Community discussions

Search found 154 matches

by Etz
Sat Oct 05, 2019 2:33 pm
Forum: Announcements
Topic: Securing your device is important
Replies: 32
Views: 11351

Re: Securing your device is important

There seems to be a mistake in ipv6 section (wrong prefix length): add chain=input action=accept protocol=udp dst-port=546 src-address=fe80::/16 comment="accept DHCPv6-Client prefix delegation. Should probably be: add chain=input action=accept protocol=udp dst-port=546 src-address=fe80::/10 comment=...
by Etz
Mon Aug 05, 2019 7:40 pm
Forum: Scripting
Topic: FastTrack-Friendly QoS Script
Replies: 45
Views: 13797

Re: FastTrack-Friendly QoS Script

You'll need to copy and paste the script into scripts (system->scripts->new (+)->paste), change the upload and download bandwidth and inbound and outbound interface names at the top to match your settings, and run the script. (the bandwidths should be slightly less than what you normally receive as...
by Etz
Fri Apr 05, 2019 6:10 pm
Forum: Announcements
Topic: v6.44.2 [stable] is released!
Replies: 67
Views: 12500

Re: v6.44.2 [stable] is released!

clear all the files on /files then upload the npk, stop and clear cache on webproxy, it will give you little space. Are you REALLY running a webproxy on a hAP using the flash as the proxy cache???? :-o :-o :-o haha yes, i am implementing transparent proxy, for testing only. i use hap for home ap. t...
by Etz
Wed Mar 27, 2019 6:37 pm
Forum: RouterBOARD hardware
Topic: RB4011 Metal temperature is really hot
Replies: 46
Views: 6951

Re: RB4011 Metal temperature is really hot

Interesting, mine is not gtting hot at all, despite being fitted into very tight place with no ventilation and serving 500/500 connection, switching local network (over cpu, switch chips are crap on this), vpn, etc... https://i.postimg.cc/nj0y9tqy/IMG-20190203-143631-Copy.jpg https://i.postimg.cc/jL...
by Etz
Sat Mar 02, 2019 10:05 am
Forum: Announcements
Topic: v6.44 [stable] is released!
Replies: 219
Views: 36424

Re: v6.44 [stable] is released!

What is actual dependency behind this?
by Etz
Tue Feb 19, 2019 10:42 pm
Forum: Scripting
Topic: Script for auto update of IPv6 DNS options in DHCP
Replies: 7
Views: 1104

Re: Script for auto update of IPv6 DNS options in DHCP

Anyway, you would want to put that logic into the dhcpcv6 script https://wiki.mikrotik.com/wiki/Manual:IPv6/DHCP_Client#Script , so that you do it only and when necessary. Yes and I already have it set up like that, problem was with vanisihing global variable, which made it run everytime lease was ...
by Etz
Mon Feb 18, 2019 9:26 pm
Forum: Scripting
Topic: Global variable dissapears?
Replies: 9
Views: 739

Re: Global variable dissapears?

This info would nice to find in the manual..
https://wiki.mikrotik.com/wiki/Manual:Scripting
Exactly, as I was quite puzzled about such behavour.
by Etz
Sun Feb 17, 2019 4:50 pm
Forum: Scripting
Topic: Script for auto update of IPv6 DNS options in DHCP
Replies: 7
Views: 1104

Re: Script for auto update of IPv6 DNS options in DHCP

In my opinion the context for that script is just wrong: if you provide a service (dns or any other), it should be served from a fixed ip. Then there is also no need for such scripts. Further this script won't work from time perspective: ip's are assigned for a specific period of time. the dns opti...
by Etz
Sun Feb 17, 2019 10:50 am
Forum: Scripting
Topic: Global variable dissapears?
Replies: 9
Views: 739

Global variable dissapears?

Facing a strange issue: When I execute script manually, it sets global variable and it is visible in environment. When script is executed via dhcp-client and admin is logged in, global variable is set and it is visible in environment. When no-one is logged in and dhcp-client executes script, global ...
by Etz
Wed Feb 13, 2019 12:13 am
Forum: Scripting
Topic: parameters for scripting
Replies: 6
Views: 3675

Re: parameters for scripting

Sorry for necro posting, but how do you pass multiple parameters to script?

Would this work?:
{
:global myVar1 999;
:global myVar2 9999;
/system script run myScript;
}
Considering that MyScript has global scope variables MyVar1 and MyVar2 present?
by Etz
Tue Feb 12, 2019 9:20 pm
Forum: Scripting
Topic: Script for auto update of IPv6 DNS options in DHCP
Replies: 7
Views: 1104

Re: Script for auto update of IPv6 DNS options in DHCP

Fixed your script: :global currentIPv6; :local optionname; :local ipv6interface; # Set DHCPv6 'option' created :set optionname "DNS"; # Set IPv6 interface to get address from (normally bridge) :set ipv6interface "bridge2"; :local newIP [/ipv6 address get [find interface=$ipv6interface advertise=yes]...
by Etz
Mon Feb 11, 2019 12:43 am
Forum: Scripting
Topic: ipv6 prefix calculation in script
Replies: 0
Views: 301

ipv6 prefix calculation in script

Trying to hack together quick firewall script in ROS. I can easily get ipv6 address of an interface, with: :local ipv6addr [/ipv6 address get [find where global] address]; or with :local ipv6addr [/ipv6 address get [find where global interface=bridge1 ] address]; And it spits me out and IP address i...
by Etz
Mon Feb 04, 2019 10:56 am
Forum: RouterBOARD hardware
Topic: For real, what is with these blinding power leds?
Replies: 11
Views: 1269

Re: For real, what is with these blinding power leds?

Can we replace these ones on existing units (with soldering iron), without loosing warranty...? :D

My RB4011 also has blinding light...
by Etz
Fri Jan 25, 2019 1:25 am
Forum: Scripting
Topic: Script for auto update of IPv6 DNS options in DHCP
Replies: 7
Views: 1104

Re: Script for auto update of IPv6 DNS options in DHCP

IMHO :global currentIPv6; does absolutely nothing, in this script...as for some strange reason, it does not get set by :set currentIPv6 $newIP;
by Etz
Fri Jan 25, 2019 12:31 am
Forum: Announcements
Topic: v6.43.8 [stable] is released!
Replies: 169
Views: 33839

Re: v6.43.8 [stable] is released!

Found possible bug: When you add subnet into "available from" field for SSH service, under IP Services...SSH becomes inaccessible, even if PC is in that subnet. ssh_exchange_identification: Connection closed by remote host It seems only to affect SSH though, for limiting access to http, https it wo...
by Etz
Tue Jan 22, 2019 11:36 pm
Forum: Announcements
Topic: v6.43.8 [stable] is released!
Replies: 169
Views: 33839

Re: v6.43.8 [stable] is released!

Found possible bug: When you add subnet into "available from" field for SSH service, under IP Services...SSH becomes inaccessible, even if PC is in that subnet. ssh_exchange_identification: Connection closed by remote host It seems only to affect SSH though, for limiting access to http, https it wor...
by Etz
Fri Jan 18, 2019 12:44 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

Why is the current becoming less when the voltage increases? Isn't the current increasing due to Ohms law? (U = I * R) I know the Ohm's law, just forgot about the Watt to Amp relationship...and switching power supplies related stuff... :D Actually, my general plan is to use single power source for ...
by Etz
Thu Jan 17, 2019 11:35 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

By the spec sheet:
DC jack input Voltage 12-57 V
Max power consumption 33 W

Now wondering, when powered on 12V how much Amps should PSU provide?
Spec sheet does not say anything on which voltage that 33W is consumed.

