Community discussions

Search found 229 matches

by xxiii
Wed Oct 09, 2019 1:03 am
Forum: General
Topic: Missing Wiki doc for /ipv6 dhcp-relay
Replies: 11
Views: 2714

Re: Missing Wiki doc for /ipv6 dhcp-relay

wiki page for /ipv6 dhcp-relay still missing.
by xxiii
Tue Jul 30, 2019 11:05 pm
Forum: Wireless Networking
Topic: set PVID of WDS dynamic interface? and wireless clients with a vlan-aware bridge
Replies: 2
Views: 524

Re: set PVID of WDS dynamic interface? and wireless clients with a vlan-aware bridge

Since there is no response, I'll assume its not possible for now; I hope it will be resolved eventually. A related issue I ran into while working with the 60G stuff is the need to add stations to multiple "/interface bridge vlan" entries. With the 60G stuff, a persistent station interface gets creat...
by xxiii
Fri Jul 19, 2019 1:03 am
Forum: Wireless Networking
Topic: set PVID of WDS dynamic interface? and wireless clients with a vlan-aware bridge
Replies: 2
Views: 524

Re: set PVID of WDS dynamic interface? and wireless clients with a vlan-aware bridge

Short version:

How do I set the PVID of a dynamic WDS interface when it is added to a VLAN-aware bridge?
by xxiii
Fri Jul 12, 2019 2:17 am
Forum: Wireless Networking
Topic: set PVID of WDS dynamic interface? and wireless clients with a vlan-aware bridge
Replies: 2
Views: 524

set PVID of WDS dynamic interface? and wireless clients with a vlan-aware bridge

There is an option to have a WDS instance add itself to a bridge, but if one is using the new vlan aware bridge, how does one set the PVID of the WDS port? It seems to always be 1, no matter what. I've tried adding the parent virtual AP to the bridge vlan, as well as setting the vlan in both the wir...
by xxiii
Wed Nov 14, 2018 1:26 am
Forum: The Dude
Topic: Dude 6.41.2 lost SNMP interfaces
Replies: 26
Views: 4386

Re: Dude 6.41.2 lost SNMP interfaces

Experiencing the same problem here, currently on version 6.42.6.
by xxiii
Fri Sep 07, 2018 8:19 pm
Forum: General
Topic: Feature requests
Replies: 1160
Views: 207748

Re: Feature requests

Just ran into this issue today. Can't establish peering with a neighbor because of: 10:57:39 route,bgp,error Remote RouterId is not a valid unicast address: 247.255.0.240 ros 6.42.7 rfc 6286 - AS-wide Unique BGP Identifier for BGP-4 support for routerOS BGP. it relaxes some strict definitions: route...
by xxiii
Sat May 24, 2014 2:10 am
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 23687

Re: IPv6 recursive nexthops via iBGP

Can someone explain the LA-bit bug briefly? Is it related to ospfv3 not importing LSAs with the LA-bit set?? i.e. /128 loopbacks from other vendors? If so, what are you doing in the meantime? /127s or redistributing connected? Yes. sadly, static routes, sometimes multiple ones with check-gateway wi...
by xxiii
Wed May 14, 2014 9:37 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 23687

Re: IPv6 recursive nexthops via iBGP

Will the (related) OSPFv3 /128/LA-Bit bug also be fixed?
by xxiii
Fri Mar 21, 2014 7:11 pm
Forum: Forwarding Protocols
Topic: Bad remote-as
Replies: 6
Views: 2861

Re: Bad remote-as

00:05:11 route,bgp,error Received notification
00:05:11 route,bgp,error OPEN error: bad remote-as

It does appear the remote side has misconfigured your AS,
(assuming your AS is 55044)
by xxiii
Fri Mar 21, 2014 6:36 pm
Forum: Forwarding Protocols
Topic: Routing filters between BGP and OSPFv3
Replies: 2
Views: 1181

Re: Routing filters between BGP and OSPFv3

I would also like to see filters for OSPFv3.
by xxiii
Fri Mar 21, 2014 6:10 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 23687

Re: IPv6 recursive nexthops via iBGP

This is becoming an increasingly serious problem.
by xxiii
Wed Nov 06, 2013 10:48 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 23687

Re: IPv6 recursive nexthops via iBGP

I'd just like to add my plea that this get fixed, soon. I just recently emailed support about this, being unaware of this forum thread, and got the (apparently common) "known issue, will be fixed in the future" response. I need to know if this is going to be near future, or far future, as this is a ...
by xxiii
Fri Jan 21, 2011 11:12 pm
Forum: Beginner Basics
Topic: Did upgrading to v3.3 from 2.9.50 change the routes?
Replies: 16
Views: 1694

Re: Did upgrading to v3.3 from 2.9.50 change the routes?

Ah. I thought network = remote end IP, but that makes sense, esp as the internal is 192.168.20.0. So even though it's working now, I could safely change it to 46.x.x.68? Thanks! On point to point links (like PPPoE) you may see the remote end IP show up as the network IP, but this should not normall...
by xxiii
Thu Jan 20, 2011 9:45 pm
Forum: Beginner Basics
Topic: Automatic RoS reboot at a specifit time
Replies: 31
Views: 5472

Re: Automatic RoS reboot at a specifit time

We had a router that was set to reboot every day at 3am. We came in one morning and found the router had shutdown but not restarted, and it had to be power cycled. Its graphs all went right up to 3am, and stopped. We are no longer letting it reboot itself, (we had found another workaround for the pr...
by xxiii
Thu Jan 20, 2011 9:28 pm
Forum: Beginner Basics
Topic: Did upgrading to v3.3 from 2.9.50 change the routes?
Replies: 16
Views: 1694

Re: Did upgrading to v3.3 from 2.9.50 change the routes?

Also, earlier you showed:

1 ;;; VSAT static IP
46.xxx.xxx.70/30 46.xxx.xxx.69 46.xxx.xxx.71 Internet-VSAT

Normally the network portion of that would be 46.xxx.xxx.68 (and since you're .70 the remote end's IP would remain .69).
by xxiii
Wed Jan 19, 2011 8:41 pm
Forum: Beginner Basics
Topic: failver over internet, I am lost..
Replies: 10
Views: 1002

Re: failver over internet, I am lost..

This is the only info I've got: http://wiki.mikrotik.com/wiki/Two_gateways_failover but it looks to easy to work...I expect more stuff to be configured What this example means (and you would have to change the IP addresses to match the remote ends on your wan1/wan2 ports) is that you set up a defau...
by xxiii
Wed Jan 19, 2011 8:28 pm
Forum: Beginner Basics
Topic: 2 PPPOE client on One Ehternet or Bridge
Replies: 3
Views: 845

Re: 2 PPPOE client on One Ehternet or Bridge

Perhaps routerOS is not taking the source mac address into account and directing received PPPoE packets to the wrong client; the PPPoE client software may not be prepared to deal with more than one client connection on the same interface.
by xxiii
Sat Jan 15, 2011 1:25 am
Forum: General
Topic: Upgraded 4.11 to 5.0rc7- NO 2.4GHZ TRAFFIC!!
Replies: 36
Views: 7740

Re: Upgraded 4.11 to 5.0rc7- NO 2.4GHZ TRAFFIC!!

Customizing your data rates (and if using N all-around completely turning off all b/g rates, and customizing the HT rates) can get you better performance, fewer disconnects, and higher average CCQ, but its very dependent on the environment you are in (with respect to interference and noise). Basical...
by xxiii
Fri Jan 14, 2011 11:42 pm
Forum: General
Topic: Mikrotik BGP IPv4 & IPv6
Replies: 2
Views: 562

Re: Mikrotik BGP IPv4 & IPv6

We are doing IPv4 and IPv6, with both eBGP and iBGP. We generally connect our iBGP peers/reflectors together with IPv6, and the one peering session handles both IPv4 and IPv6 (and VPLS, but we aren't using it at the moment). In iBGP, there is an issue with IPv6 link-local addresses and recursive loo...
by xxiii
Fri Jan 07, 2011 8:53 pm
Forum: General
Topic: Feature request: GPS Synchronisation
Replies: 31
Views: 5305

Re: Feature request: GPS Synchronisation

I understand Desensitization now. Where are you getting your facts? Where can I read about this? I would like to learn more about what your talking about. Some of it comes from familiarity with another vendor's system, and their documentation. Here is an article about desensitization: http://en.wik...
by xxiii
Wed Dec 22, 2010 8:27 pm
Forum: General
Topic: Feature request: GPS Synchronisation
Replies: 31
Views: 5305

Re: Feature request: GPS Synchronisation

Each access point takes turns using the same frequency. This enables the WISP to make use of the frequency more efficiently. Actually, it makes all access points transmit at the same time, and listen at the same time. This keeps them from desensitizing each other. It also allows access points with ...
by xxiii
Sat Dec 18, 2010 12:30 am
Forum: Wireless Networking
Topic: Looking for some tips on natting two networks on a single RB
Replies: 6
Views: 801

Re: Looking for some tips on natting two networks on a singl

I don't see any glaring problems. I would suggest trying to connect from one of the client networks to somewhere, then go look in the firewall connection tab find the relevant entry, and double-click it (to get a detailed view) and verify that the NAT is established with the correct addresses. After...
by xxiii
Fri Dec 17, 2010 11:59 pm
Forum: General
Topic: Loaded v5.0rc5 on a RB750
Replies: 7
Views: 1784

Re: Loaded v5.0rc5 on a RB750

sorry, missed the bit about no lights. is that the case on all the ports? does whatever you're plugging it into light up?
by xxiii
Fri Dec 17, 2010 11:58 pm
Forum: General
Topic: Loaded v5.0rc5 on a RB750
Replies: 7
Views: 1784

Re: Loaded v5.0rc5 on a RB750

fire up netinstall and see if it sees it.
by xxiii
Wed Dec 15, 2010 10:10 pm
Forum: General
Topic: Suggestions
Replies: 9
Views: 2218

Re: Suggestions

7> Allow for DNS names to be entered into fields where a IP address is required (this might already be implemented) Won't happen, what will you do if it resolves to 20 addresses? or what will you do if the address changes? You would need to resolve the DNS name again. So how often will you do that?...
by xxiii
Wed Dec 15, 2010 9:40 pm
Forum: Beginner Basics
Topic: New Batch of 750s won't connect with static WAN IP.
Replies: 5
Views: 1134

Re: New Batch of 750s won't connect with static WAN IP.

Have you verified that there isn't some unexpected configuration somewhere, such as which ports are in a switchgroup, and did you put Your ips or anthing else relevant on the master port of the switchgroup rather than one of the slaves? Also already existing firewall or NAT rules, or dhcp client and...
by xxiii
Wed Dec 15, 2010 8:58 pm
Forum: General
Topic: Anyone had any experience with SIP phones?
Replies: 8
Views: 1991

Re: Anyone had any experience with SIP phones?

On ours we also had to reduce the keepalive times in SIP to 30 seconds. I forget why, but I think it was or is because the router connection tracking information isn't kept for very long for UDP packets (which SIP uses, and which can be an issue if you are packet forwarding or NATing). Also, echoing...
by xxiii
Wed Dec 15, 2010 8:39 pm
Forum: Wireless Networking
Topic: WiFi mesh in a RV park
Replies: 13
Views: 3465

Re: WiFi mesh in a RV park

A star with each remote talking directly to the AP should be faster. The speed question is someone complex and its been a while since I looked into the details of WDS but if i'm remembering correctly, each packet has to be recieved and then restransmitted to the next node towards the exit. Each hop ...
by xxiii
Wed Dec 15, 2010 8:12 pm
Forum: General
Topic: Can Hotspot & Router work in the same LAN ?
Replies: 8
Views: 1856

Re: Can Hotspot & Router work in the same LAN ?

leave the address pool in hotspot blank or none, then you have to add two bypass entries (in ip bindings): 0.0.0.0-10.10.0.255 bypass 10.10.2.0-255.255.255.255 bypass and a dhcp server, if you want to hand out dhcp to any clients that request dhcp. You could actually probably finetune those bypass e...
by xxiii
Wed Dec 15, 2010 3:05 am
Forum: General
Topic: Can Hotspot & Router work in the same LAN ?
Replies: 8
Views: 1856

Re: Can Hotspot & Router work in the same LAN ?

