Community discussions

Search found 260 matches

by barkas
Wed Jul 17, 2019 9:05 pm
Forum: General
Topic: VLAN within a VLAN
Replies: 5
Views: 478

Re: VLAN within a VLAN

You could also try to run l2vpn over mpls through that link.
by barkas
Tue Mar 05, 2019 9:36 pm
Forum: General
Topic: Radical change coming for home and small business networking
Replies: 37
Views: 2846

Re: Radical change coming for home and small business networking

Have you drunk their koolaid?
by barkas
Sun Mar 18, 2018 12:17 am
Forum: General
Topic: Router OS cant boot up after latest update
Replies: 3
Views: 670

Re: Router OS cant boot up after latest update

For some reason mikrotik routers sometimes go into a boot loop after an update. I wish they'd fix that.
by barkas
Fri Nov 03, 2017 9:03 pm
Forum: Wireless Networking
Topic: Using Mikrotek at a backpackers hostel
Replies: 5
Views: 688

Re: Using Mikrotek at a backpackers hostel

For non professionals I highly recommend ubiquiti networks, perhaps unifi.

Mikrotik really is more for the network engineer.
by barkas
Thu Aug 31, 2017 8:15 pm
Forum: RouterBOARD hardware
Topic: 10G switch with RJ45?
Replies: 13
Views: 4945

Re: RE: Re: 10G switch with RJ45?

TP-Link T1700G-28TQ?
I'm not interested in 1G ports. Already have couple of such switches.
I want to upgrade my network to 10G.

I was thinking about buying CRS317-1G-16S+RM but idea of having
so many copper SFP+ modules makes me cringe.
As far as I have seen so far, there are no t-sfp+ modules.
by barkas
Mon Jul 17, 2017 10:32 pm
Forum: General
Topic: Features Request: NAT64 + DNS64
Replies: 20
Views: 4625

Re: RE: Re: Features Request: NAT64 + DNS64

Mikrotik recommended SSTP when I asked about this at MUM. I haven't played with it yet, but this appears to be more profile-driven than just a basic IPIP6 tunnel would be. If you're using Mikrotik as the SSTP server, then this will not help much because it won't be able to perform DS-Lite NAT64 (no...
by barkas
Mon Jul 17, 2017 10:31 pm
Forum: General
Topic: Any advantages of stateless firewall on RouterOS?
Replies: 4
Views: 828

Re: Any advantages of stateless firewall on RouterOS?

In redundant setups, statefulness might not be wanted since state tables are not replicated.
Also, performance.
by barkas
Fri Jul 07, 2017 6:48 pm
Forum: General
Topic: ETA v8
Replies: 21
Views: 4116

Re: RE: Re: ETA v8

1GB for just one BGP feed :shock: that's a lot.
Just wait till you see some of the L3VPN/L2VPN NLRI on a service provider on a route reflector. It's far more than that.....
Full table doesn't fit in 1GB anymore.
by barkas
Wed Dec 28, 2016 12:03 am
Forum: General
Topic: Advanced IPSec Configuration
Replies: 6
Views: 1096

Re: Advanced IPSec Configuration

Maybe use l2tp/ipsec?
Then you can assign configurations based on ppp profiles.
by barkas
Wed Dec 28, 2016 12:03 am
Forum: General
Topic: Advanced IPSec Configuration
Replies: 6
Views: 1096

Re: Advanced IPSec Configuration

Maybe use l2tp/ipsec?
Then you can assign configurations based on ppp profiles.
by barkas
Fri Dec 23, 2016 10:51 am
Forum: General
Topic: Feature Request: TACACS/TACACS+
Replies: 35
Views: 8599

Re: Feature Request: TACACS/TACACS+

Tacacs is the proper solution for network device user management.

I would very much like to have that, too.
by barkas
Mon Dec 05, 2016 10:30 pm
Forum: General
Topic: Move from public to private addressing
Replies: 11
Views: 1256

Re: Move from public to private addressing

Public addresses doesn't necessarily mean reachable from the Internet and is as such not an evil in itself.
by barkas
Thu Nov 17, 2016 10:03 pm
Forum: General
Topic: VLANs strategy, router + swicth configuration
Replies: 3
Views: 741

Re: VLANs strategy, router + swicth configuration

Trunking should work, but mikrotik switches are a pain to configure.
Which brings me to question 2: no, because the switches work differently from the routers, to be precise, switched ports work differently.

Another thing, are you sure about the way your qos doesn't work?
by barkas
Fri Sep 16, 2016 8:33 am
Forum: Beginner Basics
Topic: Windows 10 updates killing my network
Replies: 6
Views: 6800

Re: Windows 10 updates killing my network

Wsus
by barkas
Fri Sep 02, 2016 9:29 am
Forum: Forwarding Protocols
Topic: RouterOS IPv6 NAT?
Replies: 4
Views: 1735

Re: RouterOS IPv6 NAT?

Prefix translation please.
by barkas
Tue Aug 09, 2016 11:59 pm
Forum: General
Topic: Scientific Explanation needed for DHCP renew needed!
Replies: 6
Views: 864

Re: Scientific Explanation needed for DHCP renew needed!

If you answer that you know whose ip that was, best be absolutely sure.

So, you can not be sure, since you have no logs and the lease expired at least once.
by barkas
Mon Jul 25, 2016 9:09 am
Forum: Scripting
Topic: Layer 7 Regex for Bank websites
Replies: 3
Views: 1289

Re: Layer 7 Regex for Bank websites

Everybody uses 2048 bit rsa keys at the moment.
by barkas
Thu Jul 21, 2016 11:00 pm
Forum: RouterBOARD hardware
Topic: CCR, "enterprise ready", seriously???
Replies: 35
Views: 5795

Re: RE: Re: CCR, "enterprise ready", seriously???

All about risk management. Four letters... VRRP. Sent from my SM-G920I using Tapatalk VRRP is great for edge routers, but not for core routers.  MT really needs to implement a different type of clustering that supports state synchronization for seamless failover without dropping connections.  Then,...
by barkas
Sun Jul 17, 2016 10:56 am
Forum: RouterBOARD hardware
Topic: Small switch big performance
Replies: 14
Views: 2480

Re: Small switch big performance

So you're looking for a 24 port router? Good luck with that.

Better buy a solid 24 port switch (like tp-link Jetstream or cisco sg300) and combine that with a router.
by barkas
Sun Jul 17, 2016 8:55 am
Forum: General
Topic: Not enough disk space to perform update
Replies: 15
Views: 10055

Re: Not enough disk space to perform update

According to Normis, you have to use the other package download with individual packages and install those instead.
by barkas
Sat Jul 16, 2016 9:14 pm
Forum: General
Topic: IPTV who should pay?
Replies: 46
Views: 3933

Re: RE: Re: IPTV who should pay?

You have your views Chaos, and I respect that,  but you are being a bit naive to think that your every move is not already being spied on.  As it happens the STB's are the next big target for the piracy police so I dont think it is something we will have worry about much longer. The only thing you ...
by barkas
Tue Jul 05, 2016 12:30 am
Forum: General
Topic: VPN Over IPv6 ? How?
Replies: 7
Views: 1261

Re: RE: Re: VPN Over IPv6 ? How?

Your question has little meaning without more detail.  What kind of environment is this?  What is the purpose...are you trying to tunnel your internal network to an IPV6 broker because your ISP only provides IPv4 at this time?  Or just trying to set up a VPN server to listen on an IPv6 address?  No...
by barkas
Fri Jul 01, 2016 10:46 am
Forum: General
Topic: "Protect" some of the network devices. How?
Replies: 3
Views: 687

Re: "Protect" some of the network devices. How?

Good network design with subnets is the answer here.
by barkas
Fri Jul 01, 2016 10:45 am
Forum: Announcements
Topic: v6.36rc [release candidate] is released, wireless-fp package is discontinued!
Replies: 295
Views: 65183

Re: RE: Re: v6.36rc [release candidate] is released, wireless-fp package is discontinued!

bajodel - This is different fix for other issue.
I got it, so I must wait.. ;-)
Please.. answer..  when do you plan to make partitions work on RB3011/ARM ?
Please
by barkas
Thu Apr 14, 2016 5:31 pm
Forum: General
Topic: PAP for Winbox Radius Logins
Replies: 7
Views: 2740

PAP for Winbox Radius Logins

Please make winbox logins with radius as a backend not CHAP-only. CHAP seems like a good idea at first, until you have to severely compromise password security on the radius server by storing all passwords in cleartext. Also, usage of two factor authentication is not possible with CHAP. So please en...
by barkas
Mon Apr 11, 2016 9:39 am
Forum: Beginner Basics
Topic: RouterOS v6.34.1 and UDPLite
Replies: 22
Views: 3746

AW: RouterOS v6.34.1 and UDPLite

If there is a problem with this packet, I can't see it.

I suggest disabling hw checksums on the capturing system. Our just check if the content of the packet is OK.
by barkas
Mon Apr 04, 2016 3:39 pm
Forum: General
Topic: DNS server in ISP network
Replies: 4
Views: 1308

AW: DNS server in ISP network

Can't really go wrong with bind.
by barkas
Sun Mar 27, 2016 10:05 am
Forum: RouterBOARD hardware
Topic: hAP ac (and some other new rotuers) too small flash
Replies: 53
Views: 12987

AW: hAP ac (and some other new rotuers) too small flash

I don't buy mikrotik because I want to be able to do less stuff with the device. It's just a silly decision to limit the hardware in that way.
by barkas
Fri Mar 25, 2016 1:38 am
Forum: Wireless Networking
Topic: Consumer XXX gigabit routers vs MikroTik how do they compare?
Replies: 5
Views: 5358

AW: Consumer XXX gigabit routers vs MikroTik how do they compare?

They do use the hardware features of the socs though, unlike mikrotik.

So faster, but not as capable. Otoh if you need a faster mikrotik, there are options.
by barkas
Fri Mar 25, 2016 1:35 am
Forum: General
Topic: Feature request: AES-NI instruction set for x86 RouterOS
Replies: 15
Views: 4561

AW: Re: Feature request: AES-NI instruction set for x86 RouterOS

but dat "accelerations" severely compromise security. its improve things bout 5x-12x times on most modern (AES-NI aware) x86 chips but at that cost ... think about that: there is no "free cheese/beer" in real world and "improvements" that let CPU do things 10x faster(we're talking bout 95W-178W CPU...
by barkas
Tue Mar 22, 2016 8:58 am
Forum: General
Topic: IPv6 Advice
Replies: 6
Views: 830

AW: IPv6 Advice

Most of those using bcp should be able to transport v6.
by barkas
Tue Mar 15, 2016 12:24 am
Forum: General
Topic: Urgent help please!!
Replies: 4
Views: 786

AW: Urgent help please!!

