MikroTik

gmsmstr

We all sit and wait

hoping

gmsmstr

As always, great job guys.

gmsmstr

If the router is not configured correctly, yes, but it should NOT hit 100% CPU.

gmsmstr

So I have a device that is a layer2 packet analyses. The issue I have is I have a PAIR of 10gig interfaces that I need to loop though this unit. We have choose to use a CRS317 to do that, so ports 15/16 are plugged into the 10gig layer2 analyses box. The issue, is that I need to take a VLAN, say vla...

gmsmstr

Question, how many nat rules is too much for a CCR1072?

I currently have 20815 all CG nat rules?

gmsmstr

What I am unable to do is add a second VPC to my CHR. I want my CHR to handle the firewall and NAT for my servers, but it won't let me add another VPC.. ??

gmsmstr

A client has anywhere between 3-10 simple queue targets in each one, when i do a :foreach, i end up getting a array, i either need a way to convert the array to simple text (that would be the simplest) or a way to simply append a new prefix onto the existing target. I.e. just adding blocks and need ...

gmsmstr

So I have many dude versions installed, looks like now the rc19 version installed, when i run the dude even from a specific directory, it tries to start the dude server, but it keeps calling the dude vrc19 and it opens again and again. anyone else have this happen?

gmsmstr

I like torrents, don't use a script, would be nice to have a RSS feed for torrents then just point our torrent app and let it eat when a new version comes out. .BTW, looks like no full seeds for 6.31

gmsmstr

It would be nice if the wireless CPE would follow the AP.

I.e. you change the AP to 20/40 Ce, the CPE should follow, ??

gmsmstr

Android lolipop samsug note 3. 1.. When you scroll over in interfaces, to something like traffic, the menu bar does not follow, i.e. you see "General poe sfp" but you are viewing the traffic graph 2. traffi graphi looks good, tx/rx bytes should be translated to mbits etc. 3. opening bgp instance cra...

gmsmstr

With IPv4 addresses running out, here is something that we coould do to help with the existing Ipv4 addresses that we have. If we can identify via MAC things like Android phones, iphones ,and other devices that typically do not need a public, it would be nice to say, xyz MACs can get this IP pool, g...

gmsmstr

This should not be a problem. Caps man it, bring it all back, vlans, etc, no big deal! would be a fun project to work on! Let me know if you need a bit more professional consulting on it!

gmsmstr

Have an access point, netmetal running dual chains to 120 degree sector. /interface wireless set [ find default-name=wlan1 ] adaptive-noise-immunity=ap-and-client-mode band=5ghz-onlyn channel-width=20/40mhz-Ce default-forwarding=no disabled=no frequency=5265 ht-basic-mcs=\ mcs-0,mcs-1,mcs-2,mcs-3,mc...

gmsmstr

This week we will be talking about Credit Card Payments and HotSpot Systems with co-host Dennis Burgess and Host Steven Grabiel . 11am CST, 9am PST ! Don’t forgot you can download the previous episodes to put on your media player and listen while in your car free of charge by going to www.ispradio.c...

gmsmstr

Link Technologies, Inc. is looking for a few good engineers to add to our consulting group. If interested, review the PDF and send resume and salary requirements to jobs@linktechs.net

Consulting Network Engineer.pdf

gmsmstr

Anyone have issues with v6rc13 and large MTU i.e. the max MTU on CCR routers, birdged to a Ethernet OVPN tunnel?

I.e. does the tunnel already fragment those large frames?

gmsmstr

First screen shot of production v6

who hooooo

gmsmstr

Kinda interesting that they released this on Friday the 13th

gmsmstr

A small network when turning on MPLS Distribute Default Route, all traffic stops going in/out till the check is turned off. While off, outbound traffic does not use MPLS, and the edge router, even though MPLS has a forwarding database does not show any traffic going via MPLS.

gmsmstr

We are right in st Louis.. Www.linktechs.net.. We are on the consultants list..

gmsmstr

A large network that is running VPLS has been working quite well. We currently are not worried about packet fragmentation, however, we can not push the 1500 byte MTU packets though the VPLS in some instances. VPLS circuits are set to 1508 in MTU in case of VLAN information, the VPLS tunnels do come ...

