Community discussions

Search found 100 matches

  • 1
  • 2
by whitbread
Fri Jan 11, 2019 1:18 am
Forum: Announcements
Topic: v6.42.11 [long-term] is released!
Replies: 40
Views: 3816

Re: v6.42.11 [long-term] is released!

Sry the actual approach is bulshit! Iam willing to comply with regulations in all areas except power. So we need a manual power setting to override. I live in an area without any neighbor wireless networks - so no big deal here. Otherwise the people are using no country setting in the future leading...
by whitbread
Tue Jan 08, 2019 8:17 am
Forum: General
Topic: Mikrotik breaking Wi-Fi Calling?
Replies: 17
Views: 664

Re: Mikrotik breaking Wi-Fi Calling?

Use a router for routing and a switch for switching. If using one device only go for a decent router. A router can do switching with ease, a switch cannot do routing decently.
by whitbread
Sat Dec 15, 2018 10:42 pm
Forum: General
Topic: Problem with CAPsMAN, wired Yamaha receiver with Spotify Connect and Spotify iOS app on mobile device
Replies: 3
Views: 239

Re: Problem with CAPsMAN, wired Yamaha receiver with Spotify Connect and Spotify iOS app on mobile device

What kinda mobile device u r using?
How u connect to musiccast devices?
More details on your network (vlans, devices, subnets, etc,) plz
by whitbread
Wed Nov 21, 2018 6:46 pm
Forum: General
Topic: Why blacklist burteforcers VS just dropping the ports/service?
Replies: 7
Views: 389

Re: Why blacklist burteforcers VS just dropping the ports/service?

If some1 probes your router on unused well known ports you do not want him to be able to evaluate if an exploit is working on another used port. True - you can use blacklists for this either.
by whitbread
Sun Nov 11, 2018 12:17 pm
Forum: General
Topic: Killing the Mikrotik Cloud?
Replies: 4
Views: 449

Re: Killing the Mikrotik Cloud?

turn off internet detection
by whitbread
Sun Oct 28, 2018 10:02 pm
Forum: General
Topic: CRS125 poor throughput & low cpu load [SOLVED]
Replies: 41
Views: 1522

Re: CRS125 poor throughput & low cpu load [SOLVED]

Not sure what u are (not) doing with ur devices, but my rb2011´s are maxed out at about 35MBit with my configuration. So I would tend to think about adding a hap ac2 or similar as a router and you should be happy.
by whitbread
Tue Oct 23, 2018 9:12 am
Forum: RouterBOARD hardware
Topic: Upgrade recommentation from RB951G-2HnD [SOLVED]
Replies: 6
Views: 1137

Re: Upgrade recommentation from RB951G-2HnD [SOLVED]

I have 951Gˋs running as well plus a new hap ac2. As long as you can use FP routing you are happy. When it comes to vlan aware bridging the new hap ac2 makes u happy. It is a really nice and fast router and I am happy with the wireless as well. The 4011 is for those who need all cpu based routing or...
by whitbread
Tue Oct 23, 2018 12:31 am
Forum: General
Topic: CRS125 poor throughput & low cpu load [SOLVED]
Replies: 41
Views: 1522

Re: CRS125 poor throughput & low cpu load [SOLVED]

Well - the CRS is a switch...

Use a router for routing!
by whitbread
Fri Oct 19, 2018 9:08 am
Forum: General
Topic: /ip dns servers= (cache) - how are multiple servers used?
Replies: 18
Views: 936

Re: /ip dns servers= (cache) - how are multiple servers used?

