Community discussions

Search found 228 matches

by dasiu
Wed Oct 10, 2018 3:35 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 39224

Re: v6.43.1 [stable] and v6.43.2 [stable] are released!

Same situation, described below: 1. After upgrade to 6.43.2 device are unreachable, boot up properly but not working. 2. I try to reset on default, and is passed, but same problem 3. Wifi are powered on with default SSID, after I try to connect to wifi stop working 4. LAN led are green even I disco...
by dasiu
Wed Oct 10, 2018 2:40 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 39224

Re: v6.43.1 [stable] and v6.43.2 [stable] are released!

On mipsbe devices with AR8227 switch chipset (100 Mbps 5-port routers like hAP, hAP ac lite, hEX lite, hEX PoE lite, RB951Ui-2Hnd, OmniTik 5) it seems you can damage the routerboard after upgrading it to 6.43.2 and using no-default settings... Anyone experienced physical Ethernet port problems after...
by dasiu
Mon Aug 06, 2018 11:16 am
Forum: Scripting
Topic: Load functions from another script
Replies: 3
Views: 582

Re: Load functions from another script

You prefer to "load" it... where? Isn't "loading" to /system script environment, to the list of global variables/functions, enough? That's what I use - I have an .rsc file with "functions" I just run - and it loads the functions to globals. And other file to remove them. And in the main script I jus...
by dasiu
Mon Aug 06, 2018 11:12 am
Forum: Scripting
Topic: RouterOS SNMP Get
Replies: 9
Views: 1711

Re: RouterOS SNMP Get

Hi! The is no "issue" with amount of data or anything... It's simple it's just NOT SUPPORTED yet :). I believe someone from MT staff said that they plan to introduce it later (can't remember, where), for now the snmp-get is just for user interaction, can't be scripted. I'm also waiting for it to be ...
by dasiu
Fri Aug 03, 2018 2:36 pm
Forum: The Dude
Topic: Unable to upgrade RouterOS
Replies: 2
Views: 694

Re: Unable to upgrade RouterOS

Is it a CHR with trial license which has expired?
by dasiu
Thu Aug 02, 2018 1:31 pm
Forum: Scripting
Topic: Load functions from another script
Replies: 3
Views: 582

Re: Load functions from another script

Yes, you can :). 1. Make the getKeyValue and setKeyValue functions :global instead of :local 2. Run the one script defining all those global functions on startup 3. In the beginning of your script using the functions put: :global getKeyValue; :global setKeyValue; So the globals are in the memory all...
by dasiu
Wed Aug 01, 2018 2:12 am
Forum: RouterBOARD hardware
Topic: REQUEST : New Switch for SOHO, upgrade to 10GB over copper
Replies: 8
Views: 1652

Re: REQUEST : New Switch for SOHO, upgrade to 10GB over copper

Oh completely overlook, thanks for the hint. No, you didn't :). That CRS210 is discontinued , don't look at it :). As you mentioned you can get CSS 326 for half the price :). Also - you can get CRS326 for a bit less, having - besides the great switch and easy (bridge filter) VLAN configuration - te...
by dasiu
Tue Jul 31, 2018 11:13 am
Forum: Scripting
Topic: src-address
Replies: 3
Views: 523

Re: src-address

Use quotes :).
/ip fi man print where src-address="192.168.1.100"
edit: LOL, that timing :).
by dasiu
Thu Jul 26, 2018 12:19 am
Forum: Scripting
Topic: access to SSTP-Client Uptime
Replies: 3
Views: 418

Re: access to SSTP-Client Uptime

adding the 'as-value' incorporates each row of text into an array of text strings in memory indexed by the headings (left of the ':') and adding the ->"uptime" selects the row of the the array So: 1. Adding "as-value" presents the results of print (and also monitor) commands in the "array" form. To...
by dasiu
Wed Jul 25, 2018 9:20 pm
Forum: Scripting
Topic: Problem running script(s) [SOLVED]
Replies: 6
Views: 743

Re: Problem running script(s) [SOLVED]

Tried using local instead of global? Not ":global getDateTime" but ":local getDateTime"? If you have few scripts and they all have this function - they overwrite it and maybe it's causing the problem if they are doing it in the same time?
by dasiu
Wed Jul 25, 2018 9:18 pm
Forum: Scripting
Topic: cannot use ip firewall connection find [SOLVED]
Replies: 3
Views: 1664

Re: cannot use ip firewall connection find [SOLVED]

It's correct, find works, you just don't SHOW the result of the find :). 1. dst-address in the entry is EQUAL TO "172.31.80.4:5060". Looking for "172.31.80.4" won't work. so it's either: find dst-address="172.31.80.4:5060" for this specific port, or: find dst-address~"172.31.80.4:" for all ports :)....
by dasiu
Wed Jul 25, 2018 9:11 pm
Forum: Scripting
Topic: access to SSTP-Client Uptime
Replies: 3
Views: 418

Re: access to SSTP-Client Uptime

:put ([/interface sstp-client monitor VPN-To-Host once as-value]->"uptime")
by dasiu
Mon Jul 23, 2018 3:09 am
Forum: Scripting
Topic: "/system resources" do miss "find", bug?
Replies: 3
Views: 422

Re: "/system resources" do miss "find", bug?

Hi, 1. Don't use "print as-value" if you don't need it. Learn how to use find and get. 2. Your example doesn't work, because there is no "dynamic" entry in system resources. Without "dynamic" it should work: log info message=[/system resource print as-value] 3. Please, look at this: log info message...
by dasiu
Sat Jul 21, 2018 12:13 pm
Forum: Scripting
Topic: Wifi Hotspot + cloud Management
Replies: 3
Views: 976

Re: Wifi Hotspot + cloud Management

Yes, 1. The usual approach is to set a RADIUS + MySQL + HTTP/PHP server that's controlling it, and set MikroTik hotspot to redirect to that page (with the login.html page HTTP redirection with the necessary variables from hotspot). I made a presentation years ago - there are only slides (ask MikroTi...
by dasiu
Sat Jul 21, 2018 12:08 pm
Forum: Scripting
Topic: Problem with route remove
Replies: 2
Views: 378

Re: Problem with route remove

I have this route: /ip route add dst-address=4.4.4.4 gateway=177.89.160.1 comment=FailOver And i trying this and don't work. /ip route remove [find dst-address=4.2.2.2] You know, that 4.4.4.4 is not the same as 4.2.2.2 - so there is no surprise :). Still - use quotation marks, /ip route remove [fin...
by dasiu
Thu Jul 19, 2018 12:41 pm
Forum: The Dude
Topic: Add images to device Dude 6.40.8
Replies: 3
Views: 2135

Re: Add images to device Dude 6.40.8

Upload the file with Winbox/FTP/SCP/anything... to the RouterOS filesystem (to the dude directory - I prefer to create a new subdirectory, as the default images are in the "static" directory you can't change).
by dasiu
Wed Jul 18, 2018 6:26 pm
Forum: Scripting
Topic: No good connection alert
Replies: 1
Views: 366

Re: No good connection alert

Hi, 1. Netwatch - no, it's too basic 2. Script scheduled to run every minute (or so) would do. The script would run ping to the other side with interval set to 150 ms and with specified count (like 10 or 100 pings) - if the latency is higher, the pings will drop - and then based on the drop number (...
by dasiu
Wed Jul 18, 2018 6:21 pm
Forum: RouterBOARD hardware
Topic: Guidance to choose mikrotik device
Replies: 4
Views: 717

Re: Guidance to choose mikrotik device

The minimum would be really any MikroTik device - for such basic functionalities. That would be hEX lite for 40 USD:
https://mikrotik.com/product/RB750r2
To be sure you can do plenty more - you can go with hEX (60 USD and much more power):
https://mikrotik.com/product/RB750Gr3
by dasiu
Tue Jul 17, 2018 7:38 pm
Forum: Scripting
Topic: DNSdynamic script for RouterOS v6
Replies: 3
Views: 558

Re: DNSdynamic script for RouterOS v6

OMG, MSandoval! I didn't notice, that he included his real login information in the script! Thanks for pointing it out loud, so all of us now can notice it! :)
by dasiu
Tue Jul 17, 2018 1:29 pm
Forum: Scripting
Topic: Sending output of script commands to syslog
Replies: 6
Views: 996

Re: Sending output of script commands to syslog

You see the lines split, as the result of "print as-value" shows all entries in one string, and MikroTik splits the logged strings to 256-byte elements (256 bytes is the max length of what it can log). To send separate log for each line, try: :foreach logline in=[/ip firewall nat find dynamic=yes] d...
by dasiu
Fri Jul 13, 2018 3:47 pm
Forum: Scripting
Topic: check ip enabled or not [SOLVED]
Replies: 2
Views: 503

Re: check ip enabled or not [SOLVED]

Hi, I'd like to check if an ip address is enable or disable through script. How can I achieve this? example - :if (ip address get [find address="x.x.x.x/x"] disabled = yes) do={ ... - :if (ip address get [find address="x.x.x.x/x"] enabled = yes) do={ ... Thanks. Almost great, just work on the brack...
by dasiu
Fri Jul 13, 2018 3:35 pm
Forum: The Dude
Topic: [BUG] Images and icons disapearing
Replies: 22
Views: 3553

Re: [BUG] Images and icons disapearing

Guys, I think I solved it in the past: Make sure the user you use for Dude access has FTP rights (the group the user belongs to)! You don't need the FTP protocol to be enabled (in IP services), but still seems like this policy is needed for the user to read the files from MikroTik filesystem - so yo...
by dasiu
Fri Jul 13, 2018 11:30 am
Forum: Scripting
Topic: routeros 6.42.5 and 6.42.6 script /file not working
Replies: 2
Views: 691

Re: routeros 6.42.5 and 6.42.6 script /file not working

What is wrong here? After the fetch, but before reading the file, put a short delay, like 2 seconds: :delay 2s; Unfortunately, this is how it works - the file that has just been downloaded/created locally - is not visible immediately, though the fetch command already finished its job. This is Mikro...
by dasiu
Tue Jul 10, 2018 5:49 pm
Forum: RouterBOARD hardware
Topic: RB3011 Switching Performance with Hardware Offloading
Replies: 11
Views: 6997

Re: RB3011 Switching Performance with Hardware Offloading

There is always a third option :). If you need 5 or less ports - just use ports from one group for the LAN. (WAN, if it's just routed, without bridged VLAN, can be in the different group then) If you need 9 or 10 ports - then, unfortunately, you need an extra switch to work with wire-speed without u...
by dasiu
Thu Jul 05, 2018 11:31 am
Forum: The Dude
Topic: Install DUDE on RB2011
Replies: 1
Views: 1519

Re: Install DUDE on RB2011

Install it on other machine :). My way: 1. Buy a VPS somewhere (I use vultr.com - virtual machine for 5 USD per month) and install CHR with a P1 license. 2. Make all your routers establish SSTP tunnels to the CHR. 3. Run the Dude on the CHR. It can monitor the machines and also devices inside the ne...
by dasiu
Wed Jul 04, 2018 6:48 pm
Forum: Scripting
Topic: Globals are emply from script but have a values at CL
Replies: 3
Views: 413

Re: Globals are emply from script but have a values at CL

In the beginning of each script you need to define the variables (even the global ones) you are using. You just need to do: :global URL; - so it's not changing the value, the variable is all the time there, it just makes the global variable "visible" from the "scope" of the script. You need to do th...
by dasiu
Tue Jul 03, 2018 12:43 am
Forum: Scripting
Topic: Bug in LEN [SOLVED]
Replies: 2
Views: 549

Re: Bug in LEN [SOLVED]

Your report is incorrect - it's NOT a BUG :). It's good, normal behaviour. 1. :len - returns not a "file size", but a "size of the variable". 2. /file find... - returns an ARRAY of POINTERS to files that match the "find" criteria. In your case /file find name=""... returns one pointer - so the lengt...
by dasiu
Fri Jun 29, 2018 12:19 am
Forum: Scripting
Topic: PUSHOVER - ready MikroTik script to send messages
Replies: 1
Views: 1227

