Community discussions

MikroTik App

Search found 1431 matches

by IPANetEngineer
Fri Jul 30, 2021 4:52 pm
Forum: General
Topic: CCR1036 Bonding Shuts Down
Replies: 4
Views: 216

Re: CCR1036 Bonding Shuts Down

I would try moving the active/backup bonds to 802.3ad and see if you still have issues
by IPANetEngineer
Fri Jul 30, 2021 3:53 pm
Forum: Forwarding Protocols
Topic: LDP session error (KeepAlive expired)
Replies: 3
Views: 249

Re: LDP session error (KeepAlive expired)

I would agree....you need to be running the same long term version of RouterOS on each router and restest.
by IPANetEngineer
Thu Jul 29, 2021 3:58 pm
Forum: RouterOS v7 BETA
Topic: v7 launch date
Replies: 124
Views: 13852

Re: v7 launch date

Red are administrators (e.g. @normis), green are moderators. I might be wrong, but I think @nz_monkey is not MT staffer.

No @nz_monkey is not part of MT staff.
by IPANetEngineer
Wed Jul 21, 2021 6:13 pm
Forum: RouterBOARD hardware
Topic: MikroTik RB5009UG+S+IN
Replies: 107
Views: 9646

Re: MikroTik RB5009UG+S+IN

I'm super excited to see more of the Marvell family of chips.

This could be a great tower or last mile router for a compact enclosure or to build HA in a small footprint. I'm very excited about this one. :)
by IPANetEngineer
Sat Jul 17, 2021 6:29 am
Forum: General
Topic: Ethernet Flow Control
Replies: 1
Views: 356

Re: Ethernet Flow Control

There is no good reason to use flow control in 2021. It's an old protocol - leave it off.

Shaping traffic with queues is the best way to handle traffic congestion so that flow control is never needed.
by IPANetEngineer
Sat Jul 17, 2021 5:08 am
Forum: Forwarding Protocols
Topic: OSPF drop problem in PTP
Replies: 2
Views: 389

Re: OSPF drop problem in PTP

A few questions

1. What version of RouterOS are you using?
2. What is the configuration on each router? (/export compact hide-sensitive)
3. What kind of radios are you using for the PTP link?
4. What are the statistics on the interface counters for the PTP RF link?
by IPANetEngineer
Fri Jul 16, 2021 2:47 pm
Forum: Forwarding Protocols
Topic: best way to bridge 2 CCR2004 together?
Replies: 3
Views: 363

Re: best way to bridge 2 CCR2004 together?

The CCR2004 is probably not the right choice for this - it's a router and still has some stability/performance issues.

What are you trying to connect in a redundant way. Servers, Storage, ISP Customers?
by IPANetEngineer
Fri Jul 16, 2021 2:07 pm
Forum: RouterOS v7 BETA
Topic: v7 launch date
Replies: 124
Views: 13852

Re: v7 launch date

Sorry for my ignorance, but why does anybody need route filters? Routing filters are needed when running dynamic routing protocols to ensure that subnets that shouldn't be advertised aren't leaked inadvertently. An example: Two organizations are merging that have separate networks. The networks wil...
by IPANetEngineer
Thu Jul 15, 2021 10:23 pm
Forum: Forwarding Protocols
Topic: Help - MPLS/VPLS flapping
Replies: 4
Views: 576

Re: Help - MPLS/VPLS flapping

The latest long term version (6.47.10) is stable and contains a number of OSPF and MPLS bug fixes since the 6.44 series.

That's what we typically put on client networks.
by IPANetEngineer
Thu Jul 15, 2021 3:59 pm
Forum: RouterOS v7 BETA
Topic: v7 launch date
Replies: 124
Views: 13852

Re: v7 launch date

I wrote a post recently on v7 timeline and current status:

https://stubarea51.net/2021/07/09/mikro ... l-release/
by IPANetEngineer
Tue Jul 13, 2021 5:42 pm
Forum: General
Topic: Firmware mirror and automatic updates
Replies: 23
Views: 1365

Re: Firmware mirror and automatic updates

We typically use Unimus for this as it works well at large scale. You can schedule the upgrade so that it's automated on whatever code lifecycle makes sense for the organization. https://unimus.net/blog/network-wide-mikrotik-routeros-upgrade.html We can typically upgrade several thousand MikroTik ro...
by IPANetEngineer
Tue Jul 13, 2021 4:46 pm
Forum: Forwarding Protocols
Topic: ospf nbma
Replies: 6
Views: 533

Re: ospf nbma

NBMA on a WISP PTP link only masks an underlying problem with either: 1. The backhaul itself dropping traffic or a misconfiguration or issue with OSPF multicast streams 2. Traffic congestion tearing down OSPF neighbor adjacencies without QoS for the control plane 3. Misconfiguration of OSPF like a d...
by IPANetEngineer
Tue Jul 13, 2021 4:38 pm
Forum: Forwarding Protocols
Topic: Help - MPLS/VPLS flapping
Replies: 4
Views: 576

Re: Help - MPLS/VPLS flapping

Three things to check for flapping VPLS

1. Duplication of MAC addresses on VPLS interfaces from copy/paste
2. Loop Detect is set on some or all routers - disable it
3. Bridging loop in one or more VPLS instances
by IPANetEngineer
Tue Jul 13, 2021 4:36 pm
Forum: Forwarding Protocols
Topic: BGP ECMP (multipathing)
Replies: 53
Views: 20338

Re: BGP ECMP (multipathing)

It's on the roadmap for protocol support in the v7 status page

https://help.mikrotik.com/docs/display/ ... col+Status

Image
by IPANetEngineer
Sat Jul 10, 2021 9:01 pm
Forum: RouterOS v7 BETA
Topic: L3HW User Manual Updated
Replies: 16
Views: 2005

Re: L3HW User Manual Updated

Oops, we accidentally posted implemented but yet unreleased features. Well, I guess that now you have an official sneak peek of the upcoming changes. Not complaining :P What range of values will be possible for MTU on the CRS3xx series? RouterOS v7.1beta7: variable MTU / Jumbo frame support.
by IPANetEngineer
Thu Jul 08, 2021 3:26 pm
Forum: RouterOS v7 BETA
Topic: Layer-3 MPLS VPN
Replies: 4
Views: 800

Re: Layer-3 MPLS VPN

How many routers are you testing with? Is LDP running between routers for label exchange?
by IPANetEngineer
Thu Jul 08, 2021 3:22 pm
Forum: Wireless Networking
Topic: Rstp and netwatch with dual links - help
Replies: 2
Views: 579

Re: Rstp and netwatch with dual links - help

Trying to handle failover at Layer 2 is the wrong way to design redundant PTP RF between routers. Migrate to routed and use OSPF for failover. https://stubarea51.net/2019/09/15/wisp-design-migrating-from-bridged-to-routed/ If you still need VLANs, you can use MPLS/VPLS https://stubarea51.net/2020/03...
by IPANetEngineer
Wed Jul 07, 2021 4:03 pm
Forum: Beginner Basics
Topic: QOS - Queue Tree (prioritization)
Replies: 2
Views: 399

Re: QOS - Queue Tree (prioritization)

Start here :)

Most likely the example config you're looking for and answer is in this thread:

viewtopic.php?f=23&t=73214
by IPANetEngineer
Wed Jul 07, 2021 4:01 pm
Forum: General
Topic: Public IP Block over SSTP
Replies: 7
Views: 485

Re: Public IP Block over SSTP

Since you are using a subnet inside of a larger subnet that already has an IP inside the /27, you'll probably need to enable Proxy ARP on the interface that 1x.168.109.25/27 is configured on - this can sometimes cause a brief loss of reachability, so be sure that you have OOB access to the CHR. Esse...
by IPANetEngineer
Wed Jul 07, 2021 3:55 pm
Forum: General
Topic: CCR2004-1G-12S+2XS SFP+ Upload issues
Replies: 15
Views: 1030

Re: CCR2004-1G-12S+2XS SFP+ Upload issues

Have you tried setting the queue type to mq-pfifo on the CCR2004?

What version of ROS are you using?
by IPANetEngineer
Wed Jul 07, 2021 3:53 pm
Forum: RouterOS v7 BETA
Topic: MT Router as Wireguard Client & Benchmarks
Replies: 10
Views: 4086

Re: MT Router as Wireguard Client & Benchmarks

Thanks for the info on MTU!

I'm curious now to see if I can get it to 1Gbps reliably over wireguard. May have to do some tests into our DC with CCRs
by IPANetEngineer
Tue Jul 06, 2021 3:15 pm
Forum: RouterBOARD hardware
Topic: CCR2004 all port flap
Replies: 4
Views: 819

Re: CCR2004 all port flap

A similar thread from a few days ago:

viewtopic.php?f=3&t=176497
by IPANetEngineer
Fri Jul 02, 2021 4:53 pm
Forum: General
Topic: SSTP vs PPTP poor RDP responsiveness
Replies: 7
Views: 547

Re: SSTP vs PPTP poor RDP responsiveness

And that's definitely the tradeoff. SSTP is way cleaner for NAT traversal and is hard to block since it's TCP/443. We designed and built an SSTP HA VPN headend using CHRs for several thousand endpoints. It would then dynamically built BGP peerings using scripts to advertise the subnets at the remote...
by IPANetEngineer
Fri Jul 02, 2021 4:01 pm
Forum: General
Topic: SSTP vs PPTP poor RDP responsiveness
Replies: 7
Views: 547

Re: SSTP vs PPTP poor RDP responsiveness

SSTP is TCP over TCP so you're not going to see the same level of throughput and responsiveness as a VPN protocol that's based on UDP, GRE, etc

We've found L2TP with ipsec to be one of the better performing VPN protocols if you want a similar design to an SSTP server.
by IPANetEngineer
Thu Jul 01, 2021 5:51 pm
Forum: General
Topic: Syslog to log NAT/CGN-Nat translations
Replies: 12
Views: 847

Re: Syslog to log NAT/CGN-Nat translations

If an ISP has the money to get Public IPv4 at auction then sure I'd rather use that over NAT but that's not always the case or it's not practical to sit on the RIR waiting list. The better answer is to use IPv6 in dual stack with public IPv4 if possible and CGNAT if not. This reduces the logging loa...
by IPANetEngineer
Thu Jul 01, 2021 5:35 pm
Forum: General
Topic: Syslog to log NAT/CGN-Nat translations
Replies: 12
Views: 847

Re: Syslog to log NAT/CGN-Nat translations

Do not do that, do not have any legal value p2p@paramount.copyright-notice.com or others.... Do not cooperate with echelon. They just try to intimidate, if they REALLY make a lawsuit for each case, it would take thousand of years to do them all, on all cuntry... then they try to intimidate the ISPs...
by IPANetEngineer
Wed Jun 30, 2021 3:45 pm
Forum: Forwarding Protocols
Topic: BGP subnetwork [SOLVED]
Replies: 2
Views: 963

Re: BGP subnetwork [SOLVED]

It sounds like you just need a transport segment for servers/VMs to connect to the router so they can peer. Build a VLAN and a /24 (or larger if needed) and use that for peering between the servers and the CCR2004.

Then the servers can advertise /32s with the /24 providing the next hop.
by IPANetEngineer
Sun Jun 27, 2021 6:15 pm
Forum: RouterOS v7 BETA
Topic: L3 for crs customer test results
Replies: 2
Views: 641

Re: L3 for crs customer test results

FWIW, I need to retest with some better servers. I think the small packet sizes were more of a limitation of the servers I was using than the CRS.

