Community discussions

MikroTik App

Search found 77 matches

by netzwerghh
Tue Apr 09, 2024 12:55 pm
Forum: Forwarding Protocols
Topic: BGP filter for attributes cluster-list and originator-id to EBGP-peers
Replies: 2
Views: 2330

Re: BGP filter for attributes cluster-list and originator-id to EBGP-peers

Thank you sri2007, this is exactly also our problem. We have two customers using Cisco gear and the logs of their devices are flooded with messages about BGP advertisements having those attributes. For Mikrotik-Devs: RFC4456 (introducing route reflection and mentioned attributes, https://datatracker...
by netzwerghh
Sat Dec 02, 2023 1:37 pm
Forum: Forwarding Protocols
Topic: IXP only traffic
Replies: 7
Views: 1916

Re: IXP only traffic

Good to hear. We are using large communities. We tag incoming routes this way: own-as:information-id:value Example: Say our AS is 65536 We use following information types: 40: Country 40:1 Germany 40:2 Netherlands 41: City 41:1 Frankfurt 41:2 Amsterdam 42: Internet-Exchange 42:1 De-CIX FRA 42:2 AMS-...
by netzwerghh
Thu Nov 30, 2023 8:02 pm
Forum: Forwarding Protocols
Topic: IXP only traffic
Replies: 7
Views: 1916

Re: IXP only traffic

You should use filters on incoming prefixes to assign self defined communities to the prefixes. So you could tag all prefeixes learned at an IXP with your "IXP community" and all prefiexes learned from your upstream with your "upstream community". Then you can define a filter to ...
by netzwerghh
Wed Nov 08, 2023 5:08 pm
Forum: Forwarding Protocols
Topic: BGP filter for attributes cluster-list and originator-id to EBGP-peers
Replies: 2
Views: 2330

BGP filter for attributes cluster-list and originator-id to EBGP-peers

Hi! Is it possible to remove those attributes to routes advertised to ebgp peers via filter? We have some downstream AS which get routes from us. These attributes are being injected in BGP routes propagated via our internal bird route reflectors. In our own routers this information is useful. So we ...
by netzwerghh
Thu Sep 28, 2023 4:56 pm
Forum: Forwarding Protocols
Topic: [ROS7.11.2] bgp-large-communities not applied for IPv6 routes
Replies: 2
Views: 1569

Re: [ROS7.11.2] bgp-large-communities not applied for IPv6 routes

Hi,

this is exactly how we are doing this also on 7.11.2 and it works on all of our peers. Sometimes sessions need to be disabled and reenabled when changing route filters especially when you add or move an entry in the filter chain.

Dennis
by netzwerghh
Tue Sep 26, 2023 1:52 pm
Forum: Forwarding Protocols
Topic: BGP Best Path Selection with MED
Replies: 8
Views: 5346

Re: BGP Best Path Selection with MED

Thank you!
by netzwerghh
Tue Sep 26, 2023 1:29 pm
Forum: Forwarding Protocols
Topic: BGP Best Path Selection with MED
Replies: 8
Views: 5346

Re: BGP Best Path Selection with MED

As far as I can see by looking at attributes routes do not meet the criteria to be selected as best: https://help.mikrotik.com/docs/display/ROS/BGP#BGP-Best-PathSelection Hi mrz, yes. I've overread the part in MED comparison that only pathes with the same leftmost ASN are compared for MED. So could...
by netzwerghh
Tue Sep 26, 2023 1:22 pm
Forum: Forwarding Protocols
Topic: BGP Best Path Selection with MED
Replies: 8
Views: 5346

Re: BGP Best Path Selection with MED

I've just found an old support request of mine (SUP-84730) regarding this topic and saw that Maris answered this. From https://help.mikrotik.com/docs/display/ROS/BGP#BGP-Best-PathSelection Prefer the path with the lowest multi-exit discriminator (MED). The router compares the MED attribute only for ...
by netzwerghh
Tue Sep 26, 2023 12:48 pm
Forum: Forwarding Protocols
Topic: Route Filter Comments
Replies: 2
Views: 2424

Re: Route Filter Comments

+1 for this!