I gave up and use only 1 (virtual) IP in my DNS config. That does the trick.
by whitbread
Wed Oct 03, 2018 12:05 pm
Forum: General
Topic: Bonding with four slave interfaces and specific requirements for activation order
Replies: 5
Views: 233

Re: Bonding with four slave interfaces and specific requirements for activation order

Thx for your explanation.
To cut it short I need to use routing technologies rather than bonding. Gonna work it out...
by whitbread
Tue Oct 02, 2018 4:24 pm
Forum: General
Topic: Bonding with four slave interfaces and specific requirements for activation order
Replies: 5
Views: 233

Re: Bonding with four slave interfaces and specific requirements for activation order

Thx for answering. Well, I try to explain my setup: two redundant gateway router serve two redundant lan router; they are physically connected by a single switch and traffic is forced through a single transparent proxy. If the switch fails traffic should flow through direct connection; if the proxy ...
by whitbread
Mon Oct 01, 2018 10:04 pm
Forum: General
Topic: Bonding with four slave interfaces and specific requirements for activation order
Replies: 5
Views: 233

Bonding with four slave interfaces and specific requirements for activation order

I need to implement a active/backup szenario over 4 interfaces, which need to be activated in a specific order. So let us assume vlan10 will be the default connection. vlan11 will be the next interface to become active if available, followed by the interfaces vlan210 and vlan211. Can this be achieve...
by whitbread
Wed Sep 26, 2018 11:46 pm
Forum: RouterBOARD hardware
Topic: Hardware offload on sfp port in hEX S mmips
Replies: 11
Views: 914

Re: Hardware offload on sfp port in hEX S mmips

Well, it is a fact, that a lot of new devices due to hardware design are not much good for the new way of how bridging in combination with vlans or bonding is impemented. Unfortunately the devices do not scale very will with cores; a fast cpu is more important than numerous cores. Thus the one and o...
by whitbread
Tue Sep 18, 2018 3:56 pm
Forum: General
Topic: restore back to identical devices never works :(
Replies: 28
Views: 1090

Re: restore back to identical devices never works :(

Same issue with my rb2011-uias's. Tried to duplicate the one in production to my lab.
After restore rb started into secondary partition. Tried again with no success and gave up.
by whitbread
Mon Sep 17, 2018 12:39 pm
Forum: General
Topic: Really simple question about RB3011UiAS-RM
Replies: 6
Views: 340

Re: Really simple question about RB3011UiAS-RM

Best advice is to buy two devices. Always use seperate ap and router/switch.
by whitbread
Fri Sep 14, 2018 4:13 pm
Forum: Wireless Networking
Topic: A survey about WiFi social captive portal
Replies: 1
Views: 207

Re: A survey about WiFi social captive portal

Sry oo is on my blacklist...
by whitbread
Fri Sep 14, 2018 2:28 pm
Forum: General
Topic: VLAN, Bridge, HW Offload and Trunk Ports [SOLVED]
Replies: 12
Views: 826

Re: VLAN, Bridge, HW Offload and Trunk Ports [SOLVED]

if you want to use hw offloading, put every port in coresponding bridge, configure each port in switch chip as secure including switch chip. Every VLAN that needs to reach the router must be configured in switch vlan.

leave one port extra for management until everything works!
by whitbread
Fri Sep 14, 2018 2:18 pm
Forum: Announcements
Topic: v6.43 [current] is released!
Replies: 149
Views: 21313

Re: v6.43 [current] is released!

So bad you cannot use switch chip together with bridges anymore :( You can definitely use VLANs in "hybrid" mode ... do the VLAN filtering on switch chip (/interface ethernet switch) and "new bridge" (without using bridge vlan functionality) with individual ports as members. Not sure if I understan...
by whitbread
Thu Sep 13, 2018 9:59 pm
Forum: Announcements
Topic: v6.43 [current] is released!
Replies: 149
Views: 21313

Re: v6.43 [current] is released!

