Community discussions

Search found 319 matches

  • 1
  • 2
by alex_rhys-hurn
Sun Jun 16, 2019 8:32 pm
Forum: Virtualization
Topic: The CPU has been disabled by the guest operating system
Replies: 32
Views: 6443

Re: The CPU has been disabled by the guest operating system

Hi, I recommend taking a look at your vswitch and physical switch architecture. Be clear about your trunks and any spanning tree issues. Try out the options with promiscuous mode on the vswitches, and esp on the physcial host interfaces. Make sure to use VMXNET3 interfaces and drivers. Understand cl...
by alex_rhys-hurn
Sun Jun 16, 2019 7:42 pm
Forum: General
Topic: Measure aggregate ipv4 vs ipv6 volume through router
Replies: 2
Views: 239

Measure aggregate ipv4 vs ipv6 volume through router

Hi Everyone, I would like to measure and graph the volume of ipv4 and ipv6 traffic through the router. I would even like a command something like: /interface monitor-traffic aggregate type=ipv6 and /interface monitor-traffic aggregate type=ipv4 Can anybody give me some hints to achieve this? All the...
by alex_rhys-hurn
Sun May 19, 2019 11:57 am
Forum: SwOS
Topic: SWOS or ROUTEROS: Confused
Replies: 3
Views: 713

SWOS or ROUTEROS: Confused

Hi, For the CRS317 I am confused. SHould I run SWOS or ROUTEROS? My application is a strictly switching application, no L3 stuff needed except for management. I ask because it seems that even in RouterOS the CRS317 can still deliver HW based features at full speed. Your advice much appreciated. Alex
by alex_rhys-hurn
Sun May 19, 2019 11:54 am
Forum: RouterBOARD hardware
Topic: Feature Request: CRS317
Replies: 1
Views: 309

Feature Request: CRS317

Hello,

According to the attached Marvell Prestera datasheet the chipset can support VXLAN.
marvell-switching-prestera-98dx83xx-product-brief-2016-12.pdf
Please can you add VXLAN support to CRS317

Thanks,

Alex

PS This has been submitted to support@mikrotik.com
by alex_rhys-hurn
Sun May 19, 2019 11:48 am
Forum: RouterBOARD hardware
Topic: Switch specifications for CRS range.
Replies: 0
Views: 305

Switch specifications for CRS range.

Hi All, I find the way that Mikrotik describes its switching products on the website geared to routers and not switches. E.g. this URL: https://mikrotik.com/product/crs317_1g_16s_rm Compare this to the switch data sheets from other vendors: Cisco 2960: https://www.cisco.com/c/en/us/products/collater...
by alex_rhys-hurn
Sun May 19, 2019 11:31 am
Forum: RouterBOARD hardware
Topic: Airflow CRS317-1G-16S+RM
Replies: 2
Views: 541

Airflow CRS317-1G-16S+RM

Hello, I refer to CRS317-1G-16S+RM for use as top of rack switching and ISCSI switching in the data centre. My Colo provider REQUIRES as MANDATORY Front to back airflow. This means that fans should pull the air from the front of the rack and push it oput of the back to maintain proper hot / cold ais...
by alex_rhys-hurn
Wed Aug 22, 2018 11:18 pm
Forum: Forwarding Protocols
Topic: [SOLVED] IBGP over OSPF Single POP ISP Problems
Replies: 2
Views: 647

Re: [SOLVED] IBGP over OSPF Single POP ISP Problems

Hi, I have solved my issues. This post: https://forum.mikrotik.com/viewtopic.php?t=97491 sorted it out. Few things: 1: I had routing loops due to default route problems in ibgp, moving default routing to ospf sorted it. 2: Then I ran in to the issue where Mikrotik will not bring the default route fr...
by alex_rhys-hurn
Tue Aug 21, 2018 11:55 am
Forum: Forwarding Protocols
Topic: [SOLVED] IBGP over OSPF Single POP ISP Problems
Replies: 2
Views: 647

[SOLVED] IBGP over OSPF Single POP ISP Problems

Hi Guys, I am having trouble, and hope you guys can help. Thanks in advance. I am building a network following a design for a POP which I saw at a peering meeting recently (I am sure you are familliar with it). We are a single POP now, but will add more as we go. POP-Topology.png All devices are mik...
by alex_rhys-hurn
Mon Aug 13, 2018 9:50 pm
Forum: Forwarding Protocols
Topic: eBGP and iBGP config with OSPF for internal [SOLVED]
Replies: 9
Views: 3143

Re: eBGP and iBGP config with OSPF for internal [SOLVED]

"You need to set the update-source to be the IP of the loopback interface on the iBGP peers."

Yup. Its 4 years, on and the advice is as good as ever!

This one saved me.

Karma
by alex_rhys-hurn
Fri Jun 29, 2018 5:39 pm
Forum: RouterBOARD hardware
Topic: CHR on Vmware esxi 5.5 Max Interfaces
Replies: 1
Views: 454

SOLVED CHR on Vmware esxi 5.5 Max Interfaces

UPDATE:

When we had the problem this was on a VM with a single CPU socket with a Single CPU Core.

Adding an additional CPU Socket has allowed us to add 10 VMXNET3 interfaces with no IRQ issues anymore.

Consider this solved.

Thanks,

Alex
by alex_rhys-hurn
Fri Jun 29, 2018 4:35 pm
Forum: RouterBOARD hardware
Topic: CHR on Vmware esxi 5.5 Max Interfaces
Replies: 1
Views: 454

CHR on Vmware esxi 5.5 Max Interfaces

Hello, Please can someone tell me the max number of interfaces CHR can accept from the vmware host. CHR 6.42.3 Vmware esxi 5.5 We added 5 VMXNET3 interfaces and everything is fine. Then we added a 6th interface and the CHR would automatically reboot with an IRQ error and then just boot loop. We remo...
by alex_rhys-hurn
Sat Mar 10, 2018 11:07 am
Forum: General
Topic: Slingshot APT [SOLVED]
Replies: 44
Views: 24595

Re: Slingshot APT, RouterOS spying software [SOLVED]

Hi, I am in Kenya, and have deployments of a few hundred devices, though most of them sit inside private MPLS WANs. As far as I know we have not been exposed to this. How do I know if I have? By reading the Kaspersky report, it seems that even if I sort out the router, the issue still remains on any...
by alex_rhys-hurn
Sat Mar 04, 2017 2:58 pm
Forum: General
Topic: RBLHG-5nD. What is the maximum length of CAT5e cable
Replies: 2
Views: 369

Re: RE: RBLHG-5nD. What is the maximum length of CAT5e cable

Hi I need to install RBLHG-5nD - LHG5 (https://mikrotik.com/product/RBLHG-5nD) on a bulding where I need to install 150ft (45m) of CAT 5e indoor cable (Schneider). The power adapator that is supplied in this product is 24v. Do you think this will have enough power to power the antenna for a 3 miles...
by alex_rhys-hurn
Sun Jun 12, 2016 1:33 pm
Forum: General
Topic: Inbound 1:1 static NAT failover
Replies: 2
Views: 517

Inbound 1:1 static NAT failover

Hi Everyone, I have the following network - see image. I have failover between two ISP working perfectly using check-gateway and default route cost. I have 1 mailserver with 1:1 static NAT to ISP1 the primary. So my internal IP NATS to a static External IP from ISP1 What  I want to achieve, is when ...
by alex_rhys-hurn
Sat Jun 11, 2016 11:57 am
Forum: General
Topic: Mikrotik ha, anyone tried this?
Replies: 5
Views: 2556

Mikrotik ha, anyone tried this?

Hello,

https://github.com/svlsResearch/ha-mikrotik

The link above was suggested to me in another post on vrrp in this forum.

Has anyone tried it out?

Alex
by alex_rhys-hurn
Wed Jun 25, 2014 7:24 pm
Forum: General
Topic: winbox trouble only over one ISP
Replies: 6
Views: 1689

Re: winbox trouble only over one ISP

Thanks again for your help. Here is the output of my mangle rules: /ip firewall mangle> pr detail Flags: X - disabled, I - invalid, D - dynamic 0 chain=forward action=change-mss new-mss=1300 passthrough=yes tcp-flags=syn protocol=tcp tcp-mss=!0-1300 [admin@MikroTik] /ip firewall mangle> Dont ask me ...
by alex_rhys-hurn
Wed Jun 25, 2014 6:32 pm
Forum: General
Topic: winbox trouble only over one ISP
Replies: 6
Views: 1689

Re: winbox trouble only over one ISP

Pinging through the other ISP gives me a maximum size of 1472, and winbox is working with that.

Also I notice for the link which does not work with winbox, when I use winbox with that link but through an IPSEC Tunnel winbox works fine.

Alex
by alex_rhys-hurn
Wed Jun 25, 2014 6:30 pm
Forum: General
Topic: winbox trouble only over one ISP
Replies: 6
Views: 1689

Re: winbox trouble only over one ISP

Hi, Many thanks for your reply. My pings: ping 8.8.8.8 -l 1452 Pinging 8.8.8.8 with 1452 bytes of data: Reply from 8.8.8.8: bytes=64 (sent 1452) time=151ms TTL=44 So the largest I can send is 1452 anything larger wont work. Its a PPPoE Dial up passive fibre optic ISP link. Mikrotik makes two dynamic...
by alex_rhys-hurn
Wed Jun 25, 2014 3:26 pm
Forum: General
Topic: winbox trouble only over one ISP
Replies: 6
Views: 1689

winbox trouble only over one ISP

Hi folks, We manage many Mikrotik Routers for many customers. We access them remotely over the internet using winbox, ssh and webmin. In some cases we also access them via winbox over an IPIP/IPSEC tunnel. Here is my problem, when I use winbox over my ISP called JTL the winbox session will login and...
by alex_rhys-hurn
Mon Feb 24, 2014 7:55 am
Forum: General
Topic: Poor mans config sync: vrrp
Replies: 7
Views: 3451

Re: Poor mans config sync: vrrp

Hi there, Thanks everyone for the thoughts. Regarding the point where the filter table would be empty when tables flushed, I see your concern, and it is valid. In theory this would only happen on the passive/inactive vrrp partner which has no / little traffic passing through. I can picture some nast...
by alex_rhys-hurn
Fri Feb 21, 2014 1:42 pm
Forum: General
Topic: Poor mans config sync: vrrp
Replies: 7
Views: 3451

Poor mans config sync: vrrp

Hello! I would like to ask the advice and tips of all you gurus out there. We have two ccr routers in VRRP setup. The config is fairly static except for firewall rules which we work on quite a bit. My thoughts, and I am asking you guys if I am mad / wasting my time to try this, is to built a script ...
by alex_rhys-hurn
Thu Dec 05, 2013 2:03 pm
Forum: Forwarding Protocols
Topic: need advice on multi-wan multi-office vpn
Replies: 7
Views: 3278

Re: need advice on multi-wan multi-office vpn

Tomaskir, We meet again!. Yes, I have looked at your video and am in the process of trialling it, as it should solve some of the complexity of rolling out new sites. Very nice design. We are currently doing this on 75 Branches, and your solution addresses a number of scalability problems. Best, Alex
by alex_rhys-hurn
Thu Dec 05, 2013 9:53 am
Forum: Forwarding Protocols
Topic: need advice on multi-wan multi-office vpn
Replies: 7
Views: 3278

Re: need advice on multi-wan multi-office vpn

Hello, I would suggest that you remove the bonding and move over to OSPF ECMP (Equal cost multipathing). I dont tend to use the EOIP Tunnels because they are proprietary to Mikrotik, and so we do this with IPIP Tunnels. So; step 1, build IPIP Tunnel between the offices, two tunnels each branch offic...
by alex_rhys-hurn
Mon Nov 25, 2013 6:43 pm
Forum: General
Topic: VPLS, EThernet Trunk (vlan trunk) and bridges
Replies: 7
Views: 3693

Re: VPLS, EThernet Trunk (vlan trunk) and bridges

Just to finish off the discussion.

Do you have any thoughts towards encrypting the vpls tunnel with IPSec?

Alex
by alex_rhys-hurn
Mon Nov 25, 2013 6:19 pm
Forum: General
Topic: VPLS, EThernet Trunk (vlan trunk) and bridges
Replies: 7
Views: 3693

Re: VPLS, EThernet Trunk (vlan trunk) and bridges

Just read about your question re bridging vlans straight to leased line. We have tried this before, and have also tried simply plugging the leased line ethernet in to the switch, this resulted in immediate phone calls from the service provider complaining about bpdu and other stuff. They have subseq...
by alex_rhys-hurn
Mon Nov 25, 2013 6:14 pm
Forum: General
Topic: VPLS, EThernet Trunk (vlan trunk) and bridges
Replies: 7
Views: 3693

Re: VPLS, EThernet Trunk (vlan trunk) and bridges

Tomaskir, Thanks so much for your quick reply and for taking the time to clarify mtu. We use the VPLS tunnels a lot in another application without the tagged ethernet PW Type so we are familiar with the MTU issue. Our leased line provider gives us jumbo frame capability, and its a pure ethernet link...
by alex_rhys-hurn
Mon Nov 25, 2013 5:45 pm
Forum: General
Topic: VPLS, EThernet Trunk (vlan trunk) and bridges
Replies: 7
Views: 3693

VPLS, EThernet Trunk (vlan trunk) and bridges

Hello, According to the RouterOS Manual, under Vlan: "As VLAN works on OSI Layer 2, it can be used just as any other network interface without any restrictions. VLAN successfully passes through regular Ethernet bridges." And according to 802.1q a VLAN ID is inserted in the ethernet header between th...
by alex_rhys-hurn
Wed Nov 20, 2013 7:44 am
Forum: General
Topic: DHCP Server Capacity - what limit in ROS for leases & server
Replies: 3
Views: 882

Re: DHCP Server Capacity - what limit in ROS for leases & se

Hi,

Thanks for the response, its good to know that my design will fly on this hardware.

