Community discussions

Search found 181 matches

by SwissWISP
Mon Apr 23, 2018 2:51 pm
Forum: Wireless Networking
Topic: Xiaomi phone low Wifi TX rate [SOLVED]
Replies: 112
Views: 26310

Re: Xiaomi phone low Wifi TX rate [SOLVED]

Thanks guys for the fix! It works great on my Cat S60. Now I reach an air rate of 150Mbps, which is the same speed as in the opposite direction.

- Mat
by SwissWISP
Tue Apr 10, 2018 11:06 am
Forum: RouterBOARD hardware
Topic: R11e-2HPnD Tx Rate cant go above 54mbps with phones
Replies: 7
Views: 2455

Re: R11e-2HPnD Tx Rate cant go above 54mbps with phones

Has this ever been resolved?
We see the same problem with RB951G routers.
by SwissWISP
Thu Mar 16, 2017 11:58 am
Forum: General
Topic: Compatible DWDM SFP+ Modules?
Replies: 6
Views: 961

Re: Compatible DWDM SFP+ Modules?

Hi

thanks for the reply. I heard of fs.com before. But I also heard that DWDM modules didn't work in the CCRs.
But compared to Cisco they're pretty low priced, that's true.

- Mat
by SwissWISP
Thu Mar 16, 2017 11:15 am
Forum: General
Topic: Compatible DWDM SFP+ Modules?
Replies: 6
Views: 961

Compatible DWDM SFP+ Modules?

Hi all,

I need a 10Gbps DWDM SFP+ for one of our CCR1072.
Is there a module on the market, which is known to be working?

Many thanks!

- Mat
by SwissWISP
Tue May 03, 2016 10:17 am
Forum: General
Topic: Switch and bridged VLANs
Replies: 4
Views: 547

Re: Switch and bridged VLANs

The model in question is the RB951G. The problem is that I need to apply firewall rules between ether1 (Uplink) and ether2/ether3 so I have to use the bridge.
Ok, so it looks like it's the right way to do what I want... :)

- Mat
by SwissWISP
Mon May 02, 2016 12:18 pm
Forum: General
Topic: Switch and bridged VLANs
Replies: 4
Views: 547

Switch and bridged VLANs

Hi all, I've got a Router which has a "native" VLAN and a tagged VLAN (id=2) on ether1. The tagged vlan is bridged with ether3 so it's untagged on ether3. Ether2 should work the same way as ether1 so I set ether1 as "master-port". It works, but my question is, is this the way it's meant to work? My ...
by SwissWISP
Mon Dec 14, 2015 9:29 am
Forum: General
Topic: Log: excessive broadcast/multicast...
Replies: 3
Views: 753

Re: Log: excessive broadcast/multicast...

Thanks for the idea.
But I was thinking of a threshold level which could be adjusted or something.
If I send all "interface,warning" messages in a different file, I could possibly miss other messages.

- Mat
by SwissWISP
Fri Dec 11, 2015 5:20 pm
Forum: General
Topic: Log: excessive broadcast/multicast...
Replies: 3
Views: 753

Log: excessive broadcast/multicast...

Hi

Is there a way to disable the "excessive broadcast/multicast..." message in the log?
I've got several hundred Mbps of legitimate Multicast traffic on an Interface, which may look like a Loop to the Router.
This message fills the whole log, which is annoying.

Thanks,
Mat
by SwissWISP
Fri Sep 11, 2015 12:40 pm
Forum: RouterBOARD hardware
Topic: POE-in on CCR1009-8G-1S?
Replies: 2
Views: 523

Re: POE-in on CCR1009-8G-1S?

That sounds good.
Thanks for the reply!

- Mat
by SwissWISP
Fri Sep 11, 2015 11:02 am
Forum: RouterBOARD hardware
Topic: POE-in on CCR1009-8G-1S?
Replies: 2
Views: 523

POE-in on CCR1009-8G-1S?

Hi all,

can the CCR1009-8G-1S be powered by POE-in like the CCR1009-8G-1S-1S+?

- Mat
by SwissWISP
Thu Sep 10, 2015 5:37 pm
Forum: General
Topic: [Solved] - CCR1036 upgrade (silently) fails
Replies: 13
Views: 1480

Re: [Solved] - CCR1036 upgrade (silently) fails

Okay, thanks for the reply.

- Mat
by SwissWISP
Thu Sep 10, 2015 12:57 pm
Forum: General
Topic: [Solved] - CCR1036 upgrade (silently) fails
Replies: 13
Views: 1480

Re: [Solved] - CCR1036 upgrade (silently) fails

Sorry to bring this Topic on to again. I just had a similar Problem. But my CCR didn't reboot when I clicked on "Reboot", so an upgrade wasn't possible. Upgrading via "check for updates" did a proper reboot so the upgrade worked. Are you sure that your CCR did a reboot? I just want to find out if it...
by SwissWISP
Wed Jul 01, 2015 9:49 am
Forum: General
Topic: Leap second bug present on TILE devices?
Replies: 49
Views: 10214

Re: Leap second bug present on TILE devices?

+1 here on two CCR 1016 :?
by SwissWISP
Tue Jun 23, 2015 12:33 pm
Forum: General
Topic: EoIP - Problem
Replies: 0
Views: 719

EoIP - Problem

Hello, we're facing a strange problem with EoIP tunnels across our Network. This is the current situation in this part of our Network (simplified): EoIP.png There is a EoIP Tunnel between "CCR1009 #1" and "CCR1009 #2" and all Routers are running OSPF. The standard path between the two EoIP Endpoints...
by SwissWISP
Mon Jan 12, 2015 2:07 pm
Forum: Forwarding Protocols
Topic: OSPF - Invalid sequence number / MD5 authentication failed
Replies: 6
Views: 3720

Re: OSPF - Invalid sequence number / MD5 authentication fail

Thanks for your reply Leo.
In my case it's most likely not a memory issue. My CCR has over 1.5GB of free memory space.

- Mat
by SwissWISP
Sat Dec 27, 2014 6:19 pm
Forum: Forwarding Protocols
Topic: BGP troubles
Replies: 4
Views: 1466

Re: BGP troubles

By the sounds of it, it's a routing problem of your own subnet. Your router is able to ping 8.8.8.8 because it uses the IP of your ISP to do so. What happens if you set the source IP in PING to the one in your own subnet? I would bet it won't work... Besides some things in your config which (usually...
by SwissWISP
Wed Jun 04, 2014 4:11 pm
Forum: General
Topic: CCR VPLS performance, 10g
Replies: 3
Views: 1719

Re: CCR VPLS performance, 10g

[...] What kind of single connection TCP performance can one expect between 2 CCR1036s over 10gig VPLS? Currently one connection can't be distributed over multiple cores. From what you can read in this forum, 1G is about the max a core can push. So I would say that you won't get much more than 1G o...
by SwissWISP
Tue May 27, 2014 5:24 pm
Forum: General
Topic: BGP Load Sharing Two ISPs two Routers
Replies: 4
Views: 1678

Re: BGP Load Sharing Two ISPs two Routers

where is load sharing solution? Are you talking about real Equal-Cost Multi-Path Routing (ECMP) or do you just want to run a "pseudo load sharing" based on BGP-Paths? Inbound distribution of the traffic happens automatically as soon as you announce your prefixes to your upstreams. Outbound distribu...
by SwissWISP
Tue May 27, 2014 12:35 pm
Forum: General
Topic: v6.13 released!
Replies: 177
Views: 48684

Re: v6.13 released!

So it's not anymore necessary to create a bridge interface then add the port of ether2(trunk) and the vlans?
It depends on what you want to do. In general, this isn't necessary and it wasn't before.
by SwissWISP
Tue May 13, 2014 12:43 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 23407

Re: IPv6 recursive nexthops via iBGP

I'm running out of IPv4 addresses. :-( Hope this will get fixed soon.
+1
by SwissWISP
Mon May 12, 2014 12:03 pm
Forum: Forwarding Protocols
Topic: OSPF Errors
Replies: 9
Views: 1896

Re: OSPF Errors

Discarding packet: MD5 authentication failed invalid sequence number I also see this message in the Logs when I enable MD5 authentication between Mikrotik routers, but not between a Cisco and a MTK router. I've sent the bug report to support but after some mails, they stopped updating me about the ...
by SwissWISP
Wed Apr 30, 2014 9:26 am
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ General info & Questions
Replies: 100
Views: 68610

Re: CCR1009-8G-1S-1S+ General info & Questions

Another thing I just realized. There is no active monitoring on the PSU's. The routerboard does not know how many PSU's are actually connected (photo's only show power cables going from the PSU module to the mainboard) so there is no way to check if 1 or 2 power cables are connected and/or working....
by SwissWISP
Tue Apr 29, 2014 3:57 pm
Forum: RouterBOARD hardware
Topic: CCR1036 - Routing Tables
Replies: 7
Views: 1646

Re: CCR1036 - Routing Tables

Hi

we run a similar config with two full feeds plus around 100k routes learned via several different peers (15 total) on a CCR1016. The routes take around 650MB of memory.

