Community discussions

MikroTik App

Search found 732 matches

by mada3k
Thu Mar 28, 2024 11:40 am
Forum: RouterBOARD hardware
Topic: Pure ROS boot...
Replies: 27
Views: 1333

Re: Pure ROS boot...

Imagine you have to try to find the shipping box a year later for your $25k Cisco-switch to able to set ut up....

This should really only be target to consumer/home-usage equipment.
by mada3k
Wed Mar 27, 2024 8:15 pm
Forum: RouterBOARD hardware
Topic: Pure ROS boot...
Replies: 27
Views: 1333

Re: Pure ROS boot...

Will this apply to Cisco, Juniper, Arista, etc. as well?
by mada3k
Tue Mar 26, 2024 10:50 pm
Forum: RouterBOARD hardware
Topic: The product classification is really thoughtful.
Replies: 3
Views: 403

Re: The product classification is really thoughtful.

Mikrotik doesn't really do any market research or product segment research - thats why there is no "regular"/"usual" models. They build the product around the chips basically.
by mada3k
Sun Mar 24, 2024 10:32 am
Forum: RouterBOARD hardware
Topic: Request for Python Script to Change L2TP Password in MikroTik Router
Replies: 4
Views: 423

Re: Request for Python Script to Change L2TP Password in MikroTik Router

This should be under Scripting.

Personally I would use the REST-API if possible. Then just use Python with requests module.

Second choice is just to use "ssh" in conjuction with "print terse"
by mada3k
Fri Mar 22, 2024 7:18 pm
Forum: General
Topic: Loop Dos CVE-2024-2169 Mikrotik
Replies: 3
Views: 563

Re: Loop Dos CVE-2024-2169 Mikrotik

Almost all UDP services can be exploited. Never leave them open to the wild.
by mada3k
Sun Mar 17, 2024 11:09 am
Forum: RouterBOARD hardware
Topic: The ultimate home Layer 3 switch
Replies: 3
Views: 461

Re: The ultimate home Layer 3 switch

Please stop posting this non-sense requests for something not really possible in 2024 and just for your personal needs.

"home/fanless", "SFP28" and "cheap"
by mada3k
Thu Mar 14, 2024 9:23 pm
Forum: RouterBOARD hardware
Topic: CCR2116 4-pin Power Connector [SOLVED]
Replies: 0
Views: 2521

Re: CCR2116 4-pin Power Connector [SOLVED]

I bet that it's a typical 4-pin ATX12V and then it's called Molex Mini-Fit Jr.
https://i5.walmartimages.com/seo/StarTe ... e2fbc.jpeg
by mada3k
Thu Mar 14, 2024 7:39 pm
Forum: Announcements
Topic: Newsletter #117 | March 2024
Replies: 22
Views: 18405

Re: Newsletter #117 | March 2024

If you are putting fans in the unit, why on earth why not design the whole switch then for a front-to-back or side-to-side airflow. If you are putting this device is a warm closet, the powersupplies and SFPs might be OK, but the chips will run very hot since the airflow doesn't pass the heatsink.
by mada3k
Tue Mar 12, 2024 7:25 pm
Forum: RouterBOARD hardware
Topic: RB5009 and negative 48VDC
Replies: 3
Views: 545

Re: RB5009 and negative 48VDC

The most Mikrotiks have negative grounded chassis, so you can't simply swap the polarities. The only that has a true isolated input is the RB1100.
by mada3k
Mon Mar 11, 2024 7:59 pm
Forum: Announcements
Topic: Newsletter #117 | March 2024
Replies: 22
Views: 18405

Re: Newsletter #117 | March 2024

It's also very strange to have both fans and a big passive radiator. It's neither forced-air cooled nor passive-cooled. It must be quite expensive to manufacture all that heatsink for nothing.

Forced air devices have the advantage of be able to operate in warmer areas, passive ones can not.
by mada3k
Sat Mar 09, 2024 10:36 am
Forum: Announcements
Topic: Newsletter #117 | March 2024
Replies: 22
Views: 18405

Re: Newsletter #117 | March 2024

Precisely one of my points! and the price is 3X higher than the old CRS326-24G without any PoE and 1/5 of the memory! Unfortunally I'm afraid that some part of Mikrotik is going all in for the "performance-per-$" race, that can never be won because of China/Aliexpress/etc. That's why we s...
by mada3k
Fri Mar 08, 2024 10:17 pm
Forum: Announcements
Topic: Newsletter #117 | March 2024
Replies: 22
Views: 18405

Re: Newsletter #117 | March 2024

128M is certainly prohibitively low for running a sizable L3 network. For $1000 it should have an ARM with a 512MB at least.
by mada3k
Mon Mar 04, 2024 10:12 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 408
Views: 74175

Re: v7.15beta [testing] is released!

