Community discussions

MikroTik App

Search found 52 matches

by hzdrus
Fri Jan 27, 2023 12:28 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 72188

Re: v7.8beta [testing] is released!

MT is currently missing a big point. Apart from routing features present in v6 that are not available on v7... they advertise the L3-HW that is BROKEN! I have since 7.4 a support file, that is not fixed and they dindt give me any ETA for the fix. We need every one hour to stop and restart the l3-hw...
by hzdrus
Mon Sep 21, 2020 10:22 pm
Forum: General
Topic: CCR2004 poor bridge performance
Replies: 24
Views: 5746

Re: CCR2004 poor bridge performance

As far as I understand packets belonging to a single TCP stream are always bound to a single CPU core, no matter if it's routing or bridging. This is done to avoid packet reordering (which used to be a huge problem when CCR series devices were first introduced several years ago). In this case it is...
by hzdrus
Mon Sep 21, 2020 7:53 pm
Forum: General
Topic: CCR2004 poor bridge performance
Replies: 24
Views: 5746

Re: CCR2004 poor bridge performance

Paternot, you are confusing fastpath with fasttrack. Document yourself better about the two. You better read it up. The spec sheet says "fast path". The manual page I sent you says "fast path". You insist on "fast track", don't answare if the test was with a single con...
by hzdrus
Mon Sep 21, 2020 2:09 pm
Forum: General
Topic: CCR2004 poor bridge performance
Replies: 24
Views: 5746

Re: CCR2004 poor bridge performance

Well, like in the other thread, it is mentioned that this is advertised as a router, not a switch, so maybe performance between the 25Gbps ports and 10Gbps ports might be better than only using the 10Gbps ports. I see that config as the intended use for this device. Archived datasheet of that PX is...
by hzdrus
Mon Sep 21, 2020 1:30 pm
Forum: General
Topic: CCR2004 poor bridge performance
Replies: 24
Views: 5746

Re: CCR2004 poor bridge performance

@Paternot got it a little wrong. But, those tests say 39444Mbps, 3248kpps at 1518 byte packet size on ALL ports. (thus involving all 12x 10G ports and the two remaining uplinks of 25Gbps out of the 4 total on that 98PX1012, two of which are connected to the CPU?). Is performance that limited when u...
by hzdrus
Mon Sep 21, 2020 12:45 pm
Forum: General
Topic: CCR2004 poor bridge performance
Replies: 24
Views: 5746

Re: CCR2004 poor bridge performance

Some thoughts about it: 1) This device doesn't have a switch chip: even with these two ports on the same bridge, this is routing, CPU wise. 2) You removed everything - even the fast path rule. This device is rated to about 13Mbps, without fast path and with 25 ip rules. This is about 4 times what Y...
by hzdrus
Mon Sep 21, 2020 10:19 am
Forum: General
Topic: CCR2004 poor bridge performance
Replies: 24
Views: 5746

Re: CCR2004 poor bridge performance

What is the mtu on the client side?
9000 byte MTU.
by hzdrus
Mon Sep 21, 2020 10:17 am
Forum: General
Topic: CCR2004 poor bridge performance
Replies: 24
Views: 5746

Re: CCR2004 poor bridge performance

uhm, and how was this test done exactly? except the " two loop-backed 10G ports" there's nothing mentioned. what util, what generated the traffic on which port, what captured it on what port.. except RFC2544 which states hours of testing.. nothing. so.. again, what and how did you test ex...
by hzdrus
Sun Sep 20, 2020 6:00 pm
Forum: General
Topic: CCR2004 poor bridge performance
Replies: 24
Views: 5746

Re: CCR2004 poor bridge performance

Have you taken a look at
tool profile cpu=all 
?
Not in tool profile, but under CPU load 100% due IRQ.
by hzdrus
Sat Sep 19, 2020 9:42 am
Forum: General
Topic: CCR2004 poor bridge performance
Replies: 24
Views: 5746

CCR2004 poor bridge performance

Hi All, With an RFC2544 test we see 100% load on one of CCR2004 cores and frame drops with just 3.9gbps traffic, 350k pps @ 1396 bytes between two loop-backed 10G ports. This is rather poor, we cannot load even two 10G ports out of 12 that device has. I stripped the config to bare minimum with no br...
by hzdrus
Fri Aug 21, 2020 5:12 pm
Forum: General
Topic: CRS212 hw-offload on vlan-aware bridge [SOLVED]
Replies: 1
Views: 865

CRS212 hw-offload on vlan-aware bridge [SOLVED]

