MikroTik

Hammy

*bump*

Hammy

Hello?

Hammy

Any update from Mikrotik as to BMP support on the roadmap?

Hammy

Hello:

We are at 7.5 Ros already. Any plan to include ASN in traffic flow? I would be great to have this feature.

Rgds,

Julio

Agreed.

Hammy

If you see the warning, either configure routing filters to suppress hw-offload or buy another MikroTik device and offload half of the table to it. Yes, you can stack multiple CRS3xx/CCR2x16 devices to split the HW routing table - that way, you can do L3HW processing on the full BGP table. Oh? How ...

Hammy

sorry misread the original post. max-prefix-limit most likely will not be added.

It most definitely will be added or RouterOS version 7 will not be used by any competent network administrators.

This is not a negotiation, but a demand.

Hammy

But isn't quite inefficent to try to store millions of routes in a HW FIB ? Cisco once solved it many years ago with caching "active traffic" in the hardware, but letting "unused" routes just reside in regular memory until needed. It's not likley that you will communicate with t...

Hammy

If you see the warning, either configure routing filters to suppress hw-offload or buy another MikroTik device and offload half of the table to it. Yes, you can stack multiple CRS3xx/CCR2x16 devices to split the HW routing table - that way, you can do L3HW processing on the full BGP table. Oh? How ...

Hammy

Well looking at the version of firmware on the MT, I would say an upgrade is in order.

Mine has latest long-term. 6.48.6?

Hammy

I'm having the same problem as well.

Hammy

IPv6 parity with IPv4 is a requirement.

Hammy

I use ntopng to capture stats via IPFIX from my CCR.

Screenshot 2021-05-14 142624.png
2.png

How is NTOPNG filling in the known-missing ASN information?

Hammy

I know there is no exposed serial console port on the CRS305.

Is there any header inside I can get to?

I'm trying to troubleshoot something and factory resetting it every time it doesn't work is getting old.

Hammy

Hammy

The Proxmox KVM Multiqueue section (https://pve.proxmox.com/wiki/Qemu/KVM_Virtual_Machines) says "When using Multiqueue, it is recommended to set it to a value equal to the number of Total Cores of your guest. You also need to set in the VM..." Except I can't set anything in the CHR VM tha...

Hammy

Promiscuous mode indeed!!!!

So, um...

looking through all of the other portgroups...

I've apparently encountered this before as multiple other production portgroups\VLANs have promiscuous mode turned on.

Son of a...

Hammy

/interface bridge add fast-forward=no name=Bridge-VPLS-vlan300 /interface bridge port add bridge=Bridge-VPLS-vlan300 interface=VPLS-vlan300-DNALAB add bridge=Bridge-VPLS-vlan300 interface=ether9-vlan300 For "Bridge-VPLS-vlan300", devices on both "ether9-vlan300" and "VPLS-v...

Hammy

Try to play with interface queue. What the difference in test CHR and production on load /tool profiler? The only thing the test CHR is for being a ping destination. It has one interface, one IP address, etc The queues are set to multi-queue-ethernet-default for the virtual NICs. I forgot to change...

Hammy

I suppose any btest to 127.0.0.1 faster than 100 Gig may be fast enough for 10-Gig interfaces or some 40-Gig interfaces. In your virtual machine BIOS setup , disable all un-necessary devices (cd-rom, serial ports, parallel-printer ports). In your physical box, verify you are not re-using interrupts...

Hammy

Here are some updated CPU load and throughput charts, with all of our latest changes.

Hammy

It's a "4 CPUs x Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz" in a Maxxwave Vengeance. Hyperthreading is disabled. All CPUs assigned to this CHR. We created a second CHR when troubleshooting the problem, simply to be a ping destination on the same vSwitch. It's still at 6.5. We're not using v...

Hammy

We have an unlimited license. I was using vmxnet3, I moved a couple of the adapters to use PCI pass-through and that helped. We're still encountering issues in the router. The device that were using must not be capable of generating enough CPU power to be useful. For me , do this test and let me kn...

Hammy

Unlimited license. We were using VMXNet3 but moved some of them to PCI passthrough we can't really move the 40 gig interfaces over, however.

Hammy

We have an unlimited license. I was using vmxnet3, I moved a couple of the adapters to use PCI pass-through and that helped. We're still encountering issues in the router. The device that were using must not be capable of generating enough CPU power to be useful.

Hammy

Have any of you been able to get more than 10 gigabits through an interface in CHR? We have a bonded 10G in vSphere that we're presenting to a CHR and we start getting packet loss at about 8.5 gigabit/s. The CPU is in the 70% area, so we should be able to go higher. I spun up another CHR to test pac...

Hammy

Hello,
I would love to see SR-IOV support. Currently (6.36.2) ixgbevf driver is not present. This was mentioned a year ago http://forum.mikrotik.com/viewtopic.php ... &start=100 but so far not implemented.

Jarda

Where are we at with this?

