Community discussions

MikroTik App

Search found 756 matches

by mada3k
Sat Jun 22, 2024 11:35 am
Forum: RouterBOARD hardware
Topic: A new switch model?
Replies: 10
Views: 1067

Re: A new switch model?

Wow, that a really nice model. Short depth, four SFP+'s and dual hotswappable powersupplies.
by mada3k
Sat Jun 22, 2024 11:25 am
Forum: RouterBOARD hardware
Topic: CRS520-4XS-16XQ-RM (NEW)
Replies: 8
Views: 425

Re: CRS520-4XS-16XQ-RM (NEW)

Amazing pice for a 16x100GE + 4x 25GE switch. Lets just hope it has the buffers for datacenter-work and gets EVPN some day.
by mada3k
Fri Jun 21, 2024 11:03 am
Forum: RouterBOARD hardware
Topic: [RB5009] "We will have several products in this series"
Replies: 11
Views: 1298

Re: [RB5009] "We will have several products in this series"

I agree, I don't see the point of the this post.
by mada3k
Thu Jun 20, 2024 7:47 pm
Forum: Forwarding Protocols
Topic: Any movement for hardware offload of VXLAN?
Replies: 5
Views: 1044

Re: Any movement for hardware offload of VXLAN?

I think the issue is that the feature has to be licensed from Marvell - and that will have a high cost impact.

But yes, EVPN and VXLAN in hardware would be a killer.
by mada3k
Sat Jun 08, 2024 7:14 pm
Forum: RouterBOARD hardware
Topic: hAP AX2 with 2.5GBASE-T or 5GBASE-T
Replies: 4
Views: 3690

Re: hAP AX2 with 2.5GBASE-T or 5GBASE-T

The first two has no wireless, so no power draw and heat there. The Asus just looks horrible and draw power as a medium-sized laptop.

Yes, chipsets exists, but may not be suitable for RouterOS.

When talking 1Gbps+ performance, I always recommend separate router and access-points.
by mada3k
Thu Jun 06, 2024 10:01 am
Forum: RouterBOARD hardware
Topic: Is the RB1100x4 still actively in production?
Replies: 6
Views: 1128

Re: Is the RB1100x4 still actively in production?

Biggest disadvantage of RB1100AHx4 is that it has no SFP ports.
by mada3k
Sat May 18, 2024 3:20 pm
Forum: RouterBOARD hardware
Topic: Single Pair Ethernet (SPE) on Mikrotik??
Replies: 1
Views: 444

Re: Single Pair Ethernet (SPE) on Mikrotik??

I thinks it's use is very internal to car and industrial. The chipsets and PHY:s probably costs according to.
by mada3k
Tue May 07, 2024 9:12 pm
Forum: RouterBOARD hardware
Topic: 48V or 57V power supply for hEX PoE?
Replies: 7
Views: 777

Re: 48V or 57V power supply for hEX PoE?

I'm using a 48V psu to a hEX S to feed a camera. works great.
by mada3k
Sat May 04, 2024 7:41 pm
Forum: General
Topic: Feature request
Replies: 2
Views: 336

Re: Feature request

All tools should have the ability to specifiy source-address and vrf
by mada3k
Fri May 03, 2024 10:22 pm
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 11546

Re: [Discussion] MikroTik configuration abstraction complexity

I don't get the " why can't just mikrotik do x86 stuff like anyone else with fancy linux dataplane thing " complaints. If Mikrotik doesn't suits your needs, stick with x86-boxes with Linux then. Serious traffic should be done in hardware anyways. Huawei, Cisco, Juniper and Nokia all makes ...
by mada3k
Thu May 02, 2024 7:53 pm
Forum: RouterBOARD hardware
Topic: Cascading switches
Replies: 9
Views: 654

Re: Cascading switches

You probably have to disable (R)STP since it will hit the diameter limit.
by mada3k
Tue Apr 30, 2024 6:21 pm
Forum: General
Topic: Shaping 35Gbps
Replies: 4
Views: 521

Re: Shaping 35Gbps

35Gbps must be done at hardware level, like on a switchport-level rate-limit.
by mada3k
Sun Apr 28, 2024 5:53 pm
Forum: General
Topic: Combining LTE and ADSL [SOLVED]
Replies: 25
Views: 7834

Re: Combining LTE and ADSL [SOLVED]

You can't use bonding to add two Internet connections together. It doesn't work that way.

You can however load-balance between the two connections.
by mada3k
Tue Apr 23, 2024 8:01 pm
Forum: RouterBOARD hardware
Topic: CSS610 - trouble with hot insert SFP+
Replies: 1
Views: 342

Re: CSS610 - trouble with hot insert SFP+

10G RJ45 SFP's are made for datacenters with a lot of forced air cooling - Not recomended for home usage.

Mikrotik should make this clear on the product page.

If this is still the case, then add a 12V fan simply on top of it.
by mada3k
Thu Apr 18, 2024 7:32 pm
Forum: RouterBOARD hardware
Topic: Infrastructure design help
Replies: 9
Views: 1035

Re: Infrastructure design help

Well then. My proposal: 1 Management VLAN, of course 4 "Guest-VLANs" Each RB5009 serves one Guest-VLAN with it's unique subnet (e.g 192.168.10.0/24, 192.168.20.0/24, 192.168.30.0/24, 192.168.40.0/24) The CRS326 provides a VLAN-trunks to all connected switches (and RB5009). The you can free...
by mada3k
Wed Apr 17, 2024 7:27 pm
Forum: RouterBOARD hardware
Topic: Infrastructure design help
Replies: 9
Views: 1035

Re: Infrastructure design help

Oh my... Sure there must be some more economical way than 16 5G/LTE-routers with large data-plans? In my country that would cost like $5000 up-front and $600 per month - when a 1G FTTH is about $30-70 a month. Either way, no. You have to balance the traffic at one point only (e.g one main router) bu...
by mada3k
Wed Apr 17, 2024 6:35 pm
Forum: RouterBOARD hardware
Topic: Infrastructure design help
Replies: 9
Views: 1035

Re: Infrastructure design help

Very confusing.. is "5G routers with 1G" refering to a 5G/LTE-modem or 5Ghz WiFi access points?
by mada3k
Tue Apr 16, 2024 7:19 pm
Forum: General
Topic: Is Mikrotik's Firewall is enough to protect a medium enterprise.?
Replies: 21
Views: 1345

Re: Is Mikrotik's Firewall is enough to protect a medium enterprise.?

Performance & function-wise - Yes, no problem.

But if you need to protect your network from your users (that will download malliscius stuff and click on all links) then you probably need a firewall with subscription services for Botnets and dynamic blocking-services.
by mada3k
Sat Apr 13, 2024 5:25 pm
Forum: General
Topic: Mikrotik router's ability to aggregate internet speed is real?
Replies: 3
Views: 449

Re: Mikrotik router's ability to aggregate internet speed is real?

Internet isn't like water pressure or electricity current.

The best you can do is load-balance between the uplinks.
by mada3k
Tue Apr 09, 2024 6:14 pm
Forum: RouterBOARD hardware
Topic: HOT S-RJ10
Replies: 25
Views: 2816

Re: HOT S-RJ10

10GBase-T SFP+ modules need active cooling. It's made for datacenters primarly, not home usage.

10G-Base-SX/MMF is often a better choice (and cheaper) if possible.
by mada3k
Sun Apr 07, 2024 10:33 am
Forum: RouterOS beta
Topic: VXLAN / MT-Help wrong...
Replies: 3
Views: 3967

Re: VXLAN / MT-Help wrong...

I find it strange that you can add multiple VTEPs with the same IP+Port for the same tunnels. Feels like a bug.
by mada3k
Wed Apr 03, 2024 6:58 pm
Forum: RouterBOARD hardware
Topic: CRS317-1G-16S+RM MPLS Support
Replies: 62
Views: 27658

Re: CRS317-1G-16S+RM MPLS Support

I'm guessing that Marvell "NDA-licenses" the hardware features, and VXLAN and MPLS is simply to expensive.

But yes, VXLAN/NVGRE with EVPN would have been a killer feature.
by mada3k
Tue Apr 02, 2024 6:35 pm
Forum: General
Topic: xz Backdoor CVE-2024-3094
Replies: 23
Views: 35058

Re: xz Backdoor CVE-2024-3094

I'm guessing ROSSH it's based on Dropbear
by mada3k
Sun Mar 31, 2024 11:47 am
Forum: RouterBOARD hardware
Topic: CCR2004-16G-2S+PC NO USB, WHYYY!??
Replies: 28
Views: 7941

Re: CCR2004-16G-2S+PC NO USB, WHYYY!??

Where should you cram in two SSDs there?

Isn't just better to build a proper NAS with mutiple slots and correct form factor - instead of forcing a router/switch beeing one?
by mada3k
Thu Mar 28, 2024 11:40 am
Forum: RouterBOARD hardware
Topic: Pure ROS boot...
Replies: 31
Views: 2215

Re: Pure ROS boot...

Imagine you have to try to find the shipping box a year later for your $25k Cisco-switch to able to set ut up....

This should really only be target to consumer/home-usage equipment.
by mada3k
Wed Mar 27, 2024 8:15 pm
Forum: RouterBOARD hardware
Topic: Pure ROS boot...
Replies: 31
Views: 2215

Re: Pure ROS boot...

Will this apply to Cisco, Juniper, Arista, etc. as well?
by mada3k
Tue Mar 26, 2024 10:50 pm
Forum: RouterBOARD hardware
Topic: The product classification is really thoughtful.
Replies: 6
Views: 1026

Re: The product classification is really thoughtful.

Mikrotik doesn't really do any market research or product segment research - thats why there is no "regular"/"usual" models. They build the product around the chips basically.
by mada3k
Sun Mar 24, 2024 10:32 am
Forum: RouterBOARD hardware
Topic: Request for Python Script to Change L2TP Password in MikroTik Router
Replies: 6
Views: 872

Re: Request for Python Script to Change L2TP Password in MikroTik Router

This should be under Scripting.

Personally I would use the REST-API if possible. Then just use Python with requests module.

Second choice is just to use "ssh" in conjuction with "print terse"
by mada3k
Fri Mar 22, 2024 7:18 pm
Forum: General
Topic: Loop Dos CVE-2024-2169 Mikrotik
Replies: 3
Views: 842

Re: Loop Dos CVE-2024-2169 Mikrotik

Almost all UDP services can be exploited. Never leave them open to the wild.
by mada3k
Sun Mar 17, 2024 11:09 am
Forum: RouterBOARD hardware
Topic: The ultimate home Layer 3 switch
Replies: 3
Views: 723

Re: The ultimate home Layer 3 switch

Please stop posting this non-sense requests for something not really possible in 2024 and just for your personal needs.

