Community discussions

Search found 45 matches

by dhoulbrooke
Mon Jul 01, 2019 9:15 pm
Forum: Announcements
Topic: v6.45.1 [stable] is released!
Replies: 416
Views: 56276

Re: v6.45.1 [stable] is released!

Hi All,

For those having trouble with EoIP/GRE following the upgrade the below workaround worked for me:

/ip firewall raw add action=notrack chain=prerouting protocol=gre
by dhoulbrooke
Thu Jun 06, 2019 11:34 am
Forum: RouterBOARD hardware
Topic: S+RJ10 - Keep dropping out and then stop working
Replies: 1
Views: 262

Re: S+RJ10 - Keep dropping out and then stop working

I only have one at the moment and it's working successfully.

Had you seen the below around spacing of the modules? Unfortunately in a CRS328 your options for spacing as is recommended are pretty limited:

https://wiki.mikrotik.com/wiki/S%2BRJ10 ... in_devices
by dhoulbrooke
Fri Mar 22, 2019 7:46 pm
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 305
Views: 66443

Re: v6.45beta [testing] is released!

Hi Arturs,

In RouterOS 6.45beta19 there is a known bug that 5GHz WLAN interface disappears. Affects only specific devices - those that have wireless 5GHz interface-type=Atheros AR9888.

The 5GHz interface disappears on the wAP ac also.
by dhoulbrooke
Mon Mar 04, 2019 10:53 am
Forum: Virtualization
Topic: CHR Proxmox 5.3 ZFS Raid-1 [SOLVED]
Replies: 4
Views: 872

Re: CHR Proxmox 5.3 ZFS Raid-1 [SOLVED]

The below is how I do it which might give you some ideas. Use at your own risk etc etc. 1. Create a VM in the Proxmox VE web interface. Make a note of the VM ID (in my example 351). 2. SSH in to the VM host. 3. Download the image wget https://download.mikrotik.com/routeros/6.42.12/chr-6.42.12.img.zi...
by dhoulbrooke
Sat Mar 02, 2019 6:23 pm
Forum: Wireless Networking
Topic: Illegal country-info for New Zealand?
Replies: 14
Views: 856

Re: Illegal country-info for New Zealand?

Hi viesturs, According to the Radiocommunications Regulations changes which were presented on 21 April 2015 we create a new country profile for P2P links which as stated allows 23dBw which converted is 53dBm, please see info with the country profile below and the link to the regulation changes: Yes ...
by dhoulbrooke
Sat Mar 02, 2019 5:47 pm
Forum: Wireless Networking
Topic: Illegal country-info for New Zealand?
Replies: 14
Views: 856

Re: Illegal country-info for New Zealand?

Hi pe1chl, You can always reduce the frequencies that RouterOS uses by setting up your own "/interface wireless channels" table and assigning it to the interface. This can be used as a workaround for problems like this, and to avoid channels that you know to have RADAR so they do not have to be trie...
by dhoulbrooke
Sat Mar 02, 2019 5:30 pm
Forum: Wireless Networking
Topic: Illegal country-info for New Zealand?
Replies: 14
Views: 856

Re: Illegal country-info for New Zealand?

Thanks for reporting back James. Transmitters using e.i.r.p.s greater than 0 dBW (1 W) must employ frequency hopping or digital modulation techniques. So the key is that you can use the frequencies above 5735MHz but if you want to use more than 1Watt of power then it needs to have DFS enabled (or di...
by dhoulbrooke
Thu Feb 21, 2019 3:13 am
Forum: Wireless Networking
Topic: Illegal country-info for New Zealand?
Replies: 14
Views: 856

Re: Illegal country-info for New Zealand?

OK - I e-mailed RSM just before I read your post. I'll post here what I hear back from them. Ah cool. Yeah I'll be curious to hear what they say. Maybe if up to 5875 MHz is actually legal the default scan list should be smaller than allowed range for the country (if RouterOS can do that). Yeah that...
by dhoulbrooke
Thu Feb 21, 2019 1:43 am
Forum: Wireless Networking
Topic: Illegal country-info for New Zealand?
Replies: 14
Views: 856

Re: Illegal country-info for New Zealand?

