Community discussions

MUM Europe 2020

Search found 195 matches

by deejayq
Fri Jul 01, 2016 12:49 pm
Forum: Beginner Basics
Topic: Router OS 6.x Split upload and download in simple queue
Replies: 6
Views: 1377

Re: Router OS 6.x Split upload and download in simple queue

not sure how simple queues work, but in queue tree you can limit upload and download based on packet marks
you add marks to packets in firewall mangle, where you can tell the router to mark packets from your ip's and other mark for packets to your ip'
by deejayq
Fri Jul 01, 2016 12:42 pm
Forum: Beginner Basics
Topic: Problem reaching a server
Replies: 5
Views: 949

Re: Problem reaching a server

can you ping the virtualized server outside your lan? can you connect to it some other way (ssh, http etc)? besides nat rules do you have any other rules? check if the ms sql server is visible from the internet http://www.yougetsignal.com/tools/open-ports/ (from what i saw on the web the port is by ...
by deejayq
Fri Jul 01, 2016 12:36 pm
Forum: Beginner Basics
Topic: vlan and ethernet in bridge not working
Replies: 13
Views: 1385

Re: vlan and ethernet in bridge not working

nat is only for office1 and office2 routers acces to the internet. as i said i disabled that rule, nothing changed. at the moment office1 and office2 are connected to access ports of my isp, if i don't bridge vlan114 and lan on main-office router, everything works as expected. what i noticed: if i a...
by deejayq
Tue Jun 28, 2016 11:38 am
Forum: Beginner Basics
Topic: 2 wans with same gateway (not failover)
Replies: 16
Views: 2462

Re: 2 wans with same gateway (not failover)

/ip route rule add src-address=10.10.254.0/24 table=via-207 add src-address=192.168.0.0/24 table=via-22 add src-address=192.168.1.0/24 table=via-22 add src-address=192.168.2.0/24 table=via-22 /ip route add dst-address=0.0.0.0/0 gateway=(the interface on which x.x.x.207 is set) routing-mark=via-207 a...
by deejayq
Tue Jun 28, 2016 11:02 am
Forum: Beginner Basics
Topic: vlan and ethernet in bridge not working
Replies: 13
Views: 1385

Re: vlan and ethernet in bridge not working

efaden, did you get it to work?
by deejayq
Sun Jun 26, 2016 12:19 am
Forum: Beginner Basics
Topic: vlan and ethernet in bridge not working
Replies: 13
Views: 1385

Re: vlan and ethernet in bridge not working

Main-office is the router where the problem is. I disabled the nat rule, the behaviour is the same.
by deejayq
Sat Jun 25, 2016 4:08 pm
Forum: Beginner Basics
Topic: vlan and ethernet in bridge not working
Replies: 13
Views: 1385

Re: vlan and ethernet in bridge not working

i use 192.168.0.0/29 for internal routing
both routers in office1 and office2 get their time from the internet so i need to nat their ip's.

diagram
http://creately.com/diagram/example/ipv66ga41/none
by deejayq
Sat Jun 25, 2016 2:17 pm
Forum: Beginner Basics
Topic: vlan and ethernet in bridge not working
Replies: 13
Views: 1385

Re: vlan and ethernet in bridge not working

# jun/25/2016 13:55:08 by RouterOS 6.33.3 # software id = IYGK-CLSI # /interface bridge add name=bridge1 /interface vlan add interface=ether1 name=vlan1 vlan-id=106 add interface=ether1 name=vlan2 vlan-id=114 /ip pool add name=pool1 ranges=192.168.4.2-192.168.5.254 /ip dhcp-server # DHCP server can ...
by deejayq
Fri Jun 24, 2016 10:45 pm
Forum: Beginner Basics
Topic: vlan and ethernet in bridge not working
Replies: 13
Views: 1385

vlan and ethernet in bridge not working

i have the following configuration isp --- ether1[router]ether3---lan i talked to my isp to give me 2 vlans, one for connecting to offices in other parts of the city and one for internet access. each office has it's own public ip /26 class, and in the main office we have a /25 public class. i tried ...
by deejayq
Fri Mar 18, 2016 4:13 pm
Forum: Announcements
Topic: v6.34.3 [current] is released!
Replies: 58
Views: 16740

Re: v6.34.3 [current] is released!

is it with parent=global or parent=<interface>?
global :|
my topology prevents me to use interfaces as parents.
by deejayq
Fri Mar 18, 2016 4:01 pm
Forum: Announcements
Topic: v6.34.3 [current] is released!
Replies: 58
Views: 16740

Re: v6.34.3 [current] is released!

*) queue-tree - improved nested queue limit calculation;
is there any improvement in queue tree being assigned to a single core in a multi-core router?
by deejayq
Wed Jan 20, 2016 7:45 am
Forum: General
Topic: Critical Linux Kernel Vulnerability (Kernel 3.8 and above) CVE-2016-0728 - is RouterOS affected???
Replies: 2
Views: 802

Critical Linux Kernel Vulnerability (Kernel 3.8 and above) CVE-2016-0728 - is RouterOS affected???

A root escalation vulnerability has been discovered in the recent Linux kernels starting with kernel 3.8. The following operating systems are known to be at risk/vulnerable: Red Hat Enterprise Linux 7 CentOS Linux 7 Scientific Linux 7 Debian Linux stable 8.x (jessie) Debian Linux testing 9.x (stretc...
by deejayq
Sun Jan 17, 2016 2:04 pm
Forum: Beginner Basics
Topic: good payment reminder?
Replies: 0
Views: 592

good payment reminder?

i was using on routeros 5 the script from wiki.mikrotik.com/wiki/Payment_Reminders which reminds clients from time to time about payment. the problem on routeros 6 is that once i mark connection in prerouting i can't use connection marking in forward (which i need to do). do you have a good alternat...
by deejayq
Sun Jan 03, 2016 1:22 pm
Forum: Beginner Basics
Topic: Adblocking on routeros
Replies: 7
Views: 6831

Re: Adblocking on routeros

i would try blocking packets to dns servers based on a l7 filter like this
/ip firewall layer7-protocol
add name=ads regexp="facebook|google|youtube"
by deejayq
Sun Jan 03, 2016 1:14 pm
Forum: Beginner Basics
Topic: Configuring Static IPs and routed IP blocks on Mikrotik RB493G
Replies: 4
Views: 991

Re: Configuring Static IPs and routed IP blocks on Mikrotik RB493G

first of all you can't use 2.2.2.113 on one of the servers, it has to be assigned to ether3 like 2.2.2.113/28, the servers will get ip's from 2.2.2.114 to 2.2.2.126, all having netmask 255.255.255.240 and gateway 2.2.2.113. i don't see the need for 2.2.2.96/28 if you are NAT'ing on ether1, you shoul...
by deejayq
Sat Jan 02, 2016 2:16 pm
Forum: Beginner Basics
Topic: x86 multicore hyperthreading global queue tree best practice
Replies: 3
Views: 1378

x86 multicore hyperthreading global queue tree best practice

i have a scenario in which i have to limit user traffic on a queue tree with global as parent. as i've read only one core is used for the queue tree. i have an i3-2120 with hypethreading enabled (so i have 4 virtual cores). is it better to disable hyperthreading so that routeros will use one of the ...
by deejayq
Tue May 06, 2014 3:32 pm
Forum: Beginner Basics
Topic: Block some page...
Replies: 1
Views: 657

Re: Block some page...

create address lists (for customer ip's)
redirect the traffic from those address lists to routeros web-proxy (/ip proxy)
use the first part of this tutorial http://wiki.mikrotik.com/wiki/How_to_Bl ... sing_Proxy
by deejayq
Wed Feb 05, 2014 3:06 pm
Forum: Beginner Basics
Topic: RB951G-2HnD connecting two networks
Replies: 8
Views: 1912

Re: RB951G-2HnD connecting two networks

yes of course, set the first masquerading rule out via ether 1 so that your internet will work
set the second masquerading rule out via the interface on which the mikrotik router is not the gateway.
by deejayq
Mon Feb 03, 2014 1:16 pm
Forum: Beginner Basics
Topic: Please help me
Replies: 3
Views: 867

Re: Please help me

will each of the clients be connected via PPPoE? do you assign public ip's to each client or will you be using nat?
by deejayq
Mon Feb 03, 2014 1:08 pm
Forum: Beginner Basics
Topic: How to just open ports
Replies: 23
Views: 105971