"home/fanless", "SFP28" and "cheap"
by mada3k
Thu Mar 14, 2024 9:23 pm
Forum: RouterBOARD hardware
Topic: CCR2116 4-pin Power Connector [SOLVED]
Replies: 0
Views: 8348

Re: CCR2116 4-pin Power Connector [SOLVED]

I bet that it's a typical 4-pin ATX12V and then it's called Molex Mini-Fit Jr.
https://i5.walmartimages.com/seo/StarTe ... e2fbc.jpeg
by mada3k
Thu Mar 14, 2024 7:39 pm
Forum: Announcements
Topic: Newsletter #117 | March 2024
Replies: 22
Views: 33279

Re: Newsletter #117 | March 2024

If you are putting fans in the unit, why on earth why not design the whole switch then for a front-to-back or side-to-side airflow. If you are putting this device is a warm closet, the powersupplies and SFPs might be OK, but the chips will run very hot since the airflow doesn't pass the heatsink.
by mada3k
Tue Mar 12, 2024 7:25 pm
Forum: RouterBOARD hardware
Topic: RB5009 and negative 48VDC
Replies: 3
Views: 724

Re: RB5009 and negative 48VDC

The most Mikrotiks have negative grounded chassis, so you can't simply swap the polarities. The only that has a true isolated input is the RB1100.
by mada3k
Mon Mar 11, 2024 7:59 pm
Forum: Announcements
Topic: Newsletter #117 | March 2024
Replies: 22
Views: 33279

Re: Newsletter #117 | March 2024

It's also very strange to have both fans and a big passive radiator. It's neither forced-air cooled nor passive-cooled. It must be quite expensive to manufacture all that heatsink for nothing.

Forced air devices have the advantage of be able to operate in warmer areas, passive ones can not.
by mada3k
Sat Mar 09, 2024 10:36 am
Forum: Announcements
Topic: Newsletter #117 | March 2024
Replies: 22
Views: 33279

Re: Newsletter #117 | March 2024

Precisely one of my points! and the price is 3X higher than the old CRS326-24G without any PoE and 1/5 of the memory! Unfortunally I'm afraid that some part of Mikrotik is going all in for the "performance-per-$" race, that can never be won because of China/Aliexpress/etc. That's why we s...
by mada3k
Fri Mar 08, 2024 10:17 pm
Forum: Announcements
Topic: Newsletter #117 | March 2024
Replies: 22
Views: 33279

Re: Newsletter #117 | March 2024

128M is certainly prohibitively low for running a sizable L3 network. For $1000 it should have an ARM with a 512MB at least.
by mada3k
Mon Mar 04, 2024 10:12 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 503
Views: 133115

Re: v7.15beta [testing] is released!

*) media - added support for DLNA;

I was happy to see SMB leave the default system package, but DLNA is even worse.
by mada3k
Thu Feb 08, 2024 1:36 pm
Forum: General
Topic: Add print server (printer support)
Replies: 145
Views: 103735

Re: Add print server (printer support)

Just no... Buy a decent printer instead with networking

Also, scrap the SMB support as well or move it to a package.
by mada3k
Sat Feb 03, 2024 7:59 pm
Forum: Announcements
Topic: Newsletter #116 | January 2024
Replies: 95
Views: 33232

Re: Newsletter #116 | January 2024

16M Flash in a $500 device is horrible. Serial NOR Flash exists with 64MB and higher aMore RAM helps at buffering the traffic, at my understanding. You are confusing memory for the OS and port-buffer memory. Port-buffer memory is tied to the switching ASIC. Many times it's builtin to the switch chip...
by mada3k
Sat Jan 27, 2024 1:28 pm
Forum: RouterBOARD hardware
Topic: Two L009s connected by DAC or AOC?
Replies: 1
Views: 632

Re: Two L009s connected by DAC or AOC?

I'm very sceptical that Active AOC-cables will accept 2.5Gbps. Passive DAC's might.
by mada3k
Sat Jan 27, 2024 10:55 am
Forum: General
Topic: Recommended for IPS/IDS
Replies: 6
Views: 4724

Re: Recommended for IPS/IDS

Suricata is an popular open-source alternative.

But note that 99,9% of typpical IoT-devices is encrypted traffic, usually HTTPS of some kind. So IDS/IPS is usually pointless.
by mada3k
Sat Jan 27, 2024 10:44 am
Forum: RouterBOARD hardware
Topic: New NOC option for Central Swtich vs Dell 4048s-on
Replies: 3
Views: 809

Re: New NOC option for Central Swtich vs Dell 4048s-on

For high performance switching, as for storage and such - I would keep the Dell's. Mikrotik isn't there yet.
by mada3k
Sat Jan 27, 2024 10:41 am
Forum: RouterBOARD hardware
Topic: Missing product: RB on an top-hat raill
Replies: 7
Views: 1311

Re: Missing product: RB on an top-hat raill

example is Moxa
And absolutly horrible from a software and management perspective
by mada3k
Sun Jan 07, 2024 12:21 pm
Forum: RouterBOARD hardware
Topic: hardware idea for two-port high performance router
Replies: 16
Views: 3561

Re: hardware idea for two-port high performance router

Everyone doesn't have fiber. I'm on Cable.

PPPoE is a very strange choise in modern FTTH/FTTB world. Last time I saw it was in the ADSL-days with some obscure providers, and then it was like 12Mbps at top.
by mada3k
Fri Jan 05, 2024 9:20 pm
Forum: RouterBOARD hardware
Topic: hardware idea for two-port high performance router
Replies: 16
Views: 3561

Re: hardware idea for two-port high performance router

I see, but either way sounds like a very slim "demand" for such a device since the majority of households have <1Gbps and often need a couple for ports for wired devices.

Yes, A two port mini-PC with 10GBase-T would probably be the closest thing.
by mada3k
Fri Jan 05, 2024 8:25 pm
Forum: RouterBOARD hardware
Topic: hardware idea for two-port high performance router
Replies: 16
Views: 3561

Re: hardware idea for two-port high performance router

For an "Edge CPE" for interfacing a customer with 10G you probably wan't a managed switch of some kind, like the CRS305.

The customer can then decide what kind of equipment they would like to use.
by mada3k
Fri Jan 05, 2024 11:42 am
Forum: RouterBOARD hardware
Topic: hardware idea for two-port high performance router
Replies: 16
Views: 3561

Re: hardware idea for two-port high performance router

Who cares about size and price when we are talking about 10gigs?
Why the desire for only two ports?
by mada3k
Mon Dec 25, 2023 12:38 pm
Forum: Forwarding Protocols
Topic: Does MTU on LOOPBACK matter?
Replies: 6
Views: 2355

Re: Does MTU on LOOPBACK matter?

Isn't there any disadvantage of using maximum L2/L3 MTU?

Higher lantecy? Memory/buffers usage?
by mada3k
Mon Nov 27, 2023 4:27 pm
Forum: RouterBOARD hardware
Topic: hAP ax3 DC Battery Back Up Power
Replies: 9
Views: 2774

Re: hAP ax3 DC Battery Back Up Power

I use a Meanwell tuned to 27.2V to float-change two SLA's, But my stuff is 11-30VDC.

27.2V is a bit to close to 28VDC. I would probably add a diode or L7824 or a diode (like MBR1060) to drop the voltage some.
by mada3k
Sun Nov 26, 2023 6:31 pm
Forum: General
Topic: Mikrotik CRS112-8G-4S-IN
Replies: 4
Views: 1010

Re: Mikrotik CRS112-8G-4S-IN

CRS112 is not a router. You bought the wrong device.
by mada3k
Wed Nov 22, 2023 5:44 pm
Forum: RouterBOARD hardware
Topic: MikroTik AMPERE CPU (coming soon)
Replies: 20
Views: 10182

Re: MikroTik AMPERE CPU (coming soon)

I also suspect that it's only some boring cloud-VM.

Or maybe it's a new container & storage appliance? :)
by mada3k
Fri Nov 17, 2023 10:22 pm
Forum: RouterBOARD hardware
Topic: CCR1072/1036 vs. CCR2116 with 2000x PPPoE
Replies: 31
Views: 16430

Re: CCR1072/1036 vs. CCR2116 with 2000x PPPoE

Anyone defending PPPoE is plain stupid or too old and should retire while they can.
There seems to be an obsession with PPPoE in some countries, even in multiple gigabits FTTH days.

In Sweden it was used by some xDSL providers for a short while.
by mada3k
Sat Nov 11, 2023 6:17 pm
Forum: RouterBOARD hardware
Topic: QSFP to SFP28 adapter
Replies: 2
Views: 2310

Re: QSFP to SFP28 adapter

QSFP (4x10G) can't be converted to SFP28 (1x25G) of obvious reasons.
by mada3k
Sat Nov 11, 2023 6:10 pm
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 155
Views: 56839

Re: IS-IS

It's correct that IS-IS uses it's own protocol for adjacencies, but you need either IPv4 or IPv6 support to make something useful of it.

OSPF is built around/top of IP
IS-IS has support is extensible and has support for IP
by mada3k
Sat Nov 11, 2023 1:43 pm
Forum: General
Topic: CCR2004-16G-2S+ cold weather performance
Replies: 4
Views: 840

Re: CCR2004-16G-2S+ cold weather performance

No need for heating

I once had a computer (not powerfull) in a cold garage. It was put in an insulated box, with a temperature-regulated fan. When it got very cold, the fan stopped, hence keeping the heat.
by mada3k
Sat Nov 11, 2023 1:11 pm
Forum: Announcements
Topic: v7.12.1 [stable] is released!
Replies: 252
Views: 98919

Re: v7.12 [stable] is released!

Upgraded my RB5009+three AX2 to 7.12 but still I have very slow speeds on my local network (around 23 MB/s) between my iPad and my NAS whereas I had around 50 MB/s before 7.11 or so. Don’t understand what to do.
Most likley wireless conditions change in some way. Wireless is wireless.
by mada3k
Thu Nov 09, 2023 8:45 pm
Forum: RouterBOARD hardware
Topic: Ethernet - link down
Replies: 26
Views: 10437

Re: Ethernet - link down

Are you using shielded cables?
by mada3k
Sun Nov 05, 2023 2:13 pm
Forum: General
Topic: loud balance 3 starlink
Replies: 19
Views: 3573

Re: loud balance 3 starlink

As many already have said, you can't add and summarize bandwidth that way. However you can distrubute the load/sessions.
by mada3k
Sat Nov 04, 2023 3:59 pm
Forum: Forwarding Protocols
Topic: MPLS-TP
Replies: 11
Views: 3959

Re: MPLS-TP

I don't work for a Tier 1 Carrier so I don't know. Yes, Ciena seems to offer it as a high-SLA metro-service concept
by mada3k
Fri Nov 03, 2023 9:47 pm
Forum: Forwarding Protocols
Topic: MPLS-TP
Replies: 11
Views: 3959

Re: MPLS-TP

No, it's mainly used for specialized industries like utilities, industrial, military and so on. When were are often talking Megabits but needs to be very reliable and ultra-fast recovery scenarios. But It could be used as a transport for legacy services on a bigger carrier operator. EVPN and MPLS-TP...
by mada3k
Fri Nov 03, 2023 5:16 pm
Forum: RouterBOARD hardware
Topic: Request for modern PoE switching
Replies: 8
Views: 3688

Re: Request for modern PoE switching

Thats one issue with Mikrotik. They just don't have "basic everyday models", they build unicorns.

However, "easy to use and modern graphical interfaces" is not something thats preferable.
by mada3k
Fri Nov 03, 2023 5:03 pm
Forum: Forwarding Protocols
Topic: MPLS-TP
Replies: 11
Views: 3959

Re: MPLS-TP

MPLS-TP is not legacy, but its a niche market.