gmsmstr

you can do that under TCP connections

gmsmstr

Use your mangle to set priority, that corresponds to the "ampdu". Don't check for latency sensitive applications, as it is possible it would create latency.

gmsmstr

How about updating the P-Throughput field to be more accurate and work in all wireless protocols. Then we should have this field update every x often (ability to set the x). Then have that as a $wlan1_pthoughput variable that changes. Then have the ability to set queue tree and simple queues with si...

gmsmstr

Maybe use supported x86 platform?

gmsmstr

Not free, but

http://www.wlan1.com/category_s/110.htm

gmsmstr

must have a public IP for one, also the link changed in v5 as well.

gmsmstr

WE have seen this on a number of boards in the newer v5 hardware. I would let it reboot and send a supout to MT.

gmsmstr

I believe this only applies to x86 systems.

gmsmstr

Export the configuration, clear the user manager, and then update. We have scripts running on very active systems that prevent the logs from filling the drive. we don't need that historical data. I would assume you can also send that data to a "syslog" server as well.

gmsmstr

Believe there is a dependency item that you could use.

gmsmstr

why would you want such as crappy OS on great hardware! RouterOS will do ANYTHING OpenWRT can do and about 1000 things more!

gmsmstr

Would assume you would just do it in the command line, by exporting data from one and importing it into the other. Don't know if the payment history and logs would carry over.

gmsmstr

based on my trials, they each IP, regardless of v6 or v4 will be treated the same.

gmsmstr

The simple answer is yes/yes. lol The RouterBOARD product family simply can't be beat for price/performance. If your needs are that where a RouterBOARD product will work perfectly, then you don't need to invest in a x86 box! However, once you go beyond their capabilities then you will need to go wit...

gmsmstr

We have customers running average of 1.2 - 1.5 gig of traffic running 3 full GigE BGP feeds running on a www.mikrotikrouter.com box. The v5 multi-core improvements have helped quite a bit as well!

gmsmstr

There are several options, I would recommend that you use something that is built and designed for MikroTik. There are a number of products out there, you can also look at www.mikrotikrouter.com. These units would come with RouterOS on them ready to run.

gmsmstr

This depends on your DSL Provider and the MTU they give you. Typically, 1420-1440 works well, but if it is a true bridge DSL then 1500 should be fine. If it is a PPPoE session it would make a difference as well.

gmsmstr

Of course you can shape it however you want with MT. Unlike the other boxes though you would need to build your own system, but that should work better for you as you can prioritize that as much as you wish or as little. You can also give bursting abilities if you wish . It may not work 100% like th...

gmsmstr

Will SEED as soon as I get a copy

GigE ready to go..

gmsmstr

My assumption is still a month or two out at the soonest. I may have a preview copy at the MUM in Budapest. But that would just be that. We currently do offer ibook and Kindle editions, they are both reduced from the list price so, might be a way to get started :) I also have put a call out for any ...

gmsmstr

tis coming

gmsmstr

You will have to redesign the login.html to include the signup links etc. That is a manual process, and is not integrated into the user manager system.

gmsmstr

In this case, we have a public subnet, some devices are out there on the subnet, but we want to show ALL ips as reachable with pings. I forgot about the ICMP options, in our case I did. add action=redirect chain=dstnat comment="" disabled=no dst-address=x.x.x.0/24 icmp-options=0:8 in-bridge-port=WAN...

gmsmstr

Just wondering if someone thought up a way to allow your Router to reply to ALL pings to a subnet routed to the router? tried to do some redirects and such, not much working..

gmsmstr

Don't see where that information is not covered in the existing version 1 of "Learn RouterOS".

gmsmstr

Yep, I am working on a Second Edition. I also wanted to note that there is a iBook and a Kindle version of Learn RouterOS now as well! http://www.amazon.com/Learn-RouterOS-ebook/dp/B003KGBMJO/ref=sr_1_2?ie=UTF8&m=AG56TWVU5XWC2&s=digital-text&qid=1294425953&sr=8-2 That would be the link for the amazo...

