Community discussions

MikroTik App

Search found 504 matches

  • 1
  • 2
by Kindis
Fri Mar 15, 2024 11:17 am
Forum: Wireless Networking
Topic: hAP-ax3 vs cAP ax
Replies: 11
Views: 1377

Re: hAP-ax3 vs cAP ax

Now I'm no expert here but 200+ on a single AP sound like trouble if you ask me.

Where is this to be used? large room or outside? Regardless of this having so many users on one (or in this case two radios) is a lot I would claim.
by Kindis
Tue Jan 16, 2024 11:15 am
Forum: Wireless Networking
Topic: On 7.13.1 wifi capsman seems not to match Audience radios by band-supported [SOLVED]
Replies: 6
Views: 1072

Re: On 7.13.1 wifi capsman seems not to match Audience radios by band-supported [SOLVED]

Yes, I have several cAP AX and also wAP AC (arm) and for ax devices I select AX and for ac devices I select 5GHz-AC.
This mean you have to build different configuration and provision based on MAC address.
by Kindis
Sat Jan 13, 2024 1:34 am
Forum: Wireless Networking
Topic: cAP ax 5GHz not working in CAPsMAN
Replies: 48
Views: 4733

Re: cAP ax 5GHz not working in CAPsMAN

Well I would love to help but need to see the config to do so.
I also think there is something strange in config but as you have devices that work I do not know. Want to look into the config as some things you can do should not be passable with manager at to capsman.
by Kindis
Wed Jan 10, 2024 11:00 pm
Forum: Wireless Networking
Topic: cAP ax 5GHz not working in CAPsMAN
Replies: 48
Views: 4733

Re: cAP ax 5GHz not working in CAPsMAN

Late to the party here but can you do a full export of interface/wifi both on capsman and cap (both a hap ax2 and cap ax) I have 3 cAP AX and I do not have this issue at all. One thing that I wonder is you say that you can configure each wifi interface on the cap and that is the only way to get it t...
by Kindis
Mon Jan 08, 2024 12:50 am
Forum: General
Topic: CAP AX does not upgrade in manual mode
Replies: 6
Views: 1524

Re: CAP AX does not upgrade in manual mode

Did you download the X86 version and tried to upgrade?
you should use arm 64 for cap ax.
by Kindis
Fri Jan 05, 2024 8:44 pm
Forum: Wireless Networking
Topic: AX and AC devices by same AP controller (CAPsMAN) [SOLVED]
Replies: 8
Views: 2576

Re: AX and AC devices by same AP controller (CAPsMAN) [SOLVED]

Build different configurations for AC and AX devices. Set AC on the AC and AX on the AX.
by Kindis
Thu Dec 28, 2023 10:51 am
Forum: Wireless Networking
Topic: vlan-id setting in wave2 driver
Replies: 3
Views: 880

Re: vlan-id setting in wave2 driver

VLAN do work but you need to configure them manually on the bridge on each CAP.
Check this thread out: viewtopic.php?t=202565
by Kindis
Thu Dec 28, 2023 12:41 am
Forum: Wireless Networking
Topic: Understanding "mixed" 802.11r FT
Replies: 1
Views: 2170

Re: Understanding "mixed" 802.11r FT

I have a Pixel 7 Pro and it work with roming well. Roaming between different ap's (cap ax) that are capsman controlled means I now can have a Teams call and walk in the building without having the call cut and reconnected once phone switched ap. Works great on my iPhone as well. For AC interfaces th...
by Kindis
Thu Dec 28, 2023 12:09 am
Forum: Wireless Networking
Topic: vlan-id setting in wave2 driver
Replies: 3
Views: 880

Re: vlan-id setting in wave2 driver

I have asked support and answer I get is "It is currently not supported"
My guess is that not enough AC interfaces where running the wave2 package with capsman (too few complained) but 7.13 will change that so i hope it will be fixed.
by Kindis
Wed Dec 20, 2023 12:03 pm
Forum: Wireless Networking
Topic: CAPsMAN to CAPsMAN 2 [SOLVED]
Replies: 6
Views: 2183

Re: CAPsMAN to CAPsMAN 2 [SOLVED]

Great new!! I also hope they will fix this VLAN and AC interface issue. I have asked multiple time and the response I get is "This currently does not work" Does this mean they will fix it? I do not know but I think it has not been a priority as not that many has used AC interfaces with new...
by Kindis
Tue Dec 19, 2023 4:20 pm
Forum: Wireless Networking
Topic: CAPsMAN to CAPsMAN 2 [SOLVED]
Replies: 6
Views: 2183

Re: CAPsMAN to CAPsMAN 2 [SOLVED]

I leave the datapath empty on CapsMAN configuration. You then add the correct VLAN on the CAP to the correct PVID in bridge settings. As the Slave interfaces becomes static you just add them as ports in bridge and provide the PVID to the correct VLAN you need. So more or less you push config for all...
by Kindis
Tue Dec 19, 2023 3:32 pm
Forum: Wireless Networking
Topic: CAPsMAN to CAPsMAN 2 [SOLVED]
Replies: 6
Views: 2183

Re: CAPsMAN to CAPsMAN 2 [SOLVED]

On the cAP AC enable Static Slave (/interface/wifi/cap> set slaves-static=yes) This means each interface will stay permanent and you can add them to the bridge as ports and set PVID. I have this on a wAP AC and it works like a charm. Edit: Should also say I do not have any VLAN config in datapath fo...
by Kindis
Wed Dec 13, 2023 10:35 pm
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49900

Re: v7.13rc [testing] is released!

That is true but you cannot set the interface to capsman like you could before. So you cannot run it via capsman but use same config but manually and locally controlled.
by Kindis
Wed Dec 13, 2023 5:12 pm
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49900

Re: v7.13rc [testing] is released!

New CapsMAN and qcom-ac do not support VLAN set under datapath for AC interfaces so this will affect hAP AC3 as well. I asked support what I should do the the reply was to on the CAP set Static Slave = True and assign each interface to the bridge and give correct PVID. The static Slave means the int...
by Kindis
Tue Dec 12, 2023 4:02 pm
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49900

Re: v7.13rc [testing] is released!

I have Create Dynamic set on CapsMAN so the interfaces goes away on the CapsMAN machine but the interfaces stays on the CAP. I then add each wifi interface, both real and slave, as a bridge port and give the PVID that it should be on and then VLAN works for me. So far I have updated the CAP and rest...
by Kindis
Mon Dec 11, 2023 5:21 pm
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49900

Re: v7.13rc [testing] is released!

@glet On each CAP you need to set slaves-static: yes. If you do this each slave interfaces will be permanent and not dynamic so you can configure them. This is what support told me and I did so and it works. It is good? No I would not say so but this means slave interfaces does work and can survive ...
by Kindis
Mon Dec 11, 2023 2:45 pm
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49900

Re: v7.13rc [testing] is released!

@glat I have always used the bridge to manage VLAN so this was not a problem for me but I do need to add each WIFI interface, main or slave, as a port in the bridge. I agree if we want to migrate in large scale I think getting it to works like the AX interfaces would be great. Not sure this will hel...
by Kindis
Mon Dec 11, 2023 9:53 am
Forum: Announcements
Topic: v7.13rc [testing] is released!
Replies: 178
Views: 49900

Re: v7.13rc [testing] is released!

I have a wAP AC running 7.13rc2 and I have no issues but I do use bridge with VLAN filtering on and have made the dynamic interfaces static on the wAP AC so I could add them to the bridge and they do not disappear every time I reboot the device. Works like a charm. All this under new CapsMAN working...
by Kindis
Sat Nov 25, 2023 10:31 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 88710

Re: v7.13beta [testing] is released!

@sp670 I do not think the MIPSBE chipset supports wave2 as this is needed.
by Kindis
Sat Nov 25, 2023 10:30 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 88710

Re: v7.13beta [testing] is released!

This I would love to know as well. The vlan.id is till in the wiki for wifi (new) and in old for wifiwave2 but I wonder now that a hell of a lot more devices can run new CapsMAN if this will not be fixed especially as forwarding is no longer present and vlan is needed. I have emailed and asked and h...
by Kindis
Fri Nov 24, 2023 3:41 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 88710

Re: v7.13beta [testing] is released!

So they issue that AC interfaces do not get VLAN assigned on the bridge is still present in this release? If so is there a plan to fix this?
by Kindis
Tue Nov 21, 2023 1:37 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 88710

Re: v7.13beta [testing] is released!

Yes only ARM devices will get it no MIPSBE
by Kindis
Thu Nov 16, 2023 2:46 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 88710

Re: v7.13beta [testing] is released!

this is not true. -ac in this case is legacy (old) compatibility package. we don't plan to make -be packages, it will always be wifi only Well I do not think this is a hill to die on I agree with previous statement. My understanding is that management software ie. CapsMAN, is built into the bundle ...
by Kindis
Tue Oct 17, 2023 10:03 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 91040

Re: v7.12rc is released!

As there is no forward mode anymore in V2, which I used before, I had to change my setup. Before all VLAN management was done in CapsMAN and the APs only had an access port without any tagging etc. This has changed now so I need to have VLAN on each AP, I hope this change in the future, and for this...
by Kindis
Tue Oct 17, 2023 9:10 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 91040

Re: v7.12rc is released!

I do not get your config either and do not understand the untagged thing nor the VLAN interface you have but as I started I do not fully understand what you are trying to do either. I have 3 cAP AX and untagged on them is the management VLAN to which they access the CapsMAN server and, and there are...
by Kindis
Sun Oct 15, 2023 1:41 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 91040

Re: v7.12rc is released!

Why do you have a VLAN interface under the Bridge? In my setup they all report as tagged into the Bridge which is what I want. Then the bridge has a trunk port to the switches to manage the VLAN so it finds it's way back to the firewall/router to be processed. I can be wrong here but if they where u...
by Kindis
Mon Oct 09, 2023 11:28 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 91040

Re: v7.12rc is released!

@Kaldek, I moved all my Cap AX to be managed by CapsMAN a few weeks ago and have no issues. Running 7.11.2 right now and all interfaces, both main and slaves are added to bridge and correct VLAN, even if there is a bug that add PVID 1 right now, fixed in 7.12, everything works great and I LOVE that ...
by Kindis
Fri Sep 15, 2023 12:30 am
Forum: Wireless Networking
Topic: LG Washing Machine cannot connect to 2.4 ghz wi-fi
Replies: 23
Views: 3088

Re: LG Washing Machine cannot connect to 2.4 ghz wi-fi

Test to change the group key update to 30 min or perhaps even 60 min. IoT devices like cannot calculate the group key in time when set to 5 min like default is here.
I suggest you set it to 60 min and test without a password. If this works add password and see.
by Kindis
Tue May 23, 2023 2:21 pm
Forum: Announcements
Topic: Announcement regarding CVE-2023-32154
Replies: 23
Views: 28526

Re: Announcement regarding CVE-2023-32154

I know I have complained in the past about how security updates have been announced. In this case it have been flawless. Many thanks for this!
by Kindis
Wed May 03, 2023 5:41 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 54456

Re: v7.9 [stable] is released!

Updated 3 cAP AX running without CapsMAN but with VLAN. Killed the dataflow for all VLAN tagged networks. Had to remove all the wireless interfaces in the bridge so the dynamic interfaces could be created for the VLAN to start running again (tagged). Apart from this no issues. With bridge ports now ...
by Kindis
Wed Jan 18, 2023 2:43 pm
Forum: General
Topic: A version of Winbox with port knocking?
Replies: 8
Views: 790

Re: A version of Winbox with port knocking?

No but banks have something I do not, a crapton of money :-)
by Kindis
Wed Jan 18, 2023 1:56 pm
Forum: General
Topic: A version of Winbox with port knocking?
Replies: 8
Views: 790

Re: A version of Winbox with port knocking?

... as I avoid exposing VPN to internet. This comment I do not understand ? The whole point of VPN is to be completely safeguarded from whatever intermediate step there is. But no internet = no VPN. Or do you mean something else ? The more service exposed to internet the more can break or be hacked...
by Kindis
Wed Jan 18, 2023 10:06 am
Forum: General
Topic: A version of Winbox with port knocking?
Replies: 8
Views: 790

Re: A version of Winbox with port knocking?

