Community discussions

Search found 951 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 20
by IPANetEngineer
Fri Sep 21, 2018 4:27 pm
Forum: Forwarding Protocols
Topic: OSPF: wrong lsa type
Replies: 14
Views: 354

Re: OSPF: wrong lsa type

To clarify what you are trying to do here... Are you trying to advertise a summary route out of the stub area? If so, the area range command is what you're looking for. /routing ospf area range add advertise=yes area=backbone cost=default disabled=no range=192.168.88.0/24 add advertise=yes area=area...
by IPANetEngineer
Tue Sep 18, 2018 5:39 pm
Forum: General
Topic: CCR1009 +- 1500 pppoe
Replies: 2
Views: 132

Re: CCR1009 +- 1500 pppoe

I would consider a design like this with multiple CCRs so that you have redundancy and the ability to add resources. This can also be done in a CHR very well. We've deployed this for clients with a lot of success. https://www.stubarea51.net/2018/04/23/pppoe-high-availability-design-incorporating-mul...
by IPANetEngineer
Tue Sep 18, 2018 5:19 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] is released!
Replies: 105
Views: 10129

Re: v6.43.1 [stable] is released!

Thanks! Just tried it on a CRS317-1G-16S+ and it worked perfectly for the RouterOS and Firmware upgrades :-)
by IPANetEngineer
Mon Sep 17, 2018 6:19 pm
Forum: Forwarding Protocols
Topic: OSPF: Filter routes using firewall
Replies: 4
Views: 163

Re: OSPF: Filter routes using firewall

It might be more helpful to understand why you want to filter OSPF?
by IPANetEngineer
Sun Sep 16, 2018 5:09 pm
Forum: General
Topic: Mikrotik attacked. No idea how.
Replies: 7
Views: 395

Re: Mikrotik attacked. No idea how.

We've worked with a number of clients that have had compromised routers. As others have suggested, the two best things you can possibly do are

1) Netinstall
2) Restore config from text

When we have done this, we have not seen any further issues with the routers
by IPANetEngineer
Sat Sep 15, 2018 5:30 pm
Forum: Forwarding Protocols
Topic: Juniper - Mikrotik LDP/BGP based VPLS
Replies: 7
Views: 575

Re: Juniper - Mikrotik LDP/BGP based VPLS

Can you post the output of the MPLS forwarding tables for the Juniper and MIkroTIk routers?
by IPANetEngineer
Sat Sep 15, 2018 5:10 pm
Forum: Forwarding Protocols
Topic: OSPF: Manual cost on PPTP [SOLVED]
Replies: 9
Views: 283

Re: OSPF: Manual cost on PPTP [SOLVED]

Many many thanks for your great help and idea! It did exactly what I wanted!
Perfect, glad I could help...just update the status of the thread to 'Solved' :-)
by IPANetEngineer
Sat Sep 15, 2018 3:55 pm
Forum: Forwarding Protocols
Topic: OSPF: Manual cost on PPTP [SOLVED]
Replies: 9
Views: 283

Re: OSPF: Manual cost on PPTP [SOLVED]

No problem! OSPF can be very complicated and takes a while to learn :-) To makes things much easier for yourself, here is what I would do. 1. Put all subnets that connect routers together into the backbone area aka transit links like your PPTP interfaces/subnets 2. Put all subnets that aren't involv...
by IPANetEngineer
Sat Sep 15, 2018 3:05 pm
Forum: Forwarding Protocols
Topic: OSPF: Manual cost on PPTP [SOLVED]
Replies: 9
Views: 283

Re: OSPF: Manual cost on PPTP [SOLVED]

At first glance, the main issue is with your design. If you look at the MIkroTik Wiki on OSPF area design, you'll see that multiple areas are all attached to the backbone area.But not Area 1 going to Area 2 https://wiki.mikrotik.com/images/c/cf/Image6006.gif OSPF is not intended for areas other than...
by IPANetEngineer
Sat Sep 15, 2018 2:30 pm
Forum: General
Topic: MikroTik WISP Design – An overview of adding IPv6 to your WISP
Replies: 2
Views: 146

MikroTik WISP Design – An overview of adding IPv6 to your WISP

Just wrote an article on how to add IPv6 to your WISP using MIkroTik, complete with configs. It covers adding IPv6 at the Core, the Tower and the subscriber as well as a subscriber device. Hope this is helpful for someone! https://www.stubarea51.net/2018/09/14/wisp-design-an-overview-of-adding-ipv6-...
by IPANetEngineer
Sat Sep 15, 2018 2:21 pm
Forum: Forwarding Protocols
Topic: Routing bug
Replies: 1
Views: 85

Re: Routing bug

There are a lot of stable MIkroTik networks with BGP, OSPF, MPLS/VPLS on the CCR series.