gmsmstr

We have a successfully had over 3500 concurrent Hotspot users on some of our systems. We have some hotspot systems that can process over 15,000 logins per week

gmsmstr

Sounds like your MetroE is hanging, is it burstable/ Could be IRQs on your dell as well.

gmsmstr

ya, it fits the needs.

gmsmstr

A few things. 1. I am seeing the L2TP problem on v4.13 as well. Basically it is what you descibe, you can winbox using policy based routing into that IP on the secondary routing table, but not L2TP. I have not been able to try v5rc3 yet, but will if the customer gives permission. So it may be fixed ...

gmsmstr

a few.. 2-3, depending on the amount of traffic.

gmsmstr

There are also other MikroTik based products available. They have a list on-line as well as you can google! Many people are purchasing PowerRouter 732s cause they are supported, tested, years of reliability, as well as are in-stock.

Just a FYI, there are other options.

gmsmstr

If you are interested in a stable platform that you don't have to worry about, hit http://www.mikrotkrouter.com. Plenty of options including SFP interfaces as well, and performance testing. Plus you can run v2-v5 on it, so you don't have to run bata software if you do not wish too.

gmsmstr

There is always options, currently you can hit http://www.mikrotikrouter.com for SFP options. . I believe RouterOS supports some DSL cards as well.

gmsmstr

There are already Made for MikroTik Products that have been running SFP interfaces for quite some time.

gmsmstr

Right next store. say hi!

gmsmstr

Just a FYI, heading out to the MUM training this week! I hope to see everyone there. I am looking to see if the hotel has a bar, if so, I will be down there this evening. Feel free to contact or watch this forum for updates on time etc.

Thanks

gmsmstr

Could be BUS limitations, or IRQ sharing. Just to name a few. I would recommend ensuing that the hardware is on the ACL and is supported with RouterOS.

gmsmstr

Simply bridge the Ethernet port that the pPPOe line is one, and the vlan you want it on. On the opposite end, you can do PPPoE clients on the VLANs.

gmsmstr

Simply backup the UM database, and pull it off your 450. Then upload to the new box and load it.

gmsmstr

Simply put, there is many other things that you have to look at vs, does RouterOS load on my x86 system. Check your bios settings, check to make sure your equipment has proper buss design etc. There are also a number of other x86 based solutions. I actually make one, http://www.mikrotikrouter.com. N...

gmsmstr

Do a netinstall or CD based installation, and then you should be good. If the drive is going bad, you can attempt to contact RouterOS, however, it will be quicker to just get another license.

gmsmstr

I know you are saying you can guarantee it, but again, there is more factors than # of users. Again, we have a 2282 running 15,000 users! Why, cause of the rest of the rules etc that they put into it. So # of users is really not a good "benchmark".

gmsmstr

You should be able to do a RB1100 or a PowerRouter 732 .. www.routerboard.com or www.mikrotikrouter.com

gmsmstr

What was the reason for changing this on x86? Just wondering.

gmsmstr

A Power Router 732 can handle 600 Meg of traffic, it depends on what you are DOING with that, witch will make the difference! DHCP, no prob, DNS, I would think a dedicated DNS server would be better than the simple caching system RouterOS has. Hotspot can take up some CPU, but most people don't know...

gmsmstr

www.wlan1.com has them.

gmsmstr

Guess I should chime in here. -- The PowerRouter 2282 has been tested with 100 meg circuit and 15,000 PPPoE users.. -- The PowerRouter 732 is NOT a 820 ONLY, we have had a number of people call in with 820s that have crashed. Just cause it may boot up on a 820, does not mean it will RUN on a 820. Th...

gmsmstr

Using the latest v5b4 packages .. WE have profiles for users to select. Then we have a Validity and a uptime limit in the limitations. If the profile has a limitation, what is the difference between the validity and uptime limit in this instance? Specifically, I want users time to start NOW, then se...

gmsmstr

There is the online manual, someone already pointed you to as well as on-line training at http://www.onlinemikrotiktrianing.com, and a boot at http://www.routerosbook.com as well.

gmsmstr

Now try with High power cards, such as XR2s

And as well R52N.. I think the results would be interesting to see.

