Community discussions

MikroTik App

Search found 40 matches

by asy
Tue Sep 15, 2020 4:26 pm
Forum: General
Topic: Feature Request: IPv6 NAT support
Replies: 18
Views: 4951

Re: Feature Request: IPv6 NAT support

ABSOLUTELY no need for NAT under ipv6 ...... Yes! All your computers, printers, refrigerators and other home appliances must be directly accessible for everyone on the Internet. :-) Now seriously. NAT is not a Firewall but nevertheless NAT is also a wall before direct access to internal devices in ...
by asy
Tue Jul 28, 2020 10:57 am
Forum: General
Topic: VLAN MTU issue
Replies: 3
Views: 1567

Re: VLAN MTU issue

"/interface vlan set 0 mtu=1542 " seems to fix the problem, but it looks strange. Even more interesting. The router had in the initial configuration > interface br pr Flags: X - disabled, R - running 0 R ;;; defconf name="bridge" mtu=auto actual-mtu=1458 l2mtu=1594 ... and internal and used ether1....
by asy
Mon Jul 27, 2020 12:06 pm
Forum: General
Topic: VLAN MTU issue
Replies: 3
Views: 1567

Re: VLAN MTU issue

"/interface vlan set 0 mtu=1542 " seems to fix the problem

But it can probably cause traffic problems from the router itself.
by asy
Mon Jul 27, 2020 10:27 am
Forum: General
Topic: VLAN MTU issue
Replies: 3
Views: 1567

Re: VLAN MTU issue

Hello I have a similar problem (6.47.1, "cAP ac" with IP 100.64.5.197 and NAT): 11:08:48.574235 IP x.x.x.6.https > 100.64.5.197.34552: Flags [.], seq 1:1461, ack 518, win 30016, length 1460 11:08:48.574836 IP 100.64.5.197 > x.x.x.6: ICMP 100.64.5.197 unreachable - need to frag (mtu 1458), length 556...
by asy
Wed Jul 22, 2020 7:38 pm
Forum: Wireless Networking
Topic: Chain of cAP ac routers
Replies: 4
Views: 1296

Re: Chain of cAP ac routers

I understand the theoretical part but maybe someone has practical experience.
by asy
Tue Jul 21, 2020 7:12 pm
Forum: Wireless Networking
Topic: Chain of cAP ac routers
Replies: 4
Views: 1296

Chain of cAP ac routers

Hello.

cAP ac have 2 ports with PoE in and PoE out. Do I understand correctly that multiple routers can be enabled in a chain via a single PoE injector? If Yes, how much? And how length of the ethernet cable is allow?
by asy
Tue Jul 21, 2020 9:18 am
Forum: General
Topic: Multiple EoIP via L2TP [SOLVED]
Replies: 8
Views: 1434

Re: Multiple EoIP via L2TP [SOLVED]

I'll suggest you some firewall rules to add which may help. In short, GRE handling has been "improved" a few RouterOS versions ago, and since then you have to add rules to let incoming GRE packets get through. It is strange that "tunnel-id=0" helps to bypass the firewall. But You are right. Rule fo...
by asy
Mon Jul 20, 2020 3:37 pm
Forum: General
Topic: Multiple EoIP via L2TP [SOLVED]
Replies: 8
Views: 1434

Re: Multiple EoIP via L2TP [SOLVED]

The second client starts working if I off the first one and change the user to login1 and tunnel-id to 0 on second.

Second client starts working if I set tunnel-id to 0 only. Change username isn't needed. So only "tunnel-id=0" works somehow.
by asy
Mon Jul 20, 2020 3:16 pm
Forum: General
Topic: Multiple EoIP via L2TP [SOLVED]
Replies: 8
Views: 1434

Re: Multiple EoIP via L2TP [SOLVED]

Can you run both EoIP tunnels via the same L2TP connection and distinguish them from one another using tunnel-id , or you have some reasons to use two independent L2TP connections with independent user names? I need to know the IP of each client to configure EoIP. Or am I wrong here? I'm afraid tha...
by asy
Mon Jul 20, 2020 3:09 pm
Forum: General
Topic: Multiple EoIP via L2TP [SOLVED]
Replies: 8
Views: 1434

Re: Multiple EoIP via L2TP [SOLVED]

Unless you need it, Try turning off RSTP on each of the bridges and see if that works.
I set protocol-mode to none now, but it didn't help.
by asy
Mon Jul 20, 2020 2:18 pm
Forum: General
Topic: Multiple EoIP via L2TP [SOLVED]
Replies: 8
Views: 1434