So, do you know the theoretical limits for RouterOS as far as DHCP goes, or is it just hardware limited. I cant find anything in the licensing that points to limits.

Many thanks,

Alex
by alex_rhys-hurn
Mon Nov 18, 2013 8:45 am
Forum: General
Topic: DHCP Server Capacity - what limit in ROS for leases & server
Replies: 3
Views: 882

DHCP Server Capacity - what limit in ROS for leases & server

Hello everyone, My network design is: 1 RB1100AH acting as branch edge router. I have 40 Interdepartmental vlans (PCI-DSS requirements) and each one needs a DHCP Server, giving out a /23 to each vlan with MAC Authentication via Userman. My questions are: What is the limit of number of DHCP Servers o...
by alex_rhys-hurn
Thu Nov 07, 2013 2:33 pm
Forum: General
Topic: WAN interface usage is higher than LAN interface usage
Replies: 10
Views: 3551

Re: WAN interface usage is higher than LAN interface usage

Hi, Please be sure that /ip proxy enabled=no and also /ip dns allow-remote-requests = no. FInally if you really dont have the above enabled / firewalled, then I have seen this in one other scenario, and this was provider related. Here goes: The design was where an ISP had provided their own POP in a...
by alex_rhys-hurn
Wed Nov 06, 2013 5:12 pm
Forum: General
Topic: WAN interface usage is higher than LAN interface usage
Replies: 10
Views: 3551

Re: WAN interface usage is higher than LAN interface usage

Hello, In my experience, this situation is almost always caused by lack of or incorrect firewall configuration. Many people consider that the use of NAT is firewalling. It is not. The source of this traffic is often that either or both the DNS server and/or web proxy are enabled on the router, but n...
by alex_rhys-hurn
Sun Sep 29, 2013 4:09 pm
Forum: General
Topic: Site to Site tunnel... how ?
Replies: 7
Views: 1530

Re: Site to Site tunnel... how ?

I cant see why an ipip tunnel is anymore difficult than a GRE tunnel or EoIP Tunnel. Regarding the second option of using IPSec alone, that situation I find often confuses people more, as opposed to simply encrypting the tunnel with only one set of IPsec policy and then using simple routing tables t...
by alex_rhys-hurn
Fri Sep 27, 2013 1:24 pm
Forum: General
Topic: Site to Site tunnel... how ?
Replies: 7
Views: 1530

Re: Site to Site tunnel... how ?

I would not suggest pptp in this situation. You have 2 real choices, eoip or ipip. eoip is proprietary to Mikrotik and IPIP is standards compliant and will work with other devices like cisco. (I know there are other options, but I am considering this a good basic starting point for newbies). SImply ...
by alex_rhys-hurn
Thu Sep 26, 2013 9:29 am
Forum: General
Topic: PCC + Bandwidth Control for VPN Concentrator
Replies: 0
Views: 781

PCC + Bandwidth Control for VPN Concentrator

Hello everyone, I hope you can give me some ideas on this. Our network is 3 ISPs (15 megabits each) load balanced with PCC. We have a VPN Concentrator (Cisco ASA 5510) that is Routed through internally, and has a public IP from each ISP. Our Internal nets 10.0.0.0/8 are natted on the Load Balancer. ...
by alex_rhys-hurn
Mon Sep 02, 2013 9:45 am
Forum: General
Topic: Connect through L2TP
Replies: 13
Views: 2081

Re: Connect through L2TP

Hi,

Sorry about the missing link. Here it is:

http://mum.mikrotik.com/presentations/HR13/kirnak.pdf

In fact I liked it so much we are now trialling it in my own network as we get familiar with the solution for our clients. Previously we have been making static tunnels and IPSec Policy.
by alex_rhys-hurn
Wed Aug 28, 2013 11:56 am
Forum: General
Topic: Trainers: Come to Kenya and teach us!
Replies: 1
Views: 824

Re: Trainers: Come to Kenya and teach us!

Hello,

I just thought I would update you all and say that some trainers came to Kenya and now we are trained and certified! Yippee!

Alex
by alex_rhys-hurn
Wed Aug 28, 2013 11:52 am
Forum: General
Topic: how to block https for facebook.com
Replies: 33
Views: 81058

Re: how to block https for facebook.com

So, to show how easy it is really here is the setup in full: First the Layer & Protocol: /ip firewall layer7-protocol add name=Facebook_URL regexp="^.*(facebook).*\$" Then the Firewall Rule: /ip firewall filter add chain=forward comment="Block Facebook" layer7-protocol=facebook_url That will block a...
by alex_rhys-hurn
Wed Aug 28, 2013 11:18 am
Forum: General
Topic: how to block https for facebook.com
Replies: 33
Views: 81058

Re: how to block https for facebook.com

Hello, I think you may be confusing the term "firewall" with "UTM" or Unified Threat Management. Mikrotik is not a UTM platform. For that you need to look at Checkpoint UTM, Untangle or the like. Personally I dont think that making a layer7 protocol and firewall rule difficult of tedious. Actually I...
by alex_rhys-hurn
Wed Aug 28, 2013 1:34 am
Forum: General
Topic: Connect through L2TP
Replies: 13
Views: 2081

Re: Connect through L2TP

You might be interested in this video at MUM about using l2tp with ipsec to achieve scalable vpn solution for both site to site and dial up road warrior scenarios.

If I have understood your need properly.
by alex_rhys-hurn
Wed Aug 28, 2013 1:29 am
Forum: General
Topic: how to block https for facebook.com
Replies: 33
Views: 81058

Re: how to block https for facebook.com

Wow. Really old thread. Sorry i posted.....
by alex_rhys-hurn
Wed Aug 28, 2013 1:26 am
Forum: General
Topic: how to block https for facebook.com
Replies: 33
Views: 81058

Re: how to block https for facebook.com

The way we do this is to use a layer 7 regular expression to block any url with facebook in it. First make layer 7 protocol with this as the value: ^.*(facebook).*$ Then make a firewall rule to drop that layer 7 protocol. This can be very harsh and even prevent you resolving and pinging facebook as ...
by alex_rhys-hurn
Mon Jun 24, 2013 5:06 pm
Forum: General
Topic: RouterOS 6.1 released
Replies: 198
Views: 54035

Re: RouterOS 6.1 released

The best way to manage logs in Mikrotik - and frankly just about anything - is to export them via Syslog to a Dude server. You can then filter/sort/export them to your hearts content. Go one step further an deploy SIEM if you wish to do correlation etc... http://communities.alienvault.com/ I havent ...
by alex_rhys-hurn
Sun Oct 14, 2012 8:56 am
Forum: General
Topic: URGENT!!! PLS HELP!!!!!!!
Replies: 8
Views: 1059

Re: URGENT!!! PLS HELP!!!!!!!

Hi!

Do you have web proxy enabled?

I have seen exactly this when you enable web proxy but dont protect it with firewall. Then somebody finds your open web proxy and uses it for their own nefarious needs!

Turn off web proxy and see of that helps.

Alex
by alex_rhys-hurn
Tue Sep 25, 2012 11:53 am
Forum: General
Topic: Trainers: Come to Kenya and teach us!
Replies: 1
Views: 824

Trainers: Come to Kenya and teach us!

Hello Mikrotik Trainers, We have been using Mikrotik for a long time now, and have a team of proffessionals who are very comfortable with it. Our team already has CCNA CCNP and the like, but we would now like to certify our team in Mikrotik. This message is to all trainers who would be able to visit...
by alex_rhys-hurn
Thu Aug 02, 2012 5:32 pm
Forum: General
Topic: HELP, CPU MIKROTIK 100%
Replies: 6
Views: 1375

Re: HELP, CPU MIKROTIK 100%

Did you try the suggested upgrade?
by alex_rhys-hurn
Wed Aug 01, 2012 3:43 pm
Forum: General
Topic: Hardware antivirus
Replies: 10
Views: 1928

Re: Hardware antivirus

So, lets try something like this: 1: Connect ISP to ether1 of RB1200 2: Connect LAN1 (Unfiltered Internet users LAN) to ether2 of RB1200, and connect this to an UNTAGGED port of the managed switch that has VLAN1 membership 3: Connect LAN2 (Filtered Internet users LAN) to ether3 of RB1200, and connec...
by alex_rhys-hurn
Wed Aug 01, 2012 3:27 pm
Forum: General
Topic: Hardware antivirus
Replies: 10
Views: 1928

Re: Hardware antivirus

OK, let me make a new network design for you. Do you have manageable switches that can do vlans? Do you mind if you have client PC on completely separate vlans? E.g. computers with unfiltered access to internet on one vlan, and client computers with filtered internet on another vlan? We may need to ...
by alex_rhys-hurn
Wed Aug 01, 2012 11:08 am
Forum: General
Topic: HELP, CPU MIKROTIK 100%
Replies: 6
Views: 1375

Re: HELP, CPU MIKROTIK 100%

Whh version of routeros and which hardware are you using?

This has been seen a couple of times in some recent releases.

I suggest you upgrade your firmware, and also send a supout.rif to support@mikrotik.comi
by alex_rhys-hurn
Wed Aug 01, 2012 10:48 am
Forum: General
Topic: Hardware antivirus
Replies: 10
Views: 1928

Re: Hardware antivirus

According to http://www.pandasecurity.com/homeusers/ ... idIdioma=2 the gatedefender can be configured to router mode.

The design above should work in router mode.

Can you try that?
by alex_rhys-hurn
Wed Aug 01, 2012 8:26 am
Forum: General
Topic: Hardware antivirus
Replies: 10
Views: 1928

Re: Hardware antivirus

So gatedefender is transparent bridge?

If so then we need to change ip addressing....

Explain more about the gatedefender please, i am not familiar with it.
by alex_rhys-hurn
Tue Jul 31, 2012 1:33 pm
Forum: General
Topic: Hardware antivirus
Replies: 10
Views: 1928

Re: Hardware antivirus

Hassibi is right. Something like this should work: Connect your ISP to ether1 of your RB1200 then connect your LAN to ether2 of your RB1200, and set up your firewall rules and NAT as you require. Make sure that your whole network is working properly at this stage BEFORE inserting the Panda. Then con...
by alex_rhys-hurn
Wed Jul 18, 2012 12:10 am
Forum: General
Topic: IPSec VPN Set-up between Dual WAN & Single WAN for Fail-Over
Replies: 17
Views: 19098

Re: IPSec VPN Set-up between Dual WAN & Single WAN for Fail-

distance

please paste some configs. I may be able to spot something....
by alex_rhys-hurn
Sun Jul 15, 2012 5:48 pm
Forum: General
Topic: IPSec VPN Set-up between Dual WAN & Single WAN for Fail-Over
Replies: 17
Views: 19098

Re: IPSec VPN Set-up between Dual WAN & Single WAN for Fail-

We do this all the time. It sounds like your routing costs are not quite right yet. Make static routes for each lan network but with different costs, remember to always start with the most basic setup and build from there. So ipip tunnel to hq has route cost of 1 on the main isp link and ipip tunnel...
by alex_rhys-hurn
Sat Jul 07, 2012 7:50 pm
Forum: General
Topic: IPSec VPN Set-up between Dual WAN & Single WAN for Fail-Over
Replies: 17
Views: 19098

Re: IPSec VPN Set-up between Dual WAN & Single WAN for Fail-

The way I would do this is as follows: Create two IP IP tunnels, one for each isp. Then get your routing and everything working properly. Once you have the complete system working as you want, THEN do the IPSec. You are only going to create IPSec for the tunnel itself. You dont need to make IPSec po...
by alex_rhys-hurn
Sun May 13, 2012 11:54 am
Forum: General
Topic: static dhcp leases and ip bindings
Replies: 3
Views: 1275

Re: static dhcp leases and ip bindings

By reading the wanual on http://wiki.mikrotik.com/wiki/Manual:IP ... ver#Leases

BUt other wise:

IP>DHCP SERVER> LEASES and then highlight the lease you want to make static, and click the make static button in the toolbar.

Good Luck.

Alex
by alex_rhys-hurn
Sun Mar 25, 2012 7:11 pm
Forum: Beginner Basics
Topic: Help Needed in My Mikrotik 2.9.27
Replies: 2
Views: 1086

Re: Help Needed in My Mikrotik 2.9.27

2.9.27? Really? That is too old.

That software needs to be upgraded. All upgrades are free from mikrotik if you have a legitimate license, and there are new features/drivers there that you need!

Alex
by alex_rhys-hurn
Fri Mar 09, 2012 8:49 pm
Forum: General
Topic: How do I calculate the TOTAL number of packets per second
Replies: 3
Views: 970

Re: How do I calculate the TOTAL number of packets per secon

Hi Martin,

Thanks for that. Its exactly what I wanted to see.

So, presumably then, if I add rx-packets-per-second to the tx-packets-per-second I will now get the totat packets handled by that router. Is that correct?

Alex
by alex_rhys-hurn
Wed Mar 07, 2012 5:51 pm
Forum: General
Topic: How do I calculate the TOTAL number of packets per second
Replies: 3
Views: 970

How do I calculate the TOTAL number of packets per second

Hi Folks, I have an RB1000 and we use all 4 Physical interfaces, and there are many sub interfaces as well. Can anyone tell me how to work out what the total aggregate packets per second that the CPU is dealing with? I am trying to justify the RB1000 over a Cisco 2940 and the cisco website seems to ...
by alex_rhys-hurn
Mon Jan 23, 2012 8:47 pm
Forum: General
Topic: Getting through with Solarwinds
Replies: 3
Views: 2256

Re: Getting through with Solarwinds

Hi, If its over the internet, then youre thinking of using VPN tunnels is bang on. To be honest its the best way to do it any way. We do exactly what you are wanting to do all the time and it works well. In short: 1: Create an Ethernet over IP Tunnel or an IP IP Tunnel between you and your remote si...
by alex_rhys-hurn
Sun Jan 22, 2012 4:02 pm
Forum: General
Topic: firewall Sequence
Replies: 2
Views: 610

Re: firewall Sequence

The answer is, of course, it depends.

