MikroTik

mada3k

RouterOS has no configuration interface for tunable optics. It might also have issues with the power draw from those kind of modules.

mada3k

As I said, netinstall with latest version to begin with. I might be some filesystem junk thats hiding.

mada3k

I'm sure that they would love to decomisson those lines and replace with a Ethernet service instead. No one want's to keep providing E1/T1 lines to customers.

Go look on Ebay for RAD RICI, Cisco:s with PRI HWIC and so on.

mada3k

My guess is that you somehow have trashed the flash-memory by used it for storing logs and other thing.

7.10.2 is really old.

I would try to do a netinstall with latest version.

mada3k

That doesn't sound good.

Use a simple multimeter to measure the voltage over the yellow-black wires in in the 4-pin 12V-ATX connectors on the motherboard. Should be 12V or 24V

mada3k

Fast-track is a driver optimization. Makes no sense that Mikrotik should develop customized drivers for 3rd party hardware.

mada3k

Of course it's not. Buy Fortinet branded to get rid of the message.

mada3k

Thats really amazing. That must amount to some TCAM space.

mada3k

To be able to fit 740,000+ routes in hardware were talking another different price-level. Like a Cisco NCS 5501. The Marvells are made for Datacenter/Campus routing, not full-scale ISP routing.

Also, never ever mix PPPoE, NAT, firewall, tunnels and other stuff on Core/Edge-nodes.

mada3k

All 10GE RJ45 SFPs gets hot. They are made to be used with a forced-air front-to-back switches.

mada3k

Does anybody know why MikroTik doesn't release CCRs with some stupid fast CPUs?

Because it makes no sense to compete with Dell/HPE/Supermicro with PC server hardware.

Ultra high performance networking is better done in hardware, as in real ASICs for the purpose.

mada3k

Well, it's a switch. It's not intended for specialized routing, wireless control and VPN or storage services. Regarding config backups, can be done in two ways: 1) using ssh DEVICE "/export compact" > /backups/DEVICE.rsc on a computer/server. 2) a local scheduled script that creates a loca...

mada3k

You simply don't combine a 24 port switch with wireless. Makes no sense at all.

mada3k

OLTs is quite speciallized hardware. can't really be done in software.

mada3k

For what I know, fasttrack is a mikrotik custom solution where the traffic is processed in the driver-layer, and doesn't need to enter the whole kernel infrastructure. Not to be confused with L3HW acceleration/offload.

mada3k

We ditched MPLS/VPLS a while ago. We also had issues with FIB/LFIB syncronization and traffic that simply got lost with certain topology scenarios. Now using EoIP and VXLAN instead.

mada3k

For all you storage haters:

https://youtu.be/g1wpIIfYpZA?feature=shared

Well, that explains a bit :)

mada3k

A switch doesn't use it's CPU if configured correctly. CRS112 is a bit tricky to configure. Any misstake and the traffic will end up in the CPU. A L009 has a decent switch as well, and is easier to use, but lacks QoS features. I've run a number of PCM 48k RTP Audio streams over my CRS112 with QoS an...

mada3k

Software-routing will always be limited by many factors. DPDK is one solution, but will never be fully line-rate. if there is L3 hardware acceleration in your hardware, you simply have to use it.

If not running full BGP tables, I would use a L3 switch with 10/25/100G interfaces.

mada3k

Regarding the - GPeR/CSS/FTC21 and all other SwitchOS-products

Nice hardware but with one big downfall: You can't mass-manage devices with a Web-GUI only.

At least make them "slave" manageable under an RouterOS node, SNMPv3 or some kind of simplified REST-API.

mada3k

Really great to see some progress in VXLAN/HW-acceleration!

Would love to get some basic BGP EVPN. We use VXLAN today in a static fashion and the VTEP-list gets quite long after a bunch of VLANs.

mada3k

No. 2.5G is not part of the 10GBase-X standard.

mada3k

PPPoE is horrible unfortunally and RouterOS has no hardware-offload for it. It's strange some ISPs hold on to 20 year old concepts.

mada3k

Never bridge VETH interfaces with physical ports, it will disable hardware forwarding.

mada3k

I guess that OLT/ONT/ONU is often a semi-proprietary bundled solution, at least they needs to be certified together. Mikrotik should probably then roll their own complete PON-solution with all active components. Or else it wouldn't make sense.

mada3k

/interface/ethernet set ether1 mtu=9000 l2mtu=9000

or what MTU you prefer.

