Community discussions

MikroTik App

Search found 355 matches

  • 1
  • 2
by kiler129
Sun Mar 31, 2024 9:07 am
Forum: RouterBOARD hardware
Topic: Hex PoE to HAP AC boot fail - POE Overload issue
Replies: 1
Views: 783

Re: Hex PoE to HAP AC boot fail - POE Overload issue

Since this is 1st result from Google I'm going to give some background: it will not work. The hAP ac resistance is too low per MT support (https://www.reddit.com/r/mikrotik/comments/zyh1ln/rb5009_powering_hap_ac/j3x8e1m/): The issue is in hAP ac PoE-In resistance, it is too low. Unfortunately, it is...
by kiler129
Sun Mar 31, 2024 8:02 am
Forum: RouterOS beta
Topic: New User Manager in RouterOS v7
Replies: 211
Views: 80680

Re: New User Manager in RouterOS v7

Almost a year later, we made a decision to completely phase out MT User Manager (ROSv7) from all our networks. While the software is generally stable, when it breaks it lacks any debugging facilities. It's honestly disappointing and bizarre that the only thing UM can log is completely useless "...
by kiler129
Wed Dec 27, 2023 10:46 pm
Forum: Scripting
Topic: Netwatch & slightly flaky tunnel - ideas how to handle that?
Replies: 0
Views: 954

Netwatch & slightly flaky tunnel - ideas how to handle that?

I have a few tunnels from branch offices to the hq. In the spirit of bringing monitoring closer to the actual tunnel, as I test I set-up a Netwatch on MikroTiks to watch if/when these tunnels go down for some reason. Current setup Currently I'm doing "tcp-conn" with 10 minutes interval to ...
by kiler129
Thu Dec 21, 2023 2:30 pm
Forum: General
Topic: Looking for help debugging IPv6 issue with Xfinity [SOLVED]
Replies: 11
Views: 2291

Re: Looking for help debugging IPv6 issue with Xfinity [SOLVED]

In IPv6 gateway is discovered via Neighbor Discovery from Router Advertisement messages sent by the upstream router. Link-local address you see is perfectly fine for routing. Do the following: (...) Responding for visibility as this solution is popular but a bit unsafe, esp. with people removing th...
by kiler129
Thu Dec 21, 2023 2:28 pm
Forum: General
Topic: DHCPv6 client cannot recover after outage
Replies: 18
Views: 1946

Re: DHCPv6 client cannot recover after outage

For people following from Google here - see viewtopic.php?p=1043563#p1043563

Strangely a DHCP relay like this seems to be valid, and it delivers addresses over LLA still.... just with GUA source.
by kiler129
Thu Dec 21, 2023 2:26 pm
Forum: General
Topic: Xfinity (Comcast) DHCPv6 configuration change!
Replies: 9
Views: 5190

Re: Xfinity (Comcast) DHCPv6 configuration change!

filter add chain=input action=accept protocol=udp dst-port=546 src-address=fe80::/10 comment="defconf: accept DHCPv6-Client prefix delegation." Simply remove the source address (fe80::/10) constraint, allowing any address. To make it safe you should probably NOT remove it, essentially all...
by kiler129
Mon Oct 09, 2023 5:39 pm
Forum: The User Manager
Topic: removing sessions
Replies: 1
Views: 2223

Re: removing sessions

It depends how complex you want it to be. If you don't care about historical data, you can simply purge inactive sessions:
/user-manager/session/remove [find active=no]

That should be probably a setting in UM to not keep inactive sessions.
by kiler129
Thu Aug 31, 2023 9:48 pm
Forum: RouterBOARD hardware
Topic: Equivalent for USW Flex - no MT alternative?
Replies: 13
Views: 4149

Re: Equivalent for USW Flex - no MT alternative?

(...) don't have local management in form of the web interface or app like winbox. Well, from what I see USW Flex doesn't even have local CLI beyond just busybox shell, i.e. there's no real switch management interface. Central management is one thing, but not being able to change anything locally i...
by kiler129
Thu Aug 31, 2023 7:45 pm
Forum: RouterBOARD hardware
Topic: Equivalent for USW Flex - no MT alternative?
Replies: 13
Views: 4149

Re: Equivalent for USW Flex - no MT alternative?

And don't forget that for managing USW Flex you need their controller, either hardware or hosted controller.
Yeah, this is my main hesitation actually and why I started looking. The protocol is questionable with respect to security and the deprecation policy is quite worrisome.
by kiler129
Thu Aug 31, 2023 7:34 pm
Forum: RouterBOARD hardware
Topic: Equivalent for USW Flex - no MT alternative?
Replies: 13
Views: 4149

Re: Equivalent for USW Flex - no MT alternative?

Thank you all for great comments! I was digging deeper and well... USW Flex isn't as shiny as it seems. I'm used to MT being transparent with specs and flexible, while UI doesn't seem to be. Through photos I found out that USW Flex uses MT7621, which ironically is only described in the MikroTik wiki...
by kiler129
Wed Aug 30, 2023 4:57 am
Forum: RouterBOARD hardware
Topic: Equivalent for USW Flex - no MT alternative?
Replies: 13
Views: 4149

Re: Equivalent for USW Flex - no MT alternative?

maybe I'm missing out something, but you can provide power to powerbox via Ether1 by 802.3a power supply or by injector. PowerBox itself is fully passive PoE. PowerBox Pro has passive PoE-IN and 802.3a* PoE-OUT. I wasn't able to find 802.3a*/802.3bt to barrel jack adapters that output full/1:1 volt...
by kiler129
Sun Aug 27, 2023 11:47 pm
Forum: RouterBOARD hardware
Topic: Equivalent for USW Flex - no MT alternative?
Replies: 13
Views: 4149

Equivalent for USW Flex - no MT alternative?

I found a deployment recently where we need to deploy centralized PoE for power backup. The catch is, we cannot run e.g. 4 ethernets for 4 cameras. I though "no problem, lets power a small switch via PoE and do PoE for cameras". Surprisingly MT doesn't seem to have a solution for such a sc...
by kiler129
Tue Apr 25, 2023 3:11 am
Forum: General
Topic: share a License
Replies: 6
Views: 769

Re: share a License

Also, CHR is free to use (Trial 60 days with software upgrade, but unlimited if you keep on the same version) Normis, so what happens after 60 days of e.g. trial PU? The help page at https://help.mikrotik.com/docs/display/ROS/Cloud+Hosted+Router%2C+CHR#CloudHostedRouter,CHR-Freelicenses isn't 100% ...
by kiler129
Tue Apr 25, 2023 2:14 am
Forum: RouterOS beta
Topic: Feature Request: IP address aliases
Replies: 2
Views: 2323

Feature Request: IP address aliases

In complex configs it would be beneficial if RouterOS could support names for IP addresses rather than bare IPs. While address lists is a similar feature, it doesn't address the all-too-common scenario where only a single address is allowed (and expected!). My current use case would include assignin...
by kiler129
Sat Apr 22, 2023 10:01 pm
Forum: RouterOS beta
Topic: Feature Request: Firewall Torch
Replies: 1
Views: 1900

Feature Request: Firewall Torch

It would be great if the firewall contained a tool similar to interface "Torch". While firewall rules can have the log flag, it's quite hard to make a sense of the packets in the log. There's also an option to see the flow in Wireshark, but often plumbing this isn't as quick as just clicki...
by kiler129
Wed Apr 19, 2023 4:04 am
Forum: RouterOS beta
Topic: New User Manager in RouterOS v7
Replies: 211
Views: 80680

Re: New User Manager in RouterOS v7

When you use different APs you should use the debugging method for THOSE APs (w.r.t. authentication, radius etc) instead of in RouterOS. Yes and no - if I don't see an obvious problem on the AP I look at the server and see why it returns Access-Reject. Currently MT is the missing the link here. ---...
by kiler129
Mon Apr 10, 2023 5:47 am
Forum: RouterOS beta
Topic: New User Manager in RouterOS v7
Replies: 211
Views: 80680

Re: New User Manager in RouterOS v7

You may want to enable the wireless and radius log as well... --- indeed RADIUS log has much more info ... (...) Not really - it only does when you use MikroTik wireless. Unless something is broken on v7.8 I'm not getting any extra messages with "radius" nor "wireless" channels....
by kiler129
Thu Apr 06, 2023 9:04 pm
Forum: RouterOS beta
Topic: New User Manager in RouterOS v7
Replies: 211
Views: 80680

Re: New User Manager in RouterOS v7

Feature request: logs

No, but seriously, the current logs are insufficient for any troubleshooting. Currently I have one user that cannot connect to EAP wifi and the logs contain just this:
radius_logs.jpg
by kiler129
Sat Feb 04, 2023 9:31 am
Forum: General
Topic: [v7.6] UserManager doesn't clean old sessions and mark them as active
Replies: 0
Views: 438

[v7.6] UserManager doesn't clean old sessions and mark them as active

I started testing UM in a small lab and I see an odd behavior with sessions. As a guinea pig I connected my phone and a few daily devices to the UM instance used by a Ruckus AP and this is a behavior I see: Screenshot 2023-02-04 at 01.20.48.png um.jpg The server used with a Ruckus Unleashed OS, whic...
by kiler129
Sun Nov 27, 2022 3:26 am
Forum: General
Topic: Devices isolation WITHIN vlan without killing the performance
Replies: 7
Views: 2352

Re: Devices isolation WITHIN vlan without killing the performance

IMO you still may want to consider to go with multiple VLANs for different IoT groups of devices. I guess you'll want to allow communications between select devices (e.g. switches and lightbulbs will work best if in same VLAN, likewise you can group cameras and NVR into one VLAN, etc.) That's a goo...
by kiler129
Sat Nov 26, 2022 8:13 am
Forum: General
Topic: Devices isolation WITHIN vlan without killing the performance
Replies: 7
Views: 2352

Re: Devices isolation WITHIN vlan without killing the performance

Assuming the AP is s stupid ubiquite which wants the base or management vlan (where it gets its IP) untagged ................ Close, Ruckus - cannot have it's web UI on a VLAN port because... because no and that's it. It surely can have it's internal management network on a VLAN one but not the UI ...
by kiler129
Sat Nov 26, 2022 5:40 am
Forum: General
Topic: Devices isolation WITHIN vlan without killing the performance
Replies: 7
Views: 2352

Devices isolation WITHIN vlan without killing the performance

I thought I have a simple case, but I wasn't able to achieve any sensible config. In short I want to isolate devices inside of a IOT VLAN. A part of my network looks close to this diagram: Untitled Diagram.drawio.png Currently the access point connected to port 8 is able to isolate all clients from ...
by kiler129
Fri Oct 07, 2022 6:10 am
Forum: General
Topic: Comparing config files
Replies: 39
Views: 3435

Re: Comparing config files

That was the initial idea but the automatic export is a vomit which usually doesn't even import (e.g. it has no delays to wait for interfaces). It's not really editable as sections nor options aren't organized in a way to make manual editing easy. In addition I tend to e.g. indent chains in the fire...
by kiler129
Fri Oct 07, 2022 4:05 am
Forum: General
Topic: Comparing config files
Replies: 39
Views: 3435

Comparing config files

Normally I have my configs stored on GIT with comments etc. Normally my workflow is to make some on-the-spot changes via winbox, then when everything is working I populate the changes into the GIT version. The issue is life isn't perfect: it happened to me many times I or someone else forgot to popu...
by kiler129
Sun Jul 24, 2022 5:53 am
Forum: Scripting
Topic: Updating certificate store requires very strange permissions
Replies: 1
Views: 573

Updating certificate store requires very strange permissions

Let's start from a script I'm running, which is a modification of a script from https://forum.mikrotik.com/viewtopic.php?t=169662 { :do { :local verifySSL :set verifySSL "yes" :if ([:len [/certificate/find name~"cacert_update.pem_"]] = 0) do={ :log warning ("System has no ce...
by kiler129
Fri Jun 10, 2022 5:51 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 235307

Re: MikroTik Devices Controller

Many great things has been said here and I sign under them. I will have one suggestion: Please start small and ascetic. We don’t want a perfect solution in 10 years. An incremental small thing which grows will be much better. v7 is amazing but I think it suffered from a waterfall. The new controller...
by kiler129
Tue Feb 01, 2022 5:46 pm
Forum: General
Topic: feature request : 1-wire temperature sensor DS18B20 /RS232
Replies: 12
Views: 8134

