Community discussions

Search found 31 matches

by tirkitneth
Tue Sep 06, 2016 5:17 pm
Forum: General
Topic: Issues with traffic generator and VLANs
Replies: 0
Views: 301

Issues with traffic generator and VLANs

Hello, I am trying to send traffic from "1 interface no vlan" to "1 interface multiple vlans" using a RB1100AHx2 6.36.3 and it only works for one VLAN. TG router has the following config: /interface vlan add interface=ether6 name=ether6.10 vlan-id=10 add interface=ether6 name=ether6.11 vlan-id=11 ad...
by tirkitneth
Fri Jul 29, 2016 12:56 pm
Forum: Forwarding Protocols
Topic: Load Sharing BGP
Replies: 5
Views: 1533

Re: Load Sharing BGP

You can also prepend the /24 prefixes you want less per ISP.
by tirkitneth
Sun Apr 10, 2016 10:36 am
Forum: Forwarding Protocols
Topic: Routing Public IP address in this Environment
Replies: 3
Views: 869

Re: Routing Public IP address in this Environment

You can route /32 from that /26 directly over your network or over IP tunnels, with or without OSPF.
by tirkitneth
Sun Feb 07, 2016 8:51 pm
Forum: General
Topic: Feature request : Multipath TCP (MPTCP) support
Replies: 6
Views: 3461

Re: Feature request : Multipath TCP (MPTCP) support

Two big use cases for MPTCP are link aggregation (load balancing) and link redundancy (fail over). While it is true it is end to end, it does not mean that it cannot be useful starting from the router. How ? On the "aggregation" router, establish a TCP tunnel with a "provider" router. If both endpoi...
by tirkitneth
Thu Oct 22, 2015 5:37 pm
Forum: Forwarding Protocols
Topic: Redistribute IPSEC tunnels into OSPF
Replies: 0
Views: 664

Redistribute IPSEC tunnels into OSPF

Hello,
is there a way to redistribute IPsec tunnels "routes" to other routers using OSPF ?
It is possible using IPIP or GRE over IPsec, but what about plain IPsec tunnel ?
Thanks.
by tirkitneth
Wed Oct 21, 2015 11:32 pm
Forum: Forwarding Protocols
Topic: BGP KeepaliveTimer expired
Replies: 3
Views: 1548

Re: BGP KeepaliveTimer expired

OK thank you for the answer.
by tirkitneth
Sat Oct 10, 2015 9:36 pm
Forum: General
Topic: FastTrack security implications
Replies: 4
Views: 1685

Re: FastTrack security implications

First, thank you for your answer :) short answer: no security implication, just speedup cause fastracked sessions will avoid firewall processing, so they won't bump though the rules till they are accepted or rejected. longer version: fastrack works with connection table entries. so if you have a new...
by tirkitneth
Sat Oct 10, 2015 12:21 pm
Forum: General
Topic: FastTrack security implications
Replies: 4
Views: 1685

FastTrack security implications

Hello, I am a little bit concerned using FastTrack because of this sentence on the wiki: Fasttracked packets bypass firewall, connection tracking, simple queues, queue tree with parent=global, ip traffic-flow(restriction removed in 6.33), ip accounting, ipsec, hotspot universal client, vrf assignmen...
by tirkitneth
Sat Oct 10, 2015 1:18 am
Forum: Forwarding Protocols
Topic: BGP KeepaliveTimer expired
Replies: 3
Views: 1548

BGP KeepaliveTimer expired

Hello, I have configured a simple virtual LAB (using CHR 6.32 and VirtualBox). I keep getting these messages about expired BGP keepalive timers. I believe this should not happen. Is there something wrong in my setup ? Topology: R1 and R2 are connected with 2 VLANS on ether2 (2x /30). R1 and R3 are c...
by tirkitneth
Fri Aug 28, 2015 8:35 pm
Forum: General
Topic: CRS VLAN Setup
Replies: 2
Views: 443

Re: CRS VLAN Setup

Hello with CRS you have to think about how the packet enters and leaves the switch, what VLAN it belongs to, and what operation you have to do to it. port 2-4 VLAN 2 Native, Tagged ports 7-10, 15, 19 Here, packets that enter the port without a VLAN tag have to be associated with VLAN 2. That means y...
by tirkitneth
Wed Aug 26, 2015 1:12 pm
Forum: Forwarding Protocols
Topic: Symmetric BGP Routing
Replies: 4
Views: 1100