You probably need to set the (L2)MTU on the Aruba-switches as well.

mada3k

Yes, PON is the perfect replacement for coax-networks and for rural areas, and Mikrotik should probably have a product segment for it since it's popular in typical Mikrotik-countries. Regarding 4G/5G i've heard the opposite, that often dark-lit fiber is required because of proper syncronization and ...

mada3k

The problem is probably not the encryption. It's the encapsulation. Mikrotik doens't have any support for hardware-encapsulation. Most of them just have offload for the encryption.

mada3k

Yes and no... PON is more a replacement for Cable-TV networks. Phone landline has always been from customer-to-central exchange, and at least in my country all FTTH services is regular Gigabit Ethernet with BiDi SFPs. It justs ends up in a access switch in the central exchange. We also don't do any ...

mada3k

This is just GDPR all over again. incomprehensible, unspecific, difficult to interpret and generallistic lawyer-product. It's just a new game for the "NIS2" experts to extract money from customers in panic. It has very little to do with the equipment itself. It's mostly the supply-chain st...

mada3k

I was told that CCR2216 doesn't use the L3HW as a cache/acceleration function. The first ~120k routes goes into hardware, the rest stays in software.

The most useful would probably be to use the L3HW as a acceleration feature with the most used and active routes.

mada3k

No, it doesn't work that way. You have to run an routing-software that supports VPP/DPDK and make PCIe-passtrough.

mada3k

Not all countries and ISPs uses GPON either. Many uses simple BiDi SFPs instead. Cheaper and more readily available.

mada3k

There is, the high-end ones has the hardware. But no support implemented yet.

mada3k

The issue with "full BGP" routing *in hardware* is that the current full Internet table doesn't fit in anything under $30,000. The CCR2216 can't fit the whole Internet-table in hardware. The issue with 100GbE and x86 is that is needs VPP/DPDK in order to handle that kind o traffic, regardl...

mada3k

I like the FTC11, have liked it since the first iteration of it. But I do not understand why you keep doing it with SFP interface instead of LC. What I see mostly here in Albania, is that all ISP-s use a converter with LC interface and use a LC Patch cord. The fiber at premises ends with an LC cage...

mada3k

Be very careful when using the built-in NAND for containers. It's only made for running RouterOS. When it wear out, the router is useless.

mada3k

The FRITZ!Box 5690 Pro is the only AVM product with 320 MHz. But it does not have a 10G port matching 4x4.

Yes but software-wise they are basicly junk.

mada3k

CSS318-16G-2S+IN... SwOS and no 48VDC input :(

Theres not point trying to compete with bottom-of-the-barrel stuff from AliExpress.

mada3k

vMotion is not L3 or Application redundancy. It just helps if the physical host dies.

You can use a vrrp-interface with on-master= and on-backup= scripts to enable/disable other interfaces, tunnels or ip-adresses.

mada3k

Got my wAP AX yesterday. 2.4ghz range i really disappointing, far worse than the wAP AC. No way it has 7dBi antennas.

mada3k

Starlink is popular - With emphasis on popular. Even in my country where FTTH and 4G/5G is everywhere there's still braging rights with "Starlink", even if it doesn't make any sense. It's Tesla/Musk-thing i guess. For more rural/mobile it make more sense of course. But starlink is just a m...

mada3k

I would probably go with two L009 since they are switches with SFP

mada3k

yet another properitary shortlived VPN solution - no thanks.

mada3k

Agree. Like a CRS510 but full width, better CPU and more ports. Simmilar to a Cisco NCS540, Juniper ACX2000, Delta AGCV

mada3k

1) b) manage all configuration of MikroTik devices 2) b) Self hosted server on X86 (*NIX) - running on routers doesn't scale. 3) mass auto-upgrade, configuration, provisioning, monitoring, "SD-WAN" manager for tunnels and VRFs, end-to-end service provisioning, central VPN management 4) mod...

mada3k

Do you need a coherent Layer2 between all devices? or just the switches?
Why ring? For redundancy? load balancing? Physical constraints?

mada3k

I'm pretty sure it works. Using 10G-SR in CCR2004 without any issues.

mada3k

Mikrotik just should standardnize on 24-57V and nothing else.

