Community discussions

Search found 143 matches

by homerwsmith
Tue Sep 03, 2019 4:16 am
Forum: Forwarding Protocols
Topic: Traceroutes UDP don't show up when I trace into my network.
Replies: 0
Views: 259

Traceroutes UDP don't show up when I trace into my network.

When I traceroute from the outside world using udp into my network at 64.57.176.1, hops starting at my edge router
and at least two more do not show up in the output.

Why is that?

Homer
by homerwsmith
Tue Sep 03, 2019 4:12 am
Forum: Forwarding Protocols
Topic: EOIP breaks OSPF [SOLVED]
Replies: 3
Views: 573

Re: EOIP breaks OSPF [SOLVED]

Make sure MTU is forced to 1500 on both the EOIP and the bridges they are joined to.

Then turn off STP on both bridge and EOIP.

Homer
by homerwsmith
Tue Sep 03, 2019 4:09 am
Forum: Forwarding Protocols
Topic: SUBNET splilt across two routers [SOLVED]
Replies: 1
Views: 375

Re: SUBNET splilt across two routers [SOLVED]

Answer: Create an EOIP on both routers, and put the EOIP on each router into a bridged1 set of ports on each router. Make sure MTU is set to 1500 for both EOIP's and for the BRIDGES! Also turn STP off on the EOIP and the Bridge. Then each router will be on each other's lan. Homer
by homerwsmith
Tue Sep 03, 2019 4:06 am
Forum: Forwarding Protocols
Topic: OSPF Network Statement [SOLVED]
Replies: 3
Views: 577

Re: OSPF Network Statement [SOLVED]

The problem is not limiting what subnet is advertised, the problem is OSPF advertising multiple streams of data, one for each subnet. Thus if network is 0.0.0.0/0 and router has 10.16.0.1/29 10.16.17.3/24 10.16.17.4/24 ospf will send 3 completely independent streams of data one for each subnet, adve...
by homerwsmith
Thu Aug 22, 2019 11:10 pm
Forum: Forwarding Protocols
Topic: OSPF Network Statement [SOLVED]
Replies: 3
Views: 577

OSPF Network Statement [SOLVED]

I know that OSPF will only multicast out hard interfaces if at least one of the interfaces subnets falls within the network subnet. But once an interface is active, will OSPF also distribute other subnets on the same hard interface that are not with in the network subnet? If so how do I get OSPF to ...
by homerwsmith
Thu Aug 22, 2019 10:53 pm
Forum: Forwarding Protocols
Topic: SUBNET splilt across two routers [SOLVED]
Replies: 1
Views: 375

SUBNET splilt across two routers [SOLVED]

To make this problem easier, what is the accepted way of splitting a single subnet across two routers that are on the same AS network running OSPF where the two routers are separated by other routers and there are no bridges between the the two end routers. MIK A ------ MIK B ------ MIKC where 10.0....
by homerwsmith
Thu Aug 22, 2019 10:42 pm
Forum: Forwarding Protocols
Topic: OSPF LOOP [SOLVED]
Replies: 2
Views: 609

Re: OSPF LOOP [SOLVED]

thank you very much for your answer.

Diamond is a ring with cross connects. There is no broadcast domain loop that I know of, but there does seem to be an ospf loop.

Homer
by homerwsmith
Thu Aug 22, 2019 10:40 pm
Forum: Forwarding Protocols
Topic: How to set OSPF cost on two routes on one port. [SOLVED]
Replies: 2
Views: 480

Re: How to set OSPF cost on two routes on one port. [SOLVED]

thanks. that's a good answer.

Homer
by homerwsmith
Thu Aug 22, 2019 10:34 pm
Forum: Forwarding Protocols
Topic: EOIP breaks OSPF [SOLVED]
Replies: 3
Views: 573

Re: EOIP breaks OSPF [SOLVED]

Yes thanks, EOIP is slow as sin however it is only for a limited time whle we are moving the servers. These are not high bandwidth servers. During that time a common subnet MUST span both ends of the tunnel to avoid having to renumber the servers before they move one by one, a political but unavoida...
by homerwsmith
Wed Aug 21, 2019 7:03 am
Forum: Forwarding Protocols
Topic: EOIP breaks OSPF [SOLVED]
Replies: 3
Views: 573

EOIP breaks OSPF [SOLVED]

Logs show ospf: Discarding Database Descriptor packet on bridge1 too large mtu mine - 1280 recevied - 1500 Just want to connect two routers with EOIP, from bridge1 on one, to bridge1 on the other. Thanks, full description below. Running RB1100x with 45.3 on two routers. Location A and router A suppo...
by homerwsmith
Mon Apr 22, 2019 5:03 am
Forum: Forwarding Protocols
Topic: OSPF LOOP [SOLVED]
Replies: 2
Views: 609

OSPF LOOP [SOLVED]

Say we have a diamond shaped network with home, first, second and third bases, and a few cross connects between them. Everything is Area 0.0.0.0 Each router has many subnets on each interface but only one subnet connects the routers to each other with a /29. How do I stop OSPF from broadcasting mult...
by homerwsmith
Mon Apr 22, 2019 4:55 am
Forum: Forwarding Protocols
Topic: Simple OSPF load balancing
Replies: 0
Views: 368

Simple OSPF load balancing

Say we have a diamond shaped network, with home, first, second and third bases. The OSPF COST is the same for both home to third baseand home to first, and packets end up going to second base and to the end customer I understand traffic to the customer will be split by connection across the two outg...
by homerwsmith
Mon Apr 22, 2019 4:40 am
Forum: Beginner Basics
Topic: IP on Bridge not pingable [SOLVED]
Replies: 7
Views: 701

Re: IP on Bridge not pingable [SOLVED]

OK, so what you are saying here is: 1.) All ports on the 951 are bridged. 2.) I have assigned 192.168.1.127/24 to the bridge. 3.) There is no default gateway assigned at all 4.) A laptop is plugged into port 1 with static IP 192.168.1.126/24 Then I should NOT be able to ping 127 from the laptop due ...
by homerwsmith
Mon Apr 22, 2019 4:34 am
Forum: General
Topic: Ping Loss at line 9
Replies: 6
Views: 596

Re: Ping Loss at line 9

I am reposting this as it was never answered. It is clear that a router can return a ping answer when and if it wants to, or not at all, showing 'packet loss', without affecting actual throughput at all. But latencies that go high after a particular router, and continue to remain high forever afterw...
by homerwsmith
Mon Apr 22, 2019 4:27 am
Forum: General
Topic: TORCH CONFUSION
Replies: 10
Views: 4412

Re: TORCH CONFUSION

Thanks to all who replied. Here is my 'rule' that I learned. If you are torching an interface, the remote IP on the same side of the router as the interface is always the source, and any other IP is the destination, whether it is inside the router or out another interface. If packets are coming into...
by homerwsmith
Mon Apr 22, 2019 4:05 am
Forum: General
Topic: How are hardware ports associated with names
Replies: 5
Views: 617

Re: How are hardware ports associated with names

In winbox, when I click on INTERFACES and it shows me ether1, ether2 etc, how do I know that ether1 really means port 1 and ether2 means port 2. Where is that set in the config? I understand there is a default name for each what exactly? Each hard port? Then there is a user chosen name that remains ...
by homerwsmith
Mon Apr 22, 2019 3:40 am
Forum: Forwarding Protocols
Topic: How to set OSPF cost on two routes on one port. [SOLVED]
Replies: 2
Views: 480

How to set OSPF cost on two routes on one port. [SOLVED]

Say I have two wireless links coming into the same AP and port on a local mikrotik, but on different subnets, and the remote end stations are on distinct different routers. I want to be able to tell the local router to direct traffic going through the AP to choose one remote end or the other. How do...
by homerwsmith
Sun Apr 21, 2019 10:11 pm
Forum: Forwarding Protocols
Topic: Putting all routers on lo [SOLVED]
Replies: 2
Views: 552

Re: Putting all routers on lo [SOLVED]