Re: feature request : 1-wire temperature sensor DS18B20 /RS232

it works? This hack has nothing to do with RS232 nor even UART. 1-wire is not serial and this will not work on many RS232 controllers. Implementing this in a router would be really dumb if it doens't work on most hardware. You can make it work using a simple Attiny with a proper UART<>1-wire conver...
by kiler129
Wed Jan 26, 2022 6:02 am
Forum: General
Topic: OS upgrade question
Replies: 5
Views: 1297

Re: OS upgrade question

I think my production configuration has older switch mode configurations - Will the upgrade process rewrite these configurations for me to work in the new OS??? Do you mean the master-port one instead of a hw-offload bridge? Yes, it will be upgraded. If you have a config in /switch it will transfer...
by kiler129
Wed Jan 26, 2022 3:01 am
Forum: RouterOS beta
Topic: Upgrade and renew license cloud router to 7.1
Replies: 1
Views: 1742

Re: Upgrade and renew license cloud router to 7.1

What do you mean you can't upgrade? The menu is still present in WinBox:
Screen Shot 2022-01-25 at 19.00.12.png
by kiler129
Wed Jan 26, 2022 2:50 am
Forum: RouterOS beta
Topic: [Feature Request] Dot1x Multiple Host Auth in a single port
Replies: 4
Views: 2182

Re: [Feature Request] Dot1x Multiple Host Auth in a single port

I don't this is even possible. While I never used it myself, from what I know Dot1x uses MAC address to authenticate clients. This means that your MT sees traffic from all clients connected to a port under a MAC of the dumb switch. The moment a single client behind that switch passes authentication ...
by kiler129
Wed Jan 26, 2022 2:44 am
Forum: RouterOS beta
Topic: Link advertisement doesn't seem to work correctly
Replies: 4
Views: 2687

Re: Link advertisement doesn't seem to work correctly

Don't you maybe have two of these modules installed? 10GbE modules are nasty-hot regardless of the brand & model - it's just the limitation of the chips. MT even has a guidance about that: https://wiki.mikrotik.com/wiki/S%2BRJ10_general_guidance - you may need to add a fan in your switch if you ...
by kiler129
Wed Jan 26, 2022 2:35 am
Forum: RouterOS beta
Topic: RB3011 7.1 and ZeroTier No discovery
Replies: 5
Views: 3850

Re: RB3011 7.1 and ZeroTier No discovery

Make sure you don't have arp=reply-only on any VLAN interfaces - whenever I set that weird things like that start to happen.
by kiler129
Wed Jan 26, 2022 1:39 am
Forum: General
Topic: Improving default IPv6 firewall to follow RFCs
Replies: 6
Views: 3416

Re: Improving default IPv6 firewall to follow RFCs

True, it can be removed without much of the adverse effect (probably? ;)) but being complain with the current RFCs is IMHO good. Because of how broken IPv6 is in the IoT world I had to disable it for my personal networks on the IoT VLAN. After like ~2 weeks I've got 0.05% of the traffic matching bog...
by kiler129
Mon Jan 24, 2022 8:23 pm
Forum: General
Topic: Improving default IPv6 firewall to follow RFCs
Replies: 6
Views: 3416

Re: Improving default IPv6 firewall to follow RFCs

<Hopeful bump> :)
by kiler129
Fri Jan 21, 2022 4:50 am
Forum: General
Topic: SPF modules overheating & vendor support
Replies: 9
Views: 3602

Re: SPF modules overheating & vendor support

SFP 10Gb/s copper modules are insanely hot regardless of the brand - I tested many and all have smaller or bigger problems with that. It seems to be an inherent characteristic of copper-based 10Gb modules. With the prices of fiber we moved mostly to it instead where possible. As for 4011 being 50°C ...
by kiler129
Tue Jan 18, 2022 12:06 am
Forum: RouterOS beta
Topic: RB5009 Wireguard only 150 Mbps
Replies: 30
Views: 15523

Re: RB5009 Wireguard only 150 Mbps

Also, how are you testing the speed? iperf between endpoints or btest?
by kiler129
Tue Jan 18, 2022 12:03 am
Forum: General
Topic: Advice on certificates for managing Mikrotik devices with www-ssl ? [SOLVED]
Replies: 6
Views: 2461

Re: Advice on certificates for managing Mikrotik devices with www-ssl ? [SOLVED]

Adding to the amazing mkx post: 3. You cannot use certificates valid for more than 398 days - any such certificate will be glowing red in any modern browser (see https://www.theregister.com/2020/06/30/tls_cert_lifespan/) 4. You can easily manage your own small CA. In my private use I simply use free...
by kiler129
Mon Jan 17, 2022 11:55 pm
Forum: Wireless Networking
Topic: WIFI 6 Roadmap
Replies: 199
Views: 144201

Re: WIFI 6 Roadmap

In the list of supported devices, I see lots of LTE modems USB but no wifi6 or 7 USB devices supported. USB as a protocol is pretty bad for networking. With the pps and Mbps requirement of a modern WiFi it's not really wise to go that route. In addition the vast majority of WiFi SoCs are PCI-Ex bas...
by kiler129
Sun Jan 16, 2022 7:17 am
Forum: General
Topic: Adding Comment to DHCP Lease [SOLVED]
Replies: 8
Views: 3891

Re: Adding Comment to DHCP Lease [SOLVED]

What's the real issue you're having? You can add a static lease for any device and then you can add a comment to that lease via terminal / Winbox (and probably WebFig as well). I quickly checked and on one of my routers I have 30+ iOS devices and all of them send hostnames properly. The only catch w...
by kiler129
Sun Jan 16, 2022 7:14 am
Forum: General
Topic: L2TP/IPsec Issues with Windows 11 update - kb5009566
Replies: 29
Views: 22921

Re: L2TP/IPsec Issues with Windows 11 update - kb5009566

Disabling Vendor ID sending on responder side is not a viable option in my opinion as NAT-T detection depends on Vendor ID's. So disabling Vendor ID option on server side would not allow clients behind NAT to connect, which are most of Windows users anyway. https://datatracker.ietf.org/doc/html/rfc...
by kiler129
Sun Jan 16, 2022 7:06 am
Forum: General
Topic: Improving default IPv6 firewall to follow RFCs
Replies: 6
Views: 3416

Improving default IPv6 firewall to follow RFCs

Hello! Recently I had a bit of time for a larger maintenance windows and some spare time with a cup of strong coffee. I decided to attack IPv6. During my endeavor I carefully examined the IPv6 firewall in ROS in attempt to really understand where particular things are coming from. I was able to trac...
by kiler129
Wed Jan 12, 2022 10:47 pm
Forum: Wireless Networking
Topic: WIFI 6 Roadmap
Replies: 199
Views: 144201

Re: WIFI 6 Roadmap

6E is not a concern just yet, even bigger players are just dipping their feet in 6Ghz. However, adding 6E on top of 6 shouldn't be a big challenge as the jump from 6 to 6E is practically just the band, while 5 to 6 was a big overhaul of features. MT devices are cheap and target a slightly different ...
by kiler129
Tue Oct 26, 2021 11:01 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

Hello, I would like to know if the problem with turning off WiFi 5Ghz in the RB4011 router has been resolved. thanks No its not. You dig out a year-old thread to add a useless response. This issue is resolved which can be seen by multiple people deploying 4011s daily. The only “self-disabling” wlan...
by kiler129
Mon Oct 18, 2021 10:22 pm
Forum: Wireless Networking
Topic: WIFI 6 Roadmap
Replies: 199
Views: 144201

Re: WIFI 6 Roadmap

Doesn't v7 with WiFiWave2 package enable 802.11w and 802.11v?
by kiler129
Tue Sep 28, 2021 2:43 am
Forum: Wireless Networking
Topic: [Discussion] Is MT treating non-PtP wireless seriously?
Replies: 8
Views: 2352

Re: [Discussion] Is MT treating non-PtP wireless seriously?

Wifiwave2 changes nothing.... sorry. It's still a dumb driver living in the vacuum of its own ignorance. It does. I think you misunderstood me. I know that by itself, it doesn't handle anything regarding roaming and the 802.11 r/k/v standards. But with the current drivers, MikroTik is having to rei...
by kiler129
Mon Sep 27, 2021 11:24 pm
Forum: Wireless Networking
Topic: [Discussion] Is MT treating non-PtP wireless seriously?
Replies: 8
Views: 2352

Re: [Discussion] Is MT treating non-PtP wireless seriously?

Rip Van Kiler ?? Sorry bud your as late to the discussion as MT is to providing a fully capable wifi 5 device. I'm struggling... really. I'm trying to keep the stack simple and central as the fewer device types to support (especially running different stacks) the easier it is to manager. The COVID ...
by kiler129
Mon Sep 27, 2021 1:20 am
Forum: Wireless Networking
Topic: [Discussion] Is MT treating non-PtP wireless seriously?
Replies: 8
Views: 2352

Re: [Discussion] Is MT treating non-PtP wireless seriously?

You typed all that, like you didn't know that Mikrotik wireless is ACv1.
Wave2 or not.... even without 802.11k/v/r (which isn't the solution by itself) the regular 802.11ac is inferior.
by kiler129
Sun Sep 26, 2021 7:48 pm
Forum: Wireless Networking
Topic: [Discussion] Is MT treating non-PtP wireless seriously?
Replies: 8
Views: 2352

[Discussion] Is MT treating non-PtP wireless seriously?

This isn't going to be a rant, I don't want to upset or undermine anyone but simply share my thoughts on the topic and maybe spark a (hopefully constructive) discussion here. MikroTik hardware and software is amazing. I think most of us really enjoy using it. However, I believe there's an elephant i...
by kiler129
Mon Aug 09, 2021 9:28 pm
Forum: RouterOS beta
Topic: mDNS repeater feature
Replies: 330
Views: 100486

Re: mDNS repeater feature

Allow inter-VLAN routing, allow multi-cast routing on LAN, don't block Multicast subnets. Problem solved. https://en.wikipedia.org/wiki/Multicast_address Have you actually tested it or just blindly linked the wikipedia page? mDNS traffic is marked to never cross the subnet and so that even if you f...
by kiler129
Sat Aug 07, 2021 5:10 am
Forum: General
Topic: Subnet design best practice
Replies: 11
Views: 1843

Re: Subnet design best practice

1. When you're doing VLANs it's beneficial to NOT have untagged traffic. That way you have to consciously assign things in your network. 2. You should probably put network devices (if you have multiple) into a separate VLAN/subnet which is a management subnet with a tight control as to who can acces...
by kiler129
Sat Aug 07, 2021 1:57 am
Forum: General
Topic: Is blocking websites by URL really impossible?
Replies: 21
Views: 3930

Re: Is blocking websites by URL really impossible?

Both Chrome, Safari, and FF are now supporting HTTP/3 out of the box (disabled by default). CloudFlare and other CDNs (which basically drive most of the internet nowadays) started enabling HTTP/3 by default. Soon all browsers will enable HTTP/3 by default - you cannot do anything there. You can try ...
by kiler129
Sat Aug 07, 2021 1:54 am
Forum: RouterBOARD hardware
Topic: Broken PSU in CRS328
Replies: 3
Views: 1874

Re: Broken PSU in CRS328

Email support@mikrotik.com - I know they were able to help in such cases previously.
by kiler129
Fri Aug 06, 2021 9:12 pm
Forum: RouterBOARD hardware
Topic: RB4011 Light Stuck On
Replies: 5
Views: 6742

Re: RB4011 Light Stuck On

Really ? (...) I ve never used a 48Volt power supply on a RB4011... Why not? It's a standard telecom voltage and most (if not all?) MTs support it. RB4011 goes up to 57V and I have a few on 48V supply as they're connected to the same distribution block as other devices. It lets us use thinner wires...
by kiler129
Fri Aug 06, 2021 9:09 pm
Forum: RouterOS beta
Topic: mDNS repeater feature
Replies: 330
Views: 100486

Re: mDNS repeater feature

Yes, mDNS is really a needed feature. Also, it's a VERY small and lightweight userland daemon. I run a VM with avahi and it doesn't really use any CPU while sitting in low single digits for memory usage. Additionally, it will literally need interfaces assignment and no other complex configuration.
by kiler129
Thu Jul 29, 2021 8:21 pm
Forum: General
Topic: Block Ping request
Replies: 44
Views: 33352

Re: Block Ping request

But with all the seriousness... why people block ICMP? It's harmful. Even blocking just ECHO and leaving rest of the ICMP alone is at best annoying. Rate limiting this to a reasonable value - sure, but blocking it flat-out is imho more harmful than helpful.
by kiler129
Thu Jul 29, 2021 8:15 am
Forum: RouterOS beta
Topic: IP > Cloud on v7 CHR stuck at "updating..." [SOLVED]
Replies: 3
Views: 5382

Re: IP > Cloud on v7 CHR stuck at "updating..." [SOLVED]

Confirmed by the support as a bug. No ETA for a fix but they were able to reproduce it and confirm it will be fixed in one of the new releases.
by kiler129
Thu Jul 29, 2021 5:35 am
Forum: General
Topic: Semi-randomly change src-port originating from ROS - is it possible?
Replies: 2
Views: 580

Semi-randomly change src-port originating from ROS - is it possible?

