Community discussions

Search found 411 matches

  • 1
  • 2
by derr12
Wed Aug 07, 2019 8:13 pm
Forum: Wireless Networking
Topic: Mikrotik WLAN & CAPsMAN - Bad download perfomance
Replies: 47
Views: 5055

Re: Mikrotik WLAN & CAPsMAN - Bad download perfomance

Its been a pretty mixed bag for wifi access over mikrotik for us (great for small-scale, not so great for density). Nstream/nv2 ptmp and p2p has been good so far. As a basic router for pppoe or nat/firewall, and rate limiting... very good. Switching has been good. Media converters and fiber stuff , ...
by derr12
Sat Aug 12, 2017 3:30 am
Forum: General
Topic: CAPSMan Drops cAPs
Replies: 3
Views: 736

Re: CAPSMan Drops cAPs

I've started seeing this under heavy load. Also seeing large amounts (about equal to wan) traffic on the bridge interface that is layer2 traffic. Seems to behave itself quite well on the ccr1016 till it's 50mbit+ of wan traffic. See massive CPU spikes and caps drop off due to timeouts. Started remov...
by derr12
Thu Dec 08, 2016 8:38 pm
Forum: The Dude
Topic: The Dude, v6.38rc test builds.
Replies: 189
Views: 39163

Re: The Dude, v6.38rc test builds.

Im still having background images disappear from the disk at random times on X86 (xenproject hypervisor) on rc30. have to re-upload one or two weekly.
by derr12
Wed Nov 02, 2016 6:41 pm
Forum: The Dude
Topic: Best Device to run Dude
Replies: 23
Views: 5447

Re: Best Device to run Dude

Honestly id stick with the windows server for now. The new version is having "growing pains". i Think the last stable version was 6.35.1?
by derr12
Wed Nov 02, 2016 6:38 pm
Forum: The Dude
Topic: Windows Dude vs RouterOS Dude
Replies: 10
Views: 3110

Re: Windows Dude vs RouterOS Dude

a later update has better cpu utilization, anywhere from 20-30% use on the second core. first one will occasionally peg. e-mail up/down notifications are still broken, and it's still pretty unstable. background images disappear for no reason from time to time and i have to re-upload them. a few more...
by derr12
Wed Nov 02, 2016 6:17 pm
Forum: The Dude
Topic: Dude agent not work
Replies: 6
Views: 1678

Re: Dude agent not work

Oh, and for some reason my background images randomly dissappear from the disk drive. i have to re- upload at least 1 jpeg a day.
by derr12
Wed Nov 02, 2016 6:17 pm
Forum: The Dude
Topic: Dude agent not work
Replies: 6
Views: 1678

Re: Dude agent not work

my ROS 6.37 x86 is more unstable than Charles Manson on crack. e-mail up/down alerts have broken text, network transfer is slow and for some reason, it shows like a hundred panels open ( I dont think its closing them properly). have to restart the client constantly because it starts glitching out. i...
by derr12
Wed Nov 02, 2016 6:13 pm
Forum: General
Topic: VoIP through Mikrotik
Replies: 3
Views: 1647

Re: VoIP through Mikrotik

don't forget to forward the sip ports.
by derr12
Wed Nov 02, 2016 6:09 pm
Forum: General
Topic: Decline of Mikrotik?
Replies: 102
Views: 26228

Re: Decline of Mikrotik?

I just wish they would quit releasing broken Dude servers in the current release tree. leave broken versions in the RC builds please! Its so broken it makes me yearn to go back to the windows server.
by derr12
Wed Oct 19, 2016 1:41 am
Forum: The Dude
Topic: The Dude, v6.38rc test builds.
Replies: 189
Views: 39163

Re: The Dude, v6.38rc test builds.

any progress on the notifications bug?

Service ping on x is now [Service.Status] ([Service.ProblemDescription])
by derr12
Mon Oct 03, 2016 7:35 pm
Forum: The Dude
Topic: Windows Dude vs RouterOS Dude
Replies: 10
Views: 3110

Re: Windows Dude vs RouterOS Dude

Im using a pair of opteron 16 core chips in my xen environment. 2.3ghz i believe. i have it on a 8 disk raid 10 array (10gb assigned to dude) and it is backed by 1gb of LVM cache on a super fast PCI express intell SSD. Graphs are fine,. ive only assigned 1gb ram and 2 cores. it only uses about 250me...
by derr12
Fri Sep 30, 2016 8:08 pm
Forum: The Dude
Topic: Windows Dude vs RouterOS Dude
Replies: 10
Views: 3110

Re: Windows Dude vs RouterOS Dude

Im using an X86 license on the dude on a xenserver VM. gave it 2 cores, dude often hits 100% on a single core, but not too bad. monitoring 450 or so devices fairly reliably. The latest current release is better on CPU usage, but the up/down notifications are broken (dont get me started). Overall, at...
by derr12
Thu Sep 29, 2016 6:01 pm
Forum: The Dude
Topic: The Dude, v6.37 [current] release.
Replies: 47
Views: 14733

Re: The Dude, v6.37 [current] release.

service status notification bug still present in a current release? Im a little suprised that the mikrotik brass let this bug out of the RC builds and into a current release. it's kind of a doozy for a monitoring system. ETA on a fix for that?
by derr12
Wed Sep 21, 2016 7:16 pm
Forum: The Dude
Topic: The Dude, v6.37rc test builds.
Replies: 92
Views: 17614

Re: The Dude, v6.37rc test builds.

also all the backgrounds from previous version are gone and im unable to upload images with any method. cant even drag files into the image directory with winbox.
by derr12
Wed Sep 21, 2016 6:52 pm
Forum: The Dude
Topic: The Dude, v6.37rc test builds.
Replies: 92
Views: 17614

Re: The Dude, v6.37rc test builds.

in r34
attention.png

also transferring files is like forever
trans.png
am I missing something

RC38, and im having issues with event logging as well.

have we found a solution for this yet?
by derr12
Thu Aug 18, 2016 7:29 pm
Forum: The User Manager
Topic: User starts paypal transaction, backs out. no payments processed till timeout.
Replies: 0
Views: 571

User starts paypal transaction, backs out. no payments processed till timeout.

Hi there, Ive noticed something now that ive deployed my usermanager based pay as you go hotspot to the wild. If a user creates a user in the signup page, and then proceeds to go to the paypal payment screen, and then backs out or doesnt finish. The user-manager will no longer process payments (acce...
by derr12
Thu Aug 18, 2016 7:24 pm
Forum: The User Manager
Topic: Profiles losing limitations
Replies: 5
Views: 1095

Re: Profiles losing limitations

Im having a similar issue where a user is inheriting the limitations from a profile not assigned to it. sometimes takes a day, sometimes a week. I have submitted to support my supout.rif file this week after they confirmed seeing the issue when i granted them access to my CCR. you might want to do t...
by derr12
Fri Aug 05, 2016 8:51 pm
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 41632

Re: v6.36 [current] is released!

Just a heads up guys. Paypal payments via usermanager are broken in 6.36 on x86. IPN responses time out on 6.36.
Also, you cant downgrade from 6.36 in the traditional method. you have to select and older version (via bugfix) in winbox.
It never attempts to install packages during bootup.
by derr12
Thu Aug 04, 2016 8:24 pm
Forum: The User Manager
Topic: PayPal IPN Fail
Replies: 2
Views: 1329

Re: PayPal IPN Fail

bumping this thread because i have also been unable to get this working right.
by derr12
Fri Jul 29, 2016 8:26 pm
Forum: Wireless Networking
Topic: Capsman - difference between create enabled and create dynamic enabled.
Replies: 0
Views: 505

Capsman - difference between create enabled and create dynamic enabled.

I was wondering since it isn't fleshed out in the manual.  What is the difference between create enabled and create dynamic enabled when provisioning.  Visually,  If the CAP is not connected to the system, create dynamic enabled devices disappear from the Interfaces tab. In create enabled, they stay...
by derr12
Tue Jul 26, 2016 6:06 pm
Forum: The User Manager
Topic: Bug or feature?
Replies: 1
Views: 874

Re: Bug or feature?

yup no difference if i activate the profile manually.  still seeing my free user with the right profile name, but limitations revert to the staff speeds.
by derr12
Thu Jun 30, 2016 8:23 pm
Forum: The User Manager
Topic: Bug or feature?
Replies: 1
Views: 874

Bug or feature?

So ive noticed that when one creates a user in usermanager, the assigned profile does not activate on it's own.  you have to open the user after you create it, go to all profiles and then activate it there.  Otherwise after a little while, it gets goofy.  Here is my setup. 1 - free unlimited time pr...
by derr12
Fri May 27, 2016 7:05 pm
Forum: General
Topic: Block All Internet Access Except for Few HTTPS based Websites
Replies: 2
Views: 906

Re: Block All Internet Access Except for Few HTTPS based Websites

I think hotspot might work for this.

you can setup the hotspot and only authenticated users can go out to the internet at large, but then you add the websites you want allowed for everyone in the walled garden. I did this for a church and it seems to work well.
by derr12
Wed May 25, 2016 9:57 pm
Forum: General
Topic: how can i limit users according to amount of download ?
Replies: 9
Views: 1478

Re: how can i limit users according to amount of download ?

AH scratch that. looks like you have perminant users. i was thinking about pay as you go.
by derr12
Wed May 25, 2016 9:56 pm
Forum: General
Topic: how can i limit users according to amount of download ?
Replies: 9
Views: 1478

Re: how can i limit users according to amount of download ?

User manager + hotspot does this really well out of the box with minimal screwing around.
by derr12
Tue May 24, 2016 1:54 am
Forum: General
Topic: The trouble with traffic flows.
Replies: 2
Views: 527

Re: The trouble with traffic flows.

Bump
by derr12
Tue May 10, 2016 8:09 pm
Forum: General
Topic: Why my new CCR 1036, where Simple-Queue not working upload limiting. :'(
Replies: 7
Views: 2322

Re: Why my new CCR 1036, where Simple-Queue not working upload limiting. :'(

bridges are OK, but make sure you tell the bridge to use the firewall tho.
by derr12
Tue May 10, 2016 8:03 pm
Forum: General
Topic: The trouble with traffic flows.
Replies: 2
Views: 527

Re: The trouble with traffic flows.

Im clearly missing something fundamental about these CCR's.

lan interfaces are bridged. sfp1 is the WAN port. users are on the 10.0.0.1/24 network.
by derr12
Tue May 10, 2016 8:01 pm
Forum: General
Topic: The trouble with traffic flows.
Replies: 2
Views: 527

The trouble with traffic flows.

hey guys, Ive had no problems with other routerboards, but for some reason i cant get a CCR 1016-12s-1s+ to graph at my netflow aggrigater. Ive used this setup on 1100's, rb450's, 951's, you name it. im using it to moniter bandwidth usage for lan users on my networks. never been a problem till i tri...
by derr12
Fri Apr 15, 2016 1:52 am
Forum: General
Topic: Known issues and bugs - a list
Replies: 283
Views: 110375

Re: Known issues and bugs - a list

RB922UAGS-5HPacD 5ghz radio transmits @ 17dbi when controlled by capsman. In capsman tx power can be set auto or manually, doesn't matter. TX power at radio is always 17dbi.

Oddly if you shove a 2.4ghz miniPCI radio in there, it plays nice with caps man.

Bug is present in latest RC build.
by derr12
Fri Apr 08, 2016 11:35 pm
Forum: Announcements
Topic: v6.35rc [release candidate] is released, new wireless package!
Replies: 537
Views: 104747

Re: v6.35rc [release candidate] is released, new wireless package!

Is there any word when/if ANI will get support in capsman?
by derr12
Thu Feb 25, 2016 9:18 pm
Forum: Wireless Networking
Topic: ANI with capsman?
Replies: 4
Views: 1198

Re: ANI with capsman?