Thanks your answer, I thought it was too good to be true :). You mention radio based as a problem for OSPF. Our entire network is multiple mikrotiks in spokes, rings, diamonds and cross connects all based on ubi wireless in the mountains and surrounding terrain. OSPF works most of the time, but some...
by homerwsmith
Wed Apr 10, 2019 9:35 pm
Forum: Forwarding Protocols
Topic: Putting all routers on lo [SOLVED]
Replies: 2
Views: 552

Putting all routers on lo [SOLVED]

Dear Gentle Folk, I believe I have seen, but no longer have, an example config on the net connecting multiple mikrotics together in a web/loop with OSPF. Although each router served different customer subnets from various of their own interfaces, the tiks themselves were connected via an lo loop-bac...
by homerwsmith
Thu Feb 28, 2019 11:07 pm
Forum: General
Topic: inconsistent speeds across mulitple hops [SOLVED]
Replies: 3
Views: 384

Re: inconsistent speeds across mulitple hops [SOLVED]

Thank you for your response. There is one link that is mixed 100/1000, I will look into it. How greedy is fast.com? If I run fast.com from the edge router will it use all available bandwidth taking it away from other users that are being serviced by the same router various hops away? So if our link ...
by homerwsmith
Thu Feb 28, 2019 1:21 am
Forum: General
Topic: inconsistent speeds across mulitple hops [SOLVED]
Replies: 3
Views: 384

inconsistent speeds across mulitple hops [SOLVED]

Dear Sirs, We have a MIK RB1100x edge router connected to a Spectrum 200Meg light fiber to the net, pulling an average 150 megs at the time this test was done. From the edge router we have a 2 hop ubi wireless link to a remote end customer on an ubi bridge. The wireless link itself is capable of at ...
by homerwsmith
Sun Jan 13, 2019 8:19 am
Forum: Forwarding Protocols
Topic: OSPF and default routes. [SOLVED]
Replies: 3
Views: 691

OSPF and default routes. [SOLVED]

We have a 4 router network that looks like a baseball diamond, with a router at home (R0), first (R1), second (R2) and third (R3) bases. They are connected as a single area0. There are no cross connections across the diamond. The internet is connected to the outward facing interface on R0 at home ba...
by homerwsmith
Sun Dec 02, 2018 4:04 am
Forum: General
Topic: How are hardware ports associated with names
Replies: 5
Views: 617

How are hardware ports associated with names

Running older RB 1100 with 6.43 How exactly are interface 'names' associated with hard port numbers? If I do not know what hard port number an interface names is assigned to, how do I find out.? The RB1100 has 13 ports and one bridge. Why does a simple snmpwalk -c public mikname show 14 interfaces n...
by homerwsmith
Sun Dec 02, 2018 3:33 am
Forum: General
Topic: Auto mating ssh key installs [SOLVED]
Replies: 2
Views: 606

Re: Auto mating ssh key installs [SOLVED]

Thanks Homer
by homerwsmith
Tue Nov 20, 2018 1:43 am
Forum: General
Topic: Auto mating ssh key installs [SOLVED]
Replies: 2
Views: 606

Auto mating ssh key installs [SOLVED]

I have one MT RB1100x 6.43 and two linux boxes A and B running CentOS and SSH Both linux boxes have /root/.ssh/id_rsa and id_rsa.pub created with ssh_keygen -b 2048 -t rsa From linux box A I have a perl script that installs the public key only into the MT with 1.) ncftpput MT -u username -p password...
by homerwsmith
Thu Nov 15, 2018 8:48 pm
Forum: Beginner Basics
Topic: Double port forwarding [SOLVED]
Replies: 5
Views: 600

Re: Double port forwarding [SOLVED]

thank you for responding and trying to understand my complicated post.

The DSL modem is a router, and is already doing the first player of port forwarding to the WLAN of the MT port 3389 I believe.

Homer
by homerwsmith
Thu Nov 15, 2018 5:23 am
Forum: Beginner Basics
Topic: Double port forwarding [SOLVED]
Replies: 5
Views: 600

Double port forwarding [SOLVED]

I am a newbie, but I understand the basics. Customer has Verizon DSL modem -> Netgear Router with RDC port forwarding from 3391 to 3389 on Windows server. DSL modem is at 129..x..x..x and hands out DHCP subnet to Netgear Router, 192.168.1.0/30 Thus the Netgear is at 192.168.1.2. The Netgear in turn ...
by homerwsmith
Thu Oct 11, 2018 7:14 am
Forum: General
Topic: High Ping Times across default gateway. [SOLVED]
Replies: 1
Views: 305

Re: High Ping Times across default gateway. [SOLVED]

Most of our outgoing traffic is natted at our WAN port on a Mikrotik RB1100 etc. During prime time netflix watching period the router is pulling 130 megs and running at 40 percent cpu. Doing pings from inside our network to outside, we are getting a 300 percent ping time return from our default gate...
by homerwsmith
Fri Oct 05, 2018 10:51 pm
Forum: General
Topic: Ping Loss at line 9
Replies: 6
Views: 596

Re: Ping Loss at line 9

Thank you for your reply. However you say that data flows much faster through them than in them, does this include pings that are passed through the routers to later routers but with higher latencies that persist to the end of the traceroute. Are real packets suffering the same latency? Gamers are s...
by homerwsmith
Fri Oct 05, 2018 3:55 am
Forum: General
Topic: Ping Loss at line 9
Replies: 6
Views: 596

Ping Loss at line 9

What does the 50 percent ping loss indicate on line 9 of the attached. Notice there is no ping loss AFTER line 9, so it is only dropping pings TO the router, is that right? Notice however the increase in ping times, which DO continue to further lines of the display, this indicates the router is slow...
by homerwsmith
Thu Oct 04, 2018 4:39 am
Forum: General
Topic: High Ping Times across default gateway. [SOLVED]
Replies: 1
Views: 305

High Ping Times across default gateway. [SOLVED]

Dear Gentle Folk, We have a Spectrum light fiber 200 megabit link from 184.74.74.251 on our end to our default gateway at 184.74.74.249. The edge router is a mik RB1100 AHx2 pulling 130 Mbps at 8:00pm netflix time every night. This is a wireless network, connected to two other identical miks out in ...
by homerwsmith
Sat Feb 24, 2018 11:50 pm
Forum: Beginner Basics
Topic: IP on Bridge not pingable [SOLVED]
Replies: 7
Views: 701

IP on Bridge not pingable [SOLVED]

Not a beginner but obviously too stupid to continue... I have a 951-2n running 6.4x. 1.) I cleared the configuration at start up. 2.) I created bridge1 and added all ports to it. 3.) I assigned 192.168.1.127 to the bridge1 4.) I plugged in the mik to my 192.168.1.0/24 network 5.) I can not arping no...
by homerwsmith
Mon Jan 08, 2018 4:26 am
Forum: General
Topic: Bandwidth loss from internet to wireless
Replies: 7
Views: 732

Re: Bandwidth loss from internet to wireless

Yes thanks, your point is well understood. The point is that the physical upstream has a certain amount of bandwidth available, not much but maybe 20 megs, if I use a hard wire connection to the core router. But over the wireless link to the core router only about 5 megs is available. Thus those doi...
by homerwsmith
Mon Jan 08, 2018 4:22 am
Forum: General
Topic: Configuration ether1 -> switch port1 -> RB port1
Replies: 0
Views: 205

Configuration ether1 -> switch port1 -> RB port1

Where exactly in the configuration is the connection between 1.) ether name=etherA 2.) default-name=etherB 3.) Switchport C 4.) RB box port D made? I persently have an RB1100X2 where the connections are hopelessly scrambled. What shows as name=ether1 is really default-name=7 but ends up as physical ...
by homerwsmith
Sat Jan 06, 2018 11:23 pm
Forum: General
Topic: Bandwidth loss from internet to wireless
Replies: 7
Views: 732

Re: Bandwidth loss from internet to wireless

Sorry what is a device watch? Please be patient with me, I am somewhat of a beginner at this.