Hammy

Do any of you have a CHR running on vSphere that is moving more than 10 gigabit/s on a given interface? We have one going to a vswitch is configured with more than one physical interface in an LACP configuration. We have one VM (a CHR) on that vSwitch. ROS reports the connection as 10 gigabit/s. We ...

Hammy

I look forward to implementing a Faucet-controlled OpenFlow network, per the work Sajan, Kevin, Nick, and Adair have been doing.

Hammy

2. It's $600 RRP - Keep that in perspective, it is exceptional value!
Of course keep in mind that in most cases you will have to add about the same money for SFP modules...

Eh, depends. $24 for 10G, $59 for 25G

Hammy

I am indeed looking at x86 and CHR platforms.

Hammy

You're not supposed to run all of your ports full all of the time.

I also am not sure of the advantages of the PIPE over a switch chip. Hopefully someone from Mikrotik can explain.

Hammy

These devices don't have switch chips.

Hammy

IIRC, VLAN tagging is a software-based operation. How intensive have you found it to be?

Have you found much of a difference in ROS vs. a hypervisor doing the VLAN tagging?

Hammy

Can anyone explain why the documentation differs from what VMWare is recommending?

What is actually impacted?

Hammy

I'm looking for tweaking recommendations on CHR in vSphere 6.5.0 on Vengeance hardware. All network interfaces of consequence are VMXNet3. Not sure why two of them are Intel 1000, but they rarely go above 100 kbit combined, so I can't imagine it has much of an impact on the whole system. https://pas...

Hammy

It absolutely is not.
Macs have had 40G TB3 for years.

No lesser NAS will be accepted here.

https://media1.tenor.com/images/196b84e ... d=14058849

Hammy

I did not say 40G is a typical SOHO requirement, just a normal one.

40G is not HPC level. It is Mac level.

It absolutely is not.

Hammy

I can't imagine any SOHO needing 10G, much less 100G. InHouse Distributed High Performance Computing (HPC) using Accelarator Cards for GPGPU computing via OpenCL/CUDA on true workstations (and servers), Games Dev, SciFi-Movie Dev, PCIe3/4 usage for realtime system backups to NAS system with NVMe SS...

Hammy

I can't imagine any SOHO needing 10G, much less 100G.

Hammy

This was discussed before. Given similar signal level, most OS will prefer 5GHz. But since 2GHz propagates slightly better inside buildings, you should have better 2GHz signal. As discussed before, many other vendors have implemented band steering functionality and it generally works as expected. Y...

Hammy

*bump*

Hammy

I requested this of support, but I want to see TR-143 support as well.

Hammy

We would appreciate further compartmentalizing of Router OS features to increase device efficiency and reduce attack surface. Put SMB, Torrent, and other things that have no place in ISP infrastructure into another package. Put BGP, MPLS, and other things that have no place in consumer devices into ...

Hammy

What is the intent behind the new torrent feature?

Hammy

We have never promised multicore BGP routing, by the way. Surely, but keeping in mind your multicore CCRs for such a decent money and mostly stable BGP implementation you have there is no wonder a lot of poor it man still hoping for that. The "demo" I saw recently (no idea if it was a hoa...

Hammy

Is this still a problem?

Hammy

When will Mikrotik add TR-143 support?

Hammy

Wait, which new router?

I'm assuming the one that this thread was started for.

Hammy

What do you think of the surge suppression capabilities built into the PoE CRSes? I won't have anything on a tower, just cameras mounted under the roof overhang. It's probably fine, just getting the group thought. Should I add external suppression? I'm looking at a CRS328 for my house. It costs abou...

Hammy

We can do package by package, not on a couple of thousand routers in three days. I don't know, how you get the idea of package by package. You upload the needed packages. The bare minimum. Reboot. It installs all the npk files in one go. It's no different than uploading the combined package. Just m...

Hammy

https://unimus.net/blog/network-wide-mi ... grade.html
Can it do package by package, or just platform by platform?

On the master ROS install, just have only the packages you do want.

Hammy

This is far from over. Please refer to ticket 2019040422005244 and advise. I'm hearing reports that this isn't fixed on routers with 64Mb or less of RAM. Is your ticket about this, eben? Or something else? :-| I've tried installing 6.44.2 on about 50 hAP Lites using manual update, Dude Update, Winb...

Hammy

http://thebrotherswisp.com/index.php/mi ... ked-video/

What do ya think?

Hammy

Don't do full tables on CCRs. They are terrible at it. Why? Is work fine, i receive FV and default route (while router compute FV's - used default route, when session up, internet work after 2 sec) Default routes mean you can't use uRPF. Such high CPU usage during table churn means you'll be at bes...

Hammy

We have nine CCR1072 that can't receive full tables because they literally froze processing them.
Sorry, what?

How many tables on 1072?
I use 1036 - and this work with 2 FV tables

Don't do full tables on CCRs. They are terrible at it.

Hammy

I would like to note that Buraglio isn't exactly green. He runs one of the largest capacity networks on the planet. I wouldn't dismiss his statements.