mada3k

Just marketing non-sense.

mada3k

Webfig and Winbox should only be exposed via trusted channels.

mada3k

When you create a new bridge, it will default to auto-mac=yes. Set

admin-mac=xx:xx:xx:xx:xx:xx auto-mac=no

to always keep the same.

mada3k

That odd. So you basically only sell capacity and pre-configured Wifi-routers?

mada3k

I'm using the following script to update DynDNS entries for IPIP-tunnels. Run at reboot or every hour or so. You could tweak this to whatever you need. # resolve names :local localAddr [:resolve "xxxxxxxxx.sn.mynetname.net"]; :local remoteAddr [:resolve "yyyyyyyyyy.sn.mynetname.net&qu...

mada3k

Of course, the plug will handle 16A - but the power supply will draw a maximum of 3.5A. You will only use 22% of rated handling power.

IP67 should do fine outdoors.

mada3k

I guess that Mikrotik has very different customer-base. I'm guessing that the majority of customers requests is about cheaper boxes, faster wifi, pppoe-stuff, different variants of vpn, etc. etc. Cisco and Arista is Enterprise customers only. Linux got real VRF support in about 4.3 i think (2015-201...

mada3k

VRF-aware services in RouterOS is still under implementation. Even Cisco IOS took a while to make all system services VRF-aware. But in the most cases you run your management & monitoring in the "main" table, and customers in individual tables. Then it's no issue that syslog or dns isn...

mada3k

Then the first neighbor complains that his speed is bad, and buys a nice powerful mesh system of 4 WiFi 7 routers that combined take up the entirety of the ISM spectrum. Then complain that his speed is even worse, flashes some custom ROM and cranks the power up higher than my microwave oven. Then l...

mada3k

Multicast over wifi sucks in general.

I would do in over a tunnel, either just EoIP, or IPIP with multicast routing.

mada3k

You could certainly run two OSPF instances on different routing-tables. We runt 5 on one box in individual VRFs.

mada3k

I use 20MHz for 2.4Ghz and 40Mhz for 5Ghz. Gets more range and more stable speeds (but lower peak-speeds).

mada3k

Don't know what the fuss is about RDMA, RoCE, iWRAP, PCF, ETS and other stuff

What they will need to begin to support is BGP EVPN with VXLAN in hardware, or else it's just stupid L2 switches.

mada3k

RB5009UG is a very different device, it's half the ports.

We find the CCR2004-PC very useful and performant. No issues at all.

mada3k

Mhz is not a measure of performance. The ARM64 in CCR2004 is far more powerful than the old TILEs. You buy the PC version because you need either passive cooling or DC-input. If you need performance should choose the AC version. The LCD display was just a waste of money and SD is not a serious stora...

mada3k

24V Passive PoE is far cheaper than 50V+ DC/DC converters and PD-PSE handshakes.

10-32V is very handy voltage range indeed. Covers many battery scenarios.

mada3k

10G RJ45 for dedicated management is ridiculous.

You don't need Gigabytes of buffers, A regular Cisco Nexus 9300 has about 40MB i think.

mada3k

I don't think that the threshold numbers exists in the SFP, it's information stored in the host system.

Thats one of the reasons a vendor recommend their own SFPs.

mada3k

Of course, BGP-EVPN in software and VXLAN/MPLS/VPLS in hardware.

mada3k

How does the transport medium look like to the actual customer? Wireless? FTTH? We perform the first provisioning with a shell-script and mac-telnet (from adjacent node) - then the finishing and customization with Ansible. We usually provision them in-place, but occationally in lab/bench. Then we us...

mada3k

There is usually no need to code SFPs to Mikrotik since Mikrotik doesn't block non-Mikrotik SFPs.

Whit that said - I've do have encountered SFP that don't work properly in Mikrotiks. For example Cisco GLC-T and some strange long-range multimode ones.

mada3k

Wow, that a really nice model. Short depth, four SFP+'s and dual hotswappable powersupplies.

mada3k

Amazing pice for a 16x100GE + 4x 25GE switch. Lets just hope it has the buffers for datacenter-work and gets EVPN some day.

mada3k

I agree, I don't see the point of the this post.

mada3k

I think the issue is that the feature has to be licensed from Marvell - and that will have a high cost impact.

