Community discussions

Search found 325 matches

  • 1
  • 2
by jmay
Thu Jan 31, 2019 10:54 pm
Forum: The Dude
Topic: The Dude IS Dead, really, isn't it?
Replies: 30
Views: 5235

Re: The Dude IS Dead, really, isn't it?

I wish someone would build a decent cheap program that works with all kinds of hardware. Right now I've got Dude for infrastructure, Zabbix for Access Points and Customer SM's, and a whole host of various methods to update software on all this stuff. I can't be the only one with lots of competing ge...
by jmay
Thu Jan 31, 2019 10:49 pm
Forum: The Dude
Topic: The Dude questions
Replies: 4
Views: 1032

Re: The Dude questions

2 ways to setup notifications. One is under the device under the polling tab. The 2nd is under the services tab and double clicking each service you want a notification to be sent on. As far as the icon turning red when only one service is down, I don't think that is possible. If one is down and som...
by jmay
Thu Dec 13, 2018 10:31 pm
Forum: The Dude
Topic: Dude refreshing state fails...
Replies: 1
Views: 503

Re: Dude refreshing state fails...

I see this from time to time as well, so if you are doing something wrong I'm doing the exact same thing.
by jmay
Thu Dec 13, 2018 8:08 pm
Forum: Beginner Basics
Topic: Ping over different subnets
Replies: 2
Views: 370

Re: Ping over different subnets

An export would help. Its either a routing issue or a firewall rule blocking it.
by jmay
Thu Dec 13, 2018 7:33 pm
Forum: The Dude
Topic: Storing POE Port status from Netonix
Replies: 0
Views: 376

Storing POE Port status from Netonix

Anyone figure out a way to use the dude to store port information from a Netonix POE Switch? I'd like to have history so when one dies (which happens a lot) I can have access to which ports had POE on and whether they were 24v or 48v. I figure I can graph which works and gives me a 24 or 48 graph to...
by jmay
Fri Nov 02, 2018 6:29 pm
Forum: General
Topic: Creating a scheduler from terminal
Replies: 1
Views: 259

Creating a scheduler from terminal

Easy question, what is the syntax for adding multiple lines of code to the scheduler via command line? I've got tons of routers to change and would be faster to do this via command line. An example would be a scheduler that does 2 things on startup. /ip neighbor discovery-settings set discover-inter...
by jmay
Mon Aug 06, 2018 10:01 pm
Forum: Forwarding Protocols
Topic: DDOS, Blackholes and BGP Peer IP
Replies: 0
Views: 412

DDOS, Blackholes and BGP Peer IP

I can black hole a single IP address via BGP communities with my upstream provider to drop attacks, but how do I combat an attack thats hitting my BGP peer IP? This happened over the weekend and my upstream provider was no help at all. How do people handle that? A 2nd BGP peer with them perhaps that...
by jmay
Mon Jun 25, 2018 11:04 pm
Forum: Announcements
Topic: v6.42.4 [current]
Replies: 93
Views: 16241

Re: v6.42.4 [current]

I'm having a strange problem since I think the update before 6.2.4 and still with 6.2.4. I have a wireless bridge from my house to 2 out buildings using a wAPac as an 802.11 ap to feed them. Randomly both SM's will drop off the ap at the exact same time and will not attempt to reconnect until I shut...
by jmay
Wed May 30, 2018 12:53 am
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 76503

Re: VPNfilter official statement

I have never used webfig for my routers. Winbox only and I only allow specific IP's that access. I should be fine yeah? Most of my routers are currently at 6.41.
by jmay
Wed May 23, 2018 11:37 pm
Forum: Announcements
Topic: v6.42.2 [current]
Replies: 65
Views: 14163

Re: v6.42.2 [current]

This update has bricked one of my HAP AC units to a reboot loop I had to use netinstall to restore it (first time for me) After netinstall and upgrade everything seems fine :D Thanks! Same thing just happened to me. Updated all the MT's at home and now my outdoor AP seems to be power cycling. I sho...
by jmay
Thu Apr 19, 2018 8:26 pm
Forum: General
Topic: VPN and log question
Replies: 5
Views: 459

Re: VPN and log question

We get around 10,000 scan attempts a day on some of our main routers. I've never really looked to see if the bots send multiple probes at the same time or not. We will lock this down to only allow a couple of IP's access some time today. I've never done a VPN with MT so at first I was thinking estab...
by jmay
Thu Apr 19, 2018 7:58 pm
Forum: General
Topic: VPN and log question
Replies: 5
Views: 459

Re: VPN and log question

I just ran a test. If you scan port 1723 the Mikrotik will log a TCP connection established like my log in my first post indicated.

Maybe this will help the next guy.
by jmay
Thu Apr 19, 2018 7:49 pm
Forum: General
Topic: VPN and log question
Replies: 5
Views: 459

Re: VPN and log question

I am the ISP. The site in question is a remote tower with 1 piece of hardware plugged into it and the VPN has not been active for 24 hours yet. We fully intend to protect the site, the router itself is already firewalled and the network that feeds it is ridiculously protected, but right now we were ...
by jmay
Thu Apr 19, 2018 5:43 pm
Forum: General
Topic: VPN and log question
Replies: 5
Views: 459

VPN and log question

I setup a VPN in a Mikrotik yesterday and I have a question about the log. I havent locked down the router yet as we are still testing and the site is not a site that really needs to be secured yet, but if the log shows entries like this, but doesnt show an authentication failure, what are they? Are...
by jmay
Wed Feb 07, 2018 8:46 pm
Forum: General
Topic: How to view another admins password?
Replies: 1
Views: 585

How to view another admins password?

I have a bunch of routers in the field. I have my password but we had another account setup for someone who has left the company. I'd like to let his replacement start using that login but I dont know what it is. If I log into the router with my admin password how can i see the pw on another account...
by jmay
Fri Feb 02, 2018 1:21 am
Forum: General
Topic: Laws regarding sharing IP addresses
Replies: 3
Views: 514

Laws regarding sharing IP addresses

Can anyone point me to the right resource in the US regarding being an ISP and issuing shared IP addresses to customers? We have reached the point to start considering options, but I'm not sure if we are required by law to keep all customers separated and trackable. My hunch is that we do, but my co...
by jmay
Wed Sep 20, 2017 11:57 pm
Forum: The Dude
Topic: Proper way to backup and restore?
Replies: 2
Views: 607

Proper way to backup and restore?

I meant to learn this before I finished building my new version of dude, but I got excited and built the whole thing. Fast forward 3 weeks and I thought I better learn this. I messed up one of my maps and wanted to restore it. I had previously followed the directions at: https://wiki.mikrotik.com/wi...
by jmay
Sat Sep 16, 2017 1:09 am
Forum: The Dude
Topic: Read only users missing features like background images
Replies: 1
Views: 464

Re: Read only users missing features like background images

Nevermind, I just figured out thru trial and error that ftp was also needed. I should have read the manual better.
by jmay
Sat Sep 16, 2017 1:03 am
Forum: The Dude
Topic: Read only users missing features like background images
Replies: 1
Views: 464

Read only users missing features like background images

I setup my first extra user for our dude server and the new user doesn't load any of the custom background images I used. Also, the font looks different and the text is not very clear. I created a user group with Dude and Read selected. Full users look fine.

What am I doing wrong?
by jmay
Thu Sep 14, 2017 6:45 pm
Forum: The Dude
Topic: Probe Thread
Replies: 324
Views: 222894

Re: Probe Thread

Is it possible to graph all the time and still have a notification on failure if a probe fails? For example, I'm graphing DC voltage from MT's and I want an alert if that Voltage drops down to a certain point. I used to do this with 2 probes, but if would be nice if I could just have one probe. The ...
by jmay
Sat Sep 09, 2017 2:06 am
Forum: The Dude
Topic: Think I found a bug
Replies: 0
Views: 498

Think I found a bug

If I set my links color to anything other than black, many of the links stop turning red when full. I had my links set to white because I'm using a dark background and noticed that many of the congested links were still showing white. Through trial and error I figured out that they work fine if I ke...
by jmay
Fri Sep 08, 2017 12:14 am
Forum: The Dude
Topic: Mikrotik SNMP ifspeed variables
Replies: 2
Views: 625

Re: Mikrotik SNMP ifspeed variables

Thanks! I get it now, one of the interfaces belongs to the bridge.
by jmay
Thu Sep 07, 2017 8:41 pm
Forum: The Dude
Topic: Airfiber bandwidth and the Dude
Replies: 9
Views: 1335

Re: Airfiber bandwidth and the Dude

Yes I have, but it doesnt seem to work.
by jmay
Thu Sep 07, 2017 6:56 pm
Forum: The Dude
Topic: Mikrotik SNMP ifspeed variables
Replies: 2
Views: 625

Mikrotik SNMP ifspeed variables

Why is it some of my wireless devices use iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifSpeed.1 while others use iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifSpeed.2 or even .3? These devices only have 1 ethernet port. Some devices will show a .2 and a .3 for example w...
by jmay
Wed Sep 06, 2017 6:34 pm
Forum: The Dude
Topic: Keep device green even when probe fails?
Replies: 1
Views: 517

Keep device green even when probe fails?

I use a MT router as a pingable device to monitor when a generator comes on or off. It's there to let us know that the generator works and when it comes on. The down side is when the generator is off the probe is red because the MT is down which makes my little flag red. I use ack to make it blue so...
by jmay
Wed Sep 06, 2017 4:27 pm
Forum: The Dude
Topic: Airfiber bandwidth and the Dude
Replies: 9
Views: 1335

Re: Airfiber bandwidth and the Dude

If u manage to make this work, please share.
by jmay
Sat Sep 02, 2017 4:54 pm
Forum: The Dude
Topic: Airfiber bandwidth and the Dude
Replies: 9
Views: 1335

Re: Airfiber bandwidth and the Dude

Well I'm glad its not just me then. It's not a huge deal as I graph from the switch it plugs into, but it would make the maps look cleaner if I could someday graph from the wireless side like my other links. But I can live with it.
by jmay
Sat Sep 02, 2017 4:52 pm
Forum: The Dude
Topic: Dude still graphs even while module is down
Replies: 15
Views: 3899

Re: Dude still graphs even while module is down

Ok I figured out the new dude could graph negative numbers after I posted this so I took out the multiplication to make it a positive and it seems to work fine now. I was using dude 3.6 originally which forced me to do it that way.
by jmay
Sat Sep 02, 2017 4:43 pm
Forum: The Dude
Topic: Graphing RF Power Levels on PTP Links [SOLVED]
Replies: 8
Views: 1145

Re: Graphing RF Power Levels on PTP Links [SOLVED]

Solectek bridges have kind of the same trouble where the OID is actually something different on each link even though they use the same hardware something is tacked onto the end of the RSSI OID. For example the actual oid is 1.3.6.1.4.1.2890.7.6.2.1.5.6.0.128.72.116.21.168 on one bridge, Since it i...
by jmay
Thu Aug 31, 2017 8:08 pm
Forum: The Dude
Topic: Airfiber bandwidth and the Dude
Replies: 9
Views: 1335

Re: Airfiber bandwidth and the Dude

I just realized you said powerbeam. I can graph ubnt products as long as they are not airfibers. The airfiber line seems to be different.
by jmay
Thu Aug 31, 2017 8:04 pm
Forum: The Dude
Topic: Airfiber bandwidth and the Dude
Replies: 9
Views: 1335

Re: Airfiber bandwidth and the Dude

Which MIB are you using? Maybe airfiber is different but I cant get this to work. I get the interface options of air, eth0, br, sit, lo, but non of them show more than a few k of traffic.
by jmay
Thu Aug 31, 2017 5:04 am
Forum: The Dude
Topic: Dude still graphs even while module is down
Replies: 15
Views: 3899

Re: Dude still graphs even while module is down

Wow 4 and a half years later and I'm still searching for a solution and came upon my own thread lol. I'm starting my build using v6 and so far so good with most things, but the problem outlined in my first post still exists with it. After 4.5 years I've gotten used to it and can live with it, but if...
by jmay
Wed Aug 30, 2017 10:08 pm
Forum: The Dude
Topic: Graphing RF Power Levels on PTP Links [SOLVED]
Replies: 8
Views: 1145

Re: Graphing RF Power Levels on PTP Links [SOLVED]

I'm confused. I'm using SNMPWalk from within the Dude to find the OID's I want. Then I graph them also using the Dude. What is snmpget? Maybe my sytax is wrong. I'm testing right now by putting this into a network map in the dude. Is this correct? [oid("iso.org.dod.internet.private.enterprises.mikro...
by jmay
Wed Aug 30, 2017 9:41 pm
Forum: The Dude
Topic: Graphing RF Power Levels on PTP Links [SOLVED]
Replies: 8
Views: 1145

Re: Graphing RF Power Levels on PTP Links [SOLVED]

Are u saying to use this? I tried this and it returned nothing.