*) bridge - improved performance when bridge VLAN filtering is used without hardware offloading; Just testet 6.43 on a hap ac2 - everything went smooth so far. As I am struggling for the best way to deal with my setup I did performance tests anyway. Just wanted to let you know that there is a perfo...
by whitbread
Mon Sep 10, 2018 1:07 am
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 324
Views: 37891

Re: RB4011

Maybe specs are meant to increase sales on RB3011... ;-)

From my perspective it is the better option as I don't see any decent performance upgrade with multicore. hap ac2 is doing only slightly faster than rb2011 in my environment (far away from wire-speed).
by whitbread
Mon Sep 10, 2018 12:18 am
Forum: RouterBOARD hardware
Topic: RB4011 - Poll - ONE thing you'd change
Replies: 14
Views: 2319

Re: RB4011 - Poll - ONE thing you'd change

Whatever we request it is too late I guess...
by whitbread
Mon Sep 03, 2018 9:25 am
Forum: General
Topic: Chinese IP Cameras
Replies: 9
Views: 518

Re: Chinese IP Cameras

Do not forget to route them through anonymous proxy or gateway.

Or use onvif cameras together with your nas and stop those cameras' outbound communication at all.

Btw - same applies for all IoT devices (including Win10 computers)!
by whitbread
Wed Jul 18, 2018 10:10 pm
Forum: Wireless Networking
Topic: poor range of 5Ghz, comparing to 2,4Ghz
Replies: 6
Views: 840

Re: poor range of 5Ghz, comparing to 2,4Ghz

It always depends on your needs and environment. I have no noise on 2G at all but my @pple devices do not accept 40MHz on 2G, so I had to use at least one 5G AP and choose the wAPac. It is doing nice without walls but just a single wall at 10m distance does not work at all - good to have 2G for thes...
by whitbread
Mon Jul 16, 2018 11:34 pm
Forum: Wireless Networking
Topic: poor range of 5Ghz, comparing to 2,4Ghz
Replies: 6
Views: 840

Re: poor range of 5Ghz, comparing to 2,4Ghz

From my perspective 5GHz is totally useless if you want to serve more than a single room in your house.
by whitbread
Sun Jul 15, 2018 1:17 am
Forum: Wireless Networking
Topic: RB2011UiAS-2HnD - poor wireless performance
Replies: 6
Views: 695

Re: RB2011UiAS-2HnD - poor wireless performance

If CPU is not limiting by being used by bandwidth test, then I would start playing with the following values: - Band: my suggestion would be G/N only - Channel Width: must be 20/40 to achieve good results - power: if distance is low, high power is reducing bandwidth (use status -> ccq to determine o...
by whitbread
Sat Jul 14, 2018 10:16 am
Forum: Wireless Networking
Topic: RB2011UiAS-2HnD - poor wireless performance
Replies: 6
Views: 695

Re: RB2011UiAS-2HnD - DO NOT USE RB's bandwidth test on device to be measured!

You must not use RB as Traffic Generator itself when trying to measure wireless performance on the same device as this uses up CPU.

So you are measuring the measuring performance instead of the wireless or whatsoever performance.
by whitbread
Thu Jun 21, 2018 7:58 am
Forum: Wireless Networking
Topic: My 5GHz is unused, is there some error?
Replies: 7
Views: 581

Re: My 5GHz is unused, is there some error?

Same issue here - I am not convinced of 5G at all! Reason is - from my not amateur perspective - that wap ac 2G power is higher than 5G power and furthermore 2G makes it so much better through walls than 5G. In fact 5G is working only in sight distance at my home. As soon as any walls come into play...
by whitbread
Tue May 01, 2018 9:21 pm
Forum: Beginner Basics
Topic: Setup DNS for local domains
Replies: 21
Views: 6677

Re: Setup DNS for local domains

I cannot use Mikrotik DNS for my internal nets either. Wether this is caused by missing knowledge or missing functionality may be concluded by others. I solved the issue by using the built-in DNS-Server of my NAS, leaving Mikrotik to take care of the public DNS-Servers only.
by whitbread
Thu Apr 26, 2018 10:08 am
Forum: Announcements
Topic: v6.42.1 [current]
Replies: 273
Views: 35233

Re: v6.42.1 [current]

No significant change in disk usage nor disk writes on RB2011, Upgraded from 6.41 to 6.42.1
by whitbread
Tue Apr 24, 2018 8:41 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 133923

