The subject is self-explanatory and that is my feature request. I would very much like that if it is technically possible, I understand the constraints. Other suggestions (sorry if I double post): - hardware NAT on mid/high-end routers - pppoe fastrack would be nice on low end routers as I get asked...
I can also confirm that with 6.24 on AP and 6.23 on station on a 2.1km ptp link I have the same issue on nstream. Extensive data loss keeps disconnecting the station. The bug seems to have been introduced in v6.24.
Please update and close this thread if it has been fixed.
This is just a bug report. Nstream is not working anymore after upgrade to 6.25rc7 . Pooling keeps disconnecting the stations. On 6.23 CCQ is at over 90%.
Need changelog confirmation on 6.24 for CCR regarding PPTP fix from 6.23. On 6.23 when using PPTP, after a while the user connecting to the CCR cannot access the LAN behind the CCR. I have already tried using proxy-arp on the LAN interface to no avail. The only thing that seems to work is using ARP ...
I can confirm that this issue is still active today 23.12.2014 for Ubiquity devices as posted by original poster. Increasing or decreasing pooling interval does not affect graphs generated by SNMP. Traffic pulled from Ubiquity devices SNMP looks as periodic spikes. Edit: This is valid for v4.beta3 n...
There are still issues on v5.25 with the route cache. If you are using route redistribution for static routes (for example) then even if you delete a route from the routing table, the route will sometimes get advertised as redistributed. Disabling the peer and then enabling the peer does not do the ...
Hello, I have 2 issues: CCR1016-12G keeps locking up every 2 weeks. X86 version still has packet loss of over 30% on ANY Intel interfaces. VRRP is unusable. Both routers are running v6.1 Just pointing out the fact that I have mentioned this in previous posts and there is no fix even after so much ti...
Update: I have found no solution with Intel boards for 6.0. Same problem on non-Intel boards on a different system, same packet loss. X86 simply looses packets on interfaces on more than 10Kpps links. The issue also affects intra-router communications such as vrrp sessions which do not work properly...
Hello, On v5.14 /ip route rule add place-before does not work if the script is ran automatically using the scheduler or by clicking Run in winbox, and the command referring to adding the rule before another is placed in a for loop in the script. If the script is ran from terminal it works. Regards,
I also have an "internal" feature request: better granularity for multi-cpu/core x86 systems. In systems running multiple full bgp feed peers the table will grow quite big. 3 bgp full-feed peers with one ibgp peer with redistribution will grow the table to +1M routes. I do not know how ROS...
Also, sometimes the routers simply stop working. SNMP is not working anymore and Winbox logs in but shows nothing. During that time /system reboot does not work. The systems have to be rebooted by the reset button. If we try to remotely reboot them we get: /system reboot Reboot, yes? [y/N]: y system...
Note: Our systems have been upgrade from 5.8 to 5.11. We hit the now well known bugs, we downgraded to 5.8 and it wasn't as stable as before. It just kept flapping the sessions with our peers. We upgraded to 5.12 and the lack of stability continues. X86 seems to have a problem: printing the advertis...
I belive that the reboot problem lies in the support for multi-core/multi-cpu. We have downgraded from 5.11 to 5.8 and we always got "system,info,critical CRIT_: Disabled multi-cpu setting, new value will take effect after the reboot." messages in the console after the downgrade. Even days...
Same reboot problem on two different systems for 5.11: Quad AMD vs Intel I7 2600 Both have same set of features: Most important: VRRP, BGP, QoS, VLANS, Queue Management, Firewall, Bridging, Bonding, Multi-CPU on. I7 is primary, AMD is backup so it is not used as much. I7 was rebooting every 2 minute...
What's new in 5.7 (2011-Sep-14 10:54): *) ovpn client - fixed crash when user name or password together were longer than 11 symbols; *) sstp client - added an option to skip server address verification from certificate; *) fixed problem - router crashed sometimes when using USB modem; *) userman - s...
Auto does not seem to work. Manual mode is working though. As we've got a lot of dynamic filters adding rules to the end of the routing filter getting updated at 3, 6 and 10 seconds intervals, the best way I've come to so far is print (visually get the id and rule parameters); remove ; add ; print (...
Ok, I can now confirm that manually setting the filters by CLI works accordingly for the 0.0.0.0 bug by recreating the rule. Haven't got to communities yet, but I can also confirm that multiple next-hops, set-bgp-weight, set-bgp-local-pref also work and that they work accordingly tot the described B...
It would be great if the Winbox console wouldn't lock up every time after I set the new parameters. I can't get it working right... even in ssh, same problem, it just locks up. (resource usage is in normal limits, +5% increase after setting new parameters for filter but it's just locked). I guess I'...
@fewi: can't do it. @Chupaka: Ok... 1. Is there a way to fix it in 5.6? I've downgraded to 5.4 and still same issues (I'm lucky vrrp is still working) 2. Will upgrading to 5.7 fix this issues? 3. One other big issue is the fact that if we set multiple NextHops for different ISP sessions the gateways...
Yes but it seems there are even bigger issues. Route filters simply do not work, and this is the most serious of all: prepends, weights, communities, and the whole filtering process simply does not apply the filters for incoming bgp routes or outgoing bgp advertisments. This is actually tragic. I've...
We've just upgraded to 5.6 and we're having massive trouble with it, we're running it on a six core system. There are 3 key points that broke down really bad. On the router in question we're currently running the following "services": - L7 firewall - queueing / packet marking - 7 bgp full ...
I also confirm the default route filter problem and I have also disabled rstp on one of the bridge interfaces. The disconnects have stopped meaning rstp is not working properly anymore (compared to 4.16). Edit: new problem. If you have winbox connected to v5.2 and you hit refresh on an IGP peer then...
