Community discussions

Search found 469 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 10
by FIPTech
Sun Oct 28, 2018 2:38 pm
Forum: Scripting
Topic: Variable to read DHCP client options in a DHCP server lease script
Replies: 0
Views: 450

Variable to read DHCP client options in a DHCP server lease script

Are there variables available to read DHCP client options in a DHCP server lease script ? I would need to read the User Class option (code 77), to break the iPXE loop when booting an iPXE client (chainloading from a TFTP boot file). https://ipxe.org/howto/dhcpd#pxe_chainloading This is to select the...
by FIPTech
Wed Oct 17, 2018 3:27 pm
Forum: RouterOS v7
Topic: Feature request: CAPsManager - roaming
Replies: 79
Views: 22093

Re: Feature request: CAPsManager - roaming

It would be nice in the meantime to have guidelines to optimize roaming with Capsman.
by FIPTech
Tue Aug 07, 2018 12:04 pm
Forum: RouterOS v7
Topic: Capsman forwarding not compatible with IPv6
Replies: 9
Views: 1872

Re: Capsman forwarding not compatible with IPv6

I think that some glue code is missing to get IPv6 multicast working with Capsman interfaces. Probably the multicast helper is IPv4 only. It has not been updated to work with IPv6. This explain why in your case IPv6 clients does not get an IPv6 address with auto-configuration. In my case i wanted to...
by FIPTech
Wed Jul 12, 2017 1:24 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

Are you able to dump a configuration from the ProCurve's showing a single port untagged for VLAN1 and tagged for VLAN1? I'd be extremely surprised if that is the case as well as confused as to how that isn't at the least causing the link to bridge traffic twice if not forming a loop. I know this is...
by FIPTech
Tue Jul 11, 2017 9:55 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

It is not possible to use untagged and tagged vlan-id=1 traffic at the same time. you mean, untagged on some ports and tagged on others? or both untagged and tagged on the same port (schrodinger vlan)?.. I think he means "have vlan 1 tagged on some port, and at the same time have some other vlan un...
by FIPTech
Tue Jul 11, 2017 9:50 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

It is not possible to use untagged and tagged vlan-id=1 traffic at the same time. you mean, untagged on some ports and tagged on others? or both untagged and tagged on the same port (schrodinger vlan)?.. I think he means "have vlan 1 tagged on some port, and at the same time have some other vlan un...
by FIPTech
Tue Jul 11, 2017 4:41 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

According to a simple test i've just done on a vlan aware bridge, it is not possible to use tagged vlan 1 and untagged traffic at the same time. As soon as a bridge vlan rule is set with vlan-ids=1 and bridge ports added as tagged, Winbox connection (connected on the bridge untagged vlan IP) is lost...
by FIPTech
Tue Jul 11, 2017 4:32 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: RE: Re: v6.40rc [release candidate] is released! (New bridge implementation)

I think i would be interesting to have an option inside Winbox to automatically create a vlan rule on a brige when adding a vlan interface to it. This would create a vlan rule with the vlan id of the interface, including all bridge ports. Agree but winbox isn't alway possible to use. I still think ...
by FIPTech
Tue Jul 11, 2017 12:55 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

I think i would be interesting to have an option inside Winbox to automatically create a vlan rule on a brige when adding a vlan interface to it.

This would create a vlan rule with the vlan id of the interface, including all bridge ports.
by FIPTech
Tue Jul 11, 2017 9:57 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

A couple problems seen during testing : 1) The new vlan aware bridge seems to broke ROMON function. I did loose ROMON router access after this problem did appear so i have no more information to share. This is to be confirmed, the root cause is perhaps another problem as i was testing RSTP. When i d...
by FIPTech
Tue Jul 11, 2017 3:26 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

I did some RSTP tests with a correct (i think) vlan aware bridge setup.

I was not able to get RSTP working correctly with an HP procurve 2520-8-G at the other side. Specially when Mikrotik (RB750G) is not the STP root.

Somebody did success ?
by FIPTech
Tue Jul 11, 2017 2:44 am
Forum: RouterOS v6 RC and v7 BETA
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: RE: Re: v6.40rc [release candidate] is released! (New bridge implementation)

In my understanding native vlan is always untagged even on trunk port On cisco is 1 by default I used vlan 99 tagged to be my management vlan, but now on this new way I can't find PS My dot1q it is on my rb 450g where All vlan is set up on eth 2. And management ip is set to vlan 99 But I can't ping...
by FIPTech
Tue Jul 11, 2017 12:53 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

frame-types and ingress-filtering do not appear inside bridge details : [admin@MikroTik] /interface bridge> print detail Flags: X - disabled, R - running 0 R ;;; defconf name="bridge" mtu=auto actual-mtu=1500 l2mtu=1520 arp=enabled arp-timeout=auto mac-address=00:0C:42:70:13:66 protocol-mode=none fa...
by FIPTech
Tue Jul 11, 2017 12:26 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