Where exactly in the packets journey are you looking?

Read this, it will answer your question:

http://wiki.mikrotik.com/wiki/Manual:Packet_Flow

Alex
by alex_rhys-hurn
Sun Jan 22, 2012 3:59 pm
Forum: General
Topic: Why bother having SMB server?
Replies: 19
Views: 3191

Re: Why bother having SMB server?

Kindis, Thanks for the reply, I didnt really understand what you are getting at. I come from the traditional position with network devices. For e.g. a server should be a server and a router should be a router. As far as feature sets for a router go I would have thought that SNORTt / IDS / IPS would ...
by alex_rhys-hurn
Sun Jan 22, 2012 7:43 am
Forum: General
Topic: Getting through with Solarwinds
Replies: 3
Views: 2256

Re: Getting through with Solarwinds

If you can possibly manage it, dont use NAT. Simplest routing is static routing, and this in my opinion is simpler than NaTting. If you you do want to persist with NAT, then I suggest at the remote end you use multiple Alias / Secondary IP addresses on the WAN interface. Then set up 1:1 Static NAT, ...
by alex_rhys-hurn
Sun Jan 22, 2012 7:20 am
Forum: General
Topic: Why bother having SMB server?
Replies: 19
Views: 3191

Why bother having SMB server?

Hi Folks,

I know can be rather old fashioned, and presumably the SMB feature was widely requested, so Mikrotik thought they would include it.

But i dont understand why anybody would want it on a router?

What am I missing?

Alex
by alex_rhys-hurn
Wed Jan 18, 2012 9:29 pm
Forum: General
Topic: best loadbalance
Replies: 5
Views: 574

Re: best loadbalance

Your problem lies in dns and routes because you have not followed my hints above.
by alex_rhys-hurn
Wed Jan 18, 2012 7:20 pm
Forum: General
Topic: best loadbalance
Replies: 5
Views: 574

Re: best loadbalance

Read the manuals, and search elsewhere on this forum.

This topic is well covered.

But because I have too much time on my hands here is a hint: PCC, Static Router Check Gateway and OpenDNS or Google Public DNS

Alex
by alex_rhys-hurn
Wed Jan 18, 2012 7:08 pm
Forum: General
Topic: Apple.tv problems
Replies: 5
Views: 1097

Re: Apple.tv problems

You might be interested in taking a look at the latest Edition of the QOS scripts from Butch evans if you are not already a QOS pro.

His latest set has an option for setting speed options for streaming video.

Alex
by alex_rhys-hurn
Sat Jan 14, 2012 8:30 am
Forum: General
Topic: Apple.tv problems
Replies: 5
Views: 1097

Re: Apple.tv problems

Are you doing any QOS stuff in your network?

Can you look at the queues and torch the interfaces and see what traffic is going on when he reports this problem?
by alex_rhys-hurn
Sun Nov 20, 2011 8:45 am
Forum: General
Topic: RB751U and Huawei E169
Replies: 7
Views: 1205

Re: RB751U and Huawei E169

As you said the modem worked before in a Mikrotik (was it the same one?) Then all I can suggest is a factory default reset.

Failing that a netinstall of the router, maybe the driver is corrupt and not updating properly.

Is the modem connected to the USB directly or via a USB cable.
by alex_rhys-hurn
Sat Nov 19, 2011 6:09 pm
Forum: General
Topic: RB751U and Huawei E169
Replies: 7
Views: 1205

Re: RB751U and Huawei E169

Hmmm... 5.7 never gave me any problems. Maybe try a /system reset-configuration and try again.

Alex
by alex_rhys-hurn
Sat Nov 19, 2011 4:24 pm
Forum: General
Topic: RB751U and Huawei E169
Replies: 7
Views: 1205

Re: RB751U and Huawei E169

Whenever I have had those problems an upgrade of routeros has solved it.

What version are you using?

Alex
by alex_rhys-hurn
Sat Nov 19, 2011 4:21 pm
Forum: General
Topic: Connecting two sites over internet and hardware selection Qs
Replies: 5
Views: 965

Re: Connecting two sites over internet and hardware selectio

I have just seen the RB751U-2Hnd

That looks like a good machine. Everything integrated.

And you can add a 3G modem for backup internet link.

Alex
by alex_rhys-hurn
Sat Nov 19, 2011 9:28 am
Forum: General
Topic: Connecting two sites over internet and hardware selection Qs
Replies: 5
Views: 965

Re: Connecting two sites over internet and hardware selectio

Hi,

It seems that the RB493G is your only real choice to get wifi and enough ports to switch with.

I would suggest an RB493G with indoor case, an RB52N Wireless card with two indoor antennas.

Alex
by alex_rhys-hurn
Fri Nov 18, 2011 12:25 pm
Forum: General
Topic: Connecting two sites over internet and hardware selection Qs
Replies: 5
Views: 965

Re: Connecting two sites over internet and hardware selectio

For the tunnel I suggest making an IP/IP tunnel between the two sites and then encrypting it with ipsec. This will then allow you to use any form of routing between the two sites. We use this in an enterprise environment and it its very reliable and keeps the ipsec policy configuration very simple. ...
by alex_rhys-hurn
Fri Oct 14, 2011 3:13 pm
Forum: The Dude
Topic: export outages to csv
Replies: 4
Views: 1949

export outages to csv

Hello,

can anyone tell me if it is possible to export the outages information to csv?

I can do this almost all other tables in dude, but not this.

Alex
by alex_rhys-hurn
Sat Jul 30, 2011 8:54 pm
Forum: General
Topic: How do I set static routes for remote networks on IPSEC VPN
Replies: 1
Views: 728

How do I set static routes for remote networks on IPSEC VPN

Hello Folks, I have read a bunch of stuff both on forum and on wiki, including http://wiki.mikrotik.com/wiki/Routing_through_remote_network_over_IPsec but cant seem to figure this out. The question in short, is how do you set static routes in routing tables for networks at the other side of a site t...
by alex_rhys-hurn
Tue Jul 05, 2011 10:49 pm
Forum: General
Topic: TACACS
Replies: 4
Views: 4698

Re: TACACS

And use Mikrotik User Manager.

This will not only handle your Mikrotik devices but also other network devices that can authenticate users with radius.
by alex_rhys-hurn
Wed Apr 27, 2011 9:12 pm
Forum: General
Topic: Solar power, have i got this right?
Replies: 3
Views: 866

Re: Solar power, have i got this right?

Take a look at this on the Wiki.

http://wiki.mikrotik.com/wiki/Solar_Power_HOWTO

It should help, it has wiring diagrams and calculations and so on. Just read through.
by alex_rhys-hurn
Sun Apr 17, 2011 8:36 pm
Forum: General
Topic: Voice (VOIP) issues
Replies: 4
Views: 1745

Re: Voice (VOIP) issues

Sorry to bring up an old post, but did you ever make progress with this? I have a very similar problem.

RB100 Router, and Elastix PBX using SIP trunks to two different providers.
by alex_rhys-hurn
Fri Feb 18, 2011 4:04 pm
Forum: The User Manager
Topic: Userman help please. 4 timeouts after every reboot.
Replies: 3
Views: 1837

[SOLVED] Re: Userman help please. 4 timeouts after every reb

I know this is an old thread, but I wanted to mark it as solved for anyone else searching for this issue. I had EXACTLY the same problem, and this seems to be a bug/fault in the userman radius server when it is upgraded. My solution was to upgrade to the next release of routeros. My problem in short...
by alex_rhys-hurn
Tue Jul 13, 2010 6:27 pm
Forum: General
Topic: bridge vlan RB1000 and eci telecom switch - Problem
Replies: 1
Views: 621

Re: bridge vlan RB1000 and eci telecom switch - Problem

Ok,

It seems that what I am trying to do is not a wise / recommended thing.

I am told that you should not bridge VLANS that exist on the same physical interface. Can anyone tell me why this should not be the case?

Alex
by alex_rhys-hurn
Tue Jul 13, 2010 12:07 am
Forum: General
Topic: bridge vlan RB1000 and eci telecom switch - Problem
Replies: 1
Views: 621

bridge vlan RB1000 and eci telecom switch - Problem

Hey Folks, Looking for some help here. I have an RB1000 with two WAN providers, each is providing me with VLANS to my branches. One WAN provider is working perfectly with a routed network. The second WAN provider uses ECI telecom (an Israeli manufacturer) for their Nationwide Fibre network. I receiv...
by alex_rhys-hurn
Sat May 08, 2010 11:44 am
Forum: General
Topic: pcc load balancing and mail servers with nat
Replies: 2
Views: 1023

Re: pcc load balancing and mail servers with nat

Hi fewi,

Thanks for your input. Its helped me.

In fact I had not done my mangle PCC rules properly and so I followed this post by you which sorted me out.
http://forum.mikrotik.com/viewtopic.php?f=2&t=36232&start=0
Thanks again,

Alex
by alex_rhys-hurn
Thu May 06, 2010 8:19 pm
Forum: General
Topic: pcc load balancing and mail servers with nat
Replies: 2
Views: 1023

pcc load balancing and mail servers with nat

Hello, I have looked around the forums and the closest thing I have found that starts me on ly solution is here: http://forum.mikrotik.com/viewtopic.php?f=7&t=30482&hilit=pcc+nat My situation. 2 ISP Links, 2mb up and 2mb down each. each ISP terminates with a /30 on my RB 433 and then additionally gi...
by alex_rhys-hurn
Thu Apr 29, 2010 8:10 am
Forum: Beginner Basics
Topic: Load Balancing over two modems??
Replies: 24
Views: 5401

Re: Load Balancing over two modems??

Depending on how your provider deploys the Iburst modems, I usually find that the Check-Gateway ping command to test if a link is up or down does not work well if at all. The reason for this is that the gateway for the Mikrotik is the Iburst modem itself, and that is only the length of a 1m patch co...
by alex_rhys-hurn
Wed Apr 28, 2010 7:18 pm
Forum: Beginner Basics
Topic: A message of thanks to Mikrotik and Greg Sowell
Replies: 4
Views: 1160

A message of thanks to Mikrotik and Greg Sowell

Dear Folks at Mikrotik and Gregsowell.com I just wanted to give thanks for a great product and to greg for a good set of tutorials that helped me put together a solution for my client. Here is the story. My client (a Bank) has 9 Sites nationwide they were all using Cisco 2800 Series routers to inter...
by alex_rhys-hurn
Mon Apr 26, 2010 7:24 pm
Forum: The User Manager
Topic: Using UserManager as RADIUS for other AP
Replies: 24
Views: 33339

Re: Using UserManager as RADIUS for other AP

I Agree that this would be a very good addition:

+1 Vote
by alex_rhys-hurn
Mon Apr 26, 2010 7:22 pm
Forum: General
Topic: EAP-TTLS PAP authontication
Replies: 5
Views: 3323

Re: EAP-TTLS PAP authontication

:oops: :oops: http://forum.mikrotik.com/posting.php?mode=smilies&f=2# I would like to apologise for not searching the forums properly. The very next thread I looked at says that userman cannot do what I want. Here is the post: http://forum.mikrotik.com/viewtopic.php?f=10&t=23625&hilit=eap Sorry folk...
by alex_rhys-hurn
Mon Apr 26, 2010 7:14 pm
Forum: General
Topic: EAP-TTLS PAP authontication
Replies: 5
Views: 3323

Re: EAP-TTLS PAP authontication

Hi Folks, Can I use Mikrotik Userman to manage EAP authentication for my companies laptops for wireless purposes using non-mikrotik wireless access points (I should add that the AP's have a radius client and industry standard EAP features)? Uldis says yes with "A" RADIUS server but he is not clear i...
by alex_rhys-hurn
Thu Apr 08, 2010 11:25 pm
Forum: The User Manager
Topic: Userman as central database for controlling login to winbox
Replies: 0
Views: 694

Userman as central database for controlling login to winbox

Hello, I have user manager working well to control users that need to connect to winbox (and other login methods) to manage routers. My client has many sysadmins (and 15 routers) that work in shifts, and so it makes sense to control their login rights and passwords centrally. This is also important ...
by alex_rhys-hurn
Fri Apr 02, 2010 1:43 pm
Forum: Forwarding Protocols
Topic: BGP Noob: balance and failover on WAN not ISP
Replies: 7
Views: 3323

Re: BGP Noob: balance and failover on WAN not ISP

OK, I read you load and clear.

My head is now in to this. It hadnt occurred to me that I could create extra paths by creating tunnels or vlans.

I am going to try that! Thanks.

Alex
by alex_rhys-hurn
Fri Apr 02, 2010 11:47 am
Forum: Forwarding Protocols
Topic: BGP Noob: balance and failover on WAN not ISP
Replies: 7
Views: 3323

Re: BGP Noob: balance and failover on WAN not ISP

Hi Roadrunner, Thanks for the info. Of course I forgot about ECMP.... How well will this work on links that do not have the same bandwidth? One provider gives me a 10mbit cloud (bandwidth is shared by all sites in the cloud and the other is giving dedicated bandwidths per site, and they all vary. Th...
by alex_rhys-hurn
Thu Apr 01, 2010 10:03 pm
Forum: Forwarding Protocols
Topic: BGP Noob: balance and failover on WAN not ISP
Replies: 7
Views: 3323

BGP Noob: balance and failover on WAN not ISP

Hello, I am new to BGP but not OSPF and Mikrotik. I would like a few tips from the BGP pros out there if you dont mind. OSPF will do failover but not load balance with failover, so I want to use BGP. The BGP Failover and load balancing that I have seen in the forums so far relate to interfacing with...
by alex_rhys-hurn
Thu Apr 01, 2010 9:29 pm
Forum: General
Topic: Static to OSPF migration advice please
Replies: 4
Views: 760

Re: Static to OSPF migration advice please

Cheers techguy!