Overall L3 HW offload works!

https://stubarea51.net/2020/10/12/mikro ... e-testing/
by IPANetEngineer
Wed Jun 23, 2021 2:31 am
Forum: Beginner Basics
Topic: Network Diagram [SOLVED]
Replies: 5
Views: 1855

Re: Network Diagram [SOLVED]

We use https://lucidchart.com for our network engineering team which has a free version. Here are some examples of drawings i've done with LucidChart: https://stubarea51.net/wp-content/uploads/2021/06/MIkroTik-MLAG-blog.png https://stubarea51.net/wp-content/uploads/2020/03/routing-design-iBGPOSPF-an...
by IPANetEngineer
Tue Jun 22, 2021 4:43 pm
Forum: Wireless Networking
Topic: Mikrotik failover bonding for LHG60 Link
Replies: 2
Views: 718

Re: Mikrotik failover bonding for LHG60 Link

Consider using an OSPF transit fabric instead of bonding so that you can use all the bandwidth when the speeds aren't equal. You can use it with just OSPF or pair it with eBGP for large scale I presented at the US MUM in 2017 on this design and we've had a number of WISP clients that have successful...
by IPANetEngineer
Tue Jun 22, 2021 3:58 pm
Forum: Beginner Basics
Topic: Miktotik begginer
Replies: 3
Views: 589

Re: Miktotik begginer

My blog at

https://stubarea51.net

has a ton of MikroTik articles.
by IPANetEngineer
Sun Jun 20, 2021 4:29 am
Forum: RouterOS v7 BETA
Topic: OSPF distribute-default option is missing [SOLVED]
Replies: 8
Views: 1381

Re: OSPF distribute-default option is missing [SOLVED]

They did away with the default route as part of the instance configuration. From the help docs: All route distribution control is now done purely with routing filter select, no more redistribution knobs in the instance. This gives greater flexibility on what routes from which protocols you want to r...
by IPANetEngineer
Sun Jun 20, 2021 4:18 am
Forum: General
Topic: /31 addresses
Replies: 1
Views: 312

Re: /31 addresses

Short answer - ROSv6 and v7 don't support /31 but there is a workaround with /32s (which I don't recommend due to OSPF issues)

Long answer:

viewtopic.php?p=163163
by IPANetEngineer
Sat Jun 19, 2021 6:15 pm
Forum: Forwarding Protocols
Topic: OSPF how handle parallel links
Replies: 1
Views: 674

Re: OSPF how handle parallel links

OSPF ECMP will be used if the cost is equal to reach a destination prefix over multiple paths. ECMP is a session based load balancing algorithm - not per packet From the Tik wiki: Because results of the forwarding decision are cached, packets with the same source address, destination address, source...
by IPANetEngineer
Sat Jun 19, 2021 4:20 pm
Forum: Forwarding Protocols
Topic: Networking Education
Replies: 13
Views: 4213

Re: Networking Education

If you want to dive into the "why" and "how" of networking, Cisco has a great training program that will go deep into the protocols. I am a current CCNA and CCNP and both have helped me immensely in my career - and surprisingly with MikroTik. Understanding how networking works ma...
by IPANetEngineer
Fri Jun 18, 2021 5:12 pm
Forum: General
Topic: From Mikrotik to Ubiquiti UniFi and back to Mikrotik
Replies: 46
Views: 4058

Re: From Mikrotik to Ubiquiti UniFi and back to Mikrotik

Consider using the Audience. MikroTik audience is fantastic for home WiFi....I have three of them as APs/MPLS routers and use a CRS328 for switching with a CCR1009 to connect to symmetric 1G fiber. Then I use OSPF/MPLS to build VPLS for the main and IoT SSIDs. I hope we'll see MikroTik continue to a...
by IPANetEngineer
Fri Jun 18, 2021 3:54 pm
Forum: General
Topic: Wireless backbone stability
Replies: 14
Views: 994

Re: Wireless backbone stability

If the devices are all L2 and the problem increases as the network gets bigger, one of the problems you could be facing is spanning tree diameter with 70 devices out there. Generally, once you exceed 7 switch hops, the STP/RSTP timers need to be modified or the send/receive of BPDUs to calculate a l...
by IPANetEngineer
Thu Jun 17, 2021 2:54 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta6 [development] is released!
Replies: 341
Views: 47622

Re: v7.1beta6 [development] is released!

Is this issue solved in v6 yet? It seems to me the overall IPv6 support in current v7.1beta is still unstable, even for switching. Actually I have moved my main router from Mikrotik to Ubiquiti Edgerouter for IPv6 :( I would def love to see IPv6 stabilize in ROSv7 but I've had even more issues with...
by IPANetEngineer
Thu Jun 17, 2021 1:47 pm
Forum: General
Topic: Hardware recommendation for routing up to 2Gb/s
Replies: 6
Views: 576

Re: Hardware recommendation for routing up to 2Gb/s

The CCR1036 is going to be the most stable option. As much as I love the idea of the CCR2004, it's still going through some growing pains.
by IPANetEngineer
Thu Jun 17, 2021 1:30 pm
Forum: Announcements
Topic: Newsletter June 2021 (#100)
Replies: 54
Views: 15670

Re: Newsletter June 2021 (#100)

Thanks for the shout out to my blog in the Newsletter MikroTik :)


Image
by IPANetEngineer
Wed Jun 16, 2021 4:40 pm
Forum: RouterOS v7 BETA
Topic: MLAG and L3 HW Offload - Eventually In SwOS?
Replies: 5
Views: 892

Re: MLAG and L3 HW Offload - Eventually In SwOS?

SwOS is designed for very basic switching use cases - i'd be very surprised if MLAG and L3 made it in there. It might not be the best use of development resources considering it's going to take a lot of work to get those features tested and stable in RouterOS.
by IPANetEngineer
Tue Jun 15, 2021 11:58 pm
Forum: Forwarding Protocols
Topic: BGP Advertisement interval setting?
Replies: 3
Views: 1040

Re: BGP Advertisement interval setting?

One of our engineers did something similar.....you could try this # PEER NAME :local peer "HE" # PREFIXES - SET A COMMENT TO KNOW WHICH ONES SHOULD BE ENABLE :local peerOutFilterIdentifier "HE-OUT-PREFIXES" # UPTIME IN MKT FORMAT :local enoughUptime 10m # GET CURRENT UPTIME :loca...
by IPANetEngineer
Sat Jun 12, 2021 3:57 pm
Forum: General
Topic: Suggestion: Be Able to Use a MikroTik device as the Netinstall Server
Replies: 7
Views: 747

Re: Suggestion: Be Able to Use a MikroTik device as the Netinstall Server

I agree, this is a really good idea - not sure if MikroTik can make it work on every model but this would be an incredibly helpful feature to have.
by IPANetEngineer
Sat Jun 12, 2021 3:55 pm
Forum: Forwarding Protocols
Topic: Manually set BGP distance
Replies: 3
Views: 975

Re: Manually set BGP distance

Just curious - why not change weight or localpref to accomplish this?
by IPANetEngineer
Fri Jun 11, 2021 9:10 am
Forum: SwOS
Topic: Mikrotik CRS317-1G-16S+RM to cisco 2960
Replies: 3
Views: 1156

Re: Mikrotik CRS317-1G-16S+RM to cisco 2960

A 1G SFP between the two switches works with no problem. Be sure to set the speed on both sides.

You may find this helpful for configuration:

https://stubarea51.net/2019/02/06/cisco ... and-vlans/
by IPANetEngineer
Thu Jun 10, 2021 9:47 pm
Forum: RouterBOARD hardware
Topic: CRS317 or CCR2004 as a SAN switch iscsi Netapp or Dell
Replies: 2
Views: 1095

Re: CRS317 or CCR2004 as a SAN switch iscsi Netapp or Dell

The CCR2004 is a router and not a switch so that wouldn't be the ideal choice.

The CRS317 has been used as a SAN switch successfully for IP based storage protocols like iSCSI, NFS, Ceph, etc
by IPANetEngineer
Thu Jun 10, 2021 4:02 pm
Forum: Forwarding Protocols
Topic: Internet FullView and BGP VPNv4
Replies: 4
Views: 784

Re: Internet FullView and BGP VPNv4

Hi.
The RouterOS v6 routing implementation is not suitable for this type of deployment

Agree with nz_monkey 100% on this.

If you're trying to bring routes from an IX across an MPLS network, maybe consider VPLS between PEs - from the IX port to the peering router.
by IPANetEngineer
Wed Jun 09, 2021 3:55 pm
Forum: RouterOS v7 BETA
Topic: OSPF routing syntax
Replies: 10
Views: 1352

Re: OSPF routing syntax

Worth of mention that we have received user complaints that the new filtering rule format looks terrible. We have agreed that rule definitions are over-complicated, so the developers are working on (yet another) new syntax, which is supposed to be much simpler. I would definitely agree. It's very h...
by IPANetEngineer
Tue Jun 08, 2021 7:07 am
Forum: General
Topic: VLAN1 is not working with Cisco Switch
Replies: 10
Views: 700

Re: VLAN1 is not working with Cisco Switch

What is the configuration for each device - MikroTik and Cisco?
by IPANetEngineer
Tue Jun 08, 2021 5:02 am
Forum: General
Topic: VLAN1 is not working with Cisco Switch
Replies: 10
Views: 700

Re: VLAN1 is not working with Cisco Switch

Check to see if VLAN 1 is the native (untagged) VLAN on the Cisco switch. It's possible that the Cisco side is untagged for VLAN1 and the MikroTik side is tagged. In that case you can set the native VLAN on that port in the Cisco switch to a placeholder VLAN like 777. That will force VLAN 1 to be ta...
by IPANetEngineer
Tue Jun 08, 2021 3:12 am
Forum: RouterOS v7 BETA
Topic: RouterOSv7 first look – MLAG on CRS 3xx switches
Replies: 9
Views: 1664

Re: RouterOSv7 first look – MLAG on CRS 3xx switches

One thing I noticed is that the documentation says "The MLAG requires enabled STP or RSTP protocol" - does MLAG not work with MSTP? I just tried using MSTP on the Bridge the MLAG ports are on, it definitely does not support that version of STP. https://stubarea51.net/wp-content/uploads/20...
by IPANetEngineer
Mon Jun 07, 2021 1:23 am
Forum: RouterOS v7 BETA
Topic: RouterOSv7 first look – MLAG on CRS 3xx switches
Replies: 9
Views: 1664

Re: RouterOSv7 first look – MLAG on CRS 3xx switches

Have you considered e.g. using a GRE tunnel interface as the peer-port to be able to ensure IP multi-path redundancy in your test topology? Thereby avoiding relying on the physical peer interface not being interrupted during normal operations. (e.g. cable unplugged by accident, optic/port hw failur...
by IPANetEngineer
Mon Jun 07, 2021 12:53 am
Forum: RouterBOARD hardware
Topic: CCR1036 Hard Upgrade
Replies: 13
Views: 1630

Re: CCR1036 Hard Upgrade

The short answer is yes, you can use the same config on a CCR2004 but there are a few caveats 1) The CCR2004 just had several bugs patched for performance issues and random reboots - while these issues seem to be vastly improved, I would be careful about putting it in prod in your network without te...
by IPANetEngineer
Sun Jun 06, 2021 7:38 pm
Forum: Forwarding Protocols
Topic: A weird routing problem
Replies: 4
Views: 980

Re: A weird routing problem

Traffic engineering in OSPF is a losing battle. You can either use MPLE TE as previously stated or consider an eBGP design which gives you hop-by-hop control over routes and path selection. Here is a MUM presentation I gave on that design: https://mum.mikrotik.com/presentations/US17/presentation_451...
by IPANetEngineer
Sun Jun 06, 2021 3:39 pm
Forum: General
Topic: someone hack my routrs - can someone help?
Replies: 15
Views: 1975

Re: someone hack my routrs - can someone help?

What version of RouterOS are you running? This sounds like the behavior from exploits that were patched a couple of years ago.

This MUM presentation has an extensive overview of the vulnerabilities and remediation

https://mum.mikrotik.com/presentations/ ... 679994.pdf
by IPANetEngineer
Sat Jun 05, 2021 4:43 pm
Forum: RouterOS v7 BETA
Topic: RouterOSv7 first look – MLAG on CRS 3xx switches
Replies: 9
Views: 1664

RouterOSv7 first look – MLAG on CRS 3xx switches

Did some testing with the new MLAG feature and wrote a blog post on it.

https://stubarea51.net/2021/06/04/mikro ... -switches/

Image
by IPANetEngineer
Tue Jun 01, 2021 5:59 pm
Forum: Forwarding Protocols
Topic: OSPF design
Replies: 2
Views: 764

Re: OSPF design

If you're going to redesign, it's better to use OSPF, MPLS and BGP together in a design like this: - Much better scale - Summarization without area constraints - Putting only ptp and loopbacks into OSPF improves convergence time sigificantly - MPLS can be used to aggregate PPPoE sessions to fewer lo...
by IPANetEngineer
Mon May 31, 2021 4:46 pm
Forum: Forwarding Protocols
Topic: BGP problem with best route
Replies: 7
Views: 1028

Re: BGP problem with best route

The very first step in the BGP best path algorithm before getting into attributes is checking next hop reachability....typically when weight and local pref are higher than another route but that route isn't selected, there is a problem with reachability of the next hop for that route.
by IPANetEngineer
Mon May 31, 2021 4:44 pm
Forum: Forwarding Protocols
Topic: Setting OSPF interface cost by speed
Replies: 2
Views: 944

Re: Setting OSPF interface cost by speed

I believe you are referring to the 'auto-cost reference-bandwidth' command in Cisco. There is no equivalent MikroTik command, so you'll need to implement costs to align with the current speeds in your network and give yourself some room to grow. if 10G is the fastest, consider using 10 or 100 for co...
by IPANetEngineer
Mon May 31, 2021 4:41 pm
Forum: Forwarding Protocols
Topic: BGP Multihoming 2 different Location
Replies: 1
Views: 713

Re: BGP Multihoming 2 different Location

If you want to minimize the traffic over the tunnel between the two peering points, you will need to work on reallocating the subnets so that a block is assigned to each location and preferred via that location - a less specific prefix advertisement or BGP community can be used to failover to the ot...
by IPANetEngineer
Thu May 27, 2021 4:52 pm
Forum: General
Topic: Looking for Mirotik consultant
Replies: 4
Views: 522

Re: Looking for Mirotik consultant

Dear user or company. I am looking for Mikrotik router expert to support our network. Interested parties please send email to me, gerald@igarment.net. Our company is located in Hong Kong, UTC time +8 hours. We run the largest MikroTik consulting firm in the world at IP ArchiTechs with engineers in ...
by IPANetEngineer
Thu May 27, 2021 3:58 pm
Forum: RouterOS v7 BETA
Topic: Feature Request : IPv6 Fasttrack
Replies: 19
Views: 2481

Re: Feature Request : IPv6 Fasttrack

The amount of IPv6 work we have done as MikroTik consultants in the last year has been staggering. We rarely build a new network without designing for IPv6.