- Mat
by SwissWISP
Tue Apr 29, 2014 2:11 pm
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ General info & Questions
Replies: 100
Views: 68610

Re: CCR1009-8G-1S-1S+ General info & Questions

Hijacking a little - normis can you confirm/deny if dual PSU will make its way to 1036 models?
I would like to know this too. :D
by SwissWISP
Mon Mar 24, 2014 11:25 am
Forum: General
Topic: Problem witch troughput over omnitik.
Replies: 5
Views: 874

Re: Problem witch troughput over omnitik.

Is the licensed link directly connected to the omnitik? We had a similar situation where we had to enable Flowcontrol on the licensed link and the switches between them and the other devices. Some links seem to have big buffers which causes the "buffer bloat" problem if they can't deliver the packet...
by SwissWISP
Fri Mar 21, 2014 9:27 am
Forum: General
Topic: Bridge + VLAN
Replies: 3
Views: 1164

Re: Bridge + VLAN

Thank you for the reply. You're right. In general that would be better.
The problem is that I need to use the firewall to filter some connections. So, it's not possible to use the switch chip.

- Mat
by SwissWISP
Thu Mar 20, 2014 2:52 pm
Forum: General
Topic: Bridge + VLAN
Replies: 3
Views: 1164

Bridge + VLAN

Hi I want to configure a RB951G to separate the "Native VLAN" and VLAN101 which arrive are both at Ether1 and bridge VLAN101 with Ether5 and the Native VLAN with Ether4. VLAN_Bridge.png My config looks like this: /interface bridge add l2mtu=1598 name=bridge-1 protocol-mode=none add l2mtu=1594 name=b...
by SwissWISP
Tue Mar 18, 2014 9:16 pm
Forum: General
Topic: K4201-Z 3g dongle, issue /interface lte
Replies: 12
Views: 6177

Re: K4201-Z 3g dongle, issue /interface lte

I had the same problem with a Huawei Modem. Support told me to just configure the LTE port as a dhcp client and it works like a charm now. It looks like some modems don't need the PPP part of the config.
by SwissWISP
Fri Mar 14, 2014 9:35 am
Forum: General
Topic: I can not see LTE interface.(Huawei E3272)
Replies: 7
Views: 6844

Re: I can not see LTE interface.(Huawei E3272)

Most important:
Is the device visible under "/system resource usb print"?
- Mat
by SwissWISP
Thu Mar 13, 2014 1:01 pm
Forum: General
Topic: I can not see LTE interface.(Huawei E3272)
Replies: 7
Views: 6844

Re: I can not see LTE interface.(Huawei E3272)

What kind of router hardware do you use?
Is the device visible under "/system resource usb print"?

I use the E3272 on a CCR which is running 6.10. The LTE interface appears shortly after I plug it in.

- Mat
by SwissWISP
Sun Jan 26, 2014 10:35 am
Forum: General
Topic: Trunk port on a CCR1036 router
Replies: 11
Views: 6188

Re: Trunk port on a CCR1036 router

Correct? Yes, that should work. Btw. This works on all RBs. You've been told to use the Switch Interface on other Platforms because they don't thave not enought CPU power to bridge at wirespeed. So using the Switch chip is more CPU fiendly. As you may know the CCR doesn't have a Switch chip, so usi...
by SwissWISP
Wed Jan 22, 2014 3:35 pm
Forum: General
Topic: Currently best and stable V.6 ROS?
Replies: 21
Views: 5628

Re: Currently best and stable V.6 ROS?

CCR 6.3 Anything else, 6.6 (based on personal testing and deployment) Our main CCR which is the gateway for our entire network has now been in production for around 1.2 years. We used 6.0 RC6, RC11 and 6.3 only. All were stable. We have 6.7 on our backup CCR and haven't seen any issues with it... h...
by SwissWISP
Tue Jan 21, 2014 10:03 pm
Forum: General
Topic: Currently best and stable V.6 ROS?
Replies: 21
Views: 5628

Re: Currently best and stable V.6 ROS?

Mikrotik your CCR + ROS 6.x sucks now, will wait to a reliable version. CCR collecting dust for now until a reliable ROS version ... our good old Dell Poweredge x86 ROS 5.25 back on duty .... no more issues no more angry customers ... It's a shame such a nice piece of hardware not being used ... I ...
by SwissWISP
Sun Jan 19, 2014 3:20 pm
Forum: General
Topic: Currently best and stable V.6 ROS?
Replies: 21
Views: 5628

Re: Currently best and stable V.6 ROS?

It depends on the platform... What I can tell you is, that on the CCR there is no Version, which is really stable.
We had a lot of issues with flapping ports, Negotiation problems and unresponsive routers. Just yesterday we had a "locked up" CCR1016 again.

- Mat
by SwissWISP
Sun Jan 19, 2014 3:13 pm
Forum: General
Topic: IPV6 is it usable
Replies: 7
Views: 1789

Re: IPV6 is it usable

There seems to be a problem with the Next Hop in BGP, if you use OSPFv3 as IGP. You will see the Next Hop as "unreachable" in the routing table.
You can find some Information in this forum.

- Mat
by SwissWISP
Wed Jan 15, 2014 11:00 pm
Forum: Forwarding Protocols
Topic: Applying DSCP to VPLS tunnel
Replies: 3
Views: 1678

Re: Applying DSCP to VPLS tunnel

Latency outside VPLS is a solid 6ms. Where Latency inside the tunnel is 6-600ms. With an average of 50-60ms Hi, I don't think your problem can be solved this way. What you are seeing is caused by AirMax and also happens when using EoIP, GRE, etc. Tunnels on these devices. It's discussed in the Ubnt...
by SwissWISP
Fri Jan 10, 2014 11:52 am
Forum: RouterBOARD hardware
Topic: BGP full route
Replies: 10
Views: 2924

Re: BGP full route

Why not a cisco asr while you're at it? Well, an ASR is OK too. :) But you just get more power and much more GigE-Ports (24) for your money. Back on Topic. We run some CCRs in our Network and they are routing full tables. But because of some nasty bugs (port flapping, etc.) and the fact that all ro...
by SwissWISP
Thu Jan 09, 2014 5:18 pm
Forum: RouterBOARD hardware
Topic: BGP full route
Replies: 10
Views: 2924

Re: BGP full route

If you want a very reliable device for this job, I would recommend you to buy a Brocade CER 2000 Series router. Sure, it's much more expensive than a CCR, but they are great devices. Lots of power (Hardware Routing) and stable as a rock. I don't see the EdgeRouter Series as a real alternative to the...
by SwissWISP
Mon Dec 09, 2013 5:10 pm
Forum: General
Topic: EOIP Ping Time Problem
Replies: 4
Views: 853

Re: EOIP Ping Time Problem

What kind of wireless link are you using?

- Mat
by SwissWISP
Sat Nov 23, 2013 4:19 pm
Forum: Forwarding Protocols
Topic: Specific routes using BGP with default route
Replies: 4
Views: 1475

Re: Specific routes using BGP with default route

The problem is that you can't control the incoming traffic like you need it. Only the outgoing traffic is really manageable. So even if you had BGP full views, it wouldn't help you with this. The routers on the other end (youtube, netflix, etc.) decide by them selves which way to send the traffic. I...
by SwissWISP
Fri Nov 22, 2013 10:31 am
Forum: General
Topic: Turning off STP Protocol
Replies: 1
Views: 519

Re: Turning off STP Protocol

Hi

usually this isn't a problem in a home environment. As long as you don't create a switch loop in your network, you should be fine.