Re: How to just open ports

post export
by deejayq
Mon Feb 03, 2014 12:59 pm
Forum: Beginner Basics
Topic: RB751G-2HnD Dynamic IP Port Forwarding
Replies: 1
Views: 684

Re: RB751G-2HnD Dynamic IP Port Forwarding

when you say dynamic ip you mean that the ip your ISP gives you is dynamic or that the ip your router assigns to your computer is dynamic?
if it's the latter then make the ip static from ip->dhcp server->leases
by deejayq
Mon Feb 03, 2014 12:50 pm
Forum: Beginner Basics
Topic: Add traffic rules
Replies: 2
Views: 813

Re: Add traffic rules

you can't if you want to base speed reduction on traffic limit.
you can reduce speed based on file size the user is downloading
by deejayq
Mon Feb 03, 2014 12:46 pm
Forum: Beginner Basics
Topic: RB951G-2HnD connecting two networks
Replies: 8
Views: 1912

Re: RB951G-2HnD connecting two networks

chain src-nat action masquerade out via ether2
by deejayq
Wed Jan 29, 2014 9:30 am
Forum: Beginner Basics
Topic: NTP traffic firewall rules?
Replies: 5
Views: 1844

Re: NTP traffic firewall rules?

what are you trying to achieve?
by deejayq
Tue Jan 28, 2014 2:37 pm
Forum: Beginner Basics
Topic: 30Mbps Max through Queue? RB2011uias-in
Replies: 8
Views: 2407

Re: 30Mbps Max through Queue? RB2011uias-in

go to tools->profile to see what component of routeros is the bottleneck
by deejayq
Tue Jan 28, 2014 11:03 am
Forum: Beginner Basics
Topic: RegEx at Layer7
Replies: 4
Views: 1041

Re: RegEx at Layer7

why not add them via winbox?
by deejayq
Tue Jan 28, 2014 10:38 am
Forum: Beginner Basics
Topic: Blocking Spamhaus list
Replies: 3
Views: 8665

Re: Blocking Spamhaus list

add chain=forward src-address-list=!blacklist action=drop comment="drop BLACK LIST" disabled=no
try without exclamation mark before blacklist
exclamation mark means NOT so you're blocking everything but the spammers :)
by deejayq
Mon Jan 27, 2014 11:10 am
Forum: Beginner Basics
Topic: how to make web-filter by IP
Replies: 1
Views: 615

Re: how to make web-filter by IP

yes it's available layer 7 filtering
any cheap router from mikrotik will do it
by deejayq
Mon Jan 27, 2014 10:59 am
Forum: Beginner Basics
Topic: RB951UI-2hnd Internet OK - but DHCP issue with UniFi AP
Replies: 11
Views: 4417

Re: RB951UI-2hnd Internet OK - but DHCP issue with UniFi AP

are you sure that the computers get 192.254.1.x? because that's not a private C class.
if they are 169.254.x.y then it seems Unifi Ap is blocking dhcp packets or you've run out of ip's to offer to clients
by deejayq
Mon Jan 27, 2014 10:46 am
Forum: Beginner Basics
Topic: Bandwidth monitoring
Replies: 6
Views: 8182

Re: Bandwidth monitoring

you could enable snmp and use a third party site for monitoring ex www.odmon.com it gives you a more granular graphic Hourly (1 Minute Average), Daily (5 Minute Average), Weekly (30 Minute Average), Monthly (2 Hour Average) and Yearly (1 Day Average) i use this site because i don't want to write gra...
by deejayq
Fri Jan 24, 2014 3:34 pm
Forum: Beginner Basics
Topic: Help with setting up routing for multiple gateways
Replies: 4
Views: 1543

Re: Help with setting up routing for multiple gateways

first remove or disable all routes then ip route add dst-address=z.z.z.z gateway=y.y.y.1 distance=1 ip route add dst-address=0.0.0.0/0 gateway=g.g.g.2 distance=2 do not forget to add 2 nat masquerading rules, first one out via bridge1 (ether1+ether2) and the second one out via ether3 what i don't un...
by deejayq
Thu Jan 23, 2014 9:07 pm
Forum: Beginner Basics
Topic: Mikrotik 951G-2HnD wi-fi speed issue
Replies: 10
Views: 8814

Re: Mikrotik 951G-2HnD wi-fi speed issue

so what you're trying to achieve is n speed? because from the tests it looks like maybe your devices get connected to g. if you have a android device download wifi analyzer from google play and see what channels are occupied by other routers in the neighbourhood you may want to set tx power to 18 dB...
by deejayq
Thu Jan 23, 2014 8:57 pm
Forum: Beginner Basics
Topic: Help with setting up routing for multiple gateways
Replies: 4
Views: 1543

Re: Help with setting up routing for multiple gateways

could you please post a diagram with what you want to acomplish?
for me it was hard to follow the text you posted
by deejayq
Thu Jan 23, 2014 8:53 am
Forum: Beginner Basics
Topic: How does new-connection-mark work ?
Replies: 3
Views: 1010

Re: How does new-connection-mark work ?

i think they get marked ISP1_conn in the third rule and after that ISP2_conn in the fourth rule. if you have passthrough set to no then you will not have that problem
by deejayq
Thu Jan 23, 2014 8:44 am
Forum: Beginner Basics
Topic: Are there any RouterOS compatible SFP+ only routers?
Replies: 4
Views: 1074

Re: Are there any RouterOS compatible SFP+ only routers?

routeros works on x86 too
see here
by deejayq
Tue Jan 21, 2014 8:17 am
Forum: Beginner Basics
Topic: block https request
Replies: 6
Views: 1931

Re: block https request

i don't think it's possible without some man-in-the-middle method.
by deejayq
Tue Jan 21, 2014 8:02 am
Forum: Beginner Basics
Topic: Disconnect always while i work remotely tomikrotik 1100ah
Replies: 5
Views: 1321

Re: Disconnect always while i work remotely tomikrotik 1100a

how do you connect to it? winbox or ssh? try both options
by deejayq
Mon Jan 20, 2014 4:49 pm
Forum: Beginner Basics
Topic: load balancing problem
Replies: 3
Views: 1085

Re: load balancing problem

your rules seem messed up

try the example here
http://wiki.mikrotik.com/wiki/Manual:PCC
by deejayq
Sat Jan 18, 2014 7:10 pm
Forum: Beginner Basics
Topic: Defending DNS Amplification
Replies: 4
Views: 1880

Re: Defending DNS Amplification

create a layer 7 filter that contains your site name (for instance example.com)
add a filter rule to block incoming udp packets to port 53 and which do not contain the layer 7 rule created before.
you could also do that for tcp packets
by deejayq
Sat Jan 18, 2014 7:05 pm
Forum: Beginner Basics
Topic: block https request
Replies: 6
Views: 1931

Re: block https request

add facebook.com as an regex layer7
block requests to dst port 53 udp and the regexp you previously created
by deejayq
Fri Jan 17, 2014 12:34 pm
Forum: Beginner Basics
Topic: rb2011 strange internittent issue
Replies: 4
Views: 1516

Re: rb2011 strange internittent issue

maybe there is a problem with link speed negotiation between the router and the switch
think of a test to prove that true or false and do it
by deejayq
Fri Jan 17, 2014 12:21 pm
Forum: Beginner Basics
Topic: Issue with basic installation of RB951G-2HnD
Replies: 31
Views: 2812

Re: Issue with basic installation of RB951G-2HnD

have you tried pinging the gateway from the routerboard and using interface ether1? does it work? another thing is that maybe your ISP does not allow routers, i read somewhere that it has something to do with the ttl of the packets. one solution would be to modify the ttl but i don't have an example...
by deejayq
Fri Jan 17, 2014 12:03 pm
Forum: Beginner Basics
Topic: Easy way to block Russia & China for noobs
Replies: 5
Views: 5394

Re: Easy way to block Russia & China for noobs

why not instead of adding a rule for each cidr block, add the cidr blocks to an address-list and then add a single filter rule to block the address-list.
where did you get your cidr blocks from?
a source is here https://www.countryipblocks.net/country_selection.php
by deejayq
Fri Jan 17, 2014 11:45 am
Forum: Beginner Basics
Topic: how to access access internal lan site
Replies: 2
Views: 704

Re: how to access access internal lan site

post a picture with your network topology
i suspect some port forwarding will be involved
by deejayq
Fri Jan 17, 2014 11:42 am
Forum: Beginner Basics
Topic: Tunneling LAN port to WAN
Replies: 2
Views: 737

