Community discussions

Search found 36 matches

by hzdrus
Mon Nov 05, 2018 2:05 pm
Forum: Wireless Networking
Topic: 60Ghz WAP60G-AP multi-client latency
Replies: 3
Views: 627

Re: 60Ghz WAP60G-AP multi-client latency

6.44beta28 makes significant latency/jitter improvements. Thanks Mikrotik :)
by hzdrus
Thu Sep 20, 2018 12:03 pm
Forum: Wireless Networking
Topic: 60Ghz WAP60G-AP multi-client latency
Replies: 3
Views: 627

60Ghz WAP60G-AP multi-client latency

Hi All, With three LHG 60Ghz clients connected to an AP and practically no traffic, we see latency jumping between ~1-15ms. Distance 120m,150m,175m. With a single client only, latency is ~1 ms. Anything can be done to stabilize the performance ? We would prefer a stable 10ms latency than 1-15ms jump...
by hzdrus
Wed Sep 12, 2018 4:20 pm
Forum: Announcements
Topic: v6.43 [current] is released!
Replies: 148
Views: 28209

Re: v6.43 [current] is released!

I'm pleasantly surprised to see that we were unaffected by the authentication changes. We use centralised RADIUS authentication to Active Directory and associate AD security group membership to RouterOS user group permissions. Winbox, SSH and local authentication continues to work... Windows AD sho...
by hzdrus
Tue Jul 24, 2018 6:17 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 557
Views: 111529

Re: v6.43rc [release candidate] is released!

Drop of RADIUS PAP support for ssh logins is a big problem for us too. We're using a one-time password implementation which is impossible to integrate with MS-CHAPv2 - the security appliance only stores the hash of the PIN (fixed part of the password) and because of this cannot support MS-CHAPv2 sin...
by hzdrus
Thu Jun 07, 2018 6:24 pm
Forum: Wireless Networking
Topic: 60GHz multipoint, share your experience
Replies: 33
Views: 11509

Re: 60GHz multipoint, share your experience

Let's see how many client we can hook up. Please note that it is currently limited to only 8 clients at a time. See page 16 of the 60G presentation from the MUM in Berlin. Yes I am aware of this. But some wrote somewhere that after 4 things were spiraling down.... And is this limit just hardware li...
by hzdrus
Wed Sep 06, 2017 11:06 am
Forum: Announcements
Topic: v6.41rc [release candidate] is released! New bridge implementation!
Replies: 561
Views: 122414

Re: v6.41rc [release candidate] is released! New bridge implementation!

*) crs317 - added initial support for HW offloaded MPLS forwarding; Can you elaborate on this feature? It applies solely when acting as a transit P router or when encapsulating/decapsulating l2circuit also? P.S. Congrats on the work to implement multicast snooping. Looking forward to a stable relea...
by hzdrus
Tue Mar 29, 2016 1:02 pm
Forum: General
Topic: IGMP Snooping
Replies: 137
Views: 59509

Re: IGMP Snooping

Regarding the point raised earlier about possible limitations on the switch chip itself: this doesn't stop Mikrotik from implementing snooping on "/interface bridge" level. For example, RB2011 gives adequate performance in bridge mode as a small consumer aggregation device. Linux already supports sn...
by hzdrus
Thu Dec 03, 2015 6:26 pm
Forum: Announcements
Topic: 6.33.2 version is released!
Replies: 41
Views: 9935

Re: 6.33.2 version is released!

It seems that 6.33 has a regression in EoIP/VPLS performance. Details are in http://forum.mikrotik.com/viewtopic.php ... 79#p510079
by hzdrus
Thu Dec 03, 2015 6:23 pm
Forum: General
Topic: VPLS performance is lower than EoIP
Replies: 10
Views: 3206

Re: VPLS performance is lower than EoIP

We redid the VPLS/EoIP RFC2544 throughput tests, this time between two CCR-1009-8G-1S-1S+ , using RouterOS 6.33 and 6.32.3. With 6.33.2 we got very bad results, there must be a regression in 6.33 compared to 6.32: EoIP - 72 Mbps with 64 bytes frames and 0 loss VPLS - 32 Mbps with 64 bytes frames and...
by hzdrus
Wed Jul 29, 2015 1:20 pm
Forum: General
Topic: VRRP port speed via SNMP wrong?
Replies: 2
Views: 724

Re: VRRP port speed via SNMP wrong?