Correct, there is no reason for Mikrotik to invest in MPLS-TP, since it requires specialized hardware to make any sense.
by mada3k
Thu Nov 02, 2023 6:33 pm
Forum: Forwarding Protocols
Topic: MPLS-TP
Replies: 11
Views: 3959

Re: MPLS-TP

Well, It's often used as a replacement for legacy TDM-like tech, transporting synchronous and latency sensitive applications.
by mada3k
Tue Oct 31, 2023 9:50 pm
Forum: Forwarding Protocols
Topic: MPLS-TP
Replies: 11
Views: 3959

Re: MPLS-TP

MPLS-TP is a very different concept. It often requires and specialized hardware and provisioning concepts to make any sense of it.
by mada3k
Sat Oct 28, 2023 10:37 am
Forum: General
Topic: Can I bypass CGNAT with Chateau LTE6?
Replies: 45
Views: 4005

Re: Can I bypass CGNAT with Chateau LTE6?

Yes, you can "bypass" CGNAT with a VPN provider with public IP or VPN to a cloud-hosted host with an public IP.
by mada3k
Thu Oct 19, 2023 3:41 pm
Forum: General
Topic: Zero touch provision
Replies: 7
Views: 1553

Re: Zero touch provision

We are using mac-telnet as a sort of "zero touch".

But no, there is no way of downloading a new config at boot via DHCP/TFTP like a Cisco device to my knowledge.
by mada3k
Tue Oct 17, 2023 8:04 pm
Forum: Forwarding Protocols
Topic: ROS 7.11 OSPF PTP Unnumbered
Replies: 3
Views: 2922

Re: ROS 7.11 OSPF PTP Unnumbered

i'm guessing that there's more work to be done. Not sure if it will ever work with "switched" ports in some way, only "real" NICs.

But it would of course be great if it got support.
by mada3k
Sat Oct 14, 2023 7:00 pm
Forum: General
Topic: Mikrotik SUCKS
Replies: 89
Views: 15681

Re: Mikrotik SUCKS

I for one can not get my head around openwrt. The base system and packaging is great, but the "uci" is just horrible in comparison to IOS, JunOS or RouterOS. What exactly is confusing? I work with Juniper, Arista, Huawei, MikroTik, Cumulus Linux, Debian/Ubuntu+FRR. For example - The VLAN ...
by mada3k
Sat Oct 14, 2023 5:03 pm
Forum: RouterBOARD hardware
Topic: Dual power supply status
Replies: 7
Views: 12417

Re: Dual power supply status

Whats wrong with psu1-voltage & psu2-voltage ?
by mada3k
Sat Oct 14, 2023 11:39 am
Forum: General
Topic: Mikrotik SUCKS
Replies: 89
Views: 15681

Re: Mikrotik SUCKS

RouterOS can be, very confusing if you are very in to like Cisco/Juniper for since many years. It also can be very confusning if you are a DIY Linux/OpenWRT person and are looking for files to edit. One "drawback" is that you can accomplish things in different ways, with pros and cons. Thi...
by mada3k
Fri Oct 13, 2023 8:03 pm
Forum: RouterBOARD hardware
Topic: Router for 2.5 G / 500 connections
Replies: 3
Views: 2984

Re: Router for 2.5 G / 500 connections

PPPoE is very CPU heavy without hardware offload (witch Mikrotiks doesn't have) For 3Gbit PPPoE troughput you probaby need at least a CCR2004-like device.

To expensive? Downgrade your Internet connection or choose a non-PPPoE provider
by mada3k
Tue Oct 10, 2023 6:33 pm
Forum: RouterBOARD hardware
Topic: Mini PC with 2x 10G
Replies: 10
Views: 4655

Re: Mini PC with 2x 10G

Some Supermicro board with 2x10G ports.
by mada3k
Sat Sep 30, 2023 12:29 pm
Forum: RouterBOARD hardware
Topic: Console connection
Replies: 2
Views: 2481

Re: Console connection

Many many many times yes. But not a RB450G.

Make sure that you haven't disabled it under /port och /system/console
by mada3k
Fri Sep 29, 2023 12:44 pm
Forum: General
Topic: Why are there no production-grade L3 switches from MikroTik in 2023?
Replies: 26
Views: 5072

Re: Why are there no production-grade L3 switches from MikroTik in 2023?

On the other hand - you really can't buy a Nexus or QFX without a pricey support agreement (except for second hand)
by mada3k
Fri Sep 29, 2023 10:57 am
Forum: General
Topic: Why are there no production-grade L3 switches from MikroTik in 2023?
Replies: 26
Views: 5072

Re: Why are there no production-grade L3 switches from MikroTik in 2023?

"production-grade" is a strange term of use. What your are talking about is a serious datacenter-switch. Yes, Mikrotik should implement EVPN support. And Yes, they should implement MPLS/VXLAN hardware support if possible. TCAM space comes with a cost, and makes no sense for a regular enter...
by mada3k
Sun Aug 27, 2023 7:41 pm
Forum: Announcements
Topic: v6.49.10 [long-term] is released!
Replies: 33
Views: 87366

Re: v6.49.10 [stable] is released!

Probably some minor vulnerability that makes the web-server crash
by mada3k
Sun Aug 20, 2023 3:08 pm
Forum: RouterBOARD hardware
Topic: CCR2004 packet loss
Replies: 135
Views: 60418

Re: CCR2004 packet loss

The issue is most likley the lack of insuffiecent buffers to handle the "speed conversion". A lot of cheaper switches suffers from this.
by mada3k
Sat Aug 19, 2023 2:46 pm
Forum: RouterBOARD hardware
Topic: "RouterOS on spare computer vs MikroTik device?
Replies: 10
Views: 4732

Re: "RouterOS on spare computer vs MikroTik device?

On the other hand, using a PC, depending on the CPU, it can handle more traffic than almost all MikroTik models, especially IPsec. Of course, but is that really an issue when talking home/small office case? The main reason for on running a PC is that you either like to roll your own firewall (linux...
by mada3k
Sat Aug 19, 2023 11:22 am
Forum: General
Topic: ⚠️Security Issue: Changing rights / disable / delete the users has no effect on already logged in users.
Replies: 35
Views: 6037

Re: ⚠️Security Issue: Changing rights / disable / delete the users has no effect on already logged in users.

All operating systems works like this. Permissions are checked at login - not during session.
by mada3k
Wed Aug 16, 2023 6:41 pm
Forum: RouterBOARD hardware
Topic: "RouterOS on spare computer vs MikroTik device?
Replies: 10
Views: 4732

Re: "RouterOS on spare computer vs MikroTik device?

The drawbacks of using a PC as router/firewalls is power-up time, power consumption, size, number of ports, lack of hardware switched ports, etc.
by mada3k
Sun Aug 13, 2023 2:31 pm
Forum: General
Topic: SFP Temperature is 255C after Router OS upgrade [SOLVED]
Replies: 12
Views: 3602

Re: SFP Temperature is 255C after Router OS upgrade [SOLVED]

The DAC most likely doesn't have a temperature sensor since it's a DAC.
by mada3k
Sat Aug 12, 2023 11:12 pm
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 155
Views: 56839

Re: IS-IS

Thumbs of for IS-IS support! MikroTik should make use of DPDK for packet forwarding/originating from the router itself and use XDP hardware offloaded mode for packet filtering. Their existing hardware line can definitely hit peak line-rate performance. Maybe, maximal possible throughput at any cost ...
by mada3k
Fri Jun 23, 2023 2:04 pm
Forum: RouterOS beta
Topic: Feature request: Link Flap Prevention and Dampening
Replies: 3
Views: 2628

Re: Feature request: Link Flap Prevention and Dampening

I know about BFD and we use that as well. But thats only for detecting issues faster than the IGP itself. But there is no "penalty" concept so it triggers constant IGP recalculation. And it only works for L3.
by mada3k
Sat Jun 17, 2023 11:13 am
Forum: General
Topic: Monitor UPS via Ethernet
Replies: 7
Views: 1445

Re: Monitor UPS via Ethernet

Should work, albeit you need to do some string-spilt to get the actual value.
 > :put [/tool/snmp-get address=192.168.1.1 version=2c community=xxxxxxx oid=.1.3.6.1.4.1.14988.1.1.7.6.0 as-value]
oid=1.3.6.1.4.1.14988.1.1.7.6.0;type=octet-string;value=Apr/07/2022 17:53:31
by mada3k
Wed Jun 14, 2023 10:11 pm
Forum: RouterOS beta
Topic: Feature request: Link Flap Prevention and Dampening
Replies: 3
Views: 2628

Feature request: Link Flap Prevention and Dampening

This is very useful when running into bad cabling or having problems with underlaying equipment. This should cover routing protocols as well, where sudden packetloss somtimes tiggers constant adjacency change between routers. It has been present in other vendors for many years now. https://www.cisco...
by mada3k
Wed Jun 14, 2023 9:51 pm
Forum: General
Topic: Monitor UPS via Ethernet
Replies: 7
Views: 1445

Re: Monitor UPS via Ethernet

I suppose that the UPS network module supports SNMP. Then in theory you could use /tool/snmp-get and some scripting to regulary ask the UPS of its state.
by mada3k
Wed Jun 14, 2023 9:47 pm
Forum: General
Topic: 'SVI' IP not arping
Replies: 3
Views: 467

Re: 'SVI' IP not arping

Its a strange quirk indeed that you need to add the bridge to itself as tagged :)
by mada3k
Wed Jun 14, 2023 9:41 pm
Forum: RouterOS beta
Topic: Feature Request: IP address aliases
Replies: 2
Views: 2645

Re: Feature Request: IP address aliases

I use address lists as IP-aliases or "host objects" in firewall.
by mada3k
Sun Jun 11, 2023 6:08 pm
Forum: RouterBOARD hardware
Topic: Is there any plan for cheaper 5G devices?
Replies: 5
Views: 4075

Re: Is there any plan for cheaper 5G devices?

€300 is quite reasonable for a 5G all-on-one box. In my country they are priced around €400-900 - witch is indeed expensive. I'm guessing that the powerful CPU and multiple radio/antennas help push the price up, not only the 5G modem.

Maybe the should release an antenna-modem-bridge only device?
by mada3k
Sun Jun 04, 2023 2:23 pm
Forum: RouterBOARD hardware
Topic: What's are my options for turning this empty serial port into a usable console interface?
Replies: 2
Views: 2691

Re: What's are my options for turning this empty serial port into a usable console interface?

Those pins is a 3.3V TTL-level UART port - not RS-232. You will probably damage the device is you connect a regular RS-232 port there. You will need a MAX232 or simmilar chip to make it compliant with RS-232.
by mada3k
Sun May 28, 2023 4:42 pm
Forum: Forwarding Protocols
Topic: Allow VPLS through Firewall [SOLVED]
Replies: 4
Views: 5183

Re: Allow VPLS through Firewall [SOLVED]

You might need to allow input of ether-frames 0x8847 (mpls-unicast) somehow.
by mada3k
Wed May 24, 2023 4:26 pm
Forum: RouterBOARD hardware
Topic: Better firewalling performance than 2216?
Replies: 4
Views: 2999

Re: Better firewalling performance than 2216?

Running with connection tracking off cuts down CPU usage quite much since connections doesn't need to be kept or matched. You really should consider creating raw rules.

