Community discussions

MikroTik App

Search found 48 matches

by flatbat
Sun Oct 06, 2019 6:24 pm
Forum: RouterBOARD hardware
Topic: Audience
Replies: 51
Views: 13409

Re: Audience

Audience is just using CAPsMAN and link with other CAP-devices on the third wlan similar to repeater (bridge-ap/station-bridge). It is not using WDS mesh or any specific mesh technology. Source:? The device itself..; [admin@Audience1] > /system default-configuration print script: :global ssid; #| R...
by flatbat
Thu Oct 03, 2019 4:56 pm
Forum: RouterBOARD hardware
Topic: Audience
Replies: 51
Views: 13409

Re: Audience

Audience is just using CAPsMAN and link with other CAP-devices on the third wlan similar to repeater (bridge-ap/station-bridge).
It is not using WDS mesh or any specific mesh technology.
by flatbat
Sat Sep 21, 2019 2:04 pm
Forum: General
Topic: Multihoming with srcnat
Replies: 3
Views: 628

Re: Multihoming with srcnat

Thanks, that would obviously be a clean solution, but what would be the exact reason for multihoming not working with a single router?

Is in fact firewall Connection Tracking or NAT in any way linked to upstream interface in RouterOS?
by flatbat
Sat Sep 21, 2019 1:15 pm
Forum: General
Topic: Multihoming with srcnat
Replies: 3
Views: 628

Multihoming with srcnat

Is firewall Connection Tracking or NAT in any way linked to upstream interface in RouterOS? I mean, we plan to multihome with ISP1 and ISP2 and announce the same /24 to both ISPs, and want to srcnat outbound traffic from a private network behind one of the public addresses in the /24. Default gatewa...
by flatbat
Sun Jul 22, 2018 7:57 pm
Forum: Wireless Networking
Topic: IPTV multicast via CAPsMAN ?
Replies: 2
Views: 1141

Re: IPTV multicast via CAPsMAN ?

Multicast worked technically, but there were lots of dropped packets and picture pixelation. We changed to use unicast via http and rtmp instead, and that works almost perfectly. Customer is happy.
by flatbat
Sun Mar 18, 2018 1:55 pm
Forum: Wireless Networking
Topic: IPTV multicast via CAPsMAN ?
Replies: 2
Views: 1141

IPTV multicast via CAPsMAN ?

We have a network where we today send IPTV multicast from a few servers. Users connected via cable can watch the streams, and the switches use IGMP snooping to open up for the requested stream to each client. Now some users want to watch the streams via wireless. The wireless network consists of man...
by flatbat
Thu Nov 09, 2017 8:00 pm
Forum: Wireless Networking
Topic: Problem with clients not supporting all channels
Replies: 0
Views: 310

Problem with clients not supporting all channels

We have some public locations where we provide WiFi using CAPsMAN and wAPac. There are international travellers in some areas, and many of those can not connect to our AP's on 5GHz because their clients don't support some of the channels automatically selected by CAPsMAN. Is there a country-code in ...
by flatbat
Fri Oct 13, 2017 11:37 am
Forum: Virtualization
Topic: CHR suggestions for new functionality
Replies: 157
Views: 34984

Re: CHR suggestions for new functionality

We have several places where we run CHR on AWS, both as central location for management/vpn-termination/dude and to use RouterOS for VPN-tunnels instead of having to struggle with the AWS VPN service. To take this concept further, we would really be helped by the ability to install CHR on KVM and Go...
by flatbat
Thu Aug 17, 2017 4:50 pm
Forum: General
Topic: IGMP Snooping Command
Replies: 12
Views: 18342

Re: IGMP Snooping Command

IGMP snooping is the only reason we are still buying Cisco switches. If this works, our Cisco rep will lose an account now..
by flatbat
Wed Jul 20, 2016 7:04 pm
Forum: Wireless Networking
Topic: Wireless product max distance
Replies: 60
Views: 45416

Re: Wireless product max distance

Would be nice to have some more powerful solution as well. According to the calculator a combination of NetMetal5+mANT30 in theory would reach 60km where Dynadish stops at 14km?
by flatbat
Sat Mar 12, 2016 6:49 pm
Forum: RouterBOARD hardware
Topic: cap2n / wAP in hotel corridors
Replies: 5
Views: 1302