Hi All, We're trying to use CRS212 with post-6.41 bridge vlan-filtering style configuration and we can't get hw-offload flag to appear on bridge ports. From https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#Bridge_Hardware_Offloading we see that vlan-filtering is not supported in CRS212. Is the...
by hzdrus
Thu Jan 30, 2020 5:30 pm
Forum: Wireless Networking
Topic: QM-X & disc lite5 ac
Replies: 0
Views: 2254

QM-X & disc lite5 ac

Hi,

Does anybody use QuickMount-X with Disc lite5 AC ? Brochure states that it's compatible, but it seems that unlike SXTsq, Disc is missing a hook on top that would allow tilt. Am I missing something ?
by hzdrus
Tue Oct 22, 2019 7:57 pm
Forum: General
Topic: CCR bridge performance
Replies: 10
Views: 3891

Re: CCR bridge performance

CCR1072 is connected to a last-mile provider who had a rate-limit mis-configuration on one of the ports.

Now this device is moving about 15G of user traffic without breaking a sweat (avg CPU load <2%), moreover we added 7 bridge filter rules.
by hzdrus
Thu Oct 17, 2019 10:47 am
Forum: General
Topic: CCR bridge performance
Replies: 10
Views: 3891

Re: CCR bridge performance

In the end the issue was on remote side. We now have about 11G traffic on a bridge between 50 VLAN interfaces with 8000 MACs on top of two 2x10G bonding interfaces. CCR1072 with average CPU util 0% and with one out of 72 cores spiking to about 20%. Looks like it can do a lot more.
by hzdrus
Wed Oct 16, 2019 10:13 am
Forum: General
Topic: CCR bridge performance
Replies: 10
Views: 3891

Re: CCR bridge performance

The "test results" section for CCR072 page on Mikrotik website states 74G throughput for "Bridging with 25 bridge filter rules". In our case there are no filter/firewall rules and bridge firewall is set to No. I'm interested to learn real-life throughput results from the field. T...
by hzdrus
Tue Oct 15, 2019 10:48 pm
Forum: General
Topic: CCR bridge performance
Replies: 10
Views: 3891

CCR bridge performance

Hi All, We're having a CCR1072 with two bonding interface, each having two 10G ports. There is a bridge configured between these two 20G bonding interfaces. We're unable to get more than 5G per port in the bridge with total traffic being around 9G. CPU average utilization is close to 0%, there is on...
by hzdrus
Mon Nov 05, 2018 2:05 pm
Forum: Wireless Networking
Topic: 60Ghz WAP60G-AP multi-client latency
Replies: 3
Views: 1653

Re: 60Ghz WAP60G-AP multi-client latency

6.44beta28 makes significant latency/jitter improvements. Thanks Mikrotik :)
by hzdrus
Thu Sep 20, 2018 12:03 pm
Forum: Wireless Networking
Topic: 60Ghz WAP60G-AP multi-client latency
Replies: 3
Views: 1653

60Ghz WAP60G-AP multi-client latency

Hi All, With three LHG 60Ghz clients connected to an AP and practically no traffic, we see latency jumping between ~1-15ms. Distance 120m,150m,175m. With a single client only, latency is ~1 ms. Anything can be done to stabilize the performance ? We would prefer a stable 10ms latency than 1-15ms jump...
by hzdrus
Wed Sep 12, 2018 4:20 pm
Forum: Announcements
Topic: v6.43 [current] is released!
Replies: 147
Views: 70442

Re: v6.43 [current] is released!

I'm pleasantly surprised to see that we were unaffected by the authentication changes. We use centralised RADIUS authentication to Active Directory and associate AD security group membership to RouterOS user group permissions. Winbox, SSH and local authentication continues to work... Windows AD sho...
by hzdrus
Tue Jul 24, 2018 6:17 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 557
Views: 221404

Re: v6.43rc [release candidate] is released!

Drop of RADIUS PAP support for ssh logins is a big problem for us too. We're using a one-time password implementation which is impossible to integrate with MS-CHAPv2 - the security appliance only stores the hash of the PIN (fixed part of the password) and because of this cannot support MS-CHAPv2 sin...
by hzdrus
Thu Jun 07, 2018 6:24 pm
Forum: Wireless Networking
Topic: 60GHz multipoint, share your experience
Replies: 37
Views: 21425

Re: 60GHz multipoint, share your experience

Let's see how many client we can hook up. Please note that it is currently limited to only 8 clients at a time. See page 16 of the 60G presentation from the MUM in Berlin. Yes I am aware of this. But some wrote somewhere that after 4 things were spiraling down.... And is this limit just hardware li...
by hzdrus
Wed Sep 06, 2017 11:06 am
Forum: Announcements
Topic: v6.41rc [release candidate] is released! New bridge implementation!
Replies: 561
Views: 206654

Re: v6.41rc [release candidate] is released! New bridge implementation!