Has the RouterOS behavior changed.. I havent tried it yes but this confusion has been discussed here: https://forum.mikrotik.com/viewtopic.php?f=2&t=115115&p=572377&hilit=pvid+0#p572377 Different vendros use different approach to native VLAN.. Yes, but regardless what is used internally to mark unt...
by FIPTech
Mon Jul 10, 2017 8:31 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

Here is the article about new VLAN-aware bridge implementation: https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering A couple examples will be added and more information will be updated based on your feedback. Something is not clear to me for vlan-id=1, the default for PVID....
by FIPTech
Mon Jul 10, 2017 5:32 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

This puts you in the position someone like Cisco is in. Easy and consistent to configure across your platforms for layer 2. TLDR; consistency breeds confidence and confidence brings hardware sales. As soon as the GUI / Console gives a good understanding of the underlying technology, it's not a prob...
by FIPTech
Mon Jul 10, 2017 4:43 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

We can now make two bridges in the same switch group. For example (RB750G) : Ether2 and Ether3 -> bridge1 Ether4 and Ether5 -> bridge2 Ether2 to Ether5 are in the same hardware switch group. Does it mean that there is full level2 isolation between the two bridges ? Or not ? How is it managed interna...
by FIPTech
Mon Jul 10, 2017 1:20 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

RB750G (Atheros 8316 supported switch chip) : hw-offload does not seem to work : [admin@MikroTik] /interface bridge port> print detail Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload 0 interface=VLAN-LAB-Ether2 bridge=bridge3 priority=0x80 path-cost=10 internal-path-cost=10 edge=auto ...
by FIPTech
Mon Jul 10, 2017 12:46 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

I am try /tool fetch url=(https://api.telegram.org/botXXX/sendMessagechat_id=YYY&text=test) check-certificate=no keep-result=no mode=https and receive error: failure: invalid URL protocol Syntax is not correct i think. Try this : /tool fetch url="https://api.telegram.org/botxxx/sendMessage\?chat_id...
by FIPTech
Sun Jul 09, 2017 10:12 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

Seems like there is a problem with msti bridge ID (mac address is wrong) : [admin@MikroTik] /interface bridge msti> monitor 0 state: enabled current-mac-address: 00:00:00:00:00:00 root-bridge: yes root-bridge-id: 0x6005.00:00:00:00:00:00 regional-root-bridge-id: 0x6005.00:00:00:00:00:00 root-path-co...
by FIPTech
Sun Jul 09, 2017 9:49 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

I've seen this after changing STP mode or changing STP priority. Disappear after router reset : Root bridge ID : 0x8000.00:00:00:00:00:00 The mac address should be the one of the admin-mac address of the bridge : 00:3C:97... This address is really sent in BPDUs, can be seen on a connected procurve s...
by FIPTech
Sun Jul 09, 2017 9:25 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

EDIT 2: I'm taking a break for a bit, I'm not seeing a way to configure MST instances yet Is it what your are looking for ? [admin@MikroTik] /interface bridge msti> print detail Flags: X - disabled 0 identifier=5 bridge=bridge3 priority=0x6400 vlan-mapping=4060 [admin@MikroTik] /interface bridge ms...
by FIPTech
Sun Jul 09, 2017 3:40 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

!) bridge - implemented software based MSTP (untested, undocumented, CLI only); !) switch - "master-port" conversion into a bridge with hardware offload "hw" option (undocumented, CLI only); Quite how you expect anybody to be able to understand or test this in any meanigful way (and thus provide me...
by FIPTech
Sun Jul 09, 2017 3:21 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

I have rb2011 with 2 to 5 ports in master-slave relations via "master-port". Also I had switch filter rule to limit broadcast packets to 5th port of this group flowing from other ports in this group (I have wifi access point on this 5th port and significant broadcasts on other ports). What should I...
by FIPTech
Sun Jul 09, 2017 12:32 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

bridge ports : point-to-point=auto detection does not seem to work. Duplex links (most frequent case) should be detected as point-to-point links. half duplex links (connected to a hub for example) should be considered shared links. from : http://www.cisco.com/c/en/us/support/docs/lan-switching/spann...
by FIPTech
Sat Jul 08, 2017 5:16 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 35189

Re: v6.40rc [release candidate] is released! (New bridge implementation)

Enabling mstp on the interface used for management result in disconnecting Winbox (RB750G).

No other stp device in the network.

If safe mode is active it is not possible to enable mstp.