Re: cap2n / wAP in hotel corridors

Are you using WMM? What's your preamble mode? What does "bad connectivity" means? Low signal? iphones get unregistered? captive portal doesn't show up? djdrastic, you referred to a rather old ROS version... I use all sorts of iOS devices myself, and have installations where 80% of devices are iOS b...
by flatbat
Fri Mar 11, 2016 3:08 pm
Forum: RouterBOARD hardware
Topic: cap2n / wAP in hotel corridors
Replies: 5
Views: 1302

cap2n / wAP in hotel corridors

We have been using capsman with cap2n in hotel corridors since they were released, and they have worked pretty good. They still work good, but recently we have received an increasing number of complaints about instability and bad connectivity, which seems to be mainly from users with modern smartpho...
by flatbat
Thu Mar 10, 2016 10:09 pm
Forum: Wireless Networking
Topic: Backbone relay tower with DynaDish?
Replies: 5
Views: 1313

Re: Backbone relay tower with DynaDish?

Thanks for the warning. As we may need 4-5 dishes in a single co-located tower, the interference may become a problem then. I wonder if it is worth the extra cost to use Netmetal5+mANT30+Sleeve30 instead of DynaDish in those cases..? Do you also have experience like our case with two wireless links ...
by flatbat
Thu Mar 10, 2016 10:51 am
Forum: Wireless Networking
Topic: Backbone relay tower with DynaDish?
Replies: 5
Views: 1313

Backbone relay tower with DynaDish?

I would appreciate some experienced feedback on how to deploy a wireless backbone to bridge a few wired networks in a remote location where it is not possible to pull cable. As seen in the attached image, the idea is to set up a link from the uplink location to a tower close to the remote locations,...
by flatbat
Mon Feb 15, 2016 10:52 am
Forum: Wireless Networking
Topic: Chromecast problems!
Replies: 8
Views: 4335

Re: Chromecast problems!

To use Chromecast via CAPsMAN you need to enable 'Client to client forwarding' on the datapath configuration.
by flatbat
Mon Jan 11, 2016 8:10 pm
Forum: Forwarding Protocols
Topic: Static routes with IRRToolSet
Replies: 4
Views: 1623

Re: Static routes with IRRToolSet

I agree it would be easy with BGP, but these upstreams are corporate PPPoE links with no support for BGP provided by the ISP. We need some other way to identify the ASN and set up routing.
by flatbat
Sat Jan 09, 2016 1:49 pm
Forum: Forwarding Protocols
Topic: Static routes with IRRToolSet
Replies: 4
Views: 1623

Re: Static routes with IRRToolSet

Note to self.. echo "@rtconfig printPrefixes \"/ip route add dst-address=%p/%l gateway=link4 comment=-IRR-AS2906\n\" filter AS2906" | rtconfig /ip route add dst-address=23.246.0.0/18 gateway=link4 comment=-IRR-AS2906 /ip route add dst-address=23.246.15.0/24 gateway=link4 comment=-IRR-AS2906 /ip rout...
by flatbat
Fri Jan 08, 2016 5:58 pm
Forum: Forwarding Protocols
Topic: Static routes with IRRToolSet
Replies: 4
Views: 1623

Static routes with IRRToolSet

I have a site with static routes (no BGP) to multiple transit providers where we want to optimize the path to some specific AS'es by creating static routes for their prefixes via specific providers. To automatically manage this, we were looking at tools like using peval from http://irrtoolset.isc.or...
by flatbat
Tue Jan 05, 2016 8:19 pm
Forum: General
Topic: IPSEC source port 4500
Replies: 2
Views: 1432

Re: IPSEC source port 4500

Thanks. You're right.
Replacing 'port=4500' with 'port=500' solved the problem.
With 'nat-traversal=yes' the CCR is automatically moving to port 4500 after the initial ISAKMP setup, so that port doesn't have to be specified.
by flatbat
Thu Dec 31, 2015 12:49 pm
Forum: General
Topic: IPSEC source port 4500
Replies: 2
Views: 1432

IPSEC source port 4500

We have an ipsec tunnel between a CCR and a remote site using Strongswan. It's configured to use NAT-T on port 4500, and everything works fine. But once every hour we get 5-6 errors in the CCR log, mentioning timeout trying to negotiate phase1 from the standard IKE port 500. This issue seems obvious...
by flatbat
Wed Nov 25, 2015 7:20 pm
Forum: Wireless Networking
Topic: Replacing CAPsMAN
Replies: 8
Views: 3887

