Community discussions

Search found 298 matches

by patrick7
Thu Mar 28, 2019 9:16 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

never ever solved...
Don't worry. I'm sure it will be fixed with RouterOS v7
by patrick7
Fri Mar 08, 2019 8:40 pm
Forum: RouterBOARD hardware
Topic: MUM Europe 2019: new hardware
Replies: 61
Views: 11979

Re: MUM Europe 2019: new hardware

Great hardware.
If the software would be on the same niveau as the hardware is, I'd start buying mikrotik again.
by patrick7
Mon Mar 04, 2019 9:20 pm
Forum: Forwarding Protocols
Topic: Using OSPFv3 as transport for IBGP with V6 traffic
Replies: 2
Views: 365

Re: Using OSPFv3 as transport for IBGP with V6 traffic

Recursive Gateway Lookup for IPv6 is not working on RouterOS v6. It's broken for many years (I think 2013) and MikroTik makes zero effort to solve the problem (It will be fixed in RouterOS v7 tm)
by patrick7
Thu Feb 28, 2019 8:19 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Also things like delete-bgp-communities, which is probably a 3 liner of code.
But due to some strange reasons MikroTik refuses to touch any routing daemon (exceptions are made for serious bugs).
by patrick7
Wed Feb 27, 2019 9:16 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

When is the new Tesla Y model coming out? What features will it have?
At least you can repair a broken tesla. But we can't repair RouterOS. BGP has been broken for 5+ years now and nobody knows when it will be fixed.
Oh, sorry, we do! It will be fixed with RouterOS v7 (tm)
by patrick7
Fri Jan 18, 2019 4:52 pm
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 84074

Re: v6.44beta [testing] is released!

security by obscurity
by patrick7
Wed Dec 19, 2018 2:03 pm
Forum: Announcements
Topic: MikroTik News December 2018 (Issue #86)
Replies: 25
Views: 8845

Re: MikroTik News December 2018 (Issue #86)

Cool, RouterOS v7!
Is there a changelog?
by patrick7
Mon Dec 17, 2018 9:42 am
Forum: General
Topic: v6 RC and v7 BETA
Replies: 126
Views: 24488

Re: v6 RC and v7 BETA

Wish you something, but not ROSv7.
by patrick7
Wed Dec 05, 2018 5:10 pm
Forum: General
Topic: Crowd Funding of v7
Replies: 32
Views: 5382

Re: Crowd Funding of v7

We don't need exciting stuff, we need bugs fixed.
Like IPv6 recursive routing, usable BGP.
by patrick7
Fri Nov 23, 2018 9:34 pm
Forum: General
Topic: Crowd Funding of v7
Replies: 32
Views: 5382

Re: Crowd Funding of v7

I think most uf users here are not missing features, but bugfixes. Like IPv6 VRF (yes, that's a bug - a huge one), IPv6 recursive gateway lookup (I still don't understand why that should be kernel related - thats the job of a routing daemon, not of a kernel), faster BGP, ... MikroTik still requires ...
by patrick7
Sun Nov 18, 2018 3:57 pm
Forum: General
Topic: Unstable 10Gbit connection of Mikrotik CSS326-24G-2S+RM with Mikrotik S+RJ10 SFP [SOLVED]
Replies: 12
Views: 1168

Re: Unstable 10Gbit connection of Mikrotik CSS326-24G-2S+RM with Mikrotik S+RJ10 SFP [SOLVED]

Why is your IP on ether2? It should be on the bridge. And /8 mask is... a bad idea.
by patrick7
Sat Oct 27, 2018 11:38 pm
Forum: General
Topic: v6 RC and v7 BETA
Replies: 126
Views: 24488

Re: v6 RC and v7 BETA

Maybe the devs are on holiday.
by patrick7
Mon Oct 22, 2018 10:18 pm
Forum: Forwarding Protocols
Topic: MIkrotik BGP Monitoring
Replies: 55
Views: 18921

Re: MIkrotik BGP Monitoring

Yea, the job offer is in Latvian, no word of english. They also require applicants to speak Latvian.
They probably think all good programmers are fluent in Latvian...
by patrick7
Mon Oct 22, 2018 4:32 pm
Forum: Forwarding Protocols
Topic: MIkrotik BGP Monitoring
Replies: 55
Views: 18921

Re: MIkrotik BGP Monitoring

They are aware but they don't care :lol:
by patrick7
Fri Oct 19, 2018 10:38 pm
Forum: General
Topic: RPKI
Replies: 30
Views: 5719

Re: RPKI

dream on :lol:
by patrick7
Wed Aug 29, 2018 6:55 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 23711

Re: IPv6 recursive nexthops via iBGP

@IPANetEngineer If it would be important for them, they would have fixed this issue years ago.
Just proceed with FRRouting :-) It's better anyways.
by patrick7
Wed Jun 20, 2018 5:41 pm
Forum: General
Topic: ROS 7 Beta
Replies: 42
Views: 12938

Re: ROS 7 Beta

That will never happen. Save your time and switch to another vendor.
As good as the MikroTik hardware is - as bad is the software.
by patrick7
Fri Jun 08, 2018 5:38 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

2 years ago I had CCRs running in 3 locations. Now all CCRs have been replaced with debian+FRR boxes. Are much better (features, open source), and the price is +- the same.
The only mikrotik device I'm still using is a small CRS at home.
by patrick7
Fri May 18, 2018 3:13 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

While I understand it needs some time to make good software, it's getting embarrassing with v7 (or its promised bugfixes). Since 2013 MikroTik promises to fix bugs with v7 (recursive ipv6 nexthops etc), and absolutely NOTHING happens. I'm sorry, but such a product is absolutely unsuitable for profes...
by patrick7
Fri May 18, 2018 3:07 pm
Forum: General
Topic: IPv6 BGP unreachable nexthop through loopback
Replies: 7
Views: 1046

Re: IPv6 BGP unreachable nexthop through loopback

The solution offered by MikroTik: If you are lucky, it will be solved with RouterOS v7!
viewtopic.php?f=14&t=42268#p425845
by patrick7
Fri Mar 02, 2018 10:46 pm
Forum: General
Topic: New router OS
Replies: 46
Views: 12278

Re: New router OS

Is it Wireless/WISP?
Is it Datacenter/Enterprise?
Is it SOHO/SMB?
It's a bit of everything, but nothing right.
by patrick7
Fri Mar 02, 2018 1:13 pm
Forum: General
Topic: New router OS
Replies: 46
Views: 12278

Re: New router OS

Normis is right. A huge number of the "v7" features have been added to RouterOS v6. Mikrotik have done an outstanding job of backporting features. The missing features and unresolved bugs are mostly related to the "new routing" engine that has been long promised, or rely on a newer Linux Kernel. +1...
by patrick7
Wed Feb 28, 2018 3:08 pm
Forum: General
Topic: New router OS
Replies: 46
Views: 12278

Re: New router OS

I think the routing engine will never be implemented.
They have presented some news YEARS ago (I think it was 2013), and nothing happened since then (but the DFZ has growed a lot).
by patrick7
Wed Feb 28, 2018 2:12 pm
Forum: General
Topic: New router OS
Replies: 46
Views: 12278

Re: New router OS

@normis so the way mikrotik goes is to not release v7 but backport all changes to v6?

As an example, we need recursive gateway lookup for BGP/OSPF.
Or delete communities, Multicore,...
by patrick7
Mon Feb 19, 2018 5:48 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

We too. Using SuperMicro Xeon-D appliances with debian and FRR. Works like a charm, BGP with X fulltables, VRF (v4/v6), Route Leaking, ...
by patrick7
Sun Feb 18, 2018 4:35 pm
Forum: Forwarding Protocols
Topic: vrf connected route leaking
Replies: 20
Views: 5660

Re: vrf connected route leaking

We are, but MikroTik is not.
by patrick7
Sat Feb 10, 2018 9:05 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Release of v8 will be in ~ 40 years if they proceed with the same speed.
by patrick7
Sat Feb 10, 2018 12:34 am
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

After waiting 5 years, I think it won't ever be released.
by patrick7
Wed Jan 31, 2018 10:11 am
Forum: Announcements
Topic: MikroTik News February 2018 (Issue #80)
Replies: 65
Views: 17085

Re: MikroTik News February 2018 (Issue #80)

RouterOS v7, how cool is that!
by patrick7
Fri Jan 12, 2018 1:57 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Don't expect anything kernel related to be fixed in v6.
by patrick7
Mon Jan 08, 2018 7:54 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Maybe we should collaborate and make a list of alternative devices / software solutions? As a start: CloudCoreRouter SuperMicro 5018D-FN8T - 6x Gigabit Ethernet (RJ45) - 2x 10 Gigabit Ethernet (SFP+) - 16GB RAM - Xeon-D 1518 Quad Core RB75X PCEngines APU2 - 3x Gigabit Ethernet - 4GB RAM - 1 GHz Quad...
by patrick7
Wed Dec 20, 2017 8:45 pm
Forum: Announcements
Topic: Newsletter 79 (MUM EUROPE ANNOUNCED!)
Replies: 33
Views: 12422

Re: Newsletter 79 (MUM EUROPE ANNOUNCED!)