Inline comments would be great since new route filters are more like a script with multiple lines in one entry.
by netzwerghh
Tue Sep 26, 2023 12:25 pm
Forum: Forwarding Protocols
Topic: BGP Best Path Selection with MED
Replies: 8
Views: 5346

Re: BGP Best Path Selection with MED

Hey Mikrotik, this issue is still persisting and is really annoying. Because sometimes it works as expected and sometimes it's doing crap. Or can someone tell me why the active route is preferred over one of the last two routes. Which have same path length, same local-pref, same origin but different...
by netzwerghh
Fri Aug 04, 2023 11:33 am
Forum: Forwarding Protocols
Topic: BGP v7.10.2 readvertisement of ebgp learned routes to ebgp peers stopped working in v7.10
Replies: 2
Views: 2120

Re: BGP v7.10.2 readvertisement of ebgp learned routes to ebgp peers stopped working in v7.10

What are we supposed to debug with? Share the config of the routing filters. Good point. I updated the original post and added route filters that might affect the prefixes in question. I can not post our full filters. That is too much. The referenced "discard"-filters are doing exactly wh...
by netzwerghh
Thu Aug 03, 2023 2:07 pm
Forum: Forwarding Protocols
Topic: BGP v7.10.2 readvertisement of ebgp learned routes to ebgp peers stopped working in v7.10
Replies: 2
Views: 2120

BGP v7.10.2 readvertisement of ebgp learned routes to ebgp peers stopped working in v7.10

We have some CCR2216 with multiple external BGP feeds (eBGP). Our CCRs are exchanging learned routes via Bird route reflectors (iBGP). The CCRs are readvertising all learned routes to the route reflectors and are getting the routes from the other CCRs from the route reflectors. This is working fine....
by netzwerghh
Mon Feb 20, 2023 4:04 pm
Forum: RouterOS beta
Topic: Process "routing policy configuration" high cpu
Replies: 5
Views: 2380

Re: Process "routing policy configuration" high cpu

anav, thanks. Yes I know how to file a support request. Will do this the next time someone triggers this on one of our routers. I'm not very keane in triggering this behaviour on our production routers now ;-)
by netzwerghh
Mon Feb 20, 2023 4:01 pm
Forum: RouterOS beta
Topic: Process "routing policy configuration" high cpu
Replies: 5
Views: 2380

Re: Process "routing policy configuration" high cpu

I know that it is a bad idea to open the route list in winbox on a full table router. But one of my colleagues did not know when he wanted to change a static route. Also it might happen accidentially that you open the route list. If you do so. The routing process should clearly not go crazy.
by netzwerghh
Mon Feb 20, 2023 2:29 pm
Forum: RouterOS beta
Topic: Process "routing policy configuration" high cpu
Replies: 5
Views: 2380

Process "routing policy configuration" high cpu

We are running some full tables on our CCR2216 with RouterOS 7.7 stable. If you open the route list in winbox sometimes the process "routing policy configuration" goes up to 100% cpu usage and stays there. We let it do so for more than a day but it didn't come back to normal. You can see t...
by netzwerghh
Mon Feb 20, 2023 2:11 pm
Forum: General
Topic: storm-rate and ingress/egress rate limits Traffic-Storm-Control
Replies: 9
Views: 2779

Re: storm-rate and ingress/egress rate limits Traffic-Storm-Control

PPPoE is a CPU based process last I checked.Not sure how the cpu load would look, but isnt a CRS3x a better switch than 'route/network' device.. Would a RB5009 or CCRxxxx series be better to do what you want in PPPoE and QoS.. Anyhow try CPU and use packet/connection marking in mangle and then use ...
by netzwerghh
Mon Feb 20, 2023 2:08 pm
Forum: General
Topic: storm-rate and ingress/egress rate limits Traffic-Storm-Control
Replies: 9
Views: 2779

Re: storm-rate and ingress/egress rate limits Traffic-Storm-Control

pleaso confirm what version of routeros are you running on your CRS 317
It's 7.7.
by netzwerghh
Thu Feb 16, 2023 12:13 pm
Forum: General
Topic: storm-rate and ingress/egress rate limits Traffic-Storm-Control
Replies: 9
Views: 2779

Re: storm-rate and ingress/egress rate limits Traffic-Storm-Control

Hallo Christian,

have you found a solution to your problem? We have just realized that we have a similar problem with our CRS317-1G-16S+.
If we just limit egress rate everything works as expected. But if we limit ingress and egress traffic hardly reaches configured limits.

Cheers
Dennis
by netzwerghh
Tue Jan 03, 2023 7:58 pm
Forum: Forwarding Protocols
Topic: v7: BGP - dump-saved-advertisements
Replies: 24
Views: 7630

Re: v7: BGP - dump-saved-advertisements

Moved to /routing/bgp/advertisements in the final version.
Thank you!
by netzwerghh
Tue Jan 03, 2023 5:36 pm
Forum: Forwarding Protocols
Topic: v7: BGP - dump-saved-advertisements
Replies: 24
Views: 7630

Re: v7: BGP - dump-saved-advertisements

@IPANetEngineer
is that on v7.5?