Word from mikrotik that ANI via CapsMan is not supported at this time.
by derr12
Thu Feb 25, 2016 9:17 pm
Forum: Wireless Networking
Topic: CapsMAN Dual Band
Replies: 6
Views: 5972

Re: CapsMAN Dual Band

you may need to specify mac addresses in your provisioning for 5ghz radios so that it can provision the radio under the right wireless profiles. Im about to explore this "trouble" myself for a capsman project.
by derr12
Mon Feb 22, 2016 7:07 pm
Forum: Wireless Networking
Topic: ANI with capsman?
Replies: 4
Views: 1198

ANI with capsman?

Hey guys, maybe im just blind, but i cant seem to find out where to enable adaptive noise immunity on capsman controlled interfaces. Cant seem to find any mention of it in the documentation either.
by derr12
Mon Feb 22, 2016 7:06 pm
Forum: Wireless Networking
Topic: HOTSPOT: not working as it should
Replies: 5
Views: 1195

Re: HOTSPOT: not working as it should

from your description it sounds like your radio might be flaky, if the SSID comes and goes. what is your wireless CCQ showing? Also might be a good idea to do a frequency scan as this could be interference related.
by derr12
Fri Feb 19, 2016 9:12 pm
Forum: The User Manager
Topic: Capsman/hotspot/userman working! now need to figure out how to recharge users,
Replies: 5
Views: 1750

Re: Capsman/hotspot/userman working! now need to figure out how to recharge users,

one more bump. seems you can refill by buying another profile from the user login screen under profiles. so there you go. you can indeed self serve refill expired accounts.
by derr12
Fri Feb 19, 2016 7:02 pm
Forum: The User Manager
Topic: Paypal or Autherize.net?
Replies: 0
Views: 864

Paypal or Autherize.net?

So here is what im trying to do. Mikrotik capsman/userman/hotspot controller in the head-end in a canadian town that manages strand mounted AP's all over town. Pay as you go, self serve signup for internet access. I have a prototype setup that is currently using paypal. i have gotten the scripts tha...
by derr12
Thu Feb 11, 2016 11:20 pm
Forum: The Dude
Topic: CHR 6.34rc45 + dude import not working
Replies: 28
Views: 7541

Re: CHR 6.34rc45 + dude import not working

Im importing a dude database from v4b3 to the latest release candidate. it failed the first two times @ 99% with "action timed out" on the third attempt it worked.
by derr12
Fri Jan 22, 2016 11:10 pm
Forum: The User Manager
Topic: Capsman/hotspot/userman working! now need to figure out how to recharge users,
Replies: 5
Views: 1750

Re: Capsman/hotspot/userman working! now need to figure out how to recharge users,

I got an answer from mikrotik support. They are planning this feature in a future release. Possibly in the next one, more likely when ROS 7 comes out.
by derr12
Wed Jan 20, 2016 11:42 pm
Forum: The User Manager
Topic: Capsman/hotspot/userman working! now need to figure out how to recharge users,
Replies: 5
Views: 1750

Re: Capsman/hotspot/userman working! now need to figure out how to recharge users,

Bump. Anyone got any ideas about refilling expired accounts via a self serve option?
by derr12
Sat Jan 16, 2016 12:28 am
Forum: The User Manager
Topic: Capsman/hotspot/userman working! now need to figure out how to recharge users,
Replies: 5
Views: 1750

Re: Capsman/hotspot/userman working! now need to figure out how to recharge users,

got payments working.


still need to figure out how to recharge users.
by derr12
Fri Jan 15, 2016 10:58 pm
Forum: Scripting
Topic: Solution: Automatically clean expired User-Manager accounts
Replies: 70
Views: 45245

Re: Solution: Automatically clean expired User-Manager accounts

Im on 6.33.3 and I ran this latest script. It doesnt seem to have any readout in the logs or terminal in winbox when executed. no errors or nothing.

How do i know if it's working or not?
by derr12
Thu Jan 14, 2016 8:14 pm
Forum: The User Manager
Topic: Capsman/hotspot/userman working! now need to figure out how to recharge users,
Replies: 5
Views: 1750

Re: Capsman/hotspot/userman working! now need to figure out how to recharge users,

well ill have to wait to fix my paypal payments on signup first. progress in another thread. Did MT remove the usermanagers ability to recharge accounts in the last major revision? documentation makes reference to credits which are now no longer in UM.
by derr12
Thu Jan 14, 2016 7:26 pm
Forum: The User Manager
Topic: Paypal paymernt received, user created, profile not applied.no login to hotspot.
Replies: 3
Views: 1371

Re: Paypal paymernt received, user created, profile not applied.no login to hotspot.

I think part of the problem is that it's creating users under the root user "admin" i cant find any setting that modify's this behavior
by derr12
Thu Jan 14, 2016 7:01 pm
Forum: The User Manager
Topic: Paypal paymernt received, user created, profile not applied.no login to hotspot.
Replies: 3
Views: 1371

Paypal paymernt received, user created, profile not applied.no login to hotspot.

Hey guys n gals. I have setup user manager on a test unit. User signup with paypal works, user gets created under a customer ive created, paypal accepts money, but no profile gets applied and i cannot log into the hotspot with the user it created. I tried manually adding a profile and activating it ...
by derr12
Wed Jan 13, 2016 6:20 pm
Forum: The User Manager
Topic: Capsman/hotspot/userman working! now need to figure out how to recharge users,
Replies: 5
Views: 1750

Capsman/hotspot/userman working! now need to figure out how to recharge users,

Hey guys, this is my first foray into user manager. Love it so far. what i haven't been able to figure out is how to let an expired user recharge his time in a self serve fashion. (payment gateway is paypal) Alternatively, if i cant do that, how would i have the self serve option auto generate a use...
by derr12
Fri Dec 04, 2015 9:41 pm
Forum: General
Topic: Suggestions for Paid hotspot setup.
Replies: 5
Views: 816

Re: Suggestions for Paid hotspot setup.

Actually after reading some of the documentation, our existing daloradius VM should be able to be used for this. The configuration of it looks a little bit like too much heavy lifting for me. Let me know if you are interested in contracting for this job.
by derr12
Fri Dec 04, 2015 9:19 pm
Forum: General
Topic: Suggestions for Paid hotspot setup.
Replies: 5
Views: 816

Re: Suggestions for Paid hotspot setup.

Pm me your price for a finished system if you want. I have a vmware hypervisor at the moment, but im about to migrate to xen.
by derr12
Thu Dec 03, 2015 11:32 pm
Forum: General
Topic: Suggestions for Paid hotspot setup.
Replies: 5
Views: 816

Re: Suggestions for Paid hotspot setup.

Feel free to post your info here, someone else might be looking for a product too.
by derr12
Thu Dec 03, 2015 1:07 am
Forum: Wireless Networking
Topic: Slow Wireless Hotspot Implementation - observations and solutions
Replies: 9
Views: 1855

Re: Slow Wireless Hotspot Implementation - observations and solutions

having deployed several hotel wifi setups, I have found that 99% of connectivity/slowness issues are caused primarily by Interference and weak clients due to dead zones. Best practices ive found so far. 1. ban all personal wifi networks from the building. 2. frequency plan so you dont self interfere...
by derr12
Wed Dec 02, 2015 11:03 pm
Forum: General
Topic: Dude 3.6 Torch tool is not working with Ros after 5.0 rc5
Replies: 16
Views: 3419

Re: Dude 3.6 Torch tool is not working with Ros after 5.0 rc5

Not really, nothing that integrates with ROS. closest ive seen is Whats up gold, but it costs an arm and a leg.
by derr12
Wed Dec 02, 2015 10:22 pm
Forum: General
Topic: Suggestions for Paid hotspot setup.
Replies: 5
Views: 816

Suggestions for Paid hotspot setup.

Hey guys, We just purchased a cable system in a resort town. I inherited a cloudtrax setup that is leaving a lot to be desired. 6 or 7 ap's. Id like to replace it with mikrotik hardware. I wondering if anyone has some suggestions for self serve payment systems that would include strand mounted/power...
by derr12
Tue May 26, 2015 11:57 pm
Forum: Wireless Networking
Topic: Unstable WDS setup
Replies: 7
Views: 1020

Re: Unstable WDS setup

still too hot. shoot for -65 between your links.
by derr12
Tue May 26, 2015 11:55 pm
Forum: Wireless Networking
Topic: "No beacons received"
Replies: 7
Views: 1545

Re: "No beacons received"

Ive seen similar fits in 5ghz in station mode with zero noise in good signal in multiple deployments. It was fed from a mikrotik AP that serviced both wifi clients and a station bridge in both instances. I had no luck solving it. I ended up putting a dedicated AP just for that station bridge and it ...
by derr12
Mon May 18, 2015 6:29 pm
Forum: General
Topic: Unexpected behavior from rb1100ahx2 switch/firewall.
Replies: 2
Views: 645

Re: Unexpected behavior from rb1100ahx2 switch/firewall.

ah that makes sense. I should make the master port 2 and add 1 and 2 to the bridge so it crosses the CPU before it hits the internet.

Not sure how i missed that.

Probably because I never use the switch chips in any of my deployments, Im an all CPU kind of guy.
by derr12
Sat May 16, 2015 1:37 am
Forum: General
Topic: Dude 3.6 Torch tool is not working with Ros after 5.0 rc5
Replies: 16
Views: 3419

Re: Dude 3.6 Torch tool is not working with Ros after 5.0 rc5

dude is abandonware, tho i still love it. don't expect a fix until they announce plans to start development again. From what ive heard, they are not planning on doing it.... ever. too bad cuz i love me some dude. I would pay into a kickstarter or whatever gladly to see development resume.
by derr12
Fri May 15, 2015 8:24 pm
Forum: General
Topic: Unexpected behavior from rb1100ahx2 switch/firewall.
Replies: 2
Views: 645

Unexpected behavior from rb1100ahx2 switch/firewall.

Hi guys, have an 1100ahx2 running 6.27. Have it configured as a switch with a firewall to filter traffic to some web hosting servers. I noticed that my rules for blocking were not being followed by some of my machines. Turns out it was the machines plugged into the first switch group that were not g...
by derr12
Tue Apr 14, 2015 12:01 am
Forum: General
Topic: PPPOE and exploring freeradius.
Replies: 1
Views: 430

PPPOE and exploring freeradius.

Ive been testing freeradius + daloradius to be used for AAA. The rate limit feature works as advertised, I noticed there are some perimeters in there to limit bandwidth usage on PPPOE connections. "limit bytes in/Limit Bytes out" is the peramiter on the mikrotik that it changes via radius. Does this...
by derr12
Tue Mar 24, 2015 6:36 pm
Forum: General
Topic: Jumbo frames on 1100ahx2
Replies: 2
Views: 873

Re: Jumbo frames on 1100ahx2

ah thats got it, thanks.

my problem is that i was trying to set one at a time instead of both. it kept resetting the values to default
by derr12
Sun Mar 22, 2015 12:58 am
Forum: General
Topic: Jumbo frames on 1100ahx2
Replies: 2
Views: 873

Jumbo frames on 1100ahx2

Ive been trying to figure out how to enable jumbo frames on my setup. running an esxi host with intel gbe cards to a realtek GBE card. my hardware setup should saturate a gigabit link no problem but im still getting around 400mbits between these devices. Jumbo frames enabled at both ends. still cant...
by derr12
Thu Mar 05, 2015 7:07 pm
Forum: General
Topic: Payment moduals.
Replies: 4
Views: 850

Re: Payment moduals.

I really like DMA, unfortunetly i have a vast wimax network that needs authenticating. at this time DMA does not have support for wimax authentication. hopefully it's just a matter of time as freeradius does have a wimax plugin. Aradial wanted 10k for licenses... so they are out. Any experience out ...
by derr12
Thu Mar 05, 2015 6:46 pm
Forum: General
Topic: Arp issues caused due to roaming and a repeater.
Replies: 5
Views: 1540

Re: Arp issues caused due to roaming and a repeater.

