - even if it is disabled)
2) disable connection tracking
3) build stateless firewall
by macgaiver
Tue Jan 23, 2018 2:54 pm
Forum: General
Topic: selective accept before fasttrack does not disable fasttrack, what am I doing wrong? [SOLVED]
Replies: 3
Views: 177

Re: selective accept before fasttrack does not disable fasttrack, what am I doing wrong? [SOLVED]

Are you talking about dynamic one? or static one? Dynamic is not actually a rule it is just a placeholder to indicate that some of the packets doesn't get to your firewall at all as they are fasttracked. you need to find action=fasttrack-connection rule and place your rules before it. then you need ...
by macgaiver
Wed Jan 10, 2018 2:05 pm
Forum: Announcements
Topic: v6.41 [current]
Replies: 304
Views: 47411

Re: v6.41 [current]

Just want to say good job on the HW offload functions. I managed to get this onto my "old" RB750 which sits on my desk at work and the offload makes a huge difference from 1 interface to another so hopefully this amazing performance increase scales up to far larger switches. CPU usage was also down...
by macgaiver
Mon Dec 18, 2017 10:41 am
Forum: Wireless Networking
Topic: Can't change country
Replies: 9
Views: 510

Re: Can't change country

Just a hint :) - Netinstall, have a nice feature to un-check "keep old configuration " and "Apply default config" option ;)
by macgaiver
Thu Dec 14, 2017 4:52 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: [exploit-db.com] MikroTik 6.40.5 ICMP - Denial of Service
Replies: 16
Views: 1821

Re: [exploit-db.com] MikroTik 6.40.5 ICMP - Denial of Service

I'm sorry, for jumping in, but there are few points i would like to contribute. 1) There are 2 kinds of routers out there - a) hardware accelerated - limited number of features, but @ wire speed b) regular processing - many features, limited CPU and RAM processing resoursces Fasttrack is software fe...
by macgaiver
Wed Dec 13, 2017 12:49 pm
Forum: General
Topic: TCP Port NAT log
Replies: 1
Views: 117

Re: TCP Port NAT log

UDP/443 is Google QUIC protocol
https://en.wikipedia.org/wiki/QUIC
by macgaiver
Fri Dec 08, 2017 8:08 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Interface packet Drops on an octacore xeon with intel nics
Replies: 31
Views: 13179

Re: Interface packet Drops on an octacore xeon with intel ni

What about Tx Drops ? OMG that was 5 years old post :) TX drop is much more rare, imagine you have 1Gbps and 100Mbps interfaces on your router and you are trying to receive 200Mbps on Gbps interface and send it out on 100Mbps interface, 1Gpbs will have no problem receiving 200Mbps, and at that poin...
by macgaiver
Wed Dec 06, 2017 7:13 am
Forum: General
Topic: Fasttrack & queue tree non-global queues
Replies: 4
Views: 662

Re: Fasttrack & queue tree non-global queues

AS manual stated - firewall rules (including your packet marks) are skipped, only mark you can use is default "no-mark"
by macgaiver
Mon Nov 27, 2017 7:58 am
Forum: General
Topic: Simple queue drop question
Replies: 18
Views: 786

Re: Simple queue drop question

p2p option was capturing lots of false positives, so it was removed, i suggest to get rid of any configuration that uses those options.
by macgaiver
Tue Oct 17, 2017 1:20 pm
Forum: General
Topic: Did Fasttrack break with recent updates?
Replies: 6
Views: 639

Re: Did Fasttrack break with recent updates?

Routing mark doesn't work on fasttracked traffic, it need to be excluded from the fasttrack-connection rule.
by macgaiver
Tue Oct 17, 2017 12:23 pm
Forum: Announcements
Topic: RouterOS (v6.39.3, v6.40.4, v6.41rc) NOT affected by WPA2 vulnerabilities
Replies: 58
Views: 87728

Re: RouterOS (v6.39.3, v6.40.4, v6.41rc) NOT affected by WPA2 vulnerabilities

802.11/nstreme client (all station modes)
So all client that use nstreme in station-bridge mode need to be upgraded too??
Thanks
Sorry, but "all station modes" mean "all station modes" :)
by macgaiver
Tue Oct 03, 2017 5:58 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: CCR 100% on all cores, Queue tree -PCQ
Replies: 5
Views: 2047

Re: CCR 100% on all cores, Queue tree -PCQ

Separate your local network in separate smaller subnets, and have queue for each subnet.
by macgaiver
Thu Sep 14, 2017 5:20 pm
Forum: Announcements
Topic: Newsletter 78 with 1GBPS WIRELESS PRODUCT ANNOUNCEMENT!
Replies: 109
Views: 22812

Re: Newsletter 78 with 1GBPS WIRELESS PRODUCT ANNOUNCEMENT!