Re: Symmetric BGP Routing

Hello, I believe you can achieve this with traditional policy routing. Use firewall mangle rules to mark packets/connections when they enter your router coming from your networks. Then use these routing marks with routes received from your upstreams. Lab it first though :-) By the way, if you advert...
by tirkitneth
Wed Aug 26, 2015 12:49 pm
Forum: Beginner Basics
Topic: BGP Traffic Manipulation
Replies: 4
Views: 1206

Re: BGP Traffic Manipulation

Hello I have tried to set AS Prepend on Peer2 to make Rx (incoming traffic) less preferable path. However, no matter what AS Prepend number I tried, 5, 10, and 15, it seems no difference. Rx is still more than Rx on Peer1. Notes: after the filter modified, I did run /routing BGP peer refresh (peerna...
by tirkitneth
Wed Aug 26, 2015 11:54 am
Forum: Beginner Basics
Topic: CRS125-24G-1S vlan translation questions
Replies: 0
Views: 270

CRS125-24G-1S vlan translation questions

Hello, I am trying to configure VLAN id translation between 2 ports. It works, but I have questions. The topology is: vlan id 2 <===> [ ether2 ] CRS [ ether 3 ] <===> vlan id 122 The configuration is: /interface ethernet set [ find default-name=ether2 ] name=ether2 set [ find default-name=ether3 ] m...
by tirkitneth
Sun Aug 16, 2015 9:03 am
Forum: Forwarding Protocols
Topic: BGP - Advertise a prefix to only one upstream
Replies: 2
Views: 697

Re: BGP - Advertise a prefix to only one upstream

Did you apply the filters to your BGP peers as out-filter and reset the BGP sessions ?
by tirkitneth
Sun Dec 21, 2014 5:59 pm
Forum: RouterBOARD hardware
Topic: CCR1036-12G-4S-EM (with 16GB RAM) -- Good for this?
Replies: 2
Views: 1329

Re: CCR1036-12G-4S-EM (with 16GB RAM) -- Good for this?

The CRS125, configured properly, should be more than enough for the speeds you mention and a home network.
by tirkitneth
Sun Dec 21, 2014 5:32 pm
Forum: Forwarding Protocols
Topic: IBGP not forwarding connected Routes
Replies: 5
Views: 1181

Re: IBGP not forwarding connected Routes

Post "/routing export" and "/interfaces" of your 3 BGP routers.
Without it, I think it will be difficult to help you.
by tirkitneth
Mon Dec 15, 2014 10:05 pm
Forum: Beginner Basics
Topic: Bonding 2 WAN Connections
Replies: 13
Views: 45405

Re: Bonding 2 WAN Connections

You can bond EOIP tunnels taking different paths between two routers. The bond algorithm will take care of load balancing and fault tolerance. Be aware that unless mikrotik has implemented weighted round robin algorithm, you will get at most x times the speed of the slowest link, where x = number of...
by tirkitneth
Sat Dec 13, 2014 7:33 pm
Forum: Beginner Basics
Topic: How to connect 2 switches
Replies: 22
Views: 9094

Re: How to connect 2 switches

Unfortunately STP is one of the many features missing from the CRS.
It's a shame for a manageable switch but it's somewhat understandable at that price point.
by tirkitneth
Sat Dec 13, 2014 3:17 pm
Forum: Beginner Basics
Topic: How to connect 2 switches
Replies: 22
Views: 9094

Re: How to connect 2 switches

by tirkitneth
Sat Dec 13, 2014 2:08 pm
Forum: Beginner Basics
Topic: How to connect 2 switches
Replies: 22
Views: 9094

Re: How to connect 2 switches

If you switch packets from between ether1 and trunk1=ether2+ether3, then you can set master-port=ether1 on ether2 and ether3.
If you wish to route packets on a trunk, then I don't know. I don't plan to use a CRS as a router.
by tirkitneth
Sat Dec 13, 2014 1:06 pm
Forum: Beginner Basics
Topic: How to connect 2 switches
Replies: 22
Views: 9094

Re: How to connect 2 switches

The switch chip in CRS supports port trunking. It provides failover and will balance outgoing packets equally on each port of the trunk. Thus, if your switch switches 1000 packets from ether1 to trunk ether2+ether3, it will send 500 packets on ether2 and 500 packets on ether3. LACP is not supported ...
by tirkitneth
Sat Dec 13, 2014 12:53 am
Forum: Forwarding Protocols
Topic: Should I receive routes from other BGP sessions I have?
Replies: 2
Views: 801

Re: Should I receive routes from other BGP sessions I have?