As mentioned, you can run pppoe and hotspot. Also, you can get the hotspot to not nat (I think you just leave its address pool set to none, but there may be more to it), and add the ip addresses (or ranges) you don't want hotspotted to its bypass list. The hotspot will try to grab all IP traffic (pp...
by xxiii
Wed Dec 15, 2010 2:16 am
Forum: Wireless Networking
Topic: WiFi mesh in a RV park
Replies: 13
Views: 3465

Re: WiFi mesh in a RV park

I would think you wouldn't need mesh then, especially if all your "wds stations" directly see the main "ap" (if there are multiple exits, or multiple hops and paths to an exit, then mesh becomes more useful) If you use different ssids, then you can tell people to just connect to whichever one is str...
by xxiii
Wed Dec 15, 2010 1:51 am
Forum: General
Topic: TCP Sessions timing out on their own way too early
Replies: 16
Views: 1198

Re: TCP Sessions timing out on their own way too early

Thanks for trying it out. Which routerOS version were you running? ... Do you have any mangle rules at all? Are you natted? It went through an x86 router with 5.0beta4 doing NAT, and then an x86 router with 4.13 and then an x86 router with 4.10. Windows vista pc with private ip -> x86 routeros 5.0b...
by xxiii
Tue Dec 14, 2010 2:20 am
Forum: Wireless Networking
Topic: Multiband (b/g/n) wireless on one card - what speed?
Replies: 7
Views: 993

Re: Multiband (b/g/n) wireless on one card - what speed?

http://en.wikipedia.org/wiki/IEEE_802.11 You can look through there and linked articles. In particular, it contains the statement: "802.11g hardware is fully backwards compatible with 802.11b hardware and therefore is encumbered with legacy issues that reduce throughput when compared to 802.11a by ~...
by xxiii
Tue Dec 14, 2010 1:58 am
Forum: Wireless Networking
Topic: Multiband (b/g/n) wireless on one card - what speed?
Replies: 7
Views: 993

Re: Multiband (b/g/n) wireless on one card - what speed?

It would actually be 1), except that it will be somewhat slower than if there were no B or G clients, as the AP has to transmit B and G compatible frames to tell those clients its busy.
by xxiii
Tue Dec 14, 2010 1:05 am
Forum: General
Topic: TCP Sessions timing out on their own way too early
Replies: 16
Views: 1198

Re: TCP Sessions timing out on their own way too early

I tried it, got the timeout message right at the beginning, started a new session browsed around fine for 21 minutes, then let it sit for about 12 minutes, then continued browsing around, then went to lunch. After coming back to lunch, the browser was on some home page of the site. There was a frequ...
by xxiii
Mon Dec 13, 2010 11:13 pm
Forum: General
Topic: Fastest Disk/Hard Drive for Internal Proxy, need advice.
Replies: 6
Views: 2705

Re: Fastest Disk/Hard Drive for Internal Proxy, need advice.

can't remember if slc drives need 'defrag' or not. Do not defragment SSD drives. With wear-leveling, even if it presents itself as defragmented, it won't really be. In any case, with an effective seek time of 0, defragmenting doesn't buy you anything, except a new ssd sooner than you would have oth...
by xxiii
Mon Dec 13, 2010 10:46 pm
Forum: Wireless Networking
Topic: WiFi mesh in a RV park
Replies: 13
Views: 3465

Re: WiFi mesh in a RV park

Try meshing on the virtual APs with WDS (using the same SSID on the virtual APs), and have the clients connect to the "real" APs (possibly with different SSIDs). If there is only one exit point to the internet, you may not need to mesh. Also, beware, RVs make nice Faraday cages and reflectors. You'l...
by xxiii
Mon Dec 13, 2010 10:03 pm
Forum: General
Topic: 10G compatibility/performance with Mikrotik?
Replies: 81
Views: 17194

Re: 10G compatibility/performance with Mikrotik?

You've hit the nail on the head and I hope it DOESN'T change, Why dont earth would you use someone like MT to handle 10+GB of traffic? As someone who remembers paying many thousands of dollars to get a router that could handle 45mbits properly, including a card with special chips that could handle ...
by xxiii
Wed Dec 08, 2010 9:10 pm
Forum: General
Topic: Feature requests
Replies: 1160
Views: 207748

Re: Feature requests

dynamically added address-list entries have timeout set by firewall rule. static entries does not have that parameter. I realize that, but I still want to see the time remaining (and possibly the original total time, if its easy to do) for the dynamic entries. The static entries can just have blank...
by xxiii
Wed Dec 08, 2010 2:37 am
Forum: Forwarding Protocols
Topic: OSPF on bridged network and redundency
Replies: 3
Views: 1156

Re: OSPF on bridged network and redundency

Since they are all bridged and in the same network, you don't need OSPF. However, you will want to make sure all your bridges are set to rstp.
by xxiii
Tue Dec 07, 2010 9:23 pm
Forum: General
Topic: Feature requests
Replies: 1160
Views: 207748

Re: Feature requests

Added to existing features:

Add timeout field to firewall address list entries so one can see how much time is remaining before an entry expires.
by xxiii
Mon Dec 06, 2010 10:11 pm
Forum: General
Topic: RB411 second "virtual" ethernet interface
Replies: 2
Views: 834

Re: RB411 second "virtual" ethernet interface

So you have the rb411 connected to one port of the 7404, and your pc connected to another port of the 7404 (and these ports are presumably bridged together)? If the 7404 supports it, you need to make a vlan on the rb411, with your 10.x.x.x network, and make that a tagged vlan on the 7404, then the p...
by xxiii
Tue Nov 30, 2010 2:11 am
Forum: Wireless Networking
Topic: Same MAC registered twice OS 4.11
Replies: 4
Views: 1152

Re: Same MAC registered twice OS 4.11

If the above is not the issue, does it still appear if you close and re-open winbox?
by xxiii
Tue Nov 30, 2010 2:05 am
Forum: Beginner Basics
Topic: "Bad ID" with IP Scan tool
Replies: 6
Views: 3267

Re: "Bad ID" with IP Scan tool

Can you try the scan from the terminal? I suspect winbox sometimes gets confused. I've occasionally seen it come up with that bad ID thing on various things that involve a list (such as torch). Usually it works if you close and reopen it (either the window in question, or sometimes winbox itself). I...
by xxiii
Tue Nov 30, 2010 1:13 am
Forum: Wireless Networking
Topic: R52Hn running multiple band simultaneously ?
Replies: 14
Views: 4105

Re: R52Hn running multiple band simultaneously ?

CM9 is am older but still popular low power 802.11a/b/g card made by Wistron. It does not cover 900MHz.
I mis-remembered the part number (must be that 9), SR9 are the ones we actually have.
by xxiii
Mon Nov 22, 2010 9:53 pm
Forum: General
Topic: MT crashes
Replies: 11
Views: 2122

Re: MT crashes

Is this specifically when PPPoE logins are failing?
by xxiii
Mon Nov 22, 2010 7:41 pm
Forum: RouterBOARD hardware
Topic: Is this what i'm after ?
Replies: 5
Views: 1116

Re: Is this what i'm after ?

The switch chip is mainly geared to layer-2 stuff, and has pretty limited capabilities compared to the regular routerOS rules. If they (mikrotik) approached the underlying implementation correctly (I don't know, but I would assume/hope so) since your forwards rely on IP address as well as the port, ...
by xxiii
Fri Nov 19, 2010 11:50 pm
Forum: RouterBOARD hardware
Topic: RB493G features and first impressions
Replies: 37
Views: 14289

Re: RB493G features and first impressions

What is the maximum MTU (jumbo frames?) and how do the capacitors look?
by xxiii
Fri Nov 19, 2010 10:27 pm
Forum: The User Manager
Topic: Mikrotik radius client behind nat
Replies: 8
Views: 3860

Re: Mikrotik radius client behind nat

Somewhat confused. radius reply packets can include a session time limit, and this would be part of the authentication process. This would usually be based on the username used to authenticate with. Its then up to the radius client to disconnect the session when the time arrives. Radius authenticati...
by xxiii
Fri Nov 19, 2010 10:13 pm
Forum: General
Topic: Routerboard 400-series in place of PC as PPPoE server
Replies: 5
Views: 1205

Re: Routerboard 400-series in place of PC as PPPoE server

We have a number of 493ah's as PPPoE servers. We also use some RB600 for PPPoE (and some x86). 100 clients on 493ah would probably be fine, unless you have complicated firewall rules (in which case, the total data rate is probably more important than the number of clients).
by xxiii
Fri Nov 19, 2010 7:59 pm
Forum: General
Topic: 10G compatibility/performance with Mikrotik?
Replies: 81
Views: 17194

Re: 10G compatibility/performance with Mikrotik?

I would think it would be hardware, along with whether or not RouterOS currently supports that card or 10g at all.
by xxiii
Fri Nov 19, 2010 7:51 pm
Forum: Wireless Networking
Topic: Wireless Apartment Complex Not Working So Well
Replies: 8
Views: 1456

Re: Wireless Apartment Complex Not Working So Well

Since you're using N cards, you may want to set up both chains, which should help those residents who also have N (and may even help the others as well, if you put the two chains far enough apart to get around an intervening microwave for instance.) Basically, use whatever channel has the least inte...
by xxiii
Fri Nov 19, 2010 7:29 pm
Forum: RouterBOARD hardware
Topic: Is this what i'm after ?
Replies: 5
Views: 1116

Re: Is this what i'm after ?

The 32 rules is specifically for the switch chip (in some of the routerboard models) on-board rules. If you use the regular RouterOS rules, you're probably only limited by the memory and cpu and how efficiently you write the rules.
by xxiii
Fri Nov 19, 2010 2:23 am
Forum: General
Topic: 5.0 RC3 Reboot Bug
Replies: 2
Views: 1073

Re: 5.0 RC3 Reboot Bug

We saw a problem on an rb600+rb816, except it was constant rebooting (would stay up less than a minute) unless nearly all ethernets unplugged. Sent the autosupouts to support and reverted to an earlier version and all was fine.
by xxiii
Wed Nov 17, 2010 10:44 pm
Forum: Wireless Networking
Topic: NV2 Sysnchronization plans on 5.x
Replies: 2
Views: 766

Re: NV2 Sysnchronization plans on 5.x

I've read somewhere that the atheros chips don't give enough control to enable synchronization (one must be able to tell it exactly when it is allowed to transmit), but I don't know if this is actually true. Given that no one seems to have come up with a synchronization solution involving them it wo...
by xxiii
Mon Nov 15, 2010 11:41 pm
Forum: Wireless Networking
Topic: Possible network loop issues using NV2 + 5.0RC3
Replies: 13
Views: 2968

Re: Possible network loop issues using NV2 + 5.0RC3

We've seen a problem on one of our links where in NV2, it would occasionally stall and either stop passing traffic or have very high latency, over the link even though it was still associated. This would occur approximately every 14 minutes (but not exactly the same each time). In 802.11 mode it was...
by xxiii
Mon Nov 15, 2010 11:20 pm
Forum: Wireless Networking
Topic: RB 600 problem
Replies: 3
Views: 967

Re: RB 600 problem

I assume there has been no recent changes, such as firmware/routeros upgrade? My prime suspect would probably be the power supply, especially if it was a just barely adequate one to begin with (they tend to degrade over time). With four cards in there, its probably a bit demanding on power. Also, pe...
by xxiii
Mon Nov 15, 2010 11:00 pm
Forum: Forwarding Protocols
Topic: OSPF Config: Dual Links to OSPF network at each site
Replies: 12
Views: 4229

Re: OSPF Config: Dual Links to OSPF network at each site

Hi, sorry about late reply. Since you still have the one bridge in the middle, you may want to create an "A" VLAN and a "B" VLAN for the two subnets, which will eliminate broadcast processing on the "wrong" subnet (assuming the bridge in the middle will carry VLANs). Also, you could easily move the ...
by xxiii
Mon Nov 15, 2010 10:22 pm
Forum: Beginner Basics
Topic: tx/rx rate field question
Replies: 3
Views: 1092

Re: tx/rx rate field question

Are you using 5mhz channels?

