Community discussions

Search found 226 matches

by Mplsguy
Fri Aug 10, 2018 9:16 am
Forum: Announcements
Topic: WPA2 preshared key brute force attack
Replies: 26
Views: 25354

Re: WPA2 preshared key brute force attack

No. In order to obtain any PMKID attacker must get to key handshake phase that happens only after successful 802.11 association. If client is not in access-list, it is refused 802.11 association and AP does not even go to key handshake phase. So in this scenario attacker won't be able to obtain any...
by Mplsguy
Thu Aug 09, 2018 4:42 pm
Forum: Announcements
Topic: WPA2 preshared key brute force attack
Replies: 26
Views: 25354

Re: WPA2 preshared key brute force attack

So in this scenario: "default-authentication=no" is set for access point corresponding "/interface wireless security-profiles" has wpa-pre-shared-key and wpa2-pre-shared-key set to some value (e.g. "wpa-pre-shared-key=Password123 wpa2-pre-shared-key=Password123") "/interface wireless access-list" h...
by Mplsguy
Thu Aug 09, 2018 12:49 pm
Forum: Announcements
Topic: WPA2 preshared key brute force attack
Replies: 26
Views: 25354

Re: WPA2 preshared key brute force attack

Are there any benefits for sending PMKID for non-EAP networks ( some people claim that there aren't)? Well, there are no benefits, because using PMKID allows to skip authentication stage, which is non-existent when PSK is used anyway. The only reason to include PMKID when PSK is used is because 802...
by Mplsguy
Mon Oct 16, 2017 11:19 am
Forum: Announcements
Topic: RouterOS (v6.39.3, v6.40.4, v6.41rc) NOT affected by WPA2 vulnerabilities
Replies: 58
Views: 106382

Re: RouterOS NOT affected by WPA2 vulnerabilities

Basically, is it OK to understand Routerboard with AP function as target? If you are using the CAPsMAN function with Rotuerboard without AP function, is this Routerboard also applicable? Actually it is station mode device that is primary target and needs to be fixed. RouterOS APs in AP mode (either...
by Mplsguy
Thu Aug 31, 2017 1:06 pm
Forum: General
Topic: Feature Request : Wireless Private Passphrase as a Match in Access-List [SOLVED]
Replies: 13
Views: 2780

Re: Feature Request : Wireless Private Passphrase as a Match in Access-List [SOLVED]

AP does not "check" the passphrase, because client never sends it to AP. AP uses known passphrase in calculations and by means of those checks if client knows the same passphrase. Basically 802.11 PSK is an algorithm that allows both parties to confirm that other party (and this applies to both - AP...
by Mplsguy
Fri Feb 12, 2016 12:35 pm
Forum: Forwarding Protocols
Topic: VPLS NOT USING TE TUNNELS
Replies: 26
Views: 4021

Re: VPLS NOT USING TE TUNNELS

If the route to the TE endpoint is via the TE tunnel then surely the TE will would never be established as the route to the TE endpoint would be unreachable? Not necessarily - like I said, if you use at least partially specified path for TE tunnel, any router in path does not need to have route to ...
by Mplsguy
Thu Feb 11, 2016 9:37 pm
Forum: Forwarding Protocols
Topic: VPLS NOT USING TE TUNNELS
Replies: 26
Views: 4021

Re: VPLS NOT USING TE TUNNELS

Well, targeted LDP will use whatever transport to remote peer is available - routed or LSP. For VPLS to use TE, VPLS endpoint address must match that of TE endpoint. For targeted LDP to also use TE tunnel you would need VPLS endpoint address to which targeted LDP session will be established be route...
by Mplsguy
Wed Feb 10, 2016 9:27 pm
Forum: Forwarding Protocols
Topic: VPLS NOT USING TE TUNNELS
Replies: 26
Views: 4021

Re: VPLS NOT USING TE TUNNELS

No, this is not necessary, endpoints will happily use TCP/UDP over regular IP for LDP session.
by Mplsguy
Tue Feb 09, 2016 12:40 pm
Forum: Forwarding Protocols
Topic: VPLS NOT USING TE TUNNELS
Replies: 26
Views: 4021

Re: VPLS NOT USING TE TUNNELS

LDP uses UDP as its transport. There are 2 modes for LDP - regular, where LDP speaker sends multicast hellos on its interfaces and establishes sessions with directly attached neighbors, and targeted LDP - where LDP speaker sends hellos to specific IP address and establishes session with LDP speaker ...
by Mplsguy
Mon Feb 08, 2016 6:27 pm
Forum: Forwarding Protocols
Topic: VPLS NOT USING TE TUNNELS
Replies: 26
Views: 4021

Re: VPLS NOT USING TE TUNNELS

VPLS uses LSP to remote address. It can either be matching TE tunnel (with same address) or LSP established by LDP - gateway from most specific route to remote address has advertised label. So the answer to your question is - yes, remote address of VPLS must match that of TE tunnel for VPLS to use t...
by Mplsguy
Sat Feb 06, 2016 11:23 am
Forum: Forwarding Protocols
Topic: VPLS NOT USING TE TUNNELS
Replies: 26
Views: 4021

Re: VPLS NOT USING TE TUNNELS

No, you just enable LDP, without interfaces. Adding LDP interfaces means that router will start sending multicast hellos on that interface. VPLS uses targeted LDP - it sends hellos to specific IP address.
by Mplsguy
Thu Feb 04, 2016 3:39 pm
Forum: Forwarding Protocols
Topic: VPLS NOT USING TE TUNNELS
Replies: 26
Views: 4021

Re: VPLS NOT USING TE TUNNELS

You are correct - the rest of network wont see or care about VPLS, but tunnel endpoints need to exchange labels, so that each knows what label other uses for particular tunnel, so if you use LDP for VPLS signalling, LDP must be enabled only on endpoints not on all routers in path.
by Mplsguy
Thu Feb 04, 2016 11:10 am
Forum: Forwarding Protocols
Topic: VPLS NOT USING TE TUNNELS
Replies: 26
Views: 4021

Re: VPLS NOT USING TE TUNNELS

Unfortunately VPLS needs a way to exchange tunnel labels with remote peer. The only more simple way would be to manage labels manually - allocate label for VPLS interface on each router and enter it in remote peer manually. If there is serious enough reason why you need such a feature, we can consid...
by Mplsguy
Wed Feb 03, 2016 5:57 pm
Forum: Forwarding Protocols
Topic: VPLS NOT USING TE TUNNELS
Replies: 26
Views: 4021

Re: VPLS NOT USING TE TUNNELS

Indeed you can have VPLS tunnel working over LSP established by TE. The thing is that for "simple" VPLS tunnel you need LDP (it works in "targeted" mode, no need to add interfaces) to establish VPLS itself. If you do BGP based VPLS you can work w/o LDP.
by Mplsguy
Wed Feb 03, 2016 5:54 pm
Forum: Wireless Networking
Topic: Replacing CAPsMAN
Replies: 8
Views: 3477

Re: Replacing CAPsMAN

Unfortunately importing CA certificate with ability to sign certificates was not possible, like you explain. This was disabled deliberately so that user does not start signing certificates with CA on multiple devices that would produce conflicting sequence numbers. This has been relaxed so that you ...
by Mplsguy
Wed Feb 03, 2016 12:05 pm
Forum: Forwarding Protocols
Topic: mpls/vpls on static routing
Replies: 7
Views: 3239

Re: mpls/vpls on static routing

With default configuration LDP does not distribute binding for default route, so if you do not have more specific to your VPLS endpoint, it will not work - I suspect this is the problem in the original report. Note that using default route for reaching VPLS endpoint and distributing binding for defa...
by Mplsguy
Fri Jan 29, 2016 3:23 pm
Forum: Forwarding Protocols
Topic: MPLS - Forwarding table incorrect
Replies: 10
Views: 2335

Re: MPLS - Forwarding table incorrect

As far as I understand, labels are correct. Pay attention to 'G' in appropriate local binding on CCR2 - it says that this is binding for "gateway route": 5 ADG 2.2.2.0/29 19 41.79.23.1:0 Route to 2.2.2.0/29 has gateway: /ip route add dst-address=2.2.2.0/29 gateway=1.1.1.2 So CCR2 can actually label ...
by Mplsguy
Thu Nov 26, 2015 4:08 pm
Forum: Wireless Networking
Topic: Replacing CAPsMAN
Replies: 8
Views: 3477

Re: Replacing CAPsMAN

Auto-generated CA certificate on CAPsMAN is quick and dirty way to get you up and running with certificates. It would be better to implement more advanced PKI for devices in your authority, e.g: - generate root CA certificate, keep it somewhere safe, not on any CAPsMAN - issue CA certificate signed ...
by Mplsguy
Wed Sep 04, 2013 9:50 am
Forum: General
Topic: How to Packet Sniff over UDP (TZSP Protocol)... !?
Replies: 7
Views: 7766

Re: How to Packet Sniff over UDP (TZSP Protocol)... !?

Just forget about padding and fragmentation, the capture you see has nothing to do with this (even more - according to TZSP spec any tagged fields, including padding, can NOT follow TAG_END). Everything is really simple, please study relevant specs carefully - TZSP, Ethernet, IP. You can use Wiresha...
by Mplsguy
Tue Sep 03, 2013 2:50 pm
Forum: General
Topic: How to Packet Sniff over UDP (TZSP Protocol)... !?
Replies: 7
Views: 7766

Re: How to Packet Sniff over UDP (TZSP Protocol)... !?

As you see from TZSP header, encapsulation type is ethernet (0x00 0x01), so what follows TZSP header is ethernet packet that starts with ethernet header. These 0s are ethernet source and destination addresses. This can happen (ethernet source and destination set to all 0s) when sniffing on all inter...
by Mplsguy
Tue Dec 06, 2011 10:07 pm
Forum: Wireless Networking
Topic: nv2 cell radius
Replies: 3
Views: 4224

Re: nv2 cell radius

nv2-cell-radius setting does not affect what distance is detected for every particular client, therefore it is completely normal that detected distance (as reported on client and also in AP registration table for every connected client) stays the same no matter what this setting is set to. This sett...
by Mplsguy
Fri Dec 02, 2011 10:08 pm
Forum: Wireless Networking
Topic: ampdu priorities
Replies: 8
Views: 26148

Re: ampdu priorities

Just to clarify - ht-ampdu-priorities setting only specifies frame priorities for which AMPDU usage will get negotiated, it does not itself enable any assigning of priorities (classifying) and does not make interface act in different way on packets with different priorities, just as explained in: ht...
by Mplsguy
Wed Aug 31, 2011 11:09 am
Forum: Forwarding Protocols
Topic: VPLS Tunnel between different areas
Replies: 5
Views: 2222

Re: VPLS Tunnel between different areas

Probably MPLS LSP is "broken" on area border router. There is no limitation for VPLS to work between routers in different areas - actually MPLS (and therefore VPLS) does not care what IGP is used to exchange routes. What matters is that there must be "complete" MPLS LSP between VPLS endpoints and us...
by Mplsguy
Fri Jul 01, 2011 11:22 am
Forum: Forwarding Protocols
Topic: L3 mpls vpn between cisco 7600 and mikrotik
Replies: 2
Views: 1718

Re: L3 mpls vpn between cisco 7600 and mikrotik

Please explain your setup in more detail and post config of devices (addresses, routes, routing protocol config) and traceroute results. In classic VPNv4 setup CE devices do not need VRFs (VRF is necessary only on PE routers), CE devices only need "main" routing table where routes are added either s...
by Mplsguy
Wed Jun 29, 2011 9:42 am
Forum: Wireless Networking
Topic: Wireless NV2 messages explanation please!!!
Replies: 30
Views: 5437

Re: Wireless NV2 messages explanation please!!!

Would this now mean that if I set my client to NV2 only this message dissapears and at the same time the scanning process for the protocols is skipped and client has an even faster change to connect to NV2 AP? (After all, AP is both with SSID and mac in the ´connect-to´ list, freq. scans is set for...
by Mplsguy
Tue Jun 28, 2011 11:13 pm
Forum: Wireless Networking
Topic: Wireless NV2 messages explanation please!!!
Replies: 30
Views: 5437

Re: Wireless NV2 messages explanation please!!!

What does the “ MT: no ” mean? This is cosmetic, it will say "yes" only for 802.11&nstreme routeros APs. Why “ uses TDMA, skip ”? Off course the AP uses TDAM (=NV2), so why “skip”? This is more tricky. I guess you have "wireless-protocol=nv2-nstreme-802.11" on client. Here is what happens - station...
by Mplsguy
Wed Jun 22, 2011 8:55 am
Forum: Forwarding Protocols
Topic: LDP flapping after changing wireless BH link.
Replies: 4
Views: 1748

Re: LDP flapping after changing wireless BH link.