But yes, EVPN and VXLAN in hardware would be a killer.

mada3k

The first two has no wireless, so no power draw and heat there. The Asus just looks horrible and draw power as a medium-sized laptop.

Yes, chipsets exists, but may not be suitable for RouterOS.

When talking 1Gbps+ performance, I always recommend separate router and access-points.

mada3k

Biggest disadvantage of RB1100AHx4 is that it has no SFP ports.

mada3k

I thinks it's use is very internal to car and industrial. The chipsets and PHY:s probably costs according to.

mada3k

I'm using a 48V psu to a hEX S to feed a camera. works great.

mada3k

All tools should have the ability to specifiy source-address and vrf

mada3k

I don't get the " why can't just mikrotik do x86 stuff like anyone else with fancy linux dataplane thing " complaints. If Mikrotik doesn't suits your needs, stick with x86-boxes with Linux then. Serious traffic should be done in hardware anyways. Huawei, Cisco, Juniper and Nokia all makes ...

mada3k

You probably have to disable (R)STP since it will hit the diameter limit.

mada3k

35Gbps must be done at hardware level, like on a switchport-level rate-limit.

mada3k

You can't use bonding to add two Internet connections together. It doesn't work that way.

You can however load-balance between the two connections.

mada3k

10G RJ45 SFP's are made for datacenters with a lot of forced air cooling - Not recomended for home usage.

Mikrotik should make this clear on the product page.

If this is still the case, then add a 12V fan simply on top of it.

mada3k

Well then. My proposal: 1 Management VLAN, of course 4 "Guest-VLANs" Each RB5009 serves one Guest-VLAN with it's unique subnet (e.g 192.168.10.0/24, 192.168.20.0/24, 192.168.30.0/24, 192.168.40.0/24) The CRS326 provides a VLAN-trunks to all connected switches (and RB5009). The you can free...

mada3k

Oh my... Sure there must be some more economical way than 16 5G/LTE-routers with large data-plans? In my country that would cost like $5000 up-front and $600 per month - when a 1G FTTH is about $30-70 a month. Either way, no. You have to balance the traffic at one point only (e.g one main router) bu...

mada3k

Very confusing.. is "5G routers with 1G" refering to a 5G/LTE-modem or 5Ghz WiFi access points?

mada3k

Performance & function-wise - Yes, no problem.

But if you need to protect your network from your users (that will download malliscius stuff and click on all links) then you probably need a firewall with subscription services for Botnets and dynamic blocking-services.

mada3k

Internet isn't like water pressure or electricity current.

The best you can do is load-balance between the uplinks.

mada3k

10GBase-T SFP+ modules need active cooling. It's made for datacenters primarly, not home usage.

10G-Base-SX/MMF is often a better choice (and cheaper) if possible.

mada3k

I find it strange that you can add multiple VTEPs with the same IP+Port for the same tunnels. Feels like a bug.

mada3k

I'm guessing that Marvell "NDA-licenses" the hardware features, and VXLAN and MPLS is simply to expensive.

But yes, VXLAN/NVGRE with EVPN would have been a killer feature.

mada3k

I'm guessing ROSSH it's based on Dropbear

mada3k

Where should you cram in two SSDs there?

Isn't just better to build a proper NAS with mutiple slots and correct form factor - instead of forcing a router/switch beeing one?

mada3k

Imagine you have to try to find the shipping box a year later for your $25k Cisco-switch to able to set ut up....

This should really only be target to consumer/home-usage equipment.

mada3k

Will this apply to Cisco, Juniper, Arista, etc. as well?

mada3k

Mikrotik doesn't really do any market research or product segment research - thats why there is no "regular"/"usual" models. They build the product around the chips basically.

mada3k

This should be under Scripting.

Personally I would use the REST-API if possible. Then just use Python with requests module.

Second choice is just to use "ssh" in conjuction with "print terse"

mada3k

Almost all UDP services can be exploited. Never leave them open to the wild.

mada3k

Please stop posting this non-sense requests for something not really possible in 2024 and just for your personal needs.