Multiple EoIP via L2TP [SOLVED]

Hello. I need to configure multiple EoIP tunnel and something is not working. RouterOS 6.47.1. Main router's configuration: /interface eoip add loop-protect=off mac-address=02:B1:D2:9E:00:01 name=eoip-tunnel1 remote-address=192.168.201.1 tunnel-id=0 add loop-protect=off mac-address=02:B1:D2:9E:00:02...
by asy
Sat Jul 18, 2020 1:32 pm
Forum: General
Topic: [Web interface] The WAN IP is not displayed if a VLAN is used.
Replies: 3
Views: 1495

Re: [Web interface] The WAN IP is not displayed if a VLAN is used.

From a technical point of view, this is quite clear. But this is bad in terms of usability. Maybe should change the default page to Webfig if the created (or more well unrecognized) configuration is detected? And issue a warning when user try to switch to Quickset.
by asy
Sat Jul 18, 2020 11:50 am
Forum: General
Topic: [Web interface] The WAN IP is not displayed if a VLAN is used.
Replies: 3
Views: 1495

[Web interface] The WAN IP is not displayed if a VLAN is used.

Hello. RouterOS 6.47.1 The WAN IP is not displayed if a VLAN is used. The configuration snippet: /interface vlan add interface=ether1 name=ether1.608 vlan-id=608 /ip address add address=100.64.5.197/30 interface=ether1.608 network=100.64.5.196 /ip route add distance=1 gateway=100.64.5.198 Is it poss...
by asy
Sat Jul 18, 2020 11:33 am
Forum: General
Topic: iptables "-j TEE" functionality needed
Replies: 11
Views: 4714

Re: iptables "-j TEE" functionality needed

Sometimes it is inconvenient to use Switch Chip. TEE functionality would be useful.
by asy
Wed Mar 14, 2018 8:24 am
Forum: General
Topic: RADIUS Client - not stable interval for Alive packet
Replies: 1
Views: 356

Re: RADIUS Client - not stable interval for Alive packet

And some packets lost: Wed Mar 14 09:00:45 2018 Acct-Session-Id = "81203344" -- Wed Mar 14 09:01:55 2018 Acct-Session-Id = "81203344" -- Wed Mar 14 09:02:45 2018 Acct-Session-Id = "81203344" -- Wed Mar 14 09:09:10 2018 Acct-Session-Id = "81203344" -- Wed Mar 14 09:11:55 2018 Acct-Session-Id = "81203...
by asy
Wed Mar 14, 2018 7:41 am
Forum: General
Topic: RADIUS Client - SessionID not globally unique
Replies: 7
Views: 1787

Re: RADIUS Client - SessionID not globally unique

https://tools.ietf.org/html/rfc2866#page-15 The RFC makes no requirement for the attribute to be unique. It contains a very good example. :-) For example, one implementation uses a string with an 8-digit upper case hexadecimal number, the first two digits increment on each reboot (wrapping every 25...
by asy
Tue Mar 13, 2018 11:23 am
Forum: General
Topic: RADIUS Client - SessionID not globally unique
Replies: 7
Views: 1787

Re: RADIUS Client - SessionID not globally unique

The problem can be solved by using RADIUS "Class" attribute if "Class" isn't used for anymore. "Class" can be return in "Access-Accept" and can contains start time of session for example. Unique key will be "UserName-AcctSessionId-NASIPAddress-Class" at this case. However, "Class" can be used for ot...
by asy
Thu Mar 08, 2018 11:12 pm
Forum: General
Topic: RADIUS Client - not stable interval for Alive packet
Replies: 1
Views: 356

RADIUS Client - not stable interval for Alive packet

What could be the reasons for the large delay in receiving the package at 23:57:24? -- Thu Mar 8 23:54:59 2018 Acct-Session-Id = "818011d4" -- Thu Mar 8 23:55:59 2018 Acct-Session-Id = "818011d4" -- Thu Mar 8 23:57:24 2018 Acct-Session-Id = "818011d4" -- Thu Mar 8 23:57:59 2018 Acct-Session-Id = "81...
by asy
Thu Mar 08, 2018 7:39 pm
Forum: General
Topic: RADIUS Client - SessionID not globally unique
Replies: 7
Views: 1787