Hey jamesg, If I'm reading that government gazette notice correctly then the frequency range up to 5870 MHz in existing RouterOS is actually legal? That PDF I linked to from the government was produced in 2015. Have the frequency allocations recently been extended and it's actually everyone else tha...
by dhoulbrooke
Wed Feb 20, 2019 9:17 pm
Forum: Wireless Networking
Topic: Illegal country-info for New Zealand?
Replies: 14
Views: 856

Re: Illegal country-info for New Zealand?

Hi Viesturs,

5735-5835/a,an20,an40,ac20,ac40,ac80,ac160,ac80+80(30dBm)/outdoor

For this remaining profile could the EIRP please be increased to 36dBm. As per:

https://www.rsm.govt.nz/about-rsm/spect ... ge-devices
https://gazette.govt.nz/notice/id/2017-go4089
by dhoulbrooke
Fri Feb 15, 2019 8:07 pm
Forum: Announcements
Topic: v6.44rc [testing] is released!
Replies: 67
Views: 11582

Re: v6.44rc [testing] is released!

Hi! !) ipsec - added new "identity" menu with common peer distinguishers; Following my upgrade to 6.44rc1 my IPsec IKEv2 eap radius VPN no longer seems to be working: ipsec,error identity not found for peer: FQDN: *username* Using eap radius how should I match the remote id? I have tried auto, ignor...
by dhoulbrooke
Tue Oct 16, 2018 1:13 am
Forum: Beginner Basics
Topic: CAPsMAN 2 SSID's with 2 different Radius servers
Replies: 7
Views: 1102

Re: CAPsMAN 2 SSID's with 2 different Radius servers

In RouterOS v6.43rc12 we will have a called-station-id-type setting in the wireless security profile and in the CAPsMAN AAA section where you could specify what to include in the called-station field for the radius client. By default it would be MAC:SSID and you will be able to select just the MAC ...
by dhoulbrooke
Tue May 15, 2018 4:28 am
Forum: Wireless Networking
Topic: After extensive tests; NV2 failes. Nstreme wins
Replies: 10
Views: 1039

Re: After extensive tests; NV2 failes. Nstreme wins

Hi WirelessRudy,

If you have any questions, I'll explain or comment.

Interesting. Out of curiosity why are you running nv2-mode=fixed-downlink ? It doesn't seem like a fair comparison to the other modes which will essentially have twice the airtime available to them?
by dhoulbrooke
Sat Aug 19, 2017 11:00 am
Forum: Beginner Basics
Topic: hAP AC WiFi dropping out and unable to use with modem in passthrough mode
Replies: 8
Views: 939

Re: hAP AC WiFi dropping out and unable to use with modem in passthrough mode

Hmmm, for some reason, I can get to almost all of the internet apart from the BBC. Now that sounds a bit like an MTU issue. I can't see from that interface export exactly how you connect to your ISP. I'm guessing it's just IPoE/DHCP? I'd be interested to know the results of the below test. Then we ...
by dhoulbrooke
Sat Aug 19, 2017 10:54 am
Forum: Beginner Basics
Topic: hAP AC WiFi dropping out and unable to use with modem in passthrough mode
Replies: 8
Views: 939

Re: hAP AC WiFi dropping out and unable to use with modem in passthrough mode

/interface wireless set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce country="united kingdom" disabled=no distance=indoors frequency=auto mode=ap-bridge ssid=\ doics wireless-protocol=802.11 I'd recommend dropping the channel width on 2.4GHz back to 20MHz. Other than that t...
by dhoulbrooke
Wed Aug 16, 2017 11:44 am
Forum: Beginner Basics
Topic: ssh tunnel hosted on the routerboard.
Replies: 4
Views: 1586

Re: ssh tunnel hosted on the routerboard.

Instead I want to initiate the connection from the routerOS itself but the ssh client seems somewhat limited.
Ah yes my apologies. The instructions I gave were to allow establishing a tunnel through RouterOS. Not originating from it. Unfortunately I don't think that is possible.
by dhoulbrooke
Tue Aug 15, 2017 1:26 pm
Forum: Beginner Basics
Topic: hAP AC WiFi dropping out and unable to use with modem in passthrough mode
Replies: 8
Views: 939

Re: hAP AC WiFi dropping out and unable to use with modem in passthrough mode

Hi there, We use the DM200's in bridge mode quite successfully with Mikrotik devices on both ADSL & VDSL connections. Could I please get you to provide the output of the below command on the hAP ac: /interface export hide-sensitive Also what version of RouterOS are you using? And which firmware vers...
by dhoulbrooke
Sat Aug 12, 2017 11:08 pm
Forum: Beginner Basics
Topic: ssh tunnel hosted on the routerboard.
Replies: 4
Views: 1586

Re: ssh tunnel hosted on the routerboard.

