Community discussions

Search found 469 matches

  • 1
  • 2
by FIPTech
Sun Oct 28, 2018 2:38 pm
Forum: Scripting
Topic: Variable to read DHCP client options in a DHCP server lease script
Replies: 0
Views: 487

Variable to read DHCP client options in a DHCP server lease script

Are there variables available to read DHCP client options in a DHCP server lease script ? I would need to read the User Class option (code 77), to break the iPXE loop when booting an iPXE client (chainloading from a TFTP boot file). https://ipxe.org/howto/dhcpd#pxe_chainloading This is to select the...
by FIPTech
Wed Oct 17, 2018 3:27 pm
Forum: General
Topic: Feature request: CAPsManager - roaming
Replies: 79
Views: 23278

Re: Feature request: CAPsManager - roaming

It would be nice in the meantime to have guidelines to optimize roaming with Capsman.
by FIPTech
Tue Aug 07, 2018 12:04 pm
Forum: General
Topic: Capsman forwarding not compatible with IPv6
Replies: 9
Views: 2023

Re: Capsman forwarding not compatible with IPv6

I think that some glue code is missing to get IPv6 multicast working with Capsman interfaces. Probably the multicast helper is IPv4 only. It has not been updated to work with IPv6. This explain why in your case IPv6 clients does not get an IPv6 address with auto-configuration. In my case i wanted to...
by FIPTech
Wed Jul 12, 2017 1:24 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

Are you able to dump a configuration from the ProCurve's showing a single port untagged for VLAN1 and tagged for VLAN1? I'd be extremely surprised if that is the case as well as confused as to how that isn't at the least causing the link to bridge traffic twice if not forming a loop. I know this is...
by FIPTech
Tue Jul 11, 2017 9:55 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

It is not possible to use untagged and tagged vlan-id=1 traffic at the same time. you mean, untagged on some ports and tagged on others? or both untagged and tagged on the same port (schrodinger vlan)?.. I think he means "have vlan 1 tagged on some port, and at the same time have some other vlan un...
by FIPTech
Tue Jul 11, 2017 9:50 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

It is not possible to use untagged and tagged vlan-id=1 traffic at the same time. you mean, untagged on some ports and tagged on others? or both untagged and tagged on the same port (schrodinger vlan)?.. I think he means "have vlan 1 tagged on some port, and at the same time have some other vlan un...
by FIPTech
Tue Jul 11, 2017 4:41 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

According to a simple test i've just done on a vlan aware bridge, it is not possible to use tagged vlan 1 and untagged traffic at the same time. As soon as a bridge vlan rule is set with vlan-ids=1 and bridge ports added as tagged, Winbox connection (connected on the bridge untagged vlan IP) is lost...
by FIPTech
Tue Jul 11, 2017 4:32 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: RE: Re: v6.40rc [release candidate] is released! (New bridge implementation)

I think i would be interesting to have an option inside Winbox to automatically create a vlan rule on a brige when adding a vlan interface to it. This would create a vlan rule with the vlan id of the interface, including all bridge ports. Agree but winbox isn't alway possible to use. I still think ...
by FIPTech
Tue Jul 11, 2017 12:55 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

I think i would be interesting to have an option inside Winbox to automatically create a vlan rule on a brige when adding a vlan interface to it.

This would create a vlan rule with the vlan id of the interface, including all bridge ports.
by FIPTech
Tue Jul 11, 2017 9:57 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

A couple problems seen during testing : 1) The new vlan aware bridge seems to broke ROMON function. I did loose ROMON router access after this problem did appear so i have no more information to share. This is to be confirmed, the root cause is perhaps another problem as i was testing RSTP. When i d...
by FIPTech
Tue Jul 11, 2017 3:26 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

I did some RSTP tests with a correct (i think) vlan aware bridge setup.

I was not able to get RSTP working correctly with an HP procurve 2520-8-G at the other side. Specially when Mikrotik (RB750G) is not the STP root.

Somebody did success ?
by FIPTech
Tue Jul 11, 2017 2:44 am
Forum: RouterOS v7 BETA
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: RE: Re: v6.40rc [release candidate] is released! (New bridge implementation)

In my understanding native vlan is always untagged even on trunk port On cisco is 1 by default I used vlan 99 tagged to be my management vlan, but now on this new way I can't find PS My dot1q it is on my rb 450g where All vlan is set up on eth 2. And management ip is set to vlan 99 But I can't ping...
by FIPTech
Tue Jul 11, 2017 12:53 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

frame-types and ingress-filtering do not appear inside bridge details : [admin@MikroTik] /interface bridge> print detail Flags: X - disabled, R - running 0 R ;;; defconf name="bridge" mtu=auto actual-mtu=1500 l2mtu=1520 arp=enabled arp-timeout=auto mac-address=00:0C:42:70:13:66 protocol-mode=none fa...
by FIPTech
Tue Jul 11, 2017 12:26 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

Has the RouterOS behavior changed.. I havent tried it yes but this confusion has been discussed here: https://forum.mikrotik.com/viewtopic.php?f=2&t=115115&p=572377&hilit=pvid+0#p572377 Different vendros use different approach to native VLAN.. Yes, but regardless what is used internally to mark unt...
by FIPTech
Mon Jul 10, 2017 8:31 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

Here is the article about new VLAN-aware bridge implementation: https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_VLAN_Filtering A couple examples will be added and more information will be updated based on your feedback. Something is not clear to me for vlan-id=1, the default for PVID....
by FIPTech
Mon Jul 10, 2017 5:32 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

This puts you in the position someone like Cisco is in. Easy and consistent to configure across your platforms for layer 2. TLDR; consistency breeds confidence and confidence brings hardware sales. As soon as the GUI / Console gives a good understanding of the underlying technology, it's not a prob...
by FIPTech
Mon Jul 10, 2017 4:43 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

We can now make two bridges in the same switch group. For example (RB750G) : Ether2 and Ether3 -> bridge1 Ether4 and Ether5 -> bridge2 Ether2 to Ether5 are in the same hardware switch group. Does it mean that there is full level2 isolation between the two bridges ? Or not ? How is it managed interna...
by FIPTech
Mon Jul 10, 2017 1:20 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

RB750G (Atheros 8316 supported switch chip) : hw-offload does not seem to work : [admin@MikroTik] /interface bridge port> print detail Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload 0 interface=VLAN-LAB-Ether2 bridge=bridge3 priority=0x80 path-cost=10 internal-path-cost=10 edge=auto ...
by FIPTech
Mon Jul 10, 2017 12:46 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

I am try /tool fetch url=(https://api.telegram.org/botXXX/sendMessagechat_id=YYY&text=test) check-certificate=no keep-result=no mode=https and receive error: failure: invalid URL protocol Syntax is not correct i think. Try this : /tool fetch url="https://api.telegram.org/botxxx/sendMessage\?chat_id...
by FIPTech
Sun Jul 09, 2017 10:12 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

Seems like there is a problem with msti bridge ID (mac address is wrong) : [admin@MikroTik] /interface bridge msti> monitor 0 state: enabled current-mac-address: 00:00:00:00:00:00 root-bridge: yes root-bridge-id: 0x6005.00:00:00:00:00:00 regional-root-bridge-id: 0x6005.00:00:00:00:00:00 root-path-co...
by FIPTech
Sun Jul 09, 2017 9:49 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

I've seen this after changing STP mode or changing STP priority. Disappear after router reset : Root bridge ID : 0x8000.00:00:00:00:00:00 The mac address should be the one of the admin-mac address of the bridge : 00:3C:97... This address is really sent in BPDUs, can be seen on a connected procurve s...
by FIPTech
Sun Jul 09, 2017 9:25 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

EDIT 2: I'm taking a break for a bit, I'm not seeing a way to configure MST instances yet Is it what your are looking for ? [admin@MikroTik] /interface bridge msti> print detail Flags: X - disabled 0 identifier=5 bridge=bridge3 priority=0x6400 vlan-mapping=4060 [admin@MikroTik] /interface bridge ms...
by FIPTech
Sun Jul 09, 2017 3:40 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

!) bridge - implemented software based MSTP (untested, undocumented, CLI only); !) switch - "master-port" conversion into a bridge with hardware offload "hw" option (undocumented, CLI only); Quite how you expect anybody to be able to understand or test this in any meanigful way (and thus provide me...
by FIPTech
Sun Jul 09, 2017 3:21 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

I have rb2011 with 2 to 5 ports in master-slave relations via "master-port". Also I had switch filter rule to limit broadcast packets to 5th port of this group flowing from other ports in this group (I have wifi access point on this 5th port and significant broadcasts on other ports). What should I...
by FIPTech
Sun Jul 09, 2017 12:32 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

bridge ports : point-to-point=auto detection does not seem to work. Duplex links (most frequent case) should be detected as point-to-point links. half duplex links (connected to a hub for example) should be considered shared links. from : http://www.cisco.com/c/en/us/support/docs/lan-switching/spann...
by FIPTech
Sat Jul 08, 2017 5:16 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Replies: 207
Views: 36219

Re: v6.40rc [release candidate] is released! (New bridge implementation)

Enabling mstp on the interface used for management result in disconnecting Winbox (RB750G).

No other stp device in the network.

If safe mode is active it is not possible to enable mstp.

Enabling RSTP do not trig this problem.
by FIPTech
Mon Jul 03, 2017 12:58 pm
Forum: General
Topic: Capsman forwarding not compatible with IPv6
Replies: 9
Views: 2023

Re: Capsman forwarding not compatible with IPv6

I've just redo an IPv6 check. IPv6 seems to work behind Capsman forwarding. The router OS wifi client can connect to a global IPv6 address with this setup. But IPv6 does not work behind station pseudobridge. This mode is mandatory to bridge a device behind the wifi client. It does work with IPv4 onl...
by FIPTech
Mon Jul 03, 2017 3:52 am
Forum: General
Topic: Capsman forwarding not compatible with IPv6
Replies: 9
Views: 2023

Re: Capsman forwarding not compatible with IPv6

Do you have an example config that isn't working? I've been using CAPSman with full dual stack for some time. I'm in the process of converting it all over to VPLS, but not forwarding IPv6 never popped up as an issue with me original config. nb Another question : Are you using station or station pse...
by FIPTech
Sun Jul 02, 2017 4:52 pm
Forum: General
Topic: Capsman forwarding not compatible with IPv6
Replies: 9
Views: 2023

Re: Capsman forwarding not compatible with IPv6

Do you have an example config that isn't working? I've been using CAPSman with full dual stack for some time. I'm in the process of converting it all over to VPLS, but not forwarding IPv6 never popped up as an issue with me original config. nb I don't have anymore this setup as i did add VPLS tunne...
by FIPTech
Fri Jun 30, 2017 9:40 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 45839

Re: v6.40rc [release candidate] is released!

We could think how to sync the APs that are on different frequencies but located on the same tower and connected to the same ethernet network. You could take some ideas from or use PTP (https://en.wikipedia.org/wiki/Precision_Time_Protocol) to synchronise the APs internal clocks over ethernet and h...
by FIPTech
Wed Jun 28, 2017 1:47 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 45839

Re: v6.40rc [release candidate] is released!

For this to work, there are two solutions : - the radio clock need to have an input for a sync reference, and a sync generator is needed to generate the sync carrier on the right frequency. - the radio clock need a VCO clock, voltage controlled oscillator, so that it is possible to adjust the trans...
by FIPTech
Thu Jun 22, 2017 11:14 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 45839

Re: v6.40rc [release candidate] is released!

To use radio to sync the AP is crazy if you have an interference on the channel (in dense urban area is very easy) you lost the slave or slaves..... GPS sync reduce interference on the tower, reduce interference beetwen the towers, allow dense deployment and the last but not least allow sync beetwe...
by FIPTech
Wed Jun 21, 2017 10:40 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 45839

Re: v6.40rc [release candidate] is released!

We could think how to sync the APs that are on different frequencies but located on the same tower and connected to the same ethernet network. You could take some ideas from or use PTP (https://en.wikipedia.org/wiki/Precision_Time_Protocol) to synchronise the APs internal clocks over ethernet and h...
by FIPTech
Thu Jun 15, 2017 5:07 pm
Forum: General
Topic: ICMPv6 default rule RFC4890 problem
Replies: 0
Views: 475

ICMPv6 default rule RFC4890 problem

In the recent v6 RC there is a new default firewall rule for IPv6 input filtering. /ipv6 firewall filter add action=drop chain=input comment=\ "defconf: rfc4890 drop ll if hop-limit!=255" dst-address=fe80::/10 \ hop-limit=not-equal:255 protocol=icmpv6 This is causing problems when pinging from Windo...
by FIPTech
Thu Jun 15, 2017 12:07 am
Forum: General
Topic: RouterBoard Hardware Switch questions.
Replies: 3
Views: 1010

Re: RouterBoard Hardware Switch questions.