*) media - added support for DLNA;

I was happy to see SMB leave the default system package, but DLNA is even worse.
by mada3k
Thu Feb 08, 2024 1:36 pm
Forum: General
Topic: Add print server (printer support)
Replies: 145
Views: 102208

Re: Add print server (printer support)

Just no... Buy a decent printer instead with networking

Also, scrap the SMB support as well or move it to a package.
by mada3k
Sat Feb 03, 2024 7:59 pm
Forum: Announcements
Topic: Newsletter #116 | January 2024
Replies: 90
Views: 28866

Re: Newsletter #116 | January 2024

16M Flash in a $500 device is horrible. Serial NOR Flash exists with 64MB and higher aMore RAM helps at buffering the traffic, at my understanding. You are confusing memory for the OS and port-buffer memory. Port-buffer memory is tied to the switching ASIC. Many times it's builtin to the switch chip...
by mada3k
Sat Jan 27, 2024 1:28 pm
Forum: RouterBOARD hardware
Topic: Two L009s connected by DAC or AOC?
Replies: 1
Views: 474

Re: Two L009s connected by DAC or AOC?

I'm very sceptical that Active AOC-cables will accept 2.5Gbps. Passive DAC's might.
by mada3k
Sat Jan 27, 2024 10:55 am
Forum: General
Topic: Recommended for IPS/IDS
Replies: 6
Views: 2378

Re: Recommended for IPS/IDS

Suricata is an popular open-source alternative.

But note that 99,9% of typpical IoT-devices is encrypted traffic, usually HTTPS of some kind. So IDS/IPS is usually pointless.
by mada3k
Sat Jan 27, 2024 10:44 am
Forum: RouterBOARD hardware
Topic: New NOC option for Central Swtich vs Dell 4048s-on
Replies: 3
Views: 536

Re: New NOC option for Central Swtich vs Dell 4048s-on

For high performance switching, as for storage and such - I would keep the Dell's. Mikrotik isn't there yet.
by mada3k
Sat Jan 27, 2024 10:41 am
Forum: RouterBOARD hardware
Topic: Missing product: RB on an top-hat raill
Replies: 7
Views: 1091

Re: Missing product: RB on an top-hat raill

example is Moxa
And absolutly horrible from a software and management perspective
by mada3k
Sun Jan 07, 2024 12:21 pm
Forum: RouterBOARD hardware
Topic: hardware idea for two-port high performance router
Replies: 16
Views: 3219

Re: hardware idea for two-port high performance router

Everyone doesn't have fiber. I'm on Cable.

PPPoE is a very strange choise in modern FTTH/FTTB world. Last time I saw it was in the ADSL-days with some obscure providers, and then it was like 12Mbps at top.
by mada3k
Fri Jan 05, 2024 9:20 pm
Forum: RouterBOARD hardware
Topic: hardware idea for two-port high performance router
Replies: 16
Views: 3219

Re: hardware idea for two-port high performance router

I see, but either way sounds like a very slim "demand" for such a device since the majority of households have <1Gbps and often need a couple for ports for wired devices.

Yes, A two port mini-PC with 10GBase-T would probably be the closest thing.
by mada3k
Fri Jan 05, 2024 8:25 pm
Forum: RouterBOARD hardware
Topic: hardware idea for two-port high performance router
Replies: 16
Views: 3219

Re: hardware idea for two-port high performance router

For an "Edge CPE" for interfacing a customer with 10G you probably wan't a managed switch of some kind, like the CRS305.

The customer can then decide what kind of equipment they would like to use.
by mada3k
Fri Jan 05, 2024 11:42 am
Forum: RouterBOARD hardware
Topic: hardware idea for two-port high performance router
Replies: 16
Views: 3219

Re: hardware idea for two-port high performance router

Who cares about size and price when we are talking about 10gigs?
Why the desire for only two ports?
by mada3k
Mon Dec 25, 2023 12:38 pm
Forum: Forwarding Protocols
Topic: Does MTU on LOOPBACK matter?
Replies: 6
Views: 1963

Re: Does MTU on LOOPBACK matter?

Isn't there any disadvantage of using maximum L2/L3 MTU?

Higher lantecy? Memory/buffers usage?
by mada3k
Mon Nov 27, 2023 4:27 pm
Forum: RouterBOARD hardware
Topic: hAP ax3 DC Battery Back Up Power
Replies: 9
Views: 2350

Re: hAP ax3 DC Battery Back Up Power

I use a Meanwell tuned to 27.2V to float-change two SLA's, But my stuff is 11-30VDC.

27.2V is a bit to close to 28VDC. I would probably add a diode or L7824 or a diode (like MBR1060) to drop the voltage some.
by mada3k
Sun Nov 26, 2023 6:31 pm
Forum: General
Topic: Mikrotik CRS112-8G-4S-IN
Replies: 4
Views: 930

Re: Mikrotik CRS112-8G-4S-IN

CRS112 is not a router. You bought the wrong device.
by mada3k
Wed Nov 22, 2023 5:44 pm
Forum: RouterBOARD hardware
Topic: MikroTik AMPERE CPU (coming soon)
Replies: 18
Views: 8051

Re: MikroTik AMPERE CPU (coming soon)

I also suspect that it's only some boring cloud-VM.