Hi, I am not sure but I think that the ssh client packaged with routerOS is not yet able to support forwardings, can anyone confirm? It is possible - it's just not enabled by default. The below command should enable it for you: /ip ssh set forwarding-enabled=yes https://wiki.mikrotik.com/wiki/Manual...
by dhoulbrooke
Sat Jun 24, 2017 7:28 am
Forum: General
Topic: WinBox on high dpi screens
Replies: 1
Views: 880

Re: WinBox on high dpi screens

Microsoft introduced a new scaling technique that will make WinBox look good at other than 96dpi/100% display scaling settings.
Thanks for the tip!! Looks much better now.
by dhoulbrooke
Fri Jun 23, 2017 9:11 pm
Forum: Wireless Networking
Topic: Power Box POE Out 48v to 24v for base box
Replies: 1
Views: 673

Re: Power Box POE Out 48v to 24v for base box

i don't want to blow my power beam & base box with 48v so i was hoping if there is any way to step down 48 v to 24 v on Port 2-5 Unfortunately not. The specifications say: Ethernet ports 2-5 can power other PoE capable devices with the same voltage as applied to the unit. You could use something li...
by dhoulbrooke
Fri Jun 23, 2017 8:32 pm
Forum: Wireless Networking
Topic: Mikrotik incompatible with Intel 2915ABG wifi card?
Replies: 17
Views: 1656

Re: Mikrotik incompatible with Intel 2915ABG wifi card?

Yes, it's worth a shot. It's always good to keep current as bugs are fixed and functionalities added. I'd have to do more reading, but when they talk about hardware compatibility, I think they mean within ROS, for extra hardware support for the X86 plateform (as a router). From recollection it was ...
by dhoulbrooke
Fri Jun 23, 2017 8:39 am
Forum: Wireless Networking
Topic: Mikrotik incompatible with Intel 2915ABG wifi card?
Replies: 17
Views: 1656

Re: Mikrotik incompatible with Intel 2915ABG wifi card?

# jun/22/2017 12:33:13 by RouterOS 6.37.3
I'd possibly try a later version of RouterOS. 6.37.5 included the below:
*) wireless - improved compatibility with Intel 2200BG wireless card;
Not the same card I know. But the same generation so worth a try I'd say.
by dhoulbrooke
Fri Jun 23, 2017 7:46 am
Forum: Wireless Networking
Topic: "Link Downs" -CAPsMAN
Replies: 2
Views: 1237

Re: "Link Downs" -CAPsMAN

Hi Cameron,
If the CAPS controller is logging these link downs, does it mean the AP has gone down 293 times?
I think you'll find that this happens when that interface has no clients associated with it.

Cheers
by dhoulbrooke
Fri Jun 23, 2017 2:35 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Decline of Mikrotik?
Replies: 102
Views: 25678

Re: Decline of Mikrotik?

Very simple example, lets say i wanted to use pool.ntp.org as my NTP server to my mikrotik router, if i enter it in it gets converted into an IP or in some cases not allowed to be stored as a domain. On consumer routers you could enter a domain in your configuration (except for DNS ofcourse) and it...
by dhoulbrooke
Mon May 29, 2017 11:40 pm
Forum: Wireless Networking
Topic: When coming AC Wave2 chip?
Replies: 41
Views: 7354

Re: When coming AC Wave2 chip?

Only new in US MUM was a new chipset improvement of actual 802.11 ac wave 1 up to 700 mbps
Was there a reference for this?

edit: anuser beat me to this!
by dhoulbrooke
Mon May 29, 2017 7:48 am
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 44341

Re: v6.40rc [release candidate] is released!

thanks, with this ruleset, will i need 7x similar rules for: raw add chain=prerouting action=drop in-interface-list=LAN src-address=!192.168.88.0/24 comment="defconf: drop local if not from default IP range" ? i have 7 different vlans for 7 different lan subnets. You could still have the one rule a...
by dhoulbrooke
Sun May 28, 2017 1:58 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 44341

Re: v6.40rc [release candidate] is released!

can anyone paste what the new default firewall config look like right now? i dont wanna install the latest rc as of yet. Here you go: /ip firewall nat add chain=srcnat out-interface-list=WAN action=masquerade comment="defconf: masquerade" /ip firewall { filter add chain=input action=accept protocol...
by dhoulbrooke
Mon May 22, 2017 12:05 pm
Forum: Announcements
Topic: v6.40rc [release candidate] is released!
Replies: 231
Views: 44341

Re: v6.40rc [release candidate] is released!