It's on 7.6 beta8 that was just released
Didn't this functionlity made it in 7.6 stable? I do not have /routing/stats/adverts in my cli.
by netzwerghh
Tue Nov 15, 2022 8:06 pm
Forum: RouterOS beta
Topic: BGP best path selection algorithm sometimes runs in wrong behaviour resulting in update loops
Replies: 1
Views: 2714

Re: BGP best path selection algorithm sometimes runs in wrong behaviour resulting in update loops

This is still happening in ROS 7.6. It seems MED-comparision sometimes just get's it wrong. Same LOCAL-PREF, same path-length (although different path), same origin, different MED. But only sometimes. Most times ROS get's it right. Or there somehing I don't see? Router-ID is same on all BGP template...
by netzwerghh
Wed Jun 29, 2022 4:11 pm
Forum: Forwarding Protocols
Topic: Route subnet to specific upstream provider
Replies: 1
Views: 805

Re: Route subnet to specific upstream provider

Hi, what are you announcing to the two providers? Do you have more than one public /24? The only way to control ingress traffic via BGP over two providers in your case is to have at least 2 /24 prefixes. You would announce one to Orange and the other to Telia. You can for redundancy also announce th...
by netzwerghh
Thu Jun 16, 2022 4:34 pm
Forum: General
Topic: Check for updates error
Replies: 7
Views: 936

Re: Check for updates error

I can confirm this. Futher investigation turns out, that mimas.mt.lv is responding with the wrong NS record: [root@dns02 ~]# dig upgrade.mikrotik.com @mimas.mt.lv ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.9 <<>> upgrade.mikrotik.com @mimas.mt.lv ;; global options: +cmd ;; Got answer: ;; ->>HEAD...
by netzwerghh
Wed Jun 15, 2022 2:21 pm
Forum: RouterOS beta
Topic: BGP best path selection algorithm sometimes runs in wrong behaviour resulting in update loops
Replies: 1
Views: 2714

BGP best path selection algorithm sometimes runs in wrong behaviour resulting in update loops

We are operating 5 CCR2004 with RouterOS 7 for our backbone and maintaining peering sessions at DE-CIX FRA, HAM, DUS, MUC and AMS-IX as well as to our upstream providers. Routes between those 5 routers are being exchanged via linux bird route reflectors in order to avoid full mesh bgp sessions. Zeic...
by netzwerghh
Tue Jun 14, 2022 6:56 pm
Forum: RouterOS beta
Topic: BGP affinity does not work as expected
Replies: 5
Views: 2529

Re: BGP affinity does not work as expected

There is separate processes for * 194.39.187.6 input * 194.39.187.6 output * input and output for 2a01:55e0::b00, 194.39.187.7,2a01:55e0::b000, 2a01:55e0::b000 * and one more process for the rest of session input and output. If you think that some of the sessions must be separate processes too, the...
by netzwerghh
Mon Jun 13, 2022 9:06 pm
Forum: RouterOS beta
Topic: BGP affinity does not work as expected
Replies: 5
Views: 2529

Re: BGP affinity does not work as expected

And this is from another router where I set all affinity alone for input. And output ist set to input. This seems to work mostly. But you can see that there are some double sessions to the same peer which is actually only one session. But it seems there remains some kind of dead session in the proce...
by netzwerghh
Mon Jun 13, 2022 9:00 pm
Forum: RouterOS beta
Topic: BGP affinity does not work as expected
Replies: 5
Views: 2529

Re: BGP affinity does not work as expected

What is the output of /routing/stats/process/print detail Here is the output: # jun/13/2022 19:49:16 by RouterOS 7.2.3 # software id = T29D-1BVX # Flags: A - abandoned 0 tasks=routing tables,rib private-mem-blocks=40.2MiB shared-mem-blocks=56.8MiB pss=0 rss=0 vms=0 id=main pid=108 rpid=0 process-ti...
by netzwerghh
Mon Jun 13, 2022 4:38 pm
Forum: RouterOS beta
Topic: BGP affinity does not work as expected
Replies: 5
Views: 2529

BGP affinity does not work as expected

Hi! I'm experimenting with input.affinity and output.affinity. It does not work as expected. If I chose input.affinity=remote-as , I would expect the BGP input-processes are being grouped by remote-as-number. But my router is grouping them all together as if it is not looking at remote-as but at loc...
by netzwerghh
Mon Jun 13, 2022 2:09 pm
Forum: Forwarding Protocols
Topic: General packetloss in ROS7 and multiple full BGP
Replies: 12
Views: 3740

Re: General packetloss in ROS7 and multiple full BGP

Hi Dennis! We are running all processes in "alone". The other settings gave worse results. That would make me uncomfortable if 100+ sessions start to eat up my 4 cores. Might lead to hold timer timeouts. If that happens to a full table stream, that would be bad. Might lead to even more pa...
by netzwerghh
Mon Jun 13, 2022 2:03 pm
Forum: Forwarding Protocols
Topic: General packetloss in ROS7 and multiple full BGP
Replies: 12
Views: 3740