Why should it be directorial, if you send traffic then you want to know if it has arrived and if not, retransmit. Inside router OS, a software bridge rule (a forward filter) is directional. It is effective only in the direction you did write it for. If you need traffic in the other direction, you n...
by FIPTech
Wed Jun 14, 2017 9:10 pm
Forum: General
Topic: RouterBoard Hardware Switch questions.
Replies: 3
Views: 1010

Re: RouterBoard Hardware Switch questions.

Something else i've just discovered : Switch Rules are not fully directional (to be confirmed). Example : Here is a set of two rules to restrict traffic between two switch ports : 0 switch=switch1 ports=ether1-sw1-Wan-TV vlan-id=100 copy-to-cpu=no redirect-to-cpu=no mirror=no new-dst-ports=ether5-sw...
by FIPTech
Wed Jun 14, 2017 6:48 pm
Forum: General
Topic: RouterBoard Hardware Switch questions.
Replies: 3
Views: 1010

RouterBoard Hardware Switch questions.

I've always had some difficulties to setup hardware switches on Routerboards, even after reading in details the wiki about this, as soon as the setup is more complicated than enabling master port on some ports, to switch all ports of the group and get an interface and mac address for the switch grou...
by FIPTech
Tue Jun 13, 2017 9:06 pm
Forum: Wireless Networking
Topic: Radar detection auto disabling when using reduced power
Replies: 3
Views: 2521

Re: Radar detection auto disabling when using reduced power

Router OS do know the antenna gain (dBi), there is a setting for this. And it does take this into account when adjusting the TX power level if you are using regulatory-domain mode or Capsman. For APs with integrated antenna, antenna gain could even be hardcoded. In the end too much regulations is pa...
by FIPTech
Tue Jun 13, 2017 3:43 pm
Forum: Wireless Networking
Topic: Interface Naming for DualBand devices and Capsman
Replies: 0
Views: 317

Interface Naming for DualBand devices and Capsman

For Capsman provisionning, i think it would be useful to have a way to select interfaces by frequency band. So that we can give a name with the Band in it. For example, when provisionning a dual band HAP access point, we need actually to create two provisionning rules with selection by MAC address o...
by FIPTech
Tue Jun 13, 2017 3:28 pm
Forum: Wireless Networking
Topic: Radar detection auto disabling when using reduced power
Replies: 3
Views: 2521

Radar detection auto disabling when using reduced power

With Capsman, it would be useful i think to have an option to automatically disable Radar detection when using low power level outdoor. Radar detection is not always reliable and can cause very long (sometimes some hours) AP detection times before interface is effectively enabled, specially when usi...
by FIPTech
Fri Jun 09, 2017 12:58 am
Forum: General
Topic: Switch Set New Vlan ID action not available
Replies: 0
Views: 297

Switch Set New Vlan ID action not available

I bought recently an RB3011UiAS, and i was surprised to see that the switches (QCA 8337) were not able to set New Vlan IDs inside rules.

Are there any Routerboard routers supporting this feature in their switches ?
by FIPTech
Mon May 15, 2017 12:43 am
Forum: General
Topic: LLDP
Replies: 126
Views: 42967

Re: LLDP

Now they just need to ad LLDP-MIB and LLDP-MED support and it will be complete :) Thoses MED informations do allow voice vlan auto selection on a phone : MED Information Detail EndpointClass :Class3 Media Policy Vlan id :70 Media Policy Priority :6 Media Policy Dscp :46 But LLDP-Med do allow as wel...
by FIPTech
Mon May 15, 2017 12:23 am
Forum: General
Topic: bridging with mac-learning turned off
Replies: 10
Views: 2714

Re: bridging with mac-learning turned off

[ This would be a console command only anyway, and a console warning could be issued : "ageing-time=0 will disable mac learning. Are you sure you want to do this ?" interactive commands with user confirmation suck. cannot be automated properly. of course a system wide "confirm=yes" option would kic...
by FIPTech
Sat May 13, 2017 11:57 am
Forum: General
Topic: bridging with mac-learning turned off
Replies: 10
Views: 2714

Re: bridging with mac-learning turned off

If it would allow 0, we would have mac learning disable capability. this is certainly a possibility. i just checked the corresponding code in kernel (net/bridge/br_fdb.c) and it seems to act so. there's a function called br_fdb_update and its first check is on whether there's a topology change, and...
by FIPTech
Fri May 12, 2017 7:36 pm
Forum: General
Topic: bridging with mac-learning turned off
Replies: 10
Views: 2714

Re: bridging with mac-learning turned off

In linux bridge using ageing-time=0 disable mac learning.

But the smaller value in Router OS is 10 seconds. :?

If it would allow 0, we would have mac learning disable capability.
by FIPTech
Fri May 12, 2017 3:05 pm
Forum: General
Topic: bridging with mac-learning turned off
Replies: 10
Views: 2714

Re: bridging with mac-learning turned off

Inside version 6.39 there is support for fast-forward (available in the console only). I suppose that it is mac-learning turned off, and perhaps a couple other optimizations at the code level. Router OS 6.39 : - bridge - added support for special and faster case of fastpath called "fast-forward" (a...
by FIPTech
Fri May 12, 2017 1:19 pm
Forum: General
Topic: bridging with mac-learning turned off
Replies: 10
Views: 2714

Re: bridging with mac-learning turned off

Inside version 6.39 there is support for fast-forward (available in the console only). I suppose that it is mac-learning turned off, and perhaps a couple other optimizations at the code level. Router OS 6.39 : - bridge - added support for special and faster case of fastpath called "fast-forward" (av...
by FIPTech
Wed May 10, 2017 2:31 pm
Forum: General
Topic: Feature request: Stateful HA with Conntrackd
Replies: 30
Views: 7207

Re: Feature request: Stateful HA with Conntrackd

I have seen many problems blocking VOIP trafic as soon as there is NAT and redundant links. The solution is native IPv6 but we are still far from a global IPv6 world, specially inside the LAN. And some area are still mostly IPv4, for example the LTE / smartphones market where IPv4 is most of the tim...
by FIPTech
Wed May 10, 2017 11:31 am
Forum: General
Topic: Add VoIP Support
Replies: 11
Views: 5652

Re: Add VoIP Support

LLDP-Med would be a nice addition for Voip, so that the voice VLAN can be automatically detected by phones. This is a switch feature. This is true for example for Mitel - Aastra phones that know how to get the voice vlan from LLDP. Probably other brands today have LLDP-Med support. Other phones need...
by FIPTech
Wed May 10, 2017 10:25 am
Forum: General
Topic: Rename request IPv6: "DHCP Server" -> "DHCP PD Server"
Replies: 3
Views: 1037

Re: Rename request IPv6: "DHCP Server" -> "DHCP PD Server"

+1.

DHCP server name is very confusing because it does not have address distribution neither dhcp options support. Only prefix delegation support.

It is even more confusing because the Router OS DHCPv6 client has address support but this function can't be used with the server side.
by FIPTech
Tue May 09, 2017 10:25 am
Forum: Forwarding Protocols
Topic: Put 500,000+ BGP routes in your MikroTik for testing with this VM
Replies: 9
Views: 2481

Re: Put 500,000+ BGP routes in your MikroTik for testing with this VM

Good point this will be simpler and faster. BGP_simple work but is very slow. From 15 minutes to 2 hours to load 500 000 prefix, depending about where you did write the command line to launch bgp_simple. From the console it is very slow, certainly because bgp_simple does not deamonize and need to wr...
by FIPTech
Mon May 08, 2017 2:47 pm
Forum: The Dude
Topic: Ipv6 support in Dude
Replies: 7
Views: 2048

Re: Ipv6 support in Dude

Any planned ETA for ipv6 support ? When some low cost monitoring solution have IPv6 support since around 2011 and there is discussion if IPv6 should be enabled by default, Mikrotik does only have IPv4 support in 2017. https://support.zabbix.com/browse/ZBXNEXT-3752 According to what i've seen recentl...
by FIPTech
Sun May 07, 2017 1:36 am
Forum: General
Topic: Router OS default values - where to set them
Replies: 7
Views: 985

Re: Router OS default values - where to set them

Would be better to have something like this :

- off (default)
- on

or

- off
- on (default)


And give the possibility to change the global defaults.
by FIPTech
Fri May 05, 2017 4:24 pm
Forum: General
Topic: New feature Loop Protect - how it works
Replies: 6
Views: 7853

Re: New feature Loop Protect - how it works

There are many options inside Loop Protect settings for EoIPv6 tunnels.

Those options are normally related to TCP state reports in the Firewall connections.

Seen inside Router OS 6.39 and 6.40rc2

Is that a bug ? Or a side effect of Vodka ? :)
Loop-Protect.png
by FIPTech
Fri May 05, 2017 1:41 pm
Forum: Wireless Networking
Topic: The LTE interface, automatic support for Direct-IP without NAT?
Replies: 1
Views: 1055

Re: The LTE interface, automatic support for Direct-IP without NAT?

I have no experience with mpcie cards, the only lte modem i did test is a very common one, the Huawey E3372 USB. Regardless what i did, i was not able to disable the internal NAT of the modem. There are two firmwares for this modem. One with NAT, and the other without NAT. But the one without NAT do...
by FIPTech
Fri May 05, 2017 12:45 pm
Forum: General
Topic: Router OS default values - where to set them
Replies: 7
Views: 985

Router OS default values - where to set them

Where the default Router OS values can be set ? And if they are not settable, why do they exist ? I mean why do we have in the interface many fields with "default" instead of the actual set value ? Wouldn't it be simpler to remove all references to default values in the Winbox and Webfig interfaces,...
by FIPTech
Thu May 04, 2017 3:15 am
Forum: Scripting
Topic: DHCP Lease-Script to Maintain DNS Cache
Replies: 7
Views: 3078

Re: DHCP Lease-Script to Maintain DNS Cache

Seems to be similar to CSS Unicode backlash escaped (Hexa) encoding. So in fact the underlying encoding is ASCII.

For example "é" become \E9.
by FIPTech
Wed May 03, 2017 8:48 pm
Forum: Scripting
Topic: DHCP Lease-Script to Maintain DNS Cache
Replies: 7
Views: 3078

Re: DHCP Lease-Script to Maintain DNS Cache

you could use Webfig as well to copy paste the script. Then if you need it for other routers, export the DHCP config using an SSH or Telnet console : /ip dhcp-server export file=dhcp-config.rsc Get this file through ftp for example, edit it to remove unuseful things with Notepad++ or similar editor,...
by FIPTech
Wed May 03, 2017 5:26 pm
Forum: Scripting
Topic: DHCP Lease-Script to Maintain DNS Cache
Replies: 7
Views: 3078

Re: DHCP Lease-Script to Maintain DNS Cache

Yes i think you can just copy and past this inside the winbox dhcp server lease script window. I've just made a new try, what i said in the previous message is not fully exact. In fact the script does execute for a DHCP release. Here is a new version of the script, with DNS erase capability when a D...
by FIPTech
Wed May 03, 2017 4:23 pm
Forum: Scripting
Topic: DHCP Lease-Script to Maintain DNS Cache
Replies: 7
Views: 3078

Re: DHCP Lease-Script to Maintain DNS Cache

Here is a script i did to update the DNS static entries from DHCP leases. You need to put it in a dhcp script lease. I have no answer for your script upload question. Router OS 6.39 at least is needed to get it working. Be careful if you use it on a large DNS set as it could remove entries. It is de...
by FIPTech
Tue May 02, 2017 8:27 pm
Forum: Announcements
Topic: v6.39 [current]
Replies: 89
Views: 33915

Re: v6.39 [current]

Here is a slightly better script to add a DNS entry for each DHCP lease. Version 6.39 simplify the script thanks to the new lease-hostname variable. This one check for existence of static DNS entries with the same fully qualified domain names or same addresses and delete them before adding a new DNS...
by FIPTech
Tue May 02, 2017 6:54 pm
Forum: Announcements
Topic: v6.39 [current]
Replies: 89
Views: 33915

Re: v6.39 [current]

@ ditonet Thanks, i did forget to put " " around the lease-hostname variable :( stupid error. So the final working script to write a DNS record for each IP lease : (note that this is a simplified script, it does not verify neither delete DNS multiple registrations and does not delete the DNS recordi...
by FIPTech
Sun Apr 30, 2017 5:10 pm
Forum: Announcements
Topic: v6.39 [current]
Replies: 89
Views: 33915

Re: v6.39 [current]

*) dhcpv4-server - added "lease-hostname" script parameter; Cannot get this variable to work. Other previously available variables are working. It would be useful if lease-scripts could execute when the IP is not renewed by the client, so that we can easily remove a DNS entry. I tried to use :if ($l...
by FIPTech
Tue Apr 25, 2017 1:50 pm
Forum: RouterBOARD hardware
Topic: Mikrotik L2-MTU vs switch hardware MTU
Replies: 6
Views: 2293

