Community discussions

MikroTik App

Search found 131 matches

by AlArenal
Thu Oct 16, 2014 10:11 pm
Forum: General
Topic: CRS documentation
Replies: 79
Views: 32303

Re: CRS documentation

does anyone has tested QinQ application using this CRS?
I'm rather interested if any CRS can tunnel VLANs in QinQ-VLANs at line-speed, including 10G for the SFP+ models.
by AlArenal
Mon Feb 10, 2014 4:49 pm
Forum: RouterBOARD hardware
Topic: IPsec RB for 20Mbps symmetric?
Replies: 2
Views: 1238

Re: IPsec RB for 20Mbps symmetric?

From what I have tested from home (50/2.5mbps cable) to office (100/100mbps) a RB2011 can handle the load without problems (depends a bit on the encryption used) if you keep your firewall setup rather simple and don't do too much other stuff with the box. It makes an easy and inexpensive solution th...
by AlArenal
Fri Jan 24, 2014 2:56 pm
Forum: RouterBOARD hardware
Topic: Metro Ethernet switches with 16 or 24 SFP ?
Replies: 4
Views: 2081

Re: Metro Ethernet switches with 16 or 24 SFP ?

For me is too important to have switch ( Layer 3 ) with 12-24 SFP/SFP+ ports. When my dream will come true? We have two D-Link DGS-3620-28SC, stackable with 24 GB SFPs (4 shared GB copper) and 4 SFP+ and extended image (EI). One we kept as spare part is for sale right now as we'll soon change our i...
by AlArenal
Fri Jan 10, 2014 11:26 am
Forum: RouterBOARD hardware
Topic: BGP full route
Replies: 10
Views: 3308

Re: BGP full route

Nothing against them, but their Performance is worst, even more worst as Mikrotik. And the Support never replied me after i wrote a complete Ticket with Pictures and lot of Informations. Good that i got my Money back for this crap. Are we talking about the new Edgerouter models here? I haven't had ...
by AlArenal
Thu Jan 09, 2014 11:37 am
Forum: RouterBOARD hardware
Topic: BGP full route
Replies: 10
Views: 3308

Re: BGP full route

If you're interested in Vyatta you may want to check out the new Ubiquiti EdgeMAX Edgerouter and Edgerouter Pro models which are running an extended version of Vyatta 6.3. We just preordered two today after I've been playing around with an Edgerouter LITE for a while. The preinstalled 2 GB RAM can a...
by AlArenal
Tue Nov 05, 2013 5:24 pm
Forum: General
Topic: CRS: What makes this device "cloud"?
Replies: 6
Views: 1660

Re: CRS: What makes this device "cloud"?

Hm.. what makes the Tilera chip in the CCR "cloud"?

This is what happens when the marketing department takes over...
by AlArenal
Sun Nov 03, 2013 7:54 pm
Forum: General
Topic: 6.5 released!
Replies: 185
Views: 74120

Re: 6.5 released!

EdgeOS right now has no MPLS support and the EdgeRouter / EdgeRouter PRO are yet to be released (but they're on schedule to be released this quarter). I'm also looking into it and / or running Vyatta Core on some own hardware.
by AlArenal
Wed Oct 30, 2013 2:08 pm
Forum: RouterBOARD hardware
Topic: SFP only router
Replies: 26
Views: 10782

Re: SFP only router

Sure, it depends for what exactly you need 10 GbE. If you really need to route between several 10 GbE a L2 switch won't do anything to you. But honestly, if I had to route such traffic, I'd rather use Vyatta Core ;-)
by AlArenal
Wed Oct 30, 2013 11:10 am
Forum: General
Topic: What happens to mikrotik with routeros?
Replies: 12
Views: 3052

Re: What happens to mikrotik with routeros?

Guys, you are not correct on this.

If you open RouterOS webfig, and change the IP address in the Quickset page (the default page that opens), it automatically changes the DHCP and Pool settings. And no reboots.
Yeah, but there're models without quickset! ;-)
by AlArenal
Wed Oct 30, 2013 11:03 am
Forum: RouterBOARD hardware
Topic: SFP only router
Replies: 26
Views: 10782

Re: SFP only router

Netgear just recently released a pretty cheap 10 GbE Switch-Line that starts with 8 copper ports 81 SFP+ combo) for about 750 Euro incl. VAT here in Germany (XS708E). A 12 port model named XS712T is available for about 1350 Euro and has 2 SFP+ combo ports. Of course it depends on your needs and arch...
by AlArenal
Wed Oct 30, 2013 12:31 am
Forum: General
Topic: What happens to mikrotik with routeros?
Replies: 12
Views: 3052

Re: What happens to mikrotik with routeros?

This is what happens under the hood and its what the interface of the $20 router hides from the user, who doesn't care about the inner workings and doesn't need to know. But you cannot have all the features of the world at your fingertips without the slightest clou about how they work. Making seemin...
by AlArenal
Tue Oct 29, 2013 10:52 pm
Forum: RouterBOARD hardware
Topic: SFP only router
Replies: 26
Views: 10782

Re: SFP only router

MT would need to base a model on the Tilera TILE-Gx72 chip in order to be able to deal with 8 x 10 GbE. That's the most a single Tilera chip can handle right now. But Tilera themselves pack up to 8 x36s into a single unit so theoretically we could see multi chip CCRs. But it would need adequate dema...
by AlArenal
Tue Oct 29, 2013 1:09 pm
Forum: RouterBOARD hardware
Topic: SFP only router
Replies: 26
Views: 10782

Re: SFP only router

Thanks, normis!

How much would you bet on it? ;-)
by AlArenal
Tue Oct 29, 2013 1:03 pm
Forum: RouterBOARD hardware
Topic: SFP only router
Replies: 26
Views: 10782

Re: SFP only router

No I haven't heard of it, yet. But as the product itself has no new technology / components and therefore needs no new drivers, etc. it should just be a matter of getting it built and shipped. I personally hope it's gonna be released by the end of this year. But again, there's been no official word ...
by AlArenal
Tue Oct 29, 2013 12:09 pm
Forum: RouterBOARD hardware
Topic: SFP only router
Replies: 26
Views: 10782

Re: SFP only router

CCR1016-12S-1S+ has already been announced on MUM St. Louis. See: http://www.mikrotik.com/download/share/us13.pdf
by AlArenal
Fri Oct 25, 2013 12:05 am
Forum: RouterBOARD hardware
Topic: Cloud Router Switch
Replies: 4
Views: 1889

Re: Cloud Router Switch

They announced that already. We are waiting for it with bated breath.