Re: RADIUS Client - SessionID not globally unique

But why are you using session ID? You can configure Nas Id as you like, make it globally unique. Problem solved? No. One NAS can generate it: +----------+---------------+--------------+---------------------+---------------------+ | UserName | AcctSessionId | NASIPAddress | AcctStartTime | AcctStopT...
by asy
Thu Mar 08, 2018 7:08 pm
Forum: General
Topic: RADIUS Client - SessionID not globally unique
Replies: 7
Views: 1787

Re: RADIUS Client - SessionID not globally unique

Yes. This is a problem. I think time should be used to ensure the uniqueness of the SessionID. A RADIUS packets contains TimeStamp but it have the second problem. Time Stamp can be different for repeated accounting packet. So one of problems must be solved in RouterOS (and better both). I have not t...
by asy
Thu Mar 01, 2018 9:08 am
Forum: Forwarding Protocols
Topic: Point-to-point (/31) addresses
Replies: 77
Views: 50888

Re: Point-to-point (/31) addresses

change to
network 172.16.64.58/32 area 0.0.0.112
It seems more accurate but it not works: Quagga is not sending OSPF hello.
by asy
Wed Feb 28, 2018 4:48 pm
Forum: Forwarding Protocols
Topic: Point-to-point (/31) addresses
Replies: 77
Views: 50888

Re: Point-to-point (/31) addresses

Sorry, I forgot about default firewall after reset configuration on MT. It works, thanks. Linux: ip address add 172.16.64.59/32 peer 172.16.64.58 dev eth2 Quagga: ! interface eth2 ip ospf network point-to-point ! router ospf ospf router-id 10.10.10.10 ! network 172.16.64.58/31 area 0.0.0.112 ! area ...
by asy
Wed Feb 28, 2018 3:33 pm
Forum: Forwarding Protocols
Topic: Point-to-point (/31) addresses
Replies: 77
Views: 50888

Re: Point-to-point (/31) addresses

Linux support /32 so switch to /32 True. I switched "ip address add 172.16.64.59/31 ..." to "ip address add 172.16.64.59/31 peer 172.16.64.59 ..." and link continued to work. Ok. and OSPF will work. But this not. Quagga isn't up neighbor with error (with nbma): OSPF: interface eth2:172.16.64.59: os...
by asy
Tue Feb 27, 2018 8:36 pm
Forum: Forwarding Protocols
Topic: Point-to-point (/31) addresses
Replies: 77
Views: 50888

Re: Point-to-point (/31) addresses

I read about MT-MT with /32. As MT doesn't work well with /31's the only way to interconnect MT<->OtherVendor is by /30's But I need this. I linked MT(/32) - Linux(/31) but I can't run OSPF over it (with Quagga). I tried nbma, broadcast and point-to-point settings for OSPF but all unsuccessful. The ...
by asy
Tue Feb 27, 2018 1:20 pm
Forum: Forwarding Protocols
Topic: Point-to-point (/31) addresses
Replies: 77
Views: 50888

Re: Point-to-point (/31) addresses

Are there any plans to support RFC 3021 in RouterOS now ?
by asy
Mon Jan 02, 2017 12:01 pm
Forum: General
Topic: Limit on frequent PPPoE-session authentication failures?
Replies: 4
Views: 982

Re: Limit on frequent PPPoE-session authentication failures?

Educate your customer and create configuration guide for PPPoE client configuration to avoid bad username/password users. Sometimes user's accounts disabled for non-payment. It is a lot every begin of month usually. This causes explosive growth in the number of attempts: 89172209 Jan 2 03:15 radiat...
by asy
Sun Jan 01, 2017 7:49 pm
Forum: Beginner Basics
Topic: Q-in-Q and RB750 with 6.36.4
Replies: 1
Views: 565

Re: Q-in-Q and RB750 with 6.36.4

Does Q-in-Q works on RB750 ?
It works. I found misconfiguration on intermediate hardware.
by asy
Fri Dec 23, 2016 12:01 am
Forum: Beginner Basics
Topic: Q-in-Q and RB750 with 6.36.4
Replies: 1
Views: 565

Q-in-Q and RB750 with 6.36.4

Hello. Does Q-in-Q works on RB750 ? I attempt to configure it and I have problem. However, I make the stand with a 941-2nD (6.37.3) and the same configuration works. Is this limitation of RB750 or am I not careful somewhere ? /interface bridge add name=br715 /interface vlan add interface=ether4 name...
by asy
Thu Sep 01, 2016 2:40 pm
Forum: General
Topic: Limit on frequent PPPoE-session authentication failures?
Replies: 4
Views: 982

Re: Limit on frequent PPPoE-session authentication failures?