Re: Mikrotik L2-MTU vs switch hardware MTU

To make things clearer i did this : L1-MTU.png Carrier extension is only present for 1000 base-T. Up to 448 padding bytes are added for small packets. This mean that for a large number of small packets, the throughput is only marginally better than Fast Ethernet 100 Base-T !! So to get a good throug...
by FIPTech
Tue Apr 25, 2017 1:08 pm
Forum: RouterBOARD hardware
Topic: Mikrotik L2-MTU vs switch hardware MTU
Replies: 6
Views: 2293

Re: Mikrotik L2-MTU vs switch hardware MTU

To complete this discussion : Hardware MTU = Ethernet Mac Header (14 bytes) + L2-MTU or for some manufacturers : Hardware MTU = Ethernet Mac Header (14 bytes) + L2-MTU + FCS CRC trailer (4 bytes) And the true level 1 hardware MTU is something like this : True Hardware L1 MTU = Ethernet Sync Preamble...
by FIPTech
Tue Apr 25, 2017 1:18 am
Forum: RouterBOARD hardware
Topic: Mikrotik L2-MTU vs switch hardware MTU
Replies: 6
Views: 2293

Re: Mikrotik L2-MTU vs switch hardware MTU

That's true, but getting the right knowledge about L2-MTU, MPLS-MTU and IP-MTU is a good start as soon as you get problems, so that you know where you need to look for and so that you can design simple tests to diagnose. For example i did start this basic MTU study because of a problem with a static...
by FIPTech
Mon Apr 24, 2017 2:19 am
Forum: RouterBOARD hardware
Topic: Mikrotik L2-MTU vs switch hardware MTU
Replies: 6
Views: 2293

Mikrotik L2-MTU vs switch hardware MTU

Here is some background and comparison between Mikrotik L2-MTU and switches hardware MTU. There is a lot of confusion here because most manufacturers (except Mikrotik) do not explicitly describe how the hardware MTU is calculated. Some background : http://thenetworksherpa.com/ospf-master-the-mtu-mad...
by FIPTech
Thu Apr 20, 2017 8:36 pm
Forum: General
Topic: RouterOS Not sending DHCP-Server Option 66
Replies: 14
Views: 29321

Re: RouterOS Not sending DHCP-Server Option 66

DHCP Option 66 can be used for a host name or an ip address. In both case it is normally a string. If used for an IP address, according to what i'm used to, it is necessary to convert the IP address to a string. Using four hex values does not work, at least with Aastra phones. https://wiki.mikrotik....
by FIPTech
Mon Apr 10, 2017 1:33 pm
Forum: General
Topic: Bridge filter : 802.3 filter matcher does not work
Replies: 0
Views: 347

Bridge filter : 802.3 filter matcher does not work

I cannot get the 802.3 matcher working. To be able to enter a value in the SAP filed, i need to put a value in the mac protocol field. Strangely as well the SAP field of the matcher (i suppose that SAP mean DSAP + SSAP) is a 2 octets value (2 x 8 bits), but we can enter only a 8 bits value here. The...
by FIPTech
Mon Apr 10, 2017 1:11 pm
Forum: General
Topic: Capsman forwarding not compatible with IPv6
Replies: 9
Views: 2023

Capsman forwarding not compatible with IPv6

According to some tests i did, Capsman interfaces used in forwarding mode do not allow IPv6 on the client. An ethernet client bridged to the wlan interface of a Mikrotik in stationpseudobridge mode do not work with IPv6 traffic. Finally the only way to get IPv6 on an ethernet client was to add an Eo...
by FIPTech
Wed Apr 05, 2017 2:48 pm
Forum: General
Topic: Feature request: CAPsManager - roaming
Replies: 79
Views: 23278

Re: Feature request: CAPsManager - roaming

Some interesting technical details and roaming tests with a 802.11r setup : http://revolutionwifi.blogspot.fr/2013/05/apple-ios-fast-roaming-with-aerohive-wi.html Another big player in the computer world, if not the biggest one, support fast roaming (Microsoft Windows 10) : https://msdn.microsoft.co...
by FIPTech
Wed Apr 05, 2017 12:04 am
Forum: General
Topic: Feature request: CAPsManager - roaming
Replies: 79
Views: 23278

Re: Feature request: CAPsManager - roaming

+1 Capsman is very useful to manage access points but it could do a bit more than configuration only. 802.11r,k,v is mandatory nowadays. Modern very widely available WIFI clients like Iphones and Samsung Galaxy phones (since S4) are compatible since years. http://www.cisco.com/c/en/us/td/docs/wirele...
by FIPTech
Sat Mar 25, 2017 8:43 pm
Forum: General
Topic: ** WE WANT A LTE BRIDGE-MODE **
Replies: 80
Views: 22571

Re: ** WE WANT A LTE BRIDGE-MODE **

+1 to be able to put an LTE interface inside a bridge. But this will not remove the biggest problem, the NAT inside the LTE 4G modem. To remove that limitation we need bridge mode inside the modem, or IP passthrough. The USB LTE 4G modem i tried, a E3372h from Huawei, can't deliver the WAN ip addres...
by FIPTech
Tue Mar 21, 2017 2:40 pm
Forum: Wireless Networking
Topic: Mikrotik bandwidth test software; using iperf?
Replies: 21
Views: 30144

Re: Mikrotik bandwidth test software; using iperf?

A solution to add EtherSam (Y.1564), RFC2544 and OAM management capability would be to use smart SFPs on Mikrotik SFP enabled routers.

http://www.aimvalley.com/portfolio_item ... smart-sfp/
or
http://www.oesolutions.com/products/smartsfp/
by FIPTech
Sun Mar 16, 2014 12:56 pm
Forum: General
Topic: Feature Request: Hardware NAT
Replies: 18
Views: 7129

Re: Feature Request: Hardware NAT

how much NAT needs to be done before that gain is realized In a provider network, the latency should be kept at a very small value (ideally in the us range for each device), and even more importantly should be kept constant so that there will be no added jitter to packets. A hardware processing (so...
by FIPTech
Fri Jan 24, 2014 1:33 am
Forum: General
Topic: Bridge IPv6 while routing IPv4
Replies: 16
Views: 6565

Re: Bridge IPv6 while routing IPv4

An IPv6 only bridge between the LAN and WAN would be a simple solution but i can't get it working. Something like this should work : ebtables -t broute -A BROUTING -p ! ipv6 -j DROP (from : http://ip6.fr/free-broute/ ) I did try to bridge IPv6 with an external switch using a per protocol VLAN but th...
by FIPTech
Sun Dec 22, 2013 10:12 pm
Forum: General
Topic: Bridge IPv6 while routing IPv4
Replies: 16
Views: 6565

Re: Bridge IPv6 while routing IPv4

I can confirm that this is a problem. One of my provider is delivering a single /64 and does not care about IPv6 routing. So it's not possible to get that working with RouterOS, even using 6.7 version. NDP proxying or IPv6 bridging seems the only solutions. I have another provider delivering a /48 (...
by FIPTech
Tue Dec 11, 2012 4:48 pm
Forum: General
Topic: Winbox 2.2.16 on Windows 7 - Broken drag and drop
Replies: 29
Views: 15742

Re: Winbox 2.2.16 on Windows 7 - Broken drag and drop

It seems to me that Winbox is using a non standard window management, bypassing normal Windows API. I reported this a long time ago and spent some time with AMM to find a solution without success. If winbox is non standard, well why not if it's more reliable / performant, but something simple could ...
by FIPTech
Thu Jul 19, 2012 8:24 pm
Forum: General
Topic: Connection Tracking
Replies: 20
Views: 13091

Re: Connection Tracking

According to what i've seen with NAT, it is always a difficult problem for VoIP if you have a failover gateway to access the public network. You have to manually erase (or using a script) the wrong connections after a gateway change, or the VoiP trunks can become dead after coming back to the primar...
by FIPTech
Wed Jul 18, 2012 11:21 pm
Forum: General
Topic: Connection Tracking
Replies: 20
Views: 13091

Re: Connection Tracking

You can do that with FreeBSD (PFsense do support this). It is sometimes usefull to disable connection tracking for some traffics, specially routed VoIP trafic when there are multiple failover gateways, to avoid ghost connections causing dead VoIP trunks. Without this option, a manual connection rese...
by FIPTech
Mon Jul 16, 2012 9:36 pm
Forum: General
Topic: Router OS 5 does not deauthenticate PPP links before rebooot
Replies: 1
Views: 513

Re: Router OS 5 does not deauthenticate PPP links before reb

A small correction : After checking more deeply, Router OS is deauthenticating before reboot. But the problem is that the PPPoE session for the provider DSL link is deauthenticated at the same time and because of this tunnel PPP sessions routed through the PPPoE link cannot be deauthenticated proper...
by FIPTech
Mon Jul 16, 2012 2:14 am
Forum: General
Topic: How to set up an access port using RB750G hardware switch ?
Replies: 1
Views: 433

How to set up an access port using RB750G hardware switch ?

I'm trying to setup access ports on a RB750G. I want Ether3,4,5 to be access ports for VLAN100. VLAN100 is a VLAN interface on Ether2 Ether2 is a trunk port connected to an external switch So in the end i have : Ether2 = Trunk port with VLAN100, VLAN200, VLAN300 connected to an external switch. Ethe...
by FIPTech
Sun Jul 15, 2012 9:01 pm
Forum: General
Topic: Atheros 8327 VLAN support!?!?
Replies: 3
Views: 5316

Re: Atheros 8327 VLAN support!?!?

Seems like the AR8327 has problems with VLAN filtering / mangling. This could explain why VLAN filtering is disabled.

Would be better to revert to the AR8316...
by FIPTech
Sun Jul 15, 2012 8:57 pm
Forum: Beginner Basics
Topic: VLANs work over trunk, but how do I tag switch ports?
Replies: 8
Views: 4604

Re: VLANs work over trunk, but how do I tag switch ports?


The switch ship can VLAN tag and untag data on the ingress and egress of each port onthe 750'g.

You are wrong, that's not true for the RB750GL. The AR8327 chip cannot remove, add or change VLAN header. Very bad...
by FIPTech
Sun Jul 15, 2012 8:36 pm
Forum: RouterBOARD hardware
Topic: switch chip
Replies: 3
Views: 2438

Re: switch chip

Be careful, AR8327 cannot use VLAN ID, VLAN priority, New VLAN ID inside rules. Cannot use as well leave-as-is, always-strip, add-if-missing in switch port setup. So you can't use this switch to convert acces ports to trunk, or anything related to VLAN manipulation like removing VLAN headers. Seems ...
by FIPTech
Sun Jul 15, 2012 6:01 pm
Forum: General
Topic: Locked out of router. Ethernet disabled...on roof..
Replies: 8
Views: 3041

Re: Locked out of router. Ethernet disabled...on roof..

Thanks for your +1 but i don't see it on my Karma :=(
by FIPTech
Sun Jul 15, 2012 1:29 pm
Forum: General
Topic: Locked out of router. Ethernet disabled...on roof..
Replies: 8
Views: 3041

Re: Locked out of router. Ethernet disabled...on roof..