12 SFP and 2 SFP+ ports

CCR 1036 type
Are you sure? I'm only aware of the CCR1016-12S-1S+
by AlArenal
Tue Oct 22, 2013 1:21 am
Forum: RouterBOARD hardware
Topic: SFP/Copper GE costs question
Replies: 15
Views: 4198

Re: SFP/Copper GE costs question

I'm not sure about the 'or' part. I'd need to mail Tilera and ask. I'm sure that you wouldn't be able to get wirespeed on both 1G and 10G ports on the same output, but I don't see any reason that you couldn't use both of them. I personally doubt, that any high percentage of users will be capping th...
by AlArenal
Tue Oct 22, 2013 1:01 am
Forum: RouterBOARD hardware
Topic: SFP/Copper GE costs question
Replies: 15
Views: 4198

Re: SFP/Copper GE costs question

1036 could have 4 SFP+ and 16 SFP for one Nope. It could have 16 x 1 GbE or 4 x 10 GbE or one of these mixes: 12/1, 8/2, 4/3 And that's exactly what we have. We have an 8/2 model and a 12/1 model. I for one have next to no use for non-optical interfaces :) So we're gonna hear a big Hooray! from you...
by AlArenal
Mon Oct 21, 2013 10:55 pm
Forum: RouterBOARD hardware
Topic: SFP/Copper GE costs question
Replies: 15
Views: 4198

Re: SFP/Copper GE costs question

Ports are predefined on Tilera's chipset, it's just a matter of wiring them out. Actually I'm quite surprised Mikrotik didn't wire out every possible port out, so maybe it's not as cheap as I hope it is :( Looking at Tilera's datasheets the CCR1016-12G is the only model (available or announced) tha...
by AlArenal
Mon Oct 21, 2013 9:00 pm
Forum: RouterBOARD hardware
Topic: Hardware for 100Mbps IPSec throughput and wireless
Replies: 7
Views: 6252

Re: Hardware for 100Mbps IPSec throughput and wireless

Thanks for sharing your results! Pretty impressive indeed.. There's really a lot you can't do right now from the UI but I'm fine with that. Downloaded the Vyatta 6.3 documentation and got along pretty well. I especially like the configuration management and by now haven't found anything that didn't ...
by AlArenal
Mon Oct 21, 2013 7:45 pm
Forum: RouterBOARD hardware
Topic: SFP/Copper GE costs question
Replies: 15
Views: 4198

Re: SFP/Copper GE costs question

I'd rather see base models with some ports and additional expansion slots: 1009: 4 GE + 2 X-Ports 1016: 4 GE + 4 SFP + 1 SFP+ + 1 X-Port 1036: 4 X-Ports, one populated with 4 GE Card Each port can hold a card with either 4 GBe, 4 SFP or 1 SFP+. But of course we're a bit late with these suggestions ;-)
by AlArenal
Mon Oct 21, 2013 6:04 pm
Forum: RouterBOARD hardware
Topic: Hardware for 100Mbps IPSec throughput and wireless
Replies: 7
Views: 6252

Re: Hardware for 100Mbps IPSec throughput and wireless

Not sure if the CCR series is even in the race here as currently the hardware acceleration for encryption is not used in ROS. So RB1x00 seem to be pretty much the only option at the moment. I'm currently testing a Ubiquiti EdgeRouter Lite (around 90 Euros here in Germany incl. VAT) which is a dual c...
by AlArenal
Thu Oct 17, 2013 4:29 pm
Forum: General
Topic: 6.5 released!
Replies: 185
Views: 74120

Re: 6.5 released!

Remotely upgraded my RB751G at home (I'm at work). After reboot it reconnected the ipsec tunnel for a few seconds, then it was gone and has been ever since. Gonna have a look at it when I get home.
by AlArenal
Wed Oct 16, 2013 12:13 pm
Forum: Beginner Basics
Topic: MikroTik News October 2013 (Issue #51)
Replies: 14
Views: 6789

Re: MikroTik News October 2013 (Issue #51)

I'd rather see the 1009 available. I always had issues with this kind of marketing and really like how Apple and Blizzard are handling things. Apple announces stuff and a week later you can place your order. Blizzard releases on a "it's done when it's done" policy. Others tell you about their latest...
by AlArenal
Wed Oct 16, 2013 10:23 am
Forum: Beginner Basics
Topic: Router Configuration
Replies: 5
Views: 1476

Re: Router Configuration

When the other IPs are working but the utside world only gets to see your .146 it can only mean you're doing NAT for your other IPs. So check your configuration for NAT entries.
by AlArenal
Tue Oct 15, 2013 12:54 pm
Forum: General
Topic: Bonding and clients
Replies: 2
Views: 766

Re: Bonding and clients

Depending on the used aggregation mode (you didn't mention what you use) this is normal beheaviour. Have a look at MT's documentation: http://wiki.mikrotik.com/wiki/Manual:Interface/Bonding You'll mostly find LACP (IEEE 802.3ad) out in the wild because it's an official standard and it's widely suppo...
by AlArenal
Mon Oct 14, 2013 5:22 pm
Forum: RouterBOARD hardware
Topic: Recommended setup for VPN (hardware)
Replies: 3
Views: 1630

Re: Recommended setup for VPN (hardware)

P.S.: I'm still using an elder version of the Airport Express. Probably / maybe the current model doesn't have that issue anymore. I may switch to using the current one, which handles 2.4 and 5 GHz simultaneaously and an Ubiquiti EdgeRouter Lite (just arrived today) or a Mikrotik RB2011UAS-IN (got t...
by AlArenal
Mon Oct 14, 2013 10:34 am
Forum: RouterBOARD hardware
Topic: Recommended setup for VPN (hardware)
Replies: 3
Views: 1630

Re: Recommended setup for VPN (hardware)

I still use the RB751G-2HnD at home for wireless and VPN and have not discovered any problem with WiFi ever since. I usually run the latest firmware and use an additional Airport Express for 5 GHz / 802.11n. Interestingly I find my Routerboard is more stable (never had issues with it) than my Airpor...
by AlArenal
Wed Oct 09, 2013 8:27 pm
Forum: Beginner Basics
Topic: MikroTik News October 2013 (Issue #51)
Replies: 14
Views: 6789

Re: MikroTik News October 2013 (Issue #51)

Antique console ports on the top product line while low budget products have RJ45. I don't get it.
by AlArenal
Tue Oct 08, 2013 10:46 am
Forum: General
Topic: DDoS attack?
Replies: 16
Views: 5462

Re: DDoS attack?

If your device has no DNS service running and therefore there is nothing answering on port 53, you don't need such a rule.

And it's FROM the outside, not TO. Of course you need to be able to make DNS request to the outside, otherwise you won't be able to resolve domain names to IP addresses.
by AlArenal
Mon Oct 07, 2013 9:11 pm
Forum: General
Topic: DDoS attack?
Replies: 16
Views: 5462

Re: DDoS attack?