iso.org.dod.internet.private.enterprises.mikrotik.mikrotikExperimentalModule.mtXRouterOs.mtxrWireless.mtxrWlRtabTable.mtxrWlRtabEntry.mtxrWlRtabStrength
by jmay
Wed Aug 30, 2017 6:46 pm
Forum: The Dude
Topic: Graphing RF Power Levels on PTP Links [SOLVED]
Replies: 8
Views: 1145

Graphing RF Power Levels on PTP Links [SOLVED]

I have MT's setup as backhauls all over the place. When I snmpwalk them each link will have a slightly different OID for graphing rf levels. I don't see a universal one. Is there a way to over come this? I have to create a probe for every link and if a MT gets swapped out I have to rebuild the snmp ...
by jmay
Wed Aug 30, 2017 6:27 pm
Forum: The Dude
Topic: Airfiber bandwidth and the Dude
Replies: 9
Views: 1335

Airfiber bandwidth and the Dude

Has anyone gotten ubiquiti products to graph with the dude other than graphing from the port the ubnt plugs into? I'm rebuilding our dude server with version 6 and would love to graph these on the wireless link like I do with all other hardware. Best I can tell the oid I want to use is this one, whi...
by jmay
Tue Aug 29, 2017 7:40 pm
Forum: The Dude
Topic: 1100 Dude Edition, best storage option [SOLVED]
Replies: 1
Views: 589

Re: 1100 Dude Edition, best storage option

Nevermind, blonde moment! I didn't realize the 60gig was internal and needed to be formatted first. I guess I saw the SD slot and assumed thats how these were configured. So move along, nothing to see here. :)
by jmay
Tue Aug 29, 2017 6:32 pm
Forum: The Dude
Topic: 1100 Dude Edition, best storage option [SOLVED]
Replies: 1
Views: 589

1100 Dude Edition, best storage option [SOLVED]

I just ordered an 1100AHx4 Dude Edition MT from Amazon and the included SD card is not with it. I'm currently working with Amazon to correct that, but I started wondering if I'd be better off using an internal HD. Any thoughts on what would be best? This is for a good sized network of 80 towers. I'm...
by jmay
Tue Aug 22, 2017 10:51 pm
Forum: The Dude
Topic: MIB's Greyed out
Replies: 0
Views: 343

MIB's Greyed out

Started playing with the new dude for the first time and when I snmpwalk most of the MIBs are greyed out. Why is that? This is a brand new install with 1 mikrotik added. When I do an snmpwalk I don't see many of the options I used to, such as dhcp total count, etc. After looking at my old 3.6 server...
by jmay
Fri Aug 18, 2017 8:31 pm
Forum: The Dude
Topic: Displaying DHCP total, but excluding 1 network?
Replies: 0
Views: 356

Displaying DHCP total, but excluding 1 network?

We are starting to run out of Public IP's so we're putting a few customers on private IP's and natting them. I have the dude show me total DHCP leases so I know when I get close to running out of public IP's, but with the introduction of privates it throws the calculation off. Is there a way to show...
by jmay
Wed Aug 16, 2017 3:27 am
Forum: General
Topic: received Router Solicitation packet with invalid hoplimit=64
Replies: 0
Views: 1103

received Router Solicitation packet with invalid hoplimit=64

Started sending IPv6 to about 150 Ubiquiti CPE's and 1 device is causing this error every every few minutes. What is this?
by jmay
Thu Aug 10, 2017 1:52 am
Forum: General
Topic: upgrade mikrotik
Replies: 2
Views: 574

Re: upgrade mikrotik

IMO the firmware that we download from the mikrotik site should be called software. The firmware firmware is specific to each board, so think of it like a bios update. The other firmware, the one I'm calling software, then runs on top of that.
by jmay
Wed Aug 09, 2017 12:51 am
Forum: General
Topic: IPv6 and DHCP and DNS
Replies: 65
Views: 11040

Re: IPv6 and DHCP and DNS

Ok, I may just keep my clients using an IPv4 DNS for a while. I like caching at my routers because the network is so large and spread out these days that many customers have a long path back to our 2 main servers. Thanks to everyone in this thread btw! We have about a dozen customers testing IPv6 ri...
by jmay
Tue Aug 08, 2017 11:17 pm
Forum: General
Topic: IPv6 and DHCP and DNS
Replies: 65
Views: 11040

Re: IPv6 and DHCP and DNS

Quick followup question: I figured out I can manually enter an Routers IPv6 IP as my DNS server on a computer and it works just fine as a DNS cache router. I can also add that same IP to the DNS servers list and the router will hand that IP out to my clients. However, the router then constantly quer...
by jmay
Mon Aug 07, 2017 11:51 pm
Forum: Forwarding Protocols
Topic: IPv6 Firewall, what am I doing wrong?
Replies: 11
Views: 1677

Re: IPv6 Firewall, what am I doing wrong?

Since I have the attention of a couple of smart people let me ask another question. The above rule is for our office. I'll keep playing with that one, but here's what I've got so far for my core routers. Can you guys critique these and tell me if they should protect the routers themselves? 0 ;;; Acc...
by jmay
Mon Aug 07, 2017 10:37 pm
Forum: Forwarding Protocols
Topic: IPv6 Firewall, what am I doing wrong?
Replies: 11
Views: 1677

Re: IPv6 Firewall, what am I doing wrong?

Scratch that last post, that might just be working. I'm getting a small handful or RST's, but nothing like I had before. Prior it was filling up the log screen pretty rapidly.
by jmay
Mon Aug 07, 2017 10:31 pm
Forum: Forwarding Protocols
Topic: IPv6 Firewall, what am I doing wrong?
Replies: 11
Views: 1677

Re: IPv6 Firewall, what am I doing wrong?

Just tried it, still seeing lots of RST.
by jmay
Mon Aug 07, 2017 10:07 pm
Forum: Forwarding Protocols
Topic: IPv6 Firewall, what am I doing wrong?
Replies: 11
Views: 1677

Re: IPv6 Firewall, what am I doing wrong?

I started paying a bit more attention to the devices that were having this problem and noticed it's only a couple computers in the entire office generating these RST packets. The biggest offender is the user thats the most technically challenged person in the building. He's also the VP, go figure. :...
by jmay
Mon Aug 07, 2017 7:44 pm
Forum: Forwarding Protocols
Topic: IPv6 Firewall, what am I doing wrong?
Replies: 11
Views: 1677

Re: IPv6 Firewall, what am I doing wrong?

Thanks zero, I tried it both ways the other day when I found an old post of yours, same issue either way. I was running 6.39.2, just upgraded to 6.40.1 but I'm still seeing the same thing. Funny thing is it appears to work. If I goto ipv6-test.com it shows green a cross the board, but yet the router...
by jmay
Mon Aug 07, 2017 6:19 pm
Forum: Forwarding Protocols
Topic: IPv6 Deployment
Replies: 8
Views: 992

Re: IPv6 Deployment

I started learning IPv6 for the reasons most ISP's do, we ran out of IPv4! Then I learned that IPv6 isnt much of a replacement option at all so we were left with one decent option, deploy it and let some customers use both, but still run out of IPv4! We're moving forward anyways so when the world fu...
by jmay
Mon Aug 07, 2017 6:06 pm
Forum: Forwarding Protocols
Topic: IPv6 Firewall, what am I doing wrong?
Replies: 11
Views: 1677

Re: IPv6 Firewall, what am I doing wrong?

I have a log rule right before the last drop rule to see what gets dropped in case I am missing anything. ;;; Log chain=forward action=log log=no log-prefix="" I'm seeing a ton of entries like this one: 08:58:49 firewall,info forward: in:ether1 out:ether2, src-mac d4:ca:6d:22:5c:2b, p roto TCP (RST)...
by jmay
Mon Aug 07, 2017 5:53 pm
Forum: Forwarding Protocols
Topic: IPv6 Deployment
Replies: 8
Views: 992

Re: IPv6 Deployment

We're about to start deploying IPv6 in the next couple of weeks. We've been in a test mode for a while running it at key locations. As far as BGP goes, the only BGP we use is to our 3 upstream providers, but with each case we ran a separate instance and seperate peer, one for IP4 and one for IP6. Wo...
by jmay
Mon Aug 07, 2017 5:40 pm
Forum: Forwarding Protocols
Topic: IPv6 Firewall, what am I doing wrong?
Replies: 11
Views: 1677

IPv6 Firewall, what am I doing wrong?

I'm trying my first basic firewall set and I think I'm missing something here. When I make a request it seems that the connection is not getting established and then the firewall blocks the incoming packets. Here's the rule set: (more or less copied from a post by @zerobyte ) The log will show that ...
by jmay
Sat Aug 05, 2017 4:22 pm
Forum: General
Topic: Bridging all ethernet ports with isolated vlans
Replies: 3
Views: 502

Re: Bridging all ethernet ports with isolated vlans

I think I was fighting a bug of some kind. With my initial testing I had an IPv6 DHCP server on an ether port with no vlan tagging. When I was ready to test it on VLAN2 I simply moved the IPv6 address and DHCP server to VLAN2. My clients were still receiving prefixes on the ethernet port, but not on...
by jmay
Sat Aug 05, 2017 1:56 am
Forum: General
Topic: Bridging all ethernet ports with isolated vlans
Replies: 3
Views: 502

Bridging all ethernet ports with isolated vlans

I've got MT's all over the place being used as basic switches with all ports bridged together. All traffic is currently untagged. I'm trying to add a vlan2 to my network and it appears that my bridges are combining all the tagged and untagged traffic together because if I put my IPv6 DHCP server on ...
by jmay
Mon Jul 24, 2017 7:11 pm
Forum: General
Topic: IPv6, BGP, and Aggregates
Replies: 8
Views: 1616

Re: IPv6, BGP, and Aggregates

The reason I'm trying to inject OSPF into BGP is we have 3 core routers in 3 different towns. Each town will have a dedicated direction to reach the internet, but I'd like the towns to switch to another town in the event of a problem considering all our towns are interlinked via wireless. In the pas...
by jmay
Mon Jul 24, 2017 6:17 pm
Forum: General
Topic: IPv6, BGP, and Aggregates
Replies: 8
Views: 1616

Re: IPv6, BGP, and Aggregates

THANK YOU THANK YOU THANK YOU!!! This makes sense and it works! I see how to do this with IPv4 now as well. This is exactly the info I needed. If you ever end up in New Mexico let me know and I'll buy you a beer!
by jmay
Fri Jul 21, 2017 5:25 pm
Forum: General
Topic: IPv6, BGP, and Aggregates
Replies: 8
Views: 1616

Re: IPv6, BGP, and Aggregates

For simplicity sake, lets say my bgp router is connected to a 2nd router via ospv3. 2nd router has been given a /48, we'll say 2001:1111:1::/48. 2nd router uses that pool to assign /64's to customers. Actually I'm now issuing /60's. I set 2nd router to distribute connected and static routes as type ...
by jmay
Wed Jul 19, 2017 5:51 pm
Forum: General
Topic: IPv6, BGP, and Aggregates
Replies: 8
Views: 1616

IPv6, BGP, and Aggregates

Should I be able to advertise IPv6 space via aggregates because it doesn't appear to work. I have multiple upstream providers and would like to use OSPF to advertise routes via one fiber or another, but it doesnt alter the advertisement. My provider appears to be accepting /64 advertisements which w...
by jmay
Sun Jul 09, 2017 8:47 pm
Forum: General
Topic: RB450G's Locking up all over the place
Replies: 1
Views: 280

RB450G's Locking up all over the place

I've got about a dozen 450G's that have been locking up randomly ever since updating past 6.17. I would say once every 2 weeks one of them somewhere locks up and needs to be power cycled to recover. It's only the ones being used as routers, I have dozens and dozens of these as switches that do not b...
by jmay
Sat Jul 08, 2017 1:55 am
Forum: General
Topic: My IPv6 Triage List for ROS
Replies: 48
Views: 5349

Re: My IPv6 Triage List for ROS

Why would ISP's be changing prefix so often? With the sheer number I plan on setting my reservations ridiculously high, like 6 months to a year. Could make tracking old information a bit easier.
by jmay
Fri Jul 07, 2017 7:55 pm
Forum: General
Topic: ZeroByte could you help us? Willing to pay
Replies: 6
Views: 793

Re: ZeroByte could you help us? Willing to pay

I'd like someone to call my non techy boss and explain to him how hard my job actually is and that I should get a raise! :D How much would that cost me?
by jmay
Fri Jul 07, 2017 5:51 pm
Forum: General
Topic: MT as IPv6 DHCP Server to non MT routers?
Replies: 11
Views: 911

Re: MT as IPv6 DHCP Server to non MT routers?