Re: General packetloss in ROS7 and multiple full BGP

BGP sessions themselves or how affinity is set cannot influence whether interfaces are dropping packets. These processes just receives the routing information picks the best route and passes it to the FIB. So changing BGP affinities will not affect packet loss on the router. Since there is no menti...
by netzwerghh
Mon Jun 13, 2022 1:32 pm
Forum: Forwarding Protocols
Topic: General packetloss in ROS7 and multiple full BGP
Replies: 12
Views: 3740

Re: General packetloss in ROS7 and multiple full BGP

Hi, We are expericing some low amount of packeloss per node in our network running pure OSPF/BGP on darkfiber. I believe this has to do with BGP updates affecting the routed traffic. The boxes 2216s, 1072s and 2004s are only running a couple of gigabit. We have 2m routes in the tables from various ...
by netzwerghh
Tue Jun 07, 2022 9:36 pm
Forum: Announcements
Topic: v7.3 and v7.3.1 [stable] is released!
Replies: 269
Views: 81218

Re: v7.3 [stable] is released!

Hello, After the update of multiple RB3011UiAS-RM devices from v7.2.3 (with Routerboard firmware as well on v7.2.3) to v7.3, the devices went into boot loop and we are unable to get them into Etherboot or Bootloader mode either. My colleague is taking them to Mikrotik office as of this moment (in R...
by netzwerghh
Tue May 31, 2022 1:45 pm
Forum: RouterOS beta
Topic: TTL exceeded ICMP reply should come from IP of interface the packet entered the router instead of leaving interface IP
Replies: 4
Views: 5458

Re: TTL exceeded ICMP reply should come from IP of interface the packet entered the router instead of leaving interface

Not entirely clear whether complaint is that ROSv7 operates differently than ROSv6, or just source selection in general? Regarding v6 and v7 difference behaviour is the same, source will be picked form the out interface. Regarding what is the correct behaviour - it depends. We will consider adding ...
by netzwerghh
Tue May 31, 2022 11:22 am
Forum: RouterOS beta
Topic: TTL exceeded ICMP reply should come from IP of interface the packet entered the router instead of leaving interface IP
Replies: 4
Views: 5458

Re: TTL exceeded ICMP reply should come from IP of interface the packet entered the router instead of leaving interface

You can suggest them to enable icmp_errors_use_inbound_ifaddr on kernel.

It can solve your issue.
That sounds like a good idea. Or let this at least be an option to be configured.
by netzwerghh
Mon May 30, 2022 11:50 pm
Forum: RouterOS beta
Topic: TTL exceeded ICMP reply should come from IP of interface the packet entered the router instead of leaving interface IP
Replies: 4
Views: 5458

TTL exceeded ICMP reply should come from IP of interface the packet entered the router instead of leaving interface IP

I came across a strange issue when doing some traceroutes through, from and to our network. With multiple upstreams and BGP there is often asymetric routing because my routing policy towards an external network might be different than the policy of that network towards me. This might lead to ICMP pa...
by netzwerghh
Tue May 24, 2022 5:16 pm
Forum: RouterOS beta
Topic: How to show OSPF route costs in RouterOS 7?
Replies: 5
Views: 4116

Re: How to show OSPF route costs in RouterOS 7?

You can see the cost with the following command. But at the moment you can not see the OSPF candidates. Hope this will come back soon. As this was possible to see under the OSPF menu in Router OS 6.
/rouing/route/print detail where ospf
by netzwerghh
Sat May 21, 2022 12:42 am
Forum: Forwarding Protocols
Topic: ebgp with comcast in v7
Replies: 2
Views: 693

Re: ebgp with comcast in v7

You could use packet sniffer from tools to record the bgp session and analyze in wireshark. Perhaps Comcasts peering router is configured wrongly and only sending the default route.
by netzwerghh
Sat May 21, 2022 12:28 am
Forum: Forwarding Protocols
Topic: ROSv6 BGP Best Path Selection Algorithm problem
Replies: 6
Views: 1297

Re: ROSv6 BGP Best Path Selection Algorithm problem

Have you tried to reverse the weight between the two routes? BGP in RouterOS 6 is sometimes just broken. For example: We found that the MED value behavior is reversed. Not the route with the lowest MED is selected but that with the highest MED. Although per RFC and also per Mikrotik documentation th...
by netzwerghh
Sat May 21, 2022 12:11 am
Forum: RouterBOARD hardware
Topic: CCR2216-1G-12XS-2XQ L3-Offload with multiple BGP full table (IPv4 and IPv6)
Replies: 4
Views: 2279

Re: CCR2216-1G-12XS-2XQ L3-Offload with multiple BGP full table (IPv4 and IPv6)