Or maybe it's a new container & storage appliance? :)
by mada3k
Fri Nov 17, 2023 10:22 pm
Forum: RouterBOARD hardware
Topic: CCR1072/1036 vs. CCR2116 with 2000x PPPoE
Replies: 31
Views: 14921

Re: CCR1072/1036 vs. CCR2116 with 2000x PPPoE

Anyone defending PPPoE is plain stupid or too old and should retire while they can.
There seems to be an obsession with PPPoE in some countries, even in multiple gigabits FTTH days.

In Sweden it was used by some xDSL providers for a short while.
by mada3k
Sat Nov 11, 2023 6:17 pm
Forum: RouterBOARD hardware
Topic: QSFP to SFP28 adapter
Replies: 2
Views: 2072

Re: QSFP to SFP28 adapter

QSFP (4x10G) can't be converted to SFP28 (1x25G) of obvious reasons.
by mada3k
Sat Nov 11, 2023 6:10 pm
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 134
Views: 52478

Re: IS-IS

It's correct that IS-IS uses it's own protocol for adjacencies, but you need either IPv4 or IPv6 support to make something useful of it.

OSPF is built around/top of IP
IS-IS has support is extensible and has support for IP
by mada3k
Sat Nov 11, 2023 1:43 pm
Forum: General
Topic: CCR2004-16G-2S+ cold weather performance
Replies: 4
Views: 782

Re: CCR2004-16G-2S+ cold weather performance

No need for heating

I once had a computer (not powerfull) in a cold garage. It was put in an insulated box, with a temperature-regulated fan. When it got very cold, the fan stopped, hence keeping the heat.
by mada3k
Sat Nov 11, 2023 1:11 pm
Forum: Announcements
Topic: v7.12.1 [stable] is released!
Replies: 252
Views: 92045

Re: v7.12 [stable] is released!

Upgraded my RB5009+three AX2 to 7.12 but still I have very slow speeds on my local network (around 23 MB/s) between my iPad and my NAS whereas I had around 50 MB/s before 7.11 or so. Don’t understand what to do.
Most likley wireless conditions change in some way. Wireless is wireless.
by mada3k
Thu Nov 09, 2023 8:45 pm
Forum: RouterBOARD hardware
Topic: Ethernet - link down
Replies: 26
Views: 8689

Re: Ethernet - link down

Are you using shielded cables?
by mada3k
Sun Nov 05, 2023 2:13 pm
Forum: General
Topic: loud balance 3 starlink
Replies: 19
Views: 2515

Re: loud balance 3 starlink

As many already have said, you can't add and summarize bandwidth that way. However you can distrubute the load/sessions.
by mada3k
Sat Nov 04, 2023 3:59 pm
Forum: Forwarding Protocols
Topic: MPLS-TP
Replies: 11
Views: 3695

Re: MPLS-TP

I don't work for a Tier 1 Carrier so I don't know. Yes, Ciena seems to offer it as a high-SLA metro-service concept
by mada3k
Fri Nov 03, 2023 9:47 pm
Forum: Forwarding Protocols
Topic: MPLS-TP
Replies: 11
Views: 3695

Re: MPLS-TP

No, it's mainly used for specialized industries like utilities, industrial, military and so on. When were are often talking Megabits but needs to be very reliable and ultra-fast recovery scenarios. But It could be used as a transport for legacy services on a bigger carrier operator. EVPN and MPLS-TP...
by mada3k
Fri Nov 03, 2023 5:16 pm
Forum: RouterBOARD hardware
Topic: Request for modern PoE switching
Replies: 8
Views: 3328

Re: Request for modern PoE switching

Thats one issue with Mikrotik. They just don't have "basic everyday models", they build unicorns.

However, "easy to use and modern graphical interfaces" is not something thats preferable.
by mada3k
Fri Nov 03, 2023 5:03 pm
Forum: Forwarding Protocols
Topic: MPLS-TP
Replies: 11
Views: 3695

Re: MPLS-TP

MPLS-TP is not legacy, but its a niche market.

Correct, there is no reason for Mikrotik to invest in MPLS-TP, since it requires specialized hardware to make any sense.
by mada3k
Thu Nov 02, 2023 6:33 pm
Forum: Forwarding Protocols
Topic: MPLS-TP
Replies: 11
Views: 3695

Re: MPLS-TP

Well, It's often used as a replacement for legacy TDM-like tech, transporting synchronous and latency sensitive applications.
by mada3k
Tue Oct 31, 2023 9:50 pm
Forum: Forwarding Protocols
Topic: MPLS-TP
Replies: 11
Views: 3695

Re: MPLS-TP

MPLS-TP is a very different concept. It often requires and specialized hardware and provisioning concepts to make any sense of it.
by mada3k
Sat Oct 28, 2023 10:37 am
Forum: General
Topic: Can I bypass CGNAT with Chateau LTE6?
Replies: 45
Views: 3596

Re: Can I bypass CGNAT with Chateau LTE6?

Yes, you can "bypass" CGNAT with a VPN provider with public IP or VPN to a cloud-hosted host with an public IP.
by mada3k
Thu Oct 19, 2023 3:41 pm
Forum: General
Topic: Zero touch provision
Replies: 7
Views: 1424

Re: Zero touch provision

We are using mac-telnet as a sort of "zero touch".