That makes perfect sense about the dhcp lease. I'll likely just use routable IP's for this, I mean a /32 should be enough for me. :)Thanks again for your help.
by jmay
Fri Jul 07, 2017 5:43 pm
Forum: General
Topic: My IPv6 Triage List for ROS
Replies: 48
Views: 5349

Re: My IPv6 Triage List for ROS

Good thread! I'd like to see a DHCPv6 Setup feature like the one available for IPv4. Here's why. As someone that just started learning IPv6 it's been a long and difficult journey. It was very frustrating at times considering I was starting from scratch with this new IP protocol. This forum got me th...
by jmay
Fri Jul 07, 2017 12:37 am
Forum: General
Topic: MT as IPv6 DHCP Server to non MT routers?
Replies: 11
Views: 911

Re: MT as IPv6 DHCP Server to non MT routers?

Ok, well that makes sense based on what I'm seeing. I'm curious though, how does an MT as a client receive the PD when using link local? What's the difference? With my network a customer facing IP is very doable so I could use that as a solution if I had to. Seems like a waste of IP's, but I suppose...
by jmay
Thu Jul 06, 2017 10:39 pm
Forum: General
Topic: MT as IPv6 DHCP Server to non MT routers?
Replies: 11
Views: 911

Re: MT as IPv6 DHCP Server to non MT routers?

Even stranger. Once the 2 routers have linked up, I can delete the one IPv6 from the MT router and the Netgear continues to work just fine using what should be an invalid WAN IP at that point. Once I reboot the Netgear router though, it loses internet again.

I need a stiff drink! :D
by jmay
Thu Jul 06, 2017 10:09 pm
Forum: General
Topic: MT as IPv6 DHCP Server to non MT routers?
Replies: 11
Views: 911

Re: MT as IPv6 DHCP Server to non MT routers?

Since I posted last, this configuration fixes both the netgear and the linksys routers. With nothing but a linklocal on my dhcp MT router they do not work. Per your suggestion I changed the customer facing router IP to fd00:a::/64 and it still works. So it doesn't appear to matter what IP is there a...
by jmay
Thu Jul 06, 2017 8:00 pm
Forum: General
Topic: MT as IPv6 DHCP Server to non MT routers?
Replies: 11
Views: 911

Re: MT as IPv6 DHCP Server to non MT routers?

I got it working! Well, at least on the netgear, but not on the linksys yet. I think testing with MT first led me down the wrong path. I found out that for the Netgear to work I needed to add another IPV6 address from another subnet on my MT DHCP server router, on it's customer facing port. This all...
by jmay
Mon Jul 03, 2017 6:23 pm
Forum: General
Topic: MT as IPv6 DHCP Server to non MT routers?
Replies: 11
Views: 911

Re: MT as IPv6 DHCP Server to non MT routers?

Has anyone gotten this to work? I just need to know if I'm doing something wrong or if I should give up this quest and delay it for the future.
by jmay
Mon Jul 03, 2017 6:19 pm
Forum: General
Topic: IPv6 and DHCP and DNS
Replies: 65
Views: 11040

Re: IPv6 and DHCP and DNS

We've been a wisp for more than a decade at this point so we have a mix of CPEs. We started out as one of the original Canopy users before migrating to various other platforms. We still have thousands of users using the old Canopy and the only way IPv6 is ever going to work with them is by bridging ...
by jmay
Fri Jun 30, 2017 7:02 pm
Forum: General
Topic: MT as IPv6 DHCP Server to non MT routers?
Replies: 11
Views: 911

MT as IPv6 DHCP Server to non MT routers?

Should this work? I have our MT router setup as an IPv6 DHCP server and handing out prefixes that I own and route through BGP. If I use an MT router as a client everything works fine, but when using generic routers (I've tried a Linksys and a Netgear at this point) I cannot get this to work. In both...
by jmay
Thu Jun 29, 2017 10:09 pm
Forum: General
Topic: /32 dhcp experience
Replies: 5
Views: 1034

Re: /32 dhcp experience

How does that work exactly? What do you use for a gateway?
by jmay
Thu Jun 29, 2017 7:58 pm
Forum: General
Topic: IPv6 and DHCP and DNS
Replies: 65
Views: 11040

Re: IPv6 and DHCP and DNS

Anyone play around with non MT routers? I'm testing with home based routers since our customers have them and for the life of me I cannot get IPv6 working on this netgear I purchased. I'm going to pick up another brand to see if it's something I'm doing wrong, but I'm wondering what kind of luck you...
by jmay
Tue Jun 27, 2017 1:47 am
Forum: The Dude
Topic: Is Dude 6 ready for prime time?
Replies: 6
Views: 721

Is Dude 6 ready for prime time?

I'm still using 3.6 on windows machine and it's serving our needs just fine, but I'm wondering if I should be making the transition. Is V6 ready to replace it at this point?
by jmay
Fri Jun 23, 2017 12:01 am
Forum: General
Topic: IPv6 and DHCP and DNS
Replies: 65
Views: 11040

Re: IPv6 and DHCP and DNS

Are any of you running an ISP? I'm wondering how you are handling all this. I have a mix of canopy and ubiquiti for customer CPE's that are not going to be easy to implement IPv6 like MT CPE's. Ubnt only supports IPv6 via DHCPServer as far as I can tell and for the old canopys I would have to run th...
by jmay
Wed Jun 21, 2017 8:44 pm
Forum: General
Topic: IPv6 and DHCP and DNS
Replies: 65
Views: 11040

Re: IPv6 and DHCP and DNS

So as an user, you may be too early. As an ISP, you're already late. :) Believe me I know I'm late. In my defense I don't own the ISP, but I am asked to single handedly be the network admin, the manager, the customer complaint department, the tower crew leader, employee relations, and pyschiatrist....
by jmay
Wed Jun 21, 2017 8:38 pm
Forum: General
Topic: IPv6 and DHCP and DNS
Replies: 65
Views: 11040

Re: IPv6 and DHCP and DNS

Thank you for everones responses! I do believe I am walking slowly on the right freeway now. A few days ago an IPv6 address looked like date stamp from the future, but thanks to this forum and lots of youtube videos I've got internet on a few devices. :D Thats a good point about charging for IPv4 sp...
by jmay
Wed Jun 21, 2017 6:58 pm
Forum: General
Topic: IPv6 and DHCP and DNS
Replies: 65
Views: 11040

Re: IPv6 and DHCP and DNS

We have a large networking consisting of 18 routers. I setup OSPFv3 to get the networks working with IPv6 using the link-local addresses and it works fine. With IPv4 we used private addresses for OSPF because we didn't have enough addresses to use public IP's. It never created any issues for us othe...
by jmay
Wed Jun 21, 2017 4:57 pm
Forum: General
Topic: IPv6 and DHCP and DNS
Replies: 65
Views: 11040

Re: IPv6 and DHCP and DNS

Ok I seem to have everything working here. IPv6 is really confusing at first, but starting to make sense to me the more I play with it. I have my main router setup to hand out prefixes via dhcp6. Main router is using link local addresses only, but handing out prefixes from a 32 that Arin gave us. My...
by jmay
Tue Jun 20, 2017 8:39 pm
Forum: General
Topic: What is a windows Temporary IPV6 address?
Replies: 1
Views: 892

Re: What is a windows Temporary IPV6 address?

Ok I just figured out that other computers on the network are grabbing IPV6 address so some of what I'm seeing is that. I guess I figured without a DHCPv6 server they would need to manually be setup, but obviously I still have a lot to learn. I guess this is SLAAC that I'm seeing?
by jmay
Tue Jun 20, 2017 8:11 pm
Forum: General
Topic: What is a windows Temporary IPV6 address?
Replies: 1
Views: 892

What is a windows Temporary IPV6 address?

I successfully got my first computer working online with an IPV6 address, yay for me. But now I'm a bit confused. When I go into my MT router and use torch I am seeing traffic from IP's on my /64 subnet, but none of them are the ones my computer has assigned to it. When I goto a command prompt on th...
by jmay
Mon Jun 19, 2017 8:00 pm
Forum: General
Topic: IPv6 and DHCP and DNS
Replies: 65
Views: 11040

Re: IPv6 and DHCP and DNS

Now I'm discovering that MT can't even hand out dhcp addresses yet. Is this going to happen any time soon as well? Seems like my journey into learning ipv6 is going to be very short lived unless I start playing around with other routers.
by jmay
Sat Jun 17, 2017 12:32 am
Forum: General
Topic: IPv6 and DHCP and DNS
Replies: 65
Views: 11040

IPv6 and DHCP and DNS

I found a post from 2 months ago stating MT does not fully support ipv6 and cannot hand out dns information over dhcp. Is this going to happen any time soon? I am beginning my journey with IP6 and it seems I may be at a stopping point without that. We can't call all of our customers and ask them to ...
by jmay
Tue Jun 13, 2017 7:06 pm
Forum: General
Topic: Copying configuration from router to router shuffles up ports
Replies: 4
Views: 418

Re: Copying configuration from router to router shuffles up ports

Yes, I have never changed the names of ports, I use comments instead. Are others not experiencing this? I've dealt with it for years and just put up with it. If the 2 routers are the same model it's ok, but if I go from one model to another, especially if the 2 models have a different number of port...
by jmay
Tue Jun 13, 2017 6:46 pm
Forum: General
Topic: Copying configuration from router to router shuffles up ports
Replies: 4
Views: 418

Copying configuration from router to router shuffles up ports

This is an old issue, but I wonder if we can ever fix it. Any time I upgrade a router the configuration file really jumbles up all the ethernet ports. I have to manually identify each port and then change dhcp settings, ip addresses on wrong ports, firewall rules setup on wrong ports, etc. It's real...
by jmay
Wed Jun 07, 2017 1:30 am
Forum: General
Topic: LCD Display causing packet loss... what???
Replies: 14
Views: 1785

Re: LCD Display causing packet loss... what???

In my case I could push up to 300 megs on that link during testing and never had a bandwidth problem, just a packet drop problem. If turning the LCD off is the trick that's good enough for me, but man I should have posted this a week ago lol!
by jmay
Wed Jun 07, 2017 12:11 am
Forum: General
Topic: LCD Display causing packet loss... what???
Replies: 14
Views: 1785

Re: LCD Display causing packet loss... what???

The busiest of the 4 routers runs at 30 percent, the least busy router runs 20%. These routers are dealing with less than 200 megs of traffic.
by jmay
Tue Jun 06, 2017 11:28 pm
Forum: General
Topic: LCD Display causing packet loss... what???
Replies: 14
Views: 1785

LCD Display causing packet loss... what???

Anyone seen this before? I spent a week trying to track down the source of packet loss. I have a chain of 4 towers all linked together with Airfiber 5x's and an RB 3011 at each site connected via OSPF. I was seeing 1% packet loss on each link, so 4% by the time we got to the end of the chain. I spen...
by jmay
Wed May 31, 2017 11:58 pm
Forum: Announcements
Topic: v6.39.1 [current]
Replies: 158
Views: 36505

Re: v6.39.1 [current]

Anyone seeing problems with ping timeouts? Every MT I have is losing about 5% of pings. I can even ping a MT from a computer with a direct cable plugged into it and lose packets.
by jmay
Thu Apr 13, 2017 6:24 pm
Forum: General
Topic: Daisy chaining multiple routers through poe ports.
Replies: 1
Views: 365

Daisy chaining multiple routers through poe ports.

Can I power more than one router through the POE out ports? I have an RB2011iL-RM and I want to power up a Hap AC Lite off the POE out port. Could I then power another Hap AC Lite from the POE out on the first Hap AC Lite?
by jmay
Thu Apr 13, 2017 6:21 pm
Forum: Forwarding Protocols
Topic: How to remove network from BGP via command line?
Replies: 4
Views: 845

Re: How to remove network from BGP via command line?

No, I didn't know that. I didn't write the scripts above I found them on this forum. I'm still learning scripting and command line. Whats the syntax if I want to remove the /32 addresses? These would be different each time.
by jmay
Tue Apr 11, 2017 7:34 pm
Forum: Forwarding Protocols
Topic: How to remove network from BGP via command line?
Replies: 4
Views: 845

How to remove network from BGP via command line?