I disagree! I would love to have it in the same tool to be part of the Winbox. So you can check have it perform the portknock while connecting. For me this makes sense so avoid different tool this feature would not have to be used if you do not to. Would solve this issue of making sure to have the s...
by Kindis
Sat Nov 05, 2022 12:38 am
Forum: General
Topic: VRRP master/back preemption issue
Replies: 4
Views: 746

Re: VRRP master/back preemption issue

Perhaps not relevant to your setup but this is in changelog for release 7.5
*) vrrp - added "sync-connection-tracking" compatibility with preemption-mode;

So now they should work together. I have not tested this however.
by Kindis
Sat Nov 05, 2022 12:23 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 123415

Re: v7.7beta [testing] is released!

Is this over a VPN tunnel?
by Kindis
Mon Oct 03, 2022 2:28 pm
Forum: Announcements
Topic: Newsletter 108
Replies: 84
Views: 46496

Re: Newsletter 108

Can we add this on a HTTPS link as well so I can download it. Work do not allow PDF download over HTTP.
by Kindis
Fri Sep 16, 2022 12:23 am
Forum: General
Topic: Strange DNS caching problem
Replies: 4
Views: 970

Re: Strange DNS caching problem

I have a netatmo weather station as well and I do not have this issue. I wonder if this is related to changes in IP at the service level? Do they all stop working at the same time? Have you tested to send 1.1.1.1 as secondary DNS server via Dhcp so they can go external in case of inte internal issue...
by Kindis
Tue Jul 12, 2022 8:53 pm
Forum: General
Topic: TLS Webfig (www-ssl) PCI DSS compliance - weak ciphers
Replies: 14
Views: 1908

Re: TLS Webfig (www-ssl) PCI DSS compliance - weak ciphers

Do you use the services in any way provided by the web server? If do not then disable it. If you only use it for admin purpose then make sure it is only accessible from specific networks or hosts where the scanner is not part of that. Then ask for a rescan and problem should be solved from a report ...
by Kindis
Thu Jun 23, 2022 12:44 pm
Forum: General
Topic: CCR1072 only one core 100% CPU usage
Replies: 15
Views: 5698

Re: CCR1072 only one core 100% CPU usage

At this point I would do a full export of the config, review it in full so you don't have any bad stuff in there. Then netinstall to the same version you have, secure the router and import the same config. My guess at this point it will be quicker and hopefully works if there are issues with the ins...
by Kindis
Tue Jun 14, 2022 11:52 am
Forum: General
Topic: My RB4011 with ROS 7.2.3 still consume 100% cpu on only 1 core. [SOLVED]
Replies: 18
Views: 3066

Re: My RB4011 with ROS 7.2.3 still consume 100% cpu on only 1 core. [SOLVED]

I assume that this only happens during high traffic over the pptp connection? I maintain the idea that this is they way pptp works. The interface will only run over one CPU core and that is the effect you see now. I can be wrong but think this is the way it work. So not a bug but by design. Still t...
by Kindis
Thu Jun 09, 2022 2:32 pm
Forum: General
Topic: posts not strictly related to: v7.3 and v7.3.1 [stable]
Replies: 52
Views: 5184

Re: v7.3 [stable] is released!

There are no changes since rc2. How can you not test the RB3011 SFP bug before releasing this into " stable "? Very fun downgrading routers at remote sites today! How can I go from 6.x to 7.2.x? If I set channel=upgrade it will chose 7.3 as of now. Should I just manually upload 7.2.x NPK ...
by Kindis
Thu Jun 09, 2022 12:01 am
Forum: General
Topic: Blocked/Allowed Websites by Firewall Filter Rules [SOLVED]
Replies: 8
Views: 1531

Re: Blocked/Allowed Websites by Firewall Filter Rules [SOLVED]

All you do is useless, nowaday (near) all sites use HTTPS and http(not S) web proxy can't do anything.
True for MT perhaps but not universal. If you break TLS inspection can be done. We do this with squid which works great.
by Kindis
Wed Jun 08, 2022 11:42 pm
Forum: General
Topic: My RB4011 with ROS 7.2.3 still consume 100% cpu on only 1 core. [SOLVED]
Replies: 18
Views: 3066

Re: My RB4011 with ROS 7.2.3 still consume 100% cpu on only 1 core. [SOLVED]

I assume that this only happens during high traffic over the pptp connection? I maintain the idea that this is they way pptp works. The interface will only run over one CPU core and that is the effect you see now. I can be wrong but think this is the way it work. So not a bug but by design. Still th...
by Kindis
Wed Jun 01, 2022 9:08 pm
Forum: General
Topic: My RB4011 with ROS 7.2.3 still consume 100% cpu on only 1 core. [SOLVED]
Replies: 18
Views: 3066

Re: My RB4011 with ROS 7.2.3 still consume 100% cpu on only 1 core. [SOLVED]

I may be wrong here but does pptp spread over cores or is it only one core for all traffic?
by Kindis
Fri May 27, 2022 4:21 pm
Forum: General
Topic: Firmware upgrades
Replies: 2
Views: 462

Re: Firmware upgrades

What device do you have?
It is a big step to jump but should be fine I think.
If you can partition your device then rollback will be simple.
by Kindis
Mon May 23, 2022 12:24 am
Forum: Announcements
Topic: v6.49.6 [stable] is released!
Replies: 56
Views: 84854

Re: v6.49.6 [stable] is released!

hola amigos del grupo, a alguno le a pasado que han actualizado una RouterBOARD 750G r3 a la versión 6.49.6 y deja de guardar configuraciones, es decir cuando se apaga o reinicia vuelve atrás los últimos cambios después de la actualización..Por favor alguna solución??? NY guess is out of storage. H...
by Kindis
Mon May 02, 2022 11:03 am
Forum: General
Topic: CRS354 high CPU usage
Replies: 3
Views: 860

Re: CRS354 high CPU usage

Well my guess is there that somehow hardware offload is not active on a port somehow. If you run the following: /interface bridge port print Do you then get an H marked before all ports? My guess is that some port is not and for this reason traffic hits the CPU. Bonding and LACP should provide hardw...
by Kindis
Sat Apr 30, 2022 1:01 am
Forum: General
Topic: VRRP Issues
Replies: 16
Views: 2829

Re: VRRP Issues

Great news and on a Friday as well :D
by Kindis
Fri Apr 29, 2022 12:06 am
Forum: General
Topic: VRRP Issues
Replies: 16
Views: 2829

Re: VRRP Issues

Must be the switches I assume. What brand are they?
by Kindis
Wed Apr 20, 2022 12:20 am
Forum: General
Topic: VRRP Issues
Replies: 16
Views: 2829

Re: VRRP Issues

Post your firewall config on both routers. If both go into RM it means they cannot see Vrrp traffic between each other.
Do you approve Vrrp in firewall to input?
by Kindis
Tue Apr 05, 2022 9:49 am
Forum: Announcements
Topic: v7.2 is released!
Replies: 359
Views: 60963

Re: v7.2 is released!

Holly Molly what a changelog. Great work but I need a day just to ingest the changelog :-)
by Kindis
Tue Feb 22, 2022 8:48 pm
Forum: Announcements
Topic: v7.1.3 is released!
Replies: 251
Views: 56261

Re: v7.1.3 is released!

Ok so I have upgraded two 3011 now. One acting as redundancy unit for WAN and the second one as a redundancy LAN router, so totally different config between them. All went well. Both ROS upgrade and firmware upgrade. Upgraded from 7.1.1 (both ROS and firmware). So it is possible to upgrade a 3011 wi...
by Kindis
Tue Feb 22, 2022 4:20 pm
Forum: Announcements
Topic: v7.1.3 is released!
Replies: 251
Views: 56261

Re: v7.1.3 is released!

Kindis, eworm, timnis - currently we have not managed to reproduce such an issue, however, we are trying to gather information in order to find a root cause of the problem. Most likely the issue is related to the version from which the router is upgraded, not the version to which it is upgraded; Ar...
by Kindis
Tue Feb 22, 2022 2:53 pm
Forum: Announcements
Topic: v7.1.3 is released!
Replies: 251
Views: 56261

Re: v7.1.3 is released!

@strods: Many thanks! I run 7.1.1 and will try to upgrade tonight to see what happens. I will create supout files before just in case I need to create a case.
by Kindis
Mon Feb 21, 2022 4:05 pm
Forum: Announcements
Topic: v7.1.3 is released!
Replies: 251
Views: 56261

Re: v7.1.3 is released!

So the issues with 3011 that was reported on the forum (bootloop etc) for 7.1.2 is that a confirmed issue that has been solved here? Looked to be more related to firmware then ROS.
by Kindis
Mon Feb 21, 2022 2:19 pm
Forum: Announcements
Topic: v7.1.2 is released!
Replies: 127
Views: 39076

Re: v7.1.2 is released!

Hello, - HAP AC - update OK 7.1.2 from 6.49.3 - CAP AC - update OK 7.1.2 from 6.49.3 - CAP AC XL - update OK 7.1.2 from 6.49.3 - WAP AC - update OK 7.1.2 from 6.49.3 - RB951G-2HnD - update OK 7.1.2 from 6.49.2 (routerboard firmware 6.47) - RB3011UiAS on friday dead after update to 7.1.2 from 6.49.3...
by Kindis
Fri Feb 11, 2022 7:25 pm
Forum: Announcements
Topic: v7.1.2 is released!
Replies: 127
Views: 39076

Re: v7.1.2 is released!

Just a bit worrying that more then one said their 3011 dies after upgrade and specifically firmware (router boot).
I just did not feel like netinstalling today so if someone know that 7.1.2 with same firmware do not cause a issue I might try this out this weekend.
by Kindis
Fri Feb 11, 2022 11:14 am
Forum: Announcements
Topic: v7.1.2 is released!
Replies: 127
Views: 39076

Re: v7.1.2 is released!

A bit worried about 3011 reports here. Anyone who have updated a 3011 including the firmware as well without issues?
by Kindis
Sat Feb 05, 2022 8:32 am
Forum: General
Topic: VRRP
Replies: 5
Views: 1702

Re: VRRP

Post your config on both devices.
What does the 1 node say in the logs during these issues?
by Kindis
Mon Jan 03, 2022 4:59 pm
Forum: General
Topic: Mikrotik on x86 sees only 1920Mb of RAM
Replies: 10
Views: 2702

Re: Mikrotik on x86 sees only 1920Mb of RAM

Fits the model of only seeing 2 GB perfect and I'm not sure modern systems activate or support this. Have seen this before, on Linux, where have had appliances where we cannot see the full 4 GB but that have always been done to PAE not enabled in the Linux as part of the appliance software. If the h...
by Kindis
Mon Jan 03, 2022 4:47 pm
Forum: General
Topic: Mikrotik on x86 sees only 1920Mb of RAM
Replies: 10
Views: 2702

Re: Mikrotik on x86 sees only 1920Mb of RAM

Now that we have 64 Bit systems we have forgotten how it use to be :) The 2 GB limit is a real limit for systems running 32 Bit as is a limitation from the 32 Bit address space. https://en.wikipedia.org/wiki/2_GB_limit So my assumption here is that PAE is not used thus limiting the memory to 2 GB ht...
by Kindis
Tue Dec 21, 2021 10:01 am
Forum: Wireless Networking
Topic: Problem with ROS 7.1 and CAPSMAN / wireless
Replies: 28
Views: 14559

Re: Problem with ROS 7.1 and CAPSMAN / wireless

If you have check everything, including that CAPMan is turned on I suggest you do a upgrade, create supout files and create a case with MT.
I had issues with OSPF not working and got rather quick reply to solve my issue.
by Kindis
Mon Dec 20, 2021 9:04 am
Forum: General
Topic: [META] forums.mikrotik.com Outage? [SOLVED]
Replies: 7
Views: 2249

Re: [META] forums.mikrotik.com Outage? [SOLVED]

Normis wrote the following on Reddit yesterday about this issue:
Power related issues have caused a chain of events in our internal server system, we are working on it.
https://www.reddit.com/r/mikrotik/comme ... &context=3
by Kindis
Tue Dec 14, 2021 3:35 pm
Forum: Forwarding Protocols
Topic: OSPF error
Replies: 5
Views: 2796

Re: OSPF error

I got back info from MT. It was a MTU issue. Now I use default which results in 1422 on both sides but OSPF claimed to get MTU of 1432 so something is strange. I still claim that something is wrong but in this case more related to MTU of GRE and L2TP tunnels. Regardless setting MTU to 1400 solved th...
by Kindis
Tue Dec 14, 2021 1:06 am
Forum: Forwarding Protocols
Topic: OSPF error
Replies: 5
Views: 2796

Re: OSPF error

Me to but I get this on some GRE and L2TP interfaces. Not on all just some. Cannot find anything different with config so I suspect a bug somewhere.
I'm the LAN it works like a charm.
by Kindis
Mon Dec 13, 2021 7:04 pm
Forum: Forwarding Protocols
Topic: OSPF error
Replies: 5
Views: 2796

Re: OSPF error

Are you stuck at ExStart on the state? I had this issue and did a rollback to get it working again. Created supout and reported it today.
I think OSPF still needs some love to get to a good state.
by Kindis
Mon Dec 13, 2021 12:18 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 224758

Re: v7.1 is released!