PUSHOVER - ready MikroTik script to send messages

I've just written a script (function) to send the Pushover messages directly from MikroTik, not using e-mail but direct API (faster). Just run once on bootup to "install" the functions: :global urlEncode do={ :local output "" :local input [:toarray $1] :if ([:len $input] > 0) do={ :local input1 [:to...
by dasiu
Thu Jun 28, 2018 1:45 pm
Forum: Scripting
Topic: Replace characters in string (url encode)
Replies: 14
Views: 10087

Re: Replace characters in string (url encode)

Also - check this out, this is how we now use the functions :). (please, see the "sticky" Functions and function parameters thread in this forum section!) :global urlEncode do={ :local output "" :local input [:toarray $1] :if ([:len $input] > 0) do={ :local input1 [:tostr [:pick $input 0]] :for i fr...
by dasiu
Thu Jun 28, 2018 1:22 pm
Forum: Scripting
Topic: Replace characters in string (url encode)
Replies: 14
Views: 10087

Re: Replace characters in string (url encode)

Let me suggest to make it nicer :). Instead of: :if (\$char = \" \") do={ :set \$char \"%20\" } :if (\$char = \"-\") do={ :set \$char \"%2D\" } :if (\$char = \"(\") do={ :set \$char \"%28\" } :if (\$char = \")\") do={ :set \$char \"%29\" } :if (\$char = \":\") do={ :set \$char \"%3A\" } You can use:...
by dasiu
Tue Jun 26, 2018 1:32 pm
Forum: Scripting
Topic: Function 'import' don't work with variables
Replies: 3
Views: 556

Re: Function 'import' don't work with variables

And I think it's normal behaviour, not a bug :). Your $lib variable is not "string", but a pointer to a file (try :put $lib, instead of :put [/file get $lib name]) :). You can use it in /file menu, but not in /import. You can also do /file print, find the entry number you like, and then remove it wi...
by dasiu
Tue Jun 26, 2018 1:28 pm
Forum: Scripting
Topic: Function 'import' don't work with variables
Replies: 3
Views: 556

Re: Function 'import' don't work with variables

Maybe try...
foreach lib in=[/file find name~".lib.rsc"] do={ :local libname [/file get $lib name]; :put $libname; /import "$libname" }
by dasiu
Fri Jun 22, 2018 11:06 am
Forum: Scripting
Topic: RB upgrade script issues
Replies: 2
Views: 443

Re: RB upgrade script issues

I'd add some debugging info: /system scheduler add interval=1d name=upgrade on-event=rb_upgrade policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=jun/16/2018 start-time=05:00:00 add name=startup_upgrade on-event=rb_upgrade policy=ftp,reboot,read,write,policy,test,password,...
by dasiu
Thu Jun 21, 2018 6:22 pm
Forum: Scripting
Topic: Day of the Week for a variable [SOLVED]
Replies: 2
Views: 515

Re: Day of the Week for a variable [SOLVED]

1. Unfortunately, MikroTik doesn't "show" the day anywhere.
2. Other people may already think about it. For example here:
https://wiki.mikrotik.com/wiki/Script_t ... f_the_week
by dasiu
Wed Jun 20, 2018 5:39 pm
Forum: Scripting
Topic: Scripting - Asking user for input.
Replies: 7
Views: 2625

Re: Scripting - Asking user for input.

Or use:
:put [$read] - to run the script (as for user input) and immediately put it on the screen without "storing it" in a variable :).
by dasiu
Tue Jun 19, 2018 3:58 am
Forum: Virtualization
Topic: CHR P-Unlimited - amount of L2TP - PPTP - EOIP ?
Replies: 6
Views: 1116

Re: CHR P-Unlimited - amount of L2TP - PPTP - EOIP ?

No limit from the license.
But does anybody no what is the "limit" of the CHR - in terms when does it "die"? How many PPP interfaces or IPsec peers (or SAs) can we "run" on CHR (and if it scales when adding CPUs?) :)
by dasiu
Mon Jun 18, 2018 3:27 pm
Forum: Scripting
Topic: How to push and run script to CAP from CAPSMAN
Replies: 1
Views: 706

Re: How to push and run script to CAP from CAPSMAN

Yes. 1. On all CAPs enable FTP to be available only from the IP of CAPsMAN. 2. On CAPsMAN prepare the file like script.rsc, which will have the command to be sent to CAPs, like "/user set admin password=qwerty12". 3. On CAPsMAN write the script to get all IPs of CAPs and for each IP to run /tool fet...
by dasiu
Mon Jun 18, 2018 3:22 pm
Forum: Scripting
Topic: Script does not work at startup from /system script
Replies: 2
Views: 553

Re: Script does not work at startup from /system script

It's expected. Try reading about the "scopes" in the scripting manual - there is identical example.
https://wiki.mikrotik.com/wiki/Manual:S ... ocal_scope
Note that even variable can be defined as global, it will be available only from its scope unless it is not already defined.
by dasiu
Mon Jun 18, 2018 3:18 pm
Forum: Scripting
Topic: changing variables for all users of same profile
Replies: 2
Views: 450

Re: changing variables for all users of same profile

Yes, you can :).

Example (the idea is always the same)
/ppp secret set [find profile=default-encryption] limit-bytes-in=XXX

or just:
/any command set [find fieldname=commonvalue] changedfield=newvalue
by dasiu
Thu Jun 14, 2018 6:02 pm
Forum: Scripting
Topic: How to stop script
Replies: 1
Views: 408

Re: How to stop script

:set counter 0
:do {:delay 1; :set $counter ($counter+1);} while=(([/system ntp client get last-update-before]=[]) and ($counter<60));
by dasiu
Wed Jun 13, 2018 7:14 pm
Forum: Scripting
Topic: Determining the speed of data transmission in the subnet by means of scripts or rules [SOLVED]
Replies: 3
Views: 632

Re: Determining the speed of data transmission in the subnet by means of scripts or rules [SOLVED]

You can't use torch with scripts (i.e. can't read the torch readings from a script). What you can do is to have a /queue simple - one entry for each IP from LAN. Then your script can just get the "rate" parameter for each queue entry and check upload or download (need some parsing to split up/down a...
by dasiu
Sat Jun 09, 2018 10:55 pm
Forum: Scripting
Topic: Auto Failover with DHCP Internet Ip
Replies: 1
Views: 410

Re: Auto Failover with DHCP Internet Ip

Yes, it is possible.
by dasiu
Sat Jun 09, 2018 1:20 am
Forum: Scripting
Topic: Variables in script calls. [SOLVED]
Replies: 5
Views: 729

Re: Variables in script calls. [SOLVED]

Nooo :). 1. Create this itaTime script with the definition I sent, the few line :global itaTime do={ ... } 2. Make a scheduler to run this script every startup 3. In your other script in the beginning include the line: :global itaTime 4. Inside the script just use the [$itaTime] "variable" (which is...
by dasiu
Fri Jun 08, 2018 2:22 pm
Forum: Scripting
Topic: Variables in script calls. [SOLVED]
Replies: 5
Views: 729

Re: Variables in script calls. [SOLVED]

Hi! 1. If the values are local, it's normal they won't work - as the script B has different "local" variables than the calling script. 2. With global values it should work. But make sure, that in the beginning of BOTH script B and calling script you declare :global xxx. And maybe use first :global x...
by dasiu
Fri Jun 08, 2018 10:30 am
Forum: Scripting
Topic: VPN connected script
Replies: 3
Views: 1314

Re: VPN connected script

I am aware of that, but to do that I have to create multiple profiles for each user instead of assigning them to multiple users. If there are any flexible solution, let me know. You have 2 options: 1. Create 2 scripts (on-up and on-down) for each user separately 2. Read The ....... Manual :) on-up ...
by dasiu
Wed Jun 06, 2018 3:04 pm
Forum: Scripting
Topic: Time range test [SOLVED]
Replies: 2
Views: 472

Re: Time range test [SOLVED]

if (($timetest>00:00:00) and ($timetest<09:00:00)) do={...
by dasiu
Wed Jun 06, 2018 12:17 pm
Forum: Scripting
Topic: What is the working method to define and clear an array?
Replies: 3
Views: 626

Re: What is the working method to define and clear an array?

There is a bug, I already reported it. I believe it should work like you presented. Please, see this example script, it's even better :) :local xxx {"Key 0"="Value 0"} :put "Initial array:" :put $xxx :set ($xxx->"Key 1") "Value 1" :put "Array after using set:" :put $xxx :set $xxx ($xxx,{"Key 2"="Val...
by dasiu
Wed Jun 06, 2018 11:42 am
Forum: Beginner Basics
Topic: RouterOS Downgrade
Replies: 4
Views: 739

Re: RouterOS Downgrade

make sure also that 6.33.1 is supported for CCR1009-7G-1C. You can check it in System -> Resources and check for "Factory Software" You can not go lower than this version.
That's probably the issue. 6.33.1 is November 2015 - probably this model is too new to be supported by that software.
by dasiu
Tue Jun 05, 2018 11:08 pm
Forum: Scripting
Topic: Testing to see if script is runing
Replies: 3
Views: 444

Re: Testing to see if script is runing

Partially only. Use:
:execute "/system script run $SCRIPT";
The execute will be in background, parent script will run till the end independently, but still will be visible on scripts list as it is the parent.
by dasiu
Tue Jun 05, 2018 7:30 pm
Forum: Scripting
Topic: Script for multiple routers [SOLVED]
Replies: 1
Views: 442

Re: Script for multiple routers [SOLVED]

Allow FTP on the routers (only for specific IP, recommended - either locally or via a secure tunnel, not just "from the internet"). Then you can use: https://wiki.mikrotik.com/wiki/Manual:Configuration_Management#Automatic_Import Just upload the script commands using FTP as a file with extension .au...
by dasiu
Tue Jun 05, 2018 7:21 pm
Forum: Scripting
Topic: Help me with fetch
Replies: 2
Views: 756

Re: Help me with fetch

Have you tried: /tool fetch http-method=post http-data="payload={\"username\":\"someuser\"\n\"password\":\"somepass\"}" url="https://provider.ltd/path-to-script.php" ? Or maybe: /tool fetch http-method=post http-data="username=someuser&password=somepass" url="https://provider.ltd/path-to-script.php" ?
by dasiu
Tue Jun 05, 2018 7:07 pm
Forum: Scripting
Topic: Testing to see if script is runing
Replies: 3
Views: 444

Re: Testing to see if script is runing

Simplify it a bit - and it will work :)
:local SCRIPT "script1"
:local RUNNING [/system script job find script="$SCRIPT"]
:if ([:len $RUNNING] = 0) do={/system script run $SCRIPT}
by dasiu
Tue Jun 05, 2018 12:23 pm
Forum: Scripting
Topic: No strings on SMS
Replies: 5
Views: 659

Re: No strings on SMS

Use new lines. OR - use ";" in the end of command (then - no need for new line). Or - use both for clarity :) AND use indents - for your script to be "nice". Like: /system health :if ([get temperature]>70) do={ /tool fetch url="https://www.textmagic.com/app/api?usern ... send&text=$[/system identity...
by dasiu
Mon Jun 04, 2018 5:05 pm
Forum: Scripting
Topic: Call variable by dynamically constructing it's name
Replies: 3
Views: 578

Re: Call variable by dynamically constructing it's name

OK, I found the way :). The part I was missing was - when doing :set ($array->$key) $value - the $key needs to be string, cannot be integer. So now the proper example is as follows: ### Initiating the array :local xxx {1="1st value";2="2nd value";3="3rd value";n="nth value"} ###Getting all values (w...
by dasiu
Mon Jun 04, 2018 2:22 pm
Forum: Scripting
Topic: Call variable by dynamically constructing it's name
Replies: 3
Views: 578

Re: Call variable by dynamically constructing it's name

BTW - if anyone found a better way to ADD new key to an array, please share! :)
by dasiu
Mon Jun 04, 2018 2:20 pm
Forum: Scripting
Topic: Call variable by dynamically constructing it's name
Replies: 3
Views: 578