We always sell 1 radio card in one board on the same freq, we typically don't have much issue with putting a 5 gig and 2.4 gig card in the same box though.

gmsmstr

sounds like configuration issues.

why are your src-nat dst port 8291 ?

gmsmstr

User manager with Auth.net works perfectly. http://www.linktechs.net and goto the billing solutions. You want a turn key solution, there ya go!

gmsmstr

Seeing you asked about a pre-package solution, www.linktechs.net has a PowerSpot 400 based on RouterOS 400 series hardware with everything you need to get started for a automated Hotspot solution.

gmsmstr

do not belive those boards will support the number of high-power radio cards you are using.

gmsmstr

The Router Type field is designed to be a "description" field that you can use. We use it for BHs and APs, etc, to identify them.

WE should have another updated version later today as well!

gmsmstr

We did update the version again, you can re-download it. Make sure to uninstall the previous and backup your routers as well. The updated version may work better for you now.

gmsmstr

In this case, the DNS was resolving, at least, I am using it to do setup on auth.net. Auth.net works fine, just not paypal.. Maybe paypal onl updates there DNS every so often?

gmsmstr

I am getting this error, when paypal tries to post back to user manager a payment. I have searched and did'ent find anything. If I am having this issue I am sure someone else will. Ensured that the public host is setup right, SSL is on, tried with and with Secured Response.

gmsmstr

Don't know what you mean by problems with current SMP support. Its not perfect, but with properly designed hardware you should not have any issues with multi-core.

gmsmstr

Can you have a OSPF network, with several routers sending the default routes, but have one primary default route running type 2, and the rest type1. So if the type 2 default route goes down, the network will use the type 1 default routes to route traffic out based on cost, but if that type 2 comes b...

gmsmstr

Don't see anything wrong with it. Guess it did some updates overnight though.

gmsmstr

PushScript v1 -- A FREE program provided by Link Technologies, Inc will be released this week. This application allows you to push a RSC or TXT script file out to many RouterOS devices quickly, and simply! Be sure to sign up on Link Techs mailing list to get the latest information on it! Visit http:...

gmsmstr

You can see our site at http://www.mikrotikrouter.com. We have thousands of installations all over the world doing everything from PPPoE servers, to BGP, and web caching. All based on RouterOS. Several distributors in the US, Europe, and Africa can assist getting your units. Fiber Interfaces are sup...

gmsmstr

You can make a export file to the CF card, think thats about it.

gmsmstr

There is a lot more too just sticking a 4 port NIC card in a PC to get actual throughputs. I have lots of customers call asking why their 4 port NIC in this nice Quad Core system don't give more then 40-50 meg throughput. There is buss limitations, there are irqs and interrupts etc. Making a system ...

gmsmstr

nope. only 532, 600 or 800 I belive.

gmsmstr

There is a supported hardware list. That includes Supported and Tested solutions. so you don't have to just hope, you can purchase a unit, pull it out of the box, plug it in the rack and start configuration. That it. We make some at http://www.mikrotikrouter.com, but it is also listed on the support...

gmsmstr

Maybe if everyone nicely posts what they were hoping for, Mikrotik can try and implement these in the next product. I was personally looking for that was not delivered: - Multi-Core PPC processor I would also like to see: - More professional case design, e.g. better fitting ports, consistent colour...

gmsmstr

same as 800

gmsmstr

You can also purchase supported and tested hardware at http://www.mikrotikrouter.com. Why mess with trying to get your own hardware to work right.

gmsmstr

You can also use supported and tested x86 hardware as well. www.mikrotikrouter.com is an example.

gmsmstr

There are fiber and multi-GigE Copper RouterOS options as well. www.mikrotikrouter.com.

gmsmstr

493AH then.

gmsmstr

750G at min, a 1000 may do as well, another option is http://www.mikrotikrouter.com. The 732 has 7 gigEs and can handle the traffic etc that you need.

gmsmstr

Two things you can do. One, use the print On Demand System here.

https://www.lulu.com/commerce/index.php ... nt=7505131

Or, you can just contact us directly at support@linktechs.net with your exact shipping information and we will get a quote for you for shipping via UPS directly to you

gmsmstr

I would send this to support@mikrotik.com..
I did give you the most common reasons though for it.