I have a blackhole script that I found on here that adds /32 networks to a bgp black hole when a DDOS attack occurs. This script works great, but I end up with a few /32 addresses in the bgp network list that I have to manually remove once in a while. I don't see a way to remove a specific IP or net...
by jmay
Thu Jan 26, 2017 7:22 pm
Forum: Forwarding Protocols
Topic: Adding ipv6 to existing BGP peer
Replies: 5
Views: 1270

Adding ipv6 to existing BGP peer

We are about to start advertising our ipv6 space with our upsteam provider next week. We already have an existing ipv4 bgp session operational. If my reading is correct all we will be doing is setting up a new peer with ipv6 enabled, using the assigned ipv6 remote address, and adding the ipv6 addres...
by jmay
Tue Nov 15, 2016 11:53 pm
Forum: Wireless Networking
Topic: Wireless device trying to connect to home router
Replies: 3
Views: 6534

Re: Wireless device trying to connect to home router

The courisosity is killing me. I setup a dummy router in an attempt to let it connect to it. If I turn off authentication completely it never tries to register. So, is it possible to see the password that it's trying to send to my router or no? I'd like to let it connect and see what happens. :) Als...
by jmay
Tue Nov 15, 2016 8:36 pm
Forum: Wireless Networking
Topic: Wireless device trying to connect to home router
Replies: 3
Views: 6534

Re: Wireless device trying to connect to home router

I'm blocking the mac address to stop it from trying, but does anyone know if I can setup a script to alert me when someone is constantly connecting and reconnecting or perhaps even auto block them after so many tries? I know I can allow my devices and block the rest, but I don't want to do that or i...
by jmay
Tue Nov 15, 2016 8:12 pm
Forum: Wireless Networking
Topic: Wireless device trying to connect to home router
Replies: 3
Views: 6534

Wireless device trying to connect to home router

I have a device trying to connect to my home router every couple of minutes. I can even change my SSID and the device still makes constant attempts. Do you think this is a confused device or something trying to hack in? The mac address comes up as Suga Electronics which specializes in emergency serv...
by jmay
Fri Nov 11, 2016 5:37 pm
Forum: Beginner Basics
Topic: The correct order of the rules in the firewall.
Replies: 2
Views: 747

Re: The correct order of the rules in the firewall.

Not sure I understand the question, but the order is top down. Top rules run first. You want your accept rules at the top to accept whatever traffic you want and the drop rules below.
by jmay
Wed Nov 09, 2016 7:32 pm
Forum: Wireless Networking
Topic: hAP AC Lite Power setting
Replies: 1
Views: 851

Re: hAP AC Lite Power setting

If using winbox login to the router, goto wireless, open the wlan1, press advanced mode button, choose the tab labled tx power. You can change the mode to all rates fixed or manual and then lower the dbm output. You'll need to experiment in the dorm rooms to see what works best. Also, set the wirele...
by jmay
Wed Nov 09, 2016 7:26 pm
Forum: Wireless Networking
Topic: 3 routers and 2 wifi-s
Replies: 1
Views: 327

Re: 3 routers and 2 wifi-s

Depends on your goal. If you are going from router to wan on linksys 1 and then lan on linksys 1 to wan of linksys 2 you'll need to make sure all three routers are on different subnets. As far as the mikrotik is concerned it will be setup out of the box as a basic router so you wont need to change a...
by jmay
Tue Oct 25, 2016 5:23 pm
Forum: General
Topic: Hacked DVR's
Replies: 12
Views: 2576

Re: Hacked DVR's

I should add that you should have some accept rules at the top. Accept traffic to ports from IP's that you control. For example, if you only use winbox to talk to your router and you always do it from the same IP address then accept that port from that IP. Then you can post rules like mine with a dr...
by jmay
Mon Oct 24, 2016 6:18 pm
Forum: General
Topic: Hacked DVR's
Replies: 12
Views: 2576

Re: Hacked DVR's

The best way to secure your router is to create accept rules for things you want and drop everything else, but I like to have a bit of visibility to see what people are trying to do before dropping them. So the idea is to identify IP's that are making malicious attempts and then drop everything they...
by jmay
Sat Oct 22, 2016 6:00 pm
Forum: General
Topic: Hacked DVR's
Replies: 12
Views: 2576

Re: Hacked DVR's

Its a pretty simple rule that says if connections are made on the input chain of the router to common ports like ssh, telnet, http, etc then put the incoming ip into an address list for a period of time and drop all traffic from those ips. I just read on cbs that the big ddos attack on the us yester...
by jmay
Fri Oct 21, 2016 8:33 pm
Forum: General
Topic: Hacked DVR's
Replies: 12
Views: 2576

Hacked DVR's

Maybe this is old news but I found it fascinating. One of my firewall rules grabs hack attempts on my routers and throws them into an address list for a week. At that point all traffic from that IP is dropped. Over the years the number of IP's in this list has grown and grown to the point that I cur...
by jmay
Wed Aug 10, 2016 12:48 am
Forum: General
Topic: Scientific Explanation needed for DHCP renew needed!
Replies: 6
Views: 846

Re: Scientific Explanation needed for DHCP renew needed!

I'm trying to be very delicate on how I handle this because I do not want anyone accused that potentially could be innocent. We have never needed to keep a dhcp log in the past. I now see we over looked a major flaw in our strategy that might come back to haunt us. So if the lease expires in the MT,...
by jmay
Tue Aug 09, 2016 10:31 pm
Forum: General
Topic: Scientific Explanation needed for DHCP renew needed!
Replies: 6
Views: 846

Scientific Explanation needed for DHCP renew needed!

I need someone to answer this question for me, preferably someone from MT. We have a subpoena from the authorities investigating a customer and they want to know information on who an IP address belongs to. We are a small wisp and have no history tracking in place. The date in question is 10 days ag...
by jmay
Sat Jul 09, 2016 1:48 am
Forum: Forwarding Protocols
Topic: Bgp blocklist to prevent dos on 1 ip?
Replies: 21
Views: 2620

Re: Bgp blocklist to prevent dos on 1 ip?

Be very very very careful if you're going to have an automated black hole function. The automated black hole itself could be used as a DDoS vector without the need for any botnet - The firewall rules you posted don't require any amount of bandwidth consumption to be considered an attack - just numb...
by jmay
Fri Jul 08, 2016 5:26 pm
Forum: Forwarding Protocols
Topic: Bgp blocklist to prevent dos on 1 ip?
Replies: 21
Views: 2620

Re: Bgp blocklist to prevent dos on 1 ip?

{         :local addrlist [:toarray ""]         :foreach i in=[/ip firewall address-list find where list=bgp-blackhole] do={                 :local addr [/ip firewall address-list get $i address ]                 :local addrstr                                          :if ([:typeof $addr] = "ip") d...
by jmay
Fri Jul 08, 2016 5:23 pm
Forum: Forwarding Protocols
Topic: Bgp blocklist to prevent dos on 1 ip?
Replies: 21
Views: 2620

Re: Bgp blocklist to prevent dos on 1 ip?

I use this for detecting attacks and dropping them. I found this on this forum somewhere a long time ago.  Someone else deserves the credit I just don't recall where I found it.  It works really well, during an attack it does start dropping the packets and expires after 10 minutes if the attack is ...
by jmay
Thu Jul 07, 2016 1:51 am
Forum: General
Topic: Choose router?
Replies: 29
Views: 3323

Re: Choose router?

If money is no object (must be nice), go big.  We have a ccr1009-8g-1s-1s+ that serves about 2000 customers, runs nearly 800 megs during peak time and the CPU does not work hard at all!  In fact, the other day we were the victim in a massive DOS attack and the router was running about 30% on the cpu...
by jmay
Thu Jul 07, 2016 12:10 am
Forum: Forwarding Protocols
Topic: Bgp blocklist to prevent dos on 1 ip?
Replies: 21
Views: 2620

Re: Bgp blocklist to prevent dos on 1 ip?

I've been reading through the forums and various options to automate this and see mentions of scrips, but cannot find the script.  I already have firewall rules in place that will detect and stop the attack, but how can I write a script that will take that address list and add it to the bgp route fi...
by jmay
Wed Jul 06, 2016 10:51 pm
Forum: Forwarding Protocols
Topic: Bgp blocklist to prevent dos on 1 ip?
Replies: 21
Views: 2620

Re: Bgp blocklist to prevent dos on 1 ip?

Thank you for everyone's help!  My provider had something wrong on their end, now it works great!  
by jmay
Wed Jul 06, 2016 10:23 pm
Forum: Forwarding Protocols
Topic: Bgp blocklist to prevent dos on 1 ip?
Replies: 21
Views: 2620

Re: Bgp blocklist to prevent dos on 1 ip?

I failed to mention it, but yes I also have that IP advertised in my BGP session as a /32.  In my advertisements list it shows up and has the community value in it.  So it should be working right?  But I can still ping it from outside of my network.  I've emailed my provider to check their config, b...
by jmay
Wed Jul 06, 2016 7:38 pm
Forum: Forwarding Protocols
Topic: Bgp blocklist to prevent dos on 1 ip?
Replies: 21
Views: 2620

Re: Bgp blocklist to prevent dos on 1 ip?

One more question, prior to this working my provider had to set us up as a multihop on their end.  Do I need to do the same on my end?  
by jmay
Wed Jul 06, 2016 7:27 pm
Forum: Forwarding Protocols
Topic: Bgp blocklist to prevent dos on 1 ip?
Replies: 21
Views: 2620

Re: Bgp blocklist to prevent dos on 1 ip?

Ok, I got past that first hurdle.  I found that when I added the BGP-Out filter to the Peer the routes would stop advertising until I disabled the peer and re-enabled it, then it worked fine. I then added a single filter with a single IP address and I am showing that I am advertising it with the new...
by jmay
Wed Jul 06, 2016 6:07 pm
Forum: Forwarding Protocols
Topic: Bgp blocklist to prevent dos on 1 ip?
Replies: 21
Views: 2620

Re: Bgp blocklist to prevent dos on 1 ip?

Ok my provider set me up so I can send communities along with a /32 IP address in order to black hole a single IP.  I've been reading the wiki for the last couple of days and I'm missing something as I cannot get this to work.  If I edit my BGP peer and add an Out-Filter that I called BGP-Out I stop...
by jmay
Thu Jun 30, 2016 5:34 pm
Forum: Forwarding Protocols
Topic: Bgp blocklist to prevent dos on 1 ip?
Replies: 21
Views: 2620

Re: Bgp blocklist to prevent dos on 1 ip?

Ok thank you.  I'll work with my upstream provider on this.  I wanted to know first if it was possible so thank you again!
by jmay
Thu Jun 30, 2016 3:11 am
Forum: Forwarding Protocols
Topic: Bgp blocklist to prevent dos on 1 ip?
Replies: 21
Views: 2620

Bgp blocklist to prevent dos on 1 ip?

Is it possible with bgp to not advertise a single ip address in a /24 when my peer will not accept less than a /24? We had a udp flood attack on a single customer and lost the network. My router successfully started blocking the packets, but it did us no good as our entire 1gig fiber had maxed out a...
by jmay
Wed Jun 08, 2016 11:37 pm
Forum: General
Topic: Private IP's to customers, but NAT each to their own Public IP?
Replies: 12
Views: 1539

Re: Private IP's to customers, but NAT each to their own Public IP?

No, the infrastructure is all private IP's. Currently each of my 17 routers act as independent DHCP servers and hand out public IP's to clients. Each client is a wireless subscriber that receives 1 public IP, and then NAT on the customer side like a traditional router. My big problem is some network...
by jmay
Wed Jun 08, 2016 7:46 pm
Forum: General
Topic: Private IP's to customers, but NAT each to their own Public IP?
Replies: 12
Views: 1539

Re: Private IP's to customers, but NAT each to their own Public IP?

Oh I agree, but you know how things go with various companies. I actually have a very strong understanding of ipv4, I'm the one that set the entire network up. When I came to work here I took a flat bridged network that had hundreds of customers natted and sharing 1 public IP address. I installed ro...
by jmay
Wed Jun 08, 2016 5:45 pm
Forum: General
Topic: Private IP's to customers, but NAT each to their own Public IP?
Replies: 12
Views: 1539

Re: Private IP's to customers, but NAT each to their own Public IP?

Thanks for the reply. I may go this route as a temp solution. I know I need to migrate to ipv6 but I'm a lone ranger over here and the company assigns me a lot of other duties outside of IT. I did some reading the last couple of days on IPv6 but it seems a bit over whelming considering I need to lea...
by jmay
Wed Jun 08, 2016 1:01 am
Forum: General
Topic: A place for poetry
Replies: 32
Views: 137538

Re: A place for poetry

If you are an ISP, you know the headache it can be Clients love you for delivering the web, but when it breaks they loathe you instead Half of the time the fault is theirs, But don't tell them that, they don't care But do not worry, feel comfort with this, When computers take over.. support will be ...
by jmay
Tue Jun 07, 2016 11:58 pm
Forum: General
Topic: Private IP's to customers, but NAT each to their own Public IP?
Replies: 12
Views: 1539

Private IP's to customers, but NAT each to their own Public IP?

I'm just thinking out loud here: I'm running out of IP's for our ISP and Arin will not give me more. I have some IPv6 assigned to me but I'd like to buy some time before diving into that fiasco. My network is subnetted pretty heavily with 17 different routers via OSPF that all go out to the internet...
by jmay
Thu May 19, 2016 5:31 pm
Forum: Wireless Networking
Topic: Will Mikrotik shoot 110 km? 66 Miles?
Replies: 12
Views: 2201

Re: Will Mikrotik shoot 110 km? 66 Miles?