Enabling RSTP do not trig this problem.
by FIPTech
Mon Jul 03, 2017 12:58 pm
Forum: RouterOS v7
Topic: Capsman forwarding not compatible with IPv6
Replies: 9
Views: 1872

Re: Capsman forwarding not compatible with IPv6

I've just redo an IPv6 check. IPv6 seems to work behind Capsman forwarding. The router OS wifi client can connect to a global IPv6 address with this setup. But IPv6 does not work behind station pseudobridge. This mode is mandatory to bridge a device behind the wifi client. It does work with IPv4 onl...
by FIPTech
Mon Jul 03, 2017 3:52 am
Forum: RouterOS v7
Topic: Capsman forwarding not compatible with IPv6
Replies: 9
Views: 1872

Re: Capsman forwarding not compatible with IPv6

Do you have an example config that isn't working? I've been using CAPSman with full dual stack for some time. I'm in the process of converting it all over to VPLS, but not forwarding IPv6 never popped up as an issue with me original config. nb Another question : Are you using station or station pse...
by FIPTech
Sun Jul 02, 2017 4:52 pm
Forum: RouterOS v7
Topic: Capsman forwarding not compatible with IPv6
Replies: 9
Views: 1872

Re: Capsman forwarding not compatible with IPv6

Do you have an example config that isn't working? I've been using CAPSman with full dual stack for some time. I'm in the process of converting it all over to VPLS, but not forwarding IPv6 never popped up as an issue with me original config. nb I don't have anymore this setup as i did add VPLS tunne...
by FIPTech
Fri Jun 30, 2017 9:40 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 44709

Re: v6.40rc [release candidate] is released!

We could think how to sync the APs that are on different frequencies but located on the same tower and connected to the same ethernet network. You could take some ideas from or use PTP (https://en.wikipedia.org/wiki/Precision_Time_Protocol) to synchronise the APs internal clocks over ethernet and h...
by FIPTech
Wed Jun 28, 2017 1:47 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 44709

Re: v6.40rc [release candidate] is released!

For this to work, there are two solutions : - the radio clock need to have an input for a sync reference, and a sync generator is needed to generate the sync carrier on the right frequency. - the radio clock need a VCO clock, voltage controlled oscillator, so that it is possible to adjust the trans...
by FIPTech
Thu Jun 22, 2017 11:14 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 44709

Re: v6.40rc [release candidate] is released!

To use radio to sync the AP is crazy if you have an interference on the channel (in dense urban area is very easy) you lost the slave or slaves..... GPS sync reduce interference on the tower, reduce interference beetwen the towers, allow dense deployment and the last but not least allow sync beetwe...
by FIPTech
Wed Jun 21, 2017 10:40 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 44709

Re: v6.40rc [release candidate] is released!

We could think how to sync the APs that are on different frequencies but located on the same tower and connected to the same ethernet network. You could take some ideas from or use PTP (https://en.wikipedia.org/wiki/Precision_Time_Protocol) to synchronise the APs internal clocks over ethernet and h...
by FIPTech
Thu Jun 15, 2017 5:07 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: ICMPv6 default rule RFC4890 problem
Replies: 0
Views: 456

ICMPv6 default rule RFC4890 problem

In the recent v6 RC there is a new default firewall rule for IPv6 input filtering. /ipv6 firewall filter add action=drop chain=input comment=\ "defconf: rfc4890 drop ll if hop-limit!=255" dst-address=fe80::/10 \ hop-limit=not-equal:255 protocol=icmpv6 This is causing problems when pinging from Windo...
by FIPTech
Thu Jun 15, 2017 12:07 am
Forum: General
Topic: RouterBoard Hardware Switch questions.
Replies: 3
Views: 951

Re: RouterBoard Hardware Switch questions.

Why should it be directorial, if you send traffic then you want to know if it has arrived and if not, retransmit. Inside router OS, a software bridge rule (a forward filter) is directional. It is effective only in the direction you did write it for. If you need traffic in the other direction, you n...
by FIPTech
Wed Jun 14, 2017 9:10 pm
Forum: General
Topic: RouterBoard Hardware Switch questions.
Replies: 3
Views: 951

Re: RouterBoard Hardware Switch questions.

Something else i've just discovered : Switch Rules are not fully directional (to be confirmed). Example : Here is a set of two rules to restrict traffic between two switch ports : 0 switch=switch1 ports=ether1-sw1-Wan-TV vlan-id=100 copy-to-cpu=no redirect-to-cpu=no mirror=no new-dst-ports=ether5-sw...
by FIPTech
Wed Jun 14, 2017 6:48 pm
Forum: General
Topic: RouterBoard Hardware Switch questions.
Replies: 3
Views: 951

RouterBoard Hardware Switch questions.