So to start I will explain why I'm trying to do that, as it sounds stupid at first. I have a location with a MT used as a WG client. The throughput is around ~1Mb/s (sic!) despite the network having plenty of bandwidth. When two connections are made the bandwidth is EXACTLY 2x1Mb/s. It turns out the...
by kiler129
Thu Jul 29, 2021 12:25 am
Forum: Virtualization
Topic: Is there a guide on how to size the VM for CHR?
Replies: 5
Views: 6214

Re: Is there a guide on how to size the VM for CHR?

A lot of network code is single-core in Linux itself. Most of the protocols were designed in times where multicore was the last thing anyone was worried about ;) Even something which is theoretically multithread-friendly like BGP it took a lot of time to actually make it utilize many cores efficient...
by kiler129
Thu Jul 29, 2021 12:14 am
Forum: Forwarding Protocols
Topic: Can someone explain the point of VRF to me?
Replies: 5
Views: 4120

Can someone explain the point of VRF to me?

I realize it may be a basic question (to the point I'm almost ashamed of asking it) but what is the point of using VRF? I understand what it does I think. It allows for creating multiple virtual routers in a sense that routing decisions are separated into distinct segments, giving me multiple routin...
by kiler129
Wed Jul 28, 2021 9:31 am
Forum: RouterOS beta
Topic: Feature Request - CBRS SAS Interface
Replies: 4
Views: 4059

Re: Feature Request - CBRS SAS Interface

Please advise when equipment is available - as a current Part 90 licensee we can begin testing immediately.
This is mostly a community support forum. Such questions should be directed to MT directly (support email address posted above).
by kiler129
Wed Jul 28, 2021 9:29 am
Forum: RouterOS beta
Topic: v7 launch date
Replies: 156
Views: 49268

Re: v7 launch date

That is exactly my point - they don’t have any public bugtracking system. This results in the same things being repeated in 10 threads. For example the “config resets after reboot” was discussed many times in the v7 sub forum alone.
by kiler129
Tue Jul 27, 2021 8:59 pm
Forum: RouterOS beta
Topic: v7 launch date
Replies: 156
Views: 49268

Re: v7 launch date

The forum is a pretty bad way of managing issues. I think it will be great if MT had a public bug tracker like e.g. JetBrains or other software companies. This will allow for searching for issues using parameters, linking them, marking as duplicates, communicating what was/wasn’t fixed etc. Currentl...
by kiler129
Mon Jul 26, 2021 2:24 am
Forum: RouterOS beta
Topic: IP > Cloud on v7 CHR stuck at "updating..." [SOLVED]
Replies: 3
Views: 5382

IP > Cloud on v7 CHR stuck at "updating..." [SOLVED]

I'm wondering if this is something isolated to my install or a known problem: [greg@test14-sdx.ne0.test] /ip/cloud> print ddns-enabled: yes ddns-update-interval: none update-time: yes status: updating... [greg@test14-sdx.ne0.test] /ip/cloud> force-update [greg@test14-sdx.ne0.test] /ip/cloud> print d...
by kiler129
Mon Jul 26, 2021 2:16 am
Forum: General
Topic: Feature Request: RouterOS Nightly
Replies: 4
Views: 1022

Re: Feature Request: RouterOS Nightly

Are you guys seeing these storm clouds every time MT publishes a new build of v7? Well... if people cannot understand the EAP software it's gonna be even worse with night builds.
by kiler129
Fri Jul 23, 2021 2:21 am
Forum: RouterBOARD hardware
Topic: MikroTik RB5009UG+S+IN
Replies: 202
Views: 92721

Re: MikroTik RB5009UG+S+IN

Will there be a +WiFi Version of this? I guess that looks like an answer to the initial question: RB5009.jpg I hope this time they learned to not release WiFi product with a half-baked wifi :D Nothing against 4011 but at the beginning the radio situation was ridiculous and we had to pull many of th...
by kiler129
Thu Jul 22, 2021 12:19 am
Forum: General
Topic: export admin password
Replies: 12
Views: 3558

Re: export admin password

and i want to know if i can show the password (not change only show ) of the user B ??
is there is any way ?
No. Passwords are hashed and aren't saved anywhere.
by kiler129
Wed Jul 21, 2021 11:21 pm
Forum: RouterBOARD hardware
Topic: recommendation to x86 hardware?
Replies: 8
Views: 8194

Re: recommendation to x86 hardware?

did you manage to install x86 on gen10 CPU?
Have you try v7.1? v6 has a pretty old kernel.
by kiler129
Wed Jul 21, 2021 11:07 pm
Forum: RouterBOARD hardware
Topic: MikroTik RB5009UG+S+IN
Replies: 202
Views: 92721

Re: MikroTik RB5009UG+S+IN

I hope the wireless version will be compatible with wifiwave2 as this is a perfect candidate for home deployments.

Well, till then...
by kiler129
Tue Jul 20, 2021 3:48 am
Forum: RouterOS beta
Topic: Fastpath with Input rules
Replies: 5
Views: 1985

Re: Fastpath with Input rules

This is mostly a community-driven forum. If you want to get an answer from MT directly you should contact their support email.
by kiler129
Thu Jul 15, 2021 10:44 am
Forum: RouterOS beta
Topic: Routing speeds on v7 RB4011
Replies: 11
Views: 3810

Re: Routing speeds on v7 RB4011

Yeah, none of the Wireguard crypto primitives are in the hardware-accelerated crypto row for the RB4011 , so there's another wishlist item: hardware ChaCha20 acceleration. Is anyone even doing that? I always heard that hw acceleration is dead with these new primitives (i.e. WG was meant to not be h...
by kiler129
Mon Jul 05, 2021 5:05 am
Forum: RouterOS beta
Topic: NTP Client is borked
Replies: 6
Views: 1940

Re: NTP Client is borked

What mean "borked" on the title?
Translate says is "Bored" on Hungarian....

NTP Client is bored?
"Borked" is a funny/slang take on "broken" ;)
by kiler129
Sun Jul 04, 2021 11:32 pm
Forum: RouterOS beta
Topic: SDWAN using Zerotier [SOLVED]
Replies: 54
Views: 26126

Re: SDWAN using Zerotier

I don't want to crush your dreams guys but I don't think ZT will ever be a thing on MT due to licensing ZT uses now. They used to use GPLv3 but since they changed their licensing model to.... freemium(?): ZeroTier’s software kit is licensed under the ZeroTier BSL, which allows source code access and...
by kiler129
Sun Jul 04, 2021 11:24 pm
Forum: RouterOS beta
Topic: WebFig does not display all routes
Replies: 9
Views: 5793

Re: WebFig does not display all routes

Not a huge problem, since I am enjoying the CLI a lot so far (new MikroTik user here). A small OT but relevant: WebFig is generally the least preferred way of interacting with ROS. If you want GUI use WinBox. Judging by the resolution of your screenshots you're probably on a Mac - WinBox is specifi...
by kiler129
Sun Jul 04, 2021 11:17 pm
Forum: RouterOS beta
Topic: Kernel Crash when adding WG Peer 7.1beta6
Replies: 7
Views: 5124

Re: Kernel Crash when adding WG Peer 7.1beta6

In general it's understood that the raw configuration format is not stable in beta. If I have to guess developers are only testing upgrade between the newest v6 (i.e. not the stable one) and newest v7.
by kiler129
Sat Jul 03, 2021 11:58 pm
Forum: RouterOS beta
Topic: Kernel Crash when adding WG Peer 7.1beta6
Replies: 7
Views: 5124

Re: Kernel Crash when adding WG Peer 7.1beta6

Are you observing this in a fresh install too or did you upgrade from previous betas? There was a change in peers format in I believe beta 5.
by kiler129
Sat Jul 03, 2021 11:14 pm
Forum: RouterOS beta
Topic: v7 launch date
Replies: 156
Views: 49268

Re: v7 launch date

Yes, that is a result of their previous business decisions. I don't want to sound rude but have you ever work in software development industry? This is not the issue with business decisions really. As the software grows the legacy grows exponentially. You can see this first hand in products of tril...
by kiler129
Wed Jun 23, 2021 6:10 pm
Forum: RouterOS beta
Topic: Any release date for 7.x expectation?
Replies: 18
Views: 6254

Re: Any release date for 7.x expectation?

I once wrote a longer post about that: https://forum.mikrotik.com/viewtopic.php?f=1&t=175201&p=857545#p857545 MT most likely has a long technical debt but what they did with v7 is amazing. They’re going in a right direction. However expecting them to get a firm release date with such a proje...
by kiler129
Wed May 26, 2021 2:37 pm
Forum: RouterOS beta
Topic: How do I enable wireguard logging on 7.1beta6
Replies: 3
Views: 7099

Re: How do I enable wireguard logging on 7.1beta6

I don't think there are any logs for WG as of now (not that much can be logged there as it's a stateless protocol).
by kiler129
Fri May 21, 2021 12:20 am
Forum: RouterOS beta
Topic: Wireguard bug: connections via WG tunnels suddenly failing
Replies: 9
Views: 4838

Re: Wireguard bug: connections via WG tunnels suddenly failing

Sorry, I am not here too often ... as to 1, I did not try this, will do so when it happens next time; however, since a reboot did not solve the problem, I guess the answer here is "no". The answer to 2 is "no". I usually perform the following ritual when wg acting as a "cli...
by kiler129
Fri May 21, 2021 12:16 am
Forum: RouterOS beta
Topic: Router crashes are wiping the config
Replies: 14
Views: 9709

Re: Router crashes are wiping the config

Sadly no luck, the config is valid up to a point and when you change something it becomes invalid so that after reboot it just wipes the whole router - it's bizarre. I wasn't able to get to the root cause yet. As for netinstall I always do that from a Win10 VM on a Mac ;) It's sometimes finicky so I...
by kiler129
Thu May 20, 2021 11:39 pm
Forum: RouterOS beta
Topic: Router crashes are wiping the config
Replies: 14
Views: 9709

Re: Router crashes are wiping the config

Seems like the same issue as described in viewtopic.php?f=1&t=174897
by kiler129
Thu May 20, 2021 11:30 pm
Forum: RouterOS beta
Topic: v7.1beta6 [development] is released!
Replies: 377
Views: 242884

Re: v7.1beta6 [development] is released!

7.1b6 seems to have a strange issue with 5Ghz WiFi which I cannot really explain or debug - maybe someone can chime in? I'm currently testing on hAP AC. In essence when pushing a stream of 50-80Mb/s it will stop passing TCP traffic after 20-60 minutes. What's interesting it will still allow for ping...
by kiler129
Wed May 19, 2021 1:09 pm
Forum: RouterOS beta
Topic: v7.1beta6 [development] is released!
Replies: 377
Views: 242884

Re: v7.1beta6 [development] is released!