And thanks for answering1

Homer
by homerwsmith
Sat Jan 06, 2018 11:21 pm
Forum: Forwarding Protocols
Topic: OSPF DEFAULT ROUTES
Replies: 3
Views: 567

OSPF DEFAULT ROUTES

Have one mikrotik that is fed by two different incoming interfaces that both ultimately go back to the net. One interface has the default route on it to its neighboring mik. How I get packets coming in the second interface to go back out the second interface also. Do I have to aggregate the second s...
by homerwsmith
Sat Dec 30, 2017 5:07 am
Forum: General
Topic: HOTSPOT PORTAL SERVER
Replies: 0
Views: 233

HOTSPOT PORTAL SERVER

We have need of a simple portal screen server for our WISP customers. It does not need to take usernames or passwords, it only needs to present a web page at times of our choice providing information and links to the end customer, and provide links to quit and go back to normal traffic. There are ab...
by homerwsmith
Tue Oct 03, 2017 10:18 pm
Forum: General
Topic: Bandwidth loss from internet to wireless
Replies: 7
Views: 732

Bandwidth loss from internet to wireless

We have a 100 meg light fibert from spectrum to our core mikrotik. From the core we have a wireless link out into the boonies, using Ubiquity Rocket M's. Internet -> core -> AP -> SM Speed tests from SM to core show 20 megs Speed tests from core to fast.com show 20 megs Speedtests from SM to fast.co...
by homerwsmith
Sun Sep 24, 2017 11:59 pm
Forum: General
Topic: PCQ QUEUES
Replies: 0
Views: 346

PCQ QUEUES

I have read and implemented the documentation on pcq queuing, with 3 levels of service, premium, business and residential. A question, suppose I were to impliment TWO levels only, level 1 and level 2, but make both identical in all respects except the IP subnets assigned to each one, and the order i...
by homerwsmith
Tue Sep 19, 2017 10:07 am
Forum: General
Topic: multi fifo queues
Replies: 0
Views: 348

multi fifo queues

Running a core router rb1100Ah2x at about 100 megabits prime time download, 20 megs up. This router does nat and connection tracking. Its connected to another identical router that does not do nat. There is a bonded link between the first router and the second over two 100 megabit ethernets. Does it...
by homerwsmith
Tue Aug 29, 2017 8:28 am
Forum: General
Topic: ARP Timeout
Replies: 19
Views: 7941

Re: ARP Timeout

I don't know if this has been solved, I had a some what similar problem. We have a static subnet 64.57.184.0/24 on lan bridge1 of a RB1100AHx2 with 64.57.184.1/24 on the interface of the router meant to be the default gateway for other machines on the same lan. In the arp table all entries of the su...
by homerwsmith
Mon Aug 28, 2017 10:41 pm
Forum: General
Topic: Feature request: Web based speed test server
Replies: 5
Views: 1235

Re: Feature request: Web based speed test server

Could you please post pointers to a solution or many solutions that are available for free local speedtest servers

Thanks Homer
by homerwsmith
Mon Aug 28, 2017 11:10 am
Forum: General
Topic: HELP packets to non existent IP's are sent!
Replies: 0
Views: 377

HELP packets to non existent IP's are sent!

Running RB1100AHx2 6.40.x When I set core router to ping a non existent IP on our inner lan network, it sends the ping! Shouldn't it issue the arp request, fail to get an answer and then not send it? IP ARP shows mac of 00:00:00:00:00:00 for that address which is correct. Packet sniffer picks up the...
by homerwsmith
Tue Aug 15, 2017 10:20 am
Forum: General
Topic: When are packets queued and when are they just sent.
Replies: 0
Views: 321

When are packets queued and when are they just sent.

Given a single simple queue, and packets coming into the router slower than the router can deliver them to the target, is the packet queued and then dequeued, or is it simply sent on without being queued? For example, if I have a very slow upstream of 1 meg, and a very fast downstream of 100 megs, a...
by homerwsmith
Tue Aug 15, 2017 10:02 am
Forum: General
Topic: Bandwidth distribution w/ individual queue graphs
Replies: 16
Views: 27345

Re: Bandwidth distribution w/ individual queue graphs

I know this is old, but perhaps I can add to some understanding here. It is important to know how queues work. The concept of 'fair queing' needs to be clarified to the way it is carried out, because how it is carried out is all you get out of it. ;) The real problem is not that one download will sw...
by homerwsmith
Tue Aug 15, 2017 12:44 am
Forum: General
Topic: Feature request: Web based speed test server
Replies: 5
Views: 1235

Feature request: Web based speed test server

Wanna be destructive?. Help put these speedtest scammers out of business! There should be a simple web page interface for anyone to connect to any mik and do a speed test from themselves to that mik. Intensely useful for customers to check their own local loops back to our core router. Homer
by homerwsmith
Mon Aug 14, 2017 11:47 pm
Forum: General
Topic: SIMPLE QUEUES NOT WORKING PROPERLY
Replies: 4
Views: 4256

Re: SIMPLE QUEUES NOT WORKING PROPERLY

Thank you I watched the whole thing, very interesting, however it did not approach our immediate problem. We are not using fasttrack nor masquerade. We have two linux routers on our internal network that have a single tik in between them that has the queue with a target address of the most remote li...
by homerwsmith
Mon Aug 14, 2017 11:03 pm
Forum: General
Topic: Open Source Speedtest Server
Replies: 2
Views: 908

Re: Open Source Speedtest Server

A gentleman and a scholar you are.

Homer
by homerwsmith
Mon Aug 14, 2017 12:46 am
Forum: General
Topic: Open Source Speedtest Server
Replies: 2
Views: 908

Open Source Speedtest Server

We deployed 5 or 6 copies of speedtest.net mini around our network so our customers could check their local loops. This is suddenly no longer free and quite expensive. Can someone please recommend to me a free speed test server that I can use on our network to run on Linux boxes? Thanks in advance, ...
by homerwsmith
Mon Aug 14, 2017 12:28 am
Forum: General
Topic: SIMPLE QUEUES NOT WORKING PROPERLY
Replies: 4
Views: 4256

SIMPLE QUEUES NOT WORKING PROPERLY

Dear Gentle Folk, Running 6.4x.x on RB1100AHx2 I created two simple queues with target destination being a linux ftp server out on our network. The first queue numbered 1, was left totally vanilla, meaning no changes were made to its default settings, in particular up and download speeds are set to ...
by homerwsmith
Fri Jul 21, 2017 6:26 am
Forum: General
Topic: Order of traffic flow through a stack of simple queues
Replies: 4
Views: 643

Re: Order of traffic flow through a stack of simple queues

Yes sorry, of course, the /24 was a typo. Its actually entered as 10.16.31.54/32 and shows as 10.16.31.54.

When set to unlimited/unlimited the queue is ignored and that Ip passes to the second queue at 5 x 1.5

When first queue is set to something finite, it works as expected.

Homer
by homerwsmith
Thu Jul 20, 2017 3:08 am
Forum: General
Topic: Order of traffic flow through a stack of simple queues
Replies: 4
Views: 643

Re: Order of traffic flow through a stack of simple queues

Thank you for your reply. I have two simple queues. First queue is for a single IP 10.16.31.54/24, set to unlimited/unlimited The second queue is a standard PCQ setup for residential download, target is 10.16.31.0/24, set to 5M/1.5M. Notice 10.16.31.0/24 includes 10.16.31.54. When I do a direct ftp ...
by homerwsmith
Wed Jul 19, 2017 1:11 am
Forum: General
Topic: Order of traffic flow through a stack of simple queues
Replies: 4
Views: 643

Order of traffic flow through a stack of simple queues

Say you have defined 10 simple queues with same priority. Does traffic flow into each queue in the order the are presented in the queue window? Or is it random like a hash? If a queue applies to some particular traffic, does that traffic then get handled there, sent out, and then does NOT flow throu...
by homerwsmith
Wed Jul 19, 2017 1:07 am
Forum: General
Topic: PCQ and borrowing bandwidth
Replies: 1
Views: 625