*) defconf - replaced IPv4 firewall configuration with improved one; I've been looking at the new default firewall config - and the below doesn't seem quite right: /ip firewall raw add action=drop chain=prerouting comment="defconf: drop the rest" This rule drops all traffic and nothing is passed to...
by dhoulbrooke
Fri Apr 07, 2017 11:23 pm
Forum: Wireless Networking
Topic: Interference
Replies: 2
Views: 472

Re: Interference

If I physically stand between the dishes, both links work without issue and would suggest to me that its the 'leak' from the mANT that is causing the noise. Any suggestions on how I can improve this situation? You've pretty much narrowed it down right there. How far apart are the LHG / mANT? Your o...
by dhoulbrooke
Thu Apr 06, 2017 11:10 am
Forum: Beginner Basics
Topic: RB-450G with Fiber Optic 200/50M ?
Replies: 2
Views: 407

Re: RB-450G with Fiber Optic 200/50M ?

Have you configured Fasttrack?
Unfortunately the RB450G doesn't appear to support FastTrack

https://wiki.mikrotik.com/index.php?tit ... d_hardware
by dhoulbrooke
Mon Jan 09, 2017 7:39 am
Forum: General
Topic: RB3011 IPSEC Hardware Encryption?
Replies: 17
Views: 5374

Re: RB3011 IPSEC Hardware Encryption?

Does the RB3011 have hardware encryption ability and is it enabled?
Not yet unfortunately:

http://forum.mikrotik.com/viewtopic.php?t=83478#p512868
http://forum.mikrotik.com/viewtopic.php ... 02#p542641
by dhoulbrooke
Tue Dec 27, 2016 5:33 am
Forum: Wireless Networking
Topic: CAPsMAN
Replies: 1
Views: 432

Re: CAPsMAN

What am I missing?
Hi. The wireless package needs to be enabled. Try the below:
/system package enable wireless
Then after a reboot you should see the CAPsMAN menu
by dhoulbrooke
Mon Dec 26, 2016 9:28 pm
Forum: General
Topic: IP Sec site to site, router to router connection problem
Replies: 5
Views: 598

Re: IP Sec site to site, router to router connection problem

Add a (dummy) route for remote subnet to internal interface. I do this for e.g. netwatch to work.
Thanks! I was trying to figure this one out the other day too. Don't know why I didn't think of this!
by dhoulbrooke
Wed Nov 30, 2016 4:59 am
Forum: General
Topic: TCP SIP ALG
Replies: 4
Views: 1379

Re: TCP SIP ALG

Does anyone have any idea how to turn it off?
/ip firewall service-port disable sip
Should do the trick.

http://wiki.mikrotik.com/wiki/Manual:IP ... vice_Ports
by dhoulbrooke
Thu Nov 17, 2016 12:24 pm
Forum: RouterBOARD hardware
Topic: RB750Gr3 - Report and questions
Replies: 112
Views: 31744

Re: RB750Gr3 - Report and questions

I wonder how you can reach those numbers. I'm testing with ROS 6.38rc31 and i get:
When I'm back in the office I'll give rc31 a test. The only change from the default config was:
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=aes-128-cbc
by dhoulbrooke
Wed Oct 26, 2016 1:07 pm
Forum: RouterBOARD hardware
Topic: RB750Gr3 - Report and questions
Replies: 112
Views: 31744

Re: RB750Gr3 - Report and questions

What CPU utilisation do you see on both RB750r3 when you hit 400+? thanks
Also forgot to add that CPU load is slightly less on the RX device. Around 40%
ipsec1.png
by dhoulbrooke
Wed Oct 26, 2016 12:32 pm
Forum: RouterBOARD hardware
Topic: RB750Gr3 - Report and questions
Replies: 112
Views: 31744

