MikroTik

Azendale

Did Mikrotik support ever figure out what was causing it, or did you just stay in a config that didn't trigger the issue by turning the route cache off?

Azendale

Yes, this is quite common in IPv4 space as well, called a Loopback address. For nice traceroutes, I actually set pref-source on all routes to the loopback address too so you dont have to name / PTR and catalog all the interface addresses. I assume you don't know of any way to use some kind of auto ...

Azendale

I'm still interested in finding a solution for this. (Thanks Kindis for at least trying!)

Azendale

To follow up on this -- I've since learned that your life will be simpler if you don't try to do what I asked. Embrace using link-local addresses (with an interface identifier) as next hops. It makes for super simple configuration of network segments between routers. You mostly just have to decide i...

Azendale

Not available (yet) but both SFQ and PCQ can provide a solution if you don't have brand flexibility. Correct me if I'm wrong (and I appreciate that you are trying to find a workaround), but my understanding is those require something with fixed bandwith that you can tune the settings to. Isn't the ...

Azendale

I have less then this in the switch. Problems: It shows a flapping link with no cable connected and does not link up with a longer (<100m) installed cable we currently use with 1Gbps. Looks like the SW is not done yet. Is this a Copper Cable (or is it fiber)? Just wondering because I've using all D...

Azendale

And the same goes for the log. Oh my goodness, yes! I totally forgot about that! And yes, a freeze would be nice. I would still be most interested in the web version because that's what our "first line" techs use/have access to. But it certainly can't hurt (or be hard to do!) for both winbox and "w...

Azendale

We recently rolled a couple of Miktrotik routers into a pair of CCR1009-7G-1C-1S+ routers running VRRP. We thought we were doing a good thing for network reliability by implementing VRRP. Instead, it made our network LESS reliable than if we put it all on one router. (Grrr...) On early morning (like...

Azendale

Bump -- this seems like it can't be hard.

Azendale

This would make our life way easier -- right now, people screenshot the table and then manually retype an address! I can't figure out a good reason that we should not be able to select something in this table. This is in the web interface. I have tried to debug the problem a bit, it it seems to be r...

Azendale

Additionally, I see no way to run a script when a DHCPv6 response is proxied, nor variables that contain what address block was delegated to what IPv6 address/gateway, so I see no way to work around this with scripting.

Azendale

See: https://forum.mikrotik.com/viewtopic.php?f=2&t=133571 Where it seems you can not configure Mikrotik to service both DHCPv6 address requests and DHCPv6-PD requests on the same interface. Apparently, this is needed to do DOCSIS 3 (cable) IPv6 support as it does not support assigning IPv6 WAN addr...

Azendale

I think to do Prefix delegation, you just set a pool with a smaller prefix than the netmask on the block of addresses given to the prefix. Usually, I would use RA messages to allocate WAN addresses on downstream routers, and then DHCPv6-PD to allocate prefixes for the LAN on those routers (and inser...

Azendale

How can I send a Vendor Specific DHCP option (as assigned by a radius response) when using radius & DHCP? I've tried the Freeradius option DHCP-Vendor-Specific-Information, but a packet capture just doesn't even show the DHCP response being sent. If I set a relay to ISC DHCP, and then set something ...

Azendale

I have not changed the defaults with LEDs either: /system led print Flags: X - disabled, * - default # TYPE INTERFACE LEDS 0 * interface-activity sfp-sfpplus1 sfp-sfpplus1-led1 1 * interface-speed sfp-sfpplus1 sfp-sfpplus1-led2 2 * interface-activity sfp-sfpplus2 sfp-sfpplus2-led1 3 * interface-spee...

Azendale

Just in case it's something I'm doing with how I configured it, here is a sanitized config: /interface bridge add admin-mac=CC:2D:E0:00:00:01 auto-mac=no name=bridge1 protocol-mode=none pvid=398 vlan-filtering=yes /interface ethernet set [ find default-name=sfp-sfpplus1 ] set [ find default-name=sfp...

Azendale

Just took a peek at a more peak time (see what I did there

.

~25% CPU utilization at around 830 clients and 550 Mbps. This is on the 9 core CCR as mentioned above.

Azendale

So far, the 9 core CCR1009-7G-1C-1S+ that we are using is serving about 825 clients and 300 Mbps at the moment (that will get higher later in the day), with about 15% CPU usage reported. The profile tool reports that PPP itself is using .5-2%, queueing ~3%, firewall 2-4%, networking ~4%, on each cor...

Azendale

I'm running a CRS317-1G-16S+ and a CRS326-24G-2S+.

They are using ROS, but they are doing switching with a hardware offloaded bridge.

I don't seem to see any activity indication on the LEDs, even though there is 100s of Mb/s of traffic right now. Why?

Azendale

I can confirm that Freeradius works with Mikrotik's Radius client for PPPoE. Don't know it that helps, but at least you won't have to change as much. I can't give much feedback on the CCR PPP performance, but I'm actually going to be installing a pair of CCR1009 routerboards for PPPoE in our mainten...

Azendale

I have used link-local addresses to connect to routerboards without having to use a serial console while configuring them. (This is helpful for things that can't be done with a console, such as routing filters with multiple types of routes to match. Everything, even exports, say you can do protocol=...