Hammy

It´s 01/2019: Any rumors when the new router will be released?

Usually big announcements are at the EU MUM.

Hammy

Given that there are switch chips and encryption chip, how about other types of specialized ASICs to further offload the cpu and give the boxes better performance.

A firewall chip perhaps??

Sent from my cell phone. Sorry for the errors.

Switch chips typically have ACL capabilities built-in.

Hammy

The 40G we use still requires LC.

Hammy

Some Internet Exchanges are going to start requiring RPKI validation to participate in 2019.

MIKROTIK NEEDS TO RELEASE A RELIABLE RPKI IMPLEMENTATION BY THE END OF THE YEAR!

Hammy

It seems more appropriate for storage systems.
Mellanox lists this new product line in the same category as Tile.

Are you sure?

Mellanox CPU differences.PNG

Hammy

It seems more appropriate for storage systems.

Hammy

Not going to stop at all. BGP processing and FIB updates definitely need to become more multithreaded. I have only 1 million routes in one of my CCR1036's, thats only a single full table and some IX routes. Even at that level it takes 3-5 minutes to make it into the RIB and another 3-5 minutes befo...

Hammy

Thank you for the benchmark. The outcome of this must literally feel like a punch in the face for those business customers who bought the fairly expensive CCR1036 or CCR1072 models in the past. The new RB4011 seems to outperform the CCR-series in BGP convergence time - and that for just 200 bucks! ...

Hammy

What do you think is faster at BGP, an RB4011 or a CCR1009? By how much?

https://youtu.be/yxLWbUoFE-M

Hammy

I've also noticed that copying a rule *CAN* screw things up, but creating new rules from scratch (or pasting into the CLI) works just fine.

Hammy

then why use Nv2 if you have better speed than non-ARM with nv2 ?
Nv2 was made when devices were different and needed optimisations that are no longer needed. Maybe it is simply time to use 802.11 in the new devices.

Has Mikrotik thrown in the towel on outdoor wireless?

Hammy

Okay, I may have spoken too soon. The L2 MTU for everything was 0, which I assumed was a problem (and may be). When I set the MTU of the interface higher, it went higher. VMWare is set to 9000. With VMXNet 3, when I set it to 9001 in CHR, it errors, but 9000 works. Intel E1000 accepts 9001 Seems goo...

Hammy

Have any of you been successful in getting MTUs larger than 1500 into CHR on vSphere 5?

Hammy

I don't see Ubiquiti's UNMS being overly successful at backing up my Foundry, Cisco or IgniteNet switches, my Mikrotik routers, my Calix DSLAMs, etc. Ubiquiti ADD will kick in eventually and the product will die. bla bla bla .... the question was asked the vendor! but not about this https://unimus....

Hammy

and you are not ashamed at the sight of this? https://imghost.io/images/2018/05/02/hjj.jpg I don't see Ubiquiti's UNMS being overly successful at backing up my Foundry, Cisco or IgniteNet switches, my Mikrotik routers, my Calix DSLAMs, etc. Ubiquiti ADD will kick in eventually and the product will ...

Hammy

Tomas, making things easy since 1843.

Hammy

Regarding your current products, I'd appreciate better-supported bands. Band 2 is part of PCS, but is a subset of band 25. Band 4 is part of AWS, but not all. Band 4 is a subset of band 66 and 70 adds some more not covered in other AWS-related bands. Band 5 is called CLR, but is a subset of band 26....

Hammy

Please update the Winbox changelog in the wiki.

https://wiki.mikrotik.com/wiki/Winbox_changelog

Hammy

How do I create a CSR on RouterOS for use in getting a real public SSL certificate?

I saw a forum or wiki post to answer the questions at `/certificate create-certificate-request ` but that only asks one question... template... which I don't have the answer for.

Hammy

Good to see MikroTik are responsive.
Xen Tools and VM Tools are now available in 6.42RC. The "current" build of 6.42 can't come fast enough for me!

THANK YOU MIKROTIK!

Hammy

Mike interviews Brian Vargyas of Baltic Networks on Mikrotik 60 GHz PtMP, based on WAP60Gs.

https://www.youtube.com/watch?v=HsmAu6iIB88

Hammy

It probably would require the new routing engine in v7, so whenever that happens is the earliest we can expect FlowSpec.

I still want it ASAP, though.

Hammy

I redistribute a couple statics here and there, but that's it. I don't do connected routes. I manually specify all of my networks.

Hammy

Add the interface in OSPF as a static passive interface, and that will disable sending/receiving hellos on it. I did find a rule that was accepting traffic before my rule blocking it. Passive would ignore any attempts of another router to connect? I was tired of seeing log entries because of a cust...

Hammy

I can't seem to figure out why I can't drop inbound OSPF packets. add action=drop chain=input comment="Drop OSPF" in-interface-list=Not-Internal protocol=ospf add action=drop chain=output comment="Drop OSPF" out-interface-list=Not-Internal protocol=ospf /interface list add name=N...