Re: Call variable by dynamically constructing it's name

Use ARRAYS for this :). For example: ### Initiating the array :global xxx {1="1st value";2="2nd value";3="3rd value";n="nth value"} ###Getting all values (with the keys) from the array :foreach key,value in=$xxx do={ :put "Table entry number $key has the value: $value" } ###Changing the existing val...
by dasiu
Mon Jun 04, 2018 1:53 pm
Forum: Scripting
Topic: VPN connected script
Replies: 3
Views: 1314

Re: VPN connected script

In PPP profile you have "on-up" and "on-down" scripts. Cannot you use 2 different scripts? :)
by dasiu
Mon Jun 04, 2018 1:00 pm
Forum: Scripting
Topic: help!!! hotspot validity script for rb941
Replies: 1
Views: 859

Re: help!!! hotspot validity script for rb941

Hi! Just remove any keepalives and set all timeouts to 1 hour. Then if the user disappears from the local network (disconnects) - hotspot will still keep counting the time for him. He can go back and use it, but the "hard limit" is 1h from the first logging in, continuous.
by dasiu
Mon Jun 04, 2018 12:37 pm
Forum: Scripting
Topic: Script input from console ... works!
Replies: 2
Views: 567

Re: Script input from console ... works!

dennis46 - it's a nice lifehack!! Thanks! :) It's not "Undocumented" and it's probably not a "feature" :). MikroTik does that if you don't fill a required value. Try: /ping - it will ask you for address (as it's a required argument). The same when you want to remove something (/ip address remove), ...
by dasiu
Mon Jun 04, 2018 12:29 pm
Forum: Scripting
Topic: Read SNR on Wireless Interface
Replies: 1
Views: 526

Re: Read SNR on Wireless Interface

1. print does not do that. print stats - does :). /intrerface wireless registration-table print stats 2. You can use GET if you want to script it. Like: /interface wireless registration-table get ... signal-to-noise. Example: :foreach x in=[/interface wireless registration-table find] do={:put "Stat...
by dasiu
Mon Jun 04, 2018 12:12 pm
Forum: Scripting
Topic: Mikrotik synthesizer/piano programs
Replies: 18
Views: 3745

Re: Mikrotik synthesizer/piano programs

WOW!! I thought I was the only one using the MikroTik beeper for music. altucor - you are great!! :) I started doing my "online composer" to generate MT music and midi previews (other way around - composing rather than taking midi), but never got it finished... If you have telecommunication rack wit...
by dasiu
Mon May 14, 2018 4:54 pm
Forum: Scripting
Topic: Script on 6.41RC - fetch not working
Replies: 5
Views: 1272

Re: Script on 6.41RC - fetch not working

Have you tried running the "/tool fetch" command manually? Does it work? If not - can you put the output here?
by dasiu
Fri Apr 27, 2018 6:26 pm
Forum: Wireless Networking
Topic: Safe mode to move to new AP
Replies: 2
Views: 445

Re: Safe mode to move to new AP

No, there is no way to adjust the safe mode timeout. But you can write a script restoring the settings, and then scheduler running the script after 2 minutes from now, and then - just move to the new AP. If you are able to restore the connection with the new config - just log in and remove the sched...
by dasiu
Mon Apr 23, 2018 5:53 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 161806

Re: Advisory: Vulnerability exploiting the Winbox port

Normis (or other MikroTik people here) - can you, please, share the very important info: Is there a known attack / exploit you were informed about? Did you learn about this vulnerability from your own studies or from a "friendly" user? Or was someone already attacked, and it came during the analysi...
by dasiu
Mon Apr 09, 2018 3:59 pm
Forum: Wireless Networking
Topic: LHG 60G
Replies: 12
Views: 1687

Re: LHG 60G

LHG2 = 29 $ / GHz LHG5AC = 18 $ / GHz LHG 60G = 2.40 $ / GHz So not expensive at all!!! :lol: :lol: :lol: Made my day! But apart of making fun - it's showing the correct way to compare them :). More true when you compare the $/MHz bandwidth (in 60G it's 2000 MHz channel bandwidth) or $ per total th...
by dasiu
Mon Apr 09, 2018 3:46 pm
Forum: Wireless Networking
Topic: CAPsMAN VLAN question [SOLVED]
Replies: 3
Views: 529

Re: CAPsMAN VLAN question [SOLVED]

Does anyone have an idea of what's wrong?
Your check is wrong :). When a wireless interface on a MikroTik is managed by CAPsMAN, the interface is not showing you the running settings. They can be seen on the CAPsMAN on the interface, only there.
by dasiu
Mon Apr 09, 2018 3:04 pm
Forum: Announcements
Topic: v6.41.4 [current]
Replies: 37
Views: 9843

Re: v6.41.4 [current]

Thanks! :)
!) tile - improved overall system performance and stability ("/system routerboard upgrade" required);
- is it the same improvement, as in 6.41.3 (identical description), or yet a new improvement (improving it even more), or did the improvement in 6.41.3 didn't work? :)
by dasiu
Thu Mar 29, 2018 3:20 pm
Forum: General
Topic: Router + switch + ap all in one solution
Replies: 15
Views: 1378

Re: Router + switch + ap all in one solution

Having 1 Gbps connection you either: 1. Use hAP ac2, having 5 gigabit ports and quite strong CPU and dual-band wifi with ac - which is usually enough for home use 2. Use sth. like RB3011 (10 Gbps ports, but 2 switch groups) or RB1100 (usually in your server room, not on your desk!) and additional du...
by dasiu
Tue Mar 27, 2018 2:09 pm
Forum: General
Topic: IPSec Strongswan configuration fails
Replies: 7
Views: 1942

Re: IPSec Strongswan configuration fails

ilja , 1. On the policies list you can have actual "policies", and just "templates" - that are not working policies, just "bases" for dynamically creating policies, which match the other end's policies. 2. Your only "policy" (which is not a template) is disabled 3. Your IPSec peer has "generate-pol...
by dasiu
Thu Oct 19, 2017 12:31 pm
Forum: Announcements
Topic: RouterOS (v6.39.3, v6.40.4, v6.41rc) NOT affected by WPA2 vulnerabilities
Replies: 58
Views: 105618

Re: RouterOS (v6.39.3, v6.40.4, v6.41rc) NOT affected by WPA2 vulnerabilities

MikroTik Team, short question: If I have a wireless link on 802.11 protocol using Management Protection - can it be vulnerable to the attacks (before the upgrade)? Or does Management Protection already solve the problem (by not allowing the client, if Management Protection is "required", to connect ...
by dasiu
Fri Mar 28, 2014 12:20 pm
Forum: General
Topic: warning DHCP offering lease without success
Replies: 1
Views: 4615

Re: warning DHCP offering lease without success

Maybe the second one is connected via a wireless "station-pseudobridge" link, which means the NAT for MAC addresses?
by dasiu
Sat Mar 22, 2014 11:10 am
Forum: General
Topic: vLAN with Switch chips _ scenario-based solutions
Replies: 33
Views: 6578

Re: vLAN with Switch chips _ scenario-based solutions

Dasiu, now between "I understood" and "I'm able to apply it", there's a world :-) In your presentation you mention only one master port for a chip. How if I want to have two but only one with switch chip used for vlans? I currently have a RB450G (planning to switch for a 2011UiAS), can you tell me ...
by dasiu
Fri Mar 21, 2014 1:09 pm
Forum: General
Topic: vLAN with Switch chips _ scenario-based solutions
Replies: 33
Views: 6578

Re: vLAN with Switch chips _ scenario-based solutions

You can check my MUM presentation about the switch chip: http://mum.mikrotik.com/presentations/IT14/starnowski.pdf I read, re-read and re-re-read until I (think I) understood everything. Based on your presentation, I now assume that VLAN interface(s) aren't required at all to manage VLANs if switch...
by dasiu
Wed Mar 05, 2014 3:25 pm
Forum: General
Topic: MikroTik Training events and institutions around the world
Replies: 2
Views: 618

Re: MikroTik Training events and institutions around the wor

The trainings are organised by MikroTik certified Trainers. Each trainer can schedule a training in the system using his account - and it is automatically shown on the public schedule. So what you see - is the list of trainings that are scheduled by trainers - exactly they were "clicked in the syste...
by dasiu
Mon Mar 03, 2014 5:26 pm
Forum: General
Topic: how to set maximum clients per wifi interface
Replies: 1
Views: 476

Re: how to set maximum clients per wifi interface

/interface wireless set wlan1 max-station-count=10
by dasiu
Sat Mar 01, 2014 1:59 pm
Forum: General
Topic: Default setting of some routerboard series ackward
Replies: 8
Views: 1445

Re: Default setting of some routerboard series ackward

Usually the antenna is the gateway and that has to be connected in this default setup to ether1. But we actually want to use a PoE-out port. So we have to connect the antenna to ether5. But this is just a slave port in the LAN network. If not aware, problems all over.... I have access to about 5 di...
by dasiu
Fri Feb 28, 2014 11:45 am
Forum: General
Topic: vLAN with Switch chips _ scenario-based solutions
Replies: 33
Views: 6578

Re: vLAN with Switch chips _ scenario-based solutions

What do you mean by port1 = cpu port ?? If ether2 is the master port, then the cpu port of the switch chip is ether2 of router's CPU. I think that you're a bit confused with the terminology :). You can check my MUM presentation about the switch chip: http://mum.mikrotik.com/presentations/IT14/starno...
by dasiu
Sun Feb 23, 2014 2:26 pm
Forum: General
Topic: Mikrotik BGP Protocol configuration
Replies: 2
Views: 709

Re: Mikrotik BGP Protocol configuration

HI, I have an issue with mikrotik Rb-750 gigabyte, 5.11 v router board BGP configuration. My router using my both ISP connection for download and upload bandwidth while i monitor in interface but i want to use my 1st connection as primary cnnection and secondary mean 2nd isp connection as backup co...
by dasiu
Tue Feb 18, 2014 12:49 pm
Forum: General
Topic: AR8327
Replies: 8
Views: 6197

Re: AR8327

Any progress?
I will have a presentation on the next MUM (in 2 days), showing how easy it is :).
by dasiu
Sun Feb 16, 2014 1:26 am
Forum: RouterBOARD hardware
Topic: Making LCD useful.
Replies: 19
Views: 5296

Re: Making LCD useful.

A custom text field, that could be generated by a script - would be perfect :).
by dasiu
Tue Feb 04, 2014 9:31 am
Forum: General
Topic: CCR1036 PPPoE 1000+ clients 400+ Mbit/s degraded perfomance
Replies: 10
Views: 4129

Re: CCR1036 PPPoE 1000+ clients 400+ Mbit/s degraded perfoma

CPU load does not exceed 20-30% but the CCR cannot go beyond 400-500 mbit/s. How did you check the CPU load? Is it the average load (from /system resource), or max load per core (from /system resource cpu)? When the avg load is 30% - all cores can have 30%, but it's also possible that 20 cores have...
by dasiu
Mon Feb 03, 2014 12:30 pm
Forum: General
Topic: is there anyway to know password mistake?
Replies: 20
Views: 3257

Re: is there anyway to know password mistake?

