MikroTik

awsmith

It sounds like you've already addressed your issue, but another option would have been to use multi-hop eBGP, and use static routes for the customer to reach your 10.1.1.1 router, and OSPF or static routes for your 10.1.1.1 router to reach your downstream customer's interface address and peer betwee...

awsmith

My understanding is that you can only filter redistribution into and out-from OSPF, not OSPF routes themselves, as OSPF depends on routers having the same information within an area.

awsmith

In reality the network (the relevant part) looks like this: ospf2.jpg The orange lines are wireless links that are inside a bridge interface to prevent OSPF state changes from short disconnects as the recalculation would usually take longer than the disconnect. Those links are the problem. If wirel...

awsmith

We had the exact same problem on ether9 and 10 on a RB1200. Support said that it appears to be a side-effect of the fix to avoid board-locking due to traffic on those two ports. Is your latency limited to specific ports? edit: nevermind, you specified that in your note. Do you have free ports on eth...

awsmith

has anyone from the developer team read this? i believe this is a very useful feature, because multicast pakets on wireless suck and loosing ospf pakets because there sent via multicast sucks even more.. especially since if a single paket is lost, the md5 authentication won't work until the neighbo...

awsmith

I enabled logging for ospf in the mikrotik. How do I see if its unicast or multicast. I am using Point to Point. I just want to learn how. Thanks.

If the SEND packet is -> 224.0.0.X, it is multicast. With a point-to-point network type, all your OSPF traffic will be multicast.

awsmith

With nbma, you must specify the adjacent IP address of each neighbor on that subnet. With ptmp, it can still discover its neighbors. That error sounds like you haven't configured any NMBA neighbors.

awsmith

You can also get more OSPF info by enabling logging of "events".

awsmith

The problem I have now is that all area routes have the same distance i.e. at R1 both area4 and area3 are at 110. As I understand it with this setup two routes to area4 * R1->R2->R3->R4->R5->area4 * R1->R2->Rx->area4 both would be treated equally attractive? No, the "distance", or "a...

awsmith

It looks to me like you do have equal cost multipath routing already working, however, by default, a MikroTik will do a per-connection load-balance. If your tests with the PC are just with one TCP connection/UDP stream, the traffic will only use one path. I believe the way to disable this behavior i...

awsmith

I'd say that you want a distance-vector (it's over that way) protocol with filtering. Try RIPv2, and at the edges, only allow the announcements you want through. It isn't nearly as capable nor as efficient as OSPF, but if your network is simple and you aren't worried about failing over to redundant ...

awsmith

Eising is exactly right. Are you just curious as to why your routers are showing up as ASBRs, or do you have a specific reason for not wanting them to be ASBRs? If you have some need for them not to be ASBRs, and if you assign netblocks for pools for PPPoE customers per router, you could put a "...

awsmith

Do you perhaps have redistribute connected or static enabled? Any kind of redistribution into OSPF (perhaps even if it is just enabled but not actively redistributing any) will cause a router to be an ASBR.

awsmith

If that is what you want, you don't actually want OSPF end-to-end on this network. OSPF uses the database to build a topology of the network, which includes the sort of details you are wanting hidden. You can't expect it to just say that a certain prefix is "over in that direction" because...

awsmith

Quick overview - wheel and spoke network with IPSec over IPIP tunnel and OSPF running on the IPIP interfaces (based on this article http://wiki.mikrotik.com/wiki/IPSec_VPN_with_Dynamic_Routing_/_Mikrotik_and_Cisco but using OSPF instead of RIP and both routers are Mikrotiks). I am only getting thes...

awsmith

I believe the reason that you cannot get the /30s to go away is (I think) that the OSPF filters are just for redistribution. As you are running OSPF on the ethers with the 10.x.x.x/30s, those aren't redistributed routes, they are native OSPF routes. I don't think it is possible, nor desirable to act...

awsmith

Perhaps a good compromise would be to have an "up-but-acked" state. This would be easily sorted in the device list and visible (maybe with a nice aqua ) in the dude view so that if the issue is resolved, you can still easily tell that there is a persistent ack applied to it after the servi...

awsmith

Try putting the main IP that you want OSPF to speak on, into routing->ospf->networks as a /32 and see if that makes a difference.

awsmith

You might want to check out http://forum.mikrotik.com/viewtopic.php?f=3&t=29640 to see if you have experiencing an issue that others of us are.

awsmith

We have seen problems on our 493AHs where ether1 works just fine, but ether2-9 will degrade significantly in performance, and then altogether stop working (RX-wise at least). We just had an issue about an hour ago where we plugged in a new device into ether9 while ether5, 6, and 8 were in use, a com...

awsmith

I would like to request support for the non-standard Cisco proprietary "totally-stubby" area flag. This flag can be applied to stub areas and NSSAs to prevent them from accepting any routes from the upstream area except for the default route. We currently have to run multiple OSPF instance...

awsmith

I did some more testing today and find some troubles. I'm using stub area at end of network. and this is probaly why connected routes does'nt import into ospf. I did some more digging on internet and it looks like ospf don't support external routes in stub area. Is there some way around this proble...

awsmith

Hi I used your configuration but still I can't make ping to R0 ether1 the command : /routing ospf instance set 0 redistribute-connected=as-type-1 does not exist, the most similar is /routing ospf set redistribute-connected=as-type-1 I make ping (from B0) to R0 ether2 and ether3, but not ether1. Any...