Re: Advisory: Vulnerability exploiting the Winbox port

I have a home-based installation with my small business running behind. I do have another firewall from another vendor between my wan and my lan. I wasn't hit by this bug despite the fact that winbox port was open. This might be just lucky as I blacklist any IP trying famous "attack ports" and the c...
by whitbread
Tue Apr 24, 2018 4:05 pm
Forum: Announcements
Topic: v6.42.1 [current]
Replies: 273
Views: 35233

Re: v6.42.1 [current]

Can we move this double reboot discussion to a separate thread plz...
by whitbread
Mon Apr 23, 2018 12:05 pm
Forum: Beginner Basics
Topic: Disallow unknown logins from internet access
Replies: 8
Views: 513

Re: Disallow unknown logins from internet access

You can restrict access per user to IP(-ranges). So you may allow access only to a restricted user only.

I would tend to think about using port knocking - easy to configure and use and pretty safe if you use a good port combination.
by whitbread
Sat Feb 24, 2018 10:39 am
Forum: RouterBOARD hardware
Topic: HAP AC random reboots
Replies: 3
Views: 688

Re: HAP AC random reboots

Are you using IPSec?
by whitbread
Wed Jan 31, 2018 12:15 pm
Forum: General
Topic: "ARP" Security on CRS and RB2011 using HW offloading
Replies: 3
Views: 271

Re: "ARP" Security on CRS and RB2011 using HW offloading

Thx for your answer - it explains the connection between router and device A, but what about the connection between device A and B? Where is ARP needed or where can I set ARP to reply-only to enhance security? I try to draw it here: device A (edge port; vlan10) vlan10 interface - Bridge10 \ / CRS (t...
by whitbread
Tue Jan 30, 2018 3:10 pm
Forum: General
Topic: Having trouble past 6.41
Replies: 10
Views: 503

Re: Having trouble past 6.41

If you want to isolate clients on the switching chip (which is my understanding of what you want to do) you need to use the port isolation feature on CRS switches. For routerboard devices I have no idea how to resolve this though...
by whitbread
Tue Jan 30, 2018 12:57 pm
Forum: General
Topic: "ARP" Security on CRS and RB2011 using HW offloading
Replies: 3
Views: 271

"ARP" Security on CRS and RB2011 using HW offloading

My network is built primarily by a CRS125 working as a switch only, a LAN firewall and a gateway router (both RB2011's). The routers are connected thru trunked ports as I am using numerous VLAN's. All devices are on version 6.41 and I am using the new hardware offloading, both on CRS and on RB2011s....
by whitbread
Wed Jan 10, 2018 12:02 am
Forum: Beginner Basics
Topic: CRS125, ROS 6.41, VLANs
Replies: 13
Views: 1761

Re: CRS125, ROS 6.41, VLANs

Just RTFM - it is not that difficult:

Use single bridge with HW-offloading and keep VLAN filtering disabled. Now go to the switch menu and configure your VLAN's as before.
by whitbread
Thu Jan 04, 2018 7:42 pm
Forum: Wireless Networking
Topic: wAP ac - 2GHz / 5GHz roaming
Replies: 5
Views: 696

Re: wAP ac - 2GHz / 5GHz roaming

I think I am stuck between the desired and the posibble. To cut it short: The only reason I was in need for 5GHz is the Apple TV - due to Apple's policy to reject using 40MHz channel width on 2GHz. I live in a pretty calm environment and don't have problems with noise. So the wAPac resides in my liv...
by whitbread
Wed Jan 03, 2018 11:51 pm
Forum: Wireless Networking
Topic: wAP ac - 2GHz / 5GHz roaming
Replies: 5
Views: 696

Re: wAP ac - 2GHz / 5GHz roaming

Hmm - you mean I should use same SSID but different password? That won't help really. I am in the need of a high performance PtP link (wAP ac to RB951G) to another building. I know that my indoor clients would be better served with something like 17db only. That is why I started to use the wAP ac: I...
by whitbread
Tue Jan 02, 2018 12:27 am
Forum: General
Topic: Choose Two Different WAN for Facebook and Youtube
Replies: 4
Views: 732

