No, it does not - https://help.mikrotik.com/docs/spaces/R ... leProblems

(List of supported devices now seen at https://help.mikrotik.com/docs/spaces/R ... leProblems )

I'm seeing similar. I think the problem is that MT BFD is sending packets from a physical interface IPv6 address and not the configured local IPv6 address for the BGP peer, even though BFD figures this out just fine for IPv4 multi-hop peers. Try doing a packet sniff with IPv6 Address set to one of y...

It might be worth considering a more differentiated approach. New device mode defaults could be applied only to devices known to have been part of these DDoS botnets. This likely concerns devices that are already accessible, such as those located in data centers. Devices in the field need to have a...

Presumably this is part of what is driving the ideological position of device-mode: https://blog.ovhcloud.com/the-rise-of-packet-rate-attacks-when-core-routers-turn-evil/ But this has to surely be caused by traffic generator, not btest/speedtest functionality itself, correct? Given the distribution ...

Btest-Server being off by default (service, on port2000) is good practice, and long overdue Pretty sure the BTest Server isn't enabled by default in the stock mikrotik configuration. I don't know that it ever has been? Traffic-Generator, in the other hand, is a RAW packet synthesizer it will spew w...

Also, if the btest function can be used to just packet random IPs (why else would it need restricting?) instead of just talking to btest servers, maybe /that/ is actually what needs fixing?

(NB: Quotes below are paraphrasing, not literal quotes, obviously) Sorry, but people upgrading on a unit with a factory version <7.17 (or whatever build this feature eventually ships in) need to /at least/ have an opt-out from mandatory device-mode (I would sooner device-mode was opt-in for these de...

Yeah, having tried to raise this in a ticket just now, they're not going to fix this bug because they consider that this behaviour, and their incorrect interpretation of the word "originate", is by design . I suggested that if this was really intended behaviour that they should update thei...

I tried to pass this simple script to change the default admin password user/set admin password=SuperDuperPass and got the error "not enough permissions (9)". I can't find any information on how to overcome this error or get permissions for this "provisioning" scenario. Did you ...

Bump. It would be good to have this on all interface types for example where you might have capped a service interface using a queue.

??? How not distributing 127.0.0.1 address is "stripping functionality"? It does not even make sense to distribute 127.0.0.1, it is called "localhost" for a reason. as others have said, if the changelog entry really means "we won't redistribute 127.0.0.1 as a connected rout...

*) route - do not redistribute loopback address as connected route; Good lord, why? Why would you do this? You introduce loopbacks just long enough ago that a bunch of people will have started using them, the vast majority of them will have been configured to be redistributed, and now... they're no ...

For my part I have 4x48P units at a customer site that have not exhibited this problem that we know which have been up well over 1y at this point, but also 3 of the 4 are really sparsely populated, so if there was a block of 8 stopped ports on a switch it is not impossible it is simply a block of 8 ...

I still haven't got around to this, but it's on the cards again. Before I resign myself to just using l2tpns on linux... Terry: Are you still using Mikrotik for this (have any of your bugs been squashed yet?) or have you moved elsewhere too? Are you doing any of this authenticated and accounted agai...

(If you end up using iBGP, then it's the MED you'll want to change to influence the traffic in a BGP route selection tie like your network would have)


Sent from my iPhone using Tapatalk - now Free

You're going to need to do something like change the weight on the announcement from whichever router presently is VRRP master to attract the traffic (or make the VRRP slave withdraw it's announcement), if you need traffic to flow in both directions across the same firewall. I should imagine this is...

Sorry, when I said reconfigure the vswitch - I did mean the port group. Shorthand thinking became shorthand writing - we don't use VMWare without port groups (does anyone?)


Sent from my iPhone using Tapatalk - now Free

Pretty sure VMWare by default won't let guests transmit traffic for unknown (eg: not assigned by VMWare) MACs. You'll need to change the port security options on your dvswitch.


Sent from my iPhone using Tapatalk - now Free

I remain astonished that Mikrotik are *still* pumping out more and more hardware revisions instead of making the kit they have work properly, but I guess otherwise they would have hardware guys sat around with nothing to do. The SFP+ unit would definitely be interesting and disruptive.. if you could...

I think perhaps I've been spending too long around switch vendors who count the packet on the way in and on the way out as part of the system total PPS.

rmichael , macgaiver is right: 24mil 64byte pps = =24mil*8*(64+ 14 (Ethernet header) + 4 (Ethernet trailer))/1000/1000 = 15,744Gbps this is full speed full duplex - the limit is the port speed basically. Eh? 16Gbps (or ~24mpps) throughput is only full bidirectional throughput for 8 ports (1gbps tra...

I suppose it's fortunate that because I started from a more complex environment to begin with - dual stack full table access routing - that I uncovered the flaws before we got too involved with MT. If I had spent time getting a certification, and had a pile of their kit, I would definitely be in the...

OSPFv3 just doesn't work, BGP has stale routes... They've been too busy devoting all their time to building the CCR which is great and all, but the adage "learn to walk before you try to run" springs to mind. It makes absolutely no difference to me how many packets I can push over a device...

When I've raised this with MT support they've just said that it'll be fixed in a 'future version' 'maybe in october' or similar. Not exactly the kind of response you'd hope for with a showstopper bug like this.

Terry: This is something I'm considering doing. Would you mind sharing your config?

I only have a single area in the test setup - 0.

Pretty dire, but you get what you pay for I guess. I just wish they wouldn't advertise features that simply don't work - even when just setting up peering between two routerboards.

OOI, did you get anywhere with this? I've been trying to get them to fix ospfv3 for months (will not reliably maintain adjacency) and so far it's just not been a priority for them at all :/