If LDP adjacency is maintained fine with targeted hellos, I would say that your link is having trouble forwarding multicast packets (LDP hellos). You can check that with sniffer.
by Mplsguy
Fri Jun 10, 2011 8:47 am
Forum: Wireless Networking
Topic: NV2 Timing related disconnects
Replies: 47
Views: 7645

Re: NV2 Timing related disconnects

Ok, thanks. Never too old to learn. So for hardening the connection it is no use. Is there any difference in choosing either the SSID classifier or the mac address in the ´connect-to´ lists? Maybe a wise idea to use both the classifiers in one ´connect-to´ rule? Pro's and con's of each of these 3 o...
by Mplsguy
Fri Jun 10, 2011 12:22 am
Forum: Wireless Networking
Topic: NV2 Timing related disconnects
Replies: 47
Views: 7645

Re: NV2 Timing related disconnects

I set for each AP a ´connect-to´ rule with in one its SSID and the other the mac address. So for 2 AP's you'll get 4 rules. Reason: If you use mac address only and you need to change the radio of the AP (because it is broken), clients won't connect to new radio. You'll have to visit each of them. (...
by Mplsguy
Thu Jun 09, 2011 10:38 pm
Forum: Forwarding Protocols
Topic: VPLS NOT USING TE TUNNELS
Replies: 26
Views: 4021

Re: VPLS NOT USING TE TUNNELS

Well, all kinds of VPLS work over TE tunnels. Actually VPLS tunnels prefer LSP established with TE over LSP established with LDP. In your situation most likely the problem is that in order to do VPLS tunnel label exchange for Cisco BGP VPLS and static VPLS, you actually need LDP, but not for establi...
by Mplsguy
Wed Jun 01, 2011 11:52 pm
Forum: Wireless Networking
Topic: ARQ in NV2 versus Ack in 802.11 legacy
Replies: 2
Views: 7579

Re: ARQ in NV2 versus Ack in 802.11 legacy

From terminology standpoint ACK in 802.11 is also ARQ mechanism. In every protocol ARQ is used to achieve reliable data transmission, so the purpose is the same. The main difference between ARQ mechanism in nstreme/nv2 and 802.11 is that 802.11 basically uses Stop-and-wait ARQ , while nstreme/nv2 us...
by Mplsguy
Wed May 18, 2011 12:22 am
Forum: Wireless Networking
Topic: Explaination of NV2 register table readings please..
Replies: 8
Views: 2972

Re: Explaination of NV2 register table readings please..

tdma-timing-offset is proportional to distance, so there is no "ideal" reading - it is approximately two times the propagation delay. AP measures this so that it can tell clients what offset to use for their transmissions - clients then subtract this offset from their target transmission time such t...
by Mplsguy
Fri Apr 22, 2011 10:19 am
Forum: General
Topic: Transitioning station pseudobridge CPE's to NV2.
Replies: 3
Views: 1618

Re: Transitioning station pseudobridge CPE's to NV2.

5.x version supports station-bridge mode also for 802.11 & nstreme protocols. So you can transition in really simple way: - upgrade all devices to 5.x - on AP enable "bridge-mode", set wireless-protocol=802.11 (assuming you use 802.11) - on all clients set mode=station-bridge and wireless-protocol=a...
by Mplsguy
Fri Apr 01, 2011 10:35 am
Forum: Forwarding Protocols
Topic: Cisco BGP Vpls - MIkrotik - cisco7604
Replies: 6
Views: 4436

Re: Cisco BGP Vpls - MIkrotik - cisco7604

Well, I can agree that RouterOS usage of term VPLS might be confusing, especially if looking from cisco perspective. In RouterOS "VPLS interface" (entity appearing in "/interface vpls" that you can use as any other network interface in your router) is what is known as "pseudowire". There are a few w...
by Mplsguy
Fri Mar 25, 2011 1:35 am
Forum: Wireless Networking
Topic: data rates / basic rates setting best practise
Replies: 10
Views: 11717

Re: data rates / basic rates setting best practise

With basic rates AP says what rates every device in network must support, it simply does not accept clients that do not support all basic rates. supported rates - rates at which particular device can transmit/receive. Actual rate set used between two devices contains all rates that are in common in ...
by Mplsguy
Fri Jan 28, 2011 6:02 pm
Forum: Forwarding Protocols
Topic: Cisco BGP Vpls - MIkrotik - cisco7604
Replies: 6
Views: 4436

Re: Cisco BGP Vpls - MIkrotik - cisco7604

cisco-bgp-vpls implementation was indeed tested with cisco 7609. Unluckily that does not mean that it will interoperate with particular cisco router and/or IOS version. I suggest you: - enable more mpls/ldp/l2vpn debugs on cisco to help diagnose the problem - send souput file to support, made after ...
by Mplsguy
Fri Dec 31, 2010 1:55 pm
Forum: Forwarding Protocols
Topic: refresh time and k factor for MPLS
Replies: 6
Views: 2113

Re: refresh time and k factor for MPLS

You can configure k-factor and refresh-time in "/mpls traffic-eng interface" menu. Basically these parameters control how often RSVP Path and Resv messages are sent out the particular interface. You can think of it as of hello interval for OSPF. The basic idea is - refresh-time specifies how often m...
by Mplsguy
Sat Aug 07, 2010 8:24 am
Forum: General
Topic: New wireless protocol: Nv2 in v5.0beta5
Replies: 217
Views: 78161

Re: New wireless protocol: Nv2 in v5.0beta5

There are no explicit limits for scan-list length, but still it is better to keep it shorter - the shorter it is, the faster full scan will complete. Indeed there is a problem with nv2 and long scan-lists that will be fixed in next version. Take into account that scan for nv2 networks takes approxim...
by Mplsguy
Thu Jul 29, 2010 8:11 pm
Forum: Forwarding Protocols
Topic: MPLS neighbourg disconnects
Replies: 3
Views: 1361

Re: MPLS neighbourg disconnects

By "managed to get it more stable" do you mean that neighbor is not "flapping" any more? This seems to be issue somehow related to OSPF. It would be very handy if you sent a few supout files to support, made with some time interval, e.g. 5min (so that some number of flaps would have happened). Refer...
by Mplsguy
Sat Jul 24, 2010 6:01 am
Forum: General
Topic: New wireless protocol: Nv2 in v5.0beta5
Replies: 217
Views: 78161

Re: New wireless protocol: Nv2 in v5.0beta5

nv2 is not compatible with Airmax. nv2 is supported for all Atheros cards, except old AR5211 based, so in order to try it out it is not required to have 11n cards - just upgrade, set wireless-protocol=any on station (this will enable station to look for whatever protocol AP that is available with ap...
by Mplsguy
Thu Jul 22, 2010 2:01 pm
Forum: Forwarding Protocols
Topic: VPLS RouterOS <-> JUNOS BGP signalling problem
Replies: 17
Views: 5895

Re: VPLS RouterOS <-> JUNOS BGP signalling problem

Please contact support (refer to this topic) with info on what type of RBs you use and what ROS version, hopefully you will get testing package in the nearest future (today or tomorrow).
by Mplsguy
Wed Jul 21, 2010 11:34 pm
Forum: Forwarding Protocols
Topic: VPLS RouterOS <-> JUNOS BGP signalling problem
Replies: 17
Views: 5895

Re: VPLS RouterOS <-> JUNOS BGP signalling problem

Your help will be most handy when these features get implemented - you will be welcome to test them :). As to the interoperability testing - there has been plenty of testing with Cisco equipment, different models. I must say that there were also number of problems that had to be addressed, especiall...
by Mplsguy
Tue Jul 20, 2010 7:06 pm
Forum: Forwarding Protocols
Topic: VPLS RouterOS <-> JUNOS BGP signalling problem
Replies: 17
Views: 5895

Re: VPLS RouterOS <-> JUNOS BGP signalling problem

I am sorry to say that, but this particular "problem" has not been fixed yet due to scarce resources - it is noted and on TODO list for next batch of MPLS improvements. Probably loud and clear demand for this feature may boost its priority, but anyway - thanks for the reports. Any other reports/wish...
by Mplsguy
Mon Jul 19, 2010 11:30 am
Forum: Forwarding Protocols
Topic: MPLS MTU between 433AH and 411A
Replies: 3
Views: 1105

Re: MPLS MTU between 433AH and 411A

Like I said - you have to take into account l2mtus of links that are involved in MPLS network - links over which MPLS packets are sent, no matter what MPLS application you are using, be it "simple" MPLS forwarding of IP packets or VPLS. If you intend to forward MPLS traffic (with VPLS inside it) ove...
by Mplsguy
Fri Jul 16, 2010 5:58 pm
Forum: Forwarding Protocols
Topic: MPLS MTU between 433AH and 411A
Replies: 3
Views: 1105

Re: MPLS MTU between 433AH and 411A

If you have your VPLS tunnel going only over wireless link (which is the case in wiki example), you do not have to worry about ethernet l2mtu - only l2mtu-s you care about are for interfaces that are involved in actual VPLS tunnel. And wireless has big enough l2mtu by default. Wiki example actually ...
by Mplsguy
Wed Jul 14, 2010 1:15 pm
Forum: Forwarding Protocols
Topic: MPLS LDP neighbor problem
Replies: 4
Views: 3008

Re: MPLS LDP neighbor problem

Does this flapping happen constantly or only occasionally? Anyway, I suggest you send supout files of both - AP and client to support with reference to this topic.
by Mplsguy
Tue Jul 13, 2010 7:59 am
Forum: Forwarding Protocols
Topic: Help with MPLS please
Replies: 8
Views: 3458

Re: Help with MPLS please

From your config I understand that you are trying to establish 2 vpls tunnels, one between station1 and AP and second between station2 and AP. Is that correct? In this case please post VPLS config on AP also. Additionally - there are no any LDP bindings on station 2. This tells that most likely you ...
by Mplsguy
Thu Jul 08, 2010 10:56 pm
Forum: Forwarding Protocols
Topic: TE Tunnel and Load sharing or load distribution
Replies: 2
Views: 1662

Re: TE Tunnel and Load sharing or load distribution

I guess you should create as many VPLS tunnels as necessary and then use bonding for load sharing/balancing - instead of bridging ethernet with VPLS tunnel, bridge ethernet with bonding interface. Then add VPLS tunnels that traverse different paths as slaves to bonding interface.
by Mplsguy
Thu Jul 08, 2010 4:19 pm
Forum: Forwarding Protocols
Topic: Help with MPLS please
Replies: 8
Views: 3458

Re: Help with MPLS please

please post output of the following commands on all involved devices:

/ip address print
/ip route print
/mpls local-bindings print
/mpls remote-bindings print
/interface vpls print
by Mplsguy
Mon Jul 05, 2010 10:56 am
Forum: Forwarding Protocols
Topic: te tunnel and multiple VPLS interfaces
Replies: 3
Views: 2370

Re: te tunnel and multiple VPLS interfaces

If you have a number of core and provider edge routers with multiple customers at each PE is it possible to specify which TE tunnel for an individual VPLS tunnel to traverse over? I'll attach a graphic to better explain my question... You can add multiple "loopback" addresses to each router, establ...
by Mplsguy
Tue Jun 29, 2010 11:15 pm
Forum: Forwarding Protocols
Topic: vpls issue-tunnel is up but no data transfer
Replies: 5
Views: 1248

Re: vpls issue-tunnel is up but no data transfer

but if use following scenario no issue host a --ether--router a--->wlan----wlan<---routerb---ether--host b It seems you do not have proper MPLS LSP established between VPLS endpoints (I guess so because it works when endpoints are directly attached). Make sure that you have LDP or TE properly confi...
by Mplsguy
Fri Jun 11, 2010 5:30 pm
Forum: Forwarding Protocols
Topic: Challenging Question regarding QinQ !!!
Replies: 11
Views: 4973

Re: Challenging Question regarding QinQ !!!

Any particular reason why you do not create "QinQ VLAN" directly on VPLS interface?
Kind of:
   / vlan1 - bridge(vlan1) - vlan1 \
eth- vlan2 - bridge(vlan2) - vlan2 - QinQvlan - VPLS
   \ vlan3 - bridge(vlan3) - vlan3 /
by Mplsguy
Thu Jun 10, 2010 12:17 pm
Forum: Forwarding Protocols
Topic: VPLS - Difference between Raw Ethernet and Tagged ?
Replies: 2
Views: 1966

Re: VPLS - Difference between Raw Ethernet and Tagged ?