I think it means you're getting 54mbps rate, except its divided by 4 because of channel size, so you're actually getting 13.5 mbps, but using the same signalling mode that "54 mbps" mode uses.
by xxiii
Fri Nov 05, 2010 4:03 am
Forum: Forwarding Protocols
Topic: Trunk-Port
Replies: 4
Views: 1792

Re: Trunk-Port

You can bridge a vlan and a non-vlan interface together though, to add/strip tags between the two interfaces. Or bridge vlans from different interfaces together to change a vlan tag. (i.e. inbound packet with tag 10 on ether1 can leave ether2 untagged, or with tag 11). You could set up ether1 with a...
by xxiii
Wed Nov 03, 2010 8:00 pm
Forum: Forwarding Protocols
Topic: BGP Stabillity/Lock Ups
Replies: 16
Views: 3918

Re: BGP Stabillity/Lock Ups

We run RouterOS BGP to external AS with full tables. That router currently has an uptime of 80 days, on 4.10. However, we've pretty much isolated it from the rest of our network, and use static routes on it to the IGP routers. We would prefer that it would be a full participant in our bgp/ospf setup...
by xxiii
Wed Nov 03, 2010 7:05 pm
Forum: General
Topic: IP used for outgoing connections
Replies: 5
Views: 1401

Re: IP used for outgoing connections

You can also change it by editing the relevent route (0.0.0.0/0 for instance) and explicitly setting the Pref. Source. This can also be set using a routing filter for dynamic routes. It is a good idea for the router to have a loopback, and use the loopback's IP, for this sort of thing.
by xxiii
Wed Nov 03, 2010 6:58 pm
Forum: General
Topic: What are possible reasons for route to be inactive
Replies: 6
Views: 3010

Re: What are possible reasons for route to be inactive

Rather than disabling the interfaces, I was wondering if it became active when disabling the other routes (and if they all had to be disabled or only some of them). When checking the above you may want to add a logging rule for topic=route and see if there are any messages pertaining to when/why the...
by xxiii
Wed Nov 03, 2010 1:54 am
Forum: Wireless Networking
Topic: R52Hn running multiple band simultaneously ?
Replies: 14
Views: 4105

Re: R52Hn running multiple band simultaneously ?

This is in the case of the USA, I don't know about other regions:

lower 900 contains a small unlicensed band, which is where the mentioned cards operate. I don't think there is any unlicensed spectrum in 800. 800 contains a lot of public safety and other licensed stuff.
by xxiii
Tue Nov 02, 2010 6:41 pm
Forum: Forwarding Protocols
Topic: Does MPLS kills ECMP?
Replies: 14
Views: 5172

Re: Does MPLS kills ECMP?

No, even BGP based VPLS still needs LDP
Is this still the case if using OSPF MPLS-TE?
by xxiii
Mon Nov 01, 2010 11:15 pm
Forum: General
Topic: What are possible reasons for route to be inactive
Replies: 6
Views: 3010

Re: What are possible reasons for route to be inactive

Does it go active if you disable 0, 1, and 2, and can you verify that you can actually reach 10.80.0.1, in spite of what it says? You may also want to look into putting all four of those routes in as one route with multiple gateways instead, not sure if that's how 3.30 works though (unless you are d...
by xxiii
Mon Nov 01, 2010 10:37 pm
Forum: Forwarding Protocols
Topic: Does MPLS kills ECMP?
Replies: 14
Views: 5172

Re: Does MPLS kills ECMP?

We had trouble getting this to work too. We were experiencing some other routing issues and weren't sure what the cause was so we backed out of MPLS, and we haven't gotten back to it, but I remember having lots of problems unless we enabled LDP.
by xxiii
Mon Nov 01, 2010 9:43 pm
Forum: Wireless Networking
Topic: R52Hn running multiple band simultaneously ?
Replies: 14
Views: 4105

Re: R52Hn running multiple band simultaneously ?

In the USA and probably other places you can use part of the lower 900mhz band, and there are very few channels, and I think the card part number is CM9, but I'm not sure who makes it at the moment. 900 can sometimes have too much interference to be useful (partly because it tends to penetrate thing...
by xxiii
Mon Nov 01, 2010 8:08 pm
Forum: General
Topic: Feature requests
Replies: 1160
Views: 207748

Re: Feature requests

in what cases does your link speed change without unplugging the cable? is it really so often that you need special log entry? Not often, but handy to know when customer is calling you asking about bad link performance :) We have some sites that are very noisy RF environments, and they occasionally...
by xxiii
Fri Oct 29, 2010 11:28 pm
Forum: Beginner Basics
Topic: Forwarding UDP broadcast packets through router
Replies: 15
Views: 23974

Re: Forwarding UDP broadcast packets through router

netbios can work across routers that do not forward broadcasts: http://articles.techrepublic.com.com/5100-10878_11-5034239.html In particular, from the referenced URL: This is effective within a local network but is ineffective across routers, which do not forward broadcast packets. This means that ...
by xxiii
Fri Oct 29, 2010 10:31 pm
Forum: General
Topic: File copy via l2tp over high latency link
Replies: 6
Views: 1094

Re: File copy via l2tp over high latency link

I suppose next would be to try ftp or some other file transfer method, and see what speeds it gets.
by xxiii
Fri Oct 29, 2010 4:53 am
Forum: General
Topic: File copy via l2tp over high latency link
Replies: 6
Views: 1094

Re: File copy via l2tp over high latency link

You might want to test it anyway to see if that is the issue. 400ms is quite a lot of latency. I'm making an assumption that its just getting backed up waiting for acks and the window isn't big enough to handle the delay. Does the latency change a lot (have high jitter)? that can mess up window size...
by xxiii
Fri Oct 29, 2010 4:44 am
Forum: Wireless Networking
Topic: R52Hn running multiple band simultaneously ?
Replies: 14
Views: 4105

Re: R52Hn running multiple band simultaneously ?

You might be able to get away with that but I wouldn't recommend it and its not operating the cards (especially N cards) in the way they were designed to be operated. You would be better off using two cards, one 2.4 and one 5.8 and 4 omni-directional antennas, spaced physically as far apart as you c...
by xxiii
Fri Oct 29, 2010 4:04 am
Forum: Beginner Basics
Topic: 30-32mbps only
Replies: 6
Views: 1199

Re: 30-32mbps only

I suppose there would be some bandwidth "lost" due to layer-3 ack packets having to come back the other direction, but its a pretty small amount, certainly much less than 50%. 802.11 does not reserve bandwidth, so if you have no traffic in one direction, you should be able to get full speed in the o...
by xxiii
Fri Oct 29, 2010 3:48 am
Forum: General
Topic: DNS UDP packet size really means datagram?
Replies: 7
Views: 12256

Re: DNS UDP packet size really means datagram?

I'll have to take a look at those, I saw discussion elsewhere in these forums about IPv6 DNS responses potentially not fitting in 512, and people upping the value, for instance to 4096, which means either that its really datagram, or they have increased their (or its assuming larger) MTUs. Occasiona...
by xxiii
Fri Oct 29, 2010 3:23 am
Forum: Beginner Basics
Topic: Forwarding UDP broadcast packets through router
Replies: 15
Views: 23974

Re: Forwarding UDP broadcast packets through router

To clarify a bit, even though UDP broadcast packets are layer-3 packets, they are usually concerned with layer-2 information. For instance, an ARP packet requests information about what layer-2 address goes with a particular layer-3 address, and such a request would be useless beyond the router for ...
by xxiii
Fri Oct 29, 2010 2:35 am
Forum: Forwarding Protocols
Topic: OSPF works than STOPS by ITSELF
Replies: 19
Views: 5657

Re: OSPF works than STOPS by ITSELF

I note that the configuration at the top of this thread shows both router ids are 0.0.0.0. Its possible that 0.0.0.0 for the router id really means "pick one of my existing IP addresses, and use that as the router-id", but i'm not sure if thats what happens with routeros or not; I always explicitly ...
by xxiii
Thu Oct 28, 2010 9:44 pm
Forum: Beginner Basics
Topic: Forwarding UDP broadcast packets through router
Replies: 15
Views: 23974

Re: Forwarding UDP broadcast packets through router

Are you routing between the interfaces, or bridging? Broadcasts (and some multicasts) generally only concern layer-2 issues (ARP packets for instance) and do not need to go beyond the nearest router. However, they should transition any bridged interfaces, and layer-2 transparent tunnels, unless they...
by xxiii
Thu Oct 28, 2010 9:32 pm
Forum: General
Topic: DNS UDP packet size really means datagram?
Replies: 7
Views: 12256

DNS UDP packet size really means datagram?

I am assuming that in the DNS settings, the Max UDP packet size parameter really means datagram (which can be made up of more than one packet).

Can anyone confirm or deny this?
by xxiii
Thu Oct 28, 2010 9:20 pm
Forum: Wireless Networking
Topic: R52Hn running multiple band simultaneously ?
Replies: 14
Views: 4105

Re: R52Hn running multiple band simultaneously ?

While there apparently are some radios that can do that, I don't think this one can. The two antenna jacks are so you can run in 802.11N 2x1 or 2x2 mode. Ridiculusly flawed analogy: With two eyes, you can see depth that you can't see with only one eye. With 802.11n and two antennas, you can "see" mo...
by xxiii
Thu Oct 28, 2010 9:12 pm
Forum: Beginner Basics
Topic: 30-32mbps only
Replies: 6
Views: 1199

Re: 30-32mbps only

Welcome to the wonderful world of 802.11 and marketing. Basically the 65 mbit is the raw low-level speed, before overhead has been taken into account, and 802.11 has significant overhead. This is why some alternative technologies seem slower, because those technologies quote the actual speed you wil...
by xxiii
Thu Oct 28, 2010 8:41 pm
Forum: General
Topic: File copy via l2tp over high latency link
Replies: 6
Views: 1094

Re: File copy via l2tp over high latency link

You may need to increase the TCP window size, google (or search engine of your choice): linux tcp window size
by xxiii
Wed Oct 27, 2010 8:00 pm
Forum: General
Topic: Mikrotik-Address-List & Framed-IP-Address
Replies: 16
Views: 6793

Re: Mikrotik-Address-List & Framed-IP-Address

I now have a theory. If the response comes from the radgroupreply table it adds it to the address-list. If it comes from the radreply table it doesn't. That doesn't seem to be correct behavior. radgroupreply and radreply are freeradius concepts. The radius client (the router) just receives a list o...
by xxiii
Wed Oct 27, 2010 7:05 pm
Forum: General
Topic: RouterOS v4.12 released - comment
Replies: 12
Views: 2025

Re: RouterOS v4.12 released - comment

One would hope that it contained the OSPF fix.
by xxiii
Wed Oct 27, 2010 2:47 am
Forum: General
Topic: VRRP - did I get this right?
Replies: 12
Views: 1356

Re: VRRP - did I get this right?

Hm, interesting. It appears the current wiki documentation and the previously available documentation differ significantly in how to set it up. I think I understand why both methods work, but I shall study further. When doing it the "old" way, private IPs should be sufficient for the management part...
by xxiii
Tue Oct 26, 2010 9:56 pm
Forum: Beginner Basics
Topic: Can't get internet access apart from dns,ping (5.0 RC1)
Replies: 22
Views: 9660

Re: Can't get internet access apart from dns,ping (5.0 RC1)

Its sounding like MTU again, except it apparently works fine with the router's proxy, so router to the internet and router to your PC seems to be fine, but PC through router to internet is not. Make sure change TCP-MSS is enabled in your PPPoE client profile. I think you had the MTUs on your PPPoE c...
by xxiii
Tue Oct 26, 2010 8:23 pm
Forum: General
Topic: Feature requests
Replies: 1160
Views: 207748

Re: Feature requests

Here is what I just created under existing features: Add configuration options to ping-watchdog to specify how many pings should be performed and how far apart before triggering a reboot. This can help avoid false positives when another node along the route reboots and doesn't get routing back up in...
by xxiii
Fri Oct 22, 2010 10:45 pm
Forum: General
Topic: xr3-3.5 card uses/license?
Replies: 5
Views: 610

Re: xr3-3.5 card uses/license?

by xxiii
Fri Oct 22, 2010 10:34 pm
Forum: General
Topic: xr3-3.5 card uses/license?
Replies: 5
Views: 610

Re: xr3-3.5 card uses/license?