For critical routers, those that must never go down more than a couple minutes, even if you do a mistake, or those located on very high towers / roof use a router with a serial port available on it. Then wire a cable to this serial port so that you don't have to go on the roof, and use that for corr...
by FIPTech
Sat Jul 14, 2012 9:25 pm
Forum: General
Topic: Prioritize VoIP - post your ideas
Replies: 26
Views: 20452

Re: Prioritize VoIP - post your ideas

Very often, peoples think that they can get a perfect VOIP quality with standard ADSL links using some magic with QOS rules. This is sometimes possible, but most of the time this is not possible. Because of DSLAM overload, transport overload, provider overload, DSL link stability problems, tier one ...
by FIPTech
Sat Jul 14, 2012 3:49 pm
Forum: General
Topic: Router OS 5 does not deauthenticate PPP links before rebooot
Replies: 1
Views: 513

Router OS 5 does not deauthenticate PPP links before rebooot

Router OS does not deauthenticate PPTP (or L2TP or PPPoE) links before reboot. As a result, the PPP server is waiting for a PPP timeout before to clear the PPP session. But most of the time, the client router is alive again before the timeout, and before that the PPP server has disable the server in...
by FIPTech
Fri Jul 13, 2012 1:52 pm
Forum: General
Topic: MTU larger than 1492 over PPPoE links
Replies: 8
Views: 11906

Re: MTU larger than 1492 over PPPoE links

I will not add anything to this difficult to edit list. It is now mostly unefficient because of its lenght and unorganized style. Something more modern is needed to manage feature requests. I prefer to discuss here those requests to that each one can participate and Mikrotik can have a better unders...
by FIPTech
Thu Jul 12, 2012 11:50 am
Forum: General
Topic: MTU larger than 1492 over PPPoE links
Replies: 8
Views: 11906

Re: MTU larger than 1492 over PPPoE links

Yes this is working because your private L2 transport support a 1508 MTU, but it is out of standard. PPPoE links should be limited to 1492 MTU to follow the standard and avoid compatibility problems. According to RFC 2516 (PPP over Ethernet) : The Maximum-Receive-Unit (MRU) option MUST NOT be negoti...
by FIPTech
Wed Jul 11, 2012 10:45 pm
Forum: General
Topic: MTU larger than 1492 over PPPoE links
Replies: 8
Views: 11906

Re: MTU larger than 1492 over PPPoE links

PPPoE links are limited to 1492. Some CPE can even refuse to connect if the provider permit a 1500 PPPoE MTU. So most providers are following the standard and force the PPPoE MTU to 1492. In France, all big providers have an ADSL transport network MTU of 1500, so there is absolutly no possibility to...
by FIPTech
Wed Jul 11, 2012 7:12 pm
Forum: General
Topic: 3 line MLPPP working; but speed issue
Replies: 29
Views: 5210

Re: 3 line MLPPP working; but speed issue

no special requirements except that your hardware needs to be compatible, and that you'll need to buy a licence after the trial period, (one day if i remember well). You'll need to install it on HD from the CD if i remember well, this needs a full HD format. you cannot partition your disk. I don't l...
by FIPTech
Wed Jul 11, 2012 6:45 pm
Forum: General
Topic: 3 line MLPPP working; but speed issue
Replies: 29
Views: 5210

Re: 3 line MLPPP working; but speed issue

A 680 Mhz router with only one core is not powerfull enough to do this. The RAM quantity is not the problem. The processor speed is. Do not forget that on a software based router, all packets need to pass through the processor for routing, qos, firewall, and all other tasks like MLPPP framing. In th...
by FIPTech
Wed Jul 11, 2012 2:44 pm
Forum: General
Topic: 3 line MLPPP working; but speed issue
Replies: 29
Views: 5210

Re: 3 line MLPPP working; but speed issue

90% CPU load seems really high. (i don't see this value in your first post, where is it ?)

Try with a more powerfull router to get such a high bandwith.
by FIPTech
Wed Jul 11, 2012 12:06 pm
Forum: General
Topic: 3 line MLPPP working; but speed issue
Replies: 29
Views: 5210

Re: 3 line MLPPP working; but speed issue

Could you check the CPU load when running the MLPPP test ?
by FIPTech
Wed Jul 11, 2012 11:13 am
Forum: General
Topic: MTU larger than 1492 over PPPoE links
Replies: 8
Views: 11906

MTU larger than 1492 over PPPoE links

Starting with linux PPP deamon version 2.4.6, RFC 4638 is supported. http://tools.ietf.org/html/rfc4638 This ppp option do allow MTU larger than 1492 over PPPoE links. This is supported for example at British Telecom. It would be nice if this could be supported on Router OS so that we don't have any...
by FIPTech
Wed Jul 11, 2012 12:47 am
Forum: Forwarding Protocols
Topic: MPLS problem with PPTP tunnels
Replies: 1
Views: 2237

Re: MPLS problem with PPTP tunnels

After investigating more deeply, i've found that using MLPPP over single link (MRRU > 1500) for the tunnel was the source of LDP tranfers problems. Not using MLPPP over single link solve the problem. So it seems that MPLS over PPTP is working, but only if MRRU option is not used. In this case, does ...
by FIPTech
Tue Jul 10, 2012 4:49 pm
Forum: Forwarding Protocols
Topic: MPLS problem with PPTP tunnels
Replies: 1
Views: 2237

MPLS problem with PPTP tunnels

I'm trying to use MPLS through a PPTP tunnel. MPLS is enabled in the PPP profile. I can see the local and remote bindings in the PPTP server router, but on the PPTP client side, i can see only local bindings. On the PPTP server, i can see as well the client IP adresses inside LDP Neighbor, but on th...
by FIPTech
Thu Jul 05, 2012 4:55 pm
Forum: General
Topic: option to add route mark to PPP interfaces
Replies: 4
Views: 1697

Re: option to add route mark to PPP interfaces

Yes this is an important missing function.

It would avoid to use two differents destination addresses to be able to differentiate routing.
by FIPTech
Thu Jul 05, 2012 4:19 pm
Forum: General
Topic: Feature Request - l2tpv3 or other MTU independend pseudowire
Replies: 3
Views: 2098

Re: Feature Request - l2tpv3 or other MTU independend pseudo

+1 for L2TPv3 with level2 support.
by FIPTech
Thu Jul 05, 2012 2:13 am
Forum: General
Topic: BFD with OSPF, packets RX / TX counters not updated
Replies: 1
Views: 584

BFD with OSPF, packets RX / TX counters not updated

It seems that BFD packets counters are not updated inside Routing/BFD/Neighbors. I can see the BFD packets comming in the other router, but counters are not updated inside winbox. They are updated for a few seconds then they stop to work. When counters stop to work, BFD trafic is still sent. Router ...
by FIPTech
Mon Jul 02, 2012 11:36 am
Forum: General
Topic: /31 point to point Ethernet links not working
Replies: 4
Views: 1074

Re: /31 point to point Ethernet links not working

ok. /32 is working for Ethernet links, even using OSPF (as soon as the point to point ethernet link is declared as a point to point ospf interface on each side). Perhaps that if we enter a /31 address in winbox or CLI it could be converted to a /32 instead of accepting it and give a not working link...
by FIPTech
Sun Jul 01, 2012 5:39 pm
Forum: General
Topic: /31 point to point Ethernet links not working
Replies: 4
Views: 1074

/31 point to point Ethernet links not working

I was not able to get /31 point to point Ethernet links working (ROS 5.18). It seems that ROS is not able to use a /31 even address (the network one) as a local address. Inside a /31, there is no more directed broadcast address, and the network address (the even one) become the remote or the local a...
by FIPTech
Mon Jun 25, 2012 8:19 pm
Forum: General
Topic: OSPF and type of service routing not implemented ?
Replies: 0
Views: 341

OSPF and type of service routing not implemented ?

"One of the more attractive features of OSPF is its capability to support Types of Service (TOS) based routing. Through TOS routing, the IP service class selections are supported in routing decisions." Actually i need to setup static routes for class of trafic in need of different routes. Is there a...
by FIPTech
Mon Jun 25, 2012 11:58 am
Forum: General
Topic: Problem with OSPF interface "ALL"
Replies: 0
Views: 292

Problem with OSPF interface "ALL"

When using OSPF interface "ALL" with "point to point" setting, the point to point interfaces do not work anymore.

I need to select "Broadcast" inside the "ALL" interface definition, so that point to point interfaces works again.

ROS v 5.16
by FIPTech
Thu Jun 21, 2012 11:34 am
Forum: General
Topic: Console auto logoff
Replies: 2
Views: 1271

Re: Console auto logoff

no replyl, no help yet.
by FIPTech
Wed Mar 28, 2012 11:36 am
Forum: Forwarding Protocols
Topic: OSPFv3 Missing /128 Routes in 5.1
Replies: 73
Views: 18385

Re: OSPFv3 Missing /128 Routes in 5.1

I just tested it again, and yes it is a terminal parsing problem. Does work from winbox.
by FIPTech
Sun Jan 29, 2012 2:50 am
Forum: Forwarding Protocols
Topic: OSPFv3 Missing /128 Routes in 5.1
Replies: 73
Views: 18385

Re: OSPFv3 Missing /128 Routes in 5.1

It is not only a prefix lenght problem : Try that : 1234:1234::100 is working 1234::100 is working 1::100 is working 1234::FF is working 1::FF is working BUT, 1234:1234::FF is not working !! Then, 1234:1::FF is working.... 1234:123::ff is not working... :=( 1::1 is working 1:1111::1 is working 11:11...
by FIPTech
Fri Jan 27, 2012 11:44 pm
Forum: General
Topic: How to add IPv6 static NDP ?
Replies: 2
Views: 1067

How to add IPv6 static NDP ?

How to define static NDP IPV6 entries ?

For IPv4 we have the ARP menu to do that, but no equivalent for IPv6.

Is it possible through the command line ?


something like this :

ndp link_layer_address interface mac_address
by FIPTech
Wed Jan 18, 2012 8:04 pm
Forum: General
Topic: Can DHCPv6 in Mikrotik passing DNS value to client?
Replies: 6
Views: 1280

Re: Can DHCPv6 in Mikrotik passing DNS value to client?

For sure first IPv6 only customers will have some problems, that's why most providers will provide for sure some form of IPv6 to IPv4 protocol translation and IPv4 provider wide NAT for them. But in the same time, i'm quite sure that most Internet services will migrate to dual stack very fast so tha...
by FIPTech
Wed Jan 18, 2012 3:34 pm
Forum: General
Topic: Can DHCPv6 in Mikrotik passing DNS value to client?
Replies: 6
Views: 1280

Re: Can DHCPv6 in Mikrotik passing DNS value to client?

DNS through RA works only for Linux clients so it is of very limited use as most clients are Windows in the field. Would be great to have IPv6 DNS working with windows client and a tutorial in the wiki to do this. Today Windows clients can resolve IPv6 pointers even without IPv6 DNS server address s...
by FIPTech
Thu Jan 05, 2012 1:32 pm
Forum: General
Topic: Winbox 2.2.16 on Windows 7 - Broken drag and drop
Replies: 29
Views: 15742

Re: Winbox 2.2.16 on Windows 7 - Broken drag and drop

For me it does not work if i add it to AWM exception list.

Same problem after exit it does not close, need to kill the process.
by FIPTech
Thu Dec 29, 2011 1:10 pm
Forum: General
Topic: Winbox 2.2.16 on Windows 7 - Broken drag and drop
Replies: 29
Views: 15742

Re: Winbox 2.2.16 on Windows 7 - Broken drag and drop

Similar problems here : - Drag and Drop does not work - Sub menus do not work (IP, IPV6, Routing, System, Tools). I feel that Winbox is using special system calls to manage its window because it is the only software giving me problems. I'm using a clear install of Windows 7 32 bits, and Actual Multi...
by FIPTech
Tue Dec 20, 2011 11:30 am
Forum: The Dude
Topic: IPv6 support in Dude
Replies: 15
Views: 5819

Re: IPv6 support in Dude

We'll begin to switch management to IPv6 in about 6 monthes and still no support.

First clients without IPv4 addresses anymore here in about 6 monthes.
by FIPTech
Wed Dec 14, 2011 12:44 pm
Forum: General
Topic: IPv6 Ping does not work with domain names
Replies: 42
Views: 23791

Re: IPv6 Ping does not work with domain names

Working for me.

But i did not see this syntax in the Wiki :

http://wiki.mikrotik.com/wiki/Manual:Tr ... ting_tools


Woud be simpler to have a ping6 tool or a parameter for ping.
by FIPTech
Sun Nov 13, 2011 3:42 am
Forum: General
Topic: RouterOS v5.8 released
Replies: 182
Views: 87278

Re: RouterOS v5.8 released

IPv6 dynamic bindings cannot be removed IPv6 ND do not work anymore if IPv6 interface address is changed. Needs rebooting. Ipv6 address on PPPoE interface cannot be enabled. Needs reboot. Disabling an IPv6 address on an interface do not fully disable it. -> IPv6 PD DHCP client does not work on this ...
by FIPTech
Sun Nov 13, 2011 2:08 am
Forum: General
Topic: RouterOS v5.8 released
Replies: 182
Views: 87278

Re: RouterOS v5.8 released

Mikrotik, why don't you write a test suite for Router OS ? Most bugs inside 5.8 would have been catched by a test suite. It is anormal to see that something really simple to test like Metarouter is not working at all inside a release version. I did advice a test suite on Oct 07, 2010 and still no be...
by FIPTech
Sun Nov 13, 2011 1:38 am
Forum: Virtualization
Topic: RouterOS 5.8 broke Metarouters?
Replies: 6
Views: 2979

Re: RouterOS 5.8 broke Metarouters?

Metarouter broken on RB493AH with version 5.8.

Broken on RB450G as well.

Are there any problems to revert to 5.6 ?