gmsmstr

RouteroS in V3 does not use SQUID if I am not mistaken. Course i have customers doing 3500 users with Proxying, but all one connection.

gmsmstr

Hence why you are seeing what you are seeing. has to be WDS. ONly way to properly bridge 802.11x

gmsmstr

You can do this, but not with the proxy system. You can send out specific IPs out specific public IPs, but again, you can't have Proxy enabled to do this.

gmsmstr

I would hardware switch them with a TAP or Mirror port for your monitoring. No CPU load then since you are not wishing to do much with the ROuterOS. It will just make it a managed switch then.

gmsmstr

Have you tried a *, don't think that will work either, think it has to be an exact match.

gmsmstr

Sounds like a firewall or NAT issue. There are a few changes, disable your firewall rules and double check your NAT if you are using that. I bet you will find something in there. Else a MT consultant should be able to help out.

gmsmstr

The type of traffic should not affect this, unless there is something wrong with DD-WRT. I would suggest dropping in a MT at the remote site and seeing if it does this too. I have extensive experience with this in business and corporate environments and I know it does work quite well. Without taking...

gmsmstr

Don't know what kind of "bridge" you are using. If its not a WDS bridge (the only way to properly bridge a wireless client in 802.11x), then you can see some sort of MAC NATing. If you are using MT, create a WDS bridge and that should fix the issue! This is discussed in the hotspot section of my book.

gmsmstr

The information I have is that the proxy system will only use the main routing table, so you can't split proxy traffic over a number of connections. You can split everything else though, and just let your port 80 stuff go out your primary connection.

gmsmstr

You need to make sure the IPs that you have forwarded go out the proper interface.

gmsmstr

What about connecdtions on a specific port ?

gmsmstr

Typically would be the IP needs to be on the VLAN interface as suggested.

gmsmstr

You may need to havfe a src-nat rule as well for traffic coming from that server to be natted out properly as the old IP. Use a "Private" IP to do the NATing too, this way, you can exclucde traffic going to your new PUblic IP that would be on the server as well.

gmsmstr

Other things to note is the connection rate. If the clients all are linked at 54meg then the max possible transmission on a single AP is around 7.5 meg. If clients are linked at lower rates, this will reduce your overall AP thoughput. Assuming that you have ALL of your clents at 54meg only, then fig...

gmsmstr

There are a numbger of ways of doing this, typically though, it would be routing issue, i.e. conect to both IPs, keep them alive, perfer one specific one. If that goes down, then it goes though the second. I have done a number of these setups, and I am sure someone on the MT consultant list can help...

gmsmstr

The end result is having a packet mark, however, marking your connection is less CPU intensive. The PROPER or perferred way is the do the connection mark then the packet mark. This does two things, provides a simpler faster way to mark packets once the connection is identified. Two, depending on the...

gmsmstr

Connection marks are MUCH more efficent, not to mention, they capture data both ways, not just to or from depending on the ports and/or in interfaces.

gmsmstr

These are commonly documented features of OSPF. It really depends on what kind of Default route you have !

gmsmstr

99% of the time this is a configuration issue. Could be the SIP helper service is on. Could be inbound NAT issues, could be lots of things. I would get a consultant to figure it out.

gmsmstr

If it gets a new IP every so often, you must use interface routing. On the other end, just point it to the static interface.

gmsmstr

If one IP phone is not working, then it may be the phone. Hit up http://www.mikrotik.com/consultants.html and I am sure one of those guys can help you troubleshoot.

gmsmstr

Using the out interface is fine. .

gmsmstr

The trial user feature is what you need. You may wish to run a script at midnight to clear out trial users vs using the trail reset feature. Any MT consulant should be able to do that without an issue. They are listed here at http://www.mikrotik.com/consultants.html

gmsmstr

ON non multi-cpu systems this is normal. After reboot the system rebuilds its cache from the disk contents. Don't konw if this cache goes into RAM (very well may) so its not stored, but larger the cache longer times!

gmsmstr

Eventually we want to do that, select the best path based on AS cost. Right now though, we are only running ospf between the two. ..

gmsmstr

I don't see them twice, even though they should be. The BGPlay, is kewl btw, but shows all traffic hopping off of provider B to provider A, and then a bunch of lines go away like prefixes or seomthing is not being annouced, what is happening. I also don't see them twice in the annoucments, remember ...