Replacing CAPsMAN

We have a CAPsMAN with 'auto'-generated CA and certificate, and lots of CAPs also with certificates requested from the CAPsMAN but without 'Lock To CAPsMAN'. We need to replace the router running CAPsMAN with another larger model. How do we manage the certificates? I'm sure it would work to log in t...
by flatbat
Sun May 24, 2015 6:39 pm
Forum: Wireless Networking
Topic: Coverage for outdoor pool area
Replies: 5
Views: 779

Re: Coverage for outdoor pool area

I have very bad results with SXT2 60, with more than 12 stations it is very bad with pings over 200ms. With RB912UAG-2HPnD-OUT and sector antenna is better with over 25 stations working very good. Thanks InoX. 12 stations sounds like a serious limitation for the SXT2. What kind of antenna are you u...
by flatbat
Sat May 23, 2015 4:27 pm
Forum: Wireless Networking
Topic: Coverage for outdoor pool area
Replies: 5
Views: 779

Coverage for outdoor pool area

I need to provide public wifi for a 'typical' outdoor hotel pool area, filled with people with smartphones and laptops. It's approx 200x100 meters, with a rectangular swimmingpool in the center surrounded by a sun deck with lots of deck chairs, tables and a restaurant patio. I was initially thinking...
by flatbat
Thu Dec 18, 2014 6:34 am
Forum: General
Topic: Advise for hotel
Replies: 15
Views: 2753

Re: Advise for hotel

Sounds like the choice would be primarily between central switches and 3 cables to each room, or a single cable to a switch/router in each room.
I understand the issue in maintaining lots of devices and maybe it is a good advice to not install devices in guest rooms. But there will be lots of cables..
by flatbat
Tue Dec 16, 2014 6:21 pm
Forum: General
Topic: Advise for hotel
Replies: 15
Views: 2753

Re: Advise for hotel

Thanks for your suggestions! Cacti99 - The reason for initially not choosing RB951Ui-2HnD was that it is bigger, costs more and also has an unnecessary powerful 1000mA radio. The small 50mA in RB951-2n seemed more suitable for a small hotel room, at least on paper.. Is there any particular reason to...
by flatbat
Tue Dec 16, 2014 2:05 pm
Forum: General
Topic: Advise for hotel
Replies: 15
Views: 2753

Advise for hotel

We have been asked to deploy a network for a new 4-star hotel with 170 guest rooms. All rooms must have good wifi coverage, wired ethernet for Internet, as well as wired ethernet for a separate IPTV VLAN. The suggestion is to place a RB951-2n in each room, use one port for uplink, one port for Inter...
by flatbat
Fri Nov 25, 2011 7:15 pm
Forum: General
Topic: Routerboard as a MS l2tp/ipsec client?
Replies: 0
Views: 678

Routerboard as a MS l2tp/ipsec client?

I am trying to configure a RB to log on as a VPN client to a MS server (presumably ISA) using l2tp/ipsec, basically emulating a standard Windows-XP client. The Windows-client logon just fine, so I know it works on the server side. I first started by setting up the ipsec layer. On the first connect I...
by flatbat
Mon Oct 10, 2011 4:32 pm
Forum: Beginner Basics
Topic: Hotspot behind multiple switches?
Replies: 6
Views: 1110

Re: Hotspot behind multiple switches?

All, thanks for your response! My initial question was just if this was a known problem. Since it's apparently not, I agree with you that the issue should be in the switches downstream somewhere. ROS and hotspot configuration is unlikely to be an issue since hotspot works just fine with one and two ...
by flatbat
Mon Oct 10, 2011 8:46 am
Forum: Beginner Basics
Topic: Hotspot behind multiple switches?
Replies: 6
Views: 1110

Re: Hotspot behind multiple switches?

Yes, all switches are manageable. I'm not sure what you mean with a flat mode, but we use many different vlans. In the router the hotspot is configured on a vlan interface, and this vlan is then tagged over all switches. The switch ports on the final switch where cpe's are connected, are configured ...
by flatbat
Sat Oct 08, 2011 1:19 am
Forum: Beginner Basics
Topic: Hotspot behind multiple switches?
Replies: 6
Views: 1110

Hotspot behind multiple switches?