Actually from RouterOS point of view there is no difference in operation for these modes (except specifying appropriate mode during PW establishment), because VLAN tagging/untagging actions described in RFC 4448 must be configured manually using bridges and VLANs. Tagged mode was added because there...
by Mplsguy
Fri Jun 04, 2010 7:31 pm
Forum: Forwarding Protocols
Topic: How to forward traffic on TE-Tunnel; only on Core routers
Replies: 1
Views: 902

Re: How to forward traffic on TE-Tunnel; only on Core router

There is no support for such feature currently. But this feature can be added to TODO list if there is enough demand. Please post references to any standards and other product documentation that explains this feature.
by Mplsguy
Wed Jun 02, 2010 4:16 pm
Forum: Forwarding Protocols
Topic: VPLS tx error / not Running state
Replies: 6
Views: 4115

Re: VPLS tx error / not Running state

From your config I understand that your VPLS endpoints are not on the same subnet (are not directly connected). In order for such a tunnel to work you need MPLS LSP between both endpoints that would transport VPLS packets. There clearly is no such LSP in your setup, because the only LDP neighbour yo...
by Mplsguy
Tue May 11, 2010 12:15 am
Forum: Forwarding Protocols
Topic: LDP - can't talk to neighbor
Replies: 5
Views: 2581

Re: LDP - can't talk to neighbor

I suggest you send supout.rif file, made while you experience this issue, to support@mikrotik.com.
by Mplsguy
Tue Apr 06, 2010 7:17 pm
Forum: Wireless Networking
Topic: Wireless link througput guideline versus data rate
Replies: 15
Views: 4100

Re: Wireless link througput guideline versus data rate

WirelessRudy, lets do some math. Consider perfect point to point 11a link (using 54Mb rate all the time) of length zero (to factor out any issues caused by propagation delay, and yes - although it is near speed of light it still is a factor, more on this later). 1500 byte IP packet becomes 1536 byte...
by Mplsguy
Mon Apr 05, 2010 3:23 pm
Forum: Forwarding Protocols
Topic: mpls/vpls problem
Replies: 2
Views: 885

Re: mpls/vpls problem

hello every one is there problem when don't using dynamic routing protocol when trying to setup mpls/vpls i have network with all routes configured statically and i tried to configure a vpls tunnel , for now the vpls tunnel is running but nothing forwarded throw the tunnel , I checked in the wiki a...
by Mplsguy
Mon Apr 05, 2010 11:48 am
Forum: Wireless Networking
Topic: Wireless link througput guideline versus data rate
Replies: 15
Views: 4100

Re: Wireless link througput guideline versus data rate

I am looking for a guideline on what the max. real life user data throughput can be for wireless link. For normal mode (20Mhz channel) balanced link (both directions same connection rate) and no loss of packages (CCQ 100%) 50% of connection rate can be used as estimating max. total user data throug...
by Mplsguy
Sun Apr 04, 2010 3:10 pm
Forum: Wireless Networking
Topic: WDS 4 address mode?
Replies: 2
Views: 893

Re: WDS 4 address mode?

WDS in RouterOS does indeed use 4 address frame format. But this does not mean that 2 devices will properly interoperate. The thing is that different implementations can implement establishing of connection in different ways. There is no standard for this and this is where incompatibility is possibl...
by Mplsguy
Wed Mar 31, 2010 8:39 am
Forum: Wireless Networking
Topic: 802.11n 5Ghz-Only-N versus 5Ghz a/n
Replies: 5
Views: 8866

Re: 802.11n 5Ghz-Only-N versus 5Ghz a/n

OK, that can well be true. But in seeking more info and explanation we all tend to read white papers and visit MUM's to see how the guru's think it works. If they talk (and this is written down) that both are the same who am I to question? If I can't take info given in whitepapers or MT presentatio...
by Mplsguy
Tue Mar 30, 2010 8:58 pm
Forum: Wireless Networking
Topic: 802.11n 5Ghz-Only-N versus 5Ghz a/n
Replies: 5
Views: 8866

Re: 802.11n 5Ghz-Only-N versus 5Ghz a/n

Why status in peer still shows "a/n" while radio is in "Only-N" mode was also my question but is not cleared in this. A software bug? only-n is not really a special hardware mode. It is the same as a/n, except it does not accept legacy clients. When station connects to AP it is not distinguishing b...
by Mplsguy
Sat Mar 13, 2010 9:42 pm
Forum: Wireless Networking
Topic: Nstreme2 can be 100% FDD?
Replies: 12
Views: 2803

Re: Nstreme2 can be 100% FDD?

each channel is used exclusively in one direction. I understand that with Nstreme protocol we can disable CSMA and specially the ACK that sends the receiver to the transmitter. Is this true?. If the receiver ACK can't be disabled, from a legal point of view, the channel is being used as TDD (time d...
by Mplsguy
Fri Mar 05, 2010 10:40 pm
Forum: Forwarding Protocols
Topic: Bandwidth Control in VPLS
Replies: 2
Views: 1303

Re: Bandwidth Control in VPLS

I don't know what you mean by "restrict per port" (what is "port" here?), but perhaps you should look at this:
http://wiki.mikrotik.com/wiki/TE_tunnel_auto_bandwidth
by Mplsguy
Wed Mar 03, 2010 4:12 pm
Forum: Forwarding Protocols
Topic: VPLS RouterOS <-> JUNOS BGP signalling problem
Replies: 17
Views: 5895

Re: VPLS RouterOS <-> JUNOS BGP signalling problem

Sequencing is not the only purpose of control word. It can also be used for fragmentation and reassembly, and this is the main reason why RouterOS uses it. And this can hardly be considered "proprietary", because fragmentation and reassembly in RouterOS is implemented according to RFC 4623. Usage of...
by Mplsguy
Wed Mar 03, 2010 9:27 am
Forum: Forwarding Protocols
Topic: VPLS RouterOS <-> JUNOS BGP signalling problem
Replies: 17
Views: 5895

Re: VPLS RouterOS <-> JUNOS BGP signalling problem

RFC 4761 does not specify that ID block offset 0 should be considered as invalid. What VPLS NLRI says is: originator advertises that sites with IDs in range blockoffset->blockoffset+blocksize-1 should use labels labelbase->labelbase+blocksize-1. So if receiver ID fits in this range he knows what lab...
by Mplsguy
Sun Feb 14, 2010 6:01 pm
Forum: Forwarding Protocols
Topic: VPLS & TE Tunnel
Replies: 2
Views: 911

Re: VPLS & TE Tunnel

VPLS tunnel uses LSP that is established with the other end of tunnel. If TE LSP is available, it is preferred. As soon as TE tunnel goes down, VPLS tunnel may select other LSP to the other end. So the key point is to ensure that there is no other LSP available. Assuming that that "other" LSP is est...
by Mplsguy
Wed Feb 03, 2010 9:58 am
Forum: Forwarding Protocols
Topic: VPLS termination - your opinion?
Replies: 2
Views: 856

Re: VPLS termination - your opinion?

So what is your opinion? How much will the load increase if the AC has 100 VPLS tunnels instead of 10? There has been some discussion on which router to make PE in this thread (though probably it does not directly apply to your case): http://forum.mikrotik.com/viewtopic.php?f=14&t=33851&p=168464 As...
by Mplsguy
Wed Jan 27, 2010 8:53 pm
Forum: Forwarding Protocols
Topic: VPLS Multihomming?
Replies: 4
Views: 1657

Re: VPLS Multihomming?

A multihomed VPLS solution in general: Facility to terminate to VPLS tunnels into the same bridge without loop problems. We are planning: VPLS Customer with 2 Routers terminating same VPLS instance via 2 different last mile connections to achieve router and last mile redundancy So basically a rstp ...
by Mplsguy
Mon Jan 25, 2010 4:42 pm
Forum: Forwarding Protocols
Topic: VPLS Multihomming?
Replies: 4
Views: 1657

Re: VPLS Multihomming?

Do you mean some "standard" implementation for VPLS multihoming (like draft-ietf-l2vpn-vpls-multihoming) or a multihomed VPLS solution in general? Please describe your planned setup. You can set up multihomed site with redundant VPLS tunnels, but some means must be used to avoid forwarding loop - e....
by Mplsguy
Mon Jan 25, 2010 4:31 pm
Forum: Forwarding Protocols
Topic: MPLS : loop-detect=yes
Replies: 6
Views: 5316

Re: MPLS : loop-detect=yes

Thanks..As a rule of thumb, should I enable "Use explicit NULL" on all my egress routers? Only if it is necessary to receive EXP bits at the egress router (meaning - you use this information on egress router in some way). Otherwise it is not necessary and actually having penultimate hop popping is ...
by Mplsguy
Mon Jan 25, 2010 11:06 am
Forum: Forwarding Protocols
Topic: MPLS : loop-detect=yes
Replies: 6
Views: 5316

Re: MPLS : loop-detect=yes

Another 2 quickies: 1) Regarding "Use explicit NULL" When would I use it? Correct me if i'm wrong, would I enable "Use explicit NULL" on router R3? Assuming I want to preserve CoS http://www.doyleassociates.net/Blog/Labels/Figure2.gif In this setup you should enable it on R4 - this will make R4 to ...
by Mplsguy
Sun Jan 24, 2010 10:58 pm
Forum: Forwarding Protocols
Topic: MPLS : loop-detect=yes
Replies: 6
Views: 5316

Re: MPLS : loop-detect=yes

Well, normally you do not need to use it. The main intention of loop detection in MPLS architecture is to have some means to survive loops when hardware is not able to do TTL decrement on forwarding (some ATM switches, perhaps). Other than that - you may want to use loop detection if you are using s...
by Mplsguy
Thu Jan 21, 2010 8:13 pm
Forum: Forwarding Protocols
Topic: MPLS with manual static labels?
Replies: 1
Views: 1132

Re: MPLS with manual static labels?

You can create static local and remote label bindings (/mpls local-bindings and /mpls remote-bindings). Static bindings "work" the same way as LDP learned ones. That is - local binding specifies the label that will be accepted and remote binding specifies the label that will be used for outgoing fra...
by Mplsguy
Thu Jan 21, 2010 8:02 pm
Forum: Forwarding Protocols
Topic: MPLS and VLAN help
Replies: 3
Views: 1485

Re: MPLS and VLAN help

If you want to transparently forward everything (including VLAN tagged packets) over VPLS link, you do not have to create any VLAN interfaces - simply bridge ethernet with VPLS interface.
by Mplsguy
Sun Dec 27, 2009 5:12 pm
Forum: Forwarding Protocols
Topic: Secondary path config for TE tunnel?
Replies: 11
Views: 3032

Re: Secondary path config for TE tunnel?

headstrong, affinity stuff has nothing to do with metrics. You can think of affinity stuff as of color labels you give to links (each bit in value telling if link has particular color label or not). Then you can make tunnel such that it only uses links that have e.g. red label ("include" part). Or m...
by Mplsguy
Sun Dec 27, 2009 8:56 am
Forum: Forwarding Protocols
Topic: Secondary path config for TE tunnel?
Replies: 11
Views: 3032

Re: Secondary path config for TE tunnel?

2. Include-any This test accepts a link if the link carries any of the attributes in the set. (include-any == 0) | ((link-attr & include-any) != 0) What is the syntax for the link attributes? I do not know what to type after the below?? These settings are unsigned 32 bit numbers, so any number synt...
by Mplsguy
Fri Dec 25, 2009 12:18 pm
Forum: Forwarding Protocols
Topic: Secondary path config for TE tunnel?
Replies: 11
Views: 3032

Re: Secondary path config for TE tunnel?

Please could you explain the 3 affinity settings: affinity-include, affinity-exclude, affinity-any? I tried searching but found no material on it. See RFC 3209, section 4.7.4. "Resource Affinity Procedures" - it explains how these settings are matched against tunnel setting. I have left them as def...
by Mplsguy
Thu Dec 24, 2009 10:36 am
Forum: Forwarding Protocols
Topic: Secondary path config for TE tunnel?
Replies: 11
Views: 3032

Re: Secondary path config for TE tunnel?

Thanks again I have a wierd situation regarding a TE tunnel between two sites. VPLS works, so does BGP peering, aswell as IP routing between the loopback ips. But I cannot get the TE tunnel to come up with "use-cspf=no" and also tried "use-cspf=yes" Would this be an OSPF issue? It is possble to cre...
by Mplsguy
Wed Dec 23, 2009 5:51 pm
Forum: Forwarding Protocols
Topic: te tunnel path
Replies: 4
Views: 1655

Re: te tunnel path

Problem with CSPF has been confirmed and will be fixed in next release. Thanks for pointing out!
by Mplsguy
Wed Dec 23, 2009 4:07 pm
Forum: Forwarding Protocols
Topic: te tunnel path
Replies: 4
Views: 1655

Re: te tunnel path

Two first traceroutes suggest that regular routing in your setup is somehow going asymmetrically. Please post routing tables of R3,R4 and R5.
by Mplsguy
Wed Dec 23, 2009 3:53 pm
Forum: Forwarding Protocols
Topic: Secondary path config for TE tunnel?
Replies: 11
Views: 3032

Re: Secondary path config for TE tunnel?