I know it was said that there are no plans for AR9300 to be supported in WiFiWave2 package. However are there any plans of supporting running both wifiwave2 and the normal wireless package alongside? While 2.4Ghz is far from amazing having to pick between good 5Ghz and no 2.4 at all vs 5Ghz limited ...
by kiler129
Sun May 16, 2021 6:54 am
Forum: RouterOS beta
Topic: Bug: RouterOS beta 7.1beta4 - RFC3021 - does not route out on a /31 - but accepts traffic from a /31
Replies: 15
Views: 4142

Re: Bug: RouterOS beta 7.1beta4 - RFC3021 - does not route out on a /31 - but accepts traffic from a /31

Plenty of things don't support /31 addressing, even Windows being one of them ;)
While it is useful for PtP links is this really such a huge problem? In my books it's more "nice to have one day" but there are many more things which should be a priority over /31.
by kiler129
Sun May 16, 2021 6:43 am
Forum: RouterOS beta
Topic: Wireguard bug: connections via WG tunnels suddenly failing
Replies: 9
Views: 4838

Re: Wireguard bug: connections via WG tunnels suddenly failing

I'm currently debugging something similar. Couple questions to you:

1. Is disabling the WG interface and re-enabling it again fixes the problem?
2. Can RB ping the client in this broken state?
by kiler129
Sun May 16, 2021 6:41 am
Forum: RouterOS beta
Topic: Wireguard interface tx drops and errors
Replies: 1
Views: 4514

Re: Wireguard interface tx drops and errors

I think drops are perfectly normal. WG runs over UDP, which by definition means the protocol is responsible for dealing with lost packets as the transport layer doesn't guarantee that. However, your values seem a little bit high. I checked one of my test tunnels: Screen Shot 2021-05-15 at 10.36.00 P...
by kiler129
Sun May 16, 2021 6:31 am
Forum: RouterOS beta
Topic: v7 launch date
Replies: 156
Views: 49268

Re: v7 launch date

TL;DR: it is stable for simpler applications but not for mission-critical applications, it will take a while to get a stable-stable IMHO to see what v7 is you need to look at the history Looking at what they're doing v7 is a huge leap forward internally but only some small bits are visible outside....
by kiler129
Sun May 16, 2021 5:59 am
Forum: RouterOS beta
Topic: Reset to Factory Default on every reboot
Replies: 9
Views: 3370

Re: Reset to Factory Default on every reboot

I can add another RB2011 with the same problem. The funny thing is there is SOMETHING in the config which triggers that. I have a backup which restores and works throughout reboots but if I go and import my full config it works until reboot. After the reboot the router is wiped to factory defaults ;)
by kiler129
Fri Jan 22, 2021 6:55 am
Forum: RouterOS beta
Topic: [Feature Request] Support for EC-based SSH keys
Replies: 4
Views: 2637

Re: [Feature Request] Support for EC-based SSH keys

Not negating adding a new feature here but what is exactly the problem we're trying to solve here? While ed25519 is newer and has some advantages (e.g. smaller key size, marginally faster authentication) does it really add any significant value to ROS?
by kiler129
Tue Jan 12, 2021 8:39 am
Forum: RouterOS beta
Topic: Bring the API into the 21st century with GraphQL
Replies: 2
Views: 1249

Re: Bring the API into the 21st century with GraphQL

Oh god, please, no. The power of ROS is consistency and API brings very clear error boundaries. GQL would destroy that model making the API actually very hard to use in a long run. Additionally deprecation of GQL is very tricky. However, the biggest hurtle is complexity and performance of the server...
by kiler129
Thu Dec 24, 2020 8:52 am
Forum: RouterOS beta
Topic: v7.1beta3 [development] is released!
Replies: 261
Views: 79624

Re: v7.1beta3 [development] is released!

Something strange is happening when 7.1beta3 is used as a client in WG and the remote peer uses a domain in "endpoint-address". The tunnel will appear dead (0bps, 0pps) after reboot. Disabling the interface and enabling it again does nothing. Attempting ping to that hostname from the rout...
by kiler129
Fri Dec 18, 2020 11:50 pm
Forum: General
Topic: TCP retransmissions & low performance while bridging
Replies: 5
Views: 2228

Re: TCP retransmissions & low performance while bridging

I prefer (and I thought it was recommended) to use a single bridge with filters, see also this great tutorial: https://forum.mikrotik.com/viewtopic.php?t=143620 Not sure if it is completely related, but it is at least worth the try. Neat, I actually never used VLAN filtering on bridge. Results I wi...
by kiler129
Fri Dec 18, 2020 10:06 pm
Forum: General
Topic: RB4011 Inter-VLAN routing performance
Replies: 17
Views: 5495

Re: RB4011 Inter-VLAN routing performance

3-5%...i must have something configured incorrectly or im horribly misunderstanding your post...any test i run through iperf pins the cpu unless i specify multiple channels... I think you need to limit your config and find the culprit because there's definitely something wrong. Initially I was runn...
by kiler129
Fri Dec 18, 2020 9:45 am
Forum: General
Topic: TCP retransmissions & low performance while bridging
Replies: 5
Views: 2228

TCP retransmissions & low performance while bridging

While playing with my setup I was able to isolate a weird (to me at least) issue. I'm running the tests on hEX (Gr3). When I try to bridge two ports with VLANs on them like so: # model = RouterBOARD 750G r3 /interface ethernet set [ find default-name=ether1 ] name=ether1-trunk set [ find default-nam...
by kiler129
Fri Dec 18, 2020 8:09 am
Forum: General
Topic: OVPN/CPU max out ?
Replies: 4
Views: 2931

Re: OVPN/CPU max out ?

If you're controlling both endpoints there's really no practical reason to use OVPN. Look at IPSec if you want stability or WireGuard if you want to live on the edge (since it requires ROSv7 which isn't released as stable).
by kiler129
Fri Dec 18, 2020 8:03 am
Forum: General
Topic: PRIVATE ADDRESS on Apple Devices X Mikrotik Hotspots based
Replies: 1
Views: 1268

Re: PRIVATE ADDRESS on Apple Devices X Mikrotik Hotspots based

This is really a problem which is not solvable if device deliberately changes its identity between connections. The only solution here is the device user must re-login every time the connection is made.... possibly every time it goes back from sleep. However, the current implementation seems to be r...
by kiler129
Fri Dec 18, 2020 7:57 am
Forum: General
Topic: RB4011 Inter-VLAN routing performance
Replies: 17
Views: 5495

Re: RB4011 Inter-VLAN routing performance

Make sure that your problem is not affected by SMB - that protocol is, to put it mildly, horrible. Multichannel support was introduced with SMBv3 so check if you're forcing SMBv3 (by default modern clients will usually default to v2 for some reason). Also, I was just poking around in my lab with a s...
by kiler129
Fri Dec 18, 2020 7:16 am
Forum: RouterOS beta
Topic: v7.1beta3 [development] is released!
Replies: 261
Views: 79624

Re: v7.1beta3 [development] is released!

In case someone is experiencing a problem where "beta3" seems to kill some WG tunnels with the following error on iOS/iPadOS/macOS: 2020-12-17 23.13.42.jpg However, this is not a problem with ROS but actually a bug in WireGuard's client apps: https://www.mail-archive.com/wireguard@lists.zx...
by kiler129
Fri Dec 18, 2020 3:09 am
Forum: RouterOS beta
Topic: Feature Request: Proper support for RTL8367
Replies: 5
Views: 3656

Feature Request: Proper support for RTL8367

In short I think RTL8367 should get a proper support for (at least) VLANs like other switch chips present in RB2011 or RB3011. RTL8367 is a switch chip included in both RB4011 and RB1100AHx4 as the time of writing. While the default answer for VLANs on the forum for RB4011 is usually "just use ...
by kiler129
Fri Dec 18, 2020 1:50 am
Forum: General
Topic: [FR, Winbox] Select master interface for vAP & VLANs automatically
Replies: 0
Views: 496

[FR, Winbox] Select master interface for vAP & VLANs automatically

This is a small quality-of-life/UX improvement, which despite years of use I still often misclick in WinBox. Some interfaces in ROS can have virtual interfaces attached to them (e.g. vAP for wireless and VLANs for other ones). When adding such interface a natural flow (at least for me and couple of ...
by kiler129
Mon Oct 12, 2020 8:31 am
Forum: RouterOS beta
Topic: Nvidia BlueField-2X
Replies: 1
Views: 1284

Re: Nvidia BlueField-2X

I don't think ROS fits into such stack directly. However, when running on a hypervisor as a VPC-like solution for routing on a DPU? Why not ;) The only think MT needs to do is CHR for ARM.
by kiler129
Mon Oct 12, 2020 8:23 am
Forum: RouterOS beta
Topic: Feature Request: Data usage
Replies: 7
Views: 6641

Re: Feature Request: Data usage

The huge issue with using queues for this is this will not count FT traffic.
by kiler129
Mon Oct 12, 2020 8:21 am
Forum: RouterOS beta
Topic: API on RouterOS v7 [SOLVED]
Replies: 3
Views: 3340

Re: API on RouterOS v7 [SOLVED]

PHP libraries also work properly, I even developed a small project for wireguard automation around the API and it works flawlessly.
by kiler129
Fri Oct 02, 2020 6:46 am
Forum: RouterOS beta
Topic: Feature request - WPA3 support on ROS 7.X
Replies: 6
Views: 5399

Re: Feature request - WPA3 support on ROS 7.X

-1 as older clients won't connect
Provide airtime fairness Feature instead as it will improve overall performance.
IMHO both are needed, as well as 802.11k/v/r
by kiler129
Thu Oct 01, 2020 6:50 pm
Forum: RouterOS beta
Topic: Feature Request - Wireguard Protocol
Replies: 167
Views: 84294

Re: Feature Request - Wireguard Protocol

+1 for Wireguard
It's already implemented and working quite nicely in 7.1beta2 :)
by kiler129
Mon Sep 21, 2020 7:53 pm
Forum: RouterOS beta
Topic: [BUG] Renaming ethernet interface causes system crash
Replies: 1
Views: 999

[BUG] Renaming ethernet interface causes system crash

Version number: v7beta2 Router's model: hAP ac Steps to reproduce the issue: Try renaming any ethernet interface while it's running, it will cause "router rebooted because some critical program crashed" Any additional information that would help troubleshoot the issue: I checked the autos...
by kiler129
Sun Sep 20, 2020 6:46 am
Forum: RouterOS beta
Topic: [BUG] WireGuard Peers comment is discarded
Replies: 1
Views: 1221

[BUG] WireGuard Peers comment is discarded

Version number: v7beta2 Router's model: hAP ac Steps to reproduce the issue: Set comment for (either using winbox or via CLI) /interface/wireguard/peers set comment="123.." numbers=1 Log out & log in (when set using CLI it will not appear anywhere anyway) Comment is gone Configuration...
by kiler129
Thu Aug 27, 2020 10:28 pm
Forum: RouterOS beta
Topic: Feature Request - Wireguard Protocol
Replies: 167
Views: 84294

Re: Feature Request - Wireguard Protocol

First it was socks5, how long did that take? Maybe because interest in SOCKSv5 was absymal? The FR on the forum has 30 posts in 10 years where WG got >150 in a couple of months. Now I've been waiting forever for wireguard to show up. Still not there in stable and that kernel can be a much more rece...
by kiler129
Sat Aug 22, 2020 11:20 pm
Forum: General
Topic: Invalid state on packet routed from another subnet
Replies: 3
Views: 1527

Re: Invalid state on packet routed from another subnet

Your analysis is mostly correct. What you're doing wrong? You're passing traffic between 10.0.30.0 and 10.0.200.0 subnet through statefull firewall on MT-A without ensuring both directions pass L3 layer of MT-A. This got me thinking... how you do it in real life when you have 10 routers? Will they ...
by kiler129
Sat Aug 22, 2020 6:50 am
Forum: General
Topic: Invalid state on packet routed from another subnet
Replies: 3
Views: 1527

Invalid state on packet routed from another subnet

While testing new WireGuard implementation I stumbled upon a problem which I'm almost sure is completely unrelated to v7 but to bare standard routing. The test network I'm having is pretty simple: Untitled Diagram.png MT-A is a gateway w/NAT MT-A runs 10.0.30.0/24 network for its clients MT-B assign...
by kiler129
Fri Aug 21, 2020 8:21 pm
Forum: RouterOS beta
Topic: Feature Request - Wireguard Protocol
Replies: 167
Views: 84294

Re: Feature Request - Wireguard Protocol

For anyone not subscribing to v7 updates the beta2 showed on the screenshot is publicly available now: viewtopic.php?f=1&t=152003#p812227
by kiler129
Fri Aug 21, 2020 8:19 pm
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 291
Views: 40784