Error when connecting to console :

execve: No such file or directory
Kernel panic - not syncing: Attempted to kill init!
by FIPTech
Fri Sep 16, 2011 1:26 am
Forum: General
Topic: Fast Roaming support - 802.11r
Replies: 4
Views: 4310

Fast Roaming support - 802.11r

Is there any plan to implement a fast roaming option like 802.11r for near futur products ? VoiP is still not doable with actual Mikrotik hardware in a multiple access points network. We still need to use expensive DECT phones and Access points, where we could use lower cost Mikrotik hardware. Why f...
by FIPTech
Thu Sep 08, 2011 1:17 am
Forum: Wireless Networking
Topic: need a boost on a wireless network
Replies: 10
Views: 2951

Re: need a boost on a wireless network

Yes WDS NV2 bridging works without problems, but only from client stations to a central access point. I'm using this at a client site. But if you try to set two NV2 access points on the same channel, and connect each one to the other one through WDS links, it does not even mount the WDS bridge inter...
by FIPTech
Wed Sep 07, 2011 2:44 pm
Forum: Wireless Networking
Topic: need a boost on a wireless network
Replies: 10
Views: 2951

Re: need a boost on a wireless network

I tried to use WDS between access points with NV2 but it does not work. As access points are not synchronized, i suppose that it is not possible to use NV2 with WDS ? In the end, i suppose that it is not possible to use more than one NV2 enabled access point on the same channel, or it will conflict ...
by FIPTech
Sat Sep 03, 2011 3:59 am
Forum: General
Topic: NV2 QOS. Mikrotik Please give us a bit more informations
Replies: 0
Views: 422

NV2 QOS. Mikrotik Please give us a bit more informations

According to the Wiki : "Nv2-qos=default In this mode outgoing frame at first is inspected by built-in QoS policy algorithm that selects queue based on packet type and size" It is possible to have details about this magic matching : What are packet types, what are size thresholds and how are selecte...
by FIPTech
Tue Jul 26, 2011 8:13 pm
Forum: General
Topic: feature request : GRE tunnel
Replies: 56
Views: 28078

Re: feature request : GRE tunnel

EOIP is stateless. You can't use that if you need to know the state of the tunnel.


GRE is IP only. Ethernet GRE is not implemented.
by FIPTech
Wed Jun 08, 2011 11:04 am
Forum: Wireless Networking
Topic: Mikrotik bandwidth test software; using iperf?
Replies: 21
Views: 30144

Re: Mikrotik bandwidth test software; using iperf?

Or start an opensource EtherSAM implementation ? I've always found iperf too much simplistic as soon as you need detailed statistics on WAN links. You can use Router OS CPE and be in need to have detailed QOS tests reports for Data - VoIP shared links. Iperf will not give you that. Iperf does not in...
by FIPTech
Mon Jun 06, 2011 2:17 pm
Forum: Wireless Networking
Topic: Mikrotik bandwidth test software; using iperf?
Replies: 21
Views: 30144

Re: Mikrotik bandwidth test software; using iperf?

Iperf is not a standard.

RFC2544 and EtherSAM ITU-T Y.1564 are standards.
by FIPTech
Sat Jun 04, 2011 1:13 pm
Forum: Wireless Networking
Topic: Mikrotik bandwidth test software; using iperf?
Replies: 21
Views: 30144

Re: Mikrotik bandwidth test software; using iperf?

I would not say that Iperf is an "industry" standard. It's a standard yes, but it does not have industrial strength neither all functions needed to finely analyze QOS problems. I would be interested to see something better than Iperf inside Router OS. RFC 2544 is crap when you are in need of precise...
by FIPTech
Fri Jun 03, 2011 1:48 pm
Forum: Wireless Networking
Topic: Mikrotik bandwidth test software; using iperf?
Replies: 21
Views: 30144

Re: Mikrotik bandwidth test software; using iperf?

Iperf is a good tool but very basic.

But for precise QOS measurements, hardware testers are the only way to go.
by FIPTech
Fri May 13, 2011 10:31 am
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

I understand the limitations. But i'm quite sure it should be possible to design better protocols, using frequency hopping or similar technics, to get better link reliability and speed keeping a low cost. Frequency hopping was used primirily on very expensive military radios, and we see it today on ...
by FIPTech
Thu May 12, 2011 11:38 pm
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

Yes half a watt is half a watt, but if the spectrum is larger as it is the case with frequency hopping, then relative power on each channel (mean power) is smaller. Under FCC regulations, frequency hopping systems fulfilling certain requirements in the 902- 928 MHz band are allowed to transmit using...
by FIPTech
Thu May 12, 2011 10:33 am
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

In this case frequency hopping can help because you can send more power, as you are using multiple channels. If using ten channels, you can send ten times more power, staying in the regulatory domain limits. And it's easier to find gaps to transmitt if your are watching ten channels, than if you are...
by FIPTech
Wed May 11, 2011 11:09 am
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

Seems difficult to get more selectivity on receivers without sensitivity loss. What could be interesting is adjustable filters, but i'm afraid by the cost. This is available on high end HAM receivers, but there is infinitely more room inside the enclosures to do this... What could be done perhaps is...
by FIPTech
Mon May 09, 2011 10:42 pm
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

Do not confuse phase adjustment, frequency adjustement for channels in the same synchronisation domain, and synchronisation to different sync domains. Phase adjustment can be very fast, frequency adjustment as well if the two channels are synched to a same time reference. Imagin two transmitters wit...
by FIPTech
Mon May 09, 2011 10:51 am
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

So now we need to hook up with competitor's devices? Good luck! No, sync can be achieved remotely, through GPS or even NTP if an IP link is available. Every provider GPS or NTP linked to atomic time can be synched. This works like this for GSM networks. And yes it needs radio chipset support, or ex...
by FIPTech
Fri May 06, 2011 10:21 pm
Forum: General
Topic: Bridging and VLAN isolation problem
Replies: 11
Views: 2063

Re: Bridging and VLAN isolation problem

It would be really simpler if wire to wire bridging was implemented. I'm quite sure that the vaste majority of users will not find the solution to bridge untagged to tagged themself. No good. Imagine the complexity of this solution if you have QinQ bridging, with a mix of untaged, tagged vlans, and ...
by FIPTech
Fri May 06, 2011 8:48 pm
Forum: General
Topic: Bridging and VLAN isolation problem
Replies: 11
Views: 2063

Re: Bridging and VLAN isolation problem

This is a solution i did find, but i decided to not use it in production, mainly because filtering was too complex.



I think that this solution is too complex for most normal users, even experienced, as soon as the network is not as simple as a couple vlans.
by FIPTech
Fri May 06, 2011 12:14 am
Forum: General
Topic: Bridging and VLAN isolation problem
Replies: 11
Views: 2063

Re: Bridging and VLAN isolation problem

I'm still confused. Here is a simple example : Ether1 (physical, untagged)-> Network 192.168.1.0/24 Ether2 (physical, untagged) -> Network 192.168.2.0/24 Ether2 Vlan20 -> Network 192.168.1.0/24 Now i want to bridge (Ether1) with (Ether2 Vlan20) How to do this ? With a switch, it's straightforward : ...
by FIPTech
Thu May 05, 2011 3:19 pm
Forum: General
Topic: Bridging and VLAN isolation problem
Replies: 11
Views: 2063

Re: Bridging and VLAN isolation problem

No, i want to bridge a physical port with another one, without bridging VLANs inside those ports. I want to bridge only native ports. To resume i'd like to have the same behavior as in a classical manageable level2 switch, where native and tagged vlans are independants. As oppsosite, it's usefull as...
by FIPTech
Thu May 05, 2011 11:27 am
Forum: General
Topic: Bridging and VLAN isolation problem
Replies: 11
Views: 2063

Bridging and VLAN isolation problem

I have problems with bridging and VLANs. (Router OS 5.0). Ports of a bridge do have their child VLAN interface bridged togeter, even if other ports of the bridge do not have the same VLANs. This is not desirable and very dangerous for security because we get packets from non desired vlans everywhere...
by FIPTech
Tue Apr 26, 2011 4:05 pm
Forum: General
Topic: IPv6 and DNS
Replies: 28
Views: 15277

Re: IPv6 and DNS

Yes you are right XP is old and fat.

And Seven is young, but fat too. They have sports room at work but this is not enough to keep Windows slim.


That's why i like Mikrotik a lot. This is not fat, even without sports room at work.
by FIPTech
Mon Apr 25, 2011 4:36 pm
Forum: General
Topic: How to make a 16 or 24 port MT L-3 Switch
Replies: 10
Views: 1753

Re: How to make a 16 or 24 port MT L-3 Switch

Unfortunately there is no serious level2 switching support inside Mikrotik yet. So do not expect to see switching on Mikrotik get the level of functions you can have on big names manufacturers. This is mainly because Linux concentrate about level3, not level2. Bridging inside Linux seems like added ...
by FIPTech
Sun Apr 24, 2011 10:05 pm
Forum: General
Topic: IPv6 and DNS
Replies: 28
Views: 15277

Re: IPv6 and DNS

Switch to Linux :=) You will have better support for IPv6. Microsoft has traditionnaly lag for network technologies support. I remember Windows 3.1 for workgroups. Network was terrible compared to Novell performance... You should ask to Mikrosoft why they don't have full IPv6 support. I hope they wi...
by FIPTech
Thu Apr 21, 2011 2:58 am
Forum: General
Topic: IPv6 Ping does not work with domain names
Replies: 42
Views: 23791

Re: IPv6 Ping does not work with domain names

Same problem here with 5.1. I can't understand how Mikrotik can get positiv results here. Mikrotik, did you try through a PPPoE IPv6 connection, or Ethernet IPv6 ? I'm trying through PPPoE. Perhaps that binding to PPPoE interfaces does not work from the router ? Missing glue code ?? Resolving ipv6.g...
by FIPTech
Wed Apr 20, 2011 10:32 am
Forum: General
Topic: LLDP
Replies: 126
Views: 42967

Re: LLDP

Ok. Anyway LLDP-MED (ANSI/TIA-1057) should be implemented, not only LLDP. LLDP is IEEE 802.1AB. http://standards.ieee.org/getieee802/download/802.1AB-2005.pdf Here is a link to an opensource LLDP project : http://openlldp.sourceforge.net/ Media Endpoint Discovery is an enhancement of LLDP, known as ...
by FIPTech
Wed Apr 20, 2011 12:56 am
Forum: General
Topic: LLDP
Replies: 126
Views: 42967

Re: LLDP

Keeping duplicate things is not a good idea.

It gives two times more work to debug, support, and compile.

It makes the code bigger as well and slower.

Why would you need CDP ? Everyone is supporting LLDP today and manufacturers start to remove CDP.


Perhaps for compatibility with older hardware ?
by FIPTech
Wed Apr 20, 2011 12:12 am
Forum: General
Topic: LLDP
Replies: 126
Views: 42967

Re: LLDP

For information, LLDP-MED is mandatory to boot a VoIP phone on a tagged VLAN. Without LLDP-MED, the phone cannot know wich VLAN ID is the voice VLAN. So LLDP and LLDP-MED are not a toys. There are very interesting as well to get informations about connected devices, not only switches ports. For exam...
by FIPTech
Tue Apr 19, 2011 3:22 pm
Forum: General
Topic: Bridge port behaviour in bridging distant networks over PPTP
Replies: 1
Views: 395

Re: Bridge port behaviour in bridging distant networks over

If you are bridging, you need to ping through the Bridge interface. Not the PPTP interface. You'll need to put an IP on the Bridge Interface or you will not have level3 tools of the router himself working. PPTP interface is independant from the bridge inside according to what i've seen. I have a set...
by FIPTech
Tue Apr 12, 2011 1:04 am
Forum: General
Topic: Lost packets after upgrading RB750 from 5.0b4 to 5.1
Replies: 0
Views: 338

Lost packets after upgrading RB750 from 5.0b4 to 5.1

After upgrading two RB750 from 5.0b4 to 5.1, we got lost packets on the two routers. Processor load was 20 - 30 % instead of 5 - 10 % previously. Smokeping was reporting 10 % loss through the routers to an external ICMP target, and a VoIP call through those routers confirmed the problem. The routers...
by FIPTech
Mon Apr 11, 2011 6:36 pm
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

Same problem with two cards in the same box. They need to be physicaly linked by a sync bus. Generaly this is done by a coaxial cable. For GSM networks, the time source is generaly a GPS unit with a 19.6608 MHz sinus output. In the scientific area, sync is generaly achieved by a 1 PPS output, a digi...
by FIPTech
Mon Apr 11, 2011 1:11 am
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

If we have two adapters in the same board running NV2, are they synchronized? You are talking about poolling synchronisation. I think that in a NV2 domain, all stations are automatically synchronized, so that they talk in a TDMA fashion. But we are talking here about wave synchronization, so that r...
by FIPTech
Sun Apr 10, 2011 5:34 pm
Forum: General
Topic: NV2 phones
Replies: 3
Views: 569

NV2 phones

I think it would be interesting to have NV2 phones, so that we can have a good quality wireless phone network, with roaming, and without the heavy price of DECT synchronized solutions. Specialy on the 900 MHz and 2.4 Ghz band, or Why not in the 1.8 / 1.9 GHz band. I think that for this usage, synchr...
by FIPTech
Thu Apr 07, 2011 12:26 am
Forum: General
Topic: Supported UPS`s
Replies: 49
Views: 32269

Re: Supported UPS`s

We'd like to see MGE UPS (EATON) supported through USB and/or serial.

