Community discussions

Search found 35 matches

by Majklik
Wed Jan 25, 2017 10:18 pm
Forum: General
Topic: Report "Delegated-IPv6-Prefix" attribute for PPPoE
Replies: 195
Views: 38078

Re: Report "Delegated-IPv6-Prefix" attribute for PPPoE

MikroTik RouterOS 6.37 has support for the following PPP attributes, Framed-IPv6-Prefix Framed-IPv6-Pool Mikrotik-Delegated-IPv6-Pool These attributes are supported long time, but still is missing Delegated-IPv6-Prefix as most important! In second line there is too very nice attributes DNS-Server-I...
by Majklik
Wed Jan 25, 2017 6:56 pm
Forum: Beginner Basics
Topic: VRRP and IPsec
Replies: 2
Views: 653

Re: VRRP and IPsec

Yes, IPSec can works on top of the VRRP interface. I'm using this scenario over years. Simple use the virtual IP as the local address in the IPsec peer definition and as src. address in the policies. I use this for GRE/IPsec tunnels where both ends are VRRP virtual addresses. If the VRRP interface i...
by Majklik
Wed Jan 25, 2017 6:40 pm
Forum: General
Topic: ipv6 link local address @ bridge
Replies: 3
Views: 828

Re: ipv6 link local address @ bridge

This is probably a long time problem. I'm seeing problem with missing link local address on the bridge from time of the ROS5.2x version. Sometimes, after ROS starts there are missing link local address on the one or more bridge interfaces. Very similar problem with VRRP interfaces - link local addre...
by Majklik
Sun Jan 25, 2015 10:01 pm
Forum: General
Topic: Feature request: ERPS - Ethernet ring
Replies: 2
Views: 2099

Re: Feature request: ERPS - Ethernet ring

On small ring (3-4 switches) can have RSTP similar recovery time in comparison with ERPS. But with larger rings have ERPS recovery time still around 50-100 ms and RSTP around 4 seconds and with large rings is this difference greater (some industrial versions of the MRP protocol have recovery time fo...
by Majklik
Sat Jan 24, 2015 8:24 pm
Forum: General
Topic: TDMA with GPS sync: NV3
Replies: 17
Views: 5302

Re: TDMA with GPS sync: NV3

Yes, it will be nice have APs in the sync for transmit. But this can be done without GPS. We need to have the same time on all towers but this time do not must be in sync with world time (UTC). And this is work for PTPv2 protocol (precise time protocol - IEEE1588). If you have infrastructure where t...
by Majklik
Sat Jan 24, 2015 3:53 pm
Forum: General
Topic: Feature request: ERPS - Ethernet ring
Replies: 2
Views: 2099

Feature request: ERPS - Ethernet ring

With the network topology changes and after Ethernet switches upgrades I miss more and more support for any way of the Ethernet ring protocol. It will be nice if the software bridge will be capable cooperate with some ring protocol, probably best with ERPS /ITU G.8032v2/, which is supported many IT/...
by Majklik
Tue Dec 30, 2014 7:00 pm
Forum: Announcements
Topic: 6.24 released
Replies: 91
Views: 34706

Re: 6.24 released

VRRP doesn't look fixed. It still sends out packets with wrong source addresses. For which version/configuration? It looks that ROS sometimes incorrectly report problem, but packets looks OK. At least for VRRPv3/IPv6. The packet have coorect source MAC address of the virtual VRRP MAC and source IPv...
by Majklik
Tue Dec 30, 2014 3:13 pm
Forum: Announcements
Topic: v6.24 RC
Replies: 50
Views: 31077

Re: v6.24 RC

IPv6 is broken in this release. Link local addresses aren't working. Statically assigned IPv6 addresses are marked with the Invalid flag. I returned to 6.18. I haven't tested versions between 6.18 and 6.24 so I don't know if they are functional with respect to IPv6. There is a long time problem wit...
by Majklik
Wed Dec 24, 2014 4:15 pm
Forum: Announcements
Topic: v6.24 RC
Replies: 50
Views: 31077