Hammy

Various other aspects of managing the entire virtual environment are also made easier when VMware Tools is installed. The host and management environments know if the tools are installed or not. Again, spend your time implementing, not arguing. Mikrotik has a bad habit of arguing with their customer...

Hammy

The question is exact features for YOU, not ALL features.

*I* want VMware Tools support. Done.

Anyone that maintains a virtual environment anywhere knows it's the absolute basics to have the host agent installed. It's virtualization 101.

Spend the effort in implementation and not arguing.

Hammy

How about some basics... open-vm-tools... It seems pretty asinine to me that we have come this far with CHR, and still no basic vm tools. Could you please specify the exact features you would need to be implemented as they are kernel dependent and have to be tailored for the RouterOS. https://kb.vm...

Hammy

How about some basics... open-vm-tools... It seems pretty asinine to me that we have come this far with CHR, and still no basic vm tools. Could you please specify the exact features you would need to be implemented as they are kernel dependent and have to be tailored for the RouterOS. https://kb.vm...

Hammy

* BGP multicore support https://slack-imgs.com/?c=1&url=https%3A%2F%2Fmedia0.giphy.com%2Fmedia%2Fp8Uw3hzdAE2dO%2Fgiphy.gif Only a couple of routing daemons in the world today are multithreaded in the way you're wanting. It doesn't really matter *HOW* they address the convergence issues as long ...

Hammy

Way, way off topic, sorry: but OpenBGPd is making a comeback. We have built ours on OpenBGPd and are loving it. What OS and what hardware? I played with it on a PC just to see how it worked but it's been a while. Would be cool to deploy that on OpenBSD on beefy hardware, should be solid based on wh...

Hammy

None of the rack mountable CCR units has an external power supply But I would like a desktop unit with a single internal PSU. Not a problem, but this is not high-end device, right? And this topic is for 100G ports, something you just don't need in desktop unit, after all. This topic is not about 10...

Hammy

BGP is L2 ? The IX infrastructure doesn't do BGP. It just does basic Ethernet. Many (most) do have route servers that do run BGP, but those are best ran on servers, not routers. Brocade, Juniper, Arista, Cisco, Huawei ... do you really mean "servers" ? Sorry maybe we talking about two oth...

Hammy

48x SFP+ 6x QSFP as a BGP router... edit: any ETA? I think Mikrotik are talking about a high-touch(services) router, not a low-touch router. This will be a services router like the CCR that can run PPP/NAT type services, not a "low-touch" router/switch that can just forward frames quickly...

Hammy

48x SFP+ 6x QSFP as a BGP router... edit: any ETA? I think Mikrotik are talking about a high-touch(services) router, not a low-touch router. This will be a services router like the CCR that can run PPP/NAT type services, not a "low-touch" router/switch that can just forward frames quickly...

Hammy

Like not for home use right? I am bit confuse. I have a 100mbps connection and Gbit is a lot considering the experience I get on 100.

Yes, these are for a new tier of high end Mikrotik routers. As they said initially, 100 gigabit capacity.

Hammy

Now I am at 10G network, and I prefer to deploy the 10G to 25G to 100G migration path instead of the 40G to 100G, so I hope the high speed routers with 25G ports.
The single lane 25G network will become more popular in the near future.

In my recommendation, you could do both.

Hammy

To attempt to bring it back on-topic, bigger CPU cores postpones the need for v7's new routing. Unless MT is going x86 or CHR with the new platform, version 6 will need major rewrites, which just seems silly at this point. At one point in time I thought there was a powerpoint presentation and a vid...

Hammy

Will people please stop talking about multicore BGP! It isn't going to happen! The performance enhancements are coming from other areas, not multi thread support. Well, they did do some work on it and were talking about it. I personally am not a big fan of making it too complicated....I think 1 thr...

Hammy

If you bring out ROS7 (BGP Multicore), then please build routers with 2-4 Tilera72 or newer CPU's with: 4x CFP4 (100GE) (router should be able to handle a total amount of 200 Gbit/s) 8x SFP+ 1x RJ45 Gbit I think the future is CFP4 at the moment. This is the market that Mikrotik does not reach at th...

Hammy

A modular chassis is something I'd accept, but I'd assume it's a lot more expensive than a fixed switch.

Yes, redundant hot-swap power supplies are a must. I like the power layout of the RB1100AHx4.

Hammy

Again, remember that with big ports, you can do breakout\fanout cables to put multiple smaller ports into a bigger port. That way you can have 40G or 100G ports, but can also do 10G or 25G off of them.

Hammy

Anyways, that's pretty much the response I expected yes. Say anything bad and you are "whining" Never allowed any criticism against MT, they can't do anything wrong... All I'm saying, MT needs to get its priorities straight... There's a lot of people starting to notice these... issues... ...

