MikroTik

rextended

Ok, I'll give up before I answer badly.
Of three questions, you didn't answer one.

rextended

I can't thank you enough.

rextended

The lack of respect is very high, like that ignorant person who tried a 40Gbps test....

rextended

https://help.mikrotik.com/docs/spaces/R ... n+RouterOS

rextended

So the certificate is self-renewing or not?
The new one does not apply to the www-ssl service?

Have you tried with any browser?

rextended

The service on port 80 must be active for automatic renewal, as written in the guide, in 7.18.2. (for 7.17x and 7.19 there is also renewal via DNS verification) There is no practical reason why if you expose port 443 to the world, you cannot also leave 80 open. Absolutely nothing changes from a secu...

rextended

If you have a database and you free only some rows, the database is not compactedd for every delete.
If you delete all database, probably is also "compacted"....

rextended

Probably ISP do not asign static IPv6 etc. etc. etc.

Paste this on terminal and reboot, see if solve on long term.

terminal code

/ipv6 nd
set [ find default=yes ] hop-limit=64
/ipv6 nd prefix default
set preferred-lifetime=45m valid-lifetime=1h30m

rextended

Probably free space more than 134217727 bit cause variable overflow.

On your spare time, can you try again the passage from 7.18 to 7.18.[1|2] leaving on purpose free space less of 134217727???

On that devices are expected only 128MiB........

Just for fun and curiosity...........

rextended

Aside from the fact that they banned my account for a week for revealing some things in advance,
I'm not telling you that they shouldn't be published, but that in the face of this news, there needs to be PROOF.
Do you understand what I write or not?

rextended

discussion is just childish.

You are right, I will stop here, or rather there↑↑↑

The point is that it is wrong to provide information WITHOUT PROOF.

rextended

When people say it's rainy in their town, you also asking officials to confirm this? [/color] ... I'm tired of this bullshit. Your words bother you? Then don't say them... I'm fed up too, especially with the wrong examples. I don't care about the information about whether it rains somewhere or not,...

rextended

This absolutely doesn't change the fact, that AMT has appeared in 7.18, as I initially stated. Everything else is another question. And this absolutely does not change the fact that when someone appeared on the forum and writes about new features added to RouterOS, he must always cite the official ...

rextended

No matter, now DNS-over-QUIC is used. ROS supports DoQ??? No, are the browsers that ignore completely the DHCP/fixed DNS settings and use own protocol for show the ads. The final scope of all that is that you must not skip ads on browser, privacy is a big bullsh1ft and has nothing to do with it...

rextended

No matter,
now DNS-over-QUIC is used.

rextended

I won't comment these stupid conclusions. Calm down and don't scream so loud. The conclusion is not stupid, someone passing by, without be one forum admin or post official sources, announces something, it's just bullshit. Not to mention that maybe, as already happened, they remove some features fro...

rextended

Are there partitions used on this router? Two partitions would split the disk.

Official reply, please:
Are discontinued PPC products from year 2011 still fully supported?

Thanks.

rextended

Completely useless note or consideration,
because no matter what happens if it only sees 64MiB out of 128MiB there is definitely some underlying problem...

rextended

Hi: 7.19beta6 is too big for the RB1100AHx2, by a few bytes: ERROR: not enough disk space, 20.7MiB is required and only 20.7 MiB is free. The router was never re-partitioned, i.e. has a single "part0" with 64 MiB size. There are no files or directories under /files. -- azg RB1100AHx2 ( ye...

rextended

Simply that you are writing nonsense and in the user forum.
If you want to contact MikroTik write to support@mikrotik.com
What users think or write matters absolutely nothing.

rextended

They've already invented the "supercazzola prematurata con doppio scappellamento a destra".
hahahaha
Few will understand it...

Like the OP on user forum...

rextended

They've already invented the "supercazzola prematurata con doppio scappellamento a destra".

rextended

Put 7.16.2 back and wait until someone at MikroTik figures out the difference between 16M and 128M...

rextended

The whole kid control thing makes no sense how it is implemented. In short: If you feel the need to use machines to control humans, you are definitely doing something wrong. Long: You are absolutely right, it is the parents who have become incompetent. When my father told me something it was law, n...

rextended

It's like writing "I don't know how to do it, click here, click there"...
What you wrote is completely useless, just read my previous post and you can clearly see what needs to be changed.

rextended

do you have a list of domains or ip used for renewal? it doesn't seem very professional to expose the port to everyone unless there is a service exposed on it. Il servizio non è fornito dalla MikroTik, quindi rivolgiti a Let's Encrypt per la lista... se te la danno. [ The service is not provided by...

rextended

I change one user-manager and one Dude done with RB1100AHx2 (powerpc) to two RB1100Dx4 (arm) when is coming out, but have internal disk, not use mainboard flash.
But RB1100AHx2 still working both...