/ip dns set allow-remote-requests=no
Yep, that's the third option but I remember having seen that this setting leads to unavailable dns cache even from the internal network. But maybe that was a bug, misconfiguration or my memory fools me (probably the latter)...
by AlArenal
Mon Oct 07, 2013 9:09 pm
Forum: General
Topic: DDoS attack?
Replies: 16
Views: 5462

Re: DDoS attack?

Is your routerboard's dns publicly available (port 53 tcp and udp)?

You usually don't need the rb's dns cache. You can disable it if you use your ISPs dns server in your client's network configuration ro you can make it unavailable from wan side with an appropriate firewall rule.
by AlArenal
Mon Oct 07, 2013 10:26 am
Forum: General
Topic: Policy-based routing and simple queue issues!!!
Replies: 7
Views: 2862

Re: Policy-based routing and simple queue issues!!!

Hi mauricioisp,

please be aware that this is a user forum. Answers from MT staff are not guarenteed - and I suppose they don't work on Sundays either ;-)

Have you made a support file and sent it alsong with an issue description to support@mikrotik.com?
by AlArenal
Fri Oct 04, 2013 12:32 am
Forum: RouterBOARD hardware
Topic: long distances SFP module
Replies: 5
Views: 1872

Re: long distances SFP module

I hope you meant 'thread', not 'threat', even when 'post' would have been the correct choice. Otherwise we'd better get us some bodyguards. The point is, nothing was mentioned. You just started to make things up out of the blue. And don't go on that paranoia train. Surely noone wants to follow you o...
by AlArenal
Thu Oct 03, 2013 2:53 pm
Forum: RouterBOARD hardware
Topic: long distances SFP module
Replies: 5
Views: 1872

Re: long distances SFP module

@kreacher:

Ever tried to rent a (dark) fiber trunk and tried to make a business using LACP with four fibers where only the capacity of one is needed!!!???
by AlArenal
Wed Oct 02, 2013 5:52 pm
Forum: RouterBOARD hardware
Topic: CCR 1009
Replies: 102
Views: 26646

Re: CCR 1009

For an ISP it doesn't make much sense to use a core router for switching. You rather keep the task for each device as specific as possible and use systems for what they're best at. The more tasks you offload on a single device the more probable side effects become and of course they make bug trackin...
by AlArenal
Wed Oct 02, 2013 5:44 pm
Forum: RouterBOARD hardware
Topic: CCR 1036 CAM table size
Replies: 8
Views: 2825

Re: CCR 1036 CAM table size

Kingston (of course) has them.
by AlArenal
Wed Oct 02, 2013 5:43 pm
Forum: Forwarding Protocols
Topic: CCR 1036 BGP fail to load full table
Replies: 11
Views: 4098

Re: CCR 1036 BGP fail to load full table

I´ll see what is going on if the ROS version for the Tilera platform is ready and done, final without bugs and issues!
As a software developer I can assure you there is no such thing as a bug / issue free software.
by AlArenal
Wed Oct 02, 2013 11:00 am
Forum: RouterBOARD hardware
Topic: CCR 1036 CAM table size
Replies: 8
Views: 2825

Re: CCR 1036 CAM table size

16GB is not the maximum on CCR.
by AlArenal
Wed Oct 02, 2013 10:57 am
Forum: RouterBOARD hardware
Topic: CCR 1009
Replies: 102
Views: 26646

Re: CCR 1009

@ofca:

What would you do with that many ports on a router!?
by AlArenal
Wed Oct 02, 2013 10:52 am
Forum: Forwarding Protocols
Topic: CCR 1036 BGP fail to load full table
Replies: 11
Views: 4098

Re: CCR 1036 BGP fail to load full table

@Kreacher:

Lots of other CCRs run several full feeds without a problem, so what we see is here os not a general ROS problem but rather must have something to do with specific configuration parameters or network issues between the involved devices.
by AlArenal
Tue Oct 01, 2013 11:41 am
Forum: RouterBOARD hardware
Topic: RB2011LS - with SFP transceiver (RJ45)
Replies: 11
Views: 3680

Re: RB2011LS - with SFP transceiver (RJ45)

Hi janisk,

thanks for clarifying!

Is this something that could be changed in software (RouterOS) by tweaking the driver?
How about the CCR's SFP-Ports - same behaviour as in the other routerboards (GB only)? (Can't look at the specs because routerboard.com is currently in maintenance mode)
by AlArenal
Mon Sep 30, 2013 4:07 pm
Forum: RouterBOARD hardware
Topic: CCR 1009
Replies: 102
Views: 26646

Re: CCR 1009

So it's pretty much the more powerful / more flexible successor to the 1100 series.
Looks good to me! I had hoped for 4 GB RAM, but of course MT has to take care not to cannibalize its own market for the higher grade models.
by AlArenal
Fri Sep 27, 2013 4:24 pm
Forum: RouterBOARD hardware
Topic: CCR 1009
Replies: 102
Views: 26646

Re: CCR 1009

Why should it be more expensive with less power!? Is your car getting cheaper when you buy it with a bigger engine?
by AlArenal
Fri Sep 27, 2013 4:21 pm
Forum: General
Topic: ISP setup
Replies: 1
Views: 726

Re: ISP setup

It may depend on where you are. Here in Germany ISPs have pools of public addresses and dynamically distribute them via PPoE, etc. The only private addresses I came to see are used by ISPs as transfer nets. We ourselves only serve business customers and therefore provide small subnets like /30, /29,...
by AlArenal
Thu Sep 26, 2013 11:39 pm
Forum: RouterBOARD hardware
Topic: Dear Mikrotic Manufacturer: Waiting 802.11ac product
Replies: 8
Views: 3451

Re: Dear Mikrotic Manufacturer: Waiting 802.11ac product

If MT decides not to work on a driver (because they're busy doing other stuff) it doesn't matter what chip is on your unsupported card.
by AlArenal
Thu Sep 26, 2013 11:34 pm
Forum: RouterBOARD hardware
Topic: new switch hardware request
Replies: 4
Views: 1722

Re: new switch hardware request

I think it's a better idea to just go out there and buy a switch. There's plenty on the market in all kinds of configurations and price ranges. I don't think it's a good idea for MT to compete in these markets. I don't need MT everywhere. I need solutions that work and don't mind who delivers. I'd r...
by AlArenal
Thu Sep 26, 2013 10:57 am
Forum: General
Topic: IPS support on RouterOS?
Replies: 3
Views: 2550

Re: IPS support on RouterOS?

It may also be too much to handle for the PCI bus ;-)
by AlArenal
Wed Sep 25, 2013 5:05 pm
Forum: General
Topic: New Packet flow diagram
Replies: 103
Views: 76971

Re: New Packet flow diagram

Great, thx alot!