Oh, there is an extrememly narrow band starting at 3.65 for the usage I quoted. I'm not sure off hand what the licensing requirements are on either side of that band.

Have you checked at fcc.gov?
by xxiii
Fri Oct 22, 2010 10:30 pm
Forum: General
Topic: VRRP - did I get this right?
Replies: 12
Views: 1356

Re: VRRP - did I get this right?

Is there some reason you want them in the same network? I don't think it was meant to work that way.

There is the network(s) that are being redundantly served by vrrp, and then there is the management network that vrrp uses for its own housekeeping.
by xxiii
Fri Oct 22, 2010 9:20 pm
Forum: General
Topic: VRRP - did I get this right?
Replies: 12
Views: 1356

Re: VRRP - did I get this right?

In a VRRP test environment we have it set up like this (except with different IPs): ex: router1 ether1 vrrp common-switch router2 ether1 vrrp common-switch router1 ether1 192.168.10.1/30 router2 ether1 192.168.10.2/30 router1 vrrp 192.168.1.1/24 router2 vrrp 192.168.1.1/24 And router1 and router2 ha...
by xxiii
Fri Oct 22, 2010 3:27 am
Forum: General
Topic: xr3-3.5 card uses/license?
Replies: 5
Views: 610

Re: xr3-3.5 card uses/license?

Where are you? In the United States of America you need to get a license from the FCC, which will be non-exclusive and general purpose, and cover all your 3.65 links, then you can use it. I think you are supposed to declare the coordinates, and possibly the power level, of all your links also, and w...
by xxiii
Fri Oct 22, 2010 3:10 am
Forum: General
Topic: Prioritizing traffic
Replies: 2
Views: 846

Re: Prioritizing traffic

Could you be more specific about what you mean by confused? Regular tcp packets can have the ack flag and carry data as well. Perhaps this is causing the "confusion"?
by xxiii
Fri Oct 22, 2010 12:18 am
Forum: Beginner Basics
Topic: Can't get internet access apart from dns,ping (5.0 RC1)
Replies: 22
Views: 9660

Re: Can't get internet access apart from dns,ping (5.0 RC1)

Sorry, typo, in unix land its a -s. I remember verifying that it was -l, but I forgot to actually fix it in the post. The windows firewall is great at protecting the rest of the internet from you (but not from any viruses you may have) :D I think the windows 7 (and vista) firewall by default does no...
by xxiii
Thu Oct 21, 2010 11:59 pm
Forum: General
Topic: VRRP - did I get this right?
Replies: 12
Views: 1356

Re: VRRP - did I get this right?

Where are those yin and yan IPs actually assigned? did you put them on the underlying interface, or on the vrrp-interface itself?

And are they a /30, a /24, or what?
by xxiii
Thu Oct 21, 2010 10:57 pm
Forum: Forwarding Protocols
Topic: OSPF Config: Dual Links to OSPF network at each site
Replies: 12
Views: 4229

Re: OSPF Config: Dual Links to OSPF network at each site

Another possiblity is to get your layer-2 provider to actually provide you with two bridges, an A bridge, and a B bridge. Then at every site one of your DSL modems and corresponding router interface are in the A bridge, and the other dsl modem and ethernet port are in the B bridge, and you use 192.1...
by xxiii
Thu Oct 21, 2010 10:30 pm
Forum: Forwarding Protocols
Topic: OSPF Config: Dual Links to OSPF network at each site
Replies: 12
Views: 4229

Re: OSPF Config: Dual Links to OSPF network at each site

Have you tried this yet? I believe stp/rstp should be able to handle the loss of connection with the ethernets to the dsl modems still being up, but stp may take upwards of 2 minutes to notice/correct.
by xxiii
Thu Oct 21, 2010 10:28 pm
Forum: General
Topic: RB493 (3.28) pppoe client problem
Replies: 1
Views: 387

Re: RB493 (3.28) pppoe client problem

You've rebooted the router? Anything in the log? You could turn on pppoe logging and see if it says anything at the point of transition. You may actually need to use topic=pppoe,!debug,!raw or there will be flood of messages, but you may need debug to see whats going on, if it shows up in the log at...
by xxiii
Thu Oct 21, 2010 10:19 pm
Forum: General
Topic: Bandwidth priorities and simple queues
Replies: 35
Views: 5548

Re: Bandwidth priorities and simple queues

You should move the queue to the interface that is facing the clients. If you have: internet -> ether1 routeros ether2 -> clients then you should attach the queue to ether2 (or global-out). You can attach corresponding queues with their own limits to ether1 to limit traffic in the other direction. (...
by xxiii
Thu Oct 21, 2010 9:39 pm
Forum: Beginner Basics
Topic: Can't get internet access apart from dns,ping (5.0 RC1)
Replies: 22
Views: 9660

Re: Can't get internet access apart from dns,ping (5.0 RC1)

I've been trying to approach this from what could be different between your VMs, and unless there is a difference between the VMs handling of ethernet somehow, I don't see how it could be MTU. So on the packet sniff, are there any large packets, and which side was the first to not reply? Were there ...
by xxiii
Thu Oct 21, 2010 1:18 am
Forum: The Dude
Topic: Dude alternatives
Replies: 14
Views: 11691

Re: Dude alternatives

Of free ones, OpenNMS, nice graphing, auto-discovery, supports multiple snmp communities Nagios, hate the config file, but we can get it to fire triggers automatically (after much customizing) The Dude, nice maps, and real-time visibililty into routeros devices. This seems like 2 too many, but they ...
by xxiii
Wed Oct 20, 2010 11:49 pm
Forum: Wireless Networking
Topic: confused about antenna selection
Replies: 5
Views: 1083

Re: confused about antenna selection

Alternatively you could add a second antenna to each side for the second chain. Or two antennas on one side and a dual-polarity rocketdish on the other.
by xxiii
Wed Oct 20, 2010 9:34 pm
Forum: Beginner Basics
Topic: Can't get internet access apart from dns,ping (5.0 RC1)
Replies: 22
Views: 9660

Re: Can't get internet access apart from dns,ping (5.0 RC1)

It could be an MTU issue (which is usually the case when things seem to work except for websites, especially https websites), but that shouldn't change between the two VMs. Since your telnet test seemed to work from the router, but not the PC, it sounds like its either not NATting correctly, or not ...
by xxiii
Wed Oct 20, 2010 4:36 am
Forum: Beginner Basics
Topic: rx drops problem !
Replies: 3
Views: 1389

Re: rx drops problem !

If there is an instantaneous demand for more than 100% (or 400% depending on how you look at it) cpu it could be a momentary problem that wouldn't necessarily show up as high cpu usage in general (perhaps the interface was operating at 400,000 packets a second, for 100th of a second). Is routeros co...
by xxiii
Wed Oct 20, 2010 4:17 am
Forum: Forwarding Protocols
Topic: OSPF Config: Dual Links to OSPF network at each site
Replies: 12
Views: 4229

Re: OSPF Config: Dual Links to OSPF network at each site

stp/rstp might notice its down (via probe type packets), but I'm not sure. Its past my playtime so I can't look into it right now.
by xxiii
Wed Oct 20, 2010 3:53 am
Forum: Beginner Basics
Topic: Can't get internet access apart from dns,ping (5.0 RC1)
Replies: 22
Views: 9660

Re: Can't get internet access apart from dns,ping (5.0 RC1)

Can you ping using larger packet sizes and see what happens? Sorry not sure how to do this but considering i have another 4.11 setup exactly the same not sure how this would be different between the 2. Happy to test if you can give me the command. /ping a.b.c.d size=1400 How much memory are you giv...
by xxiii
Wed Oct 20, 2010 2:59 am
Forum: General
Topic: VLAN Truck, bridging untagged packets
Replies: 16
Views: 5171

Re: VLAN Truck, bridging untagged packets

I've just been reading up on vlans, and it appears vlan-0 really means not a vlan, but still tagged (according to the 802.1q standards); so this becomes a bit harder problem. You could bridge vlan-10 to the switch, but then we have to figure out how to only get the untagged packets injected into vla...
by xxiii
Wed Oct 20, 2010 1:55 am
Forum: Forwarding Protocols
Topic: OSPF Config: Dual Links to OSPF network at each site
Replies: 12
Views: 4229

Re: OSPF Config: Dual Links to OSPF network at each site

Also, when you're testing, failover may take anywhere from a few seconds to upwards of a minute to occur at layer-2 (it should be quite fast if you use rstp rather than stp). If ospf then goes down as a result of that, there will be an additional delay while ospf comes back up. you can play with the...
by xxiii
Wed Oct 20, 2010 1:48 am
Forum: Forwarding Protocols
Topic: OSPF Config: Dual Links to OSPF network at each site
Replies: 12
Views: 4229

Re: OSPF Config: Dual Links to OSPF network at each site

ospf can load-balance if the costs are the same, but since this isn't the case, load-balancing would be a bit more difficult to get set up. I suggest for now you just try the bridging suggestion and see how it works: On each routerboard, create a bridge with stp or rstp, put ether1 and ether2 into t...
by xxiii
Wed Oct 20, 2010 12:57 am
Forum: General
Topic: VLAN Truck, bridging untagged packets
Replies: 16
Views: 5171

Re: VLAN Truck, bridging untagged packets

In rule tab under Switch, you can add a rule with Match, vlan, vlan header not present, which should then only apply the action to packets which don't have a vlan header. Additionally, I think if you set the new vlan id to 0, that means strip. You can kludge the input/output thing by using the Src a...
by xxiii
Wed Oct 20, 2010 12:05 am
Forum: Forwarding Protocols
Topic: OSPF Config: Dual Links to OSPF network at each site
Replies: 12
Views: 4229

Re: OSPF Config: Dual Links to OSPF network at each site

If I understand whats going on correctly (the middle piece is your provider, who is transparently bridging together all of your DSL links at layer 2, and they are providing no layer-3 service in that bridge? the 192.168.0.0/24 is purely your construction? And your OSPF is only between your routerboa...
by xxiii
Tue Oct 19, 2010 10:11 pm
Forum: General
Topic: QoS question
Replies: 1
Views: 571

Re: QoS question

In queue tree, make three queues, A parent queue for the outgoing interface (whose parent will be the interface, or possibly the global one), with limit matching the bandwidth of the interface, then one for him, and one for everyone else, that both specify the first queue as their parent. Use the pr...
by xxiii
Tue Oct 19, 2010 9:26 pm
Forum: Beginner Basics
Topic: PPPoE Clients with normal LAN clients
Replies: 13
Views: 1024

Re: PPPoE Clients with normal LAN clients

I would echo that you should try to do this with routing, but in the PPPoE profiles, you will see that you can in fact add the PPPoE interface to a bridge dynamically (not that you should, usually). One of PPPoE's features, unless you're only using it for authorization, is to create an isolated poin...
by xxiii
Tue Oct 19, 2010 9:06 pm
Forum: Beginner Basics
Topic: Can't get internet access apart from dns,ping (5.0 RC1)
Replies: 22
Views: 9660

Re: Can't get internet access apart from dns,ping (5.0 RC1)

Sorry, I got distracted several times while composing that last response, I see you already posted some of what I asked for, and I didn't read your problem carefully enough. So ping to the internet works, but not web pages, and this is the case with both 4.11 and 5.0rc1 on your notworking vm? Can yo...
by xxiii
Tue Oct 19, 2010 8:34 pm
Forum: Beginner Basics
Topic: Can't get internet access apart from dns,ping (5.0 RC1)
Replies: 22
Views: 9660

Re: Can't get internet access apart from dns,ping (5.0 RC1)

You have this line in your notworking one that isn't present in the working one, but it doesn't appear it should be making a difference (unless you're using 192.168.88 somewhere else) add address=192.168.88.1/24 broadcast=192.168.88.255 comment=\ "default configuration" disabled=no interface=ether1 ...
by xxiii
Tue Oct 19, 2010 6:44 pm
Forum: General
Topic: Logging to Dude, other syslog server
Replies: 4
Views: 1742

Re: Logging to Dude, other syslog server

Your line that says: add action=remote disabled=no prefix=inxwrlsap- topics=\ info,critical,error,warning Means to log only events that have all four of those topics. You need to put four separate rules. It is occasionally handy to be able to select multiple topics, for instance if I only want to se...
by xxiii
Tue Oct 19, 2010 4:04 am
Forum: Beginner Basics
Topic: rx drops problem !
Replies: 3
Views: 1389

Re: rx drops problem !