The same problem exists for PPP interfaces (e.g. PPPoE). They are reported as 10 Mbps. A command similar to Cisco's "bandwidth" is needed to be able to manually specify the interface speed, at least on pppoe-client.
by hzdrus
Wed Jul 15, 2015 7:19 pm
Forum: Wireless Networking
Topic: 802.11n force 40mhz channel
Replies: 5
Views: 3494

Re: 802.11n force 40mhz channel

I have just received a response from Mikrotik support on this matter - they will put this feature in their to-do list for wireless enhancements.
by hzdrus
Mon Jul 13, 2015 5:09 pm
Forum: Wireless Networking
Topic: 802.11n force 40mhz channel
Replies: 5
Views: 3494

Re: 802.11n force 40mhz channel

Sorry mate, but in my opinion it's impossible. MCS is not TX-rate. You can achive 30MHz channel with custom channels with some chipsets. MCS means that it can always lower from wider to narrower channel, but only in that way. Actually there is a direct relationship between MCS and TX-rate. Modulati...
by hzdrus
Fri Jul 03, 2015 11:41 am
Forum: Wireless Networking
Topic: 802.11n force 40mhz channel
Replies: 5
Views: 3494

Re: 802.11n force 40mhz channel

You can try creating Channels manually Wireless > Channels I've tried the following: /interface wireless channels add band=5ghz-onlyn frequency=5540 list=custom name=custom_5540 width=40 I get "unsupported channel" when I configure it on the wlan interface. Further investigation resulted in conclus...
by hzdrus
Thu Jul 02, 2015 6:34 pm
Forum: Wireless Networking
Topic: 802.11n force 40mhz channel
Replies: 5
Views: 3494

802.11n force 40mhz channel

Hi All, We're using a pair of SXT-ac about 200m away from each other. We have a problem with wild variation of tx-rate/rx-rate (modulation). As a result, throughput drastically suffers. Signal level is very good : CCQ both ways is around 90%. The channels are not noisy (85db SNR). I tried decreasing...
by hzdrus
Fri May 08, 2015 11:52 am
Forum: General
Topic: IGMP Snooping
Replies: 137
Views: 59509

Re: IGMP Snooping

Would love to use those CRS212-1G-10S switches, probably buy a hundred or so, but it is impossible to offer IPTV without snooping :-(
by hzdrus
Tue Mar 17, 2015 3:17 pm
Forum: Announcements
Topic: RouterOS v6.27 released
Replies: 273
Views: 99661

Re: RouterOS v6.27 released

We found EoIP on 6.27 to be very buggy on CCRs and RB750.

Frames passing through bridge would randomly get corrupted. Removing and adding interface to the bridge may temporarily fix the problem.
by hzdrus
Mon Mar 02, 2015 2:13 am
Forum: Forwarding Protocols
Topic: What BGP setups need to be optimized
Replies: 58
Views: 20942

Re: What BGP setups need to be optimized

Apart from features already requested, it would be very useful if Mikrotik had a real Cisco-like "neigh x.x.x.x received-routes" command. Currently it is only possible to see routes after filters.
by hzdrus
Sun Dec 28, 2014 12:09 pm
Forum: General
Topic: SNMP doesn't work with asymmetric routes?
Replies: 32
Views: 7213

Re: SNMP doesn't work with asymmetric routes?