I also confirm the memory leak. Also, there are other problems that need attending. The current system we're testing v5.2 is Intel quad core with 2 GB of ram. We're running bgp, with 3 peers providing full bgp table and also 3 bgp peers providing partial routes and 1 IGP peer. There are some issues:...
Ok, so I've been running a Dual Core AMD X2 CPU + v4.16 The usual load was between 30% to 50%. Sometimes, in unusual circumstances the load went up to 100%. So I've decided to upgrade the AMD dual core to an AMD Quad Core. Immediately after the upgrade (just the cpu was replaced from 2x 1.7 to 4x 3....
Does the memory usage is growing and growing until there is no free memory and router hangs? From graphs it doesn' t look that way. Yes it does, but it takes weeks. Had 2 lock-ups at about 200-250 MB RAM free in the system and had to reboot it. Edit: There you go, it just keeps rising. http://i55.t...
Indeed I thought that the routes were getting in pretty slow but that depends on the CPU quite a lot. If you have a quad cpu and a lot of bandwidth between the peers you'll get them pretty fast at about 70-80 Mbps. What is quite annoying is that if the router receives a lot of packets (more than it ...
Yes, I am doing periodic refresh using a script but the problem is in the fact that when scripts are involved which insert rules before a certain number, that number does not get updated on the first change, it gets updated on the second change and stays behind by a factor of -1. So that does not fi...
Well, is that a really a valid point for the limit? In our case we announce /32 IP blocks from the network area. That is the setup, that is what we need, and that is why we do not use Cisco, but Mikrotik, as we have the flexibility to use scripting to our own interest, so it is automated by scripts....
What you need is VRRP. You need: - to set up vvrp on internal network for redundancy (you can use 2 masters and one slave, but i would suggest using just one master and 2 slaves with different priorities) - to set up bgp peering sessions on same table (default) on all routers - to set up IGP with co...
Hello, there is an issue regarding route filters. If some route filters are added by using a script which uses "place-before" Like this /routing filter add chain=CHAIN prefix=$MY_VAR action=accept place-before=0; Then the route filters stop working right. If we add a new rule somewhere ins...
http://wiki.mikrotik.com/wiki/Manual:BGP_HowTo_%26_FAQ#Question:_How_to_announce_routes.3F If your don't have many routes to announce and want the best control over them, use BGP networks or aggregates. Note that both maximal BGP network and aggregate count is limited to 200. Otherwise use route re...
A question about v5 features (btw I personally like the burst for PCQ and the gre for cisco compatibility): In an article posted by Mikrotik (I do not have the link) it said that RouterOS supports 200 networks or aggregates in bgp announcement. Will this limitation be removed? I don't know any such...
A question about v5 features (btw I personally like the burst for PCQ and the gre for cisco compatibility):
In an article posted by Mikrotik (I do not have the link) it said that RouterOS supports 200 networks or aggregates in bgp announcement. Will this limitation be removed?
Indeed, AMD moves better with both v4.16 and v5 so we prefer it, we'll soon be replacing it with a quad AMD (it's desktop series CPU do not imagine Opteron series or anything like that), but Intel is dead when full table is used. It's just locked for the time being. Well, at least the one we use. In...
@normis: Do NOT even say that there is no proof there are routing problems. We have decided to go with 5.0rc8 for further testing to be able to contribute with information to the further development of Mikrotik solutions (which we are big fans of) but you have to agree that when there are multiple ...
Update: Also, some vrrp IPs do not show up in the routing table at all, the IPs have to be disabled and re-enabled. As we are using full bgp tables, we've also noticed that some classes do not show up at the other end although they show up in announcements. This does not happen when one full bgp pee...
Ok, a new report about v5rc8. So far I've noticed: Upgrade from 4.16 to 5.0rc8 fails in many ways. Some of them: - vrrp interfaces get the interval modified from 1 to 100.00. - bgp fails dramatically as IGP is not working properly. If igp is used, the local networks routes get installed and active i...
Tarpit it. You can only tarpit a tcp connection. There is no connection involved. It's just like me sending a lot of traffic to you to IP_ADDR on port whatever (6733 let's say). The port is closed, but you still get congested from the huge amount of traffic and there is no connection which you can ...
version: RouterOS 4.9 We are also using BGP with full routes and partial table for metro access. We are currently receiving 2 full tables and 2 metro tables on each of our routers. We have 2 routers with vrrp enabled. We are currently experiencing the following problems: 1. bgp advertisments sometim...
Finally a feature request, something I need and RouterOS is lacking: rate limit by destination (without any connection being involved in this) so that I can do a clean pipe in case of ddos.
This is already implemented for SYN and it works ok. The problem is when the traffic is not connection oriented like UDP flood traffic. In this case we need an indicator that there is a problem. The best one is incoming speed as it breaks shaping and I need to collect it interface based and not pack...
I have limited bandwidth capacity, as everybody for that matter. If I get flooded really bad, I get congestion on my link. I want to set up a filter which can do the following: if enough traffic is going towards the SAME IP, nomatter what the source is or if multiple sources are involved, I want to ...
You need to set up a script which basicly works with the IP addresses and address lists. You deny the traffic you wish to the BACKUP list (which is active only if the backup line is online) and you allow the traffic to the MAINSTREAM list (which is active when you have both or one dsl unlimited line...
Yes. We do it the following way: - We've set up IP / Packet flow v5 on the routers and we send the flows to a linux monitoring server - There we pick up the flows with a flow collector and send them to 2 temporary local streams (pmacct/nfacct) - The local streams get incremented with the bytes per I...
Hi all. Great forum for a great product. Here is my problem. I want to do the following: I have X bandwidth capacity. I unfortunately have problems with some servers being flooded. How can I make the following work: - filter the destination address by incoming speed? (I will null route it) I have to...