Does anyone has any idea?
by Etz
Fri Dec 14, 2018 11:29 am
Forum: RouterBOARD hardware
Topic: hardware idea for a multiport switch
Replies: 45
Views: 8544

Re: hardware idea for a multiport switch

Nice concept, but it would be unusable in real world applications...
by Etz
Sun Dec 09, 2018 8:16 pm
Forum: RouterBOARD hardware
Topic: hAP AC2 availability
Replies: 26
Views: 4216

Re: hAP AC2 availability

Well, I have two units and both have 200+ MB of RAM. But, it is weird that MT never mentioned that on product page.
I have also two units, both report 240MB...
by Etz
Sun Oct 28, 2018 10:06 am
Forum: RouterBOARD hardware
Topic: RB4011iGS+RM no switch settings?
Replies: 38
Views: 6455

Re: RB4011iGS+RM no switch settings?

Same here, no Switch tab present wit ROS 6.43.4, should not matter much anyways.
by Etz
Sun Oct 28, 2018 12:07 am
Forum: RouterBOARD hardware
Topic: New CPU - new product RB750Gr3 - RB750G family - now mmips
Replies: 180
Views: 67482

Re: New CPU - new product RB750Gr3 - RB750G family - now mmips

No need to custom netinstall. Just put there selected packages of higher version and reboot.
Nice to know...so far I have NetInstalled all my routers to get rid of unneeded packages. :lol:
by Etz
Mon Oct 22, 2018 7:35 am
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

This device does not seem to be very stable, mine has crashed at least twice while configuring... :?
Which ROS? We have uptime 11 days on live network without problems. With ROS 6.43.2
Latest 6.43.4 "stable", basically it crashes if you modify/remove default bridge.
by Etz
Sat Oct 20, 2018 9:38 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

This device does not seem to be very stable, mine has crashed at least twice while configuring... :?
by Etz
Tue Oct 16, 2018 6:21 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

... and the power led is unnecessary bright
Welcome to like every mikrotik router ever... I always cover them with electrical tape...
I usually tune them down with lacquer, which is actually used to darken the car taillights by tuners.
by Etz
Wed Oct 10, 2018 11:37 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

Anyone know if 1Gbps can be achieved if a S+RJ10 is used with this switch? I don't have 10G yet but need to uplink to a 1Gbps SFP managed switch? Don't see it specifically called out on the capabilities wiki. https://wiki.mikrotik.com/wiki/MikroTik_SFP_module_compatibility_table Thanks By looking a...
by Etz
Wed Oct 10, 2018 6:35 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

Mine was shipped out today, so I can test out that SFP compatibility pretty soon... 8)
by Etz
Tue Oct 09, 2018 8:54 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

If there's no official answer, it might just be software.
Official answer: https://wiki.mikrotik.com/wiki/MikroTik ... lity_table
by Etz
Tue Oct 02, 2018 6:45 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

Pre-ordered non-wireless one (as I only need L3 aggregation + 2 dumb switches), we'll see... 8)

Wondering, if Cisco console cable would work on these...
by Etz
Mon Sep 24, 2018 10:08 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

Well technically I guess you could take RB3011 out of chassis if network cabinet is closed anyways... I guess... There is no network cabinet as such (click for bigger picture) but this could be an option indeed: https://www.upload.ee/thumb/8984889/IMG_20180911_091832_-_Copy.jpg Anyway, let's switch...
by Etz
Mon Sep 24, 2018 9:22 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

In my case, I don't even need Wireless, as AP's are separate (hAP ac2), catch is I would like to feed trunk ports to these, to have dedicated vlan and port for STB's. Reason behind it, is that MikroTik lacks RTSP helper and udpxy so feeding STB's over NAT is very tricky (IGMP proxy works, but some c...
by Etz
Mon Sep 24, 2018 7:32 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

When you want to do switching, buy a switch. That is why I don't think routers with so many ports are that useful. In a small setup it usually is enough to have about 5 ports, and when you need more or want features like VLAN, add a switch. Well, they are extremely useful on confined spaces, where ...
by Etz
Mon Sep 24, 2018 12:17 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

I think that you can do vlan's on SFP interface, as it is directly connected to CPU, not really sure about GE ports, but according to Realtek switch chip documentation in MikroTik wiki, it does not support vlans.
by Etz
Mon Sep 24, 2018 10:39 am
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

In my scenario RB4011 is not drop-in replacement for RB2011 or RB3011 even that name suggests it's just refresh of RB3011 - it's simply not. The difference is huge . Too bad, they don't sell 3011 in desktop case...as Rack mounted device just won't physically fit everywhere... :? Anyway, I will stil...
by Etz
Sun Sep 23, 2018 7:10 pm
Forum: Forwarding Protocols
Topic: UDPXY alternative for mikrotik
Replies: 8
Views: 3056

Re: UDPXY alternative for mikrotik

Not that I'm aware of, hopefully we will get udpxy eventually...
by Etz
Fri Sep 21, 2018 2:15 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

Well, this product starts to look even more wierd... :D
by Etz
Fri Sep 21, 2018 10:33 am
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

Why not use the compatibility table? http://wiki.mikrotik.com/wiki/MikroTik_SFP_module_compatibility_table S-RJ01 not supported. S+RJ10 is supported, no mention of any restrictions under the S+RJ10 section. Footnote 4 says you can only use a SFP+ DAC at 10Gb I could swear that 4011 was not listed t...
by Etz
Thu Sep 20, 2018 9:54 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

Is there a recommended SFP+ 10G Copper module that is proven to negotiate to 1G reliably? I believe it's ROS/routerboard issue. Not SFP modules issue. I wonder if S-RJ01 would work on SFP+ cage to take that SFP port into use...? I would really hate to use Switched ports for Uplink due to lack of th...
by Etz
Mon Sep 17, 2018 10:47 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

OK, nice to know...
by Etz
Mon Sep 17, 2018 10:20 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

By looking at the diagram, the best option would be to utilize SFP for uplink, not the switches :) Alternative option would be using SFP+ for uplink but that can be tricky due to ROS sloppy 1G sfp modules support in 10G sfp+ cages (autonegotiation issues). You should probably use SFP+ module, not SF...
by Etz
Wed Sep 12, 2018 1:03 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

I'll probably buy this too, as I only need two "dumb" 4 port switches in addition to 1GB/s capable router.
Still it is a pity that we don't have proper switching available, you will never know when you would actually need it.
by Etz
Mon Sep 10, 2018 11:58 am
Forum: RouterBOARD hardware
Topic: RB4011 - Poll - ONE thing you'd change
Replies: 15
Views: 4188

Re: RB4011 - Poll - ONE thing you'd change

Well, I'm completely fine with two switch chips and port groups, but switch without vlan support?
Come on?