PCQ and borrowing bandwidth

Say you have 200 students on a router with 100 megs coming in. Assume each student alone can use the entire pipe if no one else is using it. You want each student to have as much bandwidth as they can use, HOWEVER when the pipe is full, you want no student able to use more than his fair share, meani...
by homerwsmith
Wed Jul 19, 2017 12:57 am
Forum: General
Topic: Queues, qdiscs, classes and filters
Replies: 1
Views: 234

PCQ and unallocated bandwidth

What happens to unallocated bandwidth when using PCQ to fairshare bandwidth associated with various subnets? Say router has two sets of cusomers on two different subnets, 10.0.0.0/24 and 10.0.1.0/24 Those on 10.0.1.0/24 you want to PCQ to a limit of 5x1 each. No guaranteed bandwidth, but yes a guara...
by homerwsmith
Wed Jul 19, 2017 12:53 am
Forum: General
Topic: Queues, qdiscs, classes and filters
Replies: 1
Views: 234

Queues, qdiscs, classes and filters

Very familiar with linux tc, new to mikrotik queues. Under what conditions is it necessary to specify the size of the incoming pipe so that the queuing system 'grabs' the queue from the upstream? I understand that certain qdiscs only kick in when the pipe is full otherwise there is no need for the s...
by homerwsmith
Tue Jul 18, 2017 11:07 pm
Forum: General
Topic: SNMP ifDescription.1 different than ifIndex.1
Replies: 2
Views: 660

Re: SNMP ifDescription.1 different than ifIndex.1

Thank you for your reply. Yes all of our snmp is home brew, but I appreciate the pointer.

Parsing the table is no big deal, I just have never had to do it before and all our software assumes a non
scrambled association between description and interface.

Homer
by homerwsmith
Sun Jul 16, 2017 11:34 pm
Forum: General
Topic: SNMP ifDescription.1 different than ifIndex.1
Replies: 2
Views: 660

SNMP ifDescription.1 different than ifIndex.1

Running RB1000 and RB1000 AHx2 We use SNMP to read and record ifInOctects and ifOutOctets across all interfaces every 5 minutes. The ifIndexes run from 1 to 15 which corresponds to the ethernet names of the physical ports. But the ifDescriptions are scrambled, for example IfDescriptiion.9 = ether1. ...
by homerwsmith
Fri Jul 14, 2017 10:48 pm
Forum: General
Topic: Will PCQ save me?
Replies: 2
Views: 452

Re: Will PCQ save me?

You are a gentleman and a scholar, will read it immediately.

Homer
by homerwsmith
Fri Jul 14, 2017 8:14 am
Forum: General
Topic: Will PCQ save me?
Replies: 2
Views: 452

Will PCQ save me?

Need a quick orientation here. Our 100 meg upstream pipe is full, we serve a few hundred boonie customers who all want to watch TV at 9pm sharp. The network is complex, and long and daisey chained and those at the end of the chain seem to be getting less bandwidth per person than those nearer our co...
by homerwsmith
Sat Jun 03, 2017 11:43 am
Forum: Forwarding Protocols
Topic: OSPF Multiple dynamic interfaces on same ether port
Replies: 1
Views: 256

OSPF Multiple dynamic interfaces on same ether port

Why can't I post an image, gives me http error. Are their constraints to kind or size of image? Using print screen and PAINT Anyhow have a ring network of miks, a number of them show multiple dynamic interfaces with 0 adjancency on the same ether port, even though there is already one non dynamic in...
by homerwsmith
Sat Jun 03, 2017 11:22 am
Forum: General
Topic: DHCP logs - how to turn them off or redirect them elsewhere
Replies: 2
Views: 401

Re: DHCP logs - how to turn them off or redirect them elsewhere

Yes thank, you finally understand that the topics has a ! in the qui.

Sorry to have bothered.

Homer
by homerwsmith
Wed Apr 26, 2017 8:48 pm
Forum: General
Topic: DHCP logs - how to turn them off or redirect them elsewhere
Replies: 2
Views: 401

DHCP logs - how to turn them off or redirect them elsewhere

The endless chatter engendered by dhcp IP's coming and going is filling up otherwise critical logs making it hard to spot the real things that need spotting, and running the logs off the end. Presently I have dhcp logs set up to go remote where they are useful, but they still show up in info where t...
by homerwsmith
Wed Apr 26, 2017 8:40 pm
Forum: Forwarding Protocols
Topic: PING record route
Replies: 2
Views: 621

Re: PING record route RESOLVED

This problem has been resolved. If use ip-firewalls is set to yes in the bridge menu, ping -R packets will be dropped and not sent on and not replied to, even if the pinging host is pinging the mik directly. Once use-ip-firewalls is turned off and fast bridging is allowed again, ping -R works brilli...
by homerwsmith
Fri Apr 14, 2017 1:19 pm
Forum: Forwarding Protocols
Topic: OSPF star network
Replies: 5
Views: 1030

Re: OSPF star network

Homer 1) Don't redistribute into OSPF unless you absolutely have no choice. It creates external routes and breaks the area boundaries of OSPF. Use network statements instead. . I am not sure what 'redistribute INTO OSPF' means in this context. Say I have two routers connected by a single link, both...
by homerwsmith
Fri Apr 14, 2017 1:08 pm
Forum: Forwarding Protocols
Topic: OSPF star network
Replies: 5
Views: 1030

Re: OSPF star network

OSPF should handle what you described. The exception would be the best practice of using the most specific network statements possible and to make all interfaces passive in the routing process by default and then making passive=yes on the interface you want OSPF to communicate on. I am sorry this l...
by homerwsmith
Fri Apr 14, 2017 12:36 pm
Forum: Forwarding Protocols
Topic: OSPF star network
Replies: 5
Views: 1030

Re: OSPF star network

OSPF should handle what you described. The exception would be the best practice of using the most specific network statements possible and to make all interfaces passive in the routing process by default and then making passive=yes on the interface you want OSPF to communicate on. The multiple IPs ...
by homerwsmith
Tue Apr 11, 2017 7:17 pm
Forum: Forwarding Protocols
Topic: OSPF star network
Replies: 5
Views: 1030

OSPF star network

Assume we have three routers. 1.) Each router has two interfaces, one inward facing and one out ward facing. 2.) All the inward facing interfaces connect to a single switch forming a basic star nework. 3.) All machines are running one instance of ospf. 4.) There are multiple different and unique sub...
by homerwsmith
Mon Apr 10, 2017 4:23 pm
Forum: Forwarding Protocols
Topic: PING record route
Replies: 2
Views: 621

PING record route

Dear Gentle folk, We are quite bright, but Mikrotic routers are brighter than we:) Trying to understand why ping -R doesn't work properly. ping works properly between all machines in my local network over which I have total control. ping -R only works between some. I have the following. romance and ...
by homerwsmith
Mon Apr 10, 2017 10:47 am
Forum: Forwarding Protocols
Topic: OSPF confusion
Replies: 4
Views: 715

Re: OSPF confusion

Thank you for your answer. I have solved the problem by using 0.0.0.0/0 as the network statement for all the routers in the baseball diamond. Apparently witth this setup static routes redirecting traffic do not confuse OSPF and the change over happens instantaneously and second base does not show tw...
by homerwsmith
Sat Apr 08, 2017 11:31 am
Forum: Forwarding Protocols
Topic: OSPF confusion
Replies: 4
Views: 715

OSPF confusion

Running 5 RB1100x's 6.38.3 4 routers are in a baseball shaped diamond consisting of one router at each of home, first, second, and third bases. Internet is connected to home, home is connected to third and first, and third and first are connected to second, all by PTP wireless links. A 5th router is...
by homerwsmith
Wed Apr 05, 2017 10:30 am
Forum: General
Topic: Bonding not splitting
Replies: 0
Views: 217

Bonding not splitting

Yep, turn on layer 2 and 3 on each end bonding setup. Layer 2 alone won't do what you expect as all the packets come from the same MAC address on the remote end :) Homer Hi I am prolly too stupid to own a computer... Running RB1000AHX2 6.38.x I have an internet connection that comes into my core rou...
by homerwsmith
Mon Apr 03, 2017 11:38 am
Forum: Forwarding Protocols
Topic: OSFP route types
Replies: 1
Views: 366

OSFP route types

My eyes are crossed from reading, please have mercy, I am trying... In my various routers, all in area 0.0.0.0, routes are listed as either intraarea imported ext 1 ext 2 Can someone point me to RTFM or give me a quick easy summary as to 1.) What these mean and/or 2.) Why my many subnets on each rou...
by homerwsmith
Mon Apr 03, 2017 11:29 am
Forum: Forwarding Protocols
Topic: OSPF Network statement
Replies: 2
Views: 442

OSPF Network statement

I am sorry... Running 5 RB1100ahx2 connected in a diamond shaped network, home plate, first, second and third base plus leaf sites off each plate. Packets travel around the diamond , but not across it. Everything is in area 0.0.0.0. Each router interface has many subnets on it, and usually those sub...
by homerwsmith
Thu Feb 16, 2017 6:01 am
Forum: Forwarding Protocols
Topic: Firewalling rule won't work.
Replies: 1
Views: 351

Firewalling rule won't work.