You can: 1. Do a port redirection - dst-nat for ssh port to a server on a separate linux machine you have in your network for sniffing passwords (ex. a Raspberry Pi machine) for connections coming from an address list (and you just add the "suspicious" IP to the list - to be redirected to the fake s...
by dasiu
Tue Jan 28, 2014 8:54 pm
Forum: General
Topic: Quick hotspot question
Replies: 3
Views: 415

Re: Quick hotspot question

No... Slave interfaces shouldn't have IP addresses, any DHCP/hotspot servers, etc. You should set them on the bridge interface (master).
by dasiu
Mon Jan 27, 2014 9:47 am
Forum: General
Topic: exclude IP from webproxy rule
Replies: 2
Views: 1679

Re: exclude IP from webproxy rule

The "dstnat" chain is TOTALLY SEPARATE from "srcnat". It means, that it doesn't matter, if you place it before or after the srcnat rules. When the packet enters the router, all dstnat rules (in proper order) are applied, and later - before it leaves - the srcnat rules. If you don't want the packets ...
by dasiu
Sun Jan 26, 2014 12:04 pm
Forum: General
Topic: Trunk port on a CCR1036 router
Replies: 11
Views: 6254

Re: Trunk port on a CCR1036 router

So if I got you correct, the configuration should look like this: /interface bridge add name=br-vlan10 /interface bridge add name=br-vlan20 /interface bridge add name=br-vlan30 /interface vlan add interface=ether4 name=vlan10 vlan-id=10 add interface=ether4 name=vlan20 vlan-id=20 add interface=ethe...
by dasiu
Sun Jan 26, 2014 3:52 am
Forum: General
Topic: IPsec with no encryption ... why is the firewall involved?
Replies: 2
Views: 726

Re: IPsec with no encryption ... why is the firewall involve

1. Your /ip firewall nat - is empty right now?
2. Do you use l2tp? It creates dynamic change-mss rules in /ip firewall mangle.
3. What if you disable connection tracking?
4. Check "print dynamic" in /ip firewall filter, nat and mangle - everything empty?
by dasiu
Wed Jan 22, 2014 5:56 pm
Forum: General
Topic: SNMP oids
Replies: 2
Views: 1201

Re: SNMP oids

Am i doing something wrong? I am able to fetch other (uptime, memory, cpu) resources, just not the wireless ones. Yes... RTFM - as some people say ;). The snmpwalk command performs a sequence of chained GETNEXT requests automatically. It is a work saving command. Rather than having to issue a serie...
by dasiu
Mon Jan 20, 2014 2:01 am
Forum: General
Topic: Monitor Traffic/Resolve IP Address to Hostnames
Replies: 2
Views: 1783

Re: Monitor Traffic/Resolve IP Address to Hostnames

1. Enable webproxy (/ip proxy set enabled=yes) 2. Let all HTTP traffic go through the webproxy (/ip firewall nat add chain=dstnat action=redirect dst-port=80 protocol=tcp to-port=8080) 3. Just log the "webproxy,!debug" - /system logging add topics=web-proxy,!debug action=... (disk, probably) - that'...
by dasiu
Sun Jan 19, 2014 1:08 am
Forum: General
Topic: Creating Route for Vlan to switch
Replies: 3
Views: 1109

Re: Creating Route for Vlan to switch

I have a cisco switch that is connected directly to the mikrotik via ether2. and then it has a SFP port 1/0/25 that connects to a hp switch. [...] interface GigabitEthernet1/0/25 switchport trunk encapsulation dot1q switchport mode trunk What Cisco port is connected to the MikroTik's ether2? And wh...
by dasiu
Sun Jan 19, 2014 12:52 am
Forum: General
Topic: Src & Dst NAT In Same Time
Replies: 1
Views: 758

Re: Src & Dst NAT In Same Time

You simply configure it, it will work in the same time. You configure dst-nat rules in "dstnat" CHAIN, and src-nat rules in the "srcnat" CHAIN. Each IP packet goes through the dstnat chain after getting inside the router (before routing decision), and goes through srcnat chain before leaving the rou...
by dasiu
Wed Jan 30, 2013 1:09 am
Forum: Scripting
Topic: Ip hotspot active user = Ip Bindings
Replies: 4
Views: 7189

Re: Ip hotspot active user = Ip Bindings

:foreach user in=[/ip hotspot active find] do={ :local ip [/ip hotspot active get $user address]; :local mac [/ip hotspot active get $user mac-address]; :local username [/ip hotspot active get $user user]; :foreach binding in=[/ip hotspot ip-binding find address=$ip] do={ /ip hotspot ip-binding rem...
by dasiu
Mon May 07, 2012 3:29 pm
Forum: General
Topic: How to male bandwidth limimitation with miltiple VLAN`s
Replies: 1
Views: 553

Re: How to male bandwidth limimitation with miltiple VLAN`s

How to tag only those packets that come from the Internet to users and exclude inter VLAN traffic? You already did that :). /ip firewall mangle add action=mark-connection chain=forward disabled=no new-connection-mark=\ "vlan7 con-down" passthrough=yes src-address=192.168.7.0/24 add action=mark-pack...
by dasiu
Mon May 07, 2012 2:37 pm
Forum: General
Topic: How to change Graph storage location from disk to Micro SD ?
Replies: 1
Views: 1126

Re: How to change Graph storage location from disk to Micro

THERE IS NO SUCH OPTION, YOU CANNOT DO THAT!

And please, don't shout...
by dasiu
Mon May 07, 2012 2:27 pm
Forum: RouterBOARD hardware
Topic: Is RB751G-2HnD performance enough?
Replies: 4
Views: 4952

Re: Is RB751G-2HnD performance enough?

1. Is RB751G-2HnD performance enough? I think it can be too weak for your requirements... see http://routerboard.com/RB751G-2HnD - and remember, that the tests are with simple routing (and conntrack=on), without any queues, tunnels etc. - and they are also CPU consuming. The best way would be to te...
by dasiu
Fri May 04, 2012 2:22 am
Forum: General
Topic: Maybe chewing bit too much
Replies: 4
Views: 750

Re: Maybe chewing bit too much

So it looks quite simple, if you are familiar with policy routing a bit :). I assume, that you have already created the static default route on the wan1 gateway's IP, and that it has greater distance (default=1) than the one from DHCP (default=0). Basically, now everything should go through wan2 (th...
by dasiu
Sat Apr 28, 2012 11:37 am
Forum: Wireless Networking
Topic: 802.11n 3x3 with 3SS
Replies: 7
Views: 2358

Re: 802.11n 3x3 with 3SS

Any plans for a triple polarization antenna? :twisted: In free space, for outdoor links (in Line Of Sight scenario) the spatial streams are different polarizations :). That's the only way to send/receive 2 different signals on the same frequency. And you can have only two orthogonal (totally differe...
by dasiu
Sat Apr 28, 2012 11:13 am
Forum: Beginner Basics
Topic: Managing AP in Hotspot bridge
Replies: 2
Views: 867

Re: Managing AP in Hotspot bridge

Run a PPTP server on the RB1200, connect to it from your computer or router where you actually are, and use the pptp-client interface as your default gateway (check the option when configuring PPTP client). Now you can simply connect to 172.*.*.*. Just remember, that the 172.*.* AP's need to have th...
by dasiu
Sat Apr 28, 2012 11:00 am
Forum: General
Topic: Hotspot and iphone/ipad autofill
Replies: 9
Views: 7645

Re: Hotspot and iphone/ipad autofill

Have you tried setting HTTP PAP instead of HTTP CHAP in hotspot server profile? Maybe your Apple devices get lost, when the CHAP is used, and the password sent by the browser is different than written by you (it's MD5 hashed by JavaScript). Maybe iOS refuses to remember the form data, as they were d...
by dasiu
Thu Apr 26, 2012 10:15 am
Forum: General
Topic: can someone please double-check my queues?
Replies: 1
Views: 541

Re: can someone please double-check my queues?

http://forum.mikrotik.com/viewtopic.php?f=2&t=54350&p=276863#p276863 - it is already here :). In a few words - the parents' queue types are IRRELEVANT :). In /queue tree (generally - HTB) only the children do the actual queueing (waiting room for packets), and the parents only count bandwidth for t...
by dasiu
Thu Apr 26, 2012 10:05 am
Forum: Scripting
Topic: Script to Disconnect All Active pppoe Users
Replies: 2
Views: 1954

Re: Script to Disconnect All Active pppoe Users

/ppp active remove [find] or - being strict: /ppp active remove [find service="pppoe"] Will I get carma for this? Or was it too trivial? ;) edit: How is it possible, that I saw the topic as "unreplied" few minutes ago (26 Apr 09:00 CEST) , while a response was "Posted: Wed Apr 25, 2012 5:49 pm"? Is...
by dasiu
Thu Apr 26, 2012 9:09 am
Forum: Beginner Basics
Topic: IP problem rb433l
Replies: 1
Views: 395

Re: IP problem rb433l

The default address 192.168.88.1 is configured only on ether1 ;).
by dasiu
Thu Apr 26, 2012 9:03 am
Forum: The Dude
Topic: The DUDE 100% CPU usage
Replies: 5
Views: 3241

Re: The DUDE 100% CPU usage

I use Dude server on a separate machine with MikroTik RouterOS - it monitors hundreds of machines, and the average cpu-load is always below 10% :).
by dasiu
Mon Apr 23, 2012 11:52 pm
Forum: The Dude
Topic: The DUDE 100% CPU usage
Replies: 5
Views: 3241

Re: The DUDE 100% CPU usage

Pretty obvious recommendation would be to use a newer version of Dude :).
by dasiu
Mon Apr 23, 2012 11:51 pm
Forum: General
Topic: Login by HTTP CHAP ?
Replies: 1
Views: 1050

Re: Login by HTTP CHAP ?

Look into the HTML :). I don't have the files accessible now, so I can't check, but I'm pretty sure it's just a MD5 hash. And the idea is that you are not able to decrypt the password :). You can just check, if the hash is made using proper password and challenge string :).
by dasiu
Mon Feb 27, 2012 4:56 pm
Forum: General
Topic: FREE ROUTER!
Replies: 15
Views: 6403

Re: FREE ROUTER!

Is the special offer closed already? Or do you plan to prolong it? ;-)
by dasiu
Thu Feb 23, 2012 11:59 am
Forum: Forwarding Protocols
Topic: Help with OSPF
Replies: 3
Views: 1521

Re: Help with OSPF

Try changing default-distribute on every router to "if-installed-as-type-1" and remove all static routes to 0.0.0.0/0 :). Then check if it works. With "if-installed" router will not advertise a route it doesn't have, and with "type 1" the distance will change with every single hop - so the best path...
by dasiu
Wed Feb 22, 2012 12:02 am
Forum: General
Topic: daily limitation of upload traffic
Replies: 3
Views: 766

Re: daily limitation of upload traffic

http://forum.mikrotik.com/viewtopic.php?f=10&t=59306 - the solution was discussed here a week ago :). In hotspot you can specify uptime and you can specify amount of bytes sent/received/total :). So it's the same case (hotspot, limited user, and script that clears the counters every midnight).
by dasiu
Tue Feb 21, 2012 11:59 pm
Forum: Beginner Basics
Topic: Transparent Bridge with NAT?
Replies: 3
Views: 2431

Re: Transparent Bridge with NAT?

yes :)
by dasiu
Tue Feb 21, 2012 11:20 am
Forum: General
Topic: who can help me to set up something with Mikrotik.
Replies: 1
Views: 395

Re: who can help me to set up something with Mikrotik.

Well... It seems easy - with HOTSPOT :). I think it's what you are looking for. And also an external server with Radius and PHP and a database :). Each user can have his account, and the Radius server will inform MikroTik about limits for the user. If the limits are over, user will be redirected to ...
by dasiu
Tue Feb 21, 2012 10:43 am
Forum: Forwarding Protocols
Topic: Help with OSPF
Replies: 3
Views: 1521

Re: Help with OSPF

BGP with "redistribute connected"?? wow...

Could you show us the "/routing export" output from the core router? It will cover the BGP, OSPF and filters configuration - and will show us what is the configuration idea and what can be missing :).
by dasiu
Tue Feb 21, 2012 10:22 am
Forum: General
Topic: Hotspot e-mail login.
Replies: 2
Views: 1054

Re: Hotspot e-mail login.