rextended

full of useless... /ip firewall address-list remove [/ip firewall address-list find list=firehol_L1] /ip firewall address-list add addres=1.10.16.0/20 list=firehol_L1 timeout=2d /ip firewall address-list add addres=1.19.0.0/16 list=firehol_L1 timeout=2d /ip firewall address-list add addres=1.32.128....

rextended

From 2007 i never change a single device for memory wearing,
but also I change obsolete devices, no matter if are working or not.
I have only xxx-ac devices and CCR/CRS. No more RBxxx except "new" RB1100Dx4

rextended

POSIX do not have that at all, not only RouterOS.

rextended

Ignoring why you want to expose a device to the internet with an IP, instead of opening only the necessary ports via NAT, you have not explained how the provider delivers you internet and how they should deliver the second IP to you. Paste this on terminal for join ether1 and ether5 on one bridge, s...

rextended

What’s the meaning of life? 😁 The problem is that if I write it, life for you might no longer have any meaning... The meaning of Life is... to seek a meaning to Life. _ _ _ __ _ _ _ _ _ _ _ _ | | (_) | \_\ | | | | | | | (_) | ( ) | | | __ _ __ ___| |_ __ _ ___ | |__ ___| | | __ _ _ __ ___ _ __ ___|...

rextended

"Karma" has been gone for a while... In fact if you search for old topics you will be able to see everytime at the end of a reply "if it was useful, please add Karma..." which had become boring as "Sent from my phone using Tapatalk Pro" at the end of every post, for laz...

rextended

So what would be the point of this topic?

rextended

You try another PC? If not, what you wait?

Device model?
Winbox version?
RouterOS version?... You update today to 7.18 or 7.18.2?

Do one

/export show-sensitive

on SSH, save the results and netinstall the device.

rextended

Super, much thanks.

rextended

Are you making the same mistake as beginners? Ask directly what you need. In case 1) set allow-remote-requests=yes is completely useless, and the input port from the LAN must not be opened (which by DEFAULT is only allowed from the LAN) In case 2) just leave the DEFAULT rules and the LAN devices MUS...

rextended

The fles are signed, why uselessly use cpu power to encrypt/decrypt what is already signed?

rextended

Understand, but I am not able to read your "version"... This? /system leds find [ :if ($leds=[:toarray "user-led"]) do={ set $".id" type="on" \ disabled=(!$disabled) } ] addedndum on previous post: missing quotes between "trueon", the 2nd pair of [ ]...

rextended

@Josephny

Interesting, but the LEDs are small and you would have to have the device in front of them to attract attention...

rextended

For example, if wifi interfaces are on/off.
Some customers ask me to disable wifi on cAP central button press, that also disable the led...

rextended

Anyone can make a certificate these days. It's all become so trivial... The purpose of https is to encrypt the connection between two points, not to certify what passes through it... However, yes, .npk files have 32 bit of signature at the end (and also .dpk, and also .fwf) so they can't be tampered...

rextended

(no space between do= and {)

I think this suffice... on same set you can set more...

/system leds find [:if ($leds=[:toarray "user-led"]) do={set $".id" type="on" disabled=(!$disabled)}]

rextended

Yes, if you configure it properly How about I configure my boot right into your pin hole. You are worthless piece of shi f t, if you have nothing constructive to say then shut the fuc hs' endothelial k ibble up. I think you broke the record for swear words and insults in a single post. Not even a f...

rextended

rextended

Karnaugh
Y N
O 0 1
F 0 0
disabled Yes / No
type On / oFf
LED 0=off 1=on

So the less expensive thing to consider if is at the same time disabled=no and type=on

rextended

It is understood that without scripts/scheduler/on-event/netwatch it does not mean that scripts cannot be used to initially configure the device...

rextended

I'm not getting into the OP's issue, but IPsec is a VPN and using WinBox over IPsec............

rextended

I'll be vague, as I was before the CVE for brute-forcing usernames came out publicly.
I wouldn't use 7.17 even if they paid me, I believe MikroTik got it done with 7.18....
but with 16MB peripherals I wouldn't use 7.18.2 either...
and anyway 7.18.2 is too fresh....

rextended

I think you misunderstood me, it was a compliment for you...

I know you didn't have the idea, but you were fundamental in intuiting the right point of view....

[What can be easy flipped as true/false? Whether it is disabled or not!]

rextended

7.17.x 1) is too fresh ; 2) and deplete completely the 16MB free space after some time.... 7.18 is worse for point 2) and is unstable (see 7.18.2 and is not finished...) 7.17 is no longer being developed or fixed, so if no new fixes come out it's not because there aren't problems... because with eac...

rextended

Simple approach:
Peripherals that have 16MB of NAND/Flash or less leave them at 6.49.18 long-term (for those that can be put v6).