Can you post your config? Do you have a network diagram?
by IPANetEngineer
Sat Sep 15, 2018 2:15 pm
Forum: Forwarding Protocols
Topic: OSPF: Manual cost on PPTP [SOLVED]
Replies: 9
Views: 283

Re: OSPF: Manual cost on PPTP [SOLVED]

Can you post your config? That might be helpful.

Also please post the output of these commands on each router:
routing ospf interface print detail
routing ospf network print detail
routing ospf lsa print detail
by IPANetEngineer
Sat Sep 15, 2018 7:40 am
Forum: Forwarding Protocols
Topic: MPLS, BGP and OSPF design for wisp
Replies: 20
Views: 1908

Re: MPLS, BGP and OSPF design for wisp

You definitely don't want to do it with a small CRS. Look at using a 3011 at smaller sites and CCR at others.
by IPANetEngineer
Fri Sep 14, 2018 9:42 pm
Forum: Announcements
Topic: Winbox v3.18 released!
Replies: 19
Views: 2367

Re: Winbox v3.18 released!

Thanks! will test it in our MirkoTik lab :-)
by IPANetEngineer
Fri Sep 14, 2018 6:51 pm
Forum: Forwarding Protocols
Topic: Injecting partial BGP/Aggregate routes into OSPF
Replies: 6
Views: 244

Re: Injecting partial BGP/Aggregate routes into OSPF

On the BGP routers, turn on bgp redistribution then add only the wanted routes into ospf-out filter denying the others, so it will redistribute only those? Done this? I fear as the BGP process is single threaded and eats a whole cpu of the CCR it may cause problems. You have to get into hundreds of...
by IPANetEngineer
Thu Sep 13, 2018 5:25 am
Forum: Forwarding Protocols
Topic: MPLS, BGP and OSPF design for wisp
Replies: 20
Views: 1908

Re: MPLS, BGP and OSPF design for wisp

Thanks. On the MTU size, I see some people set it to 1530 for MPLS, some 1580, 1600, and 2000. Is there any downside to setting it to 2000 across the board? Also I am having issues getting the MPLS working out in the field through the various wireless links even though on my lab it works fine. I ha...
by IPANetEngineer
Wed Sep 12, 2018 9:14 pm
Forum: Forwarding Protocols
Topic: Injecting partial BGP/Aggregate routes into OSPF
Replies: 6
Views: 244

Re: Injecting partial BGP/Aggregate routes into OSPF

How many routes do you want to put in OSPF?
by IPANetEngineer
Wed Sep 12, 2018 4:46 pm
Forum: Forwarding Protocols
Topic: MPLS, BGP and OSPF design for wisp
Replies: 20
Views: 1908

Re: MPLS, BGP and OSPF design for wisp

Here's an example of OSPF/MPLS/VPLS for a WISP with HA DCs and with configs....I'll see what I can dig up for BGP :-)

https://www.stubarea51.net/2018/04/23/w ... c-subnets/
by IPANetEngineer
Mon Sep 10, 2018 2:26 am
Forum: Forwarding Protocols
Topic: MPLS, BGP and OSPF design for wisp
Replies: 20
Views: 1908

Re: MPLS, BGP and OSPF design for wisp

This depends on your use case. Some ISPs may use LDP signalled VPLS for private transport circuits. Other ISPs may use BGP signalled VPLS. In most cases, it's helpful to have iBGP to advertise public subjects and /32 loopbacks even if the majority of traffic is in VPLS. In short, having BGP on the i...
by IPANetEngineer
Sat Sep 08, 2018 9:49 pm
Forum: Forwarding Protocols
Topic: BGP ECMP (multipathing)
Replies: 29
Views: 8255