No, it's not possible :). But it should be easy with a simple server with RADIUS and PHP.
by dasiu
Wed Feb 15, 2012 2:21 pm
Forum: Beginner Basics
Topic: RB750 is dead after update to 5.13
Replies: 4
Views: 1942

Re: RB750 is dead after update to 5.13

A while ago I had to save my RB750 the same way ;).
Did you upload 5.13, or an older version?
by dasiu
Wed Feb 15, 2012 2:02 am
Forum: General
Topic: DST-NAT Local IP to Local IP
Replies: 8
Views: 5753

Re: DST-NAT Local IP to Local IP

If I understand it correctly, the MailServer is on LAN1, just like the other computers? Then - add another masquarading rule: chain=srcnat action=masquerade src-address=192.168.0.0/24 dst-address=192.168.0.2 Does it work now? :) If it is the case, computer with 192.168.0.1 sends a packet to 192.168....
by dasiu
Wed Feb 15, 2012 1:35 am
Forum: Beginner Basics
Topic: RB750 is dead after update to 5.13
Replies: 4
Views: 1942

Re: RB750 is dead after update to 5.13

Something went wrong... But there is an option! :) See the manual for RB750 about the reset button: "● Hold this button during boot time longer, until LED turns off, then release it to make RB750 look for Netinstall servers." You need to run a Netinstall server on your computer, and connect the rout...
by dasiu
Mon Feb 13, 2012 6:56 pm
Forum: The User Manager
Topic: can I have a user with 2 hour internet for every day
Replies: 4
Views: 1778

Re: can I have a user with 2 hour internet for every day

Yes, you can! :) 1. Create a simple hotspot (using the wizard), you can find many tutorials on this 2. Create the hotspot user and set the time restrictions for him (for example - 2 hours of activity) 3. Create a script, that resets the counters for the user (or for all hotspot users) - with scripti...
by dasiu
Sun Feb 12, 2012 3:05 pm
Forum: Beginner Basics
Topic: Hotspot Documentation
Replies: 2
Views: 537

Re: Hotspot Documentation

Strange... I looked for such article, but I found nothing. That's why I'm doing such presentation for the next MUM in Warsaw ;).
What exactly do would you like to do? What is your plan?
by dasiu
Thu Feb 02, 2012 11:50 pm
Forum: Forwarding Protocols
Topic: BGP Advice
Replies: 4
Views: 1054

Re: BGP Advice

Maybe I should be looking at OSPF instead? And how many "real" eBGP sessions (on different routers) do you have there? iBGP's main idea is that the eBGP routers should "discuss" the routes received from their peers and decide, how to route the traffic outside. For routing inside one "real" AS - BGP...
by dasiu
Fri Jan 06, 2012 1:21 pm
Forum: Beginner Basics
Topic: Dropping traffic from ether3 to ether2
Replies: 3
Views: 932

Re: Dropping traffic from ether3 to ether2

I was able to access a wireless AP that was 192.168.1.2, but after changing the order, it is working properly. You can paste your rules here so we can see and think ;). If changing the order helped, it would suggest that there was a problem :). If you have the rules for accepting established, relat...
by dasiu
Fri Jan 06, 2012 4:41 am
Forum: Beginner Basics
Topic: Dropping traffic from ether3 to ether2
Replies: 3
Views: 932

Re: Dropping traffic from ether3 to ether2

/ip firewall filter add chain=forward src-address=10.10.0.0/24 dst-address=192.168.1.0/24 action=drop place-before=0 /ip firewall filter add chain=forward dst-address=10.10.0.0/24 src-address=192.168.1.0/24 action=drop place-before=0 Are you sure that there were no other filter rules before the ones...
by dasiu
Fri Jan 06, 2012 4:21 am
Forum: General
Topic: > 254 IPs
Replies: 3
Views: 3607

Re: > 254 IPs

192.168.0.0/23 will work normally, id doesn't differ from 192.168.0.0/24 - you will have 512 normal addresses :).
by dasiu
Fri Jan 06, 2012 4:17 am
Forum: General
Topic: RB751U - how many master switch ports can be configured?
Replies: 2
Views: 3170

Re: RB751U - how many master switch ports can be configured?

What do I miss understanding schema and switch logic for this device? You miss the fact, that the switching chip is a physical device inside the routerboard :). Like a normal cheap switch - you cannot "divide" it to 2 smaller switches :). See this: http://wiki.mikrotik.com/wiki/Manual:Switch_Chip_F...
by dasiu
Mon Jan 02, 2012 11:14 am
Forum: General
Topic: masq with a /32 address?
Replies: 5
Views: 763

Re: masq with a /32 address?

In nat rule set out interface as lo0 and masquerade as action. Should do the trick. No, no, no, "out-interface" is a "trigger", is a selector, not an action :). Then the NAT rule would work ONLY for packets routed through lo0 interface. As packets routed outside (through gateway) have out-interface...
by dasiu
Mon Jan 02, 2012 11:12 am
Forum: General
Topic: masq with a /32 address?
Replies: 5
Views: 763

Re: masq with a /32 address?

I think you are looking for the pref-src parameter in /ip route :). This parameter tells RouterOS what source IP it should use in packets generated by the router (and - also - masqueraded) when sending a packet to a specified destination :). Modify your /ip route and add pref-src=12.34.56.78 on the ...
by dasiu
Sat Dec 31, 2011 4:13 pm
Forum: Scripting
Topic: Convert one byte data to hex
Replies: 10
Views: 2333

Re: Convert one byte data to hex

dasiu@admin:~/Dokumenty/Mikrotik/Skrypty$ ./dhcp.perl 16.32.64.128 0.0.0.0/0 DHCP option 121 (249) hex string: 000010204080 - should be 0010204080, and is 00 00 10204080. RFC says, that for subnet mask /0 - there should be 0 octets of the network, and the perl script still gives 1 octet in the resu...
by dasiu
Sat Dec 31, 2011 4:04 pm
Forum: Scripting
Topic: Convert one byte data to hex
Replies: 10
Views: 2333

Re: Convert one byte data to hex

Ok, this modification was quick :). And the perl script you gave me as example - gives invalid result for /0 mask. In that RFC (see the examples in the RFC) - should be no octets, but the perl script gives one ;). # # Second script converting network and gateway from routing table to hexadecimal str...
by dasiu
Sat Dec 31, 2011 3:31 pm
Forum: Scripting
Topic: Convert one byte data to hex
Replies: 10
Views: 2333

Re: Convert one byte data to hex

Then how should it look like for:
192.168.0.0/16
10.0.0.0/8
10.0.0.0/16
10.0.0.0/20
10.0.0.0/24
10.0.0.0/28
? :)
by dasiu
Sat Dec 31, 2011 3:18 pm
Forum: Scripting
Topic: Convert one byte data to hex
Replies: 10
Views: 2333

Re: Convert one byte data to hex

1. I'm just learning to write scripts - and I think that was quite easy :). 2. That's my first script to be put on MikroTik wiki 3. THG - if you are planning to go to the MUM - you owe me a beer :) (wait... they give beer for free... ok, let it be a big chocolate :P) # # Script converting network an...
by dasiu
Sat Dec 31, 2011 12:59 pm
Forum: Scripting
Topic: Convert one byte data to hex
Replies: 10
Views: 2333

Re: Convert one byte data to hex

I need some ideas to convert a static route from RouterOS to hex. Example: A route to the network 192.168.2.0/24 using gateway 192.168.1.1 The string to convert: [ Network Bitmask ][ Network Address ][ IP Address ] Final hex string: 0x18c0a802c0a80101 My first suggestion - it should be 0x18c0a802 0...
by dasiu
Thu Dec 29, 2011 7:41 pm
Forum: RouterBOARD hardware
Topic: RB433AH vs RB600....Specs? "New Feature Announcements"?
Replies: 22
Views: 4877

Re: RB433AH vs RB600....Specs? "New Feature Announcements"?

http://www.scribd.com/doc/38946236/Router-Board-Performance-Tests http://www.mikrotik.com/download/Mikrotik_no011.pdf - page 2 10s using google Thanks!! Exactly what I was looking for! It took me about 30m to find many topics on forum (and other internet forums and webpages), but didn't find those ...
by dasiu
Thu Dec 29, 2011 4:19 pm
Forum: RouterBOARD hardware
Topic: RB433AH vs RB600....Specs? "New Feature Announcements"?
Replies: 22
Views: 4877

Re: RB433AH vs RB600....Specs? "New Feature Announcements"?

new test results are on http://www.routerboard.com I know, that RB600 is an old routerboard, and there is RB800 etc... But I have a strong need to see the tests of RB600 compared to RB433AH (for example). Where can I see them? Could you give me any specific link to an old chart on the webpage? Plea...
by dasiu
Sun Dec 18, 2011 3:28 am
Forum: Scripting
Topic: Mikrotik 3g watchdog
Replies: 21
Views: 11479

Re: Mikrotik 3g watchdog

sure it set to disk ... but after shutdown it 100% cleared
Sorry, I thought it would be the problem... What is your "disk-file-count" setting for the logging action? Maybe if it is set to 1 - try 2? Maybe the router starts the file "again" after reboot...
by dasiu
Sun Dec 18, 2011 2:07 am
Forum: Scripting
Topic: Mikrotik 3g watchdog
Replies: 21
Views: 11479

Re: Mikrotik 3g watchdog

Second issue after reboot logs is cleared so i cant get any info about fails ...
Set the target in "/system logging" to "disk" instead of "memory" :).
by dasiu
Sun Dec 18, 2011 2:05 am
Forum: Scripting
Topic: Mikrotik 3g watchdog
Replies: 21
Views: 11479

Re: Mikrotik 3g watchdog

As Normis wrote about usb power-reset: No. Currently only SXT and Omnitik has this. (topic: http://forum.mikrotik.com/viewtopic.php?f=3&t=57456 ) That's bad, that RB751 and even 433UAH don't have the feature... I am happy to have OmniTik and I'm trying to do a reliable 3g connection :). My operator ...
by dasiu
Sat Dec 17, 2011 11:58 am
Forum: General
Topic: Public IP DHCP
Replies: 2
Views: 485

Re: Public IP DHCP

There is no difference. People had the idea, that some of the addresses have to be filtered and not used in internet - and they will be "private" :). The router doesn't see a difference between 192.168.1.0/24 and 77.155.81.0/24 :).
by dasiu
Sat Dec 17, 2011 11:54 am
Forum: Wireless Networking
Topic: signal strenght vs. speed test
Replies: 4
Views: 985

Re: signal strenght vs. speed test

now, once i get that signal to set pretty steady, i try a speed test and i am only getting a download of .50 mbps and an up of about .47 mbps. I am no math genius, but doesnt that make my connection like a 56k freakin connection?
No, it doesn't :). It makes your connection like a 512k :).
by dasiu
Sat Dec 17, 2011 11:49 am
Forum: Beginner Basics
Topic: Queue Rate Limit to Static IP's
Replies: 11
Views: 1976

Re: Queue Rate Limit to Static IP's

177.30.20.3 is IP address of a computer? 177.30.20.1 is IP address of your router? Then - why are you limiting 177.30.20.1/32 ?? You limit your router, not the computers from the network :). If you want to limit this specific computer - set target-address=177.30.20.3/32 :) If you want to limit them ...
by dasiu
Fri Dec 16, 2011 11:40 am
Forum: Beginner Basics
Topic: how i can give priority on port base in mikrotik?
Replies: 20
Views: 16531

Re: how i can give priority on port base in mikrotik?

Yes, 1 is highest priority, 8 is lowest. I recommend looking at the examples: http://wiki.mikrotik.com/wiki/Manual:HTB
by dasiu
Fri Dec 16, 2011 11:36 am
Forum: General
Topic: How to match "$" in a string?
Replies: 2
Views: 411

Re: How to match "$" in a string?

Maybe "\\\$" (if you want to receive "\$" inside the regexp)? First backslash means to leave the second backslash without its "special" meaning. So you need third backslash, that will work on $ ;). But then you will be looking for "\$". If you want to look for just $ - I think "\$" is enough :).
by dasiu
Thu Dec 15, 2011 5:44 pm
Forum: Beginner Basics
Topic: how i can give priority on port base in mikrotik?
Replies: 20
Views: 16531

Re: how i can give priority on port base in mikrotik?

Sorry, I have no experience with Skype... As Janis once said - there is no way to filter Skype. It can operate on different ports (also on port 80), there is probably no reliable layer7 rule... So I don't know, what can be done :).
by dasiu
Thu Dec 15, 2011 4:36 pm
Forum: Beginner Basics
Topic: how i can give priority on port base in mikrotik?
Replies: 20
Views: 16531

Re: how i can give priority on port base in mikrotik?

If you want to have PCQ for clients limiting AND layer7 for prioritizing traffic - you need to have one queueing in prerouting, and one in postrouting (and use /queue tree, not /queue simple) :). See http://tiktube.com/index.php?video=JpcD3eCChqGnDlJFJEEsCvExClIoEKDH= and the PDF slides :). With fil...
by dasiu
Thu Dec 15, 2011 1:57 pm
Forum: Beginner Basics
Topic: how i can give priority on port base in mikrotik?
Replies: 20
Views: 16531

Re: how i can give priority on port base in mikrotik?