Nice drink in your hand! Enjoy!
by alex_rhys-hurn
Thu Apr 01, 2010 1:38 pm
Forum: General
Topic: Static to OSPF migration advice please
Replies: 4
Views: 760

Re: Static to OSPF migration advice please

Ok, Cool. Thanks for the quick reply.

Now My plan is complete and I am going to start this. What a way to spend easter weekend.

Wish me luck!
by alex_rhys-hurn
Thu Apr 01, 2010 12:50 pm
Forum: General
Topic: Static to OSPF migration advice please
Replies: 4
Views: 760

Static to OSPF migration advice please

Hi Folks, I have a customer network that is nationwide. 7 sites around the country interconnected with a Layer 2 MPLS Cloud. This WAN is currently using static routing, and all is well. For failover reasons I wish to change the static routing to OSPF dynamic routing. My question is, can I bring up O...
by alex_rhys-hurn
Fri Mar 19, 2010 7:39 pm
Forum: General
Topic: Feature Request: Central AP controller with POE on RB1100
Replies: 2
Views: 858

Feature Request: Central AP controller with POE on RB1100

Hello, I hope this is the right place to post this. I dont see a SwitchOS forum yet. I would like to request the following functionality, especially now that Mikrotik has released a Switch Product. 1: That the RB1100 Switch could be used to control several lightweight Access Points, as a central con...
by alex_rhys-hurn
Thu Oct 29, 2009 8:24 pm
Forum: General
Topic: How to graph second disk use
Replies: 2
Views: 495

Re: How to graph second disk use

I want to be able to graph the disk used by the Web Cache. I guess its not a really big deal, but if I can graph primary disk use then why not secondary? In my case the primary disk use is fairly static as it holds the RouterOS, some backup files and some scripts.... But I have set my Web Proxy Cach...
by alex_rhys-hurn
Wed Oct 28, 2009 6:49 pm
Forum: General
Topic: How to graph second disk use
Replies: 2
Views: 495

How to graph second disk use

Hi Folks, I apologise if this has been answered elsewhere. I have looked but not found any info. My Mikrotik x86 is in use as a web proxy. I have created a second store on a second disk that acts as the storage location for the web cache. My problem is that I wish to graph disk usage but the mikroti...
by alex_rhys-hurn
Thu Oct 15, 2009 12:02 pm
Forum: General
Topic: mikrotik t-shirts
Replies: 40
Views: 11776

Re: mikrotik t-shirts

however, in my defense this is an indicator of how dark it is in the dark continent of africa...

We just dont have the culture shown in that video.

Or maybe I am just an old fart already!
by alex_rhys-hurn
Thu Oct 15, 2009 11:59 am
Forum: General
Topic: mikrotik t-shirts
Replies: 40
Views: 11776

Re: mikrotik t-shirts

Eish... Sorry man...

I obviously missed the point there!

Keep up the good work!

Alex
by alex_rhys-hurn
Wed Oct 14, 2009 8:34 pm
Forum: General
Topic: mikrotik t-shirts
Replies: 40
Views: 11776

Re: mikrotik t-shirts

http://www.cafepress.com/mikrotik.407774243

The phrasing of the quote on the t-shirt above is not correct.

It reads "All your Route Are Belong to You"

It should read something like:

All Routes Are Yours
www.mikrotik.com
by alex_rhys-hurn
Wed Oct 14, 2009 8:06 pm
Forum: General
Topic: proxylizer vmware image: mysql.pipe permissions
Replies: 1
Views: 1320

proxylizer vmware image: mysql.pipe permissions

Hey folks, Been trying to make this vmware appliance work. The time I have spent repairing it I probably should have spent installing it on my own distro. Ho Hum! I am down to my final problem. In /home/proxylizer there sits a file called mysql.pipe If this file has wrong permissions then you will s...
by alex_rhys-hurn
Wed Jul 01, 2009 9:06 am
Forum: General
Topic: RouterOS and SMP (multi-core and multi-cpu) crashes
Replies: 39
Views: 13719

Re: RouterOS and SMP (multi-core and multi-cpu) crashes

Ah! Its Denis Burgess flogging his wares again. Denis, before you go around making those comments take a little time to understand where the people are coming from. Here in Africa (kenya in my case) it is not possible to buy your products. Yes I could import one and have it DHL over here but import ...
by alex_rhys-hurn
Thu Jun 25, 2009 9:22 am
Forum: General
Topic: RouterOS and SMP (multi-core and multi-cpu) crashes
Replies: 39
Views: 13719

Re: RouterOS and SMP (multi-core and multi-cpu) crashes

No I have not specifically run those tests on the machine. Its an interesting point though. The specifica machine I have in mind was installed in production as a mikrotik core router in 2006 with RouterOS version 2.9.something, and we have been progressively upgrading it since then, whilst always ke...
by alex_rhys-hurn
Thu Jun 18, 2009 4:25 pm
Forum: General
Topic: SCSI SUPPORT - WORKAROUNDS??
Replies: 5
Views: 800

Re: SCSI SUPPORT - WORKAROUNDS??

This workaround turned out ot be less than simple for me. Vmware ESXi 4 only runs on 64bit hardware. My server is of course only 32 bit hardware, and so I am still stuck with running Vyatta as my Virtualised router platform with Vmware ESXi 3.5 Lets see if I can persuade those with the purse strings...
by alex_rhys-hurn
Tue Jun 16, 2009 3:44 pm
Forum: General
Topic: RouterOS and SMP (multi-core and multi-cpu) crashes
Replies: 39
Views: 13719

Re: RouterOS and SMP (multi-core and multi-cpu) crashes

I can confirm that with an NEC Express server, Pentium 4 with Hyper Threading that any version of Routers os greater than 3.11 will lock up hard when HOTSPOT is enabled. If I disable that package then the machine runs fine, Vlans and Queues work ok. Enable the hotspot package and the machine locks h...
by alex_rhys-hurn
Mon May 18, 2009 4:24 pm
Forum: Wireless Networking
Topic: How do you protect towers from theft and vandalism?
Replies: 4
Views: 976

Re: How do you protect towers from theft and vandalism?

OK, next time I go to one of my hi-sites I'll take a snap.

You'll have to wait a few days....

Alex
by alex_rhys-hurn
Sun May 17, 2009 11:40 pm
Forum: Wireless Networking
Topic: How do you protect towers from theft and vandalism?
Replies: 4
Views: 976

Re: How do you protect towers from theft and vandalism?

Here in Kenya this is what we do: The highsites tend to be lattice towers of about 25-30 meters. The lattice tower is guyed. 1: After the tower is up, build a chainlink fence around the entire base encompassing also the guy wire footings. On top of this we put coiled razor wire. the kind they used i...
by alex_rhys-hurn
Fri May 08, 2009 4:44 pm
Forum: General
Topic: Hotspot custom queue
Replies: 2
Views: 1532

Re: Hotspot custom queue

This may not be exactly what you are trying to achieve. But this example from the WIKI has worked amazingly for me. The clever part is how the guy to thought this up really thought about the problem came up with a suggestion and then used the mikrotik to deploy. The principle is based on the AMOUNT ...
by alex_rhys-hurn
Fri May 08, 2009 4:39 pm
Forum: General
Topic: hello to all mikrotik supplier
Replies: 4
Views: 595

Re: hello to all mikrotik supplier

Or you can get a fibre to copper media converter and plug it in like this:

------FIBRE----MEDIA CONVERTER----CAT6 PATCH CORD-----ROUTERBOARD

Media converters are pretty cheap nowadays.
by alex_rhys-hurn
Wed May 06, 2009 5:12 pm
Forum: Beginner Basics
Topic: Creating VLAN's for different NAT'd users
Replies: 12
Views: 4397

Re: Creating VLAN's for different NAT'd users

Hey there... Just back from the bush for a few days.... Awesome trip. Cant seem to send you a private message as am not authorised to do so ..... So I suggest you visit my website and the hit contact us button to send me the email. I will then reply direct and we should be in touch. Best, Alex www.i...
by alex_rhys-hurn
Mon May 04, 2009 7:38 am
Forum: Beginner Basics
Topic: Creating VLAN's for different NAT'd users
Replies: 12
Views: 4397

Re: Creating VLAN's for different NAT'd users

Also if you are new to Mikrotik take note of the Wiki. Here is the wiki article on NAT: http://wiki.mikrotik.com/wiki/NAT_Tutorial And yes, I know what you mean by the price of Cisco in Africa. Although the longer I spend with Mikrotik the less I find myself missing Cisco products.... Cheers! Alex
by alex_rhys-hurn
Mon May 04, 2009 7:32 am
Forum: Beginner Basics
Topic: Creating VLAN's for different NAT'd users
Replies: 12
Views: 4397

Re: Creating VLAN's for different NAT'd users

Let me try to address your issue about NAT which is where we started I think: 1: Ideally you should always attempt to route a public IP direct to the customers CPE or router. This is best practice. Obviously with only a /24 of public IP addresses you wouldnt want to waste IP addresses as you route t...
by alex_rhys-hurn
Mon May 04, 2009 7:10 am
Forum: Beginner Basics
Topic: Easy Wisp Network Design?
Replies: 5
Views: 4817

Re: Easy Wisp Network Design?

As for the nanostation, I do find it an effective CPE, and it works great with the MT Base Stations I have. Still you cant beat the manageability of the Mikrotik gear. The option to use Nstreme right up to the CPE and also compression are great. The NS2 and NS5 come prebuilt and ready to go in a tin...
by alex_rhys-hurn
Sun May 03, 2009 4:35 pm
Forum: Beginner Basics
Topic: Easy Wisp Network Design?
Replies: 5
Views: 4817

Re: Easy Wisp Network Design?

You raise some interesting points. In my opinion you should always seek to have an entirely routed network and seek to deliver Public IP addresses to your clients. To save on public IP addresses you can subnet them and route those public IP subnets over your private IP network. For e.g. you allocate...
by alex_rhys-hurn
Wed Mar 04, 2009 7:28 am
Forum: General
Topic: Different Queuing structure for simple queues.
Replies: 8
Views: 2612

Re: Different Queuing structure for simple queues.

I suppose that we should really be discussing like this: Mikrotik Usermanager is creating dynamic simple queues. This would apply to PPPoe users as well as hotspot users. Also the hotspot usermanager with user profile is creating these simple queues. How does the queue tree interact with these simpl...
by alex_rhys-hurn
Tue Mar 03, 2009 7:09 pm
Forum: General
Topic: Different Queuing structure for simple queues.
Replies: 8
Views: 2612

Re: Different Queuing structure for simple queues.

Hi, I am also using the login scripts when a hotspot user logs in to move the static scripts above the dynamic ones. Its works fine, although as you say ALL the queues stall for a miniscule amount of time. I personally would like it if things were done the way you suggest but I have another question...
by alex_rhys-hurn
Mon Feb 23, 2009 2:43 pm
Forum: General
Topic: Compatibility with Vmware ESXi
Replies: 1
Views: 560

Compatibility with Vmware ESXi

I would like to see SCSI disk drivers introduced in the X86 version of RouterOS so that I can run it on my blazing fast (and free Vmware ESXi Hypervizor.

Rgds

Alex
by alex_rhys-hurn
Thu Feb 19, 2009 10:09 am
Forum: General
Topic: USB device on Vmware ESX
Replies: 2
Views: 1071

Re: USB device on Vmware ESX

Why could you not boot the thing from ESXi with a USB stick?

I am going to try it now....
by alex_rhys-hurn
Thu Feb 12, 2009 9:03 am
Forum: General
Topic: USB device on Vmware ESX
Replies: 2
Views: 1071

USB device on Vmware ESX

It MAY be possible to boot a USB disk that is pre-installed with Mikrotik ROS with vmware esx. I am working on it and will revert. Has anyone else managed yet?

Rgds

Alex
by alex_rhys-hurn
Sat Jan 24, 2009 9:27 pm
Forum: RouterBOARD hardware
Topic: SOLVED Solar Power Solution for RB433
Replies: 42
Views: 15362

Re: SOLVED Solar Power Solution for RB433

@ LaSolitaire I am afraid that I have never seen snow in my life, so you are asking me to do something that I have no knowledge of.. Why dont you add a section in there? It is a wiki and you can make your own changes. Your work would really improve the article. The basic stuff applies just as much t...
by alex_rhys-hurn
Wed Jan 21, 2009 2:55 pm
Forum: RouterBOARD hardware
Topic: SOLVED Solar Power Solution for RB433
Replies: 42
Views: 15362

Re: SOLVED Solar Power Solution for RB433

Why not use 3 x 6volt batteries in series to give you 18volts and run it from there? I guess the main worry is the charging voltage huh? I would be interested to hear about your regulator. I can get here some 24-12 volt reducing dc-dc regulators and some others that reduce from 12 to 3-6-9- volts. B...
by alex_rhys-hurn
Mon Jan 19, 2009 8:08 pm
Forum: RouterBOARD hardware
Topic: SOLVED Solar Power Solution for RB433
Replies: 42
Views: 15362

Re: SOLVED Solar Power Solution for RB433

The one I got for 100 USD is the Steca PR1010 which is a 12/24 volt 10 amp unit with lcd screen and bunch of monitoring functions. I dont know the model you suggest.

But then everything in Kenya is a rip off these days... ho. hum.
by alex_rhys-hurn
Mon Jan 19, 2009 4:21 pm
Forum: General
Topic: Proxylizer Proxy log analysis for RouterOS Web Proxy
Replies: 7
Views: 4611

Re: Proxylizer Proxy log analysis for RouterOS Web Proxy

Thanks for the reply.

I am waiting with excitement.

Cheers!