What about ROS v7?
by patrick7
Fri Dec 08, 2017 6:10 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Stop asking, you're wasting your time...
Switch to plain linux, problem solved.
by patrick7
Wed Dec 06, 2017 8:11 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

I'm sure we'll not survive that year.
by patrick7
Sat Nov 18, 2017 2:22 am
Forum: General
Topic: Customers suggestions to RouterOS' IPv6 module
Replies: 6
Views: 693

Re: Customers suggestions to RouterOS' IPv6 module

It will be fixed with RouterOS v7 (TM)
by patrick7
Thu Nov 02, 2017 11:25 pm
Forum: Forwarding Protocols
Topic: Advanced BGP Setup
Replies: 4
Views: 1047

Re: Advanced BGP Setup

Wrong, prefixlists cannot be used with BGP on MikroTik.
by patrick7
Thu Oct 19, 2017 4:58 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 314
Views: 87735

Re: Mikrotik VDSL / DSL Modem?

/interface dsl on RB750GL / 6.41rc20
by patrick7
Thu Oct 19, 2017 12:59 am
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 314
Views: 87735

Re: Mikrotik VDSL / DSL Modem?

Will we see DSL modems soon? [admin@sw2] /interface dsl> set Change properties of one or several items. <numbers> -- List of item numbers arp -- Address Resolution Protocol arp-timeout -- comment -- Short description of the item disabled -- Defines whether item is ignored or used l2mtu -- mac-addres...
by patrick7
Thu Oct 19, 2017 12:20 am
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

I have replaced CCRs mostly with Supermicro 5018D-FN8T + debian + FRR. Works like a charm.
by patrick7
Sun Oct 15, 2017 11:16 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Stop asking and switch to another vendor :lol:.
by patrick7
Thu Oct 05, 2017 12:28 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 23711

Re: IPv6 recursive nexthops via iBGP

I think there will be no fix in the near future.
by patrick7
Mon Sep 18, 2017 8:20 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Any news?
by patrick7
Thu Aug 31, 2017 8:52 pm
Forum: Announcements
Topic: v6.41rc [release candidate] is released! New bridge implementation!
Replies: 561
Views: 123700

Re: v6.41rc [release candidate] is released! New bridge implementation!

I'm aware of that. VLAN aware bridges disables HW offload on small switches (RB750GL etc). I'd like to have routing (this will be in CPU) AND switching (in hardware) on the same device as it was possible before 6.41rc. STP is needed too. I don't see a way how to solve this.
by patrick7
Wed Aug 30, 2017 9:41 pm
Forum: Announcements
Topic: v6.41rc [release candidate] is released! New bridge implementation!
Replies: 561
Views: 123700

Re: v6.41rc [release candidate] is released! New bridge implementation!

How about HW switching if STP and Layer3 Routing is needed? (bridge vlan disables HW)
by patrick7
Tue Aug 29, 2017 12:25 pm
Forum: Announcements
Topic: v6.41rc [release candidate] is released! New bridge implementation!
Replies: 561
Views: 123700

Re: v6.41rc [release candidate] is released! New bridge implementation!

What's the difference between /interface ethernet switch vlan/ports and the bridge VLAN implementation?
What is the correct way to create a switch with multiple VLANs (tagged and untagged) with a management IP on a vlan?
by patrick7
Fri May 19, 2017 5:03 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 45803

Re: v6.40rc [release candidate] is released!

Good reason to enable IPv6!
by patrick7
Thu May 18, 2017 11:35 pm
Forum: General
Topic: IPv6 VRFs
Replies: 7
Views: 1131

Re: IPv6 VRFs

It will be available with.... v7777777777777777777777777777777777 (tm)
by patrick7
Fri May 12, 2017 7:24 pm
Forum: Forwarding Protocols
Topic: 1072, bgp advertisments print resets BGP seessions
Replies: 1
Views: 468

Re: 1072, bgp advertisments print resets BGP seessions

Had the same (hold timer expired). MikroTik's solution is to wait for ROS v7.
by patrick7
Mon May 08, 2017 6:37 am
Forum: General
Topic: BGP Synchronize
Replies: 4
Views: 3494

Re: BGP Synchronize

It also "synchronizes" the route attribute.

Example
/ip route add dst-address=1.2.3.0/24 bgp-communities=123:456 type=blackhole
And you enable synchronize, the community 123:456 will be announced, too
by patrick7
Sat May 06, 2017 3:40 pm
Forum: Forwarding Protocols
Topic: Netflow and AS numbers
Replies: 9
Views: 1405

Re: Netflow and AS numbers

Unfortunately I think they won't implement it that fast.
This has been requested 7 (!!!!!) years ago, see viewtopic.php?t=43853
by patrick7
Sat May 06, 2017 3:29 pm
Forum: Forwarding Protocols
Topic: Netflow and AS numbers
Replies: 9
Views: 1405

Re: Netflow and AS numbers

What was the response?
by patrick7
Fri May 05, 2017 12:43 am
Forum: General
Topic: BGP - Route reflector 1500 Peers - 12K Users
Replies: 4
Views: 728

Re: BGP - Route reflector 1500 Peers - 12K Users

I understand that OSPF can get unstable at a certain point above 10 routes ?
If OSPF gets unstable with 10 routes, its implementation is hardly broken.
OSPF should have zero problems with 10, 100 or 1000 routes :-)
But it's true you should not import your BGP table into OSPF.
by patrick7
Thu Apr 27, 2017 5:14 am
Forum: General
Topic: Port Mirror vs NetFlow
Replies: 4
Views: 737

Re: Port Mirror vs NetFlow

So have you paid 150/600€ for nprobe? Or is there another solution?
by patrick7
Mon Mar 27, 2017 11:43 pm
Forum: General
Topic: Just got my new CCR1009-7G-1C-PC
Replies: 24
Views: 3985

Re: Just got my new CCR1009-7G-1C-PC

They're supporting trunking, but not LACP -> please just don't use it.
by patrick7
Thu Mar 16, 2017 12:06 pm
Forum: Forwarding Protocols
Topic: [Solved] OSPF passive-interface for dynamic interfaces
Replies: 2
Views: 1950

Re: OSPF passive-interface for dynamic interfaces

/routing ospf interface
add passive=yes
by patrick7
Mon Mar 13, 2017 10:46 pm
Forum: Announcements
Topic: v6.39rc [release candidate] is released
Replies: 391
Views: 82361

Re: v6.39rc [release candidate] is released

I hope banks etc run Cisco, Juniper, or something like this.
by patrick7
Mon Mar 13, 2017 5:27 pm
Forum: Beginner Basics
Topic: How to add static route
Replies: 8
Views: 18670

Re: How to add static route

And of course not 192.168.0.!!!5!!!/24
by patrick7
Mon Feb 27, 2017 3:06 pm
Forum: General
Topic: /interface list implementation
Replies: 4
Views: 1916

Re: /interface list implementation

I think it's iproute2 groups.

echo "200 customer" >> /etc/iproute2/group
"ip link set xyz group 200" and src/dst group in iptables.
by patrick7
Tue Feb 21, 2017 12:47 pm
Forum: Beginner Basics
Topic: routeros fw rules "!"
Replies: 2
Views: 330

Re: routeros fw rules "!"

Negate the match
by patrick7
Sun Feb 19, 2017 10:28 pm
Forum: RouterBOARD hardware
Topic: RB with 2x SFP+ and redundant PSU
Replies: 5
Views: 903

Re: RB with 2x SFP+ and redundant PSU

No, the CCR1016 does also have dual PSU, but only one SFP+ :-)
CCR1009 is the same, one SFP+, one SFP, dual PSU.
by patrick7
Sun Feb 19, 2017 9:37 pm
Forum: RouterBOARD hardware
Topic: RB with 2x SFP+ and redundant PSU
Replies: 5
Views: 903

Re: RB with 2x SFP+ and redundant PSU

CCR1016 does not have 2x SFP+. It has SFP+ and SFP. CCR1072 is the only one which has two of both SFP+ and PSU :-)
by patrick7
Fri Feb 17, 2017 12:17 am
Forum: General
Topic: Could you please change font color of combo interface? (bugfix?)
Replies: 2
Views: 575

Re: Could you please change font color of combo interface? (bugfix?)

As far as I know it's blue if the parent interface is disabled.
by patrick7
Thu Feb 16, 2017 11:14 pm
Forum: General
Topic: ip route add very slow in CCR 1072, but ok in x86
Replies: 4
Views: 552

Re: ip route add very slow in CCR 1072, but ok in x86

Then that's normal on MikroTik. BGP (or all other routing protocols) is running on 1 core (which most of the time is used 100%)
by patrick7
Thu Feb 16, 2017 10:38 pm
Forum: General
Topic: ip route add very slow in CCR 1072, but ok in x86
Replies: 4
Views: 552

Re: ip route add very slow in CCR 1072, but ok in x86

How many routes?
(/ip route print count)
by patrick7
Wed Feb 15, 2017 8:28 pm
Forum: General
Topic: V7 ....
Replies: 23
Views: 6113

Re: V7 ....

v6 with a lot of BGP routes is NOT working well. Dropping BGP peers if you show advertisements etc.
by patrick7
Sun Feb 12, 2017 2:13 am
Forum: General
Topic: X86_64 ROS - 64bit Mikrotik
Replies: 79
Views: 29752

Re: X86_64 ROS - 64bit Mikrotik

It sounds hard, but I think the only reason is "they don't want". As far as I know there is no technical reason why x86 only accepts 2GB. It just let sell CCRs better.
by patrick7
Thu Feb 09, 2017 11:29 pm
Forum: Virtualization
Topic: Mikrotik CHR P1 Licence - packet loss [FIXED]
Replies: 17
Views: 3042

Re: Beware of Mikrotik CHR P1 Licence - packet loss

interface should _not negotiate speeds above licenced ones
Have fun with fiber/SFPs :-)
by patrick7
Mon Feb 06, 2017 9:50 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

I don't think there will be news soon. A few weeks ago MikroTik wrote something about VRF/Linux Network Namespaces. They mentioned that network namespaces "may" be used. VRF is something very fundamental. Many things are depending on that (Firewall, MPLS, BGP, ...). It looks like not even MikroTik k...
by patrick7
Tue Jan 24, 2017 4:48 pm
Forum: Forwarding Protocols
Topic: How to see BGP incoming advertisements [SOLVED]
Replies: 1
Views: 1084

Re: How to see BGP incoming advertisements [SOLVED]

/ip route print where received-from=peer-name
But this command does not show filtered routes.
by patrick7
Wed Jan 18, 2017 1:33 am
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Or maybe it's a complete rewrite of OpenVPN? (licence issues?)
by patrick7
Tue Jan 17, 2017 11:36 am
Forum: RouterBOARD hardware
Topic: STP Alternatives ?
Replies: 5
Views: 860

Re: STP Alternatives ?