I have it working in the field. Im not sure why it was giving me trouble... i probably forgot to clear arps when i changed it over.
by derr12
Tue Feb 03, 2015 2:03 am
Forum: Wireless Networking
Topic: psuedobridge mac issue.
Replies: 5
Views: 985

Re: psuedobridge mac issue.

using different router-boards and client bridge works fine. nuts....
by derr12
Mon Feb 02, 2015 10:31 pm
Forum: General
Topic: Arp issues caused due to roaming and a repeater.
Replies: 5
Views: 1540

Re: Arp issues caused due to roaming and a repeater.

And of course it works just fine in station bridge mode here with different hardware.... ill have to tinker some more.
by derr12
Mon Feb 02, 2015 9:25 pm
Forum: General
Topic: Arp issues caused due to roaming and a repeater.
Replies: 5
Views: 1540

Re: Arp issues caused due to roaming and a repeater.

in the lab, when i tested it with station bridge mode, it worked for clients off the 2nd access point as expected. However, when i connected my laptop to the first AP, I was no longer able to see the 2nd access point on the network. It appeared to have broken the bridging to the second AP as soon as...
by derr12
Sun Feb 01, 2015 12:21 am
Forum: General
Topic: Arp issues caused due to roaming and a repeater.
Replies: 5
Views: 1540

Arp issues caused due to roaming and a repeater.

Ive run into an issue that i did not expect with my setup. I had a dead zone that i had to service in a hotel hotspot network. here is the layout; ccr router (hotspot, dhcp,firewall) -> 2x MT switches (bridged) -> 11 MT AP's (bridged) -> wifi Clients + 1 MT repeater(2ghz radio in station psuedobridg...
by derr12
Sat Jan 31, 2015 11:30 pm
Forum: Wireless Networking
Topic: psuedobridge mac issue.
Replies: 5
Views: 985

Re: psuedobridge mac issue.

so looks like if you have mixed brand clients in the first AP, set station bridge on the other, bridging breaks to the second. So looks like im stuck with station psuedobridge I tried using station psuedobridge clone, but unfortunetly, I was not able to surf off the first AP in that circumstance. I ...
by derr12
Sat Jan 31, 2015 7:50 am
Forum: Wireless Networking
Topic: psuedobridge mac issue.
Replies: 5
Views: 985

Re: psuedobridge mac issue.

I tried your first suggestion on the bench, but I was not getting any data thruput to 802.11 clients. I wasn't sure why since all ap's were mikrotik.. Now that I think of it, it's possible I was connecting my station radio to a ubiq router, ill retest tomorrow and see. The networks will be named dif...
by derr12
Thu Jan 29, 2015 2:15 am
Forum: Wireless Networking
Topic: psuedobridge mac issue.
Replies: 5
Views: 985

psuedobridge mac issue.

So i have a hotel that i needed to use a repeater in to reach a deadzone where running ethernet was not possible. I have a ccr router running dhcp and hotspot services for me, that goes to an RB2011 acting as a switch, which goes to a 912 dual band AP. Acting as a client radio on the 2.4 band a seco...
by derr12
Wed Jan 21, 2015 11:12 pm
Forum: General
Topic: Payment moduals.
Replies: 4
Views: 850

Re: Payment moduals.

Im going to be demoing free radius and DMA RADIUS MANAGER. unlimited licenses are just 200 bucks. Looks like they support paypal as well as other instant access payment methods.

Will post my results.
by derr12
Wed Jan 21, 2015 8:49 pm
Forum: General
Topic: Free and open traffic (netflow) analysis
Replies: 2
Views: 995

Re: Free and open traffic (netflow) analysis

I believe manage engine netflow analyzer demo version lets you do this for 1 router for free.
by derr12
Wed Jan 21, 2015 8:41 pm
Forum: General
Topic: RB2011 PPPoE not more than 200 Mbps
Replies: 11
Views: 2442

Re: RB2011 PPPoE not more than 200 Mbps

what kind of cpu usage are you seeing?
by derr12
Wed Jan 21, 2015 8:39 pm
Forum: General
Topic: Payment moduals.
Replies: 4
Views: 850

Re: Payment moduals.

still shopping around for a good cheap solution. Ant testimonials/advice appreciated.
by derr12
Sat Jan 10, 2015 1:29 am
Forum: Wireless Networking
Topic: Speeds when using 2 MT dual band 912 units.
Replies: 0
Views: 439

Speeds when using 2 MT dual band 912 units.

Hi guys, i have a need to fix a dead zone by making a repeater setup. Right now i have 2 912 outdoor units. 1 is acting in AP bridge mode with both interfaces. The second device, the repeater is connecting to the first AP on the 2.4ghz network In station psuedobridge mode. The second radio is a 5ghz...
by derr12
Wed Dec 31, 2014 9:45 pm
Forum: General
Topic: Payment moduals.
Replies: 4
Views: 850

Re: Payment moduals.

What about free-radius + Hostbill + paypal. Anyone had a chance to try these out for hotspot payments?
by derr12
Wed Dec 31, 2014 7:54 pm
Forum: General
Topic: Can't get fiber to work on CCR1036-12G-4S
Replies: 3
Views: 1042

Re: Can't get fiber to work on CCR1036-12G-4S

I used a ccr spf router to feed some hotels and i used both some random 2 way transceivers and also the mikrotik brand ones and it was seamless. Tho i was going from one mikrotik device to another. I didn't try mixing a media converter on one end and mikrotik on the other. might have something to do...
by derr12
Wed Dec 31, 2014 7:10 pm
Forum: General
Topic: Protecting Tower Equipment from "Salt"
Replies: 5
Views: 1171

Re: Protecting Tower Equipment from "Salt"

I would imagine a rubberized paint would keep it un-rusted during the duration of it's lifespan. Like that rock-chip stuff you can get in the can.
by derr12
Wed Dec 31, 2014 7:00 pm
Forum: General
Topic: Payment moduals.
Replies: 4
Views: 850

Payment moduals.

Hey guys, in the new year one of the projects we want to take on is getting into the business of offering canned payment modual services for hotels and the like. we want payments to go directly to the customers chosen bank account. We have used aradial with a payment modual and moneris for all our p...
by derr12
Tue Oct 28, 2014 8:51 pm
Forum: General
Topic: RB2011 v6.04 crashed and now won't stop crashing
Replies: 6
Views: 1145

Re: RB2011 v6.04 crashed and now won't stop crashing

Id bet money that if you pulled the Lid, you would find blown/bulgy caps.
by derr12
Wed Sep 03, 2014 2:49 am
Forum: RouterBOARD hardware
Topic: Dual band 951-like routerboard?
Replies: 18
Views: 5486

Re: Dual band 951-like routerboard?

I would literally eat a pine-cone if it meant the release of an RB2011 type chassis that had dual band 2x2 wireless capability.

At the company I work for a the missing dual band Soho model is the ONLY thing keeping us from putting mikrotik products in our end users hands.
by derr12
Tue Aug 12, 2014 8:12 pm
Forum: General
Topic: block Torrent traffic for single IP address
Replies: 1
Views: 1255

Re: block Torrent traffic for single IP address

Add these rules to your filter, but change the source address to your intended target. should do a pretty good job of killing a lot of p2p /ip firewall filter add action=drop chain=forward comment="TORRENT No 4: prohibits download .torrent files. " content="\r\ \nContent-Type: application/x-bittorre...
by derr12
Thu May 22, 2014 9:29 pm
Forum: General
Topic: am i under attack??
Replies: 4
Views: 770

Re: am i under attack??

I eliminate a lot of these by simply turning off the access methods im not going to use.

In IP - > services. If you dont use ssh and are winbox only like me you can turn off everything except winbox. easy-peazy.
by derr12
Thu May 22, 2014 9:25 pm
Forum: General
Topic: How to setup metal as repater...Please Help
Replies: 1
Views: 340

Re: How to setup metal as repater...Please Help

This should get you there, foudn it in the wiki.

http://wiki.mikrotik.com/wiki/Wireless_repeater
by derr12
Fri Mar 14, 2014 6:41 pm
Forum: General
Topic: DHCP don't works
Replies: 22
Views: 3725

Re: DHCP don't works

Hmm ive neve seen a switch cause that kind of problem before, maybe try forcing duplex on both the switch and mikrotik ports? there isnt any leftover vlan configuration from a previous deployment on the switch is there?
by derr12
Fri Mar 14, 2014 6:25 pm
Forum: General
Topic: accessing devices attached to the mikrotik
Replies: 5
Views: 1038

Re: accessing devices attached to the mikrotik

For monitering ive assigned the management IP's of the AP's as non-routable IP's on the mikrotik wan interface so i dont need to waste a public IP on each for up/down status monitering. Then you simply creat a nat rule to forward all traffic from your monitering server to the non-routable (the dude,...
by derr12
Fri Mar 14, 2014 6:20 pm
Forum: General
Topic: How to block unnecessary port or allow important port?
Replies: 7
Views: 1618

Re: How to block unnecessary port or allow important port?

yeah you are better off using the Proxy + whitelist if you only want to make some services available. It will block everything else. Can also setup firewall rules to allow only specific ports and block the rest. As far as limiting speeds go, can either use the hotspotor a simple queue to limit the b...
by derr12
Fri Mar 14, 2014 6:17 pm
Forum: General
Topic: Hotspot hardware recommendation
Replies: 4
Views: 1135

Re: Hotspot hardware recommendation

The 1100x2AH would be the way id go. You wont have enough memory in the lower models for any sort of queueing with that many users. They are also somewhat reasonably priced. Ive got one doing hotspot/dhcp/queueing to 25mb/w5mb and it barely breaks a sweat.
by derr12
Tue Mar 04, 2014 8:18 pm
Forum: General
Topic: Dual radios ptp, OSPF, failover works, just not 2x speed.
Replies: 4
Views: 858

Re: Dual radios ptp, OSPF, failover works, just not 2x speed

Im going to give nstream dual a go, The failover is nice, the speed is more important tho.
by derr12
Tue Mar 04, 2014 7:45 pm
Forum: General
Topic: Bandwidth Limiting
Replies: 2
Views: 563

Re: Bandwidth Limiting

/queue type add kind=pcq name="3m per user down" pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-limit=35 pcq-rate=3M pcq-src-address6-mask=64 pcq-total-limit=10000 add kind=pcq name="1m per user up" pcq-classifier=src-address pcq-dst-address6-mask=64 pcq-limit=35 pcq-rate=1M pcq-src-addres...
by derr12
Sat Mar 01, 2014 2:03 am
Forum: General
Topic: Dual radios ptp, OSPF, failover works, just not 2x speed.
Replies: 4
Views: 858

Re: Dual radios ptp, OSPF, failover works, just not 2x speed

The OSPF interfaces i made are showing down and an unknown area. Thats probably my problem right there, what did i do wrong in the guide? i created them as they said.
by derr12
Sat Mar 01, 2014 1:08 am
Forum: General
Topic: Dual radios ptp, OSPF, failover works, just not 2x speed.
Replies: 4
Views: 858

Dual radios ptp, OSPF, failover works, just not 2x speed.