Alex
by alex_rhys-hurn
Mon Jan 19, 2009 9:01 am
Forum: RouterBOARD hardware
Topic: SOLVED Solar Power Solution for RB433
Replies: 42
Views: 15362

Re: SOLVED Solar Power Solution for RB433

Hey jp... Busted.... you caught me out. The photos ARE actually of a 12v system. Its a different site than originally used in the article...... BTW for others I started using a really cheap Chinese charge controller, and it was fine, but an accidental shorting of the load side caused me to go and bu...
by alex_rhys-hurn
Sun Jan 18, 2009 10:22 am
Forum: General
Topic: Open question for profesional WISPS
Replies: 11
Views: 1512

Re: Open question for profesional WISPS

In Kenya we can get bandwidth from the wholesalers either on an MPLS Fiber network or via Fixed Wirless Links for terrestrial. Generally the wireless links are delivered through Alvarion or Motorola Canopy equipment. Vsat is how ALL bandwidth enters the country at the moment. Bandwidth is limited he...
by alex_rhys-hurn
Sat Jan 17, 2009 11:24 pm
Forum: General
Topic: Proxylizer Proxy log analysis for RouterOS Web Proxy
Replies: 7
Views: 4611

Proxylizer Proxy log analysis for RouterOS Web Proxy

Hey folks, This url http://wiki.mikrotik.com/wiki/Proxylizer/Introduction and this URL http://wiki.mikrotik.com/wiki/Proxylizer/Getting_Started#Download gives details about a Mikrotik Software for analyzing the logs of Mikrotik Web Proxy Service. Has anyone used it or seen it yet? Search in forums t...
by alex_rhys-hurn
Mon Jan 05, 2009 3:11 pm
Forum: The Dude
Topic: invalid oid after upgrade from 3.0 rc3 to 3.0
Replies: 8
Views: 1613

SOLVED: invalid oid after upgrade from 3.0 rc3 to 3.0

So the reinstall of Dude has worked.

I removed the dude package, then downloaded it afresh from the mikrotik website, and installed it again.

My network maps are now working properly.

Regards

Alex
by alex_rhys-hurn
Mon Jan 05, 2009 9:44 am
Forum: The Dude
Topic: invalid oid after upgrade from 3.0 rc3 to 3.0
Replies: 8
Views: 1613

Re: invalid oid after upgrade from 3.0 rc3 to 3.0

Just working this through with the guys at Mikrotik. Running the command /system check-installation gives the following output, which confirms my feeling that it was missing mibs and images. So, I am going to remove the Dude package and then re-install it. Hopefully then check-installation will come...
by alex_rhys-hurn
Mon Jan 05, 2009 8:54 am
Forum: The Dude
Topic: invalid oid after upgrade from 3.0 rc3 to 3.0
Replies: 8
Views: 1613

Re: invalid oid after upgrade from 3.0 rc3 to 3.0

I have now submitted a support request to Mikrotik.

It looks to me like the MIBS for SNMP are missing and also the SVG files that make the graphics work are missing too....

Is this a bug?

Rgds

Alex
by alex_rhys-hurn
Mon Dec 29, 2008 9:50 am
Forum: The Dude
Topic: invalid oid after upgrade from 3.0 rc3 to 3.0
Replies: 8
Views: 1613

Re: invalid oid after upgrade from 3.0 rc3 to 3.0

Yes, cmon guys. Somebody out there must be able to help us with this....
by alex_rhys-hurn
Wed Dec 24, 2008 4:33 pm
Forum: Beginner Basics
Topic: Log file analyzer
Replies: 3
Views: 6959

Re: Log file analyzer

For the SYSLOG feature I am using the dude feature which was introduced in the v3.x of routeros software so that it can run as a service on the router itself. You can also run this software on a separate server elsewhere in your network. Then you may send the log data from the mikrotik router to the...
by alex_rhys-hurn
Wed Dec 24, 2008 11:56 am
Forum: General
Topic: Separate masquerades for separate networks
Replies: 3
Views: 669

Re: Separate masquerades for separate networks

You can do what you want with the SRCNAT & DSTNAT rules in the IP>FIREWALL>NAT menus. SRCNAT rules are used to make traffic FROM a subnet appear to come FROM a public IP. DSTNAT rules are used to make traffic TO a public IP be sent to a specific Private IP. AKA Port forwarding. Or IP Alias. So Priva...
by alex_rhys-hurn
Wed Dec 24, 2008 10:34 am
Forum: General
Topic: X86 clock issue
Replies: 12
Views: 2004

Re: X86 clock issue

Ok, well thats an angle that I hadnt thought about. Let me fiddle.

Although the machine was detecting and booting from the USB stick, but just kernel panicking after a few seconds. (when about 50% of the dots have zoomed by.)

Cheers!

Alex
by alex_rhys-hurn
Wed Dec 24, 2008 7:17 am
Forum: General
Topic: X86 clock issue
Replies: 12
Views: 2004

Re: X86 clock issue

The server was an HP ML110 g5 series machine.

This machine comes with a riser slot for the Lights out card, but the card is not present. I dont know if that means that there is still some chipset on the mobo or if there is nothing present at all.....

Rgds

Alex
by alex_rhys-hurn
Tue Dec 23, 2008 7:20 pm
Forum: General
Topic: Sample Hotspot Page - Sticky Please
Replies: 438
Views: 307707

Re: Sample Hotspot Page - Sticky Please

@virus,

You're joking right? Virus-group? that is the name of your isp? With a hotmail address.

Neat Marketing plan.....
by alex_rhys-hurn
Tue Dec 23, 2008 7:16 pm
Forum: General
Topic: X86 clock issue
Replies: 12
Views: 2004

Re: X86 clock issue

I have seen the USB boot problem on the HP ML110 Server series....

USB Boot then just tries to load a kernel panics and dies...... This form a 32MB usb stick
by alex_rhys-hurn
Tue Dec 23, 2008 1:32 pm
Forum: The Dude
Topic: invalid oid after upgrade from 3.0 rc3 to 3.0
Replies: 8
Views: 1613

Re: invalid oid after upgrade from 3.0 rc3 to 3.0

So, by the fact that I have the invalid oid error as well as apparently missing svg files for the icon images for devices, is it possible that these are a: either not present in the package or b: deleted / corupted when the install was done. I Should explain that this machine has been progressively ...
by alex_rhys-hurn
Tue Dec 23, 2008 1:26 pm
Forum: The Dude
Topic: invalid oid after upgrade from 3.0 rc3 to 3.0
Replies: 8
Views: 1613

Re: invalid oid after upgrade from 3.0 rc3 to 3.0

I have this exact same problem. Note that it only occurs when I connect to my remote Dude server running ROuterOS 3.17 and the independant Dude 3.0 package. If I use the Dude client 3.o on my pc and connect to local server then things show up ok. Any tips? I also note that when trying to edit a devi...
by alex_rhys-hurn
Sat Dec 06, 2008 2:19 pm
Forum: General
Topic: Mikrotik transparent bridge with Hotspot : HowTo?
Replies: 2
Views: 1216

Re: Mikrotik transparent bridge with Hotspot : HowTo?

Did you manage to do this? It is exactly what I want to do.

Cheers,

Alex
by alex_rhys-hurn
Sat Nov 22, 2008 9:50 pm
Forum: RouterBOARD hardware
Topic: SOLVED Solar Power Solution for RB433
Replies: 42
Views: 15362

Re: SOLVED Solar Power Solution for RB433

I have created a wiki article to document the process of making a solar power system. Hopefully this will help others.

The article is found here: http://wiki.mikrotik.com/wiki/Solar_Power_HOWTO
by alex_rhys-hurn
Tue Nov 18, 2008 5:25 pm
Forum: RouterBOARD hardware
Topic: SOLVED Solar Power Solution for RB433
Replies: 42
Views: 15362

Re: SOLVED Solar Power Solution for RB433

Great update gerard. A great tip. It is similar to the first problem I have seen on my new test rig. Only in reverse. My test rig is running the newer boards, Crossroads and RB433 (which I designed it for), but my older RB532 wont power at all. This is because when the voltage drops below 25V the RB...
by alex_rhys-hurn
Mon Nov 17, 2008 11:56 pm
Forum: RouterBOARD hardware
Topic: SOLVED Solar Power Solution for RB433
Replies: 42
Views: 15362

Re: Solar Power Solution for RB433 (Solved)

Hi There, Well, its been an interesting few days learning about this. to this end I have started writing a wiki article to try and document my lessons for others. http://wiki.mikrotik.com/wiki/Solar_Power_HOWTO Thank you for clarifying the 12v point. I see what you are getting at. I decided not to u...
by alex_rhys-hurn
Mon Nov 17, 2008 11:40 pm
Forum: General
Topic: More ways to earn free licenses!
Replies: 162
Views: 73845

Re: More ways to earn free licenses!

Dear Normis, Please review the new Wiki Article here: http://wiki.mikrotik.com/wiki/Solar_Power_HOWTO This wiki article servers to explain how to design and build a solar power system to power a RouterBoard Base Station. I trust it is useful and might earn me a license? Best regards to all, Alex
by alex_rhys-hurn
Mon Nov 17, 2008 6:58 pm
Forum: RouterBOARD hardware
Topic: SOLVED Solar Power Solution for RB433
Replies: 42
Views: 15362

Re: Solar Power Solution for RB433

HEy Folks, Thanks for the tips. I have now bought the follwoing: 1 x 100Watt 24 Volt Panel 1 x 15Amp 24Volt Charge / Load Controller with Low Voltage Disconnect 2 x 44Ah Low Maintenance Deep Cycle Batteries Funnily enough two 40 watt 12 Volt panels cost the same as 1 100 Watt 24 Volt Panel. About 40...
by alex_rhys-hurn
Sun Nov 16, 2008 9:21 pm
Forum: RouterBOARD hardware
Topic: SOLVED Solar Power Solution for RB433
Replies: 42
Views: 15362

Re: Solar Power Solution for RB433

Thanks for the reply.

Please can you explain why this is necessary?

I used two or three different websites to calculate this and they all seemed to agree.

Perhaps I should point out that I am located on the equator in kenya.

Regards,

Alex
by alex_rhys-hurn
Sun Nov 16, 2008 3:13 pm
Forum: RouterBOARD hardware
Topic: SOLVED Solar Power Solution for RB433
Replies: 42
Views: 15362

SOLVED Solar Power Solution for RB433

Hey Folks,

I am planning to power my hi-sites with Solar Power. Will my solution shown below work?

EDIT: Also refer to the new Wiki Article addressing this topic for more info: http://wiki.mikrotik.com/wiki/Solar_Power_HOWTO
Base Station Solar Power.jpg
by alex_rhys-hurn
Sat Nov 01, 2008 7:47 am
Forum: Beginner Basics
Topic: Newbie - Limiting Connections
Replies: 24
Views: 3759

Re: Newbie - Limiting Connections

Hi, Been on safari..... Can you please open a new terminal window from winbox, and enter this command (just paste it from here): /export file=tower-a Then open the files window and drag the file tower-a to your desktop, and then open this file innotepad and paste it as code in to this forum posting....
by alex_rhys-hurn
Thu Oct 30, 2008 7:35 pm
Forum: General
Topic: Mikrotik Antennas spec sheets needed
Replies: 1
Views: 568

Mikrotik Antennas spec sheets needed

Hi Folks, My local mikrotik dealer sells me antennas that are aparently mikrotik genuine. Does anybody know if mikrotik sells such things? I cant find any refference on the mikrotik or routerboard websites. You know the ones, the antennas normally used to come with the RB2018 and RB KAO packages. I ...
by alex_rhys-hurn
Wed Oct 29, 2008 8:24 pm
Forum: The User Manager
Topic: Possible bug: Usermanager mac auth and user prefix
Replies: 3
Views: 1033

Re: Possible bug: Usermanager mac auth and user prefix

Hi Sergejs,

Thanks for the response. Saves me fighting with it any more.

I know this is the most hated question, but is there any timeframe for new userman? Say first quater next year?

Forgive me for asking....

Rgds

ALex
by alex_rhys-hurn
Wed Oct 29, 2008 3:04 pm
Forum: The User Manager
Topic: Possible bug: Usermanager mac auth and user prefix
Replies: 3
Views: 1033

Possible bug: Usermanager mac auth and user prefix

Hey folks, Trying to figure out if I have found a bug in usermanager or if I am doing something wrong. I have defined a user prefix for one of my customers who has a hotspot of their own in my network and they use my central user manager deployment which has two or three cybercafes operating off it....
by alex_rhys-hurn
Fri Oct 17, 2008 9:01 am
Forum: General
Topic: Is possible these configuration?
Replies: 4
Views: 653

Re: Is possible these configuration?

Yes of course.

In fact all you do is set the deault gateway for the asterisk to be the link to the dedicated ISP and the default gateway for the LAN ip phones to the mikrotik router that handles all other traffic.
by alex_rhys-hurn
Thu Oct 16, 2008 10:22 pm
Forum: General
Topic: How to increase the bandwidth and signal power
Replies: 13
Views: 4249

Re: How to increase the bandwidth and signal power

I use the Mikrotik AP and nanostation combination too. I have fallen in to a trap quite often on the nanostations. They often default to having the built in antenna to work in Horizontal Polarization. Be sure to set this to vertical in the advanced page of the web interface. Also note that there are...
by alex_rhys-hurn
Thu Oct 16, 2008 10:04 pm
Forum: General
Topic: Is possible these configuration?
Replies: 4
Views: 653

Re: Is possible these configuration?

This should be totally straight forward to achieve with routeros. I guess I should ask you how many ports you have on your router? You will probably want to use policy based routing to make this work nicely. Check in the wiki for an example. I should add though that my own asterisk server worked muc...
by alex_rhys-hurn
Thu Oct 16, 2008 9:48 pm
Forum: General
Topic: Sample Hotspot Page - Sticky Please
Replies: 438
Views: 307707

Re: Sample Hotspot Page - Sticky Please

Here is a simpler HTML based one. I just edited the login page that comes with mikrotik hotspot.

I am a networks guy and not a creative or HTML coder.