gmsmstr

Intresting action here.. Two ISPs , two MikroTik Routers. Each one is receving one providers full BGP tables. Both routers have 4 differant prefixes listed to advertise (all setup with NO for sync). This works fine, and if you reboot one MT, everything is fine, all traffic hops to second MT, great. ...

gmsmstr

Certification really don't make it solid. Only testing, knowledgable Mikoritk Engineers, and acutal production usage. WE have been developing on the PowerRouter 732 platform for almost 4 years now! People ask why don't you put a newer processor than a 3.0 gig Dual Core, simple, reliability, the syst...

gmsmstr

There CF and SSD drives stink! MT does not like them for any reason it seams. and Cisco CF cards, WATCH OUT!!

gmsmstr

We have quite a few PowerRouter 732s running 10k users+ in user manager!

gmsmstr

I can say trenscends DO NOT like MT!

gmsmstr

Sorry can't tell ya. But I can tell you that there is an extensive amount of time testing and retesting cards using both acutal production units and simulated read/writes and they are NOT your normal 25 buck cards.

gmsmstr

I would have to look at it, but I am sure its a NAT rule. You would have to also accept traffic from your web proxy.

gmsmstr

You are still proxying traffic. Hence tracking it, etc. So, hence, you have the high cpu count. Think of this. What happens is the MT gets the traffic, and then sends it out, as a client to your parent proxy, and then returns that information to the client. So, yes, this will eat up CPU as it should...

gmsmstr

yes all in stores. You should use a better CF card. Most will only run 100,000 writes if that. The PoweRouters (www.mikrotikrouter.com) use industrial cards designed for over 3million writes.

gmsmstr

I would doubt it. I would hit the HCL at http://wiki.mikrotik.com/wiki/Supported ... 86_Systems. Penty of systems there that you won't have to worry about.

gmsmstr

The issue that you have here, is that the needs dont' outweigh the deveopment costs of such of units. MikroTik has said this a numbger of times. I expect to see a many port version of the 1000, but I doubt that you will see a huge CPU unit like the PowerRouters. Also, note that we currently have 224...

gmsmstr

Yes have not got that to get updated yet

gmsmstr

What occurs with slow CF cards, and small processors . IN some cases WebProxy will work fine on these, it just depends on the size of the CF etc. With the CF, as soon as you boot, it does a read on all of the files to rebuild the cache etc. SOOO. Thats why it takes a long time on reboot.

gmsmstr

Keep in mind that many of those cards have less than 100,000 writes on them. I have seen some cards spec out at 10,000, for camera images etc, that maybe fine, but for an OS that could be running for years, might be bad. I would also always recommend products listed in the HCL on mikrotiks site as w...

gmsmstr

We have BGP peers on v 3 and v4 so far without major issues. v3.30 is rock solid..

gmsmstr

Sounds like the VM is only giving so much time to RouterOS, if it is seeing 100% cpu.

gmsmstr

The switching capability is limited to hardware with switching chips for one. So you are using CPU. Second, you do not allow direct access to the hardware in question since you are runing virtulized, so you are dedicating the system to RouterOS. Overall, there are quite a bit of resources used by th...

gmsmstr

Is there a way to log Ethernet drops? I.e. I have an Ethernet port that drops maybe 1 ping, but the actual Ethernet goes to "NO LINK" Its SO short though, I would rather have something that logs it

gmsmstr

Then you just need to connect to it just like you do with Winbox, just use that IP.

gmsmstr

the 100s were really underpowered, We get around 30-40meg though most 433s, but really go for the AH versions, much better. It also depends if you are doing connection tracking, firewalling rules etc.

gmsmstr

One of hte reasons to buy a supported and tested RouterOS system :) Regardless, it could be lots of things. I would have to look at it, but remember, just cause linux runs on it, don't mean MikroTik will! Check out the http://www.mikrotik.com/consultants.html list, and get someone to take a look .. ...

gmsmstr

What else do you need

gmsmstr

by default it would not block them.

gmsmstr

If it has a public IP, just use winbox, otherwise, you will have to forward the winbox ports in.