If you are using L3HW support, then you could create rules under /interface ethernet switch rule maybe instead.
by mada3k
Sun May 14, 2023 10:32 pm
Forum: RouterBOARD hardware
Topic: DIN Mount Gigabit CRS
Replies: 4
Views: 5427

Re: DIN Mount Gigabit CRS

Bump. This is really a product segment Mikrotik should consider. The market today basically consists of either stupid dumb, or overpriced industrial variants with horrible and outdated software OR astonishingly expensive Cisco IE-series stuff. Something performance-wise like the hEX or new L009. 2 S...
by mada3k
Sun Apr 30, 2023 10:23 pm
Forum: General
Topic: RB5009UPr+S+IN NAND sufficient for container
Replies: 3
Views: 646

Re: RB5009UPr+S+IN NAND sufficient for container

Be very careful not do cause unnecessary writing to the filesystem and wear out the NAND.
by mada3k
Sun Apr 30, 2023 5:12 pm
Forum: RouterBOARD hardware
Topic: switch selection
Replies: 4
Views: 2290

Re: switch selection

If you are configure correctly, then the performance will be same on both OS. The difference is in management and features.
by mada3k
Thu Apr 27, 2023 5:12 pm
Forum: RouterOS beta
Topic: "Detect internet" strange behavior ROS 7.0-7.6
Replies: 15
Views: 4488

Re: "Detect internet" strange behavior ROS 7.0-7.6

This is a rather pointless feature and should be removed.
by mada3k
Sat Apr 22, 2023 10:19 pm
Forum: RouterBOARD hardware
Topic: IPv4 Routes supported by CCR1072-1G-8S+
Replies: 2
Views: 1876

Re: IPv4 Routes supported by CCR1072-1G-8S+

The 1072 is quite old. Would not recommend it. All CCR10xx only does software routing, hence there is no real upper limit (except for memory) CCR2116 is a better choice. However, No Mikrotiks can hold million of routes in hardware. Not sure what a MX5 does but probably more, since a couple of factor...
by mada3k
Wed Apr 19, 2023 6:29 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 15170

Re: Something NEEDS to be done about the default passwords

Will this apply for higher end models as well? (like CCRs) What will happen when you do a reset? Go back to the on-label password?
by mada3k
Mon Apr 10, 2023 11:23 am
Forum: General
Topic: Redundant VPLS Termination
Replies: 5
Views: 1314

Re: Redundant VPLS Termination

Interesting. I think it's best practice not to have any chance of overlapping LSR-ID's, but I'm not sure. It will probably work. We have solved our redundant tunnels with basically terminating twice (in core1 and core2) and let RSTP decide path. We also have some EoIP tunnels, but those are bound to...
by mada3k
Fri Apr 07, 2023 11:34 am
Forum: RouterBOARD hardware
Topic: idea: 24 ports POE switch with dual power inputs and more RAM
Replies: 2
Views: 2411

Re: idea: 24 ports POE switch with dual power inputs and more RAM

Or have an DC input in addition to AC like the recent ones.
by mada3k
Thu Apr 06, 2023 9:39 pm
Forum: RouterBOARD hardware
Topic: CRS504-4XQ-IN. Dual DC Power
Replies: 2
Views: 1604

Re: CRS504-4XQ-IN. Dual DC Power

Judging by the inside photos, there seems to be a resonable sized transformer, often used for isolated DC/DC. But if the negative input is tied to the chassis is unknown.
by mada3k
Thu Apr 06, 2023 6:55 pm
Forum: RouterBOARD hardware
Topic: CCR2004-16G-2S+PC NO USB, WHYYY!??
Replies: 28
Views: 7941

Re: CCR2004-16G-2S+PC NO USB, WHYYY!??

The correct choice to do
by mada3k
Thu Apr 06, 2023 6:51 pm
Forum: RouterBOARD hardware
Topic: Please make a 6x100g switch...
Replies: 20
Views: 4441

Re: Please make a 6x100g switch...

Two VmWare ESXi servers with two 100-Gig ports ( 4 ports for redundant communications) Two NAS server with two 100-Gig ports ( 4 ports for redundant communications) Two 100-GIg uplink/downlink ports to other switches ( 2 ports) So far - for a simple tiny network room of 2 servers and 2 nas devices ...
by mada3k
Fri Mar 31, 2023 7:54 pm
Forum: RouterBOARD hardware
Topic: Please make a 6x100g switch...
Replies: 20
Views: 4441

Re: Please make a 6x100g switch...

Well, the CRS504 is not designed for server-rooms - it has all the wrong features. It's made for a city/metro network as I see it.

Go buy white-box/bare-metal 100G switches if you need it for you servers. Don't see the point why Mikrotik should make it.
by mada3k
Sun Mar 26, 2023 7:07 pm
Forum: General
Topic: CRS112 and RSTP
Replies: 4
Views: 953

Re: CRS112 and RSTP

What is untagged in a CRS112 then, VLAN ID 0 or 1?

That means that I need to allow it on all trunks I guess? on edge/accesses also?

There seems to be a lack of examples how to set this up in the wiki/help
by mada3k
Sun Mar 26, 2023 1:18 pm
Forum: General
Topic: CRS112 and RSTP
Replies: 4
Views: 953

CRS112 and RSTP

We use CRS112's as "CPE" like nodes in our network, to terminate customer services. On some occations we daisy-chain two switches with optical or RJ45 between. We usually setup switching under /interface ethernet switch section and no use multiple bridges. One management-VLAN and others fo...
by mada3k
Sun Mar 26, 2023 12:00 pm
Forum: General
Topic: Observability of Mikrotik devices
Replies: 2
Views: 408

Re: Observability of Mikrotik devices

I use SNMP via collectd->influxdb->grafana. But just for interfaces/load.
by mada3k
Sun Mar 26, 2023 11:56 am
Forum: Forwarding Protocols
Topic: Hotspot in VPLS
Replies: 3
Views: 2396

Re: Hotspot in VPLS

whats "hotspot over VPLS"?
by mada3k
Sat Mar 25, 2023 11:41 am
Forum: Announcements
Topic: v7.9beta [testing] is released!
Replies: 118
Views: 27531

Re: v7.9beta [testing] is released!

*) console - added option to create new files using "/file add" command (CLI only);
Thanks! That makes future deployments so much easier!
by mada3k
Tue Mar 21, 2023 1:23 pm
Forum: RouterBOARD hardware
Topic: CRS310-1G-5S-4S+IN SFP connectivity distance
Replies: 4
Views: 2953

Re: CRS310-1G-5S-4S+IN SFP connectivity distance

As long as the power & cooling-requirements for the module is taken care of then it should work just fine.
by mada3k
Sat Mar 11, 2023 12:42 pm
Forum: RouterBOARD hardware
Topic: CRS326-24G-2S+RM with 2.5GBit sfp+ possible?
Replies: 11
Views: 6160

Re: CRS326-24G-2S+RM with 2.5GBit sfp+ possible?

The switch-chip must also support NBase-T standard. 10GBase-T/SFP+ does not imply 2.5G support. Nbase-T is an later standard.
by mada3k
Sat Mar 11, 2023 11:31 am
Forum: RouterBOARD hardware
Topic: Product Request: Coax SFP
Replies: 13
Views: 7947

Re: Product Request: Coax SFP

Because in a lot of buildings, such as hotels or apartments, replacing the cabling is not an option. The cost of removing the walls is the cost that you might as well spend on building an entirely new structure. Are they molded into the concrete? DOCSiS I can understand since it's buried into the g...
by mada3k
Fri Mar 10, 2023 10:56 am
Forum: RouterBOARD hardware
Topic: Product Request: Coax SFP
Replies: 13
Views: 7947

Re: Product Request: Coax SFP

MoCA is strange, why not just replace the Coax with Cat6 or fiber? However, I can agree that it's quite impressive that they managed to squize that into a SFP module, but I'm sure it runs terribly hot. I wish Cable ISPs provided two alternatives - one all-in-one-wifi-box for the consumers, and one m...
by mada3k
Wed Mar 01, 2023 3:37 pm
Forum: Announcements
Topic: Newsletter 111
Replies: 24
Views: 20219

Re: Newsletter 111

Really cool devices, but do you have any plans to support SPB, EVPN, CE or similar? Feels a bit wasteful setting up a 25G/100G links with plain RSTP (witch results in a lot of unused links). Or is the idea to not use and L2 at all?
by mada3k
Wed Mar 01, 2023 3:23 pm
Forum: RouterBOARD hardware
Topic: Idea for a new Switch (8x 2.5G RJ45 + 2x SFP+)
Replies: 2
Views: 1533

Re: Idea for a new Switch (8x 2.5G RJ45 + 2x SFP+)

Personally I think Mikrotik should stop releasing dumb equipment with great numbers. There are already cheap stuff on Aliexpress for those who just want the numbers.

With that said. A 24/48 1G+2.5G combo switch with and without PoE and maybe 2-4 SFPs would not hurt. But NOT with SwOS.
by mada3k
Wed Mar 01, 2023 3:19 pm
Forum: RouterBOARD hardware
Topic: RB5009 FTTH
Replies: 2
Views: 2108

Re: RB5009 FTTH

GPON is unfortunally what it is. It's an active intelligent component and not just a SFP transciever. In essential it's part of the providers network.

Fortunally in my country PON is very very rare. All FTTH networks here uses BiDi SFP-based and can usually be moved to whatever equipment you like.
by mada3k
Sat Feb 18, 2023 9:38 pm
Forum: Containers
Topic: openwrt as container on mikrotik vps !!!
Replies: 2
Views: 4421

Re: openwrt as container on mikrotik vps !!!

You have misunderstood what a container is.
by mada3k
Sat Feb 18, 2023 2:45 pm
Forum: Forwarding Protocols
Topic: OSPF video surveillance system
Replies: 13
Views: 2942

Re: OSPF video surveillance system

Well, the CRS112 maxes out on ~80Mbit of IP-routing, so it's not a good router. A ring of switches is not a great idea either. I would: - Assign one VLAN for each site with its own subnet. - Use the CRS317 with Inter-VLAN routing and run OSPF between them and the CCR1009. - Put a router before or af...
by mada3k
Sat Feb 18, 2023 11:54 am
Forum: Announcements
Topic: v7.8rc is released!
Replies: 125
Views: 46254

Re: v7.8rc is released!

Yes, the Internet Detect issue is not solved yet. When it will be fixed, then that will be mentioned in the release notes. We are aware of a problem with Detect Internet. Best solution would be to just remove it. It did not work out, it does not solve any issue or provide any useful function, yet i...
by mada3k
Sat Feb 18, 2023 11:50 am
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 293
Views: 44426

Re: FEATURE REQUEST: full cone NAT

This is why Mikrotik should not bother with the Consumer/Ho-market.

Side-note: CGNAT-providers should provide more than one CGNAT-adress to avoid NAT-over-NAT issues.
by mada3k
Mon Feb 13, 2023 2:02 pm
Forum: RouterBOARD hardware
Topic: RB750Gr2 HW and performance specs
Replies: 11
Views: 2457

Re: RB750Gr2 HW and performance specs

Please don't confuse L3HW with NAT Firewall
by mada3k
Sun Feb 12, 2023 6:16 pm
Forum: RouterBOARD hardware
Topic: RB4011iGS+RM 48v Connector
Replies: 1
Views: 938

Re: RB4011iGS+RM 48v Connector

We have done that with CCR1009. Beware that "48 volts" often means negative 48V. So the chassis must be isolated from ground/earth.
by mada3k
Sat Feb 11, 2023 12:54 pm
Forum: General
Topic: CCR2216-1G-12XS-2XQ + CRS312-4C+8XG-RM with gigabit connections is way off in speed
Replies: 13
Views: 1736

Re: CCR2216-1G-12XS-2XQ + CRS312-4C+8XG-RM with gigabit connections is way off in speed

Not going to read all details, but you are having a server on 10G and a client of some kind on 1G at the other end? Mikrotik switches are known to not have big packet buffers - and when you try to feed a lot of data into a smaller pipe, the packet buffer on the switch takes a hit, causing packet dro...
by mada3k
Fri Feb 03, 2023 3:09 pm
Forum: RouterBOARD hardware
Topic: Connecting RB4011 to ADSL, without ISP modem?
Replies: 13
Views: 2420

Re: Connecting RB4011 to ADSL, without ISP modem?