I cannot even use it on my ISP network, unless I'll buy that extra (expensive) copper SFP+ and assign uplink to that 10G port.
by Etz
Mon Sep 10, 2018 12:25 am
Forum: RouterBOARD hardware
Topic: RB4011 - Poll - ONE thing you'd change
Replies: 15
Views: 4188

Re: RB4011 - Poll - ONE thing you'd change

Whatever we request it is too late I guess...
For HW changes yes, for parts fixable via RouterOS, we can at least try...
by Etz
Sun Sep 09, 2018 4:49 pm
Forum: RouterBOARD hardware
Topic: RB4011 - Poll - ONE thing you'd change
Replies: 15
Views: 4188

Re: RB4011 - Poll - ONE thing you'd change

Proper switching would be crucial for Home and Small business use, at least the same level as models with AR8327 currently provide.
by Etz
Sun Sep 09, 2018 4:00 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 371
Views: 70749

Re: RB4011

Oh yeah, let's create a decent 10 port router and then let's put Realtek switch chips into it, so you could never use these to do proper switching in SOHO deployments.
by Etz
Sun Jul 01, 2018 1:28 pm
Forum: Announcements
Topic: hAP lite
Replies: 389
Views: 164311

Re: hAP lite

Just want to know why USB power and GbE don't mix together, is it because of the price, or technical challenges like 5V simply not sufficient for GbE? Since it seems all USB-powered only have FE available (mAP, mAP lite and hAP lite) Power consumption of GbE chipsets. Ever wondered why there is no ...
by Etz
Mon Nov 23, 2015 12:25 pm
Forum: Beginner Basics
Topic: Mikrotik firewall rules to iptables rules.
Replies: 2
Views: 805

Re: Mikrotik firewall rules to iptables rules.

Yep, came onto it myself but I did not work, as I made typo in it :lol:

Anyway, thx for the sanity check :)
by Etz
Mon Nov 23, 2015 11:50 am
Forum: Beginner Basics
Topic: Mikrotik firewall rules to iptables rules.
Replies: 2
Views: 805

Mikrotik firewall rules to iptables rules.

Can someone help me to translate this to standard iptable rule?
add action=masquerade chain=srcnat dst-address=10.0.0.0/8 out-interface=eth0.4
by Etz
Fri Nov 07, 2014 4:02 pm
Forum: General
Topic: CRS125 Multicast FDB question
Replies: 5
Views: 2148

Re: CRS125 Multicast FDB question

When adding MFDB entries, you should specify destination ports with "ports=" parameter. That is missing in your posted configuration. Tried that already yesterday, I didnt notice anything changing much, multicast still flooded out on all interfaces... [admin@kari-crs] > /interface ethernet switch m...
by Etz
Thu Nov 06, 2014 11:44 pm
Forum: General
Topic: CRS125 Multicast FDB question
Replies: 5
Views: 2148

Re: CRS125 Multicast FDB question

Unfortunately, there was an zero change, still doesnt seem to work... :( Tried by IP adress aswell, absolutely no change... :? /interface ethernet switch set multicast-lookup-mode=dst-ip-and-vid-for-ipv4 Relevant config for my IPTV Setup: /interface vlan add interface=sfp1 l2mtu=1584 name=sfp1.4 vla...
by Etz
Thu Nov 06, 2014 1:04 pm
Forum: General
Topic: CRS125 Multicast FDB question
Replies: 5
Views: 2148

Re: CRS125 Multicast FDB question

Make sure you have set multicast lookup mode for MAC address.
/interface ethernet switch set multicast-lookup-mode=dst-mac-and-vid-always
Thank you for the tip :-D
Will try it ASAP and will report back...
by Etz
Wed Nov 05, 2014 1:49 pm
Forum: General
Topic: CRS125 Multicast FDB question
Replies: 5
Views: 2148

CRS125 Multicast FDB question

For some odd reason, this doesnt seem to work: /interface ethernet switch multicast-fdb add address=00:02:XX:XX:XX:XX bypass-vlan-filter=yes svl=yes add address=00:02:XX:XX:XX:XY bypass-vlan-filter=yes svl=yes add address=00:02:XX:XX:XX:XZ bypass-vlan-filter=yes svl=yes And CRS stills floods multica...
by Etz
Wed Nov 05, 2014 1:06 pm
Forum: General
Topic: Bug or feature? \00 in hostnames?
Replies: 7
Views: 1605

Re: Bug or feature? \00 in hostnames?

It was annoying, because my dhcp lease-script set static dns names on ROS. Well that is my actual problem with this.. And it doesnt occure on any other Router, regardless of OS...at least so far I havent found any that behaves the same way. Tried OpenWRT, DD-WRT, Tomato, AsusWRT, IOS, JunOS, etc...
by Etz
Tue Nov 04, 2014 2:15 pm
Forum: General
Topic: Bug or feature? \00 in hostnames?
Replies: 7
Views: 1605

Re: Bug or feature? \00 in hostnames?

check settings on these devices, i have linux boxes running and have never seen trailing \00 for hostnames. Check if /etc/hostname and /etc/hosts have newline at the end of the configuration file. On WD TV you cannot check anything as you dont have SSH access at all or any other way to access confi...
by Etz
Tue Nov 04, 2014 9:26 am
Forum: General
Topic: Bug or feature? \00 in hostnames?
Replies: 7
Views: 1605

Bug or feature? \00 in hostnames?

I am currently observing strange behaviour on RouterOS (v.6.20). Every linux based host has \00 in their hostname. Windows Machines doesnt have it. [admin@kari-crs] > /ip dhcp-server lease print Flags: X - disabled, R - radius, D - dynamic, B - blocked # ADDRESS MAC-ADDRESS HOST-NAME SERVER RATE-LIM...
by Etz
Mon Sep 08, 2014 8:59 am
Forum: RouterBOARD hardware
Topic: CRS125-24G-1S-RM Rack ear screws?
Replies: 1
Views: 866

Re: CRS125-24G-1S-RM Rack ear screws?

Anyway, they are same as Chassis screws and got the from local "bolt & nut" store :)
by Etz
Sat Sep 06, 2014 6:01 pm
Forum: RouterBOARD hardware
Topic: CRS125-24G-1S-RM Rack ear screws?
Replies: 1
Views: 866

CRS125-24G-1S-RM Rack ear screws?

As apparently I lost mine (there was none in the box), can someone tell me what size and type they are so I could get new ones?
by Etz
Fri Sep 05, 2014 11:00 pm
Forum: General
Topic: Share cable IPTV & Internet RB951G/CRS125
Replies: 18
Views: 11720

Re: Share cable IPTV & Internet RB951G/CRS125

Will the RB1100AHx2 put trough 500/500mbit with NAT and a couple of firewall rules ? Just so nice to have an all in one router with onboard WIFI and learning capabilities in it :) RB1100AHx2m should do it, but it does not have wireless so either you have to keep your CRS or buy separate access poin...
by Etz
Thu Sep 04, 2014 7:43 pm
Forum: General
Topic: Share cable IPTV & Internet RB951G/CRS125
Replies: 18
Views: 11720

Re: Share cable IPTV & Internet RB951G/CRS125

Currently i'am trying to accomplish the very same situation, using the fiber from KPN on my CRS125. I Switched from a RB2011 to a CRS125. The main reason was to get more speed of my router. We have 500/500mbit over here, but with the RB2011 we only get ~200mbit d/u. So i though the CRS125 could acc...
by Etz
Thu Sep 04, 2014 11:34 am
Forum: General
Topic: RouterOS 6.9 IGMP proxy stop working
Replies: 58
Views: 18338

Re: RouterOS 6.9 IGMP proxy stop working

However, there is an enhancement request to make it work for each downstream interface individually
Would be great if this would get implemented... :)
by Etz
Fri Aug 29, 2014 7:25 pm
Forum: General
Topic: Switch groups in a CC 1016-12G
Replies: 4
Views: 1101

Re: Switch groups in a CC 1016-12G

Bridge...
by Etz
Wed Aug 27, 2014 8:53 am
Forum: Wireless Networking
Topic: Low cost WISP system
Replies: 15
Views: 2823

Re: Low cost WISP system

As you know, enabling Nstream will hide the network from normail Wi-Fi devices.
But it wouldnt remove frequency interference...
by Etz
Wed Aug 27, 2014 8:41 am
Forum: RouterBOARD hardware
Topic: 10 Rb951Ui-2HnD and 2 SXT G-2HnD Available in Australia.
Replies: 5
Views: 1226

Re: 10 Rb951Ui-2HnD and 2 SXT G-2HnD Available in Australia.