Netinstall loses the configuration. Hence you being able to login afterwards.
by barkas
Tue Mar 08, 2016 10:47 pm
Forum: General
Topic: Rb3011 issues
Replies: 0
Views: 508

Rb3011 issues

Latest firmware.

Partitioning doesn't work.
It also doesn't hold time, even with active ntp it loses sync after a while.
by barkas
Mon Mar 07, 2016 9:08 pm
Forum: RouterBOARD hardware
Topic: Hardware recommendation
Replies: 6
Views: 1299

AW: Hardware recommendation

Rb3011 if you are brave ;) .
by barkas
Wed Mar 02, 2016 9:01 pm
Forum: RouterBOARD hardware
Topic: SFP+ Multimode module recommandation
Replies: 3
Views: 1358

AW: SFP+ Multimode module recommandation

That is extreme range for 10G mm.
by barkas
Sat Feb 27, 2016 8:24 am
Forum: General
Topic: MikroTik IPSEC Site-2-site to Sonicwall : specifications
Replies: 3
Views: 1946

AW: MikroTik IPSEC Site-2-site to Sonicwall : specifications

If you have multiple subnets in your tunnel, the policy has to be set to encrypt=unique, I found out yesterday.
by barkas
Tue Feb 16, 2016 8:52 am
Forum: Beginner Basics
Topic: Is forward chain firewall rules necessary?
Replies: 5
Views: 1363

AW: Is forward chain firewall rules necessary?

Nat is not supposed to protect anything.
by barkas
Mon Feb 15, 2016 9:24 am
Forum: General
Topic: RouterOS backup, any tester here ?
Replies: 6
Views: 1572

AW: RouterOS backup, any tester here ?

There is mikrotik support in rancid, BTW.
by barkas
Sun Feb 14, 2016 10:59 pm
Forum: RouterBOARD hardware
Topic: Hardware for Fiber based LAN
Replies: 18
Views: 1980

AW: Hardware for Fiber based LAN

Note that there are no 10ge copper sfps.
by barkas
Sun Feb 14, 2016 7:33 pm
Forum: Beginner Basics
Topic: Configuration export is not complete
Replies: 3
Views: 603

AW: Configuration export is not complete

I haven't had that problem, you should take it up with mikrotik support.
by barkas
Sun Feb 14, 2016 5:42 pm
Forum: Beginner Basics
Topic: Configuration export is not complete
Replies: 3
Views: 603

AW: Configuration export is not complete

User accounts for example, on purpose. Please elaborate.
by barkas
Sat Feb 13, 2016 9:03 pm
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 540
Views: 134406

AW: Re: HAP AC

metaROUTER is another thing that is very questionable on SOHO routers. Is it? Mikrotik Routers are the Swiss army knives of networking, so little flash seriously cramps my style. I will not buy any mikrotik device with 16mb flash, either privately or professionally. Because of that at work we are b...
by barkas
Sun Feb 07, 2016 10:16 am
Forum: General
Topic: Firewall ICMP Rule
Replies: 23
Views: 28135

AW: Firewall ICMP Rule

Good point, I can't remember. I shall have to go over that again. The RFC I used is 4890. EDIT: I don't think your ICMPv6 codes are quite right (as were mine, btw, I think I mixed it up with ICMPv4). So here's the new version (I have no IPv6 atm, so I default drop on forward): /ipv6 firewall address...
by barkas
Sun Feb 07, 2016 12:27 am
Forum: General
Topic: Firewall ICMP Rule
Replies: 23
Views: 28135

AW: Firewall ICMP Rule

There is an RFC for that out there, BTW. Because if you block some of that stuff, v6 will stop working at all. Here's my working ruleset for v6, it pretty much implements said rfc: /ipv6 firewall address-list add address=fe80::/64 list=link-local /ipv6 firewall filter add chain=establishedaccept con...
by barkas
Sat Feb 06, 2016 11:47 pm
Forum: Beginner Basics
Topic: Securing APs For Real
Replies: 16
Views: 1666

AW: Securing APs For Real

I don't think you can do anything against attackers with physical access to the device.
by barkas
Sat Feb 06, 2016 8:36 pm
Forum: Beginner Basics
Topic: Connecting MikroTik through a DSL (provider modem) line
Replies: 3
Views: 685

AW: Re: Connecting MikroTik through a DSL (provider modem) line

Hello, We have a FritzBox router (from T-Home) in out firm that uses a DSL line to connect through PPPoE. Now behind it we use a MiktoTik CRS125-24G-1S-2HnD-IN that gets a connection through LAN from the First router. Our servers aren't functioning properly in terms of port-forwarding. Is it possib...
by barkas
Sat Feb 06, 2016 8:30 pm
Forum: General
Topic: NTP Server must be saved as domain name (and resolved every time sync performed)
Replies: 13
Views: 3260

AW: Re: NTP Server must be saved as domain name (and resolved every time sync performed)

i think It's an administrator decision which servers he trust and how he want them to be specified - by name or by ip. Sure, but the NTP server does not support selecting servers by name and neither does it support resolving DNS on every poll. That is because an NTP server tries to lock the clock a...
by barkas
Mon Feb 01, 2016 8:46 am
Forum: General
Topic: NTP Server must be saved as domain name (and resolved every time sync performed)
Replies: 13
Views: 3260

AW: NTP Server must be saved as domain name (and resolved every time sync performed)

With the real ntp package there are no dns names at all.
by barkas
Wed Dec 23, 2015 10:27 am
Forum: Forwarding Protocols
Topic: OSPFv3 with a UBNT edgerouter?
Replies: 7
Views: 2437

AW: OSPFv3 with a UBNT edgerouter?

I couldn't get any routing protocol to work reliably between ubnt and MikroTik. I blame ubnt.
by barkas
Tue Dec 22, 2015 11:19 am
Forum: The User Manager
Topic: how connect two router board to the same radius server by internet
Replies: 2
Views: 1459

AW: how connect two router board to the same radius server by internet

I don't think you really want to do authentication via radius over the Internet.
by barkas
Tue Dec 15, 2015 9:58 pm
Forum: General
Topic: CoDel support?
Replies: 45
Views: 13448

AW: CoDel support?

Yes please.
by barkas
Tue Dec 15, 2015 9:58 pm
Forum: RouterBOARD hardware
Topic: Newbie CRS226-24G-2S+IN Setup
Replies: 15
Views: 2561

AW: Newbie CRS226-24G-2S+IN Setup

Mikrotik switch vlan CONFIG is a major pain to use.
I recommend tp-link Jetstream series.
by barkas
Tue Dec 15, 2015 9:51 pm
Forum: General
Topic: WISP core router configuration
Replies: 14
Views: 2616

AW: Re: WISP core router configuration

Yes you are right. I stated it in a wrong way. I meant that in our network there are multiple vlans which divide clients by region (area), regardless that the former engineer didnt keep them in tact. Obviously these vlans have various ip ranges assigned to them, so on layer 3 firewall policies may ...
by barkas
Tue Dec 15, 2015 9:44 pm
Forum: RouterBOARD hardware
Topic: Ubiquiti ERLite3 beats Mikrotik RB1100AHx2 on performance. Can it be possible?
Replies: 18
Views: 4147

AW: Re: Ubiquiti ERLite3 beats Mikrotik RB1100AHx2 on performance. Can it be possible?

All of my ERL3's have suffered from faulty onboard USB storage.
Wait a second... you're saying whole OS is on the USB stick?!
Image

It's ridiculous and unreliable :?
Yes and yes.
by barkas
Mon Dec 14, 2015 10:02 pm
Forum: RouterBOARD hardware
Topic: Ubiquiti ERLite3 beats Mikrotik RB1100AHx2 on performance. Can it be possible?
Replies: 18
Views: 4147

AW: Re: Ubiquiti ERLite3 beats Mikrotik RB1100AHx2 on performance. Can it be possible?

My experience...it depends on your understanding of "beating"..... I have just, finally, thanks my God, replaced an ERLITE-3 by an RB/3011 on a 300/300 Mbits PPOE/Nated fiber connection with IPTV and IP phone...unbeliable: back to have a router in a corner of my house acting as a router and not cal...
by barkas
Sun Dec 13, 2015 6:23 pm
Forum: General
Topic: WISP core router configuration
Replies: 14
Views: 2616

AW: Re: WISP core router configuration

I agree partially. But my problem is the lack of documentation which leads to such problems. I cant find a way to overcome all these issues so far. I got problems like this and i cannot solve them
You can solve that only by dumping all configs and understanding your network.
by barkas
Sun Dec 13, 2015 12:08 pm
Forum: General
Topic: CRS226 - loop protect, how?
Replies: 13
Views: 3381

AW: CRS226 - loop protect, how?

My advice is to use Mikrotik routers, and buy switches somewhere else.
by barkas
Sun Dec 13, 2015 12:05 pm
Forum: General
Topic: WISP core router configuration
Replies: 14
Views: 2616

AW: Re: WISP core router configuration

There is no documentation at all. Not even the private ip ranges that are used. This makes it difficult in order to make a full customers list with ip and etc. The first thing i am planning to do is to change all the clients into pppoe clients on the bras server. And when its done i want to impleme...
by barkas
Sun Dec 13, 2015 10:06 am
Forum: General
Topic: WISP core router configuration
Replies: 14
Views: 2616

AW: WISP core router configuration

Get an expert.
Recover that password.
Understand the access products.
Then think about it again.

Edit: because from what you wrote, that seems like a sensible setup to me (doing similar stuff for a major European carrier).
by barkas
Sun Dec 13, 2015 10:04 am
Forum: General
Topic: CRS226 - loop protect, how?
Replies: 13
Views: 3381

AW: CRS226 - loop protect, how?