Running 5.x on RB751U-2HnD All 5 ports are bridged into bridge 1. Port 4 is uplink to internet. Port 1 is down feed to end customer at 10.16.31.130 Wanted to block temporarily all traffic from 10.16.31.130 to internet. I added rule to FORWARD chain firewall rule to block src 10.16.31.130 -jump DROP,...
by homerwsmith
Mon Feb 13, 2017 10:54 pm
Forum: General
Topic: Blocking access to speedtest sites.
Replies: 11
Views: 2887

Re: Blocking access to speedtest sites.

I believe we already have a web SERVER in the mikrotic, what we need is a web BROWSER, really badly.

Homer
by homerwsmith
Mon Feb 13, 2017 10:46 pm
Forum: Beginner Basics
Topic: Master Slave again.
Replies: 3
Views: 865

Re: Master Slave again.

Thanks for the clarification, you are making a distinction between 'the RouterOS' and the hardware it runs on.

Being a dummy, that was not at all clear :)

Homer
by homerwsmith
Mon Feb 13, 2017 10:43 pm
Forum: Forwarding Protocols
Topic: Simple Load Balancing, two routes with equal cost
Replies: 3
Views: 1731

Re: Simple Load Balancing, two routes with equal cost

Thank you for your response, I have and will again check out the link. The issue I believe it not load balancing per se, but simply whether OSPF will round robin the packets or connections across the two equal cost links. I take it from your answer that it will. What I don't understand is how the de...
by homerwsmith
Mon Feb 13, 2017 10:35 pm
Forum: General
Topic: Speedtest firewalling and redirecting
Replies: 15
Views: 7107

Re: Speedtest firewalling and redirecting

I know this is old but it is still important to me. I can't guarantee what I can't conttrol. AFAIK Bandwidth is always measured and offered from point A, the customer's home, to point B, perhaps the ISP's border router. One can not promise speeds from customers to the 'internet' because the internet...
by homerwsmith
Mon Feb 13, 2017 9:21 am
Forum: Forwarding Protocols
Topic: Need Help and Direction on OSPF
Replies: 1
Views: 398

Need Help and Direction on OSPF

Dear Folks, We have a simple base ball diamond shaped network, with routers at home, first, second and third bases. The internet is connected to home, and home connects to first and to third, and then finally both first and third connect to second. Each base then has a simple star shape network that...
by homerwsmith
Tue Dec 20, 2016 10:07 am
Forum: General
Topic: Gigabit ethernet
Replies: 5
Views: 839

Re: Gigabit ethernet

Thanks for responding so fast. Please try to take the problem at its face value, solutions to the problem may come later. The wire is a tad too long for gigabit ethernet through a difficult forest, a handhelp TDR ethernet tester says its good to 800Mpbs. The wire needs to carry more than 100 Mbps bu...
by homerwsmith
Tue Dec 20, 2016 2:21 am
Forum: General
Topic: Gigabit ethernet
Replies: 5
Views: 839

Gigabit ethernet

If two mikrotiks are connected port to port with an ethernet run that tests out to 800Mbps but not 1000,
will they connection at 100, 800 or 1000 but provide only 800?

Thanks Homer, CEO Lightlink Internet.
by homerwsmith
Sat Dec 17, 2016 3:41 am
Forum: General
Topic: VPN QOS
Replies: 0
Views: 362

VPN QOS

Dear Gentle Folk, Historically we have found that VPN's are highly sensitive to latency and packet drops which are more of a problem on wireless connections than wired connections. As a wisp we have a number of higher end customers that want their vpn's to work better although its a bitch trying to ...
by homerwsmith
Wed Nov 30, 2016 9:21 am
Forum: General
Topic: Speedtest firewalling and redirecting
Replies: 15
Views: 7107

Speedtest firewalling and redirecting

HI Folks, This is a highly sensitive subject, so please try to help if you can independent of your views on the matter. I wish to redirect speedtest.net to a local speedtest at our noc. We are a small WISP with a 100meg Time Warner light fiber line that we use to feed the boonies. We do not limit ho...
by homerwsmith
Fri Nov 18, 2016 8:35 am
Forum: Forwarding Protocols
Topic: Simple Load Balancing, two routes with equal cost
Replies: 3
Views: 1731

Simple Load Balancing, two routes with equal cost

If two routes have equal cost will OSFP automatically load balance across them? Imagine a diamond shaped network, and packets want to go from HOME base to SECOND BASE, but can go through either FIRST base or THIRD base both of which have the same cost. What will the outgoing packets do wanting to go...
by homerwsmith
Sat Nov 12, 2016 6:11 am
Forum: General
Topic: LOAD BALANCING BUT NOT TO GATEWAY
Replies: 0
Views: 249

LOAD BALANCING BUT NOT TO GATEWAY

I have a loop network made of mikrotiks and ubi's. It forms a baseball diamond, with home plate being my incoming core connection to the internet. First and third bases are two different ways to get to second base. Second base thus has two incoming ports plus a third outgoing port to various custome...
by homerwsmith
Sat Nov 12, 2016 6:00 am
Forum: General
Topic: IPTABLES -> Mikrotik firewall
Replies: 2
Views: 1525

Re: IPTABLES -> Mikrotik firewall

Yes, I am sorry, I read the wiki, it was clear. Not used to being able to just create a chain by using it.

I apologize in dust and ashes. How do I cancel a post :)

Homer
by homerwsmith
Sat Nov 12, 2016 3:32 am
Forum: General
Topic: IPTABLES -> Mikrotik firewall
Replies: 2
Views: 1525

IPTABLES -> Mikrotik firewall

Dear Gentle Folk, I am relatively skilled at iptables, but not so much with mikrotik. I am replacing our linux core router with an RB1100 and need to move the firewall rules over. One of the key rules simply blocks all DNS requests to port 53 from anywhere to anything except our proper DNS servers, ...
by homerwsmith
Wed Nov 09, 2016 5:43 am
Forum: Beginner Basics
Topic: Interfaces out of order!
Replies: 5
Views: 647

Re: Interfaces out of order!

Thank you all for your answers. I find however the situation to be difficult in a real world scenario. We have a number of RB1100's out in the wild, installed at various time that are left to run until they fail. General policy is not to fix what ain't broke, and so we do not upgrade as upgrades are...
by homerwsmith
Wed Nov 09, 2016 5:32 am
Forum: Beginner Basics
Topic: Master Slave again.
Replies: 3
Views: 865

Master Slave again.

Dear Folks, From the wiki: A 'master' port will be the port through which the RouterOS will communicate to all ports in the group. Interfaces for which the 'master' port is specified become inactive - no traffic is received on them and no traffic can be sent out. I am sorry but this statement from t...
by homerwsmith
Thu Nov 03, 2016 9:04 am
Forum: Beginner Basics
Topic: Interfaces out of order!
Replies: 5
Views: 647

Interfaces out of order!