*) crs317 - added initial support for HW offloaded MPLS forwarding; Can you elaborate on this feature? It applies solely when acting as a transit P router or when encapsulating/decapsulating l2circuit also? P.S. Congrats on the work to implement multicast snooping. Looking forward to a stable relea...
by hzdrus
Tue Mar 29, 2016 1:02 pm
Forum: General
Topic: IGMP Snooping
Replies: 134
Views: 81600

Re: IGMP Snooping

Regarding the point raised earlier about possible limitations on the switch chip itself: this doesn't stop Mikrotik from implementing snooping on "/interface bridge" level. For example, RB2011 gives adequate performance in bridge mode as a small consumer aggregation device. Linux already s...
by hzdrus
Thu Dec 03, 2015 6:26 pm
Forum: Announcements
Topic: 6.33.2 version is released!
Replies: 41
Views: 18736

Re: 6.33.2 version is released!

It seems that 6.33 has a regression in EoIP/VPLS performance. Details are in http://forum.mikrotik.com/viewtopic.php ... 79#p510079
by hzdrus
Thu Dec 03, 2015 6:23 pm
Forum: General
Topic: VPLS performance is lower than EoIP
Replies: 10
Views: 6184

Re: VPLS performance is lower than EoIP

We redid the VPLS/EoIP RFC2544 throughput tests, this time between two CCR-1009-8G-1S-1S+ , using RouterOS 6.33 and 6.32.3. With 6.33.2 we got very bad results, there must be a regression in 6.33 compared to 6.32: EoIP - 72 Mbps with 64 bytes frames and 0 loss VPLS - 32 Mbps with 64 bytes frames and...
by hzdrus
Wed Jul 29, 2015 1:20 pm
Forum: General
Topic: VRRP port speed via SNMP wrong?
Replies: 2
Views: 1455

Re: VRRP port speed via SNMP wrong?

The same problem exists for PPP interfaces (e.g. PPPoE). They are reported as 10 Mbps. A command similar to Cisco's "bandwidth" is needed to be able to manually specify the interface speed, at least on pppoe-client.
by hzdrus
Wed Jul 15, 2015 7:19 pm
Forum: Wireless Networking
Topic: 802.11n force 40mhz channel
Replies: 13
Views: 10610

Re: 802.11n force 40mhz channel

I have just received a response from Mikrotik support on this matter - they will put this feature in their to-do list for wireless enhancements.
by hzdrus
Mon Jul 13, 2015 5:09 pm
Forum: Wireless Networking
Topic: 802.11n force 40mhz channel
Replies: 13
Views: 10610

Re: 802.11n force 40mhz channel

Sorry mate, but in my opinion it's impossible. MCS is not TX-rate. You can achive 30MHz channel with custom channels with some chipsets. MCS means that it can always lower from wider to narrower channel, but only in that way. Actually there is a direct relationship between MCS and TX-rate. Modulati...
by hzdrus
Fri Jul 03, 2015 11:41 am
Forum: Wireless Networking
Topic: 802.11n force 40mhz channel
Replies: 13
Views: 10610

Re: 802.11n force 40mhz channel

You can try creating Channels manually Wireless > Channels I've tried the following: /interface wireless channels add band=5ghz-onlyn frequency=5540 list=custom name=custom_5540 width=40 I get "unsupported channel" when I configure it on the wlan interface. Further investigation resulted ...
by hzdrus
Thu Jul 02, 2015 6:34 pm
Forum: Wireless Networking
Topic: 802.11n force 40mhz channel
Replies: 13
Views: 10610

802.11n force 40mhz channel

Hi All, We're using a pair of SXT-ac about 200m away from each other. We have a problem with wild variation of tx-rate/rx-rate (modulation). As a result, throughput drastically suffers. Signal level is very good : CCQ both ways is around 90%. The channels are not noisy (85db SNR). I tried decreasing...
by hzdrus
Fri May 08, 2015 11:52 am
Forum: General
Topic: IGMP Snooping
Replies: 134
Views: 81600

Re: IGMP Snooping

Would love to use those CRS212-1G-10S switches, probably buy a hundred or so, but it is impossible to offer IPTV without snooping :-(
by hzdrus
Tue Mar 17, 2015 3:17 pm
Forum: Announcements
Topic: RouterOS v6.27 released
Replies: 273
Views: 133976

Re: RouterOS v6.27 released

We found EoIP on 6.27 to be very buggy on CCRs and RB750.