Re: BGP ECMP (multipathing)

I've been wanting to see this as well, but i'd rather have recursive routing in IPv6 for BGP fixed first. :-)
by IPANetEngineer
Sat Sep 08, 2018 9:46 pm
Forum: Forwarding Protocols
Topic: Packet loss Routers
Replies: 2
Views: 207

Re: Packet loss Routers

What model and type of routers are you using?
by IPANetEngineer
Sat Sep 08, 2018 4:32 pm
Forum: Forwarding Protocols
Topic: Connecting to a public Internet exchange and a transit provider
Replies: 1
Views: 126

Re: Connecting to a public Internet exchange and a transit provider

I would consider a design like this and use local pref to prefer the IX routes.

Image
by IPANetEngineer
Fri Sep 07, 2018 8:34 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 178
Views: 11913

Re: RB4011

Everyone's use case is different, but I'm actually happy they stripped some things out. I look at this a different way - now you have a router capable of routing 10 Gbps peak throughput which is very close to CCR1009 number for half the cost. All of the bells and whistles are nice, I agree, but i'll...
by IPANetEngineer
Fri Sep 07, 2018 8:26 pm
Forum: Forwarding Protocols
Topic: BGP Peering Advice
Replies: 6
Views: 366

Re: BGP Peering Advice

This largely depends on your BGP edge design and whether or not the peers are fully meshed inside your AS. If the routes learned from your upstreams are only present at the border routers then you'll need aggregate routes injected form the border routers to draw traffic towards one of those peers. A...
by IPANetEngineer
Fri Sep 07, 2018 8:12 pm
Forum: Forwarding Protocols
Topic: OSPF connected interfaces
Replies: 1
Views: 157

Re: OSPF connected interfaces

The may be some options using policy routing. Can you post a diagram of what you have? It would be much easier to comment with some context as to the layout.
by IPANetEngineer
Tue Sep 04, 2018 9:56 pm
Forum: Forwarding Protocols
Topic: Migrating from switch to Mikrotik Router
Replies: 10
Views: 429

Re: Migrating from switch to Mikrotik Router

If you run it on a switch, you can ask your upstream provider if you can maintain dual peerings and that way you'll have edge router redundancy if you lose a router or need to upgrade the RouterOS code, it can be done without an outage by failing traffic from one to the other. It still doesn't help ...
by IPANetEngineer
Sun Sep 02, 2018 6:32 pm
Forum: Forwarding Protocols
Topic: Migrating from switch to Mikrotik Router
Replies: 10
Views: 429

Re: Migrating from switch to Mikrotik Router

I've done a lot of Enterprise networks and there are some key things when you're trying to migrate and the network is a mess. 1) If you don't have detailed documentation of how the current network is laid out, take the time to create it. Layer 1 - Document physical connections to all network equipme...
by IPANetEngineer
Sun Sep 02, 2018 5:24 pm
Forum: Forwarding Protocols
Topic: Migrating from switch to Mikrotik Router
Replies: 10
Views: 429

Re: Migrating from switch to Mikrotik Router

We've been incredibly successful with switch-centric designs over the years and have deployed it on every continent except Antarctica. Switch stacks are not a single point of failure as they form a pair of HA switches that are logically a single switch from sa spanning tree perspective. Using a swit...
by IPANetEngineer
Sat Sep 01, 2018 3:39 pm
Forum: Forwarding Protocols
Topic: Migrating from switch to Mikrotik Router
Replies: 10
Views: 429

Re: Migrating from switch to Mikrotik Router

We work on this type of design frequently. I would suggest a switch-centric architecture where all of the links terminate in the switch stack and you use LACP to connect the MikroTik routers and hypervisors. Then connect the internet circuits on different switches in the stack for redundancy. Switch...
by IPANetEngineer
Fri Aug 31, 2018 6:54 pm
Forum: Forwarding Protocols
Topic: AS Path prepend Cisco to Mikrotik command Help
Replies: 2
Views: 237

Re: AS Path prepend Cisco to Mikrotik command Help

This is what you're looking for...hope it helps!
/routing bgp instance
set default as=200
/routing bgp network
add network=10.1.1.0/24
/routing bgp peer
add name=peer1 out-filter=PREPEND remote-address=192.168.1.5 remote-as=100
/routing filter
add action=accept chain=PREPEND set-bgp-prepend=3
by IPANetEngineer
Fri Aug 31, 2018 3:32 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 178
Views: 11913

Re: RB4011

I'm actually interested to test this router with a full BGP table given the high clock speed and 10 gig port.