You don't have to add any other rule. That 2 rules cover all :). 1. If there is overall "demand" for less than 4M (each direction separately), every connection gets its bandwidth without limitation. 2. If the "overall demand" exceeds 4M, something must be cut: 2a. If port 5000 wants to have 1,5M and...
by dasiu
Thu Dec 15, 2011 12:10 pm
Forum: Beginner Basics
Topic: how i can give priority on port base in mikrotik?
Replies: 20
Views: 16531

Re: how i can give priority on port base in mikrotik?

Yes, you do it with queues AND layer7 :). Queues look like the ones I put in previous posts as examples. But first you need to mark packets with "prio" mark in /ip firewall mangle - and you can do this using layer7 filtering (or if a game has its own TCP/UDP port number - you can just use the port, ...
by dasiu
Wed Dec 14, 2011 3:58 pm
Forum: General
Topic: Clients can access to internet, but router cant.
Replies: 9
Views: 816

Re: Clients can access to internet, but router cant.

Then I presume you have the 192.168.100.0/23 net routed back to the router from the proxy server. That would make sense. Yeah, and that the router with proxy server (172.16.1.1) does also masquerading for 192.168.. addresses only :) - that was probably the problem, why the RB couldn't connect, as i...
by dasiu
Wed Dec 14, 2011 3:52 pm
Forum: Beginner Basics
Topic: How to enable SNMP?
Replies: 11
Views: 41248

Re: How to enable SNMP?

Hi dasiu,
Thanks for ur reply ....
i got the problem ....

/snmp community print
That's good :)
You should look more carefully on my first response in this topic - you had the solution already there :)
by dasiu
Wed Dec 14, 2011 2:26 pm
Forum: Beginner Basics
Topic: WDS Problem
Replies: 6
Views: 5355

Re: WDS Problem

Maybe there is a problem with TP-Link configuration of WDS...
by dasiu
Wed Dec 14, 2011 2:20 pm
Forum: Beginner Basics
Topic: how i can give priority on port base in mikrotik?
Replies: 20
Views: 16531

Re: how i can give priority on port base in mikrotik?

1. /ip firewall mangle add chain=prerouting protocol=tcp port=5000 connection-state=new action=mark-connection new-connection-mark=prio_conn 2. /ip firewall mangle add chain=prerouting connection-mark=prio_conn action=mark-packet new-packet-mark=prio 3. /queue simple add name=Internet interface=WAN ...
by dasiu
Wed Dec 14, 2011 1:59 pm
Forum: General
Topic: Gateway timeout with proxy and routing
Replies: 5
Views: 830

Re: Gateway timeout with proxy and routing

Yeah, the topic can be closed now :)

Taa, po tym "www.orange.pl" też wywnioskowałem, że Waść z Polski być musisz :).

Pozdrawiam! :)
by dasiu
Wed Dec 14, 2011 1:54 pm
Forum: Beginner Basics
Topic: PPTP server in MikroTik - couldn't connect
Replies: 4
Views: 1648

Re: PPTP server in MikroTik - couldn't connect

What does "/interface pptp-server server print" show?
And can you ping the router from your laptop?
And doesn't /ip firewall filter block anything?
Can you open TCP connection on port 1723 ("telnet router_ip_address 1723" from your computer)?
by dasiu
Wed Dec 14, 2011 1:51 pm
Forum: Beginner Basics
Topic: What is more effective way limiting rx/tx using SQueues?
Replies: 2
Views: 524

Re: What is more effective way limiting rx/tx using SQueues?

http://tiktube.com/index.php?video=LLco3bmqeEJoIplpJLovmypxKlEoJqmF= I recommend listening to Janis and looking at the PDF slides from the presentation. It shows, why simple queues shouldn't be used, and PCQ queues in queue tree should be used :). If you want to understand the queueing concepts - t...
by dasiu
Wed Dec 14, 2011 1:43 pm
Forum: Wireless Networking
Topic: 802.1q Trunk extension over Wireless
Replies: 4
Views: 1344

Re: 802.1q Trunk extension over Wireless

Just try to add /interface vlan on the wds interface on both sides - and bridge them with your vlans from ethernet :).
by dasiu
Wed Dec 14, 2011 1:38 pm
Forum: General
Topic: Gateway timeout with proxy and routing
Replies: 5
Views: 830

Re: Gateway timeout with proxy and routing

If it was the solution - then the 172.16.1.1 router has very strange NAT rules :).
by dasiu
Wed Dec 14, 2011 12:59 pm
Forum: Beginner Basics
Topic: how i can give priority on port base in mikrotik?
Replies: 20
Views: 16531

Re: how i can give priority on port base in mikrotik?

What do you mean by "to give the prioirty of 1M upload/download to port 5000" ? Is it that connections to port 5000 have higher priority, but they are limited to 1M? then: 4. /queue simple add name=prio interface=WAN parent=Internet packet-marks=prio priority=1 max-limit=1M/1M Or maybe it can take a...
by dasiu
Wed Dec 14, 2011 12:43 pm
Forum: Beginner Basics
Topic: How to enable SNMP?
Replies: 11
Views: 41248

Re: How to enable SNMP?

Please, show us your:
/snmp community print
/ip firewall filter print
:)
(and what ROS version are you using?)
by dasiu
Wed Dec 14, 2011 1:31 am
Forum: General
Topic: Mikrotik suited to this project?
Replies: 3
Views: 443

Re: Mikrotik suited to this project?

Yeah, but 750GL is a lot more, than a vlan switch :). 40$ for 250GS and 60$ for 750GL is a big difference - if you only want to use 750GL for vlan switching :). Maybe it's better to buy it from a distant distributor? ;)
by dasiu
Wed Dec 14, 2011 1:24 am
Forum: Beginner Basics
Topic: RB433AH
Replies: 18
Views: 2241

Re: RB433AH

Do you have a console cable and a serial port or usb->serial adapter? I would try to "look inside" the RouterBoard by console port. And then use "/system reset-configuration" and it should have 192.168.88.1 on ether1 :). (I forgot - of course you are connecting to ether1 on the routerboard? :) ) Or ...
by dasiu
Wed Dec 14, 2011 12:49 am
Forum: Beginner Basics
Topic: WDS Problem
Replies: 6
Views: 5355

Re: WDS Problem

by dasiu
Wed Dec 14, 2011 12:45 am
Forum: General
Topic: Mikrotik suited to this project?
Replies: 3
Views: 443

Re: Mikrotik suited to this project?

Im thinking I can use the 750GL to VLAN all the dwelling equipment together , and have a trunk port sending the traffic back to the comms building.
Why don't you use 250GS? :) 750GL is a router - and the device from your description is a vlan switch :).
by dasiu
Wed Dec 14, 2011 12:41 am
Forum: Beginner Basics
Topic: RB433AH
Replies: 18
Views: 2241

Re: RB433AH

Ych, you're too quick, I didn't manage to edit my post in time :). So - at first try that "edit" part - and figure out, why you can't ping 192.168.88.1 (did You manually set a 192.168.88.x address on your computer?) You have just connected the RouterBoard to your PC (or network), right? And WinBox s...
by dasiu
Wed Dec 14, 2011 12:29 am
Forum: Beginner Basics
Topic: RB433AH
Replies: 18
Views: 2241

Re: RB433AH

http://www.youtube.com/watch?v=p85xwZ_OLX0 (have you tried turning it off and on again?) :) And have you tried to delete Winbox files (from Application data)? - maybe the plugin is invalid... Do other services (telnet/ssh/webfig) work normally? edit: wait, just let's go back to the basics :) You ha...
by dasiu
Tue Dec 13, 2011 3:35 pm
Forum: Beginner Basics
Topic: How to enable SNMP?
Replies: 11
Views: 41248

Re: How to enable SNMP?

No, you don't set snmp in /ip services. Probably because SNMP uses UDP, and in /ip services - you have TCP ports, that are open :). Just /snmp set enabled=yes - and that's all!
by dasiu
Tue Dec 13, 2011 3:08 pm
Forum: Beginner Basics
Topic: PPTP server in MikroTik - couldn't connect
Replies: 4
Views: 1648

Re: PPTP server in MikroTik - couldn't connect

You should check IP route on your PC. PPTP is a point-to-point connection, so you get a /32 address with a network address of your server. If you want to connect to other machines from the LAN (usually a /24 network), the PC needs to know the route to the addresses through PPTP interface. Try connec...
by dasiu
Tue Dec 13, 2011 2:41 pm
Forum: Beginner Basics
Topic: How to enable SNMP?
Replies: 11
Views: 41248

Re: How to enable SNMP?

/snmp print - and look if it is enabled or not :) /snmp set enabled=yes - enables SNMP /snmp community print - shows, what SNMP communities you have. By default it is "public" with read-only access from all IP addresses (0.0.0.0/0) Then - you can just run snmpwalk to the IP address of your MikroTik...
by dasiu
Tue Dec 13, 2011 1:48 pm
Forum: Beginner Basics
Topic: uptime
Replies: 9
Views: 953

Re: uptime

yes
by dasiu
Tue Dec 13, 2011 1:44 pm
Forum: Forwarding Protocols
Topic: IP no changeable but can online...
Replies: 3
Views: 1081

Re: IP no changeable but can online...

You can do this by creating a hotspot on the interface and changing ARP mode of the interface to "proxy-arp". The hotspot will "translate" all addresses, do the DNS proxy etc. You just need to authorize the host (for example - by MAC).
by dasiu
Tue Dec 13, 2011 1:36 pm
Forum: Beginner Basics
Topic: how i can give priority on port base in mikrotik?
Replies: 20
Views: 16531

Re: how i can give priority on port base in mikrotik?

You use /ip firewall mangle : 1. /ip firewall mangle add chain= prerouting protocol= tcp port= 5000 connection-state= new action= mark-connection new-connection-mark= prio_conn 2. /ip firewall mangle add chain= prerouting connection-mark= prio_conn action= mark-packet new-packet-mark= prio 3. /queue...
by dasiu
Tue Dec 06, 2011 9:35 am
Forum: Beginner Basics
Topic: Help understanding Mikrotik LOG
Replies: 8
Views: 1379

Re: Help understanding Mikrotik LOG

1. a TCP SYN packet, initiating a TCP connection to port 22 (SSH) of your router. Someone (maybe a bot) was trying to SSH on the MikroTik 2. Every DHCP lease has its time. It is specified in "lease-time" parameter of the server. Usually - 3 days. If a DHCP client doesn't refresh the lease for the ti...
by dasiu
Tue Dec 06, 2011 2:55 am
Forum: RouterBOARD hardware
Topic: RB750 Internet Usage
Replies: 6
Views: 2533

Re: RB750 Internet Usage

Sorry, I missed the information, that you use hardware switching :). If you use switching chip, then the RouterBoard doesn't see any difference between the ethernet ports. To collect some statistics, you would need to create simple queues for different IP addresses (the access points' addresses?). E...
by dasiu
Mon Dec 05, 2011 2:29 pm
Forum: Wireless Networking
Topic: Help with Trunk P2P!
Replies: 2
Views: 740

Re: Help with Trunk P2P!