This is a critical feature, please give it priority.
by IPANetEngineer
Thu May 27, 2021 3:51 pm
Forum: Forwarding Protocols
Topic: BGP unequal cost Link
Replies: 7
Views: 1101

Re: BGP unequal cost Link

There are two ways to help with inbound traffic when you only have a /24 1. Use BGP communities with your upstream providers if they support it to adjust the local pref of your prefix within the peer ASN 2. Deploy IPv6 - use communities and adjust prefix advertisements (once you have IPv6, large sec...
by IPANetEngineer
Thu May 27, 2021 3:45 pm
Forum: Forwarding Protocols
Topic: MPLS network not passing traffic
Replies: 3
Views: 920

Re: MPLS network not passing traffic

Thank you again very much!

You're welcome! MTU math takes a while to understand so don't feel bad :)

Don't forget to mark the solution as "solved"
by IPANetEngineer
Tue May 25, 2021 8:41 pm
Forum: RouterOS v7 BETA
Topic: IPv6 forwarding not working in 7.1beta6
Replies: 13
Views: 1833

Re: IPv6 forwarding not working in 7.1beta6

Strange, works fine for me.
What hw platform are you using or is it CHR?
by IPANetEngineer
Tue May 25, 2021 8:00 pm
Forum: Forwarding Protocols
Topic: MPLS network not passing traffic
Replies: 3
Views: 920

Re: MPLS network not passing traffic

This sounds like a classic MTU issue with MPLS transport. Your configs show MPLS MTU at 1530 which is the minimum for tagged VPLS but your VPLS MTUs for mtu and l2mtu as higher (1598 and 2028). You can't transport MTUs in VPLS higher than the underlying MPLS transport of 1530 or you need a higher MP...
by IPANetEngineer
Wed May 19, 2021 3:58 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta6 [development] is released!
Replies: 341
Views: 47622

Re: v7.1beta6 [development] is released!

Thanks for the new features like MLAG!

Were the issues with OSPFv3 checksum fixed?
by IPANetEngineer
Mon May 17, 2021 8:28 pm
Forum: Forwarding Protocols
Topic: Packet loss to loopback - OSPF / MPLS
Replies: 11
Views: 1689

Re: Packet loss to loopback - OSPF / MPLS

Glad you figured it out.

As a general rule, you don't want to use redistribute with OSPF except for actual external routes like Static, BGP, etc. It breaks the area boundaries and obscures the SPF topology info.
by IPANetEngineer
Thu May 06, 2021 6:32 pm
Forum: Virtualization
Topic: Maximizing Proxmox CHR performance
Replies: 6
Views: 1624

Re: Maximizing Proxmox CHR performance

Do you have Hyperthreading disabled?
by IPANetEngineer
Thu Apr 29, 2021 9:17 am
Forum: Forwarding Protocols
Topic: Packet loss to loopback - OSPF / MPLS
Replies: 11
Views: 1689

Re: Packet loss to loopback - OSPF / MPLS

You're likely hitting the limitation of running MPLS in a CHR that's not running on Hyper-V. Proxmox deals with MTU differently. https://mum.mikrotik.com/presentations/EU19/presentation_6291_1554448059.pdf There was supposedly a fix for this issue a few months back in ROS but I haven't tried it. Als...
by IPANetEngineer
Tue Apr 27, 2021 4:40 pm
Forum: Forwarding Protocols
Topic: MPLS/LDP still not stable
Replies: 6
Views: 1399

Re: MPLS/LDP still not stable

A few questions... What hardware and long term version? Are you running VPLS? Are your OSPF and LDP timers matched? CCR-1036-8G-2S+ 6.46.8 OSPF/LDP Timers default: OSPF: 5/1/10/40 LDP: 5/15 VPLS: yes (This is our reason to use MPLS). I have seen this kind of behaviour at differnet sites over the ye...
by IPANetEngineer
Tue Apr 27, 2021 4:00 pm
Forum: Forwarding Protocols
Topic: MPLS/LDP still not stable
Replies: 6
Views: 1399

Re: MPLS/LDP still not stable

A few questions...

What hardware and long term version?

Are you running VPLS?

Are your OSPF and LDP timers matched?
by IPANetEngineer
Tue Apr 27, 2021 2:04 pm
Forum: Forwarding Protocols
Topic: Packet loss to loopback - OSPF / MPLS
Replies: 11
Views: 1689

Re: Packet loss to loopback - OSPF / MPLS

Running on 6.48.1 on all. You need to be running at least 6.48.2 because it has specific fixes for packet loss and reboots for the 2004 series. Normally I run Long Term on everything, but for the 2004, it needs to be this specific version for now. What's new in 6.48.2 (2021-Apr-09 10:17): ###clippe...
by IPANetEngineer
Mon Apr 26, 2021 1:47 pm
Forum: Forwarding Protocols
Topic: IPSEC Tunnels + OSPF? Please Help + Recommendations
Replies: 2
Views: 844

Re: IPSEC Tunnels + OSPF? Please Help + Recommendations

If you want to use a routing protocol, you'll need an interface and using ipsec by itself won't give you that. There are several good options to consider which you can secure with ipsec 1. L2TP with IPSEC 2. GRE over ISEC 3. EoIP over IPSEC It really depends on the traffic between branch sites as to...
by IPANetEngineer
Mon Apr 26, 2021 9:23 am
Forum: Forwarding Protocols
Topic: Packet loss to loopback - OSPF / MPLS
Replies: 11
Views: 1689

Re: Packet loss to loopback - OSPF / MPLS

What type of hypervisor are you using for the CHR? There are some known issues with MPLS and the CHR.

The 2004 has certainly had some issues - what version of ROS are you running on it?
by IPANetEngineer
Fri Apr 23, 2021 3:53 pm
Forum: General
Topic: ccr 2004 reboots randomly
Replies: 8
Views: 923

Re: ccr 2004 reboots randomly

Well I knew this day will come. FW version 6.48.x seems to me that is having some kind of VPLS issue. So, we're stuck in older FW. I did the check even in emulated environment. But this is another fight that we delayed for too long right now because we focused in another ROS issue on PPPoE with hig...
by IPANetEngineer
Thu Apr 22, 2021 5:32 pm
Forum: General
Topic: ccr 2004 reboots randomly
Replies: 8
Views: 923

Re: ccr 2004 reboots randomly

6.48.2 has specific fixes for stability and packet loss issues with the CCR2004. I'd upgrade to that version and see if it resolves the problem. What's new in 6.48.2 (2021-Apr-09 10:17): ###clipped### *) switch - improved resource allocation on 98PX1012 switch chip for CCR2004-1G-12S+2XS device; *) ...
by IPANetEngineer
Sat Apr 17, 2021 3:43 pm
Forum: Forwarding Protocols
Topic: Mikrotik Add BGP network with ROUTE-MAP like cisco
Replies: 4
Views: 998

Re: Mikrotik Add BGP network with ROUTE-MAP like cisco

That can be done. Here is an example config

/routing bgp peer
add name=peer1 out-filter=bgp-out remote-address=203.0.113.2 ttl=default

/routing filter
add action=accept bgp-communities="" chain=bgp-out prefix=192.168.1.0/24 set-bgp-communities=12345:777
by IPANetEngineer
Fri Apr 16, 2021 5:35 pm
Forum: RouterBOARD hardware
Topic: The big CCR2004 reboot thread (was 2004 hardware issues?)
Replies: 194
Views: 25574

Re: The big CCR2004 reboot thread (was 2004 hardware issues?)

Hello, 3 CCR2004 Here, we are experiencing packet loss issues :

What speeds are going through it...what protocols are you running?
by IPANetEngineer
Fri Apr 16, 2021 2:49 pm
Forum: Forwarding Protocols
Topic: LDP VPLS against HPE Comware switch
Replies: 3
Views: 1093

Re: LDP VPLS against HPE Comware switch

Try unchecking the Cisco Style PW ID and use 1:1 for the PW ID on each side. https://wiki.mikrotik.com/wiki/Manual:Interface/VPLS vpls-id (AsNum | AsIp; Default: ) Unique number that identifies VPLS tunnel. Encoding is 2byte+4byte or 4byte+2byte number. Also be sure to specify the transport address ...
by IPANetEngineer
Mon Apr 12, 2021 4:47 pm
Forum: General
Topic: CORE Routers intermittently losing OSPF neighbours
Replies: 3
Views: 439

Re: CORE Routers intermittently losing OSPF neighbours

Cool...let us know how the testing goes with the new code! Our EU team has grown a lot since 2019 and we now have multiple engineers across western and eastern Europe that also help to cover time zones in Africa since they overlap a good bit. Just give us a shout if you need some help :) https://ipa...
by IPANetEngineer
Mon Apr 12, 2021 4:18 pm
Forum: Forwarding Protocols
Topic: BGP Load balance over two routers [SOLVED]
Replies: 6
Views: 1978

Re: BGP Load balance over two routers [SOLVED]

IPANetEngineer - we also realised we did not have "force self" for next hop on the edges so that might have confused the RRs. Also, we plan to enable "if-installed" instead of "always" for "default originate". That way if a peer goes down it will not keep the...
by IPANetEngineer
Mon Apr 12, 2021 2:10 pm
Forum: General
Topic: CORE Routers intermittently losing OSPF neighbours
Replies: 3
Views: 439

Re: CORE Routers intermittently losing OSPF neighbours

The very first thing I would do is get both CCRs upgraded to the same version using the long term version of RouterOS and see if the behavior continues. Using a different version of RouterOS on each OSPF neighbor will sometimes result in instability due to unintended interop issues between versions ...
by IPANetEngineer
Sun Apr 11, 2021 2:19 am
Forum: Forwarding Protocols
Topic: OSPF config to pair with OpenWRT
Replies: 1
Views: 1035

Re: OSPF config to pair with OpenWRT

Assuming the router id for the other side is 192.168.11.2 , this should be all you need to match that config.
/routing ospf instance
set [ find default=yes ] router-id=192.168.11.2 redistribute-connected=as-type-1
/routing ospf network
add area=backbone network=192.168.11.0/24
by IPANetEngineer
Fri Apr 09, 2021 8:04 pm
Forum: Forwarding Protocols
Topic: BGP Load balance over two routers [SOLVED]
Replies: 6
Views: 1978

Re: BGP Load balance over two routers [SOLVED]

It sounds like you need verify that your border routers are peered with each other and that both can route into the interior of the network. Here is a basic overview of a BGP border design that allows for load balancing over multiple peerings. https://stubarea51.net/wp-content/uploads/2020/10/eBGP-R...
by IPANetEngineer
Wed Apr 07, 2021 3:31 pm
Forum: Beginner Basics
Topic: New to MikroTIK
Replies: 8
Views: 1262

Re: New to MikroTIK

You might find some of these Juniper to MikroTik articles we did helpful for the routing portion. Since Ubiquiti routers use VyOS syntax and that's taken from Juniper, a lot of the commands are the same. OSPF https://stubarea51.net/2021/01/31/juniper-to-mikrotik-ospf-commands/ BGP https://stubarea51...
by IPANetEngineer
Sat Apr 03, 2021 4:25 pm
Forum: Forwarding Protocols
Topic: CHR MPLS on esxi
Replies: 7
Views: 1673

Re: CHR MPLS on esxi

Which hypervisor?

I'm not sure if it's been fixed, but MPLS was broken on ESXi and Proxmox and only worked on Hyper-V. I did a presentation on it back in 2019.

https://mum.mikrotik.com/presentations/ ... 448059.pdf
by IPANetEngineer
Thu Apr 01, 2021 4:10 pm
Forum: General
Topic: CRS404-96s-8q-rm data sheet
Replies: 2
Views: 474

Re: CRS404-96s-8q-rm data sheet

LOL - What RouterOS version does it run? 9.0beta0.1?
It's listed in the data sheet ;)
by IPANetEngineer
Thu Apr 01, 2021 3:54 pm
Forum: General
Topic: CRS404-96s-8q-rm data sheet
Replies: 2
Views: 474

CRS404-96s-8q-rm data sheet

The data sheet is seriously impressive

https://stubarea51.net/2021/04/01/mikro ... 96s-8q-rm/

Image
by IPANetEngineer
Sun Mar 28, 2021 7:56 pm
Forum: Wireless Networking
Topic: Indoor PTP links without line of sight
Replies: 11
Views: 1378

Re: Indoor PTP links without line of sight

It is a bit harsh to recommend MikroTik Audience to someone who comes here because of stability problems with other manufacturer's devices... I run 3 Audience units in my home with OSPF/BGP and MPLS/VPLS for SSIDs with IPv4/IPv6. I use the long term versions (currently on 6.47.9) and i've not had a...
by IPANetEngineer
Sun Mar 28, 2021 4:55 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta5 [development] is released!
Replies: 293
Views: 47505

Re: v7.1beta5 [development] is released!