Hey guys, ive been playing around with a couple 912 units. using the built in 5ghz radio and a second 2.4ghz radio. Ive followed the guides here; http://wiki.mikrotik.com/wiki/Setup_Dual_Wireless_Link_with_OSPF I find that i can disable one radio and it automatically fails over to the second, but I ...
by derr12
Sat Mar 01, 2014 12:58 am
Forum: General
Topic: Antenna Orientation and dual chain radios.
Replies: 3
Views: 977

Re: Antenna Orientation and dual chain radios.

alright, matching antennas it is. orientation doesnt matter then it will just change the horizontal plane of the second antenna and not give me true dual cahin unless both horizontal beams reach my target then, correct?
by derr12
Fri Feb 28, 2014 12:10 am
Forum: General
Topic: Idea to connect two (2) mikrotik routers- still one LAN
Replies: 3
Views: 815

Re: Idea to connect two (2) mikrotik routers- still one LAN

you could could use pptp to connect to the other router, its probably easier to just use more capable hardware tho. The 1100x2AH is quite affordable and has lots of gusto.
by derr12
Fri Feb 28, 2014 12:01 am
Forum: General
Topic: Practical use of bridge interfaces
Replies: 1
Views: 532

Re: Practical use of bridge interfaces

I guess the thing to remember is using bridging will limit you to the 1gbit limit between the CPU and the bridge. Might become an issue in some installs. Also Bridging uses more CPU Rescources. I use bridging almost all the time because of how conveniant it is, but I also way overbuild on hardware r...
by derr12
Thu Feb 27, 2014 11:55 pm
Forum: General
Topic: Too many connections? High Ping - Router saturated
Replies: 15
Views: 2751

Re: Too many connections? High Ping - Router saturated

you could set a firewall rule to limit the number of udp and tcp conenctions per client as well. It's possible someone is maxing out the radio's maximum packets per second abilities. Last time I saw this in the wild it was a low/noisy signal wireless client who was connecting at low rate downloading...
by derr12
Thu Feb 27, 2014 11:42 pm
Forum: General
Topic: Antenna Orientation and dual chain radios.
Replies: 3
Views: 977

Antenna Orientation and dual chain radios.

Hey guys, I have an interesting problem. I guess my decision on how to procede hinges on a couple fundamental holes in my wireless theory knowledge. If I had a dual chain mikrotik router with external high gain antennas and getting the most thruput possible was not a priority could I do the followin...
by derr12
Thu Feb 20, 2014 12:56 am
Forum: General
Topic: hotspot login page works, mostly.
Replies: 3
Views: 695

hotspot login page works, mostly.

Hey guys. Im using the hotspot to authenticate users for a hotel network. Generally it works fine, ive set my timeout values so that no matter what a user only has to log in once every 24 hours. Ive had some odd behavior from a couple users that will simply not load the hotspot login page no matter ...
by derr12
Fri Jan 03, 2014 3:00 am
Forum: General
Topic: CPU MAXING OUT
Replies: 2
Views: 790

Re: CPU MAXING OUT

is it possible that you have "allow remote requests" enabled on your dns settings and someone externally is running dns shinanigans thru your gateway overloading both your layer 7 and dns services for the same reason?
by derr12
Thu Dec 19, 2013 1:59 am
Forum: General
Topic: Building a layer 7 matcher for great justice!
Replies: 4
Views: 1008

Re: Building a layer 7 matcher for great justice!

I think this is traffic from the pushdo botnet, because this is an applciation layer attack, layer 7 rules may be the only way to catch this on a hardware firewall, the only other option is to install mod_security on each box and block it that way. Was hoping to avoid having to rely on the servers t...
by derr12
Thu Dec 19, 2013 12:27 am
Forum: General
Topic: Building a layer 7 matcher for great justice!
Replies: 4
Views: 1008

Re: Building a layer 7 matcher for great justice!

I have since learned that Layer 7 regexp's are written in perl. I have no experience in such things.

http://perldoc.perl.org/perlre.html#Regular-Expressions

does anyone have any expertise in perl that can help a brother out in making this layer 7 rule?
by derr12
Thu Dec 19, 2013 12:03 am
Forum: General
Topic: Building a layer 7 matcher for great justice!
Replies: 4
Views: 1008

Building a layer 7 matcher for great justice!

Hey guys, Im trying to filter a probing attack from reaching all my webservers. The offending line in my server logs looks like this; POST / HTTP/1.1" 403 1296 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Where I have failed to accomplish with filtering based on packet content, Id li...
by derr12
Thu Dec 12, 2013 9:10 pm
Forum: General
Topic: CCR - QoS/mange rules 100% CPU
Replies: 3
Views: 2186

Re: CCR - QoS/mange rules 100% CPU

That is a TON of layer 7 rules to process. You might want to try avoiding using layer 7 at that massive scale on that hardware as it is hugely cpu hungry. you might want to try cerating a QOS tag for other traffic that is easy to identify, dns, voip, http and e-mail and such. give them a higher prio...
by derr12
Thu Dec 12, 2013 8:57 pm
Forum: Beginner Basics
Topic: web page re direct, splash paga, captive portal
Replies: 7
Views: 11655

Re: web page re direct, splash paga, captive portal

any experts wanna chime in with a yay or nay?
by derr12
Fri Dec 06, 2013 2:55 am
Forum: General
Topic: bad radius signature, dropping
Replies: 5
Views: 2139

Re: bad radius signature, dropping

sounds like the radius server is sending an invalid radius attribute. could be the radius serverhas the wrong nas type selected or is sending some extended radius attributes to the mikrotik that it doesnt understand.

are you using free radius or aradial or something?
by derr12
Fri Dec 06, 2013 2:46 am
Forum: General
Topic: Simple Queue Question?....
Replies: 5
Views: 1084

Re: Simple Queue Question?....

pretty sure if you set the priority (in the advanced tab for the simple queue) for the individual higher than the subnet it will behave as expected.
by derr12
Fri Dec 06, 2013 2:40 am
Forum: General
Topic: Wi-Fi best practice question
Replies: 2
Views: 619

Re: Wi-Fi best practice question

You could always use PPPOE to each user via the same username and password. The user can enter the PPPOE information in thier own routers or devices, that way it bypasses the hotspot but still has all that radius accounting stuff you love. anyone who isnt connecting via PPPOE would still have to pas...
by derr12
Fri Dec 06, 2013 2:18 am
Forum: General
Topic: Question about the most efficient way to block traffic.
Replies: 2
Views: 666

Re: Question about the most efficient way to block traffic.

Ok I have implimented the filter as suggested, with connections getting marked and then dropped in the firewall. It is blocking a large number of the botnet "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" apache requests, however im still getting some thru. I suspect this is because the pa...
by derr12
Thu Dec 05, 2013 11:15 pm
Forum: Beginner Basics
Topic: web page re direct, splash paga, captive portal
Replies: 7
Views: 11655

Re: web page re direct, splash paga, captive portal

bump. Anyone know if this is possible?
by derr12
Fri Nov 29, 2013 12:37 am
Forum: The Dude
Topic: Run The Dude from a Routerboard
Replies: 1
Views: 1407

Re: Run The Dude from a Routerboard

im honestly not even happy with how the dude operates as an agent on routerboard hardware. Love it, but keep it on x86 harware where it belongs...
by derr12
Thu Nov 28, 2013 8:12 pm
Forum: General
Topic: QoS on WAN interface
Replies: 5
Views: 1735

Re: QoS on WAN interface

This is not something ive tried personally but... presumably you would have to make two sets of mangle rules, 1 set for each WAN interface. If you are load balancing based on source/destination IP address lists you can make mangle rules based on the same IP subnets and then make simple queues for yo...
by derr12
Thu Nov 28, 2013 8:02 pm
Forum: Beginner Basics
Topic: web page re direct, splash paga, captive portal
Replies: 7
Views: 11655

Re: web page re direct, splash paga, captive portal

Hey guys, I was wondering. This current setup requires that the user go to an HTTP page in order for the authentication to take place. Is it possible for this to work if a users homepage is an https page? Currently if we go to an https page first it never hits the authentication and the user gets no...
by derr12
Mon Nov 18, 2013 9:33 pm
Forum: General
Topic: Bandwidth Management & QOS - Is it possible?
Replies: 12
Views: 5916

Re: Bandwidth Management & QOS - Is it possible?

Im my experience, i would create your speed "tiers" in simple queues. you wont need to set mangle rules for for individual speed limits. example PCQ queue type to set a 3m/1m package; /queue type add kind=pcq name="3m per user down" pcq-classifier=dst-address pcq-dst-address6-mask=64 pcq-limit=35 pc...
by derr12
Mon Nov 18, 2013 9:11 pm
Forum: General
Topic: PCQ implementation - what is wrong?
Replies: 4
Views: 1253

Re: PCQ implementation - what is wrong?

As for the minimum bandwidth, you will want to create a simple queue and an additional PCQ queue type Here is what I use in a hotel, an RB1100 being a controller for 11 bridged wireless ap's. Tho im doing some shaping, its a slightly more complicated version of what you are trying to do. My mangles;...
by derr12
Mon Nov 18, 2013 9:07 pm
Forum: General
Topic: PCQ implementation - what is wrong?
Replies: 4
Views: 1253

Re: PCQ implementation - what is wrong?

Remove the limit on your queue types, the queue tree will be the one handling your speed limits. Other than that it could be that your packet marking is not working as expected. I usually just mark traffic based on the source/destination IP or interface, for example; 26 ;;; Mark all remaining Upload...
by derr12
Thu Nov 07, 2013 11:53 pm
Forum: General
Topic: CRS: What makes this device "cloud"?
Replies: 6
Views: 1308

Re: CRS: What makes this device "cloud"?

cuz clouds are fluffy, and capable hardware makes me feel fluffy inside.
by derr12
Thu Nov 07, 2013 11:25 pm
Forum: General
Topic: CCR missing bandwidth speed limit settings, exists on RB1000
Replies: 3
Views: 1270

Re: CCR missing bandwidth speed limit settings, exists on RB

yup just limit speed on the WAN port to 10mbits. The other queues should level out as you illustrated.

You can also do this with queue tree and mangle rules, but simple queue is much easier.
by derr12
Thu Nov 07, 2013 11:05 pm
Forum: General
Topic: Which router should I use for 1Gbps with BGP?
Replies: 1
Views: 401

Re: Which router should I use for 1Gbps with BGP?

if money is not an issue, go with the 36 core ccr.

The 12 core CCR should be able to handle everything you can throw at it @ those speeds tho.
by derr12
Thu Nov 07, 2013 9:33 pm
Forum: Beginner Basics
Topic: web page re direct, splash paga, captive portal
Replies: 7
Views: 11655

Re: web page re direct, splash paga, captive portal

fewi to the rescue again. Runs like a champ when i tried this.

May a squadren of sandwitches find thier way to your mouth.
by derr12
Fri Oct 25, 2013 8:34 pm
Forum: The Dude
Topic: SMS alerts no longer working.
Replies: 2
Views: 1337

Re: SMS alerts no longer working.

running version 4.0 b3 by the way
by derr12
Fri Oct 25, 2013 8:33 pm
Forum: The Dude
Topic: SMS alerts no longer working.
Replies: 2
Views: 1337

SMS alerts no longer working.

hey guys, for a long time i had the dude sending e-mail notifications to 2505551234@txt.bell.ca which would then send a text message to my phone when something goes down. That stopped working recently for no appearant reason. I checked and when i send a test e-mail to the same address in my e-mail c...
by derr12
Wed Oct 16, 2013 9:32 pm
Forum: General
Topic: Question about the most efficient way to block traffic.
Replies: 2
Views: 666

Question about the most efficient way to block traffic.

Hi guy's Im building a firewall for a cluster of webservers using a routerboard. I was building my list of rules when I had a thought. In the event I need to block something specific like, during a DDOS, what would be the most efficient way (cpu wise) to block specific traffic. For example; If i wan...
by derr12
Tue Sep 24, 2013 11:34 pm
Forum: General
Topic: Creating mangle rules per ethernet interface.
Replies: 1
Views: 595

Re: Creating mangle rules per ethernet interface.

I think I might have figured it out.

I created a seperate subnet and dhcp server per interface, I created my mangle rules based on the source and destination IP's.
The queue tree seems to work as intended on the global parent.
by derr12
Tue Sep 24, 2013 11:07 pm
Forum: General
Topic: cacti and mikrotik rb1100ahx2
Replies: 1
Views: 654

Re: cacti and mikrotik rb1100ahx2

double check and make sure your snmp is allowing the correct networks. Ive noticed cacti doesnt like un-named snmp sources. In winbox make sure the contact info and location needs is filled out as well as the community should have the appropriate subnet showing for devices you want to allow access, ...
by derr12
Tue Sep 24, 2013 10:58 pm
Forum: General
Topic: Creating mangle rules per ethernet interface.
Replies: 1
Views: 595

Creating mangle rules per ethernet interface.