Hammy

Just different requirements\designs. The CCRs are great performance for the price when you're not considering large routing tables. Whatever this platform is may have big enough cores to overcome the large routing table issue. BGP works just fine on x86 and CHR. If not, you use these boxes for MPLS ...

Hammy

I know this is probably not going to go over well, but I'm going to say it anyway: it's time for Mikrotik to have an Apple equivalent of "Back to the Mac"; except the Mac is RouterOS. I don't want to see another piece of hardware. I want to see a commitment to releasing RouterOS 7. All th...

Hammy

Let's not forget that QSFP and QSFP28 both support breakout or fanout cables.

Hammy

I respectfully disagree. Those chipsets from Broadcom are fully functional and capable routers. I was hoping Mikrotik could jump into the bandwagon to disrupt Cisco/Juniper/Nokia and bring down the overall costs of networking. Eventually I'd like to start an ISP business, but well.....equipment isn...

Hammy

2x QFP28 (with breakout support), 10x SFP+
2x QFP28 (with breakout support), 3x QFP (with breakout support)
3x QFP (with breakout support)

QFP28 Can do 1x100G or can be broken out into multiple 25G.
QFP can do 1x 40G or can be broken out into multiple 10G.

Hammy

Still waiting...

Hammy

What you require is the uRPF setting to be configured per-interface. The kernel supports this, but Mikrotik does not yet expose this that I am aware of. You do not want to do this as you are describing. You would set client-facing interfaces to strict and the rest to loose. Well, once this support i...

Hammy

Hello, I have a issue with RB1200, the RB desconect all user from hotspot, I did upgrade/downgrade too, check the configuration but the issue continue user connect using hotspot web page, after 5 minutes internet services down and clients can't use internet, all clients out and atfer 5 or 10 minute...

Hammy

I think you best buy only equipment from that other vendor and leave us alone here...

LOL!

Hammy

You should be aware of fact that English is not primary language for many users of this forum

Have you heard Tom speak? I'm not sure that's English.

Hammy

or if the firewall itself has the vulnerability.

Hammy

Here's a great video from Ciena explaining different parts of carrier Ethernet and why you want it.

https://www.youtube.com/watch?v=8bzXd7Cch9c

Hammy

*bump*

Hammy

*bump*

Hammy

*bump*

Hammy

Does anyone have good tutorial about MPLS PPPoE? i'm following...

http://mum.mikrotik.com/presentations/US13/kirnak.pdf

What's failing you in that one?

Hammy

Agreed on v7. Whomever is slowing down the roll out of v7 to focus on crap for v6 needs to take a walk.

Hammy

Native BASH is becoming much more used in networking gear. See SDN and open source networking.

Hammy

I'm not even concerned about Ubiquiti. They have such a difficult time actually executing on their grand visions. I'm referring to Cambium, Mimosa and IgniteNet. Cambium for their MuMIMO, beamforming and sync capabilities, Mimosa for their dual channel and continuous spectrum analyzer and IgniteNet ...

Hammy

The main question Is mikrotik developing synchronization and/or mu-mimo antenna system? If yes when we can hope to have an ETA? I think a trasparent answer to this question from mikrotik is one step ahead to decide to stay with them or to choose other vendor. Cambium seems to work great in PtMP, Ub...

Hammy

Your badly organised firewall receiving huge amount of small packets can easily flood the cpu. See the profiler, watch the torch and you will get a clue... You have to know what kind of traffic is the reason in order to be able fight with it. I did use Profiler. I used Torch to some degree. I did a...

Hammy

Are you sure you aren't receiving excessive traffic (potential DDOS) from your upstream? My upstream interface was only showing about 3 megabit/s peak. It certainly wasn't a volumetric attack, but that doesn't rule out other kinds of attacks. Also, it's an 8 core Xeon box. I only have 1 gigabit of ...

Hammy

this is guesswork at this point. in changelog there are at least few entries that can explain that. usually 100% is down to some kind of crash.

But then why would unplugging\plugging the upstream interface make a difference?

Hammy

*bump*

Hammy

I have a Xeon box that was humming along today, then became unresponsive. I drive to the data center and the firewall is using up all that the CPU has to give. Normally CPU usage is between 0% and 3% when under "load". The upstream interface now is using... 3 megs. I disconnect the upstrea...

Hammy

As Mikrotik doesn't want to support Flow-Spec, I'm looking into what we can do to work around that. How scalable are address-lists? Say I have a DDoS detection appliance that drops offending IPs into an address list. Say it puts 10k, 100k, 500k IPs in there during an attack. Would ROS on a reasonabl...

Hammy

nz_monkey, I think I saw a list in your post, but it's gone now. Can you re-post?
Hi Normis,

I didn't want to be the guy that always complains... it is back now.

I let you complain for me. I'm busy enough with other vendors, I don't need to complain here much if you are.

Hammy

We have some ideas for automatic backup system for monitored ROS devices, but it will be some time before anything like that is actually implemented in The Dude.

https://unimus.net/ ?