gmsmstr

In bridge swtich mode it will be quite fast..

gmsmstr

Correct, the CPU gets maxed out while receiving and bringing in those routes.

gmsmstr

Please note, that unless you know exactly what all of those rules do, please do not install something that you don't know what its doing.

gmsmstr

Disk issue?

gmsmstr

Just remember, there quite abit more to getting a high-preformance RouterOS system than just slap some NICs in a PC and it will do GigE routing. IRQs, buss limitiations, etc all have to be taken into account!

gmsmstr

There is a lot more to it than just simple CPU usage. PCI buss design and limitiations, IRQs, testing application, etc. So just buy putting some hardware togeather, don't mean its a good design. There is lots more to it than just build it and it will work!

gmsmstr

I would personally stick with what is on the HCL. There are many factors when building your own system, and you never know if there is going to be an incompatability. http://wiki.mikrotik.com/wiki/Supported ... 86_Systems is where you want to look.

gmsmstr

We had a config in FreeRadius that never sent a deny. It would send an accept, but if it was not found in the database, it simply would not reply, then it would go on to the next server. Watch your ping times and bw though to the first server, as you will want to keep your timeout value low enough f...

gmsmstr

The linksys should have its DHCP server turened off, and the hotspot port should be plugged into the lAN segment of the linksys. Should not use the linksys WAN port.

gmsmstr

7200s do the same thing when they first receive full BGP tables.

gmsmstr

You could, but why! No need!

gmsmstr

I would suggest http://www.mikrotik.com/consultants.html if you need something quickly!

gmsmstr

any PCI slot can handle that as its a "PCI" system, that just gets it power from there. Usually don't turn on and off the system though. Plenty of other options though out there.

gmsmstr

I would assume that you don't have a masq rule.

gmsmstr

Would prefer not to have to worry about that hardware that much! Regardless, I don't know of a 'server" that will do it.

gmsmstr

DST NAT rule!

Or perferred, a web proxy with parent.

gmsmstr

Any kind you wish!

gmsmstr

The only moving parts are the fans in the unit.

We use speicalized CF card for the OS, and if you want a hard drive option for caching, you can choose SSD drives as well

gmsmstr

Works perfectly fine on my Win7 box.

gmsmstr

You cna create a rule that matches data coming from the Proxy system. This rule has to say at the top of the list, so you will need a script to do that

gmsmstr

They run RouterOS without issues! http://www.mikrotikrouter.com. I have also done quite a few, around 800 on a RB1000... Its also important to note that standard PC hardware is sometimes not the same, as you have changes in drivers, PCI Buss limitations, etc. So, hard to say.

gmsmstr

We have PowerRouter 732s running 3000+ PPPoE Sessions, and 2282s with over 9k..

gmsmstr

I would assume receiving all of your routes would be the issue rather than the OSPF. I.e. when your BGP peer come up, it consumes 100% cpu during the receive of the routes. This is something that the PowerRouter does (multi-core) much better. Its not really an issue with RouterOS, but more of a sing...

gmsmstr

Depends on what you want! lol .. Is a full custom application, so its whatever you wish. I would suggest taking this offlist if you would like to e-mail me at dmburgess@linktechs.net, we can talk more about it.

gmsmstr

These apps are custom made for our clients, so no. If you want one made for you, we can do that, but there is cost involved.

gmsmstr

We have deliveloped several custom applications for RouterOS. Its all in the API, you can't change the web interface.

gmsmstr

online users?.. They avg between 1000-3000, it goes up and down as its a univerisity, a number of subnets too. :) The built in system can handle thousands of users, just not well. Its optimized for a VERY few units, 100 or so MAX, we had about 5000 users in it at one time, but even one high end har...

gmsmstr

around 100-200 at most with internal auth, with external, we have PowerRouter 732s running 3,000 hotspot users.
with 3000 users, what is the cpu level?
could suports 10000 users ?