In the rest of the cases put them at 7.16.2 and wait...

rextended

Ok, done.

rextended

Turn on/off the user-led if is already defined,

/system leds find [:if ($leds=[:toarray "user-led"]) do={set $".id" disabled=(!$disabled)}]

obviously is always type="on"

Well, you should be satisfied, today you beat me!!!

rextended

use set 0=on/set 0=off.

no... please no........

at least set [find] type="<on or off>"

While playing with the thingy, there is also the disabled state, the user-led set to on BUT disabled is actually off, and as soon as I enable it, it lights up.

muble, muble.....

rextended

I've got the idea from someone you might know: https://forum.mikrotik.com/viewtopic.php?p=875571#p875571 I know myself well enough not to stay in the same positions if something evolve. If I later notice problems that arise because RouterOS changes or interactions with other functions that were not...

rextended

Open separate topics, don't mix everything in here, it's already hard to understand anything.
When you've done it elsewhere, write the results here.

rextended

place-before=*0 place-before=*0 ERRORS. for 2+1 reasons: 1a) *0 ID do not exist if there are not mangle rules, 1b) never use IDs or "relative numbers" on scripts. 2) Better not move static items over dynamic "special dummy rule to show fasttrack counters" or the RouterBOARD it m...

rextended

[...] The essence is the same :) , bummer :( >>> Why " :( " ? It's better than... I don't want to argue with the AI as usual >>> I hoped there was a clever way to invert the status of a boolean *somehow* without needing to check the current one Exact, can be done, but is not a boolean, ...

rextended

1) If work, is correct and is not too much complicated. 2) See my example. 3) Can be one-line command if accepts true/false (boolean) instead of on/off... 4) Missing a chech if the leds group exist. On my example I add it if is missing (but I do not check hardware if have or not the led) If is somet...

rextended

I'm repeating myself, but unfortunately people don't know how to distinguish L2MTU from MTU and it always creates confusion . If all the machines are under your control, making a PPPoE connection with an internal MTU of 1500 is a walk in the park. If instead you have to go through third-party lines ...

rextended

/interface ethernet switch rule add switch=switch1 ports=ether41-node102 src-address=192.168.1.30/32 comment="Allow only IP 192.168.1.30" add switch=switch1 ports=ether41-node102 new-dst-ports="" comment="Block all other IPs"[/quote] It obviously works fine if it also ...

rextended

Let's not mix apples with oranges. Layer 3 MTU is one thing, Layer 2 (L2MTU) is another. Ethernet MTU refers to how much the IP (and others) data is. VLAN MTU means how much big can be the data that internal ethertype can carry. If you have one ethernet with MTU of 1500, you notice that a VLAN with ...

rextended

This thing made me think so much, that I could write a book about it. A story of a civilization so advanced that no one leaves home, everyone is in a cabin and no one has ever really seen anyone other than their family and the robotic doctor. Everyone would look the way they want to others. People w...

rextended

I'll try to explain better what concerns me, so that no assumptions can be made. If I forgot something, ask... Q) What would change in my life if an AI came out that wrote scripts better than me and others here on the forum? A) Absolutely nothing to me. Q) If the aforementioned AI existed, would I u...

rextended

Your emotional resistance won't change that trajectory. How cute, the emotions, the love, the envy, the joy... It has nothing to do with it. Do you want to explain whether or not a black hole exists.. with a fart??? :lol: :lol: :lol: You are fear of this, you are fear of that, you are envious of th...

rextended

typists had toward word processors switchboard operators had toward automated exchanges Two examples that require determinism, against something not determinate, as you yourself wrote. I don't want a word processor to correct my sentences as someone else likes, just because someone else whose LLM h...

rextended

PLEASE do not quote SO USELESSLY... The actual ping/https process have it's connection taken down, for restart ping/https from that process, stop and start again, for create a new connection. The fix is close... (wait...) add this on "disable NAT" part of the script... do not alter timeout...

rextended

/ip ipsec policy get [find where peer="NordVPN"]
alone do not do nothing

:put [/ip ipsec policy get [find where peer="NordVPN"] ph2-state]

rextended

I added the answers in the post after your questions.

The previous posts have been integrated.
Always check the IPsec status, only that it is no longer based on commenting dynamic routes...

The scheduler is put on the same previous topic where is the script.

rextended

1) I use winbox, not the command line. The dynamic route created by LTE lost the comment everytime. 2) Is not cpu expensive, so every 2 second suffice. I add the "copy & paste" for create the schedule 3) If you bring down the LTE, how the IPsec can go up? I miss something on your confi...

rextended

Schedule this: :if ([/ip ipsec policy get [find where peer="NordVPN"] ph2-state] = "estabilished") do={ /ip firewall nat enable [find where comment="defconf: masquerade" and disabled] } else={ /ip firewall nat disable [find where comment="defconf: masquerade" ...

rextended

I don't want to bother you in this thread, but wouldn't it be better to find the safe-mode active by default (maybe it can be disabled with an option when launching winbox) and ask for confirmation of the changes when exiting winbox? (at most from the browser if you forget to confirm or the operatin...

rextended

As already written, I'm an ordinary user (and not even a moderator as you thought), you have to write directly to support@mikrotik.com if you want to contact the staff, this is a user forum where sometime staff appear here. But, as already written, RouterOS uses an old kernel and I don't know if the...