Hammy

https://github.com/ansible/ansible-modu ... ssues/2542

That issue has seen some activity in the past day.

Hammy

I looked at another DDoS mitigation platform... that requires BGP FlowSpec.

Another source of information on BGP FlowSpec: https://www.youtube.com/watch?v=XBM5lgiPXGc

Hammy

*sigh*

The CDNs are implementing a variety of modified TCP stacks that are not working out so well for many operators. The impetus is on them to fix it.

Hammy

I have handled way too many calls from customers at the WISP I work at where Microsofts Windows 10 update was eating up their bandwidth and overloading their rate limit by a misbehaving CDN (usually limelight networks). The CDNs are starting to abuse TCP to get data to their customers as quickly as...

Hammy

No, single customer, 190 connections to the same Microsoft IP.

There is also a thread on Whirlpool (Australian tech site) of people with packet captures, though they may only be on the client side and not the service provider side.

Normis, I know what I'm talking about.

Hammy

I mean exactly what I am saying. I saw it once on my network, but it's been worse and on-going for others. CDNs have been modifying TCP to be more aggressive through methods like Fast TCP. In my situation, Microsoft's CDN had 190 connections open sustaining 2x my customer's rate limit upstream of th...

Hammy

https://docs.google.com/spreadsheets/d/1Jdm0dOBf81kSnXEvVfI6ZJbWFNt5AbYUV8CDxGwLSm8/edit?usp=sharing I have made the anonymized answers public. This will obviously have some bias to it given that I mostly know fixed wireless operators, but I'm hoping this gets some good distribution to catch more pl...

Hammy

https://goo.gl/forms/LvgFRsMdNdI8E9HF3

I have made this into a Google Form to make it easier to track compared to randomly formatted responses on multiple mailing lists, Facebook Groups, etc.

Hammy

A CDN is just a web host that distributes a site or large files over a wide area. They only send out what is requested. If your throttling isn't working, it is because you have it configured wrong. The CDN will send out as fast as the available bandwidth. They are never expected to slow down - as t...

Hammy

Have you seen a CDN overloading a customer? Help me gather information on the issue. What CDN? What have you identified the traffic to be? What is the access network? Where is the rate limiting done? How is the rate limiting done (policing vs. queueing, SFQ, PFIFO, etc,, etc.)? What is doing the rat...

Hammy

VID/PID 1199/9055 for NAT mode
VID/PID 1199/9057 for IPT mode

I haven't tried NAT mode, but I can confirm IPT mode.

Hammy

[admin@MikroTik] > /ip address print detail 
Flags: X - disabled, I - invalid, D - dynamic 
 0   address=10.1.1.243/24 network=10.1.1.0 interface=ether1 actual-interface=ether1 
 1 D address=108.115.XXX.XXX/32 network=10.112.112.133 interface=ppp-out1 actual-interface=ppp-out1

SCHWEEEEEET

Hammy

Oh, okay, so IP pass through on the modem itself, but ignore the directIP modem in ROS.

I did adjust the APN. I'll check when I get home.

Sent from my Nexus 6 using Tapatalk

Hammy

More screen shots.

Hammy

Can you compare my settings with yours? Trying to figure out what's different.

Hammy

Yes, it is. And
Code: Select all
/port firmware set ignore-directip-modem=yes

Okay, then that must not work for FreedomPOP, a Sprint MVNO.

Hammy

I successfully connect Netgear 341U in IP Passthrough mode to Sprint network. I used 35.4 firmware. As described above, you need set to yes "Ignore DirectIP modem" in System->Ports->Firmware. After rebooting your mikrotik device, you should see usbX port. Use this port for ppp-client, Dat...

Hammy

its not that "simple" basically and tiresome amount of work, perhaps. generally both UPnP(not usre bout PCP implementations), IGMP snooping and LLDP code, available for use in ~ "complete" state - vulnerable/broken as hell and (would)expose routers almost as forrest fire in each...

Hammy

I'm working with support on it. Trying new RC builds, sending back Linux debugging information, etc.

Hammy

Which should be roughly tomorrow. Let me quote a newer document: FCC were providing an alternative for manufacturers that require additional time to bring their U-NII-3 band devices into compliance with the new out-of-band limits adopted herein, They extend the deadline for certification of U-NII-3...

Hammy

- Identify where a cable goes to (remote device name and port)

- you can do this already with the current MDP. '/ip nei print details'
only if device has some CDP function..

Which is largely limited to Cisco, Ubiquiti and Mikrotik devices. No Mimosa, no Cambium, no Juniper, no Polycom, no....

Hammy

thats not true "most" vendors - don't give a .. about LLDP. and for very obvuiys reasons. Huh what ? Mikrotik is the only equipment we use that doesn't support LLDP ! We use it all the time on HP, Extreme and Juniper switches. which is my point actually - most of other vendors do not care...

Hammy

Also strongly support the notion to add support for LLDP.
It's standard and supported by most vendors nowadays.
thats not true "most" vendors - don't give a .. about LLDP.
and for very obvuiys reasons.