This would avoid the heavy cost of the supervision ethernet board.
by FIPTech
Wed Apr 06, 2011 11:50 pm
Forum: General
Topic: nv2 3rd party + other network disconnect issues
Replies: 6
Views: 1271

Re: nv2 3rd party + other network disconnect issues

The solution is certainly to fix other products driver reliability. With TDMA collisions are more serious and probable (if different systems are in use) than when CSMA is in use. That's why CSMA has been implemented in 802.11 : try to avoid collisions. I think that NV2 should be used carefully, with...
by FIPTech
Tue Apr 05, 2011 11:43 pm
Forum: General
Topic: Exact steps to block rogue DHCP servers
Replies: 17
Views: 19179

Re: Exact steps to block rogue DHCP servers

Authoritative = yes does not work if another DHCP server is faster to reply. The filtering needs to be done inside a level 2 managed switch, with the DHCP snooping function, filtering the edge ports for unauthorized DHCP trafic. You define the authorized DHCP servers MAC addresses and ports for each...
by FIPTech
Tue Apr 05, 2011 12:14 pm
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

Yes it's certainly not for pleasure that Motorola put sync ports inside their products. They even have a GPS sync module for remote sync (SyncPipe). But sync is seen in a lot of professional applications : - Digital Audio and Video Networks inside recording studios and broadcast facilities - GSM pho...
by FIPTech
Sat Apr 02, 2011 11:39 pm
Forum: General
Topic: How close can two SXTs be placed?
Replies: 4
Views: 580

Re: How close can two SXTs be placed?

I tried 5 meters at minimum power without apparent damage during a couple days. NV2 protocol, 40 Mhz channel, about 160 Mbps real total bandwith.


If you rise power, then distorsion appear at receiving side and link reliability and bandwith drop dramaticaly.
by FIPTech
Fri Apr 01, 2011 6:47 pm
Forum: General
Topic: EOIP fragmenting problem?
Replies: 3
Views: 2774

Re: EOIP fragmenting problem?

You could experiment with different aggregated values. See here for M3P details : http://wiki.mikrotik.com/wiki/Manual:IP/Packing And be aware of this : "Router should be seen as neighbour of router over interface you want to enable packing on. If in neighbour list there are no entry indicating pack...
by FIPTech
Fri Apr 01, 2011 1:03 pm
Forum: General
Topic: EOIP fragmenting problem?
Replies: 3
Views: 2774

Re: EOIP fragmenting problem?

If there is fragmentation, you can see it using the ping tool with "do not fragment" option, rising the packet size until no reply. Then you will have the true MTU of the link. I would try the same thing, replacing the EoIP tunnel by a PPTP + BCP tunnel, using a MRRU of 1600 at each side, so that th...
by FIPTech
Fri Apr 01, 2011 10:45 am
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

I will add this : adding physical clock connection between wifi cards, through a small coaxial cable, should be doable without heavy code and hardware modifications. This would allow synchronization for same tower antennas. Next, for remote synchronization, oem GPS devices today are not so expensive.
by FIPTech
Thu Mar 31, 2011 6:46 pm
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

I think manufactures better invest their time and energy in making radio's such that links between designed units are more robuust. The example of network wide synch on mobile phone networks counts, but only for these spectrums. Telcon provider owns the spectrum so he has no issues with competition...
by FIPTech
Thu Mar 31, 2011 12:08 pm
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

Like the precise oscillators made by Rakon They do no give short term stability. Long term stability is nice, +- 1 ppm / year, but for Time references synced to atomic time through a digital PLL, short term stability (24 hours period), is the most important parameter. Most GPS timing reference manu...
by FIPTech
Thu Mar 31, 2011 2:53 am
Forum: General
Topic: NV2 Sync Support
Replies: 90
Views: 15554

Re: NV2 Sync Support

Sync need a precise master clock. jitter needs to be kept minimal. To achieve this : - the master clock needs to be stable and jitter free - the master clock need to be distributed by a star network, not a daisy chained network (in a daisy chain, jitter rise at each node). If sync at a same tower si...
by FIPTech
Thu Mar 31, 2011 2:03 am
Forum: SwOS
Topic: Switch VLANs control
Replies: 3
Views: 3205

Re: Switch VLANs control

On hardware switches, the default is that there is not a different Mac address for each VLAN. All vlans share the same host MAC address, this is not a problem because each vlan is normaly isolated from other ones. On some mid level switches, it is possible to setup a different MAC address for each v...
by FIPTech
Sun Mar 27, 2011 9:35 pm
Forum: General
Topic: Packet Loss
Replies: 1
Views: 702

Re: Packet Loss

You can use Router OS internal tools, but if you want to use external PC machines to test, you could use IPERF.

If you are not confortable with console apps, you can use the GUI Java frontend JPERF.
by FIPTech
Sun Mar 27, 2011 9:29 pm
Forum: General
Topic: PPTP statique server interface do not work
Replies: 0
Views: 573

PPTP statique server interface do not work

I have notified that sometimes PPTP static server interface do not work. Instead, a dynamic interface is mounted for the connection. To get back the static interface running, i need to delete this dynamic interface. Then the static interface get the running status. I've seen this three times in one ...
by FIPTech
Fri Mar 25, 2011 11:56 pm
Forum: Forwarding Protocols
Topic: bonding
Replies: 4
Views: 1139

Re: bonding

The only solution to have a true level2 bonding with two different ISP is to setup Ethernet tunnels to an Internet based server, and bond those two tunnels together at each side. Then, you can masquerade your network from this Internet server. You'll need to send and receive Internet trafic from thi...
by FIPTech
Fri Mar 25, 2011 11:34 pm
Forum: SwOS
Topic: Switch VLANs control
Replies: 3
Views: 3205

Switch VLANs control

Switch VLAN control is not easy with the actual interface using rules. It would be nice to be able to define vlan port membership like we do it very simply on manageable switches. Because the switch control interface is unergonomic, i'm quite sure that most people don't use this feature. For example...
by FIPTech
Fri Mar 25, 2011 11:03 pm
Forum: General
Topic: Isolating internal networks - any good approach?
Replies: 3
Views: 722

Re: Isolating internal networks - any good approach?

The problem with VRF is that inside Router OS most services except DHCP are not VRF aware. ppp for example is not VRF aware, you can't use VRF qualifiers to target VRFs. On the paper, VRFs are very nice. But as soon as you are in the real world, VRFs are quite complicated to manage. For example try ...
by FIPTech
Wed Mar 23, 2011 9:01 pm
Forum: General
Topic: Bridging VLAN problem
Replies: 2
Views: 838

Re: Bridging VLAN problem

You cannot bridge a VLAN with the physical port that it is on. It will not work. I do not try to do this. I need to bridge a physical port (untagged trafic) with a tagged VLAN inside another bridge, and this other bridge is bridging other physical ports. This is done very easily with a hardware swi...
by FIPTech
Tue Mar 22, 2011 9:41 pm
Forum: General
Topic: Bridging VLAN problem
Replies: 2
Views: 838

Bridging VLAN problem

ROS v 5.0RC11 I have a problem bridging a vlan with a physical port. I need to bridge two physical ports together (Bridge-1), then bridge a VLAN of this Bridge to another physical port (Bridge-2). Here is what i have : Bridge-1 ports : Ether-3 Ether-4 Then i added a VLAN (tag=1) on Bridge-1 interfac...
by FIPTech
Sat Mar 19, 2011 7:30 pm
Forum: General
Topic: Console auto logoff
Replies: 2
Views: 1271

Console auto logoff

I can't find the auto logoff console parameter. It seems there is no auto logoff feature inside Router OS. Autologoff is implemented in all serious products on the market. This is a very big security hole when connecting using Modem access and serial port. Any user who know the phone number of the m...
by FIPTech
Fri Mar 18, 2011 8:24 pm
Forum: Wireless Networking
Topic: Console is crashing after a few hours
Replies: 0
Views: 336

Console is crashing after a few hours

We have two serious problems with 5.0 rc11 and RB493G routers. 1) Console is crashing after a couple hours. We need to reboot two times the router to get console back to life. This is a very ennoying we are using the console port as a urgency connection to client routers, through a GSM modem. If con...
by FIPTech
Wed Mar 16, 2011 12:57 am
Forum: General
Topic: bridge port vlan interfaces becoming inactive until restart.
Replies: 2
Views: 2407

Re: bridge port vlan interfaces becoming inactive until rest

Got a similar problem today where i've found an inactive VLAN port on a bridge causing a full part of the client network down. I've found that changing the VLAN Id to something else, and put it back to original value corect the problem. Enabling and disabling the Bridge port did not solve the proble...
by FIPTech
Tue Mar 08, 2011 10:45 am
Forum: General
Topic: MAC Winbox not working with bridged ports
Replies: 2
Views: 916

Re: MAC Winbox not working with bridged ports

I need to retest.

I did not check mac server settings.


I had only some interfaces enabled.
by FIPTech
Tue Mar 08, 2011 12:15 am
Forum: General
Topic: MAC Winbox not working with bridged ports
Replies: 2
Views: 916

MAC Winbox not working with bridged ports

Seems like bridged ports do not allow Winbox access in MAC mode.


5.0 RC11.


Same port not bridged do allow Mac access.

Tested on RB493AH.
by FIPTech
Mon Feb 28, 2011 11:57 pm
Forum: General
Topic: Feature Request: CALEA update
Replies: 10
Views: 1828

Re: Feature Request: CALEA update

For remote capture, there is a simpler and better tool than Calea. This is the remote capture tool directly usable from Wireshark. It needs implementation on the remote machine, using Winpcap 4.0 (deamons availlable for Windows and Linux). See : http://wiki.wireshark.org/CaptureSetup/WinPcapRemote T...
by FIPTech
Mon Feb 28, 2011 8:31 pm
Forum: General
Topic: Feature Request: CALEA update
Replies: 10
Views: 1828

Re: Feature Request: CALEA update

Actually i tried capturing with wireshark with TZSP protocol. But filtering is not so evident in this mode, because Windows generate lots of "port unreachable" if you are using the same port than the one used for Windows Networking. Even with the right filter to avoid this, it is not easy to filter ...
by FIPTech
Sun Feb 27, 2011 11:55 am
Forum: RouterBOARD hardware
Topic: Do the RB's work.
Replies: 33
Views: 5405

Re: Do the RB's work.

Rafaela, wich equipment do you have to change Red and Green components ?
by FIPTech
Sat Feb 26, 2011 11:44 pm
Forum: General
Topic: DHCP problem after upgrade 5.0rc9->5.0rc10
Replies: 8
Views: 1652

Re: DHCP problem after upgrade 5.0rc9->5.0rc10

Do you have input rules in the firewall ?


If you do, then check you don't have 0.0.0.0 source adress droped.
by FIPTech
Fri Feb 25, 2011 11:56 pm
Forum: RouterBOARD hardware
Topic: Do the RB's work.
Replies: 33
Views: 5405

Re: Do the RB's work.

I've changed recently capacitors on a RB750G. Capacitors did not resist to the last summer where we had about 35 degrees during one week.

The client site was hot. I suspect about 38-40 degrees.
by FIPTech
Fri Feb 25, 2011 10:42 am
Forum: RouterBOARD hardware
Topic: Do the RB's work.
Replies: 33
Views: 5405

Re: Do the RB's work.

Generally bad capacitors have a curved top, or they can even explode. This is why there are small breaking marks on the top, to avoid too powerful explosions.

If electronic circuits didn't had chemical capacitors, they would be at least ten times more reliable in the long term.
by FIPTech
Thu Feb 24, 2011 10:23 pm
Forum: General
Topic: Feature Request: CALEA update
Replies: 10
Views: 1828

I've found CALEA usefull for remote capture for servicing a distant Network.

Would be nice to have it inside Winbox.



Are there any CALEA compatible loging software available ? Seems difficult to find those softwares.
by FIPTech
Thu Feb 24, 2011 10:15 pm
Forum: RouterBOARD hardware
Topic: Do the RB's work.
Replies: 33
Views: 5405

Re: Do the RB's work.

If you want more help, you need to remove the bra :=)
by FIPTech
Wed Feb 23, 2011 10:53 am
Forum: General
Topic: UDP Timeout Setting / SIP helper service
Replies: 3
Views: 2850

Re: UDP Timeout Setting / SIP helper service

The problem is that even if it detect the registration interval, you can have a dynamic IP address changing during this interval.