Not everyone has LAN/Fiber, I have a Coax DOCSiS modem put in bridged mode.

Find a DSL modem that supports bridged mode or some passtrough mode.
by mada3k
Sun Jan 29, 2023 6:42 pm
Forum: RouterBOARD hardware
Topic: RB5009UPr+S+ SFP module not working
Replies: 19
Views: 7929

Re: RB5009UPr+S+ SFP module not working

Tried setting static speed/duplex and disable auto-nego?
by mada3k
Sun Jan 29, 2023 5:59 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 78919

Re: v7.8beta [testing] is released!

From Cisco: https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-9300-series-switches/white-paper-c11-742415.html (emphasis mine) I applaud and welcome the fact that we also get it on the little ARM/ARM64 boxes. In the coming months, out of the hundreds of RouterOS devices I have ins...
by mada3k
Sun Jan 29, 2023 2:59 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 78919

Re: v7.8beta [testing] is released!

... Well made points. The market is already flooded with SDWAN, IDS, NGFW stuff, and it's probably very hard to gain any foot there because those who want's this are willing to pay for it. But RouterOS is the only alternative I know besides the "giants" that does advanced BGP, BGP-VPNv4, ...
by mada3k
Fri Jan 27, 2023 10:22 am
Forum: RouterBOARD hardware
Topic: MaxxWave MW-UTP-G-US compatibility in CRS switches?
Replies: 1
Views: 1048

Re: MaxxWave MW-UTP-G-US compatibility in CRS switches?

And there is no info about the SFP either?

Copper SFPs can be tricky, especially when mixing vendors. Always try to force speed & duplex.
by mada3k
Thu Jan 26, 2023 1:01 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 78919

Re: v7.8beta [testing] is released!

Some SDWAN solutions can detect protocols, hostnames & applications and take decision what path it should take. It's great for it's purpose, but often proprietary. <Raises hand> Um, I have six 2116's and just bought two more.</hand down> I also have a farm of NUCs, Mac Mini's, and Mac Pro 5,1's ...
by mada3k
Wed Jan 25, 2023 9:59 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 78919

Re: v7.8beta [testing] is released!

What about having different ROS versions for SOHO boxes and serious routers? So one team can work on nerdy-stuff like containers and similar and another team can work on finally fixing and implementing basic routing stuff for CCR2x16 boxes? I tend to agree. I can see that making RouterOS interface ...
by mada3k
Tue Jan 24, 2023 9:35 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 78919

Re: v7.8beta [testing] is released!

No core routing (BFD,EVPN, buggy VPN4) functionality for routers
Would be nice to have an alternative to hideously expensive Cisco/Juniper/Arista EVPN switches instead of relying on spanning-tree.
by mada3k
Mon Jan 23, 2023 1:53 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 78919

Re: v7.8beta [testing] is released!

I would wait until they actually releases any SAN/NAS hardware, or else it's pointless (since it exists so many NAS platforms for generic x86 already) in general called SD-WAN. This is implemented in v7 using ZeroTier. Thats properitary and requires a central controller somewhere, and can't co-exist...
by mada3k
Sat Jan 21, 2023 9:41 pm
Forum: RouterBOARD hardware
Topic: Is CRS305-1G-4S+IN fast enough for 1000mbit home router?
Replies: 11
Views: 4345

Re: Is CRS305-1G-4S+IN fast enough for 1000mbit home router?

Fasttrack is just a software acceleration scheme. L3HW uses a on-chip routing table with in-chip lookups and forwarding.

Pure L3 routing = no firewall rules, no connection tracking, no QoS, no NAT, no mangle.
by mada3k
Sat Jan 21, 2023 3:48 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 78919

Re: v7.8beta [testing] is released!

This is a disappointing release as 7.8, should have been 7.7.1. When are we going to see Mikrotik address those critical route/switch features that most enterprises use. Specifically: 1. BFD fixed 2. BGP-VPNv4-VRF RR fixed 3. Something equivalent to Cisco DMVPN, HP DVPN, Meraki AutoVPN, or Fortinet...
by mada3k
Fri Jan 20, 2023 8:04 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 78919

Re: v7.8beta [testing] is released!

Intresting. Mikrotik planning to enter the SAN/NAS business?
by mada3k
Fri Jan 20, 2023 5:38 pm
Forum: RouterBOARD hardware
Topic: Is CRS305-1G-4S+IN fast enough for 1000mbit home router?
Replies: 11
Views: 4345

Re: Is CRS305-1G-4S+IN fast enough for 1000mbit home router?

I would not trust a switch as a firewall. Only for pure L3 routing.
by mada3k
Tue Jan 17, 2023 3:20 pm
Forum: RouterBOARD hardware
Topic: CCR1036 -12G-4S not starting after reboot. [SOLVED]
Replies: 4
Views: 1746

Re: CCR1036 -12G-4S not starting after reboot. [SOLVED]

These are getting a bit old by now. The capacitors are probably going end of life.
by mada3k
Tue Jan 17, 2023 3:19 pm
Forum: RouterBOARD hardware
Topic: Hardware selection
Replies: 11
Views: 2254

Re: Hardware selection

For speeds over 100Mbps, you should buy a proper router, not a switch with limited CPU resources.
by mada3k
Mon Jan 16, 2023 1:49 pm
Forum: RouterBOARD hardware
Topic: Hardware selection
Replies: 11
Views: 2254

Re: Hardware selection

I am still stuck on a CRS125 routing at 1Gig??? It's primarly a switch. If you can afford 2Gbps of Internet then you probably can afford a router that can handle it as well. Cries in 50/10 internet connection And I'm on 100/10. I can upgrade to 1000/100 but thats €89/month and simply not worth it.
by mada3k
Sun Jan 15, 2023 5:43 pm
Forum: Scripting
Topic: Built in function library
Replies: 142
Views: 142907

Re: Built in function library

Creating a new file and appending input from CLI. Adding a new public ssh key as file, and importing it to a user. Today it has to be done via SCP/SFTP, then imported.

For example:
/file add name="user.pub" content="ssh-rsa XXXXXXXXXXXXXXXXXXXXX"
by mada3k
Sun Jan 15, 2023 5:19 pm
Forum: RouterBOARD hardware
Topic: Any Chance for a CRS610-8P-2S+IN
Replies: 7
Views: 1816

Re: Any Chance for a CRS610-8P-2S+IN

The host table doesn't show IP or VLAN ID... Ugh.
I't cant show IPs of connected hosts, it's a L2 switch
by mada3k
Sun Jan 15, 2023 11:40 am
Forum: RouterBOARD hardware
Topic: Any Chance for a CRS610-8P-2S+IN
Replies: 7
Views: 1816

Re: Any Chance for a CRS610-8P-2S+IN

SwOS is unfortunally just impossible to manage in scale since it's a basic web-managed switch with no security or central managebility. It's for pure home-usage.

I could have been the successor of the excellent CRS112
by mada3k
Sun Jan 15, 2023 11:34 am
Forum: RouterBOARD hardware
Topic: Hardware selection
Replies: 11
Views: 2254

Re: Hardware selection

The 2Gb pipe will come through ethernet.
Yes but at what standard? A single 2.5GBase-T ?
by mada3k
Sat Jan 14, 2023 9:34 pm
Forum: RouterBOARD hardware
Topic: Any Chance for a CRS610-8P-2S+IN
Replies: 7
Views: 1816

Re: Any Chance for a CRS610-8P-2S+IN

I agree, SwitchOS is a no-no for some envoriments.
by mada3k
Fri Jan 13, 2023 1:13 pm
Forum: RouterBOARD hardware
Topic: 2CC-5G CA, or NR CA found a modem that supports it
Replies: 3
Views: 2151

Re: 2CC-5G CA, or NR CA found a modem that supports it

Why on earth would you use USB instead of PCIe ?
by mada3k
Fri Jan 13, 2023 1:11 pm
Forum: RouterBOARD hardware
Topic: Hardware selection
Replies: 11
Views: 2254

Re: Hardware selection

An Rb5009 for example.

How will this 2Gbit line be delievered? As a SFP+, 2.5G SFP or 1G 2xRJ45?
by mada3k
Wed Jan 11, 2023 6:33 pm
Forum: General
Topic: EoIP split traffic [SOLVED]
Replies: 14
Views: 1701

Re: EoIP split traffic [SOLVED]

I use OSPF between two locations with 3-4 subnets on each side just for simplicity. Sure, you can use EoIP, but why would you need to carry VLANs over Internet? IPIP has lower overhead. Just point the dhcp-relay to the Windows DHCP server at HQ. Traffic/network isolation and will be done in the near...
by mada3k
Wed Jan 11, 2023 1:49 pm
Forum: General
Topic: EoIP split traffic [SOLVED]
Replies: 14
Views: 1701

Re: EoIP split traffic [SOLVED]

I agree, setup some IPIP-tunnels and run OSFP over them. Let each branch access Internet by themselves.

For DHCP you can use the dhcp-relay service. DNS can continue to point at the HQ.
by mada3k
Thu Jan 05, 2023 2:03 pm
Forum: RouterBOARD hardware
Topic: Discussion on CPU Architectures
Replies: 5
Views: 2912

Re: Discussion on CPU Architectures

Just a bunch of Chinese development boards with horrible software support. Where is the actual products?
by mada3k
Wed Dec 28, 2022 10:25 pm
Forum: General
Topic: Modem hunged up problem
Replies: 10
Views: 6211

Re: Modem hunged up problem

This may be a valid point. But wouldn't this cause all devices offline? For example in one city in Germany I have two devices. They were both online when I was last there to install them. After 2 days one of those devices went offline and never got back. One is always online since then (>1week). Or...
by mada3k
Mon Dec 26, 2022 6:53 pm
Forum: General
Topic: Modem hunged up problem
Replies: 10
Views: 6211

Re: Modem hunged up problem

Ericsson F5521gw
At least in my country, all providers are shutting down 3G services (making room for 5G) this last year. Maybe that's you old 3G modems are getting kicked out.
by mada3k
Fri Dec 23, 2022 1:11 pm
Forum: RouterBOARD hardware
Topic: RouterOS v7.6 in CCR1072
Replies: 19
Views: 6665

Re: RouterOS v7.6 in CCR1072

The 1072 was probably a bit on the bleeding edge of reasonable hardware design.
by mada3k
Fri Dec 16, 2022 5:52 pm
Forum: RouterBOARD hardware
Topic: Please in the future remove DC Jack input...
Replies: 19
Views: 2461

Re: Please in the future remove DC Jack input...

USB-PD needs quite complicated logic to provide more power than a regular USB. That logic comes with a cost.
by mada3k
Thu Dec 08, 2022 7:19 pm
Forum: RouterOS beta
Topic: v7 MPLS hardware offload?
Replies: 28
Views: 11262

Re: v7 MPLS hardware offload?