Re: FEATURE REQUEST: full cone NAT

Then you as a customer, together with other customers, should say "no" and demand IPv6, or you'll go elsewhere. The issue is a lot of ISPs don't NEED IPv6 and it provides no real advantage for an average customer. If an ISP offers a cheap fiber and subsells its resources to other smaller ...
by kiler129
Tue Aug 18, 2020 2:00 am
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 291
Views: 40784

Re: FEATURE REQUEST: full cone NAT

deploy ipv6 and free of headache
Plenty of ISPs don't offer IPv6 (sadly).
by kiler129
Wed Jul 22, 2020 9:13 pm
Forum: RouterOS beta
Topic: Feature Request - Wireguard Protocol
Replies: 167
Views: 84294

Re: Feature Request - Wireguard Protocol

I agree with @rooted on that. While the project looks promising it recreates many problems of OpenVPN/IPSec like PKI management. WG is meant to plug to other things (like DHCP or OSPF) and by small, light, and kernel-level. Additionally the Nebula is still work-in-progress with no client for iOS, wh...
by kiler129
Fri Jun 19, 2020 12:52 am
Forum: RouterOS beta
Topic: Feature requests: improve dot1x and others
Replies: 18
Views: 10996

Re: Feature requests: improve dot1x and others

dns: filtering request based on source IP Do you have a specific purpose here which cannot be achieved with the firewall now? Remember that the UDP IP cannot be trusted anyway. dns: action redirect requests to external DNS (regex or domain filtering) Days of UDP DNS are counted like HTTP ones were ...
by kiler129
Mon Jun 08, 2020 3:49 am
Forum: RouterOS beta
Topic: Feature Request - Wireguard Protocol
Replies: 167
Views: 84294

Re: Feature Request - Wireguard Protocol

my edgerouter lite is just as fast when doing ipsec as these wireguard results. It looks like on the standard OS they're comparable, OpenWRT has probably some newer (less stable?) implementation. Based on the date of the post it's also possible that OWRT used kernel module while EdgeOS used userlan...
by kiler129
Sun Jun 07, 2020 8:05 am
Forum: RouterOS beta
Topic: UI/UX On WinBox
Replies: 23
Views: 8768

Re: UI/UX On WinBox

-) nativ winbox for .Mac and Linux What's wrong with Winbox via Wine? MikroTik officially supports that scenario and running Winbox on Wine is the first class citizen in the ecosystem. If you look in credits you will see that MT even imports libraries from Wine project ;) There's no point in rewrit...
by kiler129
Sun Jun 07, 2020 7:57 am
Forum: RouterOS beta
Topic: Feature Request - Wireguard Protocol
Replies: 167
Views: 84294

Re: Feature Request - Wireguard Protocol

@markwien Have you ever used or familiarized yourself with WG? It doesn't use AES and thus cannot use hardware offload. However, this is only one side of the coin: the crypto WG uses is on par or faster than AES with acceleration, since it was designed to utilize features of modern CPUs. Detailed b...
by kiler129
Sun Jun 07, 2020 4:00 am
Forum: General
Topic: Add DNS over HTTPS (DoH) support
Replies: 130
Views: 117010

Re: Add DNS over HTTPS (DoH) support

Are you sure it needs the intermediate certificate as well? It works for me with just the root certificate as well. I have published the example on wiki as well if you have any comments: https://wiki.mikrotik.com/wiki/Manual:IP/DNS#DNS_over_HTTPS I think one thing is unclear here. While my DoH setu...
by kiler129
Sun Jun 07, 2020 3:53 am
Forum: RouterOS beta
Topic: Feature Request: Port Forwarding Wizard/Menu in GUI
Replies: 14
Views: 6101

Re: Feature Request: Port Forwarding Wizard/Menu in GUI

This request IMHO has some good in it. Firewall without any grouping or tree-like structure gets really messy really quickly. Being able to limit number of rules visible will be a nice addition. However, I think a better solution for a problem of too many rules will be an ability to group them or ev...
by kiler129
Sun Jun 07, 2020 3:24 am
Forum: RouterOS beta
Topic: Feature Request: Port Forwarding Wizard/Menu in GUI
Replies: 14
Views: 6101

Re: Feature Request: Port Forwarding Wizard/Menu in GUI

An option to select “Both” for me is ambiguous- both what? TCP/UDP? Or maybe all protocols? (because TCP and UDP aren’t the only protocols in the internet and e.g. many places accidentally block IPSec by only caring about TCP/UDP). However, being able to sect multiple protocols per rule will be nice...
by kiler129
Sun Jun 07, 2020 3:15 am
Forum: RouterOS beta
Topic: UI/UX On WinBox
Replies: 23
Views: 8768

Re: UI/UX On WinBox

Funny thing - the major reason why I started using ROS was because of the very intuitive UI. Most of the time I complain that something "doesn't work in ROS" is because I actually didn't know how to configure it... and it's not because of the UI. Also, in the same token if MT completely ov...
by kiler129
Fri Jun 05, 2020 9:53 pm
Forum: RouterOS beta
Topic: Feature Request - Wireguard Protocol
Replies: 167
Views: 84294

Re: Feature Request - Wireguard Protocol

@normis Can we exchange a pizza fundraiser for a WG in upcoming beta(s)? ;)
by kiler129
Sat Feb 29, 2020 8:46 pm
Forum: General
Topic: [Documentation] Combined traffic flow diagram
Replies: 2
Views: 1769

Re: [Documentation] Combined traffic flow diagram

Thank you @anav! The diagram made by @noviy in the post you referenced is what I would like to see from MT, maybe even with the boxes at the bottom combined into main flow :)
by kiler129
Sat Feb 29, 2020 7:43 pm
Forum: General
Topic: [Documentation] Combined traffic flow diagram
Replies: 2
Views: 1769

[Documentation] Combined traffic flow diagram

It would be amazing if MikroTik could provide a one single diagram with all the traffic flow information, including sections of the config relating to particular parts. I'm of course aware of https://wiki.mikrotik.com/wiki/Manual:Packet_Flow existence but the page is rather hard to navigate since yo...
by kiler129
Thu Feb 20, 2020 6:18 am
Forum: General
Topic: Two IPSec/IKE2 tunnels to the same target from router & host behind the router
Replies: 0
Views: 1876

Two IPSec/IKE2 tunnels to the same target from router & host behind the router

Hello! I'm puzzled by a scenario which in theory should work, but it doesn't. In actuality it works but partially. The simplified network diagram looks like below: Untitled Diagram-2.png There are three separate networks [/u]: - Network A : server, two client groups, MT router - Network B : bunch of...
by kiler129
Sat Dec 21, 2019 7:50 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

@Frostbyte : be respectful, please. They don’t ignore their customers, they actually try to to above and beyond to fix that annoying bug. We’re dealing here with a situation where the vendor cannot physically replicate the conditions since RF environment is different everywhere. So the vendor doesn...
by kiler129
Tue Nov 05, 2019 5:39 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

I’m running a private build of ROS for almost a month and it seems like the 5Ghz is now rock solid ;)
by kiler129
Tue Oct 15, 2019 6:25 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

The SFP port doesn't seem to play a role - I tested a single one with SFP and couple with standard default config setup with Ethernet-1 WAN and they were crashing equally bad ;)
by kiler129
Mon Sep 23, 2019 3:22 am
Forum: General
Topic: Feature request for v7.x
Replies: 296
Views: 107209

Re: Feature request for v7.x

I hit the mDNS problem again in an enterprise setting. You know how funny it is to explain that we need a small VM just to run Avahi reflector? It got even more awkward when someone in the meeting mentioned that both Cisco and Ubiquity can do that. Really, the mDNS/Zeroconf/Bonjour is really needed....
by kiler129
Mon Sep 23, 2019 12:20 am
Forum: General
Topic: Winbox 64bit Version
Replies: 79
Views: 38115

Re: Winbox 64bit Version

I hope MikroTik will be able to produce 64-bit version sooner than later ;) I can bet this is a relatively hard task as with any 10+ years old software - it's a moderate to big spaghetti for sure :D The idea of using winbox from iOS on macOS is IMHO terrible. The iOS version is a toy and even the We...
by kiler129
Tue Sep 17, 2019 7:54 pm
Forum: RouterBOARD hardware
Topic: Did Rb 1100AH manage more than 700 Users?
Replies: 3
Views: 2771

Re: Did Rb 1100AH manage more than 700 Users?

It all depends what you mean by "URL filtering". I'm assuming you mean looking into HTTP requests without actually running a proxy. In such case you may possibly manage to do it. However, this is a bad idea, let me digest the idea for you. URL filtering was somewhat effective in the 90s' a...
by kiler129
Tue Sep 17, 2019 7:32 pm
Forum: General
Topic: Winbox 64bit Version
Replies: 79
Views: 38115

Re: Winbox 64bit Version

I've got a small note from @normis that 64-bit winbox is not available yet. However, according to the e-mail they "(...) will work on that later this year" :) For now the only way is using a virtualized environment. Wine64 will not solve the issue since there are two layers here: you need ...
by kiler129
Sun Sep 01, 2019 11:22 pm
Forum: General
Topic: Winbox 64bit Version
Replies: 79
Views: 38115

Re: Winbox 64bit Version

Contrary to most of the posters here I don't think MikroTik should create native macOS app or try to make a cross-platform one. First of all choosing any of the options will mean they have to rewrite the existing app. From a software developer perspective I can tell anyone that this is no easy task,...
by kiler129
Sat Aug 17, 2019 6:03 pm
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

@aya: Please, respect each other. You posted in a topic where multiple people are describing the problem for 4 pages - you should take a look first I think.

The MT is working on the solution. Replacing the device will not help.
by kiler129
Sun Jul 28, 2019 12:09 am
Forum: Announcements
Topic: v6.45.2 [stable] is released!
Replies: 205
Views: 87106

Re: v6.45.2 [stable] is released!

SFP+ on 4011 broken. Please pull the update. I have had two switches go offline due to this update. Did you do the "Wireless Reset" as mentioned in previous version (6.45.1) change log? *) rb4011 - fixed MAC address duplication between sfp-sfpplus1 and wlan1 interfaces (wlan1 configuratio...
by kiler129
Sat Jul 27, 2019 5:38 pm
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

Cutting off multicast completely is probably a terrible idea since many applications rely on that (AirPlay, Dropbox just to name two). Also, phones are pretty capable of ac but they rarely use it due to the battery consumption. 8946D612-1D8F-4202-979E-AC82028F24F8.png Tablets and laptops in the othe...
by kiler129
Tue Jul 23, 2019 7:45 am
Forum: Announcements
Topic: v6.45.2 [stable] is released!
Replies: 205
Views: 87106

Re: v6.45.2 [stable] is released!

RouterOS version 6.45.2 has been released in public "stable" channel!
*) wireless - improved 802.11ac stability for all ARM devices with wireless;
What was wrong with 802.11ac on ARM devices?
viewtopic.php?f=3&t=142298
by kiler129
Mon Jul 22, 2019 4:27 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

SFP Not work at 6.45.2!!!, Is it any way to back on 6.45.1?
LMGTFY - 1st result: viewtopic.php?t=133611
by kiler129
Fri Jul 19, 2019 7:55 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

I had a boring day today and tested - as with beta no change, the wlan disappeared after couple of hours.
by kiler129
Tue Jul 09, 2019 6:41 am
Forum: RouterBOARD hardware
Topic: Bunch of fried hAP ac - trash?
Replies: 4
Views: 2490

Bunch of fried hAP ac - trash?

After last thunderstorm I've got couple of hAP ac and they're currently in the box for recycling. I connected couple of them to the power the they all behave the same - PWR & SFP led are lit up, there's a beep at the beginning but nothing after (no dobule-beep). They're not booting, there's noth...
by kiler129
Mon Jul 08, 2019 6:45 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

The ac is perfectly stable on other devices. We have plenty of hAP ac's and wAPs and there are no complains. Seems like only QCA9984-based devices are problematic. The issue is not with disconnections but with the SSID being gone. From what I've seen in the lab as well as from the feedback of other ...
by kiler129
Sat Jul 06, 2019 8:35 am
Forum: Announcements
Topic: v6.46beta [testing] is released!
Replies: 150
Views: 106349

Re: v6.46beta [testing] is released!