- Mat
by SwissWISP
Fri Nov 22, 2013 4:02 am
Forum: General
Topic: RouterOS v6.6 released
Replies: 164
Views: 72437

Re: RouterOS v6.6 released

CCR-1016 still port-flapping in more obvious way. before 6.6 ports were going down and that's it now it flaps ports many times before restart by watchdog. first week on 6.6 was very stable I thought it is final holy aid.... no... We are also seeing port flap on CCR1036 and RoS 6.6, FW 3.10 +1 Our C...
by SwissWISP
Thu Nov 21, 2013 11:53 am
Forum: General
Topic: DHCP relay and external Linux DHCP server
Replies: 8
Views: 3305

Re: DHCP relay and external Linux DHCP server

First you should check if basic connectivity works. So assign a static IP to a host (no via DHCP) and check if the connectivity is OK. A second thing you should check is, if connection tracking in the firewall is active. I must say, that I never used dhcp-relay over a "nated" Router, but basically t...
by SwissWISP
Wed Nov 20, 2013 8:27 pm
Forum: General
Topic: DHCP relay and external Linux DHCP server
Replies: 8
Views: 3305

Re: DHCP relay and external Linux DHCP server

Did you set a static route to 10.10.8.0/22 on your linux box? Additionally I would set the local address of your relay to 10.10.10.1
by SwissWISP
Tue Nov 19, 2013 4:12 pm
Forum: RouterBOARD hardware
Topic: RB2011 UAS Gigabit to 100Mbit fragmentation bug
Replies: 10
Views: 3149

Re: RB2011 UAS Gigabit to 100Mbit fragmentation bug

I'm not quite sure if this is a bug. It may also be a limitation of the driver or hardware. There are other network devices like for example the Cisco ASA 5510, which aren't able to handle 65k.

- Mat
by SwissWISP
Mon Nov 04, 2013 6:09 pm
Forum: General
Topic: Bridge - NAT
Replies: 2
Views: 823

Re: Bridge - NAT

Well, at the moment the bridge is transparent. After the change it isn't really transparent, that's true. My goal isn't a 100% transparent bridge. My goal is that the host appears with the mac of the bridge. But I think I found a possible solution for that. Proxy-arp may do what I need. Thanks! - Mat
by SwissWISP
Mon Nov 04, 2013 12:41 pm
Forum: General
Topic: Bridge - NAT
Replies: 2
Views: 823

Bridge - NAT

Hi all, I've got a transparent Bridge between one host and a Network. What I want to achieve is, that all packets from the host behind the Bridge look like they were originated from the Bridge itself (on Layer2 not IP) or maybe a 3rd MAC-Address. The Idea is that the Network always sees the same MAC...
by SwissWISP
Tue Oct 29, 2013 11:33 am
Forum: Forwarding Protocols
Topic: OSPF - Invalid sequence number / MD5 authentication failed
Replies: 6
Views: 3720

OSPF - Invalid sequence number / MD5 authentication failed

Hi all, there is something strange happening on our Routers (CCR). Several times per day, the router logs a "Invalid sequence number / MD5 authentication failed" message. (see attached Picture) It looks like the router receives an OSPF packet that is too "old" and the problem gets worse if I lower t...
by SwissWISP
Sat Oct 26, 2013 10:37 am
Forum: General
Topic: About RB1100AHx2 performance and ports usage...
Replies: 10
Views: 4128

Re: About RB1100AHx2 performance and ports usage...

Hi Does RB1100AHx2 capable to handle full-duplex 1GB throughput on all 10 port simultaneously? This would only be possible if you use it as a Switch with two Groups (Switch chips). As soon as you send traffic over the CPU (bridging, Routing, etc.), the Performance Drops quickly. What about full-dupl...
by SwissWISP
Wed Sep 18, 2013 4:42 pm
Forum: General
Topic: OID of total CPU usage on CCR
Replies: 16
Views: 9884

Re: OID of total CPU usage on CCR

Thanks for your reply, Ivan!
At least I'm not the only one who needs this OID. :)

- Mat
by SwissWISP
Fri Sep 13, 2013 7:22 pm
Forum: Forwarding Protocols
Topic: OSPF - Invalid Sequence Number
Replies: 1
Views: 1137

OSPF - Invalid Sequence Number

Hi There are some strange entries in the Log of my CCRs (v.6.3): "Discarding packet: MD5 authentication failed source=x.x.x.x Invalid sequence number mine=253202 received=253201" The session doesn't get dropped but it looks untrustworthy. :? Btw. This happens only between Mikrotik Routers. No Proble...
by SwissWISP
Tue Sep 10, 2013 7:16 pm
Forum: Forwarding Protocols
Topic: CCR & OSPF = low performance
Replies: 3
Views: 1173

Re: CCR & OSPF = low performance

How are the network segments configured? e.g. Is a DR/BDR election involved or are the neighbours static. Just wondering where the delay is coming from...
It's DR/BDR. Do you think that it will speed-up the convergence when static neighbours are used?
by SwissWISP
Tue Sep 10, 2013 6:56 pm
Forum: Forwarding Protocols
Topic: CCR & OSPF = low performance
Replies: 3
Views: 1173

CCR & OSPF = low performance

Hi, I just installed some CCR1016 in parallel to our existing core routers (different VLANs) so I can test them on real WAN links. The Network is built like a ring and consists of 5 routers. There are about 50 routes in the table. After setting everthing up, I was very happy that everything worked l...
by SwissWISP
Wed Sep 04, 2013 10:14 pm
Forum: General
Topic: OID of total CPU usage on CCR
Replies: 16
Views: 9884

OID of total CPU usage on CCR

Hi

is there an OID for the total CPU usage on the CCR?
I found the usage of each Core but I Need to log the Total.

Thanks,
Mat
by SwissWISP
Wed Aug 21, 2013 12:58 am
Forum: RouterBOARD hardware
Topic: CCR SNMP interface query issues
Replies: 6
Views: 1818

Re: CCR SNMP interface query issues

How's the reliability of your CCR been for you with that amount of bandwidth? Would appreciate any feedback you have (good or bad). I'm afraid to put mine in production :/
+1

Thanks
by SwissWISP
Mon Aug 19, 2013 7:45 pm
Forum: General
Topic: TCP performance
Replies: 74
Views: 26166

Re: TCP performance

Hi all, we've had similar problems and it turned out to be a bufferbloat problem on one of our licensed links. Our Setup looked like this: [Server] <----GigE----> [C2960G] <----GigE----> [Licensed_150Mbps_Link] <----GigE----> [C2960G] <----FastE----> [Ubnt_RocketM5] <----300/300 Mbps----> [Ubnt_NB5M...
by SwissWISP
Wed Jul 31, 2013 10:35 am
Forum: Forwarding Protocols
Topic: RB1100AH as BGP Gateway?
Replies: 4
Views: 1251

Re: RB1100AH as BGP Gateway?

Is it possible? Yes it is. Depending on your requirements even a smaller RB could do this. Is it fast enough? Well, it depends... What are your requirements? If you just get a default route and/or some routes from a local IX, you will be fine. But if you get full tables from several Peers you won't...
by SwissWISP
Fri Jul 26, 2013 2:14 pm
Forum: Forwarding Protocols
Topic: BGP problems
Replies: 4
Views: 1883

Re: BGP problems

I don't see any peer configuration on Mikrotik :) you have to configure at least one peer so BGP can do anything
+1

You need to configure a peer.
Example:
/routing bgp peer
add name=TEST remote-address=172.31.55.29 remote-as=[REMOTE-AS] ttl=default
- Mat
by SwissWISP
Mon Jul 22, 2013 6:07 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

Hey Mat. Thanks for your good news. Could you please tell me what ROS version you use?
Currently we use 6.2.
by SwissWISP
Mon Jul 22, 2013 4:22 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

I have 6 CCRs and we are using those routers for PPPoE server. I have a plan to enable BGP on that routers. Anyone tried to use BGP with Cisco using v6.2, please share your experience here. Thanks. We run several sessions between our CCRs and some Ciscos and even a session to a Brocade CER. No Prob...
by SwissWISP
Thu Jul 18, 2013 9:12 am
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

I can confirm szaszans observations.
by SwissWISP
Wed Jul 03, 2013 9:26 am
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

Do you also experience one core almost always at 100% load? How much does it take a route state-change to be applied? On my CCR (3 IPv4 full views and 3 IPv6 full views) it takes almost 20 minutes.
We see this too. It's because BGP runs on one core only.
by SwissWISP
Thu Jun 27, 2013 12:45 pm
Forum: Scripting
Topic: Bridge Filter
Replies: 1
Views: 498

Bridge Filter

Hi! I run a RB as a bridge between us and the customers firewall. At the moment the customer uses DHCP to get an IP. The problem is that the customer could set the IP manually in the firewall to always have the same IP address. Since this could lead to IP-Address conflicts and other problems I want ...
by SwissWISP
Fri Jun 14, 2013 2:08 pm
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

You can run two full views on the RB1100AHx2 but you will most likely see higher latency during convergence.
by SwissWISP
Thu Jun 13, 2013 8:07 pm
Forum: Forwarding Protocols
Topic: WhatsMyIP Reports wrong IP, or so I think. How can I change?
Replies: 7
Views: 1613

Re: WhatsMyIP Reports wrong IP, or so I think. How can I cha

This is interesting. I've got a 198.x.x.200/30 defined as a Network on MTR2 to announce. On MTR1 I am only seeing a route to .201; GW for the .200/30 network. I should be seeing 198.x.x.200/30 should I not? Yes, you should see 198.x.x.200/30 but just because you add the Network to the list doesn't ...
by SwissWISP
Thu Jun 13, 2013 9:33 am
Forum: Forwarding Protocols
Topic: WhatsMyIP Reports wrong IP, or so I think. How can I change?
Replies: 7
Views: 1613

Re: WhatsMyIP Reports wrong IP, or so I think. How can I cha

Based on the few information you give, I can only guess what happens. But it looks like NAT is configured on MTR 1.