I have encountered an unexpected problem in a switched network, where it seems to be possible with only two switches between a client and a ROS Hotspot. This works fine: client--switchA--switchB--RB_hotspot This does not work: client--switchA--switchB--switchC--RB_hotspot The symptom is that with th...
by flatbat
Sat Jan 22, 2011 6:59 pm
Forum: General
Topic: How can Hotspot see private addresses behind customer NAT..?
Replies: 16
Views: 3811

Re: How can Hotspot see private addresses behind customer NA

Sorry, I should have been clearer on that point.. Thank's for bearing with me! Yes, the modem/routers have their own built-in DHCP-servers, which handle out addresses in the 192.168.x.x scope. On the RB1100 that runs the hotspot, there is a central DHCP server that handles out the addresses in the 1...
by flatbat
Sat Jan 22, 2011 6:24 pm
Forum: General
Topic: How can Hotspot see private addresses behind customer NAT..?
Replies: 16
Views: 3811

Re: How can Hotspot see private addresses behind customer NA

Thanks SurferTim, but I don't think you get the point..;
The 192.168.x.x addresses shouldn't be visible to the hotspot at all..?!
They should be secretly hidden behind the users' NAT modem/router..
by flatbat
Sat Jan 22, 2011 5:41 pm
Forum: General
Topic: How can Hotspot see private addresses behind customer NAT..?
Replies: 16
Views: 3811

Re: How can Hotspot see private addresses behind customer NA

Yupp, that's right. But what I don't understand is how the hotspot see the 19.168.1.0-addresses, as these are behind another NAT router (the ADSL router/modems). Look for instance at D8:5D:4C:86:80:60; This is an ADSL router/modem that is logged on and active on row 18. But on row 10 it appears agai...
by flatbat
Sat Jan 22, 2011 5:03 pm
Forum: General
Topic: How can Hotspot see private addresses behind customer NAT..?
Replies: 16
Views: 3811

How can Hotspot see private addresses behind customer NAT..?

We have a number of Hotspot servers running on different interfaces on a RB1100, which is used to authenticate ADSL users. All users have their own local ADSL modem with NAT, where they use a local 192.168.1.0 network for their internal devices. The ADSL modems get their external address from our DH...
by flatbat
Fri Nov 26, 2010 11:50 am
Forum: RouterBOARD hardware
Topic: Web Proxy on RB1100?
Replies: 6
Views: 5941

Re: Web Proxy on RB1100?

Mmmm.. you're right. I should download the RB1100 user guide and read it myself, instead of asking silly questions.. In the wrong forum as well, apparently.. (no idea why I created this thread under Virtualization). Anyway, I'll try to enable Web Proxy in one of our production RB1100 routers and see...
by flatbat
Fri Nov 26, 2010 10:05 am
Forum: RouterBOARD hardware
Topic: Web Proxy on RB1100?
Replies: 6
Views: 5941

Re: Web Proxy on RB1100?

Sorry.. still struggling..

Are you saying that the RB1100 has 512MB RAM when shipped, PLUS 512MB storage ('disk' in /store disk print) ?
by flatbat
Thu Nov 25, 2010 9:30 pm
Forum: RouterBOARD hardware
Topic: Web Proxy on RB1100?
Replies: 6
Views: 5941

Re: Web Proxy on RB1100?

I'm a bit confused about the memory on the RB1100.. It should have 512 MB internal memory, but it some places it says it's SDRAM, and in others that this is a NAND (flash). [admin@core1] > /ip proxy export # nov/26/2010 02:27:18 by RouterOS 4.10 # software id = VWJR-1NLM # /ip proxy set always-from-...
by flatbat
Thu Nov 25, 2010 8:11 pm
Forum: RouterBOARD hardware
Topic: Web Proxy on RB1100?
Replies: 6
Views: 5941

Web Proxy on RB1100?

Is it a good idea to switch on Web Proxy on a RB1100?
Would it it that case be best to expand the RAM and use the system store, or to insert a SD card and use that as a separate store for the Web Proxy? Where is the NAND in the RB1100..? Is this the 512 MB built-in memory or something else..?

Thanks
by flatbat
Fri Nov 12, 2010 12:23 am
Forum: General
Topic: Half-Bridge in RouterOS..?
Replies: 0
Views: 572

Half-Bridge in RouterOS..?