I would really prefer if you did not announce the prices ... Local distributors here are selling Mikrotik gear way times more expensive, for example RB1100AHX4 is currently 570$ or 475$ before taxes, so it is pretty announcing to find out that we are being robbed like that, it is better just not to...
by macgaiver
Thu Sep 14, 2017 4:28 pm
Forum: Announcements
Topic: Newsletter 78 with 1GBPS WIRELESS PRODUCT ANNOUNCEMENT!
Replies: 109
Views: 22812

Re: Newsletter 78 with 1GBPS WIRELESS PRODUCT ANNOUNCEMENT!

Wow some awesome new products :) The S+RJ10 SFP module is pretty interesting for the price.I remember buying a ProLabs one , for about 10 times the price last year. Indeed!!! Just to be sure - MT didn't you forget to add one digit ("1", "2" or even "3") in front of S+RJ10 "$65" price??? I got pair ...
by macgaiver
Tue Sep 05, 2017 2:56 pm
Forum: RouterBOARD hardware
Topic: 10G switch with RJ45?
Replies: 13
Views: 1852

Re: 10G switch with RJ45?

I think only thing that is missing is (100M/1G/2.5G/5G/10GBASE-T) RJ45 SFP+ module, then we can use any SFP+ only device.
by macgaiver
Tue Aug 29, 2017 3:30 pm
Forum: Announcements
Topic: v6.41rc [release candidate] is released! New bridge implementation!
Replies: 561
Views: 97201

Re: v6.41rc [release candidate] is released! New bridge implementation!

What's new in 6.41rc20 (2017-Aug-29 06:41):
uuuu, winbox support for new bridge implementation....
by macgaiver
Tue Aug 22, 2017 8:22 am
Forum: General
Topic: EoIP tunnel not getting 1500 MTU [SOLVED]
Replies: 13
Views: 1894

Re: EoIP tunnel not getting 1500 MTU [SOLVED]

Set MTU on your EOIP tunnels interfaces to 1500.
by macgaiver
Wed Aug 16, 2017 12:16 pm
Forum: General
Topic: RB1200 NAT performance (throughput)
Replies: 10
Views: 1058

Re: RB1200 NAT performance (throughput)

Hello guys! I manage a RB1200 router, and since it has all GigE ports I assumed it has enough routing capacity for them. But once we upgraded our WAN link to 500 Mbps, RB1200 started hitting the CPU peak (100%) at approximately 200 Mbps. I tested the same link with Apple AirPort (a home router!) - ...
by macgaiver
Tue Aug 15, 2017 1:22 pm
Forum: Announcements
Topic: FastTrack - New feature in 6.29
Replies: 236
Views: 115659

Re: FastTrack - New feature in 6.29

New ISSUE: Fasttrack causes errors with IPTV HLS. If is used Fasttrack , IPTV does not Work.... in all versions.of RoS vhere is it What do you mean by "IPTV HLS"? can you be more precise? i have no issues with my IPTV and Fastpath? If you use Fasttrack then this traffic is NATed?? There are not eno...
by macgaiver
Thu Aug 03, 2017 3:55 pm
Forum: Announcements
Topic: Wireless link calculator updated
Replies: 67
Views: 16970

Re: Wireless link calculator updated

1) Manual height override for both points (or mast height)

2) on the sea don't allow to go into negative height :)

3) allow to place link on left-mouse click, so you don't have to search where did you left your link previously :)
by macgaiver
Mon Jul 31, 2017 9:13 am
Forum: RouterBOARD hardware
Topic: RB1100AHx4 vs CCR series for core/distribution?
Replies: 10
Views: 1918

Re: RB1100AHx4 vs CCR series for core/distribution?

Ok, let's start again. Blank standard RB1100AHx4 routers. Router1 - port 6 (IP address: 10.0.0.1/30) connected to Router 2 - port 6 (IP address: 10.0.0.2/30), Cat6 patch. Nothing else configured. Router 1 -> Tools -> BTest Server -> Enabled Router 2 -> Tools -> Bandwidth Test -> Test to: 10.0.0.1 (...
by macgaiver
Mon Jul 31, 2017 6:49 am
Forum: General
Topic: CCR1036-8G-2s+ RAW firewall area not appearing
Replies: 2
Views: 253

Re: CCR1036-8G-2s+ RAW firewall area not appearing

Old RouterOS version???
by macgaiver
Thu Jul 13, 2017 7:12 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 25925

Re: v6.40rc [release candidate] is released! (New bridge implementation)

*) mmips - added support for NVME disks; what possible current mmips based router has slot/interface to get an nvme ssd attached to it? afaik nvme is pcie, and the hexR3 (the sole mmips based mikrotik device) doesn’t have anything similar... Maybe M33 ?? https://mum.mikrotik.com/presentations/EU17/...
by macgaiver
Wed Jul 12, 2017 4:19 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 25925