P.S.:
This would should go into the wiki ;-)
by AlArenal
Tue Sep 24, 2013 7:33 pm
Forum: RouterBOARD hardware
Topic: New products
Replies: 5
Views: 1775

Re: New products

CCR1036-8G-2S+ is expected to arrive in Germany in 2 to 3 weeks according to our distributor. But most devices are pre-ordered already ;-)
by AlArenal
Tue Sep 24, 2013 9:51 am
Forum: General
Topic: Please update "supported hardware" in wiki
Replies: 13
Views: 2972

Re: Please update "supported hardware" in wiki

@normis That's good news, but this also seems to be a well kept secret. Would you mind sharing how to contact MT and what requirements we have to meet to get access? And shouldn't this information be shared on the wiki, too? I'd gladly had added some supported SFPs / some configuration examples if o...
by AlArenal
Mon Sep 23, 2013 1:12 pm
Forum: RouterBOARD hardware
Topic: Which rb for ipsec 20/10Mbps?
Replies: 8
Views: 2018

Re: Which rb for ipsec 20/10Mbps?

I should not say it over here.. but the Ubiquiti Edgerouter Lite has hardware encryption (well beyond 100 mbit/s) for about 100 euro.
Interesting. I'm gonna buy one and compare it to my 2011UAS, 751G, ...

Sadly Ubiquiti doesn't have their rackmount models ready and no date for release set.
by AlArenal
Fri Sep 20, 2013 11:33 am
Forum: General
Topic: MUM Live video from St. Louis starting now!
Replies: 52
Views: 19040

Re: MUM Live video from St. Louis starting now!

my guess is - Atheros had this in works when Qualcomm acquired them. For us - nickname just stuck.
Good idea! I just hope for them they didn't pay $3.3bn just fro some naming rights ;-)
by AlArenal
Fri Sep 20, 2013 10:44 am
Forum: General
Topic: MUM Live video from St. Louis starting now!
Replies: 52
Views: 19040

Re: MUM Live video from St. Louis starting now!

So the new RB953 is ARM based.

Nice move.
it is MIPSbe
Then it's either not Scorpion-based or QA chose to use the nickname again for another (Not yet official?) architecture - which would mark the first time (afaik) that a vendor does so.
by AlArenal
Fri Sep 20, 2013 12:02 am
Forum: General
Topic: MUM Live video from St. Louis starting now!
Replies: 52
Views: 19040

Re: MUM Live video from St. Louis starting now!

Normis - What means "New Atheros “Scorpion” CPU" It is mipsbe, powerPC, or? How many Mhz? Atheros is in fact Qualcomm Atheros, after Qualcomm bought Atheros a couple of years ago. And Qualcomm's first Snapdragon processor was dubbed Scorpion. It was based on the ARMv7 instruction set and similar in...
by AlArenal
Wed Sep 18, 2013 4:48 pm
Forum: General
Topic: Please update "supported hardware" in wiki
Replies: 13
Views: 2972

Re: Please update "supported hardware" in wiki

Just to let you know, the list is updated by users, so you could update it too, if you tested the mentioned devices If only I knew how to register for the wiki. I tried to find out but whithout success. Others in this forum tried, too, requested support and got told the feature is disabled and only...
by AlArenal
Wed Sep 18, 2013 12:01 pm
Forum: General
Topic: NSA and routeros
Replies: 27
Views: 7161

Re: NSA and routeros

At the end of the day, if your are not doing anything illegal you have nothing to worry about.
For which intelligence agency are you working for? ;-)
by AlArenal
Tue Sep 17, 2013 4:44 pm
Forum: General
Topic: NSA and routeros
Replies: 27
Views: 7161

Re: NSA and routeros

Maybe the Tilera CPU has some Backdoors?
Yeah, it probably has integrated 40G wireless connection going directly to the NSA, so it can mirror each and every bit.

A backdoor isn't of much use if you don't get close enough to pull the handle.
by AlArenal
Mon Sep 16, 2013 1:41 pm
Forum: RouterBOARD hardware
Topic: CCR1016-12G bgp edge router
Replies: 7
Views: 3294

Re: CCR1016-12G bgp edge router

And it should be noted, that it's still recommended to turn SNMP off when using BGP. This will hopefully change soon, too.
by AlArenal
Fri Sep 13, 2013 2:06 pm
Forum: RouterBOARD hardware
Topic: RB2011LS - with SFP transceiver (RJ45)
Replies: 11
Views: 3680

Re: RB2011LS - with SFP transceiver (RJ45)

there are different kinds of these SFP-RJ45 modules, there are some that do support 10/100/1000 Mbps and other just work in 1000Mbps. Should check specification of the module itself.
Why do SFP-RJ45s work with 100Mbps but 100 / 155 Mbps Fiber-SFPs don't work per se!?
by AlArenal
Thu Sep 12, 2013 12:35 pm
Forum: RouterBOARD hardware
Topic: RB2011LS - with SFP transceiver (RJ45)
Replies: 11
Views: 3680

Re: RB2011LS - with SFP transceiver (RJ45)

If possible it should be enough just to reduce the speed on the other side by setting its interface speed to 100 or 10 (most switches or other MT devices could do that). If auto negotiation with the SFP works, it will adapt automatically.
by AlArenal
Thu Sep 12, 2013 11:54 am
Forum: RouterBOARD hardware
Topic: RB2011LS - with SFP transceiver (RJ45)
Replies: 11
Views: 3680

Re: RB2011LS - with SFP transceiver (RJ45)

The user internface doesn't say the SFP is unsupported, it says that auto negotiation is unsupported. Have you tested auto negotiation by using 100 and 10 MBps equipment on the other side?
by AlArenal
Tue Sep 10, 2013 12:41 am
Forum: General
Topic: Mikrotik Open Ports with nmap
Replies: 10
Views: 4958

Re: Mikrotik Open Ports with nmap

Hey Toby, you say you did configure your firewall, so I assume you know how it works and what it's for. That also menas you know what to do under this circumstances, right? As an admin it's always on you to secure your network. You should never assume that a device secures itself magically. You're t...
by AlArenal
Fri Sep 06, 2013 2:35 pm
Forum: RouterBOARD hardware
Topic: 100FX SFP working on RB2011UAS w/ ROS 6.3 !!
Replies: 5
Views: 3639

Re: 100FX SFP working on RB2011UAS w/ ROS 6.3 !!