But no, there is no way of downloading a new config at boot via DHCP/TFTP like a Cisco device to my knowledge.
by mada3k
Tue Oct 17, 2023 8:04 pm
Forum: Forwarding Protocols
Topic: ROS 7.11 OSPF PTP Unnumbered
Replies: 3
Views: 2670

Re: ROS 7.11 OSPF PTP Unnumbered

i'm guessing that there's more work to be done. Not sure if it will ever work with "switched" ports in some way, only "real" NICs.

But it would of course be great if it got support.
by mada3k
Sat Oct 14, 2023 7:00 pm
Forum: General
Topic: Mikrotik SUCKS
Replies: 82
Views: 12277

Re: Mikrotik SUCKS

I for one can not get my head around openwrt. The base system and packaging is great, but the "uci" is just horrible in comparison to IOS, JunOS or RouterOS. What exactly is confusing? I work with Juniper, Arista, Huawei, MikroTik, Cumulus Linux, Debian/Ubuntu+FRR. For example - The VLAN ...
by mada3k
Sat Oct 14, 2023 5:03 pm
Forum: RouterBOARD hardware
Topic: Dual power supply status
Replies: 7
Views: 11690

Re: Dual power supply status

Whats wrong with psu1-voltage & psu2-voltage ?
by mada3k
Sat Oct 14, 2023 11:39 am
Forum: General
Topic: Mikrotik SUCKS
Replies: 82
Views: 12277

Re: Mikrotik SUCKS

RouterOS can be, very confusing if you are very in to like Cisco/Juniper for since many years. It also can be very confusning if you are a DIY Linux/OpenWRT person and are looking for files to edit. One "drawback" is that you can accomplish things in different ways, with pros and cons. Thi...
by mada3k
Fri Oct 13, 2023 8:03 pm
Forum: RouterBOARD hardware
Topic: Router for 2.5 G / 500 connections
Replies: 3
Views: 2672

Re: Router for 2.5 G / 500 connections

PPPoE is very CPU heavy without hardware offload (witch Mikrotiks doesn't have) For 3Gbit PPPoE troughput you probaby need at least a CCR2004-like device.

To expensive? Downgrade your Internet connection or choose a non-PPPoE provider
by mada3k
Tue Oct 10, 2023 6:33 pm
Forum: RouterBOARD hardware
Topic: Mini PC with 2x 10G
Replies: 10
Views: 4291

Re: Mini PC with 2x 10G

Some Supermicro board with 2x10G ports.
by mada3k
Sat Sep 30, 2023 12:29 pm
Forum: RouterBOARD hardware
Topic: Console connection
Replies: 2
Views: 2247

Re: Console connection

Many many many times yes. But not a RB450G.

Make sure that you haven't disabled it under /port och /system/console
by mada3k
Fri Sep 29, 2023 12:44 pm
Forum: General
Topic: Why are there no production-grade L3 switches from MikroTik in 2023?
Replies: 26
Views: 4397

Re: Why are there no production-grade L3 switches from MikroTik in 2023?

On the other hand - you really can't buy a Nexus or QFX without a pricey support agreement (except for second hand)
by mada3k
Fri Sep 29, 2023 10:57 am
Forum: General
Topic: Why are there no production-grade L3 switches from MikroTik in 2023?
Replies: 26
Views: 4397

Re: Why are there no production-grade L3 switches from MikroTik in 2023?

"production-grade" is a strange term of use. What your are talking about is a serious datacenter-switch. Yes, Mikrotik should implement EVPN support. And Yes, they should implement MPLS/VXLAN hardware support if possible. TCAM space comes with a cost, and makes no sense for a regular enter...
by mada3k
Sun Aug 27, 2023 7:41 pm
Forum: Announcements
Topic: v6.49.10 [long-term] is released!
Replies: 33
Views: 83349

Re: v6.49.10 [stable] is released!

Probably some minor vulnerability that makes the web-server crash
by mada3k
Sun Aug 20, 2023 3:08 pm
Forum: RouterBOARD hardware
Topic: CCR2004 packet loss
Replies: 135
Views: 58552

Re: CCR2004 packet loss

The issue is most likley the lack of insuffiecent buffers to handle the "speed conversion". A lot of cheaper switches suffers from this.
by mada3k
Sat Aug 19, 2023 2:46 pm
Forum: RouterBOARD hardware
Topic: "RouterOS on spare computer vs MikroTik device?
Replies: 10
Views: 4107

Re: "RouterOS on spare computer vs MikroTik device?

On the other hand, using a PC, depending on the CPU, it can handle more traffic than almost all MikroTik models, especially IPsec. Of course, but is that really an issue when talking home/small office case? The main reason for on running a PC is that you either like to roll your own firewall (linux...
by mada3k
Sat Aug 19, 2023 11:22 am
Forum: General
Topic: ⚠️Security Issue: Changing rights / disable / delete the users has no effect on already logged in users.
Replies: 35
Views: 5595

Re: ⚠️Security Issue: Changing rights / disable / delete the users has no effect on already logged in users.

