Community discussions

Search found 15 matches

by bronco
Tue Jul 02, 2019 11:20 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: OpenVPN SHA256 + UDP
Replies: 35
Views: 19007

Re: OpenVPN SHA256 + UDP

We all need full functional OpenVPN ... m.b. with special extension card, is ok .. but is needed :) Some boards like the hexS already even have more crypto hardware accelleration than supported by Mikrotik software. So there's no need for extra hardware, just more source code has to be written or r...
by bronco
Sun Jun 30, 2019 3:25 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: OpenVPN SHA256 + UDP
Replies: 35
Views: 19007

Re: OpenVPN SHA256 + UDP

+1 SHA256
+1 UDP
by bronco
Sat Jun 08, 2019 11:32 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature request: full crypto speedup for MT7621 chipset (e.g. hEX S)
Replies: 9
Views: 778

Re: Feature request: full crypto speedup for MT7621 chipset (e.g. hEX S)

Hello mrz, would you please be so kind and share your knowledge with us. What is the reason, that currently there is only hardware encryption for IPsec and not for the other cryptographic stuff? Currently there is specific reason for this. maybe in the future you will see HW encryption not only for ...
by bronco
Tue Jun 04, 2019 11:25 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature request: full crypto speedup for MT7621 chipset (e.g. hEX S)
Replies: 9
Views: 778

Re: Feature request: full crypto speedup for MT7621 chipset (e.g. hEX S)

Hello msatter, nobody ever mentioned ECB, therefore AES-256-CBC would be my preferred cipher, I totally agree with you in that point. I also agree with you that AES 128/256 is the same algorithm for IPsec and OpenVPN, but according to MikroTik's datasheet for the hEX S, encrpytion offloading for IPs...
by bronco
Tue Jun 04, 2019 11:18 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature request: full crypto speedup for MT7621 chipset (e.g. hEX S)
Replies: 9
Views: 778

Re: Feature request: full crypto speedup for MT7621 chipset (e.g. hEX S)

OpenVPN uses as OpenSSL as a cipher library for several reasons, therefore the mentioned OpenSSL encryption engine should speed up OpenVPN (ovpn), cause crypto hardware engines usually are much faster than plain software-based algorithms. What do you mean by "OpenSSL encryption"? What ciphers are yo...
by bronco
Tue Jun 04, 2019 12:23 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature request: full crypto speedup for MT7621 chipset (e.g. hEX S)
Replies: 9
Views: 778

Re: Feature request: full crypto speedup for MT7621 chipset (e.g. hEX S)

Hey mada3k,

I totally agree with you, but Mikrotik states only that there is IPSec encryption accelleration (compared to the datasheet of hEX S),
so I assume that there is no OpenSSL hardware encryption engine support :-(

Greets,
bronco
by bronco
Sat Jun 01, 2019 10:34 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature request: full crypto speedup for MT7621 chipset (e.g. hEX S)
Replies: 9
Views: 778

Feature request: full crypto speedup for MT7621 chipset (e.g. hEX S)

Hello, the crypto engine of the MT7621 chipset (used for example in the hEX S model) supports by far more than only IPsec. According to the SDK for the MT7621 chipset there is even OpenSSL support via an OpenSSL engine that is already available in the SDK as a kernel module (look at page 215 and fol...
by bronco
Sat Apr 11, 2015 11:37 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature Request: Multipath TCP
Replies: 11
Views: 3567

Re: Feature Request: Multipath TCP

I wonder which set is smaller:
MPTCP-enabled sites
IPv6-enabled sites
(probably the first one)
You're probably right, but I think the comparison doesn't really match, since MPTCP's goals are in parts different from IPv6'...
by bronco
Fri Apr 10, 2015 11:58 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature Request: Multipath TCP
Replies: 11
Views: 3567

Re: Feature Request: Multipath TCP

What you're thinking about is pretty much an entirely new thing which would use MPTCP as part of its solution - namely, that it would silently terminate a tcp socket locally in order to originate a new mptcp stream outbound, and then forward the data between the two sockets transparently. In fact, ...
by bronco
Sun Apr 05, 2015 4:25 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature Request: Multipath TCP
Replies: 11
Views: 3567

Re: Feature Request: Multipath TCP

Is there anything in the specification that allows a NAT router to silently create multi-path TCP sessions to some remote host which supports it, but bond them back into a single vanilla TCP stream for clients? MPTCP handles TCP connections transparently, the application using the TCP stream doesn'...
by bronco
Thu Mar 26, 2015 4:50 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature Request: Multipath TCP
Replies: 11
Views: 3567

Feature Request: Multipath TCP

Hello,

is there a chance to add Multipath TCP according to RFC 6824 in a future version?
There is already a linux kernel refernce implementation available: see http://multipath-tcp.org/ and https://github.com/multipath-tcp :)


Best regards,
bronco
by bronco
Tue Dec 23, 2014 3:59 pm
Forum: Wireless Networking
Topic: LTE via USB working but w/o serial connection to LTE device
Replies: 7
Views: 5079

Re: LTE via USB working but w/o serial connection to LTE dev

You can still try to load the PPP interface by going into the /port firmware menu and set the ignore-driect-ip-firmware to yes and reboot the router.
Hello uldis,
thank you very much, I'll try that :)

Regards,
bronco
by bronco
Tue Dec 23, 2014 3:46 pm
Forum: Wireless Networking
Topic: LTE via USB working but w/o serial connection to LTE device
Replies: 7
Views: 5079

Re: LTE via USB working but w/o serial connection to LTE dev

i suppose the firmware of your ZTE MF823 is uncompatible with the RouterBoard 433GL. Hello Mobicell, this is a pitty, since the ZTE MF823 shows up in the mikrotik wiki in the section of supported 4G devices. :? Therefore a little note would be cool so that other users won't rush into this anymore.....
by bronco
Wed Dec 10, 2014 1:32 pm
Forum: Wireless Networking
Topic: LTE via USB working but w/o serial connection to LTE device
Replies: 7
Views: 5079

Re: LTE via USB working but w/o serial connection to LTE dev

That's absolutely right, you can get some informations this 'fetch' call /tool fetch url=http://192.168.0.1/index.html#status but unfortunately I don't see the advance here in comparison to browsing the status page of the lte usb stick with my favourite web browser directly. There seems to be no way...
by bronco
Mon Dec 08, 2014 6:40 pm
Forum: Wireless Networking
Topic: LTE via USB working but w/o serial connection to LTE device
Replies: 7
Views: 5079

LTE via USB working but w/o serial connection to LTE device

RouterBoard 433GL, RouterOS 6.23 with ZTE MF 823 LTE USB stick Hello guys, with a few manual tweaks I managed to get my lte usb stick running (using the dhcp client for the lte device, removing the sim pin or feeding the sim pin via the usb stick web interface (sic!)). All the ip stuff works pretty...