EoIP over both links, or maybe QinQ and STP in the inner VLAN?
by patrick7
Mon Jan 16, 2017 11:40 pm
Forum: Forwarding Protocols
Topic: NAT killing OSPF
Replies: 1
Views: 1029

Re: NAT killing OSPF

Are you sure it's only /23?
You could add the following rule before nat:
add chain=srcnat protocol=ospf action=accept
by patrick7
Mon Jan 02, 2017 4:15 pm
Forum: Announcements
Topic: v6.38 [current] is released!
Replies: 168
Views: 37199

Re: v6.38 [current] is released!

*) snmp - always report bonding speed as speed from first bonding slave;
Why? Bondings with 2x1Gbps are now shown as 1Gbps which is not true.
Except from the STP problems which I already reported by E-Mail - good work! :-)

Happy new year.
by patrick7
Thu Dec 29, 2016 12:34 am
Forum: Forwarding Protocols
Topic: BGP Community bypass don't work
Replies: 2
Views: 594

Re: BGP Community bypass don't work

Maybe you have set-bgp-community="" (which removes all communities) in your config? try unset X set-bgp-communities and then use append-bgp-communities.
by patrick7
Tue Dec 20, 2016 8:54 pm
Forum: Announcements
Topic: v6.38rc [release candidate] is released
Replies: 331
Views: 75210

Re: v6.38rc [release candidate] is released

Can anyone confirm that STP only works with master/slave port and no additional "/interface ethernet switch vlan" config?
by patrick7
Mon Dec 19, 2016 11:30 pm
Forum: RouterBOARD hardware
Topic: CRS317-1G-16S+RM MPLS Support
Replies: 53
Views: 14164

Re: CRS317-1G-16S+RM MPLS Support

Do you really want to use SwOS? No SNMPv2/3, no STP, no CLI, ...
by patrick7
Sun Dec 18, 2016 8:31 pm
Forum: General
Topic: V7 ALPHA/BETA Testers needed?
Replies: 45
Views: 10605

Re: V7 ALPHA/BETA Testers needed?

There is no beta.
by patrick7
Wed Dec 14, 2016 6:25 pm
Forum: General
Topic: V7 ALPHA/BETA Testers needed?
Replies: 45
Views: 10605

Re: V7 ALPHA/BETA Testers needed?

No, please not! :-) But to make life more easy for all v6 users by implementing small improvements. AS Path Filtering with regex is already possible, so it should be a thing of a few minutes to implement the same on communities.
by patrick7
Tue Dec 13, 2016 8:01 pm
Forum: General
Topic: RouterOS based IPv6 Christmas Tree
Replies: 2
Views: 1342

Re: RouterOS based IPv6 Christmas Tree

Cool! :-)
by patrick7
Tue Dec 13, 2016 3:40 pm
Forum: General
Topic: V7 ALPHA/BETA Testers needed?
Replies: 45
Views: 10605

Re: V7 ALPHA/BETA Testers needed?

@normis, as an example: BGP Communities filtering by regex or delete BGP communities by regex. Asked a lot here. Please don't tell me that this needs a new Kernel.
I also saw comments like "we will not change anything on routing in v6".
by patrick7
Mon Dec 12, 2016 7:17 pm
Forum: General
Topic: V7 ALPHA/BETA Testers needed?
Replies: 45
Views: 10605

Re: V7 ALPHA/BETA Testers needed?

Seems a lot like buying a 1 room house, when you needed 4 rooms. and then being upset that the builder didn't give you 3 more rooms for free. That's not the same. It's like if you buy a room in a house and the seller promises you to be able to buy 3 more rooms soon, and after 3 years the rooms are ...
by patrick7
Mon Dec 12, 2016 12:16 am
Forum: Scripting
Topic: API TCP RST
Replies: 0
Views: 400

API TCP RST

Hi I'm using the following setup: Monitoring VM (IP .66) <-> CCR1009 A <- IPSEC over Internet -> CCR1009 B (IP .254) The monitoring VM is checking BGP peer's status on CCR B using the API. Currently I have a strange behavior (I think it depends to IPsec): CCR B some time sends TCP RST packets. There...
by patrick7
Sun Dec 11, 2016 7:24 pm
Forum: Announcements
Topic: v6.38rc [release candidate] is released
Replies: 331
Views: 75210

Re: v6.38rc [release candidate] is released

Please also fix "use-dns=yes" in IPv6 traceroute. Overdue for a long time now (both reverse and forward)
by patrick7
Mon Dec 05, 2016 5:56 pm
Forum: Scripting
Topic: such item (4)
Replies: 12
Views: 3932

Re: such item (4)

Should be working if you change it like I mentioned above.
by patrick7
Mon Dec 05, 2016 1:51 pm
Forum: Scripting
Topic: such item (4)
Replies: 12
Views: 3932

Re: such item (4)

Try
/ip firewall address-list remove [find where list=redirect]
by patrick7
Fri Dec 02, 2016 7:28 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

@MikroTik Feature request which should not depend on kernel version: delete / match bgp communities by regex. Asked a lot here in the forum, and it would make many setup's much better.
by patrick7
Fri Dec 02, 2016 12:23 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Accepted. But it isn't possible to make some workaround? As an example, limit print commands to 25% cpu?
by patrick7
Fri Dec 02, 2016 12:11 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

I didn't manipulate anyone. And as said, I don't expect you to be faster. But maybe to change the information strategy, and don't say "we don't fix v6 because v7 will do".
by patrick7
Fri Dec 02, 2016 11:55 am
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Not true. It definitely will be released this year. Unfortunately I do not have specific date. -> That was the promise. Some time later I asked if this promise still is valid and then you said no. Don't get me wrong, I don't expect you to release it tommorrow, but some additional informations (and b...
by patrick7
Fri Dec 02, 2016 11:29 am
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Maybe next summer. I don't think anyone promised December 1st :) Not 1st of december, but 2016... See ticket 2016010866000027. Waiting would be much easier if mikrotik would provide additional information about v7 (screenshots, a list with fixed bugs, roadmap, any status update about the progress, ...
by patrick7
Thu Dec 01, 2016 1:25 pm
Forum: Forwarding Protocols
Topic: IPv6 Recursive routing
Replies: 1
Views: 692

Re: IPv6 Recursive routing

Try playing with target scope.
by patrick7
Thu Dec 01, 2016 1:04 pm
Forum: General
Topic: Need greater than 1Gb from bonded interface is it possible?
Replies: 8
Views: 1182

Re: Need greater than 1Gb from bonded interface is it possible?

balance-rr should do it, but I had problems with DNS lookups which took much more time (0.x seconds with LACP, partly >5s with rr).
by patrick7
Mon Nov 28, 2016 7:54 pm
Forum: General
Topic: VLAN trunk port with switch chip
Replies: 18
Views: 5620

Re: VLAN trunk port with switch chip

Please please please please please stop giving interfaces like "etherXYZ - Heimnetz". That's dirty... Use comment for that.
by patrick7
Sat Nov 19, 2016 4:25 pm
Forum: Forwarding Protocols
Topic: IPSec Tunnel
Replies: 2
Views: 756

Re: IPSec Tunnel

Also make sure IPsec is excluded for FastTrack.
by patrick7
Fri Nov 18, 2016 5:16 pm
Forum: Forwarding Protocols
Topic: BGP Multihoming
Replies: 10
Views: 3379

Re: BGP Multihoming

I would not recommend to advertise the /30 via iBGP. Either set up OSPF or use next-hop-self. I'd recommend the 2nd
by patrick7
Tue Nov 15, 2016 6:51 pm
Forum: General
Topic: Decline of Mikrotik?
Replies: 102
Views: 26613

Re: Decline of Mikrotik?

+1, affected too. Moving the rules in the chain or dis and reenable solves the problem.
by patrick7
Thu Nov 10, 2016 1:58 pm
Forum: General
Topic: Decline of Mikrotik?
Replies: 102
Views: 26613

Re: Decline of Mikrotik?