Thanks for the reply. Has anybody actually tried and tested this? I'm waiting for my testlab at the moment and will try it for myself. But I would like to know of others who already have experience.
by netzwerghh
Thu May 19, 2022 10:34 am
Forum: RouterBOARD hardware
Topic: CCR2216-1G-12XS-2XQ L3-Offload with multiple BGP full table (IPv4 and IPv6)
Replies: 4
Views: 2279

CCR2216-1G-12XS-2XQ L3-Offload with multiple BGP full table (IPv4 and IPv6)

We plan to replace our CCR2004 which are currently running as peering-router with BGP full table with CCR2216 due to constant packet loss when combined routed traffic exceeds 300 to 400 MBit. Every router get's at least 2x the full v4 and v6 table (from our bird route reflectors). Those facing upstr...
by netzwerghh
Tue Apr 12, 2022 11:43 pm
Forum: Forwarding Protocols
Topic: RouterOS 7.2 CCR2004 BGP full table device lockup / horrorible "performance" with activated MPLS
Replies: 4
Views: 2174

Re: RouterOS 7.2 CCR2004 BGP full table device lockup / horrorible "performance" with activated MPLS

Hi mrz, not that I know of. I'm just redistributing the loopbacks: /mpls ldp add lsr-id=194.XXX.XXX.0 transport-addresses=194.XXX.XXX.0 /mpls ldp advertise-filter add advertise=yes disabled=no prefix=194.XXX.XXX.0/24 vrf=main add advertise=yes disabled=no prefix=185.XXX.YYY.0/32 vrf=main add adverti...
by netzwerghh
Tue Apr 12, 2022 11:20 am
Forum: Forwarding Protocols
Topic: RouterOS 7.2 CCR2004 BGP full table device lockup / horrorible "performance" with activated MPLS
Replies: 4
Views: 2174

Re: RouterOS 7.2 CCR2004 BGP full table device lockup / horrorible "performance"

Another update on this: After disabling MPLS on the router everything seems to work as expected. CPU is down to nearly idle state. SNMP is responding. /routing/route/print is fast again. It seems there is a problem with MPLS in general or with my MPLS configuration. Well but now I can not use my VPL...
by netzwerghh
Tue Apr 12, 2022 10:36 am
Forum: Forwarding Protocols
Topic: RouterOS 7.2 CCR2004 BGP full table device lockup / horrorible "performance" with activated MPLS
Replies: 4
Views: 2174

Re: RouterOS 7.2 CCR2004 BGP full table device lockup / horrorible "performance"

Update on this. It seems that the kernel is nearly loocked up all the time. FIB process has high kernel times: [admin@XXXXX] /routing/filter> /routing/stats/process/print Columns: TASKS, PRIVATE-MEM-BLOCKS, SHARED-MEM-BLOCKS, PSS, RSS, VMS, RETIRED, ID, PID, RPID, PROCESS-TIME, KERNEL-TIME, CUR-BUSY...
by netzwerghh
Mon Apr 11, 2022 6:30 pm
Forum: Forwarding Protocols
Topic: RouterOS 7.2 CCR2004 BGP full table device lockup / horrorible "performance" with activated MPLS
Replies: 4
Views: 2174

RouterOS 7.2 CCR2004 BGP full table device lockup / horrorible "performance" with activated MPLS

Hi, I'm testing RouterOS 7 on CCR2004 for our backbone. We are currently running some of our peering routers with RouterOS 6 on CCR2004 and are not really happy. Never get more than 300Mbit throughput when handling traffic that has to go to the outside while internal traffic (OSPF routes only) reach...
by netzwerghh
Fri Apr 08, 2022 4:45 pm
Forum: RouterOS beta
Topic: services invalid after boot if in management VRF
Replies: 5
Views: 5844

Re: services invalid after boot if in management VRF

Hmm... for now I've setup a scheduler job at startup which restarts the desired service(s). Ugly but works for now. /system scheduler add name=schedule1 on-event="/ip/service/disable [find name=\"telnet\"]\r\ \n/ip/service/enable [find name=\"telnet\"]\r\ \n" policy=ftp...
by netzwerghh
Fri Apr 08, 2022 4:36 pm
Forum: RouterOS beta
Topic: services invalid after boot if in management VRF
Replies: 5
Views: 5844

Re: services invalid after boot if in management VRF

Hi!

Have you found any solution to this problem? Winbox service seems to be running fine after reboot but telnet and SSH are both in inactive state after reboot. Only manual disable/enable helped me on this. Running version 7.2.