Would configuring a static secondary path improve the time taken to bring the TE tunnel back up should the dynamic primary path become impossible? Upon failure of primary-path (and this does not exactly mean data forwarding disruption, but failure of RSVP tunnel, which takes time to detect), primar...
by Mplsguy
Wed Dec 23, 2009 10:40 am
Forum: Forwarding Protocols
Topic: Secondary path config for TE tunnel?
Replies: 11
Views: 3032

Re: Secondary path config for TE tunnel?

It is not necessary, because primary path is fine - tunnel establishes using it. The purpose of secondary paths is to provide alternative for tunnel if establishing tunnel using primary path is impossible.
by Mplsguy
Mon Nov 30, 2009 8:53 pm
Forum: Forwarding Protocols
Topic: MPLS/VPLS QOS
Replies: 1
Views: 2706

Re: MPLS/VPLS QOS

We migrate our network from OSPF/EOIP to a MPLS/VPLS solution seeking for a better QOS management. The issue it’s not on ingress routers. The proper set on EXP field it’s done at the bridge filters. We set the exp 7 for voice and 0 for the other traffic. That set is forward to the core router but I...
by Mplsguy
Thu Nov 26, 2009 4:34 pm
Forum: Forwarding Protocols
Topic: why can't I use /24 routes for LDP and VPLS?
Replies: 1
Views: 1065

Re: why can't I use /24 routes for LDP and VPLS?

This is how it should be - it is mandatory for VPLS to work to have complete, "uninterrupted" LSP between VPLS endpoints, because only VPLS endpoints know how to interpret VPLS label (second label in label stack). LDP establishes LSP for each specific prefix, so LSP reaches to the last hop for this ...
by Mplsguy
Mon Nov 23, 2009 4:55 pm
Forum: Forwarding Protocols
Topic: IP routing on an MPLS network
Replies: 2
Views: 885

Re: IP routing on an MPLS network

I created a TE tunnel and did a ping over the TE interface but the traffic did not come back over the same TE interface...ie it was sending over the TE tunnel but not receiving TE tunnels are not bidirectional. Pay attention to first paragraph of http://wiki.mikrotik.com/wiki/MPLS_TE_Tunnels#Forwar...
by Mplsguy
Sun Nov 22, 2009 10:55 pm
Forum: Forwarding Protocols
Topic: Guarantee bandwidth for TE tunnel?
Replies: 10
Views: 2743

Re: Guarantee bandwidth for TE tunnel?

I suppose that could work to a certain degree but certainly not effective enough for a large network... I have an idea: Lets say I have a routed network that carries both VOIP and DATA traffic What about creating a pptp tunnel between each highsite with the IP range 10.0.0.1/24 I then run OSPF over...
by Mplsguy
Fri Nov 20, 2009 3:27 pm
Forum: Forwarding Protocols
Topic: Guarantee bandwidth for TE tunnel?
Replies: 10
Views: 2743

Re: Guarantee bandwidth for TE tunnel?

So if link is saturated and multiple ACs have packets waiting for transmit, AC that has higher probability to transmit will in the end get more bandwidth (provided that packet sizes in ACs are the same). Thanks again for the info, could you please alloborate at what you mean by "provided that packe...
by Mplsguy
Fri Nov 20, 2009 10:26 am
Forum: Forwarding Protocols
Topic: Guarantee bandwidth for TE tunnel?
Replies: 10
Views: 2743

Re: Guarantee bandwidth for TE tunnel?

hmmm ok thanks for clearing that up... With WMM, doesn't it just give the higher priority traffic "better" access category? So if the link is saturated then WMM doesn't really make much of a benefit?? or am I wrong? It does put traffic in better access category. "Better" for AC means higher probabi...
by Mplsguy
Fri Nov 20, 2009 10:15 am
Forum: Forwarding Protocols
Topic: Technical advice regarding MPLS/VPLS (L2 MTU)
Replies: 12
Views: 7112

Re: Technical advice regarding MPLS/VPLS (L2 MTU)

One of my PCI Gigabit NICs reports 1600 L2 MTU. I don't know the chipset, but the card is D-Link DGE-528T H/W Ver: A2. I guess it is RealTek 8169S. Sorry, I misinterpreted hedeles question. It is Intel cards that definitely do not "support" l2mtu. L2 MTU is supported for RTL 8169 and VIA Velocity f...
by Mplsguy
Thu Nov 19, 2009 11:00 pm
Forum: Forwarding Protocols
Topic: Guarantee bandwidth for TE tunnel?
Replies: 10
Views: 2743

Re: Guarantee bandwidth for TE tunnel?

Hmmm so you saying that traffic needs to be limited at ingress....So there is absolutely no way that a MPLS router, that just acts a switching hop, can limit speeds for MPLS traffic? or give higher bandwidth to a specific tunnel? There must be a way somehow You are correct - there is no way for a "...
by Mplsguy
Thu Nov 19, 2009 10:42 pm
Forum: Forwarding Protocols
Topic: Technical advice regarding MPLS/VPLS (L2 MTU)
Replies: 12
Views: 7112

Re: Technical advice regarding MPLS/VPLS (L2 MTU)

Thanks for the info mplsguy!

Can you name any gigabit ethernet cards which report L2 MTU and are supported by ROS 4.2 x86?
I am afraid only gigabit chipsets used on routerboards do report L2 MTU. So I guess the best you can do at this time is increase IP MTU.
by Mplsguy
Wed Nov 18, 2009 12:41 am
Forum: Forwarding Protocols
Topic: Guarantee bandwidth for TE tunnel?
Replies: 10
Views: 2743

Re: Guarantee bandwidth for TE tunnel?

It is best to think of TE tunnels as of "accounting" feature, not rate limiting feature. When traffic is switched across tunnel, no limits are applied. In order to have "guarantee" you must properly configure you network. The rule of thumb - configure TE on core routers with proper bandwidth availab...
by Mplsguy
Thu Nov 12, 2009 8:44 am
Forum: Forwarding Protocols
Topic: Technical advice regarding MPLS/VPLS (L2 MTU)
Replies: 12
Views: 7112

Re: Technical advice regarding MPLS/VPLS (L2 MTU)

Basic rule is that cards not showing l2mtu can be considered having l2mtu the same as configured IP MTU (/interface set mtu=x). It is common for cards to actually "run" with l2mtu=IP MTU + 4 (for single VLAN encapsulation) or even a little bigger value. But this can not be safely assumed or taken fo...
by Mplsguy
Thu Nov 05, 2009 3:54 pm
Forum: Forwarding Protocols
Topic: Should I be able to torch MPLS traffic?
Replies: 4
Views: 3587

Re: Should I be able to torch MPLS traffic?

Lets say I have a wireless network and all the highsites are doing mpls packet switching ( no VPLS ), am I able to setup queues for qos? ie with mangle rules in firewall MPLS switching bypasses any firewall rules, therefore you can not use mangle. It actually is not even possible, because MPLS swit...
by Mplsguy
Thu Nov 05, 2009 9:59 am
Forum: Forwarding Protocols
Topic: Technical advice regarding MPLS/VPLS (L2 MTU)
Replies: 12
Views: 7112

Re: Technical advice regarding MPLS/VPLS (L2 MTU)

Hi, MPLS requires at least 8 bytes overhead for the encapsulation, so that would be the minimum required for MPLS to be able to forward 1500 mtu frames. Depends on what you mean by forwarding - single label takes 4 bytes, therefore simplest MPLS forwarding requires as much of additional space as VL...
by Mplsguy
Wed Oct 28, 2009 12:15 pm
Forum: Forwarding Protocols
Topic: Should I be able to torch MPLS traffic?
Replies: 4
Views: 3587

Re: Should I be able to torch MPLS traffic?

You should see MPLS packets in torch - ethernet protocol used by MPLS is 0x8847. Of course, torch will not interpret packets any further (will not look for e.g. IP headers and such).
by Mplsguy
Mon Oct 26, 2009 5:35 pm
Forum: Forwarding Protocols
Topic: most stable VPLS setup
Replies: 11
Views: 7117

Re: most stable VPLS setup

Thanks for the clarity, however, I am running VPLS over LDP with an l2mtu of 1522 and the VPLS tunnels still work. Does it by default drop the PPPOE MTU to 1476? EDIT: I just did a ping test, over the pppoe over the VPLS without fragmentation, with a size of 1480 get I reply I don't know to what ex...
by Mplsguy
Mon Oct 26, 2009 11:03 am
Forum: Forwarding Protocols
Topic: most stable VPLS setup
Replies: 11
Views: 7117

Re: most stable VPLS setup

I have wireless and ethernet links as part of my MPLS cloud but I do not have VLAN tags, so l2mtu of 1522 should be fine right? I do run pppoe over the VPLS tho Doe MPLS TE tunnels add more overhead than the 2*4= 8 mpls bytes? Like I said, you need l2mtu 1526 for VPLS forwarding 1514 byte (1500 byt...
by Mplsguy
Fri Oct 23, 2009 9:53 am
Forum: Forwarding Protocols
Topic: most stable VPLS setup
Replies: 11
Views: 7117

Re: most stable VPLS setup

Thanks mpls guy. I have just noticed that I am using RB433 and some sites are joined via ether2 which has a max MTU 1522 compared to 1526 of ether1....I have 3x RB433 linked at some site, hence why ether2 is used Would it be advantages for me to rather use RB600's? Would I see an improvement? It de...
by Mplsguy
Thu Oct 22, 2009 10:01 pm
Forum: Forwarding Protocols
Topic: most stable VPLS setup
Replies: 11
Views: 7117

Re: most stable VPLS setup

I assume you want to avoid fragmentation. Then mpls-mtu of outgoing interface (the one over which VPLS encapsulated frames will get sent) should be set to: 1514(ethernet frame)+4(vpls control word)+8(2 labels)=1526. Note that all routers in MPLS cloud should be configured with the same mpls-mtu. Als...
by Mplsguy
Thu Oct 22, 2009 11:18 am
Forum: Wireless Networking
Topic: 802.11n
Replies: 939
Views: 288370

Re: 802.11n

802.11N or MIMO technology actually takes advantage of multipath to increase throughput as well as range. So one antenna will prohibit you from engaging the full potential. Your system will effectively behave like an 802.11a system... This is not completely true - 11n has other advantages besides m...
by Mplsguy
Thu Aug 27, 2009 1:17 pm
Forum: Forwarding Protocols
Topic: QoS with a single PPPOE server on MPLS
Replies: 11
Views: 5665

Re: QoS with a single PPPOE server on MPLS

You can do it in IP firewall before PPPoE encap or in bridge firewall (by telling bridge firewall to use IP firewall for PPPoE packets) before entering VPLS tunnel. I would do it before PPPoE encap, because bridge firewall is not able to inspect encrypted PPPoE packets and that would also keep your ...
by Mplsguy
Wed Aug 26, 2009 10:13 pm
Forum: Forwarding Protocols
Topic: QoS with a single PPPOE server on MPLS
Replies: 11
Views: 5665

Re: QoS with a single PPPOE server on MPLS

Whichever you prefer/is best for your config, I guess. Probably postrouting, before packets get PPPoE encapsulated. The only requirement is that you do it before packet enters VPLS tunnel.
by Mplsguy
Wed Aug 26, 2009 3:13 pm
Forum: Forwarding Protocols
Topic: OSPF or BGP for MPLS network for WISP
Replies: 32
Views: 9845

Re: OSPF or BGP for MPLS network for WISP

Currently there is no feature that would display what labels are attached when packets are sent using some route. It is on TODO list. In your case - you can be pretty sure that MPLS is used if your P router does not have your VPN routes and therefore would not be able to forward traffic without MPLS.
by Mplsguy
Tue Aug 25, 2009 9:40 am
Forum: Forwarding Protocols
Topic: OSPF or BGP for MPLS network for WISP
Replies: 32
Views: 9845

Re: OSPF or BGP for MPLS network for WISP

We use NStreme on all our AP's so can't utilise WMM. Any other options? Well, if you insist on doing QoS on AP (that is - QoS on ingress router is not enough), then I guess you should have your AP as PE router and use queues. Currently RouterOS does not have queue type that would prioritize based o...
by Mplsguy
Sun Aug 23, 2009 11:12 pm
Forum: Forwarding Protocols
Topic: OSPF or BGP for MPLS network for WISP
Replies: 32
Views: 9845

Re: OSPF or BGP for MPLS network for WISP

Depends on what QoS feature you want to implement - if you want to use WMM, then setup is rather simple - MPLS switching automatically sets up packet priority (that is later used by WMM to select access category) based on label EXP field value, see http://wiki.mikrotik.com/wiki/EXP_bit_behaviour. Yo...
by Mplsguy
Wed Aug 19, 2009 5:25 pm
Forum: Forwarding Protocols
Topic: OSPF or BGP for MPLS network for WISP
Replies: 32
Views: 9845

Re: OSPF or BGP for MPLS network for WISP

Thanks again mplsguy I tried the WDS setup before and it gave me issues with nstreme so I'm going to try the CPE being part of the MPLS cloud..... You must use station-wds mode on client in order to have WDS links in nstreme network. All our CPE's are mikrotik and we have control, so am I correct i...
by Mplsguy
Wed Aug 19, 2009 10:38 am
Forum: Forwarding Protocols
Topic: What does /mpls ldp set distribute-for-default-route=yes do?
Replies: 2
Views: 3368

Re: What does /mpls ldp set distribute-for-default-route=yes do?