All operating systems works like this. Permissions are checked at login - not during session.
by mada3k
Wed Aug 16, 2023 6:41 pm
Forum: RouterBOARD hardware
Topic: "RouterOS on spare computer vs MikroTik device?
Replies: 10
Views: 4107

Re: "RouterOS on spare computer vs MikroTik device?

The drawbacks of using a PC as router/firewalls is power-up time, power consumption, size, number of ports, lack of hardware switched ports, etc.
by mada3k
Sun Aug 13, 2023 2:31 pm
Forum: General
Topic: SFP Temperature is 255C after Router OS upgrade [SOLVED]
Replies: 12
Views: 3176

Re: SFP Temperature is 255C after Router OS upgrade [SOLVED]

The DAC most likely doesn't have a temperature sensor since it's a DAC.
by mada3k
Sat Aug 12, 2023 11:12 pm
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 134
Views: 52478

Re: IS-IS

Thumbs of for IS-IS support! MikroTik should make use of DPDK for packet forwarding/originating from the router itself and use XDP hardware offloaded mode for packet filtering. Their existing hardware line can definitely hit peak line-rate performance. Maybe, maximal possible throughput at any cost ...
by mada3k
Fri Jun 23, 2023 2:04 pm
Forum: RouterOS beta
Topic: Feature request: Link Flap Prevention and Dampening
Replies: 3
Views: 2400

Re: Feature request: Link Flap Prevention and Dampening

I know about BFD and we use that as well. But thats only for detecting issues faster than the IGP itself. But there is no "penalty" concept so it triggers constant IGP recalculation. And it only works for L3.
by mada3k
Sat Jun 17, 2023 11:13 am
Forum: General
Topic: Monitor UPS via Ethernet
Replies: 7
Views: 1213

Re: Monitor UPS via Ethernet

Should work, albeit you need to do some string-spilt to get the actual value.
 > :put [/tool/snmp-get address=192.168.1.1 version=2c community=xxxxxxx oid=.1.3.6.1.4.1.14988.1.1.7.6.0 as-value]
oid=1.3.6.1.4.1.14988.1.1.7.6.0;type=octet-string;value=Apr/07/2022 17:53:31
by mada3k
Wed Jun 14, 2023 10:11 pm
Forum: RouterOS beta
Topic: Feature request: Link Flap Prevention and Dampening
Replies: 3
Views: 2400

Feature request: Link Flap Prevention and Dampening

This is very useful when running into bad cabling or having problems with underlaying equipment. This should cover routing protocols as well, where sudden packetloss somtimes tiggers constant adjacency change between routers. It has been present in other vendors for many years now. https://www.cisco...
by mada3k
Wed Jun 14, 2023 9:51 pm
Forum: General
Topic: Monitor UPS via Ethernet
Replies: 7
Views: 1213

Re: Monitor UPS via Ethernet

I suppose that the UPS network module supports SNMP. Then in theory you could use /tool/snmp-get and some scripting to regulary ask the UPS of its state.
by mada3k
Wed Jun 14, 2023 9:47 pm
Forum: General
Topic: 'SVI' IP not arping
Replies: 3
Views: 436

Re: 'SVI' IP not arping

Its a strange quirk indeed that you need to add the bridge to itself as tagged :)
by mada3k
Wed Jun 14, 2023 9:41 pm
Forum: RouterOS beta
Topic: Feature Request: IP address aliases
Replies: 2
Views: 2309

Re: Feature Request: IP address aliases

I use address lists as IP-aliases or "host objects" in firewall.
by mada3k
Sun Jun 11, 2023 6:08 pm
Forum: RouterBOARD hardware
Topic: Is there any plan for cheaper 5G devices?
Replies: 5
Views: 3840

Re: Is there any plan for cheaper 5G devices?

€300 is quite reasonable for a 5G all-on-one box. In my country they are priced around €400-900 - witch is indeed expensive. I'm guessing that the powerful CPU and multiple radio/antennas help push the price up, not only the 5G modem.

Maybe the should release an antenna-modem-bridge only device?
by mada3k
Sun Jun 04, 2023 2:23 pm
Forum: RouterBOARD hardware
Topic: What's are my options for turning this empty serial port into a usable console interface?
Replies: 2
Views: 2524

Re: What's are my options for turning this empty serial port into a usable console interface?

Those pins is a 3.3V TTL-level UART port - not RS-232. You will probably damage the device is you connect a regular RS-232 port there. You will need a MAX232 or simmilar chip to make it compliant with RS-232.
by mada3k
Sun May 28, 2023 4:42 pm
Forum: Forwarding Protocols
Topic: Allow VPLS through Firewall [SOLVED]
Replies: 4
Views: 2770

Re: Allow VPLS through Firewall [SOLVED]

You might need to allow input of ether-frames 0x8847 (mpls-unicast) somehow.
by mada3k
Wed May 24, 2023 4:26 pm
Forum: RouterBOARD hardware
Topic: Better firewalling performance than 2216?
Replies: 4
Views: 2809

Re: Better firewalling performance than 2216?