Maybe I don't see the forest for the trees. Maybe I'm going crazy. Working setup: RB2011UAS-RM (6.3) + Digitus DL-81104 <-fiber-> RB2011UAS-IN (6.3) + Digitus DL-81103 I can do bandwidth test, ping the other side, etc. Not working setups: RB2011UAS-RM (6.3) + Digitus DL-81104 <-fiber-> RB2011UAS-IN ...
by AlArenal
Fri Sep 06, 2013 10:29 am
Forum: Beginner Basics
Topic: Which hardware for bandwidth control
Replies: 5
Views: 1474

Re: Which hardware for bandwidth control

i just want to place a layer 3 switch between the internet router and the LAN on every site of the company. i don't want a router because we are having a complicate network .. so a switch will be a easy solution without changing default gateway and routing. A layer 3 switch is a switch with routing...
by AlArenal
Thu Sep 05, 2013 5:50 pm
Forum: RouterBOARD hardware
Topic: 100FX SFP working on RB2011UAS w/ ROS 6.3 !!
Replies: 5
Views: 3639

Re: 100FX SFP working on RB2011UAS w/ ROS 6.3 !!

Interestingly the LevelOne SFP-7321 (specs as Digitus DN-81103) is not working.
by AlArenal
Thu Sep 05, 2013 4:14 pm
Forum: RouterBOARD hardware
Topic: RB2011LS-IN + cisco module
Replies: 25
Views: 14259

Re: RB2011LS-IN + cisco module

Seems to work now. I'm still in disbelief... http://forum.mikrotik.com/viewtopic.php?f=3&t=76420
by AlArenal
Thu Sep 05, 2013 4:13 pm
Forum: RouterBOARD hardware
Topic: RB2011/CCR and 100Mbps SFP transceivers
Replies: 5
Views: 3146

Re: RB2011/CCR and 100Mbps SFP transceivers

I don't know why, but now it works (for me). See: http://forum.mikrotik.com/viewtopic.php?f=3&t=76420
by AlArenal
Thu Sep 05, 2013 4:10 pm
Forum: RouterBOARD hardware
Topic: 100FX SFP working on RB2011UAS w/ ROS 6.3 !!
Replies: 5
Views: 3639

100FX SFP working on RB2011UAS w/ ROS 6.3 !!

I don't know why but I did another test after upgrading two RB2011UAS to 6.3 using two 100FX SFPs (Digitus DN-81103 and DN-81104, LC, single fiber, 1310/1550nm) and crossconnected them. I had to disable auto-negotiation and manually set the port-speed to 100Mbps. I configured a test-network on both ...
by AlArenal
Thu Sep 05, 2013 3:06 pm
Forum: RouterBOARD hardware
Topic: RB2011 freeze
Replies: 49
Views: 15850

Re: RB2011 freeze

Also I couldn't get RB2011L to get past 310mbit/s throughput on giga ports. CPU 100%. Last tested on 6.2. Keep in mind a cable has two ends so there's always two devices involved. I can attest to your figures judging from a simple test RB2011UAS <-> RB2011UAS using ROS 6.3 traffic server and client...
by AlArenal
Thu Sep 05, 2013 12:07 am
Forum: Beginner Basics
Topic: Logon with TV into hotspot - experiences
Replies: 8
Views: 2450

Re: Logon with TV into hotspot - experiences

Why wouldn't it? It's just like any other device connecting to a WLAN. TV makers don't have secret protocols for their even more secret own access points - because they don't build and sell access points ;-)

You don't ask yourself if your client's new notebook or iPad can connect to a WLAN, do you?
by AlArenal
Wed Sep 04, 2013 7:53 pm
Forum: Beginner Basics
Topic: Logon with TV into hotspot - experiences
Replies: 8
Views: 2450

Re: Logon with TV into hotspot - experiences

Both devices would not be of much use if the wouldn't comply with current standards. So no, you don't have to prepare for the worst ;-)
by AlArenal
Wed Sep 04, 2013 2:47 pm
Forum: Beginner Basics
Topic: Select specific WAN IP from routed Public IP range to use
Replies: 8
Views: 1613

Re: Select specific WAN IP from routed Public IP range to us

So you mean your local machine has an internal IP only?

In that case NAT is your friend :)
by AlArenal
Wed Sep 04, 2013 2:01 pm
Forum: Beginner Basics
Topic: Select specific WAN IP from routed Public IP range to use
Replies: 8
Views: 1613

Re: Select specific WAN IP from routed Public IP range to us

You configure it to do so. I assume you know how to configure you network connection on Windows, Linux or whatever system / device you are using.
by AlArenal
Wed Sep 04, 2013 1:24 pm
Forum: Beginner Basics
Topic: Select specific WAN IP from routed Public IP range to use
Replies: 8
Views: 1613

Re: Select specific WAN IP from routed Public IP range to us

You configure your routerboard's ether2 interface as 1.1.2.1/29 and your computers with 1.1.2.2/29 - 1.1.2.6/29 (netmask is 255.255.255.248) using 1.1.2.1 as gateway and 1.1.2.7 as broadcast ip.
by AlArenal
Wed Sep 04, 2013 1:06 pm
Forum: Beginner Basics
Topic: Select specific WAN IP from routed Public IP range to use
Replies: 8
Views: 1613

Re: Select specific WAN IP from routed Public IP range to us

You could configure DHCP server on your ROS device and use DHCP on your local machines. You can also make your DHCP leases static so your machines will always receive the same IP.
by AlArenal
Mon Sep 02, 2013 1:53 pm
Forum: RouterBOARD hardware
Topic: What model of RouterBOARD
Replies: 4
Views: 1169

Re: What model of RouterBOARD

by AlArenal
Sun Sep 01, 2013 12:50 am
Forum: General
Topic: DNS name for MT router
Replies: 10
Views: 3506

Re: DNS name for MT router

Is there not a way that specific router tells its name to that program performing the quiery? No, because that is not how traceroute works. It prints out the found IP addresses and if it can find a reverse DNS entry for such an IP it will show you the associated FQDN. So all you need to do is make ...
by AlArenal
Sat Aug 31, 2013 4:25 pm
Forum: General
Topic: Mikrotik Wiki Registration
Replies: 4
Views: 888

Re: Mikrotik Wiki Registration

Oh my.. then they should at least alter the text!

So instead of having it all in one place we're once more forced to put it all together by our beloved search engines and share our stuff on our own pages.

Thanks for the info, efaden!
by AlArenal
Sat Aug 31, 2013 4:16 pm
Forum: General
Topic: DNS name for MT router
Replies: 10
Views: 3506

Re: DNS name for MT router

You need reverse DNS entries in the DNS system(s) available to the device from which you are tracing. Bind is the DNS server for unix-like systems and has been around forever.
by AlArenal
Sat Aug 31, 2013 4:13 pm
Forum: General
Topic: Mikrotik Wiki Registration
Replies: 4
Views: 888

Re: Mikrotik Wiki Registration

This is a place where users of MikroTik solutions share information, examples, howtos and ideas with each other. This is a user editable how-to page, anyone can contribute! If you have some firewall rules or scripts to share, simply register and add to the list. This is not the official Mikrotik Ma...
by AlArenal
Sat Aug 31, 2013 3:38 pm
Forum: General
Topic: Mikrotik Wiki Registration
Replies: 4
Views: 888

Mikrotik Wiki Registration

Hi there!