You can do it easily :). You just bridge eth0 with wlan0, and then you add vlan on the bridge interface :). And you add IP on the vlan interface, of course :).
by dasiu
Mon Dec 05, 2011 8:37 am
Forum: RouterBOARD hardware
Topic: RB750 Internet Usage
Replies: 6
Views: 2533

Re: RB750 Internet Usage

/tool graphing interface - it would monitor all trafic on a port. If you wish to monitor only a specific traffic, like traffic to the internet, without local traffic between the users, you can use /queue simple - just to "catch" the traffic, without any limiting, and then monitor it with /tool grap...
by dasiu
Sat Dec 03, 2011 3:07 pm
Forum: Beginner Basics
Topic: windbox can't find router
Replies: 2
Views: 1269

Re: windbox can't find router

Are you trying to access the MikroTik with winbox using MAC address, or IP address? MAC will not work, as it is router network now :). If ping works - then Winbox should be able to connect to the IP address :).
by dasiu
Sat Dec 03, 2011 3:05 pm
Forum: General
Topic: Moving License 6 from an old x86 to a newest one
Replies: 2
Views: 490

Re: Moving License 6 from an old x86 to a newest one

License is always "attached" to the disk. You can move the licence together with the disk - it's the only option. If the hard drive is broken, you can ask for a "replacement key" (it can cost few $) to install it on a new one - but MikroTik can ask you to send them the broken one :). The rest of har...
by dasiu
Thu Dec 01, 2011 8:51 am
Forum: Beginner Basics
Topic: Route a single address
Replies: 4
Views: 871

Re: Route a single address

Trying to understand... Where is the /28 subnet? Does the cable modem also have an IP address from the same /28 subnet? What is the gateway for the /28 addresses - is it still your device, or your provider's? x.178 - is it configured in the same time on the mikrotik connected to gateway AND on "anot...
by dasiu
Wed Nov 30, 2011 2:07 pm
Forum: Beginner Basics
Topic: Unable to ping Vlan gateway
Replies: 9
Views: 3241

Re: Unable to ping Vlan gateway

OK, I will try to create bridge interface and then create VLAN on bridge inteface, is the command same as /interface vlan add ...... ether1 ? Thanks !!!! No, no, no!! Stop! You have misunderstood me... Please tell me, why do you need VLANs so much? Why do you have to call the 10.0.0.0/24 and 10.1.0...
by dasiu
Wed Nov 30, 2011 10:52 am
Forum: Beginner Basics
Topic: Unable to ping Vlan gateway
Replies: 9
Views: 3241

Re: Unable to ping Vlan gateway

Well, that's the point, that you DON'T have a vlan at all! :) The vlan number is used to tag frames (or to separate different virtual LAN's on one switch). As you don't have anything tagged - you don't create any vlan interface! Just configure the IP directly on ether1 - and that's all :). The rest ...
by dasiu
Wed Nov 30, 2011 8:40 am
Forum: Beginner Basics
Topic: Unable to ping Vlan gateway
Replies: 9
Views: 3241

Re: Unable to ping Vlan gateway

Are you sure, that you understand the idea of trunking correctly?? If you add vlan10 on interface ether1 - the packets sent to interface "vlan10" are TAGGED - have additional 802.11q header attached to ethernet frame. Packets sent to ether1 are untagged, "normal". And what are the devices between Ro...
by dasiu
Tue Nov 29, 2011 1:49 pm
Forum: Beginner Basics
Topic: What command for VLAN untag and tag?
Replies: 6
Views: 3057

Re: What command for VLAN untag and tag?

If you want to bridge the vlans (that both subnets labeled as "vlan10" would be bridged together), than why do you put different IP addressing? Vlan10 should have the same IP pool on both routers... I think that's the idea of trunking :).
by dasiu
Tue Nov 29, 2011 4:59 am
Forum: Beginner Basics
Topic: What command for VLAN untag and tag?
Replies: 6
Views: 3057

Re: What command for VLAN untag and tag?

Be simple: for example, I have two RouterOS for VLAN, RouterOS A has VLAN 10 and VLAN 20, also RouterOS B has VLAN 10 and VLAN 20, trunk between RouterOS A and RouterOS B, all VLAN ports is tagged. Can RouterOS A VLAN 10 communicate with RouterOS B VLAN 10 ? Of course :). Let's assume, that the tru...
by dasiu
Mon Nov 28, 2011 9:16 pm
Forum: Forwarding Protocols
Topic: 3G problems
Replies: 7
Views: 1375

Re: 3G problems

will NAT help or Static Routes help?

anywhere on forum where i can read about this 3G USB data forwarding to Ether1 and WLAN1 ??
Have you read my last post? Well, I will try to put it in simple words. Just add:
/ip firewall nat add chain=srcnat action=masquerade out-interface=ppp-out1
by dasiu
Mon Nov 28, 2011 6:23 pm
Forum: Forwarding Protocols
Topic: 3G problems
Replies: 7
Views: 1375

Re: 3G problems

1. Is it ether1 or another? You need IP config on the ether interface :). Can the computer ping MikroTik? Is MikroTik the default gateway for the computer? Does tracert from computer show first step as MikroTik - and then (steps 2 and following) nothing? 2. You need to have masquerading (/ip firewal...
by dasiu
Mon Nov 28, 2011 10:46 am
Forum: Beginner Basics
Topic: What command for VLAN untag and tag?
Replies: 6
Views: 3057

Re: What command for VLAN untag and tag?

Simply - everything configured as "/interface vlan" is tagged. And tag is specified for every interface separately. Everything configured directly on a physical interface or bridge - is untagged. Few examples: 1. I set interface vlan10 with tag 10 and vlan20 with tag 20, both on ether3. And then I b...
by dasiu
Sun Nov 27, 2011 5:05 pm
Forum: Wireless Networking
Topic: VLAN configurations
Replies: 4
Views: 2280

Re: VLAN configurations

On RB411AR - you should add vlan interface on ether1 interface. And then you should bridge vlan interface with wlan1 interface :). So not the vlan over bridge (that makes tagged frames go through wireless to clients), but bridge over vlan (vlan is untagging frames from ether1, and then they go to wi...
by dasiu
Sun Nov 27, 2011 4:58 pm
Forum: Forwarding Protocols
Topic: portforward with pppoe client and ppoe server
Replies: 2
Views: 4379

Re: portforward with pppoe client and ppoe server

You simply add an /ip firewall nat rule: chain=dstnat action=dst-nat in-interface=pppoe-client protocol=tcp (I suppose) dst-port=8080 to-addresses=172.16.100.253 And you can also block internet connection for the computer in /ip firewall filter: chain=forward src-address=172.16.100.253 connection-st...
by dasiu
Sun Nov 27, 2011 4:03 pm
Forum: General
Topic: PublicIPs routing with mac-addresses masquerading. How?
Replies: 4
Views: 911

Re: PublicIPs routing with mac-addresses masquerading. How?

Well, that sounds problematically :). So what IP addresses you have configured on both interfaces of the RB1200? Could you post a simple diagram?
by dasiu
Sun Nov 27, 2011 3:28 pm
Forum: RouterBOARD hardware
Topic: Hotspot Printers
Replies: 1
Views: 603

Re: Hotspot Printers

http://www.technologic.pl/index.php?pag ... &Itemid=29 - I think this one should be good :).
by dasiu
Sun Nov 27, 2011 2:43 pm
Forum: General
Topic: PublicIPs routing with mac-addresses masquerading. How?
Replies: 4
Views: 911

Re: PublicIPs routing with mac-addresses masquerading. How?

Are the subnets for local users and subnet for datacenter the same? (Or - are IP addresses for both interfaces of your router in the same subnet?) If not - you simply DO NOTHING :). No NAT is needed for public IP's, and no bridge is needed if they are different subnets. It's simply IP routing! In 7-...
by dasiu
Sun Nov 27, 2011 2:34 am
Forum: General
Topic: NOT TO DO. Weird instalations?
Replies: 380
Views: 236814

Re: NOT TO DO. Weird instalations?

Maybe not a weird installation, but a funny picture of a funny nightclub I found attached to the building I had my last training in :)

Image
by dasiu
Sun Nov 27, 2011 2:16 am
Forum: Beginner Basics
Topic: Assigned Static IP's Not being bound.
Replies: 7
Views: 2692

Re: Assigned Static IP's Not being bound.

Or maybe in the /log section - there was some "failed to assign [...] already in use" or sth. like that? It sometimes happens, that MikroTik discovers an IP conflict (either real, or imaginary like with Win.Vista or Win.7). The result looks exactly as your screenshot shows :).
by dasiu
Wed Sep 07, 2011 11:33 am
Forum: RouterBOARD hardware
Topic: RB751
Replies: 73
Views: 20900

Re: RB751

It passed 12 days and there is not only no new router in distributor's store, but also no mention about RB751U at routerboard.com :(
12 days since when?
12 days after YOUR information, that "RB751U will ship to distributors in around 10-14 days" :twisted:
by dasiu
Wed Aug 31, 2011 9:20 pm
Forum: RouterBOARD hardware
Topic: RB751
Replies: 73
Views: 20900

Re: RB751

OK, August ends today... And I think that many of us are dissapointed, that the 751 is not there... Could you give us any news? Any new (maybe - reliable) deadline?
by dasiu
Tue Aug 23, 2011 10:52 pm
Forum: Beginner Basics
Topic: Signal on Mikrotik
Replies: 1
Views: 524

Re: Signal on Mikrotik

I would tell, that this is perfect :). Between -55 and -75 should be ok. Less than -75 can be too weak, more than -55 - can be too strong. But the signal strength you wrote is probably for small data rates, and increasing data rate TX power decreases. So -55 is perfect, as with high data rates it wo...
by dasiu
Tue Aug 23, 2011 3:46 pm
Forum: The Dude
Topic: Dude chart OID
Replies: 3
Views: 3822

Re: Dude chart OID

But what comments? I think you know everything necessary to collect traffic data from the interfaces :).
by dasiu
Tue Aug 23, 2011 1:56 pm
Forum: Beginner Basics
Topic: Queue question.
Replies: 9
Views: 1120

Re: Queue question.

Edit the queue named "DKMPDC" and set its max-limit to 1000000/1000000. Do that for each queue that is supposed to be exempt from simple queues further down the list. I'm curious if it helps :). The queue is not created for default-small without limit, but the queue simple "rule" still "catches" th...
by dasiu
Tue Aug 23, 2011 1:14 pm
Forum: Beginner Basics
Topic: Queue question.
Replies: 9
Views: 1120

Re: Queue question.

0 ;;; Masquerade chain=srcnat action=masquerade - why do you need this? Is it really necessary to masquerade everything? I have some problems with understanding the rules :). But still the queue problem is strange. It should at least have unlimited upload, as the dst-nat (for upload packets) is don...
by dasiu
Tue Aug 23, 2011 12:20 pm
Forum: General
Topic: v5.6, new parameter "Src Address Mask" in Queue Types
Replies: 1
Views: 755

Re: v5.6, new parameter "Src Address Mask" in Queue Types

If we are talking only about IPv4 - the value 32 should be used - it should be 100% compatible with earlier versions (without the parameter). If the hosts are not limited at all - something different must have happened. You have to inspect it more carefully - in the mangle (if all packets are marked...
by dasiu
Tue Aug 23, 2011 12:14 pm
Forum: General
Topic: PCC Load Balance needed help
Replies: 1
Views: 296

Re: PCC Load Balance

We understand your problem not. Please try write more specific anything. :)
(it's not about your english... just try to show us your network diagram, config... there are more certified MT specialists here than certified fortune-tellers ;) ).
by dasiu
Tue Aug 23, 2011 12:07 pm
Forum: Beginner Basics
Topic: Queue question.
Replies: 9
Views: 1120

Re: Queue question.

Show us your queue settings :) If you are using queue simple - just create one queue with unlimited bandwidth for target address of the e-mail server and put it in the beginning of the list of queues. If you are using queue tree - in the beginning of mangle just throw out the packets from/to e-mail ...
by dasiu
Tue Aug 23, 2011 12:00 pm
Forum: Scripting
Topic: Is it possible? (Opening a link with Scripting)
Replies: 2
Views: 535

Re: Is it possible? (Opening a link with Scripting)

You can open HTTP / FTP links: http://wiki.mikrotik.com/wiki/Manual:Tools/Fetch
What kind of "links" are you talking about?
by dasiu
Tue Aug 23, 2011 12:50 am
Forum: The Dude
Topic: Dude chart OID
Replies: 3
Views: 3822

Re: Dude chart OID

1. Multiply by 8 - as the "Octet" name suggests ;). It's number of bytes transmitted/received, so measuring the number divided by time and multiplied by 8 - gives bps.
2. Use the functions from: http://forum.mikrotik.com/viewtopic.php?f=8&t=46570 :)
by dasiu
Tue Aug 23, 2011 12:27 am
Forum: Wireless Networking
Topic: NATed addresses showing up in a torch
Replies: 1
Views: 489

Re: NATed addresses showing up in a torch

Probably it's because of the "invalid" packets , for example - TCP packets sent after the connection is finished (FIN). You should block "invalid" packets in the beginning of the firewall filter (on each router that has connection-tracking enabled), as in the example from http://wiki.mikrotik.com/wi...
by dasiu
Mon Aug 22, 2011 3:25 pm
Forum: Beginner Basics
Topic: question
Replies: 2
Views: 480

Re: question

station modes: station - typical client mode, that every computer/any other device uses to connect to wireless network (to access point) - needs SSID and finds frequency automatically. As simple station mode can have only 1 MAC address, you can't bridge it - so that's why people use WDS... station-w...
by dasiu
Sat Aug 20, 2011 11:33 am
Forum: General
Topic: How to limit users bandwidth on spesific connection ?
Replies: 6
Views: 1049

Re: How to limit users bandwidth on spesific connection ?