Frames passing through bridge would randomly get corrupted. Removing and adding interface to the bridge may temporarily fix the problem.
by hzdrus
Mon Mar 02, 2015 2:13 am
Forum: Forwarding Protocols
Topic: What BGP setups need to be optimized
Replies: 57
Views: 31914

Re: What BGP setups need to be optimized

Apart from features already requested, it would be very useful if Mikrotik had a real Cisco-like "neigh x.x.x.x received-routes" command. Currently it is only possible to see routes after filters.
by hzdrus
Sun Dec 28, 2014 12:09 pm
Forum: General
Topic: SNMP doesn't work with asymmetric routes?
Replies: 32
Views: 13471

Re: SNMP doesn't work with asymmetric routes?

I agree that this behavior is not industry standard. Normally device would answer from the same source IP, but send through whichever interface routing points to. If I have NAT or something else that will break it, then this is clearly my (admin's) problem to fix, but at least it should try sending ...
by hzdrus
Mon Dec 08, 2014 7:53 pm
Forum: Forwarding Protocols
Topic: vrf connected route leaking
Replies: 20
Views: 9186

Re: vrf connected route leaking

I've just also stumbled into the same problem. Traffic always goes to locally-assigned address, even if it is in a different routing table/VRF. This is a serious issue as it causes problems when you have VRFs with overlapping IPs. Basically it makes MPLS L3VPN functionality of Mikrotik close to usel...
by hzdrus
Tue Nov 04, 2014 3:58 pm
Forum: General
Topic: Shaping of EoIP bridge with non-IP traffic
Replies: 3
Views: 1961

Re: Shaping of EoIP bridge with non-IP traffic

/queue simple add target="your-EoIP-interface"
I checked, it doesn't suit my requirements - it shapes IP traffic only (provided you have use-ip-firewall:yes), it doesn't shape MPLS/FCoE/ARP flood etc.
by hzdrus
Fri Oct 24, 2014 1:16 pm
Forum: General
Topic: Shaping of EoIP bridge with non-IP traffic
Replies: 3
Views: 1961

Shaping of EoIP bridge with non-IP traffic

Hi All, I'm looking for a way to shape an (EoIP + Ethernet interface) bridge with non-IP traffic, however I can't find a solution: 1) "/interface ethernet [N] set bandwidth" allows for only a very narrow selection of pre-defined speeds. 2) If I create a "/queue simple" rule for d...
by hzdrus
Wed Aug 20, 2014 7:30 pm
Forum: General
Topic: VPLS performance is lower than EoIP
Replies: 10
Views: 6184

Re: VPLS performance is lower than EoIP

Testing again on RB1100AHx2 under most optimal configuration has shown that the performance isn't worse than EoIP, we were able to get about 100 mbps with 64-byte packets.

So it seems that the issue affects CCR only.
by hzdrus
Mon Aug 11, 2014 5:26 pm
Forum: General
Topic: VPLS performance is lower than EoIP
Replies: 10
Views: 6184

Re: VPLS performance is lower than EoIP

The config I gave was for CCR1016. If you do mean that CCR1016 has shared ports, do you have a pointer to docs which state so? The datasheet I have says "Ports directly connected to CPU".
by hzdrus
Mon Aug 11, 2014 12:13 pm
Forum: General
Topic: VPLS performance is lower than EoIP
Replies: 10
Views: 6184

Re: VPLS performance is lower than EoIP

Test setup was simple, we have two RFC2544 testers (Digital Lightwave), one is generating traffic, another one is looping it back ("smart loopback" mode). Tester A <--> Mikrotik A <--> Mikrotik B <--> Tester B Standard RFC2544 test with 64-byte packets. Our partners are requiring us to pro...
by hzdrus
Fri Aug 08, 2014 7:31 pm
Forum: General
Topic: VPLS performance is lower than EoIP
Replies: 10
Views: 6184

VPLS performance is lower than EoIP

To our surprise RFC2544 tests have revealed that VPLS performs worse than EoIP, both on CCR and RB1100AHx2. EoIP with 64 byte packets gives 300 mbps on two directly connected CCRs without packet loss, while VPLS gives only 150 mbps. Is it expected and why? VPLS config is basic: /interface bridge add...
by hzdrus
Fri Aug 08, 2014 1:40 pm
Forum: General
Topic: Feature requests
Replies: 1739
Views: 624665