I can't seem to find a registration page to become a MT wiki user anywhere in the wiki. May someone please point me in the right direction?

Thanks,
Alex
by AlArenal
Fri Aug 30, 2013 4:59 pm
Forum: General
Topic: vlan-id, vlan-priority, new-vlan-id not supported
Replies: 2
Views: 1050

Re: vlan-id, vlan-priority, new-vlan-id not supported

Every single one, because RouterOS implements 802.1q
by AlArenal
Thu Aug 29, 2013 6:19 pm
Forum: General
Topic: Features I would like to see implemented
Replies: 2
Views: 865

Re: Features I would like to see implemented

If MK is struggling I don't see why not go do a Kickstarter or whatever to fund some of this stuff that we would like to see. Another way some manufacturers work is extending e.g. their forums / websites with tools for logged in users to be able to add feature requests and vote upon them. By this w...
by AlArenal
Thu Aug 29, 2013 12:31 pm
Forum: RouterBOARD hardware
Topic: Media converter for S-3553LC20D modules
Replies: 2
Views: 1067

Re: Media converter for S-3553LC20D modules

LevelOne GVS-3800 works with pretty much every 1.25Gbps SFP you throw at it, just as the FVS-3800 does with 155Mbps SFPs.
by AlArenal
Thu Aug 29, 2013 10:37 am
Forum: General
Topic: Building secure firewall
Replies: 7
Views: 5513

Re: Building secure firewall

Maybe better accept access for ssh or icmp or another services from trusted network? That's an example why I said we can't judge because we don't know the requirements. Is the box always administered locally via console port he won't need ssh and telnet. Otherwise he's pretty much locking himself o...
by AlArenal
Thu Aug 29, 2013 10:12 am
Forum: General
Topic: Building secure firewall
Replies: 7
Views: 5513

Re: Building secure firewall

Security isn't an absolute thing - as long as you don't power off every network device and computer. "Secure enough" depends solely on your specific requirements - which we cannot know. You may have to rethink your ruleset at least when the first user complains about something not working right. And...
by AlArenal
Thu Aug 29, 2013 12:19 am
Forum: General
Topic: v6.2 released
Replies: 247
Views: 95580

Re: v6.2 released

Ah great!

The only thing I don't get is why this is not called RC2 as it is clearly a new iteration.
by AlArenal
Wed Aug 28, 2013 11:43 am
Forum: RouterBOARD hardware
Topic: SFP module
Replies: 101
Views: 63180

Re: SFP module

No, it's the specs of SFPs / SFP features that are most important for us, just like the quote I did states ;-) Currently there seems to be no way to get 155Mbps SFPs to work an any MT device. The link may go up, but you never get a connection established. And there also is no roadmap, no statement h...
by AlArenal
Wed Aug 28, 2013 11:40 am
Forum: General
Topic: v6.2 released
Replies: 247
Views: 95580

Re: v6.2 released

@ widarta

You should post it in one (!) thread where it belongs or - if there is no suitable existing thread - open a new one in a suitable sub-forum. Your post has nothing to do with Mikrotik news or RouterOS 6.2 ;-)
by AlArenal
Wed Aug 28, 2013 11:08 am
Forum: RouterBOARD hardware
Topic: SFP module
Replies: 101
Views: 63180

Re: SFP module

Which SFP module features would be most important for you? For our clients: Digitus DN-81103 http://datasheet.digitus.info/en/4016032305705.html 155 Mbps TX 1310 nm RX 1550 nm 20 km 3,3V Transmission Power: Minimum -15 dBm, Maximum -8 dBm Sensitivity Receiving Power: Minimum -32 dBm And for us (in ...
by AlArenal
Tue Aug 27, 2013 7:19 pm
Forum: General
Topic: The quickest Support reaction I've ever seen
Replies: 7
Views: 1512

Re: The quickest Support reaction I've ever seen

guys, you can't scary me - I have an open ticket from 2008, Sep, 29th. those are just extremes :)
They should think about using this quote on their website. This kind of success story will skyrocket their sales. ;-)
by AlArenal
Tue Aug 27, 2013 5:34 pm
Forum: General
Topic: The quickest Support reaction I've ever seen
Replies: 7
Views: 1512

Re: The quickest Support reaction I've ever seen

17 days for a question and additional info on (future) support for 100FX SFPs.
by AlArenal
Mon Aug 26, 2013 3:21 pm
Forum: RouterBOARD hardware
Topic: RB2011/CCR and 100Mbps SFP transceivers
Replies: 5
Views: 3146

Re: RB2011/CCR and 100Mbps SFP transceivers

As far as threads in this forum, the official wiki, etc. go, there has never been a 100FX-SFP reported working in any available Mikrotik device. I was also hoping the RB2011UAS would do 100FX, to replace our current fiber CPEs, but they don't. By further research on the web I learned that indeed qui...
by AlArenal
Sun Aug 25, 2013 6:21 pm
Forum: General
Topic: Bug in 6.3rc1 webfig with IP > Addresses > Interface
Replies: 3
Views: 2142

Re: Bug in 6.3rc1 webfig with IP > Addresses > Interface

hi, can you tell me where I can get the v6.3rc1? appreciated, and I'm having serious problems with v6.x
http://www.mikrotik.com/download/share/ ... 6.3rc1.npk
by AlArenal
Fri Aug 23, 2013 12:05 pm
Forum: General
Topic: Port Mirroring
Replies: 6
Views: 38317

Re: Port Mirroring

Though this thread is rather old I stumbled upon it a couple of times. Therefore I'd like to reply anyway. ;) Mirroring of multiple ports to a single destination port still (as of ROS 6.3rc1) does not seem to be supported. But take your initial question and situation and you see it would not make se...
by AlArenal
Thu Aug 22, 2013 12:04 pm
Forum: General
Topic: Maximum number of PPPoE Connections for CCR
Replies: 14
Views: 7143

Re: Maximum number of PPPoE Connections for CCR

But doush has apoint here, normis. You have a product lineup with different hardware. We understand from the hardware specs that an RB1100 has less performance than a CCR1016. And a CCR1016 has less peak performance than a CCR1036. But on what basis are customers supposed to decide which hardware to...
by AlArenal
Thu Aug 22, 2013 10:25 am
Forum: Forwarding Protocols
Topic: QinQ MTU
Replies: 11
Views: 9715