- Mat
by SwissWISP
Fri Jun 07, 2013 1:52 pm
Forum: Forwarding Protocols
Topic: BGP load & backup
Replies: 21
Views: 3109

Re: BGP load & backup

Fixed. Providers fault ! :evil: Ha! That's why I asked if this happens on a specific ISP. But just to make sure you know about a bug in RouterOS: Sometimes, routes get stuck in the table (what you've seen -> None of the routes gets active and also some strange things). I would advice you to follow ...
by SwissWISP
Thu Jun 06, 2013 2:11 pm
Forum: Forwarding Protocols
Topic: BGP load & backup
Replies: 21
Views: 3109

Re: BGP load & backup

Ok, after a restart they are like that :lol: . That's a bug. Search in the forum for "stuck routes". But still can't ping my /24 block only if i disable one of the BGP peers. Does this happen to both peers or do you need to disable a specific peer. Maybe i need the full world table from both ISP ? ...
by SwissWISP
Thu Jun 06, 2013 12:54 pm
Forum: Forwarding Protocols
Topic: BGP load & backup
Replies: 21
Views: 3109

Re: BGP load & backup

The distance for the isp 2 gateway should not be bigger that ISP1 ?
Maybe this is causing the problem.
No, most likely not.

It should look like this:
by SwissWISP
Thu Jun 06, 2013 12:41 pm
Forum: Forwarding Protocols
Topic: BGP load & backup
Replies: 21
Views: 3109

Re: BGP load & backup

Yes it is in production :( Can this be because of the routing filters ? I don't think so. I don't understand exactly how it works. I did this : set isp1 out-filter=isp1-out set isp2 out-filter=isp2-out add chain=isp1-out prefix=myclass/24 action=accept add chain=isp1-out action=discard add chain=is...
by SwissWISP
Thu Jun 06, 2013 12:23 pm
Forum: Forwarding Protocols
Topic: BGP load & backup
Replies: 21
Views: 3109

Re: BGP load & backup

This looks strange. One of the default routes should be "A". I saw that you run RC7, maybe it's a bug. Is this device in production?
by SwissWISP
Thu Jun 06, 2013 12:01 pm
Forum: Forwarding Protocols
Topic: BGP load & backup
Replies: 21
Views: 3109

Re: BGP load & backup

I can't open the pic, so I can't see anything.
http://hostpicture.eu/upload/big/2013/0 ... be23ba.png
"No direct Link permitted"
by SwissWISP
Thu Jun 06, 2013 11:53 am
Forum: Forwarding Protocols
Topic: BGP load & backup
Replies: 21
Views: 3109

Re: BGP load & backup

I can't open the pic, so I can't see anything.
by SwissWISP
Thu Jun 06, 2013 11:37 am
Forum: Forwarding Protocols
Topic: BGP load & backup
Replies: 21
Views: 3109

Re: BGP load & backup

This can't work. You need to send the packets from the newer /24 to the correct gateway. The static route overrides a dynamic route. That's why it doesn't work.

I would change the routing so you announce both Prefixes, otherwise the first /24 has no redundancy. And kick the static route.
by SwissWISP
Thu Jun 06, 2013 9:43 am
Forum: Forwarding Protocols
Topic: BGP load & backup
Replies: 21
Views: 3109

Re: BGP load & backup

well, thank you. But now i have another problems. It seems like i add the ip addresses for BGP 1 provider and BGP2 provider. They can't be pinged from outside my country. It's strange, do i need to make sort of packet marking for each provider gateway ? It's difficult to say what happens but please...
by SwissWISP
Wed Jun 05, 2013 4:44 pm
Forum: Forwarding Protocols
Topic: BGP load & backup
Replies: 21
Views: 3109

Re: BGP load & backup

Hi, What i want is to use both providers i really don't care through the pachets are going, as long the traffic it's shared somehow between them. (I have the same bandwidth from both) How i can do this ? Well, there are several different things that may be tweaked. But you can start with the AS-Path...
by SwissWISP
Tue Jun 04, 2013 9:39 am
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

[...] There is a one question to Normis - are your going to make BGP process multicore compatible? +1 on this question Second question about CCR performance with full BGP onload. Is routing procces works fine during BGP establishing full view? It's not a problem to wait full table, but there is a p...
by SwissWISP
Mon Jun 03, 2013 5:33 pm
Forum: RouterBOARD hardware
Topic: CCR1016-12G and routing DHCP
Replies: 2
Views: 1287

Re: CCR1016-12G and routing DHCP

The CCR has enought CPU power to bridge the ports at wire speed, so I would just bridge them.
Since the CCR has no switch chip, changing the Master of a port doesn't do anything.
The CCR can't be powered via POE, the case has been labeled wrong.
by SwissWISP
Wed May 29, 2013 5:21 pm
Forum: General
Topic: CCR1036-12G-4S with 6.0
Replies: 19
Views: 2432

Re: CCR1036-12G-4S with 6.0

well i ssh to the ccr and ping from terminal, but yes.
SSH is ok too. ;-)

Well, that's really strange... I've never seen that before... I would reset the CCR to factory defaults and start from scratch. I've got some CCRs which are running in similar configs and they do nothing like that.

- Mat
by SwissWISP
Wed May 29, 2013 4:52 pm
Forum: General
Topic: CCR1036-12G-4S with 6.0
Replies: 19
Views: 2432

Re: CCR1036-12G-4S with 6.0

No. When the CCR is connected to the switch I can ssh to the switch from a desktop on the LAN but can't ping out from router to the internet.
So you can also access the CCR via Winbox but you can't ping a host on the Internet from the CCR (Tools/Ping)? Right?
by SwissWISP
Wed May 29, 2013 4:20 pm
Forum: General
Topic: CCR1036-12G-4S with 6.0
Replies: 19
Views: 2432

Re: CCR1036-12G-4S with 6.0

It's possible that macs get leaked between the interfaces (maybe a bug), that's why it's important to know if these ports share the same broadcast domain or not. If they are in seperate VLANs we can rule out this situation. If you connect the switch to the CCR, is the CCR able to reach the internet ...
by SwissWISP
Wed May 29, 2013 3:58 pm
Forum: General
Topic: CCR1036-12G-4S with 6.0
Replies: 19
Views: 2432

Re: CCR1036-12G-4S with 6.0

Are the Ports 1-3 connected to the same Switch? If yes, are these Ports in the same VLAN (on the switch)?
by SwissWISP
Wed May 29, 2013 12:34 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

I assume as this thread has really slowed down as most people are not having as many issues with CCR's since RC12? Looking to put a pair of CCR's into a production environment in the next week. 2 BGP feeds to each. iBGP between them. Handful of firewall rules and a few policy routes. I have had RB1...
by SwissWISP
Wed May 29, 2013 10:54 am
Forum: General
Topic: CCR1036-12G-4S with 6.0
Replies: 19
Views: 2432

Re: CCR1036-12G-4S with 6.0

Please post your config, so we can see if something is wrong there.
It most likely isn't a hardware problem.

- Mat
by SwissWISP
Wed May 22, 2013 10:12 am
Forum: RouterBOARD hardware
Topic: CCR - Secondary PSU
Replies: 58
Views: 21114

Re: CCR - Secondary PSU

[...] however you will not have any indication that one of them failed. As I stated above if the PSU with the lower voltage fails, you'll not notice it until the other PSU fails too. So the whole idea is just senseless anyway. A device like the CCR needs a proper dual-PSU setup incl. SNMP Monitorin...
by SwissWISP
Tue May 14, 2013 12:44 pm
Forum: General
Topic: smart protection
Replies: 6
Views: 769

Re: smart protection

To limit the connections per IP, you could use the "Connection Limit" feature in the firewall.
by SwissWISP
Mon May 06, 2013 12:18 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

Are there any plans to make the BGP process multi processor capable?
by SwissWISP
Mon Apr 29, 2013 10:17 pm
Forum: General
Topic: Windows Network Discovery across IPsec in Tunnel Mode
Replies: 5
Views: 1835

Re: Windows Network Discovery across IPsec in Tunnel Mode

Since you are routing (I suppose you do), broadcasts are not transmitted. This is just the way routers are working. Netgear seems to have some kind of "Broadcast-Relay" built-in. But I've never seen this on a Mikrotik device. That's why we told you to build a Layer2 tunnel between the routers or to ...
by SwissWISP
Mon Apr 29, 2013 11:09 am
Forum: General
Topic: Windows Network Discovery across IPsec in Tunnel Mode
Replies: 5
Views: 1835

Re: Windows Network Discovery across IPsec in Tunnel Mode

Try eoip.
Like "gotsprings" said, try a Layer2 Tunneling Protocol such as EoIP. Alternatively you could run WINS Server.