I agree that this behavior is not industry standard. Normally device would answer from the same source IP, but send through whichever interface routing points to. If I have NAT or something else that will break it, then this is clearly my (admin's) problem to fix, but at least it should try sending ...
by hzdrus
Mon Dec 08, 2014 7:53 pm
Forum: Forwarding Protocols
Topic: vrf connected route leaking
Replies: 20
Views: 5600

Re: vrf connected route leaking

I've just also stumbled into the same problem. Traffic always goes to locally-assigned address, even if it is in a different routing table/VRF. This is a serious issue as it causes problems when you have VRFs with overlapping IPs. Basically it makes MPLS L3VPN functionality of Mikrotik close to usel...
by hzdrus
Tue Nov 04, 2014 3:58 pm
Forum: General
Topic: Shaping of EoIP bridge with non-IP traffic
Replies: 2
Views: 972

Re: Shaping of EoIP bridge with non-IP traffic

/queue simple add target="your-EoIP-interface"
I checked, it doesn't suit my requirements - it shapes IP traffic only (provided you have use-ip-firewall:yes), it doesn't shape MPLS/FCoE/ARP flood etc.
by hzdrus
Fri Oct 24, 2014 1:16 pm
Forum: General
Topic: Shaping of EoIP bridge with non-IP traffic
Replies: 2
Views: 972

Shaping of EoIP bridge with non-IP traffic

Hi All, I'm looking for a way to shape an (EoIP + Ethernet interface) bridge with non-IP traffic, however I can't find a solution: 1) "/interface ethernet [N] set bandwidth" allows for only a very narrow selection of pre-defined speeds. 2) If I create a "/queue simple" rule for destination EoIP IP, ...
by hzdrus
Wed Aug 20, 2014 7:30 pm
Forum: General
Topic: VPLS performance is lower than EoIP
Replies: 10
Views: 3206

Re: VPLS performance is lower than EoIP

Testing again on RB1100AHx2 under most optimal configuration has shown that the performance isn't worse than EoIP, we were able to get about 100 mbps with 64-byte packets.

So it seems that the issue affects CCR only.
by hzdrus
Mon Aug 11, 2014 5:26 pm
Forum: General
Topic: VPLS performance is lower than EoIP
Replies: 10
Views: 3206

Re: VPLS performance is lower than EoIP

The config I gave was for CCR1016. If you do mean that CCR1016 has shared ports, do you have a pointer to docs which state so? The datasheet I have says "Ports directly connected to CPU".
by hzdrus
Mon Aug 11, 2014 12:13 pm
Forum: General
Topic: VPLS performance is lower than EoIP
Replies: 10
Views: 3206

Re: VPLS performance is lower than EoIP

Test setup was simple, we have two RFC2544 testers (Digital Lightwave), one is generating traffic, another one is looping it back ("smart loopback" mode). Tester A <--> Mikrotik A <--> Mikrotik B <--> Tester B Standard RFC2544 test with 64-byte packets. Our partners are requiring us to provide full ...
by hzdrus
Fri Aug 08, 2014 7:31 pm
Forum: General
Topic: VPLS performance is lower than EoIP
Replies: 10
Views: 3206

VPLS performance is lower than EoIP

To our surprise RFC2544 tests have revealed that VPLS performs worse than EoIP, both on CCR and RB1100AHx2. EoIP with 64 byte packets gives 300 mbps on two directly connected CCRs without packet loss, while VPLS gives only 150 mbps. Is it expected and why? VPLS config is basic: /interface bridge add...
by hzdrus
Fri Aug 08, 2014 1:40 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 204603

Re: Feature requests

We find inability to trigger commands/scripts based on events to be very limiting, especially in MPLS VPN deployment. The following is necessary: 1) Ability to specify inside RADIUS reply which commands/scripts to execute (e.g. similar to Cisco-AVPair) 2) Logging target to send every new log line to...
by hzdrus
Tue Aug 05, 2014 11:33 am
Forum: General
Topic: Feature request: Scripting language improvement
Replies: 18
Views: 4142

Re: Feature request: Scripting language improvement

We also find inability to trigger commands/scripts based on events to be very limiting, especially in MPLS VPN deployment. The following is necessary: 1) Ability to specify commands/scripts to execute inside RADIUS reply 2) Mechanism tro trigger a script for every new log line (so there is no need t...
by hzdrus
Thu Feb 06, 2014 10:18 am
Forum: General
Topic: Feature request: limiting of LAN ports bandwidth
Replies: 2
Views: 1064

Re: Feature request: limiting of LAN ports bandwidth

Yes, of course. Plain /queue simple doesn't work on bridged (not routed) traffic.