I'm guessing packets are being received faster than the device/router can process them. 337 Mbps / 50,000+ pps is nothing to sneeze at, especially if you have firewall rules. Also do you have any queing going on? What type of device/processor is it? If the RX dropped is a very small percentage of th...
by xxiii
Tue Oct 19, 2010 2:58 am
Forum: Beginner Basics
Topic: Bonding vs load balancing
Replies: 3
Views: 5680

Re: Bonding vs load balancing

Generally speaking, bonding happens at a lower level and can potentially more smoothly load-balance. It should generally also guarantee in-order packet delivery. Bonding can load-balance at a sub-packet level and increase throughput for a single stream of data. Bonded interfaces appear as one higher...
by xxiii
Mon Oct 18, 2010 11:02 pm
Forum: General
Topic: VLAN Truck, bridging untagged packets
Replies: 16
Views: 5171

Re: VLAN Truck, bridging untagged packets

Rumaging around in one of our routerboards that has the switch chip, It appears that it can assign untagged to a specific vlan.
by xxiii
Mon Oct 18, 2010 10:54 pm
Forum: General
Topic: VLAN Truck, bridging untagged packets
Replies: 16
Views: 5171

Re: VLAN Truck, bridging untagged packets

Have you tried bridging the underlying interface somewhere and then using a bridge firewall rule to strip off all tagged traffic? Just a thought, I haven't extensively looked at the bridge filters to see if they can be easily convinced to do this. You might be able to do someting in conjunction with...
by xxiii
Mon Oct 18, 2010 10:37 pm
Forum: General
Topic: Hotspot giving out IPS to devices behind router
Replies: 9
Views: 1515

Re: Hotspot giving out IPS to devices behind router

To your earlier question, yes PPPoE (in Mikrotik routers) can do rate limits. PPPoE may help with the different gateway situation, but thats a complicated discussion. General Hint though, create as many IP pools as gateways, and using sufficient radius server, assign each customer to be allocated fr...
by xxiii
Mon Oct 18, 2010 9:44 pm
Forum: General
Topic: Dynamic IP for clients - need help
Replies: 2
Views: 570

Re: Dynamic IP for clients - need help

Observation suggests that the ip pools work by always assigning the last free IP in the pool. If a client disconnects and rapidly reconnects, Its probable that the IP they just freed will happen to be the next available IP when they reconnect. If this isn't acceptable/desirable, you could possibly d...
by xxiii
Mon Oct 18, 2010 9:00 pm
Forum: Beginner Basics
Topic: Link graph look like COMB
Replies: 2
Views: 633

Re: Link graph look like COMB

Are you sure the real traffic is steady and not bursty? What happens when you look at the graphs for the other side(s) of the link? (ethernet side and/or radio side?) Is this from the ETH interface of the bullet, or the ETH interface of whatever the bullet is plugged into? If its plugged into a rout...
by xxiii
Sat Oct 16, 2010 12:47 am
Forum: Wireless Networking
Topic: more speed whit R52Hn
Replies: 10
Views: 2188

Re: more speed whit R52Hn

Keep in mind the ethernet ports on the 433 are only capable of 100mbit each way.

What do you get when you run a UDP bandwidth test directly from one router to the other? (receive, send, and both)
by xxiii
Fri Oct 15, 2010 11:58 pm
Forum: Forwarding Protocols
Topic: Routing Crash's
Replies: 9
Views: 1950

Re: Routing Crash's

I just found in my email a response from Mikrotik (I should have finished going through my email before posting; I've been off for a couple days), that they've been able to reproduce what we've been seeing, and it should hopefully be fixed in 5.0rc2 (or possibly the version after that).
by xxiii
Fri Oct 15, 2010 11:45 pm
Forum: Forwarding Protocols
Topic: Routing Crash's
Replies: 9
Views: 1950

Re: Routing Crash's

http://forum.mikrotik.com/viewtopic.php?f=14&t=43677 To amend what I said in that post, we've now seen issues in various 4.x versions as well. As far as we can tell, (echoing the response you posted) an OSPF state change occurs somewhere in the network, and this causes various other routers to crash...
by xxiii
Tue Oct 12, 2010 2:30 am
Forum: General
Topic: Fairly simple (I think...) OSPF implementation
Replies: 4
Views: 795

Re: Fairly simple (I think...) OSPF implementation

You have a number of these sort of networks: /routing ospf network> add network=10.100.101.0/32 area=backbone Where I suspect you meant either /30 or /24 depending on how you've divided up your address space. It appears you're using a /30 out of those blocks as your transit links? Depending on what ...
by xxiii
Tue Oct 12, 2010 1:14 am
Forum: The User Manager
Topic: Usermanager bypass Paypal
Replies: 4
Views: 1833

Re: Usermanager bypass Paypal

You could pre-generate a bunch of vouchers and just hand them out with the receipt, or on request, when the customer buys something. (unless you're specifically trying to collect email addresses).
by xxiii
Tue Oct 12, 2010 1:03 am
Forum: Wireless Networking
Topic: Indoor 802.11n w/2xMimo (2.4ghz)
Replies: 2
Views: 974

Re: Indoor 802.11n w/2xMimo (2.4ghz)

You should have the antennas physically separated, at least several inches, up to several feet depending on how far away your clients are going to be. There is not an exact distance required/necessary.
by xxiii
Tue Oct 12, 2010 12:44 am
Forum: General
Topic: Avoiding WDSs to communicate to each other on wireless P2MP
Replies: 5
Views: 759

Re: Avoiding WDSs to communicate to each other on wireless P

If your point to multi-point equipment will pass vlans, then yes, you can use vlans.

In winbox, just open interfaces, then click on VLAN tab. After you create a vlan it will appear as an interface, and you can assign IP to it, or pppoe client or whatever.
by xxiii
Fri Oct 08, 2010 10:49 pm
Forum: Wireless Networking
Topic: 40 Mhz while using 802.11n
Replies: 1
Views: 1351

Re: 40 Mhz while using 802.11n

If I understand what you're asking, open wireless settings, click on advanced mode, go to wireless, set band to one of the Only-N modes, go to data rates, change to configured, turn off everything, go to HT tab, make sure extension channel is enabled, go to HT MCS tab, make sure the ones you want ar...
by xxiii
Thu Oct 07, 2010 10:58 pm
Forum: Beginner Basics
Topic: Ethernet Interfaces show "R" running even with no cable on
Replies: 9
Views: 1656

Re: Ethernet Interfaces show "R" running even with no cable

/interface ethernet

Unfortunately, this particular option is in the form of a double-negative.
by xxiii
Thu Oct 07, 2010 9:33 pm
Forum: RouterBOARD hardware
Topic: Kernel panic - not syncing: No init found. Try passing init
Replies: 4
Views: 1618

Re: Kernel panic - not syncing: No init found. Try passing

See if you can netinstall it. It sounds like the flash might be corrupted or erased.
by xxiii
Thu Oct 07, 2010 9:30 pm
Forum: General
Topic: Need Help ASAP ! I couldn't access my RouterBoard RB411/411R
Replies: 2
Views: 468

Re: Need Help ASAP ! I couldn't access my RouterBoard RB411/

Assuming neighbor discovery is enabled on the relevant interface, it sounds hung and probably needs power-cycled. After that, you could enable the watchdog, and possibly the ping watchdog (there are two watchdogs), and hope that is able to recover it if it happens again. What version is it running, ...
by xxiii
Thu Oct 07, 2010 9:11 pm
Forum: Wireless Networking
Topic: more speed whit R52Hn
Replies: 10
Views: 2188

Re: more speed whit R52Hn

You've enabled both chains, on both sides, with two antennas or a dual-polarity antenna (is this what that "duplex" antenna you mentioned is?), and you're using the extension channel with 20mhz width? Look at the tx/rx datarates and see if they are at the max. what are you using to speed test with, ...
by xxiii
Thu Oct 07, 2010 8:56 pm
Forum: Wireless Networking
Topic: Access points
Replies: 4
Views: 1153

Re: Access points

Instead of running hotspot on each access point, you can have a master hotspot controller that all the access points go through.
by xxiii
Thu Oct 07, 2010 8:31 pm
Forum: General
Topic: Problem with RB/450 and packetloss
Replies: 3
Views: 702

Re: Problem with RB/450 and packetloss

Is there packetloss between the 450 and the client? How many entries are in your ARP table when it starts having problems? If you only reboot the 450 and nothing else, do the problems go away for awhile? Is it a consistent amount of time before the problems start up again, and how many devices are a...
by xxiii
Mon Oct 04, 2010 10:06 pm
Forum: Wireless Networking
Topic: CQQ=100% but extensive data los - why ?
Replies: 14
Views: 2212

Re: CQQ=100% but extensive data los - why ?

Its a layer-2 retransmission, as opposed to layer-3.
by xxiii
Mon Oct 04, 2010 10:00 pm
Forum: Beginner Basics
Topic: How to setup Dual Wan with only incoming on second interface
Replies: 14
Views: 4123

Re: How to setup Dual Wan with only incoming on second inter

http://www.mikrotik.com/testdocs/ros/2. ... ontent.php

Its supposed to be at the below URL, but currently isn't, so use the above link and read the stuff and example about policy routing.

http://wiki.mikrotik.com/wiki/Policy_routing
by xxiii
Mon Oct 04, 2010 9:27 pm
Forum: Wireless Networking
Topic: Setup a Mikrotik CPE so that it acts as a cpe plus a link ?
Replies: 4
Views: 1275

Re: Setup a Mikrotik CPE so that it acts as a cpe plus a lin

Its basically a matter of routing, and whether or not you are using NAT, and do both ADSL routers go to the same place, (and do you control that place). Assuming the DSL routers each have their own public IP out to the internet, and you're using NAT, and not using BGP/OSPF, you need to change/add yo...
by xxiii
Mon Oct 04, 2010 9:22 pm
Forum: General
Topic: Getting Older Log Entries
Replies: 2
Views: 458

Re: Getting Older Log Entries

Or send the logs to a remote syslog, which is handy if you have several routers and you want to see all the logs in a central place. (although any log entries sent if/while the remote syslog is unreachable will be lost).
by xxiii
Mon Oct 04, 2010 7:58 pm
Forum: Beginner Basics
Topic: Howto forward all traffic on a WAN-interface
Replies: 2
Views: 744

Re: Howto forward all traffic on a WAN-interface

If I understood you correctly, it sounds like you just want to bridge ports 1 and 5 together? In which case, do so; you will need to create another bridge. (and you should move any configuration on port 1 to be on that bridge instead).
by xxiii
Mon Oct 04, 2010 7:26 pm
Forum: Scripting
Topic: Script in RB450G dont work
Replies: 5
Views: 1185

Re: Script in RB450G dont work

Any possibility of getting more specific error messages?
by xxiii
Sat Oct 02, 2010 12:21 am
Forum: General
Topic: Too many bugs
Replies: 40
Views: 4874