rextended

Not to insist, but I've been writing this since the beginning I wrore about compatibility...

rextended

Thanks for the explanation, in this case you have my total understanding. A suggestion for the future: If it were possible to introduce automatic measures to prevent permalocks, such as preventing deleting or disabling a bridge if there are still ( active ) ports connected. It always makes me think ...

rextended

Throw everything in the trash and start over. The configuration is unwatchable, all the BASIC firewall rules are missing... And if you want help, but hide the rest of the configuration, you can do it yourself. You have to show everything with "/export file=myexport", even vlan, ip (censore...

rextended

it's released to public, so someone's gotta test it and report when things don't go as planned

I would really like to know what quality control they do, since it takes very little to block an updated routerboard.

Do they expect the user to just do netintall to update them???

rextended

I don't understand the blame,
the software is beta,
if you didn't want risk to brick the device, why did you put it in?

rextended

You have time machine, Feb/7/2106...

rextended

*) console - added on-error to "for" and "foreach" loops;
*) console - do not treat return values as errors in scripts run from scheduler;

rextended

That switch is used on:
RB750Gr2 (hEX)
RB962UiGS-5HacT2HnT (hAP ac)
RB960PGS (hEX PoE)
RB960PGS-PB (PowerBox Pro)
RB3011 (all series)
RB OmniTik ac (all series)

rextended

I'm missing something... Why you do not want fasttrack UDP?

rextended

https://help.mikrotik.com/docs/spaces/ROS/pages/15302988/Switch+Chip+Features#SwitchChipFeatures-Introduction https://help.mikrotik.com/docs/spaces/ROS/pages/328068/Bridging+and+Switching#BridgingandSwitching-BridgeHardwareOffloading So, in that models: C52iG-5HaxD2HaxD-TC (hAP ax2) C53UiG+5HPaxD2HP...

rextended

Ah, on RouterOS??? Do not write on forum, but to support@mikrotik.com At least [rex@7.23.5] > :put [:timestamp] ; # timestamp give already "time" 2879w18:16:44.037086370 [rex@7.23.5] > :put [:tonum [:timestamp]] 1741285004 [rex@7.23.5] > :put [: todate [:timestamp]] 2025-03-06 18:16:44.037...

rextended

Already exist this: https://forum.mikrotik.com/viewtopic.php?p=977170#p977170 and also consider TIMEZONE... [rex@7.16.2v7] > :global unixtodatetime do={ {... :local ux [:tonum $1] {... :local Fzerofill do={:return [:pick (100 + $1) 1 3]} {... :local prMntDays [:toarray "0,0,31,59,90,120,151,181...

rextended

Can a pc read tags, NO, so we have to untag the traffic leaving the port that is connected to the PC.

But... that's not quite right...

rextended

Aside from wanting to hurt yourself with bullshit (not censored on purpose, this time), the most logical thing to do is to allow all the traffic that is done by a "clean" device, and the traffic destination is logged and then is allowed permanently by the other devices as well. So one devi...

rextended

[..] I make a full binary backup and then assign a restore via the scheduler with enough time in advance.[...] I was already giving the same advice a few years ago, it's how I work... 0) If it's a bug like the one reported above(¹), you're fu–ed anyway... 1) Make a binary backup 2) Make one export ...

rextended

Let's get out of the rambling. Given that security is important, for me you have a too serious approach. You approach a network for casual users in transit at the bar in the same way as a network of institutes for bacteriological research. I know that total security is equal to the sum of its parts,...

rextended

What borders? Wait a few months and... there will be "some" unemployed on border customs in Canamericaland...

rextended

MikroTik has the habit of leaving the same name for different things... the user-manager of v6 has nothing to do with the one of v7, like CAPsMAN, etc...

rextended

It's easy: if you have multiple sources, specify more interface where search service/AC Name.

rextended

It would be enough if the safe mode was automatic(*) and asked for confirmation of changes before exiting...

(*) Increased from 100 to ad libitum...

rextended

Like removing or disabling bridge for error on untouched router cause permalock

rextended

Where is the export?

Where is the masquerade?

rextended

This exist on 7.18.1 so, probably, also exist on 7.19beta BUG : Removing not default queue type used on queue simple or queue tree before removing/changing the existant queue cause permalock . How to replicate: /queue type add kind=cake name=queue1 /queue simple add name=queue1 target="" t...

rextended

BUG : Removing not default queue type used on queue simple or queue tree before removing/changing the existant queue cause permalock . How to replicate: /queue type add kind=cake name=queue1 /queue simple add name=queue1 target="" total-queue=queue1 /queue tree add name=queue1 parent=glob...

rextended

Ouch... RouterOS 6.43.8 fast-forward off??? /interface bridge add fast-forward=no name=bridge1 all the bridge config is obsolete for new versions, just upgrade to last v6 long term. pptp server enabled whit blank user??? the world is not enough.... open door for all the world... /interface pptp-ser...