Hey guys, Im trying to do class based shaping per Ethernet interface. Ive done this in a bridged setup a hundred times, but creating mangle rules/queue trees that work in NAT mode on seperate ethernet interfaces eludes me. Ether1 is my WAN port, Ether 2-5 are bridged. The end game is to have seperat...
by derr12
Tue Sep 17, 2013 5:15 am
Forum: General
Topic: Sample Installations - Sticky Please
Replies: 230
Views: 136375

Re: Sample Installations - Sticky Please

Boba Fett, guards my rb2011 setup with linksys Voip adapter. I have an rb751 as a wireless bridge feeding my entertainment center in my living room.

I cant take pictures of the 30 or so routerboards i administrate at work so this will have to do :p
by derr12
Fri Sep 13, 2013 7:30 pm
Forum: General
Topic: Need emergency help!!!!!
Replies: 4
Views: 730

Re: Need emergency help!!!!!

if your hard-drive is shot, you should be good provided A; You wrote down your license key and B; you have a backup of your configuration. If you dont have your license key anymore you will probably have to buy another license. You could beg support@mikrotik and see if that gets you a new key, it di...
by derr12
Fri Sep 13, 2013 7:26 pm
Forum: General
Topic: qos on miktrotik
Replies: 3
Views: 851

Re: qos on miktrotik

i found where he actually sells his script. It's this page; http://store.wispgear.net/p260/RouterOS ... 4jekbd6l05
by derr12
Fri Sep 13, 2013 1:42 am
Forum: General
Topic: reccomended antenna/chain setup for rb751g-2hnd
Replies: 2
Views: 703

Re: reccomended antenna/chain setup for rb751g-2hnd *resolv

looks like it behaves properly with all 4 chains. Case closed!
by derr12
Fri Sep 13, 2013 12:51 am
Forum: General
Topic: reccomended antenna/chain setup for rb751g-2hnd
Replies: 2
Views: 703

Re: reccomended antenna/chain setup for rb751g-2hnd

found my answer in the manual; antenna A is for internal antenna's. should all 4 chains be active still?
by derr12
Fri Sep 13, 2013 12:27 am
Forum: The Dude
Topic: Dude v4beta3 released
Replies: 253
Views: 99480

Re: Dude v4beta3 released

We love the dude! If developement started again, we would donate in a heartbeat. Fire up a Kickstarter campaign! guarenteed youd get some cashola for the project.
by derr12
Thu Sep 12, 2013 10:46 pm
Forum: General
Topic: How to Block torrent 100%? Only 2 lines. It is solved.
Replies: 63
Views: 93490

Re: How to Block torrent 100%? Only 2 lines. It is solved.

you forgot the "add" in front of your comment, thats why it fails on the syntax.
by derr12
Thu Sep 12, 2013 10:43 pm
Forum: General
Topic: Routes / Masquerading
Replies: 7
Views: 1473

Re: Routes / Masquerading

Yes that's correct, the public IP is the dst address.

an example of port forwarding 49000 would be;
add action=dst-nat chain=dstnat comment="Example SIP" disabled=\
    no dst-address=*publicIP* dst-port=49000 protocol=tcp to-addresses=\
    *localIP*
by derr12
Thu Sep 12, 2013 10:39 pm
Forum: General
Topic: reccomended antenna/chain setup for rb751g-2hnd
Replies: 2
Views: 703

reccomended antenna/chain setup for rb751g-2hnd

Hi guys, im wondering what the recomended setup for this router is.

This has 2x2 mimo right? So should be antenna b - both chains enabled on rx and tx right?
by derr12
Tue Sep 10, 2013 6:03 pm
Forum: General
Topic: Odd issue with bridged CCR 16 core not passing traffic.
Replies: 4
Views: 1167

Re: Odd issue with bridged CCR 16 core not passing traffic.

not going to bother, release notes make no mention of bugs that sound like this.
by derr12
Tue Sep 10, 2013 5:59 pm
Forum: General
Topic: Detect which of the AP / interface a user connects to a hots
Replies: 3
Views: 724

Re: Detect which of the AP / interface a user connects to a

bridge the lan ports and put the hotspot server on the bridge?
by derr12
Mon Sep 09, 2013 7:50 pm
Forum: General
Topic: MikroTik Bandwidth statement
Replies: 2
Views: 725

Re: MikroTik Bandwidth statement

you can also use snmp polling on a mikrotik as well.
by derr12
Mon Sep 09, 2013 7:47 pm
Forum: General
Topic: qos on miktrotik
Replies: 3
Views: 851

Re: qos on miktrotik

Butch evans, is generally considered the de-facto expert consultant for wisp QOS. He sells a very complete set of scripts for just such a job. we used an early version of his rules to get started.

The price for his script is reasonable as well.

http://www.butchevans.com/
by derr12
Mon Sep 09, 2013 7:33 pm
Forum: General
Topic: QoS Piorities and PCQ
Replies: 3
Views: 856

Re: QoS Piorities and PCQ

or if you want to just add my example; /queue tree add max-limit=11M name=Uploads_Full parent=ether1 priority=1 queue=default add max-limit=38M name=Downloads_Full parent=ether2 priority=1 queue=default add limit-at=256k max-limit=38M name=DN_priority1 packet-mark=p1_down parent=Downloads_Full prior...
by derr12
Mon Sep 09, 2013 7:32 pm
Forum: General
Topic: QoS Piorities and PCQ
Replies: 3
Views: 856

Re: QoS Piorities and PCQ

just in each of the child queues. i use this format in my transparent shaper; Flags: X - disabled, I - invalid 0 name="Uploads_Full" parent=ether1 packet-mark="" limit-at=0 queue=default priority=1 max-limit=11M burst-limit=0 burst-threshold=0 burst-time=0s 1 name="Downloads_Full" parent=ether2 pack...
by derr12
Mon Sep 09, 2013 7:28 pm
Forum: General
Topic: How can I buy a CRS125-24G?
Replies: 4
Views: 1162

Re: How can I buy a CRS125-24G?

super keen on this products release, Any word on an expected ship date?
by derr12
Mon Sep 09, 2013 6:46 pm
Forum: General
Topic: Odd issue with bridged CCR 16 core not passing traffic.
Replies: 4
Views: 1167

Re: Odd issue with bridged CCR 16 core not passing traffic.

I havnt tried it yet. Ill schedual a maintanance window and give it a try.
by derr12
Tue Sep 03, 2013 10:29 pm
Forum: General
Topic: Odd issue with bridged CCR 16 core not passing traffic.
Replies: 4
Views: 1167

Odd issue with bridged CCR 16 core not passing traffic.

Hi guys, I have deployed several of the CCR 16 core routers as transparent traffic shapers on my network. Generally they preform admirably, however one unit is misbehaving. After a month or so of steady operation, we are unable to reach network destinations past the first ethernet port. Rebooting th...
by derr12
Tue Aug 27, 2013 11:08 pm
Forum: General
Topic: Wireless AP's in a hotel
Replies: 1
Views: 464

Wireless AP's in a hotel

Im not sure how to impliment this without using the hotspot server. What I would like to see is have a user connect to an unsecured wireless AP, and on the first lanuch of a browser re-direct to the hotel website. After the first load of the page, it should allow browsing to anywhere without re-dire...
by derr12
Thu May 30, 2013 11:08 pm
Forum: General
Topic: MUM Croatia NEW PRODUCT ANNOUNCEMENT
Replies: 42
Views: 17150

Re: MUM Croatia NEW PRODUCT ANNOUNCEMENT

Eagerly awaiting the specs for the cloud router switch. Im eyeballing it for hotel installations. Any idea when it will be released for public consumption?
by derr12
Tue Apr 16, 2013 1:05 am
Forum: RouterBOARD hardware
Topic: ccr1016-12g switch?
Replies: 1
Views: 1159

ccr1016-12g switch?

Just to make sure, at first glance it appears that the ccr1016-12g does not have a switch chip, correct?
by derr12
Fri Apr 05, 2013 10:33 pm
Forum: Scripting
Topic: traffic shaping
Replies: 2
Views: 13844

Re: traffic shaping

You want to use the firewall to tag traffic types (mangle rules) and then create a queue tree in order to prioritize by class. This is a heady subject, you will want to read the wiki and then google some examples; http://wiki.mikrotik.com/wiki/Manual:Queue http://wiki.mikrotik.com/wiki/Manual:IP/Fir...
by derr12
Fri Apr 05, 2013 9:44 pm
Forum: General
Topic: traffic shaping per port now possible?
Replies: 0
Views: 457

traffic shaping per port now possible?

A little about my setup before i get started on my question; Lets say I have a ROS6 routerboard running as a NAT, providing dhcp and dns services to clients like so; Wan - MT - bridged Motorola AP - dhcp client radios ............. - bridged Motorola AP - dhcp client radios ..............- bridged M...
by derr12
Thu Mar 21, 2013 9:49 pm
Forum: The Dude
Topic: Using the Dude to Remote Backup RouterOS Devices
Replies: 11
Views: 5180

Re: Using the Dude to Remote Backup RouterOS Devices

+1 for this feature. That would be dang handy to pull backup files via the dude.
by derr12
Wed Mar 20, 2013 10:10 pm
Forum: General
Topic: Problem. Internal IP on WAN interface
Replies: 8
Views: 1258

Re: Problem. Internal IP on WAN interface

this may seem assinine, but make sure you havnt got the dhcp client on. ive seen 192.168.x.x addresses get assigned to my wan port periodically and that was the reason.
by derr12
Wed Mar 20, 2013 9:28 pm
Forum: General
Topic: Upload suffers greatly when download is active
Replies: 10
Views: 1171

Re: Upload suffers greatly when download is active

change the mangle chain to pre-routing and see what it does. In theory there should be no difference but i think forward might be after the queue tree and before simple queues in the new ROS6 packet map.
by derr12
Wed Mar 20, 2013 7:41 pm
Forum: General
Topic: Upload suffers greatly when download is active
Replies: 10
Views: 1171

Re: Upload suffers greatly when download is active

Odd.. Ive used plain jane PCQ via simple rules minus the mangle rules with speeds as low as 512k/256k before without issue... someone else will have to chime in, im totally stumped.
by derr12
Wed Mar 20, 2013 7:14 pm
Forum: General
Topic: Upload suffers greatly when download is active
Replies: 10
Views: 1171

Re: Upload suffers greatly when download is active

We use radius to authenticate Ptmp wireless clients. I use aradial radius tho. You place the users in groups(home, business, etc). When the pppoe client asks the router for access it sucks down the radius attributes (including what speed they should get) and makes a simple queue automatically. Consi...
by derr12
Wed Mar 20, 2013 5:40 pm
Forum: General
Topic: Upload suffers greatly when download is active
Replies: 10
Views: 1171

Re: Upload suffers greatly when download is active

The other thing you could do since you are using PPPOE... what does your pppoe authentication, radius? you can set user speeds via radius attributes too. All they do is dynamically create a simple queue tho.
by derr12
Wed Mar 20, 2013 5:38 pm
Forum: General
Topic: Upload suffers greatly when download is active
Replies: 10
Views: 1171

Re: Upload suffers greatly when download is active

That was true prior to ROS6. QOS has been re-done in version 6. Simple queue are processed as fast as queue tree's now, appearantly you can double QOS now.