In general you are right - this setting controls if LDP distributes label binding for default route. Wether you should enable it, depends of how your routing is configured and what you use MPLS for. But you have to be careful with this setting: once label switching path is established across your ne...
by Mplsguy
Wed Aug 19, 2009 10:15 am
Forum: Forwarding Protocols
Topic: OSPF or BGP for MPLS network for WISP
Replies: 32
Views: 9845

Re: OSPF or BGP for MPLS network for WISP

It is mandatory to have separate CE-PE interface in order to use multiple VRFs. There are multiple ways to achieve this (though none of them will probably be as easy as you would like) - VLANs (like you suggest), separate WDS interface for every customer (in case you use RouterOS on client side as w...
by Mplsguy
Sun Aug 16, 2009 10:21 pm
Forum: Forwarding Protocols
Topic: VPLS and customer VLAN Trunking
Replies: 8
Views: 3967

Re: VPLS and customer VLAN Trunking

No guys, in the lab everything is working perfect. Something in teh production envirnonment must be wrong. @mplsguy: l2MTU of the vpls interface should only affect when full frames are sent but not with pings. In that case the packet will never reach the mtu size limit. Ok, then I guess you simply ...
by Mplsguy
Sun Aug 16, 2009 10:15 pm
Forum: Forwarding Protocols
Topic: VPLS and customer VLAN Trunking
Replies: 8
Views: 3967

Re: VPLS and customer VLAN Trunking

hmmm... what about fragmentation?..
What about it? RouterOS VPLS pseudowires support frame fragmentation/reassembly according RFC 4623. This means, that if l2mtu of VPLS will exceed outgoing link MPLS MTU plus any space needed for VPLS+MPLS encapsulation, frame will get fragmented.
by Mplsguy
Sun Aug 16, 2009 10:08 pm
Forum: Forwarding Protocols
Topic: OSPF or BGP for MPLS network for WISP
Replies: 32
Views: 9845

Re: OSPF or BGP for MPLS network for WISP

You can use OSPF or you can use static routing - depends on what are the requirements and your preferences. If your policy is to allow your customer to introduce new networks and distribute routes across your core to other sites of that customer, then I guess you should use OSPF so you do not have t...
by Mplsguy
Fri Aug 14, 2009 9:55 pm
Forum: Forwarding Protocols
Topic: VPLS and customer VLAN Trunking
Replies: 8
Views: 3967

Re: VPLS and customer VLAN Trunking

use-service-tag simply changes protocol that is used for VLAN encap. In case you want to bridge VLAN tagged packets you do not need any VLAN interface at all. Most likely cause of VLAN encapsulated packets to not get bridged is l2mtu issues - e.g. VPLS interface l2mtu is only 1500 (so it can take "f...
by Mplsguy
Fri Aug 14, 2009 9:51 pm
Forum: Forwarding Protocols
Topic: OSPF or BGP for MPLS network for WISP
Replies: 32
Views: 9845

Re: OSPF or BGP for MPLS network for WISP

Can I use OSPF between the all the MPLS routers to distribute the LDP's and then BGP between just the PE routers for specific vrfs? or must I choose BGP or OSPF? To clarify: you must use some IGP (RIP, OSPF or even static routing) to ensure end-to-end connectivity between PE routers. Then LDP distr...
by Mplsguy
Fri Aug 14, 2009 6:07 pm
Forum: Forwarding Protocols
Topic: OSPF or BGP for MPLS network for WISP
Replies: 32
Views: 9845

Re: OSPF or BGP for MPLS network for WISP

If you mean distributing routes installed in VFRs between PE routers, then yes, you must use BGP.
by Mplsguy
Thu Aug 13, 2009 4:49 pm
Forum: Forwarding Protocols
Topic: MPLS MTU
Replies: 17
Views: 12985

Re: MPLS MTU

Please post relevant parts of edge router configuration - bridge, vpls, vlan. Make sure that l2mtu of VPLS interface supports sending packet with VLAN tag.
by Mplsguy
Thu Aug 13, 2009 10:18 am
Forum: Forwarding Protocols
Topic: MPLS MTU
Replies: 17
Views: 12985

Re: MPLS MTU

After working a while I think I will not be able to transfer the customer VLAN with tag over the VPLS-tunnel because the L2MTU of RB433AH (in MPLS router mode) is to low. Is that right? Yes. L2MTU of 433 is not big enough to be able to forward VPLS frames w/o fragmentation. Is there another way to ...
by Mplsguy
Mon Aug 10, 2009 9:20 pm
Forum: Forwarding Protocols
Topic: OSPF or BGP for MPLS network for WISP
Replies: 32
Views: 9845

Re: OSPF or BGP for MPLS network for WISP

Yes, you are correct, in order to limit unnecessary broadcasting you should use either split horizon feature or bridge firewall.
by Mplsguy
Sun Aug 09, 2009 11:07 pm
Forum: Forwarding Protocols
Topic: OSPF or BGP for MPLS network for WISP
Replies: 32
Views: 9845

Re: OSPF or BGP for MPLS network for WISP

In general yes, as long as packet loss will not cause connections to get terminated, but that is only one part of the story - you also have to add PPPoE server on bridge interface and add VPLS interfaces ("the other ends" so to say) as ports to it, so that PPPoE server does not terminate connections...
by Mplsguy
Fri Aug 07, 2009 4:33 pm
Forum: Forwarding Protocols
Topic: OSPF or BGP for MPLS network for WISP
Replies: 32
Views: 9845

Re: OSPF or BGP for MPLS network for WISP

PPPoE sessions will not necessarily go down (provided that you do not add your PPPoE server and client interfaces directly to VPLS interfaces that will go down, but instead add PPPoE to bridge) - during "reroute" you will simply experience packet loss. It depends on your PPPoE config if that will te...
by Mplsguy
Fri Aug 07, 2009 4:28 pm
Forum: Forwarding Protocols
Topic: QoS with a single PPPOE server on MPLS
Replies: 11
Views: 5665

Re: QoS with a single PPPOE server on MPLS

WMM does not look into frames itself (e.g. at DSCP field). In order for WMM to prioritize packets, you must set priority of packet before it enters WMM enabled wireless link, as discussed here: http://wiki.mikrotik.com/wiki/WMM#How_to_set_priority Note that VPLS terminating router does not automatic...
by Mplsguy
Fri Aug 07, 2009 11:01 am
Forum: Forwarding Protocols
Topic: QoS with a single PPPOE server on MPLS
Replies: 11
Views: 5665

Re: QoS with a single PPPOE server on MPLS

There definitely are performance benefits, you can see migration from EoIP to VPLS example with comparison (showing 60% improvement) here: http://mum.mikrotik.com/presentations/CZ09/MPLS.pdf In order to tunnel PPPoE to central AC, you have to establish VPLS connections between APs and AC. It does no...
by Mplsguy
Thu Jun 25, 2009 3:36 pm
Forum: Forwarding Protocols
Topic: MPLS MTU
Replies: 17
Views: 12985

Re: MPLS MTU

First of all - you must make sure that your hardware does support changing l2mtu and that it supports the value you intend to set. '/interface mtu' is IP MTU. It affects IP routed packets. If you want to route jumbo frames at MPLS ingress router, then you should increase it (because packet initially...
by Mplsguy
Wed Jun 17, 2009 10:04 pm
Forum: Forwarding Protocols
Topic: Using traceroute in MPLS networks
Replies: 4
Views: 3343

Re: Using traceroute in MPLS networks

On which hop do you masquerade? And how is propagate-ttl configured on your LSRs?
by Mplsguy
Wed Jun 17, 2009 5:28 pm
Forum: Forwarding Protocols
Topic: Using traceroute in MPLS networks
Replies: 4
Views: 3343

Re: Using traceroute in MPLS networks

http://wiki.mikrotik.com/wiki/MPLSVPLS#Penultimate_hop_popping_and_traceroute_source_address is talking about missing traceroute reply from first hop. The reason discussed there should not cause any further hop replies to be lost (assuming that everything is set up properly and operational). So this...
by Mplsguy
Fri Jun 12, 2009 4:52 pm
Forum: Scripting
Topic: Need help in writing a pure Win32 C API application...
Replies: 14
Views: 4572

Re: Need help in writing a pure Win32 C API application...

You do not have to concat everything in one string to do md5 - you can update hash part by part. Note that challenge, when converted to binary may also contain 0x0, so reffer to it by length you already know (16 bytes)! // password - null terminated password string // challenge - challenge received ...
by Mplsguy
Fri Jun 12, 2009 12:05 pm
Forum: Wireless Networking
Topic: WMM effect on sector capacity
Replies: 12
Views: 2722

Re: WMM effect on sector capacity

By adjusting WMM parameters you could only improve "background" traffic at the expense of higher latency and smaller throughput for your VOIP. The impact of VOIP on overall throughput of AP is caused by the fact, that VOIP uses small packets and 802.11 networks are very inefficent in handling small ...
by Mplsguy
Tue Jun 09, 2009 11:14 pm
Forum: Forwarding Protocols
Topic: routing vrf problem
Replies: 4
Views: 2454

Re: routing vrf problem

It is mandatory to use "loopback" address as update-source, otherwise remote router will not use proper label mapping to deliver frames to this router - it will use mapping of wrong route that may cause penultimate hop popping to happen at the wrong hop. If BGP does not establish between loopback ad...
by Mplsguy
Tue Jun 09, 2009 6:32 pm
Forum: Forwarding Protocols
Topic: routing vrf problem
Replies: 4
Views: 2454

Re: routing vrf problem

You should set your lobridge interface as BGP peer update-source so that BGP next hop is correct for VPNv4 routes. Also - you do not need multiple BGP instances, you should add all BGP peers to one instance.
by Mplsguy
Fri Jun 05, 2009 9:56 am
Forum: Forwarding Protocols
Topic: Cisco VPLS (BGP) and MTU
Replies: 5
Views: 2602

Re: Cisco VPLS (BGP) and MTU

What exact version and packages are you using? Which routerboards and which ports are used in your setup? What is mpls-mtu setup on all routers? When you use BGP AF l2vpn-cisco, BGP distributes NLRIs created by /interface cisco-bgp-vpls, when you use BGP AF l2vpn, BGP distributes NLRIs created by /i...
by Mplsguy
Thu Jun 04, 2009 10:01 pm
Forum: Forwarding Protocols
Topic: BGP based VPLS - wiki uses unavailable syntax
Replies: 1
Views: 844

Re: BGP based VPLS - wiki uses unavailable syntax

This particular page is a little out of date. 'vpls-id' got replaced with separate import/export-route-targets to provide more flexibility and to make MT VPLS implementation more similar to other vendors. Instead of specifying vpls-id=1:2 you now specify both - mport-route-targets=1:2 and export-rou...
by Mplsguy
Thu Jun 04, 2009 9:56 pm
Forum: Forwarding Protocols
Topic: Cisco VPLS (BGP) and MTU
Replies: 5
Views: 2602

Re: Cisco VPLS (BGP) and MTU

Currently there is no way to do that. Is there any particular reason why you need this feature?
by Mplsguy
Wed Jun 03, 2009 10:44 am
Forum: Forwarding Protocols
Topic: MPLS MTU
Replies: 17
Views: 12985

Re: MPLS MTU

Yes, I can confirm this - this is a problem in nstreme2 interface MTU handling. Going to be fixed in one of the next releases.
by Mplsguy
Tue Jun 02, 2009 10:40 pm
Forum: Forwarding Protocols
Topic: MPLS MTU
Replies: 17
Views: 12985

Re: MPLS MTU

You can expect multiple MTU related improvements and fixes in one of future releases. Bridge interface MTU applies only to packets that are sent over bridge interface (routed over it). Normally you do not want to change that. All that currently affects max size of bridged packets is /interface MTU o...
by Mplsguy
Wed May 27, 2009 9:39 am
Forum: Forwarding Protocols
Topic: MPLS Basic Compatibility Question
Replies: 1
Views: 955

Re: MPLS Basic Compatibility Question

It depends on what MPLS features and applications are used. Compatibility with cisco routers gets improved all the time, so eventually you should be able to replace.
by Mplsguy
Tue May 26, 2009 11:14 pm
Forum: Forwarding Protocols
Topic: MPLS MTU
Replies: 17
Views: 12985