rextended

Ok, with remove [find default=no] also my device is locked... probably the command is used before deleting existing queue simple/tree that use the type..... A manual reboot solved, not go on loop. NO. Must netinstall. after some seconds locks again. /queue type add kind=cake name=queue1 /queue simpl...

rextended

It's a switch, not a router, it has a different use. Do you drink broth with a fork? Whatever happens, you need to show the switch configuration export (not screenshot), because it should still be able to rotate at least 100Mbps for sure, so it could be the configuration that sinks it. https://mikro...

rextended

If I tried to translate it into English it would be "Come on, I don't believe it!"

rextended

Avoid this command in this version, your device will crashed and put the device on boot loop. /queue/type/remove [find default =no] just done, nothing happen. C52iG-5HaxD2HaxD These things written so haphazardly and without the slightest context are worthless. Provide the supout.rif to support@mikr...

rextended

Maremma cinghiala..............

rextended

Didn’t mean you specifically, but if you relate… well, I’m not gonna argue! 65+ maybe?

I thought you were referring to me, since I wrote a lot in this topic.

No... I'm about 20 years young... less...

rextended

(I'd be curious to know how old you think I am...)

rextended

Experienced travelers still bring their expertise to interpret the GPS suggestions, understanding when to follow them and when human judgment should override. How many people I found going the wrong way, children run over by those who end up on the sidewalk to look at the screen... But it would hav...

rextended

But look, I would call it a heartfelt discussion, rather than a flamed one.
So far it is at a high level of democracy and civilization.

rextended

Look, you can count on my help (if it's my sector), it's not that if I think, in one way or another, I give up expressing what I think. I repeat again that users have no qualms about sharing knowledge, they simply don't want to be treated like AI proofreaders . (at least this is what I deduce from w...

rextended

When something comes easily to someone, they often struggle to understand why others might need different approaches or tools to achieve the same outcomes. Not everyone processes information the same way, has the same learning style, or possesses identical cognitive strengths. You finally wrote som...

rextended

I wonder what your actual capacity to understand and want is. That you are a ChatBot? Now I will avoid asking you to prove to me that you are alive, but I will ask you a simple question: Did you take those who participate (for free) on the forum, making their knowledge available (for free) as proofr...

rextended

[*]Create content that many users can't distinguish from human expertise Exactly, many users, not all users... [*]Produce solutions that work well enough to be implemented Maybe, never seen (well enough). [*]Capture value from your knowledge and corrections without compensation I am among the many ...

rextended

Two posts ago, the answer seemed to me to be written by AI, completely written in an unnatural and artificial way. And as I have written several times, I only write what I write, nothing else. So, if your intelligence has not yet understood it, I am against posting those incorrect -hi- results. Yes,...

rextended

Tools evolve and help us do more with less, and that’s kind of the point, right? In fact, look at nature: It has a tendency to make the most stupid or defective plants, animals and beings in the same species die more easily, while it rewards and makes the plants, animals and beings that know how to...

rextended

(ask also how many partitions...)

rextended

The problem with posting s–t generated here on the forum is that, in addition to the s–t generated by real people, it adds to the material with which intelligence is trained and users (the few) who search for something on the forum also find the remains of s–t from artificial intelligence. Not to me...

rextended

Forget about generative artificial intelligence, consider instead intelligentive real generation... First of all, but if in the script you delete all the backups that have a date lower than now less 30 days, isn't it quicker to delete them all with adequate remove-find-where command??? All the previ...

rextended

(*) Ignoring any higher level considerations, read this:
https://help.mikrotik.com/docs/spaces/R ... classifier

There is no (*) way to add two different ISPs to increase speed. At most you go as fast as the faster of the two.

rextended

Same here (hap ax3 user)...I could never get mtu 1492 pppoe client...always goes back to mtu 1480, no matter how i manually set mtu mru etc.. But when I use my openwrt router (pppoe client), I can get mtu 1492 automatically. If you don't show (the export ) how you configured the device, what do you...

rextended

I need all the support from each and everyone of you As already written, either you buy a RouterBOARD or you use bare metal hardware compatible with RouterOS x32_64, or a virtualiser (as the other user suggested, ESXi) compatible with hardware to which the virtualiser can provide direct access, but...

rextended

I see there is still confusion between MTU and L2MTU...... But the user still doesn't understand the difference between L2 and L3 MTU, As already written in other posts, the MTU must be 1500 everywhere, when is not needed to be changed. PPPoE MTU and MRU 1500 (no MRRU). The VLAN is not an L3 protoco...

rextended

The PPPoE MTU is more related to those who play at home with RouterOS, or some company that to save money buys toys instead of a serious RouterBOARD (and if the ISP knows how to do its job and provides an MTU of 1500...). Please read post earlier [...] So stop saying my isp is not doing good job IT...

rextended

which ones are included in each ROS version remains a big mystery
which Linux kernel NIC drivers Mikrotik chooses to opt in when compiling RouterOS is unknown.