Re: Tunneling LAN port to WAN

bridge wan port to the lan port
(but i guess that you will want to share the internet connection to the other hosts, in which case you will want some sort of a DMZ)
by deejayq
Fri Jan 17, 2014 11:33 am
Forum: Beginner Basics
Topic: Defending DNS Amplification
Replies: 4
Views: 1880

Re: Defending DNS Amplification

well you see, the answer is in the question, when you say you have a public dns
filter the traffic to allow requests from your clients only.
by deejayq
Sun Jan 12, 2014 9:54 pm
Forum: Beginner Basics
Topic: rb2011UiAS-RM as home router
Replies: 4
Views: 5837

Re: rb2011UiAS-RM as home router

offtopic:
why would you double NAT?
why not activate bridge mode in adsl router and leave the NAT to the RB?
by deejayq
Sun Jan 12, 2014 12:44 am
Forum: Beginner Basics
Topic: Stations Not Showing In IP Neighbors
Replies: 2
Views: 1536

Re: Stations Not Showing In IP Neighbors

what type of CPE's are you using?
maybe there is some incompatibility between Mikrotik CPE's and Ubiquiti AP's
by deejayq
Fri Jan 10, 2014 10:07 am
Forum: Beginner Basics
Topic: QOS query
Replies: 5
Views: 1060

Re: QOS query

If you make two different Ip-range yes you can
or use two address-lists and mangle/queue packets accordingly
by deejayq
Fri Jan 10, 2014 10:04 am
Forum: Beginner Basics
Topic: prevent users using the network to transfer files
Replies: 3
Views: 1140

Re: prevent users using the network to transfer files

here's what i would do ip firewall filter add chain=forward action=drop src-address=192.168.x.x protocol=tcp connection-bytes=504857-0 ip firewall filter add chain=forward action=drop src-address=192.168.x.x protocol=udp connection-bytes=504857-0 ip firewall filter add chain=forward action=drop dst-...
by deejayq
Mon Jan 06, 2014 8:37 am
Forum: Beginner Basics
Topic: Layer 7 regex to match domain list
Replies: 1
Views: 23472

Re: Layer 7 regex to match domain list

i use something like this in allowing dns requests
/ip firewall layer7-protocol
add name="wireless allow" regexp=facebook.com|fbcdn.net|akamaihd.net|youtube.com|ytimg.com|yahoo.com|yimg.com|google.
by deejayq
Sun Jan 05, 2014 12:58 pm
Forum: Beginner Basics
Topic: SSTP windows error 631
Replies: 2
Views: 1952

Re: SSTP windows error 631

by deejayq
Tue Dec 24, 2013 1:37 pm
Forum: Beginner Basics
Topic: Auto block virus affected PC and auto unblock after clean vi
Replies: 1
Views: 798

Re: Auto block virus affected PC and auto unblock after clea

it depends what the virus does if it tries to connect to multiple internet hosts in a period of time you can create a rule that can add the infected host to an address-list and block access from that address-list if it only tries to infect network computers than you can't do anything because it does...
by deejayq
Tue Dec 24, 2013 1:07 pm
Forum: Beginner Basics
Topic: Ubiquiti behind Mikrotik
Replies: 14
Views: 2881

Re: Ubiquiti behind Mikrotik

if you connect to the rb1100 can you ping from it the sxt connected in port 3?
by deejayq
Tue Dec 24, 2013 12:49 pm
Forum: Beginner Basics
Topic: Muti wan load balancing by gateway ip
Replies: 2
Views: 636

Re: Muti wan load balancing by gateway ip

you can try something like single interface routing
but your clients have to be on different subnet than the dsl modems are.
by deejayq
Sun Dec 01, 2013 9:02 pm
Forum: Beginner Basics
Topic: x86 two gigabit nic's on pci throughput
Replies: 1
Views: 513

x86 two gigabit nic's on pci throughput

i have a x86 machine and currently i have two 100mbps nic's on pci, one for lan and one for wan
what i want to do is change this to two gigabit nic's
what would be the throughput?
is it limited to the speed of pci (133MBps)?
by deejayq
Tue Oct 29, 2013 8:37 pm
Forum: Beginner Basics
Topic: Line-bonding over 3G connections
Replies: 3
Views: 2300

Re: Line-bonding over 3G connections

first of all, 3G=7,2 Mbps but two bonded won't make 14,4 Mbps (usually about 70-80% of that) you then have to take into account that your download speed is dependent of the upload of the Virgin friend because the information is downloaded in his RB and then has to be uploaded to you via bonded links...
by deejayq
Tue Oct 29, 2013 7:32 pm
Forum: Beginner Basics
Topic: weekly / monthly reports
Replies: 1
Views: 551

Re: weekly / monthly reports

maybe something like this can help http://wiki.mikrotik.com/wiki/CALEA
by deejayq
Sat Oct 26, 2013 4:58 pm
Forum: Beginner Basics
Topic: UPNP problem
Replies: 2
Views: 844

Re: UPNP problem

first thing that comes to my mind is that in the scenario isp => radio => access point => your computer the external and internal interface for upnp are the otherway around in the access point than in your radio (the wireless interface is the internal interface and the ethernet interface you connect...
by deejayq
Fri Oct 25, 2013 6:35 pm
Forum: Beginner Basics
Topic: Best way to set up a proxy for someone living in China
Replies: 5
Views: 3012

Re: Best way to set up a proxy for someone living in China

well, no harm intended with that joke when you said your girlfriend uses localhost (127.0.0.1) as socks proxy ip i assumed she has a tunnel set up in putty or whatever ssh client she uses for connecting via ssh. and by port forwarding i meant that the tunnel forwards the port of your socks server to...
by deejayq
Thu Oct 24, 2013 8:19 am
Forum: Beginner Basics
Topic: RB750 with multi WAN loadbalancing not working correctly?
Replies: 3
Views: 2100

Re: RB750 with multi WAN loadbalancing not working correctly

i think you're marking the connection in the wrong chain
from the wiki example the marking of connections is done in prerouting and the marking of routes (based on connection mark) is done in prerouting and output.
try to revise your firewall rules and see if it works.
by deejayq
Thu Oct 24, 2013 8:07 am
Forum: Beginner Basics
Topic: Browser Not Working
Replies: 5
Views: 1306

Re: Browser Not Working

i wanted you to post here the results of /export compact so that i could see if there is something to do with your firewall or other settings like maybe the web-proxy (if it's enabled) etc.
by deejayq
Wed Oct 23, 2013 8:27 pm
Forum: Beginner Basics
Topic: ISP 2 from other location
Replies: 9
Views: 1478

Re: ISP 2 from other location

now i understand
i think vlan can do what you want
by deejayq
Wed Oct 23, 2013 3:15 pm
Forum: Beginner Basics
Topic: Browser Not Working
Replies: 5
Views: 1306

Re: Browser Not Working

post /export compact
by deejayq
Wed Oct 23, 2013 2:07 pm
Forum: Beginner Basics
Topic: RB750 with multi WAN loadbalancing not working correctly?
Replies: 3
Views: 2100

Re: RB750 with multi WAN loadbalancing not working correctly

maybe if you disable/remove this:
add dst-address=0.0.0.0/0 gateway=10.10.10.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=20.20.20.1 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.0.11 distance=3 check-gateway=ping
by deejayq
Wed Oct 23, 2013 1:56 pm
Forum: Beginner Basics
Topic: Best way to set up a proxy for someone living in China
Replies: 5
Views: 3012

Re: Best way to set up a proxy for someone living in China

afaik you can't use dynamic port forwarding with the ssh server in routeros.
tried it once myself with no success.
but i must be wrong, or...how people in china say: i must be wong
by deejayq
Wed Oct 23, 2013 1:50 pm
Forum: Beginner Basics
Topic: Ping outside LAN not working with Mikrotik router
Replies: 8
Views: 2372

Re: Ping outside LAN not working with Mikrotik router

your ISP may be blocking ICMP
by deejayq
Wed Oct 23, 2013 1:47 pm
Forum: Beginner Basics
Topic: Noob question - Distance between SXT 2HND and Groove 52HPN
Replies: 2
Views: 910

Re: Noob question - Distance between SXT 2HND and Groove 52H

"seeing" the other antenna is not enough, the fresnel zone has to be free of obstacles as well.
i'm glad your link is working
what throughputare you getting?
by deejayq
Wed Oct 23, 2013 1:43 pm
Forum: Beginner Basics
Topic: SXT Lite2 Usb controllers ?
Replies: 2
Views: 807

Re: SXT Lite2 Usb controllers ?