Thanks for all the replies. This is an absolute LOS link from one mountain top to another. There is no way to split this shot into 2 shots. This will be a backup link to the main so it's not as critical, but I wasn't sure if MT could shoot that far. Our record is a 79 mile (127km) shot so we know ho...
by jmay
Thu May 19, 2016 5:25 pm
Forum: Wireless Networking
Topic: How do you weather proof your feed horn cables?
Replies: 5
Views: 1139

How do you weather proof your feed horn cables?

When I started into this business 10 years ago our boss taught all the climbers to wrap the connectors with electrical tape (courtesy tape), then weather proof it with that tar wrap (sorry don't know the official name), and then another layer of electrical tape. I've always thought this was a terrib...
by jmay
Wed May 18, 2016 12:55 am
Forum: Wireless Networking
Topic: Will Mikrotik shoot 110 km? 66 Miles?
Replies: 12
Views: 2201

Will Mikrotik shoot 110 km? 66 Miles?

I have the dish size calculated and know I could pull this off with some other hardware, but I'd like to get this working with a pair of Netbox 5's. Should I expect them to link up and get 50 megs?
by jmay
Fri Jan 29, 2016 11:20 pm
Forum: Beginner Basics
Topic: Is there a bug in 6.30.2 that affects logging?
Replies: 1
Views: 307

Re: Is there a bug in 6.30.2 that affects logging?

Nevermind I figured it out. I needed to add warning and NOT dhcp and they got rid of the dhcp messages.
by jmay
Fri Jan 29, 2016 12:33 am
Forum: Beginner Basics
Topic: Is there a bug in 6.30.2 that affects logging?
Replies: 1
Views: 307

Is there a bug in 6.30.2 that affects logging?

I've had my routers setup for years to send their logs to a remote server so I had a history of events. For the first time in a long time I needed to look up something that happened yesterday and noticed the logs are not working as they used to. I have it setup to send me logs that are info, but not...
by jmay
Mon Dec 21, 2015 7:55 pm
Forum: The Dude
Topic: Dude Client Suddenly won't launch
Replies: 1
Views: 1162

Re: Dude Client Suddenly won't launch

In case anyone else comes upon this, uninstall and reinstall does not work. Uninstall, search for all files named Dude on main drive, delete them all, restart computer, then reinstall dude. Works fine.
by jmay
Fri Dec 18, 2015 8:59 pm
Forum: Beginner Basics
Topic: HELP: How to get the command line that stored to the router
Replies: 3
Views: 549

Re: HELP: How to get the command line that stored to the router

One note tho. When you backup one router and restore another it will change your port mac addresses on the new router to match the original router. If these 2 routers are going to exist on the same network you'll likely want to reset the mac addresses on the new router. You can do this by clicking e...
by jmay
Thu Dec 17, 2015 5:33 pm
Forum: The Dude
Topic: Dude Client Suddenly won't launch
Replies: 1
Views: 1162

Dude Client Suddenly won't launch

This morning I opened the Dude and I get a message asking me to select language. If I click OK the same msg just keeps popping back up. Tried uninstalling and reinstalling but same problem. The windows server launches fine from the server and other clients are ok, just not this one. I'm using versio...
by jmay
Tue Dec 15, 2015 12:52 am
Forum: Beginner Basics
Topic: Help me open port 80
Replies: 5
Views: 1473

Re: Help me open port 80

Here is what you want if I am understanding you properly.
by jmay
Tue Dec 15, 2015 12:03 am
Forum: Beginner Basics
Topic: Internet timing Out
Replies: 3
Views: 427

Re: Internet timing Out

Sounds like you are creating a loop somewhere. Can you give us details on how you are setting this up?
by jmay
Mon Dec 14, 2015 11:57 pm
Forum: General
Topic: 80 Gbps throughput reached in the CCR1072-1G-8S+ !!!
Replies: 9
Views: 2587

Re: 80 Gbps throughput reached in the CCR1072-1G-8S+ !!!

God I hope I'm retired before we need 80 gigs around here!
by jmay
Mon Dec 14, 2015 7:45 pm
Forum: The Dude
Topic: The Dude is back! v6.34rc test build released
Replies: 269
Views: 73881

Re: The Dude is back! v6.34rc test build released

I wonder if this thread will prompt hollywood to produce a Big Lebowski Sequel! :D
by jmay
Fri Dec 11, 2015 10:43 pm
Forum: General
Topic: Flow Control, should I use it?
Replies: 35
Views: 11306

Re: Flow Control, should I use it?

The airfiber does have an option to turn it off, but its on by default. Ubiquiti says its best to leave it on, but I find many posts like yours suggesting a network is better off without it. I guess I'll leave it on for airfibers, and off for everything else.
by jmay
Fri Dec 11, 2015 3:42 pm
Forum: General
Topic: RouterOS v6.x with Ubiquiti AirFiber 24 v2.0 - RX Error FCS
Replies: 76
Views: 28845

Re: RouterOS v6.x with Ubiquiti AirFiber 24 v2.0 - RX Error FCS

Port 1. I have no bridges on this router.
by jmay
Fri Dec 11, 2015 1:55 am
Forum: General
Topic: Flow Control, should I use it?
Replies: 35
Views: 11306

Re: Flow Control, should I use it?

Interesting. Turning on flow control did make the error go away tho and I can reproduce it by turning it back off. This is a link that runs close to 600 megs at times, and minimally runs 300 megs.
by jmay
Thu Dec 10, 2015 11:54 pm
Forum: Wireless Networking
Topic: Setting up AC Link
Replies: 14
Views: 3400

Re: Setting up AC Link

We gave up on trying MT AC. NV2 works better.
by jmay
Thu Dec 10, 2015 11:51 pm
Forum: General
Topic: Flow Control, should I use it?
Replies: 35
Views: 11306

Re: Flow Control, should I use it?

Anyone...

Anyone...

Bueller...
by jmay
Thu Dec 10, 2015 6:26 pm
Forum: The Dude
Topic: The Dude is back! v6.34rc test build released
Replies: 269
Views: 73881

Re: The Dude is back! v6.34rc test build released

Holy crap Hell Froze over!! :D Started browsing the forums because of a recent oddity with Dude 3.6 and discovered The Dude is being reincarnated. Cool. I have no issue buying a router just for the Dude. What model would you suggest? Also, with the current release is there a way to send text alerts?...
by jmay
Thu Dec 10, 2015 5:30 pm
Forum: General
Topic: RouterOS v6.x with Ubiquiti AirFiber 24 v2.0 - RX Error FCS
Replies: 76
Views: 28845

Re: RouterOS v6.x with Ubiquiti AirFiber 24 v2.0 - RX Error FCS

I had the same problem yestarday after upgrading my router from a 1100AH to a CCR1009-8G-1S-1S+. The 1100 never had this issue, but the CCR did immediately. Both routers were running 6.30.2. Changing flow control to auto on the MT fixed the issue for me.
by jmay
Thu Dec 10, 2015 5:18 pm
Forum: The Dude
Topic: Can the dude graph more than 500 mbps?
Replies: 3
Views: 1542

Can the dude graph more than 500 mbps?

bandwidth.png I'm seeing this every night. At first I thought it was the router because CPU was 80-90% during these times. We upgraded the router to a CCR1009-8G-1S-1S+ yestarday and still see the same issue. So now I'm wondering, is this a dude problem or a Router OS problem. Anyone successfully g...
by jmay
Thu Dec 10, 2015 5:12 pm
Forum: General
Topic: Wireless Point To Point Recomandation
Replies: 4
Views: 555

Re: Wireless Point To Point Recomandation

I would not be looking at MT for 400 megs. You should look at Ubiquiti Airfiber.

https://www.ubnt.com/airfiber/airfiber24/
by jmay
Thu Dec 10, 2015 1:47 am
Forum: General
Topic: Flow Control, should I use it?
Replies: 35
Views: 11306

Flow Control, should I use it?

One of my routers was giving an error "fcs error on link". I have an Airfiber plugged into that port and I found something that suggested turning on flow control would fix the problem since flow control was enabled on the Airfiber. This indeed made the error go away, but then I started wondering if ...
by jmay
Mon Dec 07, 2015 7:41 pm
Forum: General
Topic: Wireless Point To Point Recomandation
Replies: 4
Views: 555

Re: Wireless Point To Point Recomandation

You need to clear the trees if you want 400 megs. Build a small tower and then anything will work.
by jmay
Mon Nov 16, 2015 10:26 pm
Forum: General
Topic: Routerboard Max CPU usage
Replies: 7
Views: 1579

Re: Routerboard Max CPU usage

Good to hear! Thanks. Does anybody know exactly how mikrotik divies up the multi-cores for processing? With my dual core routers I poll both cores and I've noticed at times one might be 100% while the other is near 0%, then at other times they are even. It could be that the dude is not polling at id...
by jmay
Mon Nov 16, 2015 5:48 pm
Forum: General
Topic: Routerboard Max CPU usage
Replies: 7
Views: 1579

Re: Routerboard Max CPU usage

Thanks for responding! We ordered the ccr1009. I'd love to have gone bigger but I don't set my own budgets unfortunately. :( We are in the business of selling internet so every dollar I spend is a dollar that does not make it to my bosses pocket, lol.
by jmay
Sat Nov 14, 2015 12:20 am
Forum: General
Topic: Routerboard Max CPU usage
Replies: 7
Views: 1579

Re: Routerboard Max CPU usage

Ok, my boss gave me permission to upgrade the router. We'd like to get one with an SPF cage and dump the fiber converter that's there now. I'm looking at the CCR1009-8G-1S-1S+, do you think that would be a significant upgrade from the RB1100AHx2?
by jmay
Fri Nov 13, 2015 7:21 pm
Forum: General
Topic: Routerboard Max CPU usage
Replies: 7
Views: 1579

Routerboard Max CPU usage

Maybe a dumb question, but at what point should I consider upgrading my main router? I have an RB1100AHx2 that peaks around 75% CPU during high usage which is about 550megs. Will these function fine up to 100% or should I start looking to upgrade it? I'm not really having any issues with it, except ...
by jmay
Fri Oct 23, 2015 6:16 pm
Forum: General
Topic: 1 IP address, priority bandwidth over ALL others
Replies: 2
Views: 664

Re: 1 IP address, priority bandwidth over ALL others

Is there really no way to do this?
by jmay
Thu Oct 15, 2015 10:49 pm
Forum: General
Topic: 1 IP address, priority bandwidth over ALL others
Replies: 2
Views: 664

1 IP address, priority bandwidth over ALL others

This seems like a simple enough thing to do but I am not finding a clear answer anywhere on the web or in this forum. Being that I am 100% wireless a cross multiple towers I don't always know how much bandwidth will be available to a site as it can fluctuate for a thousand different reasons. How do ...
by jmay
Fri Aug 28, 2015 2:02 am
Forum: Forwarding Protocols
Topic: BGP Hold Time
Replies: 10
Views: 4466

Re: BGP Hold Time

Yah let me clarify. I have 2 fiber connections to my provider. I use BGP at each location but mainly so I can redirect specific towers and IP's on the fly. The one I am having a problem with is a 500 meg connection. The 2nd connection is only 200 megs and is very located several tower hops away and ...
by jmay
Thu Aug 27, 2015 11:11 pm
Forum: Forwarding Protocols
Topic: BGP Hold Time
Replies: 10
Views: 4466

Re: BGP Hold Time

Makes sense. We are dual homed but the other fiber is several cities away so we don't really have the backhauls to send everything that direction. Since this is a short term problem do you have any ideas how I can avoid this? Do I need to learn how to prioritize packets at this point?
by jmay
Thu Aug 27, 2015 10:39 pm
Forum: Forwarding Protocols
Topic: BGP Hold Time
Replies: 10
Views: 4466

Re: BGP Hold Time

Ok, any reason why setting this to say a couple hours could be a problem? Does it need to match up with what my provider is doing or no? Once I get my gig port I can put it back but to sooner.
by jmay
Thu Aug 27, 2015 10:19 pm
Forum: Forwarding Protocols
Topic: BGP Hold Time
Replies: 10
Views: 4466

BGP Hold Time

Are there any consequences to increasing the BGP Hold Time? What exactly does this do? I had an issue last night where our fiber connection maxed out and my MT reported "Hold Timer Expired". The router then rebooted itself and after reboot failed to re-establish the BGP session with my provider. It ...
by jmay
Fri Aug 14, 2015 7:24 pm
Forum: General
Topic: Copy current DHCP leases to another router
Replies: 4
Views: 674

Re: Copy current DHCP leases to another router

For next time if you make a backup file and restore that on the new router it will retain dhcp lease information. This method works best when replacing 2 identical models of router. For some reason when you do this from one model to another model it jumbles up all the ethernet ports and mislablels t...
by jmay
Thu Aug 13, 2015 8:36 pm
Forum: General
Topic: Winbox and Neighbors
Replies: 2
Views: 501

Re: Winbox and Neighbors

I'm having the same problem. It's annoying. I have to log into another routerboard and look at it's neighbor list, copy the mac address, then paste the mac into winbox to log into it.