Re: MPLS MTU

The MTU for each interface is in effect when non-mpls packets are received on an interface, and the MPLS MTU is used for MPLS packets, correct? The MTU is actually about transmitting packets over interface. "/interface" MTU is for layer 3 (IP) packets - IP protocol will not send IP packets larger t...
by Mplsguy
Tue May 26, 2009 4:25 pm
Forum: Forwarding Protocols
Topic: MPLS MTU
Replies: 17
Views: 12985

Re: MPLS MTU

Will setting the MPLS MTU under MPLS Interface override the MTU settings under the general tab (winbox) for the individual interfaces? They do not override each other - these are different settings and each is used for different purposes. In order to control the size of MPLS frame you only have to ...
by Mplsguy
Mon May 18, 2009 10:01 am
Forum: Forwarding Protocols
Topic: MPLS/VPLS testing
Replies: 14
Views: 7029

Re: MPLS/VPLS testing

The short answer is - yes. There are multiple methods on how to implement point-to-point pseudowires (and VPLS as well). RouterOS implementation has been tested with catalyst 6500 (using RFC 4447 type 0x80 FEC). In routeros you have to add static vpls interface and specify "cisco-style=yes" and also...
by Mplsguy
Tue May 05, 2009 9:15 pm
Forum: Forwarding Protocols
Topic: vpls problem
Replies: 4
Views: 2998

Re: vpls problem

You should post your routes and LDP bindings for both B&A - most likely routing in the non-working direction is set up differently - e.g. B can only reach A over default route and you are not distributing bindings for that, or something else with route from B to A.
by Mplsguy
Tue May 05, 2009 4:47 pm
Forum: Forwarding Protocols
Topic: MPLS dont work with vlan
Replies: 9
Views: 5407

Re: MPLS dont work with vlan

The only thing you have to change is /mpls interface mtu (in your case - most likely to 1504, if you are not using also VLANs). VPLS will fragment packets according to it.
by Mplsguy
Thu Apr 30, 2009 11:24 am
Forum: Forwarding Protocols
Topic: MPLS ospf on VPLS link
Replies: 2
Views: 1889

Re: MPLS ospf on VPLS link

Most likely this happens because adding VPLS interface to OSPF makes it shortest path (just one hop) to remote endpoint - therefore VPLS tunnel sends data over itself, you can confirm this by monitoring route changes. TE tunnel works because VPLS tunnel prefers TE tunnel path over path according to ...
by Mplsguy
Wed Apr 15, 2009 3:22 pm
Forum: Forwarding Protocols
Topic: MPLS dont work with vlan
Replies: 9
Views: 5407

Re: MPLS dont work with vlan

Make sure that your setup fits in MTU limits of your hardware, see http://wiki.mikrotik.com/wiki/Maximum_Transmission_Unit_on_RouterBoards Default mpls-mtu is 1508, also for VLAN interface. If packet gets labelled with 1 MPLS label and 1 VLAN tag, your hardware (routers and switches) must be able to...
by Mplsguy
Mon Mar 23, 2009 6:18 pm
Forum: Forwarding Protocols
Topic: from routed bgp network and eoip to mpls/vpls
Replies: 6
Views: 2183

Re: from routed bgp network and eoip to mpls/vpls

If you use eBGP as IGP protocol (meaning - you run it on all routers in network and do not have any other IGP protocol operating), you will not have any benefits from enabling MPLS due to how BGP learned routes are handled: 1) LDP router does not distribute labels for BGP learned routes 2) for BGP r...
by Mplsguy
Mon Mar 23, 2009 10:47 am
Forum: Forwarding Protocols
Topic: from routed bgp network and eoip to mpls/vpls
Replies: 6
Views: 2183

Re: from routed bgp network and eoip to mpls/vpls

What do you mean by "LDP does not work through it"? LDP is completely separate protocol and although it is pretty common to use IGP routing protocols in MPLS network, it is not a requirement, you can even run LDP in statically routed network. I do not understand exactly how you use eBGP in your netw...
by Mplsguy
Fri Mar 20, 2009 3:42 pm
Forum: Forwarding Protocols
Topic: Can't get connected routes into ospf on a VRF
Replies: 5
Views: 2824

Re: Can't get connected routes into ospf on a VRF

The problem here is that route on edge1: 0 ADC dst-address=10.10.1.0/29 pref-src=10.10.1.2 gateway=ether2.500 distance=0 scope=10 routing-mark=customer1 becomes: 0 ADb dst-address=10.10.1.0/32 gateway=198.18.255.2 recursive via 198.18.10.5 ether1 distance=200 scope=40 target-scope=30 routing-mark=cu...
by Mplsguy
Fri Mar 20, 2009 1:45 pm
Forum: Forwarding Protocols
Topic: Can't get connected routes into ospf on a VRF
Replies: 5
Views: 2824

Re: Can't get connected routes into ospf on a VRF

Please post also your routing table and bgp instance configuration. Most likely this is because you have not configured your BGP instance to redistribute-connected. In RouterOS when BGP distributes OSPF routes, local connected route, although redistributed by OSPF, is not considered OSPF route.
by Mplsguy
Tue Mar 17, 2009 8:35 pm
Forum: Forwarding Protocols
Topic: Problem with PPPoE over VPLS
Replies: 10
Views: 4030

Re: Problem with PPPoE over VPLS

Do you mean with "bridge between RB's" that router B in your setup is bridge (not MPLS switching router)? Please post for _all_ involved routers output of:
/ip address print
/ip route print
/mpls ldp interface print
/mpls ldp neighbor print
/mpls local-binding print
/mpls remote-binding print
by Mplsguy
Tue Mar 17, 2009 6:14 pm
Forum: Forwarding Protocols
Topic: Problem with PPPoE over VPLS
Replies: 10
Views: 4030

Re: Problem with PPPoE over VPLS

what is the output of: /tool traceroute 172.20.5.100 src-address=172.17.100.1 when run on 172.17.100.1? and /tool traceroute 172.17.100.1 src-address=172.20.5.100 when run on 172.20.5.100 Do you get IP connectivity over VPLS tunnel when you configure IP address for the bridges that VPLS tunnels are ...
by Mplsguy
Tue Mar 17, 2009 5:09 pm
Forum: Forwarding Protocols
Topic: Problem with PPPoE over VPLS
Replies: 10
Views: 4030

Re: Problem with PPPoE over VPLS

dingsingo, describe your network diagram and exact configuration - the information you provided is not enough to diagnose the problem. - Are you using LDP? - Are labels properly distributed for routes? - Is there MPLS end-to-end connectivity between VPLS tunnel endpoints? - Assuming you use static V...
by Mplsguy
Wed Mar 11, 2009 6:47 pm
Forum: Forwarding Protocols
Topic: MPLS - problem with multiple TE tunnels
Replies: 1
Views: 1130

Re: MPLS - problem with multiple TE tunnels

Most likely this is caused by bug in how CSPF interprets remaining bandwidth values in OSPF TE LSAs. This is going to be fixed in next version. Thanks for your report anyway.
by Mplsguy
Mon Mar 09, 2009 7:36 pm
Forum: Forwarding Protocols
Topic: MPLS (LDP) and Juniper interoperability failure
Replies: 8
Views: 3566

Re: MPLS (LDP) and Juniper interoperability failure

This problem is caused by RouterOS not supporting LDP graceful restart feature and improperly refusing to complete LDP session initialization with Juniper router reporting this feature. This problem will be fixed in next release of mpls-test. LDP graceful restart feature is on MPLS todo list.
by Mplsguy
Fri Mar 06, 2009 3:52 pm
Forum: Forwarding Protocols
Topic: MPLS (LDP) and Juniper interoperability failure
Replies: 8
Views: 3566

Re: MPLS (LDP) and Juniper interoperability failure

bofh,
It would be great if you could capture adjacency establishment packet exchange and send to support@mikrotik.com.
by Mplsguy
Thu Mar 05, 2009 10:46 pm
Forum: Forwarding Protocols
Topic: VPLS (MK.3.20) and RB433 freezing router!
Replies: 7
Views: 3191

Re: VPLS (MK.3.20) and RB433 freezing router!

anybody help here?
it's only my problem, or anybody have this problem with ROS 3.18+
This is known (old) problem. Make sure you use latest routing-test & mpls-test.
by Mplsguy
Thu Mar 05, 2009 4:52 pm
Forum: Forwarding Protocols
Topic: MPLS - problem with bandwidth reservation in TE tunnel
Replies: 8
Views: 3644

Re: MPLS - problem with bandwidth reservation in TE tunnel

So with TE tunnels I can control bandwidth reservation when more tunnels are sharing some links, but the effective traffic shaping must be done within the nodes. Is that right? TE makes sure that over any link you do not setup tunnels such that their total bandwidth (configured) exceeds link bandwi...
by Mplsguy
Tue Mar 03, 2009 6:24 pm
Forum: Forwarding Protocols
Topic: MPLS - problem with bandwidth reservation in TE tunnel
Replies: 8
Views: 3644

Re: MPLS - problem with bandwidth reservation in TE tunnel

Luca, bandwidth settings are used purely as path setup constraints - TE tunnels do not limit traffic to the specified bandwidth. It is responsibility of administrator to apply any limitations on traffic flow at ingress point, if necessary. From http://wiki.mikrotik.com/wiki/MPLS_TE_Tunnels: Note tha...
by Mplsguy
Thu Feb 05, 2009 10:34 pm
Forum: General
Topic: How to stop MAC Cloning
Replies: 15
Views: 9587

Re: How to stop MAC Cloning

If all your client devices are running RouterOS, you can use management frame protection available in wireless-test:
http://wiki.mikrotik.com/wiki/Wireless_ ... protection

Or you can use WPA and assign different preshared key for every customer.
by Mplsguy
Sun Feb 01, 2009 6:21 pm
Forum: Wireless Networking
Topic: so where is the problem with Nstreme
Replies: 2
Views: 621

Re: so where is the problem with Nstreme

You can not establish nstreme AP-to-AP links, you have to use station-wds on one side in order to do WDS in nstreme network.
by Mplsguy
Fri Jan 30, 2009 8:07 pm
Forum: General
Topic: Bridging question...
Replies: 9
Views: 864

Re: Bridging question...

Just take into account that station-pseudobridge will work for you only as long as you use IP protocol. As soon as you will start using e.g. PPPoE it will not work, because station-pseudobridge can only bridge non-IP traffic from only one mac address (only one of your clients). The proper setup woul...
by Mplsguy
Fri Jan 30, 2009 6:55 pm
Forum: Wireless Networking
Topic: unstable ping with nstream
Replies: 27
Views: 6996

Re: unstable ping with nstream

ropebih, you should try with latest wireless-test package as that includes improvements discussed here: http://forum.mikrotik.com/viewtopic.php?f=7&t=27302 this could help latency issue. Anyway you should be ready for latencies higher than with regular non-nstreme mode and potential jitter. Causes f...
by Mplsguy
Fri Jan 30, 2009 5:10 pm
Forum: Wireless Networking
Topic: OSPF Changing states: Full to Down..why?
Replies: 5
Views: 1888

Re: OSPF Changing states: Full to Down..why?

One potential issue that may affect OSPF in noisy point-to-multipoint environments is the way multicasts are transmitted (OSPF hellos in this case) - when AP transmits multicast (or broadcast), it is transmitted as radio multicast without retries - if that single transmission attempt is lost, frame ...
by Mplsguy
Mon Jan 19, 2009 7:37 pm
Forum: Forwarding Protocols
Topic: Mikrotik MPLS - achieving port density
Replies: 1
Views: 1031

Re: Mikrotik MPLS - achieving port density

Create appropriate VLAN interface on ethernet interface where your trunk port is connected and bridge it with appropriate VPLS interface - in general the same as in wiki VPLS examples, just instead of ether used as CE-PE link, use VLAN.
by Mplsguy
Mon Jan 19, 2009 5:13 pm
Forum: General
Topic: How to monitor through api?
Replies: 2
Views: 879

Re: How to monitor through api?

You sure can do frequency-monitor and scan from API. API "commands" are based on console commands, e.g. "frequency-monitor" does not have "once" parameter, therefore you have to start it and stop it over API: <<< /interface/wireless/print <<< >>> !re >>> =.id=*3 >>> =comment= >>> =name=wlan1 >>> =mt...
by Mplsguy
Fri Jan 16, 2009 9:56 pm
Forum: General
Topic: 3.18 and BGP w/ full routing tables
Replies: 10
Views: 1521

Re: 3.18 and BGP w/ full routing tables

You only need conntrack if you wish to use any of functions that require it - NAT, matching according to connection state, and such. In the rest of cases you do not need conntrack and can disable it e.g. for performance reasons, this will not cause fragmented packets to get dropped.
by Mplsguy
Wed Jan 07, 2009 11:40 pm
Forum: General
Topic: Mikrotik MPLS Issue
Replies: 18
Views: 2388

Re: Mikrotik MPLS Issue

Hammy, it is highly possible that your problem is caused by some link in your setup not supporting the MPLS MTU that is configured (default value is 1508), can you elaborate on what type of hardware you have in path between host connecting with winbox and router? You notice this with winbox because ...
by Mplsguy
Tue Jan 06, 2009 11:15 pm
Forum: Wireless Networking
Topic: Something not right with DEFAULT FORWARD in wireless AP
Replies: 5
Views: 1794

Re: Something not right with DEFAULT FORWARD in wireless AP

Is it then safe to assume that there is no technical difference between selecting default forward on or off if using wds/bridge for interfaces? Not sure of one is slightly more efficient than the other depending on the internal path difference of the packets within MT. I've seen no difference from ...
by Mplsguy
Thu Dec 25, 2008 11:00 pm
Forum: General
Topic: Simple Queue with Parent / Priority question.
Replies: 11
Views: 18569

Re: Simple Queue with Parent / Priority question.