IKEv2 has been implemented in the last rc.
by patrick7
Wed Nov 09, 2016 11:17 pm
Forum: General
Topic: IPv6 at Vultr not working
Replies: 3
Views: 1147

Re: IPv6 at Vultr not working

Why do you need IPv6 if you disable its forwarding?
by patrick7
Wed Nov 02, 2016 3:35 pm
Forum: General
Topic: Decline of Mikrotik?
Replies: 102
Views: 26613

Re: Decline of Mikrotik?

Unfortunately... true.
I suggest to not continue v6 development and focus on ROS v7.
by patrick7
Tue Oct 25, 2016 11:34 pm
Forum: RouterBOARD hardware
Topic: RB750Gr3 - Report and questions
Replies: 112
Views: 33014

Re: RB750Gr3 - Report and questions

CPU/IPsec performance looks great, missing switch features doesn't. Cancelled my order today because of this :'(
by patrick7
Tue Oct 18, 2016 7:37 pm
Forum: General
Topic: BGP on CCR1036-8G-2S+EM
Replies: 7
Views: 1592

Re: BGP on CCR1036-8G-2S+EM

I fully agree with @ZeroByte. But I need to say that my experiences with VyOS are horrible (reboot - BGP config gone, OSPF routes are propagated to other routers but not shown in the propagating router's table, SNMP crashing and reboot is needed, ....). I would for sure prefer RouterOS over VyOS.
by patrick7
Tue Oct 18, 2016 5:24 pm
Forum: General
Topic: DHCP in VRRP configuration
Replies: 6
Views: 2836

Re: DHCP in VRRP configuration

Does the MikroTik DHCPD check if an IP is already in use? If not, this may cause serious trouble.
by patrick7
Mon Oct 17, 2016 1:20 pm
Forum: Forwarding Protocols
Topic: Google Peering Configuration
Replies: 4
Views: 8901

Re: Google Peering Configuration

That's most probably because Google does not propagate the IXP LAN's in their network by OSPF. If you use your IXP LAN as source, google does not know where to reply to. You should always use one of your advertised IPs as source (example: Loopback) For IPv4, you can fix that with a routing filter: "...
by patrick7
Sat Oct 15, 2016 12:16 am
Forum: RouterBOARD hardware
Topic: Ethernet port faulty?
Replies: 4
Views: 757

Re: Ethernet port faulty?

Have you tried replace the cable? If there are not enough copper wires in the cable, gigabit will never work.
by patrick7
Fri Oct 14, 2016 11:50 pm
Forum: Announcements
Topic: v6.38rc [release candidate] is released
Replies: 331
Views: 75210

Re: v6.38rc [release candidate] is released

Maybe it's only in webfig or winbox?
by patrick7
Fri Oct 14, 2016 9:54 pm
Forum: General
Topic: Ling Aggregation LACP how make stable 2Gb/s
Replies: 4
Views: 8502

Re: Ling Aggregation LACP how make stable 2Gb/s

If you're really using a MT Switch, you cannot use LACP (only option is balance-xor, don't know if synology supports that).
CCR1009 should not be a problem, remember to use ether 5-8 and not 1-4 (1-4 are connected to CPU with 1Gbps in total).
by patrick7
Wed Oct 12, 2016 3:07 pm
Forum: General
Topic: Cloud Router Switch 210-8G-2S+IN question!
Replies: 6
Views: 676

Re: Cloud Router Switch 210-8G-2S+IN question!

CCR1009 (only, routing, not switching)
by patrick7
Thu Oct 06, 2016 7:32 pm
Forum: General
Topic: EoIP + IPSEC + Bonding
Replies: 1
Views: 541

Re: EoIP + IPSEC + Bonding

This forum is not russian.
by patrick7
Wed Oct 05, 2016 8:30 pm
Forum: Announcements
Topic: v6.38rc [release candidate] is released
Replies: 331
Views: 75210

Re: v6.38rc [release candidate] is released

STP, good work!
by patrick7
Sat Oct 01, 2016 1:56 am
Forum: Announcements
Topic: We have a new homepage!
Replies: 29
Views: 5296

Re: We have a new homepage!

Good work! :-)
by patrick7
Fri Sep 30, 2016 1:25 pm
Forum: Announcements
Topic: v6.38rc [release candidate] is released
Replies: 331
Views: 75210

Re: v6.38rc [release candidate] is released

Still missing in my opinion: rp_filter per interface. Should be a small thing to implement.
by patrick7
Fri Sep 30, 2016 12:25 pm
Forum: Announcements
Topic: v6.38rc [release candidate] is released
Replies: 331
Views: 75210

Re: v6.38rc [release candidate] is released

STP... Great! What about other products with switching chip?
by patrick7
Tue Sep 27, 2016 8:34 pm
Forum: Scripting
Topic: Removing BGP out and in filter
Replies: 3
Views: 555

Re: Removing BGP out and in filter

setting in-filter="" should work in this case. If you think unset in-filter would be better (I do), please open a ticket at MikroTik :-)
by patrick7
Tue Sep 27, 2016 8:06 pm
Forum: General
Topic: Feature request: Add sorting
Replies: 5
Views: 1710

Re: Feature request: Add sorting

Thanks NeoXiD. Anyonen else? I think if more people wish this feature, possibility will be higher for it to be implemented.
by patrick7
Tue Sep 27, 2016 8:02 pm
Forum: Scripting
Topic: Removing BGP out and in filter
Replies: 3
Views: 555

Re: Removing BGP out and in filter

See here: http://forum.mikrotik.com/viewtopic.php ... 09#p554009
They don't want to implement unset for all parameters, even if set "" is most likely the same.
by patrick7
Tue Sep 27, 2016 12:37 pm
Forum: General
Topic: Vlans doubts on CCR1009-8G
Replies: 3
Views: 394

Re: Vlans doubts on CCR1009-8G

CCR1009 also has a switch but if not configured, all ports can be configured with individual vlan's
by patrick7
Tue Sep 27, 2016 12:15 pm
Forum: Announcements
Topic: v6.37 [current] is released!
Replies: 197
Views: 34910

Re: v6.37 [current] is released!

Several important bugfixes and improvements which are overdue for a long time :D
by patrick7
Mon Sep 26, 2016 8:22 pm
Forum: General
Topic: BUG: (BGP) Filter community match not working with community 0:0
Replies: 9
Views: 1878

Re: BUG: (BGP) Filter community match not working with community 0:0

Oh yes. I proposed that to mikrotik. Maybe in RouterOS v7 :-)
by patrick7
Mon Sep 26, 2016 12:13 am
Forum: General
Topic: BUG: (BGP) Filter community match not working with community 0:0
Replies: 9
Views: 1878

Re: BUG: (BGP) Filter community match not working with community 0:0

According to http://blog.ipspace.net/2008/03/misteri ... unity.html, it looks like the community INTERNET equals 0:0
MikroTik wiki says that if INTERNET is set, it will match always, see http://wiki.mikrotik.com/wiki/Manual:Ro ... ng_filters
by patrick7
Sat Sep 24, 2016 1:17 am
Forum: Forwarding Protocols
Topic: prepending after jump
Replies: 1
Views: 556

Re: prepending after jump

Place the prepend before jump. Once a prefix has been accepted, no more filter rules will be processed for this prefix
by patrick7
Sat Sep 17, 2016 10:59 pm
Forum: SwOS
Topic: Spanning Tree Protocol
Replies: 26
Views: 16429

Re: Spanning Tree Protocol

Is there any reason why mikrotik refuses to implement STP in any switch products? In my opinion, any switch missing STP is not really an option for use in production environments. It may be good for home use, not more, not less. And no, loop protect is not a good STP replacement. STP is a lot more t...
by patrick7
Tue Sep 13, 2016 11:34 pm
Forum: General
Topic: V7 ALPHA/BETA Testers needed?
Replies: 45
Views: 10605

Re: V7 ALPHA/BETA Testers needed?

Where did you find this info? We don't need v7 alpha this year, we just need some serious bugs fixed in v6 and maybe a list what have been done with v7 and what will be done, and if possible an expected date, status update or whatever. At the moment, we have an OS with some serious problems, and sin...
by patrick7
Tue Sep 06, 2016 5:09 pm
Forum: General
Topic: Feature request: Add sorting
Replies: 5
Views: 1710

Feature request: Add sorting

Hi there I hereby request a feature which is really important in my opinion. It should be possible to use sorting anywhere in the CLI. I don't think "print where list=ABC" is a really good solution. - Address lists should be autosorted, so that entries from the same list are being printed continousl...
by patrick7
Mon Sep 05, 2016 5:22 pm
Forum: Forwarding Protocols
Topic: BGP community filter
Replies: 4
Views: 1166

Re: BGP community filter

Try
/ip route print where bgp-communities="65070:101"
by patrick7
Sun Sep 04, 2016 4:11 pm
Forum: Forwarding Protocols
Topic: match-chain
Replies: 1
Views: 576

Re: match-chain

correct
by patrick7
Fri Sep 02, 2016 8:29 pm
Forum: Forwarding Protocols
Topic: /ipv6 route is VERY slow
Replies: 4
Views: 808

Re: /ipv6 route is VERY slow

you need to run the find command in :put [here-the-command]. But this will reply the IDs, not the routes.
by patrick7
Fri Sep 02, 2016 8:08 pm
Forum: Forwarding Protocols
Topic: /ipv6 route is VERY slow
Replies: 4
Views: 808

Re: /ipv6 route is VERY slow

Unfortunately... It's just slow... Should be better in ROS v7
by patrick7
Wed Aug 31, 2016 4:17 pm
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 321
Views: 57275

Re: v6.37rc [release candidate] is released, only one wireless package!