Re: v6.24 RC

I have very strange VRRP result in this release ( 6.24 build-time: Dec/23/2014 13:38:45). I upgraded for test two routers from ROS6.20 (RB450G and RB800) and result is: VRRPv2 without authorization - both routers become master, VRRPv2 with AH authorization - this works OK but slave router reports: r...
by Majklik
Thu Nov 20, 2014 11:22 am
Forum: General
Topic: Feature Request: IPv6 NAT66 Support
Replies: 24
Views: 6911

Re: Feature Request: IPv6 NAT Support

Yes, with NPT or any other IPv6 NAT variant looks configurtation a bit simplest that to use dynamic renumbering and so on.... But, but - do you tried to use any form of the IPv6 NAT in real life? I did it and very fastly leave it. This NAT break end-to-end transparency and there are protocols that e...
by Majklik
Wed Nov 19, 2014 3:31 pm
Forum: General
Topic: Feature Request: IPv6 NAT66 Support
Replies: 24
Views: 6911

Re: Feature Request: IPv6 NAT Support

Both scenarios handle IPv6 natively without NAT66 or BGP peering with PI prefixes.... First scenario (active-backup multihoming) I uses in combination with Mikrotik routers on many places for years. The second (active-active multihoming) is not possible with Mikrotik because ROS do not have support ...
by Majklik
Tue Nov 18, 2014 2:36 pm
Forum: General
Topic: Feature Request: IPv6 NAT66 Support
Replies: 24
Views: 6911

Re: Feature Request: IPv6 NAT Support

I'm not for NAT66 but NPT (RFC6296 ) is in some configuration usefull for SME with multi homing connection to the Internet and linux kernel supports this. For this feature I vote. But please - firstly policy routing for IPv6 (witout it is not multihoming NPT possible) and router advertisement with r...
by Majklik
Tue Nov 18, 2014 2:15 pm
Forum: General
Topic: NETWATCH has choose INTERFACE
Replies: 4
Views: 2270

Re: NETWATCH has choose INTERFACE

I agree. A most of our scripts are used only to bypass for the limitations of the netwatch. Most missing: Do not change state on the first missed/received packet but after configurable count for up and down. A bit less missing: Configurable source interface, source IP address, routing table/VRF inst...
by Majklik
Mon Oct 06, 2014 6:33 pm
Forum: General
Topic: Known issues and bugs - a list
Replies: 283
Views: 110411

Re: Known issues and bugs - a list

Issue: The multihop BFD do not works. Description: If is configured multihop BGP connection with BFD support then it do not works. The problem is that is not used correct source IP address of the BFD packets (as is defined with update-source=X) but IP address of the outgoing interface. Versions aff...
by Majklik
Mon Oct 06, 2014 11:41 am
Forum: General
Topic: Known issues and bugs - a list
Replies: 283
Views: 110411

Re: Known issues and bugs - a list

Issue: MTU error in a PPPoE session on a bonding interface Description: It is impossible to run full 1500 byte frames inside of a PPPoE session if the PPPoE session built on top of a bonding interface. If you send a 1500 MTU frame over the PPPoE session, it is dropped, and this therefore creates MT...
by Majklik
Mon Oct 06, 2014 10:21 am
Forum: General
Topic: Report "Delegated-IPv6-Prefix" attribute for PPPoE
Replies: 195
Views: 38078

Re: Report "Delegated-IPv6-Prefix" attribute for PPPoE

I'm thinking that more useful will be support for Delegated-IPv6-Prefix in the accept message because we need assign IPv6 prefixes in managed way from RADIUS server. The router when receive Delegated-IPv6-Prefix in the accept message creates a dynamic pool and this pool is then assigned to a dynamic...
by Majklik
Mon Oct 06, 2014 9:53 am
Forum: General
Topic: v6.20 released!
Replies: 146
Views: 58482

Re: v6.20 released!

[admin@kattegat] > /ipv6 address add address=2002:561a:0161::1/3 interface=ipng-tunnel [admin@kattegat] > /ipv6 route add dst-address=2000::/3 gateway=::192.88.99.1%ipng-tunnel This is not a probably OK. A maybe better: /ipv6 address add address=2002:561a:0161::1/16 interface=ipng-tunnel /ipv6 rout...
by Majklik
Mon Apr 28, 2014 4:57 pm
Forum: RouterBOARD hardware
Topic: RB2011UAS-2HnD stops responding spontaneously
Replies: 42
Views: 11962

Re: RB2011UAS-2HnD stops responding spontaneously

I see this problem with ROS6.12 still on my routers. But I use SSTP. The changelog for 6.12 mentions only L2TP. This problem is not only PPP specific, "full route cache" can come from others places too because I have this problem on RB1100AH/AHx2 (with ROS6.7) routers where is not PPP used after 100...
by Majklik
Mon Apr 28, 2014 11:08 am
Forum: Forwarding Protocols
Topic: ipv6 bridge rstp combination will not work.
Replies: 5
Views: 1643

Re: ipv6 bridge rstp combination will not work.