I think you are a rather confused fellow.

Hammy

Any updates? The FCC page is horribly out of date. Most of the new MT hardware that is already in my office and some in the air isn't even on the site. What about the Netmetal 5 ACs? Are they certified for UNII 1 and 3? I can't seem to find that info. Dynadish? QRT 5? The FCC page is in by no way o...

Hammy

Just reboot with the device plugged in and it'll show up. At least mine did.

Hammy

I deleted the USB port when I was trying to get something to work, but now I can't figure out how to get it back. [admin@Mike-and-Kate] > /port print Flags: I - inactive # DEVICE NAME CHANNELS USED-BY BAUD-RATE 0 serial0 1 Serial Console auto [admin@Mike-and-Kate] > /system resource usb print # DEVI...

Hammy

I'm trying to generate a supout to send in for ROS not seeing a UPS and the supout fails. The last thing I've done at this point is netinstall 6.35.2 while setting only the IP address and then tried to generate a supout.

Hammy

Is that still the behavior? 6.36rc10 and a USB port that did work no longer shows up. I've tried a UPS, an LTE card that did work and a USB flash drive.

Hammy

Want to know more about BGP FlowSpec? https://www.nanog.org/sites/default/files/wed.general.trafficdiversion.serodio.10.pdf https://www.nanog.org/sites/default/files/tuesday_general_ddos_ryburn_63.16.pdf https://conference.apnic.net/data/37/apricot-2014-wei-yin-scalable-ddos-mitigation-using-bgp-flo...

Hammy

*bump*

Hammy

Please specify what info would you like to get from LLDP?

At a minimum, everything we get via CDP, just now in a format that's readable to\from more devices.

Hammy

The 312U and the 320U both work.

Have you tried turning off the IP-passthrough stuff and seeing if you can connect with a PPP interface to start with?

Yes.

Hammy

/port set 0 name=usb1 /port firmware set ignore-directip-modem=yes /interface ppp-client add apn=r.f6.ispsn data-channel=1 dial-on-demand=no name=FreedomPOP port=usb1 user=XXX@mvno189.sprintpcs.com [admin@MikroTik] > /log print 03:03:33 async,ppp,debug,packet <magic 0x42cef3f6> 03:03:33 async,ppp,d...

Hammy

Any tips on getting this to work? I'm using Brian Vargyas's presentation as a guide.

http://mum.mikrotik.com/presentations/US15/brian.pdf

Hammy

341U should work in NAT mode with latest 6.34.4 Version. But in future passthrough mode should also be possible, Because this modems uses standard CDC_ECM driver.

What kind of future?

Hammy

Awakening the topic again... I see a couple of products, like the new grid dish, that state that they will have country-locked US versions with U-NII-1 and U-NII-3 only. That's not DFS, of course. But I don't even see those approvals on the FCC web site yet. Maybe the lab says they're pending. But ...

Hammy

The 312U and the 320U both work.

Have you tried turning off the IP-passthrough stuff and seeing if you can connect with a PPP interface to start with?

Do those have a similar chipset? I just ordered my 341U. I don't know about the OP.

Hammy

*bump*

Hammy

*bump*

Hammy · Re: LLDP 42! 18.03.2016, still no LLDP. Rather pathetic, isn't it?

42!
18.03.2016, still no LLDP.

Rather pathetic, isn't it?

Hammy

Any updates on making an OVA so it doesn't take 47 steps to get into vSphere?

Hammy

see ? another good reason to use MikroTik switches instead ;) but seriously-talking, MikroTik obviously - aimed for different kind of consumers with different set of priorities. if you prefer to bump particular "wrong request" to "wrong company" its not really lead something. it...

Hammy

You guys need to make an OVA for VMWare deployment.

Hammy

thats basically all of them, enumerated, plus portion of cellphone infrastructure gear/stations manufacturers. so as you can see "GPS sync" isn't "magic bullet", or widely-adopted in telco/it. That's an awfully large percent of units shipped in our industry. how much "afwul...

Hammy

UBNT first tried GPS sync on their AirMax radios and failed. They hired away some of the Motorola crew and got GPS sync right with their AirFiber line. Cambium does GPS sync on Atheros chips as does Radwin. I know others have as well. Mimosa is doing it with Quantenna chips. thats basically all of ...

Hammy

UBNT first tried GPS sync on their AirMax radios and failed. They hired away some of the Motorola crew and got GPS sync right with their AirFiber line.

Cambium does GPS sync on Atheros chips as does Radwin. I know others have as well. Mimosa is doing it with Quantenna chips.

Hammy

thats why aside GPS sync and NTP is PTP introduced to fill gap between. usually nodes in Telco - support Both GPS and PTP for obvious reasons. and control nodes and routers - rely on SNTP aswell. (https://en.wikipedia.org/wiki/Precision_Time_Protocol meant. other PTP protocols exist, but Wastly les...