The air mail would be 150, plus taxes arriving to Europe. Why air mail? My friend used regular shipping, rented container and put everything into it. After that he ordered container to be shipped around the globe, it took approx 2 months but was dirty cheap and he managed to move everything he had ...
by Etz
Mon Aug 25, 2014 7:45 pm
Forum: RouterBOARD hardware
Topic: CRS 226-RM IEEE 802.3ad missing??
Replies: 31
Views: 9088

Re: CRS 226-RM IEEE 802.3ad missing??

but you can set interface bonding (4 interface, 802.3ad) and bridge it into switch master port ;)
Which will kill the whole point doing that, bridging means traffic would pass CPU and as it is not powerful enough you get even less troughput than running single interface.
by Etz
Sun Aug 24, 2014 9:11 pm
Forum: General
Topic: Test racks
Replies: 75
Views: 24811

Re: Test racks

Look carefully at the CCR screens 8)
And? :roll:
by Etz
Fri Aug 22, 2014 11:30 pm
Forum: Beginner Basics
Topic: CRS125-24G question
Replies: 1
Views: 521

Re: CRS125-24G question

Switching is pretty much wirespeed on this device, regardless of grouping...
by Etz
Fri Aug 22, 2014 6:52 pm
Forum: General
Topic: OpenVPN Server error: TLS failed
Replies: 43
Views: 77321

Re: OpenVPN Server error: TLS failed

If I were you I wouldnt share private key files publicly... :shock:

Hence, they are called private keys... :idea:
by Etz
Wed Aug 20, 2014 9:37 pm
Forum: RouterBOARD hardware
Topic: CRS 226-RM IEEE 802.3ad missing??
Replies: 31
Views: 9088

Re: CRS 226-RM IEEE 802.3ad missing??

I have an 1813+ Synology NAS Network fault tolerant might work, but frankly as I understand that setting, its only for increased uptime, not for any increased simultaneous performance. You are absolutely correct, but it is just for testing, that your Synology actually works with all 4 interfaces co...
by Etz
Wed Aug 20, 2014 8:44 pm
Forum: Beginner Basics
Topic: Good lock down firewall rules for a home AP router
Replies: 26
Views: 10799

Re: Good lock down firewall rules for a home AP router

Another problem was like what Etz was saying.. very first rule cant be DROP INPUT or everythings denied! The first line only drops invalid packets. He probably meaned: add action=drop chain=input cannot be first, yours is correct implementation... Also I talked about "final drop rule", not dropping...
by Etz
Wed Aug 20, 2014 8:26 pm
Forum: RouterBOARD hardware
Topic: CRS 226-RM IEEE 802.3ad missing??
Replies: 31
Views: 9088

Re: CRS 226-RM IEEE 802.3ad missing??

Do you have the 4 ports in your 802.3ad all set to the same master port as your other non bonded ports? Yes. I forgot to paste mine in but I did have a line like this add name=trunk1 member-ports=eth19,eth20,eth21,eth22 and it accepted it. Well, I misunderstood you then, that it did not. So is that...
by Etz
Wed Aug 20, 2014 10:12 am
Forum: RouterBOARD hardware
Topic: CRS 226-RM IEEE 802.3ad missing??
Replies: 31
Views: 9088

Re: CRS 226-RM IEEE 802.3ad missing??

/interface ethernet switch trunk Did you add any trunk members? It says The Trunking in the Cloud Router Switches provides static link aggregation groups with hardware automatic failover and load balancing. IEEE802.3ad and IEEE802.1ax compatible Link Aggregation Control Protocol is not supported ye...
by Etz
Tue Aug 19, 2014 7:21 pm
Forum: RouterBOARD hardware
Topic: CRS 226-RM IEEE 802.3ad missing??
Replies: 31
Views: 9088

Re: CRS 226-RM IEEE 802.3ad missing??

It depends on firmware so I would recommend running at least 6.17 or newer (dont remember exactly when that feature was introduced)

I first started using it from 6.17, and please note that I have CRS125, but it should work the very same way on CRS226
by Etz
Mon Aug 18, 2014 10:01 am
Forum: Beginner Basics
Topic: CRS125-24G-1S-RM
Replies: 5
Views: 1233

Re: CRS125-24G-1S-RM

in addition stacking gets higher speeds than just trunking or Link Aggregation.
Well techincally you could achive same speed via 802.3ad aswell, but It wouldnt make any sense, as you wouldnt have any ports left, If you "trunk" them all together (6 groups, 8 ports in group = 24Gbit/s)... :lol:
by Etz
Sun Aug 17, 2014 10:27 pm
Forum: Beginner Basics
Topic: CRS125-24G-1S-RM
Replies: 5
Views: 1233

Re: CRS125-24G-1S-RM

Well, you could always trunk ports together with 802.3ad to get more troughput between the two switches... :twisted: But I wouldn`t call it stacking...stacking usually means that you tie together backplanes aswell and manage it as one device. Which unfortunately cannot be done with MikroTik.. :roll:
by Etz
Sun Aug 17, 2014 6:26 pm
Forum: Beginner Basics
Topic: CRS125 multicast
Replies: 3
Views: 1195

Re: CRS125 multicast

Use IGMP Proxy.
by Etz
Sun Aug 17, 2014 11:18 am
Forum: RouterBOARD hardware
Topic: CRS 226-RM IEEE 802.3ad missing??
Replies: 31
Views: 9088

Re: CRS 226-RM IEEE 802.3ad missing??

Was looking to connect my synology NAS over multiple bonded nics (it has 4) but It only mentions 802.3ad. is it possible to config it that was on the NAS and use another option on my CRS226? Or do I basically just have to wait for Mikrotik to support 802.3ad in hardware? Can be done ;) I do use Syn...
by Etz
Sat Aug 16, 2014 5:09 pm
Forum: Beginner Basics
Topic: Good lock down firewall rules for a home AP router
Replies: 26
Views: 10799

Re: Good lock down firewall rules for a home AP router

I prefer putting an allowance rule from the interface I trust (master-port or bridge) and then block all other traffic. Well, it all depends... How many interfaces you have, how much of those are "trusted" and how many are "untrusted" also different approaches exist ;) For example I have multiple "...
by Etz
Sat Aug 16, 2014 8:19 am
Forum: Beginner Basics
Topic: Good lock down firewall rules for a home AP router
Replies: 26
Views: 10799

Re: Good lock down firewall rules for a home AP router

Final Drop rule should be last... This is my "simple firewall" example: /ip firewall filter add action=drop chain=input comment="Drop invalid connections" connection-state=invalid add chain=input comment="Permit established connections" connection-state=established add chain=input comment="Permit re...
by Etz
Fri Aug 15, 2014 9:44 pm
Forum: General
Topic: Test racks
Replies: 75
Views: 24811

Re: Test racks

Thanks all for your help...
Well, thank you too, for decreasing my karma for helping you to find those... :shock:
by Etz
Wed Aug 13, 2014 11:52 am
Forum: General
Topic: Test racks
Replies: 75
Views: 24811