Who knows? Could be a diamond in the rough for a border router ;-)
by IPANetEngineer
Fri Aug 31, 2018 3:30 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature Request: TACACS/TACACS+
Replies: 23
Views: 4204

Re: Feature Request: TACACS/TACACS+

I would like to see TACACS+ support as well. Being able to restrict the commands that a user can execute is incredibly important. Especially with all of the attacks against MikroTik devices - it provides another layer of protection in addition to the firewall if a lower level user account is comprom...
by IPANetEngineer
Thu Aug 30, 2018 4:44 pm
Forum: RouterBOARD hardware
Topic: CCR1036 SFP1 problem
Replies: 1
Views: 103

Re: CCR1036 SFP1 problem

That's interesting, I haven't heard of this behavior yet, but will certainly look for it.
by IPANetEngineer
Wed Aug 29, 2018 9:44 pm
Forum: SwOS
Topic: CSS326-24G-2S+RM RSTP root not working with SFP
Replies: 4
Views: 243

Re: CSS326-24G-2S+RM RSTP root not working with SFP

Don't use the edge-port type for 802.1q trunking to another switch. Also you might try MSTP as it can sometimes solve STP interop issues with other switches. Setup 1 This works great. The VLAN is accessible on the second CSS326-24G-2S+RM 1GbE. VLAN1 : (meraki switch) over 1GbE -> (1)CSS326-24G-2S+RM...
by IPANetEngineer
Wed Aug 29, 2018 7:48 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 100
Views: 17815

Re: IPv6 recursive nexthops via iBGP

@IPANetEngineer If it would be important for them, they would have fixed this issue years ago. Just proceed with FRRouting :-) It's better anyways. Depends on your use case. I like FRR and talk to a number of the developers at FRR on a regular basis. However, it's still software that's go to go on ...
by IPANetEngineer
Wed Aug 29, 2018 6:25 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 100
Views: 17815

Re: IPv6 recursive nexthops via iBGP

We could really use an update on this MikroTik. :-)

We are seeing IPv6 adoption move at a much faster pace in 2018 and are having to modify the routing architecture or use other brand routers for our clients to solve this problem.

This has been an issue for a long time but we could really use a fix
by IPANetEngineer
Wed Aug 29, 2018 6:21 pm
Forum: Forwarding Protocols
Topic: Different vrfs Same BGP Peer IP.
Replies: 1
Views: 93

Re: Different vrfs Same BGP Peer IP.

Short answer is no, it's not possible...please see my reply in this thread.

viewtopic.php?f=14&t=138551
by IPANetEngineer
Wed Aug 29, 2018 6:19 pm
Forum: Forwarding Protocols
Topic: Configure BGP to have multiple peers with the same IP in VLAN+VRF combo [SOLVED]
Replies: 1
Views: 98

Re: Configure BGP to have multiple peers with the same IP in VLAN+VRF combo [SOLVED]

In MikroTik, you cannot duplicate the transit IP or subnet inside a VRF the same way you can in Cisco.

Duplicated prefixes inside of a BGP route are fine, but the subnets used for peering or an IGP must be discrete and separate.

This is a limitation of the 6.x kernel from what I've been told.
by IPANetEngineer
Fri Aug 24, 2018 8:09 pm
Forum: Forwarding Protocols
Topic: Configuring a VRF on Single MT Router
Replies: 3
Views: 206

Re: Configuring a VRF on Single MT Router

You're close but you need to add the WAN interface to the VRF interfaces as well.