Sorry, they run around 200-300 meg of data, so around 20% or so.

gmsmstr

around 100-200 at most with internal auth, with external, we have PowerRouter 732s running 3,000 hotspot users. with 3000 users, what is the cpu level? could suports 10000 users ? Would really depend on other factors, bandwidth, rules etc. If you need more power though, I would not see a reason why...

gmsmstr

The CLOSEST you can come to that is a PowerRouter 732, as they are reated up to 120F, the 1000s are only rated for 105F I belive. The 732 has a 2 port Fiber option as well. www.mikrotikrouter.com. However, if you need the fiber but 1000 or smaller board will work, then I would suggest http://www.mik...

gmsmstr

around 100-200 at most with internal auth, with external, we have PowerRouter 732s running 3,000 hotspot users.

gmsmstr

There is no ebook published, just softcover. YOu can order on-line at htt://www.routerosbook.com though. It should be on amazon in a few weeks.

gmsmstr

Upgrading to user manager will speed things up, as 1/2 of your CPU usage is the database lookups! 100 or so is about the max. I know someone will go SPAM SPAM, but visit http://www.mikrotikrouter.com. The 732 I have seen upwards of 300 meg of traffic and 2800 PPPoE sessions, and the 2200 there is on...

gmsmstr

Kinda why I am asking. I think I just forgot about the route reflection.

gmsmstr

I am wishing to use BGP in place of OSPF. One AS, private for now. If I just simply start adding BGP peers to the network, once I get 3-4 hops out, the IPs start to drop off at the end with TTL issues. Looks like all of the routes are being added at a cost of 200 at every interface vs their internal...

gmsmstr

http://www.routerosbook.com

gmsmstr

I DO APOLOGIZE FOR THE AD: However, I know there are some people that will find this of interest to them! ss01 Aug. 25 16.37.jpg Link Technologies, Inc, along with the Author, Dennis Burgess, is proud to offer the FIRST, Mikrotik RouterOS book on the market. Learn RouterOS, will take you though Rout...

gmsmstr

anyt updates. seeing this on a network now too.

gmsmstr

cheaper, do more, faster, better in every way.

gmsmstr

I do not believe RouterOS supports SAS drives. I would suggest using hardware from the Supported Hardware list. http://wiki.mikrotik.com/wiki/Supported ... 86_Systems

gmsmstr

You can do it with WINS or DNS. DNS would be better.

gmsmstr

First, I do apologize if I came across the wrong way. That was not my intent, So I do apologize if i did.

However, with or without a domain, you can make that work just fine.

A domain is not a requirement.

gmsmstr

I would suggest taking the advice from the forum, or hiring a consultant on the MT consultant list. I'm sure they can get you squared away in no time.

gmsmstr

Simply put, file sharing and print sharing over a PPTP VPN is perfectly fine. THe fact that the admin don't know how to make it work shows this. RouterOS transports the IP network over, no prob. The rest is windows software and systems to make it work right. I have businesses that have 20 sites with...

gmsmstr

Remember, that most firewalls can not just be "copied" without at least an understanding of what they are doing. Some common "scripts" that are out there commonly block known good ports, so be careful and if you don't know what they all do, don't load them, or have a consultant help you out by going...

gmsmstr

Yep, sounds like some little check box or small issue. I would suggest getting a Mikrotik consultant to take a look at the box. http://www.mikrotik.com/consultants.html is a listing

gmsmstr

We have hotspot users numbering into the 3000 on one box, not such as small machine, but we do have them running, 80-100 meg of data without issues.

gmsmstr

A Consultant could help you best, I would contact one of them. However, all you have to do is create a transparent proxy rule. Its well documented. As far as caching of youTubed, not going to work, as that breaks HTTP standards, again well discussed here on the forums.

gmsmstr

The 1000U is a great product, if you need a few more ethernets you can move to a supported x86 product, http://wiki.mikrotik.com/wiki/Supported ... 86_Systems is a great place to start.

gmsmstr

Keep in mind that the 1000 is not the only options. We make the PowerRouter 732 and 2200 series units as well. These we can add Fiber interfaces in, as well as we offer fiber conversion products as well. We do quite a bit with the fiber on the 2282 plus it gets you 10 GigE Copper interfaces as well....

gmsmstr

I have a need to do somehting like

/queue simple set parent=parent where name contains "name"

or even starts with. I have a few hundred queues that I need to apply a setting too, but can not due to this fact.

Search found 904 matches