viewtopic.php?t=214801#p1130469

rextended

Thanks, you saved me the trouble of searching through the changelogs.

rextended

I have to write that station-bridge and station-pseudobridge appeared in 7.18.1 in the hAPax² that I have for testing, so, I didn't notice, they added something...

wifi, double click on wifi1, general tab.... mode:...

rextended

https://help.mikrotik.com/docs/spaces/R ... PUdevices*

rextended

I have to write that station-bridge and station-pseudobridge appeared in 7.18.1 in the hAPax² that I have for testing, so, I didn't notice, they added something... I need to investigate further. https://help.mikrotik.com/docs/spaces/ROS/pages/122388518/Wireless+Station+Modes This mode is MikroTik pr...

rextended

I usually say what I say, and I don't start saying I didn't say something...

rextended

Before continuing, please note that NEW AC or AX drivers DO NOT SUPPORT any modes other than AP and simple client,
instead all old drivers support all legacy 4-MAC modes, like station-bridge, etc.

rextended

Since all the internet, or at least 90% (ahem... :wink:) transmits with MTU at 1500, you will never have problems with MTU at 1480/1492 in PPPoE because in this regard I think that nobody connects via PPPoE to a host hosted on a cloud... The PPPoE MTU is more related to those who play at home with R...

rextended

Ahhhh, not rules, addresses.... 🙃
Effort for effort, put 7.18.1 instead of 7.18[nothing], it fixes more issues related to those written than it seems...

rextended

If you want an official answer, write to support@mikrotik.com and see if they give more importance to the latest arrival (sarcastic),
than those who have been asking for years to make 7.something an LTS................
I recommend 7.16.2, for now....

rextended

38,146 only on firewall filter????......

rextended

But as I wrote before, just put the correct command in the scheduler instead of just the name of the script:

/system script run myscriptname

rextended

More fast than my copy & paste....

:local thisscript do={
    :log info "PRE-RETURN"
    :return   ""
    :log info "NOT-EXECUTED"
}

$thisscript

rextended

Code: Select all
/system script run p

Inside the scheduler, and work as you expected....

:return is for go outside one function, not for stop the script, is a misuse, where is on the docs?

rextended

I was unable to replicate the error. Based on what you wrote, and guessing everything else... The error is... You omit "/system script run" in front of "p". Is not just "p" but the full path must be specified: /system script run p Detailed: What is p ? Is a shortcut fo...

rextended

is better "/system scheduler export" and "/system script export" that one print for readability & debug and also for see how the script is invoked but what's the point of a :return "" outside a loop that returns nothing to nothing? also this is a correct script, but...

rextended

Thanks for the clarification.

rextended

I can only assume that it works fine for some users.

There are already some complaints on the forum about the same thing on x86 systems because you can't change the MTU from 1500 to more.

rextended

(
I forgot, the driver for Intel i211AT is only present on VyOS
==> Intel(R) Gigabit Ethernet Network Driver igb 6.6.79
that on RouterOS is not present but e000e driver can use only basic functions due that do not support completely 82575-, 82576-, 82580-, I350-, I210-, I211- based NIC.
)

rextended

I'm not a moderator, so I didn't ban anything, it was your behavior (not in this thread/topic)

rextended

NIC drivers on RouterOS 7.18.1 for CHR / x86_64 5.6.3 kernel ( 2020 ) Intel(R) PRO/100 Network Driver e100 (2016) Intel(R) PRO/1000 Network Driver e1000 7.3.21 Intel(R) PRO/1000 Network Driver e1000e 3.2.6 Intel(R) Gigabit Virtual Function Network Driver igbvf 2.4.0 NIC drivers on VyOS 6.6.79 kernel...

rextended

It would seem there is something lacking in RoS. And what have I written so far? There are no drivers. Can these drivers be added? Last VyOS release is ~600MB, last x86_64 / CHR RouterOS release is ~20MB? (i do not remember correct size but are closed to what I wrote) so RouterOS has ~580MB of &quo...

rextended

A trivial example (direct on bare metal x86, not CHR), VyOS supports the Intel i211AT chip because it has dedicated and specific drivers inside.
RouterOS does not have specific drivers, but generic ones, which do not allow you to make popcorn(...) with the network card.

rextended

@anav , is the same: and RouterOS doesn't support all the functions on non-RouterBOARD hardware or that doesn't have fully compatible drivers inside RouterOS ... Unzip the .npk and you have the list of what kext are inside the RouterOS... Usually you have to prove the existence of something you cla...

rextended

You've already had an answer, how long does it take you to figure it out? I had to reply to a user in another topic and I found yet another post resurrected to draw attention to his problem with 1492 / 1480 MTU. But the user still doesn't understand the difference between L2 and L3 MTU, and RouterOS...

rextended

@jlgonzalez
Don't pollute this topic unnecessarily, open a new one in Scripting for this thing and show the script.

rextended

mode must not used if is used url

It looks like a script made by artificial deficiency, too many clues.
Even a person who doesn't know scripting could not systematically write it badly like that.