Hammy

Local only is a waste of time. Syncing multiple towers is critical. I do not completely agree on that. I have one tower that has 5 backhauls and 5 AP's. Its amidst a valley with many more towers from me and others. This tower of myself needs 5 x 40Mhz channel and 5 x 20Mhz channel. Each available c...

Hammy

so, basically GPS had no (real)advantages over PTP, right ? same feature, more overhead(both silicon and software), more troubles(technical, legal, others) without any kind of benefits. marketing/PR bs you used in, wrapped - didn't counts for. "widely used". oh yeah. tell that to someone ...

Hammy

eactly and thats Why PTP called "gap-filler" for most applications, thus. GPS may work in some conditions, but may cause more troubles than help in really many others. and not always only technical, but legal troubles aswell. and no, second version of IEEE1588 is Much more accurate and ea...

Hammy

thats why aside GPS sync and NTP is PTP introduced to fill gap between. usually nodes in Telco - support Both GPS and PTP for obvious reasons. and control nodes and routers - rely on SNTP aswell. (https://en.wikipedia.org/wiki/Precision_Time_Protocol meant. other PTP protocols exist, but Wastly les...

Hammy

Well, he ho, if MT would come out with something like a rb750sync I wouldn't mind. But with some other improvements and wishes I vent on this forum re upgrade of the rb750UP and now putting sync also in it would probably outprice these boxes. Let alone that if we would have something like MT-only s...

Hammy

So. although other methods might be available. In cost/quality nothing beats the time signal of a GPS sattelite. If only doing a local tower sync it would be a smarter Installation doing it together with Ethernet cabling. So you dont need GPS-Antenna. In most cases a local tower sync is enough for ...

Hammy

I learned gps sync is not good to use in some environments. If you have bad weather it actually hurts your network more than helping. I found that using full duplex links that use seperate frequencies work the best. Now I am talking about backhauls. I am not talking about PTMP. That seems to be a b...

Hammy

So. although other methods might be available. In cost/quality nothing beats the time signal of a GPS sattelite. If only doing a local tower sync it would be a smarter Installation doing it together with Ethernet cabling. So you dont need GPS-Antenna. In most cases a local tower sync is enough for ...

Hammy

CRS switches can't do STP or RSTP (yet?) unless you take ports out of switch group and put them on a bridge which will increase load on CPU. CRS224 has 400MHz CPU which will prove as a bottleneck in such configuration. JF. STP and RSTP have been deprecated in favor of TRILL and TRILL derivatives.

Hammy

*bump*

Hammy

*bump*

Hammy

*bump*

Hammy

*bump*

Hammy

eactly and thats Why PTP called "gap-filler" for most applications, thus.
GPS may work in some conditions, but may cause more troubles than help in really many others. and not always only technical, but legal troubles aswell.

GPS... in what use?

Hammy

Flowspec goes along with DDoS mitigation of flows.

Hammy

IPFIX and S-Flow too.

Hammy

Any update from Mikrotik on these FCC certifications?

Sent from my Nexus 6 using Tapatalk

Hammy

Has anyone from Mikrotik watched that presentation yet?

Sent from my Nexus 6 using Tapatalk

Hammy

What is preventing you from integrating the third-party management tools?

Sent from my Nexus 6 using Tapatalk

Hammy

Thank yo for feature request however here are few points against implementing such specification: - General argument used to support such new BGP features: Since BGP is such a stable and widely deployed thing, let's add all kind of random stuff to it. Once you start adding stuff, BGP implementation...

Hammy

I'm requesting better flow data. It goes beyond simply adding S-Flow or turning some knobs on NetFlow. There's a 30 minute presentation at NANOG65 in Montreal last week that really sheds where we should be going. https://www.youtube.com/watch?v=ECcsyImOzmE https://www.nanog.org/sites/default/files/m...

Hammy

Dude was never a management tool. It is a monitoring tool with a map view. Most it could do is run an external program like Winbox or do SNMP walk. It is a nice tool, but let's not overstate what it is. Firmware upgrades are management. That's the only management type feature I can think of at the ...

Hammy

So I hope that someone here might be able to dumb it down a little bit for me. Maybe fgoldstein? So am I correct to understand that under FCC regulations the only frequencies that are currently legal to use in the USA are 5745/5825 (for mikrotik products)? Does anyone know that with new FCC regulat...

Hammy

MikroTik RouterBoards do operate in the U-NII-1/2/3 bands, but under the ISM rules. I have used all three bands successfully. Keep in mind that US regulatory rules limit power in the different bands. Band 1 is limited to 50 mW, Band 2 is limited to 200 or 250 mW (can't remember which), and Band 3 i...

Hammy

*bump*

Hammy

Hammy, nothing is set in stone yet and could change in the future. However, CHR is made with exactly this usage pattern in mind. You need some virtual router - it is easy to get it up, configuration checked and licensed if required. Or you could have virtual router prepared and when you need it act...

Search found 776 matches