how have you come to the conclusion it has usb controller?
by deejayq
Tue Oct 22, 2013 9:12 pm
Forum: Beginner Basics
Topic: ISP 2 from other location
Replies: 9
Views: 1478

Re: ISP 2 from other location

well
i thought i understood what you wanted to achieve.
imo the only way your clients will get ip's from isp2 is if you have the pppoe server bridged with port6 (if that's the case remove the pppoe server from the bridge).
maybe if you post a drawing of the network topology i can understand better.
by deejayq
Tue Oct 22, 2013 8:16 am
Forum: Beginner Basics
Topic: noob help- 2 wan's
Replies: 7
Views: 1332

Re: noob help- 2 wan's

what you need imo are bridges with stp enabled and small path cost set on the ports in which lan cables are connected (the path with the smallest path cost is the preferred path).
http://wiki.mikrotik.com/wiki/Manual:Interface/Bridge
by deejayq
Mon Oct 21, 2013 3:43 pm
Forum: Beginner Basics
Topic: Firewall common configuration rules
Replies: 4
Views: 2811

Re: Firewall common configuration rules

keep only the rules with pppoe-out
by deejayq
Mon Oct 21, 2013 3:35 pm
Forum: Beginner Basics
Topic: How to Group IP Based Internet BW distribute?
Replies: 4
Views: 1763

Re: How to Group IP Based Internet BW distribute?

you didn't read the wiki carefully you set different address lists (you can even name the address lists GROUP_512, GROUP_256 or whatever you like) for different types of clients and you set in the queue tree different speeds to those types of clients. you than have to think about priorities (which c...
by deejayq
Mon Oct 21, 2013 3:31 pm
Forum: Beginner Basics
Topic: Failover with 4xWAN
Replies: 3
Views: 1139

Re: Loadbalancing with 4xWAN

this will solve part of your problem in an elegant way (failover)
http://wiki.mikrotik.com/wiki/Advanced_ ... _Scripting
for loadbalancing you have to search the wiki for a solution.
by deejayq
Mon Oct 21, 2013 9:29 am
Forum: Beginner Basics
Topic: How to Group IP Based Internet BW distribute?
Replies: 4
Views: 1763

Re: How to Group IP Based Internet BW distribute?

what you need is /ip firewall address-list, /ip firewall mangle (to mark connections and packets) and http://wiki.mikrotik.com/wiki/Manual:Queues_-_PCQ to queue packets based on their packet mark.
by deejayq
Mon Oct 21, 2013 9:25 am
Forum: Beginner Basics
Topic: ISP 2 from other location
Replies: 9
Views: 1478

Re: ISP 2 from other location

you don't need ip-ip tunnel.
just enable dhcp client on port 6 and see if you get an ip from ISP 2.
the idea is to have all wireless devices upto ISP 2 bridged (either thru wireless or cable).
by deejayq
Sun Oct 20, 2013 4:40 pm
Forum: Beginner Basics
Topic: Failover with 3 WAN connection. Helping = kudo's :)
Replies: 3
Views: 929

Re: Failover with 3 WAN connection. Helping = kudo's :)

post the results of /ip address print
by deejayq
Sun Oct 20, 2013 4:17 pm
Forum: Beginner Basics
Topic: noob help- 2 wan's
Replies: 7
Views: 1332

Re: noob help- 2 wan's

assuming A, B, C, D are locations (each having a routeros equipment) what are the blue lines, the dotted lines and the yellow/orange line?
by deejayq
Sat Oct 19, 2013 10:09 am
Forum: Beginner Basics
Topic: Failover with 3 WAN connection. Helping = kudo's :)
Replies: 3
Views: 929

Re: Failover with 3 WAN connection. Helping = kudo's :)

What have you tried so far?
by deejayq
Fri Oct 18, 2013 1:32 pm
Forum: Beginner Basics
Topic: i can't connect my rb433
Replies: 2
Views: 514

Re: i can't connect my rb433

with a serial cable
by deejayq
Fri Oct 18, 2013 12:49 pm
Forum: Beginner Basics
Topic: Routed Public IP Subnet
Replies: 1
Views: 762

Re: Routed Public IP Subnet

well actually the first and the last ip in the class cannot be used (assigned).
a /29 class has only 6 usable ip addresses.
so you have to set 46.31.228.17/29 as address to your lan interface.
by deejayq
Fri Oct 18, 2013 12:35 pm
Forum: Beginner Basics
Topic: Should I need RouterOS
Replies: 3
Views: 804

Re: Should I need RouterOS

RouterOS, as it's name says it's the Operating System of the router you're using.
you may be referring to something else.
by deejayq
Fri Oct 18, 2013 12:03 pm
Forum: Beginner Basics
Topic: RB750GL plex firewall rules
Replies: 1
Views: 1213

Re: RB750GL plex firewall rules

post a diagram of how the devices are connected (including the ports they're plugged in)
by deejayq
Fri Oct 18, 2013 12:00 pm
Forum: Beginner Basics
Topic: is it possible?
Replies: 2
Views: 705

Re: is it possible?

bridge port1 and port2 (grey and pink) bridge port3 and wifi (green and blue) set .2 ip on the web&mail server. set .1 ip on the first bridge set another ip on the second bridge (different ip class x.x.x.1) create dhcp server on the second bridge and start giving addresses from x.x.x. class enable n...
by deejayq
Fri Oct 18, 2013 8:26 am
Forum: Beginner Basics
Topic: ISP 2 from other location
Replies: 9
Views: 1478

Re: ISP 2 from other location

in my opinion you do have the two wan's in the same place (port 1 and port 6 of the rb1100)
from the rb1100 can you ping the gateway from the isp2?
is the link Sextant < -- > Sextant-------Omnitik----Nano Station M5 < -- > NanoM5 Bridge up and running? (tried testing it with a pc attached?)
by deejayq
Thu Oct 17, 2013 3:59 pm
Forum: Beginner Basics
Topic: ISP 2 from other location
Replies: 9
Views: 1478

Re: ISP 2 from other location

you have two ISP's and want failover? from your diagram i don't see where they are connected.
by deejayq
Thu Oct 17, 2013 3:56 pm
Forum: Beginner Basics
Topic: noob help- 2 wan's
Replies: 7
Views: 1332

Re: noob help- 2 wan's

post a diagram
by deejayq
Thu Oct 17, 2013 3:52 pm
Forum: Beginner Basics
Topic: Newbie: Changing IP addresses and port forwarding.
Replies: 4
Views: 1516

Re: Newbie: Chaning IP addresses and port forwarding.

i think a diagram would help
the 192.168.2.x ip class is shared with other devices? let's say from the talktalk?
by deejayq
Fri Oct 11, 2013 6:54 pm
Forum: Beginner Basics
Topic: Access servers on a specific port
Replies: 21
Views: 2723

Re: Access servers on a specific port

maybe you should torch to see what ports are being used.
maybe you are blocking some ports.
as far as i've read on the internet, the netbios uses broadcast packets, maybe it has something to do with that.
by deejayq
Fri Oct 11, 2013 6:18 pm
Forum: Beginner Basics
Topic: dns connection issue
Replies: 5
Views: 1253

Re: dns connection issue

had a similar experience
seemed some sort of a dos
just block the two ip's and you should be fine.
by deejayq
Mon Sep 30, 2013 10:16 am
Forum: Beginner Basics
Topic: How to route between networks without using NAT
Replies: 5
Views: 1687

Re: How to route between networks without using NAT

maybe it's a problem with the host network (the virtualization software).
maybe you should let the computers in your home network know that they can reach 192.168.1.0/24 via the host machine.
by deejayq
Mon Sep 30, 2013 10:12 am
Forum: Beginner Basics
Topic: Layer 7 facebook block
Replies: 29
Views: 148809

Re: Layer 7 facebook block

xMikes04, your regex layer7-protocol is ok but it should be used in dns requests
reject dns packets to any server with dst-port 53 and which hit the layer7-protocol
also fbcdn.net should be blocked
by deejayq
Mon Sep 30, 2013 10:01 am
Forum: General
Topic: Can't set DNS servers into my SXT Lite5
Replies: 8
Views: 1774

Re:

how can I start a terminal? Via ssh?
yes, or via new terminal in winbox (it opens a telnet session)
Which is command to set dns addresses?
/ip dns set servers=
by deejayq
Mon Sep 30, 2013 8:47 am
Forum: General
Topic: DNS-Problem
Replies: 5
Views: 1001