So after some testa I had to do a rollback to V6 due to issues with OSPF. It gets stuck in ExStart state on some links. Had the same issue on two diffrent routers. Same config but had diffrent results. Also interfaces that run over a L2TP (or anything PPP) do not convert over to a Interface Template...
by Kindis
Wed Dec 01, 2021 2:50 pm
Forum: RouterOS beta
Topic: v7.1rc7 [development] is released!
Replies: 174
Views: 54827

Re: v7.1rc7 [development] is released!

What's new in 7.1rc7 (2021-Nov-25 16:35): *) ipsec - fixed hardware acceleration support for ARM and ARM64 devices; Not sure what is fixed, but my RDP sessions to Windows 2012 R2-instances are still dropping out about every minute. RDCMan_DYG87BsyBf.png This has been the case since v7 with multiple...
by Kindis
Thu Nov 25, 2021 11:22 pm
Forum: General
Topic: DNS forward problem since using Win 11 *hard nut to crack* [SOLVED]
Replies: 16
Views: 5062

Re: DNS forward problem since using Win 11 *hard nut to crack* [SOLVED]

So how about a new strategy? Buy NextDNS and point all DNS, Dot and Doh to them and your config. I use to do something similar but worked like crap. In NextDNS I can do DNS rewrite and I have added the things I want a internal resolve for. By doing this I moved the issue to someone else who support ...
by Kindis
Tue Nov 23, 2021 9:49 am
Forum: Announcements
Topic: v6.49.1 [stable] is released!
Replies: 138
Views: 80535

Re: v6.49.1 [stable] is released!

I agree with what is written above. I have no routers that are flagged but if I did what should I do? And how do I see it is flagged? Do I need to run a command every time to see it?
Great Idea but more info would be good.
by Kindis
Tue Oct 12, 2021 11:47 am
Forum: General
Topic: BUG: Regexp Wild DNS Static entry with CNAME not work with v6.48.4
Replies: 5
Views: 2094

Re: BUG: Regexp Wild DNS Static entry with CNAME not work with v6.48.4

I still this the issue apply even for you. In this case you ask for the domain aaa.exmaple.com and that does not exist in public DNS. Now I cannot be sure but the issue I see is that the question I send for a CNAME is not managed within the device but is sent to the external DNS resolved you have. D...
by Kindis
Mon Oct 11, 2021 11:33 am
Forum: General
Topic: BUG: Regexp Wild DNS Static entry with CNAME not work with v6.48.4
Replies: 5
Views: 2094

Re: BUG: Regexp Wild DNS Static entry with CNAME not work with v6.48.4

Adding CNAME to ROS does not work as it should. I have a case with MT where they have confirmed this issue. What I see is that a CNAME I add does not work at all. Now I use network.local as the suffix for the CNAME Key but a "real" FQDN as value. This only works if I resolve the value firs...
by Kindis
Tue Sep 21, 2021 9:14 pm
Forum: RouterOS beta
Topic: v7.1rc4 [development] is released!
Replies: 276
Views: 82228

Re: v7.1rc4 [development] is released!

RouterOS version 7.1rc4 has been released in public "development" channel! What's new in 7.1rc4 (2021-Sep-20 13:18): *) improved filesystem and configuration storage stability; *) show "expired password" prompt for users with blank password; *) other fixes and improvements; All ...
by Kindis
Wed Sep 15, 2021 10:53 am
Forum: RouterOS beta
Topic: v7.1rc3 [development] is released!
Replies: 172
Views: 49645

Re: v7.1rc3 [development] is released!

Lost access to a CHR after reboot. Turned out that the CHR had lost all config including users so I needed to login with admin and blank password.
So losing config is still an issue. I will see if I can reproduce the problem again but this happens after it had been running for a few days.
by Kindis
Tue Sep 07, 2021 10:47 pm
Forum: General
Topic: Cellular for Video Security Coverage............
Replies: 9
Views: 1119

Re: Cellular for Video Security Coverage............

A big battery with a solar power should work for the router as they do not draw much power but the camera is a big unknown. There must be ready made battery and solar cells for use in off grid areas that should work. If memory serves me right you live in Canada and there should definitely be somethi...
by Kindis
Mon Sep 06, 2021 4:36 pm
Forum: General
Topic: Cloud DNS Seems to be down!
Replies: 25
Views: 8383

Re: Cloud DNS Seems to be down!

No issues here currently. I can connect using *,.sn.mynetname.net names.
by Kindis
Fri Aug 27, 2021 9:25 am
Forum: Announcements
Topic: WinBox v3.29 released!
Replies: 113
Views: 35349

Re: WinBox v3.29 released!

I have a similar issue with the addition of Window button. This added button messes with my musclememory so when I want to start a new Winbox I now click Exit instead.
Can we not move the Exit button further down?
by Kindis
Thu Aug 26, 2021 10:30 am
Forum: Announcements
Topic: v6.48.4 [stable] is released!
Replies: 68
Views: 72563

Re: v6.48.4 [stable] is released!

The problem I have is that if I add a CNAME that does not exist externally, for example test.example.local, and then add the value to a URL that does esist, for example www.google.com. This does not work. I get a domain does not exist and the reason is that the DNS resolver sends this CNAME question...
by Kindis
Thu Aug 26, 2021 10:00 am
Forum: Announcements
Topic: v6.48.4 [stable] is released!
Replies: 68
Views: 72563

Re: v6.48.4 [stable] is released!

I have given up on static entries in the DNS. CNAME does not work at all for me. I see that all CNAME's I have are resolved externally and as they do not exist publicly, only internally, it does not work. As I pay for NextDNS and they have a static DNS entry I have added all my DNS entries there. Wo...
by Kindis
Tue Aug 24, 2021 9:41 am
Forum: Announcements
Topic: WinBox v3.29 released!
Replies: 113
Views: 35349

Re: WinBox v3.29 released!

I think the bug described by pe1ch is dependent on large updates in the GUI. I cannot replicate the issue either but I use fasttrack meaning GUI does not update that much. However if I do a large address list import I can sort of experience the issue but not with the same outcome.
by Kindis
Mon Aug 23, 2021 1:01 pm
Forum: Announcements
Topic: WinBox v3.29 released!
Replies: 113
Views: 35349

Re: WinBox v3.29 released!

@pe1chl: I cannot replicate this per say but I think the key here is traffic volume. As I use Fasttrack and do not have crazy number of session I do not see that much updates in the GUI. But I tested to reload a blocklist I have with over 80 000 entries which removes them and then reloads them and w...
by Kindis
Mon Aug 23, 2021 11:57 am
Forum: Announcements
Topic: WinBox v3.29 released!
Replies: 113
Views: 35349

Re: WinBox v3.29 released!

@pe1chl can you describe the issue in more detail as I want to test as well. I have not sizing issues of columns but I might not use the functions as you.
I know you wrong once here but I do not understand what the bug is.
by Kindis
Mon Aug 23, 2021 10:06 am
Forum: Announcements
Topic: WinBox v3.29 released!
Replies: 113
Views: 35349

Re: WinBox v3.29 released!

*) added "Windows" menu for list of all currently opened windows
*) allow changing column order by using drag and drop
Love this. Many thanks!
by Kindis
Fri Aug 20, 2021 7:02 pm
Forum: General
Topic: [URGENT] How to block site on MikroTik
Replies: 23
Views: 2849

Re: [URGENT] How to block site on MikroTik

I agree the filter should be in the head but tell that to the 99 year old IT manager of a government branch that still wonder why his fax is not used more :)

But in this case having this solved in a product on the client / linked to the client is the best option.
by Kindis
Fri Aug 20, 2021 4:24 pm
Forum: General
Topic: [URGENT] How to block site on MikroTik
Replies: 23
Views: 2849

Re: [URGENT] How to block site on MikroTik

This should mean you control the client's. I would look at a service like Cisco umbrella or zScaler. That will fix this for you + provide extra security + move the blocking from the network.
by Kindis
Fri Aug 20, 2021 2:09 pm
Forum: General
Topic: [URGENT] How to block site on MikroTik
Replies: 23
Views: 2849

Re: [URGENT] How to block site on MikroTik

So this is a hard one. You can buy a DNS service, I use NextDNS, where you can force the clients to use it and block other service via blocking the DNS name. For example blocking dns.google.com meaning it will not resolve and will not work. But this will be a constant struggle to maintain. What is t...
by Kindis
Fri Aug 20, 2021 9:32 am
Forum: General
Topic: V7.0.3 Routing
Replies: 13
Views: 2288

Re: V7.0.3 Routing

Do an /export hide-sensitive and post here (remember to clean out stuff you don't want on internet.
by Kindis
Thu Aug 19, 2021 11:44 pm
Forum: General
Topic: Hardware Offloading Issue CRS305-1G-4S+
Replies: 5
Views: 1781

Re: Hardware Offloading Issue CRS305-1G-4S+

What you can read above but here is a link to the wiki for this.
https://wiki.mikrotik.com/wiki/Manual:C ... s_switches
by Kindis
Thu Aug 19, 2021 11:38 pm
Forum: General
Topic: [URGENT] How to block site on MikroTik
Replies: 23
Views: 2849

Re: [URGENT] How to block site on MikroTik

DNS won't work right either unless you control the config of the connected clients. Reason is DNS over HTTPS. It is more or less default on now and that means that the client will only one unencrypted question and that is to the DoH service unless you use cloud flare which is based on IP. If you als...
by Kindis
Thu Aug 19, 2021 5:20 pm
Forum: Announcements
Topic: Newsletter 101
Replies: 43
Views: 20579

Re: Newsletter 101

I'm also very interested in what is going on with V7 but more from a wireless perspective and how this may or may not affect me.
Perhaps V7 is left out to have it's own announcement #wishfulthinking
by Kindis
Mon Aug 16, 2021 2:52 pm
Forum: General
Topic: Hardware Offloading Issue CRS305-1G-4S+
Replies: 5
Views: 1781

Re: Hardware Offloading Issue CRS305-1G-4S+

Do a /export hide-sensitive and post here.
If you plan to use it as a switch, not a router, this should not be a problem.
by Kindis
Wed Aug 11, 2021 12:02 am
Forum: General
Topic: Block video calls
Replies: 2
Views: 842

Re: Block video calls

Do you use FastTrack?
If so once a connection is marked is does not pass the firewall filter again. Turn off FastTrack, and restart and see of the issue is still present.
I also think you can create a rule in raw as I think fast tracked connections do hit raw so you should be able to block it there.
by Kindis
Sun Jul 25, 2021 11:26 am
Forum: General
Topic: High memory usage
Replies: 10
Views: 8433

Re: High memory usage

If you use DoH uncheck Verify DoH Certificate. This should solve the issue until MT fixes the issue.
by Kindis
Tue Jul 13, 2021 9:11 am
Forum: General
Topic: Static DNS records [SOLVED]
Replies: 9
Views: 2614

Re: Static DNS records [SOLVED]

Nope did not solve the CNAME issue I have (and have a case for at MT).
by Kindis
Mon Jul 12, 2021 11:46 pm
Forum: General
Topic: Static DNS records [SOLVED]
Replies: 9
Views: 2614

Re: Static DNS records [SOLVED]

Perhaps that is related to the fact that type=FWD does not work if DoH is enabled... I hope Mikrotik will look into this and fix this/both issues. I wonder if this is part of CNAME issues I have. If you add a CNAME with a public A record it does not resolve. When you query the CNAME it does not loo...
by Kindis
Mon Jul 12, 2021 12:47 pm
Forum: General
Topic: Static DNS records [SOLVED]
Replies: 9
Views: 2614

Re: Static DNS records [SOLVED]

So I have a similar setup using NextDNS. I have added a few static DNS records that end in network.lan so I can assess network assets by name instead of IP. Clients can ONLY use MT or NextDNS as DNS resolver. Everything else is blocked. So I did a quick look in the NetxDNS GUI and found nothing. I h...
by Kindis
Thu Jul 01, 2021 12:33 am
Forum: General
Topic: EoIP + IPSec RB750Gr3 problems at 50% load
Replies: 1
Views: 644

Re: EoIP + IPSec RB750Gr3 problems at 50% load

Looks like one core is running at 100%. The RB750Gr3 have 2 cores and 4 threads. Guess this is single threaded so it would explain the drops. Also verify that you run hardware offload. CCR and RB750Gr3 does not support all the same things for hardware offload. https://wiki.mikrotik.com/wiki/Manual:I...
by Kindis
Mon Jun 28, 2021 9:37 am
Forum: General
Topic: Ipsec wrong password after router reboot
Replies: 2
Views: 1795

Re: Ipsec wrong password after router reboot

Now I can be wrong here but I had a simular issue with GRE tunnels. The issue is most likely that the endpoint that did not restart have not understood that the router rebooted and this flushed all the SA. Test to lower the timeout value of the tunnel and also retries so that the tunnel goes down if...
by Kindis
Tue Jun 22, 2021 9:32 am
Forum: Announcements
Topic: v6.48.3 [stable] is released!
Replies: 111
Views: 69442

Re: v6.48.3 [stable] is released!