Cheers
Dennis
by netzwerghh
Sat Mar 26, 2022 12:43 pm
Forum: RouterOS beta
Topic: Feature Request: VRF aware SNMP
Replies: 1
Views: 2297

Feature Request: VRF aware SNMP

In RouterOS 7 we already have the ability to place mangement services in a certain management VRF. This can be done under /ip/service. This is crucial if you have want out of band management with a fully separate routed network for OoBM. But one "management thing" is still missing: SNMP. I...
by netzwerghh
Fri Feb 25, 2022 3:00 pm
Forum: RouterBOARD hardware
Topic: CCR2216-1G-12XS-2XQ (New Flagship)
Replies: 69
Views: 16355

Re: CCR2216-1G-12XS-2XQ (New Flagship)

Hi all. I see that Router supports transceiver XS+2733LC15D. One for TX, one for RX (or TX/RX+TX/RX. Dunno*). Now this scenario is new to me. How could Router handle this? Have you got any example of conf or a manual? Thanks in advance. *edited "Normal" SFP-Modules have one connector for ...
by netzwerghh
Sun Feb 20, 2022 9:31 pm
Forum: General
Topic: how does L3HW actually works?
Replies: 128
Views: 33030

Re: how does L3HW actually works?

If you see the warning, either configure routing filters to suppress hw-offload or buy another MikroTik device and offload half of the table to it. Yes, you can stack multiple CRS3xx/CCR2x16 devices to split the HW routing table - that way, you can do L3HW processing on the full BGP table. Oh? How ...
by netzwerghh
Sun Feb 20, 2022 9:27 pm
Forum: RouterBOARD hardware
Topic: CCR2216-1G-12XS-2XQ (New Flagship)
Replies: 69
Views: 16355

Re: CCR2216-1G-12XS-2XQ (New Flagship)

Great Thread! Thank you.
Will it route some packets with HW offloading and the other have to travel through CPU?

Yes. @raimondsp provided some fairly extensive and technical explanation about L3HW offload in this thread.
by netzwerghh
Sat Feb 19, 2022 10:04 pm
Forum: RouterBOARD hardware
Topic: CCR2216-1G-12XS-2XQ (New Flagship)
Replies: 69
Views: 16355

Re: CCR2216-1G-12XS-2XQ (New Flagship)

We are using some CCR2004 for peering at some IXPs und also for our upstream connectivity. So they have to handle multiple full tables (850.000 IPv4 and 150.000 IPv6). I've seen Janis video about the CCR2216 and there it is said it can handel HW offloading for L3 IP routing. But it says only IPv4 an...
by netzwerghh
Thu Feb 10, 2022 2:15 pm
Forum: Forwarding Protocols
Topic: ROS 7.1 BGP max-prefix-limit missing
Replies: 54
Views: 12990

Re: ROS 7.1 BGP max-prefix-limit missing

I would like to put my +1 to this setting. Setting max-prefix is often crucial in operating peering routers at IXes to protect your own network. Although you should build routing filters to all of your peers. This is often impossible when you do not rely on automatically building them from things li...
by netzwerghh
Tue Jan 11, 2022 2:30 pm
Forum: RouterOS beta
Topic: Routing filter to discard routes
Replies: 16
Views: 12111

Re: Routing filter to discard routes

Okay, seems I overread that part.
by netzwerghh
Tue Jan 11, 2022 1:50 pm
Forum: RouterOS beta
Topic: Routing filter to discard routes
Replies: 16
Views: 12111

Re: Routing filter to discard routes

you can drop NLRIs before filters, check input.accept-* parameters: https://help.mikrotik.com/docs/pages/viewpage.action?pageId=328220#id-/routing/bgp-/routing/bgp/template Thank you mrz, that is great to know. Could you add a hint to this alternative option and behaviour under https://help.mikroti...
by netzwerghh
Tue Jan 11, 2022 11:09 am
Forum: RouterOS beta
Topic: Routing filter to discard routes
Replies: 16
Views: 12111

Re: Routing filter to discard routes

I would like to vote this up. There should be at least two possibilities to discard/reject learned routes. One could install the routes with status filtered/inactive and the other on should completely ignore the route.
by netzwerghh
Sat Dec 25, 2021 7:53 pm
Forum: Announcements
Topic: Happy holidays!
Replies: 29
Views: 19511

Re: Happy holidays!

Happy holidays everyone!
by netzwerghh
Fri Apr 30, 2021 8:25 pm
Forum: Forwarding Protocols
Topic: BGP Best Path Selection with MED
Replies: 8
Views: 5346

BGP Best Path Selection with MED

Hello! I've a problem with the BGP best path selection algorithm. I'm not getting, why in my case the first route is selected as "best". We are using bgp-local-pref=200 for IXP-Peering-Routes. For prefering a special IXP we tag those routes with different MEDs so that we still prefer short...
by netzwerghh
Tue Oct 27, 2020 5:28 pm
Forum: Scripting
Topic: Adding tagged VLANs to multiple ports on CRS354 and copying VLAN config from one port to another
Replies: 0
Views: 841