Re: DNS-Problem

how do you have the failover set up?
what do you expect the behavior of the router to be when isp1 is working?
by deejayq
Mon Sep 30, 2013 8:40 am
Forum: Beginner Basics
Topic: Review my setup before I deploy it
Replies: 6
Views: 1288

Re: Review my setup before I deploy it

why not connect home modem straight into RB2011UAS-RM?
by deejayq
Mon Sep 30, 2013 8:34 am
Forum: General
Topic: un-idntified traffic and CPU at 100% RB450G
Replies: 9
Views: 1564

Re: un-idntified traffic and CPU at 100% RB450G

torch on wan interface or go to ip firewall connections
what do you see?
by deejayq
Sun Sep 29, 2013 9:17 pm
Forum: Beginner Basics
Topic: Limitations problem with User Manager!
Replies: 7
Views: 2435

Re: Limitations problem with User Manager!

i think Blindschleiche suggested you use sfq for default-small type of queues instead of pfifo.
Never worked with pppoe server, but i think the default queue type it uses for the clients it's default-small.
I think the problems when using sfq is when you have more than 1024 clients.
by deejayq
Sun Sep 22, 2013 11:09 pm
Forum: General
Topic: Can't set DNS servers into my SXT Lite5
Replies: 8
Views: 1774

Re: Can't set DNS servers into my SXT Lite5

might be a bug in winbox
have you tryied to add the dns from the terminal?
by deejayq
Sun Sep 22, 2013 11:00 pm
Forum: Beginner Basics
Topic: Please Help! Queues
Replies: 2
Views: 647

Re: Please Help! Queues

make sure you don't have pass-through set to yes in your packet marking rules.
by deejayq
Sat Sep 21, 2013 12:12 am
Forum: Beginner Basics
Topic: Blocking access to google play store
Replies: 6
Views: 30721

Re: Blocking access to google play store

i would suggest a layer 7 filter with play.google.com then add a filter rule to reject all packets going to any ip on port 53 and containing the layer 7 filter you created earlier. the content option that user asaleh75 suggested would block any packet containing play.google.com, be it text, hyperlin...
by deejayq
Wed Sep 18, 2013 3:58 pm
Forum: General
Topic: Please update "supported hardware" in wiki
Replies: 13
Views: 2627

Re: Please update "supported hardware" in wiki

what equipment are we talking about and what are the prices? :P
by deejayq
Wed Sep 18, 2013 3:56 pm
Forum: General
Topic: best way to limit local and international traffic?
Replies: 10
Views: 2349

Re: best way to limit local and international traffic?

if your ISP gives you bgp you can mark the "national" routes and then mark packets based on those routes, and then the "international" traffic would be what's left after the "national" has been marked.
by deejayq
Wed Sep 18, 2013 3:49 pm
Forum: General
Topic: Mikrotik 6 and ZPH queue
Replies: 4
Views: 961

Re: Mikrotik 6 and ZPH queue

ZPH for squid?
if that's the case it translates to packets being marked with dscp.
by deejayq
Wed Sep 18, 2013 3:20 pm
Forum: Beginner Basics
Topic: (Ask) Drop Uploading
Replies: 4
Views: 831

Re: (Ask) Drop Uploading

my bad, one method would be to capture some packets from an user initiating an upload of a forbidden file, then analyze them and determine a pattern, with this pattern generate a l7 filter. but l7 is resource intensive and it would not work if the connection is https (i don't know if it's possible t...
by deejayq
Wed Sep 18, 2013 11:12 am
Forum: General
Topic: Protocol for information transfer between routers
Replies: 2
Views: 426

Protocol for information transfer between routers

It would be great if you could write a protocol that would allow information transfer between routers. Eg. let's say you have an address-list which is populated by dynamic addresses. It would be nice if this address-list could be duplicated on another router on-the-fly (for instance you have multipl...
by deejayq
Wed Sep 18, 2013 11:04 am
Forum: Beginner Basics
Topic: Share 1 Gateway for 2 subnet
Replies: 7
Views: 1835

Re: Share 1 Gateway for 2 subnet

add address = 172.16.0.0/16 interface = Ether3
you have a typo, it should be 172.16.0.1/16
by deejayq
Wed Sep 18, 2013 11:01 am
Forum: Beginner Basics
Topic: (Ask) Drop Uploading
Replies: 4
Views: 831

Re: (Ask) Drop Uploading

enable transparent web proxy in routeros
you can block downloading by file types using following code:

/ip proxy access add path=*.mp3 action=deny
by deejayq
Wed Sep 18, 2013 10:53 am
Forum: Beginner Basics
Topic: two isp and one server
Replies: 12
Views: 3554

Re: two isp and one server

maybe you could post a diagram of the network topology
by deejayq
Wed Sep 18, 2013 10:29 am
Forum: Beginner Basics
Topic: Improve my queues :)
Replies: 1
Views: 554

Re: Improve my queues :)

add this at bottom of forward list

/ip firewall mangle
add action=mark-packet chain=forward new-packet-mark=else passthrough=no

add this at queue tree

/queue tree
add name=else packet-mark=else parent=global priority=3 max-limit=2M
by deejayq
Fri Sep 13, 2013 8:56 am
Forum: Beginner Basics
Topic: Limit Wan Download/Upload Data Transfer
Replies: 3
Views: 1252

Re: Limit Wan Download/Upload Data Transfer

the 300GB limit is download+upload or just for download? in the scenario in which the 300GB are for download only you can limit the download speed via simple queue so that the 300GB quota will be met at the end of the month assuming a 30 day month like this: 30 days=2592000 seconds 300 GB=2516582400...
by deejayq
Thu Sep 12, 2013 1:22 pm
Forum: Beginner Basics
Topic: Block Whatsapp
Replies: 60
Views: 55658

Re: Block Whatsapp

are you blocking dns requests too? or just trying regexp in blocking http traffic?
by deejayq
Thu Sep 12, 2013 1:04 pm
Forum: Beginner Basics
Topic: Help:DHCP default offering lease IP for MAC without success
Replies: 7
Views: 5112

Re: Help:DHCP default offering lease IP for MAC without succ

some time ago there were some wireless routers that did not work as a dhcp client on wan and dhcp server on lan.
maybe this is the case also.
try installing dd-wrt on TP-Link 841ND, maybe that will help.
by deejayq
Thu Sep 12, 2013 12:47 pm
Forum: Beginner Basics
Topic: Unable to load some sites
Replies: 3
Views: 1087

Re: Unable to load some sites

export compact and paste it here
by deejayq
Thu Sep 12, 2013 10:03 am
Forum: Beginner Basics
Topic: Block Whatsapp
Replies: 60
Views: 55658

Re: Block Whatsapp

if the link you provided above is up to date, you could easily block packets sent to any dns server, which contain "sro.whatsapp.net", by creating a layer-7 regexp.
by deejayq
Thu Sep 12, 2013 8:22 am
Forum: Beginner Basics
Topic: how can i test WAN TO LAN throughput with x86 routerOS?
Replies: 4
Views: 2054

Re: how can i test WAN TO LAN throughput with x86 routerOS?

i think the bandwidth test in routeros could work in this scenario you have to have a computer connected to the lan and download on that computer http://www.mikrotik.com/download/btest.exe . then set it to connect to your routeros wan ip and start generating traffic. for your second question the ans...
by deejayq
Tue Aug 06, 2013 5:36 pm
Forum: Beginner Basics
Topic: Stopping of open proxy servers with Mikro Tik
Replies: 5
Views: 2528

Re: Stopping of open proxy servers with Mikro Tik

You can start by blocking incoming connections to your network on tcp ports 80, 1080, 3128 and 8080. It's only. a temporary solution. A more resource exhaustive solution would be to set up a layer7 filter but you have to know what data is being exchanged when somebody initialises a connection to one...
by deejayq
Mon Jul 01, 2013 1:30 pm
Forum: Beginner Basics
Topic: Using RouterOS to QoS your network - 2020 Edition
Replies: 117
Views: 191980

Re: Using RouterOS to prioritize (Qos) traffic for a Class C

# HELP! I don't know how to mark what is left?
just add two rules at the bottom of the script
first mark-connection with dst-address=0.0.0.0/0 (nothing else)
second mark-packet with connection mark you set on the first rule (BULK i think you named both marks).
by deejayq
Mon Jul 01, 2013 11:53 am
Forum: Beginner Basics
Topic: P2p limiting
Replies: 15
Views: 11666