Then the connection is lost for hours.
by FIPTech
Tue Feb 22, 2011 7:54 pm
Forum: General
Topic: UDP Timeout Setting / SIP helper service
Replies: 3
Views: 2850

UDP Timeout Setting / SIP helper service

It seems that when Sip helper service is activated, connection tracking keep UDP streams connections during one hour instead of the normal UDP timeout setting. This cause troubles when using VoIP even without NAT. (specially with dynamic IP SIP clients or multiple Internet Gateways). The workaround ...
by FIPTech
Tue Feb 22, 2011 11:01 am
Forum: General
Topic: Dude 3.6 Torch tool is not working with Ros after 5.0 rc5
Replies: 16
Views: 3478

Re: Dude 3.6 Torch tool is not working with Ros after 5.0 rc

Hope this will be corrected because this tool is very valuable compared to the really poorer torch tool inside Winbox.
by FIPTech
Fri Feb 18, 2011 10:22 am
Forum: General
Topic: User with default Safe Mode
Replies: 16
Views: 8441

Re: User with default Safe Mode

The safe mode button could be flashing and orange when in safe mode. So that you can't miss it. Then allowing default safe mode by user basis could be interesting as well, so that if you don't like it you can disable it for you. As we are in management things, i think it could be usefull for V6 to h...
by FIPTech
Fri Feb 18, 2011 3:05 am
Forum: General
Topic: 40/100 Gbps software router----How far are we?
Replies: 21
Views: 3617

Re: 40/100 Gbps software router----How far are we?

I would prefer to stay away from proprietary DSP solutions if i had to do routing designs. History has shown that processor manufacturers can change their strategy and drop support quite fastly (see Intel Itanium...). Learning DSP programming is not a simple story. This is one reason more to stay aw...
by FIPTech
Fri Feb 18, 2011 1:19 am
Forum: General
Topic: User with default Safe Mode
Replies: 16
Views: 8441

Re: User with default Safe Mode

I prefer trusting machines than myself or other users. Read only is rarely used in the field simply because if you need to make a modification then you need to logoff and logon. I think than default safe mode can be interesting. Having to drive 300 or 500 km to a remote site because you forgotted to...
by FIPTech
Fri Feb 18, 2011 12:40 am
Forum: General
Topic: 40/100 Gbps software router----How far are we?
Replies: 21
Views: 3617

Re: 40/100 Gbps software router----How far are we?

Why do you want to use this ? There is no reason to use this kind of hardware because : 1) you'll need a X86 for almost nothing, except controlling the card. 2) It's certainly expensive. 3) it's PCI based. You buy it, and after a couple years it doesn't work anymore, because you can't find a new com...
by FIPTech
Thu Feb 17, 2011 12:15 pm
Forum: General
Topic: IEEE 802.3ah/IEEE 802.3ag
Replies: 21
Views: 8055

Re: IEEE 802.3ah/IEEE 802.3ag

The network technology we have inside the Linux kernel (used by Mikrotik) is outdated. I think that everyone interested in actual network technology like 802.1ah, 802.1Qay and 802.3ag should write a word to Linus Torvalds to explain it the actual situation and ask him to stop supporting esotheric th...
by FIPTech
Thu Feb 17, 2011 11:56 am
Forum: General
Topic: 40/100 Gbps software router----How far are we?
Replies: 21
Views: 3617

Re: 40/100 Gbps software router----How far are we?

To be able to route efficiently, a FPGA chip needs to be able to make table lockup. I think Cisco is using this function to get route resolution at wire speed. This give the same routing speed than MPLS, with simple IP routing. This function is implemented inside high end FPGA devices like Altera St...
by FIPTech
Wed Feb 16, 2011 10:31 pm
Forum: General
Topic: User with default Safe Mode
Replies: 16
Views: 8441

User with default Safe Mode

It could be usefull to have a user setting to enable safe mode on the account.

So that each time this user connect he is in safe mode.
by FIPTech
Wed Feb 16, 2011 1:27 pm
Forum: General
Topic: 40/100 Gbps software router----How far are we?
Replies: 21
Views: 3617

Re: 40/100 Gbps software router----How far are we?

Multi processor is not the right target for a fast router. X86 / X64 and similar processor are not designed to manage small amount of data at very high speed. They have only one bus and their instruction set is not adapted to routing. Concentrating efforts on logic circuits programming is better. It...
by FIPTech
Tue Feb 15, 2011 10:43 pm
Forum: General
Topic: 40/100 Gbps software router----How far are we?
Replies: 21
Views: 3617

Re: 40/100 Gbps software router----How far are we?

Support is not the real problem with software routers. I think the main problem is power consumption. Getting 10, 40 or 100 Gbps routing without packet loss on X86 even with GPU is very power hungry. It is something for geeks, not something we can put in a Datacenter for real use. X86 and GPUs are g...
by FIPTech
Tue Feb 15, 2011 10:32 am
Forum: RouterBOARD hardware
Topic: SFP and DSL support
Replies: 32
Views: 12152

Re: SFP and DSL support

No a Router with SFP option could be usefull for linking Wifi devices or inter building fiber links. I don't like to link Wifi through copper. It's expensive because of needed storms protections. For inter building, there is no option. All our links are fiber. FTTH is not yet very developped here, b...
by FIPTech
Tue Feb 15, 2011 3:10 am
Forum: RouterBOARD hardware
Topic: Do the RB's work.
Replies: 33
Views: 5405

Re: Do the RB's work.

No boot is often a power problem. Check chemical capacitors. 90 % of problems do come from them.


Dissolder and check the value. 1/2 original value is generaly ok. 1/5 or 1/10 is not ok...
by FIPTech
Tue Feb 15, 2011 2:51 am
Forum: RouterBOARD hardware
Topic: SFP and DSL support
Replies: 32
Views: 12152

Re: SFP and DSL support

SFP support is important. We are using preferably fiber links. We could use it easily for CPE wifi devices, using mixte Fiber / Copper cable (copper for powering). Having SFP support directly on end devices would be a very good point. We'd like to see this on cameras, phones, wifi, and router device...
by FIPTech
Mon Feb 14, 2011 8:24 pm
Forum: General
Topic: Meaning of "Use Src. MAC Address" in DHCP lease
Replies: 8
Views: 12074

Re: Meaning of "Use Src. MAC Address" in DHCP lease

If this has been designed for security, then it would have been more usefull to have something like :


"check source mac address".
by FIPTech
Mon Feb 14, 2011 5:38 pm
Forum: General
Topic: Winbox exit when using Ping tool from IP / neighbors
Replies: 4
Views: 1553

Winbox exit when using Ping tool from IP / neighbors

Winbox exit without error messages when using Ping tool from IP / neighbors. (mouse right button on a neighbour target).

Using Windows XP SP3.


Does anybody have the same problem ?


I've tried with Winbox 2.2.15 and 2.2.18. Same result.
by FIPTech
Mon Feb 14, 2011 11:25 am
Forum: General
Topic: 5.0rc9 and USB 3G modem support
Replies: 16
Views: 3452

Re: 5.0rc9 and USB 3G modem support

I mean for products without antenna like RB4xx


USB 5V injector is hard to find. Most of your reseller don't have it and even don't know it does exist.


I needed to add a 5V IC regulator and soldering on a RB493G to get it running.
by FIPTech
Mon Feb 14, 2011 2:32 am
Forum: General
Topic: Multiple Spanning Tree - Provider Backbone Bridge Support.
Replies: 6
Views: 5483

Re: Multiple Spanning Tree - Provider Backbone Bridge Suppor

That's would be a good news as 802.1aq was designed based on 802.1ad, 802.1ah datapaths and the 802.1ag OAM. Hope to see 802.1ah (Mac in Mac or provider Backbone bridge) implemented at the same time, so that we can bridge at provider level without the complexity of MPLS and ATM cricuits and without ...
by FIPTech
Sun Feb 13, 2011 5:29 pm
Forum: General
Topic: 5.0rc9 and USB 3G modem support
Replies: 16
Views: 3452

Re: 5.0rc9 and USB 3G modem support

Would it be possible to have integrated +5V USB power for new products ?

SXT access point do have it.
by FIPTech
Sun Feb 13, 2011 5:14 pm
Forum: General
Topic: Multiple Spanning Tree - Provider Backbone Bridge Support.
Replies: 6
Views: 5483

Multiple Spanning Tree - Provider Backbone Bridge Support.

Mikrotik, STP and RSTP are outdated protocols. Spanning tree protocol was designed 26 years ago (1985, standardised in 1990 by IEEE) when VLANs were not so popular because VoIP was not widely used. Rapid spanning tree is from 2001, 802.1w standard by IEEE. Ten years ago. Multiple Spanning Tree (802....
by FIPTech
Sat Feb 12, 2011 11:38 pm
Forum: General
Topic: firewall vulnerability?
Replies: 10
Views: 1245

Re: firewall vulnerability?

fewi, I agree too, default deny is always a good idea. Also, just a note about the connection-state=invalid action=drop , it makes sense (as it is) higher in the chain so every firewall rule isn't check against an invalid packet. Order of firewall rules can have a significant performance impact. It...
by FIPTech
Sat Feb 12, 2011 9:56 pm
Forum: General
Topic: Dude 3.6 Torch tool is not working with Ros after 5.0 rc5
Replies: 16
Views: 3478

Dude 3.6 Torch tool is not working with Ros after 5.0 rc5

It seems that Dude 3.6 Torch is not working starting with Ros 5.0 RC 6.


Can somebody confirm this ?
by FIPTech
Sat Feb 12, 2011 3:25 pm
Forum: General
Topic: Using switch chip for managing vlans ?
Replies: 2
Views: 615

Re: Using switch chip for managing vlans ?

Did you try to put New Vlan ID = "0" in the rule ? According to what i've seen inside the switch rules, there is no possibility to remove a vlan Tag. You can eventually change the vlan tag. So i think you'll need an external manageable switch to do this. Or use a software bridge (about 5 times slowe...
by FIPTech
Fri Feb 11, 2011 1:55 am
Forum: General
Topic: Meaning of "Use Src. MAC Address" in DHCP lease
Replies: 8
Views: 12074

Re: Meaning of "Use Src. MAC Address" in DHCP lease

A device behind a 802.11 client in station mode, or pseudo bridge, is hided behind the MAC of the 802.11 interface. the 802.11 interface hide the device behind, using 1 to 1 MAC NAT if there is only one device behind, or using an IP mapping table to NAT source MAC according to source IP. I don't see...
by FIPTech
Wed Feb 09, 2011 5:51 pm
Forum: General
Topic: Feature request: GPS Synchronisation
Replies: 31
Views: 5313

Re: Feature request: GPS Synchronisation

Yes a simple sync between same tower radios would be a good start. Using for example a small coax cable with SMA connectors between cards.
by FIPTech
Wed Feb 09, 2011 11:01 am
Forum: General
Topic: Feature request: GPS Synchronisation
Replies: 31
Views: 5313

Re: Feature request: GPS Synchronisation

Perfect Roaming is more complicated if the client is moving fastly, because of doppler effect. Then client position and tower positions needs to be known (by GPS ?) so that the client can compensate himself frequence adjustements during roaming. An example of perfect roaming system is the GPS system...
by FIPTech
Wed Feb 09, 2011 10:45 am
Forum: General
Topic: IPv6 and DNS
Replies: 28
Views: 15277

Re: IPv6 and DNS

Try to put the IPv6 server address in third position, i think it will not work, except if this has been corrected.
by FIPTech
Wed Feb 09, 2011 2:08 am
Forum: General
Topic: Feature request: GPS Synchronisation
Replies: 31
Views: 5313

Re: Feature request: GPS Synchronisation

It does allow as well, when global sync is achieved, to get perfect roaming between towers. If towers are not fully synchronised, then receivers need some time to resync to the channel with the PLL circuitry. This explain why GSM or DECT roaming is almost perfect; but Wifi roaming is most of the tim...
by FIPTech
Wed Feb 09, 2011 2:02 am
Forum: General
Topic: IPv6 and DNS
Replies: 28
Views: 15277

Re: IPv6 and DNS

I remember that DNS RA was working only if there was not more than two DNS server entries in DNS setup.
by FIPTech
Tue Feb 08, 2011 11:53 pm
Forum: General
Topic: IPv6 and DNS
Replies: 28
Views: 15277

Re: IPv6 and DNS

I've checked this with RC4 it was working with Linux clients.

Broken in RC8 ?
by FIPTech
Tue Feb 08, 2011 11:45 am
Forum: General
Topic: 802.11n Problem. MCS-15 not working.
Replies: 6
Views: 3471

Re: 802.11n Problem. MCS-15 not working.

Ok.

They should be grayed out if not used, so that users are not confused.


Can be extended to other details inside Winbox.
by FIPTech
Tue Feb 08, 2011 10:41 am
Forum: General
Topic: 802.11n Problem. MCS-15 not working.
Replies: 6
Views: 3471

Re: 802.11n Problem. MCS-15 not working.