...and the 5Ghz wireless is still broken on RB4011 :mrgreen:
by kiler129
Wed Jul 03, 2019 4:32 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

That’s expected - there’s no mention of this in the release notes. I think they’re still debugging the issue.
by kiler129
Sun Jun 30, 2019 6:32 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

RB4011 Jaś R11e, but it’s responsible for handling 2.4Ghz. The 5Ghz is handled by a built-in QCA9984.

p.s. just coming back from emergency replacement of post-thunderstorm of 2x RB4011 - switched to hAP ac + switch at one location ;p
by kiler129
Sat Jun 29, 2019 11:28 pm
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

We halt purchasing RB4011 with wireless. My personal one now has hAP AC next to it for 5Ghz.

MT: really, seriously, this is a joke. The device is mostly punched as a replacement for RB2011/3011 which packs more ports than hAP AC. Having non-functional 5Ghz makes is literally useless.
by kiler129
Tue May 28, 2019 7:54 pm
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

No wireless settings combination works for me either - no matter what the card freezes after some hours where the only way to fix it is to reboot.
by kiler129
Thu May 23, 2019 10:38 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

Rudolfs: can you share some sneak peek on the progress? Is the reason for such behavior known and if not can we maybe help somehow?
by kiler129
Sat Apr 27, 2019 11:52 pm
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

I think another client was right that the Internet is pretty slow.... well, auto reboot every 24h missed that. With 107 SSIDs on 2.4Ghz not having 5Ghz is really not an option. Problem solved: reboot every 12h. Untitled 2.png But really... this is very annoying since it cannot be fixed without reboo...
by kiler129
Mon Apr 22, 2019 3:39 pm
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

I set the gain and fixed the duplicated MACs yesterday at 8pm. It’s 7:30 the day after and 5Ghz is crashed again....
by kiler129
Sat Apr 20, 2019 8:02 pm
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

The silence is quite ridiculous...
by kiler129
Mon Apr 01, 2019 3:56 am
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 304
Views: 157498

Re: v6.45beta [testing] is released!

The atmosphere here is becoming slightly toxic... Like freaking really, how many of you worked with software as a developer? It’s very easy to say when you have very little clue how hard such problems are. I understand the frustration at the end effect, but it seems like MT is doing what they can to...
by kiler129
Sun Mar 31, 2019 6:48 am
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 304
Views: 157498

Re: v6.45beta [testing] is released!

Is there any plans to address the 5Ghz interface crash on RB4011?
by kiler129
Sun Mar 31, 2019 6:36 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

I tried tweaking various settings and the WiFi dies as before. Support advised net install, but currently I don’t have a spare in the 100mi radius :p So far I attached a “diagnostic device” on site consisting of an hAP ac (a huge overkill but I had one half-fried on the shelf :p) which connects to t...
by kiler129
Thu Mar 14, 2019 4:21 am
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself [SOLVED]
Replies: 307
Views: 176820

Re: RB4011: wlan1 disabling itself [SOLVED]

I have the same problem too :( I also sent supout.rif and no response so far (Ticket#2019031222002841).

Edit
Just to not be "me too"-only post: for me that problem happens even in super channel with locked frequency, so the DFS and automatic frequency selection can be ruled-out.
by kiler129
Mon Feb 04, 2019 1:59 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 634822

Re: Feature requests

(...)user has to perform factory reset to get decent configuration as starting point - but loosing whatever already done in other parts (IPv4, wlan, VLAN, ...). Actually you can do /system default-configuration print file=default-cfg after installing IPv6 package and you will get the default config...
by kiler129
Sun Feb 03, 2019 7:57 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 634822

Re: Feature requests

A simple yet I think important request: provide IPv6 out of the box. This really requires a package to be present and some default firewall & stateless configuration enabled. I don't see the reason why in 2019 they are shipped with IPv4 only where even cheap consumer routers are IPv6 enabled OOB.
by kiler129
Sun Feb 03, 2019 6:35 am
Forum: RouterBOARD hardware
Topic: For real, what is with these blinding power leds?
Replies: 13
Views: 6589

For real, what is with these blinding power leds?

At this point I think Mikrotik is just trolling us :D Why new routers needs to come with extra super bright blue LED as a power indicator? Even worse.... why is this LED permanently wired to the power source? I'm fully aware I can just take an iron and remove the bloody LED from the board or change ...
by kiler129
Sun Jan 27, 2019 9:16 pm
Forum: Announcements
Topic: v6.43.8 [stable] is released!
Replies: 169
Views: 82890

Re: v6.43.8 [stable] is released!

There's something really strange going on with DFS. I just got a new INTL RB4011 and set it to "united states" regulatory domain with "manual txpower" and 80Mhz channel. The AP is getting stuck in radar detection half of the time (even though I'm 100% sure there're no weather or ...
by kiler129
Sun Sep 23, 2018 6:59 am
Forum: RouterBOARD hardware
Topic: What type of USB adapter fits CA433U USB cutout?
Replies: 2
Views: 1392

Re: What type of USB adapter fits CA433U USB cutout?

It's intended to be used with microUSB, like in RB2011. See https://asp24.ru/obzory/obzor-mikrotik- ... 11uias-rm/
by kiler129
Tue Sep 18, 2018 8:27 am
Forum: Wireless Networking
Topic: Unicode (UTF-8) in SSID?
Replies: 11
Views: 11120

Re: Unicode (UTF-8) in SSID?

This is brillant. Please, don’t “fix” this loophole.
9411CBC5-2AEF-4E93-B0DA-3045D236EEC7.jpeg
by kiler129
Thu Dec 28, 2017 2:36 am
Forum: General
Topic: 6.41 and VLANs - what is the proper an most performant way to do that now?
Replies: 1
Views: 3888

6.41 and VLANs - what is the proper an most performant way to do that now?

Hi, I'm a little bit confused with options given in 6.41 regarding VLANs. After playing in the lab I know less than I knew before doing so... To put in a simple terms in general we're talking about 3 configs where you have VLAN=45 which has to be accessible via an access port and has to be available...
by kiler129
Wed Dec 27, 2017 4:17 am
Forum: Wireless Networking
Topic: iOS Password Sharing - is there any way to block it?
Replies: 1
Views: 1120

iOS Password Sharing - is there any way to block it?

Hi, Apple with iOS 11 introduced a new feature, which makes connecting people to WiFi networks easier in many ways. One of the ways (despite NFC tags and QR codes) is sharing WiFi network password between devices which are nearby . This feature is just problematic when you want to prevent "rand...
by kiler129
Thu Aug 03, 2017 3:01 am
Forum: General
Topic: Feature request - static content web server [SOLVED]
Replies: 13
Views: 10773

Re: Feature request - static content web server [SOLVED]

It's not that hard to compile nginx. Nor is hard to branch off already stable release and use it for own needs. Have you ever worked in any software development, honestly? I deal with JUST libraries every day, I deal with JUST APIs every day and last, but not least, I deal with JUST software-which-...
by kiler129
Sun Jul 30, 2017 11:57 pm
Forum: General
Topic: Feature request - static content web server [SOLVED]
Replies: 13
Views: 10773

Re: Feature request - static content web server [SOLVED]

RouterOS, as name implies, is a router - it should not serve webpages. The only possibility is hotspot captive portal (and I think it should stay that way). Making webserver is hard (and I say that as an author of one), incorporating existing one is not in MT style and will mean they need to track 3...
by kiler129
Mon Jul 03, 2017 7:39 am
Forum: General
Topic: [Feature Request] UPnP client for ROS
Replies: 15
Views: 5903

Re: [Feature Request] UPnP client for ROS

It's not a solution - you should bridge ISP device and get from there.
by kiler129
Sun Jun 25, 2017 1:40 am
Forum: General
Topic: Supported UPS`s
Replies: 51
Views: 45339

Re: Supported UPS`s

I believe nothing - it's just a symbol of the UPS in WinBox. I always had it while UPS was connected.
by kiler129
Mon May 29, 2017 12:45 am
Forum: General
Topic: Feature Request:One of standard EOIP tunnel
Replies: 4
Views: 2577

Re: Feature Request:One of standard EOIP tunnel

Actually you can run EoIP on Linux: https://github.com/bbonev/eoip
by kiler129
Sun May 14, 2017 1:56 am
Forum: General
Topic: Feature request: CAPsManager - roaming
Replies: 80
Views: 39391

Re: Feature request: CAPsManager - roaming

Two or three years ago 802.11k/v/r weren't really an must-have thing, they were nice but in reality most of devices were unable to properly use them. It's middle of the 2017 - now it's a must for any new deployments :(
by kiler129
Sun May 07, 2017 8:15 pm
Forum: General
Topic: [BUG] EoIP w/ automatic IPSec is useless and stale after IP change
Replies: 11
Views: 2958

Re: [BUG] EoIP w/ automatic IPSec is useless and stale after IP change

You'd just rely on the periodic check alone. So, how often are you going to check? Actually for purpose of tunnels it can be easily bind to the tunnel connection itself, like remote-address now. If the tunnel disconnected ROS should resolve names, create policies and attempt connection like it's do...
by kiler129
Mon May 01, 2017 9:35 pm
Forum: General
Topic: Mikrotik open Proxy becomes reall issue
Replies: 16
Views: 4772

Re: Mikrotik open Proxy becomes reall issue

Yes and no. Take a look at routerboard.com and I think you'll agree that quite a few of those products are targeted at consumers. I see that differently - these devices, like "hAP lite" or "hAP ac lite tower", are targeted more towards ISPs which are supplying these devices to c...
by kiler129
Mon May 01, 2017 9:32 pm
Forum: General
Topic: RB333 config file in RB433?
Replies: 7
Views: 1506

Re: RB333 config file in RB433?

@mfrazier3030: When you want to save configuration for later use always use /export option - it will save a file which you can alter or restore to another devices (but beware of MAC addresses). System backup is what is says - a backup. It's used to perform (usually automatic) backups of devices in c...
by kiler129
Mon May 01, 2017 9:11 am
Forum: General
Topic: RB333 config file in RB433?
Replies: 7
Views: 1506

Re: RB333 config file in RB433?

Have you used /export or /system backup? The later one cannot be transferred between routers.
by kiler129
Mon May 01, 2017 9:10 am
Forum: General
Topic: Mikrotik open Proxy becomes reall issue
Replies: 16
Views: 4772

Re: Mikrotik open Proxy becomes reall issue

The major problem in understanding comes from missing the target of Mikrotik ROS itself. It's not a consumer-grade router and no fancy web panels can change that. RouterOS was built for users with solid network knowledge - this comes with ultimate flexibility and 101 ways to shoot-yourself-into-a-fo...
by kiler129
Mon May 01, 2017 8:44 am
Forum: General
Topic: [BUG] EoIP w/ automatic IPSec is useless and stale after IP change
Replies: 11
Views: 2958

Re: [BUG] EoIP w/ automatic IPSec is useless and stale after IP change

Is the IPsec policy automatically generated from EoIP or have you created is manually? Generated. I think a script would solve your problem, but will break the connection a few seconds. It's not a huge deal - working with dynamic addressed connections is already a PITA and everyone needs to be awar...
by kiler129
Fri Apr 14, 2017 6:48 am
Forum: General
Topic: [Feature Request] UPnP client for ROS
Replies: 15
Views: 5903

Re: [Feature Request] UPnP client for ROS

I think UPnP is generally a no-no - it's a cancer of any network, it simplifies spreading of malware and introduces magic into network equipment (which is the last place you want it!).
by kiler129
Sun Apr 09, 2017 5:00 am
Forum: General
Topic: [Feature Request] Open Last Terminal in Winbox
Replies: 0
Views: 840

[Feature Request] Open Last Terminal in Winbox

Currently Winbox has "New Terminal" button - on many of my routers where I do have 3-5 windows opened I end up having 20 terminals since I'm always forgetting to close them ;) Maybe it will be possible to add "Open Last Terminal" button which will work like clicking any other but...
by kiler129
Sun Apr 09, 2017 4:58 am
Forum: General
Topic: [Feature Request] Changing SNMP port
Replies: 2
Views: 6031

[Feature Request] Changing SNMP port

I'm REALLY surprised that RouterOS lacks ability to change SNMP service port (or I just couldn't spot that). I hope it will not be hard to add. I know I can easily just do NAT rule, but in my opinion it just creates unnecessary clutter: /ip firewall nat add action=dst-nat chain=dstnat comment="...
by kiler129
Wed Apr 05, 2017 7:26 am
Forum: General
Topic: Problem RouterOS 6.38.5 - Denial of Service
Replies: 67
Views: 22698