There is no hardware loop prevention in CRS.
by barkas
Fri Dec 11, 2015 10:16 pm
Forum: RouterBOARD hardware
Topic: Ubiquiti ERLite3 beats Mikrotik RB1100AHx2 on performance. Can it be possible?
Replies: 18
Views: 4147

AW: Ubiquiti ERLite3 beats Mikrotik RB1100AHx2 on performance. Can it be possible?

I have no doubt that the erl is faster - within its operational parameters.

It's a limited, but very fast device. It's a good device in its class.

That said, even if the benchmarks by Mikrotik are optimistic, I think it's faster than ubnt claims in that PDF.
by barkas
Thu Dec 10, 2015 9:13 am
Forum: RouterBOARD hardware
Topic: hEX nand size ONLY 16MB !!!!
Replies: 61
Views: 16985

AW: Re: hEX nand size ONLY 16MB !!!!

we have something better than hardware NAT, it is called Fasttrack.
Now that's just marketing bs.

Please define what better means for you in this case.
by barkas
Sat Dec 05, 2015 9:06 am
Forum: General
Topic: DNS in NTP client?
Replies: 14
Views: 3557

AW: DNS in NTP client?

So if I want full ntp, I'm out of luck?
by barkas
Tue Dec 01, 2015 4:20 pm
Forum: General
Topic: DNS in NTP client?
Replies: 14
Views: 3557

Re: DNS in NTP client?

Already possible for about a year now: /system ntp client set server-dns-names="server1.example.net,server2.example.net" It's just missing from WinBox. That property doesn't exist on my RB850 with 6.32.3. I only have primary-ntp and secondary-ntp. /system ntp client> set Change properties of one or...
by barkas
Tue Dec 01, 2015 8:54 am
Forum: General
Topic: DNS in NTP client?
Replies: 14
Views: 3557

AW: DNS in NTP client?

It still ends up as Ips in the configuration.
by barkas
Mon Nov 30, 2015 9:19 pm
Forum: RouterBOARD hardware
Topic: Home network
Replies: 8
Views: 1401

AW: Home network

You could, but I can not recommend Mikrotik switches.
Better use the router and a separate switch. Tp-link builds nice cheap ones (the Jetstream series) .
by barkas
Mon Nov 30, 2015 9:16 pm
Forum: General
Topic: DNS in NTP client?
Replies: 14
Views: 3557

AW: DNS in NTP client?

Yes please.
by barkas
Sat Nov 28, 2015 7:03 pm
Forum: Wireless Networking
Topic: WI-FI ROAMING 802.11r QUESTION
Replies: 30
Views: 18498

AW: WI-FI ROAMING 802.11r QUESTION

Devices have a tendency to hang on to weak signals so that doesn't work too well usually.

802.11r please.
by barkas
Wed Nov 25, 2015 6:23 pm
Forum: RouterBOARD hardware
Topic: hEX nand size ONLY 16MB !!!!
Replies: 61
Views: 16985

AW: hEX nand size ONLY 16MB !!!!

I need to be able to use the partition feature, 16mb flash is useless to me.
Please document flash sizes.
by barkas
Wed Oct 07, 2015 9:29 am
Forum: General
Topic: Mangles!!!!!!
Replies: 2
Views: 342

AW: Mangles!!!!!!

It's pretty much standard Linux firewalling.
by barkas
Mon Sep 14, 2015 9:51 pm
Forum: Forwarding Protocols
Topic: Is it possible for a customer router to announce routes to the provider edge of an MPLS / VRF network?
Replies: 5
Views: 672

AW: Re: Is it possible for a customer router to announce routes to the provider edge of an MPLS / VRF network?

Thanks for the pointers. One more question if you don't mind, is there any reason to put public transit inside a VRF? Vrf is always an easy way to control who speaks to whom, which may be easier than using a lot of firewall rules to shield your router loopbacks from customers. But then, a lot of ne...
by barkas
Tue Sep 01, 2015 1:00 am
Forum: General
Topic: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst
Replies: 71
Views: 11988

AW: Re: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst

http://routerboard.com/RB951G-2HnD You're welcome. And FYI Mikrotik routers are primarily for enterprise users. Yeah, true enterprise. That's why we see 1000 bugs every new version. I mean in every version atleast 1 major stuff is broken. Come on.... Mikrotik is a cheap alternative to a true enterp...
by barkas
Sat Aug 15, 2015 11:13 am
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 47664

AW: Re: 6.31 released

Not working on my 450g, it restarts every few minutes.
On second router 2011 works fine.
Same here, rebooting on 450g, stable on 850g.

This is not acceptable, even at home I could not run a Mikrotik setup without redundancy preferably with different models.
by barkas
Wed Aug 12, 2015 6:18 pm
Forum: General
Topic: The Dude Client For Android
Replies: 4
Views: 739

AW: The Dude Client For Android

The dude is dead.
by barkas
Mon Aug 10, 2015 8:20 pm
Forum: General
Topic: Tilera vs. intel vs. mips-be
Replies: 10
Views: 3410

AW: Tilera vs. intel vs. mips-be

You can not directly compare clocks, please refer to the routerboard datasheets.
by barkas
Mon Aug 10, 2015 8:18 pm
Forum: RouterBOARD hardware
Topic: Need info for purchasing decision
Replies: 5
Views: 820

AW: Re: Need info for purchasing decision

If you don't need many ports, I would buy the new version of the RB850Gx2.
2nd that, it's very much fast enough.
by barkas
Sun Aug 09, 2015 12:12 am
Forum: General
Topic: Feature Request: RSTP for CRS to build ring network
Replies: 23
Views: 6074

AW: Feature Request: RSTP for CRS to build ring network

Obviously the are more advanced techniques to solve that problem, but stp / rstp is should be a supported baseline.
by barkas
Sun Aug 09, 2015 12:09 am
Forum: Forwarding Protocols
Topic: Any plans to implement segment routing
Replies: 5
Views: 1529

Any plans to implement segment routing

Segment routing seems to be the thing to do at the moment to build a mpls network. Any plans?
by barkas
Thu Jul 16, 2015 9:23 pm
Forum: Announcements
Topic: v6.30.x bugfix release
Replies: 136
Views: 33692

Re: v6.30.1 bugfix release

Still kills my rb450g, last working os is 6.29.1.
Please describe "kills"
All ports stay down. I sent a mail to Mikrotik support, no answer yet.
by barkas
Thu Jul 16, 2015 8:47 am
Forum: Announcements
Topic: v6.30.x bugfix release
Replies: 136
Views: 33692

v6.30.1 bugfix release

Still kills my rb450g, last working os is 6.29.1.
by barkas
Tue Jul 14, 2015 8:27 am
Forum: Beginner Basics
Topic: Issue with VLANs and Trunks
Replies: 8
Views: 1741

Issue with VLANs and Trunks

Bridge is in software and really slow.
by barkas
Sun Jul 12, 2015 10:04 am
Forum: RouterBOARD hardware
Topic: RB2011UAS Console Port to Cisco SW
Replies: 6
Views: 2276

RB2011UAS Console Port to Cisco SW

There's nothing different. Have you tried a serial crossover cable?
by barkas
Sat Jul 11, 2015 10:36 am
Forum: Beginner Basics
Topic: Max speed WAN not 500 mbps, but drops to 183 mbps
Replies: 5
Views: 983

Re: Max speed WAN not 500 mbps, but drops to 183 mbps

CRS is quite slow as a router, it is intended to be mainly a switch. My recommendation is RB850Gx2 as a minimum. I can do 500Mbps natting with RB2011 and FastTrack at 65% CPU, but not if the port is in a RouterOS bridge. But I see this is a symmetric connection, so I don't think the RB2011 would be...
by barkas
Sat Jul 11, 2015 9:09 am
Forum: Beginner Basics
Topic: Max speed WAN not 500 mbps, but drops to 183 mbps
Replies: 5
Views: 983

Re: Max speed WAN not 500 mbps, but drops to 183 mbps

CRS is quite slow as a router, it is intended to be mainly a switch.
My recommendation is RB850Gx2 as a minimum.
by barkas
Fri Jul 10, 2015 9:06 am
Forum: Virtualization
Topic: Metarouter on RB850Gx2
Replies: 7
Views: 2379

Metarouter on RB850Gx2

As of today there is no multi core metarouter support.
by barkas
Wed Jul 08, 2015 11:26 pm
Forum: Announcements
Topic: 6.30 released
Replies: 180
Views: 42417

6.30 released

After installation on rb450g after boot it takes all interfaces offline and there is no way to get at it anymore. Did netinstall, worked at first, but after configuration restore it is unreachable again. Then I reset the configuration but it's still unreachable. Nothing on serial console either. Now...
by barkas
Tue Jul 07, 2015 7:40 pm
Forum: RouterBOARD hardware
Topic: Seeking Hardware Recommendation?
Replies: 4
Views: 848

Seeking Hardware Recommendation?

Mikrotik routers are great, I'd stay away from the switches.
by barkas
Tue Jul 07, 2015 9:00 am
Forum: Beginner Basics
Topic: VLAN Trunking
Replies: 9
Views: 1120

VLAN Trunking

Firewall rules.
by barkas
Tue Jul 07, 2015 8:58 am
Forum: Beginner Basics
Topic: Switching from RB951 to CCR-1009 : Question about multiple SSID's
Replies: 8
Views: 858

Switching from RB951 to CCR-1009 : Question about multiple SSID's

Depends on if the unmanaged switch will pass vlans. If not, it's probably best to just buy a managed switch, they are quite cheap by now. Our you could do some tunneling between the routers, like l2tp for each ssid.
by barkas
Mon Jul 06, 2015 8:49 am
Forum: General
Topic: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst
Replies: 71
Views: 11988

Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst

No. Gigabit means rb1100ahx2 or ccr anyway. You can not expect a 70eu router to do everything you could ever want. There are performance considerations when buying a router which you ignored completely and you have nobody to blame for that but yourself. Instead you feel cheated and blame Mikrotik, t...
by barkas
Sun Jul 05, 2015 11:13 pm
Forum: General
Topic: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst
Replies: 71
Views: 11988

Re: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst

http://routerboard.com/RB951G-2HnD You're welcome. And FYI Mikrotik routers are primarily for enterprise users. Which is the feature for maximum bandwith for pppoe? At least you can see mode bridging and routing and talk about 25 filter rules, I have 9 filters rules and 39 nat not active when do th...
by barkas
Sun Jul 05, 2015 8:44 pm
Forum: General
Topic: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst
Replies: 71
Views: 11988

Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst

RB850Gx2 is still relatively low cost. If you buy an enterprise level connection from a big provider at this speed, the cpe will most likely be a Cisco asr1000 series router, which is truly expensive. Then, understand that the people here do this for fun in their free time. I have zero patience for ...
by barkas
Sun Jul 05, 2015 2:51 pm
Forum: General
Topic: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst
Replies: 71
Views: 11988

Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst

There is nothing wrong at all. The isp cpe probably is a cheap chip that does exactly what is needed in hardware and nothing else. Mikrotik is an all purpose router that does it all in software.
And don't complain that it's slow. Go buy a $2000 cisco router and see how fast that is in comparison.
by barkas
Sun Jul 05, 2015 11:21 am
Forum: Forwarding Protocols
Topic: VPLS TUNNEL PROBLEMS
Replies: 6
Views: 1607

VPLS TUNNEL PROBLEMS

Try checking the label switching tables, something is probably wrong there somewhere.
Be aware that single hops in mpls may not actually be label switched, so your multi hop scenario might be very different from your single hop test.
by barkas
Sun Jul 05, 2015 11:16 am
Forum: General
Topic: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst
Replies: 71
Views: 11988

Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst

Actually, with connection tracking off, a 951g does the gigabit just fine, pure routing. With pppoe, probably not. You might just the provider cpe to do that and deploy the Mikrotik behind it. I'm fuzzy on what FastTrack actually is and what its limitations are, so you'd have to experiment on that a...
by barkas
Sun Jul 05, 2015 8:34 am
Forum: General
Topic: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst
Replies: 71
Views: 11988

Re: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst

I can't understand this answer, is incredible for me not receve solutions and have to read this thinks... My router is in my house not is profesional use, in forums in Spain all proole talk about this, I would like can use all the bandwith that I pay to my provider. I not need all bandwith, you nee...
by barkas
Sat Jul 04, 2015 8:40 pm
Forum: General
Topic: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst
Replies: 71
Views: 11988

Re: Problem with router with new ISP bandwith Movistar in Spain to 300 Mb for download fasttrack work wosrst

I can't understand this answer, is incredible for me not receve solutions and have to read this thinks... My router is in my house not is profesional use, in forums in Spain all proole talk about this, I would like can use all the bandwith that I pay to my provider. I not need all bandwith, you nee...
by barkas
Wed Jul 01, 2015 9:44 am
Forum: General
Topic: ISP Expert
Replies: 7
Views: 1131

ISP Expert

I'm doing enterprise fixed line stuff only so I can not really tell you anything about wireless.
by barkas
Wed Jul 01, 2015 1:11 am
Forum: General
Topic: What would you do if you were me? Network Security with a budget of ZERO!
Replies: 2
Views: 548

What would you do if you were me? Network Security with a budget of ZERO!

You need to implement authentication of some sort asap, even if it is only wpa2 enterprise, or you are really screwed, probably sooner rather than later.
by barkas
Tue Jun 30, 2015 10:13 pm
Forum: Forwarding Protocols
Topic: BGP with MPLS
Replies: 6
Views: 1597

Re: BGP with MPLS

Does it matter how it is achieved if the router gives you wirespeed? Yes. It always matters how something is done. If you don't understand the underlying tech and the pros/cons of various methods to choose from, then you're just pushing buttons until it works, and not truly designing something that...
by barkas
Tue Jun 30, 2015 10:08 pm
Forum: General
Topic: ISP Expert
Replies: 7
Views: 1131

ISP Expert

This reads as if you have no prior isp experience in which case you should hire someone who has. Then, think about your customer - who is he and how will you connect him? End users will typically be connected using cheap routers and dynamic Ips. Don't use an authentication technique you are not sure...
by barkas
Tue Jun 30, 2015 9:54 pm
Forum: Beginner Basics
Topic: VLAN tunking
Replies: 11
Views: 1534

Re: VLAN tunking

Bump! I would really appreciate some feedback on this. Regards, Henry. This should be fairly easy. I'm not sure you have understood vlan trunking though. There is no intervlan trunking and the term suggests a misconception on your part. Thank you for your constructive answer! You are correct, I hav...
by barkas
Tue Jun 30, 2015 8:48 am
Forum: Beginner Basics
Topic: VLAN tunking
Replies: 11
Views: 1534

Re: VLAN tunking

Bump!

I would really appreciate some feedback on this.


Regards,
Henry.
This should be fairly easy. I'm not sure you have understood vlan trunking though. There is no intervlan trunking and the term suggests a misconception on your part.
by barkas
Tue Jun 30, 2015 8:46 am
Forum: Beginner Basics
Topic: VLAN tunking
Replies: 11
Views: 1534

Re: VLAN tunking

This config is easy to solve with Cisco using VTP. Im curious about solving this issue on Mtik.
What in the world has this to do with vtp?
by barkas
Tue Jun 23, 2015 10:02 pm
Forum: General
Topic: A few odd things in routeros compared to an asa
Replies: 8
Views: 1204

Re: A few odd things in routeros compared to an asa

The security level design of the asa is really bad. It's much too simplistic to do anything useful with and then just stands in the way. I think the security level doesn't even do anything once you start putting actual input/output rules onto interfaces. I was experimenting with an older version of...
by barkas
Mon Jun 22, 2015 9:10 pm
Forum: RouterBOARD hardware
Topic: A perfect device for the home
Replies: 4
Views: 1211

A perfect device for the home

The upcoming hap ac seems to be the device to get.
by barkas
Mon Jun 22, 2015 9:08 pm
Forum: General
Topic: ISP Expert
Replies: 7
Views: 1131

ISP Expert

Please elaborate.
by barkas
Sat Jun 20, 2015 10:29 am
Forum: Forwarding Protocols
Topic: BGP with MPLS
Replies: 6
Views: 1597

BGP with MPLS

Does it matter how it is achieved if the router gives you wirespeed?
by barkas
Sat Jun 20, 2015 10:28 am
Forum: General
Topic: A few odd things in routeros compared to an asa
Replies: 8
Views: 1204

A few odd things in routeros compared to an asa

The security level design of the asa is really bad. It's much too simplistic to do anything useful with and then just stands in the way.
by barkas
Fri Jun 19, 2015 9:54 pm
Forum: General
Topic: A few odd things in routeros compared to an asa
Replies: 8
Views: 1204

A few odd things in routeros compared to an asa

That is actually the Asa being weird.
by barkas
Thu Jun 04, 2015 2:36 am
Forum: Wireless Networking
Topic: MLPS on small WISP (30 clients), is it overkill or necessary?
Replies: 3
Views: 936

MLPS on small WISP (30 clients), is it overkill or necessary?

If you have a scenario where you want the functionality, go for it. If not, don't.
By that I mean vrf lite. Mpls is really only relevant if you have multiple routers.
by barkas
Mon May 25, 2015 8:59 pm
Forum: Scripting
Topic: how to script for bogon
Replies: 5
Views: 2522

how to script for bogon

Bogons do exist and are the physical particle of bogusness.
by barkas
Sat May 16, 2015 7:20 pm
Forum: Beginner Basics
Topic: Export RB750 -> Import RB850GX2
Replies: 3
Views: 617

Export RB750 -> Import RB850GX2

I wouldn't think so, but you have to try that for yourself, obviously.
by barkas
Mon May 11, 2015 10:20 pm
Forum: General
Topic: SIP Helper
Replies: 8
Views: 2655

SIP Helper

Usually, always disable the sip helper.
by barkas
Sun May 10, 2015 10:39 pm
Forum: Forwarding Protocols
Topic: Url-based incoming NAT? Possible
Replies: 7
Views: 4037

Re: Url-based incoming NAT? Possible

Proxy is not the solution, i want it to forward any traffic aimed at the specified dns name. Just like using regexp and layer 7 for outgoing traffic. I just dont know if it is possible. /HW No, it's not possible like you're asking, and when you think about it you'll see why: DNS only resolves a hos...
by barkas
Sun May 10, 2015 11:02 am
Forum: Forwarding Protocols
Topic: Url-based incoming NAT? Possible
Replies: 7
Views: 4037

Url-based incoming NAT? Possible

Cool idea, but usually you would use a http proxy to do that.
by barkas
Fri May 08, 2015 10:52 pm
Forum: General
Topic: Why is the connection between KVM hosts in RouterOS called bridge but not switch?
Replies: 3
Views: 453

Why is the connection between KVM hosts in RouterOS called bridge but not switch?

No.

switch is a name that has come into use for a multiport bridge that is quick and realized in hardware. Meaning, the older name bridge fits better in this case.
by barkas
Fri May 01, 2015 4:04 pm
Forum: General
Topic: One network, two DHCP servers - looking for advice
Replies: 7
Views: 1292

AW: One network, two DHCP servers - looking for advice

Cluster the servers or use different pools.
by barkas
Fri May 01, 2015 9:33 am
Forum: General
Topic: Feature Request: Suricata
Replies: 20
Views: 7014

AW: Feature Request: Suricata

Mikrotik is a router, not a firewall.
by barkas
Thu Apr 23, 2015 9:21 am
Forum: General
Topic: Feature Request: RSTP for CRS to build ring network
Replies: 23
Views: 6074

AW: Feature Request: RSTP for CRS to build ring network

That's not very helpful, he obviously needs some sort of redundancy in his network.
by barkas
Sun Apr 19, 2015 9:29 pm
Forum: General
Topic: RB750UP Switch Chip and Routing
Replies: 3
Views: 846

AW: RB750UP Switch Chip and Routing

That may be possible to some degree using the rule engine of the switch chip, but it is just a l2 device, no l3 switching possible.
by barkas
Wed Apr 15, 2015 2:39 am
Forum: General
Topic: VRRP Setup Help
Replies: 9
Views: 1274

AW: Re: VRRP Setup Help

It is not for load balancing. I am trying to set up a hardware failover with VRRP. I have two leased lines with fixed IPs in /29 subnet. Is it possible to have two different fixed WAN IPs in two different subnets? This basic example doesn't work. Mikrotik doesn't allow me to create two 192.168.1.1/...
by barkas
Mon Apr 13, 2015 12:16 pm
Forum: Beginner Basics
Topic: Bridge mode performance question
Replies: 9
Views: 1238