@mrz Do you know if there is any work done or planned to be done to enable transfer of path quality parameters from e.g. a WiFi link into a routing protocol? (or even to develop a new routing protocol that is able to handle auto routing in a network consisting of a partial mesh of WiFi links which ...
by IPANetEngineer
Tue Mar 23, 2021 3:26 pm
Forum: RouterOS v7 BETA
Topic: IPv6 bgp network
Replies: 5
Views: 961

Re: IPv6 bgp network

From reading the v7 documentation, it seems like this will require a route to exist at the exact prefix length of the network you are trying to advertise.

Is it still possible to announce an aggregate?
by IPANetEngineer
Tue Mar 23, 2021 2:06 pm
Forum: RouterOS v7 BETA
Topic: IPv6 DHCPv6 server?
Replies: 19
Views: 2067

Re: IPv6 DHCPv6 server?

I think the reason we haven't seen the push for stateful DHCPv6 is because enterprises haven't adopted IPv6 in any kind of significant way. There are challenges with compliance standards like PCI, HIPAA, FIPS, etc in using SLAAC. Most security groups aren't equipped to manage a SLAAC environment. On...
by IPANetEngineer
Sun Mar 21, 2021 4:19 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta5 [development] is released!
Replies: 293
Views: 47505

Re: v7.1beta5 [development] is released!

[They have changed the syntax again. router-id for OSPF is now expecting the name of one of the ID's in /routing/id instead of an IP address. That might be your issue. I tried it using the /routing/id syntax and got the same result. Just to see if it was an issue specific to CHR on Qemu in EVE-NG, ...
by IPANetEngineer
Sat Mar 20, 2021 6:36 pm
Forum: General
Topic: BGP Update Question
Replies: 4
Views: 552

Re: BGP Update Question

There is definitely a quirk with routing filters - typically if you copy and edit an existing one instead of adding a new line and then drag it into the numerical order that you want, you don't have to shut the peering and can do a soft resend to the peer.
by IPANetEngineer
Sat Mar 20, 2021 6:30 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta5 [development] is released!
Replies: 293
Views: 47505

Re: v7.1beta5 [development] is released!

OSPFv3 is still broken in beta5 - getting "wrong checksum" from everything, same as in beta4. Is there any chance of getting RDNSS search list option added? https://tools.ietf.org/html/rfc8106#section-5.2 What configuration are you using for OSPFv3 ? Whenever I try to add the interface-te...
by IPANetEngineer
Sat Mar 20, 2021 5:11 pm
Forum: Forwarding Protocols
Topic: Selective routing with failover in MikroTik - How?
Replies: 8
Views: 2190

Re: Selective routing with failover in MikroTik - How?

We have solved similar challenges for client WISP networks using this design...

https://mum.mikrotik.com/presentations/ ... 062656.pdf

Image
by IPANetEngineer
Wed Mar 17, 2021 5:12 pm
Forum: RouterOS v7 BETA
Topic: OSPF redistribute and routing filters in v7
Replies: 9
Views: 1242

Re: OSPF redistribute and routing filters in v7

The syntax for routing filters has changed:

Details here:

viewtopic.php?f=1&t=173567#p848792

I'd expect something like:
/routing/filter/rule/add chain=ospf-redist rule={if [protocol connected] then={action do=accept}}
by IPANetEngineer
Wed Mar 17, 2021 2:32 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta5 [development] is released!
Replies: 293
Views: 47505

Re: v7.1beta5 [development] is released!

I just uploaded it to EVE-NG and am working through adding some config I used with previous beta versions. It looks like the routing filters have changed slightly. What string value is expected? This is what I see in beta5....the only option is "rule=" that I can see, I can't add match-prf...
by IPANetEngineer
Tue Mar 16, 2021 5:16 pm
Forum: Forwarding Protocols
Topic: OSPF Linux MikroTik
Replies: 6
Views: 4045

Re: OSPF Linux MikroTik

I would be using Free Range Routing in 2021 as opposed to Quagga and see if the issue persists
by IPANetEngineer
Mon Mar 15, 2021 4:05 pm
Forum: Forwarding Protocols
Topic: IPv6 received prefix limit
Replies: 1
Views: 895

Re: IPv6 received prefix limit

Is this a full table or IX peering? When you say "working" routes, what do you mean exactly?
by IPANetEngineer
Mon Mar 15, 2021 3:41 pm
Forum: Beginner Basics
Topic: igmp snooping in routeros
Replies: 1
Views: 332

Re: igmp snooping in routeros

Yes, essentially IGMP snooping exists to determine which ports on a LAN segment need to participate in multicast streams and prevents the flooding of traffic to ports that don't need it.
by IPANetEngineer
Mon Mar 15, 2021 3:22 pm
Forum: RouterOS v7 BETA
Topic: new feature request MLAG!!!
Replies: 32
Views: 11814

Re: new feature request MLAG!!!

Great to know that it can be done!

I would love to see stacking on MikroTik switches as well. It's something I brought up at every MUM (back when we did those) with the developers as it would solve a lot of problems in ISP, DC and Enterprise use cases.
by IPANetEngineer
Sun Mar 14, 2021 7:55 pm
Forum: General
Topic: What is m2m.mikrotik.com for?
Replies: 2
Views: 688

Re: What is m2m.mikrotik.com for?

Looks like something to support LORAWAN

Image
by IPANetEngineer
Fri Mar 12, 2021 4:21 pm
Forum: Forwarding Protocols
Topic: OSPF wrong peer state
Replies: 1
Views: 951

Re: OSPF wrong peer state

Setup a packet capture if the message is occurring frequently.

Things to check:

Duplicated router ids
Areas and types
Network Type
by IPANetEngineer
Fri Mar 12, 2021 3:55 pm
Forum: RouterOS v7 BETA
Topic: Bug: RouterOS beta 7.1beta4 - RFC3021 - does not route out on a /31 - but accepts traffic from a /31
Replies: 15
Views: 2348

Re: Bug: RouterOS beta 7.1beta4 - RFC3021 - does not route out on a /31 - but accepts traffic from a /31

I think /31 support is important. As much as I push for IPv6, the world is still operating IPv4 and will be for a while. I've run into the problem more and more where we have to use Cisco or Juniper due to lack of official /31 support. (many orgs do not want to use the /32 workaround)
by IPANetEngineer
Wed Mar 10, 2021 5:59 pm
Forum: RouterBOARD hardware
Topic: CCR2004 packet loss
Replies: 108
Views: 14727

Re: CCR2004 packet loss

I've been testing the 2004 with the 25G interfaces only on an fs.com 5860-20SQ switch stack in our lab and haven't seen the same issues as people using the 10G ports, so i'll be interested to load this version and try the 10G interfaces.
by IPANetEngineer
Sat Mar 06, 2021 7:50 pm
Forum: Forwarding Protocols
Topic: Static Router with OSPF Network
Replies: 14
Views: 1762

Re: Static Router with OSPF Network

instance=default area=backbone type=router id=172.16.0.5 originator=172.16.0.5 sequence-number=0x80000CD5 age=1389 checksum=0xD2FC options="E" body= flags= links (type, id, data, metric) Stub 10.0.15.253 255.255.255.255 10 Transit 172.16.1.28 172.16.1.28 50 Stub 10.0.12.0 255.255.252.0 10...
by IPANetEngineer
Sat Mar 06, 2021 12:25 am
Forum: Forwarding Protocols
Topic: Static Router with OSPF Network
Replies: 14
Views: 1762

Re: Static Router with OSPF Network

What's the output of
ip route print
and
routing ospf lsa print detail
on the AS_Router ?
by IPANetEngineer
Fri Mar 05, 2021 11:42 pm
Forum: General
Topic: can't see route(s)/address for ipv6/slaac
Replies: 8
Views: 569

Re: can't see route(s)/address for ipv6/slaac

That's definitely not normal, when I issue the same command on my home or office router which are both dual stack, I get the global unicast addresses and the default route.

I would recommend downgrading to the LTS version 6.47.9 and see if the issue persists.
by IPANetEngineer
Fri Mar 05, 2021 11:34 pm
Forum: General
Topic: can't see route(s)/address for ipv6/slaac
Replies: 8
Views: 569

Re: can't see route(s)/address for ipv6/slaac

These two should get you what you need. Most of what you're looking for will be in the ipv6 menu
ip dns print
and
ipv6 address print
by IPANetEngineer
Fri Mar 05, 2021 11:05 pm
Forum: Forwarding Protocols
Topic: resolve ibgp routes recursively from ebgp? [SOLVED]
Replies: 1
Views: 1204

Re: resolve ibgp routes recursively from ebgp? [SOLVED]

Recursive routing for iBGP next hops in MikroTik only works with IGPs (OSPF and RIP) and static routes.
by IPANetEngineer
Mon Mar 01, 2021 7:14 pm
Forum: Forwarding Protocols
Topic: Default Route advertisement eBGP failover
Replies: 9
Views: 1212

Re: Default Route advertisement eBGP failover

Normally, you only want the default to originate at the border router where you are peering or have DIA with an upstream.

Then:

  • Default Originate (if installed) on all eBGP peerings
  • Permit it via all other eBGP peers in
by IPANetEngineer
Mon Mar 01, 2021 6:38 pm
Forum: Forwarding Protocols
Topic: Default Route advertisement eBGP failover
Replies: 9
Views: 1212

Re: Default Route advertisement eBGP failover

Is this an eBGP design where every tower is a separate ASN? From reading the notes, it seems that way If so, you'll want to default originate if-installed for every ebgp peering, You also need to make sure that you have a valid and active default route for it to pick up and make sure your in and out...
by IPANetEngineer
Tue Feb 23, 2021 4:52 pm
Forum: RouterBOARD hardware
Topic: recommendation to x86 hardware?
Replies: 6
Views: 1240

Re: recommendation to x86 hardware?

We've also found that in addition to higher clock speeds, the amount of cache in the CPU helps with performance. Get more if you can afford it.
by IPANetEngineer
Sat Feb 20, 2021 8:07 pm
Forum: General
Topic: 172.16.0.0/12 RFC1918 in ROS [SOLVED]
Replies: 25
Views: 1382

Re: 172.16.0.0/12 RFC1918 in ROS [SOLVED]

Probably need more details, I've used 172.16.0.0/12 without issue for years in RouterOS...what's the specific configuration giving you issues?
by IPANetEngineer
Tue Feb 16, 2021 3:38 pm
Forum: Useful user articles
Topic: Dark Mode for Winbox
Replies: 4
Views: 1552

Re: Dark Mode for Winbox

This is a good idea...would like to see this.
by IPANetEngineer
Fri Feb 12, 2021 12:49 am
Forum: Forwarding Protocols
Topic: iBGP IPv6 not sending any routes from corerouter 1 to corerouter 2.
Replies: 3
Views: 957

Re: iBGP IPv6 not sending any routes from corerouter 1 to corerouter 2.

This is a known limitation of ROSv6. Recursive routing doesn't work in IPv6. This is fixed in v7, but it's still in beta.

Some notes about this are in this article:

https://stubarea51.net/2020/12/30/mikro ... spfv3-bgp/
by IPANetEngineer
Thu Feb 11, 2021 5:09 pm
Forum: RouterBOARD hardware
Topic: High CPU Load on CCR1036-8G-2S+
Replies: 1
Views: 557

Re: High CPU Load on CCR1036-8G-2S+

What are the firewall rules/config? Even one rule can make a difference if a large volume of packets hits it.
by IPANetEngineer
Thu Feb 11, 2021 5:07 pm
Forum: Forwarding Protocols
Topic: How Donot Change Community In bgp
Replies: 3
Views: 838

Re: How Donot Change Community In bgp

It would be helpful to see your configuration
by IPANetEngineer
Thu Feb 04, 2021 4:05 pm
Forum: General
Topic: Mikrotik CRSxxx STP/RSTP/MSTP block on ports.
Replies: 2
Views: 527

Re: Mikrotik CRSxxx STP/RSTP/MSTP block on ports.

Try adding

add stp-type=config

to your filter rule and then create another filter rule for TCN. This should match and only drop BPDUs and not all outbound traffic.
by IPANetEngineer
Thu Feb 04, 2021 3:46 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta4 [development] is released!
Replies: 211
Views: 34410

Re: v7.1beta4 [development] is released!

Really excited to see a REST API in this release. Thanks MT!
by IPANetEngineer
Tue Feb 02, 2021 4:28 pm
Forum: Forwarding Protocols
Topic: Juniper to MikroTik - OSPF
Replies: 1
Views: 700

Juniper to MikroTik - OSPF

Continuing the Juniper to MikroTik series. It translates MikroTik CLI into Juniper to make things easier to learn as well as build multi-vendor networks. This post that will show you basic OSPFv2 commands for config and troubleshooting in both ROS and Junos syntax. Enjoy! https://stubarea51.net/2021...
by IPANetEngineer
Thu Jan 28, 2021 9:18 am
Forum: General
Topic: Hardware choice for BGP+OSPF 1/2/10G
Replies: 4
Views: 501

Re: Hardware choice for BGP+OSPF 1/2/10G

This depends on whether you want full tables or not.