- Mat
by SwissWISP
Tue Apr 23, 2013 8:39 pm
Forum: General
Topic: Bridge everything except one specific VLAN
Replies: 4
Views: 685

Re: Bridge everything except one specific VLAN

Thanks, I will try that!

- Mat
by SwissWISP
Tue Apr 23, 2013 4:44 pm
Forum: General
Topic: Bridge everything except one specific VLAN
Replies: 4
Views: 685

Re: Bridge everything except one specific VLAN

I just found a way to make this work. I just configured the VLAN on the bridge. But now I have the problem that I also see the tagged Packets on the bridged port. Is there a way to filter these packets?
by SwissWISP
Tue Apr 23, 2013 4:05 pm
Forum: General
Topic: Bridge everything except one specific VLAN
Replies: 4
Views: 685

Bridge everything except one specific VLAN

Hi I would like to know if it is possible to bridge all packes from one port to another, except packets from one specific vlan. This specific VLAN should have an IP on the router itself. The problem is, that if I bridge two ports together, the router also bridges the VLAN I want to use for the route...
by SwissWISP
Fri Apr 19, 2013 8:21 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

how CCR works with BGP, and how to cope with the routing of about 1 Gbps of traffic? Please write, those who used ССR with 2 or more BGP uplinks. I wouldn't use the CCR for BGP routing at the moment. There is a problem with stuck routes: http://forum.mikrotik.com/viewtopic.php?f=14&t=57781 . I was ...
by SwissWISP
Thu Apr 18, 2013 5:27 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

SwissWISP, check if you have not sected different firewall rule ordering. That could explain rules changing order.
That's a good hint. Maybe I have accidentely clicked on that tab. I will keep an eye on that. If it never happens again, it was just my fault.
by SwissWISP
Thu Apr 18, 2013 3:27 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

please generate supout rif when in one state and afterwards generate another one in altered state. we have not seen anything like that. I just saw why these Jobs are created. It's because a autosupout.rif got created in the background (and partly fails). The stuff that happens to the BGP config is ...
by SwissWISP
Thu Apr 18, 2013 2:08 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

It runs on RC14 and there are firewall rules to limit access to this router and of course username and password are not default.
by SwissWISP
Thu Apr 18, 2013 12:45 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

Our CCR acts like it got infected by a Virus. It began to create scripting jobs by itself, changed the position of firewall rules (I was looking at the rules while it was doing it) and deleted my whole BGP config after a reboot. Am I the only one with this problem or did someone else see this too? -...
by SwissWISP
Tue Apr 16, 2013 12:12 pm
Forum: General
Topic: Queues Cisco > Mikrotik
Replies: 22
Views: 3784

Re: Queues Cisco > Mikrotik

Well, I don't see a reason for traffic shaping. To me it sounds a bit like a duplex problem between the RB2011 and the NTU...
by SwissWISP
Mon Apr 15, 2013 3:12 pm
Forum: Forwarding Protocols
Topic: BGP - Local Preference not Working
Replies: 2
Views: 4124

Re: BGP - Local Preference not Working

To change the upload, you just have to set the "Set BGP Local Pref." on the "BGP Actions" tab to a value according to the priority. Example: ----------- FIRST: 100 SECOND: 80 THIRD: 60 But this will route ALL Traffic over the FIRST peer (assuming you get the same prefixes over all peers) if the FIRS...
by SwissWISP
Mon Apr 15, 2013 3:01 pm
Forum: Forwarding Protocols
Topic: IPv6 BGP peering
Replies: 2
Views: 1227

Re: IPv6 BGP peering

Hi

It's just like you would add an IPv4 peer. There are just two differences. 1. Use the IPv6 Address as the Remote Address and 2. select only the checkbox "IPv6" on the "Advanced" tab. That's it...

- Mat
by SwissWISP
Sat Apr 13, 2013 10:15 am
Forum: Forwarding Protocols
Topic: Stuck Routes on Route Cache
Replies: 103
Views: 41131

Re: Stuck Routes on Route Cache

I can confirm (partial) what you are seeing. Our CCR (RC13) is connected to several peers. As soon as I shutdown the session to one peer (with active route), the route disappears completely from the Route List, even though I get this route over serveral(!) other peers too. All routes which get into ...
by SwissWISP
Wed Apr 10, 2013 1:39 pm
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

by SwissWISP
Wed Apr 10, 2013 11:07 am
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

Okay, I upgraded to the most recent version (RC14) and will report back if it runs longer than 9 days. :D

Btw. the CCR I just updated ran ~2 weeks on RC13 without problems.
by SwissWISP
Tue Apr 09, 2013 4:02 pm
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

I can't confirm your problems. Our BGP Sessions are up since several weeks. But our Routers are in the Lab and don't have to push a lot of traffic around.

- Mat
by SwissWISP
Tue Apr 09, 2013 2:00 pm
Forum: RouterBOARD hardware
Topic: Userfeedback / review of CCR1036-12G-4S
Replies: 11
Views: 4659

Re: Userfeedback / review of CCR1036-12G-4S

What do you plan to run on this router? BGP, OSPF, Firewall or VPN? What are the bandwidth requirements? Since fast path isn't ready, you will not get as much Mbps out of this router as Mikrotik announces, if you plan to use the firewall. But if the bandwidth requirements are not in the multi gigabi...
by SwissWISP
Tue Apr 09, 2013 10:14 am
Forum: RouterBOARD hardware
Topic: Userfeedback / review of CCR1036-12G-4S
Replies: 11
Views: 4659

Re: Userfeedback / review of CCR1036-12G-4S

Hi The only thing I can say at the moment is: Experiences are different... Some have a lot of problems (hang/reboot), others don't. We don't see any problems running four BGP peers and some EoIP and L2TP Tunnels over our 1036 (in the Lab), but we just test the functions we need in our Network others...
by SwissWISP
Fri Mar 29, 2013 10:49 am
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

Yeah. It's a direct connection via fiberoptics.
Well, I would check the connection. It looks like your connection is flapping.
Try to ping the peer for some hours.
by SwissWISP
Fri Mar 29, 2013 10:14 am
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

On our 1036 we don't see such problems. We've got BGP sessions that are up since several weeks. Logs: 02:52:10 route,bgp,error HoldTimer expired 02:52:10 route,bgp,error RemoteAddress=8x.1xx.1x.1xx 02:53:08 route,bgp,info Failed to open TCP connection: No route to host 02:53:08 route,bgp,info Remote...
by SwissWISP
Tue Mar 26, 2013 2:37 pm
Forum: General
Topic: L2 Tunnel for 1600 byte packets
Replies: 0
Views: 254

L2 Tunnel for 1600 byte packets

Hi I need to build a fully transparent layer 2 tunnel (VLAN, CDP, DSCP, etc.) that can handle 1600 byte packets. The problem is that a part of the transit network is only able to transmit 1504 bytes per packet. How can this be done? Btw. I know that the PPS will be double of the original data but it...
by SwissWISP
Thu Mar 21, 2013 12:40 pm
Forum: General
Topic: Help blocking DDoS attacks with Mikrotik firewall
Replies: 4
Views: 1715

Re: Help blocking DDoS attacks with Mikrotik firewall

Hi Javii

I would block all traffic to port 80 of your CCR.
If you need port 80 for local administration, you could open it just for your own subnet.

Btw. it's always a good idea to filter every IP which don't need to access the router.

- Mat
by SwissWISP
Tue Mar 12, 2013 1:01 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

It`s the wrong way to find problem... becouse I dont have BGP and I have problem always after 2-3 days TX drops..
Yes, I don't think it's related to BGP. We run BGP on our CCR and I don't have such problems.

- Mat
by SwissWISP
Thu Mar 07, 2013 12:32 pm
Forum: General
Topic: Change "factory-defaults"
Replies: 8
Views: 2490

Re: Change "factory-defaults"

Thanks for the information.
Netinstall works!