I'm not sure I understand your question completely, perhaps you could explain it with an example. In general - if your parent class is not limited, it will behave as if it was limited to full link bandwidth (because of hardware flow control - underlying network hardware will simply not take from que...
by Mplsguy
Thu Dec 25, 2008 3:53 pm
Forum: General
Topic: CPE as gateway not routing out
Replies: 2
Views: 487

Re: CPE as gateway not routing out

The "problem" you describe is actually not a problem, but the way 802.11 devices work - CPE can only send out data with its own source mac address, therefore simple bridging at CPE will not work - sending packet out CPE wireless interface will overwrite original source mac address. There are multipl...
by Mplsguy
Thu Dec 25, 2008 3:39 pm
Forum: General
Topic: Simple Queue with Parent / Priority question.
Replies: 11
Views: 18569

Re: Simple Queue with Parent / Priority question.

Order of queues applies only to process in which traffic is matched to be put in particular queue - so logically queue consists of 2 parts - "matching" part - this is where order matters, and "scheduling" part that specifies how traffic will be scheduled for transmission from queue. Priority (as wel...
by Mplsguy
Wed Dec 24, 2008 12:14 am
Forum: General
Topic: Diference between wds slave and station wds?
Replies: 6
Views: 8628

Re: Diference between wds slave and station wds?

nightstar, if sole purpose of WDS link is connecting to remote AP, it is more efficient to use station-wds, e.g. because it does not send out beacon frames like any AP mode interface does. Use wds-slave only when you also require AP functionality for interface that will be forming WDS link. As far a...
by Mplsguy
Tue Dec 23, 2008 11:58 pm
Forum: General
Topic: Is it possible by using MPLS or EoIP???
Replies: 2
Views: 602

Re: Is it possible by using MPLS or EoIP???

The short answer is - yes, it is possible, using either technology. And probably in some other ways as well, e.g. simply by using bridging.
by Mplsguy
Thu Dec 18, 2008 10:57 pm
Forum: General
Topic: Mikrotik MPLS Issue
Replies: 18
Views: 2388

Re: Mikrotik MPLS Issue

What version and what packages are you using?
by Mplsguy
Thu Dec 18, 2008 8:54 pm
Forum: General
Topic: Mikrotik MPLS Issue
Replies: 18
Views: 2388

Re: Mikrotik MPLS Issue

Hammy, MPLS as such does not directly affect any application - be it winbox, telnet or anything else. The information you have provided about your network is not enough to figure out where the problem could be - you should start by figuring out if winbox connection gets to the router, whether respon...
by Mplsguy
Mon Dec 15, 2008 4:19 pm
Forum: General
Topic: MPLS and 1500 byte packets.
Replies: 21
Views: 2828

Re: MPLS and 1500 byte packets.

Issue has been identified (and hopefully fixed) with 2 or more links between the same LDP neighbors. mpls-test packages for 3.17 are available for download from location normis posted (use updated routing-test as well).
by Mplsguy
Fri Dec 12, 2008 4:56 pm
Forum: General
Topic: MPLS and 1500 byte packets.
Replies: 21
Views: 2828

Re: MPLS and 1500 byte packets.

zaltec, it would be great if you could send similar report as previous one to support when using these packages.
by Mplsguy
Thu Dec 11, 2008 5:07 pm
Forum: General
Topic: MPLS and 1500 byte packets.
Replies: 21
Views: 2828

Re: MPLS and 1500 byte packets.

zaltec, thank you for your detailed report, it was very helpful - some problems have been identified in OSPF and MPLS. Please remember that most up to date MPLS implementation is available in mpls-test and routing-test, therefore you should always be using these packages (actually "regular" mpls pac...
by Mplsguy
Mon Dec 08, 2008 5:53 pm
Forum: General
Topic: MPLS and 1500 byte packets.
Replies: 21
Views: 2828

Re: MPLS and 1500 byte packets.

zaltec, please send supout files that are made when you experience any problems (e.g. 100% cpu usage, no traffic passing) to support.
by Mplsguy
Mon Dec 08, 2008 5:40 pm
Forum: General
Topic: RouterOS v3.17, v4.0beta1, The Dude v3 released
Replies: 57
Views: 14760

Re: RouterOS v3.17, v4.0beta1, The Dude v3 released

correction, i was not aware that the propagate-ttl=no is nogotiated from the ingress router downstream to all LSR's in the LSP. Actually propagate-ttl is not negotiated in any way - to have consistent behaviour across your network you have to set it up the same on all routers in MPLS cloud. At leas...
by Mplsguy
Thu Dec 04, 2008 10:26 am
Forum: Wireless Networking
Topic: Force association by MAC address
Replies: 3
Views: 822

Re: Force association by MAC address

You should: /interface wireless set wlan1 mode=station default-authentication=no disabled=no /interface wireless connect-list add interface=wlan1 connect=yes mac-address=<mac_of_AP> If this does not work, enable wireless,debug logs (both on AP and client) and see what is the reason of not connecting.
by Mplsguy
Sat Nov 29, 2008 7:20 pm
Forum: Wireless Networking
Topic: Force association by MAC address
Replies: 3
Views: 822

Re: Force association by MAC address

You should use connect-list for that.
by Mplsguy
Sat Nov 29, 2008 1:16 pm
Forum: Wireless Networking
Topic: WMM, how to use?
Replies: 1
Views: 1453

Re: WMM, how to use?

You can start here: http://en.wikipedia.org/wiki/Wireless_Multimedia_Extensions http://wiki.mikrotik.com/wiki/WMM In order to have WMM "do something", you have to: 1. configure it such that WMM enabled interface can divide traffic in classes (set priority). 2. have support for WMM in clients - if yo...
by Mplsguy
Wed Nov 26, 2008 7:38 pm
Forum: General
Topic: MPLS and 1500 byte packets.
Replies: 21
Views: 2828

Re: MPLS and 1500 byte packets.

zaltec, when you say you can crash router with large ICMP packets do you mean fragmented (sender has MTU of e.g. 1500 and framents big ping in 2 or more packets) or in one piece (you have changed MTU on sender to be above 1500)? And which ethernet card/routerboard did you observe this on? As to issu...
by Mplsguy
Tue Nov 25, 2008 6:47 pm
Forum: General
Topic: MPLS and 1500 byte packets.
Replies: 21
Views: 2828

Re: MPLS and 1500 byte packets.

Please send supout.rif files from routers where you experience instability (made during instability or e.g. after unexpected reboots) to support to help track problems down faster. When configuring MPLS, there is no need to change interface MTU, because interface MTU only specifies max size of Layer...
by Mplsguy
Thu Nov 20, 2008 7:48 pm
Forum: Wireless Networking
Topic: Something is changed from 2.950 to 3.15 - bridge setup
Replies: 1
Views: 671

Re: Something is changed from 2.950 to 3.15 - bridge setup

It is wrong to put station mode wireless interface in bridge (station interface will never send out data with source mac address that differs from its own). Most likely your 2.9 setup "worked" because bridge was using mac address of wlan1 as its mac address (unless specified otherwise, bridge uses m...
by Mplsguy
Mon Nov 17, 2008 2:41 pm
Forum: General
Topic: Routing priority
Replies: 25
Views: 7387

Re: Routing priority

Please explain the problem some more - what exactly do you want to achieve, current network diagram, where users are connected, where is NAT taking place.
by Mplsguy
Fri Nov 14, 2008 4:36 pm
Forum: Wireless Networking
Topic: 3 AP´s one Net
Replies: 8
Views: 1058

Re: 3 AP´s one Net

Unluckily this will not help, because this way problem will only be moved from switch to that new routerboard, as it will behave exactly the same way as switch.
by Mplsguy
Fri Nov 14, 2008 4:22 pm
Forum: General
Topic: Routing priority
Replies: 25
Views: 7387

Re: Routing priority

Even if you could create such route your setup would not work anyway, because traffic coming back from squid box (it would have destination address of client if I understand you correctly) would be routed back to squid box due to that "high priority" route. I guess you can try to make this setup lik...
by Mplsguy
Wed Nov 12, 2008 2:49 pm
Forum: Wireless Networking
Topic: 3 AP´s one Net
Replies: 8
Views: 1058

Re: 3 AP´s one Net

Yes, you can connect APs over wireless with WDS, but take into account that e.g. when sending frame from switch to client that is connected to AP3 (in setup switch-AP1-AP2-AP3) it will be sent over the same wireless channel 3 times and therefore max throughput will be 3 times lower. If that is fine,...
by Mplsguy
Wed Nov 12, 2008 11:12 am
Forum: Wireless Networking
Topic: 3 AP´s one Net
Replies: 8
Views: 1058

Re: 3 AP´s one Net

There are several solutions that might help, but each comes with its drawbacks so you should seriously consider if its worth it - wether ability to ping client really matters, because as soon as client will start using network everything will work as expected. 1. When client roams (pings start faili...
by Mplsguy
Tue Nov 11, 2008 9:09 pm
Forum: Wireless Networking
Topic: 3 AP´s one Net
Replies: 8
Views: 1058

Re: 3 AP´s one Net

I do not think WDS is the way to go in your case, because WDS is a way how to wirelessly connect one AP with another, but this is not necessary in your case because all APs are connected over Ethernet. You should give more information about APs setup, but I assume that on APs ethernet interface is b...
by Mplsguy
Fri Nov 07, 2008 11:25 am
Forum: Wireless Networking
Topic: Max Station Count, NStream, and better uptimes
Replies: 14
Views: 8858

Re: Max Station Count, NStream, and better uptimes

ForePoint, I did read the posts. And yes - your guess is right - I do have "inside knowledge on the inner workings" and my comments are based exactly on that, unluckily I do not think "exactly how it works" is going to be disclosed. I am sorry if my comments make you feel your testing efforts are un...
by Mplsguy
Thu Nov 06, 2008 9:38 pm
Forum: General
Topic: MPLS how to make CoS with mikrotik?
Replies: 2
Views: 1053

Re: MPLS how to make CoS with mikrotik?

Please explain what exactly do you mean by "use Class of Service". If you wonder how RouterOS MPLS implementation carries/handles priority info in MPLS frames, see: http://wiki.mikrotik.com/wiki/EXP_bit_behaviour This priority information can then be used by WMM when MPLS packets are switched over W...
by Mplsguy
Wed Nov 05, 2008 4:57 pm
Forum: Wireless Networking
Topic: Max Station Count, NStream, and better uptimes
Replies: 14
Views: 8858

Re: Max Station Count, NStream, and better uptimes

ForePoint, like I said - max-station-count really only limits number of clients that can register. If in your setup this limit is not reached, there definitely is something else that causes this. You can test it by simply disabling/enabling wireless interface - this would effectively be the same as ...
by Mplsguy
Wed Nov 05, 2008 12:32 pm
Forum: General
Topic: MPLS and VPLS with Traffic Engineering Lab Setup
Replies: 19
Views: 7773

Re: MPLS and VPLS with Traffic Engineering Lab Setup

gustkiller, as TE tunnels are interfaces, you can forward traffic onto them using routing (or policy routing). For this you will have to add IP address to head end of tunnel (just to enable it to be used for IP routing) and then use "gateway=<TE tunnel>" setting for route.
by Mplsguy
Wed Nov 05, 2008 12:24 pm
Forum: General
Topic: MPLS - how to hide mpls cloud hops
Replies: 10
Views: 4151

Re: MPLS - how to hide mpls cloud hops

gustkiller, I do not fully understand your problem. Are you saying that you get inconsistent traceroute results? If you are tracerouting from device connected to ingress LSR (and this device is not connected to interface forming MPLS cloud) like this: device -- R1 -- R2 -- R3 -- R4 -- R5 I can not t...
by Mplsguy
Tue Nov 04, 2008 5:07 pm
Forum: General
Topic: MPLS - how to hide mpls cloud hops
Replies: 10
Views: 4151