No. The CPU does the FIB calculation, then the forwarding is done in hardware.
by mada3k
Thu Dec 01, 2022 11:01 am
Forum: RouterBOARD hardware
Topic: RB1100AHx4 vs CCR series for core/distribution?
Replies: 17
Views: 12049

Re: RB1100AHx4 vs CCR series for core/distribution?

The biggest drawback of the rb1100ahx4 is the lack of SFP ports otherwise a great router.
by mada3k
Sat Nov 26, 2022 1:10 pm
Forum: Beginner Basics
Topic: MX204 alternative?
Replies: 7
Views: 1833

Re: MX204 alternative?

Depending on the specific function and workload, Mikrotiks might be able to do the job.

You simply have to buy and test, but it will never "replace" a MX204 or a Cisco ASR as a complete product replacement.
by mada3k
Fri Nov 25, 2022 7:33 pm
Forum: RouterBOARD hardware
Topic: XS+31LC10D and CRS318-16P-2S+out no link after reboot
Replies: 3
Views: 2847

Re: XS+31LC10D and CRS318-16P-2S+out no link after reboot

Tried setting no-negotiate and static speed & duplex?
by mada3k
Tue Nov 22, 2022 6:41 pm
Forum: General
Topic: Does mikrotik fast path works in X86 custom build PC
Replies: 2
Views: 671

Re: Does mikrotik fast path works in X86 custom build PC

Probably none. It's quite exotic with x86 boards with built in manageable switch chip.
by mada3k
Tue Nov 22, 2022 5:03 pm
Forum: RouterOS beta
Topic: v7 MPLS hardware offload?
Replies: 28
Views: 11262

Re: v7 MPLS hardware offload?

It's also the one of the hardest protocols to get right when developing for an ASIC so tackling easier protocols first is understandable.
I'n my view it should be the simpliest. The MPLS FIB is basically Label in & out and swap or pop.

HW NAT and/or HW IPv6 sounds like a logical nightmare.
by mada3k
Sun Nov 20, 2022 10:28 pm
Forum: RouterBOARD hardware
Topic: req: wAP AC w/ PoE passthrough
Replies: 6
Views: 3711

Re: req: wAP AC w/ PoE passthrough

Sometimes it's very useful to be able to daisy-chain some APs when new cabling is not possible.
by mada3k
Fri Nov 18, 2022 6:34 pm
Forum: RouterOS beta
Topic: v7 MPLS hardware offload?
Replies: 28
Views: 11262

Re: v7 MPLS hardware offload?

The most cases of inter-VLAN routing have some kind of firewalling in mind, and that most likley will break the HW acceleration. The hardware can never fit a full real-life Internet BGP-table either.

MPLS is used by many smaller WISP/ISP for VPLS services customers and VPN VRFs.
by mada3k
Fri Nov 18, 2022 11:29 am
Forum: RouterOS beta
Topic: v7 MPLS hardware offload?
Replies: 28
Views: 11262

Re: v7 MPLS hardware offload?

It's a bit strange to begin with IPv4&6 HW offload, and not MPLS. All major providers use MPLS for carrying internal traffic between core nodes. IPv4/6 offloading only work with plain forwarding, and people except to be able to use complicated firewall rules, nat, tracking, pppoe, tunnels and ot...
by mada3k
Sun Nov 13, 2022 6:38 pm
Forum: RouterBOARD hardware
Topic: CRS112-8p power supply
Replies: 9
Views: 1640

Re: CRS112-8p power supply

I say that it's a great feature to be able to power both 24V and 48V systems with the same device, depending on what powersupply you use. If you don't use any PoE at all then you can just use a simple 12V/1A plug to power the switch itself. But I see the hassle then someone is buying a "PoE swi...
by mada3k
Fri Nov 04, 2022 9:24 pm
Forum: General
Topic: Installing RouterOS on Protectli Vault 6-Port Hardware
Replies: 4
Views: 1517

Re: Installing RouterOS on Protectli Vault 6-Port Hardware

I've have run RouterOS x86 bare metal on some old appliances. Sometimes it worked and sometimes not.

But the machine your linked to is very new, so I would probably use some Linux KVM or FreeBSD/bhyve, then CHR on top.
by mada3k
Thu Oct 27, 2022 9:05 pm
Forum: RouterBOARD hardware
Topic: RB750gr3 IPv6 Performance
Replies: 13
Views: 3447

Re: RB750gr3 IPv6 Performance

I would say that the performance is astonishing for a router released in 2016 for $60
by mada3k
Thu Oct 20, 2022 11:53 am
Forum: RouterBOARD hardware
Topic: KNOT Power consumption - power saving possible?
Replies: 10
Views: 1634

Re: KNOT Power consumption - power saving possible?

Usually <0.5W is only possible with sleep/deep-sleep modes, and that usually stops many functions in the operating system, something a router/gateway never can do.

KNOT is not the IoT device, it's just a gateway.
by mada3k
Mon Oct 17, 2022 9:04 pm
Forum: RouterBOARD hardware
Topic: KNOT Power consumption - power saving possible?
Replies: 10
Views: 1634

Re: KNOT Power consumption - power saving possible?

I also would use arduino of some kind that acts as a timer and turning on the KNOT. But I'm not sure how much the KNOT likes to be powered down/up all the time. The only better way is to do your application in an arduino/rpi-zero/esp32 native and connect it to a NB-IoT modem of some kind. For exampl...
by mada3k
Thu Sep 29, 2022 2:18 pm
Forum: RouterBOARD hardware
Topic: Using CCR2004-1G-2XS-PCIe from a RouterOS host (CHR/x86)
Replies: 18
Views: 3631

Re: Using CCR2004-1G-2XS-PCIe from a RouterOS host (CHR/x86)

Are people buying this as a cheap dual 25G NIC?
by mada3k
Sat Sep 24, 2022 2:34 pm
Forum: RouterBOARD hardware
Topic: CCR2004-1G-2XS-PCIe blown fuse, would need specification
Replies: 3
Views: 1083

Re: CCR2004-1G-2XS-PCIe blown fuse, would need specification

Looks like it's on the +12V rail. Try to verify that there is not a short after the fuse with a multimeter.
by mada3k
Sat Sep 24, 2022 11:16 am
Forum: RouterBOARD hardware
Topic: CRS504-4XQ-IN, LTT, LinusTechTips
Replies: 6
Views: 1584

Re: CRS504-4XQ-IN, LTT, LinusTechTips

I'd rather kill myself than using juniper or cisco again....
Don't mind working with juniper & cisco devices, but the cost is sometimes prohibitive and I hate working with licensing.
by mada3k
Thu Sep 15, 2022 9:25 pm
Forum: RouterBOARD hardware
Topic: hardware idea for two-port high performance router
Replies: 16
Views: 3561

Re: hardware idea for two-port high performance router

Sounds like a horrible idea with only two ports.

You you need to NAT/Firewall 10Gbps of traffic, then you probably can afford a CCR2004-16G-2S+PC
by mada3k
Sat Aug 27, 2022 8:42 pm
Forum: RouterBOARD hardware
Topic: CCR2216-1G-12XS-2XQ (New Flagship)
Replies: 69
Views: 16906

Re: CCR2216-1G-12XS-2XQ (New Flagship)

"totaly useless" sound a bit over exaggerated. But it would be better if the used routes where offloaded, not everything.
by mada3k
Wed Aug 17, 2022 5:34 pm
Forum: Wireless Networking
Topic: Correct way of Virutal SSIDs & VLANs
Replies: 8
Views: 1590

Re: Correct way of Virutal SSIDs & VLANs

As I mentioned earlier, we are talking about a wAP AC - so there is no switch chip to take in consideration.

DHCP and firewalling is done on another device behind the switch, so that's outside this topic.
by mada3k
Tue Aug 16, 2022 5:09 pm
Forum: Wireless Networking
Topic: Correct way of Virutal SSIDs & VLANs
Replies: 8
Views: 1590

Re: Correct way of Virutal SSIDs & VLANs

Thanks, I'm aware of CAPSMAN but it's overkill for my home. ether1 runs to my central switch. 30 is currently for all clients, 39 is for management. It's the vlan-mode=use-tag vlan-id=X bits I'm a bit unsure of. Should it be used or not, and then how? /interface wireless add master-interface=wlan1 n...
by mada3k
Mon Aug 15, 2022 9:30 pm
Forum: Wireless Networking
Topic: Correct way of Virutal SSIDs & VLANs
Replies: 8
Views: 1590

Correct way of Virutal SSIDs & VLANs

Hi, I'm a bit unsure here. What is the correct way of setting up virtual SSID's that related to some VLANs? I'm using two wAPs at home and would like to create a guest SSI and maybe some IoT SSID as well, that ends up on separate VLANs. Current setup: /interface bridge add name=bridge1 protocol-mode...
by mada3k
Mon Aug 15, 2022 6:01 pm
Forum: Announcements
Topic: Newsletter 107
Replies: 50
Views: 27177

Re: Newsletter 107

Can't have a hAP in the ceiling. When is the cAP/wAP ax ready?
by mada3k
Tue Aug 09, 2022 8:04 pm
Forum: General
Topic: CCR2004-1G-2XS-PCIe and FreeBSD
Replies: 29
Views: 4232

Re: CCR2004-1G-2XS-PCIe and FreeBSD

FreeBSD is indeed a wonderfull OS, but it's most likely up to the kernel developers to implement the Mikrotik-specific stuff in the alc driver, that have been done to the Linux kernel one.
by mada3k
Sat Aug 06, 2022 9:56 pm
Forum: General
Topic: CRS328 / high CPU-Lod SPI
Replies: 7
Views: 1542

Re: CRS328 / high CPU-Lod SPI

As chechito says. The flash memory sits on the SPI-bus. Are you using the flash memory for something?
by mada3k
Sat Aug 06, 2022 9:42 pm
Forum: RouterBOARD hardware
Topic: hAP ax² dual band Wi-Fi 6 (802.11ax)
Replies: 287
Views: 69092

Re: hAP ax² dual band Wi-Fi 6 (802.11ax)

Waiting for the cAP or wAP version.
by mada3k
Sat Aug 06, 2022 12:25 pm
Forum: RouterBOARD hardware
Topic: New High Performance Routers ! ?
Replies: 85
Views: 26930

Re: New High Performance Routers ! ?