About loop protect: How is that handled if interface is in a bridge / switch group?
How is routing performance improved?
by patrick7
Thu Aug 25, 2016 2:59 pm
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 321
Views: 57275

Re: v6.37rc [release candidate] is released, only one wireless package!

Don't really see the sense behind that, but ok......
In my opinion, it should also be possible to unset (make empty) "custom" values. Because in the configuration you don't see the "none" so it's like "empty" or "not set".
by patrick7
Thu Aug 25, 2016 2:45 pm
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 321
Views: 57275

Re: v6.37rc [release candidate] is released, only one wireless package!

Don't agree. [admin@cr1.zrh1] /routing bgp peer> :put [get 6 update-source ] As you can see, update-source is nothing (=empty). In WebFig, it's possible to click an arrow to make this field disappearing (like unset). [admin@cr1.zrh1] /routing bgp peer> set 6 update-source=1.2.3.4 [admin@cr1.zrh1] /r...
by patrick7
Thu Aug 25, 2016 2:12 pm
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 321
Views: 57275

Re: v6.37rc [release candidate] is released, only one wireless package!

Feature request:
Allow unset at every place where it's possible to set an empty value (example: bgp update source, unset update-source does not work, set update-source=none is needed. firewall log prefix, set log-prefix="" works, but unset log-prefix does not work.).
by patrick7
Thu Aug 25, 2016 11:09 am
Forum: Announcements
Topic: v6.36.2 [current] is released!
Replies: 54
Views: 14963

Re: v6.36.2 [current] is released!

export verbose in /ip(v6) firewall does not work since 6.36.2 (output is the same as export compact)
by patrick7
Wed Aug 24, 2016 7:02 pm
Forum: Announcements
Topic: v6.36.2 [current] is released!
Replies: 54
Views: 14963

Re: v6.36.2 [current] is released!

Maybe you should use eoipv6?
by patrick7
Thu Aug 18, 2016 8:12 pm
Forum: Beginner Basics
Topic: How to set up VPN on MikroTik hap Lite?
Replies: 3
Views: 4699

Re: How to set up VPN on MikroTik hap Lite?

I would recommend not to use PPTP in 2016.
by patrick7
Wed Aug 17, 2016 4:45 pm
Forum: General
Topic: Can Mikrotik handle 1 STM ?
Replies: 4
Views: 676

Re: Can Mikrotik handle 1 STM ?

At the moment, it does not matter if you're using CCR1009 or CCR1016 for BGP. BGP is limited to one CPU core. And RAM of CCR1009 is more than enough for BGP.
by patrick7
Thu Aug 11, 2016 6:32 pm
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 321
Views: 57275

Re: v6.37rc [release candidate] is released, only one wireless package!

Just ignore them, or they will continue posting in russian.
by patrick7
Wed Aug 10, 2016 7:57 pm
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 42104

Re: v6.36 [current] is released!

Could you please write in english? Not everyone is russian.
by patrick7
Sat Aug 06, 2016 10:39 pm
Forum: General
Topic: Bug with IPv6 timeout, counters increase
Replies: 3
Views: 701

Re: Bug with IPv6 timeout, counters increase

Will this bug be fixed in 6.36.x?
by patrick7
Fri Aug 05, 2016 10:58 pm
Forum: General
Topic: Best VPN for RouterOS
Replies: 7
Views: 2686

Re: Best VPN for RouterOS

For site to site, IPsec is great. For Remote Access / Roadwarrior, I don't like the available VPNs. OpenVPN would be great, but the implementation is not so good in my opinion (no UDP, no cert only auth, everything done with PPP, not possible to push routes).
by patrick7
Wed Aug 03, 2016 9:28 pm
Forum: SwOS
Topic: Spanning Tree Protocol
Replies: 26
Views: 16429

Re: Spanning Tree Protocol

Are there plans for STP on RouterBoard models (like RB2011/3011/CCR1009/...) or CRS? I would never use a switch which does not support STP.
by patrick7
Wed Aug 03, 2016 1:53 pm
Forum: General
Topic: Bug: SNMP over VRRP interface problem
Replies: 19
Views: 2052

Re: Bug: SNMP over VRRP interface problem

You should monitor both nodes, not just the master.
by patrick7
Tue Aug 02, 2016 5:15 pm
Forum: General
Topic: Bug: SNMP over VRRP interface problem
Replies: 19
Views: 2052

Re: Bug: SNMP over VRRP interface problem

You should avoid using the VRRP address for monitoring purposes.
by patrick7
Fri Jul 29, 2016 10:42 pm
Forum: General
Topic: hosting looking glass into microtik files
Replies: 7
Views: 985

Re: hosting looking glass into microtik files

Be aware this looking glass only supports ping/trace/mtr, no BGP. 
by patrick7
Fri Jul 29, 2016 7:14 pm
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 42104

Re: v6.36 [current] is released!

/system routerboard upgrade
Do you mean this?
by patrick7
Fri Jul 29, 2016 1:57 pm
Forum: Announcements
Topic: MikroTik News May 2016 (Issue #72)
Replies: 26
Views: 21742

Re: MikroTik News May 2016 (Issue #72)

Any chance for a CCR with at least 2x 10G ports and redundant PSU? Any router with no redundant PSU should not be considered as "industrial grade" :(
Actually there is only CCR1072 which is much overpowered for that.
by patrick7
Wed Jul 27, 2016 11:48 pm
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 42104

Re: v6.36 [current] is released!

Example: [admin@cr1.fra1] > /int list exp # jul/27/2016 22:48:23 by RouterOS 6.36 # software id = XXX-XXXX # /interface list add name=customer add name=transit add name=vpn /interface list member add interface=ether7 list=transit add interface=ether8 list=transit add interface=sfpplus1 list=transit ...
by patrick7
Mon Jul 25, 2016 5:53 pm
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 42104

Re: v6.36 [current] is released!

Yes, but since the upgrade, this will not be shown with "print" for new rules. Also it's not possible to unset log/log-prefix...
by patrick7
Mon Jul 25, 2016 5:29 pm
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 42104

Re: v6.36 [current] is released!

Also found a difference to 6.35: Firewall rules which existed before upgrading:  1    ;;; Allow Customers       chain=forward action=accept connection-state=invalid,new in-interface-list=customer out-interface-list=transit log=no log-prefix="" If I delete it and re add it again:  1    ;;; Allow Cust...
by patrick7
Mon Jul 25, 2016 3:07 pm
Forum: General
Topic: Did we loose IP cloud?
Replies: 155
Views: 26229

Re: Did we loose IP cloud?

Hi It looks like ns1 is not responding (FRA)root@ns2:~# dig aserialnumber.sn.mynetname.net +short @ns1.kissthenet.net. ; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> aserialnumber.sn.mynetname.net +short @ns1.kissthenet.net. ;; global options: +cmd ;; connection timed out; no servers could be reached (FRA)ro...
by patrick7
Mon Jul 25, 2016 2:09 pm
Forum: General
Topic: Did we loose IP cloud?
Replies: 155
Views: 26229

Re: Did we loose IP cloud?

I can confirm, since a few days not every DNS request will be replied. 
by patrick7
Fri Jul 22, 2016 1:03 am
Forum: General
Topic: Traffic Flow Incorrect
Replies: 5
Views: 2074

Re: Traffic Flow Incorrect

OT: Which netflow collector are you using?
by patrick7
Fri Jul 22, 2016 12:29 am
Forum: RouterBOARD hardware
Topic: CCR, "enterprise ready", seriously???
Replies: 35
Views: 5795

Re: CCR, "enterprise ready", seriously???

No, redundancy is done by the access routers (which are connected to the core with dynamic routing protocols)
by patrick7
Thu Jul 21, 2016 2:49 pm
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 42104

Re: v6.36 [current] is released!

Yes, I don't ask you to rebuild the version, but to include it also in 6.36.X :-)
by patrick7
Thu Jul 21, 2016 2:26 pm
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 42104

Re: v6.36 [current] is released!

Why will this problem not be fixed in the stable release? Problems in "stable" should be fixed in stable, not in new beta/rc's.
by patrick7
Thu Jul 21, 2016 11:38 am
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 42104

Re: v6.36 [current] is released!

I get the following message at startup:
09:58:10 script,warning DefConf: Unable to find wireless interface(s)
by patrick7
Thu Jul 21, 2016 11:20 am
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 42104

Re: v6.36 [current] is released!

hAP AC looks fine after upgrade. 
by patrick7
Wed Jul 20, 2016 6:10 pm
Forum: Forwarding Protocols
Topic: Mikrotik CCR 1036 802.3ad Bond with Cisco3750G over etherchannel LACP
Replies: 8
Views: 2850

Re: Mikrotik CCR 1036 802.3ad Bond with Cisco3750G over etherchannel LACP

With 802.3AD (LACP), one stream can only use the maximum speed of one interface (to ensure that packets will arrive in the right order).
See https://en.wikipedia.org/wiki/Link_aggregation#Driver_
by patrick7
Tue Jul 19, 2016 1:19 pm
Forum: General
Topic: [Feature Request] Description field at Firewall address-list
Replies: 10
Views: 1275

Re: [Feature Request] Description field at Firewall address-list

But there is no inline for command line... :-(
by patrick7
Sun Jul 17, 2016 12:16 am
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Ehm, Support Ticket?
by patrick7
Sat Jul 16, 2016 6:39 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

11.01.2016:
-> It definitely will be released this year
13.06.2016:
Can we still expect v7 this year?
-> i hope so.
by patrick7
Thu Jul 14, 2016 9:20 pm
Forum: RouterBOARD hardware
Topic: CCR1036 memory upgrade question
Replies: 29
Views: 4672

Re: CCR1036 memory upgrade question

Some BGP Fulltables?
by patrick7
Wed Jul 13, 2016 12:01 am
Forum: RouterBOARD hardware
Topic: Is ethernet bonding at the hardware level in CCR1072-1G-8S+?
Replies: 6
Views: 1271

Re: Is ethernet bonding at the hardware level in CCR1072-1G-8S+?