Hello. I think it would be a useful feature. Educate your customer and create configuration guide for PPPoE client configuration to avoid bad username/password users. Great idea. But it from fantastic area. :-) Rate limit for authentication attempts in time window per MAC address is a great variant,...
by asy
Sat Sep 12, 2015 3:40 pm
Forum: General
Topic: Is "Manual:Queue" for 6.x exists ?
Replies: 1
Views: 418

Re: Is "Manual:Queue" for 6.x exists ?

by asy
Sat Aug 22, 2015 10:32 pm
Forum: General
Topic: Is "Manual:Queue" for 6.x exists ?
Replies: 1
Views: 418

Is "Manual:Queue" for 6.x exists ?

Hello.

I see http://wiki.mikrotik.com/wiki/Manual:Queue but it has label "Applies to RouterOS: 2.9, v3, v4". There is also mention about the changes for version 6. Is actual full manual for 6.x exists ?

Regards, Sergey.
by asy
Sat Aug 22, 2015 11:03 am
Forum: RouterBOARD hardware
Topic: CCR-1009-8G-1S-1S+PC: port's role understanding
Replies: 11
Views: 1638

Re: CCR-1009-8G-1S-1S+PC: port's role understanding

If the ports are excluded from the switch, are they connected with each 1Gbps to CPU?
Ok, thanks. Are all other ports independent ?
by asy
Fri Aug 21, 2015 8:09 pm
Forum: RouterBOARD hardware
Topic: CCR-1009-8G-1S-1S+PC: port's role understanding
Replies: 11
Views: 1638

CCR-1009-8G-1S-1S+PC: port's role understanding

Hello.

CCR-1009-8G-1S-1S+PC have a label "GROUP 1" for eth1-eth4. What does this mean ? Is there a difference in
opportunities between ports ?

Regards, Sergey.
by asy
Tue Jun 23, 2015 4:15 pm
Forum: RouterBOARD hardware
Topic: hEX lite, function of ports
Replies: 3
Views: 1243

Re: hEX lite, function of ports

Thanks.
by asy
Tue Jun 23, 2015 11:01 am
Forum: RouterBOARD hardware
Topic: hEX lite, function of ports
Replies: 3
Views: 1243

hEX lite, function of ports

Hello.

I see what hEX lite router have WAN and LAN labels on case.
Is it true or any port equal and they can have any functions ? Exclude PoE of course.

Regards, Sergey.
by asy
Fri Dec 05, 2014 12:24 pm
Forum: General
Topic: Feature request: DNS setup for local networks
Replies: 1
Views: 1126

Feature request: DNS setup for local networks

Hello. I would be nice to add a third option to allow-remote-requests: "localnets". This is by analogy with the Bind (quote from its the manual): "localnets" - matches all the IP address(es) and subnetmasks of the server on which BIND is running. For example, if the server has a single interface wit...
by asy
Tue Apr 16, 2013 9:42 pm
Forum: General
Topic: settings for sys/kernel/panic and netconsole
Replies: 0
Views: 1305

settings for sys/kernel/panic and netconsole

Hello.

Is it possible to set /proc/sys/kernel/panic and to use netconsole ?
by asy
Thu Dec 27, 2012 1:15 pm
Forum: General
Topic: SNMP and reset of interfaces (PPPoE)
Replies: 2
Views: 1427

SNMP and reset of interfaces (PPPoE)

Hello. I'm looking for the ability to reset (pppoe) session. Can I do it via SNMP ? Theoretically it should be possible by IF-MIB::ifAdminStatus. I try it with v6 rc6 , but it not works. For example I tested this with connected user "user1": $ snmpwalk -c public 10.1.1.1 IF-MIB::ifDescr.10794 IF-MIB...
by asy
Thu Dec 27, 2012 12:46 pm
Forum: General
Topic: v6 rc6 released
Replies: 215
Views: 66741

Re: v6 rc6 released

I recommend you to try the new Partition feature, if your router has enough NAND space.
Good feature... But what about hdd (or ssd) on PC ?
by asy
Thu Nov 01, 2012 1:55 pm
Forum: Beginner Basics
Topic: clarification about license is needed
Replies: 5
Views: 1041

clarification about license is needed

Hello.

I read http://wiki.mikrotik.com/wiki/Manual:License but not found answer. Can I move hdd with RouterOS (x86) to another hardware ? If the performance is not enough now or mainboard is damaged, for example.

Regards, Sergey.