Re: QinQ MTU

It's up to you to use it or not. Technically it doesn't really make difference in your setup if you use double tagged dot1q or s-vlans. I'm not sure about how regular layer 2 switches handle dot1ad packets but I assume that they should handle the outer tag of a double tagged dot1q just fine - as lon...
by AlArenal
Wed Aug 21, 2013 10:13 pm
Forum: Forwarding Protocols
Topic: QinQ MTU
Replies: 11
Views: 9715

Re: QinQ MTU

Common advice is to increase the MTU from 1500 to 1504 bytes. But I'm not sure if on ROS it's the L2MTU you'd be looking at instead. I'm gonna do some fragmentation tests tomorrow and see what I can find. The service tag is usually used on the outside and sets the packets' TPID to 0x88a8, signalling...
by AlArenal
Wed Aug 21, 2013 8:46 pm
Forum: General
Topic: Maximum number of PPPoE Connections for CCR
Replies: 14
Views: 7143

Re: Maximum number of PPPoE Connections for CCR

I have to admit, a feature matrix would indeed be cool. Something like this: http://www.juniper.net/us/en/local/pdf/ ... 281-en.pdf
by AlArenal
Wed Aug 21, 2013 5:22 pm
Forum: General
Topic: Maximum number of PPPoE Connections for CCR
Replies: 14
Views: 7143

Re: Maximum number of PPPoE Connections for CCR

My answer to your question would be: It depends :-) It's a complex system, that gets even more complicated with every additional configuration parameter. No installation is the same and every little thing has some impact. So realistically I don't think there is a definitive answer besides posting so...
by AlArenal
Wed Aug 21, 2013 5:00 pm
Forum: General
Topic: Maximum number of PPPoE Connections for CCR
Replies: 14
Views: 7143

Re: Maximum number of PPPoE Connections for CCR

Ok just to get an answer quickly from Mikrotik Team
Wouldn't it make more sense to open a ticket!?
by AlArenal
Wed Aug 21, 2013 2:51 pm
Forum: RouterBOARD hardware
Topic: x86 CPU + RouterOS
Replies: 2
Views: 1128

Re: x86 CPU + RouterOS

Yep, you're on the safe side usually when relying on Intel or Broadcom network chips as you find on server grade boards, Dell machines, etc.
by AlArenal
Tue Aug 20, 2013 4:01 pm
Forum: General
Topic: hacked?
Replies: 3
Views: 2328

Re: hacked?

Just add two firewall rules to drop wan packets to your routerboard on port 53 tcp and udp.
by AlArenal
Tue Aug 20, 2013 11:34 am
Forum: RouterBOARD hardware
Topic: MikroTik RB2011UAS-2HnD-IN replacement in future(2013-2014)?
Replies: 15
Views: 4517

Re: MikroTik RB2011UAS-2HnD-IN replacement in future(2013-20

More info here: http://forum.mikrotik.com/viewtopic.php?p=380723#p380723 Ok, thanks Normis! So much about the changes to board and case. But what about production and delivery? They're nowhere on stock right now and haven't been for quite a while. Of course it takes time to do the changes, test the...
by AlArenal
Mon Aug 19, 2013 7:36 pm
Forum: Beginner Basics
Topic: vlans
Replies: 4
Views: 909

Re: vlans

Yep, that's mainly because by common practice VID 1 is the default vlan on any vlan-aware device.
by AlArenal
Mon Aug 19, 2013 3:27 pm
Forum: General
Topic: packet compression to speed up link
Replies: 4
Views: 3880

Re: packet compression to speed up link

You won't come anywhere near a 10x compression ratio. I reckon you'd rather see really some low 1.x factor in real world scenarios. Also keep in mind that a VPN's encryption adds a bit of overhead. What your article points out is a way of getting rid of packet loss in wireless networks / speeding up...
by AlArenal
Mon Aug 19, 2013 1:28 pm
Forum: General
Topic: v6.2 released
Replies: 247
Views: 95580

Re: v6.2 released

not store on disk.
only in memory.
When I reboot, I lost all graphs...
Same here on RB2011UAS-RM.
by AlArenal
Sun Aug 18, 2013 12:56 pm
Forum: General
Topic: eoip tunne
Replies: 5
Views: 1312

Re: eoip tunne

Keep in mind that this connection is not encrypted. You'd need for example an IPsec tunnel to secure communication.
by AlArenal
Fri Aug 16, 2013 8:42 pm
Forum: Beginner Basics
Topic: problems with CCR1036-12G-4S / S-31DLC20D and cisco???
Replies: 4
Views: 1629

Re: problems with CCR1036-12G-4S / S-31DLC20D and cisco???

Cisco is known for having problems with non-Cisco SFPs as the router reads out the manufacturer written in the SFP's EPROM. Sometimes it works but you won't get any support by Cisco anymore and sometimes it doesn't even work. Have you tried switching fibers on one end? Have you tried the SFPs betwee...
by AlArenal
Thu Aug 15, 2013 11:18 pm
Forum: General
Topic: German Mikrotik Wiki
Replies: 8
Views: 6705

Re: German Mikrotik Wiki

Hallo Silvio & Co.! Ich wäre gern mit dabei und kann hoffentlich bald inhaltlich ein paar Sachen beisteuern. Ich arbeite bei einem mittelständischen IT-Dienstleister (Access, Hosting, Security) und arbeiten seit etwas über einem Jahr mit einem lokalen Carrier zusammen und bieten in erschlossenen Geb...
by AlArenal
Thu Aug 15, 2013 7:13 pm
Forum: General
Topic: Excuse me, why not make a list of ports?
Replies: 5
Views: 1587

Re: Excuse me, why not make a list of ports?

I'm not sure if anyone understands what you are requesting (and what for). Can you make yourself a bit clearer, maybe with an example?
by AlArenal
Mon Aug 12, 2013 4:19 pm
Forum: General
Topic: Build Large network
Replies: 2
Views: 612

Re: Build Large network

Please tell us a bit more about your planned use case and infrastructure.