Hi there

You're right, I'm sorry for that. But I don't think you will face into performance issues with CCR1072 :-)

Regards
Patrick
by patrick7
Tue Jul 05, 2016 1:23 pm
Forum: Forwarding Protocols
Topic: BGP delete communities
Replies: 7
Views: 1108

Re: BGP delete communities

Not possible at the moment :(
by patrick7
Tue Jun 28, 2016 8:54 pm
Forum: Forwarding Protocols
Topic: BGP as a transit ISP
Replies: 7
Views: 1684

Re: BGP as a transit ISP

:D If he will have only this one downstream, no presence at any IXP, ..., then I think "static" filtering will be fine. But let's say, he (AS A) is connecting to an IXP. His downstream (AS B) decides to temporary announce his prefix (let's say 192.0.2.0/24) to another upstream (may be temporary) and...
by patrick7
Tue Jun 28, 2016 7:54 pm
Forum: Forwarding Protocols
Topic: BGP as a transit ISP
Replies: 7
Views: 1684

Re: BGP as a transit ISP

I can only speak about the RIPE region. At the moment, you need at least 2 "peer ASNs" (does not matter if downstream, upstream, peer) to get an ASN (required by policy). At the moment, RIPE does not check that. Btw, i would recommend you to use community based filtering, if you have downstream netw...
by patrick7
Mon Jun 27, 2016 9:11 pm
Forum: RouterBOARD hardware
Topic: Loose plastic part in CCR1009-8G-1S-1S+
Replies: 2
Views: 691

Re: Loose plastic part in CCR1009-8G-1S-1S+

Found it! :-)
It's behind the RS232 port to protect the pins inside the router. Used some superglue to fix that :-)
by patrick7
Sun Jun 26, 2016 4:15 pm
Forum: RouterBOARD hardware
Topic: Loose plastic part in CCR1009-8G-1S-1S+
Replies: 2
Views: 691

Loose plastic part in CCR1009-8G-1S-1S+

Hi there I recently bought an used CCR1009-8G-1S-1S+. I remembered that something "loose" must be in the device. I found a small plastic part inside the CCR, but I was not able to find the place where it belongs to. http://img.velder.li/images/35a851e0dbfc99f28d2bd9b81e52f084.png Anyone an idea? Reg...
by patrick7
Thu Jun 23, 2016 8:34 pm
Forum: Forwarding Protocols
Topic: BGP full table 100% load one core on CCR1009
Replies: 9
Views: 3473

Re: BGP full table 100% load one core on CCR1009

Multihoming with balancing between ISPs? Best Path Selection?
by patrick7
Mon Jun 20, 2016 9:36 am
Forum: General
Topic: Time based firewall rules stay inactive
Replies: 10
Views: 2428

Re: Time based firewall rules stay inactive

Is ether1 part of a switch group? If yes, is ether1 the master-port?
by patrick7
Fri Jun 17, 2016 7:24 pm
Forum: General
Topic: Congratulations to new moderators !
Replies: 11
Views: 1059

Re: Congratulations to new moderators !

If you're still looking, I'm happy to help too :-)
by patrick7
Tue Jun 14, 2016 6:22 pm
Forum: Forwarding Protocols
Topic: Send an /32 IP to Blackhole Community ISP with BGP
Replies: 31
Views: 7124

Re: Send an /32 IP to Blackhole Community ISP with BGP

I would not recommend to redistribute any routes. Create static blackholes with bgp-communities, and add each network to the /routing bgp network section using synchronize=yes. 
by patrick7
Sun Jun 12, 2016 5:14 pm
Forum: General
Topic: How disable fasttrack?
Replies: 2
Views: 3059

Re: How disable fasttrack?

With the 1st rule, you activate fasttrack for all traffic except in-interface vlan47. The second rule doesn't match to any traffic as fasttrack is already enabled by the 1st one. You can either create an accept rules for in/out interface vlan47, and after that, fasttrack. Or you could mark packets f...
by patrick7
Fri Jun 10, 2016 8:20 pm
Forum: Forwarding Protocols
Topic: Feature request: BGP to support Soft Reset (RFC2918)
Replies: 15
Views: 1985

Re: Feature request: BGP to support Soft Reset (RFC2918)

When will RouterOS Longhorn be released? 
by patrick7
Tue Jun 07, 2016 1:09 pm
Forum: Forwarding Protocols
Topic: Set BGP Origin Attribute in RouterOS
Replies: 11
Views: 2578

Re: Set BGP Origin Attribute in RouterOS

You can set the bgp origin on static routes.

/ip route set X bgp-origin=(egp igp incomplete)
by patrick7
Wed Jun 01, 2016 9:04 pm
Forum: Announcements
Topic: v6.34.5 [bugfix] is released!
Replies: 23
Views: 7101

Re: v6.34.5 [bugfix] is released!

+1 on Tile (CCR1009-8G-1S-1S+)
by patrick7
Thu May 19, 2016 11:45 am
Forum: Announcements
Topic: v6.36rc [release candidate] is released, wireless-fp package is discontinued!
Replies: 295
Views: 65177

Re: v6.36rc [release candidate] is released, wireless-fp package is discontinued!

Are you sure, UPS will log PSU failures? (on CCR with redundant PSU).
by patrick7
Wed May 18, 2016 3:32 pm
Forum: Announcements
Topic: v6.36rc [release candidate] is released, wireless-fp package is discontinued!
Replies: 295
Views: 65177

Re: v6.36rc [release candidate] is released, wireless-fp package is discontinued!

Is there a possibility to log PSU failures on CCR in future versions?
by patrick7
Tue May 17, 2016 1:37 pm
Forum: General
Topic: How to get interface details via CLI
Replies: 1
Views: 380

Re: How to get interface details via CLI

Something like this?
[admin@cr1.fra1] /interface ethernet> :put [get ether8 rx-bytes ]
45 871 634 051
by patrick7
Thu May 05, 2016 3:55 am
Forum: General
Topic: Mangle - action= route ? some explain please
Replies: 3
Views: 1189

Re: Mangle - action= route ? some explain please

You can set a gateway to which the packet will be sent. It ignores the routing table.
by patrick7
Wed May 04, 2016 1:39 am
Forum: Forwarding Protocols
Topic: Set BGP Origin Attribute in RouterOS
Replies: 11
Views: 2578

Re: Set BGP Origin Attribute in RouterOS

Can you give us any update on v7 alpha/beta/release time frame?
by patrick7
Sun May 01, 2016 11:37 pm
Forum: General
Topic: LACP question
Replies: 3
Views: 622

Re: LACP question

Hi

Even if you are able to bring up the LACP, you will not have any effort as all ports on the CRS are connected with a total link speed of 1Gbps to the CPU.

Regards
Patrick
by patrick7
Sun May 01, 2016 11:35 pm
Forum: Beginner Basics
Topic: How to add vrrp interface to bridge ?
Replies: 2
Views: 849

Re: How to add vrrp interface to bridge ?

Create VRRP on the bridge.
by patrick7
Mon Apr 18, 2016 5:46 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 154934

Re: RouterOS v7.0 beta1 - when?

Missing on the list:

BGP MIB for SNMP
Community Filtering by Regex
by patrick7
Thu Mar 10, 2016 5:53 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 23711

Re: IPv6 recursive nexthops via iBGP

@mrz More informations about v7 please :D Even it would be a fully broken beta, I'd be happy to see the news ;-)
by patrick7
Mon Feb 22, 2016 10:27 pm
Forum: General
Topic: ipv6 /56
Replies: 14
Views: 1806

Re: ipv6 /56

type=blackhole unfortunately does not exists with IPv6. Use unreachable instead.
by patrick7
Mon Feb 22, 2016 10:16 pm
Forum: Forwarding Protocols
Topic: Total BGP Community noob
Replies: 18
Views: 4455

Re: Total BGP Community noob

Don't ever redistribute connect routes with BGP... Use synchronize:
/ip route add dst-address=192.0.2.0/24 bgp-communities=123:456 type=blackhole
/routing bgp network add network=192.0.2.0/24 synchronize=yes
by patrick7
Wed Feb 10, 2016 8:32 pm
Forum: RouterBOARD hardware
Topic: Mikrotik CRS, unreliable in dynamic environment
Replies: 1
Views: 529

Re: Mikrotik CRS, unreliable in dynamic environment

+9999 for STP. A device without STP isn't a switch.
by patrick7
Fri Jan 29, 2016 3:42 pm
Forum: Announcements
Topic: v6.34 [current] is released!
Replies: 91
Views: 22936

Re: v6.34 [current] is released!