Re: Bridge mode performance question

why you say it will be bad?
i realy expect to have Gbit on those 5x Gbit ports. :(
In that case you need to use the switch, with master/slave ports. Those need to be separate for the two switch chips and you can then bridge those.
by barkas
Mon Apr 13, 2015 12:13 pm
Forum: General
Topic: VRRP Setup Help
Replies: 9
Views: 1274

Re: VRRP Setup Help

Hi barkas, What do you mean by the primary router would have the .2, backup .3, and vrrp ip would have the .1? Shouldn't the Primary and Backup be in a /32 subnet? Thanks. All addresses in a VRRP need to be in the same network. So for example the virtual address would be 192.168.0.1/24, while the r...
by barkas
Mon Apr 13, 2015 9:10 am
Forum: Beginner Basics
Topic: Bridge mode performance question
Replies: 9
Views: 1238

AW: Bridge mode performance question

Doesn't matter, bridge is in software anyway.
Performance will be bad no matter what you do.
by barkas
Mon Apr 13, 2015 9:09 am
Forum: General
Topic: VRRP Setup Help
Replies: 9
Views: 1274

AW: VRRP Setup Help

On a working vrrp setup, the primary router would have the .2, the backup would have the .3 and the vrrp ip would have the .1, all in the same subnet. Your Ips look strange to me.
by barkas
Sun Apr 12, 2015 5:43 pm
Forum: RouterBOARD hardware
Topic: Which hardware to use
Replies: 3
Views: 791

AW: Which hardware to use

Ipsec?
by barkas
Sat Apr 04, 2015 11:13 am
Forum: General
Topic: Mikrotik CRS125-24G-1S-2HnD- speed issues.
Replies: 3
Views: 604

AW: Mikrotik CRS125-24G-1S-2HnD- speed issues.

You must use master slave for any kind of speed. The CPU of this is quite slow.
by barkas
Sun Mar 22, 2015 9:21 am
Forum: General
Topic: 300mpbs and Routerboard
Replies: 10
Views: 1405

AW: Re: 300mpbs and Routerboard

Barkas,

Do you think the 850g2 will do 1000mpbs wan to lan when it becomes available?
Iperf result was 950 MBit with one nat rule and 1500byte mtu.

Still, with 1g I would go with the 1100 or a small ccr.
Or with ubnt edgerouter if you want to go that way.
by barkas
Sun Mar 22, 2015 8:48 am
Forum: General
Topic: 300mpbs and Routerboard
Replies: 10
Views: 1405

AW: Re: 300mpbs and Routerboard

This router can be a better choice because includes wireless.
http://routerboard.com/RB951G-2HnD
It can reach 300mbps. It is also overclockable to 750Mhz, stable.
This one is about 20% faster than the 750gl,so, not fast enough.
by barkas
Sat Mar 21, 2015 5:51 pm
Forum: General
Topic: 300mpbs and Routerboard
Replies: 10
Views: 1405

Re: 300mpbs and Routerboard

I recommend the RB850Gx2, it's very quick for its price. The bytes refer to packet sizes. Download tests will usually use full sized (1500B) packets. Which to look at you have to decide for yourself, it depends on the real world packet size mix this router will actually encounter. Also, those are st...
by barkas
Fri Mar 20, 2015 9:39 am
Forum: General
Topic: RB2011 IPSec throughput
Replies: 6
Views: 4383

AW: RB2011 IPSec throughput

Seems reasonable to me.
by barkas
Sun Mar 15, 2015 9:33 am
Forum: General
Topic: Are either of these diagrams okay? Opinions?
Replies: 1
Views: 458

AW: Are either of these diagrams okay? Opinions?

Better to use switched spokes then. Cheaper and easier. I'd even switch the hub in such a small network and connect the router to the hub switch.
by barkas
Sat Mar 14, 2015 8:58 am
Forum: Beginner Basics
Topic: What about EIGRP at Mikrotik
Replies: 7
Views: 2214

AW: What about EIGRP at Mikrotik

Isis should come first.
by barkas
Tue Mar 10, 2015 10:08 pm
Forum: Beginner Basics
Topic: What device do I need?
Replies: 2
Views: 555

AW: What device do I need?

You should take a look at the ccr line.
by barkas
Mon Mar 09, 2015 10:08 pm
Forum: Forwarding Protocols
Topic: Port Forwarding SIP Protocol
Replies: 5
Views: 2334

AW: Port Forwarding SIP Protocol

FYI this is a problem on most routers, sip alg should almost always be disabled.
by barkas
Sat Mar 07, 2015 2:18 pm
Forum: General
Topic: What difference is there between TP-link and mikrotik router
Replies: 223
Views: 48057

Re: What difference is there between TP-link and mikrotik router

I don't think he actually is a troll in the classic sense, it's just who he is, but that doesn't really make any difference in the end.
by barkas
Sat Mar 07, 2015 11:12 am
Forum: RouterBOARD hardware
Topic: memory in 850gx2?
Replies: 6
Views: 1273

AW: memory in 850gx2?

No, he's right, I noticed that on mine too. I would expect the rest to be reserved for some internal use by the hardware.
by barkas
Sun Mar 01, 2015 4:45 pm
Forum: General
Topic: What difference is there between TP-link and mikrotik router
Replies: 223
Views: 48057

AW: What difference is there between TP-link and mikrotik router

Don't assume that's the fastest you can get just by looking at what they sell to the private sector.
by barkas
Sun Feb 15, 2015 11:28 pm
Forum: General
Topic: What difference is there between TP-link and mikrotik router
Replies: 223
Views: 48057

AW: What difference is there between TP-link and mikrotik router

This is my very favorite thread.
by barkas
Thu Feb 12, 2015 8:45 am
Forum: General
Topic: What difference is there between TP-link and mikrotik router
Replies: 223
Views: 48057

AW: What difference is there between TP-link and mikrotik router

Lol you can download and run routeros freely, without key it is a trial. Can you do nothing yourself?
by barkas
Sun Feb 08, 2015 2:17 pm
Forum: Beginner Basics
Topic: invalid connection state
Replies: 4
Views: 2255

AW: invalid connection state

If it's not new, established or related, it's invalid.
Which means it's not part of a known tcp connection and is not opening a new one.
That may be because of some attack on a flow or because the conntrack table is full.
by barkas
Sun Feb 08, 2015 2:13 pm
Forum: General
Topic: CRS125-24G-1S disappointing speed test results
Replies: 11
Views: 2279

AW: Re: CRS125-24G-1S disappointing speed test results

So according to the Note from the RouterOS manual I am testing correctly, the router in the middle, in my case I test the speed of CRS125 (at least according to the official documentation). What do you guys think about that? I think the official documentation does not match the received wisdom on t...
by barkas
Sun Feb 08, 2015 2:52 am
Forum: RouterBOARD hardware
Topic: 951G-2HnD too slow for 1Gbps connection?
Replies: 24
Views: 4335

AW: 951G-2HnD too slow for 1Gbps connection?

A ubiquiti edgerouter will nicely do 1g with an OK feature set.
by barkas
Mon Jan 26, 2015 10:13 pm
Forum: RouterBOARD hardware
Topic: Hardware Suggestion for Home Network
Replies: 18
Views: 4541

Re: AW: Hardware Suggestion for Home Network

Thanks for the responses. I'm still a bit confused though. If I was to do this network with a Ubiquiti solution, it'd be Unifi Secure Gateway router -> ToughSwitch POE -> ethernet wall sockets + 2x Unifi AP-LR. I want to build the network with Mikrotik gear. The CAP2n units can replace the Unifi AP...
by barkas
Sun Jan 25, 2015 11:29 am
Forum: RouterBOARD hardware
Topic: Hardware Suggestion for Home Network
Replies: 18
Views: 4541

Re: AW: Hardware Suggestion for Home Network

Watch out. CRS is not router. You might be disappointed by its routing speed when you use it as router. It is a switch. Maybe that with 100Mbps there will be no impact but you have to think of future also. Are you going to rise your connectivity? If that's the case, why does the Routerboard site sa...
by barkas
Sun Dec 21, 2014 10:04 am
Forum: RouterBOARD hardware
Topic: RB750GL Throughput Question
Replies: 6
Views: 2556

Re: AW: RB750GL Throughput Question

Why not just read the bottom of this page. http://routerboard.com/RB750GL I did read the bottom of this page, which is what started to raise my concern, I was looking for feedback from those with practical experience rather than the benchmark tests, I am not sure if I will actually get 25 rules in ...
by barkas
Wed Dec 17, 2014 8:35 pm
Forum: RouterBOARD hardware
Topic: RB750GL Throughput Question
Replies: 6
Views: 2556

Re: AW: RB750GL Throughput Question

The Mt testing is only technically true. A rb750g is capable of gigabit doing purely routing. If you do any sort of useful firewalling, this goes down considerably.
In other words, a erl is much faster. For Internet uplink use the rb750g is fine, but not for internal gigabit firewalling.
by barkas
Wed Dec 17, 2014 9:10 am
Forum: General
Topic: 300mbps and RB750gl Hardwired
Replies: 9
Views: 1218

Re: AW: 300mbps and RB750gl Hardwired

No mipsbe Mikrotik router is capable of those speeds using meaningful firewall rules. The PPC ones may be. I'd recommend the ubiquiti edgerouter, which is cheap and does gigabit wirespeed.
by barkas
Tue Dec 16, 2014 11:11 pm
Forum: Forwarding Protocols
Topic: Limit what routes OSPF redistributes
Replies: 3
Views: 826

Re: Limit what routes OSPF redistributes

Additionally you should always filter the routes a cpe advertises to you, who knows what the customer does with it.
by barkas
Tue Dec 16, 2014 11:10 pm
Forum: Forwarding Protocols
Topic: BGP and MPLS
Replies: 9
Views: 2238

Re: BGP and MPLS

I agree with Barkas. However, the wiki ( http://wiki.mikrotik.com/wiki/Manual:MPLSVPLS ) clearly states that LDP by default distributes labels for active IGP routes (that is - connected, static, and routing protocol learned routes, except BGP). I added the loopback address (/32) to the bgp networks...
by barkas
Tue Dec 16, 2014 9:05 am
Forum: Forwarding Protocols
Topic: BGP and MPLS
Replies: 9
Views: 2238