Unfortunately "bandwidth" property of LAN interfaces allow only a very limited set of pre-defined limits.
by hzdrus
Thu Feb 06, 2014 2:08 am
Forum: General
Topic: Feature request: limiting of LAN ports bandwidth
Replies: 2
Views: 1064

Feature request: limiting of LAN ports bandwidth

We use EoIP for various circuits. The problem is that it seems that there is no way to apply a simple rate limit on a bridged LAN port. As a workaround, we have to use bridge use-ip-firewall + mangle + queue approach, which drops RB1100AHx2 performance by 50%: from 60 mbps @ 64-byte packets, to only...
by hzdrus
Fri Mar 08, 2013 1:20 am
Forum: General
Topic: EoIP slow high latency
Replies: 13
Views: 6812

Re: EoIP slow high latency

Did you check what is the CPU load? EoIP is very CPU hungry.
by hzdrus
Thu Mar 07, 2013 6:30 pm
Forum: General
Topic: gratuitous ARP reply protection (against ARP poisoning)
Replies: 2
Views: 2327

Re: gratuitous ARP reply protection (against ARP poisoning)

Bumping up.

Ability to filter/ignore gratuitous ARP would significantly increase protection against man-in-the-middle attacks on Mikrotik routers.
by hzdrus
Sat Feb 02, 2013 4:38 pm
Forum: General
Topic: gratuitous ARP reply protection (against ARP poisoning)
Replies: 2
Views: 2327

gratuitous ARP reply protection (against ARP poisoning)

Hi, Is there any way to configure RouterOS to discard gratuitous ARP replies it receives? It accepts gratuitous ARP reply packets by default. I only found a way to match these packets on bridge interfaces, but in my case RB1100AHx2 act as routers on physical Ethernet ports (without bridge) and I wan...
by hzdrus
Mon Jul 30, 2012 1:34 pm
Forum: RouterBOARD hardware
Topic: SFP module
Replies: 100
Views: 56993

Re: SFP module

Did anybody manage to make 2011LS with any 100mbps-only SFPs ? We tried several and didn't succeed.
by hzdrus
Wed May 16, 2012 12:32 pm
Forum: General
Topic: IGMP Snooping
Replies: 137
Views: 59509

IGMP Snooping

Are there any plans to add IGMP Snooping support to bridging, via OpenVPN in particular? IGMP Snooping is supported by Linux kernels since 2.6.34, is there a reason to keep it disabled?

Absence of IGMP Snooping breaks numerous scenarios where Mikrotik is used as a CPE or tunnel concentrator.
by hzdrus
Tue May 15, 2012 9:52 am
Forum: RouterBOARD hardware
Topic: SFP module
Replies: 100
Views: 56993

Re: SFP module

Are 100 mbps SFP modules compatible with RB2011LS-IN? This is really important for us and would allow to purchase RB2011LS in quantity (we use 100baseBX connections). RB2011LS supports any 1.25G SFP transceivers that is within the SFF Committee specifications for SFP Transceivers. We have not teste...
by hzdrus
Mon May 14, 2012 4:01 pm
Forum: RouterBOARD hardware
Topic: SFP module
Replies: 100
Views: 56993

Re: SFP module

Are 100 mbps SFP modules compatible with RB2011LS-IN? This is really important for us and would allow to purchase RB2011LS in quantity (we use 100baseBX connections).