"home/fanless", "SFP28" and "cheap"

mada3k

I bet that it's a typical 4-pin ATX12V and then it's called Molex Mini-Fit Jr.
https://i5.walmartimages.com/seo/StarTe ... e2fbc.jpeg

mada3k

If you are putting fans in the unit, why on earth why not design the whole switch then for a front-to-back or side-to-side airflow. If you are putting this device is a warm closet, the powersupplies and SFPs might be OK, but the chips will run very hot since the airflow doesn't pass the heatsink.

mada3k

The most Mikrotiks have negative grounded chassis, so you can't simply swap the polarities. The only that has a true isolated input is the RB1100.

mada3k

It's also very strange to have both fans and a big passive radiator. It's neither forced-air cooled nor passive-cooled. It must be quite expensive to manufacture all that heatsink for nothing.

Forced air devices have the advantage of be able to operate in warmer areas, passive ones can not.

mada3k

Precisely one of my points! and the price is 3X higher than the old CRS326-24G without any PoE and 1/5 of the memory! Unfortunally I'm afraid that some part of Mikrotik is going all in for the "performance-per-$" race, that can never be won because of China/Aliexpress/etc. That's why we s...

mada3k

128M is certainly prohibitively low for running a sizable L3 network. For $1000 it should have an ARM with a 512MB at least.

mada3k

*) media - added support for DLNA;

I was happy to see SMB leave the default system package, but DLNA is even worse.

mada3k

Just no... Buy a decent printer instead with networking

Also, scrap the SMB support as well or move it to a package.

mada3k

16M Flash in a $500 device is horrible. Serial NOR Flash exists with 64MB and higher aMore RAM helps at buffering the traffic, at my understanding. You are confusing memory for the OS and port-buffer memory. Port-buffer memory is tied to the switching ASIC. Many times it's builtin to the switch chip...

mada3k

I'm very sceptical that Active AOC-cables will accept 2.5Gbps. Passive DAC's might.

mada3k

Suricata is an popular open-source alternative.

But note that 99,9% of typpical IoT-devices is encrypted traffic, usually HTTPS of some kind. So IDS/IPS is usually pointless.

mada3k

For high performance switching, as for storage and such - I would keep the Dell's. Mikrotik isn't there yet.

mada3k

example is Moxa

And absolutly horrible from a software and management perspective

mada3k

Everyone doesn't have fiber. I'm on Cable.

PPPoE is a very strange choise in modern FTTH/FTTB world. Last time I saw it was in the ADSL-days with some obscure providers, and then it was like 12Mbps at top.

mada3k

I see, but either way sounds like a very slim "demand" for such a device since the majority of households have <1Gbps and often need a couple for ports for wired devices.

Yes, A two port mini-PC with 10GBase-T would probably be the closest thing.

mada3k

For an "Edge CPE" for interfacing a customer with 10G you probably wan't a managed switch of some kind, like the CRS305.

The customer can then decide what kind of equipment they would like to use.

mada3k

Who cares about size and price when we are talking about 10gigs?
Why the desire for only two ports?

mada3k

Isn't there any disadvantage of using maximum L2/L3 MTU?

Higher lantecy? Memory/buffers usage?

mada3k

I use a Meanwell tuned to 27.2V to float-change two SLA's, But my stuff is 11-30VDC.

27.2V is a bit to close to 28VDC. I would probably add a diode or L7824 or a diode (like MBR1060) to drop the voltage some.

mada3k

CRS112 is not a router. You bought the wrong device.

mada3k

I also suspect that it's only some boring cloud-VM.

Or maybe it's a new container & storage appliance?

mada3k

Anyone defending PPPoE is plain stupid or too old and should retire while they can.

There seems to be an obsession with PPPoE in some countries, even in multiple gigabits FTTH days.

In Sweden it was used by some xDSL providers for a short while.

mada3k

QSFP (4x10G) can't be converted to SFP28 (1x25G) of obvious reasons.

mada3k

It's correct that IS-IS uses it's own protocol for adjacencies, but you need either IPv4 or IPv6 support to make something useful of it.

OSPF is built around/top of IP
IS-IS has support is extensible and has support for IP

mada3k

No need for heating

I once had a computer (not powerfull) in a cold garage. It was put in an insulated box, with a temperature-regulated fan. When it got very cold, the fan stopped, hence keeping the heat.

mada3k

Upgraded my RB5009+three AX2 to 7.12 but still I have very slow speeds on my local network (around 23 MB/s) between my iPad and my NAS whereas I had around 50 MB/s before 7.11 or so. Don’t understand what to do.