What is the relationship between a hard port like ether1 on the front of the 1100RB and the ether name in the show interfaces button in winbox. Normally I plug a wire into etherX on the front of the box, and etherX shows it is running in the display. Today I uploaded a slighly older backup from anot...
by homerwsmith
Thu Oct 13, 2016 5:52 am
Forum: General
Topic: Blocking access to speedtest sites.
Replies: 11
Views: 2887

Blocking access to speedtest sites.

Dear Gentle Folks, Can the mikrotic help me block access to remote speedtest sites? When things get slow at 9pm, a lot of users start hitting the speed test sites which makes things slower. We have local speedtest sites on our network so they don't have to use an off net work site and just make thin...
by homerwsmith
Fri Dec 18, 2015 4:34 am
Forum: Beginner Basics
Topic: QUEUES TO GUARANTEE BANDWIDTH
Replies: 5
Views: 4951

Re: QUEUES TO GUARANTEE BANDWIDTH

Thank you both for your time and efforts. Is there a white paper that describes queuing more clearly than the linux bandwidth control how to? I am trying to convert what you have said into 'linux think'. I guess my basic problem is a confusion between. 1.) Guaranteeing they won't get more than 5, i....
by homerwsmith
Thu Dec 17, 2015 11:48 pm
Forum: Beginner Basics
Topic: Where do I put the IP, on the ethernet port or the bridge.
Replies: 6
Views: 878

Re: Where do I put the IP, on the ethernet port or the bridge.

Ah that explains a lot! Thanks.

Homer
by homerwsmith
Thu Dec 17, 2015 11:46 pm
Forum: Beginner Basics
Topic: QUEUES TO GUARANTEE BANDWIDTH
Replies: 5
Views: 4951

QUEUES TO GUARANTEE BANDWIDTH

Dear Gentle Folk, I am relatively familiar with linux queues but have never fully understood the following. I understand well how to create queues that limit the size of pipes going to end customers, but I don't understand how to create a pipe that will guarantee bandwidth. For example, I have two c...
by homerwsmith
Thu Dec 17, 2015 10:49 pm
Forum: Beginner Basics
Topic: Where do I put the IP, on the ethernet port or the bridge.
Replies: 6
Views: 878

Re: Where do I put the IP, on the ethernet port or the bridge.

Thank you for your reply, I actually understood it.

Can you clarify the difference between a 'soft bridge', and a 'bridge group' with one
interface as master and the others as slave?

This is in the manual right?

Thanks for your time.

Homer
by homerwsmith
Sun Nov 01, 2015 7:36 am
Forum: Beginner Basics
Topic: Where do I put the IP, on the ethernet port or the bridge.
Replies: 6
Views: 878

Re: Where do I put the IP, on the ethernet port or the bridge.

Case in point.

Router has ports 1 and 2 bridged into bridge1, with IP 10.16.31.37 on ether port 1.

arping for 10.16.31.39 which hangs off of ether1 shows no response from ether1, but does respond from the Bridge1.

What is the sense of this please?

Homer
by homerwsmith
Sun Nov 01, 2015 7:13 am
Forum: Beginner Basics
Topic: Where do I put the IP, on the ethernet port or the bridge.
Replies: 6
Views: 878

Where do I put the IP, on the ethernet port or the bridge.

Please point me to RTFM, I am sure this is an easy one, I have little experience with bridgable routers. Working with5 port mikrotik running 5.7 trygint to trace where packets are dying using torch etc. Each port has a different IP, except 1 and 2 which are bridged together as bridge1. What is the f...
by homerwsmith
Thu Oct 29, 2015 6:33 am
Forum: Forwarding Protocols
Topic: How to route route via two different links between common end points
Replies: 2
Views: 929

How to route route via two different links between common end points

Dear Gentle Folk, I am a newbie to ospf and its use over complicated loopy networks. Presently we have 5 sites connected via mikrotics and ubis as follows: FV -------------------------------------CH-----HT | ------- WV --------AX ---------------| What this says is that there are two routes from FV t...
by homerwsmith
Mon Oct 26, 2015 1:07 am
Forum: General
Topic: How to load balance across two different links.
Replies: 0
Views: 296

How to load balance across two different links.

Dear Gentle Folk, I am a newbie to ospf and its use over complicated loopy networks. Presently we have 5 sites connected via mikrotics and ubis as follows: FV -------------------------------------CH-----HT | ------- WV --------AX ---------------| What this says is that there are two routes from FV t...
by homerwsmith
Thu Jun 25, 2015 4:05 am
Forum: General
Topic: How to distinguish DHCP requests coming from different AP *BRIDGES*
Replies: 3
Views: 801

Re: How to distinguish DHCP requests coming from different AP *BRIDGES*

OK, I made an attempt which did not work. Got a simple linux router with eth1 and eth1.2 defined. eth1 192.168.1.1 eth1.2 192.168.2.1 Each interface has a DHCP specification for its subnet range, and this works fine using a dell swith with vlan2 on port 2 and a laptop, it gets 192.168.2.x. Now I hav...
by homerwsmith
Sun Jun 21, 2015 11:54 pm
Forum: General
Topic: How to distinguish DHCP requests coming from different AP *BRIDGES*
Replies: 3
Views: 801

How to distinguish DHCP requests coming from different AP *BRIDGES*

Dear Gentle Folk, I am sure this can't be done, but who knows... I have one mikrotik 750, it is connected on port 1 to a switch which is connected via switch ports 2 and 3 to two different ubiquiti AP's set to bridge mode. Clients connect to either AP and each makes a DHCP request to the mikrotik. H...
by homerwsmith
Thu Jun 18, 2015 7:03 am
Forum: General
Topic: How to traffic shape PER IP
Replies: 0
Views: 685

How to traffic shape PER IP

I am generally familiar with traffic control.

Is there an EASY way to limit every IP to a max of 5 megabits or something on a given interface.

I don't want to have to make a rule for every IP.

Thanks in advance,

Homer W. Smith
CEO Lightlink Internet
by homerwsmith
Sat Apr 18, 2015 3:38 am
Forum: Forwarding Protocols
Topic: OSPF MIKROTIK VS QUAGGA
Replies: 5
Views: 2258

Re: OSPF MIKROTIK VS QUAGGA

Thank you for your time and effort and clarity. [quote]Re: OSPF MIKROTIK VS QUAGGA by ZeroByte » Fri Feb 20, 2015 11:31 am If I understand the question correctly - your Mikrotik is advertising all of its routes, even ones that you did not specify. YES THIS IS TRUE, IT IS IN FACT DOING WHAT I WANT IT...
by homerwsmith
Sat Mar 28, 2015 2:03 am
Forum: Forwarding Protocols
Topic: OSPF across two possible routes
Replies: 2
Views: 698

OSPF across two possible routes

Dear Gentle Folk, Running 4 mikrotiks 6.27 as follows Mik A / \ Mik B MikC \ / Mik D | 10.16.28.1/24 All four are announcing OSPF to each other. Traffic to 10.16.28.0/24 comes from Mik A. I need to control whether the traffic goes through B or C. And I need to have a backup fail over from one to the...
by homerwsmith
Mon Feb 16, 2015 8:53 pm
Forum: Forwarding Protocols
Topic: OSPF MIKROTIK VS QUAGGA
Replies: 5
Views: 2258

OSPF MIKROTIK VS QUAGGA

Dear Folk, I wish to clarity a confusion I have about the network command in OSPF as the implementation in Quagga and MIkrotik seem to be very different. There are two issues that need to be handled by OSPF, 1.) The network subnet that the two routers will communicate with each other over port 89 to...
by homerwsmith
Mon Feb 16, 2015 8:40 pm
Forum: General
Topic: MIKROTIK -> VPN -> NETGEAR NAT ROUTER -> INTERNET -> VPN MIKROTIK
Replies: 1
Views: 665