- Mat
by SwissWISP
Thu Feb 28, 2013 9:39 am
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

But, if there was more corses to do the bgp. would it be speeded up? Whats really nice, is that each port, don't share internal recourses like the 1xxx series. 1Gig strigt into the core (kernel). Sure would it speed up the building of the routing table. Especially when more peers with full routing ...
by SwissWISP
Wed Feb 27, 2013 3:59 pm
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

16 GB should absolutely be sufficent. :lol:
by SwissWISP
Wed Feb 27, 2013 9:25 am
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

Hi Mat, thanks for sharing! Your BGP Sessions are up with Fulltables? I plan to use Mikrotik in my Edge with 3x Uplinks, but i miss 10 GbE Support over SFP+. Hi raz I'm running one full table, one part table and one table from the local IX (~50k). The downstream router gets the "mix" of all tables....
by SwissWISP
Tue Feb 26, 2013 3:53 pm
Forum: Forwarding Protocols
Topic: OSPFv3 Missing /128 Routes in 5.1
Replies: 73
Views: 18293

Re: OSPFv3 Missing /128 Routes in 5.1

I've got the same problem on a RB1100AH which is connected to a Brocade CER. I get the /128 from the CER but not from the Ciscos behind the CER. The Ciscos all get the /128 of my RB however. At the moment it's not a big problem because I can get the /128 via BGP but hopefully it will be fixed soon. ...
by SwissWISP
Tue Feb 26, 2013 11:11 am
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

Hey Samsung

were you able to test BGP?
My CCR is currently running 3 Sessions to upstream routers and 1 Session to a downstream router. Uptime is almost a week and I've seen no problems so far.

- Mat
by SwissWISP
Wed Feb 20, 2013 9:20 am
Forum: General
Topic: Best Queueing Method on the CCR
Replies: 0
Views: 239

Best Queueing Method on the CCR

Hi!

What would be the best queueing method on the CCR?
I read on this forum that on Multi-Core/CPU systems, multi queue PFIFO is the best option (performance wise).
Is this true and if yes, is this also the case on the CCR?

- Mat
by SwissWISP
Tue Feb 19, 2013 1:32 pm
Forum: General
Topic: Multiple IPs in Address List
Replies: 3
Views: 700

Re: Multiple IPs in Address List

Just add multiple lines using the same Name:
access-list.png
This works for Subnets, Ranges and single IPs.


- Mat
by SwissWISP
Tue Feb 19, 2013 12:16 pm
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

" MD5 passwords don't work" With latest RouterOS version MD5 should work I'm running RC10 built on 15 Feb. and it definitely doesn't work in this version. I've got a Cisco and a Brocade router connected to this CCR and both session don't work with MD5. I will update to the most recent version of Ro...
by SwissWISP
Tue Feb 19, 2013 11:58 am
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

I've got some test results:

- It takes about 30 sec. to load 400k prefixes (one core of the CPU @ 100%)
- MD5 passwords don't work
- As soon as I get more than about 200k prefixes, the "Routes" windows doesnt show all filter options and routes
by SwissWISP
Tue Feb 19, 2013 9:56 am
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

This tell to less to conclude annything other than mikrotik is working to get a 100% systeem running. its still to be consider as a beta test system. I'm not 100% sure what you meant, but we do not complain about low performance we're just testing. We know it's in beta. I was a bit disappointed to ...
by SwissWISP
Tue Feb 19, 2013 12:06 am
Forum: General
Topic: Forward only youtube traffic with user with public IP addres
Replies: 14
Views: 16495

Re: Forward only youtube traffic with user with public IP ad

At the moment your config does nothing but mark packets and connections. :) You don't need the second mangle (postrouting) btw. 1. You have to set a routing mark -> new-routing-mark=Youtube 2. You need to add a new route for the routing mark So it's more like: (not tested) add action=mark-routing ch...
by SwissWISP
Mon Feb 18, 2013 10:43 pm
Forum: RouterBOARD hardware
Topic: CCR - Secondary PSU
Replies: 58
Views: 21114

Re: CCR - Secondary PSU

It would be nice to buy the CCR with 2 PSUs in the first place. With the CCR you're moving into the data centers where this is standard. +1 If I had a wish regarding the features of future CCRs, I would like to see that: - Redundant, hot-swappable PSUs - AC and DC PSU option - hot-swappable fan tra...
by SwissWISP
Sun Feb 17, 2013 1:30 pm
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

I just found a video on youtube on which someone sent 4 full feeds to the CCR.
It looks like the load doesn't get balanced over multiple cores. This is what I suspected. It's too bad that we can't use the full potential of this CPU.
by SwissWISP
Sat Feb 16, 2013 6:05 pm
Forum: General
Topic: Forward only youtube traffic with user with public IP addres
Replies: 14
Views: 16495

Re: Forward only youtube traffic with user with public IP ad

Great, thanks folks! Do you think it will consume many CPU resources?
Layer 7 filters use always more CPU than others. I would say try it and you'll see... :)
by SwissWISP
Sat Feb 16, 2013 1:32 pm
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

I will test that it is working. :D Sure. I already tested BGP on the CCR using a RB1100AHx2 so I can say it works in general. 8) I won't put it in production now. I will just set it up as an iBGP peer to see how it performs when a powerful router sends the full table. So I can plan how it can be us...
by SwissWISP
Sat Feb 16, 2013 12:42 pm
Forum: Forwarding Protocols
Topic: MPLS latency.
Replies: 11
Views: 4609

Re: MPLS latency.

This sounds a bit like the very annoying GRE/EoIP problem discussed on the Ubnt forum. http://forum.ubnt.com/showthread.php?t=46874
Maybe they are related.

Unforunately Ubnt doesn't care. I looks like they think it's a Mikrotik problem...

- Mat
by SwissWISP
Sat Feb 16, 2013 12:33 pm
Forum: General
Topic: Trying to setup RDP from WAN to a LAN
Replies: 3
Views: 953

Re: Trying to setup RDP from WAN to a LAN

You will need to have route in each router pointing to the other subnet. Hm... he runs the AirRouter in SOHO mode (NAT), so this won't work. If he would route it, you were right. 192.168.253.167 should already be able to access 192.168.1.0/24 since you are running the AirRouter in SOHO mode. It's j...
by SwissWISP
Sat Feb 16, 2013 12:21 pm
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

Re: CCR - BGP performance

Thanks for your reply! I'm very interrested to see your results. What do you plan to monitor? I would look at the different CPU Cores to see if the load gets balanced proprerly and how fast the routing table gets copied to the CCR. If work permits, I will test it by myself within the next two weeks....
by SwissWISP
Sat Feb 16, 2013 11:57 am
Forum: Forwarding Protocols
Topic: Public IP's
Replies: 6
Views: 1367

Re: Public IP's

Thanks, was the nat rule :/ jeje. This is the best way to routing public ip range?
Well, it's the correct way of routing... What would you change?
by SwissWISP
Sat Feb 16, 2013 11:53 am
Forum: General
Topic: Forward only youtube traffic with user with public IP addres
Replies: 14
Views: 16495

Re: Forward only youtube traffic with user with public IP ad

the better is to use layer 7...
If it can be filtered correctely, I'm sure this is the best solution, because IP-Subnets can change without notice.
Do you have an example config for the thread starter?
by SwissWISP
Fri Feb 15, 2013 11:30 pm
Forum: General
Topic: Forward only youtube traffic with user with public IP addres
Replies: 14
Views: 16495

Re: Forward only youtube traffic with user with public IP ad

OK, I did some work for you... 8) This is what Google announces to us: 8.8.4.0/24 8.8.8.0/24 8.34.208.0/21 8.34.216.0/21 8.35.192.0/21 8.35.200.0/21 64.233.160.0/19 64.233.168.0/23 66.102.0.0/20 66.249.64.0/19 70.32.128.0/19 72.14.192.0/18 74.125.0.0/16 89.207.224.0/21 108.59.80.0/20 108.170.192.0/1...
by SwissWISP
Fri Feb 15, 2013 11:14 pm
Forum: General
Topic: Forward only youtube traffic with user with public IP addres
Replies: 14
Views: 16495

Re: Forward only youtube traffic with user with public IP ad

Thank you for reply. Do you know how can I get the list of youtube IP addresses? I googled "Youtube IP address list" but I wasn't able to find it.
Well... that's the problem. Maybe you can find a list of all Subnets announced by AS15169.
by SwissWISP
Fri Feb 15, 2013 8:19 pm
Forum: General
Topic: Forward only youtube traffic with user with public IP addres
Replies: 14
Views: 16495

Re: Forward only youtube traffic with user with public IP ad

In general this should be possible. You could do NAT between the public IP of your cheap connection and your public subnet. If you configure your router to use the cheap connection for youtube the packet would be sent out the cheap connection and therefore it will get back over this connection too. ...
by SwissWISP
Fri Feb 15, 2013 3:44 pm
Forum: Forwarding Protocols
Topic: Stuck Routes on Route Cache
Replies: 103
Views: 41131

Re: Stuck Routes on Route Cache

Yes it is still an old code, but we did some major fixes.
Thanks for your reply.
But what about the bug this thread is about? Is it fixed?
by SwissWISP
Fri Feb 15, 2013 3:04 pm
Forum: Forwarding Protocols
Topic: Public IP's
Replies: 6
Views: 1367

Re: Public IP's

Hi! Since you are routing a public IP-Range, you don't need "masquerade". Everything else looks good. First thing you should check is, if your RB is able to ping your GW, which is AA.BB.CC.101 in your example. If this isn't possible your problem lies between your RB and your ISP. If you've got netwo...
by SwissWISP
Fri Feb 15, 2013 2:48 pm
Forum: Forwarding Protocols
Topic: CCR - BGP performance
Replies: 45
Views: 20045

CCR - BGP performance

Hi All

was someone already able to test the BGP performance of the CCRs using full internet routing tables?
I wonder how well it could handle route flaps on a 1 Gig Internet connection.