How are these 3000 clients connected? To what device are they connected? How are they connected? What are your clients' bandwidth requirements? The more detail, the easier it is to help you.
by AlArenal
Mon Aug 12, 2013 3:57 pm
Forum: General
Topic: v6.2 released
Replies: 247
Views: 95580

Re: v6.2 released

Ah! You're right, thanks for pointing it out. It's something that's easily overlooked. :-)

P.S.:
But the slash is missing, nevertheless :-P
by AlArenal
Mon Aug 12, 2013 2:46 pm
Forum: General
Topic: v6.2 released
Replies: 247
Views: 95580

Re: v6.2 released

There's a slash missing, but it will get parsed without problems in any browser. It's more of cosmetic thing and not 100% valid according to the doctype (xhtml requires correct nesting and opening / closing of tags), but then again - which website is?
by AlArenal
Mon Aug 12, 2013 1:30 pm
Forum: General
Topic: v6.2 released
Replies: 247
Views: 95580

Re: v6.2 released

Hm.. he said he had four meta entries and the faulty is the last but your screenie only shows three. Maybe he could paste / screenshot his version.
by AlArenal
Mon Aug 12, 2013 11:01 am
Forum: General
Topic: VLAN
Replies: 8
Views: 1712

Re: VLAN

When you want to access the internet from a local network (private ip range) the router has to do NAT (source NAT to be precise), because private ips don't get routed in the internet (potentially there are millions of devices that could have the same ip), so from the internet it seems requests come ...
by AlArenal
Sun Aug 11, 2013 4:25 pm
Forum: General
Topic: Mikrotik Errors
Replies: 9
Views: 2005

Re: Mikrotik Errors

Does it matter where I place the ssh programming language in my firewall? When processing a chain, rules are taken from the chain in the order they are listed there from top to bottom. If a packet matches the criteria of the rule, then the specified action is performed on it, and no more rules are ...
by AlArenal
Sat Aug 10, 2013 6:03 pm
Forum: RouterBOARD hardware
Topic: RB2011LS-IN + cisco module
Replies: 25
Views: 14259

Re: RB2011LS-IN + cisco module

I just joined the club :( We're also in the situation of needing 100FX support on our client side as our FTTB carrier's hardware only supports this. Mikrotik is to my knowledge the only vendor who ships gigagbit hardware with single-speed SFP cage implementations. It was quite adventureous to find S...
by AlArenal
Sat Aug 10, 2013 5:05 pm
Forum: General
Topic: VLAN
Replies: 8
Views: 1712

Re: VLAN

Do you have NAT configured for 192.162.2.0/24 ?
by AlArenal
Fri Aug 09, 2013 5:07 pm
Forum: General
Topic: VLAN
Replies: 8
Views: 1712

Re: VLAN

PC with GW 192.168.2.1 can't ping 192.168.2.1, bet another pc with GW 192.168.0.1 can ping 192.168.2.2. In that case routing / nating already works. If you cannot ping gw addresses (which are bound to ip interface on the router) you may just have deactivated icmp echos somewhere for security reason...
by AlArenal
Fri Aug 09, 2013 3:20 pm
Forum: RouterBOARD hardware
Topic: New Hardware! - EU MUM 2013
Replies: 54
Views: 21226

Re: New Hardware! - EU MUM 2013

in dat pdf is a text it says, "up to 64 cpu cores". i want a ccr with 16 gb ram and 2 - 4x 64 cpu. go mikrotik. go! then i can say good bye cisco and bye bye juniper. I can't believe you'd really need that - and without 10GB-Ports. I reckon that more optimizations in RouterOS would do the trick. Bu...
by AlArenal
Wed Aug 07, 2013 6:32 pm
Forum: RouterBOARD hardware
Topic: RB750 Hardware idea
Replies: 5
Views: 4818

Re: RB750 Hardware idea

Just the SFP is 140$ not to mention that the converter box is about 100$ to 200$ Right now we're using Level One FVS-3800 converters with Digitus SFPs. The converter (which is remotely manageable and supports bandwidth limiting, VLAN, Q-in-Q) costs about 76 Euros and the SFP about 22 (excl. tax). T...
by AlArenal
Wed Aug 07, 2013 6:02 pm
Forum: RouterBOARD hardware
Topic: SFP module
Replies: 101
Views: 63180

Re: SFP module

Any updates on this? There's still no 100FX SFP in the wiki and our hardware is a couple of days away to test it ourselves. My idea is to use 2011UAS-RMs as CPE (we only work with business clients where racks are commonly in use) to replace the managed media converters we're using now. Our carrier o...
by AlArenal
Mon Aug 05, 2013 7:42 pm
Forum: Wireless Networking
Topic: Metal 5SHPn uptime for 2 x 12V 6800mah battery...
Replies: 14
Views: 3151

Re: Metal 5SHPn uptime for 2 x 12V 6800mah battery...

1W = 1A * 1V

You can't "convert" watts to amps and leave the volts out as 0 volts leads to 0 watts, no matter how many amperes you have ;-)
by AlArenal
Mon Aug 05, 2013 9:13 am
Forum: General
Topic: DNS Amplification attack
Replies: 5
Views: 4168

Re: DNS Amplification attack

So corrected version would look like this, if your wan interface is called wan-1. Don't forget to put specific deny rules before your allow rules in the chain. /ip firewall filter add chain=input in-interface=wan-1 protocol=udp dst-port=53 action=drop /ip firewall filter add chain=input in-interface...
by AlArenal
Sat Aug 03, 2013 6:51 pm
Forum: General
Topic: Infos needed before jumping RouterOS wagon (BGP, bandwidth)
Replies: 8
Views: 1821

Re: Infos needed before jumping RouterOS wagon (BGP, bandwid

Thank you guys! After having a little chat with my boss and ordering a RB2011UAS-2HnD-IN as upgrade / replacement of my 751 at home we'll start with some RB2011s and probably a CCR next month for further evaluation and testing. :-) I'll keep you updated (or will bug you with more questions ;-) ) and...
by AlArenal
Fri Aug 02, 2013 3:14 pm
Forum: General
Topic: Infos needed before jumping RouterOS wagon (BGP, bandwidth)
Replies: 8
Views: 1821

Re: Infos needed before jumping RouterOS wagon (BGP, bandwid

Thanks doush! May I ask with how much load (traffic, bgp table) you're running your CCRs?

We haven't thought about using the routers as firewalls as our servers are behind firewall appliances anyway.
by AlArenal
Fri Aug 02, 2013 2:35 pm
Forum: General
Topic: Infos needed before jumping RouterOS wagon (BGP, bandwidth)
Replies: 8
Views: 1821

Re: Infos needed before jumping RouterOS wagon (BGP, bandwid

According to your post, you will need a device which can handle more than 1gbps and your only choice is CCR in this case (or go for an x86 custom build machine) You mean because the two 5 port switch units are "only" 1 gbps to the cpu each? Let's make this clear: Choosing between RB1100AHx2 and CCR...
by AlArenal
Fri Aug 02, 2013 12:25 pm
Forum: General
Topic: Infos needed before jumping RouterOS wagon (BGP, bandwidth)
Replies: 8
Views: 1821

Infos needed before jumping RouterOS wagon (BGP, bandwidth)

Hi! I for for a small ISP. We offer internet services with our own datacenter as well as access and security solutions. What we have right now is this: 1. our internet servers in a colocation which also runs our /19 in their multi-homed AS 2. we provide internet access with layer 3 switches at our o...