If you don't need full tables, i'd recommend a CCR1036-8G2S+ , if you are going to do full tables, a hypervisor and the CHR will give you the best performance until v7 is out as stable code.
by IPANetEngineer
Sun Jan 24, 2021 8:21 pm
Forum: Forwarding Protocols
Topic: Juniper to MikroTik - BGP
Replies: 0
Views: 655

Juniper to MikroTik - BGP

Continuing the tradition with a series that I've had out for several years now. It translates MikroTik CLI into other popular network vendors like Cisco to make things easier to learn as well as build multi-vendor networks. This time we are diving into Juniper. Here is a post that will show you basi...
by IPANetEngineer
Sun Jan 24, 2021 7:22 pm
Forum: Beginner Basics
Topic: Changing port vlan config
Replies: 4
Views: 553

Re: Changing port vlan config

You don't need to remove it from the bridge, it can be set and changed. However, if spanning tree is running on the bridge and this is a prod network, be mindful of changes that can cause the STP topology to reconverge.
by IPANetEngineer
Sun Jan 24, 2021 6:18 pm
Forum: Virtualization
Topic: Mikrotik - 10 Gbit NAT
Replies: 3
Views: 1394

Re: Mikrotik - 10 Gbit NAT

I'd use the CHR for this task...easy to scale for growth as needed. As the CCR2xxx series matures and they release more models, I expect it will be a good choice as well.
by IPANetEngineer
Wed Jan 20, 2021 5:08 pm
Forum: General
Topic: Feature requests
Replies: 1374
Views: 343533

Re: Feature requests

IS-IS and Segment Routing (SR-MPLS)

Discussion is here:

viewtopic.php?f=1&t=171278&p=837339#p837339
by IPANetEngineer
Sat Jan 16, 2021 6:22 pm
Forum: General
Topic: css326 and rb4011 getting errors with 10G SFP+ uplink
Replies: 10
Views: 1094

Re: css326 and rb4011 getting errors with 10G SFP+ uplink

There were problems with using the SFP+ port on the 4011 with DAC cables in the past. The issue has been fixed in RouterOS, but we still use optical connections on 4011s and have no issues.

I would change to optical and see if the FCS errors continue.
by IPANetEngineer
Sat Jan 16, 2021 4:06 pm
Forum: Beginner Basics
Topic: howto create a trunk between mikrotik & mikrotik
Replies: 2
Views: 658

Re: howto create a trunk between mikrotik & mikrotik

Here is an article I wrote to make Cisco to MikroTik VLAN trunking easier.

https://stubarea51.net/2019/02/06/cisco ... and-vlans/
by IPANetEngineer
Fri Jan 15, 2021 4:40 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 114
Views: 11670

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

Sooooo move away from PPPoE to what exactly? We are talking 15.000 CPEs, I’m open to suggestions. Movistar, my home fibre ISP, with millions of customers, runs PPPoE... This really depends on why you want PPPoE. In 2021, PPPoE is typically deployed because you want: 1) Traffic accounting via RADIUS...
by IPANetEngineer
Thu Jan 14, 2021 5:35 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 114
Views: 11670

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

The software quality of major network vendors like Cisco/Juniper has gone down in the last 5 years as they lean more on customers for QA.

We've been incredibly successful using the long term version of RouterOS in production networks for both enterprise and service provider.
by IPANetEngineer
Wed Jan 13, 2021 9:18 pm
Forum: Forwarding Protocols
Topic: ASN Blocking
Replies: 6
Views: 1273

Re: ASN Blocking

ASN isn't a piece of information carried in the packet header - only the routing table of a BGP border router.

Do you have a border router with a full table and no default route?
by IPANetEngineer
Wed Jan 13, 2021 5:43 pm
Forum: Forwarding Protocols
Topic: ASN Blocking
Replies: 6
Views: 1273

Re: ASN Blocking

If there are specific ASNs you want the list of prefixes for to then add to a FW rule, the easiest way would probably be a route-set query

https://www.arin.net/resources/manage/irr/
by IPANetEngineer
Wed Jan 13, 2021 5:10 pm
Forum: RouterBOARD hardware
Topic: SFP+ DAC cable not working with CCR2004-1G-12S+2XS & CRS326-24G-2S+RM
Replies: 2
Views: 600

Re: SFP+ DAC cable not working with CCR2004-1G-12S+2XS & CRS326-24G-2S+RM

Try setting the speed explicitly on each end to be 10G or 1G and see if that resolves the issue.
by IPANetEngineer
Wed Jan 13, 2021 4:51 pm
Forum: Beginner Basics
Topic: VLAN routing bottleneck on CRS354
Replies: 4
Views: 467

Re: VLAN routing bottleneck on CRS354

At some point in the future, you'll be able to use the CRS354 to route between VLANs without using CPU. The functionality is there in many of the CRS3xx switches in the v7 beta software. However it's not production ready yet. Capabilities are here: https://help.mikrotik.com/docs/display/ROS/CRS3xx+s...
by IPANetEngineer
Wed Jan 13, 2021 4:40 pm
Forum: General
Topic: High CPU Crs328
Replies: 4
Views: 509

Re: High CPU Crs328

What is the output of the following command?

interface bridge port print where hw-offload=yes
by IPANetEngineer
Wed Jan 13, 2021 4:31 pm
Forum: Forwarding Protocols
Topic: BGP FIRT
Replies: 2
Views: 662

Re: BGP FIRT

I would ask your provider to send you a full table + default so that you can discard the full table. However, if you decide to leak specific routes or allow the full table in the future, it doesn't require a change by the upstream provider.
by IPANetEngineer
Thu Jan 07, 2021 6:28 pm
Forum: General
Topic: Some websites unavailable on IPv6 [SOLVED]
Replies: 12
Views: 1595

Re: Some websites unavailable on IPv6 [SOLVED]

It totally stinks and that's great. I hate these broken MTU promoters. My primary uplink provider still caps MTU at 1460 on their so-called "next-gen" fibre infrastructure. Some people never graduated 1500 ethernet MTU basics. First day on the Internet with MTU? :-) His effective MTU was ...
by IPANetEngineer
Fri Jan 01, 2021 7:01 pm
Forum: RouterOS v7 BETA
Topic: Segment Routing and IS-IS
Replies: 18
Views: 3615

Segment Routing and IS-IS

Kicking off the new year to reiterate my MikroTik wish list....while there are many things i'd love to see in ROSv7, these are my top 2. 1) Segment Routing - In the service provider and data center space, MPLS is rapidly moving over to SR-MPLS because it simplifies both label exchange and traffic en...
by IPANetEngineer
Fri Jan 01, 2021 4:55 pm
Forum: General
Topic: BGP Configuration for Google Global Cache (GGC)
Replies: 3
Views: 1370

Re: BGP Configuration for Google Global Cache (GGC)

It seems to be pretty simple. Create an eBGP peering with the cache box using the ASN and IPv4/IPv6 space that Google allocates and then advertise all prefixes for customers that are normally advertised on transit peers. This is the way most content caches work. https://support.google.com/interconne...
by IPANetEngineer
Thu Dec 31, 2020 2:26 am
Forum: General
Topic: qinq - stripping outer vlan with hardware offloading
Replies: 3
Views: 494

Re: qinq - stripping outer vlan with hardware offloading

Seems like they have an example of this in the new help docs.

If i'm reading it right, you'll need a bridge set with ether-type=0x88a8

https://help.mikrotik.com/docs/display/ ... VLAN+Table
by IPANetEngineer
Wed Dec 30, 2020 11:56 pm
Forum: RouterOS v7 BETA
Topic: v7 Dynamic routing using IPv6 and OSPFv3/BGP with examples
Replies: 1
Views: 1158

v7 Dynamic routing using IPv6 and OSPFv3/BGP with examples

I've been working on a lab for ROSv7 to provide examples for IPv6 config with OSPF and BGP. Details are in the blog post. Hope it's helpful! https://stubarea51.net/2020/12/30/mikrotik-routerosv7-first-look-dynamic-routing-with-ipv6-and-ospfv3-bgp/ https://stubarea51.net/wp-content/uploads/2020/10/im...
by IPANetEngineer
Wed Dec 30, 2020 6:18 pm
Forum: Forwarding Protocols
Topic: OSFP Public IP Subnet [SOLVED]
Replies: 2
Views: 1058

Re: OSFP Public IP Subnet [SOLVED]

There are two different articles that I think would help you here: The first is an overview of migrating from bridged to routed for a WISP https://stubarea51.net/2019/09/15/wisp-design-migrating-from-bridged-to-routed/ The second addresses your concern of getting IPs from a /24 out to the towers. VP...
by IPANetEngineer
Mon Dec 14, 2020 5:23 pm
Forum: RouterBOARD hardware
Topic: New High Performance Routers ! ?
Replies: 82
Views: 17334

Re: New High Performance Routers ! ?

Large ISP often has several platforms for different workloads. They never do everything in one single platform. Even in smaller ISPs, this is how I design. Trying to fit every service into a couple of routers almost always ends up being more complex than splitting workloads out into Internet Edge, ...
by IPANetEngineer
Mon Dec 14, 2020 5:18 pm
Forum: General
Topic: Ryzen build for Routeros
Replies: 7
Views: 1819

Re: Ryzen build for Routeros

If you're going x64, go for VyOS instead of RouterOS. RouterOS doesn't have many basic features such as NPTv6, Routing Marks for IPv6 etc and the fact that RouterOS v7 has been in development for a decade if not more. VyOS is enterprise-ready (go through their documentation and confirm yourself) an...
by IPANetEngineer
Sat Dec 12, 2020 5:04 pm
Forum: Forwarding Protocols
Topic: iBGP+VPNV4 issue : routing OK but prefix unreachable
Replies: 4
Views: 825

Re: iBGP+VPNV4 issue : routing OK but prefix unreachable

Here is a blog post I wrote on MikroTik and VPNv4. In this example, the P routers are Juniper but the PEs are MikroTik and using VPNv4 The lab config is included in the article. https://stubarea51.net/wp-content/uploads/2020/01/MikroTik-to-Juniper-MPLS-and-VPNv4.png https://stubarea51.net/2020/01/22...
by IPANetEngineer
Sat Dec 12, 2020 4:59 pm
Forum: Forwarding Protocols
Topic: BGP Multihoming with load balancing
Replies: 1
Views: 755

Re: BGP Multihoming with load balancing

The very best way to do this is with communities. With only two upstreams, you may need to break your /20 into a few smaller advertisements like /21s or /22s and then use the traffic engineering communities of your upstream provider to set preferences. Technically you can do this without communities...
by IPANetEngineer
Sat Dec 12, 2020 4:38 pm
Forum: Forwarding Protocols
Topic: iBGP+VPNV4 issue : routing OK but prefix unreachable
Replies: 4
Views: 825

Re: iBGP+VPNV4 issue : routing OK but prefix unreachable

VPNv4 requires an MPLS forwarding plane for prefixes to be reachable. Do you have LDP enabled?
by IPANetEngineer
Sat Dec 12, 2020 4:35 pm
Forum: Forwarding Protocols
Topic: CCR1072 with 2 Provders BGP Full Tables
Replies: 7
Views: 1466

Re: CCR1072 with 2 Provders BGP Full Tables

This really depends on what your goals are for maintaining full tables. If you want all traffic to leave via Cogent and only the traffic local to Bulgaria to be sent to the local provider, you can take a default route from Cogent and then learn the ~7000 local routes over the other provider. If you ...
by IPANetEngineer
Thu Dec 10, 2020 2:27 pm
Forum: General
Topic: L2 ring redundancy protocol support?
Replies: 16
Views: 1585

Re: L2 ring redundancy protocol support?

G.8032 is definitely the way to go....would love to see this in the CRS3xx series.
by IPANetEngineer
Thu Dec 10, 2020 2:24 pm
Forum: Forwarding Protocols
Topic: BGP Route distinguishers reversed
Replies: 4
Views: 1198

Re: BGP Route distinguishers reversed

I wrote a blog article on this issue and a workaround when doing VPNv4 between MikroTik and Juniper.

https://stubarea51.net/2020/01/22/junip ... 4-interop/
by IPANetEngineer
Wed Dec 09, 2020 4:47 pm
Forum: General
Topic: Mikrotik physical connection recommendations to other products.
Replies: 2
Views: 483

Re: Mikrotik physical connection recommendations to other products.

I've done this quite a bit with MikroTik and Fortigate for Enterprise and Data Center networks. Typically I use a design that employs dynamic routing and L3 switch stacks for a few reasons 1) Failover isolation - the border routers can failover independently of the firewall pair if there is an inter...
by IPANetEngineer
Wed Dec 09, 2020 4:05 pm
Forum: General
Topic: Sending multiple VLAN's through an EVC - Configuration
Replies: 2
Views: 375

Re: Sending multiple VLAN's through an EVC - Configuration

The configuration example you need to do QinQ on a CRS3xx switch is in the MikroTik Wiki here:

https://wiki.mikrotik.com/wiki/Manual:I ... 8Q-in-Q.29

The support was added in 6.43rc13
*) crs3xx - added initial Q-in-Q hardware offloading support (CLI only)
by IPANetEngineer
Wed Dec 09, 2020 3:54 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta3 [development] is released!
Replies: 262
Views: 50582

Re: v7.1beta3 [development] is released!