Re: Vulnerability RouterOS 6.38.5 - Denial of Service

@normis: Could you post more information about affected versions? Is the problem specific to 6.38.5 or whole branch of 6.38 or is the situation even worse and affects more versions?
by kiler129
Sun Mar 05, 2017 9:51 pm
Forum: Wireless Networking
Topic: Remove SSID from master interface when VirtualAP are used
Replies: 2
Views: 1914

Remove SSID from master interface when VirtualAP are used

Today I faced rather simple, ye challenging problem. Usually I use CAPsMAN, but for simple configuration I just used standalone AP with 3 VAPs. The problem is in 6.38 I cannot remove SSID from master interface - the best thing I can do is hide ssid and disable "default authenticate". is th...
by kiler129
Thu Mar 02, 2017 9:27 am
Forum: General
Topic: [BUG] EoIP w/ automatic IPSec is useless and stale after IP change
Replies: 11
Views: 2958

Re: [BUG] EoIP w/ automatic IPSec is useless and stale after IP change

I wish it is possible! The script wouldn't be a problem, but if you change the local IP on EoIP with IPSec policies aren't updated and they cannot be changed since they're dynamic...
by kiler129
Sat Jan 28, 2017 7:33 am
Forum: Announcements
Topic: v6.38.1 [current]
Replies: 73
Views: 39967

Re: v6.38.1 [current]

Well.... it's next beta. It bricked my hAP ac on the bench - it had default config (I did an reset like 5 minutes before) with WiFi disabled. It just went into dead boot loop - only netinstall was working. I used update feature from Quick Set and the previous ROS loaded was 6.37.1. I don't see (or I...
by kiler129
Sat Jan 28, 2017 6:42 am
Forum: General
Topic: [BUG] EoIP w/ automatic IPSec is useless and stale after IP change
Replies: 11
Views: 2958

Re: [BUG] EoIP w/ automatic IPSec is useless and stale after IP change

@pe1chl: The thing is no VPN offers such flexibility and messing with VPN+EoIP is horrible. I just can't understand why static IP is implemented for remote only? The check is done before connection attempt is made - I don't see problem with doing the same with local IP. Probably it's not implemented...
by kiler129
Tue Jan 10, 2017 3:13 am
Forum: Announcements
Topic: v6.38 [current] is released!
Replies: 168
Views: 63825

Re: v6.38 [current] is released!

Yes, but I wonder why the temperature rise up too high, 10 degree from previous version. Although the box working same function.
From the change log I would assume your board temperature was like 60*C, but ROS was showing lower one (which was fixed in 6.38).
by kiler129
Mon Jan 09, 2017 1:47 am
Forum: General
Topic: RB3011 IPSEC Hardware Encryption?
Replies: 17
Views: 11001

Re: RB3011 IPSEC Hardware Encryption?

It has this in CPU but it's not enabled AFAIK - http://wiki.mikrotik.com/wiki/Manual:IP ... encryption
by kiler129
Sun Jan 08, 2017 9:11 am
Forum: General
Topic: [BUG] EoIP w/ automatic IPSec is useless and stale after IP change
Replies: 11
Views: 2958

[BUG] EoIP w/ automatic IPSec is useless and stale after IP change

I'm currently running EoIP between two locations, one of them has dynamic IP (and there's precisely 0% chance to get a static one there). EoIP on the side with static IP has following configuration: /interface eoip add allow-fast-path=no arp=proxy-arp ipsec-secret=[SHARED_KEY] keepalive=2s,2 local-a...
by kiler129
Fri Jan 06, 2017 9:14 am
Forum: Announcements
Topic: v6.38 [current] is released!
Replies: 168
Views: 63825

Re: v6.38 [current] is released!

What's the upgrade scenario for CAPsMAN controller and devices?

Currently CAP<->Controller communication is done on VLAN, so if I go and upgrade controller I will loose communication with CAPs. If I upgrade CAP it will no longer connect to controller.
Am I missing something?
by kiler129
Sat Sep 24, 2016 9:21 am
Forum: Announcements
Topic: v6.37 [current] is released!
Replies: 197
Views: 67806

Re: v6.37 [current] is released!

I found a major issue after upgrade with my configuration. Basically I had bunch of hAP ac's and wAP ac's which were provisioned from single CAPsMAN controller. Some of SSIDs were made available on 2.4Ghz band only while others were available on all bands. After upgrade it seems like only the first ...
by kiler129
Mon Jul 04, 2016 5:49 am
Forum: General
Topic: Winbox on OS X 10.11 El Capitan - it's a way to fix it the easy way
Replies: 39
Views: 135022

Re: Winbox on OS X 10.11 El Capitan - it's a way to fix it the easy way

Regardless, I would hope that MikroTik wouldn't want to continue to offer an infected file in their download area. It's NOT an infected file - it's a obvious false-positive of ClamAV heuristic engine:  https://www.virustotal.com/en/file/84570f01d17100cf89b1435deb6bbe307246b8ad97134bc853d6e1a8dc3135...
by kiler129
Tue Jun 21, 2016 6:46 am
Forum: Wireless Networking
Topic: Wireless design for a house - how to approach that?
Replies: 0
Views: 1087

Wireless design for a house - how to approach that?

Hi! Friend of mine asked me for help with his WiFi issues. When I briefly looked at the "network" I noticed single no-name AP and a lot of devices, half of the house doesn't really have a signal to handle  comfortable web browsing! House is built using typical American style - bunch of woo...
by kiler129
Sun May 22, 2016 10:45 pm
Forum: General
Topic: Support for ACME/Let's Encrypt certificate management [SOLVED]
Replies: 114
Views: 72627

Re: Support for ACME/Let's Encrypt certificate management [SOLVED]

There's even implementation of ACME client in bash alone: https://github.com/lukas2511/letsencrypt.sh
by kiler129
Sat Apr 30, 2016 8:27 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

Little differences between 2.4 and 5 are normal since according to the documentation, but in your case probably difference comes from country regulations.
Remember that 802.11ac is way more complicated (with BF, DFS) than 802.11n, so simple software analyzer may not be accurate.
by kiler129
Sat Apr 30, 2016 8:20 am
Forum: General
Topic: Support for ACME/Let's Encrypt certificate management [SOLVED]
Replies: 114
Views: 72627

Re: Support for ACME/Let's Encrypt certificate management [SOLVED]

What kind (aka type eg. Python, Bash etc. ) of scripts are used in RouterOS? (...) but what are they?... proprietary? ROS scripting engine is fully custom like terminal. That route was chosen probably due to performance & security reasons. Is there a plugin to run a more common type of script l...
by kiler129
Sun Apr 24, 2016 1:47 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

If you're worried you could always RMA it but it could be also PSU problem.

Here's my health tab on 6.34.4.
by kiler129
Sat Apr 16, 2016 8:13 pm
Forum: RouterBOARD hardware
Topic: RB3011UiAS-RM
Replies: 102
Views: 67417

Re: RB3011UiAS-RM

There's a separate topic about that issue: http://forum.mikrotik.com/viewtopic.php?t=104716
by kiler129
Fri Apr 15, 2016 6:01 am
Forum: RouterBOARD hardware
Topic: RB3011UiAS-RM
Replies: 102
Views: 67417

Re: RB3011UiAS-RM

It has some problems with mysterious false-positive loop detection, but other than that it's good.
by kiler129
Wed Apr 13, 2016 8:43 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

Ordered 2 from amazon... So now I am an importer? Come on. Yes, according to the rules you are. AFAIK u can buy & import non-aprvd hw but you can't sell it to anyone as a standard network eq. This sounds ridiculous, but in fact makes sense - it allows you to buy any chips from e.g. Atheros as l...
by kiler129
Fri Apr 08, 2016 3:48 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

US company cannot legally sell you product not complaining with FCC rules. However if you buy from company aboard (e.g. EuroDK via Amazon or via their website: http://www.eurodk.com/en/products/wifi-routers/routerboard-hap-ac) they will send you the router, but you're the importer and you're respons...
by kiler129
Thu Apr 07, 2016 3:25 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

So, can I order the international model and set my country to United States? Will it automatically only use the legal US frequency range? I don't want to get into trouble. The US resellers are nearing June now. Yes, you can order the international model and use it, however it's your responsibility ...
by kiler129
Mon Apr 04, 2016 1:38 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

So in this case I recommend you to import them from Europe ;)
You could find details in this post http://forum.mikrotik.com/viewtopic.php ... 91#p523191 (+ two posts below it).

I've got mine from EuroDK - it took around a week and there were no problems.
by kiler129
Sun Apr 03, 2016 7:00 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

My order delivery just changed again.
Which country? US?
by kiler129
Sun Mar 20, 2016 10:20 pm
Forum: RouterBOARD hardware
Topic: mAP Lite Ethernet susceptible to interference!
Replies: 49
Views: 16722

Re: mAP Lite Ethernet susceptible to interference!

It could be piezeoelectric effect of capacitors.

Details: https://www.youtube.com/watch?v=F2gX-R1k7MM
by kiler129
Fri Mar 18, 2016 2:35 am
Forum: General
Topic: Feature request: Grouping of firewall rules/DHCP leases
Replies: 11
Views: 5243

Re: Feature request: Grouping of firewall rules/DHCP leases

MikroTik: any word about this? It will be really useful...
by kiler129
Sun Mar 06, 2016 4:18 am
Forum: General
Topic: Optimization for crazy-asymetric DOCSIS connection
Replies: 7
Views: 1890

Re: Optimization for crazy-asymetric DOCSIS connection

Sorry guys for late response - I didn't get any e-mail notification for that topic :( So. We know how your connection should be. And how it is in real? What measurement have you did? It's close to what ISP declares (at least...). I measured it using standard speedtest.net + test to my own servers in...
by kiler129
Sun Mar 06, 2016 1:48 am
Forum: General
Topic: UDP traffic on bonded interface is invisible on hAP ac (bug?)
Replies: 0
Views: 907

UDP traffic on bonded interface is invisible on hAP ac (bug?)

Hi! Today I experimented with link bonding between Linux box (2x10/100 cards) and MikroTik (hAP ac). I successfully configured it: MikroTik side: [grzegorz@MedTik] > /interface bonding print Flags: X - disabled, R - running 0 R name="asclepius-bond" mtu=1500 mac-address=XX:XX:XX:XX:XX:XX a...
by kiler129
Sat Mar 05, 2016 2:43 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

Can you make file transfer test with 5Ghz please?
Unfortunately I cannot perform reliable measurements because my server currently has a 10/100 card, so it's useless to do a test with the BTest only.