Running with connection tracking off cuts down CPU usage quite much since connections doesn't need to be kept or matched. You really should consider creating raw rules.

If you are using L3HW support, then you could create rules under /interface ethernet switch rule maybe instead.
by mada3k
Sun May 14, 2023 10:32 pm
Forum: RouterBOARD hardware
Topic: DIN Mount Gigabit CRS
Replies: 4
Views: 5211

Re: DIN Mount Gigabit CRS

Bump. This is really a product segment Mikrotik should consider. The market today basically consists of either stupid dumb, or overpriced industrial variants with horrible and outdated software OR astonishingly expensive Cisco IE-series stuff. Something performance-wise like the hEX or new L009. 2 S...
by mada3k
Sun Apr 30, 2023 10:23 pm
Forum: General
Topic: RB5009UPr+S+IN NAND sufficient for container
Replies: 3
Views: 568

Re: RB5009UPr+S+IN NAND sufficient for container

Be very careful not do cause unnecessary writing to the filesystem and wear out the NAND.
by mada3k
Sun Apr 30, 2023 5:12 pm
Forum: RouterBOARD hardware
Topic: switch selection
Replies: 4
Views: 2138

Re: switch selection

If you are configure correctly, then the performance will be same on both OS. The difference is in management and features.
by mada3k
Thu Apr 27, 2023 5:12 pm
Forum: RouterOS beta
Topic: "Detect internet" strange behavior ROS 7.0-7.6
Replies: 15
Views: 4105

Re: "Detect internet" strange behavior ROS 7.0-7.6

This is a rather pointless feature and should be removed.
by mada3k
Sat Apr 22, 2023 10:19 pm
Forum: RouterBOARD hardware
Topic: IPv4 Routes supported by CCR1072-1G-8S+
Replies: 2
Views: 1731

Re: IPv4 Routes supported by CCR1072-1G-8S+

The 1072 is quite old. Would not recommend it. All CCR10xx only does software routing, hence there is no real upper limit (except for memory) CCR2116 is a better choice. However, No Mikrotiks can hold million of routes in hardware. Not sure what a MX5 does but probably more, since a couple of factor...
by mada3k
Wed Apr 19, 2023 6:29 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13505

Re: Something NEEDS to be done about the default passwords

Will this apply for higher end models as well? (like CCRs) What will happen when you do a reset? Go back to the on-label password?
by mada3k
Mon Apr 10, 2023 11:23 am
Forum: General
Topic: Redundant VPLS Termination
Replies: 5
Views: 1166

Re: Redundant VPLS Termination

Interesting. I think it's best practice not to have any chance of overlapping LSR-ID's, but I'm not sure. It will probably work. We have solved our redundant tunnels with basically terminating twice (in core1 and core2) and let RSTP decide path. We also have some EoIP tunnels, but those are bound to...
by mada3k
Fri Apr 07, 2023 11:34 am
Forum: RouterBOARD hardware
Topic: idea: 24 ports POE switch with dual power inputs and more RAM
Replies: 2
Views: 2286

Re: idea: 24 ports POE switch with dual power inputs and more RAM

Or have an DC input in addition to AC like the recent ones.
by mada3k
Thu Apr 06, 2023 9:39 pm
Forum: RouterBOARD hardware
Topic: CRS504-4XQ-IN. Dual DC Power
Replies: 2
Views: 1540

Re: CRS504-4XQ-IN. Dual DC Power

Judging by the inside photos, there seems to be a resonable sized transformer, often used for isolated DC/DC. But if the negative input is tied to the chassis is unknown.
by mada3k
Thu Apr 06, 2023 6:55 pm
Forum: RouterBOARD hardware
Topic: CCR2004-16G-2S+PC NO USB, WHYYY!??
Replies: 20
Views: 6282

Re: CCR2004-16G-2S+PC NO USB, WHYYY!??

The correct choice to do
by mada3k
Thu Apr 06, 2023 6:51 pm
Forum: RouterBOARD hardware
Topic: Please make a 6x100g switch...
Replies: 20
Views: 4096

Re: Please make a 6x100g switch...

Two VmWare ESXi servers with two 100-Gig ports ( 4 ports for redundant communications) Two NAS server with two 100-Gig ports ( 4 ports for redundant communications) Two 100-GIg uplink/downlink ports to other switches ( 2 ports) So far - for a simple tiny network room of 2 servers and 2 nas devices ...
by mada3k
Fri Mar 31, 2023 7:54 pm
Forum: RouterBOARD hardware
Topic: Please make a 6x100g switch...
Replies: 20
Views: 4096

Re: Please make a 6x100g switch...

Well, the CRS504 is not designed for server-rooms - it has all the wrong features. It's made for a city/metro network as I see it.

Go buy white-box/bare-metal 100G switches if you need it for you servers. Don't see the point why Mikrotik should make it.
by mada3k
Sun Mar 26, 2023 7:07 pm
Forum: General
Topic: CRS112 and RSTP
Replies: 4
Views: 836

Re: CRS112 and RSTP

What is untagged in a CRS112 then, VLAN ID 0 or 1?