Whats new in 6.33.6?
by patrick7
Tue Jan 26, 2016 1:56 pm
Forum: Beginner Basics
Topic: Why can't VLAN tags be assigned to a GRE interface?
Replies: 8
Views: 1477

Re: Why can't VLAN tags be assigned to a GRE interface?

No, there is no way as GRE transports Layer3 while EoIP is Layer2.
by patrick7
Thu Jan 14, 2016 6:49 pm
Forum: General
Topic: IPv6 is insane!
Replies: 4
Views: 503

Re: IPv6 is insane!

All LIRs get a /29 from RIPE, does not matter if you are an individual person (like me, have my own /29 too) or a big company (they can get even more space). Minimal allocation size at RIPE currently is /32.
by patrick7
Sun Jan 03, 2016 1:56 pm
Forum: General
Topic: Cloud DNS is unavailable?
Replies: 12
Views: 1752

Re: Cloud DNS is unavailable?

Yes, get a servfail: ; <<>> DiG 9.9.5-9+deb8u4-Debian <<>> a xyz.sn.mynetname.net. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 51194 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; ...
by patrick7
Thu Dec 31, 2015 5:40 pm
Forum: General
Topic: Feature Request: IPv6 enable by default
Replies: 13
Views: 3399

Re: Feature Request: IPv6 enable by default

With just the IPv6 package enabled (but not configured), it does nothing except providing the ability to configure it.
by patrick7
Mon Dec 28, 2015 1:46 pm
Forum: Forwarding Protocols
Topic: BGP full table 100% load one core on CCR1009
Replies: 9
Views: 3473

Re: BGP full table 100% load one core on CCR1009

Hi

yes, thats normal, as BGP is running on one single core.

Regards
Patrick
by patrick7
Mon Dec 21, 2015 7:47 pm
Forum: General
Topic: LNS on Bell Canada (partially) Working
Replies: 14
Views: 1813

Re: LNS on Bell Canada (partially) Working

Hi

interesting. Could you post a config example?

Regards Patrick
by patrick7
Tue Nov 24, 2015 11:35 pm
Forum: Beginner Basics
Topic: Trunk on SFP+ ports when connected to CISCO switch in switchport mode trunk
Replies: 3
Views: 1121

Re: Trunk on SFP+ ports when connected to CISCO switch in switchport mode trunk

You should either define a native VLAN on the trunk on cisco side (switchport trunk native vlan xyz) or add a VLAN interface on the MikroTik.
by patrick7
Wed Nov 04, 2015 7:00 pm
Forum: General
Topic: Fasttrack on CCR 1009-8G-1S-1S+
Replies: 9
Views: 1547

Re: Fasttrack on CCR 1009-8G-1S-1S+

What do you have in the forward chain at the top?
by patrick7
Wed Nov 04, 2015 5:34 pm
Forum: General
Topic: Fasttrack on CCR 1009-8G-1S-1S+
Replies: 9
Views: 1547

Re: Fasttrack on CCR 1009-8G-1S-1S+

If no firewall (NAT/Filter) is running, you don't need FastTrack.
by patrick7
Mon Nov 02, 2015 11:45 am
Forum: General
Topic: IPsec does not work without kernel route for destination network
Replies: 9
Views: 1579

Re: IPsec does not work without kernel route for destination network

Hi

And why is the packet rejected if there is no route? In my opinion, it should continue to IPsec policies if there are no routes.
Can you tell me how to correct configure a router with IPsec if there is no default route? Route the whole network to a dummy interface?

Regards
Patrick
by patrick7
Sun Nov 01, 2015 11:59 pm
Forum: General
Topic: IPsec does not work without kernel route for destination network
Replies: 9
Views: 1579

Re: IPsec does not work without kernel route for destination network

No traffic is flowing from the router with the fulltable. As soon as the packet arrives at the router's interface, an ICMP net unreachable is returned. If I add the "fake" route for the 10.xyz net, it works.
by patrick7
Sun Nov 01, 2015 8:28 pm
Forum: General
Topic: IPsec does not work without kernel route for destination network
Replies: 9
Views: 1579

Re: IPsec does not work without kernel route for destination network

Yes, thats true. There must be any route for the network. But the interface does not matter. Default route is fine and it works. But it should work without as I will not add any default routes (or routes like in the example above) to my BGP core.
by patrick7
Sun Nov 01, 2015 3:49 pm
Forum: General
Topic: IPsec does not work without kernel route for destination network
Replies: 9
Views: 1579

Re: IPsec does not work without kernel route for destination network

According to the diagram, there is made a routing decision. If there is no route for the network I'd like to reach, the packet will be rejected, even there is an ipsec policy.
by patrick7
Fri Oct 30, 2015 10:39 pm
Forum: General
Topic: IPsec does not work without kernel route for destination network
Replies: 9
Views: 1579

IPsec does not work without kernel route for destination network

Hi I found a problem in the IPsec implementation of MikroTik. Following scenario: Location 1 CCR1009-8G-1S-1S+ BGP Fulltable, no default route Private Network 10.64.136.0/22 Location 2 RB750GL Static IP, Default route Private Network 10.64.12.0/22 Now, if I set up an IPsec, it does not work. If I pi...
by patrick7
Wed Oct 28, 2015 8:44 pm
Forum: General
Topic: Static route over gre tunnel : interface vs ipaddress
Replies: 4
Views: 608

Re: Static route over gre tunnel : interface vs ipaddress

Routed in the tunnel, not through the tunnel :-)
by patrick7
Wed Oct 28, 2015 2:24 pm
Forum: General
Topic: Static route over gre tunnel : interface vs ipaddress
Replies: 4
Views: 608

Re: Static route over gre tunnel : interface vs ipaddress

The remote IP. If you add the route with gateway=tunnel, then the network would be on the tunnel interface directly, not behind the remote tunnel endpoint.
by patrick7
Wed Oct 07, 2015 10:54 am
Forum: Forwarding Protocols
Topic: BGP advertisements print
Replies: 3
Views: 811

Re: BGP advertisements print

Do you use any filters? Please show config.
by patrick7
Tue Oct 06, 2015 5:55 pm
Forum: General
Topic: Feature request: BGP4-MIB (RFC 4273)
Replies: 32
Views: 5611

Re: Feature request: BGP4-MIB (RFC 4273)

Hi

Can you give us an estimated date? This year? Next year? In 5 Years?
Many of us needs to plan future networks and it would be great to know when things "will work" (BGP MIB, IPv6 Recursive Gateway lookup, BGP Multicore, ...)

Thanks and regards
Patrick
by patrick7
Sat Oct 03, 2015 11:10 pm
Forum: RouterBOARD hardware
Topic: More than 1Gbps internet on CCR1036-12G-4S
Replies: 7
Views: 1098

Re: More than 1Gbps internet on CCR1036-12G-4S

You could ask your provider for a second 1G port and do LACP (Link Aggregation)
by patrick7
Sat Oct 03, 2015 8:22 pm
Forum: General
Topic: Feature Request: Switch VLAN comments
Replies: 1
Views: 269

Re: Feature Request: Switch VLAN comments

+1. Plus please sort vlans by tag.
by patrick7
Sun Sep 27, 2015 2:37 am
Forum: General
Topic: High Availability GRE ?
Replies: 10
Views: 1911

Re: High Availability GRE ?

You could create a GRE tunnel from the WAN IP (not VRRP) on both routers, assign a transit network for each tunnel, and do BGP (or OSPF) over it.
by patrick7
Wed Sep 23, 2015 4:42 pm
Forum: Announcements
Topic: 6.32.2 released
Replies: 59
Views: 19964

Re: 6.32.2 released

I recommend 6.30.4 too
by patrick7
Mon Sep 21, 2015 1:46 pm
Forum: Announcements
Topic: 6.32.2 released
Replies: 59
Views: 19964

Re: 6.32.2 released

OK. I thought XX.YY is the current release and XX.YY.ZZ is bugfix.
by patrick7
Mon Sep 21, 2015 12:31 pm
Forum: Announcements
Topic: 6.32.2 released
Replies: 59
Views: 19964

Re: 6.32.2 released

So there are new features added in this version since 6.32?
by patrick7
Mon Sep 21, 2015 12:26 pm
Forum: Announcements
Topic: 6.32.2 released
Replies: 59
Views: 19964

Re: 6.32.2 released

Is that a bugfix release?
by patrick7
Mon Sep 21, 2015 12:25 pm
Forum: General
Topic: Cannot get port forwarding to work
Replies: 7
Views: 1137

Re: Cannot get port forwarding to work

Did you add a Filter rule to accept the traffic? Are you trying to access your public IP from your LAN? Then you need to configure Hairpin NAT.

Also make sure, your device has a default gateway.
by patrick7
Mon Sep 21, 2015 12:22 pm
Forum: General
Topic: My ISP is offering IPv6 through DHCP: how can I use it?
Replies: 8
Views: 1641

Re: My ISP is offering IPv6 through DHCP: how can I use it?

There are different ways:

- Assign /126 or /64 for transit, route subnet to the client's IP
- Route the subnet to the client's link local
- Assign a single IPv6 to the customer and route the subnet to this ip address
by patrick7
Mon Sep 14, 2015 9:30 pm
Forum: RouterBOARD hardware
Topic: CCR ethernet port failures?
Replies: 10
Views: 1816

Re: CCR ethernet port failures?