Tell me what you think. Its fast and simple.
Hotgossip Hotspot Login Page.jpg
by alex_rhys-hurn
Wed Oct 15, 2008 11:21 pm
Forum: Beginner Basics
Topic: Newbie - Limiting Connections
Replies: 24
Views: 3759

Re: Newbie - Limiting Connections

Ok, I understand you fully. You need to do the work on tower A. First use the IP> FIREWALL> MANGLE menus to mark the traffic that is going from A to B and then a different rule to makr traffic that is going from B to A. and then two more different sets of rules to mark traffic going from A to Intern...
by alex_rhys-hurn
Wed Oct 08, 2008 12:22 am
Forum: Beginner Basics
Topic: Newbie - Limiting Connections
Replies: 24
Views: 3759

Re: Newbie - Limiting Connections

An important point to understand about the mikrotik is something called Packet Flow. Read about it here: http://www.mikrotik.com/testdocs/ros/3.0/qos/flow.php This is all about how the traffic passes through the router and therefore how you can apply controls or manipulate that traffic. So, yes, if ...
by alex_rhys-hurn
Tue Oct 07, 2008 11:08 am
Forum: General
Topic: QoS
Replies: 6
Views: 3282

Re: QoS

Hi Bledar,

There is a lot of information on themikrotik wiki for you to start with.

Try these:
http://wiki.mikrotik.com/wiki/Category:QoS

Also there is a hidden wiki article on voip here:

http://wiki.mikrotik.com/wiki/Voip

Especially the second one.
by alex_rhys-hurn
Sat Sep 13, 2008 6:14 pm
Forum: Wireless Networking
Topic: Intel 2200BG
Replies: 3
Views: 1680

Re: Intel 2200BG

Well given that Intel now offers an opensource set of drivers and they work well with Linux systems, cant see why they shouldnt be allowed to work and the drivers included. On the other hand the intel mini PCI wifi cards usually only have a power output in the region of 50 miliwatts. Not much for an...
by alex_rhys-hurn
Sat Sep 13, 2008 6:11 pm
Forum: Wireless Networking
Topic: Help with AP units ??
Replies: 9
Views: 1268

Re: Help with AP units ??

please put this command in to your mikrotik ap: /interface wireless print And paste the output here. We need some specific infor to help you. Dont forget that some mikrotik wireless features are not compatible with other makes of hard ware. Nstreme is one and I have had problems with compression too...
by alex_rhys-hurn
Sat Sep 13, 2008 6:03 pm
Forum: Beginner Basics
Topic: Newbie - Limiting Connections
Replies: 24
Views: 3759

Re: Newbie - Limiting Connections

have you had any joy with the queues?

Yeah there is always loads of terminology changes with different platforms...

You will find that queues on mikrotik are far more flexible and power ful than what mono can offer you.
by alex_rhys-hurn
Fri Sep 12, 2008 7:26 am
Forum: Beginner Basics
Topic: Newbie - Limiting Connections
Replies: 24
Views: 3759

Re: Newbie - Limiting Connections

As a by the way, this is one of the many reasons why its useful to try to design and build your network in a routed manner rather than a bridged one.

A future tip for you.

It definitely seems to me that you have all of the equipment and software in place to do what you want to do.
by alex_rhys-hurn
Fri Sep 12, 2008 7:25 am
Forum: Beginner Basics
Topic: Newbie - Limiting Connections
Replies: 24
Views: 3759

Re: Newbie - Limiting Connections

No I said that it should run on the TOWER 3 as per your drawing. NOT your core router. Remember that in RouterOS 3 the bridge mode can have the firewall applied to it and so you can run mangl on the traffic that passes through. I say tower 3 because that is a point that the traffic must pass through...
by alex_rhys-hurn
Thu Sep 11, 2008 11:43 pm
Forum: General
Topic: logging trafic
Replies: 13
Views: 1480

Re: logging trafic

Chupaka,

I hear what you say about the netflow, but maybe with such a stupid law they makeit worse by saying that if you take a 100% netflow you are infringing on peoples privacy by logging ALL data!

You never know.

Move to africa, we dont have laws.... ;)
by alex_rhys-hurn
Thu Sep 11, 2008 9:49 pm
Forum: Beginner Basics
Topic: Newbie - Limiting Connections
Replies: 24
Views: 3759

Re: Newbie - Limiting Connections

I dont know how many of these you are going to want to do but perhaps a way of doing this is to do your controls on tower3 where all the traffic mast pass. You should be able to set up mangle rules to mark the traffic to and from the customers sites. Then apply a simple queue to the marked packets. ...
by alex_rhys-hurn
Thu Sep 11, 2008 7:38 pm
Forum: The Dude
Topic: has anyone tried to install rc2 on ros x86 v3.10?
Replies: 10
Views: 1970

Re: has anyone tried to install rc2 on ros x86 v3.10?

Ok, so following the suggestion to look at the log file (and I deserve a fine for not thinking of that myself, sorry) the log file says the following: system warning: omitting package dude-3.0rc2: newer package dude-3.13 is already installed So there is some problem there. Any ideas? Can I just rena...
by alex_rhys-hurn
Wed Sep 10, 2008 8:27 am
Forum: The Dude
Topic: has anyone tried to install rc2 on ros x86 v3.10?
Replies: 10
Views: 1970

Re: has anyone tried to install rc2 on ros x86 v3.10?

Hello. Still not working. I upgraded my x86 to ROs 3.13. Then FTP the file dude-3.0rc2.npk to the router. Checked that the file size was the same on the router and on my desktop. Then rebooted the router. It doesnt install. Then I re-downloaded the dude file again to make sure its a good one and tri...
by alex_rhys-hurn
Tue Sep 09, 2008 6:34 pm
Forum: The Dude
Topic: has anyone tried to install rc2 on ros x86 v3.10?
Replies: 10
Views: 1970

Re: has anyone tried to install rc2 on ros x86 v3.10?

!! So what is the point of a routeros independant version of Dude if it doesnt run on all routeros.... I can upgrade my router to 3.11 but not beyond at this point until I am sure that the multiple processor and queue issues that were in 3.12 have been solved. Have they been solved in 3.13? Regards ...
by alex_rhys-hurn
Tue Sep 09, 2008 3:34 pm
Forum: The Dude
Topic: has anyone tried to install rc2 on ros x86 v3.10?
Replies: 10
Views: 1970

has anyone tried to install rc2 on ros x86 v3.10?

I downloaded the routeros independant package from the website, ftp it to my core router on x86 and then reboot the system...

no deal. the package does not install.

Can anyone tell me how to do it?

BEst,

Alex
by alex_rhys-hurn
Mon Sep 08, 2008 9:23 pm
Forum: The User Manager
Topic: A hotspot logout button?
Replies: 18
Views: 33942

Re: A hotspot logout button?

Hi Normis.

Ok, I understand your point about making the pages more unreliable in an iframe and consuming router resources.....

YOu mention a desktop shortcut to logout? How/what exactly do you mean? What would the entries in the shortcut consist of?

Regards,

Alex
by alex_rhys-hurn
Mon Sep 08, 2008 9:21 pm
Forum: The User Manager
Topic: How to stop usermanager from creating queues
Replies: 3
Views: 1362

Re: How to stop usermanager from creating queues

Hi sergejs, Thanlk you for your response. As per my other post see below for the resolved issue: I have resolved my issue, and this was a real head slapper for me..... I was "disabling"the rate-limit in usermanager by setting values to 0 which of course in router os means that the queue should be cr...
by alex_rhys-hurn
Mon Sep 08, 2008 9:19 pm
Forum: The User Manager
Topic: !!!Usermanage Limits not working!!! Urgent
Replies: 12
Views: 3736

Re: !!!Usermanage Limits not working!!! Urgent

I have resolved my issue, and this was a real head slapper for me..... I was "disabling"the rate-limit in usermanager by setting values to 0 which of course in router os means that the queue should be created and then set to unlimited..... doh.... Sorry guys. Anyway, simply deleting all text/numbers...
by alex_rhys-hurn
Mon Sep 08, 2008 9:14 pm
Forum: Beginner Basics
Topic: Newbie - Limiting Connections
Replies: 24
Views: 3759

Re: Newbie - Limiting Connections

Are you doing any user authentication or some such? Also do you have default forward set on your AP's? Some diagram of how your network will help. For example depending on how you route or bridge data will help us to understand if the traffic MUST go through a central point in your network. So, if t...
by alex_rhys-hurn
Sun Sep 07, 2008 9:28 pm
Forum: General
Topic: high priority
Replies: 14
Views: 3118

Re: high priority

@NickOlsen Just looking through your QOS example. I pasted it in to a testbed router I have. Can I just ask what the theory is behind you setting a MaxLimit o f1900k on your upload_wan1 parent queue in the queue tree? I assume that this is the capacity you have from your ISP, but why set it on the u...
by alex_rhys-hurn
Sun Sep 07, 2008 7:16 pm
Forum: Beginner Basics
Topic: 10Base2 with 3Com 3c905B
Replies: 5
Views: 927

Re: 10Base2 with 3Com 3c905B

Cool! I like to play with stuff too.... Well if the tick is set in the auto-negotiation then it should be enabled. I see that you have it ticked and it still says disabled.... hmmm... Perhaps instead of trying to auto negotiate you could set and force each end of the link to the speed and duplex you...
by alex_rhys-hurn
Sun Sep 07, 2008 2:10 pm
Forum: General
Topic: explain how to test QOS
Replies: 2
Views: 1104

Re: explain how to test QOS

Hey butch, thanks for the reply. I normally use qcheck and Iperf to do my traffic generation. I particularly like Iperf as I can set some TOS to the packets. My problem really comes in to examining the configs in the mikrotik....... ... doh... In writing this I have just answered my own question. Wh...
by alex_rhys-hurn
Sat Sep 06, 2008 11:39 pm
Forum: Beginner Basics
Topic: Newbie - Limiting Connections
Replies: 24
Views: 3759

Re: Newbie - Limiting Connections

Hello, I am trying to understand what you want. As I understand it you want your customers to be able to send traffic between their two locations in your own network at a speed you set for them, and that this speed will be different to what they get to the internet is that right? In other words thei...
by alex_rhys-hurn
Sat Sep 06, 2008 11:10 pm
Forum: General
Topic: explain how to test QOS
Replies: 2
Views: 1104

explain how to test QOS

Hi Folks, Like many of us I am playing with queues (tree & simple) to achieve QOS solutions on RouterOS. I have built many configs in my lab environment using examples from the wiki, manual and peoples comments here in the forum. My question is this: Can anyone explain to me some good tricks and met...
by alex_rhys-hurn
Sat Sep 06, 2008 10:56 pm
Forum: Beginner Basics
Topic: 10Base2 with 3Com 3c905B
Replies: 5
Views: 927

Re: 10Base2 with 3Com 3c905B

Sorry to ask the obvious, but I trust that you are using the correct impedance coax tpieces and terminators... you cant just plug the coaxt to the BNC... Forgive me if you know this.... just asking.... You shouldnt have to switch the card from 10baset to 10base2 it should do a link negotiation prope...
by alex_rhys-hurn
Sat Sep 06, 2008 10:50 pm
Forum: Beginner Basics
Topic: How to limit P2P traffice for all my users
Replies: 5
Views: 4450

Re: How to limit P2P traffice for all my users

Hi beny30 I see that you have just joined. Welcome to one of the most productive and quick responding forums on the net (in my opinion). However, do please be careful asking the question you have asked. It has been asked so many times that all the info can be found here in the forum by searching and...
by alex_rhys-hurn
Fri Sep 05, 2008 8:37 pm
Forum: The User Manager
Topic: A hotspot logout button?
Replies: 18
Views: 33942

Re: A hotspot logout button?

There must be a way to do this with clever html stuff... Can mikrotik not automagically render the users webpages in to an Iframe or something, so that the time counter and logout button remain in a small bar at the top. An example of this would be how google does the image search. When you click an...
by alex_rhys-hurn
Fri Sep 05, 2008 7:52 pm
Forum: The User Manager
Topic: How to stop usermanager from creating queues
Replies: 3
Views: 1362

How to stop usermanager from creating queues

All I want is simple. I want to get usermanager to do two things and only two things. 1: Allocate an IP address to the hotspot user 2: Authenticate the hotspot user either by voucher or mac address I do NOT want to do any traffic shaping, limits caps or such. Therefore I DO NOT want userman to creat...
by alex_rhys-hurn
Fri Sep 05, 2008 9:13 am
Forum: The User Manager
Topic: Interfacing User Manager with CRM
Replies: 4
Views: 2944

Re: Interfacing User Manager with CRM

So is this possible with Sugar CRM? Sugar CRM is tightly integrated to our Trixbox IP PBX and now we would like to take that info and tie it with userman.

Rgds

alex
by alex_rhys-hurn
Fri Sep 05, 2008 8:29 am
Forum: The User Manager
Topic: !!!Usermanage Limits not working!!! Urgent
Replies: 12
Views: 3736

Re: !!!Usermanage Limits not working!!! Urgent

This is the same problem that I am having. Now, making static simple queues with usermanager has caused me a problem. When I use userman to autehnticate my customers it creates a dynamic queue. I dont want that. I want userman to allocate an IP address and to authenticate the users and thats all. I ...
by alex_rhys-hurn
Wed Jul 16, 2008 9:37 am
Forum: General
Topic: Static DNS and local webserver problem ...
Replies: 9
Views: 5228

Re: Static DNS and local webserver problem ...

Hey bwana! I created those rules with winbox. Winbox shows the entries as 0.0.0.0/0 but in the CLI it shows them as 0.0.0.0-255.255.255.255 So I removed them and recreated them using the CLI and it still behaves the same way. I will send some stuff to support, but I will have to plan a maintenance p...
by alex_rhys-hurn
Wed Jul 16, 2008 8:32 am
Forum: General
Topic: Static DNS and local webserver problem ...
Replies: 9
Views: 5228

Re: Static DNS and local webserver problem ...

