MikroTik

Discus

Incidentally, if you want the equivalent of a "native" VLAN, don't put any tag on the Mikrotik port, just assign the relevant IP for that "native" subnet to the relevant Ethernet port (and make it "native" on the Cisco).

Discus

You only need DHCP relay if you're wanting to use an external (to the router) DHCP server. With Mikrotik, define your pool(s), put a DHCP server instance on each VLAN interface and assign pools and other details to it. In your case, you want 10 pools, one for each /24. Create 10 VLAN interfaces (wit...

Discus

I believe to be effective, you're supposed to run the test from an external device to an external device through the device under test (i.e. to measure throughput on your CCR, you need a bandwidth test server and client connected through the CCR, rather than testing to/from the CCR itself to your ma...

Discus

Maxstel - a /128 in ipv4 is the same as a /32 in ipv4 - it's effectively a single host "subnet" - you can't use it for a p2p network (but it works OK as a loopback IP for management purposes).
Unfortunately Janisk's answer didn't really help much.

Discus

I tried NV2; this has been stable but I lose about 20mbit/s throughput (testing to a speedtest mini instance on the other side of the link) compared with nstreme (30mb/s vs 50mb/s)

Discus

I have had a wireless link running across a road for several years now (rock solid for the most part). Recently, it's been occasionally disconnecting, seemingly at random. After upgrading to the latest RouterOS version (5.25 from 5.4) it's become extremely flaky. On looking at the logs of the two de...

Discus

I think you have your to-addresses and dst-address backwards? If we assume the WAN address you'd like to have ports forwarded to the camera is 192.168.1.117 and the camera's assigned LAN IP address is 192.168.88.51, a rule like: chain=dstnat action=dst-nat to-addresses=192.168.1.114 to-ports=6080 pr...

Discus

I have submitted a feature request in the RouterOS v6 forum.

Discus

In an increasingly IPv6 world, it would be useful if Mikrotik fully supported ipv6 subnet masks longer than /64. This generally requires the ability to disable subnet-router anycast , which does not seem to be the case in RouterOS (at least not in v5.x; I haven't seen v6 yet, and I doubt it is there...

Discus

The relevant RFC is http://tools.ietf.org/html/rfc6164 is there an ETA on support for this?

It helps to mitigate significant attacks such as neighbour cache exhaustion (e.g.).

Discus

Incidentally, the Best Current Operational Practices ( according to IPBCOP ) suggest that whilst /64 should be allocated to PtP links, masks should be /127 to avoid various issues ( point B, page 4 of doc ). This would suggest Mikrotik ought to look at implementing the option of disabling subnet-rou...

Discus

How are you testing throughput? If you're using the built-in mikrotik bandwidth tests, note that you should not ideally be testing to and from routers/links you're interested in, but to things on the other side (i.e. you should have a bandwidth test server and client on "the other side" of...

Discus

If you'd like to learn (a lot) more about wireless networking, http://wndw.net/download.html is an excellent resource, and some versions are available in Indonesian.

Good luck!

Discus

1) it depends (on things you don't say in the post, like how "noisy" it is there, how good the LOS is, etc. etc. etc. etc.) 2) you can try any combination of antennae, as long as the polarisation is the same; if you have the panel and other antenna lying around, try it out; if performance ...

Discus

I can't imagine that Zyxel magically over-rides the client's DHCP mode; they must be doing some sort of (symmetric) NAT on such devices. This is more or less what I was talking about in the second paragraph - it's certainly possible to do this. I suspect you may have to run some scripts to get this ...

Discus

Thanks janisk, I think we'll get our ISP to change the router subnet, it seems the better option.

Having a /48, we're not exactly short on space just yet...

Discus

No problem, glad it worked out for you

Discus

time.nist.gov is used by far too many people* -it's possible it fell over under load. If you specifically want a NIST server, try one of the others at http://tf.nist.gov/tf-cgi/servers.cgi but pool.ntp.org is an extremely good idea. Also, you can try the more fully featured NTP Client/Server RouterO...

Discus

Have you tried a different NTP server? It's generally a good idea to set up a secondary as well.

http://pool.ntp.org has plenty of candidates you can try

Failing that, and assuming you have internet connectivity from that router, I can only suggest power-cycling the unit in question.

Discus

I've not seen any Mikrotik specific stuff, but you could always use a 3rd party ATA and appropriate configs in your CPEs to pass traffic back to your VOIP server at the datacentre. If you need something more complex than a simple phone extension, then you'll probably need more complex devices; these...

Discus

I've scarcely any BGP experience, but I imagine you can set up e.g. a PC-based quagga server as a route reflector (or otherwise "sucking"/copying/cloning its routes from your Mikrotik) or similar and then use lookingglass on that? That way the quagga server "knows" the same info ...

Discus

There may be a Miktotik way of doing this, but this sounds very much like a job for a separate RADIUS server. Another option, since you have lots and lots of private address space, is that you can simply create another DHCP pool for the other users, and add new ones as your userbase outgrows the sub...