Re: Test racks

What should I be searching for?
http://bit.ly/1q7WrBQ
by Etz
Mon Aug 11, 2014 10:20 pm
Forum: General
Topic: Test racks
Replies: 75
Views: 24811

Re: Test racks

Where can I buy those 1u cable organisers on the side of the rack? They look handy.
They should be very common... :roll:
You could get them even from eBay.
by Etz
Mon Aug 11, 2014 10:19 pm
Forum: General
Topic: Test racks
Replies: 75
Views: 24811

Re: Test racks

Where can I buy those 1u cable organisers on the side of the rack? They look handy.
They should be very common... :roll:
by Etz
Mon Aug 11, 2014 12:19 pm
Forum: General
Topic: Forum Question
Replies: 14
Views: 2458

Re: Forum Question

Yay tapatalk working again :)

Sent from my Nexus 5 using Tapatalk
Also that "You exceeded the maximum allowed number of login attempts." annoyance is gone :)
by Etz
Sun Aug 10, 2014 8:13 pm
Forum: RouterBOARD hardware
Topic: Cloud Router Switch LACP
Replies: 6
Views: 6950

Re: Cloud Router Switch LACP

LACP is done in Switch hardware so it does not tax CPU.

http://wiki.mikrotik.com/wiki/Manual:CR ... s#Trunking
by Etz
Sun Aug 10, 2014 4:20 pm
Forum: General
Topic: Forum Question
Replies: 14
Views: 2458

Re: Forum Question

I get the same thing when I try to login. I think MikroTik is implementing an anti-spam feature on the login.
OK, thx for confirmation...I already thought that someone is hacking my forum account :)
by Etz
Sun Aug 10, 2014 2:59 pm
Forum: General
Topic: RouterOS 6.9 IGMP proxy stop working
Replies: 58
Views: 18338

Re: RouterOS 6.9 IGMP proxy stop working

shame
Notice: For support from Mikrotik staff, write to support@mikrotik.com - Mikrotik does not generally offer support on the forum, this is a user forum
by Etz
Sun Aug 10, 2014 2:35 pm
Forum: General
Topic: Forum Question
Replies: 14
Views: 2458

Forum Question

"You exceeded the maximum allowed number of login attempts. In addition to your username and password you now also have to solve the CAPTCHA below." Started to appear every time I try to log in to this forum. Is this intentional forum config change, or just someone constantly tries to log into my ac...
by Etz
Wed Aug 06, 2014 4:09 pm
Forum: General
Topic: IGMP Snooping
Replies: 137
Views: 59906

Re: IGMP Snooping

because of the SFPs. in an all optical network you need them. and considered the cisco gear, CCR is not expensive at all :-)
Cisco is more expensive indeed, but I was referring to Mikrotik products.
Nevertheless that explains it pretty well, why you specifically need CCR`s for this.
by Etz
Wed Aug 06, 2014 2:36 pm
Forum: General
Topic: IGMP Snooping
Replies: 137
Views: 59906

Re: IGMP Snooping

Why use "expensive" CCR as pure L2 device when much cheaper CRS can handle it on wirespeed aswell... :shock:

I would understand if you would use it for L3 traffic and then using PIM would make more sense on CCR.
by Etz
Sun Aug 03, 2014 9:54 pm
Forum: General
Topic: No quick vpn for Mikrotik RB2011UAS-2HnD?
Replies: 3
Views: 1378

Re: No quick vpn for Mikrotik RB2011UAS-2HnD?

What about models without wireless?

There is no Home AP mode on those.
by Etz
Sat Aug 02, 2014 9:50 am
Forum: General
Topic: Replacing Cisco ASA5520 with CCR1016-12G
Replies: 18
Views: 3642

Re: Replacing Cisco ASA5520 with CCR1016-12G

Sorry, but what "fancy" features ASA has that Tik can't do?
TCP Sequence randomization, deep packet inspection, Active/Active clustering, etc...
by Etz
Tue Jul 29, 2014 1:17 am
Forum: General
Topic: Share cable IPTV & Internet RB951G/CRS125
Replies: 18
Views: 11720

Re: Share cable IPTV & Internet RB951G/CRS125

/ip dhcp-client print Flags: X - disabled, I - invalid # INTERFACE USE-PEER-DNS ADD-DEFAULT-ROUTE STATUS ADDRESS 0 vlan1.4 yes special-classless searching... Aparently your IPTV upstream interface didnt obtain IP from ISP ;) /ip firewall filter add chain=input comment="iptv igmp" in-interface=vlan1...
by Etz
Mon Jul 28, 2014 8:34 am
Forum: General
Topic: Share cable IPTV & Internet RB951G/CRS125
Replies: 18
Views: 11720

Re: Share cable IPTV & Internet RB951G/CRS125

At the last rules, which port(s) did you add, since it seems to be required? I've tried ether2, ether2 & ether22 (connected to STB) and just ether22. None of those combinations worked. What do you mean by last rules? If you use firewall then you have to allow IGMP & UDP trough it. (My example doesn...
by Etz
Mon Jul 28, 2014 7:58 am
Forum: General
Topic: Replacing Cisco ASA5520 with CCR1016-12G
Replies: 18
Views: 3642

Re: Replacing Cisco ASA5520 with CCR1016-12G

9.x has has 4 major releases though. Three with BGP support 9.1, 9.2, and 9.3. Now 9.2 and 9.3 won't run on a non -X ASA though.
I know ;)
by Etz
Sun Jul 27, 2014 11:22 pm
Forum: General
Topic: Replacing Cisco ASA5520 with CCR1016-12G
Replies: 18
Views: 3642

Re: Replacing Cisco ASA5520 with CCR1016-12G

That said they do support BGP these days.
Now it is completely Offtopic, but BGP support is in 9.x software which is quite "bleeding edge"... :wink:

I would still prefer router for routing duties... ;)
by Etz
Sun Jul 27, 2014 11:08 am
Forum: General
Topic: Replacing Cisco ASA5520 with CCR1016-12G
Replies: 18
Views: 3642

Re: Replacing Cisco ASA5520 with CCR1016-12G

Actually there is some things that CCR can do and ASA can`t. As ASA is not an router but pure firewall, it doesnt do BGP and it`s OSPF is quite buggy. (Have had an issues and even service outage caused by ASA just disobeying route-map`s or prefix-lists and just leaking all the routes). So if you pla...
by Etz
Thu Jul 24, 2014 4:09 pm
Forum: General
Topic: Replacing Cisco ASA5520 with CCR1016-12G
Replies: 18
Views: 3642

Re: Replacing Cisco ASA5520 with CCR1016-12G

NAT does not equal to firewall and should be never treated as anykind of "protection" :!:
by Etz
Thu Jul 24, 2014 1:52 pm
Forum: General
Topic: Replacing Cisco ASA5520 with CCR1016-12G
Replies: 18
Views: 3642

Re: Replacing Cisco ASA5520 with CCR1016-12G

Well IMHO you cannot replace ASA with CCR.