Silently removed 66960 Mhz channel support. Why?
No info in the changelog just nothing :-(
Have a look at this: viewtopic.php?f=7&t=176086
by Kindis
Sat Jun 19, 2021 8:43 pm
Forum: Announcements
Topic: v6.48.3 [stable] is released!
Replies: 111
Views: 69442

Re: v6.48.3 [stable] is released!

It has been rock solid and only started with newest build. Solved by adding external resolution to clients as well.
by Kindis
Sat Jun 19, 2021 3:14 pm
Forum: Announcements
Topic: v6.48.3 [stable] is released!
Replies: 111
Views: 69442

Re: v6.48.3 [stable] is released!

I had a strange issue tonight. All DNS resolving stopped. The log said Doh time issues and if I removed Doh did not solve the issue. The DNS cache was empty and I could not resolve anything. Only after a restart did things start to work again. Funny thing is that every unit had the same issue at the...
by Kindis
Thu May 27, 2021 2:42 pm
Forum: Announcements
Topic: v6.48.3 [stable] is released!
Replies: 111
Views: 69442

Re: v6.48.3 [stable] is released!

meensb could you please check your CAPsMAN logs if cAP ac joined it after the upgrade to 6.48.3? If anyone else has experienced an issue with cAP ac not booting after the update to 6.48.3 please write to support. https://mikrotik.com/support You are referencing RBcAPGi-5acD2nD here? I am running tr...
by Kindis
Wed May 26, 2021 4:51 pm
Forum: Announcements
Topic: v6.48.3 [stable] is released!
Replies: 111
Views: 69442

Re: v6.48.3 [stable] is released!

I'm not good at explaining, English is not my mother language. What I wanted to explain is that these so-called vulnerabilities are nonsense in comparison to other past and actual problems. (Non-RouterOS related) Here we are in full agreement. The issues are not that bad at all, especially the desi...
by Kindis
Wed May 26, 2021 4:04 pm
Forum: Announcements
Topic: v6.48.3 [stable] is released!
Replies: 111
Views: 69442

Re: v6.48.3 [stable] is released!

Kindis, what is missing from the blog? All serious security issues are in there. We will add Frag, but in my opinion, it is not serious at all. It's like discovering that your front door can be opened in a few minutes with the right lockpick, or it's like putting a security door in the main entranc...
by Kindis
Wed May 26, 2021 4:00 pm
Forum: Announcements
Topic: v6.48.3 [stable] is released!
Replies: 111
Views: 69442

Re: v6.48.3 [stable] is released!

Kindis, what is missing from the blog? All serious security issues are in there. We will add Frag, but in my opinion, it is not serious at all. Well it is up to you but I follow many vendors and I do not really care if the risk is low to high but I would like an update to see if a security update h...
by Kindis
Wed May 26, 2021 3:03 pm
Forum: Announcements
Topic: v6.48.3 [stable] is released!
Replies: 111
Views: 69442

Re: v6.48.3 [stable] is released!

Also also please please please update the blog you have with new details about Security
or
Shut it down as you clearly are not using it they way you presented it.
by Kindis
Thu May 20, 2021 1:29 pm
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 89666

Re: v6.49beta [testing] is released!

This means you also have the implementation issues and not only the design flaws.
Many thanks for quick reply
by Kindis
Thu May 20, 2021 1:22 pm
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 89666

Re: v6.49beta [testing] is released!

---------------------- !) wireless - fixed all affecting 'FragAttacks' vulnerabilities (CVE-2020-24587, CVE-2020-24588, CVE-2020-26144, CVE-2020-26146, CVE-2020-26147); ---------------------- Does this have an expected performance hit? In the tests conducted so far, no meaningful differences in CPU...
by Kindis
Thu May 20, 2021 12:59 pm
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 89666

Re: v6.49beta [testing] is released!

---------------------- !) wireless - fixed all affecting 'FragAttacks' vulnerabilities (CVE-2020-24587, CVE-2020-24588, CVE-2020-26144, CVE-2020-26146, CVE-2020-26147); ---------------------- Does this have an expected performance hit? In the tests conducted so far, no meaningful differences in CPU...
by Kindis
Thu May 20, 2021 10:05 am
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 89666

Re: v6.49beta [testing] is released!

I know you can probably not answer this but I'm gonna ask any way :-)

Do you have a release timeline for Stable and Long-Term? Can we expect anything this week or is most targeted further ahead?
by Kindis
Fri Apr 30, 2021 11:18 am
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 89666

Re: v6.49beta [testing] is released!

You should remove this file from here and send to support@mikrotik.com.
This file contains passwords etc so you should not post it in the forum here.
by Kindis
Mon Apr 26, 2021 4:00 pm
Forum: Announcements
Topic: v6.48.2 [stable] is released!
Replies: 141
Views: 61733

Re: v6.48.2 [stable] is released!

Interesting, changed to next dns (downloaded cert and enabled verification) New https://45.90.28.0/dns-query Old https://1.1.1.1/dns-query Will in some hour see if memory goes up. So here is a difference and now my perhaps poor skills of DoH will popup. But if you use the IP in the HTTPS how can th...
by Kindis
Mon Apr 26, 2021 3:01 pm
Forum: Announcements
Topic: v6.48.2 [stable] is released!
Replies: 141
Views: 61733

Re: v6.48.2 [stable] is released!

Yes: SUP-47171 That is great! I did however activate DoH certificate verification on my 4011 (main resolver) and interestingly I do not have the same issue. So I have been running with this enabled a few days and I do not have the same trend your routers display. I followed the guide of NextDNS and...
by Kindis
Sat Apr 24, 2021 11:26 am
Forum: General
Topic: Massive slowdown after upgrading to routeros 6.48.2
Replies: 5
Views: 1297

Re: Massive slowdown after upgrading to routeros 6.48.2

I always restart my equipment twice after a upgrade. First ROS then firmware. I think that in many cases a second restart solves many issues. So perhaps the reboot solved the issue?
by Kindis
Fri Apr 23, 2021 3:48 pm
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 89666

Re: v6.49beta [testing] is released!

What's new in 6.49beta38 (2021-Apr-23 10:31): Changes in this release: *) system - improved resource allocation (improves several service stability e.g. HTTPS, PPPoE, VPN); If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be ...
by Kindis
Fri Apr 23, 2021 1:18 pm
Forum: Announcements
Topic: v6.48.2 [stable] is released!
Replies: 141
Views: 61733

Re: v6.48.2 [stable] is released!

When I read stuff like this I get a little mad with myself. Why oooo why did I not think of this! I will implement this on the main resolver at once. That will just be like pee in the pants to get worm. Short term solution. You do not know what other stuff may go wrong due to the memory leakage. I ...
by Kindis
Fri Apr 23, 2021 9:30 am
Forum: Announcements
Topic: v6.48.2 [stable] is released!
Replies: 141
Views: 61733

Re: v6.48.2 [stable] is released!

At the end the graph jumps down. Is that just disabling verification or a reboot? So would a scheduled disable and enable work around the issue?
When I read stuff like this I get a little mad with myself. Why oooo why did I not think of this! I will implement this on the main resolver at once.
by Kindis
Thu Apr 15, 2021 8:18 am
Forum: Announcements
Topic: v6.48.2 [stable] is released!
Replies: 141
Views: 61733

Re: v6.48.2 [stable] is released!

The new update fix the RB3011's port flapping?
No not this one but the previous one 6.48.1 fixed that issue if we are talking about issues that where added into 6.48 release.
by Kindis
Wed Apr 14, 2021 11:12 pm
Forum: Announcements
Topic: v6.48.2 [stable] is released!
Replies: 141
Views: 61733

Re: v6.48.2 [stable] is released!

How's it going with the doh? I'm also waiting for a leak fix to drag this function to the router. Does not look to good. It may be to short, but as seen below DoH enabled around 12:00 and sine then it has raised around 1%. Will report back after some days. Before I added DoH the memory was around 2...
by Kindis
Wed Apr 14, 2021 9:23 am
Forum: Announcements
Topic: v6.48.2 [stable] is released!
Replies: 141
Views: 61733

Re: v6.48.2 [stable] is released!

Upgraded an RB3011 to 6.48.2 and log started filling up with OSPF errors and no OSPF routes were being distributed. Ignoring Link State Acknowledgment packet: wrong peer state state=2-Way Other OSPF routers distributing routes on the same backbone include 3 CHRs and an RB750Gr3. I wasn't planning t...
by Kindis
Tue Mar 30, 2021 4:42 pm
Forum: General
Topic: DNS server not returning specific A record (may be DNS/DoH bug)
Replies: 4
Views: 1464

Re: DNS server not returning specific A record (may be DNS/DoH bug)

So I just moved my DNS queries to my MT units and use DoH to NextDNS and I do not have a issue resolving this. > ssl.gstatic.com Server: UnKnown Address: x.x.x.x Non-authoritative answer: Name: ssl.gstatic.com Addresses: 2a00:1450:400f:804::2003 142.250.74.131 But I'm not using Google DNS service to...
by Kindis
Tue Mar 30, 2021 12:51 pm
Forum: General
Topic: hEX POE 48V (MT48-480095)
Replies: 4
Views: 1047

Re: hEX POE 48V (MT48-480095)

Now I do not know this for a fact but my understanding is that the switch does not have a transformer so it cannot step the voltage up or down. It can just relay what it get from the power supply.
by Kindis
Mon Mar 29, 2021 7:27 pm
Forum: General
Topic: OpenSSL Security - CVE-2021-3450 [SOLVED]
Replies: 2
Views: 1554

Re: OpenSSL Security - CVE-2021-3450 [SOLVED]

Many thanks for quick reply.
by Kindis
Mon Mar 29, 2021 1:15 pm
Forum: General
Topic: OpenSSL Security - CVE-2021-3450 [SOLVED]
Replies: 2
Views: 1554

OpenSSL Security - CVE-2021-3450 [SOLVED]

Hello, I'm just curios if CVE-2021-3450 has any impact on ROS? Thinking primarily for SSTP and so on but I guess it is not a major issue regardless but would like to know if ROS is affected and in that case I guess we can expect a release to fix this as well. Edit: Forgot the link https://www.openss...
by Kindis
Thu Mar 11, 2021 10:18 pm
Forum: General
Topic: blocking port 53 incoming from WAN ports, block tons of packets
Replies: 9
Views: 3384

Re: blocking port 53 incoming from WAN ports, block tons of packets

Wow interesting. What happens if you log everything for a min. Is it all different IPs?
by Kindis
Tue Mar 09, 2021 12:59 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

Have you seen last 6.49Beta?
What's new in 6.49beta22 (2021-Mar-08 09:07):

Changes in this release:

*) crs3xx - improved 1Gbps Ethernet port group traffic forwarding for CRS354 devices;
Do not know if this is related but might be?
by Kindis
Fri Feb 12, 2021 3:28 pm
Forum: General
Topic: How to connect vrrp'ed routers to wan (ISP)
Replies: 12
Views: 3075

Re: How to connect vrrp'ed routers to wan (ISP)

So VRRP the dead minimum is 3 IP's and they need to be on the same network and they use broadcast. So I would say no this will not work. With that said perhaps you can use scripts etc to move the IP between devices. For example if you create a VRRP on the internal network you can add UP and Down scr...
by Kindis
Thu Feb 11, 2021 6:05 pm
Forum: General
Topic: Home Network is Failing
Replies: 10
Views: 1608

Re: Home Network is Failing

We need more info. I run my connection over (500/500) and I have no issues working from home with other family members using internet at the same time. I also have a 4011 (none wireless).