Re: P2p limiting

the idea is to add to address-list addresses that open, let's say, more than 4 udp connections and 8 tcp connections to ports 1024-65535
then with this address list you can do whatever you want, like mark the packets going to 1024-65535 and then use a queue to limit the speed.
by deejayq
Sun Jun 30, 2013 11:27 am
Forum: Beginner Basics
Topic: Why need clock?
Replies: 3
Views: 810

Re: Why need clock?

and also can help identify problems and certain behaviors when examining logs
by deejayq
Sun Jun 30, 2013 11:16 am
Forum: Beginner Basics
Topic: security help as well as why router deassign and assign ip
Replies: 9
Views: 2837

Re: security help as well as why router deassign and assign

i had the same problem with a client assigning and deasigninig ip. but it was due to a faulty rj45 connector. the device on the other end was a d-link router.
after changing the rj45 the problem was gone.
by deejayq
Sun Jun 30, 2013 11:06 am
Forum: Beginner Basics
Topic: Delay after incorrect login
Replies: 1
Views: 426

Re: Delay after incorrect login

could this be the droids you are looking for?
http://wiki.mikrotik.com/wiki/Bruteforc ... prevention
by deejayq
Sun Jun 30, 2013 11:00 am
Forum: Beginner Basics
Topic: Block FACEBOOK on specific IF
Replies: 3
Views: 985

Re: Block FACEBOOK on specific IF

as i see it you can create a layer7 protocol in which you define facebook.com|fbcdn.net
and you can block the requests in filter, setting in via wireless interface, dst port udp 53 and layer 7 protocol the one you define earlier
by deejayq
Fri Apr 26, 2013 4:00 pm
Forum: Beginner Basics
Topic: QOS/Throttle for Home User
Replies: 5
Views: 1413

Re: QOS/Throttle for Home User

this can be done via connection/packet marking and queue tree, setting priorities you mark the traffic coming from your NAS, you mark the traffic not coming from your NAS you mark the traffic going to your NAS, you mark the traffic not going to your NAS marking i think it must be done in postrouting...
by deejayq
Fri Apr 26, 2013 3:15 pm
Forum: Beginner Basics
Topic: Burst Time Calculation
Replies: 13
Views: 19207

Re: Burst Time Calculation

i think he's trying to achieve what Comcast is doing with PowerBoost
by deejayq
Wed Jan 30, 2013 2:17 pm
Forum: Beginner Basics
Topic: WIFI Hotspot with low tech access points
Replies: 1
Views: 737

Re: WIFI Hotspot with low tech access points

connect the low cost ap's by wire to rb1200 and bridge their lan and wlan.
by deejayq
Wed Jan 30, 2013 1:46 pm
Forum: Beginner Basics
Topic: firewall rule for specific pppoe connections.
Replies: 3
Views: 817

Re: firewall rule for specific pppoe connections.

if the ip's you assign to your clients are static you can add the suspended client's ips to an address-list and do something like http://wiki.mikrotik.com/wiki/Payment_Reminders
by deejayq
Wed Jan 30, 2013 12:45 pm
Forum: Beginner Basics
Topic: Troubleshooting my inability to connect to facetime
Replies: 3
Views: 1671

Re: Troubleshooting my inability to connect to facetime

why not put a log rule on top of the other rules with src-address of your iphone 5 and try then to use those applications and see in logging what ports they use
by deejayq
Wed Jan 30, 2013 12:32 pm
Forum: Beginner Basics
Topic: 2 isp to 1 lan
Replies: 8
Views: 3807

Re: 2 isp to 1 lan

use two ip's that should never be offline, like google dns and opendns or something like it
if it's pingable you can use it
by deejayq
Wed Jan 30, 2013 12:22 pm
Forum: Beginner Basics
Topic: Firewall configuring
Replies: 2
Views: 596

Re: Firewall configuring

or pppoe
by deejayq
Wed Jan 30, 2013 12:18 pm
Forum: Beginner Basics
Topic: Problem installing MikroTik 5.22 on Dell PowerEdge R210 II
Replies: 16
Views: 2845

Re: Problem installing MikroTik 5.22 on Dell PowerEdge R210

There is AHCI, ATA and RAID.
i think ATA and IDE are the same thing
by deejayq
Wed Jan 30, 2013 12:16 pm
Forum: Beginner Basics
Topic: slow links
Replies: 4
Views: 583

Re: slow links

what equipment are you using? what antennas?
a noise floor that low is unbelievable imo.
by deejayq
Wed Jan 30, 2013 12:11 pm
Forum: Beginner Basics
Topic: web proxy
Replies: 2
Views: 587

Re: web proxy

maybe you have a deny and redirect rule in /ip proxy access
or maybe the dns server you have configured on your router is malfunctioning
by deejayq
Wed Jan 30, 2013 12:08 pm
Forum: Beginner Basics
Topic: Need your help !!
Replies: 2
Views: 517

Re: Need your help !!

1. what exactly is a Lan Entertainment Server? 2. if you have a free port in your rb or a free network card in your x86 routeros powered you can connect that to your friends LAN, setting an ip from 192.168.173.0/24 that does not interfere with his business and src-nat on the interface pointing to hi...
by deejayq
Wed Jan 30, 2013 12:03 pm
Forum: Beginner Basics
Topic: Simple Dual WAN Dual LAN question
Replies: 3
Views: 1271

Re: Simple Dual WAN Dual LAN question

you say LAN1 and LAN2 are connected to the same switch? same switch as in rb internal switch or other switch?
by deejayq
Wed Jan 30, 2013 11:59 am
Forum: Beginner Basics
Topic: Bandwidth limitation on mikrotik
Replies: 7
Views: 3244

Re: Bandwidth limitation on mikrotik

i would suggest you set a pfifo queue (the default queue) for every customer (20 queues are not that much for a router) with max-limit 1Mbps, the parent of the 20 queues should have a max limit of 3Mbps or even better (3*0.90)Mbps just to be sure that packets don't get queued in your ISP's router. I...
by deejayq
Wed Jan 30, 2013 11:50 am
Forum: Beginner Basics
Topic: How to connect 3 mikrotik rb411?
Replies: 1
Views: 464

Re: How to connect 3 mikrotik rb411?

try searching in the forum for point-to-multipoint or pmtp from what i understand you want the 3 routers to communicate independently in something like a triangle topology if one router goes down the others should be able to communicate to each other. If that's not the case and it's something like A...
by deejayq
Wed Jan 30, 2013 11:24 am
Forum: Beginner Basics
Topic: Problem in Mikrotik DHCP
Replies: 5
Views: 876

Re: Problem in Mikrotik DHCP

also try to use a lease time big enough (routeros default is 3 days and it's working good for me) and a good ups. before 5.22 there was a problem with dynamic assigned ip's that if the router lost power the dhcp server would loose the dynamic assignments and the ip's would change, sometimes even ass...
by deejayq
Wed Jan 30, 2013 11:19 am
Forum: Beginner Basics
Topic: Setup of a ap
Replies: 2
Views: 491

Re: Setup of a ap

don't forget to restore factory settings on that groove before bridging wireless and ethernet, just to be sure you didn't forget anything
by deejayq
Wed Jan 30, 2013 11:15 am
Forum: Beginner Basics
Topic: address-list that won't go away
Replies: 2
Views: 662

address-list that won't go away

I have a rb750 with routeros 5.20 and i used to have an address-list with metropolitan ip classes (cidr). But then i changed my provider and the new one gives me a bgp session, so i deleted all ip classes from that address-list. But the list name still shows up in winbox. I thought that some firewal...
by deejayq
Sat Dec 22, 2012 10:08 pm
Forum: Beginner Basics
Topic: Redirect all websites to a specific URL.
Replies: 1
Views: 1187

Re: Redirect all websites to a specific URL.

don't forget to add in webproxy a rule with allow to the ip of google (maybe the whole ip block /24) before deny and redirect rule.
nslookup www.google.com to see what ip google has
by deejayq
Sat Dec 22, 2012 4:14 pm
Forum: Beginner Basics
Topic: Basic QOS
Replies: 2
Views: 728

Re: Basic QOS

Mark packets in mangle forward based on your ip withpassthrough no. Mark all other graffic. In queue tree give packets with packet mark of your ip priority 1. Give prioriy to other packets mark 8.
by deejayq
Thu Dec 13, 2012 10:13 pm
Forum: Beginner Basics
Topic: bgp route reflection
Replies: 1
Views: 703

bgp route reflection

i have the following setup 3 routers out of which only one (let's call him R1) has a bgp session with my isp i want to be able to forward the routes learned from my isp to R2 and R3 how can this be done? i've tried setting client to client reflection on R1 and route reflect on the peer to my isp in ...
by deejayq
Wed Dec 12, 2012 8:44 pm
Forum: General
Topic: Sample Installations - Sticky Please
Replies: 230
Views: 137943