Re: RB750Gr3 - Report and questions

@dhoulbrooke do you get 400+ throughput regardless of the direction of iperf traffic flow? I assume yes since your test using two RB750r3 - one will be in opposite direction of the other at any time Correct. I get identical speeds both ways. What CPU utilisation do you see on both RB750r3 when you ...
by dhoulbrooke
Wed Oct 26, 2016 11:58 am
Forum: RouterBOARD hardware
Topic: RB750Gr3 - Report and questions
Replies: 112
Views: 31744

Re: RB750Gr3 - Report and questions

Yes, that looks close to the limit. What packet size did you use? Those first tests were run with iperf's default settings which appear to have an MSS of 1386. root@iperf1:~# iperf3 -c 172.17.18.200 -V iperf 3.0.7 Linux iperf1 4.4.19-1-pve #1 SMP Wed Sep 14 14:33:50 CEST 2016 x86_64 GNU/Linux Time:...
by dhoulbrooke
Tue Oct 25, 2016 8:20 am
Forum: RouterBOARD hardware
Topic: RB750Gr3 - Report and questions
Replies: 112
Views: 31744

Re: RB750Gr3 - Report and questions

Hi all, I just did a quick test with 2x RB750Gr3 in tunnel mode and was able to quite happily get ~436Mbps: Accepted connection from 172.17.19.199, port 49824 [ 5] local 172.17.18.199 port 5201 connected to 172.17.19.199 port 49825 [ ID] Interval Transfer Bandwidth [ 5] 0.00-1.00 sec 49.2 MBytes 413...
by dhoulbrooke
Sat May 14, 2016 3:04 pm
Forum: Wireless Networking
Topic: Short link(around 30m) - hardware choice
Replies: 4
Views: 893

Re: Short link(around 30m) - hardware choice

Hi, see my post below discussing a similar length link. That was using 2x SXT 5 ac's (http://routerboard.com/RBSXTG-5HPacD).

http://forum.mikrotik.com/viewtopic.php ... 51#p490751
by dhoulbrooke
Wed Jul 15, 2015 10:21 am
Forum: RouterBOARD hardware
Topic: Short distance / high bandwidth p2p hardware?
Replies: 3
Views: 714

Re: Short distance / high bandwidth p2p hardware?

Thanks, that helps. I may be able to move things around and get somewhere between 40 and 50 m. What Rx/Tx signal would be in the "ideal" range?
You're welcome. Personally I usually aim for the -50's. But anything between -40 & -60 is likely OK.
by dhoulbrooke
Tue Jul 14, 2015 3:16 pm
Forum: RouterBOARD hardware
Topic: Short distance / high bandwidth p2p hardware?
Replies: 3
Views: 714

Re: Short distance / high bandwidth p2p hardware?

Hi,

I recently set up a 35M link with 2x SXT5AC's. With the output power set to the minimum allowed (-30) I was able to get a rx signal around -44. So not too bad.
sxtac.png
Hope that helps.
by dhoulbrooke
Wed Jul 01, 2015 3:53 am
Forum: RouterBOARD hardware
Topic: all CCR crashed
Replies: 40
Views: 7793

Re: all CCR crashed

Same here :(

3x CCR1009's all hard locked no winbox/serial. Had to go on-site and power cycle.

2x Running 6.29.1 + NTP package (whether that makes any diff). And 1x running latest rc22.
by dhoulbrooke
Mon May 04, 2015 12:21 am
Forum: Announcements
Topic: FastTrack - New feature in 6.29
Replies: 237
Views: 136911

Re: FastTrack - New feature in 6.29

I'm guessing this doesn't work on vlan interfaces yet? Or have I missed something? Below from a CCR running 6.29rc14: /ip firewall filter add action=fasttrack-connection chain=forward comment="Accept established/related" connection-state=established,related in-interface=vlan10 add chain=forward comm...
by dhoulbrooke
Sun Apr 19, 2015 7:35 am
Forum: General
Topic: VLAN Tx Drops (CRS125)
Replies: 2
Views: 925

Re: VLAN Tx Drops (CRS125)

Hi w0lt, Have you tried changing the interface queue type to ethernet-default? I still get some drops but not as many as with only-hardware-queue. /queue interface set ether1 queue=ethernet-default set ether2 queue=ethernet-default set ether3 queue=ethernet-default set ether4 queue=ethernet-default ...