One is firewall another is a Router and it will heavily depend what you are doing on ASA currently.
by Etz
Mon Jul 21, 2014 4:39 pm
Forum: Beginner Basics
Topic: Oops, set interface 0 to disable
Replies: 6
Views: 1366

Re: Oops, set interface 0 to disable

Use Winbox and connect by MAC address (Actually it should find your Routerboard and list its MAC automatically) ;) After that re-enable that interface via Winbox and all should return back to normal, no reset is required. You can get latest Winbox from here: http://download2.mikrotik.com/routeros/wi...
by Etz
Mon Jul 21, 2014 8:17 am
Forum: Scripting
Topic: Script for setting DNS entries for DHCP clients
Replies: 5
Views: 3347

Re: Script for setting DNS entries for DHCP clients

Good idea on using the DHCP network for the domain name. The trouble is that there isn't always a one to one mapping between the network and the DHCP server. I could do a comparison between the IP the client received and the list of networks to find the value. I'll have to look into the IP comparis...
by Etz
Sun Jul 20, 2014 9:48 am
Forum: Scripting
Topic: Script for setting DNS entries for DHCP clients
Replies: 5
Views: 3347

Re: Script for setting DNS entries for DHCP clients

You could use this, instead of "static topdomain" name in script. :set topdomain [/ip dhcp-server network get number=0 domain]; And every time you add an DHCP-server, increment it by 1 ;) Then if you change domain under dhcp server settings, it always changes in script accordingly. And you can tie y...
by Etz
Fri Jul 18, 2014 1:09 pm
Forum: General
Topic: usb drive performance
Replies: 10
Views: 4685

Re: usb drive performance

How do 3g usb modems perform if usb speeds are so limited?
They dont use SMB but different protocols and for those CPU isnt a bottleneck... ;)
by Etz
Fri Jul 18, 2014 9:27 am
Forum: Forwarding Protocols
Topic: BGP session over 31 bit subnet
Replies: 15
Views: 5656

Re: BGP session over 31 bit subnet

Unless it was slipped into a release without me noticing, RouterOS does not support Cisco/RFC style /31 addressing.
Thank you for clarifying... :)
by Etz
Thu Jul 17, 2014 11:20 pm
Forum: General
Topic: Tool: Realtime per IP traffic monitor for home/office
Replies: 289
Views: 305230

Re: Tool: Realtime per IP traffic monitor for home/office

Great tool, thank you :)
by Etz
Thu Jul 17, 2014 9:47 pm
Forum: Beginner Basics
Topic: Port mirroring
Replies: 1
Views: 1077

Re: Port mirroring

This command sets mirroring destination port on CRS125: /interface ethernet switch set ingress-mirror0=ether8 egress-mirror0=ether8 This one sets mirroring source port: /interface ethernet switch port set ether7 ingress-mirror-to=mirror0 egress-mirror-to=mirror0 http://forum.mikrotik.com/viewtopic....
by Etz
Thu Jul 17, 2014 9:43 pm
Forum: The Dude
Topic: Monitoring Draytek Routers
Replies: 4
Views: 2023

Re: Monitoring Draytek Routers

Really?? I can't believe
Its not dead, but not being developed anymore either...

See this: http://forum.mikrotik.com/viewtopic.php ... 19#p425819
by Etz
Thu Jul 17, 2014 9:35 pm
Forum: Forwarding Protocols
Topic: BGP session over 31 bit subnet
Replies: 15
Views: 5656

Re: BGP session over 31 bit subnet

Well thats odd indeed as there is no reason whatsover to use /30 for P-t-P links and just waste 2 IP`s on every link. It`s actually pretty common nowdays to use /31 adresses for peering links, P-t-P links, etc... Lots of ISP`s do it aswell and prefer it, offering /30 only when customers equipment do...
by Etz
Thu Jul 17, 2014 3:28 pm
Forum: Beginner Basics
Topic: Vertical red line in graphs, what is it?
Replies: 1
Views: 922

Re: Vertical red line in graphs, what is it?

That vertical red line represents timeperiod change...

All it does is that it separates Days, Weeks, Months, Years for easier readability.

On daily graph, for example, it represents midnight eq 00:00
by Etz
Thu Jul 17, 2014 3:00 pm
Forum: General
Topic: usb drive performance
Replies: 10
Views: 4685

Re: usb drive performance

Well those numbers look pretty low, but this is a router, not an File sharing device so performance is always low... ;) Router CPU`s arent optimized for such tasks, also probably RouerOS isnt either. SMB & FTP are secondary functions on those devices mainly just for Logging and backup purposes and f...
by Etz
Thu Jul 17, 2014 2:12 pm
Forum: General
Topic: help with dhcp pool is full
Replies: 1
Views: 649

Re: help with dhcp pool is full

whats youre DHCP lease time? Also you could consider enlarging your network for 567 customers you would need 192.168.88.0/22 network it would be good up to ~1021 simultaneous users. :) Ip address:192.168.88.1 Dhcp pool :192.168.88.7~192.168.88.254 Subnet mask: 255.255.255.0 Change it into this: Ip a...
by Etz
Thu Jul 17, 2014 1:04 pm
Forum: General
Topic: Share cable IPTV & Internet RB951G/CRS125
Replies: 18
Views: 11720

Re: Share cable IPTV & Internet RB951G/CRS125

Yes flat would be perfect but is not working in his situation. Why not? The STB's are not using a 'standard' internet connection. They have a separate network on the provider network and should have direct IP's from the provider. So also no NAT. Actually they do not. I have pretty similar setup mys...
by Etz
Thu Jul 17, 2014 9:37 am
Forum: General
Topic: Share cable IPTV & Internet RB951G/CRS125
Replies: 18
Views: 11720

Re: Share cable IPTV & Internet RB951G/CRS125

IMHO, I dont see any reasonable point to use different internal vlan`s on a such small network...especially when you only have couple of STB`s... :) Also that would require changing switch config every time, when you unplug STB and plug it in somwhere else. When you have one "flat" Lan, you can just...
by Etz
Thu Jul 17, 2014 12:33 am
Forum: General
Topic: Share cable IPTV & Internet RB951G/CRS125
Replies: 18
Views: 11720

Re: Share cable IPTV & Internet RB951G/CRS125

Well, IGMP Proxy should resolve that problem, so you can put everything behind the NAT... ;) For example I use CRS125 for the very same purpose, only difference is that my ISP doesnt use PPPoE but plain DHCP. And 10.0.0.0/23 is ISP IPTV servers network. Relevant config: /interface vlan add interface...
by Etz
Wed Jul 16, 2014 8:17 pm
Forum: Forwarding Protocols
Topic: BGP session over 31 bit subnet
Replies: 15
Views: 5656

Re: BGP session over 31 bit subnet

RouterOS doesnt support RFC3021? :shock:

You shouldnt need /30 for running OSPF or BGP...as both routing protocols work just fine with RFC3021 adressing scheme.
As public ipv4 space is exhausted, every little trick, helps a bit in siuations where you cannot use ipv6.
by Etz
Mon Jul 14, 2014 10:35 pm
Forum: General
Topic: Ip firewall filter
Replies: 12
Views: 3626

Re: Ip firewall filter

Wow...many thanks :D

And actually by this nice example I finally understood, what you actually tried to tell me eralier... :lol:
by Etz
Mon Jul 14, 2014 4:09 pm
Forum: General
Topic: Ip firewall filter
Replies: 12
Views: 3626

Re: Ip firewall filter

ask tomorrow on the morning ;)
Can you do it now, please? :oops:
by Etz
Sun Jul 13, 2014 9:43 pm
Forum: General
Topic: Ip firewall filter
Replies: 12
Views: 3626

Re: Ip firewall filter

I must go away now, but if I miss, remember me to show mine... ;)
Could you please? :)
by Etz
Sun Jul 13, 2014 9:25 am
Forum: Scripting
Topic: where is an error here
Replies: 5
Views: 955

Re: where is an error here

Its somekind of Winbox glitch, add script to scheduler from commandline after that you can adjust parameters from GUI.