Azendale

I think this should be doable, I had it working in the lab 2 days ago, I'll see if I can look at this closer later today. Off the top of my head, from skimming this thread, I'll say: Use only one bridge -- only one bridge will get HW acceleration! The end goal should be to have one bridge with vlan ...

Azendale

What is the right way to put multiple management IP addresses on one of the CRS 3xx switches, on different VLANs? Is it right to refer to the link from the switch chip to the CPU as the name of the bridge? Here is the config I have now. I have a packet capture running on the computer connected to th...

Azendale

I have two configs that seem to do the same thing. Which one is better? Is setting the bridge interface name as one of the untagged ports in a bridge vlan wrong? It seems to work. I was expirimenting with this because I'm trying to understand how the port between the CPU and switch chip is managed w...

Azendale

Mikrotik, what is the status of getting the "Delegated-IPv6-Prefix" attribute reported in radius accounting packets? I just ran into an instance in our production network where I needed this information (which our radius server is not reporting because it can't record what it doesn't get) in our pro...

Azendale

I work for a smallish ISP. We deliver our service with PPPoE. We currently manage the PPPoE sessions with RADIUS (our server is a Freeradius server). For IPv4, the WAN address is recorded by the freeradius server from the accounting packets sent from the Mikrotik PPPoE servers. If any abuse complain...

Azendale

I did some further testing. Removing ether3 from VLAN 300 and putting the port under Switch > Settings > VLAN (tab) > "Drop If Invalid VLAN On Ports" (list) at the same time caused the traffic to get dropped. With some further testing, I realized that this means if you set the "access" port under Sw...

Azendale

I have attached the config that I see this happening with on a CRS125-24G-1S-RM switch. What I'm seeing is that I have a machine connected to ether3 and to ether1. Both machines can be configured to use VLANs. The machine connected to ether1 has vlans 200,300 configured with 192.168.72.16/24 and 192...

Azendale

Firmware/router I was talking about in my last post: http://www.bufferbloat.net/projects/cer ... ease_Notes

Azendale

I too would like to see CoDel support. This is the kind of stuff customers notice, without ever even having to know how or why its better. (I'm talking about the people that don't realize the traffic they are moving through their home router (say streaming video over tcp/http on multiple devices) an...

Azendale

I'm trying to implement Mikrotik routers at a University. One feature they want is to have "volume based shaping" as they call it. By that they mean setting a transfer limit after which your bandwidth slows down. What is the best way to do this on a mikrotik? I have seen some things were people writ...

Azendale

I know Mikrotik can do rouge DHCP server detection. While you can use the email tool to alert, I would really like this to flow into Nagios. I had two thoughts for how this could be done. First, I can give Nagios a SSH key, let it login to the router, and run a script to check. So, is there a way to...

Azendale

First you have to know if you have multi ore single mode. orange is normaly multi. I know it's not single mode. I was able to talk to one the of the people there when it was set up, and he says it's 62.5. The thing I'm not sure of is how to know what the various SFP's mikrotik makes are able to be ...

Azendale

How do I know what fiber a Mikrotik SFP will work with? I have some orange and some aqua fiber. From what I've read, the aqua should be able to do 1.25G and 10G. The orange, I'm not so sure. (It's an already installed senario that I've inherited). So, how do I know if an SFP is for 50 or 62.5 core f...

Azendale

Bump? Surely I'm not the only one that wants to do a secure VPN between mikrotiks without having TCP inside TCP drawbacks?

Azendale

I've heard some concerns about the security of some protocols (I think it was l2tp that I heard that wasn't that good unless you use specific settings (I think MSCHAP or something like that)). I would tend to be looking for something with a layer2 level, but layer 3 could also work. I thought openvp...

Azendale

I'm sorry, I read your response but just didn't get exactly what you are saying. You mention setting up a PD-client on the PPPoE server? this attribute is not working. Idea is - you set up DHCP-PD-client on your PPPoE server and get dynamic pool. Then you can set pool name in RADIUS from where prefi...

Azendale

See http://forum.mikrotik.com/viewtopic.php?f=2&t=85454&p=428369&hilit=DHCPv6+pppoe+prefix#p428369 I have also confirmed with a Packet Capture between the routerboard and radius server that that attribute (Delegated-IPv6-Prefix) is not sent, even though the pool on the Routerboard does show that a p...

Azendale

I too would be quite interested in this.

Azendale

See http://forum.mikrotik.com/viewtopic.php ... 23#p419211 (and the thread it belongs to). It says that this is not supported.

Can we get OSPFv3 (OSPF for IPv6) authentication?

Azendale

Is there a way to make it so the router addresses used for the routes created by OSPFv3 is the global address of the router on that interface instead of the router's link local address?

Azendale

I'm also interested in knowing if (how?) you can do OSPFv3 authentication in Mikrotik. If you can't, is there a place to request this feature?

Azendale

I think you can configure OSPF authetication as below /routing ospf interface add authentication=md5 authentication-key=1234 authentication-key-id=1 cost=\ 10 dead-interval=40s disabled=no hello-interval=10s instance-id=0 \ interface=all network-type=default passive=no priority=1 \ retransmit-interv...

Azendale

We (an ISP) are considering using Mikrotik routers for home (CPE) routers for our customers. Is there a way to control what default settings a routerboard goes to when it is reset? Would there be a way to set it so that the user can press a physical button if they end up locking themselves out, and ...

Search found 44 matches