awsmith

What are the bandwidth test settings? Are you doing a TCP+Both directions test? To test the true wireless bandwidth, test UDP+send or UDP+receive only. Wireless is half duplex, therefore by doing a TCP test you are halving the bandwidth shown, since TCP ACKs are not counted. Assuming a unidirection...

awsmith

Surfing in the Wiki i always find interesting infos.. The cost of an interface on Cisco routers is inversely proportional to the bandwidth of that interface. Higher bandwidth indicates lower cost. If similar costs are necessary on RouterOS, then use following formula: Cost = 100000000/bw in bps. Th...

awsmith

hm... ip firewall filter add chain=input dst-address=3.254 action=reject reject-with=icmp-network-unreachable ? yes, I've setup this currently. But this leads to 192.168.105.34 reports: destination host unreachable ... but this is not what i need. I need that this 3.x network should not be announce...

awsmith

I have just started working with OSPF and am having problems with some of the automatic route selection. The setup: We use both public and private IP addresses on the same segments for customer traffic (public IPs) and private IPs for device management. The problem is that when two routers have bot...

awsmith

Try placing an IP on a loopback (bridge with no ports attached) interface and query that IP?

I have seen problems querying a MT and it sending the response out the port with the IP queried, even if the proper path was out a different port.

awsmith

This seems to be pretty complex, but I would like to know how feasible it is: Somehow make it possible to have queues be aware of the bandwidth capabilities of a link (wifi association) and let them be expressed as percentages of the capacity of a link rather than raw throughput values ... ie ... if...

awsmith

I think the 532 is going the route of the old cisco 2500s. A fantastic workhorse platform that is getting replaced by new rookies that many of us view as untested. :) Seriously, great work during the lifecycle of the 532. It has had the type of reliable history that you guys should shoot for for all...

awsmith

Ok, from what I can tell it favors smller prefixes, even if the distance is longer. Does anyone know how I can fix this? Thanks There's nothing to fix. That is how IP routing works. The router finds the most specific match for the address it's routing to. That's how a default route works ... it is ...

awsmith

Ethernet errors can be unidirectional (as in, device A sees no problem, but device B does). Check to see if the MT and the switch are actually negotiating and operating in full-duplex mode. A duplex mismatch could cause one-way errors (late collisions, etc). Even if this is not the problem, the erro...

awsmith

x.x.x.x = IP address of your webserver that will give the "please pay us" page. y.y.y.y = the IP address of a customer who has been suspended for nonpayment / ip firewall nat add chain=dstnat action=dst-nat to-addresses=x.x.x.x to-ports=80 \ dst-port=80 protocol=tcp src-address-list=suspe...

awsmith

I have a lot of 3.3/3.4 MTs talking OSPF with 2.9.X MTs, cisco routers, and even some quagga boxes.

Can you post your ospf configs and a full hello to failure debug log? (system->logging +ospf).

awsmith

Pick up 'Internet Routing Architectures' by Bassam Halabi. I apologize if English is not your first language, and the wording you use is because of that, rather than not understanding BGP itself, but the phrasing you use in both of your questions indicates a lack of understanding about what BGP is, ...

awsmith

I voted for "more variables/functions to work with", however, the examples given seemed to be for builtin logical operators. What I specifically want is the ability to create tools applied to devices that can use variables such as dude username and (maybe) dude password and supply them as ...

awsmith

You may want to consider using a different method for controlling access, for example, a mac filter. If the legitimate customer is not online, and traffic comes in for that IP address, it will end up being flooded to all your bridged ports within your network as the router will not drop the traffic ...

awsmith

To prevent the connected prefix of 10.70.1.0/24 from being redistributed into OSPF and announced, use the following:

/routing filter add action=discard chain=ospf-out prefix=10.70.1.0/24

awsmith

http://www.amazon.com/Internet-Routing- ... 57870233X/

awsmith

Change your NAT rule on MT2 to something like the following: add chain=srcnat src-address=192.168.1.0/24 dst-address=!192.168.10.0/24 \ action=masquerade comment="" disabled=no Then, in the filter section, deny all communication between 192.168.1.0/24 and 192.168.10.0/24 other than what yo...

awsmith

If I am understanding your question correctly, you want to know why making changes to the OSPF default cost on area local-12 does not have an affect on your routing. Without looking at the actual routing tables, my guess is that your problem is that none of your OSPF routes are active as you are doi...

awsmith

I have the same problem. Lines 24 and 25 clearly show an ICMP response to xx.xx.222.24 going out eth1, but all snmp responses go out eth2. Edit - The router this packet sniff was done on is yy.yy.201.30 on it's eth2 interface. # TIME INTERFACE SRC-ADDRESS DST-ADDRESS IP-.. SIZE 0 0.29 eth2-p... xx.x...

awsmith

arp ... reply-only router will server only client that got IP Address from DHCP. If you put IP Address staticly on the client, the router won't answer. (edit: my bad. I misread this post thinking that it was advocating static arp) Static arp entries are a dangerous thing. Proper switching behavior ...

awsmith

I've seen this with Canopy radios that "repackage" multicast traffic as broadcast. One customer was sending IGMP packets to a multicast address, the Canopy radios resent them to the broadcast address, and instead of the interface drivers on all of our customers devices silently ignoring th...

awsmith

Are you using static WDS or dynamic? Make sure that you are using static as I believe that will make the IfIndex ID consistant.

Search found 45 matches