Most likley wireless conditions change in some way. Wireless is wireless.

mada3k

Are you using shielded cables?

mada3k

As many already have said, you can't add and summarize bandwidth that way. However you can distrubute the load/sessions.

mada3k

I don't work for a Tier 1 Carrier so I don't know. Yes, Ciena seems to offer it as a high-SLA metro-service concept

mada3k

No, it's mainly used for specialized industries like utilities, industrial, military and so on. When were are often talking Megabits but needs to be very reliable and ultra-fast recovery scenarios. But It could be used as a transport for legacy services on a bigger carrier operator. EVPN and MPLS-TP...

mada3k

Thats one issue with Mikrotik. They just don't have "basic everyday models", they build unicorns.

However, "easy to use and modern graphical interfaces" is not something thats preferable.

mada3k

MPLS-TP is not legacy, but its a niche market.

Correct, there is no reason for Mikrotik to invest in MPLS-TP, since it requires specialized hardware to make any sense.

mada3k

Well, It's often used as a replacement for legacy TDM-like tech, transporting synchronous and latency sensitive applications.

mada3k

MPLS-TP is a very different concept. It often requires and specialized hardware and provisioning concepts to make any sense of it.

mada3k

Yes, you can "bypass" CGNAT with a VPN provider with public IP or VPN to a cloud-hosted host with an public IP.

mada3k

We are using mac-telnet as a sort of "zero touch".

But no, there is no way of downloading a new config at boot via DHCP/TFTP like a Cisco device to my knowledge.

mada3k

i'm guessing that there's more work to be done. Not sure if it will ever work with "switched" ports in some way, only "real" NICs.

But it would of course be great if it got support.

mada3k

I for one can not get my head around openwrt. The base system and packaging is great, but the "uci" is just horrible in comparison to IOS, JunOS or RouterOS. What exactly is confusing? I work with Juniper, Arista, Huawei, MikroTik, Cumulus Linux, Debian/Ubuntu+FRR. For example - The VLAN ...

mada3k

Whats wrong with psu1-voltage & psu2-voltage ?

mada3k

RouterOS can be, very confusing if you are very in to like Cisco/Juniper for since many years. It also can be very confusning if you are a DIY Linux/OpenWRT person and are looking for files to edit. One "drawback" is that you can accomplish things in different ways, with pros and cons. Thi...

mada3k

PPPoE is very CPU heavy without hardware offload (witch Mikrotiks doesn't have) For 3Gbit PPPoE troughput you probaby need at least a CCR2004-like device.

To expensive? Downgrade your Internet connection or choose a non-PPPoE provider

mada3k

Some Supermicro board with 2x10G ports.

mada3k

Many many many times yes. But not a RB450G.

Make sure that you haven't disabled it under /port och /system/console

mada3k

On the other hand - you really can't buy a Nexus or QFX without a pricey support agreement (except for second hand)

mada3k

"production-grade" is a strange term of use. What your are talking about is a serious datacenter-switch. Yes, Mikrotik should implement EVPN support. And Yes, they should implement MPLS/VXLAN hardware support if possible. TCAM space comes with a cost, and makes no sense for a regular enter...

mada3k

Probably some minor vulnerability that makes the web-server crash

mada3k

The issue is most likley the lack of insuffiecent buffers to handle the "speed conversion". A lot of cheaper switches suffers from this.

mada3k

On the other hand, using a PC, depending on the CPU, it can handle more traffic than almost all MikroTik models, especially IPsec. Of course, but is that really an issue when talking home/small office case? The main reason for on running a PC is that you either like to roll your own firewall (linux...

mada3k

All operating systems works like this. Permissions are checked at login - not during session.

mada3k

The drawbacks of using a PC as router/firewalls is power-up time, power consumption, size, number of ports, lack of hardware switched ports, etc.

mada3k

The DAC most likely doesn't have a temperature sensor since it's a DAC.

mada3k

Thumbs of for IS-IS support! MikroTik should make use of DPDK for packet forwarding/originating from the router itself and use XDP hardware offloaded mode for packet filtering. Their existing hardware line can definitely hit peak line-rate performance. Maybe, maximal possible throughput at any cost ...

mada3k

I know about BFD and we use that as well. But thats only for detecting issues faster than the IGP itself. But there is no "penalty" concept so it triggers constant IGP recalculation. And it only works for L3.

mada3k

Should work, albeit you need to do some string-spilt to get the actual value.