I see two possible reasons for this:
1) your providers do not forward routes to you with your own AS number in the AS path
2) you have set the parameter allow-as-in=no for your BGP peers
by tirkitneth
Fri Dec 12, 2014 7:54 pm
Forum: Beginner Basics
Topic: CRS switch egress-vlan-tag command
Replies: 0
Views: 1384

CRS switch egress-vlan-tag command

Hello, what is the use of this command ? It seems that adding or removing it has no effect on the packets flow in my CRS125-24G-1S (test setup), RouterOS 6.20 . Here is the scenario (mimic of real production environment): ports 1 and 2 are connected to our core router, with our well defined internal...
by tirkitneth
Fri Dec 12, 2014 6:39 pm
Forum: Beginner Basics
Topic: CRS second vlan not work
Replies: 2
Views: 956

Re: CRS second vlan not work

If you use wireshark to see what packets look like on ether23, you should see packets tagged with vlan id 230. On ether24 you should see packets with vlan id 240. You want to change the vlan id of packets going out of ether23 and ether24 so you need to add egress-vlan-translation rules. /interface e...
by tirkitneth
Fri Dec 05, 2014 10:14 pm
Forum: General
Topic: High CPU usage [bonding+BGP]
Replies: 2
Views: 1611

Re: High CPU usage [bonding+BGP]

Sorry to resurrect an old post but this is important to me :-) I am looking at CCR (probably 1009 or 1012 because of redundant PSU) as an edge router: - 3 BGP full routing tables - 2 IX peers (main and backup route-servers of the IX) - LACP trunks - redistribution of default route to iBGP peers - si...
by tirkitneth
Fri Dec 05, 2014 8:24 pm
Forum: Forwarding Protocols
Topic: How to advertise BGP routes when smaller than /24
Replies: 6
Views: 5807

Re: How to advertise BGP routes when smaller than /24

I get that. I think im getting it. I can use aggregates to advertise as /24 but internally route them smaller right?
Yes, that's it.
by tirkitneth
Tue Oct 07, 2014 12:55 pm
Forum: General
Topic: MUM 2014 US Videos and slides
Replies: 5
Views: 1036

Re: MUM 2014 US Videos and slides

Ah perfect thank you :)
by tirkitneth
Tue Oct 07, 2014 12:16 pm
Forum: General
Topic: MUM 2014 US Videos and slides
Replies: 5
Views: 1036

MUM 2014 US Videos and slides

Hello, I followed with quite some interest the presentations from US14 MUM and I would like to get the HD versions and slides of some presentations if possible. Especially the presentations from IP Architechs: US14: Network Architecture - Validated designs utilizing MikroTik in the Data Center by Ke...
by tirkitneth
Wed Aug 27, 2014 4:45 pm
Forum: Beginner Basics
Topic: VLAN translation between 2 interfaces
Replies: 2
Views: 898

Re: VLAN translation between 2 interfaces

Edit: I was wrong, it does not work this way. OK I found something which is working. However, it uses a lot of CPU (up to 40% for gigabit speed). Is this the correct way ? /interface ethernet set [ find default-name=ether23 ] name=ether23 set [ find default-name=ether24 ] master-port=ether23 name=et...
by tirkitneth
Wed Aug 27, 2014 3:57 pm
Forum: Beginner Basics
Topic: VLAN translation between 2 interfaces
Replies: 2
Views: 898

VLAN translation between 2 interfaces

Hello, I need to bridge networks on 2 different ethernet interfaces. Each network has a different VLAN ID on both interfaces. I read the examples on the wiki, but there is no change of VLAN ID in there. The networks and VLAN IDs are the following: https://i.imgur.com/EZoVhHo.png My first idea is to ...
by tirkitneth
Wed Nov 06, 2013 9:23 pm
Forum: General
Topic: Mikrotik Hotspot and IOS7 CNA problems
Replies: 30
Views: 26613

Re: Mikrotik Hotspot and IOS7 CNA problems

A different solution was found that does not involve listing the known Apple sites. The credit goes to Matthias Strubel of Wiesbaden in Germany. It makes use of the User Agent (UA) data transmitted by the iOS7 device. A typical string looks like: CaptiveNetworkSupport-277 wispr The URL requested wi...