Re: Choose Two Different WAN for Facebook and Youtube

I would recommend using a proxy server configured by proxy.pac. This would give you the opportunity to route by source IP - everything coming from proxy goes WAN2, everything else WAN1.
by whitbread
Mon Jan 01, 2018 10:00 am
Forum: Wireless Networking
Topic: wAP ac - 2GHz / 5GHz roaming
Replies: 5
Views: 696

wAP ac - 2GHz / 5GHz roaming

I have replaced a RB951Ui-2HnD with wAP ac. The device is working as AP bridge on 2GHz and as AP on 5GHz. It is configured as CAP. As the station is placed behind some obstacles I need to use full power on 2GHz. Most clients are Apple devices which are pretty slow on 2GHz as they refuse to use 40MHz...
by whitbread
Sun Dec 17, 2017 9:52 pm
Forum: RouterBOARD hardware
Topic: RB3011 port flopping - bad design
Replies: 48
Views: 7941

Re: RB3011 port flopping - bad design

wtf - the longer you read about experience with new devices the longer you tend to keep good old RB2011's, but with every second power failure I loose one ot those either.
by whitbread
Sun Nov 19, 2017 8:11 am
Forum: General
Topic: Customers suggestions to RouterOS' IPv6 module
Replies: 6
Views: 465

Re: Customers suggestions to RouterOS' IPv6 module

IMHO IPv6 is a dead concept.

Either IPv8 comes to life or I will die before being forced to use IPv6...
by whitbread
Tue Nov 14, 2017 9:40 pm
Forum: Wireless Networking
Topic: RB951G-2HnD - Apple devices not connecting
Replies: 12
Views: 2134

Re: RB951G-2HnD - Apple devices not connecting

Do you have access lists in place? Try without restricting signal on @pple devices.
by whitbread
Thu Nov 09, 2017 4:20 pm
Forum: General
Topic: winbox on iphone
Replies: 12
Views: 36109

Re: winbox on iphone

price is unreasonable though !
by whitbread
Thu Nov 09, 2017 3:50 pm
Forum: Wireless Networking
Topic: RB951G-2HnD - Apple devices not connecting
Replies: 12
Views: 2134

Re: RB951G-2HnD - Apple devices not connecting

From my experience (especially newer) @pple devices do not work very well on 2GHz. Unfortunately there are no adequate follow up devices to the famous RB951G/Ui-2HnD. My experience matches your description. Wrong password message is quite annoying - simply just don't type in new one. Actually having...
by whitbread
Tue Nov 07, 2017 8:12 pm
Forum: Scripting
Topic: DNS Trouble
Replies: 1
Views: 263

Re: DNS Trouble

I just finished a script for DNS failover using 'resolve' function. Cannot access it actually, but this is what did: 1. Define DNS servers to check 2. Use do / on error construct to check if resolve delivers a result 3. Use first DNS server with successful resolving as system DNS and as DNS server b...
by whitbread
Wed Nov 01, 2017 7:37 am
Forum: Beginner Basics
Topic: hap AC external HDD question
Replies: 12
Views: 1588

Re: hap AC external HDD question

MikroTik Sales might kill me for that answer: If you are done with consumer grade routers you should be done with consumer related demands for a router as well. The hap ac is a really good router with a lot of feaures in networking including access to an external hdd. The latter ist not meant to ser...
by whitbread
Mon Oct 30, 2017 11:29 pm
Forum: Wireless Networking
Topic: VLANS over wireless link
Replies: 4
Views: 457

Re: VLANS over wireless link

I can confirm it works as described above.

Another option is to use EOIP - the only way for me since I started using CapsMan on my AP's.
by whitbread
Mon Oct 30, 2017 9:24 am
Forum: General
Topic: My IPv6 Triage List for ROS
Replies: 47
Views: 4068

Re: My IPv6 Triage List for ROS

IMHO ipv6 is a dead concept.

I will either see ipvx (x>6) or die before ipv4 will be shut down. So it is not worth the effort. :wink:
  • 1
  • 2