That means that I need to allow it on all trunks I guess? on edge/accesses also?

There seems to be a lack of examples how to set this up in the wiki/help
by mada3k
Sun Mar 26, 2023 1:18 pm
Forum: General
Topic: CRS112 and RSTP
Replies: 4
Views: 836

CRS112 and RSTP

We use CRS112's as "CPE" like nodes in our network, to terminate customer services. On some occations we daisy-chain two switches with optical or RJ45 between. We usually setup switching under /interface ethernet switch section and no use multiple bridges. One management-VLAN and others fo...
by mada3k
Sun Mar 26, 2023 12:00 pm
Forum: General
Topic: Observability of Mikrotik devices
Replies: 2
Views: 348

Re: Observability of Mikrotik devices

I use SNMP via collectd->influxdb->grafana. But just for interfaces/load.
by mada3k
Sun Mar 26, 2023 11:56 am
Forum: Forwarding Protocols
Topic: Hotspot in VPLS
Replies: 3
Views: 2225

Re: Hotspot in VPLS

whats "hotspot over VPLS"?
by mada3k
Sat Mar 25, 2023 11:41 am
Forum: Announcements
Topic: v7.9beta [testing] is released!
Replies: 118
Views: 25772

Re: v7.9beta [testing] is released!

*) console - added option to create new files using "/file add" command (CLI only);
Thanks! That makes future deployments so much easier!
by mada3k
Tue Mar 21, 2023 1:23 pm
Forum: RouterBOARD hardware
Topic: CRS310-1G-5S-4S+IN SFP connectivity distance
Replies: 4
Views: 2789

Re: CRS310-1G-5S-4S+IN SFP connectivity distance

As long as the power & cooling-requirements for the module is taken care of then it should work just fine.
by mada3k
Sat Mar 11, 2023 12:42 pm
Forum: RouterBOARD hardware
Topic: CRS326-24G-2S+RM with 2.5GBit sfp+ possible?
Replies: 11
Views: 5632

Re: CRS326-24G-2S+RM with 2.5GBit sfp+ possible?

The switch-chip must also support NBase-T standard. 10GBase-T/SFP+ does not imply 2.5G support. Nbase-T is an later standard.
by mada3k
Sat Mar 11, 2023 11:31 am
Forum: RouterBOARD hardware
Topic: Product Request: Coax SFP
Replies: 13
Views: 7600

Re: Product Request: Coax SFP

Because in a lot of buildings, such as hotels or apartments, replacing the cabling is not an option. The cost of removing the walls is the cost that you might as well spend on building an entirely new structure. Are they molded into the concrete? DOCSiS I can understand since it's buried into the g...
by mada3k
Fri Mar 10, 2023 10:56 am
Forum: RouterBOARD hardware
Topic: Product Request: Coax SFP
Replies: 13
Views: 7600

Re: Product Request: Coax SFP

MoCA is strange, why not just replace the Coax with Cat6 or fiber? However, I can agree that it's quite impressive that they managed to squize that into a SFP module, but I'm sure it runs terribly hot. I wish Cable ISPs provided two alternatives - one all-in-one-wifi-box for the consumers, and one m...
by mada3k
Wed Mar 01, 2023 3:37 pm
Forum: Announcements
Topic: Newsletter 111
Replies: 24
Views: 19634

Re: Newsletter 111

Really cool devices, but do you have any plans to support SPB, EVPN, CE or similar? Feels a bit wasteful setting up a 25G/100G links with plain RSTP (witch results in a lot of unused links). Or is the idea to not use and L2 at all?
by mada3k
Wed Mar 01, 2023 3:23 pm
Forum: RouterBOARD hardware
Topic: Idea for a new Switch (8x 2.5G RJ45 + 2x SFP+)
Replies: 2
Views: 1447

Re: Idea for a new Switch (8x 2.5G RJ45 + 2x SFP+)

Personally I think Mikrotik should stop releasing dumb equipment with great numbers. There are already cheap stuff on Aliexpress for those who just want the numbers.

With that said. A 24/48 1G+2.5G combo switch with and without PoE and maybe 2-4 SFPs would not hurt. But NOT with SwOS.
by mada3k
Wed Mar 01, 2023 3:19 pm
Forum: RouterBOARD hardware
Topic: RB5009 FTTH
Replies: 2
Views: 1910

Re: RB5009 FTTH

GPON is unfortunally what it is. It's an active intelligent component and not just a SFP transciever. In essential it's part of the providers network.

Fortunally in my country PON is very very rare. All FTTH networks here uses BiDi SFP-based and can usually be moved to whatever equipment you like.
by mada3k
Sat Feb 18, 2023 9:38 pm
Forum: Containers
Topic: openwrt as container on mikrotik vps !!!
Replies: 2
Views: 3923

Re: openwrt as container on mikrotik vps !!!