Adding tagged VLANs to multiple ports on CRS354 and copying VLAN config from one port to another

I'm a little bit confused. We have some CRS354 Switches where we are operatinge multiple VLANs with VLAN-filtering enabled. We have at least two trunk ports per switch for uplink/downlink. There are also multiple vmWare hosts connected to multiple ports. These are also configured as trunk ports but ...
by netzwerghh
Tue Jun 09, 2020 1:42 pm
Forum: Forwarding Protocols
Topic: [SOLVED] BGP Route Filters match-chain not working
Replies: 5
Views: 2842

Re: BGP Route Filters match-chain not working

Hi Alex, didn't try that style of filters on Mikrotik yet. But it it's that way on Juniper and as I read the syntax, it should be on Mikrotik too: In your chain ASTEROID-IN-v4 you want to discard things that MATCH the chain DISCARD-UNWANTED-ASes. So you probably should name that chain UNWANTED-ASes ...
by netzwerghh
Fri Jun 05, 2020 1:54 pm
Forum: RouterOS beta
Topic: Feature Request: BGP Status: Active, Accepted, Received, Advertised Prefixes
Replies: 0
Views: 1217

Feature Request: BGP Status: Active, Accepted, Received, Advertised Prefixes

I would love to see JunOS style status for each BGP session. That way I would be able to immedeatly see how many prefixes I am getting from a peer (received), how many come through my filters (accepted) and how many prefixes are really activated (active). Also I could see how many prefixes I am anno...
by netzwerghh
Fri Jun 05, 2020 1:42 pm
Forum: RouterOS beta
Topic: v7.0beta8 [development] is released!
Replies: 178
Views: 92773

Re: v7.0beta8 [development] is released!

Great to see BGP finally! Is there andy documentation of the new bgp config style yet? Seems the whole CLI logic changed for BGP. I was able to configure a basic setup but am wondering what all those options actually mean.
by netzwerghh
Fri May 01, 2020 6:54 pm
Forum: General
Topic: Mikrotik Rack-mounted Devices Visio Stencils
Replies: 58
Views: 92486

Re: Mikrotik Rack-mounted Devices Visio Stencils

Hi Fernando,

I just sent the pictures. Hope they are good enough.
Take frontal pictures with highest resolution and best illumination as possible (powered off and with no cables attached is preferrable) and send to fernandolcx9 at gmail dot com
by netzwerghh
Thu Apr 16, 2020 1:05 pm
Forum: General
Topic: Mikrotik Rack-mounted Devices Visio Stencils
Replies: 58
Views: 92486

Re: Mikrotik Rack-mounted Devices Visio Stencils

Hi Fernando,

these stencils are awesome! Could you please add the new switches?

CRS326-24S+2Q+RM
CRS354-48G-4S+2Q+RM
CRS354-48P-4S+2Q+RM

If you need any pictures of them. Let me know!

Cheers
Dennis
by netzwerghh
Thu Feb 20, 2020 4:50 pm
Forum: Forwarding Protocols
Topic: BGP merging two ASN to one i.e. operating two ASN simultanously in one part of the network
Replies: 4
Views: 3667

Re: BGP merging two ASN to one i.e. operating two ASN simultanously in one part of the network

That doesn't seem to work as expected. When I put the peer AS in "Confederated Peers" I can ONLY establish a connection via the original AS. If I remove it from "Confederated Peers" I can ONLY establish a connection via the new AS (put in Confederation). But I want to be able to ...
by netzwerghh
Thu Feb 20, 2020 2:41 pm
Forum: Forwarding Protocols
Topic: BGP merging two ASN to one i.e. operating two ASN simultanously in one part of the network
Replies: 4
Views: 3667

Re: BGP merging two ASN to one i.e. operating two ASN simultanously in one part of the network

Great!

So in confederation-as i put the new ASN. What do I have to put in confederation-peers? The ASN of my peers?

And after finishing the migration process, do I just change the AS to the new one and remove all entries in confederation und confederation peers?

Cheers
Dennis
by netzwerghh
Thu Feb 20, 2020 2:21 pm
Forum: Forwarding Protocols
Topic: BGP merging two ASN to one i.e. operating two ASN simultanously in one part of the network
Replies: 4
Views: 3667

BGP merging two ASN to one i.e. operating two ASN simultanously in one part of the network

Hi there! We have to merge two networks (ASNs) to one network. Each network has multiple peerings and routers so we cannot just change all instances of bgp to the new ASN. We have to operate the old and the new ASN simultanously and allow our peers to peer with both ASN over the same link with the s...
by netzwerghh
Fri Feb 28, 2014 5:06 pm
Forum: Beginner Basics
Topic: IPv6 Dual Stack Service
Replies: 2
Views: 1744

Re: IPv6 Dual Stack Service

It seems you misconfigured internal IPv6. Is your router reachable from the outside? So you can ping 2001:B030:XXXX:FF00::1 from a host out on the internet? It looks like you configured the whole /56 as your internal network. You have to chose one ore more /64 out of the /56-pool and assign those to...
by netzwerghh
Fri Feb 28, 2014 4:53 pm
Forum: General
Topic: IPv6 support for L2TP/PPTP/SSTP etc.
Replies: 13
Views: 9645

Re: IPv6 support for L2TP/PPTP/SSTP etc.