Whats the deal?
by jmay
Thu Aug 13, 2015 4:05 am
Forum: General
Topic: Time to Learn IPv6
Replies: 1
Views: 417

Time to Learn IPv6

I work for an ISP and we have 17 routers interconnected via OSPF. We're slowly running out of IPv4's and was denied by ARIN for any additional. They did give me a rather large block of IPv6 but at this point I don't have a clue how to use them. I have a very strong understanding of mikrotik and IPv4...
by jmay
Thu Aug 13, 2015 3:35 am
Forum: General
Topic: DHCP Relay for multiple routers, getting notification when low on IP's?
Replies: 0
Views: 312

DHCP Relay for multiple routers, getting notification when low on IP's?

I have 17 routers that are currently all their own dhcp server and they are all linked together through OSPF. I'm thinking about dedicating a router as a dhcp server for all of them using relays. I know how to set this up, but.. All of my routers give out public IP's of various subnet sizes. I curre...
by jmay
Fri Jul 31, 2015 5:24 pm
Forum: General
Topic: Updated to 6.30.2 and now SNMP has changed for power levels
Replies: 1
Views: 389

Updated to 6.30.2 and now SNMP has changed for power levels

I started upgrading all my mikrotik backhauls from 6.17 to 6.30.2 and now the dude is not reading any of my power level oids. I noticed that these have changed and each radio has a different oid for this value. So this means I'm gonna need to create a seperate probe for every device. Is there any wa...
by jmay
Wed Jul 01, 2015 12:32 am
Forum: General
Topic: What would you do if you were me? Network Security with a budget of ZERO!
Replies: 2
Views: 536

What would you do if you were me? Network Security with a budget of ZERO!

I manage a wireless ISP using Canopy subscribers, but Mikrotik as all my routers at towers. Network is broken up into 18 parts using OSPF with 2 fiber points using BGP. Currently Canopy SM's register to a tower via an authentication code that only installers know. This is controlled by each access p...
by jmay
Wed Mar 11, 2015 9:41 pm
Forum: General
Topic: Billing software with Radius support
Replies: 3
Views: 1349

Billing software with Radius support

I'm looking for a good solution here, I've been given a budget of 10 grand or less. Since we have a mixed variety of client devices radius would work the best for us and rather than a seperate system I'd really like a billing solution that has it built in. What are you all using?
by jmay
Thu Dec 11, 2014 6:42 pm
Forum: Forwarding Protocols
Topic: I have a few more specific BGP questions
Replies: 1
Views: 670

I have a few more specific BGP questions

Thank you to all that have helped me so far. Theres a couple of questions I am having trouble understanding. So I have 2 internet facing routers in 2 seperate towns. Both with Cogent. These 2 towns are interconnected with a series of backhauls with many mikrotik routers in between. These routers all...
by jmay
Wed Dec 10, 2014 5:33 pm
Forum: Wireless Networking
Topic: How are you guys getting AC to work?
Replies: 2
Views: 960

Re: How are you guys getting AC to work?

No change at all. Is anyone else using these at decent distances? Maybe I am trying to push them to hard. Mikrotik wireless is really getting on my nerves. Today we are swapping out another set of Mikrotiks because one of the 2 polarities has lost 10 db. This must be the 12 time we've swapped out ra...
by jmay
Wed Dec 10, 2014 12:00 am
Forum: Forwarding Protocols
Topic: How to advertise BGP routes when smaller than /24
Replies: 6
Views: 5824

Re: How to advertise BGP routes when smaller than /24

Can someone kindly explain how to configure this?? The documentation is written as if I should already know all this. The following does not help me at all. BGP allows the aggregation of specific routes into one route with. This menu ('/routing bgp aggregate') allows to specify which routes you want...
by jmay
Tue Dec 09, 2014 9:07 pm
Forum: Wireless Networking
Topic: How are you guys getting AC to work?
Replies: 2
Views: 960

How are you guys getting AC to work?

I'm having terrible luck with these things. 25km link with -60 on both polarities using 5ghz netboxes. According to the built in freq scanner very clean on both sides, noisefloor -100. I've tried a combo of everything from 802.11, nv2, nstream. Various channel sizes from 20 to 80 and the best I can ...
by jmay
Fri Dec 05, 2014 3:44 pm
Forum: Forwarding Protocols
Topic: How to send out default route ospf when using full bgp?
Replies: 3
Views: 904

Re: How to send out default route ospf when using full bgp?

I got it working ty. Must have been doing something wrong at work. I work in a VERY noisy environment and its hard to concentrate. Logged in from home and got in it going in 2 mins!
by jmay
Fri Dec 05, 2014 3:20 am
Forum: Forwarding Protocols
Topic: How to advertise BGP routes when smaller than /24
Replies: 6
Views: 5824

Re: How to advertise BGP routes when smaller than /24

I get that. I think im getting it. I can use aggregates to advertise as /24 but internally route them smaller right? Can someone show me the proper config to do that? Mikrotik manuals are headhurting some times.
by jmay
Fri Dec 05, 2014 1:43 am
Forum: Forwarding Protocols
Topic: How to send out default route ospf when using full bgp?
Replies: 3
Views: 904

How to send out default route ospf when using full bgp?

I can't wrap my head around this. If router one is peered with a full bgp router how do i get the rest of my network to know through ospf that a default route is available since with full bgp there is no default route? Do I need to use 2 routers at the fiber location? One for the full bgp routes and...
by jmay
Thu Dec 04, 2014 8:34 pm
Forum: Forwarding Protocols
Topic: How to advertise BGP routes when smaller than /24
Replies: 6
Views: 5824

Re: How to advertise BGP routes when smaller than /24

So if I am reading this properly it cannot be done? I would need to have a /24 in each of my 3 routers?
by jmay
Thu Dec 04, 2014 5:37 am
Forum: Forwarding Protocols
Topic: How to advertise BGP routes when smaller than /24
Replies: 6
Views: 5824

How to advertise BGP routes when smaller than /24

First time BGP setup. I have the basic BGP working fine on 1 of my 2 connections with cogent using full routes. Right now I am advertising a /24 out of one of my /21s and internet is working great. However Cogent will not allow me to advertise smaller than a /24. Is there a way around this? Here's m...
by jmay
Tue Nov 11, 2014 1:04 am
Forum: The Dude
Topic: The Dude Alternatives
Replies: 26
Views: 27387

Re: The Dude Alternatives

I'm in the same boat. Dude service is crashing several times a day and restarting. Rather than jack with it I'm thinking about moving on. So far I've tried cacti, was not remotely impressed. Tried spiceworks, what the hell is that one good for? And right now trying zabbix and it sucks. Reached about...
by jmay
Tue Sep 30, 2014 4:10 am
Forum: Wireless Networking
Topic: Triple Polarity Worth It for BackHaul?
Replies: 8
Views: 1710

Re: Triple Polarity Worth It for BackHaul?

I think were going to try these at dual polarity. Will it harm the boards if I keep that 3rd chain unselected?
by jmay
Thu Sep 25, 2014 7:08 pm
Forum: Wireless Networking
Topic: Triple Polarity Worth It for BackHaul?
Replies: 8
Views: 1710

Re: Triple Polarity Worth It for BackHaul?

Well, I've got about a hundred of em floating around the network. The first set will probably go up on a short hop. 2.5 miles. We're using 3' dishes now with some Motorola PTP backhauls that are capped at 200 megs 1 way. It's a backup link for some airfibers but the airfibers shutdown in heavy rain....
by jmay
Thu Sep 25, 2014 1:05 am
Forum: Wireless Networking
Topic: Triple Polarity Worth It for BackHaul?
Replies: 8
Views: 1710

Triple Polarity Worth It for BackHaul?

I just received my first Netmetal5 pair and realized I accidentally ordered the 3 chain version. Is anyone doing this yet? Does the bandwidth go up with that 3rd chain? Triple Polarity dishes are expensive. I could try 2 dishes with one being a slant polarized but this seems messy. If I decide to us...
by jmay
Tue Sep 09, 2014 6:25 pm
Forum: General
Topic: Authentication Server for ISP?
Replies: 2
Views: 656

Authentication Server for ISP?

What is everybody using to authenticate subscribers to their network? We use a variety of hardware so Radius seems the most appropriate. I've been messing around with freeradius and daloradius for a month now and can't seem to it going. I hate linux btw, I really do! So what other options are out th...
by jmay
Wed Aug 06, 2014 2:46 pm
Forum: Wireless Networking
Topic: Omnitik 24 as access point. Dual or single chain?
Replies: 3
Views: 800

Re: Omnitik 24 as access point. Dual or single chain?

Oops I meant netbox 24. But same question applies.
by jmay
Wed Aug 06, 2014 3:03 am
Forum: Wireless Networking
Topic: Omnitik 24 as access point. Dual or single chain?
Replies: 3
Views: 800

Omnitik 24 as access point. Dual or single chain?

Ive got an rv park im about to upgrade. I bought 3 omnitiks with some high gain antennas. Since the park will be a mix of laptops, phones etc would I be better off using a single chain or a dual setup? We dont need n speeds as the park only jas 10 megs coming in, but I want the best setup for range ...
by jmay
Wed Jul 23, 2014 5:59 pm
Forum: General
Topic: 6.15 Wireless lost partial configuration.. is this a BUG?
Replies: 0
Views: 393

6.15 Wireless lost partial configuration.. is this a BUG?

We have a pair of 711G's being used as backhauls. I upgraded them from 6.7 to 6.15 about a week or 2 ago. Last night the slave side suddenly would not register. It saw the AP at a -50 but was reporting ranging errors. I rebooted both ends and they linked back up after rebooting the AP side, but woul...
by jmay
Sat Jul 19, 2014 1:13 am
Forum: General
Topic: v6.16/v6.17
Replies: 187
Views: 46431

Re: v6.16/v6.17

Where are the instructions for 802.11ac? I installed this on some rb711's and some rb911gs and I dont see an option for it. Do these boards not support this?
by jmay
Thu Jun 05, 2014 7:28 pm
Forum: RouterBOARD hardware
Topic: RB911G/RB912G - poor ccq/performance in benchmark setup
Replies: 17
Views: 6037

Re: RB911G/RB912G - poor ccq/performance in benchmark setup

Old post but I'm having the same problems with 912's. I've been jackin with these things for months trying to figure out what I'm doing wrong only find this post where apparently everyone is dealing with it. Frustrating My CCQ's are all over the place unless I limit them to MCS11 or 12. Throughput s...
by jmay
Wed May 14, 2014 12:49 am
Forum: General
Topic: RSTP and VLANS
Replies: 10
Views: 6648

Re: RSTP and VLANS

I just got back from vacation (yay cancun!) and finally got around to playing with this. I ran a test and an upstream loop does not get blocked by RSTP. So I'd like to play with mangle a bit and see if I can create storm control on these Mikrotiks. Any body have any examples? I know a real switch wo...
by jmay
Wed Apr 30, 2014 12:40 am
Forum: General
Topic: RSTP and VLANS
Replies: 10
Views: 6648

Re: RSTP and VLANS

Hmm, maybe this is my problem. I do use RSTP in other parts of the network for redundancy links, but not in this case. I've been expecting it to stop network loops if they occur however. Maybe I am mis-using this. In my diagram above, if a customer on switch 2 creates a network loop at his location,...
by jmay
Tue Apr 29, 2014 11:35 pm
Forum: General
Topic: RSTP and VLANS
Replies: 10
Views: 6648

Re: RSTP and VLANS

Ok I'm going to try this and run some experiments but I'm a bit confused. If I currently have just 1 bridge with all physical Ethernet ports on that bridge, how do the vlans even cross that bridge without utilizing the spanning tree? I would think that all traffic on the bridge would be bound to the...
by jmay
Tue Apr 29, 2014 5:41 pm
Forum: General
Topic: RSTP and VLANS
Replies: 10
Views: 6648

Re: RSTP and VLANS

Ok, don't make fun of my drawing I don't have visio. In it's simplest form this would be the layout. The loop was created by the customer on VLAN 100 on Switch 2. It took down everything plugged into Switch 2 and Switch 1. I could log into Switch 1 when it was happening because I was on the other si...
by jmay
Tue Apr 29, 2014 12:48 am
Forum: General
Topic: RSTP and VLANS
Replies: 10
Views: 6648

RSTP and VLANS

I have some mikrotiks setup as switches using RSTP. Basically I bridge all physical Ethernet ports and turn RSTP on. On the main switch at the router I set the priority lower than the default of 8000 to 7000 so it becomes the root bridge. All works well, I can even get failover working with this set...
by jmay
Wed Apr 23, 2014 7:54 pm
Forum: General
Topic: Deleted firewall address list and loopback bridge vanished!
Replies: 1
Views: 436

Re: Deleted firewall address list and loopback bridge vanish

Added info. I rebooted the router in the middle of the night and ended up with 3 bridges when I originally had one. So when the bridge disappeared the previous two times and I added a new bridge each time these were recovered after the reboot. Any thoughts?
by jmay
Tue Apr 22, 2014 8:55 pm
Forum: General
Topic: Deleted firewall address list and loopback bridge vanished!
Replies: 1
Views: 436

Deleted firewall address list and loopback bridge vanished!