How are you connected? If wireless I bet that is the problem.
by Kindis
Fri Feb 05, 2021 3:30 pm
Forum: Announcements
Topic: v6.48.1 [stable] is released!
Replies: 103
Views: 60246

Re: v6.48.1 [stable] is released!

Upgraded the following units from 6.47.8
Two 3011
One RB750Gr3
One cAP AC

No issues and full production has been moved to these units. Will see during the weekend how all looks.
by Kindis
Fri Feb 05, 2021 12:30 pm
Forum: Announcements
Topic: v6.48.1 [stable] is released!
Replies: 103
Views: 60246

Re: v6.48.1 [stable] is released!

What about RB3011 port flapping re-introduced in 6.48?
It's this one
) switch - fixed interface toggling for devices with multiple QCA8337, Atheros8327 or RTL8367 switch chips (introduced in v6.48);
by Kindis
Fri Feb 05, 2021 9:32 am
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 89666

Re: v6.49beta [testing] is released!

Will be there no further V6.48.XX versions?
From the doomed V6.48 straight to V6.49?
I would guess we will get a 6.48.1 today.
by Kindis
Fri Feb 05, 2021 9:30 am
Forum: General
Topic: When you're so desperate for high-speed Internet...
Replies: 1
Views: 685

Re: When you're so desperate for high-speed Internet...

Haha. Many thanks for this.
by Kindis
Wed Feb 03, 2021 4:00 pm
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 89666

Re: v6.49beta [testing] is released!

Also please MT update the Security blog
https://blog.mikrotik.com/security/
*) hotspot - fixed special character parsing in "target" variable (CVE-2021-3014);
Either keep this blog up to date (which is not what is happening now) or shut it down.
by Kindis
Wed Feb 03, 2021 2:58 pm
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 89666

Re: v6.49beta [testing] is released!

Great news but is there a fix for the interface issues with 3011 in here but 3011 is not just mentioned in the changelog?

Edit: I'm just blind. It is this one!
*) switch - fixed interface toggling for devices with multiple QCA8337, Atheros8327 or RTL8367 switch chips (introduced in v6.48);
by Kindis
Wed Feb 03, 2021 11:15 am
Forum: Announcements
Topic: v6.48 [stable] is released!
Replies: 295
Views: 127556

Re: v6.48 [stable] is released!

roadblock Does the developer Team fell into wintersleep? I'm wondering if perhaps they do not intend to release a 6.49 (moving to v7 instead as the next stable release after 6.48) and their existing build process is forcing them to release a 6.49 beta X in order to add the fixes to 6.48, like they ...
by Kindis
Thu Jan 28, 2021 4:00 pm
Forum: General
Topic: Reconfigure VLAN on CRS-326-24P-2S+ [SOLVED]
Replies: 7
Views: 1790

Re: Reconfigure VLAN on CRS-326-24P-2S+ [SOLVED]

I will be honest and say I had not thought about Add and Set but I guess Add is adding and Set is changing something already added. I however do most of this via Winbox as I lile the visual presentation and think that it makes for easier understanding of the configuration. So I would have used Winbo...
by Kindis
Thu Jan 28, 2021 9:59 am
Forum: General
Topic: Reconfigure VLAN on CRS-326-24P-2S+ [SOLVED]
Replies: 7
Views: 1790

Re: Reconfigure VLAN on CRS-326-24P-2S+ [SOLVED]

So having a quick look while between meetings :) I can see that SFP1 is currently specified as a Tragged only port add bridge=BR1 frame-types=admit-only-vlan-tagged ingress-filtering=yes interface=sfp1 You need to change this to add bridge=BR1 frame-types=admit-only-untagged-and-priority-tagged ingr...
by Kindis
Wed Jan 27, 2021 11:41 pm
Forum: General
Topic: Reconfigure VLAN on CRS-326-24P-2S+ [SOLVED]
Replies: 7
Views: 1790

Re: Reconfigure VLAN on CRS-326-24P-2S+ [SOLVED]

So in first part of post spf1 is under tagged for vlan 1005 but in later output it is under untagged. It should be under untagged and PVID for the port is correct.
Can you do a full export under interface bridge?
by Kindis
Wed Jan 27, 2021 11:33 pm
Forum: General
Topic: Port flapping (ether6 link down/up) on RB3011UiAS-RM
Replies: 54
Views: 35476

Re: Port flapping (ether6 link down/up) on RB3011UiAS-RM

3011 and port flapping is a known issue on 6.48 and MT said next release will fix this.
by Kindis
Wed Jan 27, 2021 9:52 pm
Forum: Announcements
Topic: v6.48 [stable] is released!
Replies: 295
Views: 127556

Re: v6.48 [stable] is released!

If you need anything MORE stable - go to Zyxel with their zyfwp. but keep in mind that you share your admin account with anyone on the internet https://nakedsecurity.sophos.com/2021/01/06/zyxel-hardcoded-admin-password-found-patch-now/ zyfwp is the hard coded account so I think a joke was made here 😁
by Kindis
Sun Jan 24, 2021 10:51 pm
Forum: General
Topic: Random Disconnections on all LAN Ports (RB3011)
Replies: 3
Views: 959

Re: Random Disconnections on all LAN Ports (RB3011)

What version are you running of ROS?
by Kindis
Mon Jan 11, 2021 10:01 am
Forum: General
Topic: RB750Gr3 difference between workstation speedtest vs bandwitch test
Replies: 13
Views: 1992

Re: RB750Gr3 difference between workstation speedtest vs bandwitch test

Ok so this might be a stupid question but have you tested other speed testing sites? I mean just because you get crap speed on one speed test site/connection does not mean you connection is bad. If you download a ISO file or something else that is big can you get the proper speed then? I use to have...
by Kindis
Sat Jan 09, 2021 9:22 am
Forum: General
Topic: No internet from AP on VLAN when using CAPsMAN [SOLVED]
Replies: 3
Views: 1719

Re: No internet from AP on VLAN when using CAPsMAN [SOLVED]

Export config and we can see but I had a simular issue when I started using CapsMAN. I use local forwarding so the AP do not tunnel the traffic to the router. What solved my issue was that I had forgotten to add the Bridge in CAP config on the AP. Once I added the bridge in the config on the ap it a...
by Kindis
Fri Jan 08, 2021 8:27 pm
Forum: Announcements
Topic: v6.48 [stable] is released!
Replies: 295
Views: 127556

Re: v6.48 [stable] is released!

Read in this thread about SIP and workaround.. All is written here.
by Kindis
Fri Jan 08, 2021 12:06 am
Forum: General
Topic: Problem Hardware Offload on CRS326-24G-2S+?
Replies: 1
Views: 666

Re: Problem Hardware Offload on CRS326-24G-2S+?

So you have 2 Bridges. One named Bridge and one named VLAN2. Hardware offload only works for one bridge. You have to move the config from VLAN to bridge to the Bridge named Bridge (This became confusing :)) to get this to work. Then delete other Bridge Read more here https://wiki.mikrotik.com/wiki/M...
by Kindis
Tue Jan 05, 2021 11:04 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

It's not the Mikrotik's fault.
The Marvell chip manufacturer is responsible for this.
So it may be but we are not marwell customers but Mikrotik customers so we are affected how MT handle this.
by Kindis
Tue Jan 05, 2021 11:00 pm
Forum: General
Topic: Wait wait wait wait wait.. Mikrotik 10Gbe is a scam...??
Replies: 5
Views: 1206

Re: Wait wait wait wait wait.. Mikrotik 10Gbe is a scam...??

So you have bought a switch and not a router, but a switch that can act as a router (Cloud Router Switch, stupid name I know) So you should only use these for switching and perhaps light routing tasks so primarily L2. Read more here on how to make sure you use correct config in ROS. https://wiki.mik...
by Kindis
Tue Jan 05, 2021 10:48 pm
Forum: General
Topic: Wait wait wait wait wait.. Mikrotik 10Gbe is a scam...??
Replies: 5
Views: 1206

Re: Wait wait wait wait wait.. Mikrotik 10Gbe is a scam...??

Ethernet test results I think is routing not switching.
Switching result with 1500 bytes is as you write 43,427.8 Mbit which is around 40 Gbit. So there should be no issue as long as it is correctly configured for hardware offload.
by Kindis
Fri Jan 01, 2021 11:05 am
Forum: Announcements
Topic: v6.48 [stable] is released!
Replies: 295
Views: 127556

Re: v6.48 [stable] is released!

Really hope they fix the RB3011 finally. Mine has been flapping for years, I have 2 years of logs to prove it. Some updates ware better some worse, but none fixed it truly. set X cpu-flow-control=no name="Switch x" does help a bit, but never really went away, just went from many flaps a d...
by Kindis
Sun Dec 27, 2020 10:23 pm
Forum: Announcements
Topic: v6.48 [stable] is released!
Replies: 295
Views: 127556

Re: v6.48 [stable] is released!

To someone having problems with SIP phones: Could you please check log of the router with ROS 6.48, whether there are unexpected flapping events (link down/up) or not? Since the linkdowns last between 1 and 2 seconds (as observed in my lab), it could cause "Lagged" state in Asterisk when ...
by Kindis
Sat Dec 26, 2020 10:43 am
Forum: General
Topic: Wireless in 2.4 and out via 5gha in hAP ac²
Replies: 4
Views: 1031

Re: Wireless in 2.4 and out via 5gha in hAP ac²

They are and this you should be able to do. Never done this so cannot help there but they operate independently of each other.
by Kindis
Wed Dec 09, 2020 3:32 pm
Forum: General
Topic: CRS326-24G-2S+ high CPU
Replies: 3
Views: 1226

Re: CRS326-24G-2S+ high CPU

Great. As wiki states doing this removed hardware offload which explains the CPU Use split horizon bridging to prevent bridging loops. Set the same value for group of ports, to prevent them from sending data to ports with the same horizon value. Split horizon is a software feature that disables hard...
by Kindis
Wed Dec 09, 2020 11:52 am
Forum: General
Topic: CRS326-24G-2S+ high CPU
Replies: 3
Views: 1226

Re: CRS326-24G-2S+ high CPU

Export your config with hide-sensitive option and post your output here.
Also have a look at tools>profile to see what process consumes the CPU.
And finally verify hardware offload is active on the ports
by Kindis
Wed Dec 09, 2020 10:18 am
Forum: Announcements
Topic: v6.47.8 [stable] is released!
Replies: 54
Views: 31306

Re: v6.47.8 [stable] is released!

I have an RB1100AHx4 running on 6.47 for about 185 days now, which is when that version was released. I'm currently not experiencing any issues, bugs or any other problems yet. I checked change logs and there doesn't seem to be any security fixes since then. Should I leave it as is or upgrade? Rout...
by Kindis
Thu Dec 03, 2020 2:43 pm
Forum: RouterOS beta
Topic: v7.1beta3 [development] is released!
Replies: 261
Views: 79109

Re: v7.1beta3 [development] is released!

Almost every device out there based on ipq4018/4019 has atleast 256MB of RAM. With a few exceptions, like RT-AC58U which struggles to not throw errors because of the very limited memory available out of the 128MB total. So I wouldn't keep my hopes up to see it running in the future on lower require...
by Kindis
Thu Dec 03, 2020 10:01 am
Forum: General
Topic: Firmware Upgrade & Changelog
Replies: 8
Views: 6994

Re: Firmware Upgrade & Changelog

So in this case I agree and disagree at the same time. If I compare this to other routers I meet at work like Cisco or Juniper a upgrade of the version thus upgrade both OS and firmware at the same time, even if the upgrade process is way way worse sometimes. The way I see this is that ROS is a OS r...
by Kindis
Wed Dec 02, 2020 11:51 pm
Forum: General
Topic: more cpu core
Replies: 10
Views: 1876

Re: more cpu core

So if you have 2 * 8 cores I think you have to provide a Max of 8 cores per virtual socket.
by Kindis
Wed Nov 18, 2020 11:36 pm
Forum: General
Topic: Disney+ [SOLVED]
Replies: 5
Views: 4075

Re: Disney+ [SOLVED]

This does not make sense to me. I mean if you use VPN Disney+ should not see your original IP address but only your VPN address. So how did they get your IP?
What VPN service was used?
by Kindis
Tue Nov 17, 2020 3:37 pm
Forum: General
Topic: MikroTik HAP AC2 fails to link 1Gbps
Replies: 18
Views: 4168

Re: MikroTik HAP AC2 fails to link 1Gbps

What happen if you put a Gbit switch between? Just to see if the switch can get at 1 Gbit link. So I tested with a gigabit switch, and it didn't work. (some cheap tp link) I also set 2 bridge ports on the IPS router (the one they gave to me), and used it as a gigabit switch - the HAP links at 1gbps...
by Kindis
Mon Nov 16, 2020 11:43 pm
Forum: General
Topic: MikroTik HAP AC2 fails to link 1Gbps
Replies: 18
Views: 4168

Re: MikroTik HAP AC2 fails to link 1Gbps

What happen if you put a Gbit switch between?
Just to see if the switch can get at 1 Gbit link.
by Kindis
Sat Nov 07, 2020 12:00 am
Forum: General
Topic: Disney+ [SOLVED]
Replies: 5
Views: 4075

Re: Disney+ [SOLVED]

I would remove the above file as this contains a little bit more then I would suggest you share. Run /export hide-sensitive instead and post the output here. However I have a all Mikrotik core at home and run 6.47.7 on all routers and do not have this issue. I also reside in Sweden and all my units ...
by Kindis
Thu Nov 05, 2020 3:28 pm
Forum: Virtualization
Topic: CHR: number of CPUs limited to 64?
Replies: 5
Views: 7511

Re: CHR: number of CPUs limited to 64?