Re: Too many bugs

I just took a quick look at some accounting records for PPPoE and they seem to be starting over from 0 for each connection just fine, from a 5.0beta6 router. Are these from PPPoE connections or some other type? Also, it appears you're using freeradius. Double-check to make sure its not configured to...
by xxiii
Fri Oct 01, 2010 11:58 pm
Forum: Beginner Basics
Topic: How to setup Dual Wan with only incoming on second interface
Replies: 14
Views: 4123

Re: How to setup Dual Wan with only incoming on second inter

I'm guessing the issue is that you (and abeggled) probably need a policy route to send traffic out the correct interface based on the source-ip, or ingress interface. You probably have a 0.0.0.0 route that goes out one of your WANs? For testing, you could just add a temporary static route to whereve...
by xxiii
Fri Oct 01, 2010 3:22 am
Forum: General
Topic: New wireless protocol: Nv2 in v5.0beta5
Replies: 217
Views: 77737

Re: New wireless protocol: Nv2 in v5.0beta5

Set it to 20mhz, then go to the HT tab and enable the extension channel.
by xxiii
Fri Oct 01, 2010 3:19 am
Forum: Beginner Basics
Topic: Use more than one IP
Replies: 10
Views: 1061

Re: Use more than one IP

Your upstream should be willing to give you as many IPs as you can justify, in this case you should be able to get a full /24. But anyway, there might be a way to get NAT to use more than one IP in a round robin fashion, otherwise, depending on how your customers are connected, you could do somethin...
by xxiii
Fri Oct 01, 2010 2:33 am
Forum: General
Topic: Too many bugs
Replies: 40
Views: 4874

Re: Too many bugs

Regarding the ping issue, I noticed you used a 10ms interval, which in the case of routeros means any replies that take longer than 10ms will be counted as loss. (and will also not show up in the max column, which I notice was 8, so its possible that 12% of the packets had a longer than 10ms respons...
by xxiii
Fri Oct 01, 2010 2:16 am
Forum: Beginner Basics
Topic: Use more than one IP
Replies: 10
Views: 1061

Re: Use more than one IP

Are you doing NAT then? You should probably start assigning each customer their own public IP; either statically, via PPPoE, or via DHCP, and let the customer router or CPE do the NAT.
by xxiii
Thu Sep 30, 2010 7:39 pm
Forum: Beginner Basics
Topic: How to setup Dual Wan with only incoming on second interface
Replies: 14
Views: 4123

Re: How to setup Dual Wan with only incoming on second inter

I should mention that some protocols don't get along well with NAT, such as SIP and Windows file sharing, although they'd likely still have problems if you only had one WAN. And, some external sites (SMTP servers for instance) may not like it if DNS/reverse-DNS doesn't match up (you could create cor...
by xxiii
Thu Sep 30, 2010 7:25 pm
Forum: Beginner Basics
Topic: How to setup Dual Wan with only incoming on second interface
Replies: 14
Views: 4123

Re: How to setup Dual Wan with only incoming on second inter

so: (with made-up ip addresses) all in the same router, 1.0.0.0/24 -> ether1 metric 2 2.0.0.0/24 -> ether4 metric 1 192.168.200.1/24 -> ether2 -> your servers and clients You dstnat to your servers and masquerade/srcnat your clients? And connection tracking is on? If you setup the rules right, nat s...
by xxiii
Thu Sep 30, 2010 2:55 am
Forum: General
Topic: PPPoE + Radius
Replies: 9
Views: 1339

Re: PPPoE + Radius

If you are going to be using OSPF or BGP then it will come in handy. It also provides an IP address that belongs to the router, rather than one of its specific interfaces, and will always be "up" as long as the router is up; which lets you (or BGP, for instance) reach the router through any interfac...
by xxiii
Wed Sep 29, 2010 11:44 pm
Forum: General
Topic: 4 mikrotik bridges lower TCP one session throughput
Replies: 4
Views: 770

Re: 4 mikrotik bridges lower TCP one session throughput

So one session goes 2mbit, but 20 gets 22mbit over the same link in the same direction?

Are there any queues or firewall rules? Or a rate limit in the wireless profiles?

Are you FTPing directly to the routerboard or to something behind it?
by xxiii
Wed Sep 29, 2010 11:24 pm
Forum: Beginner Basics
Topic: How to delete Dynamic route?
Replies: 3
Views: 6477

Re: How to delete Dynamic route?

You probably need to rethink how the IP addresses are assigned, or you need a more specific route that overrides the DAC one for the PPtP server, or use a vlan, or run PPtP on both failover routers (depending on how you set up the failover).
by xxiii
Wed Sep 29, 2010 11:13 pm
Forum: General
Topic: access hotspot page in PPPoE
Replies: 16
Views: 3864

Re: access hotspot page in PPPoE

Kinda depends on how they're blocking it. You could use change the ports (or use nat rules to change the ports) to something they're not blocking, or create an IPIP tunnel, then create the vpn through the tunnel, or some other type of tunnel. You may have to combine these, depending on how they're b...
by xxiii
Wed Sep 29, 2010 10:32 pm
Forum: Beginner Basics
Topic: How to setup Dual Wan with only incoming on second interface
Replies: 14
Views: 4123

Re: How to setup Dual Wan with only incoming on second inter

For simple cases, you can use the distance value in the routing table to control which routes have preference for outbound. As for the rest its hard to tell what the issue is without knowing more about your situation, for instance do you have your own IP addresses, or do you have different public ad...
by xxiii
Wed Sep 29, 2010 9:30 pm
Forum: General
Topic: 4 mikrotik bridges lower TCP one session throughput
Replies: 4
Views: 770

Re: 4 mikrotik bridges lower TCP one session throughput

The TCP test has trouble reaching full throughput unless you use several sessions, especially on devices with wimpier CPUs. You may notice the CPU usage on one or both sides go to 100% while its running. We have a hard time fully trusting it as a result. The UDP test will probably give you a good id...
by xxiii
Wed Sep 29, 2010 9:19 pm
Forum: General
Topic: PPPoE + Radius
Replies: 9
Views: 1339

Re: PPPoE + Radius

I would suggest you create a loopback interface (see the wiki) with a valid IP, and use that as your local address. The local address should be a valid IP for the router, but no, it does not need to be in the same network. Depending on what you're doing with the router, the loopback IP can be used f...
by xxiii
Wed Sep 29, 2010 7:35 pm
Forum: General
Topic: Winbox failed to connect if interface set into jumbo frames
Replies: 2
Views: 983

Re: Winbox failed to connect if interface set into jumbo fra

Is there anything between your pc and the router that might be blocking ICMP? and/or not jumbo capable? Assuming its not a bug, either the packets are being discarded by something that is not jumbo capable (or enabled for jumbo) and/or something has a lower MTU and its ICMP too large responses are n...
by xxiii
Wed Sep 29, 2010 1:51 am
Forum: General
Topic: Hot-spot and PPPoE combined togheter on user manager?
Replies: 1
Views: 482

Re: Hot-spot and PPPoE combined togheter on user manager?

Yes. See my posts in

http://forum.mikrotik.com/viewtopic.php?f=2&t=45185

And make sure you enable both hotspot and ppp in radius, and in their respective authentication sections.
by xxiii
Tue Sep 28, 2010 8:07 pm
Forum: Beginner Basics
Topic: First pppoe Connection
Replies: 6
Views: 2904

Re: First pppoe Connection

And did you configure DNS on either the router (/ip dns) or in the PPP profile?
by xxiii
Tue Sep 28, 2010 3:31 am
Forum: Wireless Networking
Topic: CQQ=100% but extensive data los - why ?
Replies: 14
Views: 2212

Re: CQQ=100% but extensive data los - why ?

The CCQ in the other direction isn't necessarily 100%. If the client you're using supports reporting the values back to the AP, (which apparently it doesn't in this case), the CCQ box would show something like 100/100, one of which would be the CCQ from the AP to the client, and the other would be t...
by xxiii
Tue Sep 28, 2010 3:21 am
Forum: General
Topic: access hotspot page in PPPoE
Replies: 16
Views: 3864

Re: access hotspot page in PPPoE

Just the confirmation I wanted. So when the PPPoE user authenticates the don't get the hotspot login in page right? Right, PPPoE users have no idea there is a hotspot. At least the way we set it up, which is we give the router a loopback address and use that for the local address in the PPPoE profi...
by xxiii
Mon Sep 27, 2010 8:29 pm
Forum: General
Topic: BGP HoldTimer Expired
Replies: 3
Views: 1460

Re: BGP HoldTimer Expired

See if there are supouts or autosupouts on any of the routers.

Also, if you're using OSPF have you noticed if your OSPF sessions are dropping or resetting? (check the adjacency time in the ospf neighbors).
by xxiii
Fri Sep 24, 2010 11:54 pm
Forum: General
Topic: access hotspot page in PPPoE
Replies: 16
Views: 3864

Re: access hotspot page in PPPoE

Upon re-reading this thread more carefully: how can I access the hotspot html page if login using pppoE? We don't do this, as we prefer hotspot OR PPPoE, but you could try making a bridge, adding the hotspot interface to the bridge (and run the hotspot on the bridge), then in PPP profile, specify th...
by xxiii
Fri Sep 24, 2010 11:44 pm
Forum: General
Topic: access hotspot page in PPPoE
Replies: 16
Views: 3864

Re: access hotspot page in PPPoE

We have a couple places where we run PPPoE server and hotspot on the same interface at the same time, and it works. As far as the interface/hotspot are concerned, PPPoE server is a layer 2 thing, while hotspot operates at layer3 for the most part. Why would we want to do this? because in this situat...
by xxiii
Fri Sep 24, 2010 3:32 am
Forum: General
Topic: New wireless protocol: Nv2 in v5.0beta5
Replies: 217
Views: 77737

Re: New wireless protocol: Nv2 in v5.0beta5

We are have lockup up problems on RB532 and related boards We tried nv2 on an rb532 and didn't work very well. Wouldn't stay associated for more than a few seconds if I recall properly. I'm not sure if it was the 532 or the wireless card (probably an r52 or r2). Its since been replaced with an 433A...
by xxiii
Mon Sep 20, 2010 11:53 pm
Forum: RouterBOARD hardware
Topic: RB750G bad series?
Replies: 25
Views: 5427

Re: RB750G bad series?

We've had a number of 750 routers fail in various ways, (I think it was usually ethernet port problems), enough that we're avoiding them now, I don't have the details off hand, or whether they were all G models or not.
by xxiii
Mon Sep 20, 2010 11:44 pm
Forum: General
Topic: RouterOS 5.0beta6 License failed: Invalid request received!
Replies: 13
Views: 1867

Re: RouterOS 5.0beta6 License failed: Invalid request recei

I was going to suggest you downgrade it if you can't get the license updated in time, but from that screenshot it appears it has no license at all.
by xxiii
Mon Sep 20, 2010 9:35 pm
Forum: General
Topic: New wireless protocol: Nv2 in v5.0beta5
Replies: 217
Views: 77737

Re: New wireless protocol: Nv2 in v5.0beta5

WatchDog Timer will trigger if an IP address is specified, even though enabled is unchecked. There are actually two watchdogs, which isn't entirely clear from the winbox interface. One, controlled by the enabled checkbox, which monitors the router itself, and the ping watchdog, which monitors an IP...
by xxiii
Fri Sep 10, 2010 2:57 am
Forum: General
Topic: Roadmap for IPv6?
Replies: 98
Views: 22344

Re: Roadmap for IPv6?