Discus

Use src and dst nat rules to translate between the public and private addresses on your gateway router (I assume the public address is routed to your gateway router). e.g. in Winbox, IP>Firewall>NAT + Chain: Srcnat Src Address: <private> Action: src-nat To Addresses <public> OK + dstnat dst address:...

Discus

IP>DHCP>Networks double click on the DHCP network you want to change change the netmask. it's generally a good idea to change the address in the same place too - so if you're e.g. splitting a /24 into two /25s, make the netmask 25 (or 255.255.128) and the Address x.x.x.x/25 click OK. Changes only ta...

Discus

As long as that IP address doesn't conflict with another, it should be OK as long as your firewall rules allow it. I am of course assuming that the static IP addresses are something you know in advance (i.e. you use DHCP to hand out addresses from e.g. the bottom half of 192.168.1.0/24 and staticall...

Discus

Are there perhaps any firewalls in the way?

Discus

To be sure you get all the traffic, you'll be better off with firewall rules; I generally find that routerboards (being routers) merrily pass packets between connected VLANs, which most switches (being L2 devices) don't do. Simply specify some firewall reject/drop rules in the forward chain with the...

Discus

A possible solution to this is to simply drop/reject all traffic from 10.1.1.0/24 to 192.168.1.0/24 (IP>Firewall; you'll need a forward chain rule) - make sure you first allow connections to 192.168.1.1, otherwise they'll get no internet.

Discus

Not sure exactly when I bought this RB750, but it's the second one to fail (at around 6am yesterday) in the exact same place in the network.
On reading this thread, I've swapped out the 24V adaptor that was powering it to a 12V for the replacement RB750. Fun start to a Monday morning...

Discus

*bump* ?

Discus

It works by examining the packets for Layer7 traffic containing "videoplayback" (which youtube uses) and then assigning packet marks based on this which are then used in the queues to limit traffic. You may find (if you have space/computer lying about the place) that squid offers more powe...

Discus

Our upstream ISP has asked us to use a /125 ipv6 subnet for the point-to-point link (ethernet) between our border router and their router. However, I can't get packets to flow from our network beyond their gateway IP on that /125. A friend with more IPv6 experience suggests any ipv6 link less than a...

Discus

fewi - Many, many thanks for your invaluable advice! I figured out why a lot of the inter-router VLAN traffic was broken. Some idiot forgot to allow VLAN 2 on the trunk between the 3750 and the core RB1000... Oops...! Anyway, your proposed network makes a lot more sense, so I'm going that route! I'm...

Discus

Hi there, I've been scratching my head and pounding it on the desk in frustration for the past little while. I have read the VLAN wiki entry numerous times and it hasn't (yet) lead to a lightbulb moment! I'm trying to split 2 sections of a network off from the rest with a couple of VLANs in a mixed ...

Discus

On *very* crude method of blocking facebook is to drop all packets containing facebook - in chain forward, put facebook into the content field under Advanced in winbox IP>firewall filter rules. Use Action reject with icmp host prohibited.

Discus

Hi there, I've currently got two different sites, one has managed switching infrastructure and the other not. In the unmanaged environment (Building 1&2), there are 2 ways to get to the main "campus" (building 3) - a MikroTik wireless link, or a Speedstream SDSL link. Obviously, the Mi...

Search found 36 matches

Re: Mikrotik DHCP server on Cisco Switches

Re: Mikrotik DHCP server on Cisco Switches

Re: BW TEST not go more than 1G with TCP

Re: [Feature Request] - Support RFC6164

Re: intermittent management-protection failure

intermittent management-protection failure

Re: IP Camera Port forwarding

Re: ipv6 subnet-router anycast - how to disable?

[Feature Request] - Support RFC6164

Re: ipv6 subnet-router anycast - how to disable?

Re: ipv6 subnet-router anycast - how to disable?

Re: wireless bandwidth problem

Re: What should i choose, a grid or flatpanel?

Re: What should i choose, a grid or flatpanel?

Re: IP plug and play

Re: ipv6 subnet-router anycast - how to disable?

Re: Howto tunnel hotspot traffic directly to internet router

Re: sntp problem - I don't get the time.....

Re: sntp problem - I don't get the time.....

Re: Analog Telephone Adapter (ATA) for RB?

Re: Looking Glass Type Software for RouterOS Request

Re: Dynamic mapping of Private IPs to Public IPs

Re: static routing question

Re: RB450G DHCP Subnet Mask

Re: IP plug and play

Re: sntp problem - I don't get the time.....

Re: Two separate networks on one device

Re: Howto tunnel hotspot traffic directly to internet router

Re: RB450 Capacitors problem?

Re: ipv6 subnet-router anycast - how to disable?

Re: Download limit for websites like youtube, rapidshare etc

ipv6 subnet-router anycast - how to disable?

Re: VLANs - mixed Cisco/Mikrotik

VLANs - mixed Cisco/Mikrotik

Re: how to block https://www.facebook.com

Networking redundancy