- Mat
by SwissWISP
Fri Feb 15, 2013 12:16 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

What would be the best queueing method on the CCR?
I read on this forum that on Multi-Core/CPU systems, multi queue PFIFO is the best option (performance wise).
Is this also the case on the CCR?
by SwissWISP
Mon Feb 11, 2013 2:16 pm
Forum: RouterBOARD hardware
Topic: Routerboard Hardware wish list
Replies: 61
Views: 12813

Re: Routerboard Hardware wish list

We would like to see a CCR with 24 copper GigE and 4 SFP+ with two hot-plug PSUs (DC and AC option).
This would be a real enterprise/ISP device.

- Mat
by SwissWISP
Mon Feb 11, 2013 2:13 pm
Forum: RouterBOARD hardware
Topic: CCR - Secondary PSU
Replies: 58
Views: 21114

Re: CCR - Secondary PSU

if you have configuration as i described where main PSU output is higher than backup, then when main PSU fail it will switch to backup one, that already should an indication that things are going wrong. When both of them fail, router will be offline. I think you misunderstood me. If the main PSU fa...
by SwissWISP
Tue Feb 05, 2013 9:49 am
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1014002

Re: CLOUD CORE ROUTER

Hi, is it possible to connect CCR1016-12G to 220V and PoE at the same time to achieve power redundancy in case the internal power supply dies? (Similar question was asked in this thread but not answered.) @beamer Perhaps interesting for you? http://forum.mikrotik.com/viewtopic.php?f=3&t=69422 Ok he...
by SwissWISP
Thu Jan 31, 2013 5:00 pm
Forum: RouterBOARD hardware
Topic: CCR - Secondary PSU
Replies: 58
Views: 21114

Re: CCR - Secondary PSU

you can monitor only active PSU. However if you have them with different rated voltages, then reading what voltage will give you what PSU you are using. Well, the problem is that if the backup PSU fails, we will never know. Maybe you can put this on the "wishlist" of additional features of the CCR ...
by SwissWISP
Thu Jan 31, 2013 10:54 am
Forum: RouterBOARD hardware
Topic: CCR - Secondary PSU
Replies: 58
Views: 21114

Re: CCR - Secondary PSU

Thanks for your reply janisk!

Do you know if we can monitor the voltage of the second PSU via SNMP?

- Mat
by SwissWISP
Tue Jan 29, 2013 5:58 pm
Forum: RouterBOARD hardware
Topic: CCR - Secondary PSU
Replies: 58
Views: 21114

CCR - Secondary PSU

Hi

does someone know if the socket on the attached picture could be used (or is maybe designed) to connect a secondary PSU?

Thanks!
- Mat
by SwissWISP
Wed Jan 23, 2013 11:44 am
Forum: General
Topic: CoDel?
Replies: 2
Views: 529

Re: CoDel?

Thanks for your reply!
Hopefully it will be implemented at some time because it seems to be able to solve some problems at bottlenecks.

- Mat
by SwissWISP
Wed Jan 23, 2013 11:33 am
Forum: General
Topic: CoDel?
Replies: 2
Views: 529

CoDel?

Hi

is CoDel already implemented? If not, are there any plans?

- Mat
by SwissWISP
Tue Jan 22, 2013 10:36 am
Forum: RouterBOARD hardware
Topic: RB100AHx2 and BGP full route views
Replies: 3
Views: 1642

Re: RB100AHx2 and BGP full route views

I would afraid of traffic and not the routes. 440k routes should eat no more than few hundred megs of RAM. I'm with "wpeople". Traffic and CPU load caused by BGP updates are more important. The main question I would ask is: Is this router able to handle two full feeds when they are flapping or some...
by SwissWISP
Tue Jan 22, 2013 10:29 am
Forum: RouterBOARD hardware
Topic: RouterBoard CCR 1036 vs 1100AH(prototype) and 1100AHx2
Replies: 2
Views: 2563

Re: RouterBoard CCR 1036 vs 1100AH(prototype) and 1100AHx2

Hi thanks for sharing your results! Did you check the load on the individual cores of the CCR? Does the load get balanced over multiple cores? I ask this because it's possible that the CCR shows just 1-2% total CPU load but one core is at its limits and you can't route more traffic even though it lo...
by SwissWISP
Sat Jan 19, 2013 12:15 pm
Forum: RouterBOARD hardware
Topic: CCR - Power Cord Retainer
Replies: 4
Views: 1331

Re: CCR - Power Cord Retainer

If you wan to have a look on and you are able to spend 1 minute please give me your vote for that under:
http://forum.mikrotik.com/viewtopic.php?f=3&t=66090
I already voted. 8)
by SwissWISP
Fri Jan 18, 2013 8:43 pm
Forum: RouterBOARD hardware
Topic: CCR - Power Cord Retainer
Replies: 4
Views: 1331

Re: CCR - Power Cord Retainer

I emailed Mikrotik about 8 months ago with photos of a similar arrangement on Juniper EX switches. I got a response back saying they were considering it for future products.
Well, that sounds good. Thanks for your reply!
by SwissWISP
Fri Jan 18, 2013 5:37 pm
Forum: RouterBOARD hardware
Topic: CCR - Power Cord Retainer
Replies: 4
Views: 1331

CCR - Power Cord Retainer

Hi Since it's to easy to accidentally pull the power cord out of the socket, I would really like to see a power cord retainer on the CCRs. Maybe something like the ones used by Cisco (example): http://www.cisco.com/en/US/i/100001-200000/150001-160000/157001-158000/157706.jpg I think it's a "must hav...
by SwissWISP
Thu Jan 17, 2013 11:21 am
Forum: General
Topic: RB1100AHx2 & os 5.22 - BGP
Replies: 3
Views: 854

Re: RB1100AHx2 & os 5.22 - BGP

i have a lost packet's when pinging myself :) the router is really dumb It's because "ping" has a very low priority. A Router has more important things to do... ;-) Even very big and expensive routers drop pings. The best way to check if a router or a link between two routers is causing the problem...
by SwissWISP
Wed Jan 02, 2013 3:52 pm
Forum: RouterBOARD hardware
Topic: have mikrotik any device that can aggregate 10G?
Replies: 14
Views: 2705

Re: have mikrotik any device that can aggregate 10G?

Perhaps it was more related to my poor English language skills, it was sounding rude, but not in the meaning of mine.
Or maybe my english skills... I didn't even understand everything in your last post :? Anyway. I think everything related to this topic is said.
by SwissWISP
Wed Jan 02, 2013 2:47 pm
Forum: RouterBOARD hardware
Topic: have mikrotik any device that can aggregate 10G?
Replies: 14
Views: 2705

Re: have mikrotik any device that can aggregate 10G?

I don't think he was rude, he was just asking for ideas for a future model. If he was rude or just a bit unfriendly is a matter of taste. Swiss and Germans have different views of that but let's go back on topic. He statet that a imaginary device which may be available in the future is better for t...
by SwissWISP
Wed Jan 02, 2013 12:28 pm
Forum: RouterBOARD hardware
Topic: have mikrotik any device that can aggregate 10G?
Replies: 14
Views: 2705

Re: have mikrotik any device that can aggregate 10G?

Hey, why so rude...? I didn't say that a CCR will never be as good as a CER or something. I love the CCRs and I'm sure they will outperform a lot of the "big" routers on the market. But we are talking about the current CCR and "lexlvivs" need for SFP+. Not what could be available at some time in the...
by SwissWISP
Wed Jan 02, 2013 11:32 am
Forum: RouterBOARD hardware
Topic: have mikrotik any device that can aggregate 10G?
Replies: 14
Views: 2705

Re: have mikrotik any device that can aggregate 10G?

Hi since the CCRs don't support SFP+ at the moment, I would use a Brocade CER 2024F or 2024C with a dual 10Gig Module. It's a 65Mpps device (hardware routing) and would do the job nicely. Though it's much more expensive than a CCR but it's a very good device and at least it costs less than a Cisco. ...
by SwissWISP
Fri Dec 14, 2012 5:09 pm
Forum: Forwarding Protocols
Topic: Blackhole by source address?
Replies: 3
Views: 1501

Re: Blackhole by source address?