Ok, this is not clear inside Winbox as there are two settings for Guard Interval even if NV2 is active :

- any

- long
by FIPTech
Tue Feb 08, 2011 10:39 am
Forum: General
Topic: IPv6 and DNS
Replies: 28
Views: 15277

Re: IPv6 and DNS

Windows XP does not support (yet) DNS over IPv6 transport. So if you disable IPv4, you can't have DNS resolution through the system IPv6 stack. Only special programs with internal DNS resolution can work, eventually taking the IPv6 DNS server address in the network settings if you set it. I hope thi...
by FIPTech
Mon Feb 07, 2011 8:03 pm
Forum: General
Topic: Please give us real PPTP....
Replies: 2
Views: 952

Re: Please give us real PPTP....

Yes MLPPP would be very interesting. This is one of the important missing things inside router OS. Bonding as been designed for LANs. Not for Internet. The only and big problem is that there is no robust Opensource Linux code freely available to do this. Most MLPPP implementations are proprietary. S...
by FIPTech
Mon Feb 07, 2011 2:38 pm
Forum: General
Topic: NV2 5 Mhz channel width does not work and WDS QOS problem
Replies: 2
Views: 996

Re: NV2 5 Mhz channel width does not work and WDS QOS proble

QOS was tested sending pings during a heavy UDP trafic session from bandwith test tool. With station bridge mode, setting priority = 7 in output mangle for ICMP at each RB SXT end do allow to get about 10 ms ping time instead of 100 - 200 ms without priority setting. With station wds mode, priority ...
by FIPTech
Mon Feb 07, 2011 2:33 pm
Forum: General
Topic: 802.11n Problem. MCS-15 not working.
Replies: 6
Views: 3471

Re: 802.11n Problem. MCS-15 not working.

I'm using NV2, with HT Guard interval "any".


HT Tx and RX chains 0 and 1 enabled.

We can see in the registered station window that HT40-7 (MCS15 ?) is not receiving packets.


Image
by FIPTech
Mon Feb 07, 2011 1:51 am
Forum: General
Topic: 802.11n Problem. MCS-15 not working.
Replies: 6
Views: 3471

802.11n Problem. MCS-15 not working.

Seems like MCS-15 is not working on RB SXT v5.0 RC8. (2 spatial streams, 64 QAM, 5/6 coding rate) Max tx/rx rate i get is 130 mbps (20 Mhz) or 270 Mbps (40 Mhz). This is only MCS-14 modulation scheme at 400 ns guard interval. I had the two polarisation enabled. And a large signal / noise ratio (62 d...
by FIPTech
Mon Feb 07, 2011 1:05 am
Forum: General
Topic: NV2 5 Mhz channel width does not work and WDS QOS problem
Replies: 2
Views: 996

NV2 5 Mhz channel width does not work and WDS QOS problem

It seems that NV2 does not work with 5 Mhz Channel bandwith. (5.0 rc8, RB SXT)

Using that, we get heavy packet loss and very low link bandwith.

No problem with 10,20 and 40 Mhz channel bandwith.


QOS does not work for me if using station WDS mode.
by FIPTech
Sun Feb 06, 2011 7:47 pm
Forum: General
Topic: Feature request for 5.0 final.
Replies: 40
Views: 6661

Re: Feature request for 5.0 final.

FIPTech, a lot of commercial vendors base their Network Operating Systems on Linux, they just develop closed source modules and user-space applications to add the required functionality and make them unique. ........... If it is a question of profitability for Mikrotik, I would be happy to pay a pr...
by FIPTech
Sat Feb 05, 2011 8:36 pm
Forum: General
Topic: TekRadius
Replies: 1
Views: 854

TekRadius

Did someone try TekRadius with Mikrotik ? Seems like a good Radius alternative.

This is free for commercial and personnal use.
by FIPTech
Sat Feb 05, 2011 1:23 pm
Forum: General
Topic: Feature request for 5.0 final.
Replies: 40
Views: 6661

Re: Feature request for 5.0 final.

VTI seems unsupported in the Linux world. I don't remember i've seen this in the OpenSwan documentation. Something that is supported inside Openswan is opportunistic encryption, with it you can share keys on a DNS server, so that each peer can connect to another one looking for the public keys on th...
by FIPTech
Sat Feb 05, 2011 1:56 am
Forum: General
Topic: Nv2 QOS
Replies: 4
Views: 3925

Re: Nv2 QOS

NV2 QOS seems to work correctly. But only in station mode. With WDS mode, it does not work for me. (5.0 rc8) You just need to setup mangle rules to define "set priority" according to http://wiki.mikrotik.com/wiki/Manual:Nv2 Then packet will be queued inside the wireless interface queues. If you need...
by FIPTech
Sat Feb 05, 2011 1:33 am
Forum: General
Topic: Feature request for 5.0 final.
Replies: 40
Views: 6661

Re: Feature request for 5.0 final.

Why not use GRE instead ?

VTI seems only to give 4 bytes less than GRE headers, but it is proprietary ?
by FIPTech
Fri Feb 04, 2011 11:55 pm
Forum: General
Topic: RouterOS v5rc8
Replies: 110
Views: 19752

Re: RouterOS v5rc8

NV2 is broken for me in station mode on a SXT-5D with 5.0 rc8.

Leds (wireless signal strenght) are not working neither.
by FIPTech
Wed Feb 02, 2011 1:35 pm
Forum: General
Topic: Feature request for 5.0 final.
Replies: 40
Views: 6661

Re: Feature request for 5.0 final.

SSTP seems only used by Microsoft and is a very young technology. Not supported by Windows XP. In the real world, Windows XP is still very present and this will not change soon. L2TP neither SSTP do allow bridging ?? L2TPv3 do allow bridging but not supported by router OS. Neither PPTP, L2TP or othe...
by FIPTech
Wed Feb 02, 2011 10:50 am
Forum: General
Topic: Feature request for 5.0 final.
Replies: 40
Views: 6661

Re: Feature request for 5.0 final.

No, it's certainly not the reason. I have previously already explained that there were many unfixed problems in the OpenVPN itself, so we have stopped development, and concentrated on more reliable projects like SSTP. We don't plan to make UDP support in OpenVPN in near future. Wich problems ? Is t...
by FIPTech
Tue Feb 01, 2011 8:55 pm
Forum: General
Topic: Feature request: GPS Synchronisation
Replies: 31
Views: 5313

Re: Feature request: GPS Synchronisation

There is no need for a GPS unit to localy synchronize transmitters. A simple coax cord chained between radio units of the same tower is enough if a global sync reference between towers of different sites is not needed. For this to work, radios need something like a 10 Mhz clock output, and 10 Mhz cl...
by FIPTech
Tue Feb 01, 2011 11:59 am
Forum: General
Topic: Feature request for 5.0 final.
Replies: 40
Views: 6661

Re: Feature request for 5.0 final.

UDP support for OpenVPN !!! desperately need this to work for a new project we'd like to build. Perhaps Mikrotik do not want to implemented this because they think that UDP is not reliable and they could have problems like with MAC Winbox access. But OpenVPN is reliable with UDP even if there are l...
by FIPTech
Sun Jan 30, 2011 11:20 pm
Forum: General
Topic: Ethernet bypass
Replies: 4
Views: 3894

Re: Ethernet bypass

I saw this on our RB1100. Never tried. I think that a relay is physically connecting wires 1 to 8 (layer 1) between the two ports if power is dropped on the router. Then removing power with a Power Control device you can get back connectivity to an urgency box. This is a radical and simple solution,...
by FIPTech
Sun Jan 30, 2011 10:42 pm
Forum: General
Topic: How to get Internet Access from a VRF
Replies: 0
Views: 369

How to get Internet Access from a VRF

How to get Internet Access from a VRF having an interface within the same network prefix than an interface in the main routing table ? The routing in this case does not work because the destination network in the VRF is the same as a connected network in the main routing table. The same problem woul...
by FIPTech
Sun Jan 30, 2011 2:51 am
Forum: General
Topic: Unreliable Metarouter Ros 5.0 RC6
Replies: 5
Views: 1421

Re: Unreliable Metarouter Ros 5.0 RC6

I would vote to remove this toy from Ros 5.0 supported feature set. If somebody is really using it, it is certainly not in a business environnement, even SMB, because of crashes. If somebody use it for educational purpose or Soho use, then it can stay with Ros 4.x without problem. In the same time t...
by FIPTech
Sat Jan 29, 2011 6:46 pm
Forum: General
Topic: Feature request: WDS4 address mode
Replies: 1
Views: 758

Re: Feature request: WDS4 address mode

MT acting as a wireless bridge uses 3-address mode, whereby the bridge uses its own MAC address to send the source’s data frames, which means the MAC address of the source device is unknown to devices on the destination network. Are you sure that they don't use 4 address mode ? WDS with only 3 addr...
by FIPTech
Sat Jan 29, 2011 5:16 pm
Forum: General
Topic: Unreliable Metarouter Ros 5.0 RC6
Replies: 5
Views: 1421

Re: Unreliable Metarouter Ros 5.0 RC6

I'm not sure Metarouter is a good idea anyway for such small serial processor units. Routing needs a rock solid real time instruction pipeline. Adding virtualisation in the path means lost packets. I was just trying it. Each time i played with that i had crashes. Even with v 4.x stable release. It w...
by FIPTech
Sat Jan 29, 2011 12:58 am
Forum: General
Topic: Unreliable Metarouter Ros 5.0 RC6
Replies: 5
Views: 1421

Unreliable Metarouter Ros 5.0 RC6

I can't get a reliable Metarouter with RB450G. (with default ROs images). The router reboots every few minutes without reason. I have 4 Metarouter instances, (16 Mo). Only the first one is bridged on Ether2. Other ones does nothing. The router has almost zero configuration. Only two IP adresses, to ...
by FIPTech
Tue Jan 25, 2011 11:34 pm
Forum: General
Topic: Packet drop when connecting through Winbox.
Replies: 4
Views: 754

Re: Packet drop when connecting through Winbox.

It's true that certainly most Mikrotik users don't care about small packet losses. But for more demanding users, professional or not, it can be a problem. There isn't a lot to do to avoid this. Using two processors and a dedicated memory bus for each one could solve the problem. - one procesor dedic...
by FIPTech
Tue Jan 25, 2011 6:54 pm
Forum: General
Topic: Packet drop when connecting through Winbox.
Replies: 4
Views: 754

Re: Packet drop when connecting through Winbox.

Connected through IP. Mac connection does not work reliabily. This is because when a packet is lost, there is no retransmission with TCP. This show that some packets are lost on Router OS. I think that Packet lost exhibit when the Ethernet chip buffer is full. (interupt has not been served by the ma...
by FIPTech
Tue Jan 25, 2011 2:43 pm
Forum: General
Topic: Roadmap for IPv6?
Replies: 98
Views: 22361

Re: Roadmap for IPv6?

That's true.

With our IPv6 PPPoE DSL links, we need to manually setup IPv6 prefix on the router. Not so evident for final customers (most of the time today nobody knows something about IPv6, but they'll need it quite fastly).
by FIPTech
Mon Jan 24, 2011 11:29 pm
Forum: RouterBOARD hardware
Topic: External clock
Replies: 0
Views: 367

External clock

Are there any mini PCI Wifi boards compatible with router OS with clock source input ?
by FIPTech
Mon Jan 24, 2011 8:49 pm
Forum: General
Topic: RouterOS and GRE tap tunnels (aka eoip)
Replies: 6
Views: 3121

Re: RouterOS and GRE tap tunnels (aka eoip)

Seems like version 5.0 can do only IP over GRE over IPv4. Not Ethernet over GRE yet. You won't be able to put a GRE tunnel interface into a bonding for example. This show that it is a level 3 interface. Not level 2. GRE is a generic tunnel. So changing the protocol descriptor, it is possible to chan...
by FIPTech
Mon Jan 24, 2011 2:16 am
Forum: General
Topic: Cisco CDP discovery in 3.10
Replies: 3
Views: 2247

Re: Cisco CDP discovery in 3.10

Is CDP still open in version 5.0 ?


I can see Mikrotik Routers from a windows LLDP agent, but the opposite is not true. Router OS does not see Windows CDP agents.

(firewall is disabled on Windows agents).
by FIPTech
Sat Jan 22, 2011 9:54 pm
Forum: General
Topic: OpenVPN - UDP?
Replies: 59
Views: 27424

Re: OpenVPN - UDP?

There is UDP OpenVPN for all kinds of mips sh!t. DD-WRT, OpenWRT, Bitswitcher, and who knows what. That's true. But when Openwrt has been upgraded from kernel 2.4 to kernel 2.6, OpenVPN stopped to work on Asus routers for example (Broadcom chips). This show that OpenVPN is not something simple. I d...
by FIPTech
Sat Jan 22, 2011 12:58 pm
Forum: General
Topic: OpenVPN - UDP?
Replies: 59
Views: 27424

Re: OpenVPN - UDP?

I'm not sure about this but i think i've read somewhere, when i studied OpenVPN some years ago, that UDP do have assembler code optimized for the destination processor and that C++ code is not available for this part of the project. This need to be verified inside the source code, but if it's true, ...
  • 1
  • 2