# Replace spaces with %20 to avoid error in Telegram
:set Message [ $Message ];

rextended

He already knows it...
viewtopic.php?t=202945#p1045773

rextended

I could understand for the peripherals that were born with RouterOS v6, but for a peripheral that was born with v7 (am I remembering wrong?) they should make dedicated packages where useless drivers for all the other individual arm models are not put... Have you tried if netinstall + .rsc does the m...

rextended

Why, do you keep a door open with winbox to the rest of the world? How could this possibly bother you or the security team? Do you use the default user admin or some other trivial username??? In another topic it has already come out that if you put the user like "#7464.myXomRuser" it takes...

rextended

Finally wise words.

rextended

On v6 ax do not exist at all.

rextended

Instead of being sarcastic, try to understand what I wrote, that these are free lessons. It doesn't matter if you admit that you take them into consideration, no one will ever know. No one is elite or infallible, insistence is wrong, especially when there is a clear and simple solution: /system rout...

rextended

Also you failed the read the part where I stated if you want the full value that another pick statement is required. don't try to climb up the mirrors... { :local firmware "7.17.2" :local upgrade "7.18" :local curver ([pick $firmware 0 1] + [:pick $firmware 2 4] + [:pick $firmwa...

rextended

So important it's wrong. For "him" 7.17.1 and 7.17.2 are the same thing... Ignoring then that 7.9.x and lower give an error...

rextended

That script works just fine. since I'm already using it. Maybe try it for yourself ? Do you really want to teach me the basics? (for example :set $curver, where is already defined curver? why is present $ in face of curver, you try to add two strings, etc.) Using your logic: { :local firmware "...

rextended

Script Error: cannot add string to string And is full of other errors. Before you write this b–t, do you try them? As I already wrote, it's useless, just let RouterOS do it, since you have to restart it anyway to use the new "bios"... /system routerboard settings set auto-upgrade=yes

rextended

in ROS6 working flawlessly

So I ask myself why change...

rextended

I asked Grok if the script was correct, and to tell me the truth, not to please me and not to give me satisfaction. To these instructions he replied that the script immediately locks with an error, because no one responds to "value:" and even if someone responds, to the first "remove ...

rextended

RouterOS v7 does not use MikroTik custom drivers as v6,
so,
no extra features that aren't already built by the driver/chip vendor.

rextended

I had to reply to a user in another topic and I found yet another post resurrected to draw attention to his problem with 1492 / 1480 MTU. But the user still doesn't understand the difference between L2 and L3 MTU, and RouterOS doesn't support all the functions on non-RouterBOARD hardware or that doe...

rextended

Stop resurrecting old topics and merging them all here.

You've had your moment of attention.

Write to support@mikrotik.com or buy a MiroTik device if you want to use RouterOS in full.

rextended

You are becoming a plague on the forum with the necroposting and hijacking the topics that need to converge with yours. Buy MikroTik hardware so you solve the problem. MikroTik does not provide support for every peripheral on the market, if you use x86 or CHR it is up to you to choose compatible ha...

rextended

Since 7.18 that structure doesn't work. Now you can't import a txt file as a certificate. It's necessary a pem file. A PEM file IS a renamed TXT file... Probably do not work for "bug" solved on 7.19beta... *) console - fixed issue with files when using scripts (introduced in v7.18); I hav...

rextended

Everytime start from upper IP, but on multiple "next", use the "next" only when the main poll is depleted. /ip pool add name=SuperPool ranges=192.168.88.2-192.168.88.254,192.168.89.1-192.168.89.254,192.168.90.1-192.168.90.254,192.168.91.1-192.168.91.254 usually start from 192.168...

rextended

rextended

The software used on DVRs/NVRs is leaky everywhere, especially in the less expensive ones... Customers install them and leave them on for months without ever checking for updates or brute force usernames and passwords. Then once hackers have hacked them, they install their own firmware on top and do...

rextended

Nothing particularly technical...

rextended

Easy: Avoid to open ports to DVR/NVR

rextended

IP address of "1.1" should be expanded to "1.0.0.1" (which is Cloudflare's other DNS IP) But RouterOS deals with IPv4 shortcuts just fine: :put [:tostr 1.1] 1.0.0.1 :put [:typeof 1.1] ip Yes, it follows it so well that in json 1.1 as a string it is then converted to an IP even i...

rextended

To add default IPv6 FastTrack when updating from ANY v7 previous version, just paste this into the terminal (barring arbitrary changes to the default configuration already made). New devices netinstalled with default 7.18beta4 config and later, or reset with default configuration on 7.18beta4 and l...

rextended

Can, please, be explained this:
*) bridge - improved stability in case of configuration error (introduced in v7.15);

rextended

The problem is not there. One must always know what he is doing. For example, in the default configuration of a hAPax², if a novice deletes or deactivates the bridge he immediately loses control of the device and must netisntall it from scratch to access the configuration again... (out of the bridge...

rextended

And again, is simple to split the pool, that remember why fake MAC are used on leases .... Extra fake leases inside the leases table are more annoying when working with them than setting up the pools correctly once and for all. And then I think that taking unnecessary steps later is worse than immed...

rextended

Set default share on "lo" interface only.