Re: v6.40rc [release candidate] is released! (New bridge implementation)

It doesn't work on RB850Gx2.
RB850Gx2 Ethernets doesn't have fastpath support, MT doesn't have their own driver there, they use ones provided by CPU manufactures so that IPsec hardware acceleration works. I asked about this at the MUM.
by macgaiver
Fri Jul 07, 2017 3:31 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 25925

Re: v6.40rc [release candidate] is released! (New bridge implementation)

... looks like my weekend just become much more interesting!
by macgaiver
Thu Jul 06, 2017 8:16 am
Forum: General
Topic: If FastTrack is useful for VPN?
Replies: 6
Views: 642

Re: If FastTrack is useful for VPN?

Fastpath/Fasttrack can't and never will be used for input "traffic". Fastpath/Fasttrack allow to skip packet processing when it is not necessary, it uses routing cache ( in case of fastpath) and conntrack (in case of fasttrack) to determine what out-interface packet should end up to. and sends that ...
by macgaiver
Thu Jun 29, 2017 1:45 pm
Forum: Beginner Basics
Topic: Fasttrack on input chain?
Replies: 4
Views: 384

Re: Fasttrack on input chain?

Running SSTP it seems like a lot of packets are going through fasttrak on the input chain once I enabled it, and the connection quality improved. packets that is going through the router from SSTP to other interface are going via forward, that is why you see increase, only SSTP managment packets go...
by macgaiver
Thu Jun 29, 2017 7:11 am
Forum: Beginner Basics
Topic: Fasttrack on input chain?
Replies: 4
Views: 384

Re: Fasttrack on input chain?

it only work for forward, all input/output traffic needs to be in slowpath as it always requires some kind of processing.
by macgaiver
Wed Jun 28, 2017 10:09 am
Forum: General
Topic: Discussion about bugfix, current and rc versions
Replies: 29
Views: 2641

Re: v6.38.7 [bugfix] is released!

Actually major does need to correspond to kernel and minor and subminor do not need to correspond to feature set or patch too. Just see the release notes and you will find that subminor is adding new features too while minor is patching old problems also... feature set - all features old and new th...
by macgaiver
Wed Jun 28, 2017 7:18 am
Forum: General
Topic: Discussion about bugfix, current and rc versions
Replies: 29
Views: 2641

Re: v6.38.7 [bugfix] is released!

Why are you always confusing download channels and versions?? Current/bugfix/RC in download page is download channel, is whatever version MikroTik choose to position there, v6.39.2 can be placed in bugfix also, if MikroTik sees it fit. So these channels is nothing more as MikroTik's suggestions for ...
by macgaiver
Fri Jun 16, 2017 1:54 pm
Forum: General
Topic: (EMERGENCY) ECMP LOAD BALANCE
Replies: 10
Views: 663

Re: (EMERGENCY) ECMP LOAD BALANCE

Please anybody I need help
You need to move away from 5,5year old version, then you can use examples from the manual.
by macgaiver
Wed Jun 14, 2017 4:00 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 36049

Re: v6.40rc [release candidate] is released!

Version 6.40rc21 has been released. !) wireless - added Nv2 AP synchronization feature (for experimental use)(CLI only); Visit this link in order to find out more about new wireless feature: https://wiki.mikrotik.com/wiki/Manual:Nv2#Nv2_AP_Synchronization And that is one unexpected development.... ...
by macgaiver
Tue Jun 13, 2017 7:49 am
Forum: Announcements
Topic: Newsletter 76
Replies: 50
Views: 11834

Re: Newsletter 76

ARM v7 Dual-Core @ 800 MHz
As far as i know it is single core, at least routerboard.com backs me up on that.
by macgaiver
Mon Jun 12, 2017 10:48 am
Forum: General
Topic: Testing 10g equipment?
Replies: 3
Views: 408

Re: Testing 10g equipment?

Traffic generator offer you additional statistics if traffic returns to the same device it is created, like latency and jitter and packet loss.
by macgaiver
Fri Jun 09, 2017 10:56 am
Forum: General
Topic: Testing 10g equipment?
Replies: 3
Views: 408

Re: Testing 10g equipment?

Take X86/x64 hardware with at least 2x 10G interfaces,
install free 24h demo RouterOS license,
connect all 10G ports to device, use this setup:
https://wiki.mikrotik.com/wiki/Manual:P ... _Generator
by macgaiver
Thu Jun 08, 2017 5:28 pm
Forum: General
Topic: CRS326-24G-2S+RM speed test?
Replies: 4
Views: 945

Re: CRS326-24G-2S+RM speed test?

CPUs on CRS series are there to run RouterOS and use some ROuterOS features not to generate 10G of traffic :)
For 10G traffic generation you need full out CCR device and use Traffic Generator.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 33