Re: AW: BGP and MPLS

Interesting, I suggest you test it.
by barkas
Mon Dec 15, 2014 8:41 pm
Forum: Forwarding Protocols
Topic: BGP and MPLS
Replies: 9
Views: 2238

Re: AW: BGP and MPLS

Yes. All that's needed is a routed infrastructure - the protocol used is irrelevant.
by barkas
Mon Dec 15, 2014 8:40 pm
Forum: Forwarding Protocols
Topic: Limit what routes OSPF redistributes
Replies: 3
Views: 826

Re: AW: Limit what routes OSPF redistributes

In filters on both pops that only accept the customers network.
by barkas
Sun Dec 14, 2014 10:11 pm
Forum: Beginner Basics
Topic: How to connect 2 switches
Replies: 22
Views: 9215

Re: AW: How to connect 2 switches

i believe routerOS already supported stp/rstp in bridging but i dont know about switching. You dont need STP/RSTP if you are connecting your switches using a star networked topology. If you are connecting your switches together to create some kind of loop than you will need STP. However if you are ...
by barkas
Sun Dec 14, 2014 9:32 am
Forum: Beginner Basics
Topic: How to connect 2 switches
Replies: 22
Views: 9215

Re: AW: How to connect 2 switches

Unfortunately STP is one of the many features missing from the CRS. It's a shame for a manageable switch but it's somewhat understandable at that price point. No it's not. Even the cheapest managed switch by, say, netgear does stp. Without that, you can't build redundancy, so it's useless as a swit...
by barkas
Sat Dec 13, 2014 7:18 pm
Forum: General
Topic: Some simple rules....
Replies: 7
Views: 1236

Re: AW: Some simple rules....

Obviously routeros is very flaky sometimes, but my experience with Cisco ios is frankly not much better.
Any real carrier tests that stuff intensively before deployment anyway.
by barkas
Sat Dec 13, 2014 7:14 pm
Forum: Beginner Basics
Topic: How to connect 2 switches
Replies: 22
Views: 9215

Re: AW: How to connect 2 switches

barkas, Why shouldn't I use Mikrotik switches ? They provide me 24 ports which works at the wire speed, beside this I have access to router features (as you said). What is bad in this ? Moreover, this is very cool to have a switch with router capabilities Also I like very much to see 48 port switch...
by barkas
Sat Dec 13, 2014 11:54 am
Forum: General
Topic: Cisco 3750 + Mikrotik = IP-Port-MAC
Replies: 5
Views: 1203

Re: AW: Cisco 3750 + Mikrotik = IP-Port-MAC

Port security is the keyword here.
by barkas
Sat Dec 13, 2014 11:52 am
Forum: Beginner Basics
Topic: IT co closed and left me with a bad network...
Replies: 4
Views: 988

Re: AW: IT co closed and left me with a bad network...

The hardware seems reasonable at least. But you really need someone to come in and analyze this if you can't do it yourself.
by barkas
Sat Dec 13, 2014 11:50 am
Forum: Beginner Basics
Topic: How to connect 2 switches
Replies: 22
Views: 9215

Re: AW: How to connect 2 switches

Do yourself a favor and don't use MikroTik switches. They are more like 24 port routers.
by barkas
Sat Nov 01, 2014 10:36 am
Forum: Forwarding Protocols
Topic: EoiP or MPLS for layer 2 Trasport over network
Replies: 4
Views: 2342

Re: AW: EoiP or MPLS for layer 2 Trasport over network

For just one customer it doesn't make sense to deploy an mpls backbone.
Mpls works on top of an existing structure with l2 links and existing routing.
That said, I think mpls is worthwhile for any sp. Just test it in the lab first. Metarouter is an excellent tool for that.
by barkas
Sat Nov 01, 2014 10:31 am
Forum: The Dude
Topic: Dude v4beta3 released
Replies: 253
Views: 99898

Re: AW: Dude v4beta3 released

Kicking a dead horse.
by barkas
Thu Jul 31, 2014 2:31 pm
Forum: General
Topic: Mikrotik DMVPN
Replies: 4
Views: 7722

Re: AW: Mikrotik DMVPN

You can't. The components are there, but not the management. And dmvpn is all about the management.
by barkas
Wed Jul 16, 2014 11:29 pm
Forum: The Dude
Topic: Monitoring Draytek Routers
Replies: 4
Views: 2021

Re: AW: Monitoring Draytek Routers

The dude is dead, sorry.
by barkas
Wed Jul 16, 2014 11:06 pm
Forum: Forwarding Protocols
Topic: LDP Based VPLS tunnel
Replies: 4
Views: 1082

Re: AW: LDP Based VPLS tunnel

No mpls over layer 3.

Look into eoip or l2tp.

Edit : you can do vpls over mpls over l2tp over ipsec if you want to :D .
by barkas
Wed Jun 04, 2014 9:12 pm
Forum: RouterBOARD hardware
Topic: RB850Gx2 - Release date?
Replies: 193
Views: 47487

Re: AW: RB850Gx2 - Release date?

Will the 850Gx2 have metarouter support or will it be similar to the RB1100AHx2, with no support?
Currently metarouter does not seem multicore capable.
by barkas
Wed May 28, 2014 9:15 am
Forum: Beginner Basics
Topic: openvpn only certificate match how configure?
Replies: 8
Views: 1597

Re: AW: openvpn only certificate match how configure?

I have the same setup and just use a dummy user and password, the server ignores it.
by barkas
Sat Apr 26, 2014 2:26 pm
Forum: Wireless Networking
Topic: FULL WiFi Home
Replies: 15
Views: 4893

Re: AW: FULL WiFi Home

Dear all, which device should i choose to make my home Full WiFi no need to install second wifi routers to cover blank area. As per my knowledge Basebox5 will do with 8dbi Antenna. i need some more suggestion from mikrotik pros :) kindly help. You need 2.4GHz or 5GHz Access Point? i think 5GHz AP w...
by barkas
Fri Apr 25, 2014 12:24 am
Forum: General
Topic: Gigabit throughput with RB2011UiAS-2HnD-IN
Replies: 8
Views: 2939

Re: AW: Gigabit throughput with RB2011UiAS-2HnD-IN

Nm I don't answer to post spam.

Gesendet von meinem Xperia Z1 Compact mit Tapatalk
by barkas
Sun Apr 06, 2014 9:44 pm
Forum: General
Topic: No idea how this is event possible
Replies: 14
Views: 2473

Re: AW: No idea how this is event possible

Once I started DHCP server and NAT, back to 250Mbps with almost 100% CPU (through pre-defined Home AP). I'm really disappointed that you cannot have a CPU able to suspend much faster speed (for this, I thought, was a high end router) that's a realistic speed with connection tracking enabled. There ...
by barkas
Mon Mar 10, 2014 1:26 pm
Forum: Virtualization
Topic: So, RB850Gx2 and metarouter
Replies: 13
Views: 7610

Re: So, RB850Gx2 and metarouter

As with the RB450G before it, this unit is only really useful with metarouter I'm sure that's the case for you, but plenty other people find ethernet routers useful for other things :) It having a dual core probably means it doesn't have this feature We have plans for a major rework in this are som...
by barkas
Sun Mar 09, 2014 4:10 pm
Forum: Virtualization
Topic: So, RB850Gx2 and metarouter
Replies: 13
Views: 7610

So, RB850Gx2 and metarouter

As with the RB450G before it, this unit is only really useful with metarouter. It having a dual core probably means it doesn't have this feature. Anyone from Mikrotik?
by barkas
Sat Mar 08, 2014 9:52 am
Forum: Wireless Networking
Topic: Ubiquiti vs Mikrotik
Replies: 75
Views: 60333

Re: AW: Ubiquiti vs Mikrotik

There is always going to users who prefer Mikrotik or UBNT, I will say Mikrotik offers something that UBNT cannot and that is you can customize antenna build, I also prefer Mikrotik But in some cases UBNT has something that Mikrotik cant offer :) Can you say me examples? reliability. I have not had...
by barkas
Sat Mar 08, 2014 9:41 am
Forum: RouterBOARD hardware
Topic: RB850Gx2 Network interface details
Replies: 36
Views: 19631

Re: AW: RB850Gx2 Network interface details

The RB850Gx2 have identical dimension, serial port, reset, jack, ethernet placement and characteristics of 450G except of:

Dual Core 500MHz PPC CPU (Single core 680MHz MIPS-BE CPU on 450G)
512MB RAM (256MB on 450G)
has it?
Block diagram please.

ARBEIT ANGST KONSUMTERROR
by barkas
Thu Jan 09, 2014 10:30 pm
Forum: RouterBOARD hardware
Topic: BGP full route
Replies: 10
Views: 2941

Re: AW: BGP full route

If you want a very reliable device for this job, I would recommend you to buy a Brocade CER 2000 Series router. Sure, it's much more expensive than a CCR, but they are great devices. Lots of power (Hardware Routing) and stable as a rock. I don't see the EdgeRouter Series as a real alternative to th...
by barkas
Wed Dec 18, 2013 8:04 pm
Forum: General
Topic: CRS config for big network
Replies: 3
Views: 758

Re: AW: CRS config for big network

Yes, I would do a circle... this is not possible?
Only with stp or something similar. Without that, it's called a loop, which is bad.

ARBEIT ANGST KONSUMTERROR
by barkas
Tue Dec 17, 2013 9:46 am
Forum: General
Topic: CRS config for big network
Replies: 3
Views: 758

Re: AW: CRS config for big network

Hi Guys, I need to install 5 CRS switches in to a rack. I will have to install these in series. What's the best config to run on these in that configuration? I'm looking at linking them via one port only. usually you would do a circle but since the crs doesn't do stp... Do yourself a favour and buy...
by barkas
Tue Dec 17, 2013 9:42 am
Forum: General
Topic: CRS Routing?
Replies: 5
Views: 1584

Re: AW: CRS Routing?

HI All, Just got my first CRS. it looks very promising, the LCD is a nice thing to have on a switch instead of a name label and IP also the port infor is great. And it is silent as well:D One thing I'm not sure is where is the layer 3 switching? should I configure IP the normal way, once I do that ...
by barkas
Sat Nov 30, 2013 10:51 am
Forum: General
Topic: Multiple vlans on same subnet, please help
Replies: 18
Views: 3452

Re: AW: Multiple vlans on same subnet, please help

Vrf?