 > :put [/tool/snmp-get address=192.168.1.1 version=2c community=xxxxxxx oid=.1.3.6.1.4.1.14988.1.1.7.6.0 as-value]
oid=1.3.6.1.4.1.14988.1.1.7.6.0;type=octet-string;value=Apr/07/2022 17:53:31

mada3k

This is very useful when running into bad cabling or having problems with underlaying equipment. This should cover routing protocols as well, where sudden packetloss somtimes tiggers constant adjacency change between routers. It has been present in other vendors for many years now. https://www.cisco...

mada3k

I suppose that the UPS network module supports SNMP. Then in theory you could use /tool/snmp-get and some scripting to regulary ask the UPS of its state.

mada3k

Its a strange quirk indeed that you need to add the bridge to itself as tagged

mada3k

I use address lists as IP-aliases or "host objects" in firewall.

mada3k

€300 is quite reasonable for a 5G all-on-one box. In my country they are priced around €400-900 - witch is indeed expensive. I'm guessing that the powerful CPU and multiple radio/antennas help push the price up, not only the 5G modem.

Maybe the should release an antenna-modem-bridge only device?

mada3k

Those pins is a 3.3V TTL-level UART port - not RS-232. You will probably damage the device is you connect a regular RS-232 port there. You will need a MAX232 or simmilar chip to make it compliant with RS-232.

mada3k

You might need to allow input of ether-frames 0x8847 (mpls-unicast) somehow.

mada3k

Running with connection tracking off cuts down CPU usage quite much since connections doesn't need to be kept or matched. You really should consider creating raw rules.

If you are using L3HW support, then you could create rules under /interface ethernet switch rule maybe instead.

mada3k

Bump. This is really a product segment Mikrotik should consider. The market today basically consists of either stupid dumb, or overpriced industrial variants with horrible and outdated software OR astonishingly expensive Cisco IE-series stuff. Something performance-wise like the hEX or new L009. 2 S...

mada3k

Be very careful not do cause unnecessary writing to the filesystem and wear out the NAND.

mada3k

If you are configure correctly, then the performance will be same on both OS. The difference is in management and features.

mada3k

This is a rather pointless feature and should be removed.

mada3k

The 1072 is quite old. Would not recommend it. All CCR10xx only does software routing, hence there is no real upper limit (except for memory) CCR2116 is a better choice. However, No Mikrotiks can hold million of routes in hardware. Not sure what a MX5 does but probably more, since a couple of factor...

mada3k

Will this apply for higher end models as well? (like CCRs) What will happen when you do a reset? Go back to the on-label password?

mada3k

Interesting. I think it's best practice not to have any chance of overlapping LSR-ID's, but I'm not sure. It will probably work. We have solved our redundant tunnels with basically terminating twice (in core1 and core2) and let RSTP decide path. We also have some EoIP tunnels, but those are bound to...

mada3k

Or have an DC input in addition to AC like the recent ones.

mada3k

Judging by the inside photos, there seems to be a resonable sized transformer, often used for isolated DC/DC. But if the negative input is tied to the chassis is unknown.

mada3k

The correct choice to do

mada3k

Two VmWare ESXi servers with two 100-Gig ports ( 4 ports for redundant communications) Two NAS server with two 100-Gig ports ( 4 ports for redundant communications) Two 100-GIg uplink/downlink ports to other switches ( 2 ports) So far - for a simple tiny network room of 2 servers and 2 nas devices ...

mada3k

Well, the CRS504 is not designed for server-rooms - it has all the wrong features. It's made for a city/metro network as I see it.

Go buy white-box/bare-metal 100G switches if you need it for you servers. Don't see the point why Mikrotik should make it.

mada3k

What is untagged in a CRS112 then, VLAN ID 0 or 1?

That means that I need to allow it on all trunks I guess? on edge/accesses also?