When you have this problem, is there a link local IPv6 address on the bridge interface? There is probably a small bug that sometimes after the router start is not assigned link local address to the bridge interface (and then IPv6 do not works on this bridge). I saw this with ROS5.25, 5.26 and the RO...
by Majklik
Sun Apr 06, 2014 6:59 pm
Forum: General
Topic: Known issues and bugs - a list
Replies: 283
Views: 110411

Re: Known issues and bugs - a list

5) L2TP Server bug - replies from wrong IP address - http://forum.mikrotik.com/viewtopic.php?f=2&t=78816&p=398319#p398319 new ppp package invalidates this It looks that this bug is still there? I tested this now with 6.11 and 6.12rc1 (Apr/04/2014 13:30:46). By the way, is there any progress with a ...
by Majklik
Wed Apr 02, 2014 12:08 pm
Forum: Forwarding Protocols
Topic: OSPFv3 authentication with cisco
Replies: 4
Views: 2426

Re: OSPFv3 authentication with cisco

The OSPFv3 authentication uses IPsec. If there will be in the IPsec configuraiton option for the manul keying, then can be OSPFv3 secured. It is pity that "/ip ipsec manual-sa" was removed from the RouterOS. But one configuration option under OSPFv3 which create all requisited SPD and SA entries is ...
by Majklik
Mon Mar 31, 2014 11:50 am
Forum: General
Topic: v6.11 released
Replies: 260
Views: 79573

Re: v6.11 released

I agree, configurable source address for SSTP and other VPNs will be nice. But I more miss configurable source IP address of the DNS forwarder (especially in conjuction with IPv6). For some cases (IPv4) this can be substituted by the SRC-NAT or specific route (/ip route add dst-address=<VPN server> ...
by Majklik
Mon Mar 31, 2014 9:36 am
Forum: General
Topic: v6.11 released
Replies: 260
Views: 79573

Re: v6.11 released

Does anyone able to use the routing mark + the "Content" field working correctly ? As soon as I add anything inside the field "Content", the connection will timeout . For example, if I type in "facebook" in the Content field, it supposed to mark the route if I go to http://www.facebook.com . And th...
by Majklik
Fri Mar 28, 2014 12:29 pm
Forum: General
Topic: High Speed VPN - 100Mbps +
Replies: 25
Views: 15077

Re: High Speed VPN - 100Mbps +

Try look on the IPsec. We have many 100 Mbps GRE/IPsec tunnels between RB1100AH/AHx2 routers without problems. They are limited with 100 Mbps Ethernet paths (if I remember the GRE/IPsec tunnel between two RB1100AHx2 runs around 250 Mbps on the 1 Gbps network with AES256/SHA1 proposal). There is hard...
by Majklik
Wed Mar 26, 2014 10:03 am
Forum: RouterBOARD hardware
Topic: RB2011UAS-2HnD stops responding spontaneously
Replies: 42
Views: 11962

Re: RB2011UAS-2HnD stops responding spontaneously

I'm thinking too that there is problem relatet to the new PPP package. The problem with route cache is more worse from ROS6.10. There is one another test, which I reported yesterday ( [Ticket#2014032566001708] ). I have two metarouters, one runs SSTP server with one dead connection (in some configur...
by Majklik
Tue Mar 25, 2014 9:07 am
Forum: RouterBOARD hardware
Topic: RB2011UAS-2HnD stops responding spontaneously
Replies: 42
Views: 11962

Re: RB2011UAS-2HnD stops responding spontaneously

Yes, I've still this situation witn ROS6.11 on the RB800 and RB450G. No more that one day of the uptime. Disabled SSTP eliminates this problem. But there are used many other services so this bug is combination with something another (VRRP on all interfaces, bonding, bridges, VLANs, GRE/IPsec, SIT tu...
by Majklik
Mon Mar 24, 2014 12:03 am
Forum: General
Topic: v6.11 released
Replies: 260
Views: 79573