In terms of specific requests, we need:

BGP recursive lookup to work correctly when link-local addresses are involved.

ipv6 pool functionality for pppoe. Specifically, I'd like the ability to say something like "here is a /56, hand out /64s from it".
by xxiii
Thu Sep 09, 2010 1:14 am
Forum: Forwarding Protocols
Topic: OSPFv3 Issues and Suggestions
Replies: 2
Views: 2745

Re: OSPFv3 Issues and Suggestions

I would suggest avoiding /128 (and the /126) and using /64 instead, even for loopbacks. ipv6 isn't really designed or meant for the lower /64 to be subnetted any further. Note however if you do use /64's cisco has an opposite problem (I presume because of backwards compatibility with their implement...
by xxiii
Wed Aug 04, 2010 11:39 pm
Forum: General
Topic: New wireless protocol: Nv2 in v5.0beta5
Replies: 217
Views: 77737

Re: New wireless protocol: Nv2 in v5.0beta5

Ok, been running it for a couple of weeks, and so far I love it, when it works. It has higher throughput with more stability, However, under heavy traffic the client radio seems to lock up. Wirelessly, everything appears to be fine, but my bgp peer dies, and no traffic seems to pass. I can see the A...
by xxiii
Thu Jul 29, 2010 7:34 pm
Forum: Forwarding Protocols
Topic: ROS > 4.5 bug? Cannot Access IP management
Replies: 8
Views: 2595

Re: ROS > 4.5 bug? Cannot Access IP management

Can you try assigning an administrative mac address to bridge1, and see what happens (particularly if DAC entry(s) appears for your vlans in /ip route)
by xxiii
Mon Jul 26, 2010 11:32 pm
Forum: Forwarding Protocols
Topic: BGP full table Large CPU usage on rb1000 3.22
Replies: 62
Views: 19965

Re: BGP full table Large CPU usage on rb1000 3.22

Last I heard, you also need to disable SNMP when doing large BGP (or possibly even small) tables.

We are finding this extremely inconvenient.
by xxiii
Mon Jul 26, 2010 11:28 pm
Forum: Forwarding Protocols
Topic: ROS > 4.5 bug? Cannot Access IP management
Replies: 8
Views: 2595

Re: ROS > 4.5 bug? Cannot Access IP management

What are the states of the vlan interfaces and the ip addresses when its not working? does anything show invalid (have an i in the leftmost column in winbox, or possibly be colored red)?

What about the bridge?

Can you ping the 10.10.10.29 address from the routerboard itself?
by xxiii
Mon Jul 26, 2010 10:21 pm
Forum: Forwarding Protocols
Topic: routing lockups 50b4/5
Replies: 0
Views: 644

routing lockups 50b4/5

We are seeing numerous routing lockups in 5.0b4 and b5, and I'm wondering if anyone else is? The routers in question are running BGP with ipv4/ipv6/l2vpn protocols distributed over an ipv6 peer link. The routers are also running OSPFv2 and OSPFv3. OSPF is handling loopbacks and links, BGP is handlin...
by xxiii
Mon Jul 26, 2010 9:46 pm
Forum: Forwarding Protocols
Topic: Memory Leak with BGP?
Replies: 31
Views: 9002

Re: Memory Leak with BGP?

We too are seeing a constant rise in memory consumption on an x86 dual-core router taking full ipv4 and ipv6 routes from one peer in another AS. It is also the sawtooth pattern with a general rising trend. It seems to be losing around 3 or megabytes per day. This router is running BGP with ipv4 in o...
by xxiii
Mon Jul 26, 2010 9:17 pm
Forum: General
Topic: New wireless protocol: Nv2 in v5.0beta5
Replies: 217
Views: 77737

Re: New wireless protocol: Nv2 in v5.0beta5

Most people so far seem to be looking at this from a throughput point of view; I'm more interested in the reliability point of view: Here is a too brief ping test I performed just now: NV2: Ping statistics for 10.23.22.1: Packets: Sent = 100, Received = 99, Lost = 1 (1% loss), Approximate round trip...
by xxiii
Fri May 07, 2010 10:36 pm
Forum: General
Topic: MikroTik RouterOS version 4.9 released!
Replies: 32
Views: 11245

Re: MikroTik RouterOS version 4.9 released!

Just tried a little experiment: Two 4.9 routers, each rb433AH: ping to self (loopback bridge): xx.xx.xx.68 64 byte ping: ttl=64 time=2 ms xx.xx.xx.68 64 byte ping: ttl=64 time=9 ms xx.xx.xx.68 64 byte ping: ttl=64 time=1 ms xx.xx.xx.68 64 byte ping: ttl=64 time=9 ms xx.xx.xx.68 64 byte ping: ttl=64 ...
by xxiii
Thu May 06, 2010 12:37 am
Forum: General
Topic: MikroTik RouterOS version 4.9 released!
Replies: 32
Views: 11245

Re: MikroTik RouterOS version 4.9 released!

I think your dreaming if you think any company can release fully bug free software every go? But a company can have a battery of tests that they run every new release against to ensure nothing broke. Every time an issue is reported you add it to the test battery. After a while you have a huge numbe...
by xxiii
Tue Mar 02, 2010 8:03 pm
Forum: Forwarding Protocols
Topic: BFD configuration
Replies: 21
Views: 13252

Re: BFD configuration

xxiii: this is because a small random jitter is subtracted from protocol timers, to avoid accidental unneeded synchronisation. For future reference, more info (anyone who sees this thread and is curious): http://tools.ietf.org/id/draft-ietf-bfd-base-11.txt sections 6.8.7 and 6.8.9 I'm cautiously re...
by xxiii
Wed Feb 24, 2010 12:31 am
Forum: Forwarding Protocols
Topic: BFD configuration
Replies: 21
Views: 13252

Re: BFD configuration

I added a tcp bandwidth test to my little test setup and left it running all night, which claims to have the CPU on both sides at 100%. On the receiving side we have: Flags: U - up 0 U state=up address=192.168.101.51 interface=ether1 protocols=bgp multihop=no state-changes=1 uptime=4d3h26m50s desire...
by xxiii
Tue Feb 23, 2010 1:58 am
Forum: Forwarding Protocols
Topic: BFD configuration
Replies: 21
Views: 13252

Re: BFD configuration

I've had a 450g and a 433ah on my desk running a bgp, and a bfd all weekend, and they've been fine: 0 U state=up address=192.168.101.50 interface=ether1 protocols=bgp multihop=no state-changes=2 uptime=3d5h16m58s desired-tx-interval=0.2sec actual-tx-interval=0.2sec required-min-rx=0.2sec remote-min-...
by xxiii
Tue Feb 23, 2010 1:46 am
Forum: General
Topic: ROS v.4 routing problem
Replies: 10
Views: 1150

Re: ROS v.4 routing problem

You could try adding a logging category of route,debug and see if anything shows up in the log.
by xxiii
Mon Feb 22, 2010 10:13 pm
Forum: General
Topic: ROS v.4 routing problem
Replies: 10
Views: 1150

Re: ROS v.4 routing problem

So router2 was pingable from router1, but router1 said that router2 was unreachable in the routing table entries (until you rebooted router1?)

Was the check gateway thing set to arp, ping, or not enabled?
by xxiii
Thu Feb 18, 2010 8:07 am
Forum: Forwarding Protocols
Topic: BFD configuration
Replies: 21
Views: 13252

Re: BFD configuration

We experimented with this between x86 based routers and had OSPF and/or BGP sessions bouncing up and down constantly. turn off BFD, and everything stabalizes. This was over short fast ethernet links with 0 packet loss. So, we've concluded its just not ready yet. Alternatlivey, perhaps 0.2 seconds is...
by xxiii
Tue Jan 19, 2010 9:32 pm
Forum: General
Topic: ROS v.4 routing problem
Replies: 10
Views: 1150

Re: ROS v.4 routing problem

Are you using OSPF, RIP, static routes, or what?
by xxiii
Thu Apr 16, 2009 3:57 am
Forum: The Dude
Topic: Fonts missing after upgrade from 3.0rc3 to 3.1
Replies: 10
Views: 6055

Re: Fonts missing and invalid OID

I also had to do a similar procedure to fix the missing/invalid oids, using the Mib Nodes entry on the left, and the files tab of the resulting dialog, and all the contents of: "c:\Program Files\dude\data\files\mibs" (In particular, you want mikrotik.txt if you're using The Dude with RouterOS nodes).
by xxiii
Thu Apr 16, 2009 3:31 am
Forum: The Dude
Topic: Fonts missing after upgrade from 3.0rc3 to 3.1
Replies: 10
Views: 6055

Re: Fonts missing after upgrade from 3.0rc3 to 3.1

Here is what worked for me to restore the fonts: Open Dude client. In the tree on the left side, find files, menu-click on it (typically the right mouse button), and select "Open Separately". In the new dialog that appears, click on + sign. In the file requester, navigate to dude font location, on m...
by xxiii
Fri Sep 19, 2008 9:36 pm
Forum: General
Topic: OSPF in V3
Replies: 10
Views: 1627

Re: OSPF in V3

I'll second that. At least on my x86 based test machine, enabling routing-test results in the failure of ospf-v2, and lots of "action timed out" messages in the terminal when trying to look at anything related to ospf-v2, or when doing an /ip route print. This is the case in 3.13, and 3.14rc1.
by xxiii
Mon Nov 26, 2007 10:23 pm
Forum: General
Topic: Load Balancing, Any problems?
Replies: 9
Views: 2654

Re: Load Balancing, Any problems?

Ok, I'm confused, as you said: i used 3 routers, 2 as my pppoe clients, and one router that does load balancing. The Mikrotik PPPoE client can also generate broken rules, and SSL and anything trying to use full sized packets (P2P) are where you would be likely to see the problem. 2 questions: If you...
by xxiii
Wed Nov 21, 2007 9:19 pm
Forum: General
Topic: load balance ignored with equal cost route in rc10
Replies: 1
Views: 1150

load balance ignored with equal cost route in rc10

Have a router with the following route table entry: 3 ADo dst-address=0.0.0.0/0 pref-src=xx.yy.zz.50 gateway=xx.yy.zz.65,xx.yy.zz.93 interface=1-dsl,2-dsl gateway-state=reachable,reachable distance=110 scope=255 target-scope=10 route-tag=0 However, the router is sending ALL traffic out only the 1-ds...
by xxiii
Wed Nov 21, 2007 8:43 pm
Forum: General
Topic: Load Balancing, Any problems?
Replies: 9
Views: 2654

Re: Load Balancing, Any problems?

I see you are using PPPoE. This is possibly the actual culprit. See "PPPoE dynamic mangle rules are broken" http://forum.mikrotik.com/viewtopic.php?f=2&t=17362&start=0&st=0&sk=t&sd=a for a discussion of the issue and a workaround/fix. SSL connections in particular are very susceptible to the issue.
by xxiii
Wed Nov 07, 2007 12:08 am
Forum: General
Topic: SNMP ignores routing table?
Replies: 2
Views: 837

SNMP replies dropped somewhere on the way out

Just wondering if any progress on this? The situation is the following: A router receives an snmp request on ether1, and should send the response out ether2. According to the packet sniffer on said router, it receives the request and generates a response. According to a log rule in the firewall outp...
by xxiii
Fri Sep 14, 2007 2:58 am
Forum: General
Topic: SysLog not working?!
Replies: 16
Views: 2873

Re: SysLog not working?!

Use torch or packet sniffer (in torch you may want to increase the time), and see if its actually sending syslog packets out. remote logging works for us, but instead of using the remote action, we make a new action and use that. It shouldn't make any difference that I can think of, but you could gi...
by xxiii
Fri Sep 14, 2007 2:50 am
Forum: General
Topic: "Splitting" a RB532 to act like two independent routers.
Replies: 3
Views: 739

Re: "Splitting" a RB532 to act like two independent routers.