Hi IPANet, I am in awe of your network designs........... I don't know or think I will ever need fz-codel or cake functionality but I can guarantee you I will probably be eating cake when I read your posts demonstrating such features !! :-) Thanks for the feedback, I appreciate it :-) We'll definit...
by IPANetEngineer
Wed Dec 09, 2020 3:52 pm
Forum: Forwarding Protocols
Topic: VLAN over VPLS Link
Replies: 9
Views: 1171

Re: VLAN over VPLS Link

If you want to pass all VLANs like a trunk over VPLS without specifying each VLAN, here is a blog article I wrote with config examples on how to use S-Tag for this. https://stubarea51.net/2018/08/07/mikrotik-isp-design-building-an-802-1q-trunk-between-sites-using-vpls-and-s-tag/ https://stubarea51.n...
by IPANetEngineer
Sun Dec 06, 2020 3:41 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta3 [development] is released!
Replies: 262
Views: 50582

Re: v7.1beta3 [development] is released!

I am ***soo*** excited to finally see fq-codel and cake in RouterOS, this is going to be a game changer for shaping options in ISP networks.

Nice work MikroTik :)
by IPANetEngineer
Sun Nov 29, 2020 7:00 pm
Forum: General
Topic: How is your public IP address determined?
Replies: 23
Views: 1817

Re: How is your public IP address determined?

... the fact that using stateless address assignment means everyone on the Internet knows your device's MAC address. What's so special about my tablet's MAC address that nobody should know it? This is why RFC4941 exists - Windows, Mac and Linux all support privacy extensions to obscure the MAC addr...
by IPANetEngineer
Sun Nov 29, 2020 6:47 pm
Forum: General
Topic: How is your public IP address determined?
Replies: 23
Views: 1817

Re: How is your public IP address determined?

Thank god for NAT and IPV4, not sure what disaster IPV6 will bring. ;-P IPv6 is faster than IPv4 and enables end to end connectivity. You *need* to be deploying IPv6 :-) https://www.zdnet.com/article/apple-tells-app-devs-to-use-ipv6-as-its-1-4-times-faster-than-ipv4/ We've run it in dual stack for ...
by IPANetEngineer
Sun Nov 29, 2020 6:14 pm
Forum: RouterBOARD hardware
Topic: The big CCR2004 reboot thread (was 2004 hardware issues?)
Replies: 194
Views: 25574

Re: 2004 hardware issues?

I need to upgrade the CCR2004 in my lab and see if the stability improves. We've used them for several clients but have also had some stability issues. I think this router will be amazing after a few more months of bug fixes from MikroTik. This is pretty typical of a new router release...it takes a ...
by IPANetEngineer
Sun Nov 29, 2020 4:35 pm
Forum: General
Topic: Some websites unavailable on IPv6 [SOLVED]
Replies: 12
Views: 1595

Re: Some websites unavailable on IPv6 [SOLVED]

Set your IPv6 MTU to 1280 and see if that solves the issue as there are places on the internet that are still 1280 for IPv6. If that resolves it, you can slowly raise it until things break again to understand what your effective MTU is.

https://blog.cloudflare.com/increasing-ipv6-mtu/
by IPANetEngineer
Sun Nov 29, 2020 4:28 pm
Forum: General
Topic: Redundant connection between Cisco VSS LACP and two routers
Replies: 3
Views: 680

Re: Redundant connection between Cisco VSS LACP and two routers

Why not build LACP channels from the 4500X to two different MikroTiks and connnect the MikroTik routers together via BGP?

What role do the MikroTik routers and 4500X play in this network? what are their jobs?
by IPANetEngineer
Mon Nov 23, 2020 5:51 pm
Forum: Beginner Basics
Topic: CRS 317-1G-16M+RM WITH CISCO DAC SFP-H10GB-CU3M
Replies: 4
Views: 493

Re: CRS 317-1G-16M+RM WITH CISCO DAC SFP-H10GB-CU3M

In general, MikroTik does not care about which vendor made the SFP or DAC cable. I've used Cisco DACs and SFP Optics in MikroTik without issue. I've also had a lot of success with FiberStore SFPs and DAC cables. They work well with MikroTik and Cisco. If you have issues with the DAC cable working, t...
by IPANetEngineer
Sat Nov 21, 2020 4:43 pm
Forum: General
Topic: Network architecture recommendations
Replies: 6
Views: 786

Re: Network architecture recommendations

Having designed and built hundreds of WISPs, i've got a few things to share with you that may be helpful. We typically deploy a "switch-centric" design where all connections go into a switch because it lowers operational overhead. This is similar to your first design drawing. We've scaled ...
by IPANetEngineer
Sat Nov 21, 2020 4:26 pm
Forum: RouterBOARD hardware
Topic: Enquiry on 100Gbps SFP Router
Replies: 3
Views: 911

Re: Enquiry on 100Gbps SFP Router

Earlier this year, a model number for a 100G router from MikroTik was leaked. That's about all we know. https://forum.mikrotik.com/viewtopic.php?p=819880 CCR2016-1G-12XS-2XQ is the model number which would have 2 x 100G interfaces and 12 x 25G interfaces The wiki was updated this year to reflect 100...
by IPANetEngineer
Sat Nov 14, 2020 3:38 pm
Forum: Forwarding Protocols
Topic: SAME ASN 2 BGP SESSIONS (LOCAL & INTERNATIONAL TRAFFIC)
Replies: 8
Views: 1120

Re: SAME ASN 2 BGP SESSIONS (LOCAL & INTERNATIONAL TRAFFIC)

Can you share the community list for each of the peerings.?

Prepending isn't going to work if you only have one /24
by IPANetEngineer
Tue Nov 10, 2020 4:43 pm
Forum: Forwarding Protocols
Topic: Hardware FailOver with 2 CCR and BGP
Replies: 2
Views: 1024

Re: Hardware FailOver with 2 CCR and BGP

Ideally, you'd push for another peering with your provider or get a second provider and peer with them. Have you asked your upstream if this is possible? I've seen many providers do this if asked by a customer. In that type of design, you'd want to build it like this: https://stubarea51.net/wp-conte...
by IPANetEngineer
Tue Nov 10, 2020 4:17 pm
Forum: Forwarding Protocols
Topic: Suggestion for routing
Replies: 2
Views: 866

Re: Suggestion for routing

It appears you are trying to build a mesh VPN where any site can reach any other site. Honestly, as much as I love MikroTik, ZeroTier is a better solution for this. https://www.zerotier.com/ If you're going to use MikroTik, I would consider using L2TP and build tunnels to/from all routers. You can b...
by IPANetEngineer
Tue Nov 10, 2020 4:12 pm
Forum: Forwarding Protocols
Topic: MPLS/VPLS and HTB / EXP bits
Replies: 15
Views: 3824

Re: MPLS/VPLS and HTB / EXP bits

Can you post details of the config?
by IPANetEngineer
Tue Oct 20, 2020 4:16 pm
Forum: Useful user articles
Topic: CCR Takes the heat
Replies: 5
Views: 4965

Re: CCR Takes the heat

Ever since I first started using MikroTik 10 years ago, I've been very impressed with how well they handle higher temperatures when a climate controlled environment is not available.
by IPANetEngineer
Tue Oct 20, 2020 3:57 pm
Forum: Forwarding Protocols
Topic: VRF and overlapped IPs
Replies: 3
Views: 907

Re: VRF and overlapped IPs

You cannot use subnets that are directly overlapped in different VRFs in RouterOS v6...this is fixed in RouterOSv7
by IPANetEngineer
Tue Oct 20, 2020 3:54 pm
Forum: Forwarding Protocols
Topic: Manage third party router through winbox
Replies: 2
Views: 714

Re: Manage third party router through winbox

You cannot use Winbox to manage an Arista device as winbox is specific to MikroTik. You can use it as a route reflector if you want though and that will give you some visibility....but is that a good fit for your network architecture? However, you can use programs like Unimus or Ansible to manage al...
by IPANetEngineer
Tue Oct 20, 2020 3:50 pm
Forum: Forwarding Protocols
Topic: Problems with ID routers in OSPF Instance
Replies: 2
Views: 777

Re: Problems with ID routers in OSPF Instance

Please post the output of the following commands

/routing ospf export

/routing ospf neighbor print detail

/routing ospf as-border-router print detail
by IPANetEngineer
Tue Oct 20, 2020 3:23 pm
Forum: General
Topic: Feature Request: IP Multicast Routing/mDNS/Zeroconf/Bonjour
Replies: 42
Views: 23542

Re: Feature Request: IP Multicast Routing/mDNS/Zeroconf/Bonjour

mDNS would be a great addition to enable things like chromecast between subnets.
by IPANetEngineer
Sat Oct 17, 2020 5:58 pm
Forum: Forwarding Protocols
Topic: OSPF2 network-type
Replies: 5
Views: 859

Re: OSPF2 network-type

That's why we normally use the ptp OSPF type on RF links and it works very well with rapid convergence.

What radios are you using that don't support multicast?
by IPANetEngineer
Sat Oct 17, 2020 4:55 pm
Forum: RouterBOARD hardware
Topic: CCR2004 packet loss
Replies: 108
Views: 14727

Re: CCR2004 packet loss

Have you tried changing the interface queues for both ports from hardware-only to ethernet-default ? You need buffering when mixing interface speeds on any router and i'm not sure what the default buffer capabilities are for the CCR2004. I would at least try a few different queue types for the inter...
by IPANetEngineer
Sat Oct 17, 2020 4:39 pm
Forum: General
Topic: Rookie Error - Lost management access while attempting to set up blackhole routing [SOLVED]
Replies: 7
Views: 695

Re: Rookie Error - Lost management access while attempting to set up blackhole routing [SOLVED]

If you can plug into it locally, use mac-telnet with winbox which will bypass all L3 and login to the router
by IPANetEngineer
Sat Oct 17, 2020 4:22 pm
Forum: Scripting
Topic: Syntax highlighting for Notepad++
Replies: 18
Views: 16969

Re: Syntax highlighting for Notepad++

same problem as well
by IPANetEngineer
Fri Oct 16, 2020 5:12 pm
Forum: RouterOS v7 BETA
Topic: CAPsMAN2 maybe we can have NETsMAN in the future
Replies: 1
Views: 933

Re: CAPsMAN2 maybe we can have NETsMAN in the future

It seems like this would be a natural extension of the DUDE. I would love to see NETCONF capabilities to standardize with the rest of the networking industry.
by IPANetEngineer
Fri Oct 16, 2020 5:10 pm
Forum: Forwarding Protocols
Topic: OSPF2 network-type
Replies: 5
Views: 859

Re: OSPF2 network-type

I'm curious, what is the intent behind not wanting DR/BDR?

You might consider eBGP for RF links. It converges pretty fast and doesn't require multicast
by IPANetEngineer
Thu Oct 15, 2020 11:52 pm
Forum: RouterBOARD hardware
Topic: CCR2004 packet loss
Replies: 108
Views: 14727

Re: CCR2004 packet loss

What's the lowest throughput (on the 1G) you've seen the packet loss?
by IPANetEngineer
Thu Oct 15, 2020 10:12 pm
Forum: Beginner Basics
Topic: Using hAP lite as a dumb WISP device? [SOLVED]
Replies: 7
Views: 752

Re: Using hAP lite as a dumb WISP device? [SOLVED]

Depending on the type of wireless device you're connecting to, you need to verify the station type under your wireless interface settings. station-bridge is ideal if the other router is a MikroTik. Otherwise you can try station-pseudobridge, but you'll have some limits outside of IPv4 traffic. If it...
by IPANetEngineer
Thu Oct 15, 2020 4:38 pm
Forum: Beginner Basics
Topic: Using hAP lite as a dumb WISP device? [SOLVED]
Replies: 7
Views: 752

Re: Using hAP lite as a dumb WISP device? [SOLVED]

If i'm understanding what you're trying to do, all you really need is to bridge the wireless interface on the hAP lite to the physical ports the security devices are plugged into. That will extend the RFC1918 network in the home router through to those devices. 1. under 'bridge' add a new bridge usi...
by IPANetEngineer
Thu Oct 15, 2020 4:30 pm
Forum: RouterBOARD hardware
Topic: CCR2004 packet loss
Replies: 108
Views: 14727

Re: CCR2004 packet loss

We have mainly packet loss pinging from the remote end to ccr2004 gigabit interface, the problem probably occurs when the upstream traffic from the 10G->1G fullfill the ethernet..