Re: Feature requests

We find inability to trigger commands/scripts based on events to be very limiting, especially in MPLS VPN deployment. The following is necessary: 1) Ability to specify inside RADIUS reply which commands/scripts to execute (e.g. similar to Cisco-AVPair) 2) Logging target to send every new log line to...
by hzdrus
Tue Aug 05, 2014 11:33 am
Forum: General
Topic: Feature request: Scripting language improvement
Replies: 18
Views: 6412

Re: Feature request: Scripting language improvement

We also find inability to trigger commands/scripts based on events to be very limiting, especially in MPLS VPN deployment. The following is necessary: 1) Ability to specify commands/scripts to execute inside RADIUS reply 2) Mechanism tro trigger a script for every new log line (so there is no need t...
by hzdrus
Thu Feb 06, 2014 10:18 am
Forum: General
Topic: Feature request: limiting of LAN ports bandwidth
Replies: 2
Views: 1673

Re: Feature request: limiting of LAN ports bandwidth

Yes, of course. Plain /queue simple doesn't work on bridged (not routed) traffic.

Unfortunately "bandwidth" property of LAN interfaces allow only a very limited set of pre-defined limits.
by hzdrus
Thu Feb 06, 2014 2:08 am
Forum: General
Topic: Feature request: limiting of LAN ports bandwidth
Replies: 2
Views: 1673

Feature request: limiting of LAN ports bandwidth

We use EoIP for various circuits. The problem is that it seems that there is no way to apply a simple rate limit on a bridged LAN port. As a workaround, we have to use bridge use-ip-firewall + mangle + queue approach, which drops RB1100AHx2 performance by 50%: from 60 mbps @ 64-byte packets, to only...
by hzdrus
Fri Mar 08, 2013 1:20 am
Forum: General
Topic: EoIP slow high latency
Replies: 14
Views: 10578

Re: EoIP slow high latency

Did you check what is the CPU load? EoIP is very CPU hungry.
by hzdrus
Thu Mar 07, 2013 6:30 pm
Forum: General
Topic: gratuitous ARP reply protection (against ARP poisoning)
Replies: 2
Views: 4001

Re: gratuitous ARP reply protection (against ARP poisoning)

Bumping up.

Ability to filter/ignore gratuitous ARP would significantly increase protection against man-in-the-middle attacks on Mikrotik routers.
by hzdrus
Sat Feb 02, 2013 4:38 pm
Forum: General
Topic: gratuitous ARP reply protection (against ARP poisoning)
Replies: 2
Views: 4001

gratuitous ARP reply protection (against ARP poisoning)

Hi, Is there any way to configure RouterOS to discard gratuitous ARP replies it receives? It accepts gratuitous ARP reply packets by default. I only found a way to match these packets on bridge interfaces, but in my case RB1100AHx2 act as routers on physical Ethernet ports (without bridge) and I wan...
by hzdrus
Mon Jul 30, 2012 1:34 pm
Forum: RouterBOARD hardware
Topic: SFP module
Replies: 101
Views: 75155

Re: SFP module

Did anybody manage to make 2011LS with any 100mbps-only SFPs ? We tried several and didn't succeed.
by hzdrus
Wed May 16, 2012 12:32 pm
Forum: General
Topic: IGMP Snooping
Replies: 134
Views: 81600

IGMP Snooping

Are there any plans to add IGMP Snooping support to bridging, via OpenVPN in particular? IGMP Snooping is supported by Linux kernels since 2.6.34, is there a reason to keep it disabled?

Absence of IGMP Snooping breaks numerous scenarios where Mikrotik is used as a CPE or tunnel concentrator.
by hzdrus
Tue May 15, 2012 9:52 am
Forum: RouterBOARD hardware
Topic: SFP module
Replies: 101
Views: 75155

Re: SFP module

Are 100 mbps SFP modules compatible with RB2011LS-IN? This is really important for us and would allow to purchase RB2011LS in quantity (we use 100baseBX connections). RB2011LS supports any 1.25G SFP transceivers that is within the SFF Committee specifications for SFP Transceivers. We have not teste...
by hzdrus
Mon May 14, 2012 4:01 pm
Forum: RouterBOARD hardware
Topic: SFP module
Replies: 101
Views: 75155

Re: SFP module

Are 100 mbps SFP modules compatible with RB2011LS-IN? This is really important for us and would allow to purchase RB2011LS in quantity (we use 100baseBX connections).