I would recommend ditching PPPoE at such high speeds. It's just unnecessary overhead.
by mada3k
Sat Aug 06, 2022 12:10 pm
Forum: RouterBOARD hardware
Topic: wifi 6E AX11000
Replies: 3
Views: 2207

Re: wifi 6E AX11000

Everything is not about speed.
by mada3k
Sun Jul 31, 2022 9:45 pm
Forum: Forwarding Protocols
Topic: MPLS Multitenant PE Router
Replies: 2
Views: 1139

Re: MPLS Multitenant PE Router

Not use I understand what your asking for. Just create bridges for the different services/tentants. i.e. eoip-cust1-serv1 <-> bridge-cust1-serv1 <-> Ether1 eoip-cust2-serv1 <-> bridge-cust2-serv1 <-> Ether2 eoip-cust2-serv2 <-> bridge-cust2-serv2 <-> Ether3 eoip-cust2-serv3 <-> bridge-cust2-serv3 <-...
by mada3k
Fri Jul 29, 2022 12:21 pm
Forum: General
Topic: User Manager 5 [SOLVED]
Replies: 8
Views: 1429

Re: User Manager 5 [SOLVED]

bad idea running user manager on a switch
Agree

That's the issue with many users of RouteROS. When everything's possible, then it's suddenly possible to do stupid things, and then you run into problems.
by mada3k
Mon Jul 25, 2022 11:50 am
Forum: General
Topic: L2 Raw packet switching
Replies: 8
Views: 894

Re: L2 Raw packet switching

It's possible that the FCS bits is completly unused to keep complexity down. Any bit-errors will just show up as "bad pixels", thus no point to discard the whole frame.
by mada3k
Sun Jul 24, 2022 11:26 am
Forum: Announcements
Topic: Newsletter 106
Replies: 29
Views: 18600

Re: Newsletter 106

CSS610-8P-2S+IN looks good. Would prefer CRS (RouterOS).
Agree. We simply have no use for CSS series because the lack of security.
by mada3k
Sat Jul 23, 2022 5:22 pm
Forum: General
Topic: TLS Webfig (www-ssl) PCI DSS compliance - weak ciphers
Replies: 14
Views: 2201

Re: TLS Webfig (www-ssl) PCI DSS compliance - weak ciphers

One of my customers is subject to PCI DSS quarterly vulnerability scans. They sent me a report which enumerates several problems with www-ssl service (Webfig over TLS). What is doing the scanning and why does it have access to the Mikrotik admin interfaces? The auditors often requires and asks for ...
by mada3k
Fri Jul 22, 2022 12:12 pm
Forum: General
Topic: L2 Raw packet switching
Replies: 8
Views: 894

Re: L2 Raw packet switching

Are you sure that the LED displays are talking valid Ethernet and not some custom protocol?
by mada3k
Fri Jul 22, 2022 12:09 pm
Forum: General
Topic: CRS309-1G-4SIN isn´t recognised by Winbox (Crossover) [SOLVED]
Replies: 2
Views: 837

Re: CRS309-1G-4SIN isn´t recognised by Winbox (Crossover) [SOLVED]

SwOS doesn't support Winbox. Only HTTP management.
by mada3k
Sat Jul 16, 2022 8:59 pm
Forum: RouterBOARD hardware
Topic: RB5009UG+S+IN with WiFi release date
Replies: 6
Views: 1523

Re: RB5009UG+S+IN with WiFi release date

Much better with separate devices.
by mada3k
Wed Jul 13, 2022 9:21 pm
Forum: RouterBOARD hardware
Topic: Discussion on CPU Architectures
Replies: 5
Views: 2912

Re: Discussion on CPU Architectures

PowerPC is certainly soon dead. Some telecoms-vendors still hang on but the next generations will be ARM or embedded x86. ARM is more or less replacing MIPS in SoHo devices.

RISC-V, haven't seen a single device with it yet, a part for some development-boards.
by mada3k
Wed Jul 13, 2022 6:47 pm
Forum: RouterBOARD hardware
Topic: RBM33G supports MODBUS?
Replies: 2
Views: 914

Re: RBM33G supports MODBUS?

It's probably RS-232 3.3V TTL and you should be able to run MODBUS over it yes. RouterOS has built in "Terminal server" capabilities. But it will not automaticlly be MODBUS-TCP (port 502)
by mada3k
Fri Jul 08, 2022 1:05 pm
Forum: Wireless Networking
Topic: My frustration with WISP
Replies: 39
Views: 3675

Re: My frustration with WISP

You already seems to be behind three layers of NAT, so getting a public IP adress on your own equipment looks very unlikley.
by mada3k
Thu Jul 07, 2022 11:06 pm
Forum: RouterBOARD hardware
Topic: US product availability crunch increasing in scope...
Replies: 9
Views: 1630

Re: US product availability crunch increasing in scope...

Indeed. We tried to order a couple of Catalyst 9200's and got dates in 2023.
by mada3k
Tue Jul 05, 2022 11:41 am
Forum: General
Topic: Port Forwarding 445 & 139
Replies: 4
Views: 4212

Re: Port Forwarding 445 & 139

Running SMB over Internet sounds like a horrible idea. Not even sure it will work behind NAT at all.

Use some VPN tunneling at least.
by mada3k
Mon Jul 04, 2022 10:38 am
Forum: General
Topic: Cloud Core Router VS Custom Build PC Server
Replies: 3
Views: 727

Re: Cloud Core Router VS Custom Build PC Server

How long is a rope?

What is the purpose and use case of the router?
by mada3k
Sun Jun 12, 2022 12:35 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 352
Views: 245890

Re: MikroTik Devices Controller

I think we are talking about two things.
A "device manager" that acts as a hub for CPEs and stuff.
And a conventional NMS that actually monitors and manages a network.
by mada3k
Mon Jun 06, 2022 10:07 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 352
Views: 245890

Re: MikroTik Devices Controller

TR-069 is horrible and basically just good for customer CPEs.

There should be two ways for handling management. API from devices to the management server (for devices behind NAT) - and - direct management/monitoring (as in the management server is reaching directly to a device via ssh or some api)
by mada3k
Mon May 30, 2022 9:08 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 352
Views: 245890

Re: MikroTik Devices Controller

- As a VM appliance - Web based. Not phone apps and such non-sense. - Manage software updates, pushing out updates in a controlled manner - Configuration templates, backup and change-logs - "Global rules" such as firewall, access-lists and so on - REST-API for integrations with other syste...
by mada3k
Fri May 27, 2022 1:19 pm
Forum: RouterBOARD hardware
Topic: CCR2004 with SFP ONU module: fail both PSU [SOLVED]
Replies: 20
Views: 12645

Re: CCR2004 with SFP ONU module: fail both PSU [SOLVED]

It's probably running over the same I2C-bus as the sensors, and the ONU corrupts the data.
by mada3k
Wed May 04, 2022 9:48 pm
Forum: RouterBOARD hardware
Topic: Device request CRS318-16P-2S+RM
Replies: 12
Views: 1725

Re: Device request CRS318-16P-2S+RM

Basically a CCR2004-16G-2S+ but as a pure switch.
by mada3k
Tue Apr 26, 2022 9:52 pm
Forum: General
Topic: Bandwidth pinched through VxLAN tunnel
Replies: 12
Views: 3060

Re: Bandwidth pinched through VxLAN tunnel

Smells like MTU issues. What the the maximum allowed MTU on the line between the CCR'es?
by mada3k
Sat Apr 23, 2022 9:24 pm
Forum: General
Topic: redundant hardware or spare in entreprise infrastructure [SOLVED]
Replies: 5
Views: 1453

Re: redundant hardware or spare in entreprise infrastructure [SOLVED]

Reasons for redundancy is of course availability and ability to perform maintenance without downtime.

If it's acceptable with an hour or so to restore functionality, and if you can plan downtime for maintenance, then you're fine with "spares on the shelf".
by mada3k
Sat Apr 23, 2022 8:17 pm
Forum: General
Topic: Very Slow output for traffic passing through CHR
Replies: 8
Views: 4082

Re: Very Slow output for traffic passing through CHR

Hmm... MTU or fragmentation issue?

Just start count the overhead backwards from the MTU used by your ISP
by mada3k
Fri Apr 22, 2022 4:52 pm
Forum: RouterBOARD hardware
Topic: CCR2004-1G-2XS-PCIe In Hyper Converged Infrastructure
Replies: 6
Views: 2051

Re: CCR2004-1G-2XS-PCIe In Hyper Converged Infrastructure

Probably the wrong choise for general storage network and such things.
by mada3k
Sat Apr 09, 2022 7:17 pm
Forum: RouterBOARD hardware
Topic: CRS504-4XQ-IN - Nice, now more ports please.
Replies: 10
Views: 2208

Re: CRS504-4XQ-IN - Nice, now more ports please.

It's indeed a very nice backbone/ring product. ETSI-format, 48-volts. etc.

"ToR" 10/25/40/100G datacenter switches is a completly different product category.
by mada3k
Fri Apr 08, 2022 5:46 pm
Forum: RouterBOARD hardware
Topic: Mikrotik vs Napatech
Replies: 6
Views: 1315

Re: Mikrotik vs Napatech

You are not using the PTP/IEEE1588 functions of the Napatech?
by mada3k
Mon Apr 04, 2022 6:17 pm
Forum: General
Topic: clickbite: How do members of the Forum feel about this article?
Replies: 54
Views: 4579

Re: How MikroTik Routers Became a Cybercriminal Target

Well, thats sometimes the downside with selling highly configurable devices to pure home users. It's no difference to having "admin/admin" configured Cisco-routers at every home with telnet open. ISPs in my country tend to ship very dumbed-down devices with basically no user-configuable se...
by mada3k
Sun Apr 03, 2022 4:29 pm
Forum: General
Topic: MikroTik - connections between 2 internal bridges [SOLVED]
Replies: 3
Views: 1755

Re: MikroTik - connections between 2 internal bridges [SOLVED]

You can't bridge two bridges, just use one bridge then with VLANs (to separate access)

But you can route IP traffic between two bridges.
by mada3k
Fri Apr 01, 2022 9:04 pm
Forum: Announcements
Topic: v7.2rc6 and v7.2rc7 is released!
Replies: 100
Views: 20971

Re: v7.2rc6 and v7.2rc7 is released!

Is anyone really using RIP anymore?
by mada3k
Fri Apr 01, 2022 9:01 pm
Forum: Announcements
Topic: Newsletter 104
Replies: 54
Views: 26338

Re: Newsletter 104

I agree, NGFW is a stupid term. Also, it starting to fade out since everything moving to the cloud and you use local firewalls and (H)IDS software on all nodes instead.
by mada3k
Tue Mar 29, 2022 9:48 pm
Forum: Announcements
Topic: v7.2rc5 is released!
Replies: 91
Views: 24814

Re: v7.2rc5 is released!

Did IPv6 and MPLS get enabled for hw-offload? I'm pushing 1.6Gbps over VPLS using LDPv6 through a CCR2116 P router and have two CCR2004-16G-2S+ acting as PEs The routing/route output shows IPv6 labeled prefixes as hw-offloaded and the cpu on the CCR2116 is only at 4% under a 1.6Gbps load Wow!!
by mada3k
Sat Mar 19, 2022 11:30 am
Forum: General
Topic: Microsoft creates tool to scan MikroTik routers for TrickBot infections
Replies: 4
Views: 1430

Re: Microsoft creates tool to scan MikroTik routers for TrickBot infections

Can't get it to work either
  File "/usr/local/lib/python3.9/site-packages/paramiko/transport.py", line 1498, in auth_password
    raise SSHException("No existing session")
paramiko.ssh_exception.SSHException: No existing session
by mada3k
Tue Mar 01, 2022 8:55 pm
Forum: General
Topic: how does L3HW actually works?
Replies: 128
Views: 34233

Re: how does L3HW actually works?

But isn't quite inefficent to try to store millions of routes in a HW FIB ? Cisco once solved it many years ago with caching "active traffic" in the hardware, but letting "unused" routes just reside in regular memory until needed. It's not likley that you will communicate with th...
by mada3k
Tue Mar 01, 2022 8:47 pm
Forum: RouterOS beta
Topic: nvmeOf - NVME over TCP
Replies: 15
Views: 5588

Re: nvmeOf - NVME over TCP

So Mikrotik should try to get into the market of enterprise storage now ?

Isn't that quite a saturated market by now.
by mada3k
Sun Feb 27, 2022 6:24 pm
Forum: Announcements
Topic: Newsletter 104
Replies: 54
Views: 26338

Re: Newsletter 104

Buy two?

