MikroTik

texmeshtexas

This is still a problem in 6.44.6
Its pretty sad that a simple packet sniff operation brings this big powerful router to its knees and crashes it so bad that it needs a power cycle to recover.

texmeshtexas

Ok, This is a strange one and hard to reproduce. Symptom: PPPoE authentications are failing against our off site Radius server. We can reboot the router and everything is fine again. During investigation and while the router was in the state, I looked to see if there was a more current version of Ro...

texmeshtexas

We have seen this also but not in a while. We reworked Firewall filter rules to get the CPU load down and it go more stable. Problem seems to be worse when the CPU load is highest. And using packet sniffer with Winbox drives the CPU up and can crash the system as well. Also it does seem more stable ...

texmeshtexas

Has anyone else experience the CCR1072 running 6.43.8 and the previous couple releases, becoming unstable and crashing (total hang up requiring a power cycle to recover) when running packetsniff? A big clue is the CPU goes to 100% when running packet sniff. Even a sniff that results in a rather smal...

texmeshtexas

6.42.7 BGP problem

we have 6.42.7 updated this morning.
I'm noticing that our BGP blackhole peer with our upstream is not sending withdrawal from the network list like it used to.

anyone else have issues with this?

texmeshtexas

was able to determine its not the number of /32 prefixes, it was the script that looks at my address list and puts those addresses on the prefix list https://forum.mikrotik.com/viewtopic.php?f=9&t=115521&p=680382#p680382 I was running the script every 10sec but it takes over 2min for the script to r...

texmeshtexas

GamerXP,

Tried your script, seems to work well.
Any reason it takes 2.5min to run on a CCR1072.
Adding 120 prefixes from my address list.
Does that seem right?
I can only run it every 5 min.

Greg

texmeshtexas

we seem to get hit by DDoS attacks to a large number of IPs at the same time. Some are assigned IPs and many are not. In any case, we want the ability to black hole several hundred IPs at once. Our upstream allows upto 200 at the moment. However, with 100 or so /32 prefixes on the Mikrotik (CCR1072 ...

texmeshtexas

that first mangle rule /ip firewall> mangle print Flags: X - disabled, I - invalid, D - dynamic 0 chain=prerouting action=add-src-to-address-list tcp-flags=syn,rst protocol=tcp address-list=ddos-source address-list-timeout=6h in-interface=NETIX log=no log-prefix="" sure seems to put alot of addresse...

texmeshtexas

dst-nat is performed as the frame or packet enters the 'Tik, so the mangle rule assigns the packet-mark to the packet too late, after it has already passed the dst-nat chain. So a single rule like /interface bridge nat chain=dstnat action=dst-nat to-dst-mac-address=FF:FF:FF:FF:FF:FF mac-protocol=ip...

texmeshtexas

I've got a phone server on our network that uses the subnet broadcast address to send info to the phones on the local subnet. However, its sending the packet to desitination MAC of the gateway router (MT 2011) and not FF:FF:FF:FF:FF:FF so the phones never see it as the switches forward the frame onl...

texmeshtexas

It could be but I dont see the traffic going up much.
I have a bunch of rules to detect if the traffic goes up to an unusual level and captures stuff into files assuming its a DDOS attach.
It could be a low volume attach designed to drive a Mikrotik crazy, I suppose.

texmeshtexas

We have a CCR1072 running 6.40.5 on the edge of our network. This router typically has 2.5-3Gbps of traffic running through it. Many fw rules and does NAT for customers on private addressing. about 1-2 times per month it randomly jumps into a mode where the CPU goes from the normal 7-8% up to 60% ra...

texmeshtexas

We have a CCR1072 running 6.40.5 with an S+31DLC10D SFP module to communicate with our upstream proider. Our upstream started getting receive errors over the last couple of weeks and its really climbing the last few days. ON our side we see Tx Power -4.483dBm Rx Power -3.951dBM Our upstream sees thi...

texmeshtexas

I see the same issue on Dude 6.38.5 and 6.39 Suddenly stopped woring on Win 7 client. Anyone know wha the solution is? 6.39 ACCESS VIOLATION at: 6da6c975 eip=6da6c975 eflags=10293 edi=0 esi=6dae06cf ebp=28f09c esp=28f040 eax=408f9c0c ebx=fffffffe ecx=0 edx=0 log: backtrace: 6da6cf8c 4d03ec 4d0428 4d...

texmeshtexas

There seems to be an issue with SNTP getting synced in this version. I use a script to periodically set my server IPs to us.pool.ntp.org and time.nist.gov script works fine but router simply wont sync any more after upgrading from 6.30 to 6.32.2. Well, turns out I forgot to do the Routerboad fw upd...

texmeshtexas

There seems to be an issue with SNTP getting synced in this version.
I use a script to periodically set my server IPs to us.pool.ntp.org and time.nist.gov
script works fine but router simply wont sync any more after upgrading from 6.30 to 6.32.2.

texmeshtexas

All our CCR's locked up right at 7pm CDT. 3 x86 units did not, MT493 units did not.
This is very strange.

texmeshtexas

We are setting up Hotspot to authenticate the MAC of our CPEs. We do Not want users to get a splash page and “log in”. It needs to be automatic authentication to the Radius server. If the MAC is in the Radius server, then authentication should work. Sometimes the MAC/IP shows up on the Hosts list bu...

texmeshtexas

I believe this is part of the flow contol mechanism that was added to Ethernet interfaces in RouterOS 6.12+ Not a new concept in Ethernet but new to MT. I had this issue on one of my CCR1036 interfaces connected to a SAF backhaul. The SAF turns flow control on (no option to turn it off) and I had no...