Okay, I misunderstood your post.

Maybe this Link could be helpful: http://wiki.mikrotik.com/wiki/Generate_ ... ting-marks
I think this is what you want... (more or less)

- Mat
by SwissWISP
Fri Dec 14, 2012 3:27 pm
Forum: Forwarding Protocols
Topic: Blackhole by source address?
Replies: 3
Views: 1501

Re: Blackhole by source address?

It's a quite old post but maybe you didn't find a solution for this. What you would like to do, doesn't work with BGP. You can filter which prefixes you accept from your Neighbour, but you can't tell them to which ASes your prefix(es) should be announced and to which not. And even if it would work. ...
by SwissWISP
Mon Dec 03, 2012 3:15 pm
Forum: General
Topic: TCP performance
Replies: 74
Views: 26166

Re: TCP performance

Do you get these results in both directions?
by SwissWISP
Mon Dec 03, 2012 12:39 pm
Forum: General
Topic: Change "factory-defaults"
Replies: 8
Views: 2490

Re: Change "factory-defaults"

Hm... does really no one know how to disable the reset button or how to install a default-config with a non-standard password?

- Mat
by SwissWISP
Fri Nov 30, 2012 11:01 am
Forum: General
Topic: Wish: Rackmount poe
Replies: 4
Views: 721

Re: Wish: Rackmount poe

Yes, you have more devices but on the other side it has the advantage that a lightning would rather kill your midspan (less or no config) than your router/switch. A damaged router/switch would usually need more time and knowledge to replace. Some midspans also have a built-in surge protection such a...
by SwissWISP
Fri Nov 30, 2012 9:31 am
Forum: General
Topic: Wish: Rackmount poe
Replies: 4
Views: 721

Re: Wish: Rackmount poe

We use 19" Midspans for this. They are also available in 24V so you can power Ubnt and MT devices. Example: http://www.digital-loggers.com/poe24.html
Sure, they are more expensive than a couple of poe injectors but they also give you more control.

Just an idea....

- Mat
by SwissWISP
Fri Nov 30, 2012 9:24 am
Forum: General
Topic: Change "factory-defaults"
Replies: 8
Views: 2490

Re: Change "factory-defaults"

anyone?
by SwissWISP
Thu Nov 29, 2012 4:07 pm
Forum: General
Topic: Change "factory-defaults"
Replies: 8
Views: 2490

Change "factory-defaults"

Hi

is it possible to change the factory-defaults of a RB?
The goal is to prevent our customers from reseting the router so they can gain access via default user and pw.
Is this possible?

Many thanks for your help!

- Mat
by SwissWISP
Mon Nov 26, 2012 5:42 pm
Forum: RouterBOARD hardware
Topic: Poor RouterBoard Quality (last year or so)
Replies: 8
Views: 1371

Re: Poor RouterBoard Quality (last year or so)

Hi, we installed about 60-80 RB7xx and I only know of one device that failed (loose contact at the RJ45 Port). We also installed some RB493 and RB450 and all of them are running trouble-free. The only troubles we had were software related. I heard that some people had problems with the PSUs. Since w...
by SwissWISP
Thu Sep 20, 2012 11:00 am
Forum: RouterBOARD hardware
Topic: RB1100AH (x2) which Port to use?
Replies: 4
Views: 1562

Re: RB1100AH (x2) which Port to use?

Thanks normis

this helped a lot.

- Mat
by SwissWISP
Wed Sep 19, 2012 1:04 pm
Forum: RouterBOARD hardware
Topic: RB1100AH (x2) which Port to use?
Replies: 4
Views: 1562

RB1100AH (x2) which Port to use?

Hi As I read in this forum and in the Manual, it's better to split connections with higher load (ex. Backbone) between the two internal switches. Port 11 seems to be connected directely to the CPU and Ports 12+13 are connected over PCI-E. But in other threads some people write that one should avoid ...
by SwissWISP
Tue Sep 11, 2012 4:45 pm
Forum: Forwarding Protocols
Topic: Slow upstream with RB1100AHx2
Replies: 2
Views: 1332

Re: Slow upstream with RB1100AHx2

I don't know if Half-Duplex GigE is supported by Mikrotik (or by the vendor of the Transits router) but that looks like a duplex mismatch. I may be completely wrong here but that was my first thought.

Do you have 3 GigE Interfaces with a CIR of 1 Gig on each Interface or is the CIR lower?
by SwissWISP
Tue Sep 11, 2012 3:07 pm
Forum: General
Topic: IPv6 Relay
Replies: 3
Views: 1115

Re: IPv6 Relay

Hi mrz,
Thanks for your prompt reply.So, can we expect this feature in near future?
I would like to use this feature too. Is there an ETA?
by SwissWISP
Tue Sep 11, 2012 9:18 am
Forum: Forwarding Protocols
Topic: ospfv3 and ipv6 - Discarding packet: locally originated
Replies: 18
Views: 7763

Re: ospfv3 and ipv6 - Discarding packet: locally originated

Same issue here. Unfortunately it makes it difficult to find the source of other problems because it fills the log very quickly so there is no room for other entries.

- Mat
by SwissWISP
Thu Sep 06, 2012 12:03 pm
Forum: General
Topic: RB1100AHx2 - Import problem
Replies: 6
Views: 906

Re: RB1100AHx2 - Import problem

Just found another problem. I don't know if it is some kind of bug or just the way it has to work: I've got a DHCP-Relay configured on the main system which is disabled at the moment. When I try to import the config file the device whants me to define an Interface because there's no Interface config...
by SwissWISP
Thu Sep 06, 2012 11:17 am
Forum: General
Topic: RB1100AHx2 - Import problem
Replies: 6
Views: 906

Re: RB1100AHx2 - Import problem

I just found the main problem. I had to remove the "mac-address" in the interface part of the file. But there seem to be more problems in the file where it gets stuck.

- Mat
by SwissWISP
Thu Sep 06, 2012 9:33 am
Forum: General
Topic: RB1100AHx2 - Import problem
Replies: 6
Views: 906

Re: RB1100AHx2 - Import problem

Hi Aug thanks for your reply! When I import the file, I don't get any errors: [admin@MikroTik] > import file-name=er1.bac_neu.rsc Opening script file er1.bac_neu.rsc Script file loaded successfully But only a part of the configuration is there after the import. When I just copy/past the script from ...
by SwissWISP
Wed Sep 05, 2012 6:06 pm
Forum: General
Topic: RB1100AHx2 - Import problem
Replies: 6
Views: 906

RB1100AHx2 - Import problem

Hello I've got a problem with my RB1100s. I want to backup the config of one RB1100 and import it on the second RB1100 so I can replace the first one should it fail. I used the command "export" at "/" to export the whole config. The file I get looks OK to me. Then I copy the file (default.rsc) to th...
by SwissWISP
Fri Sep 30, 2011 9:34 am
Forum: Forwarding Protocols
Topic: BGP w/ Cogent
Replies: 12
Views: 4226

Re: BGP w/ Cogent

It looks like a very uncommon setup. To me it still doesn't make much sense. But I don't know their network. :D

Anyway, thank you mhosts for the clarification.
by SwissWISP
Thu Sep 29, 2011 4:51 pm
Forum: Forwarding Protocols
Topic: BGP w/ Cogent
Replies: 12
Views: 4226

Re: BGP w/ Cogent

Why are you using loopbacks for eBGP between providers (loopbacks are typically used in iBGP configuration)? +1 That doesn't make much sense. It only makes sense when you're using an IGP to manage multiple links between the routers which would cause the source IP to change when the main link goes d...
by SwissWISP
Sun Sep 25, 2011 10:51 am
Forum: Beginner Basics
Topic: Limit bandwidth of a Switchport to 20 Mbit/s
Replies: 2
Views: 597

Re: Limit bandwidth of a Switchport to 20 Mbit/s

Hm... well it looks like I'll have a lot to read/learn now.

Thanks for your reply!

- Mat
by SwissWISP
Fri Sep 23, 2011 12:38 pm
Forum: Beginner Basics
Topic: Limit bandwidth of a Switchport to 20 Mbit/s
Replies: 2
Views: 597

Limit bandwidth of a Switchport to 20 Mbit/s

Hi all

I need to limit the bandwidth of a single switch port of my 750GL to 20 Mbit/s.
In WinBox there seems to be a value under "Interfaces" that limits the bandwidth. But this values maxes out at 10 Mbit/s.
Is there a way to set a limit of more than 10 Mbit/s??

Many Thanks!

- Mat