So each socket has 64 cores and each CPU is it's on NUMA node if my memory is correct. So if you want to use more then 64 cores you have to use more then one socket.

How have you configured CPU on the VM the CHR is running on?
by Kindis
Tue Nov 03, 2020 3:06 pm
Forum: Announcements
Topic: v6.46.8 [long-term] is released!
Replies: 36
Views: 29666

Re: v6.46.8 [long-term] is released!

Updated one wAP R and one CRS326-24G-2S+RM all without issues.
by Kindis
Thu Oct 29, 2020 11:22 pm
Forum: Announcements
Topic: v6.47.7 [stable] is released!
Replies: 45
Views: 26676

Re: v6.47.7 [stable] is released!

Is the company going to correct this error? Did you write to support with that problem? This is not a problem of a single device but a stable branch 6.47.X At 6.46.X works correctly 951Ui-2HnD models - cyclic reboot SUP-32199 RB2011UiAS-2HnD - show "ether boot" on LCD Regardless you shoul...
by Kindis
Fri Oct 23, 2020 1:57 pm
Forum: Announcements
Topic: v6.47.6 [stable] is released!
Replies: 39
Views: 24448

Re: v6.47.6 [stable] is released!

The defconf issue is already resolved. Fix will be included in the next RouterOS release. It has been resolved before! I would hope that when such mistakes are made, they are added to the regression testing done before releasing a new version, especially in [stable]. Yes I agree how does this not g...
by Kindis
Wed Oct 21, 2020 2:44 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

If the issue is THAT specific I agree with You, but after all said above, I'm guessing that the Support team is aware what it is and working on fix, but not successful obviously. At least for now. As I stated I do not think there is one issue I think there are multiple. The more cases we pile on to...
by Kindis
Wed Oct 21, 2020 10:57 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

I know it has been said before here but I also think that there is not 1 issue here but several. Might be hardware for some and software for some users. So to fix I think it is important to generate a supout file during the issue and email support@mikrotik.com to get your own case for your issues. O...
by Kindis
Wed Oct 14, 2020 11:04 pm
Forum: General
Topic: Bridge VLAN Filter : not possible to use tagged traffic with VLAN ID = 1
Replies: 10
Views: 2243

Re: Bridge VLAN Filter : not possible to use tagged traffic with VLAN ID = 1

I think you are misunderstanding IP on the bridge. This is the vlan that the bridge itself is on. So when you add a IP to the bridge you put that IP on that vlan. View this as the MGMT VLAN. Now according to the example the last thing you do is to set a rule for vlan 1 that is tagged for Bridge but ...
by Kindis
Tue Oct 13, 2020 11:58 am
Forum: General
Topic: RB3011 system error critical
Replies: 5
Views: 1205

Re: RB3011 system error critical

As you see the router can you connect using MAC address instead?
by Kindis
Fri Oct 09, 2020 9:35 am
Forum: General
Topic: route cache ? [SOLVED]
Replies: 1
Views: 1906

Re: route cache ? [SOLVED]

https://wiki.mikrotik.com/wiki/Manual:IP/Settings

From the Wiki: Disable or enable Linux route cache. Note that by disabling route cache, it will also disable fast path.
by Kindis
Tue Oct 06, 2020 10:39 pm
Forum: General
Topic: XBOX and MikroTik RouterOS v6.47 (stable) NAT | UPDATE: VPN
Replies: 16
Views: 5474

Re: XBOX and MikroTik RouterOS v6.47 (stable) NAT

I said this in DM but I noticed that UPnP is disabled. So test to enable it would be a good start.
Also agreed ports are confusing as hell but hopefully UPnP would solve this.
by Kindis
Tue Oct 06, 2020 2:43 pm
Forum: General
Topic: XBOX and MikroTik RouterOS v6.47 (stable) NAT | UPDATE: VPN
Replies: 16
Views: 5474

Re: XBOX and MikroTik RouterOS v6.47 (stable) NAT

If you run the code in CLI the rules will be placed last and below the drop rules so they will not work. You have to move them so they are above the drop rules which are last.
by Kindis
Tue Oct 06, 2020 2:33 pm
Forum: General
Topic: XBOX and MikroTik RouterOS v6.47 (stable) NAT | UPDATE: VPN
Replies: 16
Views: 5474

Re: XBOX and MikroTik RouterOS v6.47 (stable) NAT

Hello, So the NAT rules should be like this: /ip firewall nat add action=dst-nat chain=dstnat dst-port=3074 in-interface=ether1 protocol=tcp to-addresses=192.168.88.246 add action=dst-nat chain=dstnat dst-port=88,500,3074,3544,4500,5730-5731,5739 in-interface=ether1 protocol=udp to-addresses=192.168...
by Kindis
Tue Oct 06, 2020 1:53 pm
Forum: General
Topic: XBOX and MikroTik RouterOS v6.47 (stable) NAT | UPDATE: VPN
Replies: 16
Views: 5474

Re: XBOX and MikroTik RouterOS v6.47 (stable) NAT

Ok so you can forward and open these port or use UPnP. Now I'm no fan of UPnP but in this case it might be the best option for you. Can you do a export hide-sensitive and paste the output. Could be UPnP that needs tweaking. If not we can help with NAT rules as we can se interface names and so on th...
by Kindis
Tue Oct 06, 2020 1:43 pm
Forum: General
Topic: XBOX and MikroTik RouterOS v6.47 (stable) NAT | UPDATE: VPN
Replies: 16
Views: 5474

Re: XBOX and MikroTik RouterOS v6.47 (stable) NAT

Ok so you can forward and open these port or use UPnP. Now I'm no fan of UPnP but in this case it might be the best option for you. Can you do a export hide-sensitive and paste the output. Could be UPnP that needs tweaking. If not we can help with NAT rules as we can se interface names and so on tha...
by Kindis
Wed Sep 30, 2020 10:08 am
Forum: General
Topic: Is there a router/switch to beat the 4011?
Replies: 25
Views: 5080

Re: Is there a router/switch to beat the 4011?

Thanks all. I have managed to have a sort out and so should be able to fit the IN version in the cabinet. Just one more quick question, would there be a noticeable improvement in general performance leaving the 4011 for routing duties only and adding the separate switch? I have 2 4011 (acting as LA...
by Kindis
Wed Sep 23, 2020 1:02 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

When I said that this is outrageous and miktotik did a horrible job, all users told me I am a troll and mikrotik is the best.... This is more than a 5 months old issue and still no fix. CRS354 sucks big time and mikrotik doesnt give a sh*t about it ! We should ask for refund for this garbage hardwa...
by Kindis
Wed Sep 23, 2020 8:49 am
Forum: General
Topic: Mikrotik RB4011iGS+5HacQ2HnD-IN slow transfer rates
Replies: 13
Views: 1875

Re: Mikrotik RB4011iGS+5HacQ2HnD-IN slow transfer rates

Run this and post the output (and remove public IP addresses if you use those

/export hide-sensitive

Also explain from which port to which port are you copying. If Bridge is correctly configured you should get wire speed.
by Kindis
Mon Sep 21, 2020 3:30 pm
Forum: Announcements
Topic: v6.46.7 [long-term] is released!
Replies: 45
Views: 26383

Re: v6.46.7 [long-term] is released!

I upgraded a new 328-24P-4S+ to this release. When setting a bridge VLAN in Winbox the new window shows a VLAN ID of 4294967295 and 'VLAN IDs' is red (since number is invalid). I change it to the VLAN ID I want and it seems to be fine. It shows this each time I add a new VLAN. I confirmed this happ...
by Kindis
Thu Sep 17, 2020 4:24 pm
Forum: General
Topic: CPU on mikrotik
Replies: 4
Views: 962

Re: CPU on mikrotik

So I do not perhaps understand the question fully but if we compare AMD Epyc and Intel I9 I would say that Intel is better depending on workload. AMD still have more CPU latency due to their architecture and that is most lightly a benefit in network operation but that is also down to load and what y...
by Kindis
Tue Sep 15, 2020 10:38 am
Forum: Announcements
Topic: v6.46.7 [long-term] is released!
Replies: 45
Views: 26383

Re: v6.46.7 [long-term] is released!

Upgraded my home hAP ac^2 and I had a problem that I saw for the first time. It seems like router only preserved 200-something address list entries, and many were gone completely or only partially preserved, breaking access to the router itself and internet access (because I use those as NAT out ad...
by Kindis
Mon Sep 14, 2020 3:01 pm
Forum: General
Topic: CVE-2020-11881 PATCH [SOLVED]
Replies: 28
Views: 8288

Re: CVE-2020-11881 PATCH [SOLVED]

Currently only the long-term version channel (v6.46.7) has all the necessary fixes for this CVE. We are working on getting them published in stable and testing channels as well. Sorry for any inconvenience.
Thanks for the clarification.
by Kindis
Mon Sep 14, 2020 12:51 pm
Forum: General
Topic: CVE-2020-11881 PATCH [SOLVED]
Replies: 28
Views: 8288

Re: CVE-2020-11881 PATCH [SOLVED]

So what has be stumped here is what is vulnerable and what is not. The Github repro says this: Affected Versions(tested) 6.41.3 (long term release) 6.45.8 (long term release) 6.45.9 (long term release) 6.46.4 (stable release) 6.47.2 (stable) 6.47.3 (stable) 7.0beta5 (beta) 7.1beta2 and below So if t...
by Kindis
Fri Sep 11, 2020 8:45 am
Forum: Announcements
Topic: v6.47.3 [stable] is released!
Replies: 50
Views: 28351

Re: v6.47.3 [stable] is released!

I've Winbox 3.27 on Wine (ubuntu) and I can't log in to any device after upgrading them to 6.47.3. It stays at "Logging in" and nothing is happening. Of course, devices are accessible by in.ex. SSH but winbox is missing. From windows I still can log in. Trying older winbox didn't work. St...
by Kindis
Thu Sep 10, 2020 1:28 pm
Forum: Announcements
Topic: Expected down time for this forum SEPT 11
Replies: 42
Views: 18789

Re: Expected down time for this forum SEPT 11

Thanks for the hears up but what should I do on my lunch and afternoon break now? ;)
by Kindis
Thu Sep 10, 2020 9:48 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

I have CRS354-48G-4S+2Q+ switch and no traffic problem on ports 1-8. You must add each port to Marvell chip so add "hw=yes" Now I do not have this switch, I have different models, but from what I read this is traffic based. Those that report issues must have hw=yes otherwise they could ne...
by Kindis
Thu Sep 03, 2020 2:28 pm
Forum: Announcements
Topic: v6.47.3 [stable] is released!
Replies: 50
Views: 28351

Re: v6.47.3 [stable] is released!

You had the same issues with 6.47.2 if I remember correctly? I wonder if this is more for you setup. I have a couple of these switches and I do not have this problem but I run them on Long-Term. I keep all my switches on this release to not have to patch as often. @Kindis If you read my post proper...
by Kindis
Thu Sep 03, 2020 2:02 pm
Forum: Announcements
Topic: v6.47.3 [stable] is released!
Replies: 50
Views: 28351

Re: v6.47.3 [stable] is released!

Switch CRS326-24G-2S+ Software upgrade successful from v6.47.2 TO v6.47.3 but after upgrade no longer able to login using Winbox to upgrade the firmware -- showing the following error message: ERROR could not connect to 192.168.10.88 When using Mac Address to login returns error message: ERROR coul...
by Kindis
Thu Sep 03, 2020 1:59 pm
Forum: Announcements
Topic: v6.47.3 [stable] is released!
Replies: 50
Views: 28351

Re: v6.47.3 [stable] is released!