Had the same problem at the beginning. After plug it out from power complete, port came up with 1gbps and is running since then.
by patrick7
Thu Sep 03, 2015 7:36 pm
Forum: General
Topic: v6.33rc release candidate (final testing)
Replies: 203
Views: 37302

Re: v6.33rc1 release candidate

Usually in software development, there are 3 (or even more) different types of versions: Beta -> Unstable. New features are added in this phase RC -> Release Candidate. In this phase, no new features will be added. If testing is OK, it will be released Stable -> Released version Most of the past rel...
by patrick7
Wed Sep 02, 2015 8:01 pm
Forum: Announcements
Topic: v6.32 released [version temporarily removed]
Replies: 116
Views: 30009

Re: v6.32 released [version temporarily removed]

Unfortunately I cannot send Supout as I already downgraded. But I can give you my mangle rules: /ip firewall mangle add action=mark-connection chain=forward comment="Mark IPsec connections" \ ipsec-policy=out,ipsec new-connection-mark=ipsec add action=mark-connection chain=forward ipsec-policy=in,ip...
by patrick7
Tue Sep 01, 2015 11:39 pm
Forum: Announcements
Topic: v6.32 released [version temporarily removed]
Replies: 116
Views: 30009

Re: v6.32 released

I can confirm that with mangle rules.
by patrick7
Tue Sep 01, 2015 9:05 pm
Forum: Announcements
Topic: v6.32 released [version temporarily removed]
Replies: 116
Views: 30009

Re: v6.32 released

Upgraded from 6.31. If there is a lot of ipsec traffic, there is a kernel failure and the device reboots. Downgrade to 6.30.4 didn't help. A lot of traffic = 2x CCR1009-8G-1S-1S+ connected with 1Gbps, IPsec with AES256 / SHA512 + iperf over a time more than 10sec sep/01/2015 20:01:22 system,error,cr...
by patrick7
Fri Aug 28, 2015 9:36 pm
Forum: General
Topic: IPSec VPN through RB2011 isn't passing traffic through tunnel
Replies: 9
Views: 2315

Re: IPSec VPN through RB2011 isn't passing traffic through tunnel

The mangle rule is to exclude ipsec from FastTrack. You need the NAT-rule BEFORE any SRCNAT rules, because otherwise it will change the source address and the packet will not match any ipsec policy anymore.
by patrick7
Fri Aug 28, 2015 7:42 pm
Forum: General
Topic: IPSec VPN through RB2011 isn't passing traffic through tunnel
Replies: 9
Views: 2315

Re: IPSec VPN through RB2011 isn't passing traffic through tunnel

If you are using NAT, you have to add an "accept" rule in the NAT table. I also had problems with using IPsec + FastTrack on the same device. I exclude all IPsec related traffic vom FastTrack: /ip firewall mangle add action=mark-connection chain=forward comment="Mark IPsec connections" \ ipsec-polic...
by patrick7
Fri Aug 28, 2015 5:03 pm
Forum: General
Topic: IPSec VPN through RB2011 isn't passing traffic through tunnel
Replies: 9
Views: 2315

Re: IPSec VPN through RB2011 isn't passing traffic through tunnel

Did you exclude it from NAT and FastTrack?
by patrick7
Fri Aug 28, 2015 12:41 am
Forum: Forwarding Protocols
Topic: BGP Hold Time
Replies: 10
Views: 4556

Re: BGP Hold Time

Why limiting BGP? It uses some kbit/s. I think he hasn't enough bandwidth to the second upstream to send all traffic towards it.
by patrick7
Thu Aug 27, 2015 11:25 pm
Forum: Forwarding Protocols
Topic: BGP Hold Time
Replies: 10
Views: 4556

Re: BGP Hold Time

I would use a lower hold time even if your bandwidth on the backup link is not enough. Better use working routes with packetloss, than routes which are not working. You can use QoS to priorize important services.
by patrick7
Thu Aug 27, 2015 10:52 pm
Forum: Forwarding Protocols
Topic: BGP Hold Time
Replies: 10
Views: 4556

Re: BGP Hold Time

The lowest value will be used. If you use 10 hours, and your upstream 30 sec, it will take 30sec. If you are single-homed, you can increase this value. If you are multihomed, I would not recommend using high values. If one of the upstreams goes down, it will still use its routes (which are not worki...
by patrick7
Thu Aug 27, 2015 10:28 pm
Forum: Forwarding Protocols
Topic: BGP Hold Time
Replies: 10
Views: 4556

Re: BGP Hold Time

BGP sends keepalives every few seconds. If there is no keepalive for a specific time (hold time), the BGP connection will drop and all routes will be removed from the kernel routing table.

The hold time value is in seconds.
by patrick7
Fri Aug 21, 2015 10:09 pm
Forum: RouterBOARD hardware
Topic: CCR-1009-8G-1S-1S+PC: port's role understanding
Replies: 11
Views: 1336

Re: CCR-1009-8G-1S-1S+PC: port's role understanding

OK, so I understood the block diagram properly.
by patrick7
Fri Aug 21, 2015 8:38 pm
Forum: RouterBOARD hardware
Topic: CCR-1009-8G-1S-1S+PC: port's role understanding
Replies: 11
Views: 1336

Re: CCR-1009-8G-1S-1S+PC: port's role understanding

If the ports are excluded from the switch, are they connected with each 1Gbps to CPU?
by patrick7
Mon Aug 17, 2015 11:41 am
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 47662

Re: 6.31 released

@normis OK, I understand. But then you should propably consider renaming this menu. Commands like update, check-for-updates for downgrades is a little bit confusing :-)
by patrick7
Sat Aug 15, 2015 11:20 pm
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 47662

Re: 6.31 released

Just saw memory usage got bigger and bigger every minute - memory leak again? (had 87MB free RAM) (CCR1009-8G-1S-1S+). Anyone else?
by patrick7
Sat Aug 15, 2015 8:05 pm
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 47662

Re: 6.31 released

Neither Upgrade nor Update is Downgrade.
by patrick7
Sat Aug 15, 2015 5:45 pm
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 47662

Re: 6.31 released

We are talking about the upgrade menu. Not "Release Switch menu". If you are on 6.30, "Bugfix" should bring Updates to 6.30.1, 6.30.2, 6.30.3 If you are on 6.31, "Bugfix" should bring Updates to 6.31.1, 6.31.2, 6.31.3 Not downgrades. Even if you download the "downgrade" and reboot, it will not be in...
by patrick7
Sat Aug 15, 2015 4:35 pm
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 47662

Re: 6.31 released

If I set Update channel to Bugfix and execute /system package update download, it will download the latest Bugfix, instead of nothing. You are missing the point here. As was explained before , you should consider "Bugfix only" branch as stable. "Current" is where new features are added first, and (...
by patrick7
Fri Aug 14, 2015 9:52 pm
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 47662

Re: 6.31 released

Yes. It should show a message like "no update available", instead of showing / downloading a previous version.

Except of this, I didn't find any other problems.
by patrick7
Fri Aug 14, 2015 9:37 pm
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 47662

Re: 6.31 released

If I set Update channel to Bugfix and execute /system package update download, it will download the latest Bugfix, instead of nothing.
by patrick7
Thu Aug 13, 2015 7:01 pm
Forum: General
Topic: Default route unavailable on a /31 network
Replies: 2
Views: 1009

Re: Default route unavailable on a /31 network

You can use /31 if you divide the /31 to 2x /32:

/ip address add address=1.2.3.2/32 interface=ether1
/ip route add dst-address 1.2.3.3/32 gateway=ether1
by patrick7
Sun Aug 09, 2015 11:18 pm
Forum: General
Topic: fasttrack and ipsec
Replies: 6
Views: 2734

Re: fasttrack and ipsec

The NAT accept-rule does not permit traffic from/to IPsec. It is like an exception. If a packet leaves your WAN interface, it will be NATted usually. If the IPsec packet gets natted, the remote device will not find any policy for it. The NAT accept-rule means that the packet source address will not ...
by patrick7
Sun Aug 09, 2015 7:52 pm
Forum: General
Topic: fasttrack and ipsec
Replies: 6
Views: 2734

Re: fasttrack and ipsec

Looks good so far - are you sure VPN traffic is allowed in the firewall? (local and remote)
by patrick7
Sun Aug 09, 2015 2:59 pm
Forum: General
Topic: fasttrack and ipsec
Replies: 6
Views: 2734

Re: fasttrack and ipsec

Can you show VPN, Firewall, NAT config?
by patrick7
Mon Aug 03, 2015 10:06 pm
Forum: Scripting
Topic: 'grep' an output? [SOLVED]
Replies: 7
Views: 8647

Re: 'grep' an output? [SOLVED]

by patrick7
Sun Jul 19, 2015 3:15 pm
Forum: General
Topic: Mini USB cable for 2011UASRM, what type is it
Replies: 3
Views: 434

Re: Mini USB cable for 2011UASRM, what type is it

A such cable should be in the package content of RB2011.
by patrick7
Fri Jul 17, 2015 10:19 pm
Forum: General
Topic: 6.30 memleak?
Replies: 3
Views: 608

Re: 6.30 memleak?

Had the same. It was the CAcert I had imported - after deleting and a reboot it was fine again.
by patrick7
Fri Jul 17, 2015 1:56 pm
Forum: Announcements
Topic: v6.30.x bugfix release
Replies: 136
Views: 33690

Re: v6.30.1 bugfix release

I use several routers of MikroTik (one is about 418km from my home, in another country). I never had problems upgrading MikroTik devices.