I would like to bump this. As IPv6 is being deployed more and more (some networks even IPv6 only with IPv4 over dual-stack lite) this is an absolutely essential feature of a router.
by netzwerghh
Thu Feb 27, 2014 12:17 am
Forum: General
Topic: Tunnel (v4 & v6) over IPv6-only network with dynamic prefix
Replies: 1
Views: 1375

Tunnel (v4 & v6) over IPv6-only network with dynamic prefix

I have the following problem. My ISP in location1 is giving me native IPv6 but with dynamic(!) prefix. IPv4 is only dualstack light which for me results in not existent at all. So I declare this connection v6 only. I also have some fixed v4 and v6 prefixes routed to a colocation facility via BGP (lo...
by netzwerghh
Sun Feb 02, 2014 9:00 pm
Forum: Forwarding Protocols
Topic: 32bit ASN peering with not AS4-capable peer
Replies: 1
Views: 1606

Re: 32bit ASN peering with not AS4-capable peer

Seems to be something with filtering. I disabled outgoing filtering and now my prefix is announced.
by netzwerghh
Sun Feb 02, 2014 6:05 pm
Forum: Forwarding Protocols
Topic: 32bit ASN peering with not AS4-capable peer
Replies: 1
Views: 1606

32bit ASN peering with not AS4-capable peer

We have a public registered 32bit ASN from RIPE (say AS199999) and a public allocatet IPv6 prefix (say 2a01:ffff::/32). As our current upstream provider is only IPv4 capable but is in the process of deploying IPv6 we would like to test BGP with IPv6 over Hurricane Electric (AS6939). They are offerin...
by netzwerghh
Mon Jun 03, 2013 5:02 pm
Forum: General
Topic: Bug. VLANs not working on routeros-x86-6.0.
Replies: 4
Views: 2134

Re: Bug. VLANs not working on routeros-x86-6.0.

Great stuff! Works like a charm.
by netzwerghh
Mon Jun 03, 2013 4:42 pm
Forum: Beginner Basics
Topic: stacking RB1100AHX2 routers?
Replies: 3
Views: 3903

Re: stacking RB1100AHX2 routers?

Never heared about stacking with mikrotik.
But you might be able to achieve your goals with manual configuration. But depends on what you want. You can do failover with VRRP and use scripts to synchronize firewall configuration. But you have to build synchronization "by hand".
by netzwerghh
Mon Jun 03, 2013 4:37 pm
Forum: Beginner Basics
Topic: Vlan networks and internet
Replies: 5
Views: 1984

Re: Vlan networks and internet

Are you shure you have a mikrotik switch? Isn't it a router? Which model is ist? You should be able to put your ADSL-Network on one port and aggragate the other ports to form a normal switch serving the internal network. Try search the wiki ( http://wiki.mikrotik.com/wiki/Main_Page ) for this. It ha...
by netzwerghh
Mon Jun 03, 2013 4:31 pm
Forum: General
Topic: Bug. VLANs not working on routeros-x86-6.0.
Replies: 4
Views: 2134

Re: Bug. VLANs not working on routeros-x86-6.0.

Thanks for the information on this. Waiting for 6.1.
by netzwerghh
Mon Jun 03, 2013 2:58 pm
Forum: General
Topic: Bug. VLANs not working on routeros-x86-6.0.
Replies: 4
Views: 2134

Bug. VLANs not working on routeros-x86-6.0.

As already stated here: http://forum.mikrotik.com/viewtopic.php?f=1&t=72862&p=371550#p371417 VLANs are not working on x86 platform of v6. Configuration: router-os on VMware ESXi v5.0 623860 Single vCPU 2 E1000 NICs (1 without VLAN, 1 with tagged VLAN) 64 MB vRAM 256 MB IDE HDD Under v5.25 ev...
by netzwerghh
Mon Jun 03, 2013 2:33 pm
Forum: General
Topic: v6.0 released
Replies: 320
Views: 97411

Re: v6.0 released

Same to me. After upgrade to 6.0 for x86 all vlans stopped working. Reset config and doing it again also does not help. Downgrade to 5.25 solved the issue. Seems like 6.0 release for x86 has major issue with VLANs. I wrote to support@mikrotik.com couple of days ago, but no answer ..... yet. I have ...