Also remove the routing-table=INTERNET on the NAT rule and just match on routing mark
by IPANetEngineer
Fri Aug 24, 2018 8:03 pm
Forum: Forwarding Protocols
Topic: HELP - BGP dynamic route flickering [SOLVED]
Replies: 6
Views: 283

Re: HELP - BGP dynamic route flickering [SOLVED]

Start a continuous ping to the peer address...do you see packet loss or bouncing of the peer? Also start a packet capture on that peering and filter for BGP, that way you can review the BGP updates and messages between your router and the upstream peer to see if your router is signalling a withdraw ...
by IPANetEngineer
Fri Aug 17, 2018 7:12 pm
Forum: RouterOS v7
Topic: Feature request: BGP4-MIB (RFC 4273)
Replies: 23
Views: 3565

Re: Feature request: BGP4-MIB (RFC 4273)

+1 for this feature
by IPANetEngineer
Thu Aug 16, 2018 11:01 pm
Forum: Forwarding Protocols
Topic: BGP check neighbor advertising IPv4
Replies: 1
Views: 141

Re: BGP check neighbor advertising IPv4

One of the best ways is to use a public route server. From there you can see what your prefixes look like advertised into the BGP global table

http://routeserver.org/

Also, BGPLay allows you to visualize subnets and connected ASes

https://stat.ripe.net/special/bgplay
by IPANetEngineer
Thu Aug 16, 2018 10:50 pm
Forum: Forwarding Protocols
Topic: Juniper - Mikrotik LDP/BGP based VPLS
Replies: 7
Views: 575

Re: Juniper - Mikrotik LDP/BGP based VPLS

Have you tired setting explicit null?

In the topology you have it looks like the PHP routers would be MikroTik and Juniper. We've seen issues before when the PHP routers are different vendors.
by IPANetEngineer
Wed Aug 15, 2018 4:36 pm
Forum: General
Topic: Convert from Cisco to Mikrotik [SOLVED]
Replies: 7
Views: 453

Re: Convert from Cisco to Mikrotik [SOLVED]

Just a tip, MikroTik recommends using src-nat instead of masquerade when possible as the performance is much better than masquerade.
by IPANetEngineer
Tue Aug 14, 2018 10:57 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 558
Views: 80877

Re: v6.43rc [release candidate] is released!

*) bridge - added support for DHCP Option 82 (disables hardware offloading, CLI only); *) bridge - added support for DHCP Snooping (disables hardware offloading, CLI only); Could we please get some examples of how to use these features on the Wiki ? I cannot see any of the options I would expect, e...
by IPANetEngineer
Tue Aug 14, 2018 10:56 pm
Forum: Virtualization
Topic: Metarouter images
Replies: 353
Views: 213419

Re: Metarouter images

I think Metarouter running something else than RouterOS is a long abandoned concept...
Unfortunately I think yo're right...we all got so excited when CCR came out that it could be an inexpensive hypervisor but I don't think it will happen.
by IPANetEngineer
Tue Aug 14, 2018 10:53 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature requests
Replies: 876
Views: 149141

Re: Feature requests - SNMP OID Ethernet link speed

Feature requests - SNMP OID Ethernet link speed It would be great to have SNMP OIDs for Ethernet link speeds. (if they are there , I have not spotted them yet). These could be very useful to detect when an Ethernet link changes link speed. Such as when what is/was supposed to be a 1-Gig link change...
by IPANetEngineer
Fri Aug 10, 2018 8:43 pm
Forum: Forwarding Protocols
Topic: BGP Failover issues
Replies: 6
Views: 343

Re: BGP Failover issues

So we need to understand whether you're trying to influence traffic coming in from your upstream (normally a "download" for a user) or traffic from your network going outbound (normally an "upload" for a user)

There are different ways to influence BGP depending on what you're trying to do.
by IPANetEngineer
Fri Aug 10, 2018 1:02 am
Forum: General
Topic: Dealing with VLANs on cisco switch.
Replies: 40
Views: 1311

Re: Dealing with VLANs on cisco switch.

So is VLAN 959 tagged towards the MikroTik router from the ISP Cisco Distribution Switch or not?

Can you validate tagged or untagged by using the MikroTik to perform a packet capture using /tool sniffer?
  • 1
  • 2
  • 3
  • 4
  • 5
  • 20