I think PCQ got a performance boost too.
by derr12
Tue Mar 19, 2013 10:55 pm
Forum: General
Topic: Upload suffers greatly when download is active
Replies: 10
Views: 1171

Re: Upload suffers greatly when download is active

That's a new one. Maybe try making a simple queue instead of a queue tree and see if it still does it? /queue simple add disabled=no name=1meg queue=1m_upload-default/1m_download-default simple queues are supposed to be like 8 times faster in ROS6 so usinga simple queue instead of a queue tree for t...
by derr12
Sun Mar 17, 2013 12:46 am
Forum: General
Topic: Router Board/OS that can cater 100 users
Replies: 4
Views: 1574

Re: Router Board/OS that can cater 100 users

rb2011 is probably even overkill. I have a whole hotel on 10mbit fiber connection being fed by an RB450g with shaping and simple queues that doesnt break a sweat.
by derr12
Sat Mar 16, 2013 10:36 pm
Forum: General
Topic: PCQ-rate is divided between all users regardless of max-limi
Replies: 5
Views: 3763

Re: PCQ-rate is divided between all users regardless of max-

PS If you dont have your subnets organized like suggested above then you will have to use packet marks and your address list in order to place them in the correct simple queue. /queue simple add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment="" \ direction=both disabled=yes dst-address...
by derr12
Sat Mar 16, 2013 10:31 pm
Forum: General
Topic: PCQ-rate is divided between all users regardless of max-limi
Replies: 5
Views: 3763

Re: PCQ-rate is divided between all users regardless of max-

Connection marking is only required if you are going to use Queue tree's. The easiest way to do this would be by sorting your speed classes into different IP subnets: If your unlimited users are all on the same subnet you can simply not include them at all in your rules. so all you really need is; /...
by derr12
Sat Mar 16, 2013 6:28 pm
Forum: Scripting
Topic: scripting a Bandwidth hog penalty box.
Replies: 10
Views: 2779

Re: scripting a Bandwidth hog penalty box.

Thanks for the consideration; Yes, the way i see it we would only need to start checking queues after ether1 hits 60mbits. Forgive my psuedo scripting: schedualer can execute the first script every 30mins; If ether1>60mbits then run script "check users" which would then run; [max-limit (in bytes)]*6...
by derr12
Sat Mar 16, 2013 12:53 am
Forum: Scripting
Topic: scripting a Bandwidth hog penalty box.
Replies: 10
Views: 2779

Re: scripting a Bandwidth hog penalty box.

Im trying to sell this as a NetEQ replacement which uses a penalty-box type approach. PCQ ensures fairness by equally sharing whats left over amungst all users yes, but what we have to gain with the penalty box idea is an overall bandwidth increase for the other non-penalized users. It is a small bu...
by derr12
Fri Mar 15, 2013 9:45 pm
Forum: General
Topic: Total bytes thru an interface
Replies: 4
Views: 709

Re: Total bytes thru an interface

The web interface will give you interface stats. just make sure /IP services www is enabled and then fire up a browser to the router IP and click on graphs.
by derr12
Fri Mar 15, 2013 9:35 pm
Forum: General
Topic: DHCP/Hotspot question
Replies: 3
Views: 730

Re: DHCP/Hotspot question

I find my dhcp server assigns ip's at seeming random ip's The lease is renewed after a disconnect/reconnect or when the lease expires. You can set the dhcp lease time in your dhcp server to whatever time. set a short lease time and your idle timeouts with remove the lease immidiatly. I assume you ar...
by derr12
Fri Mar 15, 2013 8:57 pm
Forum: Scripting
Topic: The best mode to Log ang track the internet connections
Replies: 7
Views: 7481

Re: The best mode to Log ang track the internet connections

It doesnt look like standard logging will output what you are looking for there is a firewall logging option, but it doesnt include the connection tracker it seems. The mikrotik can export the raw data you need via netflow or accounting, but you need another box to organise all the data for you. Jus...
by derr12
Fri Mar 15, 2013 8:48 pm
Forum: Scripting
Topic: scripting a Bandwidth hog penalty box.
Replies: 10
Views: 2779

Re: scripting a Bandwidth hog penalty box.

I got to thinking, having a bajillion simple queues for a script to check might not be the way to go... its messy and they execute in order. What if the script watches the wan link bandwidth. If it reaches 90% of its capability, the script would fire up torch and watch for streams to/from the local ...
by derr12
Fri Mar 15, 2013 8:27 pm
Forum: General
Topic: How would i impliment this on a transparent shaper?
Replies: 2
Views: 464

Re: How would i impliment this on a transparent shaper?

After talking with Butch, it sounds like the only way to manage this will be with simple queues. The problem with simple queues is that they execute in order.. things will get messy and slow if I have a thousand simple queues. Im thinking somehow I get a script to execute torch and moniter streams I...
by derr12
Fri Mar 15, 2013 7:12 pm
Forum: Scripting
Topic: scripting a Bandwidth hog penalty box.
Replies: 10
Views: 2779

Re: scripting a Bandwidth hog penalty box.

I havnt ruled out the possibility of paying someone to script this for us either if anyone is interested?
by derr12
Fri Mar 15, 2013 5:56 pm
Forum: The Dude
Topic: Dude Not working on rb450g
Replies: 2
Views: 1045

Re: Dude Not working on rb450g

firewall rules?
by derr12
Fri Mar 15, 2013 5:20 pm
Forum: Scripting
Topic: scripting a Bandwidth hog penalty box.
Replies: 10
Views: 2779

Re: scripting a Bandwidth hog penalty box.

had a chat with Butch Evans, He suggested about the only way to moniter usage in this setup would be with simple queues. so... I guess I should start by adding simple queues for every IP on the subnet this transparent shaper will be shaping(unlimited speed by default), then i can start working on th...
by derr12
Fri Mar 15, 2013 5:14 pm
Forum: General
Topic: PCQ-rate is divided between all users regardless of max-limi
Replies: 5
Views: 3763

Re: PCQ-rate is divided between all users regardless of max-

You want to add a simple queue to specify an ip or ip range you want to apply the pcq limit to like this; /queue simple add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s comment=\ "wireless router 2meg/512k" direction=both disabled=no dst-address=0.0.0.0/0 \ interface=all limit-at=0/0 max-lim...
by derr12
Fri Mar 15, 2013 5:03 pm
Forum: General
Topic: Paid support need help
Replies: 3
Views: 500

Re: Paid support need help

Post your problem here, you might be able to get help for free.
by derr12
Fri Mar 15, 2013 12:45 am
Forum: Scripting
Topic: scripting a Bandwidth hog penalty box.
Replies: 10
Views: 2779

scripting a Bandwidth hog penalty box.

Hi guys. Im trying to figure out how to impliment this on transparent shaper. A user has been running High sustained data rate for hours and is hogging bandwidth. I want to be able to identify high sustained traffic ip's and place them into a "penalty box" where they get say, 60% of thier allowed ba...
by derr12
Fri Mar 15, 2013 12:08 am
Forum: General
Topic: How would i impliment this on a transparent shaper?
Replies: 2
Views: 464

Re: How would i impliment this on a transparent shaper?

Would a script be able to recognise when an IP on a subnet has exceeded (x) mbits for (x) time and then add a simple queue at a reduced speed for (X) time? I guess the real problem is that since my unit is bridged, where would you be able to moniter current thruput for an IP that doesnt involve torc...
by derr12
Thu Mar 14, 2013 9:45 pm
Forum: General
Topic: Routerboard Unreachable after Reboot
Replies: 1
Views: 371

Re: Routerboard Unreachable after Reboot

Ive seen the odd routerboard fail to boot after a /system reboot. Usually always the same one.
Ive had to power cycle every time to get them responding again.

On the problem unit ive stopped asking it to reboot automatically.
by derr12
Thu Mar 14, 2013 5:35 pm
Forum: General
Topic: How would i impliment this on a transparent shaper?
Replies: 2
Views: 464

How would i impliment this on a transparent shaper?

Hi guys. Im trying to figure out how to impliment this on the ROS6 platform. A user has been running High sustained data rate for hours and is hogging bandwidth. I want to be able to identify high sustained traffic ip's and place them into a "penalty box" where they get say, 60% of thier allowed ban...
by derr12
Fri Mar 01, 2013 10:59 pm
Forum: General
Topic: QoS and shaper together
Replies: 2
Views: 1051

Re: QoS and shaper together

You should be able to use a simple queue to limit speeds for each user on a subnet while still having all your shaping rules obeyed, (i cant see how your trees are setup because the images wont zoom for me) here is an example of having every IP limited to 512k/256k on a 10.0.0.0/22 network: add burs...
by derr12
Fri Feb 22, 2013 1:33 am
Forum: General
Topic: limit connections per one dst-address
Replies: 6
Views: 2822

Re: limit connections per one dst-address

looks good to me.
by derr12
Fri Feb 22, 2013 1:30 am
Forum: General
Topic: Infringement Torrents
Replies: 16
Views: 1636

Re: Infringement Torrents

you would pretty much have to assign a 1-1 nat to every user with a unique public IP.

You can look into outright blocking bit torrent and peer to peer, having an bandwidth usage limit and enforcement of that limit will pretty much eliminate dvd downloaders.
by derr12
Sat Feb 16, 2013 12:34 am
Forum: Beginner Basics
Topic: automatic queue speed limit for every dhcp lease
Replies: 1
Views: 5312

Re: automatic queue speed limit for every dhcp lease

All you should need to do is create a simple queue with the target address of 192.168.8.254/22, then you just set the upload and download speed. If you want to limit bandwidth or force them to share equally you could use PCQ to accomplish that as well. A good place to start for QOS types is here; ht...
by derr12
Sat Feb 16, 2013 12:15 am
Forum: Beginner Basics
Topic: pppoe athentication error
Replies: 1
Views: 524

Re: pppoe athentication error

your PPPOE connection is not able to establish because the connection properties that the mikrotik is getting from the Radius server is borked. Look at the user in your radius server and make sure any overiding radius attributes have not got your bursting limit higher than your max-limit. It could a...
by derr12
Thu Feb 14, 2013 11:44 pm
Forum: General
Topic: limit connections per one dst-address
Replies: 6
Views: 2822

Re: limit connections per one dst-address

If you want to limit 10 connections to any IP on the following 192.168.3.0/24 destination network;


add action=drop chain=forward comment="tcp connection limit" \
connection-limit=10,32 disabled=no dst-address=192.168.3.0/24 protocol=\
tcp
by derr12
Thu Feb 14, 2013 11:41 pm
Forum: General
Topic: limit connections per one dst-address
Replies: 6
Views: 2822

Re: limit connections per one dst-address

Be as specific or as not specific as you like. a 10 connection limit to any address would look like this: /ip firewall filter add action=drop chain=forward comment="tcp connection limit" \ connection-limit=10,32 disabled=no protocol=tcp I should warn you that web browsing would be very difficult wit...
by derr12
Thu Feb 14, 2013 12:01 am
Forum: General
Topic: What is the deal with getting HTTP traffic identified?
Replies: 4
Views: 658

Re: What is the deal with getting HTTP traffic identified?

Ok I THINK i got it figured out add action=mark-connection chain=forward comment="Mark HTTP Download" \ disabled=no in-interface=Bridge1 new-connection-mark=http_down \ passthrough=no protocol=tcp src-port=80,443 add action=mark-connection chain=forward comment="Mark HTTP up" disabled=\ no dst-port=...
by derr12
Wed Feb 13, 2013 11:17 pm
Forum: General
Topic: What is the deal with getting HTTP traffic identified?
Replies: 4
Views: 658

Re: What is the deal with getting HTTP traffic identified?

passthru=no means it will not bother to check any of the mangle rules below it once it has been identified. For example mangle rule 1 could be set to pick up http traffic. mangle rule 2 is set to identify "everything else" To prevent mangle rule 2 from taking the already marked packets from mangle r...
by derr12
Wed Feb 13, 2013 11:14 pm
Forum: General
Topic: Firewall filter rule inconsistency
Replies: 2
Views: 637

Re: Firewall filter rule inconsistency

You shouldnt need to specify the out interface, try without that. you could also try identifying it via the source port instead of destination as well.