Ok the first time this happened I thought I had a blonde moment but it happened a 2nd time to me today. The first time a few days ago. I have an RB1100AHx2 with 6.7 software and firmware 3.10. I was in winbox deleting a couple of IP addresses from the firewall address list when I suddenly lose conta...
by jmay
Wed Mar 26, 2014 12:49 am
Forum: General
Topic: Port forwarding question, can't wrap my head around this [SOLVED]
Replies: 3
Views: 791

Re: Port forwarding question, can't wrap my head around this [SOLVED]

This makes sense. (yes I read it). I'll try it tonight, thank you!
by jmay
Tue Mar 25, 2014 7:41 pm
Forum: General
Topic: Port forwarding question, can't wrap my head around this [SOLVED]
Replies: 3
Views: 791

Port forwarding question, can't wrap my head around this [SOLVED]

I setup a network video recorder at a location. It's natted behind a mikrotik router with a private IP. I have port forwarding working just fine so a phone can connect to the NVR from outside of that network. The issue is when the phone is inside that network I cannot use the same public wan IP to c...
by jmay
Thu Mar 20, 2014 12:57 am
Forum: General
Topic: Mikrotik as Switch, RSTP not stopping storms
Replies: 2
Views: 1926

Re: Mikrotik as Switch, RSTP not stopping storms

Yes, they are all mikrotik running 6.7.
by jmay
Fri Mar 14, 2014 7:57 pm
Forum: General
Topic: Mikrotik as Switch, RSTP not stopping storms
Replies: 2
Views: 1926

Mikrotik as Switch, RSTP not stopping storms

Maybe I'm setting this up wrong but I have several mikrotiks as switches throughout my network. I basically bridge all ports together and enable RSTP with its default settings. On the master switch which is closest to my backbone I set the priority to 7000 and leave all the rest at 8000. Today we ha...
by jmay
Tue Mar 11, 2014 12:09 am
Forum: The Dude
Topic: Reset Time Up Counter on Probes?
Replies: 0
Views: 1587

Reset Time Up Counter on Probes?

If you look at the service on a device it gives you a time up and time down counter. I don't see any way to reset these on 3.6. Is there a way?
by jmay
Fri Jan 31, 2014 7:27 pm
Forum: General
Topic: Limit number of DHCP requests through a bridged device?
Replies: 0
Views: 336

Limit number of DHCP requests through a bridged device?

Not sure if this is possible, need some advice. Right now my network consists of Mikrotiks as routers and switches. My clients are using another wireless access/point brand to get internet from me. These devices are not as advanced as a mikrotik device so I'm very limited on what I can do from the s...
by jmay
Wed Jan 29, 2014 5:25 pm
Forum: General
Topic: v6.8 pre-release (RC)
Replies: 44
Views: 5356

Re: 6.8

Wow, just downloaded. Do I want to try it? Hmm. Maybe, but where? Who should be my test subject? How bout that pesky customer that calls everyday with ridiculous problems? No, he's nice enough. How bout the company with the IT guy that thinks he knows more than anyone? Yes, he deserves the newest so...
by jmay
Tue Jan 21, 2014 8:05 pm
Forum: Wireless Networking
Topic: Transmit Receive Ratio - why does it have to be 50/50?
Replies: 12
Views: 2173

Re: Transmit Receive Ratio - why does it have to be 50/50?

We keep our backhauls on different frequency bands from access points, eliminating the need for sync on backhauls. I suppose you may be right that syncing modules could reduce some bandwidth because one access point may have more control slots designated than it needs, but I can assure you any loss ...
by jmay
Sat Jan 18, 2014 1:53 am
Forum: Wireless Networking
Topic: Transmit Receive Ratio - why does it have to be 50/50?
Replies: 12
Views: 2173

Re: Transmit Receive Ratio - why does it have to be 50/50?

Synced systems are pretty amazing. We have 75 towers using a synced access point system and there is 0 loss in a high rf environment. In fact, you can run 2 access points back to back (like east and west) on the same channel without interference or loss in bandwidth. I once had 2 separate radios att...
by jmay
Fri Jan 17, 2014 6:14 pm
Forum: Wireless Networking
Topic: Transmit Receive Ratio - why does it have to be 50/50?
Replies: 12
Views: 2173

Re: Transmit Receive Ratio - why does it have to be 50/50?

Let me clarify. With some other wireless brands the transmit receive ratio can be offset. In other words I can set the transmit to say 75% which means the radio transmits longer than it receives. So if you have a radio that is normally capable of 100mbps aggregate or 50mbps/50mbps, you can change th...
by jmay
Thu Jan 16, 2014 8:41 pm
Forum: Wireless Networking
Topic: Transmit Receive Ratio - why does it have to be 50/50?
Replies: 12
Views: 2173

Transmit Receive Ratio - why does it have to be 50/50?

Is this hardware controlled or software? As an ISP I will never need to utilize as much upload as I do download. I'm wondering why this can't be adjusted to favor download? Are 802.11 cards hardcoded with this built into them?
by jmay
Tue Jan 14, 2014 8:47 pm
Forum: General
Topic: Cisco Router responding to ARP requsts on all addresses
Replies: 1
Views: 432

Cisco Router responding to ARP requsts on all addresses

I have a bridged customer with a cisco router that responds to every arp ping on every address I ping in that subnet. This customer does not have a mikrotik supplying their internet so I need to stop this at the router or switch. I used mikrotiks as switches at my towers. I found this when another c...
by jmay
Sat Jan 11, 2014 12:36 am
Forum: General
Topic: MikroTik blocks iTunes device's restore
Replies: 6
Views: 2093

Re: MikroTik blocks iTunes device's restore

Can you get to the apple app store or iTunes? We had a problem that turned out to be our ip addresses. Apple was blocking them because they thought they were non-us addresses. We resolved this by changing them.
by jmay
Wed Jan 08, 2014 8:52 pm
Forum: Scripting
Topic: Watchdog script not working after upgrading to 6.7
Replies: 1
Views: 1045

Watchdog script not working after upgrading to 6.7

I upgraded from 5.25 to 6.7 on all my routers. All is well except I'm getting an error in my log stating "script error: no such item (4) The script is in reference to one I found on this forum that pings a device once a min and if 5 are missed it reboots. Do I need to change something in this script...
by jmay
Fri Jan 03, 2014 6:04 pm
Forum: General
Topic: My Router is being pinged on private IP by external IP, how?
Replies: 3
Views: 926

My Router is being pinged on private IP by external IP, how?

I was using torch to look at bandwidth and noticed that the 2nd router in my chain is being pinged by an outside public ip address. The address of my router that it's pinging is a private IP of 10.x.x.x. How exactly could this be happening?
by jmay
Thu Nov 14, 2013 6:38 pm
Forum: The Dude
Topic: Showing Network Percetange of Availability?
Replies: 0
Views: 843

Showing Network Percetange of Availability?

I love the fact that the dude is counting ping Time Up and ping Time Down, but is there a way I can manually create a calculation to show the availability percentage on a map?
by jmay
Fri Aug 09, 2013 6:30 pm
Forum: General
Topic: How do you keep your equipement cool at tower sites?
Replies: 2
Views: 609

Re: How do you keep your equipement cool at tower sites?

We've opted for some outdoor metal rack enclosures and we're going to try putting portable air conditioners in them and vent the exhaust outside. We'll see how it goes. Metal boxes with ac are pretty expensive, portable units are pretty cheap and easy to replace.
by jmay
Mon Aug 05, 2013 7:34 pm
Forum: General
Topic: How do you keep your equipement cool at tower sites?
Replies: 2
Views: 609

How do you keep your equipement cool at tower sites?

Does anyone have a source for cheap air conditioned outdoor cabinets? Most of our sites have been setup using metal truck toolboxes modified to fit our needs but now that I'm using routers I can't keep anything cool. Were in the desert where 100 degrees is very common. I'd like to start buying some ...
by jmay
Thu Jul 25, 2013 12:58 am
Forum: The Dude
Topic: Dude bandwidth Charts randomly wrong
Replies: 4
Views: 1962

Re: Dude bandwidth Charts randomly wrong

Ok, so I changed the map to 1 minute intervals and now it's working, but didn't work on longer intervals. I don't get it, but I suppose that'll work. This is version 3.6 by the way.
by jmay
Wed Jul 24, 2013 12:57 am
Forum: The Dude
Topic: Dude bandwidth Charts randomly wrong
Replies: 4
Views: 1962

Re: Dude bandwidth Charts randomly wrong

I've tried slowing down poling, even deleting the modules and re-adding. It's only happen on 2 routers and these are the 2 with the most bandwidth, 100-200 megs. Could that be the problem?
by jmay
Fri Jul 19, 2013 8:36 pm
Forum: The Dude
Topic: Dude bandwidth Charts randomly wrong
Replies: 4
Views: 1962

Dude bandwidth Charts randomly wrong

I've been using the Dude for a couple years now without any problems, but recently a couple of my routers are starting to report inaccurate bandwidth. They will start to graph about 1/3 of what is actually going through those routers. If I open up the bandwidth graph and click ok it starts graphing ...
by jmay
Thu Jul 18, 2013 11:46 pm
Forum: The Dude
Topic: Dude v4beta3 released
Replies: 253
Views: 99596

Re: Dude v4beta3 released

I guess I got a bit too excited too early, netxms SUCKS!!! Took me half the day to get the installer to work on server 2008. Finally got it installed and what a piece of garbage. Its really to bad us computer nerds are in charge of designing this crap because we really don't know how to make user fr...
by jmay
Wed Jul 10, 2013 5:56 pm
Forum: The Dude
Topic: Dude v4beta3 released
Replies: 253
Views: 99596

Re: Dude v4beta3 released

Glad I looked at the dude forums today! Looking at NetXMS right now! Droid support yeehaw!
by jmay
Fri Jun 07, 2013 1:24 am
Forum: General
Topic: Torch showing Source addresses that are not in router
Replies: 1
Views: 489

Torch showing Source addresses that are not in router

I have a subnet of arin IPs that are routed to me but are not in use and not in my router yet. When I use torch I see many of these IP's showing up as the source address with an outside IP as the destination.

How is this possible if I do not have these IP's in the router yet?
by jmay
Thu Jun 06, 2013 1:24 am
Forum: General
Topic: Email notification when CPU hits certain percent
Replies: 5
Views: 1081

Re: Email notification when CPU hits certain percent

I would be interested in this as well. Maybe above 80%?
by jmay
Thu Jun 06, 2013 1:21 am
Forum: General
Topic: DDOS Attack, Need some input from the Pros!
Replies: 5
Views: 1988

Re: DDOS Attack, Need some input from the Pros!

Hard to keep up with when your an ISP. Lots of people doing who knows what... Question, this may be one of these top secret don't ask publicly kind of things, but if I wanted to simulate an attack on my system to see how it holds up, how would I go about that? Are there reputable companies that offe...
by jmay
Sat Jun 01, 2013 6:06 pm
Forum: General
Topic: DDOS Attack, Need some input from the Pros!
Replies: 5
Views: 1988

DDOS Attack, Need some input from the Pros!

2 nights in a row we got hammered for about 30 minutes with enough traffic to shut us down. Unfortunatly it happened when I was not available to monitor what was happening. Since then I've implemented some new firewall rules and have been watching but no further attacks have come in. I'm wondering i...
by jmay
Fri May 10, 2013 8:31 pm
Forum: The Dude
Topic: Dude still graphs even while module is down
Replies: 15
Views: 3899

Re: Dude still graphs even while module is down

I still can't figure this out. The wiki is worthless or perhaps I just can't follow the instructions. It says not to use the OID in the available line, but yet if I don't it graphs nothing. I still don't understand what available is for. I also don't understand how it can report the probe as being d...
by jmay
Mon May 06, 2013 8:15 pm
Forum: The Dude
Topic: MikroTik: Please Open Source The Dude
Replies: 18
Views: 10857

Re: MikroTik: Please Open Source The Dude

We've also started to test out Ubiquiti and I must say we are very impressed. We still have several links using mikrotik and I haven't abandoned them for the simple fact that I work for a cheap company and mikrotiks fit their budget, but ubiquiti is really on top of their game. We use a large combin...
by jmay
Fri Apr 26, 2013 1:27 am
Forum: RouterBOARD hardware
Topic: Fiber Port Recomendations?
Replies: 2
Views: 1060

Re: Fiber Port Recomendations?

Interesting. So I would bridge the fiber port with an Ethernet port and effectively have a media converter right? No routing whatsoever?
by jmay
Tue Apr 16, 2013 11:58 pm
Forum: RouterBOARD hardware
Topic: RB711G Quality Control, is that an Oxymoran?
Replies: 3
Views: 1270

RB711G Quality Control, is that an Oxymoran?