MIKROTIK -> VPN -> NETGEAR NAT ROUTER -> INTERNET -> VPN MIKROTIK

Dear Gentle Folk, I wish to set up a central mikrotik vpn box with a static IP at our location, call it the concentrator because it will handle multiple different incoming VPNs Then I wish to add a remote client mikrotik to the inside lan of any standard random netgear/linksys/belkin or Time Warner ...
by homerwsmith
Mon Feb 16, 2015 8:26 pm
Forum: General
Topic: MIK 5.6 DHCP REMOTE SYSLOG
Replies: 3
Views: 655

Re: MIK 5.6 DHCP REMOTE SYSLOG

This is very interesting, but above my understanding. I understand scripting, and I understand scripts could put out a log of my own design, but how do I connect the script to the DHCP server on the tik to trigger my script when a DHCP lease comes in? Thanks in advance, Homer W Smith CEO Lightlink I...
by homerwsmith
Fri Feb 06, 2015 8:17 pm
Forum: General
Topic: MIK 5.6 DHCP REMOTE SYSLOG
Replies: 3
Views: 655

MIK 5.6 DHCP REMOTE SYSLOG

Dear Gentle Folk, I need a genius to help me with this one. We have a system of hotspots in ithaca controlled by a portal server written in perl and hosted on a linux box. Multiple different routers with wireless clients behind them such as AP's, mikrotiks, and other linux boxes etc, hand out DHCP t...
by homerwsmith
Sun Aug 10, 2014 12:16 am
Forum: RouterBOARD hardware
Topic: RB1100 Ethernet lights
Replies: 0
Views: 464

RB1100 Ethernet lights

What do the ethernet lights on each port mean on the RB1100. On a number of RB1100's the yellow light is on and the green is off, even though the connection to my laptop is the same with both lights on. This is on left bank of ports, the right bank shows both lights. Thanks, pointer to manual would ...
by homerwsmith
Wed Jul 02, 2014 4:49 am
Forum: General
Topic: TORCH CONFUSION
Replies: 10
Views: 4412

Re: TORCH CONFUSION

[the destination IP is assigned to your router (or is an IP matching a destination in your "/ip route" list), the router will actually handle the packet, rather than just ignore it. If it ends up replying, it will send reply packet back to the remote device. The reply packet is seen in torch as SRC ...
by homerwsmith
Sun Jun 22, 2014 4:28 am
Forum: General
Topic: TORCH CONFUSION
Replies: 10
Views: 4412

Re: TORCH CONFUSION

[quote="boen_robot"]Both term pairs are from the interface's point of view. The more confusing part is that you have packets that a router receives, as well as packets that the router sends, and "an interface's point of view" includes packets regardless of their direction, so long as their are withi...
by homerwsmith
Sun Jun 22, 2014 2:54 am
Forum: General
Topic: HELP! DNS worm destroying our routers.
Replies: 4
Views: 1375

Re: HELP! DNS worm destroying our routers.

Dear Folks, Here is more on the DNS war and the use of DNAT to direct all port 53 to a known good DNS source. Tik A <- Tik B <- Internet Tik A has 5 ports, port 1 goes to Tik B which is default gateway The other 4 ports are customer ports. There is an uncountable number of DNS requests coming from t...
by homerwsmith
Sun Jun 22, 2014 2:42 am
Forum: General
Topic: TORCH CONFUSION
Replies: 10
Views: 4412

Re: TORCH CONFUSION

OK, after many years of being confused by Torch, here is my analysis. Torching any particular interface, the SRC address is src address of incoming packets to the interface as is the Receive bytes. The DST address is the src address for outgoing bytes as is the TX bytes. SRC and DST seem backwards. ...
by homerwsmith
Sun Jun 22, 2014 2:37 am
Forum: General
Topic: Masquerade and SRC-NAT basics
Replies: 2
Views: 1591

Re: Masquerade and SRC-NAT basics

Yes, thanks

You get a karma point.
by homerwsmith
Sat Jun 21, 2014 8:16 pm
Forum: General
Topic: Masquerade and SRC-NAT basics
Replies: 2
Views: 1591

Masquerade and SRC-NAT basics

Dear Folk, I need some clarification on how masquerade and snat work. If I have a tik with 5 non bridged ether ports and different subnets on each port, and I create a single firewall rule SNAT action=masquerade, that will masquerade all ports on the router with the IP that is on that port. Is that ...
by homerwsmith
Sat Jun 21, 2014 8:09 pm
Forum: General
Topic: HELP! OSPF session not staying up.
Replies: 4
Views: 829

Re: HELP! OSPF session not staying up.

Got it, thanks!

Homer
by homerwsmith
Sat Jun 21, 2014 5:35 am
Forum: General
Topic: HELP! OSPF session not staying up.
Replies: 4
Views: 829

Re: HELP! OSPF session not staying up.

Yes, exactly as you said, the nat is mucking up the OSPF. I have made sure the 10.255.249.0/29 is NOT natted. The two tiks now form two stable sessions, the errors go away and all is happy, and yes it has been wrong for ages and 'worked'. The Tiks are networked with two radios so the 209.150.235.120...
by homerwsmith
Fri Jun 20, 2014 9:25 pm
Forum: General
Topic: HELP! OSPF session not staying up.
Replies: 4
Views: 829

HELP! OSPF session not staying up.

Dear Folk, We are Tik A running 6.7 on RP 750 and Tik B running 6.10 on RB1100 Tik A/1 -> Tik B/12 -> Internet A/1 means ether port 1 on A etc. Tik A/1 Tik B/12 209.150.235.122/30 209.150.235.121/30 10.255.249.6/29 10.255.249.1/29 Both are running OSPF, both have both networks in their OSPF NETWORKS...
by homerwsmith
Fri Jun 20, 2014 9:11 pm
Forum: General
Topic: TORCH CONFUSION
Replies: 10
Views: 4412

TORCH CONFUSION

Dear Folk, When using torch on an interface, the RX and TX data are clearly relative to that interface and thus give you a proper direction of the packet travel. However the SRC and DST arrangement of the IP's in each connection seems arbitrary, confused irrelevant or all three. Can someone please c...
by homerwsmith
Fri Jun 20, 2014 9:04 pm
Forum: General
Topic: Masquerading and Source NAT
Replies: 0
Views: 547

Masquerading and Source NAT

Dear Folk, Running 6.7 on RB750 When TikA has two subnets on its interface and masquerading is is turned on for that interface, which subnet is used as the outgoing source masquerade address? TikA 209.150.235.122 Masquerades as ? 10.255.249.6 Second: If srcnat is not set to masquerade but is instead...
by homerwsmith
Fri Jun 20, 2014 8:55 pm
Forum: General
Topic: Preferred Source IP
Replies: 0
Views: 657

Preferred Source IP

Dear Folk, Two tiks are connected by two different subnets on the same ether port, and tik A originates a packet to the outside world via tik B, which subnet is on TikA is chosen for the source packet going from A to B? Tik A -> Tik B 209.150.235.122 209.150.235.121 -> Internet 10.255.249.6 10.255.2...
by homerwsmith
Fri Jun 20, 2014 4:56 am
Forum: General
Topic: HELP! DNS worm destroying our routers.
Replies: 4
Views: 1375

Re: HELP! DNS worm destroying our routers.

too brilliant... I do however wonder why mikrotik does not allow dropping packets in the DNAT rules, as standard linux iptables does. :) I also feel it would be a lot more intuitive and educational if the firewalling were arranged the way iptables is and the packet flow is, namely have tabs for prer...
by homerwsmith
Thu Jun 19, 2014 8:40 pm
Forum: General
Topic: HELP! DNS worm destroying our routers.
Replies: 4
Views: 1375

HELP! DNS worm destroying our routers.

Dear Folk, There is a DNS infection world wide that is spewing requests for non existent domains to random DNS servers around the world including many of our tiks in service. Here is the problem: Tik has 5 ports, ether1 facing the outside world, the other 4 facing our customers some of whom are also...
by homerwsmith
Mon Mar 24, 2014 3:21 am
Forum: Beginner Basics
Topic: routable tunnels across nat
Replies: 3
Views: 1652

Re: routable tunnels across nat

Thanks for the answer.