So does the packet loss only occur when the 1G interface is full?
by IPANetEngineer
Thu Oct 15, 2020 4:18 pm
Forum: Forwarding Protocols
Topic: Default Route forwarding via eBGP
Replies: 4
Views: 837

Re: Default Route forwarding via eBGP

Yes, you'll need to enable default-originate (if installed) on all peerings in this type of design. I would use BGP communities to set either weight or localpref I did a presentation a few years ago on this type of design at the US MUM in Denver. Here is an overview of the way we used communities. e...
by IPANetEngineer
Tue Oct 13, 2020 5:38 pm
Forum: Forwarding Protocols
Topic: Graceful restart
Replies: 7
Views: 3883

Re: Graceful restart

This is great news...have been waiting for this feature for a while.
by IPANetEngineer
Tue Oct 13, 2020 3:18 pm
Forum: RouterOS v7 BETA
Topic: CRS 3xx - L3 ASIC performance testing
Replies: 30
Views: 4274

Re: CRS 3xx - L3 ASIC performance testing

Thanks for the feedback...i'll check the hypervisor and see if it's creating a bottleneck somewhere.
by IPANetEngineer
Mon Oct 12, 2020 8:40 pm
Forum: RouterOS v7 BETA
Topic: CRS 3xx - L3 ASIC performance testing
Replies: 30
Views: 4274

CRS 3xx - L3 ASIC performance testing

Did some work on testing the L3 performance last week in 7.1beta2 and published it today.

https://stubarea51.net/2020/10/12/mikro ... e-testing/

Image
by IPANetEngineer
Mon Oct 12, 2020 3:55 pm
Forum: General
Topic: L2 Design for PPPOE Service Delivery
Replies: 2
Views: 366

Re: L2 Design for PPPOE Service Delivery

I would build a highly available BRAS for PPPoE and use x86 +CHR. We wrote an article on how to design it

https://stubarea51.net/2018/04/23/pppoe ... atorsbras/

Image
by IPANetEngineer
Sun Oct 11, 2020 4:10 pm
Forum: RouterBOARD hardware
Topic: need inquiry
Replies: 2
Views: 473

Re: need inquiry

Either an RB4011 or a CCR1009 will handle this task easily.
by IPANetEngineer
Sat Oct 10, 2020 5:55 pm
Forum: Forwarding Protocols
Topic: Routing Advices
Replies: 7
Views: 1165

Re: Routing Advices

While you can create a bridge and tunnel as others have said, honestly ZeroTier is the easiest way to do this and has the best performance Just install it on each computer and they'll be connected with great performance and none of the typical issues that come with L2 extensions. https://www.zerotie...
by IPANetEngineer
Fri Oct 09, 2020 4:40 pm
Forum: General
Topic: ECMP balancing sometimes breaks TCP connection
Replies: 9
Views: 860

Re: ECMP balancing sometimes breaks TCP connection

Just curious, what application are these servers hosting? It seems like an application load balancer would be a better tool than ECMP in routing since you're expecting TCP sessions from a specific source to stay with the server they hit.

This is the exact problem a load balancer solves :-)
by IPANetEngineer
Fri Oct 09, 2020 3:39 pm
Forum: Virtualization
Topic: DHCP on CHR not working with ESX
Replies: 2
Views: 1000

Re: DHCP on CHR not working with ESX

Check the security settings on the ESXI VSWITCH and make sure they are as permissive as possible.
by IPANetEngineer
Fri Oct 09, 2020 3:26 pm
Forum: RouterOS v7 BETA
Topic: [bug] Issue with unexpected advertisement of OPSFv3 prefix [SOLVED]
Replies: 2
Views: 977

Re: [bug] Issue with unexpected advertisement of OPSFv3 prefix [SOLVED]

I may have found an answer to this in the v7 docs. I am going to test this with an empty route filter and see if it only advertises interfaces in OSPF that are configured. EDIT: 10/10/2020 - This was the issue - verified it in the original lab https://help.mikrotik.com/docs/display/ROS/ROSv7+Basic+R...
by IPANetEngineer
Thu Oct 08, 2020 4:50 pm
Forum: General
Topic: Wireless and DHCP problems
Replies: 8
Views: 916

Re: Wireless and DHCP problems

We need more details and examples of your configuration and DHCP lease output to be helpful
by IPANetEngineer
Tue Oct 06, 2020 7:15 pm
Forum: Forwarding Protocols
Topic: MPLS and MTU
Replies: 5
Views: 1286

Re: MPLS and MTU

Mikrotik default MPLS mtu is 1530, if I understood correctly, then it must be raised if the end customer needs qinq, for example.

yes if you want QinQ then you'll need at least 1534 to support two tags.

IP ArchiTechs has engineers in the EU (+2 time zone) as well as North and South America.
by IPANetEngineer
Tue Oct 06, 2020 5:21 pm
Forum: Beginner Basics
Topic: RouterOS/SwitchOS Test Result Questions
Replies: 6
Views: 560

Re: RouterOS/SwitchOS Test Result Questions

If you're going to keep the traffic at Layer 2, then you'll be able to achieve 10Gbps between hosts that are connected to the switches. In RouterOS v7, L3 at wirespeed is possible since routing is offloaded into hardware. https://help.mikrotik.com/docs/display/ROS/CRS3xx+series+switches#heading-L3Ha...
by IPANetEngineer
Tue Oct 06, 2020 5:16 pm
Forum: General
Topic: Mikrotik Max Limit
Replies: 2
Views: 336

Re: Mikrotik Max Limit

Can you share more about the network topology and configuration? The CCR1072 will support 15G of traffic
by IPANetEngineer
Tue Oct 06, 2020 4:21 pm
Forum: Forwarding Protocols
Topic: Modern IBGP design questions
Replies: 1
Views: 695

Re: Modern IBGP design questions

A few thoughts here. 1) You don't want separate instances...that would require redistribution and isn't needed 2) You want a router that isn't a border to act as a route reflector often these are core routers - this can even be out of path like a CHR 3) You need to either set next-hop-self on each b...
by IPANetEngineer
Mon Oct 05, 2020 7:47 pm
Forum: General
Topic: Not pingable within a bridge
Replies: 3
Views: 384

Re: Not pingable within a bridge

When you say teaming with ESXi 6.0 do you mean active/passive teaming or LACP?
by IPANetEngineer
Mon Oct 05, 2020 3:31 pm
Forum: General
Topic: ipv6 issue behind modem router.
Replies: 23
Views: 1598

Re: ipv6 issue behind modem router.

That's not the same. The laptop will most likely get the address using SLAAC, or possibly using DHCP but asking for a single address, not for a prefix. You can actually use Linux to test for prefix delegation. This is the syntax for debian based flavors. dhclient -d -6 -P <interface_name> --prefix-...
by IPANetEngineer
Mon Oct 05, 2020 3:27 pm
Forum: Forwarding Protocols
Topic: OSPF / PTMP no subnets
Replies: 5
Views: 1003

Re: OSPF / PTMP no subnets

Id love to understand why (in which situations) Id use PtMP? PtMP was very commonly implemented about 10 to 15 years ago in Frame Relay and ATM networks that were not broadcast capable but could otherwise have more than two hosts on a Layer 2 segment. It is sometimes used in wireless networks with ...
by IPANetEngineer
Mon Oct 05, 2020 3:18 pm
Forum: RouterOS v7 BETA
Topic: VRF status with RouterOS v7
Replies: 6
Views: 1432

Re: VRF status with RouterOS v7

Yes of course, it will be implemented.
Is VPNv6 planned for implementation as well?
by IPANetEngineer
Mon Oct 05, 2020 3:16 pm
Forum: Beginner Basics
Topic: proplem with dhcp
Replies: 7
Views: 691

Re: proplem with dhcp

why the dhcp give same address to active user ppp ??? i check everything But I couldn't solve the problem
SERVER : 1100AHX2 (6.47.4)
I use Radius
What does the radius log say for those two connections?
by IPANetEngineer
Mon Oct 05, 2020 2:21 pm
Forum: RouterOS v7 BETA
Topic: [bug] Issue with unexpected advertisement of OPSFv3 prefix [SOLVED]
Replies: 2
Views: 977

Re: Issue with unexpected advertisement of OPSFv3 prefix [SOLVED]

I tried with a simpler config and got the same result. This appears to be a bug and not configuration related.
by IPANetEngineer
Fri Oct 02, 2020 6:52 pm
Forum: General
Topic: ipv6 issue behind modem router.
Replies: 23
Views: 1598

Re: ipv6 issue behind modem router.

Have you tested that prefix delegation is working with another non-mikrotik device or a laptop?
by IPANetEngineer
Fri Oct 02, 2020 4:36 pm
Forum: RouterOS v7 BETA
Topic: L3 hardware offload in FW mode - will there be any other devices than CRS317 supporting this mode?
Replies: 8
Views: 2686

Re: L3 hardware offload in FW mode - will there be any other devices than CRS317 supporting this mode?

I agree that HW accelerated security devices at a low price point is a *huge* gap in the market. One feature that would really push the adoption of this is a stateful failover feature between two CRS switches so that it doesn't have to be a customized script + vrrp.
by IPANetEngineer
Thu Oct 01, 2020 6:58 pm
Forum: Beginner Basics
Topic: Please Help . PPPoE Terminating
Replies: 3
Views: 635

Re: Please Help . PPPoE Terminating

This is typically caused by a duplication of a MAC address in two sessions. How many PPPoE clients do you have and what type of router are you using?
by IPANetEngineer
Thu Oct 01, 2020 4:57 pm
Forum: Beginner Basics
Topic: Using Mikrotik Router as a Public IP Forwarder
Replies: 6
Views: 498

Re: Using Mikrotik Router as a Public IP Forwarder

If the /29 isn't routed to you and your ISP will be the GW for the /29, then you really have two options

1) Bridge all the ports together and use L2 to connect hosts together
2) Use Proxy ARP and assign a /32 public to each endpoint (as a loopback) with a route pointing to the /32 on your router.
by IPANetEngineer
Thu Oct 01, 2020 2:36 pm
Forum: Beginner Basics
Topic: Bridge and VLANs configuration
Replies: 7
Views: 791

Re: Bridge and VLANs configuration

According to the bridge hw offload guide, that model doesn't support Bridge VLAN filtering in HW offload. Have you tried the same config under the switch menu?

https://wiki.mikrotik.com/wiki/Manual:I ... Offloading
by IPANetEngineer
Thu Oct 01, 2020 2:29 pm
Forum: RouterBOARD hardware
Topic: So, there is a 100g switch coming?
Replies: 9
Views: 1550

Re: So, there is a 100g switch coming?

I really hope so, 100G on a CCR or CRS would be amazing!!

We have use cases in the data center and in service providers for 100G ports this would be perfect for.
by IPANetEngineer
Wed Sep 30, 2020 9:16 pm
Forum: General
Topic: CCR2004 vs rb4011 [SOLVED]
Replies: 2
Views: 678

Re: CCR2004 vs rb4011 [SOLVED]

Are you expecting traffic to grow beyond 1G? If so, i'd go with the CCR2004. Also, if you have the budget, the cost of the CCR2004 is only a few hundred dollars more, so unless you're on a tight budget, the CCR2004 is a better choice. That said, the 4011 will do 2G to 3G of Internet traffic (1500 MT...
by IPANetEngineer
Wed Sep 30, 2020 4:45 pm
Forum: RouterOS v7 BETA
Topic: [bug] Issue with unexpected advertisement of OPSFv3 prefix [SOLVED]
Replies: 2
Views: 977

[bug] Issue with unexpected advertisement of OPSFv3 prefix [SOLVED]

I'm doing some lab work with IPv6 routing and ROS7.1beta2 CHR. I'm trying to understand why OSPFv3 is advertising a specific prefix as I didn't explicitly configure it to be advertised and it doesn't show up as an external route indicating redistribution. Here is the network topology https://stubare...
by IPANetEngineer
Wed Sep 30, 2020 3:53 pm
Forum: Forwarding Protocols
Topic: BGP Can only access certain websites
Replies: 4
Views: 965

Re: BGP Can only access certain websites

Have you created IRR entries for your aggregate ranges? That will often cause a prefix to be dropped from advertisement to peers.

You can either do this with your RIR (aka ARIN, RIPE, etc) or an independent IRR like https://www.radb.net/
by IPANetEngineer
Wed Sep 30, 2020 2:52 am
Forum: Forwarding Protocols
Topic: BGP Can only access certain websites
Replies: 4
Views: 965

Re: BGP Can only access certain websites

It sounds like your prefixes either aren't being advertised or accepted/announced by your upstream.

What is the output of the following command?
routing bgp advertisements print peer=peer_name
by IPANetEngineer
Tue Sep 29, 2020 7:47 pm
Forum: Beginner Basics
Topic: Routing between connected subnets - ICMP but not TCP
Replies: 4
Views: 445

Re: Routing between connected subnets - ICMP but not TCP

The first thing i'd try is to disable all FW, NAT and MANGLE rules, even if you're sure they aren't interfering and test to see if TCP passes through to that host.
by IPANetEngineer
Tue Sep 29, 2020 7:29 pm
Forum: General
Topic: Is there a router/switch to beat the 4011?
Replies: 21
Views: 2653

Re: Is there a router/switch to beat the 4011?

Yes the 4011 will beat the CPU of any CRS switch for routing. Using a router to act as the gateway for LAN subnets and terminate the WAN as well as a switch for port density is a very reliable setup that has been used for over 20 years. It's nice to be able to combine the functions together and the ...
by IPANetEngineer
Sun Sep 27, 2020 3:23 pm
Forum: Forwarding Protocols
Topic: MPLS and MTU
Replies: 5
Views: 1286

Re: MPLS and MTU

i know that MPLS is sensitive about MTU. Any recommendations / basic rules? I typically recommend that most ISPs running MPLS start with the settings below. This is from a presentation I gave at the MikroTik US MUM https://mum.mikrotik.com/presentations/US16/presentation_3327_1462279781.pdf https:/...
by IPANetEngineer
Fri Sep 25, 2020 4:35 pm
Forum: Forwarding Protocols
Topic: eBGP routes not being advertised to iBGP peer [SOLVED]
Replies: 4
Views: 1225

Re: eBGP routes not being advertised to iBGP peer [SOLVED]

Start with basic reachability checks...can you ping the GW using ICMP or ARP?