AFAIK, something to do Sript and Scheduler permissions mismatch...
by Etz
Sat Jul 12, 2014 10:45 am
Forum: General
Topic: Ip firewall filter
Replies: 12
Views: 3626

Re: Ip firewall filter

I must go away now, but if I miss, remember me to show mine... ;) OK, thx...I do appreciate your help... :) add chain=common action=accept connection-state=new in-interface=ether1 comment="Allow access from LAN" Should be probably just replaced with this: add chain=common action=accept in-interface...
by Etz
Sat Jul 12, 2014 10:38 am
Forum: General
Topic: Ip firewall filter
Replies: 12
Views: 3626

Re: Ip firewall filter

How I can know that if you not specify it? Indeed, sorry for that. I should have been more specific. ISP uplink is trunk interface, has two vlan`s in it. Native vlan is Internet with public IP, bound to SFP1. IPTV is tagged vlan 4, bound to subinterface SFP1.4 and it is private network. I only need...
by Etz
Sat Jul 12, 2014 10:15 am
Forum: General
Topic: Ip firewall filter
Replies: 12
Views: 3626

Re: Ip firewall filter

allowing UDP and icmp on input chain results on easy (D)DoS attack or DNS flood.... Actually It doesnt, SFP1 is Internet connectivity, SFP1.4 is subinterface (vlan4 in upstream) and it is ISP "pirvate multicast network" 10.x.x.x/8, I really doubt that ISP tries to DDoS`me unless some encoder goes h...
by Etz
Sat Jul 12, 2014 9:11 am
Forum: General
Topic: Ip firewall filter
Replies: 12
Views: 3626

Ip firewall filter

Played around a bit with Mikrotik firewall, and now got a question which is more optimal way for doing simple home firewall: This: add chain=input action=drop connection-state=invalid comment="Block invalid connections" add chain=input action=accept in-interface=sfp1.4 protocol=igmp comment="Allow I...
by Etz
Fri Jul 11, 2014 9:40 pm
Forum: RouterBOARD hardware
Topic: Why do you remove 411UAHR RB model with COM port?
Replies: 44
Views: 5991

Re: Why do you remove 411UAHR RB model with COM port?

Well they could always include EOL and replacement announcements into their newsletter,
the very same manner as they usually annonce new models and improvements on existing ones... :roll:
by Etz
Fri Jul 11, 2014 10:05 am
Forum: RouterBOARD hardware
Topic: CRS226-24G-2S+ Poor routing performance
Replies: 35
Views: 25907

Re: CRS226-24G-2S+ Poor routing performance

Only 50% slower, JeLi claimed 40 Mbps.
Compared to my results, unfortunately I dont have a CRS226 to play with, only CRS125 so I have no way to compare them... :(
by Etz
Fri Jul 11, 2014 9:29 am
Forum: RouterBOARD hardware
Topic: CRS226-24G-2S+ Poor routing performance
Replies: 35
Views: 25907

Re: CRS226-24G-2S+ Poor routing performance

WOW...thanks, that is a really useful information :D

Which now makes me wonder, why CRS is approx 50% slower on the same Clock speed...
(I at least hope that there are technical reasons, not business reasons behind this) :roll:
by Etz
Fri Jul 11, 2014 8:51 am
Forum: RouterBOARD hardware
Topic: CRS226-24G-2S+ Poor routing performance
Replies: 35
Views: 25907

Re: CRS226-24G-2S+ Poor routing performance

Something must be wrong when a RB750G performs the following: NAT Downstream: 780 Mbps Upstream: 775 Mbps Routing Downstream: 997 Mbps Upstream: 997 Mbps You are forgetting, that CRS226 has 400Mhz CPU, RB750G (also RB2011 & RB493G as he is mentioning) has 680 Mhz CPU. One is meant for routing, athe...
by Etz
Fri Jul 11, 2014 8:38 am
Forum: RouterBOARD hardware
Topic: Anyone seen the new Ubiquiti EdgeSwitch?
Replies: 14
Views: 3773

Re: Anyone seen the new Ubiquiti EdgeSwitch?

A CRS with 802.3at/af and passive PoE would be a nice addition :mrgreen: Think surveillance cameras and IP phones...
Having a IGMP Snooping on CRS`es would be already a good improvement... :lol:
by Etz
Mon Jun 30, 2014 10:53 pm
Forum: General
Topic: IGMP Snooping
Replies: 137
Views: 59906

Re: IGMP Snooping

IGMP Snooping would be definately useful :)
Actually it is "must have" on CRS series, to even think about IPTV deployments... :-?

Still makes me wonder, why it is so hard to implement?
Even sub 30$ Home "soapbox" routers have it now in conjunction with IGMP Proxy.
by Etz
Mon Jun 30, 2014 9:28 am
Forum: General
Topic: LACP Question...
Replies: 15
Views: 10604

Re: LACP Question...

Well 802.3ad states that bandwith is aggregated aswell...if you have multiple data streams... :roll: • Does not increase the bandwidth for a single conversation • Achieves high utilization only when carrying multiple simultaneous conversations http://www.ieee802.org/3/hssg/public/apr07/frazier_01_04...
by Etz
Sun Jun 29, 2014 12:07 pm
Forum: General
Topic: LACP Question...
Replies: 15
Views: 10604

Re: LACP Question...

I do have CRS and I use LACP...

In WinBox its under Switch features and called "trunk", and AFAIK it is done in Switch HW as it doesnt seem to tax CPU whatsoever.

http://wiki.mikrotik.com/wiki/Manual:CR ... s#Trunking
by Etz
Sun Jun 29, 2014 11:00 am
Forum: General
Topic: LACP Question...
Replies: 15
Views: 10604

Re: LACP Question...

CRS already does it in Hardware...

At least CRS125-24G-1S-RM does
by Etz
Wed Jun 11, 2014 8:57 am
Forum: Forwarding Protocols
Topic: Routing two networks with same addressing.
Replies: 2
Views: 754

Re: Routing two networks with same addressing.

Ugliest but doable solution would be to NAT one network to something else and route it after that.

Much easier would just to change one subnet to something else and do it normal way.
by Etz
Sun Jun 08, 2014 7:11 pm
Forum: Beginner Basics
Topic: RS125-24G-1S-2HnD-IN as a simple router config needed
Replies: 3
Views: 1002

Re: RS125-24G-1S-2HnD-IN as a simple router config needed

Removed all the Multicast (IPTV) & VPN related config, also specific config to my setup is removed, including Firewall rules. And pretty much this is what was left and should do it: /interface ethernet set [ find default-name=ether1 ] name=ether01-inet-gw set [ find default-name=ether2 ] name=ether0...
by Etz
Fri Jun 06, 2014 8:41 am
Forum: Forwarding Protocols
Topic: Need help with MPLS
Replies: 1
Views: 891

Re: Need help with MPLS

I dont think you benefit anything with MPLS on such setup IMHO... :roll:

Using MPLS would make sense if you had Meshed network.
by Etz
Thu Jun 05, 2014 2:49 pm
Forum: General
Topic: CRS125 LACP/bonding on switch chip
Replies: 2
Views: 1073

Re: CRS125 LACP/bonding on switch chip

Should support it, check under Switch configuration ;)
by Etz
Thu Jun 05, 2014 8:16 am
Forum: RouterBOARD hardware
Topic: CRS125-24G-1S-IN Performance
Replies: 4
Views: 2099