MikroTik is there any chance to add wireguard in v6?
I might be off here but my understanding is that this is a feature in the Linux kernel and version 6 will not upgrade the kernel without major overall I think this will be a V7 feature we have to wait for,
by Kindis
Thu Sep 03, 2020 1:26 pm
Forum: Announcements
Topic: v6.47.3 [stable] is released!
Replies: 50
Views: 28351

Re: v6.47.3 [stable] is released!

Can we have more information on CVE-2020-3702 and what it is.
More should I patch now or later type of question.
by Kindis
Wed Sep 02, 2020 11:52 am
Forum: Announcements
Topic: WinBox v3.27 released!
Replies: 100
Views: 59189

Re: WinBox v3.27 released!

What's new in v3.27:

*) fixed content drawing of read-only tables (introduced in v3.26);
Many thanks for a super quick response! All my issues are now gone!
by Kindis
Wed Sep 02, 2020 11:14 am
Forum: Announcements
Topic: WinBox v3.27 released!
Replies: 100
Views: 59189

Re: WinBox v3.26 released!

In CapsMAN under configuration I cannot configure a country anymore. It only says unknown and there are not options in the drop down list and I do not se anything under Radio. I have cleared the cache and it did not help anything. Note that this might have been true under 3,25 as well. Saw this when...
by Kindis
Wed Sep 02, 2020 10:21 am
Forum: General
Topic: Help need: CCR1072 is randomly rebooting!
Replies: 6
Views: 1875

Re: Help need: CCR1072 is randomly rebooting!

So as this is probably not a hardware fault as you swapped the unit out to a new one, I hope you swapped the power supply as well otherwise that could be a problem? The only option I can provide until you get a response from support is to downgrade to long-term and see if this help. Also do you have...
by Kindis
Mon Aug 31, 2020 5:11 pm
Forum: General
Topic: Help need: CCR1072 is randomly rebooting!
Replies: 6
Views: 1875

Re: Help need: CCR1072 is randomly rebooting!

What version of ROS are you running?
by Kindis
Mon Aug 31, 2020 5:08 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

Installed beta27
Worked for ~12 hours
Then the problem came again
It works more if there's only a few ports busy or traffic is low
Well that sucks. Have you created a supout during the issues and sent to MT?
by Kindis
Fri Aug 28, 2020 2:45 pm
Forum: Announcements
Topic: WinBox v3.25 released!
Replies: 68
Views: 26709

Re: WinBox v3.25 released!

What's new in v3.25: *) improved window resizing and scaling behavior on systems that include high DPI monitors; YES finally I can have Safe Mode Enabled and not fear that I forget to disable it and trying to close Winbox. Before the prompt if I still would like to close was not formatted correctly...
by Kindis
Fri Aug 28, 2020 9:04 am
Forum: General
Topic: Can't get 10Gb on crs326-24s+2q+rm
Replies: 7
Views: 2001

Re: Can't get 10Gb on crs326-24s+2q+rm

Which release of SWOS are you running? I think 2.12 had issues if you had flow control activated on a port.
Regardless this looks like something you need to e-mail support as other here on the forum can get better speeds that this.
by Kindis
Wed Aug 26, 2020 3:55 pm
Forum: General
Topic: CRS326-24S+2Q 200 MBit/s Maxout
Replies: 6
Views: 1479

Re: CRS326-24S+2Q 200 MBit/s Maxout

You should not create any VLAN under interface but only handle the VLANS in the Bridge.

Can you do a full export with hide-sensitive
by Kindis
Tue Aug 25, 2020 6:27 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 115
Views: 30797

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

For me this is a question about support and what is the outfall of an outage. So if it is a Office network and there are some problem with the network is that a large incident or is that an inconvenience? Where I work we have network that we can use MT equipment without issues if we would like to ge...
by Kindis
Tue Aug 25, 2020 5:47 pm
Forum: General
Topic: CRS326-24S+2Q 200 MBit/s Maxout
Replies: 6
Views: 1479

Re: CRS326-24S+2Q 200 MBit/s Maxout

So this cannot be the complete config. The picture we see do not correlate to the config you pasted. So even if ports are hardware offloaded conditions must be met. For instance VLAN in this case is not correct and I think this may break the offloading. You need to implement VLAN filtering on the Br...
by Kindis
Mon Aug 24, 2020 3:45 pm
Forum: Announcements
Topic: v6.48beta [testing] is released!
Replies: 184
Views: 114681

Re: v6.48beta [testing] is released!

*) wireless - added support for U-NII-2 for cAP ac; *) wireless - added support for U-NII-2 for wAP ac; Which U-NII-2 ecactly: 2A, 2B or 2C? 5350-5470 MHz is U-NII-2B; 2A and 2C were already supported weren't they? Or do you mean in some specific countries? I was also confused by this but I think t...
by Kindis
Mon Aug 24, 2020 11:08 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

Has the beta solved the issue ? I do not know but if I understood Beta 23 (never went public) where good for some and now that Beta 27 is out I'm interested if people have tested and what the result are. Based on the fact that this thread went silent that can mean that people might have good result...
by Kindis
Mon Aug 24, 2020 10:22 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

So I do not have this switch but how does the new beta work? Based on the silence in this thread it might be better now?
by Kindis
Fri Aug 21, 2020 2:07 pm
Forum: RouterOS beta
Topic: v7.1beta2 [development] is released!
Replies: 385
Views: 153555

Re: v7.1beta2 [development] is released!

This level 3 offloading looks very interesting. Do we have any numbers to show what it can mean as this has the potential to put emphasis on the R in CRS :-)
by Kindis
Thu Aug 20, 2020 9:39 pm
Forum: General
Topic: LTE Firmware Update
Replies: 7
Views: 2068

Re: LTE Firmware Update

So I have done this a lot of times. What version of ROS are you running. They have made improvements to the update process in newer versions.
by Kindis
Thu Aug 20, 2020 11:14 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

is there some public bug tracker available? where we can track some status? would also be good for their changelogs to reference bug numbers, so everybody knows what they fixed there. O man I would love a bug tracker like MS does with KB articles or also what Cisco is doing. As of now I only know o...
by Kindis
Thu Aug 20, 2020 9:39 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

Did you see that this changelog entry also was in 6.47.1? What's new in 6.47.1 (2020-Jul-08 12:34): *) crs3xx - fixed HW offloading for netPower 15FR and netPower 16P devices (introduced in v6.47); *) crs3xx - fixed increased CPU temperature for CRS354-48G-4S+2Q+ device (introduced in v6.47); *) cr...
by Kindis
Wed Aug 19, 2020 5:25 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

ld more like to read "fixed ethernet port group traffic..." instead of "improved". "Fixed" = Admission that it was broken in the first place = grounds for compensation I wouldn't hold my breath waiting :-) That is somewhat true. Worst changelog I ever read was for a so...
by Kindis
Wed Aug 19, 2020 4:05 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

viewtopic.php?f=21&t=163308&p=811799#p811759
What's new in 6.48beta27 (2020-Aug-18 06:20):

Changes in this release:
*) crs3xx - improved Ethernet port group traffic forwarding for CRS354 devices;
Now all can test :)
by Kindis
Wed Aug 19, 2020 3:08 pm
Forum: Announcements
Topic: v6.47.2 [stable] is released!
Replies: 88
Views: 39761

Re: v6.47.2 [stable] is released!

*) wireless - added support for U-NII-2 for cAP ac; Can someone enlighten me about this one? I have 3 of these and one of them run channel ch54-5270 and this works and this is within U-NII-2 or I'm I just plain stupid after the vacation as my brain has yet to start working, which is most likely the...
by Kindis
Tue Aug 18, 2020 4:28 pm
Forum: General
Topic: Wireless unable to connect to Internet...
Replies: 9
Views: 1984

Re: Wireless unable to connect to Internet...

So do I understand that the phone works great on the same wireless network but a Nintendo Switch does not? I would move away from using internal DNS unless you need it. I would provide the users with "real" DNS servers instead so give them 8.8.8.8 or 1.1.1.1 as primary DNS server and see i...
by Kindis
Tue Aug 18, 2020 10:55 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 428
Views: 122653

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

6.48beta12 I still have a problem! Please attach 6.48beta23
E-mail support and you will get access to the version that way. I would never run anything I can download outside official channels.
by Kindis
Mon Aug 17, 2020 3:52 pm
Forum: Wireless Networking
Topic: "No supported channel" in CAPsMAN when using channels 149-165
Replies: 3
Views: 3949

Re: "No supported channel" in CAPsMAN when using channels 149-165

I had the same problem for Sweden. I looked it up and I can run these so something is up with ROS.
I removed the country in CapsMAN and now it works.
by Kindis
Fri Aug 14, 2020 2:54 pm
Forum: General
Topic: RB750Gr3 - ether2: bridge port received packet with own address as source address (c4:ad:34:a1:4d:9d), probably loop
Replies: 8
Views: 2708

Re: RB750Gr3 - ether2: bridge port received packet with own address as source address (c4:ad:34:a1:4d:9d), probably loop

I have had issues with equipment that are connected and redundant for example via LACP and the equipment then builds and internal software switch which links the two sides together and creates a loop. Should not that when this has happen it is 100% my own fault for missconfiguration! Testing one by ...
by Kindis
Fri Aug 14, 2020 11:28 am
Forum: General
Topic: RB750Gr3 - ether2: bridge port received packet with own address as source address (c4:ad:34:a1:4d:9d), probably loop
Replies: 8
Views: 2708

Re: RB750Gr3 - ether2: bridge port received packet with own address as source address (c4:ad:34:a1:4d:9d), probably loop

Must be a loop in the 24 port switch somewhere. Have you checked all equipment attached to this switch?
by Kindis
Thu Aug 13, 2020 9:46 am
Forum: General
Topic: Poor DNS performance under heavy traffic
Replies: 3
Views: 2069

Re: Poor DNS performance under heavy traffic

This is probably not the answer you wanted but I would not run the DNS service on the router. In smaller setups if can make sense but in larger setups like yours I would say two dedicated servers would be the best option. Note that you not need high cost servers for this. In come cases it might even...
by Kindis
Sat Aug 08, 2020 12:42 am
Forum: General
Topic: cant ping 8.8.8.8 from inside microtik behind my router
Replies: 2
Views: 1361

Re: cant ping 8.8.8.8 from inside microtik behind my router

Please do a /export hide-sensitive and post output.
by Kindis
Thu Jul 30, 2020 5:30 pm
Forum: General
Topic: cAP Ac wall mounting question [SOLVED]
Replies: 3
Views: 2205

Re: cAP Ac wall mounting question [SOLVED]

Many thanks, you guys are awesome. This picture should be added to the documentation of the unit :-)

PS. With modding I mean brining out the saw and making "none supported alteration to the unit ;-) DS
by Kindis
Thu Jul 30, 2020 1:43 pm
Forum: General
Topic: cAP Ac wall mounting question [SOLVED]
Replies: 3
Views: 2205

cAP Ac wall mounting question [SOLVED]

So I'm interested in buying a few cAP Ac units. I want to walk mount them all but the cable need to run along the wall and all info I can find or pictures shows the cable exiting out of the wall. So simple question is possible without modding the unit to wall mount them with the cable running down t...
by Kindis
Fri Jul 10, 2020 12:07 pm
Forum: Announcements
Topic: v6.47.1 [stable] is released!
Replies: 146
Views: 95116

Re: v6.47.1 [stable] is released!

Great!
But Winbox CRASH DOWN, when Press + under System -> IPsec-> Policies.

Please fix that bug...
Tested this and I have no issues with this so this might be related to your setup.
by Kindis
Tue May 26, 2020 9:06 am
Forum: Virtualization
Topic: CHR Hypervisor recommenadtion please (Hyper V?)
Replies: 9
Views: 10262

Re: CHR Hypervisor recommenadtion please (Hyper V?)