There seems to be a lack of examples how to set this up in the wiki/help

mada3k

We use CRS112's as "CPE" like nodes in our network, to terminate customer services. On some occations we daisy-chain two switches with optical or RJ45 between. We usually setup switching under /interface ethernet switch section and no use multiple bridges. One management-VLAN and others fo...

mada3k

I use SNMP via collectd->influxdb->grafana. But just for interfaces/load.

mada3k

whats "hotspot over VPLS"?

mada3k

*) console - added option to create new files using "/file add" command (CLI only);

Thanks! That makes future deployments so much easier!

mada3k

As long as the power & cooling-requirements for the module is taken care of then it should work just fine.

mada3k

The switch-chip must also support NBase-T standard. 10GBase-T/SFP+ does not imply 2.5G support. Nbase-T is an later standard.

mada3k

Because in a lot of buildings, such as hotels or apartments, replacing the cabling is not an option. The cost of removing the walls is the cost that you might as well spend on building an entirely new structure. Are they molded into the concrete? DOCSiS I can understand since it's buried into the g...

mada3k

MoCA is strange, why not just replace the Coax with Cat6 or fiber? However, I can agree that it's quite impressive that they managed to squize that into a SFP module, but I'm sure it runs terribly hot. I wish Cable ISPs provided two alternatives - one all-in-one-wifi-box for the consumers, and one m...

mada3k

Really cool devices, but do you have any plans to support SPB, EVPN, CE or similar? Feels a bit wasteful setting up a 25G/100G links with plain RSTP (witch results in a lot of unused links). Or is the idea to not use and L2 at all?

mada3k

Personally I think Mikrotik should stop releasing dumb equipment with great numbers. There are already cheap stuff on Aliexpress for those who just want the numbers.

With that said. A 24/48 1G+2.5G combo switch with and without PoE and maybe 2-4 SFPs would not hurt. But NOT with SwOS.

mada3k

GPON is unfortunally what it is. It's an active intelligent component and not just a SFP transciever. In essential it's part of the providers network.

Fortunally in my country PON is very very rare. All FTTH networks here uses BiDi SFP-based and can usually be moved to whatever equipment you like.

mada3k

RB5009 + AP

mada3k

You have misunderstood what a container is.

mada3k

Well, the CRS112 maxes out on ~80Mbit of IP-routing, so it's not a good router. A ring of switches is not a great idea either. I would: - Assign one VLAN for each site with its own subnet. - Use the CRS317 with Inter-VLAN routing and run OSPF between them and the CCR1009. - Put a router before or af...

mada3k

Yes, the Internet Detect issue is not solved yet. When it will be fixed, then that will be mentioned in the release notes. We are aware of a problem with Detect Internet. Best solution would be to just remove it. It did not work out, it does not solve any issue or provide any useful function, yet i...

mada3k

This is why Mikrotik should not bother with the Consumer/Ho-market.

Side-note: CGNAT-providers should provide more than one CGNAT-adress to avoid NAT-over-NAT issues.

mada3k

Please don't confuse L3HW with NAT Firewall

mada3k

We have done that with CCR1009. Beware that "48 volts" often means negative 48V. So the chassis must be isolated from ground/earth.

mada3k

Not going to read all details, but you are having a server on 10G and a client of some kind on 1G at the other end? Mikrotik switches are known to not have big packet buffers - and when you try to feed a lot of data into a smaller pipe, the packet buffer on the switch takes a hit, causing packet dro...

mada3k

Not everyone has LAN/Fiber, I have a Coax DOCSiS modem put in bridged mode.

Find a DSL modem that supports bridged mode or some passtrough mode.

mada3k

Tried setting static speed/duplex and disable auto-nego?

mada3k

From Cisco: https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-9300-series-switches/white-paper-c11-742415.html (emphasis mine) I applaud and welcome the fact that we also get it on the little ARM/ARM64 boxes. In the coming months, out of the hundreds of RouterOS devices I have ins...

mada3k

... Well made points. The market is already flooded with SDWAN, IDS, NGFW stuff, and it's probably very hard to gain any foot there because those who want's this are willing to pay for it. But RouterOS is the only alternative I know besides the "giants" that does advanced BGP, BGP-VPNv4, ...

mada3k

And there is no info about the SFP either?

Copper SFPs can be tricky, especially when mixing vendors. Always try to force speed & duplex.

mada3k

Some SDWAN solutions can detect protocols, hostnames & applications and take decision what path it should take. It's great for it's purpose, but often proprietary. <Raises hand> Um, I have six 2116's and just bought two more.</hand down> I also have a farm of NUCs, Mac Mini's, and Mac Pro 5,1's ...

Search found 826 matches