ARBEIT ANGST KONSUMTERROR
by barkas
Sat Nov 30, 2013 10:49 am
Forum: General
Topic: How to isolate ports on CRS125
Replies: 2
Views: 734

Re: AW: How to isolate ports on CRS125

That would usually be done with private vlans, which... Wait for it... The crs does not support.

Possibly something can be done using filters on the switch.

ARBEIT ANGST KONSUMTERROR
by barkas
Wed Nov 27, 2013 9:32 am
Forum: General
Topic: VRRP / clustering capability
Replies: 2
Views: 1812

Re: AW: VRRP / clustering capability

I have not yet seen a router with active /passive failover capability and that includes cisco up to crs. Routers always do hsrp/vrrp. You are thinking about firewalls.

ARBEIT ANGST KONSUMTERROR
by barkas
Wed Nov 27, 2013 9:29 am
Forum: Wireless Networking
Topic: Unbelieavably frustrated with Mikrotik
Replies: 18
Views: 3608

Re: AW: Unbelieavably frustrated with Mikrotik

You know you should test this stuff before deploying.

ARBEIT ANGST KONSUMTERROR
by barkas
Thu Nov 14, 2013 9:32 am
Forum: Beginner Basics
Topic: MikroTik RB951G-2HnD
Replies: 22
Views: 14254

Re: AW: MikroTik RB951G-2HnD

With firewall you will get nowhere near 1gbps. The official test results are all with connection tracking disabled, a fast but useless configuration.

ARBEIT ANGST KONSUMTERROR
by barkas
Tue Nov 12, 2013 9:19 am
Forum: Forwarding Protocols
Topic: IGMP snooping on CRS
Replies: 2
Views: 1343

Re: AW: IGMP snooping on CRS

When we can expect IGMP snooping on CRS?
don't hold your breath.

ARBEIT ANGST KONSUMTERROR
by barkas
Thu Nov 07, 2013 3:38 pm
Forum: General
Topic: 6.5 released!
Replies: 185
Views: 69499

Re: 6.5 released!

My guess: They are working on a Routerboard based on a chip with hardware acceleration like the Cavium Octeon. That would me really nice :) I hope they do a better job than Ubiquiti with offloading tasks to the hardware. Actually ubnt did a nice job on it, at least by now. There were some problems ...
by barkas
Sat Oct 26, 2013 1:49 pm
Forum: RouterBOARD hardware
Topic: CRS vs Router
Replies: 10
Views: 5748

Re: CRS vs Router

Thank you Normis. Can you briefly explain what is the difference between a Layer 3 Switch and a router? It means that if you add ports to the switch group, you have a fully featured smart switch, and if you remove them, you have a router. In switch mode, you will get wire speed, just like with a re...
by barkas
Sat Oct 26, 2013 12:10 am
Forum: General
Topic: MikroTik News October 2013 (Issue #52)
Replies: 27
Views: 11781

Re: MikroTik News October 2013 (Issue #52)

The enterprise market is waiting for a layer 2 10G switch 48 port in the price range of sub 2K$. It should have minimal options like igmp snooping and QOS. I think its a great time for mikrotik to get into the enterprise market. Good luck. No it's not. Compared with real enterprise switches the L2 ...
by barkas
Fri Oct 25, 2013 2:52 pm
Forum: General
Topic: Does CRS125-24G support MPLS?
Replies: 10
Views: 2761

Re: Does CRS125-24G support MPLS?

L2MTU is 4064 CPU clock variants are min 500/ default 600/ max 750MHz Coo coo coo, thank you much Normis. A 25% could always help out for CPU starved situations. Sorry if I seem harsh, but where the hell do you get your infos from?! They aren't expensive anymore and also they aren't that difficult ...
by barkas
Thu Oct 24, 2013 9:15 am
Forum: General
Topic: Switching with RouterOS / CRS Questions
Replies: 81
Views: 43596

Re: AW: Switching with RouterOS / CRS Questions

Ok, the first question here, is CRS a router or a switch? In my opinion, it's a switch, the CPU is much too weak for so many ports. And I do mean switch here, not bridge. That means the usage scenario is datacenter or access layer and it means primarily L2 through the hardware switching functionalit...
by barkas
Thu Oct 24, 2013 1:01 am
Forum: General
Topic: Fast VPN?
Replies: 9
Views: 2473

Re: AW: Fast VPN?

2011 should be about 20% faster than 450g in my experience.
by barkas
Thu Oct 24, 2013 12:59 am
Forum: General
Topic: Switching with RouterOS / CRS Questions
Replies: 81
Views: 43596

Re: AW: Switching with RouterOS / CRS Questions

I have to bump this now that crs seems to be here.

So what is the functionality of this?
by barkas
Thu Oct 03, 2013 3:26 pm
Forum: General
Topic: Enterprise Network
Replies: 3
Views: 995

Re: AW: Enterprise Network

7600 seems too much. How about asr9k or one of the 7200 series? Or a 6500?

If you do mt, you will have to use ospf instead of eigrp.

Gesendet von meinem XT890 mit Tapatalk 2
by barkas
Fri Sep 20, 2013 9:43 am
Forum: Forwarding Protocols
Topic: Limit Local Routing
Replies: 2
Views: 951

Re: AW: Limit Local Routing

Vrf

Gesendet von meinem XT890 mit Tapatalk 2
by barkas
Sat Sep 14, 2013 6:59 pm
Forum: Wireless Networking
Topic: Protecting users privacy
Replies: 7
Views: 1803

Re: AW: Protecting users privacy

Here's the thing. A gang of us all share an ISP plan through one NATted gateway with one public IP. So if one of us did attract the attention of 'the authorities' what could I, as telecommunications service provider, to do help the authorities? All they would have, presumably, would be a warrant sa...
by barkas
Mon Jul 29, 2013 10:13 pm
Forum: General
Topic: who ever use RB450G to host hotspot, DHCP, radius server?
Replies: 1
Views: 432

Re: who ever use RB450G to host hotspot, DHCP, radius server

Best test that before you deploy anything.

Seems a bit much to me.
by barkas
Mon Jul 29, 2013 10:12 pm
Forum: General
Topic: Upload speed on RB750GL
Replies: 2
Views: 628

Re: Upload speed on RB750GL

RB750GL should do that easily.
by barkas
Mon Jul 29, 2013 10:06 pm
Forum: General
Topic: ovpn - Open VPN Server on RB2011. Can't make it work...
Replies: 4
Views: 2864

Re: ovpn - Open VPN Server on RB2011. Can't make it work...

Looks to me like the RB2011 terminates the connection. Better look into the log on that side, too.
by barkas
Mon Jul 29, 2013 10:02 pm
Forum: General
Topic: Fast VPN?
Replies: 9
Views: 2473

Re: Fast VPN?

L2TP with RC4?
by barkas
Mon Jul 29, 2013 9:52 pm
Forum: General
Topic: VPN out of a hostile network - evasion techniques?
Replies: 3
Views: 968

Re: VPN out of a hostile network - evasion techniques?

In my experience ovpn with target TCP port 443 goes through almost anything.

If that doesn't work, more exotic vpn tunnels like iodine (tunneling through DNS) might work.
by barkas
Mon Jul 29, 2013 6:19 pm
Forum: General
Topic: Some interesting MT mipsbe performance results
Replies: 4
Views: 911

Re: Some interesting MT mipsbe performance results

You should know that the mipsbe devices are nowhere near fast enough to generate the traffic to test anything. Besides: All tests are done with Xena Networks specialized test equipment (XenaBay),and done according to RFC2544 (Xena2544) Yes, however the wiki states: This article shows necessary conf...
by barkas
Mon Jul 29, 2013 2:30 pm
Forum: General
Topic: Some interesting MT mipsbe performance results
Replies: 4
Views: 911

Re: Some interesting MT mipsbe performance results

It is, not very much to my surprise, not anywhere near what MT claims to have tested. Here is how MikroTik tests their equipment, this will allow you to replicate the performance numbers claimed by MikroTik. http://wiki.mikrotik.com/wiki/Manual:Performance_Testing_with_Traffic_Generator You should ...
by barkas
Mon Jul 29, 2013 1:05 pm
Forum: General
Topic: Some interesting MT mipsbe performance results
Replies: 4
Views: 911

Some interesting MT mipsbe performance results

Disclaimer: All this was done on the quick with iperf, so take it with a grain of salt. OS was 6.1 Setup was IBM Laptop 1 <-> MT Router <-> Netgear GS108T <-> IBM Laptop 2 Reference was bandwidth over a Netgear GS108T, which netted me 936Mb/s . After that I inserted the MT router, first was a RB951G...
by barkas
Sun Jul 21, 2013 3:44 pm
Forum: General
Topic: VPLS id
Replies: 6
Views: 1912

Re: VPLS id

Normally that would be <AS Number>:<anything you want> Ideally, you should use one of these [quote=wikipedia] The Internet Assigned Numbers Authority (IANA) has designated AS numbers 64512 through 65534 to be used for private purposes.[/quote] EDIT: AS number is the assigned number of your autonomou...
by barkas
Fri Jul 19, 2013 9:34 pm
Forum: General
Topic: Switching with RouterOS / CRS Questions
Replies: 81
Views: 43596

Switching with RouterOS / CRS Questions

The announced CRS is to be the first real switch from Mikrotik. Unfortunately RouterOS switching support is very limited at the moment. On select models with specific switch chips (mostly Atheros 8327 and 8316), VLAN Trunking and VLAN Access Ports are supported. The most glaring omission is any sort...
by barkas
Mon Jul 01, 2013 11:17 pm
Forum: General
Topic: CloudCode Router Ports Switched?
Replies: 8
Views: 1331

AW: CloudCode Router Ports Switched?

Do you have any idea why that's the case? It doesn't make sense to me that all of the ports on the router wouldn't naturally be switched by default. And a software bridge works, but isn't a very elegant (or efficient) workaround. It's a router, it routes. If it switched, it would be a switch. This ...
by barkas
Wed Jun 12, 2013 7:44 pm
Forum: General
Topic: RouterOS 5.25 Switching with VLANs
Replies: 1
Views: 615

AW: RouterOS 5.25 Switching with VLANs

I think this is only possible with 6.