It's still a 10th of Cisco/Juniper 100G stuff.
by mada3k
Wed Feb 23, 2022 12:15 pm
Forum: Announcements
Topic: v7.1.3 is released!
Replies: 251
Views: 58374

Re: v7.1.3 is released!

All routes in WebFig doesn't show up.
by mada3k
Mon Feb 21, 2022 9:24 pm
Forum: RouterBOARD hardware
Topic: CRS-328-24P-4S+RM-WISP WISP EDITION
Replies: 4
Views: 1222

Re: CRS-328-24P-4S+RM-WISP WISP EDITION

Well done!

Everything should have DC power input.
by mada3k
Sat Feb 19, 2022 6:04 pm
Forum: RouterBOARD hardware
Topic: CCR2004-1G-2XS-PCIe network chip
Replies: 45
Views: 8322

Re: CCR2004-1G-2XS-PCIe network chip

Since it's Marvell-based, I guess that will be some Marvell NIC?

Very cool product.
by mada3k
Wed Feb 16, 2022 7:11 pm
Forum: General
Topic: When to use GRE tunnel with IPSec in 2022
Replies: 4
Views: 4073

Re: When to use GRE tunnel with IPSec in 2022

I often use ipip-tunnels (alternative to GRE) sometimes for 4 reasons: 1) I like to be able to use traceroute. 2) You don't need to add a tunnel policy for all subnets, just route them trough the tunnel. 3) It makes more sense in the firewall to have an actual interface. 4) I have a feeling that PMT...
by mada3k
Wed Feb 16, 2022 6:04 pm
Forum: General
Topic: how does L3HW actually works?
Replies: 128
Views: 34233

Re: how does L3HW actually works?

Connection tracking is a firewall feature, not a router feature.

Personally I would rather see better MPLS-HW support. Just plain flat non-VRF L3 routing is a bit limiting and the hardware can never hold full BGP feeds anyways.
by mada3k
Wed Feb 16, 2022 11:10 am
Forum: General
Topic: EoIP client for Windows
Replies: 8
Views: 10340

Re: EoIP client for Windows

Would be rather pointless since EoIP is only static point-to-point tunnels (as between two network devices).
by mada3k
Fri Feb 11, 2022 9:36 pm
Forum: Beginner Basics
Topic: Airplay two network
Replies: 3
Views: 1212

Re: Airplay two network

You need a mDNS proxy, like Avahi-daemon or similar between the networks/VLANs. This is to forward/relay the mDNS announcements.
by mada3k
Thu Feb 10, 2022 1:03 pm
Forum: RouterBOARD hardware
Topic: powering wall wart devices in a datacenter
Replies: 11
Views: 1817

Re: powering wall wart devices in a datacenter

A proper (and legal) switched power supply should not have any required specific hot or neutral leg.
by mada3k
Wed Feb 09, 2022 11:25 am
Forum: Beginner Basics
Topic: SD Card Uses
Replies: 9
Views: 4434

Re: SD Card Uses

configuration backups
tftp files
logs

I also would love to have a small HTTP service.
by mada3k
Tue Feb 08, 2022 6:40 pm
Forum: RouterBOARD hardware
Topic: powering wall wart devices in a datacenter
Replies: 11
Views: 1817

Re: powering wall wart devices in a datacenter

Aren't most power bricks have an c13/14 and auto-switching 90-240VAC?
by mada3k
Fri Feb 04, 2022 1:51 pm
Forum: General
Topic: If you have a Mikrotik home lab, I have a question for you.
Replies: 17
Views: 3487

Re: If you have a Mikrotik home lab, I have a question for you.

Running 10 CHR's on FreeBSD/bhyve as home lab.
by mada3k
Sat Jan 29, 2022 2:14 pm
Forum: General
Topic: Forward ALL ports to router
Replies: 13
Views: 3791

Re: Forward ALL ports to router

Some VPN types simply don't work over CGNAT. That the reality. IPv6 is the only hope there.
by mada3k
Sat Jan 29, 2022 11:52 am
Forum: General
Topic: Question - How many interfaces can be bonded together? [SOLVED]
Replies: 4
Views: 1880

Re: Question - How many interfaces can be bonded together? [SOLVED]

Since all ports are indivudal interfaces, and not switched ports, i think that all of them can be bonded.

Note that bonding is a in-software feature that will use CPU.
by mada3k
Sun Jan 23, 2022 9:08 pm
Forum: General
Topic: CCR1009-7G-1C-1S+ / 8-10 hEXr3’s in Hub and Spoke, which protocol?
Replies: 6
Views: 1077

Re: CCR1009-7G-1C-1S+ / 8-10 hEXr3’s in Hub and Spoke, which protocol?

Well, I would use IPSec, since it will take advantage of the hardware encryption support. Wireguard does not.

Personally I prefer real tunnels, like IP-IP or GRE. But you can use policy based tunnels as well.
by mada3k
Sun Jan 23, 2022 1:52 pm
Forum: RouterBOARD hardware
Topic: mikro-router product request
Replies: 1
Views: 1884

Re: mikro-router product request

An 3-port high performance router seems a very strange combination.
by mada3k
Thu Jan 20, 2022 6:58 pm
Forum: General
Topic: backup 2011 to rs5009?
Replies: 4
Views: 1281

Re: backup 2011 to rs5009?

export -> edit -> import
by mada3k
Wed Jan 19, 2022 9:55 pm
Forum: General
Topic: Switch ACL to restrict IP usage [SOLVED]
Replies: 25
Views: 7972

Re: Switch ACL to restrict IP usage [SOLVED]

Now I get it... Layer-2 security/filter using Layer-3 addresses.. Switch ACL can never check the L3-adress used.

Hmmm.. Static ARP entries on the router/gateway?
by mada3k
Wed Jan 19, 2022 7:59 pm
Forum: General
Topic: Switch ACL to restrict IP usage [SOLVED]
Replies: 25
Views: 7972

Re: Switch ACL to restrict IP usage [SOLVED]

I don't get it. What switch? Just use /ip services allow-from=x.x.x.x/yy or setup some chain=input firewall rules?
by mada3k
Wed Jan 19, 2022 7:56 pm
Forum: RouterBOARD hardware
Topic: RB750Gv2 repair manual or debug docs?
Replies: 8
Views: 3749

Re: RB750Gv2 repair manual or debug docs?

I agree, there should be warnings. Just add a logging action=disk then your done in a couple of months.
by mada3k
Wed Jan 19, 2022 3:53 pm
Forum: RouterBOARD hardware
Topic: RB750Gv2 repair manual or debug docs?
Replies: 8
Views: 3749

Re: RB750Gv2 repair manual or debug docs?

Many users doesn't understand that the SPI Flash has a limited number of writes, and places logs and graphs on it, hence wearing it out.
by mada3k
Tue Jan 18, 2022 6:26 pm
Forum: Forwarding Protocols
Topic: UDPXY alternative for mikrotik
Replies: 14
Views: 11803

Re: UDPXY alternative for mikrotik

You should never run Multicast UDP/RTP based IPTV över WiFi.
by mada3k
Tue Jan 18, 2022 5:41 pm
Forum: Forwarding Protocols
Topic: UDPXY alternative for mikrotik
Replies: 14
Views: 11803

Re: UDPXY alternative for mikrotik

Why not use the IGMP-Proxy ?
by mada3k
Tue Jan 18, 2022 5:39 pm
Forum: RouterBOARD hardware
Topic: Counterfeit CCR1036?
Replies: 1
Views: 5608

Re: Counterfeit CCR1036?

Any photos?

I've seen a bunch of 1036 under the hood.
by mada3k
Tue Jan 18, 2022 5:35 pm
Forum: General
Topic: Has anyone ever set up a Ethernet Virtual Private Line
Replies: 16
Views: 2966

Re: Has anyone ever set up a Ethernet Virtual Private Line

So, you are provided with a EPL service via an operator from one site to another?

Well, just consider it a regular L2-link, like Ethernet cable from one place to another. No need for tunneling or strange setups.
by mada3k
Sat Jan 15, 2022 8:11 pm
Forum: General
Topic: Has anyone ever set up a Ethernet Virtual Private Line
Replies: 16
Views: 2966

Re: Has anyone ever set up a Ethernet Virtual Private Line

Yes, for example VPLS. If you need encryption then EoIP may be the better choise.

If you are suggesting Carrier Ethernet features, then no, there is no support for CE in RouterOS.
by mada3k
Fri Jan 14, 2022 9:40 pm
Forum: General
Topic: Make two TV set-top boxes (different sites) visible to each other via VPN EoIP? L2TP? PPTP?
Replies: 3
Views: 1034

Re: Make two TV set-top boxes (different sites) visible to each other via VPN EoIP? L2TP? PPTP?

Are they using multicast as well? I think EoIP is the thing you need.

On the primary site, add the tunnel to the default bridge.
On the secondary site, create a new bridge and add the tunnel and one physical port for the box.
by mada3k
Thu Jan 13, 2022 12:10 am
Forum: RouterBOARD hardware
Topic: Voltage accuracy - are any models better?
Replies: 1
Views: 2169

Re: Voltage accuracy - are any models better?

My guess is that they are probably using a simple voltage-divider, and resistors has a certain tolerance (like 5-10%) and that will vary with temperature as well. I would probably take a measurement with a good voltmeter on each individual device, and note the offset from the self-reported value (th...
by mada3k
Fri Jan 07, 2022 12:46 pm
Forum: General
Topic: Having RouterOS boot faster [SOLVED]
Replies: 15
Views: 4118

Re: Having RouterOS boot faster [SOLVED]

Well, RouterOS is very quick in comparison to HPE, Cisco and Juniper, but not instant. To achieve instant-on, you probably need a dumb unmanaged switch.

Disabling RSTP is probably the only way to make it quicker.
by mada3k
Thu Jan 06, 2022 12:39 pm
Forum: General
Topic: Winbox / The Dude Linux App?
Replies: 15
Views: 3948

Re: Winbox / The Dude Linux App?

Which doesn't help very much if you want to access RB using MAC telnet from Linux computer. There's open source client for MAC telnet (https://github.com/haakonnessjoen/MAC-Telnet), but it doesn't work with newer RouterOS, because MikroTik keeps new authentication algorith secret for some strange r...
by mada3k
Tue Jan 04, 2022 1:04 pm
Forum: RouterBOARD hardware
Topic: hAP AC2 successor (WiFi 6 + nBase-T ???)
Replies: 13
Views: 7684

Re: hAP AC2 successor (WiFi 6 + nBase-T ???)

No thanks. I would rather see a cAP with WiFi6 and 2.5GBase-T.
by mada3k
Sun Jan 02, 2022 10:24 pm
Forum: General
Topic: ROS 7.1.1 - WebFig Issues
Replies: 4
Views: 3466

Re: ROS 7.1.1 - WebFig Issues

Same issue here. Chrome + v7.1.1 shows "Error not found" on login. Safari and firefox works.
by mada3k
Sun Jan 02, 2022 10:21 pm
Forum: General
Topic: Mikrotik on x86 sees only 1920Mb of RAM
Replies: 10
Views: 2823

Re: Mikrotik on x86 sees only 1920Mb of RAM

RouterOS 6 x86 is 32-bit only.

Use CHR on KVM/VMware/HyperV for running 64-bit.