Hi Giepie Well, this is totally dumbfounding me. When ever I put the following rules in to place my x86 Router reboots instantly, starts up and then reboots itself again. Over and over. The funny thing is that it only does this with the LAN cables plugged in. If I take them out, the router runs, and...
by alex_rhys-hurn
Tue Jul 15, 2008 1:33 pm
Forum: General
Topic: Static DNS and local webserver problem ...
Replies: 9
Views: 5228

Re: Static DNS and local webserver problem ...

Hi! I am playing with this, but am not sure which ip address that should be in the src-address field with the NOT (!) feature. I have three interfaces: ether1 - to internet, public interface ether2 - to WISP network (customers) ether3 - Management network in my office. A assume that I should have th...
by alex_rhys-hurn
Sun Jul 13, 2008 7:10 pm
Forum: General
Topic: Need simpler Hotspot setup
Replies: 4
Views: 793

Re: Need simpler Hotspot setup

So I think I want something similar to this.

Hotspot without NAT. is that possible with mikrotik?
by alex_rhys-hurn
Sun Jul 13, 2008 7:04 pm
Forum: General
Topic: Forwarding static IP over natted network.
Replies: 7
Views: 1747

Re: Forwarding static IP over natted network.

I just have to re-iterate that the NAT rules on the gateway are key to getting this right. you must make sure that your NAT rules do not toiuch any of the public ip subnets that you have. Here is an example of my NAT rules. nat rules.png Here is the whole routing table. You can see that there are no...
by alex_rhys-hurn
Sun Jul 13, 2008 6:50 pm
Forum: General
Topic: Forwarding static IP over natted network.
Replies: 7
Views: 1747

Re: Forwarding static IP over natted network.

OK, So lets say we have three IP ranges. 10.0.0.0/24 for customers who do not require a public IP, and in this example as a small WISP we are going to use this subnet as our management network too. So, all our AP' s backhauls and so on will use these IP addresses. This is configured on ether 2 which...
by alex_rhys-hurn
Sat Jul 12, 2008 10:59 pm
Forum: Wireless Networking
Topic: Next gen wireless card poll
Replies: 57
Views: 25584

Re: Next gen wireless card poll

I prefer SMA for loss reasons and because the anntenas I can get here are SMA.

So for me:

1 x Ufl for posterities sake and 1 x SMA.
by alex_rhys-hurn
Sat Jul 12, 2008 10:55 pm
Forum: General
Topic: Static DNS and local webserver problem ...
Replies: 9
Views: 5228

Re: Static DNS and local webserver problem ...

Can you also achieve the same thing by setting the primary DNS server for the router to itself and then the secondary to your ISP DNS server? Then get your DHCP clients to set their primary DNS server to the router? Does that not also mean you are caching your DNS requests as well as serving the sta...
by alex_rhys-hurn
Sat Jul 12, 2008 10:51 pm
Forum: General
Topic: Best way to manage a large network
Replies: 3
Views: 976

Re: Best way to manage a large network

As Chupaka says try the Dude. Also you can use any industry standard SNMP management system to monitor your systems. A common way to do this is to use the MRTG or Cacti Graphong Tools to query all your devices and then display the graphs as you need. These can get quite complex and allow you not onl...
by alex_rhys-hurn
Sat Jul 12, 2008 10:44 pm
Forum: General
Topic: Forwarding static IP over natted network.
Replies: 7
Views: 1747

Re: Forwarding static IP over natted network.

Forgive the lecture if you know this stuff... But this background has helped me build better networks by avoiding use of NAT where ever possible. NAT is evil because the hosts that are behind routers that are running NAT do not have end to end connectivity. NAT was developed inthe 90' s to try to co...
by alex_rhys-hurn
Sat Jul 12, 2008 5:49 pm
Forum: General
Topic: Dos Attack Filter
Replies: 3
Views: 1086

Re: Dos Attack Filter

Dont forget to block the ports suggested in both the FORWARD and INPUT chains.

The INPUT chain to protect the router itself and the FORWARD chain to stop the traffic passing through the router.

Regards

Alex
by alex_rhys-hurn
Sat Jul 12, 2008 5:31 pm
Forum: General
Topic: Forwarding static IP over natted network.
Replies: 7
Views: 1747

Re: Forwarding static IP over natted network.

Hi! I needed to basically the same thing: Refer to this post to see how the guys helped me out. It worked really well. http://forum.mikrotik.com/viewtopic.php?f=2&t=22671 The thing that worries me is that you show that you are doing NAT twice! Is there any reason for that? NAT is evil as it is and a...
by alex_rhys-hurn
Sun Jun 08, 2008 11:53 pm
Forum: General
Topic: virtualization
Replies: 60
Views: 21847

Re: virtualization

gmsmstr I guess this is one application example: x86 Hardware base. RouterOS is installed, and then inside the Xen hypervisor there, we install CentOS 5 with a squid proxy setup. Maybe that is a way to get a nice R-OS and Proxy server mix going. Might get around some of the issues that folks have wi...
by alex_rhys-hurn
Fri May 09, 2008 5:29 pm
Forum: General
Topic: Proxy ROS v3.7 & v3.8.
Replies: 28
Views: 2803

Re: Proxy ROS v3.7 & v3.8.

Hey there.... Dont be sad! I am sure some solution can be made.... Can I suggest for testing purposes that we work our way back to where we can get a stable setting. I would suggest that you try the following in this order: 1: Make the proxy settings completely default and then test to see if that r...
by alex_rhys-hurn
Fri May 09, 2008 12:46 pm
Forum: General
Topic: Proxy ROS v3.7 & v3.8.
Replies: 28
Views: 2803

Re: Proxy ROS v3.7 & v3.8.

What makes you think that the proxy is causing this?

Are you sure that if you leave the proxy off, that the interfaces stay in the list all the time?

How long does it run for before the interfaces fail?

What hardware platform are you running on?
by alex_rhys-hurn
Thu May 08, 2008 10:30 pm
Forum: General
Topic: Proxy ROS v3.7 & v3.8.
Replies: 28
Views: 2803

Re: Proxy ROS v3.7 & v3.8 ....SUCKS !!!

Here is my advice. Whilst Router OS itself has been around for some years and has now evolved to verison 3, the web proxy feature is actually brand new (in version 3.x) and in my opinion only in version 0.01. Mikrotik chose to completely re-write FROM SCRATCH the web proxy feature. This means that i...
by alex_rhys-hurn
Tue May 06, 2008 11:04 pm
Forum: General
Topic: How can I route public IP's to my clients without 1:1 NAT?
Replies: 15
Views: 4817

route public IP's to my clients without 1:1 NAT: RESOLVED

Ok, thanks for all the tips folks. Actually turned out to be much simpler than I thought. I used a static route version, exactly as galaxynet suggested. Next step is to go and learn OSPF... One thing I learned to watch out for is how NAT is handled. Up until a basic masquerade rule for all traffic s...
by alex_rhys-hurn
Fri May 02, 2008 6:13 pm
Forum: Beginner Basics
Topic: Is marked packet routable with non-Mikrotik routers ?
Replies: 11
Views: 2188

Re: Is marked packet routable with non-Mikrotik routers ?

But Mikrotik is a form of a linux router..... if you take out the linux router that is already there you can still tell the bosses that its a linux router... you can even put it on the same hardware. Anyway, I suggest you make an EOIP tunnel between the two mikrotiks, and then you can do a number fo...
by alex_rhys-hurn
Fri May 02, 2008 8:04 am
Forum: Beginner Basics
Topic: 1:1 mapping
Replies: 7
Views: 2660

Re: 1:1 mapping

One small thing to note here. If you are doing a combination of 1:1 mapping on your network and just regular NAT for users who dont need a public ip address, you need to be careful that you do your src-nat properly. Things will "sort" of work if you have the basic masquerade rule for your normal non...
by alex_rhys-hurn
Tue Apr 29, 2008 6:00 pm
Forum: General
Topic: QoS
Replies: 6
Views: 3282

Re: QoS

Ok, if you want more help on this why dont you describe here what you are trying to achieve then together we build a config to help you. That way we both work together. two heads better than one right?
by alex_rhys-hurn
Fri Apr 25, 2008 1:07 am
Forum: Wireless Networking
Topic: 240Km link with RB532 @ 20Mbits
Replies: 62
Views: 41064

Re: 240Km link with RB532 @ 20Mbits

I have used 30dbi antennas and the best trick I could work out was this: Make a long (like 1.5 meter) T shaped wooden bracket, that can hook over the front of the antenna. This works great for panel and dish antennae. Yagis you can point any way. You then hook (somehow, you have to be creative for t...
by alex_rhys-hurn
Fri Apr 25, 2008 12:49 am
Forum: Wireless Networking
Topic: Wireless disconnection messages explained!
Replies: 85
Views: 77708

Re: Wireless disconnection messages explained!

webformix, I have just spent a happy day dealing with exactly the errors you list. We solved permanently by changing channels. We were getting interference from a nearby wifi base station. We found this with was happening with both Dlink DWL2100 AP in ap client mode and Mikrotik with R52 wifi cards....
by alex_rhys-hurn
Fri Apr 25, 2008 12:32 am
Forum: General
Topic: QoS
Replies: 6
Views: 3282

Re: QoS

Hi, I think you have over simplified your question. Mikrotik ROuterOS is a comprehensive set of tools, and the software will do EXACTLY what you tell it to do with your traffic. So, the short answer to your question is yes. The long answer is that it depends on what other things you are doing with y...
by alex_rhys-hurn
Sat Apr 19, 2008 11:11 pm
Forum: General
Topic: Graphing
Replies: 12
Views: 3184

Re: Graphing

Hi Yusuf, The graphing issue..... The problem with graphing dynamic queues (hotspot sessions) with MRTG or CACTI or Dude or any other snmp based graphig tool is this: Each time the customer logs on a session is created. Say session number 1. When the user logs off, this session is closed. Next time ...
by alex_rhys-hurn
Tue Mar 25, 2008 7:32 am
Forum: General
Topic: Bandwidth Control/Traffic Shaping Combing Multiple Interface
Replies: 6
Views: 1321

Re: Bandwidth Control/Traffic Shaping Combing Multiple Interface

Yes, galaxynet is correct, here is a very rough logical example of what can be done (and IS being done by many mikrotik users): Note that the numbers dont necessarily add up or anything, it is just a rough example to show the sort of logic you need to apply to working with routeros. You may see diff...
by alex_rhys-hurn
Tue Mar 25, 2008 6:28 am
Forum: General
Topic: How can I route public IP's to my clients without 1:1 NAT?
Replies: 15
Views: 4817

Re: How can I route public IP's to my clients without 1:1 NAT?

Hi, It is a routed network and is based on what I want to achieve with the network that I already have. It is a real life scenario that I want to achieve, right now the Customer routers all have statis private IP's and I want to change that to static publics, as my mini ISP grows I want to try and d...
by alex_rhys-hurn
Thu Mar 20, 2008 10:59 pm
Forum: General
Topic: How can I route public IP's to my clients without 1:1 NAT?
Replies: 15
Views: 4817

How can I route public IP's to my clients without 1:1 NAT?

Hi Folks, I really, really want to achieve the scenario where my network infrastructure (AP's CPE's switches backhauls and other gear) uses private IP's for their operation and managemnet and then over that infrastructure I route a public IP (or subnet like a /30) to my customers router. I am curren...
by alex_rhys-hurn
Thu Mar 20, 2008 8:24 pm
Forum: General
Topic: Bandwidth Control/Traffic Shaping Combing Multiple Interface
Replies: 6
Views: 1321

Re: Bandwidth Control/Traffic Shaping Combing Multiple Interface

hi catkins. Welcome to the world of mikrotik. Also congratulations for walking headlong in to the same thing that I am many others have found when posting in this forum. When you say that the post that was given is not an answer, I can understand your position. In fact that post does contain enough ...
by alex_rhys-hurn
Tue Mar 04, 2008 10:48 pm
Forum: General
Topic: Queue Tree: traffic shaping: 4 Questions
Replies: 0
Views: 476

Queue Tree: traffic shaping: 4 Questions

Hey Folks, Still trying to get my traffic shaper working well. Its objective is to assign priority to traffic NOT to limit speed. I simply want to say that SIP traffic has a higher priority than HTTP traffic. I have successfully mangled the traffic to mark it. I have a queue tree as per this image: ...
by alex_rhys-hurn
Sat Feb 23, 2008 1:57 pm
Forum: General
Topic: LoadBalancing on MikroTik V3
Replies: 24
Views: 3888

Re: LoadBalancing on MikroTik V3

Hi guys, I have been in your position before and have worked through to learn all the lessons the hard way. You have these options for load balancing: ECMP Round Robin Policy Based Routing Part of the problem for you and for me is that your internet supplies are not matched. 1 is a high latency vsat...
by alex_rhys-hurn
Tue Feb 05, 2008 9:11 pm
Forum: RouterBOARD hardware
Topic: RB133: ROS 3.1 Switch feature not working
Replies: 0
Views: 736

RB133: ROS 3.1 Switch feature not working

Hey folks, I have enable the switch function on my RB133 as follows: ether1 no changes made ether2 as a slave to ether1 ether3 as a slave to ether1 ether1 and wlan2 are members of bridge1 When I do this devices on each ether interface can ping each other, but cannot ping anything on any other interf...
by alex_rhys-hurn
Fri Jan 25, 2008 7:24 am
Forum: General
Topic: RouterOS v3.1 Released - Wireless disconnection issue solved
Replies: 13
Views: 1843

Re: RouterOS v3.1 Released - Wireless disconnection issue solved

I am asking about the wireless disconnection problem.