Are you peering on a directly connected subnet and not the loopbacks?
by IPANetEngineer
Fri Sep 25, 2020 3:56 pm
Forum: Forwarding Protocols
Topic: MetalLB BGP ECMP
Replies: 7
Views: 2193

Re: MetalLB BGP ECMP

MikroTik will only load balance (ECMP) with iBGP when peering via loopbacks and using an IGP (OSPF or RIP) or static routes.

https://wiki.mikrotik.com/wiki/Manual:B ... _with_iBGP
by IPANetEngineer
Tue Sep 01, 2020 2:33 pm
Forum: Beginner Basics
Topic: MPLS/VPLS/OSPF Problem
Replies: 4
Views: 1080

Re: MPLS/VPLS/OSPF Problem

Normally, you don't want spanning tree running on the bridges that connect VPLS together. Trying to converge RSTP across a large network creates a lot of problems. I would eliminate loops and turn spanning tree off. If this isn't possible, I would at least use MSTP instead of RSTP as it calculates t...
by IPANetEngineer
Tue Sep 01, 2020 2:19 pm
Forum: RouterOS v7 BETA
Topic: state of VXLAN?
Replies: 4
Views: 2035

Re: state of VXLAN?

I really hope so. BGP EVPN and VxLAN would be an amazing combination for MikroTik.

We could also use Type 5 routes for VRF signalling and have a replacement for MPLS in certain use cases.
by IPANetEngineer
Sun Aug 30, 2020 11:43 pm
Forum: RouterOS v7 BETA
Topic: DHCPv6 Server
Replies: 29
Views: 2487

Re: DHCPv6 Server

Here is an article I did with a basic overview of DHCPv6-PD config on MikroTik

https://stubarea51.net/2018/09/14/wisp- ... your-wisp/


Image
by IPANetEngineer
Thu Aug 27, 2020 7:45 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 114
Views: 11670

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

True that I consider Cisco today more really as a software company, where 5-10 years ago "hardware" was more the focus with monolithic software designs. Agree on the licensing too, you almost need a phd to understand that (same with Microsoft etc) and pricing. Like you say, sooo much equi...
by IPANetEngineer
Thu Aug 27, 2020 7:17 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 114
Views: 11670

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

So yes ... they pack a lot of performance. Should jolly well hope so for £3,500!! Do Mikrotik do a 48 port switch? I can find MikroTik CRS328-24P so would need two for £750. Serious question, what extra does the Cisco Catalyst 9300 bring to the table? For context (because i'll probably be called a ...
by IPANetEngineer
Wed Aug 26, 2020 8:51 pm
Forum: Forwarding Protocols
Topic: BGP Load Balancing with two interfaces
Replies: 1
Views: 701

Re: BGP Load Balancing with two interfaces

If you can bond the links, it's much simpler and you should use LACP.

BGP Load balancing is for use cases when bonding is not possible.
by IPANetEngineer
Wed Aug 26, 2020 1:45 am
Forum: General
Topic: Architecture and growth - how to know when to change
Replies: 7
Views: 1652

Re: Architecture and growth - how to know when to change

From an architecture perspective as it relates to PPPoE you need something that can load balance and scale laterally. This is true whether it's MikroTik or Cisco/Juniper. This will allow you to add resources as needed based on load and performance observations. Most of the time we use CHR to termina...
by IPANetEngineer
Tue Aug 25, 2020 10:23 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 114
Views: 11670

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

This is an unfair comparison. The CCR is a fix-chassis toy compared to the ASR1006-X which was (waaaaaaaaaay)³ too powerful for such simple requirements stated...so whoever "spec'ed" this setup overdid it...A LOT. You can blast 10 interfaces with 10Gbits/sec each concurrently and it will ...
by IPANetEngineer
Tue Aug 25, 2020 8:59 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 114
Views: 11670

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

I think, that Mikrotik is overly complicated in a lot of things. For example Layer-2 configuration: - subinterfaces plus bridges - vlan filtering within the bridge - vlan-handling on the switch itself This is very annoying. No other vender forces you to learn three ways to do simple VLAN stuff. Rea...
by IPANetEngineer
Tue Aug 25, 2020 6:53 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 114
Views: 11670

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

Since we run the largest MikroTik consulting firm in the world, I have some thoughts on this :) We have used MikroTik in very large environments for enterprise, data center and ISPs around the world. Like any other piece of network equipment, you have to understand how to design and deploy it. One o...
by IPANetEngineer
Tue Aug 25, 2020 2:14 am
Forum: RouterOS v7 BETA
Topic: Feature Request - Enterprise features like VSS, ZTP, IPv6 L3 HW offloading and SD-WAN
Replies: 13
Views: 1927

Re: Feature Request - Enterprise features like VSS, ZTP, IPv6 L3 HW offloading and SD-WAN

Not needed as they are inherently secure. That doesn't make any sense....UTM is not just Internet facing, it's designed to detect internal and external threats across an organization's infrastructure. Can you share some details of how blockchain and torrent would prevent malware from replicating on...
by IPANetEngineer
Tue Aug 25, 2020 1:03 am
Forum: RouterOS v7 BETA
Topic: Feature Request - Enterprise features like VSS, ZTP, IPv6 L3 HW offloading and SD-WAN
Replies: 13
Views: 1927

Re: Feature Request - Enterprise features like VSS, ZTP, IPv6 L3 HW offloading and SD-WAN

UTM could be done for free if all routers had Torrent and BlockChain

How does this solve the problem of analyzing and mitigating threats at L4 - L7?
by IPANetEngineer
Mon Aug 24, 2020 7:00 pm
Forum: Forwarding Protocols
Topic: EBGP routes not advertised to IBGP peer [SOLVED]
Replies: 4
Views: 1264

Re: EBGP routes not advertised to IBGP peer [SOLVED]

I just noticed you're talking about IPv6. In IPv4, this works However woth Ipv6, recursive routing does not work in RouterOS 6.x so iBGP does not work...the routes will advertise but are not reachable. You'll have to use OSPFv3 past the BGP Border router to advertise routing reachability. This has b...
by IPANetEngineer
Mon Aug 24, 2020 6:51 pm
Forum: RouterOS v7 BETA
Topic: Feature Request - Enterprise features like VSS, ZTP, IPv6 L3 HW offloading and SD-WAN
Replies: 13
Views: 1927

Re: Feature Request - Enterprise features like VSS, ZTP, IPv6 L3 HW offloading and SD-WAN

1. MikroTik is already working on stacking, I've talked with them at length about the need for this at the MUMs. The last I heard, MikroTik was using a standards based protocol to implement a redundant switching control plane but I don't remember which one. A decent guess would be either SPB (https:...
by IPANetEngineer
Sat Aug 22, 2020 6:16 pm
Forum: General
Topic: WireGuard Released !
Replies: 41
Views: 30828

Re: WireGuard Released !

can anyone please help me to configuring wireguard

i setup peer and wg interface
but traffic cant go throw the tunnel

There is a good tutorial here from Rick Frey

https://rickfreyconsulting.com/wireguard/
by IPANetEngineer
Tue Aug 11, 2020 5:52 pm
Forum: Forwarding Protocols
Topic: Unable to apply BGP communities for 32 bit ASN
Replies: 1
Views: 1457

Re: Unable to apply BGP communities for 32 bit ASN

This feature is available in Router OS v7.1 beta1 so you can test it, but it's not considered ready for production

https://help.mikrotik.com/docs/display/ ... col+Status

"Routing filter match community/large community lists"
by IPANetEngineer
Sat Aug 08, 2020 4:35 pm
Forum: Forwarding Protocols
Topic: Traffic control over redundant topology (conceptual). [SOLVED]
Replies: 1
Views: 1397

Re: Traffic control over redundant topology (conceptual). [SOLVED]

Here is one method of traffic engineering that works very well with MikroTik. From a presentation I did at the MIkroTik US MUM in 2017

https://mum.mikrotik.com/presentations/ ... 062656.pdf

Image
by IPANetEngineer
Sat Aug 08, 2020 4:30 pm
Forum: Forwarding Protocols
Topic: Mpls performance on CCR1036-8G-2S.
Replies: 6
Views: 2604

Re: Mpls performance on CCR1036-8G-2S.

With BFD on for OSPF, you should be able to fail over in a few seconds even without fast reroute.
by IPANetEngineer
Wed Aug 05, 2020 5:56 pm
Forum: Forwarding Protocols
Topic: OSPF MPLS Setup Convergence
Replies: 10
Views: 3761

Re: OSPF MPLS Setup Convergence

Have you tried BFD?
by IPANetEngineer
Wed Aug 05, 2020 5:46 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 385
Views: 134286

Re: RB4011

Just got my RB4011, and I can confirm that SFP+ works very well with passive DAC. Of course I didn't use the Mikrotik cable. ;) iperf shows around 800 MB/s against my NAS, so I'd say it actually works. Also, I didn't see any flapping. I would be careful until they officially come back with word tha...
by IPANetEngineer
Wed Aug 05, 2020 5:32 pm
Forum: General
Topic: ipv6 bgp filters broken ? [SOLVED]
Replies: 2
Views: 917

Re: ipv6 bgp filters broken ? [SOLVED]

Can you share which prefixes you do want to advertise....it looks like you're trying to write a rule to block all IPv6 prefixes
by IPANetEngineer
Wed Aug 05, 2020 5:19 pm
Forum: Forwarding Protocols
Topic: Mpls performance on CCR1036-8G-2S.
Replies: 6
Views: 2604

Re: Mpls performance on CCR1036-8G-2S.

Hi Leandro, There are some _major_ issues with MPLS in RouterOS v6. The major ones being the lack of Fast Re-Route, RSVP paths not failing over(or back), NLRI not being updated for L3VPN's and stale labels causing traffic to disappear. It is usable for basic stuff like VPLS, but it is all done 100%...
by IPANetEngineer
Tue Aug 04, 2020 7:07 pm
Forum: Forwarding Protocols
Topic: Cisco Router to Mikrotik Router Etherchannel(Bonding) issue
Replies: 2
Views: 2629

Re: Cisco Router to Mikrotik Router Etherchannel(Bonding) issue

MikroTik is using the slow LACP PDU rate of 30s, what rate is the Cisco LACP channel using? If it's set for 1s, i'd reconfigure to 30 and retest.
by IPANetEngineer
Tue Aug 04, 2020 7:01 pm
Forum: Forwarding Protocols
Topic: OSPF MPLS Setup Convergence
Replies: 10
Views: 3761

Re: OSPF MPLS Setup Convergence

I'm setting up a couple new CCR2004 with 3 redundant paths between them on the bench using a OSPF, BGP, MPLS, VPLS configuration. When I drop out the link carrying traffic, it takes 20 seconds for traffic to re-establish on the backup link. Is this normal convergence time, or possibly a setting I a...
by IPANetEngineer
Tue Aug 04, 2020 6:52 pm
Forum: Forwarding Protocols
Topic: Point-to-point (/31) addresses
Replies: 85
Views: 57950

Re: /31 network between two mikrotik devices - here is how you do it

/31 network between two mikrotik devices - here is how you do it First thing - you do not actually use a /31 in the IP address ( this is important ) Here is how you use a /31 network of only two IP address to get two Mikrotik devices to talk to each other. I am going to demonstrate 192.168.168.0/31...
by IPANetEngineer
Tue Aug 04, 2020 6:30 pm
Forum: RouterBOARD hardware
Topic: CCR Recommendation
Replies: 4
Views: 1614

Re: CCR Recommendation

What are your throughput requirements?
by IPANetEngineer
Tue Aug 04, 2020 6:29 pm
Forum: Virtualization
Topic: CHR with Proxmox does not pass 10Gb
Replies: 3
Views: 2560

Re: CHR with Proxmox does not pass 10Gb

Have you disabled hyperthreading in the BIOS of the host?
by IPANetEngineer
Thu Jul 30, 2020 7:09 pm
Forum: Forwarding Protocols
Topic: MPLS/VPLS/MTU Question??
Replies: 3
Views: 1838

Re: MPLS/VPLS/MTU Question??

I'm not sure if you're running a WISP, but this MUM presentation I did will probably be helpful. Essentially you need to set MTU in 3 places: L2MTU on the interface MTU (which is Layer 3) on the interface or VLAN - This is 1500 by default which is fine for VPLS but if you want to test larger packets...
by IPANetEngineer
Thu Jul 30, 2020 5:12 pm
Forum: Forwarding Protocols
Topic: VRF Interface Limit
Replies: 14
Views: 4541

Re: VRF Interface Limit

v7beta does not have this limit.

So if I understand this answer correctly, VRFs are limited to system resources available? Which should mean that several thousand is realistically possible