Re: v6.11 released

A SSTP tunnel that I have between two Mikrotik routers broke after the upgrade to 6.11. It is configured so that the client verifies the server certificate and the server verifies the client certificate. The certificate and server certificate derive from the same root. The root is one that I genera...
by Majklik
Fri Mar 21, 2014 8:20 pm
Forum: General
Topic: v6.11 released
Replies: 260
Views: 79573

Re: v6.11 released

Can anyone else please confirm SSTP working or still broken??? Which bug? Unable connect from Windows client - it works with 6.11. I use this SSTP setup: /ppp profile add change-tcp-mss=no incoming-filter=rw-in/fwd name=sstp-rw only-one=yes use-compression=no use-encryption=no use-mpls=no use-vj-co...
by Majklik
Fri Mar 21, 2014 12:06 pm
Forum: RouterBOARD hardware
Topic: RB2011UAS-2HnD stops responding spontaneously
Replies: 42
Views: 11962

Re: RB2011UAS-2HnD stops responding spontaneously

This problem with route cache was there long time ago, with different ROS versions too and different confgirutations. It is pity, that ROS do not allow show the contents of this cache and flush it. On linux this can be done with "ip route show cache" and "ip route flush cache". This problem probably...
by Majklik
Thu Mar 20, 2014 11:59 am
Forum: General
Topic: v6.10 released
Replies: 248
Views: 82038

Re: v6.10 released

I believe this issue is somehow v6.10 related .. I did not experience this kind of problems with older versions of routeros. http://forum.mikrotik.com/viewtopic.php?f=3&t=83030 This problem with full IPv4 route cache I see for whole ROS6 line. With the ROS 6.10 is only more fastelly cache filled. 9...
by Majklik
Thu Mar 20, 2014 11:55 am
Forum: RouterBOARD hardware
Topic: RB2011UAS-2HnD stops responding spontaneously
Replies: 42
Views: 11962

Re: RB2011UAS-2HnD stops responding spontaneously

This problem with "No buffer space available" and stopped IPv4 communication is not ROS6.10 only related. I see it on some my routers (RB800, RB450G) for whole ROS6 line. If you look on "/ip route cache print" then you see that is full, so IPv4 stops communication (IPv6 works). In my configuration t...
by Majklik
Wed Mar 19, 2014 12:07 am
Forum: General
Topic: v6.10 released
Replies: 248
Views: 82038

Re: v6.10 released

Hi, I have a problem using option DHCPv6-PD to send ipv6 prefixes via pppoe, the option send the prefix and create the route, works well and hangs dhcp when pppoe conection drop. If I disconect normaly them dhcpv6 release the prefix but when hangs suddenly it simply stay conected and dhcpv4 stop to...
by Majklik
Mon Mar 17, 2014 10:55 pm
Forum: General
Topic: v6.10 released
Replies: 248
Views: 82038

Re: v6.10 released

Does anybody here also have the problem that IPv6 addresses sometimes aren't working until disable and re-enable (new added address or after a reboot)? Had that on 4 MikroTiks (RB750GL, RB2011UAS-RM, RB2011UiAS-2HnD-IN, RB951G-2HnD) but unfortunately MikroTik cannot confirm this bug. Very annoying ...
by Majklik
Tue Sep 17, 2013 3:19 pm
Forum: General
Topic: manually adding link local IPv6 address
Replies: 11
Views: 2753

Re: manually adding link local IPv6 address

I'm missing this feature too.
The suport was informed some time ago too.
by Majklik
Fri Dec 23, 2011 10:44 pm
Forum: General
Topic: RB1100AH and ports 12/13 performance with ROS5.10-5.12rc1
Replies: 1
Views: 684

RB1100AH and ports 12/13 performance with ROS5.10-5.12rc1

I played with three RB1100AH and it looks like ROS5.10 and above have problem with the ethernet ports 12 and 13. The board is not able route more that 50~80 Mbps. The ports 1~11 with the same test setup runs over 400 Mbps. If is used ROS5.9 then ports 12 and 13 runs over 400 MBps too. If is used con...