[Asterisk box is "untouchable", because it isn't strictly in my network; it's owned and administrated by a partner that let me use it. So this option, as it sounds pretty nice, cannot be tried In that case, you could use NAT rules to work around that (you would then have to NAT it back after the ac...
by xxiii
Thu Sep 13, 2007 10:20 pm
Forum: General
Topic: "Splitting" a RB532 to act like two independent routers.
Replies: 3
Views: 739

Re: "Splitting" a RB532 to act like two independent routers.

you can possibly do something in firewall mangle. You can try adding a routing mark as the action to packets aimed at asterisk network, from the public network or interface, and then insert a route that sends the marked packets to your access control device. This may not work since the asterisk devi...
by xxiii
Thu Sep 13, 2007 9:46 pm
Forum: Wireless Networking
Topic: PPPoE But no Data
Replies: 3
Views: 591

Re: PPPoE But no Data

Verify that a route exists from your edge or core router to the address(s) being handed out by the PPPoE server router at the time that they are not working. Do the clients that work then die, die when visiting a particular web site or sites? Can you ping the clients after they stop working (I assum...
by xxiii
Thu Sep 13, 2007 9:40 pm
Forum: General
Topic: PPPoE dynamic mangle rules are broken
Replies: 10
Views: 7635

Re: PPPoE dynamic mangle rules are broken

To add to the above, here is: An RFC: http://www.ietf.org/rfc/rfc879.txt And a (fairly lengthly) white paper on the topic: http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml In particular, note the phrase (emphasis mine): The sending host is required to limit ...
by xxiii
Thu Sep 13, 2007 9:10 pm
Forum: General
Topic: Winbox robustness
Replies: 8
Views: 2404

Re: Winbox robustness

It appears winbox will also drop if it ever gets an out-of-order packet, which can happen in some load balancing situations, or if a route somewhere in the network changes at just the right (er, wrong) time. Turning off secure mode helped, but we are still getting occasional disconnects, and it appe...
by xxiii
Thu Sep 13, 2007 8:56 pm
Forum: General
Topic: ospf link state change and general ospf network questions
Replies: 4
Views: 1728

Re: ospf link state change and general ospf network questions

cktbruce said: I also had all of the local networks on each router setup in the ospf network section. I think they thought this was the routes to be advertised etc. instead of just defining the ospf network I think this is a fairly common misunderstanding. Aspects of OSPF are counter-intuitive and c...
by xxiii
Thu Sep 13, 2007 5:22 am
Forum: General
Topic: ospf link state change and general ospf network questions
Replies: 4
Views: 1728

Re: ospf link state change and general ospf network questions

Is there any way to change the link state (without rebooting the routers) You can remove and then re-add all "Interfaces" in /routing ospf interface, which apparently kicks OSPF (or possibly kills it outright) enough to get it to reset the interfaces, but this is a bit of a pain. Otherwise you can ...
by xxiii
Mon Aug 13, 2007 11:25 pm
Forum: The Dude
Topic: font color
Replies: 0
Views: 965

font color

Is there any way to configure the color of fonts used? We want to do some white on black maps (as opposed to black on white), but there appears to be no way to change the color of the fonts used.
by xxiii
Mon Aug 13, 2007 9:54 pm
Forum: The Dude
Topic: The Dude and RouterOS SNMP
Replies: 2
Views: 1048

Re: The Dude and RouterOS SNMP

Question for you: For the nodes which are NOT responding to snmp, would they send the response out a different port than the request would arrive on?

(i.e. receive request on ether1, but response would be sent on ether2?)
by xxiii
Thu Jul 26, 2007 7:08 pm
Forum: General
Topic: PPPoE dynamic mangle rules are broken
Replies: 10
Views: 7635

Re: PPPoE dynamic mangle rules are broken

An update: clamp to pmtu can't be used reliably. It may not have enough information at the time this rule is applied to set the value correctly. Therefore use the tcp-mss match option. Dynamic rule as currently generated by RouterOS when MTU is 1492: chain=forward action=change-mss new-mss=1452 tcp-...
by xxiii
Wed Jul 25, 2007 10:13 pm
Forum: General
Topic: PPPoE dynamic mangle rules are broken
Replies: 10
Views: 7635

PPPoE dynamic mangle rules are broken

This is discussed somewhat in the thread "MTU problems". To summarize: If in a PPPoE Profile, one has Change TCP MSS set, then two dynamic mangle rules are created: One, which changes all outgoing syn packets from the PPPoE interface explicitly to the PPPoE max permissible value. And one, which chan...
by xxiii
Sat May 26, 2007 12:17 am
Forum: General
Topic: SNMP ignores routing table?
Replies: 2
Views: 837

SNMP ignores routing table?

I've got a routerboard which has mysteriously been not responding to SNMP Requests. In this case, the router receives input on a different interface than it sends output. Doing a packet sniff shows that in the case of SNMP requests, it sends the replies back on the same interface that the request ar...
by xxiii
Fri May 25, 2007 6:58 pm
Forum: General
Topic: OSPF summarization problem (.0/32 not included in .0/26)
Replies: 3
Views: 1980

Re: OSPF summarization problem (.0/32 not included in .0/26)

Yes, route summarization works as long as you avoid the conditions I described above. Also, the problem I describe above doesn't necessarily appear immediately. It may take one of the /32 routes inside the block disappearing/reappearing to trigger it. And, you have to be using the network address of...
by xxiii
Sat May 12, 2007 2:53 am
Forum: General
Topic: OSPF summarization problem (.0/32 not included in .0/26)
Replies: 3
Views: 1980

I believe this is documented elsewhere already, but in implementing a workaround for the above problem, I also ran into the issue when you have an address like: address=a.b.c.d/32 network=w.x.y.z/32 bcast=0.0.0.0 int=<pppoe-xxx> apparently only the value in address will end up in the OSPF tables, an...
by xxiii
Fri May 11, 2007 8:53 pm
Forum: General
Topic: OSPF summarization problem (.0/32 not included in .0/26)
Replies: 3
Views: 1980

OSPF summarization problem (.0/32 not included in .0/26)

2.9.42 with routing-test (I presume routing-test qualifies as beta) We have noticed a problem where OSPF fails to realize a /32 is part of a /26 its supposed to be summarizing and advertises the /32 anyway. The details are: 192.168.0.1-63 set up as a pool for PPPoE 192.168.0.0 used as the local addr...
by xxiii
Thu May 03, 2007 10:32 pm
Forum: General
Topic: Preferred source ignored?
Replies: 10
Views: 4368

Just a note that this still seems to be a problem in 3.0b7
by xxiii
Thu Apr 26, 2007 10:33 pm
Forum: General
Topic: mysterious packet dropping when iface removed from bridge
Replies: 5
Views: 1268

mysterious packet dropping when iface removed from bridge

Not sure how to reproduce this one, or if the bridge really had anything to do with it. i'll just describe the symptoms. 2.9.42 routing-test on pc. While trying to get OSPF working to another router, it was noticed that the remote side was stuck in init, and the local router didn't show anything for...
by xxiii
Thu Apr 26, 2007 12:15 am
Forum: General
Topic: OSPF doesn't notice some Address changes
Replies: 2
Views: 818

I have discovered that this only happens in routing-test and not routing (in 2.9.42). On a router using routing package, disabling the address that OSPF is using for itself immediately causes OSPF to pick a new one; in routing-test it continues to use the disabled one. I haven't the resources to tes...
by xxiii
Thu Apr 19, 2007 7:44 pm
Forum: General
Topic: OSPF doesn't notice some Address changes
Replies: 2
Views: 818

OSPF doesn't notice some Address changes

2.9.42 routing-test. I haven't confirmed if this is still a problem in 3.0 beta yet, but we have noticed that when OSPF starts it sets up a neighbor relationship with itself and picks one if its own interface addresses as the designated router for this relationship. If the address it picked is subse...
by xxiii
Fri Apr 06, 2007 10:34 pm
Forum: General
Topic: Preferred source ignored?
Replies: 10
Views: 4368

Using chain srcnat with an action of masquerade.
by xxiii
Wed Apr 04, 2007 7:44 pm
Forum: General
Topic: Preferred source ignored?
Replies: 10
Views: 4368

Basically we have two routers the same, except one is 2.9.38 or thereabouts, and the other is 3.0b6. They both have two public interfaces, and a loopback, and a private side. for example (not the real addresses obviously): ether1 1.1.1.2 ether2 2.2.2.2 loopback 3.3.3.2 ether3: 192.168.1.1 there are ...
by xxiii
Wed Apr 04, 2007 3:55 am
Forum: General
Topic: Preferred source ignored?
Replies: 10
Views: 4368

Preferred source ignored?

I just noticed on our 3.0b6 unit that it appears to be ignoring the preferred source option on static routes, and is just using the ip of whatever interface it goes out of.
by xxiii
Wed Apr 04, 2007 3:49 am
Forum: General
Topic: Winbox robustness
Replies: 8
Views: 2404

Turning off the secure connection option does seem to help.
by xxiii
Tue Apr 03, 2007 10:20 pm
Forum: General
Topic: 100% CPU Usage on RB 111/112
Replies: 22
Views: 6982

Here is a resource pr from ours with this problem, I am attempting to generate a supout; it took several minutes to get the resource pr out of it. Its been 3 or so minutes since I typed sup-output, and so far its only echoed back the s. (I'm ssh'ed in, winbox isn't working at all with it at this poi...
by xxiii
Tue Apr 03, 2007 3:15 am
Forum: General
Topic: Winbox robustness
Replies: 8
Views: 2404

Winbox robustness

We have some routerboards that are located on the far end of some less than 100% reliable links. It seems that if only a few (or possibly only one) packet is lost, winbox will disconnect. Would it be possible to make winbox/RouterOS connectivity a bit more robust in the face of moderate packet loss?...
by xxiii
Tue Apr 03, 2007 3:03 am
Forum: General
Topic: beta6 OSPF area-id backwards
Replies: 4
Views: 1633

beta6 OSPF area-id backwards

We just upgraded one of our routerboards to beta6, and it no longer inter-operates with OSPF with our other routers. Doing a packet capture reveals that it has the area ID backwards; in the router board the area ID is specified as 192.168.100.0, but in the packet capture, the OSPF dissector shows th...
by xxiii
Fri Feb 02, 2007 6:15 am
Forum: General
Topic: OSPF MD5
Replies: 1
Views: 1325

OSPF MD5

md5 authentication appears to be broken in 3.0.0b5 (or in 2.9.38, although we have adjacencies with cisco routers just fine in 2.9.38 ) We upgraded one of our routerboards to 3.0.0b5, and ospf will rarely come up now. This is connected via an IPIP tunnel to another routerboard with 2.9.38. When both...
by xxiii
Wed Dec 27, 2006 10:18 pm
Forum: General
Topic: SNMP failing to respond
Replies: 4
Views: 1101

Is there any news on this? As mentioned previously, it won't generate a supout once this problem starts happening, so I'm unable to send one.
by xxiii
Mon Dec 11, 2006 8:25 pm
Forum: General
Topic: SNMP failing to respond
Replies: 4
Views: 1101

The router in question is running 2.9.38. This morning on reading this note, it had approx 37 MiB available, but on telling it to make the supout.rif, it crashed. After it came up, it had a 0 length supout.rif, but now snmp is working again. Right now it has 41.2 MiB free, with around 30 to 40% cpu....
by xxiii
Sat Dec 09, 2006 12:53 am
Forum: General
Topic: SNMP failing to respond
Replies: 4
Views: 1101

SNMP failing to respond

I've got a routerboard in the field, and it is refusing to respond to snmp requests. I have tried disabling/re-enabling SNMP, and re-entering the community. I've verified the firewall (and routers in between) is not dropping/mangling the packets (at least as far as I can tell). Using packet sniffer ...
by xxiii
Fri Nov 10, 2006 1:36 am
Forum: The Dude
Topic: question - how to monitoring
Replies: 3
Views: 3022

I'm having a similar problem. I can't model parts of my network because it says dependency loops not allowed, even though such loops actually exist in the real world. For instance, I have this situation: node 1 is a parent of node 2 node 2 is a parent of node 3 and of node 4. node 3 is a parent of n...
by xxiii
Wed May 31, 2006 1:37 am
Forum: General
Topic: considering purchasing a level 4 license .. quick question
Replies: 9
Views: 2250

What occurs to me is that hardware from time to time can and does break, and that could a reason for a reinstall (and also a reason the softid might change).
by xxiii
Wed May 31, 2006 1:06 am
Forum: General
Topic: SNMP
Replies: 54
Views: 26821

SNMP Community in multiple subnets

We need to be able to use the same community string in different/multiple subnets.