texmeshtexas

Customer were complaining about download speeds being terrible. Mostly around 1-1.5Mbps. No matter what their queues are set to. I have a computer at the a tower site so I was easily able to verify this. Also AirControl tests to CPEs confirmed. I think this is related to 6.18 as I upgraded over the ...

texmeshtexas

I've found that this does not work. http://wiki.mikrotik.com/wiki/DoS_attack_protection /ip firewall filter add chain=forward protocol=tcp tcp-flags=syn connection-state=new \ action=jump jump-target=SYN-Protect comment="SYN Flood protect" disabled=yes /ip firewall filter add chain=SYN-Protect proto...

texmeshtexas

Each tower has a router that connects to one or more upstream towers and is the primary interface to the customers. There is one interface that is customer facing. the firewall filters are primarily to protect the infrastructure, not the customers. Most customers are on private addresses so we NAT a...

texmeshtexas

Its rule 10 that causes all the trouble. # nov/ 4/2013 21:10:13 by RouterOS 6.5 # Flags: X - disabled, I - invalid, D - dynamic 0 ;;; Established input chain=input action=accept connection-state=established 1 ;;; Established forward chain=forward action=accept connection-state=established 2 ;;; Rela...

texmeshtexas

anyone having trouble with a Firewall filter rule like this add action=drop chain=forward comment="Drop Invalid Connections" connection-state=invalid This absolutely creates much trouble with my customers traffic. Seems to kill all sorts of valid traffic including my AirControl traffic to my APs and...

texmeshtexas

Just found a queue on the other side that was limiting the bandwidth.
Its good when I turn the queue off............how embarrassing!!.

texmeshtexas

Tried MTU of 1500 and 1460. No change. Testing to MT493AH. From the PC to the local MT493AH I get around 78-80Mbps each direction. To the remote MT493AH on the other side of the Motorola licensed MW link (100x100 full duplex) I get about 18x16Mbps. I know its not the link as the customer traffic run...

texmeshtexas

yeah, but it also does it on the Motorola Licensed 100x100 full duplex link.
And I know the link supports >15-18Mbps data because at peak times, I see around 25-30Mbps customer traffic.

texmeshtexas

I use MT routers in various places in my networks. In areas where they are just routers (no wireless cards), when I run bandwidth test between two 493AH routers (both on V4.5) that are connected to the same HP switch, the speeds look great. But in 3 different places when I run across either a Ubnt l...

texmeshtexas

Where you ever able to get the Shrewsoft VPN client to connect to ROS?
I've not very knowledgeable about IPsec setups so I need to know if it is possible.
If it does work, are there step-by-step directions somewhere?

texmeshtexas

I'm applying firewall rules to a bridge and all seems to work well. Can anyone tell me what exactly the Connections tracking window is telling me. My default TCP Established Timeout is set to 1d 00:00:00. That seems too long. I just want to see how many active connections there are. What should I us...

texmeshtexas

Put v4.6 on my 750 and it would no longer talk to my Motorola PTP800.
Very strange as it would talk to my Ligowave device and my PC, just not the PTP800.
Had to abort 4.6 to get things working again.

texmeshtexas

Well, maybe I asked the wrong question.
Does Mikrotik support GPS timing when configured as an AP?

If I have multiple AP's on a single tower, will this help reduce interference between them?

texmeshtexas

I need to put 3 AP's on a tower with R52N running 2x2.
Will Mikrotik allow me to GPS sync to avoid interference between APs?

If so can someone tell me what USB based GPS unit I should use with my 433UAH?

texmeshtexas

I'm running Dude 3.1. When I test the notifications I get the proper syslog and event log entries but not all notifications are sent by email. I test by taking 5 devices down at the same time but I only get 2-3 email alerts and not all email addresses listed get the alert. Its a bit random as to who...

texmeshtexas

Please add ability for syslog server to receive TCP syslog messages.
Some network appliances, such as Mobotix cameras, only send syslog messages using TCP.

texmeshtexas

Does anyone now how to set up a SPI firewall feature on RouterOS 3.17?

Search found 37 matches

Re: CCR1072 crashes when running Packetsniff

DNS and Radius random failures

Re: Mikrotik CCR 1072 Hang

CCR1072 crashes when running Packetsniff

Re: v6.42.7 [current] is released!

Re: BGP black hole with large number of prefixes

Re: IP Firewall Address list to BGP Network. Useful for Blackhole.

BGP black hole with large number of prefixes

Re: TCP SYN Flood attack causing high cpu

Re: Bridge Dst-Nat [SOLVED]

Bridge Dst-Nat [SOLVED]

Re: CPU load goes way up randomly CCR1072

CPU load goes way up randomly CCR1072

SFP signal too strong

Re: The Dude client ACCESS VIOLATION on fresh install with Windows 10

Re: 6.32.2 released

Re: 6.32.2 released

Re: all CCR crashed

HotSpot MAC Authentication

Re: fcs error?????

OSPF in 6.18 not acting right

Re: Syn flood protection

Re: Invalid connections

Re: Invalid connections

Invalid connections

Re: bandwidth test over 3rd party wireless

Re: bandwidth test over 3rd party wireless

Re: bandwidth test over 3rd party wireless

bandwidth test over 3rd party wireless

Re: feature request : ipsec with mode_cfg

Firewall Connection Tracking

Re: RouterOS v4.6 released

Re: GPS recommendation

GPS recommendation

Notifications not being sent properly

Re: Vote for new DUDE features!

Firewall