TIK -> NAT -> public OVPN/IPSEC server

So to confirm OVPN and IPSec can open a tunnel from a mikrotik
through a consumer grade linksys/netgear NAT router, to a public OVPN/IPSEC server?

Does the NAT router have to have ipsec passthrough set on?

Homer
by homerwsmith
Sun Mar 23, 2014 2:53 am
Forum: Beginner Basics
Topic: routable tunnels across nat
Replies: 3
Views: 1652

routable tunnels across nat

Dear Gentle Folk, I have a need to manage multiple tiks behind NAT, from a central server that is not behind NAT. The tiks would be in router mode, port 1 facing the outside world and 2,3,4,5 facing the tik's private lan. The tiks would have random outward facing IP's given to them by what ever NAT ...
by homerwsmith
Tue Dec 03, 2013 7:06 pm
Forum: General
Topic: JUMP TO DNAT FROM PREROUTING
Replies: 4
Views: 2272

Re: JUMP TO DNAT FROM PREROUTING

http://www.mikrotik.com/testdocs/ros/2.9/ip/flow.php OK, the above packet flow diagram shows that mangle exists under both prerouting and postrouting. How then do I create a rule under prerouting (where I wanted it in the first place) without using mangle to get to prerouting? I need a rule in prero...
by homerwsmith
Tue Dec 03, 2013 1:28 am
Forum: General
Topic: JUMP TO DNAT FROM PREROUTING
Replies: 4
Views: 2272

JUMP TO DNAT FROM PREROUTING

Dear sirs, I am trying to convert firewall rules from a working CentOS hotspot server (not related to Mikrotik's hotspots). I have many years of experience with firewall rules, linux and sys administration but clearly I am not as bright as I think I am. I am running a small RB750 in default setup, v...
by homerwsmith
Mon Sep 02, 2013 10:38 pm
Forum: Beginner Basics
Topic: OSPF DEFAULT ROUTE
Replies: 5
Views: 1050

Re: OSPF DEFAULT ROUTE

My question would be why do you need multiple default routes? Do you have more than one Internet exit point? If not, then one default is probably all you need and specifically advertise the other subnets and networks. A network drawing would be helpful in this case... OK, I am working for an ISP, t...
by homerwsmith
Mon Sep 02, 2013 12:32 am
Forum: Beginner Basics
Topic: OSPF DEFAULT ROUTE
Replies: 5
Views: 1050

OSPF DEFAULT ROUTE

How does OSPF pick its concept of a default route in a line of tiks, in particular when every interface has two or more subnets on it, both connecting to the tik next door. For example internet -> tik1 <-> tik2 209.150.1.1 209.150.1.2 10.150.1.1 10.150.1.2 The default route of tik2 can be 209.150.1....
by homerwsmith
Mon Sep 02, 2013 12:25 am
Forum: Beginner Basics
Topic: TORCH: Src and Dst
Replies: 0
Views: 568

TORCH: Src and Dst

This is probably a FAQ :) Torch seems to want to show a connection between 2 IP's, and the Rx and Tx for each interface the connection is running on. For example the tik upstream is on ether1 and I am on ether2 with a private 192.168.1.2. ftp to rahul.net, doing a download to me from rahul.net, show...
by homerwsmith
Sat Sep 08, 2012 6:51 pm
Forum: General
Topic: DHCRELAY OVER IPIP/GRE TUNNELS
Replies: 0
Views: 444

DHCRELAY OVER IPIP/GRE TUNNELS

Using linux, we have found that dhcrelay does not work across ipip tunnels. The client requests go out fine across the tunnel, but the answers that come back across the tunnel are not picked up by the isc dhcrelay because it can't listen on the tunnel interface. Thus if A is a dhcp server and B is r...
by homerwsmith
Wed May 30, 2012 7:22 pm
Forum: General
Topic: Automated backups [SOLVED]
Replies: 3
Views: 801

Automated backups [SOLVED]

Is there a way to get the mikrotik to make periodic backups of its config?

Is there a way to have those backups automatically copied to an scp/ftp/tftp
server remote from the mik?

Thanks

Homer W. Smith
CEO Lightlink Internet
by homerwsmith
Fri May 18, 2012 7:36 pm
Forum: General
Topic: Serial miks
Replies: 3
Views: 626

Re: Serial miks

OK, so here are the results of my tests. Doing bandwidth test from mik1 to mik2 UDP Both TX RX 97.5/97.5 97.5 97.5 Great! 1 TCP 33.0/32.0 51.4 52.0 Good. 20 TCP 15.0/35.0 45.0 44.0 Not so good. Why is TX almost half of RX in 20 connection TCP testing? Homer
by homerwsmith
Fri May 18, 2012 7:22 pm
Forum: General
Topic: Serial miks
Replies: 3
Views: 626

Re: Serial miks

OK, I figured it out. I clear the mik with system reset, then I discard the default. Then I put all ethers on bridge1, and assign addresses to the bridge. I usually assign 192.168.1.88 and 192.168.88.1 to the bridge just to keep some kind of default around. In this test I ALSO assigned 192.168.1.201...
by homerwsmith
Fri May 18, 2012 1:58 am
Forum: General
Topic: Serial miks
Replies: 3
Views: 626

Serial miks

Dear Gentle Folkd, Two mik 750's are set up identically, all interfaces as bridge1, and all IP's on the bridge. mik1 is 192.168.1.201 mik2 is 192.168.1.202 No default gateway Desktop is 192.168.1.14 Desktop is connected to mik1:eth1. mik1:eth2 is connected to mik2:eth1 Simple serial line. Desktop ->...
by homerwsmith
Sun May 13, 2012 5:58 pm
Forum: General
Topic: POINT TO POINT LINK
Replies: 4
Views: 782

Re: POINT TO POINT LINK

Thanks you are a gentleman and a scholar and do mikrotik proud.

Homer
by homerwsmith
Sun May 13, 2012 3:03 am
Forum: General
Topic: POINT TO POINT LINK
Replies: 4
Views: 782

Re: POINT TO POINT LINK

Does the below indicate that I need another router running OpenVPN, or can I use the VPN inside the mikrotik itself? Seems simple enough if I don't have to bring yet another router into the issue at both ends. Thanks for your help, brilliant writeup. Homer For this to work, you can NOT use a statele...
by homerwsmith
Sun May 13, 2012 1:39 am
Forum: General
Topic: POINT TO POINT LINK
Replies: 4
Views: 782

POINT TO POINT LINK

Dear Gentle Folk, I am relatively skilled with networking, but new to Mik's. I wish to setup a simple point to point link from one office over the open internet to another. It will carry PBX voice data over IP. At one end the PBX is on subnet 10.0.0.0/24 and the mik is on 10.0.0.1/24 At the other en...
by homerwsmith
Wed Mar 21, 2012 9:55 pm
Forum: General
Topic: EoIP slow high latency
Replies: 13
Views: 6876

Re: AW: EoIP slow high latency

What kind of MT boxes do you use? The EOIP problem happened across multiple different boxes, 564's and others. We finally gave up the EOIP and worked a more direct line from the end user to the internet. The EOIP is still running from remote site to our local NOC, and latencies are still in the 200...
by homerwsmith
Fri Dec 02, 2011 7:03 am
Forum: General
Topic: How to setup MTU?
Replies: 1
Views: 893

Re: How to setup MTU?

Except under most unusual circumstances, the MTU on all interfaces should be 1500. If you are using tunneling of various kinds, the MTU may or may not have to be changed to optimize fragmentation of packets too big to fit into the 1500 limit on the interfaces. The mtu value is show in all interfaces...
by homerwsmith
Fri Dec 02, 2011 4:41 am
Forum: General
Topic: EoIP slow high latency
Replies: 13
Views: 6876

EoIP slow high latency

I have two mik's connected by 3 or 4 routers and wireless radios, call mikrp at the NOC and mikch out in the boonies. Wireless are Ubiquity Rockets running at over 100 megabits, and the routers inbetween are also miks. All interfaces are 100 megabits, and all are clean of errors and drops. Pings fro...