I've always had some difficulties to setup hardware switches on Routerboards, even after reading in details the wiki about this, as soon as the setup is more complicated than enabling master port on some ports, to switch all ports of the group and get an interface and mac address for the switch grou...
by FIPTech
Tue Jun 13, 2017 9:06 pm
Forum: Wireless Networking
Topic: Radar detection auto disabling when using reduced power
Replies: 3
Views: 2420

Re: Radar detection auto disabling when using reduced power

Router OS do know the antenna gain (dBi), there is a setting for this. And it does take this into account when adjusting the TX power level if you are using regulatory-domain mode or Capsman. For APs with integrated antenna, antenna gain could even be hardcoded. In the end too much regulations is pa...
by FIPTech
Tue Jun 13, 2017 3:43 pm
Forum: Wireless Networking
Topic: Interface Naming for DualBand devices and Capsman
Replies: 0
Views: 306

Interface Naming for DualBand devices and Capsman

For Capsman provisionning, i think it would be useful to have a way to select interfaces by frequency band. So that we can give a name with the Band in it. For example, when provisionning a dual band HAP access point, we need actually to create two provisionning rules with selection by MAC address o...
by FIPTech
Tue Jun 13, 2017 3:28 pm
Forum: Wireless Networking
Topic: Radar detection auto disabling when using reduced power
Replies: 3
Views: 2420

Radar detection auto disabling when using reduced power

With Capsman, it would be useful i think to have an option to automatically disable Radar detection when using low power level outdoor. Radar detection is not always reliable and can cause very long (sometimes some hours) AP detection times before interface is effectively enabled, specially when usi...
by FIPTech
Fri Jun 09, 2017 12:58 am
Forum: General
Topic: Switch Set New Vlan ID action not available
Replies: 0
Views: 282

Switch Set New Vlan ID action not available

I bought recently an RB3011UiAS, and i was surprised to see that the switches (QCA 8337) were not able to set New Vlan IDs inside rules.

Are there any Routerboard routers supporting this feature in their switches ?
by FIPTech
Mon May 15, 2017 12:43 am
Forum: RouterOS v6 RC and v7 BETA
Topic: LLDP
Replies: 126
Views: 41959

Re: LLDP

Now they just need to ad LLDP-MIB and LLDP-MED support and it will be complete :) Thoses MED informations do allow voice vlan auto selection on a phone : MED Information Detail EndpointClass :Class3 Media Policy Vlan id :70 Media Policy Priority :6 Media Policy Dscp :46 But LLDP-Med do allow as wel...
by FIPTech
Mon May 15, 2017 12:23 am
Forum: RouterOS v6 RC and v7 BETA
Topic: bridging with mac-learning turned off
Replies: 10
Views: 2501

Re: bridging with mac-learning turned off

[ This would be a console command only anyway, and a console warning could be issued : "ageing-time=0 will disable mac learning. Are you sure you want to do this ?" interactive commands with user confirmation suck. cannot be automated properly. of course a system wide "confirm=yes" option would kic...
by FIPTech
Sat May 13, 2017 11:57 am
Forum: RouterOS v6 RC and v7 BETA
Topic: bridging with mac-learning turned off
Replies: 10
Views: 2501

Re: bridging with mac-learning turned off

If it would allow 0, we would have mac learning disable capability. this is certainly a possibility. i just checked the corresponding code in kernel (net/bridge/br_fdb.c) and it seems to act so. there's a function called br_fdb_update and its first check is on whether there's a topology change, and...
by FIPTech
Fri May 12, 2017 7:36 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: bridging with mac-learning turned off
Replies: 10
Views: 2501

Re: bridging with mac-learning turned off

In linux bridge using ageing-time=0 disable mac learning.

But the smaller value in Router OS is 10 seconds. :?

If it would allow 0, we would have mac learning disable capability.
by FIPTech
Fri May 12, 2017 3:05 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: bridging with mac-learning turned off
Replies: 10
Views: 2501

Re: bridging with mac-learning turned off

Inside version 6.39 there is support for fast-forward (available in the console only). I suppose that it is mac-learning turned off, and perhaps a couple other optimizations at the code level. Router OS 6.39 : - bridge - added support for special and faster case of fastpath called "fast-forward" (a...
by FIPTech
Fri May 12, 2017 1:19 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: bridging with mac-learning turned off
Replies: 10
Views: 2501

Re: bridging with mac-learning turned off

Inside version 6.39 there is support for fast-forward (available in the console only). I suppose that it is mac-learning turned off, and perhaps a couple other optimizations at the code level. Router OS 6.39 : - bridge - added support for special and faster case of fastpath called "fast-forward" (av...
by FIPTech
Wed May 10, 2017 2:31 pm
Forum: RouterOS v7
Topic: Feature request: Stateful HA with Conntrackd
Replies: 30
Views: 6971

Re: Feature request: Stateful HA with Conntrackd

I have seen many problems blocking VOIP trafic as soon as there is NAT and redundant links. The solution is native IPv6 but we are still far from a global IPv6 world, specially inside the LAN. And some area are still mostly IPv4, for example the LTE / smartphones market where IPv4 is most of the tim...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 10