I have better luck identifying via my local IP's instead of publics for some reason too.
by derr12
Wed Feb 13, 2013 11:06 pm
Forum: General
Topic: Router Suggestions? Multiple DHCP/etc...
Replies: 1
Views: 374

Re: Router Suggestions? Multiple DHCP/etc...

since most of the work is offloaded to other devices, you could go with any of the medium range mikrotiks to server your function. Any of the 2011 line will do, also the rb450g will be fine as well. Both these units will be able to do what you are suggesting plus you should be able to shape your int...
by derr12
Wed Feb 13, 2013 11:02 pm
Forum: General
Topic: Reduce Traffic Flows packets
Replies: 1
Views: 391

Re: Reduce Traffic Flows packets

Dont understand the question.

Trafficflows are for exporting netflow stats to a collector. For example you would send it to a NTOP server or cacti server for data handling.

Less netflow information would be Incomplete netflow information. And what good is netflow data if it's not complete?
by derr12
Wed Feb 13, 2013 10:43 pm
Forum: General
Topic: What is the deal with getting HTTP traffic identified?
Replies: 4
Views: 658

Re: What is the deal with getting HTTP traffic identified?

I should note that it seems to be working fine when the mikrotik is a router, you just make the source and destination ports like so: 8 ;;; HTTP Uploads chain=prerouting action=mark-packet new-packet-mark=p2_up passthrough=no protocol=tcp dst-port=80 9 ;;; HTTP Downloads chain=prerouting action=mark...
by derr12
Wed Feb 13, 2013 10:34 pm
Forum: General
Topic: limit connections per one dst-address
Replies: 6
Views: 2822

Re: limit connections per one dst-address

Here ya go, /ip firewall filter add action=drop chain=forward comment="tcp connection limit" \ connection-limit=100,32 disabled=no protocol=tcp This is set to drop the 101rst tcp connection per ip address you can modify it by specifying the destination IP and port to get really specific if you want.
by derr12
Wed Feb 13, 2013 4:51 am
Forum: General
Topic: What is the deal with getting HTTP traffic identified?
Replies: 4
Views: 658

What is the deal with getting HTTP traffic identified?

Ive built a mangle rule to pick up all HTTP traffic to or from port 80 on my transparent shaper (ROS6 beta9) It works when i go to a speedtest site, but just browsing the web or viewing youtube it gets counted on my mangle to catch everything else. I seem to recall the mangle rule (stolen from the t...
by derr12
Mon Feb 11, 2013 9:27 pm
Forum: General
Topic: Simple mangle to give direction for a global speed limit.
Replies: 1
Views: 494

Re: Simple mangle to give direction for a global speed limit

Should I have used my wan interface instead of the bridge? like this; 0 chain=prerouting action=mark-packet new-packet-mark=download passthrough=no in-interface=ether1 1 chain=postrouting action=mark-packet new-packet-mark=upload passthrough=no out-interface=ether1 I should note, when i tried this i...
by derr12
Mon Feb 11, 2013 7:29 pm
Forum: Scripting
Topic: Restart wlan interface in event of ping failure.
Replies: 2
Views: 2298

Re: Restart wlan interface in event of ping failure.

I want it watching for high packet loss too, not just downtime. Likewise I dont want it pre-maturely thinking it's down just because my watch ip decides he wants to fire up a torrent and he gets a few packets dropped as a result. This is temporary. Eventually all these subs will get migrated to our ...
by derr12
Mon Feb 11, 2013 7:14 pm
Forum: General
Topic: VPN Mikrotik to mikrotik
Replies: 1
Views: 447

Re: VPN Mikrotik to mikrotik

This is a pretty complete guide for doing what you are attempting:

http://wiki.mikrotik.com/wiki/Manual:BC ... ridging%29
by derr12
Mon Feb 11, 2013 7:05 pm
Forum: General
Topic: Simple mangle to give direction for a global speed limit.
Replies: 1
Views: 494

Simple mangle to give direction for a global speed limit.

Hi guys we deployed a router at a site and needed to limit speeds there to 8m/8m. So i added the following packet marks: 0 chain=prerouting action=mark-packet new-packet-mark=download passthrough=no in-interface=bridge 1 chain=postrouting action=mark-packet new-packet-mark=upload passthrough=no out-...
by derr12
Wed Feb 06, 2013 10:36 pm
Forum: Scripting
Topic: Restart wlan interface in event of ping failure.
Replies: 2
Views: 2298

Restart wlan interface in event of ping failure.

Hello, We have some P2MP links that occasionally go unresponsive or high packet loss. Rather than using a watchdog timer on an IP (Sometimes the unit will hang on restart) im monitering ive decided to try making my very first script. It works as intended: I have a netwatch watching a local IP "10.0....
by derr12
Mon Feb 04, 2013 8:10 pm
Forum: The Dude
Topic: SNMP Problem
Replies: 1
Views: 1412

Re: SNMP Problem

You could always try setting up a dude agent inside the network and assign it a public IP address.
by derr12
Mon Feb 04, 2013 8:06 pm
Forum: The Dude
Topic: Mysterious SMTP Traffic
Replies: 2
Views: 1129

Re: Mysterious SMTP Traffic

smtp or snmp? The dude does send mail for alerts, but it would be via another dedicated e-mail server. The dude uses SNMP to poll data from the devices you are monitering so one would expect a constant trickle of SNMP and ICMP. I moniter a few hundred devices and I get a total traffic spike of jsut ...
by derr12
Wed Jan 23, 2013 3:58 am
Forum: The Dude
Topic: Dude and radius probing..
Replies: 9
Views: 4907

Re: Dude and radius probing..

For Aradial Radius I added my dude server IP in my list of NAS's and then created the a radius user;

The probe can be broken down like this after:
\x01D\0,0123456789012345\x01\x06RadiusUSERNAME\x02\x12PASSWORD\0
by derr12
Fri Jan 11, 2013 11:17 pm
Forum: The Dude
Topic: installation failure
Replies: 4
Views: 1510

Re: installation failure

had another rb450 laying around that had ROS 4.10 on it. It installed fine. So try an older ROS version.
by derr12
Fri Jan 11, 2013 10:44 pm
Forum: The Dude
Topic: installation failure
Replies: 4
Views: 1510

Re: installation failure

Also get the same error when attempting to install dude v3.6 on my rb450 w/ ROS v6.0rc6
by derr12
Thu Jan 10, 2013 11:37 pm
Forum: The Dude
Topic: Mikrotik and voip
Replies: 1
Views: 1064

Re: Mikrotik and voip

This is a really, really wrong section for this. The dude is network monitering. I assume you mean you want to limit the IP's you have assigned to those voip GW's to a range of 8 tcp/udp ports only? If you have them behind a nat, half your job is done already since it will not cross the nat without ...
by derr12
Thu Jan 10, 2013 11:28 pm
Forum: The Dude
Topic: installation failure
Replies: 4
Views: 1510

Re: installation failure

Any suggestions? I want to use an RB450 as an agent for a remote network. Hate to have to setup another x86 box just for that.
by derr12
Wed Jan 09, 2013 1:13 am
Forum: The Dude
Topic: installation failure
Replies: 4
Views: 1510

Re: installation failure

I get the same error. I cant seem to install the latest dude software on any rb450g i have here.
by derr12
Tue Jan 08, 2013 11:54 pm
Forum: The Dude
Topic: Background image not loading.
Replies: 1
Views: 782

Re: Background image not loading.

Ah this is a bug. The search feature served me well...
by derr12
Tue Jan 08, 2013 11:05 pm
Forum: The Dude
Topic: Background image not loading.
Replies: 1
Views: 782

Background image not loading.

I have a screenshot of a sat map (jpeg 640x480) i had loaded to my dude server. It's less than 100k big, but when i try to load the network map that uses it as a background it just hangs on "loading..." I am using 4.0 b3, I have another background working on another network map using a jpeg but its ...
by derr12
Thu Dec 20, 2012 9:48 pm
Forum: The Dude
Topic: The Dude is defaulting. How come?
Replies: 1
Views: 894

Re: The Dude is defaulting. How come?

Id be willing to bet there is a hardware issue with the storage memory. id swap the device and see if the problem goes away.
by derr12
Thu Dec 20, 2012 9:32 pm
Forum: The Dude
Topic: Routerboard dude server for a remote site.
Replies: 2
Views: 1451

Routerboard dude server for a remote site.

Hi guys, need a recomendation for a routerboard to act as a Dude server I have a couple hundred devices that need snmp stats polled as well as pings and latency, I have lots of rb450g's but im concerned that space will be a problem for keeping stats. I was planning on having a PC at my main location...
by derr12
Sat Nov 03, 2012 1:19 am
Forum: General
Topic: [FEATURE REQUEST] Hotspot users expire date
Replies: 2
Views: 1682

Re: [FEATURE REQUEST] Hotspot users expire date

Wonder how hard it would be to impliment a free-radius type server right on the router?
We use radius to auth hotspot users. Gives you the option of having time limits and oodles of other things.
by derr12
Sat Nov 03, 2012 1:16 am
Forum: General
Topic: Improved load balancing
Replies: 5
Views: 1781

Re: Improved load balancing

Well the simple setup wizard in the new versions of routerOS was a welcome sight. I didnt have to setup my first switch or bridging in my rb2011. It also setup the AP for me.

How tits would that be if there was a "doing complicated things" wizard built into winbox?
by derr12
Sat Nov 03, 2012 1:12 am
Forum: General
Topic: lcd on v6.0rc1
Replies: 2
Views: 1223

Re: lcd on v6.0rc1

ah, i had no idea there was a calibrate function, cool ill keep that in mind.

So far as a basic internet connection sharing device im getting really good results with this rOS version.
by derr12
Mon Oct 15, 2012 11:34 pm
Forum: General
Topic: lcd on v6.0rc1
Replies: 2
Views: 1223

lcd on v6.0rc1

The LCD screen has some improvements over v5.1 it looks like, but... On my rb2011 board, the scroll bar doesnt seem to function barely at all. also the finger presses appear to be about a centemeter too high. as in, i have to press about a centemeter above the button I want to press. LCD is a low pr...
by derr12
Thu Oct 04, 2012 3:56 am
Forum: General
Topic: Conn Tracking tcp timeout setting question.
Replies: 5
Views: 9557

Re: Conn Tracking tcp timeout setting question.

I am finding that in most of my Point to multipoint wireless networks, 1day is way too long. I have mine set to 1 hour. It hasnt caused any problems with pre-mature tcp conenction termination as far as i can tell. Even at 1 hour, on some of my marginal signal customers it is causing issues because i...
by derr12
Thu Feb 09, 2012 12:09 am
Forum: General
Topic: Streaming QOS
Replies: 1
Views: 1312

Re: Streaming QOS

Most of that stuff comes over port 80, so you could give http priority. You might be able to find or make some layer 7 rules to identify embedded video in http, but i doubt it. Butch evans Rules I find, are quite good I have taken his and modifyed them a little bit. what it effectively has done for ...
by derr12
Wed Feb 08, 2012 11:34 pm
Forum: General
Topic: Looking for solution to redirect DNS's server
Replies: 11
Views: 5695

Re: Looking for solution to redirect DNS's server

In a similar sutuation with several hundred wireless clients and a dns server needs to be changed. only, instead of redirecting ALL port 53 traffic to the 192.168.1.1 is there anything wrong with something like this? add action=dst-nat chain=dstnat comment="" disabled=no dst-address=\ 8.8.8.8 dst-po...
by derr12
Tue Aug 23, 2011 6:34 pm
Forum: General
Topic: Question about PCQ QOS in the Queue Tree.
Replies: 2
Views: 765

Re: Question about PCQ QOS in the Queue Tree.

cool thanks, i figured it was irrelevent since it has been working as is. But not knowing things makes my brain itchy.
by derr12
Sat Aug 20, 2011 3:29 am
Forum: General
Topic: Can connect to PPTP on LAN but not WAN?
Replies: 5
Views: 1352

Re: Can connect to PPTP on LAN but not WAN?