Re: CRS125-24G-1S-IN Performance

Thank you for an advice, will consider it too... :)
by Etz
Wed Jun 04, 2014 11:23 pm
Forum: RouterBOARD hardware
Topic: CRS125-24G-1S-IN Performance
Replies: 4
Views: 2099

Re: CRS125-24G-1S-IN Performance

It tops on NAT at about 200 Mbps with 100% processor load. Good to know, I was actually suspecting that... Pure Math showed it could do approx 250Mbit/s max, under these conditions, but CPU usage is not always linear on network devices. Too bad Miktrotik doesnt have any 16 port "entry level" CCR`s ...
by Etz
Wed Jun 04, 2014 9:46 pm
Forum: RouterBOARD hardware
Topic: CRS125-24G-1S-IN Performance
Replies: 4
Views: 2099

CRS125-24G-1S-IN Performance

As this is perfect SOHO device, I`m still wondering...can it handle 300Mbit/s connection aswell? I currently have 100Mbit/s Symmetric connection at home and it handles it just fine (~35% CPU Usage Max), but ISP will do a "upgrade " soon. Just Running a simple 20 Rule firewall, NAT and 2 routed inter...
by Etz
Fri May 30, 2014 10:32 am
Forum: General
Topic: IGMP Snooping
Replies: 137
Views: 59906

Re: IGMP Snooping

IGMP Snooping would be definately useful :)
by Etz
Thu May 29, 2014 8:37 pm
Forum: General
Topic: Feature request: TACAS+ Support
Replies: 2
Views: 897

Re: Feature request: TACAS+ Support

by Etz
Wed May 28, 2014 1:38 pm
Forum: Beginner Basics
Topic: Ipv4 default-gateway 192.168.88.1?
Replies: 18
Views: 8285

Re: Ipv4 default-gateway 192.168.88.1?

This has nothing to do with mikrotik.
Figured it out already as you see...
This is not right forum to discuss windows features.
You are absolutely right, but I got quite a bit confused at the beginning...
by Etz
Wed May 28, 2014 9:42 am
Forum: Forwarding Protocols
Topic: Resend prefix from provider
Replies: 5
Views: 1409

Re: Resend prefix from provider

/ip route print where dst-address = <prefix>
or
/ip route print where dst-address in <prefix range>
http://wiki.mikrotik.com/wiki/Manual:BG ... g_table.3F
by Etz
Wed May 28, 2014 8:46 am
Forum: Forwarding Protocols
Topic: Resend prefix from provider
Replies: 5
Views: 1409

Re: Resend prefix from provider

I would like to my upstream provider to resend prefixes to me, they give me their juniper command for reference: clear ip bgp <neighbor_ip> soft in It is not Juniper command, it is Cisco command... :wink: And this should help you: http://wiki.mikrotik.com/wiki/Manual:BGP_soft_reconfiguration_altern...
by Etz
Tue May 27, 2014 9:39 pm
Forum: Beginner Basics
Topic: Ipv4 default-gateway 192.168.88.1?
Replies: 18
Views: 8285

Re: Ipv4 default-gateway 192.168.88.1?

Solved indeed, but still makes me wonder what added it there?

Winbox when I connected to my lovely CRS125 first time and upgraded firmware?
As I cannot think anything else, after that I did factory reset and started building my own config.
by Etz
Tue May 27, 2014 9:22 pm
Forum: Beginner Basics
Topic: Ipv4 default-gateway 192.168.88.1?
Replies: 18
Views: 8285

Re: Ipv4 default-gateway 192.168.88.1?

Finally found the culprit...now could someone explain to me, how did it get there as I definately havent added this myself. :shock:

Image

And I am the only one using this Laptop, also this is the only routerboard I ever touched...so far... :lol:
by Etz
Tue May 27, 2014 8:40 pm
Forum: Beginner Basics
Topic: Ipv4 default-gateway 192.168.88.1?
Replies: 18
Views: 8285

Re: Ipv4 default-gateway 192.168.88.1?

Can you ping this IP-address (192.168.88.1) Nope, 192.168.1.1 or 192.168.4.1 (depends on a bridge) Would respond "Destination net unreachable" which makes perfect sense as there is no actual route to 192.168.88.1 host. I havent tried to ping it with absolutely no config in routerboard at all, but I...
by Etz
Tue May 27, 2014 8:19 pm
Forum: Beginner Basics
Topic: Ipv4 default-gateway 192.168.88.1?
Replies: 18
Views: 8285

Re: Ipv4 default-gateway 192.168.88.1?

And most weirdest part is, it will appear there even when routerboard doesnt have config at all.. :shock:

It doesnt give IP to a host, but that ipv4 Default Gateway 192.168.88.1 will appear instantly.
by Etz
Tue May 27, 2014 8:17 pm
Forum: Beginner Basics
Topic: Ipv4 default-gateway 192.168.88.1?
Replies: 18
Views: 8285

Re: Ipv4 default-gateway 192.168.88.1?

Have you look in the network card settings on your computer. Maby stand there the standard gateway static Sorry for my bad englisch Nope, not the case...all is automatic and obtained via DHCP... Computer itself has had multiple reboots no change. And it doesnt appaer, when I connect the very same L...
by Etz
Tue May 27, 2014 8:08 pm
Forum: Beginner Basics
Topic: Ipv4 default-gateway 192.168.88.1?
Replies: 18
Views: 8285

Re: Ipv4 default-gateway 192.168.88.1?

It is tried this way already, in fact I have done 4 resets and configured it always manually, as default setup doesnt do what I need anyway.

Still no luck... :(
by Etz
Tue May 27, 2014 7:33 pm
Forum: Beginner Basics
Topic: Ipv4 default-gateway 192.168.88.1?
Replies: 18
Views: 8285

Re: Ipv4 default-gateway 192.168.88.1?

[admin@Kari-CRS] > ip route print Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit # DST-ADDRESS PREF-SRC GATEWAY DISTANCE 0 ADC 192.168.1.0/24 192.168.1.1 bridge1 0 1 ADC 192.168.4.0/24 192.168....
by Etz
Tue May 27, 2014 7:13 pm
Forum: Beginner Basics
Topic: Ipv4 default-gateway 192.168.88.1?
Replies: 18
Views: 8285

Re: Ipv4 default-gateway 192.168.88.1?

Ofcourse I did factory rset, actually even multiple times: Relevant config: /ip pool add name=dhcp ranges=192.168.1.21-192.168.1.250 add name=dhcp2 ranges=192.168.2.2-192.168.2.254 add name=dhcp4 ranges=192.168.4.2-192.168.4.254 /ip dhcp-server add address-pool=dhcp disabled=no interface=bridge1 lea...
by Etz
Tue May 27, 2014 9:43 am
Forum: General
Topic: How to overcome masquerade issue with my ISP
Replies: 2
Views: 669

Re: How to overcome masquerade issue with my ISP

I presume you are doing double nat this way.
Or ISP router doesnt have nat and it wont work because of it.

As ISP router definately has Public IP on its WAN interface and you assign Private subnet between ISP and MikroTik, you definately have to do NAT on ISP device aswell.
by Etz
Mon May 26, 2014 7:47 pm
Forum: Beginner Basics
Topic: Ipv4 default-gateway 192.168.88.1?
Replies: 18
Views: 8285

Ipv4 default-gateway 192.168.88.1?

Hi

As a newbie, i have a question.

Why CRS125 still advertises 192.168.88.1 with DHCP?

As I built my config from scratch there is no such adress present in config, so where does it come from and how could i remove it?
DHCP gives out correct gateway aswell, but still its a bit annoyance.