Re: MPLS - how to hide mpls cloud hops

gustkiller, you are right - currently there is no way to achieve this with RouterOS MPLS. If you feel this feature is important for you, submit a feature request. As to incrementing TTL before entering your MPLS cloud - always be very carefull when increasing TTL so that routing loop (even transient...
by Mplsguy
Fri Oct 31, 2008 6:29 pm
Forum: Wireless Networking
Topic: Max Station Count, NStream, and better uptimes
Replies: 14
Views: 8858

Re: Max Station Count, NStream, and better uptimes

ForePoint, max-station-count affects only amount of clients that are allowed to register, nothing more. So probably differences you have observed are caused by something else - number of clients registered at the moment you "tested" latency or what they were doing at that time as it all can affect l...
by Mplsguy
Fri Oct 24, 2008 8:59 am
Forum: General
Topic: Virtualization RouterOs
Replies: 50
Views: 5071

Re: Virtualization RouterOs

HellMInd, Provided that you have properly configured host part of interface (configured host in a way that guest should have network interface - this is described step-by-step in wiki virtualization page), you should look for solution in CentOS (make sure it detects new device/loads appropriate driv...
by Mplsguy
Thu Oct 23, 2008 11:58 pm
Forum: Wireless Networking
Topic: Nstreme test package
Replies: 119
Views: 33388

Re: Nstreme test package

Polling algorithm has been adjusted to be more suitable for large numbers of clients and for most common traffic patterns (bursty traffic with rather low average rate). As polling is controlled entirely by AP and protocols are backwards compatible, only AP is required to be upgraded. There are two r...
by Mplsguy
Thu Oct 23, 2008 5:18 pm
Forum: General
Topic: Virtualization RouterOs
Replies: 50
Views: 5071

Re: Virtualization RouterOs

Of course this has been tried, see http://wiki.mikrotik.com/wiki/Virtualization#CentOS_5.1_Image http://wiki.mikrotik.com/wiki/Virtualization#Installing_CentOS_5.1 It even has link to ready made CentOS image. When network interface is configured for guest, CentOS quest finds (should find) it automat...
by Mplsguy
Mon Oct 20, 2008 10:59 am
Forum: General
Topic: Route mark query
Replies: 10
Views: 1550

Re: Route mark query

In general you are right - this behaviour for locally generated packets is discussed in other policy routing related topics, e.g. here:

http://forum.mikrotik.com/viewtopic.php?f=2&t=27151
by Mplsguy
Sun Oct 19, 2008 7:39 pm
Forum: General
Topic: Route mark query
Replies: 10
Views: 1550

Re: Route mark query

How are you checking if your policy routing works? If its only by pinging from router itself, then it might be because your output chain rules are incorrect: add action=mark-packet chain=output comment="" disabled=no new-packet-mark=\ "pm dsl4-out" packet-mark=in-dsl4 passthrough=yes add action=mark...
by Mplsguy
Wed Oct 15, 2008 5:25 pm
Forum: General
Topic: Port-protected in EoIP Bridge environment
Replies: 2
Views: 767

Re: Port-protected in EoIP Bridge environment

You can use bridge horizon feature to disable forwarding between bridge ports. See http://wiki.mikrotik.com/wiki/MPLSVPLS#Split_horizon_bridging No data is forwarded between bridge ports configured with the same horizon value. This can be used to break loops without using (R)STP (e.g. like in VPLS c...
by Mplsguy
Mon Oct 13, 2008 6:41 pm
Forum: General
Topic: Policy Routing + main routing table
Replies: 6
Views: 2126

Re: Policy Routing + main routing table

Hippo, Like I said - that second routing lookup happens only when something about packet changes that might affect its outgoing interface or gateway. For example - routing mark. This "second" routing lookup is the reason why your setup actually works correctly after adding default route to main tabl...
by Mplsguy
Mon Oct 13, 2008 4:02 pm
Forum: General
Topic: Policy Routing + main routing table
Replies: 6
Views: 2126

Re: Policy Routing + main routing table

Hippo, I did not say that marking is not working - it works, of course. In your example, before you add default route to "main" table, ping does not work because of the reason I mentioned - when ping packet is prepared, routing lookup is made to figure out a few things: whether there is route to des...
by Mplsguy
Fri Oct 10, 2008 10:28 pm
Forum: General
Topic: Policy Routing + main routing table
Replies: 6
Views: 2126

Re: Policy Routing + main routing table

As has been discussed in other VRF related topics, at the moment there are issues (consider them missing features) with originating traffic from vrf or with specific routing mark. See - in order for packet to get to output firewall chain where you mangle it, it at first must get routed (e.g. to sele...
by Mplsguy
Fri Oct 10, 2008 5:09 pm
Forum: General
Topic: vrf problems
Replies: 7
Views: 2807

Re: vrf problems

One another thing - if not done already, you should make sure that LSP to reach BGP next hop of VPNv4 route is established (either by LDP or RSVP-TE). Although R1 and R2 are directly attached, route on R1 to reach BGP next hop (R2's loopback interface address) is not directly connected (from R1's pe...
by Mplsguy
Fri Oct 10, 2008 4:37 pm
Forum: General
Topic: vrf problems
Replies: 7
Views: 2807

Re: vrf problems

Issue has been found with MPLS ingress for VPNv4 routes that may also affect your setup. In case you are willing to get your setup up and running before 3.15 version is released I suggest you contact support and ask for updated mpls-test package (specify architecture you are using).
by Mplsguy
Thu Oct 02, 2008 11:42 pm
Forum: General
Topic: MPLS and VPLS with Traffic Engineering Lab Setup
Replies: 19
Views: 7773

Re: MPLS and VPLS with Traffic Engineering Lab Setup

As to the addresses in wiki examples - yes, those are provided just as an example, the particular addresses used do not have any meaning, the only intention is so that it is easier to distinguish the networks and to make it easier to relate console printouts to network diagram. Of course, the same s...
by Mplsguy
Fri Sep 19, 2008 7:29 pm
Forum: General
Topic: Seperating EOip Layer 2 on a bridge
Replies: 6
Views: 1620

Re: Seperating EOip Layer 2 on a bridge

Or you can use bridge horizon feature. Configure all EoIP bridge ports with the same horizon value and data received from one will not get forwarded to another. This feature was primarily implemented to support VPLS split horizon bridging, but can also be used in other situations where more control ...
by Mplsguy
Thu Sep 18, 2008 4:11 pm
Forum: General
Topic: MPLS and VPLS with Traffic Engineering Lab Setup
Replies: 19
Views: 7773

Re: MPLS and VPLS with Traffic Engineering Lab Setup

Fast reroute (remember that RouterOS does not implement this yet) should forward traffic over backup tunnel in milliseconds, not seconds or minutes. Also take into account that fast reroute is not re-establishing existing tunnels - you have to set up backup tunnels around "vulnerable" links or nodes...
by Mplsguy
Wed Sep 17, 2008 8:05 pm
Forum: General
Topic: MPLS and VPLS with Traffic Engineering Lab Setup
Replies: 19
Views: 7773

Re: MPLS and VPLS with Traffic Engineering Lab Setup

You should take into account that TE tunnels themselves do not limit/manage traffic. The "bandwidth" that is specified for TE tunnel is more like administrative value, it affects if bandwidth reservation on some router can be done or not. If some TE tunnel has reserved bandwidth 10Mbps, routers alon...
by Mplsguy
Wed Sep 17, 2008 12:35 pm
Forum: General
Topic: MPLS and VPLS with Traffic Engineering Lab Setup
Replies: 19
Views: 7773

Re: MPLS and VPLS with Traffic Engineering Lab Setup

Simple setup along with commands necessary to configure routers is described here: http://wiki.mikrotik.com/wiki/MPLS_TE_Tunnels Yes, you are right, TE tunnels are independent of VPLS. Just like LDP based label distribution, all TE tunnels do is - establish label switched path. LDP establishes LSP f...
by Mplsguy
Fri Sep 05, 2008 11:17 pm
Forum: General
Topic: multicast routing
Replies: 65
Views: 27711

Re: multicast routing

Multicast (and broadcast) over wireless works over wireless depending on who is transmitting multicast packet: If AP transmits multicast packet, packet is transmitted over air with multicast receiver address (and yes - only single copy of packet is transmitted no matter how many clients are register...
by Mplsguy
Tue Aug 19, 2008 7:10 pm
Forum: General
Topic: MPLS - any benefits for this setup?
Replies: 4
Views: 1368

Re: MPLS - any benefits for this setup?

Like others have suggested, benefits of using some MPLS technology are questionable for such a simple network. In given network there is actually no device that would do the "switching" and therefore make use of switching performance. Other than that - e.g. VPLS as MPLS based technology could be use...
by Mplsguy
Tue Aug 19, 2008 6:50 pm
Forum: General
Topic: New MPLS and Routing packages
Replies: 16
Views: 6185

Re: New MPLS and Routing packages

Depends on what you mean by "use MPLS QoS", but most likely answer is - yes. See http://wiki.mikrotik.com/wiki/EXP_bit_behaviour and http://wiki.mikrotik.com/wiki/WMM If packet is MPLS switched over WMM enabled link - either by "normal" hop or penultimate hop, WMM access category will be chosen base...
by Mplsguy
Fri Jul 11, 2008 3:08 pm
Forum: General
Topic: vrf problems
Replies: 7
Views: 2807

Re: vrf problems

Unluckily at the moment problem of routeros not being able to originate packets from VRF (route using vrf routing table) applies also to e.g. ping response that PE must generate in response to CE request. Therefore it really currently makes CE-PE communication impossible. Still - it does not affect ...
by Mplsguy
Thu Jul 10, 2008 10:53 pm
Forum: General
Topic: vrf problems
Replies: 7
Views: 2807

Re: vrf problems

Perhaps I did not understand you correctly (it would help if you posted your setup description/diagram and current configuration for both - Cisco and RouterOS), but currently there is no way in RouterOS how to ping from routeros host 'inside' vrf. Ping (traceroute as well) uses only main routing tab...
by Mplsguy
Wed Jul 09, 2008 11:26 am
Forum: General
Topic: MPLS/VPLS and rate limiting
Replies: 8
Views: 3652

Re: MPLS/VPLS and rate limiting

Config looks correct, I suppose you should confirm that you still have this problem with latest version and then cotact support with supout file.
by Mplsguy
Wed Jul 09, 2008 10:34 am
Forum: General
Topic: MPLS/VPLS and rate limiting
Replies: 8
Views: 3652

Re: MPLS/VPLS and rate limiting

The most important is how your queue config looks (post '/queue tree print').
by Mplsguy
Wed Jul 09, 2008 10:31 am
Forum: General
Topic: virtualization
Replies: 60
Views: 21969

Re: virtualization

How much memory do you have in PC and how is guest VM configured? The most likely cause of such error is covered here:
http://wiki.mikrotik.com/wiki/Virtualiz ... t_RouterOS
by Mplsguy
Tue Jul 08, 2008 5:22 pm
Forum: General
Topic: MPLS/VPLS and rate limiting
Replies: 8
Views: 3652

Re: MPLS/VPLS and rate limiting

Here is working example: [admin@R1] > /interface vpls print Flags: X - disabled, D - dynamic, R - running, B - bgp-signaled 0 R name="vpls1" mtu=1500 mac-address=02:35:99:D7:83:C4 arp=enabled disable-running-check=no remote-peer=9.9.9.5 vpls-id=1:1 [admin@R1] > /interface bridge port print Flags: X ...
by Mplsguy
Tue Jul 08, 2008 12:20 pm
Forum: General
Topic: MPLS/VPLS and rate limiting
Replies: 8
Views: 3652

Re: MPLS/VPLS and rate limiting

How do you configure limiting queue? You have to use 'queue tree' if you want to limit traffic that does not pass IP firewall.
by Mplsguy
Thu Jun 12, 2008 6:05 pm
Forum: General
Topic: New MPLS and Routing packages
Replies: 16
Views: 6185

Re: New MPLS and Routing packages

It depends on system architecture - x86 does not support BGP in level 4, but RouterBoards do support. Wether BGP is allowed or not at any level, does not affect MPLS, but essentially you need level that supports BGP if your setup requires BGP (MPBGP).
by Mplsguy
Fri Jun 06, 2008 5:22 pm
Forum: General
Topic: rate limit mpls vpn
Replies: 2
Views: 1035

Re: rate limit mpls vpn

Assuming that you are bridging some ethernets with VPLS interfaces on VPLS "endpoint", you can set up bridge firewall to mark packets based on ethernet interface they arrived on and then make "queue tree" on interface over which they will leave router (e.g. your gigabit link).
by Mplsguy
Fri Jun 06, 2008 5:17 pm
Forum: General
Topic: New MPLS and Routing packages
Replies: 16
Views: 6185

Re: New MPLS and Routing packages

It depends on what protocol is used for label distribution. LDP distributes label for each active route except BGP routes, so - yes, it will also distribute labels for MME routes. This in turn enables routers to MPLS switch packets along routes established (learned) by MME. As to RSVP TE - only prot...