/disk settings
set auto-media-interface=lo

rextended

Lately I see dozens and dozens of customers with a hacked DVR / NVR because they insist on leaving a port open to reach it from outside, instead of using the cloud or a VPN first... (All used as an attack vector for RDP protocols) It will be yet another NVR in the hands of hackers. add action=accept...

rextended

https://mikrotik.com/consultants

rextended

Use correct syntax, show-sensitive included for full backup.......... /export terse show-sensitive file="backup1-gw.rsc" /tool e-mail send to="user@email.com" subject="$[/system identity get name] export" \ body="Gateway Backup-Config $[/system clock get date]"...

rextended

This script is not working, Please check [...] It's not the script that doesn't work, it's you who are unable to write it correctly. I misread before, but just do this: /system routerboard settings set auto-upgrade=yes The routerboard does not auto-reboot to apply it (and not even in the previous s...

rextended

Have you tried what I wrote to you? Server side: Ethernet MTU 1500 (pppoe is not a L3 protocol, useless increase MTU) Restore original ethernet L2MTU of 1580 (suffice for VLAN + PPPoE) Bridge MTU AUTO (remove the MTU) Set VLAN MTU to 1548 Set PPPoE Server Max MRU and MTU to 1540 and do not set MRRU ...

rextended

The simplest, if you really like shooting yourself in the foot, is this:

viewtopic.php?t=214886#p1127217

rextended

Expires ::= Year-Month-Day Hour:Min:Sec Hour ::= 00..24 Min,Sec ::= 00..59 Month ::= 1..12 Day ::= 1..31 Year ::= 1970.. 2106 2106 is the "fix" using unsigned 32 bit for gain time... (06:28:15 UTC on Sunday, 7 February 2106) (and similar problem exist for NTP that stop working 06:28:16 UT...

rextended

I do not know why is 14 days later on 2 Feb and not 19 Jan, but is something involved like that... too much coincidence...

rextended

Is simply the time bug that from 03:14:07 UTC on 19 January 2038 all 32 bit OS stop correctly working on dates.
The next seconds the time go back to 20:45:52 UTC on 13 December 1901

rextended

remove want one array of one or more IDs as parameter

/file remove [find where name="$identitydate-IP.txt"]

no matter if on terminal this or that work or not.

rextended

A device that is recommended instead of the cloud that uses proprietary and closed software is worse and provides fewer guarantees . Here in fact comes the problem of using "in house" solutions rather than the cloud. If you do everything yourself and something breaks you get screwed, if yo...

rextended

No one is forcing you to use or buy that model, just ignore it.

rextended

for localize all commands without write in every line /system, on this case only date is used, but also gmt-offset, time-zone-autodetect, dst-active, time, time-zone-name can be obtained without write everytime /system /system :local cdate [clock get date] is the same to :local cdate [/system clock ...

rextended

viewtopic.php?p=1129471#p1129463

rextended

Please consider also this:
viewtopic.php?t=214879#p1127113

rextended

WARNING: Installing 7.20_ab28 (on 7.18rc1) reset to " no " the device-mode flagging-enabled, traffic-gen, container, partitions, routerboard , on my hAPax² that I have already set to " yes " on 7.18rc1 (OK, this topic is about 7.18, but 7.20_alpha_build28 is provided in this topic)

rextended

I have pointed out the errors in general, then if something goes wrong, first draw a diagram of how things should go,
then @anav will guide you (if you listen to him and are cooperative) in what you need.

Post also a "fresh" export

rextended

i used the dhcp setup it give me that by default

I don't believe it even if you make a video.

First you made the VLANs, then you put the IPs randomly, then when you launched the DHCP setup it adapted to the bu–it you wrote before.

rextended

no difference because @panisk0 do not finish the corrections

rextended

You can not use .0 IPs for addresses, nor for gateway, and also the pools must start from 2, not from 1.

Where you find this s~y config?

rextended

One /22 of 1015 address (+ 1 gateway + 1 broadcast + 1 network + 6 skipped .0 and .255 addresses = 1024) /ip dhcp-server network add address=192.168.88.0/22 dns-server=192.168.88.1 gateway=192.168.88.1 netmask=22 ntp-server=192.168.88.1 /ip pool add name=SuperPool ranges=192.168.88.2-192.168.88.254,...

rextended

is simple to split the pool, that remember why fake MAC are used on leases....

rextended

viewtopic.php?p=996854#p996854

Also 3, 7, B and F have private bit on...

Just this:

:local test "0F:0C:DE:AD:BE:EF" ; :if ($test~"^.[2367aAbBeEfF]:") do={ :put "fkng private"}

Search found 13622 matches

terminal code