I use to run a CHR on Hyper-V and it worked great. Only issue I had was a crash in a specific build but other then that I had no issues. I however is a user of Hyper-V and like the hypervisor but I think you should run the hypervisor you feel comfortable with and can operate. That will in the end wo...
by Kindis
Mon May 04, 2020 8:55 am
Forum: General
Topic: CCR1036-12g-4s Memory Leak
Replies: 1
Views: 1264

Re: CCR1036-12g-4s Memory Leak

My guess is that this will be hard to fix here if it is a mem leak. Take a supout file, when you can se the problem, and send it to support@mikrotik.com and they can have a look at it. If you want someone here to be able to help please run /export hide-sensitive and post the output here after you re...
by Kindis
Tue Apr 21, 2020 9:01 pm
Forum: General
Topic: 802.3ad bond running when link down
Replies: 13
Views: 4397

Re: 802.3ad bond running when link down

So out of pure interest I had to test this :-) So for a test I removed all the cables from a LACP Interface and the bonding itself went down and reported down. So I'm not seeing the same behavior as you do. Try it with a dumb switch in the middle, remember I'm not getting a physical link down. It's...
by Kindis
Tue Apr 21, 2020 2:08 pm
Forum: General
Topic: 802.3ad bond running when link down
Replies: 13
Views: 4397

Re: 802.3ad bond running when link down

So out of pure interest I had to test this :-)

So for a test I removed all the cables from a LACP Interface and the bonding itself went down and reported down. So I'm not seeing the same behavior as you do.
by Kindis
Mon Apr 20, 2020 5:30 pm
Forum: General
Topic: 802.3ad bond running when link down
Replies: 13
Views: 4397

Re: 802.3ad bond running when link down

I don't think your LACP works at all, since you have not specified a primary Link... Whats the point of 802.3ad if you just add only one member? It's totally wrong to me... Yes this and also what does Link is broken mean and what is your expected behavior. I use LACP for redundancy on a hardware le...
by Kindis
Wed Apr 15, 2020 11:03 am
Forum: General
Topic: Security Vulnerabilities
Replies: 13
Views: 4683

Re: Security Vulnerabilities

From what I can see in the security landscape bugs that cause a crash in a important process like console or similar is often targeted for RCE. This can not always be used and you have to look at the ease of use. What is more of an issue now is the used of chained attacks. You can now find reported ...
by Kindis
Wed Apr 15, 2020 10:05 am
Forum: General
Topic: Security Vulnerabilities
Replies: 13
Views: 4683

Re: Security Vulnerabilities

Personally "authenticated user can do x" (meaning administrator) is complete nonsense. So I personally do not agree with this. What we see in term of security now is that one flaw that can allow for RCE or Elevation of privileges can be used in chains to attack a target. A vulnerability o...
by Kindis
Fri Apr 10, 2020 11:28 am
Forum: General
Topic: RB3011 - low routing performance with low CPU usage?
Replies: 7
Views: 3681

Re: RB3011 - low routing performance with low CPU usage?

This sound like a case for support@mikrotik.com and a supout file when you have the issue.
by Kindis
Wed Apr 08, 2020 2:39 pm
Forum: General
Topic: RB3011 - low routing performance with low CPU usage?
Replies: 7
Views: 3681

Re: RB3011 - low routing performance with low CPU usage?

This looks relay strange. Even I do not full get what you have done it should not behave like this and as you say the CPU does not seam to be be bottleneck. So most CCR routers do not have a switch chip in them. I wonder if your port layout or something else is causing this issue. Having a look at t...
by Kindis
Wed Apr 01, 2020 3:53 pm
Forum: General
Topic: [R11e-LTE6] - CANNOT upgrade LTE firmware [SOLVED]
Replies: 6
Views: 9463

Re: [R11e-LTE6] - CANNOT upgrade LTE firmware [SOLVED]

What happens if you run the same command but without update=yes This so you see if you need the firmware. I got a similar issues on an wAP-R that has the "R11e-LTE" card. Do not remeber the all of the error message but I know I got TIme-Out and in my case it was two issues. I did not have ...
by Kindis
Thu Mar 26, 2020 10:06 pm
Forum: Virtualization
Topic: CHR problem in Windows Server Hyper-V
Replies: 3
Views: 7235

Re: CHR problem in Windows Server Hyper-V

So I wonder if you have issues with Mac address protection. Check so you do not have this on for the cards.
Also in regards to VLAN etc read this one.
viewtopic.php?f=15&t=105465
by Kindis
Wed Mar 25, 2020 11:11 pm
Forum: General
Topic: WinBox Connection error
Replies: 7
Views: 53485

Re: WinBox Connection error

So I wonder if the new secure winbox connection cannot handle NAT. Was setting up a new router that I pre configured but managed to frogg up the OSPF config on the new one. GRE connected but I had to NAT my connection to get route back and Winbox did not want to connect with legacy mode on or off. U...
by Kindis
Thu Mar 12, 2020 10:49 am
Forum: Announcements
Topic: Winbox v3.22 released!
Replies: 117
Views: 84520

Re: Winbox v3.22 released!

All the issues I had with scaling is now gone as far as I know BUT i noticed something before. I run a 2 monitor setup with one 4K (laptop) and the other 1440 (external screen). If I had the problem where I could not read the logs on either screens dragging the winbox window from one screen to the o...
by Kindis
Mon Mar 09, 2020 9:40 am
Forum: General
Topic: Can i recover my RB3011UiAS-RM ?
Replies: 2
Views: 2255

Re: Can i recover my RB3011UiAS-RM ?

I guess i should Trash-Can it?

Thank you..
No I don't think you have to do that. You should try Netinstall and reinstall the OS on the router. Google around there are briliant guides out there how to use Netinstall.
by Kindis
Tue Mar 03, 2020 12:35 am
Forum: General
Topic: not enouth disk space
Replies: 8
Views: 4000

Re: not enouth disk space

Yes. You should allocate at least 2GB if you plan to run the Dude as a trial. If you have a more extensive requirement for the Dude you need to plan ahead. I remember, and I might be wrong, that they have limited the boot drive to 1 GB. I have not tested but think I remember reading this a changelo...
by Kindis
Mon Mar 02, 2020 11:28 pm
Forum: General
Topic: not enouth disk space
Replies: 8
Views: 4000

Re: not enouth disk space

Yes. You should allocate at least 2GB if you plan to run the Dude as a trial. If you have a more extensive requirement for the Dude you need to plan ahead. I remember, and I might be wrong, that they have limited the boot drive to 1 GB. I have not tested but think I remember reading this a changelo...
by Kindis
Thu Feb 20, 2020 3:26 pm
Forum: General
Topic: RB2011UiAS looses about 40 megabits of thgougpput!?!
Replies: 49
Views: 10732

Re: RB2011UiAS looses about 40 megabits of thgougpput!?!

Are you sure that you have 1000Mbit link on ETH1 (and on the port you connect your speedtest-running PC on) ? Your configuration sets port 1-5 (the gigabit ports) to SPEED=100M . The other ports (ETH6-10) is 100Mbit only on the RB2011. 100% sure about link, also for PC. 100mbit is weird a bit, but ...
by Kindis
Thu Feb 20, 2020 3:10 pm
Forum: General
Topic: RB2011UiAS looses about 40 megabits of thgougpput!?!
Replies: 49
Views: 10732

Re: RB2011UiAS looses about 40 megabits of thgougpput!?!

Are you sure that you have 1000Mbit link on ETH1 (and on the port you connect your speedtest-running PC on) ? Your configuration sets port 1-5 (the gigabit ports) to SPEED=100M . The other ports (ETH6-10) is 100Mbit only on the RB2011. This one has fooled me many times before. This is a export of t...
by Kindis
Thu Feb 20, 2020 10:44 am
Forum: General
Topic: Chromecast sleepmode issue
Replies: 25
Views: 6324

Re: Chromecast sleepmode issue

What is the lease time on DHCP addresses? I have two Xbox One's that connect via swicthes (none MT units) to my core router (4011) and I had issues that if the Xbox one was in standby mode for more then the lease time I could not turn if on by using the app from my phone or see that it had renewed i...
by Kindis
Thu Feb 20, 2020 10:18 am
Forum: General
Topic: RB2011UiAS looses about 40 megabits of thgougpput!?!
Replies: 49
Views: 10732

Re: RB2011UiAS looses about 40 megabits of thgougpput!?!

When you test what is the status of the CPU?

I see you have a few mangle rules. Did you create those and can you disable those for a test?
by Kindis
Tue Feb 18, 2020 11:21 am
Forum: General
Topic: Can't Upgrade Firmware
Replies: 8
Views: 5504

Re: Can't Upgrade Firmware

Oo this is a big update and also the version you have have several security issues that are more or less very critical. I would go for a export of configuration and perform a Netinstall but otherwise do as mentioned above. You will also get the new bridge setup and a lot of other features so as I sa...
by Kindis
Tue Feb 18, 2020 9:10 am
Forum: General
Topic: RB2011UiAS looses about 40 megabits of thgougpput!?!
Replies: 49
Views: 10732

Re: RB2011UiAS looses about 40 megabits of thgougpput!?!

This can be many thing.

Run this and post the config
export hide-sensitive
by Kindis
Mon Feb 17, 2020 5:17 pm
Forum: General
Topic: No more than 160 Mbps in a 600 Mbps with RouterBOARD 2011UiAS-2HnD
Replies: 6
Views: 3107

Re: No more than 160 Mbps in a 600 Mbps with RouterBOARD 2011UiAS-2HnD

So if I read your config correctly you only have Firewall filter rules based on Established, Related and nothing on New. Never seen this before but I can see that you have Fast-Track rules as well but they are at the bottom of you rules so they never apply so you are in effect not using Fast-Track. ...
by Kindis
Mon Feb 17, 2020 5:07 pm
Forum: General
Topic: Can't Upgrade Firmware
Replies: 8
Views: 5504

Re: Can't Upgrade Firmware

Based on you old firmware you must also have a old and vulnerable ROS. First update ROS System > Packages >> Check for Update and upgrade. Now this can be somewhat of a risky business depending on what version you are on so make a backup and export config before doing this! After you have upgraded R...
by Kindis
Thu Feb 06, 2020 11:19 am
Forum: General
Topic: CVE-2019-3981
Replies: 8
Views: 2566

Re: CVE-2019-3981

I think it is important to get all the info and not just waft it away and say No this is an old thing so do not worry. It all boils down to risk management and how this could effect someone. By being silent on the issue Mikrotik only manages to look bad if you ask me. Much better to release informat...
by Kindis
Wed Feb 05, 2020 12:10 pm
Forum: General
Topic: CVE-2019-3981
Replies: 8
Views: 2566

Re: CVE-2019-3981

Now from what I can see this is a man in the middle attack that is not solved. Article mentions Winbox 3.20 which is the latest and ROS 6.43 which is old but you can read the following from Tenable Disclosure Timeline 10/15/2019 - Tenable discloses. 90 day is Jan. 14, 2020. 10/17/2019 - MikroTik ack...
by Kindis
Thu Jan 16, 2020 4:02 pm
Forum: Announcements
Topic: v6.46.2 [stable] is released!
Replies: 120
Views: 62849

Re: v6.46.2 [stable] is released!

*) security - fixed vulnerability for routers with default password (limited to Wireless Wire), admin could login on startup with empty password before default configuration script was fully loaded;
Don't forget to update the Security blog. During writing this the blog has not been updated.
by Kindis
Thu Dec 19, 2019 4:27 pm
Forum: General
Topic: wAP R 3g? (RBwAPR-2nD)
Replies: 16
Views: 3795

Re: wAP R 3g? (RBwAPR-2nD)

@Kindis https://forum.mikrotik.com/viewtopic.php?t=146857 Please post at this thread. Be sure your have firmware v13 /interface lte firmware-upgrade lte1 I'm already on the latest firmware. This is really not a issue for me as I can use LTE but as I tested I did not manage to get 3G to work. I migh...
by Kindis
Thu Dec 19, 2019 10:07 am
Forum: General
Topic: wAP R 3g? (RBwAPR-2nD)
Replies: 16
Views: 3795

Re: wAP R 3g? (RBwAPR-2nD)

OK I had to test this myself as I know I have both LTE and 3G coverage where the router is located and I cannot connect to 3G. Now I have not waited for a long time but in the logs I can see it connect then I get this error: 09:03:35 lte,debug I_WAN: network access technology: 3G HSDPS & HSUPA 0...
by Kindis
Wed Dec 18, 2019 8:44 pm
Forum: General
Topic: wAP R 3g? (RBwAPR-2nD)
Replies: 16
Views: 3795

Re: wAP R 3g? (RBwAPR-2nD)

I have a wAP LTE with the same modem. My modem is running "MikroTik_CP_2.160.000_v013" as the modem firmware and ROS is 6.46.1 I have a option under LTE and Network Mode. There I can select GSM, 3G or LTE. Now I do not have a issues with LTE where this device is placed so I have never test...
  • 1
  • 2