On mine in the ppp-profile my pptp server points to, i have not specified a local or remote address and it works. Actually after looking, my pptp profile is just using the default-encryption profile and works from wherever. 1 * name="default-encryption" use-compression=default use-vj-compression=def...
by derr12
Sat Aug 20, 2011 3:17 am
Forum: General
Topic: Question about PCQ QOS in the Queue Tree.
Replies: 2
Views: 765

Question about PCQ QOS in the Queue Tree.

Hi again, I was looking at some of my PCQ rules and I come across something that i couldnt help but ponder about. My queue tree's look like this: Flags: X - disabled, I - invalid 0 name="Uploads_Full" parent=global-out limit-at=0 priority=1 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s ...
by derr12
Tue Aug 09, 2011 6:55 pm
Forum: General
Topic: Transparent Layer 7 shaper config..
Replies: 24
Views: 13904

Re: Transparent Layer 7 shaper config..

yeah, i didnt have a default route and im totally on a different subnet. will add the route and check it. thanks!
by derr12
Sat Aug 06, 2011 7:54 pm
Forum: General
Topic: Transparent Layer 7 shaper config..
Replies: 24
Views: 13904

Re: Transparent Layer 7 shaper config..

free cookie for the answer?
by derr12
Sat Aug 06, 2011 2:26 am
Forum: General
Topic: Super strange packet loss issue.
Replies: 2
Views: 503

Re: Super strange packet loss issue.

still getting packet loss when i added a switch and removed the port bridging.
by derr12
Sat Aug 06, 2011 1:41 am
Forum: General
Topic: Super strange packet loss issue.
Replies: 2
Views: 503

Re: Super strange packet loss issue.

I just found out that pinging from a customer to the router @ 10.0.0.1 is fine, but we cant ping past the masquerade without loss.
by derr12
Sat Aug 06, 2011 1:39 am
Forum: General
Topic: Super strange packet loss issue.
Replies: 2
Views: 503

Super strange packet loss issue.

Hello again. We have several motorola pmp320 Wimax sites now. The typical setup I have been using has been working good. switch --> rb450g -> moto cmm4 -> pmp320 AP's. The cmm4 is a gps sync and POE device, it keeps the AP's playing nice with eachother. we have one site that is acting nuts. For no r...
by derr12
Thu Jul 21, 2011 3:05 am
Forum: General
Topic: Transparent Layer 7 shaper config..
Replies: 24
Views: 13904

Re: Transparent Layer 7 shaper config..

bump?
by derr12
Tue Jul 19, 2011 1:32 am
Forum: General
Topic: Transparent Layer 7 shaper config..
Replies: 24
Views: 13904

Re: Transparent Layer 7 shaper config..

help a dummy out guys, Im sure this is something dumb that would be obvious to everyone else. Ive never tried to add an ip address to a fully transparent device before tho.
by derr12
Sat Jul 16, 2011 10:45 pm
Forum: General
Topic: Transparent Layer 7 shaper config..
Replies: 24
Views: 13904

Re: Transparent Layer 7 shaper config..

I am ready to deploy this sucker into our second phase of testing on a small leg of our network, but something simple has me stumped. This thing is totally transparent, so how do I assign an administrative IP that would be accessable on the same network? I just added an IP to the bridge interface an...
by derr12
Thu Jun 09, 2011 2:12 am
Forum: General
Topic: TCP connections that stay open
Replies: 1
Views: 571

TCP connections that stay open

Every once in a while I get a customer who cant surf because they have hit their limit of 80 tcp connections. Usually this is due to filesharing, but sometimes I see legitimate tcp port 80 connections that dont close when they are done in their browser. The connections Just stay open. to get them on...
by derr12
Wed Jun 08, 2011 4:18 am
Forum: General
Topic: tcp connection limit.
Replies: 62
Views: 31538

Re: tcp connection limit.

Oh wait, i dont need the dst address. in the first rule. durp.
by derr12
Wed Jun 08, 2011 4:03 am
Forum: General
Topic: tcp connection limit.
Replies: 62
Views: 31538

Re: tcp connection limit.

TCP connection is bi-directional

So the first rule would work then yeah?
by derr12
Fri Jun 03, 2011 10:53 pm
Forum: General
Topic: Question About VOIP and Mikrotik
Replies: 4
Views: 780

Re: Question About VOIP and Mikrotik

We are running an 8 line talkswitch PBX with little setup. Just the port forwarding and QOS (optional). Mikrotik will work like any other router as far as voip goes.
by derr12
Fri Jun 03, 2011 9:03 pm
Forum: General
Topic: tcp connection limit.
Replies: 62
Views: 31538

Re: tcp connection limit.

Ok how about this then, lets say i wanted to limit a list of ip ranges to 80 tcp connections but leave everyone else alone without having to add an ip address to the exclude list everytime i commision a server or add a commercial client. would i do this? does this limit connections either to OR from...
by derr12
Fri May 20, 2011 7:44 pm
Forum: General
Topic: tcp connection limit.
Replies: 62
Views: 31538

Re: tcp connection limit.

should look like this right?

0 X ;;; tcp connection limit
chain=forward action=drop protocol=tcp src-address-list=!exclude
dst-address-list=!exlcude connection-limit=80,32

that would not apply the rule if it was coming from or going to the IP's in the list "exclude"
by derr12
Mon May 16, 2011 8:48 pm
Forum: General
Topic: Channel bonding.
Replies: 11
Views: 1392

Re: Channel bonding.

bumps
by derr12
Sat May 14, 2011 12:14 am
Forum: General
Topic: [SOLVED?] PPPoE client not attaining full speed of VDSL line
Replies: 3
Views: 1453

Re: PPPoE client not attaining full speed of VDSL line

What version of ROS are you running, i think there was a 100% cpu bug on early versions of 3.x with pppoe.
by derr12
Fri May 13, 2011 10:42 pm
Forum: General
Topic: Channel bonding.
Replies: 11
Views: 1392

Re: Channel bonding.

bump.
by derr12
Fri May 13, 2011 9:36 pm
Forum: General
Topic: DSCP QOS with HTB and PCQ?
Replies: 2
Views: 1565

Re: DSCP QOS with HTB and PCQ?

What i have done is make my htb tree to shape traffic like so 0 name="Uploads_Full" parent=global-total limit-at=0 priority=1 max-limit=1> burst-limit=0 burst-threshold=0 burst-time=0s 1 name="Downloads_Full" parent=global-total limit-at=0 priority=1 max-limit=3M burst-limit=0 burst-threshold=0 burs...
by derr12
Fri May 13, 2011 9:18 pm
Forum: General
Topic: QOS setup help
Replies: 3
Views: 655

Re: QOS setup help

It looks to me the reason that your direction is wrong is because you are using src-address instead of dst address. /ip firewall mangle add action=mark-packet chain=prerouting comment=ICMP disabled=no new-packet-mark=ICMP passthrough=no protocol=icmp src-address=192.168.x.222 this should be /ip fire...
by derr12
Fri May 13, 2011 12:45 am
Forum: General
Topic: Channel bonding.
Replies: 11
Views: 1392

Re: Channel bonding.

bump
by derr12
Fri May 13, 2011 12:42 am
Forum: General
Topic: QoS Within PPPoE connection
Replies: 2
Views: 737

Re: QoS Within PPPoE connection

If you are running a mikrotik CPE, you might be able to get something like that working, and it would have to be set on the CPE. I think you would have to turn off pppoe though.
by derr12
Fri May 13, 2011 12:41 am
Forum: General
Topic: QoS Within PPPoE connection
Replies: 2
Views: 737

Re: QoS Within PPPoE connection

Not within the pppoe connection itself no, PPPOE does not have any QOS perameters you can do. You may be able to set some basic QOS on the CPE side depending on what kind of gear you have in. You CAN set some QOS on the AP as a whole using PCQ and queue tree's but that will shape bandwidth as a whol...
by derr12
Wed May 11, 2011 11:32 pm
Forum: General
Topic: Using TOS for upload and download mangles
Replies: 5
Views: 732

Re: Using TOS for upload and download mangles

I think i got it... its odd tho, some calls show in upload, some in down. direction must be decided by the call initiator or something.
by derr12
Wed May 11, 2011 11:25 pm
Forum: General
Topic: Using TOS for upload and download mangles
Replies: 5
Views: 732

Re: Using TOS for upload and download mangles

The only thing that isnt logging some form of traffic now is RTP download. Im wondering if that has more to do with how VOIP works and less to do with the rule. getting tons of sip up and down and only a little rtp up and no download.
by derr12
Wed May 11, 2011 11:16 pm
Forum: General
Topic: Using TOS for upload and download mangles
Replies: 5
Views: 732

Re: Using TOS for upload and download mangles

I dont think that will work, this is a transparent shaper so it is bridged. I also tried using dst and src address pools to make direction, that works for every other mangle rule, but not these ones for some reason, it is still being classified as all download. Note: I just noticed some upload, I th...
by derr12
Wed May 11, 2011 10:11 pm
Forum: General
Topic: Using TOS for upload and download mangles
Replies: 5
Views: 732

Re: Using TOS for upload and download mangles

I think i answered question 1, I believe after looking at a table and my hex values that it uses a dscp value.

Question 2 is still at large tho. free cookie for the person that answers!
by derr12
Wed May 11, 2011 10:09 pm
Forum: General
Topic: Using TOS for upload and download mangles
Replies: 5
Views: 732

Using TOS for upload and download mangles

Hi there, rather than make rules for the dozens of rtp and sip ports the voip devices we use, I was trying to make rules based on TOS: 6 ;;; VOIP Uploads chain=prerouting action=mark-packet new-packet-mark=VOIP_UP passthrough=no dscp=46 7 ;;; VOIP Downloads chain=prerouting action=mark-packet new-pa...
by derr12
Wed May 11, 2011 12:19 am
Forum: General
Topic: Channel bonding.
Replies: 11
Views: 1392

Re: Channel bonding.

Well im trying to get this to work via the ethernet ports 2 and 3 to a pair of nanostation5 links to ports 2 and 3 on the second mikrotik. Im trying to get this working in a test environment because One of our backhauls is going to need to be doubled soon and what better way to double somthing that ...
by derr12
Tue May 10, 2011 2:23 am
Forum: General
Topic: Channel bonding.
Replies: 11
Views: 1392

Re: Channel bonding.

bump. Anyone got a link or suggestion of where to look for documentation that deals with kind of thing?
by derr12
Sun May 08, 2011 1:05 am
Forum: General
Topic: Channel bonding.
Replies: 11
Views: 1392

Re: Channel bonding.

bump, anyone got a working example? I havnt been able to make this work from wiki examples or the manual.
by derr12
Fri May 06, 2011 10:46 pm
Forum: General
Topic: Channel bonding.
Replies: 11
Views: 1392

Re: Channel bonding.

How i have it set now: router 1, ether2 10.0.1.1/22 ether3 10.0.2.1/22 bonding interface 10.0.3.1/22 eoip tunnels 1 and 2 as slaves tunnel 1 eoip target 10.0.1.5 tunnel 2 eoip target 10.0.2.6 router2 ether2 10.0.1.5/22 ether3 10.0.1.6/22 bonding 10.0.3.7/22 eoip tunnels 1 and 2 as slaves tunnel 1 eo...
by derr12
Fri May 06, 2011 10:34 pm
Forum: General
Topic: Channel bonding.
Replies: 11
Views: 1392

Re: Channel bonding.

maybe im setting up the eoip tunnels wrong, what ip address should i have on the eoip tunnels remote address?, the ip address of the ethernet interface on the other end? the IP of the bonding interface? i can ping the ip that is assigned to the ethernet interface on the other side.
  • 1
  • 2