Re: Sample Installations - Sticky Please

One of our APs
i like the guy in the second picture
i think he did somethig wrong :P
by deejayq
Wed Dec 12, 2012 7:18 pm
Forum: Beginner Basics
Topic: best solution bgp traffic shaping?
Replies: 0
Views: 530

best solution bgp traffic shaping?

so far here's what i've done i receive local traffic ip classes via bgp session also i receive the default route (0.0.0.0/0) i want to shape overseas traffic i added two route filters one for default route/route marking, one for local traffic/route marking to a route filter chain added the chain to ...
by deejayq
Tue Nov 27, 2012 9:00 am
Forum: Beginner Basics
Topic: Aggregate bandwidth using a server in a datacenter?
Replies: 3
Views: 1714

Re: Aggregate bandwidth using a server in a datacenter?

http://wiki.mikrotik.com/wiki/Manual:Interface/Bonding

but make sure the links you are bonding have similar latencies because routeros afaik does not have Intelligent Delay-Managed Packet Queuing and Flow Sequence Recovery Engine.
by deejayq
Wed Nov 14, 2012 3:57 pm
Forum: Beginner Basics
Topic: How to block streaming ( video) in webproxy
Replies: 7
Views: 16508

Re: How to block streaming ( video) in webproxy

found this on the internet # Adobe Real Time Messaging Protocol(RTMP). By Jonathan A.P. Marpaung # Pattern attributes: works very fast # Protocol Groups: streaming_video streaming_audio # The RTMP Specification is availabe at # http://www.adobe.com/devnet/rtmp/pdf/rtmp_specification_1.0.pdf [^] # # ...
by deejayq
Wed Nov 14, 2012 3:47 pm
Forum: Beginner Basics
Topic: Mergin 2 far network into one
Replies: 7
Views: 1312

Re: Mergin 2 far network into one

replace ---dsl------internet------dsl/other internet connection--- in my diagram with wireless station-----access point-----wireless station in your diagram. same principle applies set a pptp-server on one of the routers wan ip, a pptp-client on the other router, connect the pptp-client to the ip ad...
by deejayq
Tue Nov 13, 2012 3:44 pm
Forum: Beginner Basics
Topic: mangle incoming packet issue (QoS)
Replies: 3
Views: 846

Re: mangle incoming packet issue (QoS)

you should specify the interface the traffic is coming through ex. internet---wan-router-lan---local area network traffic coming from internet to local area network is seen by the router as in via wan interface traffic coming from local area network to internet is seen by the router as in via lan in...
by deejayq
Tue Nov 13, 2012 3:36 pm
Forum: Beginner Basics
Topic: Mergin 2 far network into one
Replies: 7
Views: 1312

Re: Mergin 2 far network into one

first of all you can not test butch evans script using an ethernet cable second of all your topology is wrong what you want should be like 192.168.1.xxx---[lan-router1-wan]---dsl------internet------dsl/other internet connection---[wan-router2-lan]---192.168.1.yyy the tunnel must be made between wan ...
by deejayq
Tue Nov 13, 2012 3:17 pm
Forum: Beginner Basics
Topic: Allow Internet Users to Play Counter Stike on LAN server
Replies: 6
Views: 1646

Re: Allow Internet Users to Play Counter Stike on LAN server

maybe your isp is blocking incoming connections to your wan ip
by deejayq
Mon Nov 12, 2012 1:53 pm
Forum: Beginner Basics
Topic: How to block streaming ( video) in webproxy
Replies: 7
Views: 16508

Re: How to block streaming ( video) in webproxy

block .flv .f4v and .mp4 maybe
by deejayq
Thu Nov 08, 2012 2:42 pm
Forum: Beginner Basics
Topic: Mikrotik Youtube Routing To Other Wan (Interface)
Replies: 2
Views: 1768

Re: Mikrotik Youtube Routing To Other Wan (Interface)

what if the users use another dns server?
for facebook two domains are used facebook.com and fbcdn.net
by deejayq
Wed Nov 07, 2012 5:11 pm
Forum: Beginner Basics
Topic: Help choosing the right routing
Replies: 16
Views: 1878

Re: Help choosing the right routing

well actually it would be feasible if the management network router would have two internet connections, on one to connect to the internet and on the other to connect the gre tunnels on.
by deejayq
Tue Nov 06, 2012 10:52 am
Forum: Beginner Basics
Topic: Default Route Interface
Replies: 6
Views: 1067

Re: Default Route Interface

2 DC x.x.x.128/25 r 0.0.0.0 0 ether1 should not be there
try this, with winbox:
Interfaces Menu, select the interface ether2, 'General Tab' change the 'Master Port' to none, assuming you have routerboard, if you have x86 this will not be available.
by deejayq
Mon Nov 05, 2012 9:22 pm
Forum: Beginner Basics
Topic: problem in OS of router board rb750gl
Replies: 3
Views: 874

Re: problem in OS of router board rb750gl

can you connect to the router with winbox on it's ip address or on it's mac address?
by deejayq
Mon Nov 05, 2012 9:20 pm
Forum: Beginner Basics
Topic: Default Route Interface
Replies: 6
Views: 1067

Re: Default Route Interface

describe how you set the default route
by deejayq
Mon Nov 05, 2012 2:46 pm
Forum: Beginner Basics
Topic: Having problems getting src-nat and dst-nat with a single ip
Replies: 5
Views: 1110

Re: Having problems getting src-nat and dst-nat with a singl

why not just set 73.250.59.201 to the debian serveR?
by deejayq
Sun Nov 04, 2012 1:57 pm
Forum: General
Topic: queue tree whitout any limit, just priority.
Replies: 14
Views: 2052

Re: queue tree whitout any limit, just priority.

would setting limit-at to a very small value (ex. 1500 bytes) simulate low latency queue behaviour?
by deejayq
Thu Nov 01, 2012 11:18 am
Forum: Beginner Basics
Topic: Load balancing 2 ISP PPPOE (ISP1) & Static IP (ISP2)
Replies: 3
Views: 3201

Re: Load balancing 2 ISP PPPOE (ISP1) & Static IP (ISP2)

you want load balancing with or without failover? you just want failover?
what type of load balancing?
by deejayq
Thu Nov 01, 2012 11:06 am
Forum: Beginner Basics
Topic: RouterBoard 750 GL
Replies: 4
Views: 1482

Re: RouterBoard 750 GL

you will never be able to download on a single connection with the speed of the sum of the 2 internet connections.
but you will be able to download torrents (they create multiple connections), or http files using download accelerators by load balancing the 2 internet connections.
by deejayq
Tue Oct 30, 2012 1:17 pm
Forum: Beginner Basics
Topic: PCQ Queue - monitoring user's traffic
Replies: 1
Views: 981

Re: PCQ Queue - monitoring user's traffic

you can see traffic per ip in real time using torch
by deejayq
Thu Oct 25, 2012 8:11 am
Forum: Beginner Basics
Topic: [Ask]Applying best Bandwidth Management with ext-Proxy
Replies: 1
Views: 1133

Re: [Ask]Applying best Bandwidth Management with ext-Proxy

mark packets in forward, one mark for upload to 192.168.2.2 port 3128 protocol tcp, one mark for download from 192.168.2.2 port 3128 protocol tcp after you create two pcq queues (one for upload, one for download from proxy), traffic shaping should be done in global-out for upload and download from p...
by deejayq
Wed Oct 24, 2012 1:59 pm
Forum: Beginner Basics
Topic: what subnet should i use?
Replies: 3
Views: 764

Re: what subnet should i use?