Edit:
Through local connection via bridge I'm getting 460-480Mb/s.
by kiler129
Fri Mar 04, 2016 3:02 am
Forum: General
Topic: EoIP + IPSec with two dynamic IPs
Replies: 0
Views: 860

EoIP + IPSec with two dynamic IPs

Hi! Few versions ago ROS got support for dynamic IPs for EoIP tunnels. However yestarday I came across a problem - both sides of the tunnel are on dynamic IPs and the tunnel require IPSec. Since IPSec configuration of EoIP require proper local address I entered domains both in local and remote addre...
by kiler129
Wed Mar 02, 2016 7:53 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

Yesterday I've got mine from EuroDK - it took 5 days to deliver the router including 2 days of weekend. I think it's an amazing result :D
by kiler129
Mon Feb 29, 2016 7:10 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

Also does anyone know/think it would be worth replacing the antenna's with these? Not a chance - proper beamforming in 802.11ac require specific antennas & it's placement. I can see that there are 3 cutouts in the case where the antenna's could mount to, but they have placed the sticker over it...
by kiler129
Wed Feb 24, 2016 9:15 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

http://www.eurodk.com/en/products/wifi-routers/routerboard-hap-ac they sell the units for $99 each, and the checkout page has quoted me $24.05 for DHL Express Worldwide shipping for 3x hAP ACs. Thank you so much for the direct link - I didn't bother checking before! thats to the usa, importing is e...
by kiler129
Wed Feb 24, 2016 3:00 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

Unfortunately US users are out of luck. Availability date for most retailers slipped to end of march :( The official price from my local distributor is $108 for US version: http://www.balticnetworks.com/mikrotik-hap-ac-gigabit-dual-band-indoor-access-point-built-in-antennas.html There's also another...
by kiler129
Thu Feb 11, 2016 10:00 pm
Forum: RouterBOARD hardware
Topic: RBSXT LTE
Replies: 51
Views: 27133

Re: RBSXT LTE

First of all GSM uses reserved frequencies all over the world - you can't just randomly throw equipment transmitting on these. Before you point me to the transmitter in cellphone you should read about TDMA. In WiFi world clients equipment is fairly similar (except for antennas) to one used on the IS...
by kiler129
Thu Feb 11, 2016 4:51 pm
Forum: RouterBOARD hardware
Topic: RBSXT LTE
Replies: 51
Views: 27133

Re: RBSXT LTE

Unfortunately not - you cannot make you own network like using WiFi.
by kiler129
Thu Feb 11, 2016 7:20 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

Agreed I can't find it on their website either - please post here as soon as you are able to get an order placed somewhere in the US! Unfortunately my happiness was premature since they replied that given e-mail was mistake because they marked it for RB3011 availability. So, we have to wait these 3...
by kiler129
Mon Feb 08, 2016 11:23 pm
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

(...)it will be available from MT in 3 weeks (+ one week for shipment from Lativa to USA). Where did you find that info ? I got this information from Baltic Networks in Chicago - http://www.balticnetworks.com. I contacted them via e-mail. Edit: I've got new information from them: We just received t...
by kiler129
Sat Feb 06, 2016 11:10 pm
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

Is the HAP AC (non lite) available in the US yet?
Nope, it will be available from MT in 3 weeks (+ one week for shipment from Lativa to USA).
by kiler129
Sat Feb 06, 2016 1:07 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

I've got reply from official US distributor. Standard price will be $106/unit.
by kiler129
Fri Feb 05, 2016 3:40 am
Forum: RouterBOARD hardware
Topic: RB2011UAS-RM - unable to upgrade routerboot
Replies: 8
Views: 3210

Re: RB2011UAS-RM - unable to upgrade routerboot

hi i need this version of bootloader to install mikrotik 5.xx please if someone have this file upload that

ar9344-3.07.fwf
AFAIK Mikrotik doesn't have a place with routerboot images, so you could only write an email to support@mikrotik.com.
by kiler129
Fri Feb 05, 2016 3:36 am
Forum: RouterBOARD hardware
Topic: Failed CCR PSU (CCR1036-8G-2S+)
Replies: 2
Views: 2850

Re: Failed CCR PSU (CCR1036-8G-2S+)

Looks like capacitors problem or current leakage in FETs. You could try to repair it - it should be cheap and easy ;)
Of course if you need one you should contact Mikrotik directly - they have parts for their devices. Just sent an e-mail to support@mikrotik.com.
by kiler129
Fri Feb 05, 2016 3:32 am
Forum: RouterBOARD hardware
Topic: mAP Lite Ethernet susceptible to interference!
Replies: 49
Views: 16722

Re: mAP Lite Ethernet susceptible to interference!

Some ethernet poor quality RJ45 sockets MAY be affected by magnets and EMI. Since it's TP-Link I'm not really surprised ;)
by kiler129
Thu Feb 04, 2016 10:24 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

Since it's middle of the night in my timezone I didn't counted accurately, but it's gonna be something like 3 channels if you look at the table in Wikipedia. It also bothers me why US version is permanently restricted without any chance to unlock it. ROS supports DFS - http://forum.mikrotik.com/view...
by kiler129
Thu Feb 04, 2016 8:53 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

If there will be no "flash" folder as internal memory and root as RAM-disk, the device will be just unupdatable. Someone is using memory also for repartitioning. Well, I always updated ROS devices on-the-fly using builtin button - maybe I'm just too lazy to download and upload files to ma...
by kiler129
Thu Feb 04, 2016 8:25 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

Little bit high price if it's real. This is the same price of RB2011 with wifi. Not really - all prices in Poland have to be presented with tax, which is 23% for electronics. I expect price of $95-99. Also @chechito brightly pointed that it lacks (simple and cheap) FEth 5p switch, but you're gettin...
by kiler129
Wed Feb 03, 2016 10:02 am
Forum: RouterBOARD hardware
Topic: RB3011UiAS-RM
Replies: 102
Views: 67417

Re: RB3011UiAS-RM

Filesystems designed for flash & routers are simple and resistant. If you cut the power in the middle of write you'll lose last write (that's how journaling filesystem works). Giving the fact that these filesystem are WAY simpler than e.g. ext4 you can safely unplug the power. Also applications ...
by kiler129
Tue Feb 02, 2016 7:52 am
Forum: General
Topic: Optimization for crazy-asymetric DOCSIS connection
Replies: 7
Views: 1890

Optimization for crazy-asymetric DOCSIS connection

Hi, I never liked slow internet connections, but well - sometimes life isn't as perfect as it's imagination ;) I'm now stuck for quite a while with 15/2 DOCSIS connection. While is rather OK for browsing the internet everyday trying to download anything using it is a horrible experience. As soon as ...
by kiler129
Mon Feb 01, 2016 7:39 pm
Forum: RouterBOARD hardware
Topic: RB2011UAS-2HND-IN does not boot any more
Replies: 2
Views: 2413

Re: RB2011UAS-2HND-IN does not boot any more

Does the blue LED sharply blinks or turns on and then fades off? From what you described I think it could be just power supply (capacitors). Unscrew the casing and try to plug another power supply. Be careful with LCD ribbon cable! You could also try to power it using passive PoE adapter plugged int...
by kiler129
Mon Feb 01, 2016 7:30 pm
Forum: RouterBOARD hardware
Topic: RB3011UiAS-RM
Replies: 102
Views: 67417

Re: RB3011UiAS-RM

Shutdown command is not required, it is quite safe to just unplug it.
Isn't a shutdown command only useful while running with external storage for e.g. proxy? Cutting power may damage filesystem on it since it's r/w.
by kiler129
Mon Feb 01, 2016 10:44 am
Forum: RouterBOARD hardware
Topic: RB3011UiAS-RM
Replies: 102
Views: 67417

Re: RB3011UiAS-RM

2. My RB3011 reboots within 30 seconds after trying to shutdown it from Winbox. Anyone who has RB3011, please report do you have such issue or not. I bet it will require RouterBOOT update and I think it's not high-priority task since almost noone shutdowns routers ;) I'm truly interested in your us...
by kiler129
Sun Jan 31, 2016 5:21 am
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 538
Views: 197284

Re: HAP AC

Sorry, I was bored and I couldn't resist not to make it :lol:
c8e.png
by kiler129
Fri Jan 29, 2016 12:00 am
Forum: RouterBOARD hardware
Topic: What does MikroTik have against external antennas in SOHO products?
Replies: 45
Views: 28344

Re: What does MikroTik have against external antennas in SOHO products?

External antenas are especially worthless in 802.11ac MIMO setups. To perform effective beamforming antenas have to be aligned properly.
by kiler129
Wed Jan 27, 2016 7:10 pm
Forum: RouterBOARD hardware
Topic: RBSXT LTE
Replies: 51
Views: 27133

Re: RBSXT LTE

SXT LTE only supports LTE data. There is no GSM or 3G support.
You should definitely support SMS & USSD - most of the pre-paid data plans require it.
by kiler129
Wed Jan 27, 2016 5:31 am
Forum: RouterBOARD hardware
Topic: RBSXT LTE
Replies: 51
Views: 27133

Re: RBSXT LTE

Will this work with Sprint in the US?
Nope, Sprint uses 25, 26 and 41 FDD in USA while RBSXT LTE is 3 & 7 FDD only.
by kiler129
Tue Jan 26, 2016 10:15 am
Forum: General
Topic: Close content router
Replies: 4
Views: 934

Re: Close content router

Full-blown content filtering based on page content is very extensive task, and prone to failure. Want some examples? Google for - S cunt horpe - Craig Cock burn hotmail - Dr. Herman I. Lib shit z verizon - Sus sex county - anal ytic signature mail problem - nagio sex change.org" (and that is li...
by kiler129
Sat Jan 23, 2016 3:38 am
Forum: General
Topic: disable or hidden webfig
Replies: 2
Views: 2104

Re: disable or hidden webfig

/ip service disable www
/ip service disable www-ssl
by kiler129
Sat Jan 23, 2016 3:36 am
Forum: General
Topic: Ping Check All Clients With MikroTik Routers
Replies: 10
Views: 2367

Re: Ping Check All Clients With MikroTik Routers

Actually it can be done using scripts, but maybe it will be better to write such script and run it on external server instead of router? ;)
by kiler129
Mon Jan 18, 2016 2:54 pm
Forum: RouterBOARD hardware
Topic: RB3011UiAS-RM
Replies: 102
Views: 67417

Re: RB3011UiAS-RM

I personally think it's not about space or money, but about huge amount of paperwork and extra certification efforts to put power supply inside.
by kiler129
Sat Jan 16, 2016 8:29 am
Forum: RouterBOARD hardware
Topic: I ordered 2x SXT on 2.4Ghz 60Deg. I receive different models ! (SXT2/G-2HnD)?
Replies: 6
Views: 2021

Re: I ordered 2x SXT on 2.4Ghz 60Deg. I receive different models ! (SXT2/G-2HnD)?

I think they are both what you have had expected - just different hardware revisions.
The most important information is model name, not the board name ;)
by kiler129
Fri Jan 15, 2016 2:56 pm
Forum: General
Topic: disk Seagate expansion not recognized by the mikrotik
Replies: 3
Views: 1299

Re: disk Seagate expansion not recognized by the mikrotik

Yeah, fat32 will be fine but ensure there's a valid partition table and not fs on whole drive. Also ext4 filesystem will be better for RouterOS. If you're using linux connect the drive and type: fdisk --list Then you have to find your drive node, it will be something like /dev/sdb or /dev/sdc. Next ...
by kiler129
Fri Jan 15, 2016 1:03 am
Forum: RouterBOARD hardware
Topic: hEX nand size ONLY 16MB !!!!
Replies: 61
Views: 28631

Re: hEX nand size ONLY 16MB !!!!

@Zorro: adressing your first issue you could always netinstall if you screw up ;) In case of remote locations you should, well, be careful since you're responsible. Regarding downloading software from trustworthy source I think encryption is not required if software is properly signed using they pri...
by kiler129
Thu Jan 14, 2016 2:13 am
Forum: General
Topic: disk Seagate expansion not recognized by the mikrotik
Replies: 3
Views: 1299

Re: disk Seagate expansion not recognized by the mikrotik

Are there any logs?
RouterOS generally supports all mass-storage devices which Linux kernel support. I had some issues with Seagate USB<>SATA converters on Linux in the past (they were detected but no partition can be read).
by kiler129
Wed Jan 13, 2016 6:44 pm
Forum: RouterBOARD hardware
Topic: hEX nand size ONLY 16MB !!!!
Replies: 61
Views: 28631

Re: hEX nand size ONLY 16MB !!!!

Say that to hAP lite. :/ As far as I know you don't need flash space to update, even hAP lite. I always use autoupgrade option, because it's faster and more convenient than manually downloading a file and uploading it. All of my devices are in some way connected to the internet, so it's not a probl...
by kiler129
Wed Jan 13, 2016 2:58 pm
Forum: RouterBOARD hardware
Topic: hEX nand size ONLY 16MB !!!!
Replies: 61
Views: 28631

Re: hEX nand size ONLY 16MB !!!!

Is there a slot for Micro SD or something? No, you can't. There're no mSD or USB port in hEX. It's a budget solution, which is suitable in a lot of situations. how will a upgrade be possible if you cannot transfer the file to the unit? RouterOS is upgradable in-place from RAM - update files are not...
by kiler129
Mon Jan 11, 2016 4:01 pm
Forum: General
Topic: NAT using URL
Replies: 3
Views: 1415

Re: NAT using URL

What exactly are you trying to archive?
by kiler129
Mon Jan 11, 2016 11:44 am
Forum: RouterBOARD hardware
Topic: RBSXT LTE
Replies: 51
Views: 27133

Re: RBSXT LTE

Did you guys see the live video that is powered by the SXT LTE? It is powered by solar, and comes from the middle of a forest: http://dabasdati.lv/en/kameras2015 (white tailed eagle camera)
You're crazy :)
  • 1
  • 2