A customer has a network with an existing firewall that does not support PPPoE. The firewall is NATting a private nework on the inside. They now want to connect a PPPoE link anyway, and we thought we could solve this by puttin a MT in front of the firewall, let the MT connect the PPPoE link to the I...
by flatbat
Fri Oct 29, 2010 10:38 am
Forum: General
Topic: File copy via l2tp over high latency link
Replies: 6
Views: 1221

Re: File copy via l2tp over high latency link

I feel a bit on thin ice here, but I did the following in both servers; echo 256960 > /proc/sys/net/core/rmem_default echo 256960 > /proc/sys/net/core/rmem_max echo 256960 > /proc/sys/net/core/wmem_default echo 256960 > /proc/sys/net/core/wmem_max (The default was 124928 and max was 131071 before) N...
by flatbat
Thu Oct 28, 2010 8:59 pm
Forum: General
Topic: File copy via l2tp over high latency link
Replies: 6
Views: 1221

Re: File copy via l2tp over high latency link

Thanks for your suggestion.
But in the end, there will be lots of servers and users in both ends, so I'm not able to adjust the configs on all those. Any configs must have to be on the Mikrotik routers...?
by flatbat
Thu Oct 28, 2010 8:35 pm
Forum: General
Topic: File copy via l2tp over high latency link
Replies: 6
Views: 1221

File copy via l2tp over high latency link

Hi, I've setup two RouterOS boxes - one in Europe and one in Asia, where the normal Internet latency is about 400 ms between the endpoints. One of the routers is connected to Internet with PPPoE (MTU/MRU 1460). The other one has a direct ethernet connection to Internet. Running the Mikrotik Bandwidt...
by flatbat
Wed Aug 11, 2010 2:25 am
Forum: General
Topic: Inbound server load balancing with session affinity?
Replies: 24
Views: 9903

Re: Inbound server load balancing with session affinity?

Thanks. I missed that since PCC also seems to be developed only with outbound load balancing in mind. If inbound load balancing using MT PCC does work that simply, then I'm astonished that noone has posted any working example as this would provide much of the core functionality you get in a dedicate...
by flatbat
Tue Aug 10, 2010 3:56 pm
Forum: General
Topic: Inbound server load balancing with session affinity?
Replies: 24
Views: 9903

Inbound server load balancing with session affinity?

Hi, Is it possible to use RouterOS as an inbound load balancer with session affinity (aka persistence, stickiness, ...)? I have seen some post referring to the other way around, but no evidence that inbound load balancing would be supported. The typical scenario is if you have a single inbound wan l...
by flatbat
Thu Aug 05, 2010 9:36 pm
Forum: General
Topic: Bonding ADSL for file transfer from branch office ?
Replies: 9
Views: 2726

Re: Bonding ADSL for file transfer from branch office ?

Thanks hedele The part that makes me most curious here, is why the MT builtin Bandwidth testserver provides an almost perfect result between the two routers. Could it be related to what you say, that maybe the MT bandwidth tester is using UDP packets? I have made a few more tests, and seen that resu...
by flatbat
Thu Aug 05, 2010 5:15 pm
Forum: General
Topic: Bonding ADSL for file transfer from branch office ?
Replies: 9
Views: 2726

Re: Bonding ADSL for file transfer from branch office ?

Hi I tried this now. It works technically, but unfortunately the throughput is miserable.. The strange thing is that the MT Bandwidth Test shows very decent numbers (1.5 Mbps + 1.5 Mbps = 3.0 Mbps total), but when I route my laptop through these routers to the Internet, I only get around 200 kbps th...
by flatbat
Fri May 14, 2010 2:34 pm
Forum: Wireless Networking
Topic: Multicast kills RB433
Replies: 0
Views: 575

Multicast kills RB433

I have a small subnet with a single switch, where some users connect with cable and the majority of the users are connecting via wireless 802.1g via a RB433 connected to the same switch. There is not supposed to be any multicast in the network, but a user has tried to set up his own VNC streaming, a...
by flatbat
Tue Apr 06, 2010 11:43 pm
Forum: General
Topic: Bonding ADSL for file transfer from branch office ?
Replies: 9
Views: 2726

Bonding ADSL for file transfer from branch office ?

Hi, I have read lots of posts without really getting the full picture re. bonding of links between two locations. I have a datacenter in Europe with a high speed Internet connection coming in to a Mikrotik box. A branch office in Asia can not get a high speed connection, but is instead using two ADS...