/23
by deejayq
Wed Oct 24, 2012 12:48 pm
Forum: Beginner Basics
Topic: I'm in over my head
Replies: 3
Views: 980

Re: I'm in over my head

/ip firewall filter add chain=forward src-address=192.168.168.128/26 protocol=tcp dst-port=1723 action=accept /ip firewall filter add chain=forward src-address=192.168.168.128/26 protocol=gre action=accept should go before /ip firewall filter add chain=forward src-address=192.168.168.128/26 action=d...
by deejayq
Mon Oct 22, 2012 11:58 am
Forum: Beginner Basics
Topic: Populating email BODY with output of "/print"
Replies: 4
Views: 906

Re: Populating email BODY with output of "/print"

i think you should use get instead of print
by deejayq
Sun Oct 21, 2012 9:45 pm
Forum: Beginner Basics
Topic: can 80pc put in same subnet/netwotk?
Replies: 12
Views: 1391

Re: can 80pc put in same subnet/netwotk?

don't mean to hijack the thread, Sidi, but if you use pcq queues you can show column pcq queues in queue list to see the number of clients connected.
by deejayq
Sun Oct 21, 2012 9:41 pm
Forum: Beginner Basics
Topic: how to config my virtual microtik to receive public ip?
Replies: 3
Views: 934

Re: how to config my virtual microtik to receive public ip?

ok so you set your modem to bridge mode
now you have to set in vmware the virtual NIC in NAT mode, and port forward 8291 via vmnetcfg (from vmware) to the ip your virtual router receives from the vmware dhcp server.
by deejayq
Sun Oct 21, 2012 9:35 pm
Forum: Beginner Basics
Topic: Better Failover
Replies: 4
Views: 1070

Re: Better Failover

http://wiki.mikrotik.com/wiki/Advanced_ ... _Scripting
this is simple and in my opinion better.
by deejayq
Fri Oct 19, 2012 11:25 am
Forum: Beginner Basics
Topic: I'm in over my head
Replies: 3
Views: 980

Re: I'm in over my head

/ip firewall filter add chain=forward src-address=192.168.168.0/25 action=accept /ip firewall filter add chain=forward src-address=192.168.168.128/26 protocol=tcp dst-port=1723 action=accept (ips from 192.168.168.128-191) /ip firewall filter add chain=forward src-address=192.168.168.128/26 action=dr...
by deejayq
Fri Oct 19, 2012 11:12 am
Forum: Beginner Basics
Topic: How to block or identify connection to certain IP
Replies: 10
Views: 1410

Re: How to block or identify connection to certain IP

/ip firewall filter add chain=forward src-address-list=observed-ips action=drop
trafic from lan to lan does not pass through router
by deejayq
Fri Oct 19, 2012 10:43 am
Forum: Beginner Basics
Topic: Simple Wireless AP Setup
Replies: 7
Views: 1477

Re: Simple Wireless AP Setup

you should set a src-nat masquerade rule for clients coming from wlan delete dhcp_pool1, you don't need it delete dhcp_server1, you don't need it dhcp-server network should be something like address 192.168.1.0/ 24 gateway=192.168. 1 .1 also include some dns servers here set and ip route to destinat...
by deejayq
Wed Oct 17, 2012 3:21 pm
Forum: Beginner Basics
Topic: HTTPS through walled garden
Replies: 1
Views: 511

Re: HTTPS through walled garden

HTTPS does not encrypt the URL
by deejayq
Wed Oct 17, 2012 10:59 am
Forum: Beginner Basics
Topic: Can this loadbalance be done on rb450g
Replies: 3
Views: 619

Re: Can this loadbalance be done on rb450g

maybe this will help you
http://wiki.mikrotik.com/wiki/ECMP_load ... masquerade
i think that the LAN part of the routers is conected via a switch to the WAN part of the rb450g
by deejayq
Wed Oct 17, 2012 10:54 am
Forum: Beginner Basics
Topic: How to block or identify connection to certain IP
Replies: 10
Views: 1410

Re: How to block or identify connection to certain IP

my mistake
change the rule to action=add-src-to-address-list
by deejayq
Tue Oct 16, 2012 12:09 pm
Forum: Beginner Basics
Topic: How to block or identify connection to certain IP
Replies: 10
Views: 1410

Re: How to block or identify connection to certain IP

/ip firewall mangle
add action=add-dst-to-address-list address-list=observed-ips \
address-list-timeout=0s chain=prerouting disabled=no dst-address=\
149.20.56.32

this should add to address list observed-ips all ips that try to connect to 149.20.56.32
by deejayq
Sat Oct 13, 2012 5:18 pm
Forum: Beginner Basics
Topic: How to make queues per source/dst ip?
Replies: 3
Views: 1255

Re: How to make queues per source/dst ip?

AFAIK you cannot create dynamic queues with CIR rate what you can do is create pcq queues for client upload and download http://wiki.mikrotik.com/wiki/Manual:Queues_-_PCQ or you could try to add static queues for each client (not feasible for lots of clients) it could be nice though if routeros woul...
by deejayq
Thu Oct 04, 2012 2:00 pm
Forum: Beginner Basics
Topic: how to config my virtual microtik to receive public ip?
Replies: 3
Views: 934

Re: how to config my virtual microtik to receive public ip?

bridge or port forwarding in vmware
not an issue with mikrotik
by deejayq
Thu Oct 04, 2012 1:57 pm
Forum: Beginner Basics
Topic: Queue Tree Limit At error?
Replies: 2
Views: 853

Re: Queue Tree Limit At error?

not a bug
just as it's suppose to be
by deejayq
Wed Oct 03, 2012 7:58 pm
Forum: Beginner Basics
Topic: !fin,!syn,!rst,ack vs ack
Replies: 1
Views: 761

!fin,!syn,!rst,ack vs ack

is there any difference in setting !fin,!syn,!rst,ack for a mangle rule and setting just ack?
are there any performance issues?
by deejayq
Wed Oct 03, 2012 10:19 am
Forum: Beginner Basics
Topic: ACL Squid from DHCP Mikrotik
Replies: 2
Views: 1111

Re: ACL Squid from DHCP Mikrotik

i don't think you can what you can do is use web proxy feature of routeros. set the parent proxy and parent proxy port of web proxy to 192.168.8.3 (and the port squid is listening to) create on routeros an address-list with the ip's of the computers you want to connect via proxy. use this how to to ...
by deejayq
Wed Oct 03, 2012 9:37 am
Forum: Beginner Basics
Topic: multiple pcq queues in parent queue
Replies: 1
Views: 780

Re: multiple pcq queues in parent queue

well it seems that creating a pcq queue and using it for the parent doesn't work.
any other solutions?
by deejayq
Wed Oct 03, 2012 8:11 am
Forum: Beginner Basics
Topic: Limit torrent-dns access
Replies: 1
Views: 931

Re: Limit torrent-dns access

what do you mean by torrent-dns?
by deejayq
Tue Oct 02, 2012 4:05 pm
Forum: Beginner Basics
Topic: Multiple Wan
Replies: 9
Views: 3273

Re: Multiple Wan

i think there's something to do with the source port number used by winbox to connect to devices behind nat.
i had a similar experience with a rb behind a wireless router, the port for winbox and http from the rb were forwarded properly to the wireless router, http was working, winbox was not.
by deejayq
Tue Oct 02, 2012 3:52 pm
Forum: Beginner Basics
Topic: multiple pcq queues in parent queue
Replies: 1
Views: 780

multiple pcq queues in parent queue

i have the following scenario: inside a parent queue i have 3 child queues each of them pcq with different max-limit (10M, 20M, 30M) for 3 types of clients. +parent(queue type default, max-limit 90M) |_child1(queue type pcq, rate 10M, max-limit 90M) |_child2(queue type pcq, rate 20M, max-limit 90M) ...
by deejayq
Sat Apr 23, 2011 1:31 am
Forum: General
Topic: pcq config: pcq-limit and pcq-total-limit settings - how to
Replies: 6
Views: 3686

Re: pcq config: pcq-limit and pcq-total-limit settings - how

from my experience when setting pcq-limit to 50 i get about 1.2MBps speed, at about 150 i get about 1.8MBps speed
by deejayq
Sun Feb 27, 2011 7:05 pm
Forum: Beginner Basics
Topic: Routerboard 450G Problem with facebook and youtube
Replies: 6
Views: 1470

Re: Routerboard 450G Problem with facebook and youtube

is this router new?
have you tried resetting it?
(maybe it was configured by the former owner to block facebook and youtube)
by deejayq
Sat Feb 26, 2011 9:43 pm
Forum: Beginner Basics
Topic: Routerboard 450G Problem with facebook and youtube
Replies: 6
Views: 1470

Re: Routerboard 450G Problem with facebook and youtube

maybe the problem is at your isp
have you tried pinging www.facebook.com and www.youtube.com?
by deejayq
Wed Feb 23, 2011 8:37 am
Forum: Beginner Basics
Topic: PCQ CIR/MIR
Replies: 0
Views: 547

PCQ CIR/MIR

Hello
I have 40+ clients and i want to give them some guaranteed bandwidth (CIR) and best effort (MIR).
I want to use PCQ queues.
Does anyone know how can i do the above?
Thank you