We have 10 sets of RB711G-5HnD being used in a backhaul configuration. Out of the 20 Radios I've got 5 that won't run at 400mhz. They crash and reboot at 250mhz. Then I've got 4 other radios that have weak chain 0 or chain 1 transmit or receives (Its random which has a bad what). Example, a radio mi...
by jmay
Fri Apr 12, 2013 7:30 pm
Forum: RouterBOARD hardware
Topic: Fiber Port Recomendations?
Replies: 2
Views: 1060

Fiber Port Recomendations?

Growing and growing. We will soon be getting a new fiber connection at one of our towers. Our other fiber connection is using a router made by ImageStream with a built in fiber port. I don't like that router and would prefer to keep this one mikrotik. What is everybody else doing? Media Converter? N...
by jmay
Fri Feb 15, 2013 12:57 am
Forum: General
Topic: ISP's, what do you do with your excess Upload???
Replies: 1
Views: 372

ISP's, what do you do with your excess Upload???

This is not mikrotik related so forgive me if I am breaking any rules, but as an ISP I'm curious about this. We are currently using 2 seperate 200mbps fiber drops to distribute internet to our customers. With that bandwidth agreement comes 400mbps upload. Our customers only use about 30-40 of that s...
by jmay
Mon Jan 14, 2013 6:51 pm
Forum: The Dude
Topic: Dude still graphs even while module is down
Replies: 15
Views: 3899

Dude still graphs even while module is down

I have the dude graphing rf power levels and when the module is down it is still creating a graph based on the last reading. What am doing wrong? Heres an example of a Canopy module (I know I know), but we use both. I have it setup as a Function with the following commands. I multiple it by -1 becau...
by jmay
Wed Jan 09, 2013 5:22 pm
Forum: General
Topic: Simple Queue to Prioritize a Single IP?
Replies: 3
Views: 1005

Re: Simple Queue to Prioritize a Single IP?

Ok, but what happens if I set no limits? Will the first IP with the 1 as priority get to go first when router is congested with to much traffic?
by jmay
Tue Jan 08, 2013 11:46 pm
Forum: General
Topic: Simple Queue to Prioritize a Single IP?
Replies: 3
Views: 1005

Simple Queue to Prioritize a Single IP?

Ok, I've been through the wiki (which reads like a dictionary by the way) so I'd like to ask what I think is a basic question. If I want to prioritize one IP over all others is this the way to do it? Create a simple queue with the IP address to the priority computer (lets says 192.168.1.100) in the ...
by jmay
Sat Jan 05, 2013 12:20 am
Forum: Wireless Networking
Topic: Wireless backhaul with loadbalance
Replies: 4
Views: 1369

Re: Wireless backhaul with loadbalance

I think you had OSPF misconfigured. I have the setup you are looking for and it balances 50% of the traffic to each of 2 sets of radios. I have a router on each end of the link setup with OSPF and 2 sets of wireless backhauls connected to each router. I am acheiving nearly 200megs between the 2 radi...
by jmay
Fri Jan 04, 2013 6:53 pm
Forum: General
Topic: RB711's Kernal Panic,Reboot,Lose Firmware, cpu sets to 250mz
Replies: 4
Views: 669

Re: RB711's Kernal Panic,Reboot,Lose Firmware, cpu sets to 2

Updating firmware and software did not help. Router was rebooting about every minute. The only way I could resolve it was to set it back to 250mhz which is ok for that particular link, but Id like to be able to run it faster. Any other ideas?
by jmay
Fri Jan 04, 2013 4:34 am
Forum: General
Topic: RB711's Kernal Panic,Reboot,Lose Firmware, cpu sets to 250mz
Replies: 4
Views: 669

RB711's Kernal Panic,Reboot,Lose Firmware, cpu sets to 250mz

I've got several of these in a wireless backhaul configuration using NV2 and wds. I noticed today that about 4 or them were running at 250mhz instead of 400mhz, so I changed them to 400 and rebooted. One of them never came back after the reboot. Took a power cycle to get it going. 2 hours later it h...
by jmay
Wed Jan 02, 2013 8:34 pm
Forum: Wireless Networking
Topic: Wireless Transmit/Receive Ratio, Does it HAVE to 50 50%?
Replies: 1
Views: 624

Wireless Transmit/Receive Ratio, Does it HAVE to 50 50%?

We are using many of these as wireless backhauls and with other branded hardware the transmit and receive ratio can be adjusted to favor more download. Is this not possible with mikrotik? I'm using RB711's.
by jmay
Thu Dec 13, 2012 8:49 pm
Forum: General
Topic: Script to disable/enable Ethernet Port?
Replies: 1
Views: 1104

Script to disable/enable Ethernet Port?

I have a backup provider and I've got OSPF setup to send all traffic to another router in the event of a failure and that secondary router will NAT all of my public IP's so atleast internet is going. We're working toward setting up BGP but for the time being this is a decent solution. My Problem is ...
by jmay
Tue Dec 11, 2012 8:40 pm
Forum: General
Topic: I guess my router is being attacked, am I protected?
Replies: 1
Views: 530

I guess my router is being attacked, am I protected?

OK so my main router that connects to my upstream provider is getting a ton of attention right now. I have a firewall rule that throws IP's into an address list whenever someone attempts to telnet, ssh, or ftp into the input chain of that router. It stores these IP's for 7 days and drops any and all...
by jmay
Wed Aug 01, 2012 11:46 pm
Forum: General
Topic: Looking for Dispatching Software, what do you use?
Replies: 2
Views: 559

Looking for Dispatching Software, what do you use?

We're an ISP that needs to upgrade our chalk board! We're trying to find some cheap (or free) sofware for schedule installs and service calls. We'd like something with a calendar view and something that can log support calls and service call notes. Somethign with ticket tracking and the ability to a...
by jmay
Fri Jul 20, 2012 11:36 pm
Forum: General
Topic: ARIN Gave me IP's from Sweden, I'm in the US. What to do?
Replies: 3
Views: 627

Re: ARIN Gave me IP's from Sweden, I'm in the US. What to d

Yah they gave us a /21 block of IP's. Our provider experienced the same issue several months ago when they deployed some from the same range of IP space. After about a month the issues went away without them doing anything, but I'm wondering if I can speed up the process. My DNS servers are all set ...
by jmay
Fri Jul 20, 2012 5:55 pm
Forum: General
Topic: ARIN Gave me IP's from Sweden, I'm in the US. What to do?
Replies: 3
Views: 627

ARIN Gave me IP's from Sweden, I'm in the US. What to do?

We are an ISP who bought IP's for the first time from ARIN and we cannot use them as many sites are blocking these IP's as they think they are non US addresses. Also sites like yahoo redirect users to a Dutch version. ARIN says they cannot help. What do I do? When will the internet learn these are n...
by jmay
Wed May 30, 2012 7:58 pm
Forum: General
Topic: Setting up Restricted Winbox Users
Replies: 2
Views: 723

Setting up Restricted Winbox Users

I'm a bit confused with the user group settings in Mikrotik. I'd like to setup a user with read access and the ability to enable or disable configurations, but not modify them or delete them. Is this possible?
by jmay
Wed May 02, 2012 9:37 pm
Forum: General
Topic: General ISP Question - What do you do with your unneeded bw?
Replies: 9
Views: 1254

Re: General ISP Question - What do you do with your unneeded

Good topic. We have 125mb of never been used upload. I've often wondered if we shouldn't be hosting an adult entertainment site of some kind, but highly doubt the owners would ever approve that. The looks on their faces might just be worth putting a proposal together though! :)
by jmay
Wed May 02, 2012 9:29 pm
Forum: The Dude
Topic: MikroTik: Please Open Source The Dude
Replies: 18
Views: 10857

Re: MikroTik: Please Open Source The Dude

**** it dude, let's go bowling!
by jmay
Wed May 02, 2012 9:15 pm
Forum: Forwarding Protocols
Topic: How to elect DR and BDR by manually setting router-id?
Replies: 1
Views: 3724

Re: How to elect DR and BDR by manually setting router-id?

For best results create a loopback by creating a bridge with no ports assigned to it. Give that bridge a loopback IP and use that as your router ID. Router priority determins designated router and backup designated router. Once ospf interfaces are up and running open the dynamic interface and copy i...
by jmay
Wed May 02, 2012 9:10 pm
Forum: General
Topic: Canopy causing problems??
Replies: 1
Views: 397

Re: Canopy causing problems??

We are using both. They co-exist just fine with frequency seperation.
by jmay
Wed May 02, 2012 7:34 pm
Forum: General
Topic: WHAT YOUR MORE LONG UPTIME ? and more long PTP link ?
Replies: 1
Views: 426

Re: WHAT YOUR MORE LONG UPTIME ? and more long PTP link ?

I've got a router I'm using as a comercial power monitor thats has a system uptime of 474 days and counting! Its a poor mans monitor, pings go away power must be out. Most of our sites are lucky to get a month without breif power outages. Wireless links I am new to but I've got several backhauls tha...
by jmay
Wed May 02, 2012 1:14 am
Forum: General
Topic: Mikrotik Training for IPv6?
Replies: 2
Views: 479

Mikrotik Training for IPv6?

Does anyone know if there is a Mikrotik Training class that focuses on IPv6? I looked at the training page and didn't see anything being held in North America. I'd like to get introduced to it before it becomes too late and I'm scrambing to understand it.
by jmay
Mon Apr 30, 2012 6:55 pm
Forum: Forwarding Protocols
Topic: Speed to loopback IP
Replies: 3
Views: 1509

Re: Speed to loopback IP

I just tried the ping test and my ping times were identical between an interface IP and Loopback IP, averaged 6ms. As far as TCP/IP bandwidth tests being un-accurate watch your CPU meter on the routerboards. They will peak out at 100%. I think the processors are not big enough to self generate that ...
by jmay
Mon Apr 30, 2012 6:31 pm
Forum: The Dude
Topic: The Dude is dead. Move on.
Replies: 106
Views: 36341

Re: The Dude is dead. Move on.

Well you get what you pay for! I for one would love to see more features added to it. SNMP write among them. More support for non-mikrotik hardware such as Canopy would be awesome! We'd even pay for the software at that point. But for now it gets the job done and cost much much less than the Motorol...
by jmay
Tue Apr 10, 2012 8:34 pm
Forum: General
Topic: Syn Flood Protection for ISP
Replies: 6
Views: 8144

Re: Syn Flood Protection for ISP

Thanks for the reply. I've already got syn cookies enabled. Is that considered good enough or should I be limiting connections?
by jmay
Tue Apr 10, 2012 1:16 am
Forum: General
Topic: Syn Flood Protection for ISP
Replies: 6
Views: 8144

Re: Syn Flood Protection for ISP

I think you got it! I setup the firewall rule based on the above web site. What do I set to make the settings per IP? Would that be under the per connection classifer?
by jmay
Mon Apr 09, 2012 6:00 pm
Forum: Wireless Networking
Topic: What is everybody using for AP SM combos?
Replies: 2
Views: 749

What is everybody using for AP SM combos?

We're a Canopy network using Mikrotik as core routers, but we recently starting using RB711's as backhauls and have been highly impressed with them. So we're thinking about migrating outside of Canopy for our access points and Subscribers and are looking at MT and another brand to run some tests on....
by jmay
Sat Apr 07, 2012 1:55 am
Forum: General
Topic: Syn Flood Protection for ISP
Replies: 6
Views: 8144

Syn Flood Protection for ISP

I'm experimenting with the wiki example at http://wiki.mikrotik.com/wiki/DoS_attack_protection I've never been attacked but I'm trying to keep it that way. We are an ISP with about 1500 current customers, many of which have email servers and web servers that they run. So when I plugged in the defaul...
by jmay
Sat Apr 07, 2012 12:55 am
Forum: General
Topic: Spray painting SXT?
Replies: 6
Views: 872

Re: Spray painting SXT?

Uh oh, this is how it started over there at Apple!
by jmay
Fri Apr 06, 2012 11:44 pm
Forum: Forwarding Protocols
Topic: Replaced Router, OSPF quit working til reboot of all routers
Replies: 1
Views: 786

Replaced Router, OSPF quit working til reboot of all routers

I upgraded an RB1100 with an RB1100AHx2 which serves as my gateway router for about 10 other routers which are all linked together via OSPF. I exported and imported the file to make an exact copy but when I fired up that router all hell broke loose! We had to winbox into each of the connecting route...
by jmay
Fri Mar 09, 2012 12:36 am
Forum: General
Topic: Advanced Firewall Help
Replies: 1
Views: 425

Advanced Firewall Help

I think this is advanced. I have about a dozen or so routers all interconnected through ospf with one router as the gateway to my fiber. I'd like to put in a rule at the border router to protect all the routers behind it from things like ssh, telnet etc. But all of the routers have multiple public g...
  • 1
  • 2