Gesendet von meinem XT890 mit Tapatalk 2
by barkas
Sat Jun 08, 2013 8:24 pm
Forum: Virtualization
Topic: kvm ccr question
Replies: 3
Views: 2622

Re: kvm ccr question

Tile is not x86 and does not support kvm. Neither does it support metarouter at this time, but metarouter support is planned, I read.
by barkas
Thu Jun 06, 2013 5:50 pm
Forum: Virtualization
Topic: SIXXS connectivity using Mikrotik and MetaRouter
Replies: 1
Views: 3653

SIXXS connectivity using Mikrotik and MetaRouter

Why? Because I can. So I did and wrote a howto. http://blog.one-it.de/ipv6-via-sixxs-using-mikrotik-and-openwrt/ Introduction As discussed in the previous article in this series, the only real possibility to build an affordable home laboratory is MikroTik. One of the coming challenges in IP is IPv6,...
by barkas
Sat Jun 01, 2013 8:05 pm
Forum: General
Topic: VLANs with RouterOS confusion
Replies: 7
Views: 1188

AW: VLANs with RouterOS confusion

I don't see the point of doing vlan using the bridge function. This just has to be slow. Why not use the switch chip ?


Gesendet von meinem XT890 mit Tapatalk 2
by barkas
Fri May 24, 2013 5:05 pm
Forum: General
Topic: SNMP/DUDE causes CPU % leak
Replies: 4
Views: 736

AW: SNMP/DUDE causes CPU % leak

By default the dude polls every 5 seconds while cacti polls every 5 minutes.
I once killed a msa with it.

Gesendet von meinem XT890 mit Tapatalk 2
by barkas
Tue May 14, 2013 10:01 am
Forum: RouterBOARD hardware
Topic: RB750 + OpenWrt: Tagged & Untagged VLAN on the Same Port
Replies: 8
Views: 8977

AW: RB750 + OpenWrt: Tagged & Untagged VLAN on the Same Port

God kills a kitten every time someone does that.
by barkas
Tue May 14, 2013 9:59 am
Forum: General
Topic: smart protection
Replies: 6
Views: 784

AW: smart protection

I don't think mikrotik is the device for that.

Gesendet von meinem XT890 mit Tapatalk 2
by barkas
Sun May 12, 2013 8:26 pm
Forum: General
Topic: issue with ipv6 firewall address lists - BUG?
Replies: 2
Views: 641

Re: issue with ipv6 firewall address lists - BUG?

With ROS 6.14 it works - so definitely a bug.
by barkas
Sun May 12, 2013 8:18 pm
Forum: General
Topic: issue with ipv6 firewall address lists - BUG?
Replies: 2
Views: 641

issue with ipv6 firewall address lists - BUG?

ROS 5.25 If I pack a subnet into an address list, it doesn't match, but if I specify it in the rule itself, it matches. But only in the /48 case, the /64, which is a subnet of the /48, does match. Seems a bug to me. /ipv6 firewall filter add action=log chain=icmpv6accept log-prefix=icmpv6accept_ente...
by barkas
Wed Feb 27, 2013 11:45 am
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

Please don't go the powersupply way again, that has been thoroughly tested and been found to not be the problem.
by barkas
Tue Sep 18, 2012 5:08 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

values reported can vary wildly if running metarouter guests. Just ignore readings given by '/system health' in this case.
So disable voltage.ko when metarouter is enabled if they are worthless anyway and tend to cause unpredictable system behaviour.
by barkas
Thu Sep 13, 2012 6:31 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

openvpn issue should be something completely un-related to MetaROUTER.
Upgrading ate my default route, for some unfathomable reason. After replacing it, it did work again.
by barkas
Tue Sep 11, 2012 11:24 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

I can no longer establish openvpn tunnels with this new build. I can not even see it trying to establish a tcp connection when it says it is dialing. EDIT: please increment something next time. - I can not post a bug unambiguously - I can't rollback since I can't get the old download anymore - I ca...
by barkas
Tue Sep 11, 2012 4:23 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

I can no longer establish openvpn tunnels with this new build. I can not even see it trying to establish a tcp connection when it says it is dialing. EDIT: please increment something next time. - I can not post a bug unambiguously - I can't rollback since I can't get the old download anymore - I can...
by barkas
Wed Sep 05, 2012 2:29 pm
Forum: Forwarding Protocols
Topic: Does OSPF ABR Route Filtering work like it should?
Replies: 1
Views: 1182

Does OSPF ABR Route Filtering work like it should?

Hello, according to http://blog.ine.com/2009/08/17/ospf-route-filtering-demystified/ , for OSPF area borders, the ABR should redistribute the routing table (filtered) from the backbone area into the other areas. On my setup, the ABR would redistribute the whole OSPF Routing Database without filterin...
by barkas
Tue Sep 04, 2012 2:01 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

60ms ping jitter may be ok for a laboratory, even if only just, but it is completely unacceptable for production deployment. in a non-virtualized system - yes, that's alarming. But with a kernel running inside a thread, that's pretty nice, considering on usual embedded kernels, task switching respo...
by barkas
Tue Sep 04, 2012 12:02 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

You're the only one thinking that just because of a 50ms ping to mr, something is wrong. Me and apparently Mikrotik think not. We are on page 6 of a thread where a problem was halfway fixed that we took a year for mikrotik to think something is wrong, so I do not think that counts for much. The way...
by barkas
Mon Sep 03, 2012 11:06 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

my explanation is about variable ping times when ICMP echo is sent from MR to itself or other MR. Of course, 60ms is excessive, but as i understand, that happens rarely. Well it happens frequently, 60ms is an extreme value but 14-30ms seem to happen quite often. I think, considering the hardware co...
by barkas
Thu Aug 30, 2012 8:20 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

Thanks for the update, only I was at 6.0beta1 and downgrading renamed my network interfaces to ether6-10. Strange.
by barkas
Tue Aug 14, 2012 2:02 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

It seems to take quite a while for such a simple hotfix. Are you kidding? You think making a hypervisor is simple ? Allright then, show us your own mips hypervisor, then you can talk. The first thing I thought when MT released metarouter was: 'wow, MikroTik have some serious balls'. But nothing can...
by barkas
Sat Aug 11, 2012 2:42 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

It seems to take quite a while for such a simple hotfix.
by barkas
Sat Aug 11, 2012 2:32 pm
Forum: Virtualization
Topic: Metarouter for UBNT Unifi controller
Replies: 10
Views: 8932

Re: Metarouter for UBNT Unifi controller

The boot partition doesn't have to be large, you could mount root from microsd, could you not?
by barkas
Sat May 19, 2012 11:14 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

I still have random crashes with the 12V power supply. Not as often as before that, but still every 2 days on average.
by barkas
Wed Apr 18, 2012 12:09 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

I tested 6.0 beta 1 on 18V, it crashes with MR, too. I will switch it back to 12V when I'm home again.
by barkas
Fri Apr 13, 2012 10:44 am
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

I don't see watchdog disabled as a particularly useful testing scenario - I won't risk having one of those crash on me when it's in some datacenter, so watchdog will always be enabled in production environments.
by barkas
Wed Apr 11, 2012 5:07 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

and PSUs are ok too? If older PSU is used, then that also could cause some problems as under load voltage drops to lower voltage than expected. Just some thoughts.
Strangely, only the ones with higher voltage seem to cause the reboots, while my cheap 12V power supply works so far.
by barkas
Sun Apr 08, 2012 2:03 am
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

I'm a bit irritated that mine hasn't yet crashed either.
by barkas
Fri Apr 06, 2012 12:12 am
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

Mine is at 51°c, 16.4V and has rebooted 4 times in the last 24 hours.

No answer to my ticket yet.
by barkas
Tue Apr 03, 2012 8:21 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

Inserting a microsd card in rb450G does not change the interrupt load.
by barkas
Tue Apr 03, 2012 4:18 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

that is the problem - these router where used in tests since 3.x release when metarotuer as such has been introduced. Due to some specific limitations a lot of testing was done or - wait for it - RB433AH. If problems where reported, then first setup was made on RB433AH and router model in report. T...
by barkas
Tue Apr 03, 2012 3:12 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

How about that? It seems you have been able to reproduce it, after all. if resources are available (router has few % of cpu left and there is ram) i have seen no difference in reboot frequency with or without load. Even simple usage patterns did not cause it to reboot more. Reboots usually where don...
by barkas
Tue Apr 03, 2012 3:02 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

Crashes once per day with metarouter activated. There's one bridge to the metarouter configured. sy package print Flags: X - disabled # NAME VERSION SCHEDULED 0 security 5.14 1 system 5.14 2 routing 5.14 3 ups 5.14 4 ntp 5.14 5 routerboard 5.14 6 mpls 5.14 7 ppp 5.14 8 multicast 5.14 9 ipv6 5.14 10 ...
by barkas
Tue Apr 03, 2012 2:09 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

Thanks a lot for cherrypicking the probably only one that is hand-tuned enough that it actually works. How about you post one of the not working ones?
by barkas
Tue Apr 03, 2012 11:29 am
Forum: Virtualization
Topic: Metarouter stability on RB800, RB1100, RB1100AH
Replies: 42
Views: 14041

Re: Metarouter stability on RB800, RB1100, RB1100AH

To summarize: No, it's not stable anywhere, except possibly on KVM.
by barkas
Tue Apr 03, 2012 11:19 am
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

barkas , Do you have any live configuration now? We would like to receive your report, submit it to support (support@mikrotik.com), the following information is required, - support output file from physical router running 5.14 version; - brief description about guest configuration; - steps required...
by barkas
Mon Apr 02, 2012 2:42 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123139

Re: Has MikroTik given up on MetaROUTER?

We use MetaROUTERs in our network, and it works fine without reboots. As well MetaROUTER are being used by many other users with success.
I can't quite believe you.

There has not been one single user in here who has stated that it works for him so far.
by barkas
Wed Mar 21, 2012 2:17 pm
Forum: Virtualization
Topic: installed bind
Replies: 3
Views: 3240

Re: installed bind

RTFM
by barkas
Sat Mar 10, 2012 7:39 pm
Forum: Virtualization
Topic: RB2011 + Metarouter
Replies: 15
Views: 9161

RB2011 + Metarouter

So, does it work?
by barkas
Sun Feb 19, 2012 5:05 pm
Forum: Virtualization
Topic: RB450G and Metarouter OpenWRT
Replies: 8
Views: 3524

Re: RB450G and Metarouter OpenWRT

Why not something natively openwrt compatible?