It should be possible by connection-bytes - just one simple rule, if connection bytes are over - let's say - 5M (connection-bytes=5000000-0) and in-interface is WAN, then add src-address to the address list
by dasiu
Sat Aug 20, 2011 10:41 am
Forum: General
Topic: Question about PCQ QOS in the Queue Tree.
Replies: 2
Views: 772

Re: Question about PCQ QOS in the Queue Tree.

The question is; should the parent queues be left on ethernet default? if i set the queue type to pcq upload or download would that only allow for a 35 packet queue length for the entire tree under the parent? does it even matter since the only thing that needs to be queued between one another is t...
by dasiu
Sat Aug 20, 2011 10:15 am
Forum: General
Topic: Can connect to PPTP on LAN but not WAN?
Replies: 5
Views: 1382

Re: Can connect to PPTP on LAN but not WAN?

Have you tried to disconnect the pptp server from the WAN, and connect your other device there with an IP address of your provider (gateway)? I would check that. And - also - I would use torch, sniff, debug - to see if there is anything going :).
by dasiu
Sun Aug 14, 2011 10:05 am
Forum: General
Topic: Console has crashed
Replies: 5
Views: 690

Re: Console has crashed

Reboot the router :)
Happens sometimes. Or if you type "/tool torch interface=<TAB>" - also crash... Seems to be an error with reading the interface list sometimes. Reboot (physical is better) solves the problem :).
by dasiu
Wed Aug 10, 2011 10:52 pm
Forum: General
Topic: [Solved] Trunk ports and vlan routing
Replies: 9
Views: 24046

Re: Trunk ports and vlan routing

dasiu, i tried your suggested solution and it works like a charm! Although I found a slight typo in your sample code (as far as I understand). Yeah, exactly - your understanding is absolutely correct! I just went easy and copy-pasted the vlan10 and changed interface - but forgot to change this (yea...
by dasiu
Wed Aug 10, 2011 5:05 pm
Forum: General
Topic: IPv6 Routing Problem
Replies: 4
Views: 602

Re: IPv6 Routing Problem

I would recommend asking your provider :). The configuration you gave looks really strange... IP address assigned to any interface should have /64 mask, never /59... And the subnets on LAN and WAN should never "overlap"... Does the provider give you an IP address for WAN, or should it be received by...
by dasiu
Wed Aug 10, 2011 12:54 pm
Forum: Scripting
Topic: How to seperate 2 wan for 2 differnt hotspot!!?
Replies: 9
Views: 2002

Re: How to seperate 2 wan for 2 differnt hotspot!!?

Thankx again!! But when i tried this add dst-address=0.0.0.0/0 routing-mark=to-wan1 gateway=1.1.1.1 distance=0 ////=== distance it cant be = 0 > Oh, really - in older versions of RouterOS distance could be 0. Anyway - just add 1 to everything ;-). Or - I would do it this way: /ip route add dst-addr...
by dasiu
Wed Aug 10, 2011 10:39 am
Forum: General
Topic: two network connection on one port?
Replies: 2
Views: 401

Re: two network connection on one port?

I'm a small WISP and recently purchased a 5Mbps Linear Ethernet connection with the local telco. (Fiber to the building handed off to me with cat5) I plugged in my Tik 450G router and to my surprise, it obtained an address from the Telco. Surprised at this, I ran a speedtest and I'm pulling 10Meg! ...
by dasiu
Wed Aug 10, 2011 10:27 am
Forum: Scripting
Topic: How to seperate 2 wan for 2 differnt hotspot!!?
Replies: 9
Views: 2002

Re: How to seperate 2 wan for 2 differnt hotspot!!?

i have one douts:!
add dst-address=0.0.0.0/0 routing-mark=to-wan1 gateway=GATEWAY OF LAN OR WAN? distance=0
Wan, of course :).
by dasiu
Wed Aug 10, 2011 3:24 am
Forum: General
Topic: [Solved] Trunk ports and vlan routing
Replies: 9
Views: 24046

Re: Trunk ports and vlan routing

1. By using MikroTik bridging - it is simple, but the trunk must not have a native vlan - all should be tagged. And - the worst part - it consumes CPU and the bandwidth will be low - wasting the gigabit ports. Then: /interface vlan add name=ether1vlan10 interface=ether1 vlan-id=10 /interface bridge ...
by dasiu
Wed Aug 10, 2011 2:18 am
Forum: The Dude
Topic: The Dude 4 beta 3 disconnects from SNMP on Mikrotik 5.x
Replies: 4
Views: 2671

Re: The Dude 4 beta 3 disconnects from SNMP on Mikrotik 5.x

I will just add - we have similar problem with Dude 4.0beta3 nad PC devices (non-MikroTik) monitored by SNMP. After few weeks of being OK the Dude doesn't see SNMP answers. Rebooting Dude server (running on Mikrotik x86 machine) helps - for the next few weeks ;-).
by dasiu
Fri Aug 05, 2011 4:53 pm
Forum: Beginner Basics
Topic: Download drastically dropped in simple home NAT
Replies: 7
Views: 1506

Re: Download drastically dropped in simple home NAT

Everything is basically working, but my dl speed dropped from 20 mbit to ~1 mbit. When I connect my PC directly to the modem it's back to normal. 1. Have you set the same MAC address on ether2 as on your computer? Do you receive the same IP address via DHCP? Maybe it's a problem with provider? 2. W...
by dasiu
Wed Jul 27, 2011 6:41 pm
Forum: General
Topic: Bridging and Hotspot at the same time
Replies: 4
Views: 751

Re: Bridging and Hotspot at the same time

Don't forget to move IP address from ether1 to bridge. And also look for other places, for example /ip firewall nat - if there isn't a rule with "out-interface=ether1" (should be bridge) etc. If you are bridging ether1 and ether3 and you move every config from ether1 to bridge - then ether2 should w...
by dasiu
Tue Jul 26, 2011 6:20 pm
Forum: Forwarding Protocols
Topic: ftp port fowading
Replies: 7
Views: 2215

Re: ftp port fowading

/ip firewall service-port
But I think that janisk was asking to check if it is not disabled somewhere - it should be enabled for active FTP connection to be established ;-).

edit: Yeah, fewi was faster :).
by dasiu
Tue Jul 26, 2011 6:13 pm
Forum: General
Topic: snmp freq mib on AP
Replies: 2
Views: 599

Re: snmp freq mib on AP

http://forum.mikrotik.com/viewtopic.php?f=8&t=38177 - I think that is exactly the same question :).
And - in advace - see this: http://lmgtfy.com/?q=mikrotik+wireless+frequency+oid and try next time - it will help you avoid waiting one week and bumping etc. ;-)
by dasiu
Tue Jul 26, 2011 3:20 pm
Forum: RouterBOARD hardware
Topic: RB1000 as bridge bandwidth manager
Replies: 6
Views: 886

Re: RB1000 as bridge bandwidth manager

How can I shape traffics if flow is trunk (802.1Q)? Can I shape traffics using VLAN interface? Those anybody tried it before? You can do it if you bridge each vlan separately, not the ether interfaces :). For each vlan you create 2 interfaces (one on each ether, ex. vlan10ether1, vlan10ether2, vlan...
by dasiu
Tue Jul 26, 2011 3:13 pm
Forum: General
Topic: wrong firewall selected on my radio 411ah
Replies: 6
Views: 645

Re: wrong firewall selected on my radio 411ah

Of course - you should be connected to the same subnet as the router (either directly with your computer, or have any MT you can access, that is on the same subnet) - and then check. If you didn't disable "/ip neighbor discovery" - the MAC should be visible in "/ip neighbor" (on other MikroTik devic...
by dasiu
Tue Jul 26, 2011 2:35 pm
Forum: General
Topic: wrong firewall selected on my radio 411ah
Replies: 6
Views: 645

Re: wrong firewall selected on my radio 411ah

Maybe mac-telnet will work? If the problem is in firewall - I assume you block only IP communication, mac-telnet (or mac-winbox) should still work...
by dasiu
Tue Jul 26, 2011 2:30 pm
Forum: General
Topic: mikrotik queue configuration problem on 433ah
Replies: 2
Views: 536

Re: mikrotik queue configuration problem on 433ah

I'm sure, that there are plenty of people eager to help you...
... just after you paste your queue config and explain exactly the goal you want to achieve ;-).
(simple "/queue export" takes less than 15 seconds :) )
by dasiu
Mon Jul 25, 2011 4:07 pm
Forum: Scripting
Topic: Scripting help
Replies: 3
Views: 667

Re: Scripting help

"remote device" - means connected via wireless? If so - wireless scan disconnects the connection for the time of running the scan. Maybe that's the problem?
by dasiu
Mon Jul 25, 2011 4:01 pm
Forum: Wireless Networking
Topic: MAC ping vs regular ping
Replies: 4
Views: 911

Re: MAC ping vs regular ping

What is % of the loss? And have you tried pinging with size=500, 1000, 1450? Does the loss grow with packet size? :)
by dasiu
Mon Jul 25, 2011 1:54 am
Forum: Beginner Basics
Topic: Bridging Problem
Replies: 3
Views: 603

Re: Bridging Problem

When using bridge (i.e. bridging ether1 and ether2), you should add IP address ONLY on bridge interface. You don't even have to have IP address for the bridge to be working :). But no IP address should be configured on ether1 and ether2 :). Then you can diagnose - check ping from the computer to the...
by dasiu
Sun Jul 24, 2011 1:43 am
Forum: RouterBOARD hardware
Topic: Voltage query...
Replies: 2
Views: 580

Re: Voltage query...

Of course, you can! :) 24V is "fixed" voltage, and 2A is MAXIMUM amperage the power supply can produce. How much of the amperage is actually produced - depends on the device connected to the power supply (it is proportional to the power in Watts). So you only have to worry to have proper voltage, an...
by dasiu
Tue Jun 21, 2011 5:41 pm
Forum: RouterBOARD hardware
Topic: RB751
Replies: 73
Views: 20900

Re: RB751

Few weeks passed, so let me join to the group of people asking the question 8) :
Is there anything new known about the RB-751 devices? When will they be ready? What would be the cost (approximately)? Are they still "almost ready", or has anything changed? :)
by dasiu
Thu Jun 18, 2009 4:07 pm
Forum: General
Topic: DHCP server when Radius goes offline
Replies: 3
Views: 846

Re: DHCP server when Radius goes offline

Thanks for information and for the idea! :)
I will try to write the script soon ;).
by dasiu
Wed Jun 17, 2009 4:01 pm
Forum: General
Topic: DHCP server when Radius goes offline
Replies: 3
Views: 846

DHCP server when Radius goes offline

I am wondering about one question. I have a RouterOS router with dhcp server using Radius. When a known mac-address tries to connect, it gets good IP address from Radius database. If the MAC is unknown, it gets a dhcp lease from a pool defined on the router. It works fine. But when Radius connection...
by dasiu
Thu Feb 26, 2009 11:56 pm
Forum: The Dude
Topic: dude-3.1.npk is broken!
Replies: 16
Views: 3298

Re: dude-3.1.npk is broken!

There is definitely a problem: RB433, ROSv3.20, Dude v3.1 - downloaded it 2 times, still thinks that the npk is broken.
Is there anyone, who succeeded in installing Dude package with a configuration like that?