The problem I had was something about a key update problem.....
by alex_rhys-hurn
Thu Jan 24, 2008 10:26 pm
Forum: General
Topic: RouterOS v3.1 Released - Wireless disconnection issue solved
Replies: 13
Views: 1843

Re: RouterOS v3.1 Released - Wireless disconnection issue solved

What exactly ws the problem that is observed? I have a disconnect problem but am not sure of it is the one resolved here....
by alex_rhys-hurn
Mon Jan 21, 2008 7:10 am
Forum: General
Topic: BIG BUG in ROUTEROS
Replies: 7
Views: 1319

Re: BIG BUG in ROUTEROS

please post your configuration so we can help you.

Must be a config problem as Mine is still working great after two years!
by alex_rhys-hurn
Fri Jan 18, 2008 8:40 pm
Forum: General
Topic: LinkStar and iDirect in MiKroTik
Replies: 7
Views: 1245

Re: LinkStar and iDirect in MiKroTik

Hmmm. I never heard of asymmetric route. What is that? How do you implement in MT?

Let me go and google now.

Rgds

Alex
by alex_rhys-hurn
Fri Jan 18, 2008 3:43 pm
Forum: General
Topic: P2P connections stay established with drop rule.
Replies: 10
Views: 1735

Re: P2P connections stay established with drop rule.

all subsequent connections should be dropped, yes. However existing connections in my experience are not always dropped. AS far as I can tell this is due to the connection tracking not expiring sessions for the default time which is quite long. You may have more luck by switching off conntrack reboo...
by alex_rhys-hurn
Fri Jan 18, 2008 9:45 am
Forum: General
Topic: P2P connections stay established with drop rule.
Replies: 10
Views: 1735

Re: P2P connections stay established with drop rule.

Please can you put your configuration here so that we can see what you are trying to achieve.

Rgds

Alex
by alex_rhys-hurn
Thu Jan 17, 2008 9:30 pm
Forum: General
Topic: P2P connections stay established with drop rule.
Replies: 10
Views: 1735

Re: P2P connections stay established with drop rule.

This topic has been covered many times in the forums. The firewall rule to drop p2p connections only works to drop NEW connections. Any EXISTING connections will continue to operate. You could try to set a simple queue to throttle back the p2p sessions and set it to a really slow speed like 8kbps ea...
by alex_rhys-hurn
Sat Jan 12, 2008 5:53 pm
Forum: The User Manager
Topic: corrupted database!
Replies: 6
Views: 4264

Re: corrupted database!

Dude! where were you when we needed you! :D

I wish that had occurred to me then, but thanks for the tip. I certainly wont forget it!!!

Thanks again....
by alex_rhys-hurn
Fri Jan 11, 2008 11:29 am
Forum: General
Topic: LinkStar and iDirect in MiKroTik
Replies: 7
Views: 1245

Re: LinkStar and iDirect in MiKroTik

As I understand it this is not so much about Linkstar or IDirect as it is about tcp and routing in general. The question is this: If I send you a packet of data (out of my idirect interface) you will see that it comes from IP address x.x.x.x. So you therefore know that in order to send the response ...
by alex_rhys-hurn
Mon Jan 07, 2008 4:43 pm
Forum: Wireless Networking
Topic: Best setting for wireless range?
Replies: 18
Views: 2891

Re: Best setting for wireless range?

I often use an inexpensive access point in locations where signal is poor in wireless client mode (because they are cheaper and easier to get in my country than mikrotik). There are a few gotcha's that I have come across to watch out for. 1: Many linksys AP's only connect in wireless client mode to ...
by alex_rhys-hurn
Thu Jan 03, 2008 12:35 pm
Forum: RouterBOARD hardware
Topic: hardware sizing, which board is appropriate?
Replies: 9
Views: 1643

Re: hardware sizing, which board is appropriate?

Hey there.... If hardware compatibility is a concern you could take a look at these items: (this is not a sales plug, I have never used these products, and dont know Dennis Burgess.) The new RB1000 due to launch this month at http://www.routerboard.com or the product found here, the powerouter: http...
by alex_rhys-hurn
Wed Jan 02, 2008 8:09 pm
Forum: RouterBOARD hardware
Topic: hardware sizing, which board is appropriate?
Replies: 9
Views: 1643

Re: hardware sizing, which board is appropriate?

One question occurs to me. How much bandwidth are you planning to use? The lower the processor the less bandwidth it can handle. This is not obviously the only factor. Each action you take to handl traffic, such as mangle, queues, firewall filter, dude, and so on taxes the processor a little more. T...
by alex_rhys-hurn
Wed Jan 02, 2008 8:02 pm
Forum: The User Manager
Topic: corrupted database!
Replies: 6
Views: 4264

Re: corrupted database!

Hey there, I have had this happen to me, though not with the same error message. Mine said database corrupt unable to repair. Not timed out like you. The system was in South Sudan at the time so I had to get it back from there, as none of the tools would repair it. Also I did not have a backup of th...
by alex_rhys-hurn
Wed Jan 02, 2008 7:46 pm
Forum: General
Topic: Hotspot and IP binding question
Replies: 8
Views: 1822

Re: Hotspot and IP binding question

do you need the queue in queue sinmple for hs-wlan1?

If not remove it.

IN IP>HOTSPOT>USER add a new user then fill in the rate-limit field.

Refer to the manual for what to put in the rate limit field, as there are many options to handle bursting etc... a basic entry would be 64k/256k

Rgds

Alex
by alex_rhys-hurn
Wed Jan 02, 2008 1:38 am
Forum: General
Topic: Hotspot and IP binding question
Replies: 8
Views: 1822

Re: Hotspot and IP binding question

Erm.... well, what exactly do you want to do? DO you want to do bandwidth management for each user or what? Read the documentation on the subject rate-limit again in the user profile you just created you can set the bandwidth and busrting that you want to give each customers right there. This will t...
by alex_rhys-hurn
Tue Jan 01, 2008 11:35 pm
Forum: General
Topic: Hotspot and IP binding question
Replies: 8
Views: 1822

Re: Hotspot and IP binding question

You do not do anything in IP Bindings menu, forget going down that path. Instead go to IP>HOTSPOT>USERS and add a new user and for username put the mac address. But you should also read hte documentation and manuals, because the exact step by step guide is there, you just have to look. Start here: h...
by alex_rhys-hurn
Mon Dec 31, 2007 2:07 pm
Forum: General
Topic: Router with two uplinks in the same subnet
Replies: 8
Views: 1636

Re: Router with two uplinks in the same subnet

To clarify t3rm point: In Ros v3 you DONT have to specify an ip address for the gateway. You can just say, HTTPS traffic to go out of interface ether1 and then you say FTP traffic to go out interface ether2. (when I say HTTPS traffic to go somewhere that obviously implies that you have already confi...
by alex_rhys-hurn
Mon Dec 31, 2007 1:55 pm
Forum: General
Topic: Hotspot and IP binding question
Replies: 8
Views: 1822

Re: Hotspot and IP binding question

Instead of using IP binding to auto authenticate your permanent customers, you can use MAC address authentication. So, you do this by adding their mac address to the users profile in the username field with no password. This will then allow you to provide queues and mandwidth management as well as t...
by alex_rhys-hurn
Mon Dec 31, 2007 1:34 pm
Forum: General
Topic: LinkStar and iDirect in MiKroTik
Replies: 7
Views: 1245

Re: LinkStar and iDirect in MiKroTik

Is the LinkStar a download only DVB service or is it a full two way service in itself? I have worked with both of those services, and as you have found out they each have their advantages and disadvantages... The problem you face is how, when you send a request out via one gateway, does the reply to...
by alex_rhys-hurn
Mon Dec 31, 2007 1:26 pm
Forum: General
Topic: idiot's guide to Ethernet statistics
Replies: 11
Views: 1586

Re: idiot's guide to Ethernet statistics

Oh, by the way thanks for the cheerful happy new year comment!

I live in Kenya and right now if you have been watching world news, we have just had elections and now our country is in chaos and rioting, but thanks for the cheery thought.

Salaams,

Alex
by alex_rhys-hurn
Mon Dec 31, 2007 1:24 pm
Forum: General
Topic: idiot's guide to Ethernet statistics
Replies: 11
Views: 1586

Re: idiot's guide to Ethernet statistics

Perhaps a good place to start finding out about ARP attacks is here: http://en.wikipedia.org/wiki/ARP_spoofing As far as I am aware, - and at this point I have to tell you that I am not an expert on this stuff, and hopefully some other guru can jump in and help us is - the best / only way to prevent...
by alex_rhys-hurn
Sun Dec 30, 2007 1:54 pm
Forum: Wireless Networking
Topic: Best setting for wireless range?
Replies: 18
Views: 2891

Re: Best setting for wireless range?

There could be other things going on here. Really take some time ot have a look at the position of the antenna relative to the houses. Remember that the high gain omni will have relatively little downtilt so you dont want to mount it too high. Also check the quality / condition of your antenna cable...
by alex_rhys-hurn
Sat Dec 29, 2007 9:30 pm
Forum: General
Topic: idiot's guide to Ethernet statistics
Replies: 11
Views: 1586

Re: idiot's guide to Ethernet statistics

Some more details on your network would help. As I understand it you are running multiple subnets on a managed switch with no Vlans enabled. This 'can' work (and in theory - as I understand it - its ok to do because the switch only cares about mac addresses and works at layer 2) but you leave yourse...
by alex_rhys-hurn
Sat Dec 29, 2007 11:02 am
Forum: General
Topic: Configurate QoS in RB133
Replies: 2
Views: 660

Re: Configurate QoS in RB133

jwcn is right, have a look at wiki.mikrotik.com and also the manual.

But let me give you more of a hint.

You need to identify the traffic by marking or mangling it, and then make a queue tree to set the priorities for the appropriate marked traffic.
by alex_rhys-hurn
Sat Dec 29, 2007 10:57 am
Forum: General
Topic: idiot's guide to Ethernet statistics
Replies: 11
Views: 1586

Re: idiot's guide to Ethernet statistics

OK, well lets really get in to this and see if we can help you. The wireless interfaces as well as the copper interfaces on any routerboard are both ethernet interfaces. So it sounds to me like you are having some problems on a copper UTP/STP twisted pair infrastructure. If you are seeing high ping ...
by alex_rhys-hurn
Fri Dec 28, 2007 7:31 pm
Forum: General
Topic: idiot's guide to Ethernet statistics
Replies: 11
Views: 1586

Re: idiot's guide to Ethernet statistics

Try this:
/interface monitor-traffic "name" 
where "name" is the name if the interface such as ether1

is that what you wanted?
by alex_rhys-hurn
Fri Dec 28, 2007 6:57 pm
Forum: General
Topic: Bug in Wiki Article?: Firewall>Protecting your customers?
Replies: 3
Views: 683

Re: Bug in Wiki Article?: Firewall>Protecting your customers?

Ok Folks,

I have made a small edit to the wiki article to clarify how its working.

The wiki article in question can be found here: http://wiki.mikrotik.com/wiki/Protecting_your_customers

Can everybody check it and let me know if I gooffed up?

Thanks.

ALex
by alex_rhys-hurn
Fri Dec 28, 2007 2:31 pm
Forum: General
Topic: Bug in Wiki Article?: Firewall>Protecting your customers?
Replies: 3
Views: 683

Re: Bug in Wiki Article?: Firewall>Protecting your customers?

Ok, I have understood the firewall now.

Sometimes it is useful to be thrown a wildcard like that in the wiki as it forces me to go and troubleshoot and therefore learn.

I will make an edit to the wiki to point out that, and maybe improve a bit.

Cheers,

Alex
by alex_rhys-hurn
Thu Dec 27, 2007 11:03 pm
Forum: General
Topic: Bug in Wiki Article?: Firewall>Protecting your customers?
Replies: 3
Views: 683

Bug in Wiki Article?: Firewall>Protecting your customers?

Hi folks, I have been playing with the IP>FIREWALL>FILTER settings for the past few days. I have implemented the firewall settings as per this article: http://wiki.mikrotik.com/wiki/Protecting_your_customers If the article needs an edit I will gladly do it, is the wiki auther here? Now, everything w...
by alex_rhys-hurn
Fri Nov 02, 2007 7:25 pm
Forum: The User Manager
Topic: Corrupt userman database after UPS failure
Replies: 1
Views: 2399

Corrupt userman database after UPS failure

Hey folks. I am in deep with this one so urgent help appreciated. My ups failed the other day on a unit in Sudan. The router rebooted a number of times, and now the userman database is corrupt. Its a PC platform device. I couldnt even log in to the userman gui via web. No error, just hung page. Hots...
by alex_rhys-hurn
Wed Oct 31, 2007 7:48 pm
Forum: Beginner Basics
Topic: Utorrent
Replies: 8
Views: 2638

Re: Utorrent

nmbugua! Are you in nairobi? I am.

Yes, you need to set up src-nat to help you with this. As per the manual page listed.

Post your configs so we can help or even send me a message offline....

Rgds

Alex
by alex_rhys-hurn
Wed Oct 31, 2007 7:40 pm
Forum: General
Topic: BIG BUG in ROUTEROS
Replies: 7
Views: 1319

Re: BIG BUG in ROUTEROS

As I understand kapook007 says that he cannot get hotspot to work with two isp gateways...

Well, I use mangle and multiple ISP gateways with hotspot all the time..... Works great.

Perhaps you want to post your configs, and we help you out?

Its definitely not a bug though....

Rgds
Alex
by alex_rhys-hurn
Sun Oct 28, 2007 6:30 pm
Forum: The Dude
Topic: DUDE Confusion on Router OS 3 RC8
Replies: 3
Views: 2200

Re: DUDE Confusion on Router OS 3 RC8

Bump
by alex_rhys-hurn
Sun Oct 28, 2007 6:28 pm
Forum: General
Topic: POLL: Which is the best way to load balance with RouterOS?
Replies: 2
Views: 572

Re: POLL: Which is the best way to load balance with RouterOS?

yes, I know that it depends on everyones needs. Maybe I need to change the subject.

I am interested then to know which of these is used the most, regardless of any other variable or need. Just call it a popularity contest?
  • 1
  • 2