You have misunderstood what a container is.
by mada3k
Sat Feb 18, 2023 2:45 pm
Forum: Forwarding Protocols
Topic: OSPF video surveillance system
Replies: 13
Views: 2740

Re: OSPF video surveillance system

Well, the CRS112 maxes out on ~80Mbit of IP-routing, so it's not a good router. A ring of switches is not a great idea either. I would: - Assign one VLAN for each site with its own subnet. - Use the CRS317 with Inter-VLAN routing and run OSPF between them and the CCR1009. - Put a router before or af...
by mada3k
Sat Feb 18, 2023 11:54 am
Forum: Announcements
Topic: v7.8rc is released!
Replies: 125
Views: 44711

Re: v7.8rc is released!

Yes, the Internet Detect issue is not solved yet. When it will be fixed, then that will be mentioned in the release notes. We are aware of a problem with Detect Internet. Best solution would be to just remove it. It did not work out, it does not solve any issue or provide any useful function, yet i...
by mada3k
Sat Feb 18, 2023 11:50 am
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 291
Views: 39834

Re: FEATURE REQUEST: full cone NAT

This is why Mikrotik should not bother with the Consumer/Ho-market.

Side-note: CGNAT-providers should provide more than one CGNAT-adress to avoid NAT-over-NAT issues.
by mada3k
Mon Feb 13, 2023 2:02 pm
Forum: RouterBOARD hardware
Topic: RB750Gr2 HW and performance specs
Replies: 11
Views: 2210

Re: RB750Gr2 HW and performance specs

Please don't confuse L3HW with NAT Firewall
by mada3k
Sun Feb 12, 2023 6:16 pm
Forum: RouterBOARD hardware
Topic: RB4011iGS+RM 48v Connector
Replies: 1
Views: 887

Re: RB4011iGS+RM 48v Connector

We have done that with CCR1009. Beware that "48 volts" often means negative 48V. So the chassis must be isolated from ground/earth.
by mada3k
Sat Feb 11, 2023 12:54 pm
Forum: General
Topic: CCR2216-1G-12XS-2XQ + CRS312-4C+8XG-RM with gigabit connections is way off in speed
Replies: 13
Views: 1564

Re: CCR2216-1G-12XS-2XQ + CRS312-4C+8XG-RM with gigabit connections is way off in speed

Not going to read all details, but you are having a server on 10G and a client of some kind on 1G at the other end? Mikrotik switches are known to not have big packet buffers - and when you try to feed a lot of data into a smaller pipe, the packet buffer on the switch takes a hit, causing packet dro...
by mada3k
Fri Feb 03, 2023 3:09 pm
Forum: RouterBOARD hardware
Topic: Connecting RB4011 to ADSL, without ISP modem?
Replies: 13
Views: 2120

Re: Connecting RB4011 to ADSL, without ISP modem?

Not everyone has LAN/Fiber, I have a Coax DOCSiS modem put in bridged mode.

Find a DSL modem that supports bridged mode or some passtrough mode.
by mada3k
Sun Jan 29, 2023 6:42 pm
Forum: RouterBOARD hardware
Topic: RB5009UPr+S+ SFP module not working
Replies: 19
Views: 7358

Re: RB5009UPr+S+ SFP module not working

Tried setting static speed/duplex and disable auto-nego?
by mada3k
Sun Jan 29, 2023 5:59 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 73138

Re: v7.8beta [testing] is released!

From Cisco: https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-9300-series-switches/white-paper-c11-742415.html (emphasis mine) I applaud and welcome the fact that we also get it on the little ARM/ARM64 boxes. In the coming months, out of the hundreds of RouterOS devices I have ins...
by mada3k
Sun Jan 29, 2023 2:59 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 73138

Re: v7.8beta [testing] is released!

... Well made points. The market is already flooded with SDWAN, IDS, NGFW stuff, and it's probably very hard to gain any foot there because those who want's this are willing to pay for it. But RouterOS is the only alternative I know besides the "giants" that does advanced BGP, BGP-VPNv4, ...
by mada3k
Fri Jan 27, 2023 10:22 am
Forum: RouterBOARD hardware
Topic: MaxxWave MW-UTP-G-US compatibility in CRS switches?
Replies: 1
Views: 956

Re: MaxxWave MW-UTP-G-US compatibility in CRS switches?

And there is no info about the SFP either?

Copper SFPs can be tricky, especially when mixing vendors. Always try to force speed & duplex.
by mada3k
Thu Jan 26, 2023 1:01 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 73138

Re: v7.8beta [testing] is released!

Some SDWAN solutions can detect protocols, hostnames & applications and take decision what path it should take. It's great for it's purpose, but often proprietary. <Raises hand> Um, I have six 2116's and just bought two more.</hand down> I also have a farm of NUCs, Mac Mini's, and Mac Pro 5,1's ...
by mada3k
Wed Jan 25, 2023 9:59 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 73138

Re: v7.8beta [testing] is released!

What about having different ROS versions for SOHO boxes and serious routers? So one team can work on nerdy-stuff like containers and similar and another team can work on finally fixing and implementing basic routing stuff for CCR2x16 boxes? I tend to agree. I can see that making RouterOS interface ...
by mada3k
Tue Jan 24, 2023 9:35 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 73138

Re: v7.8beta [testing] is released!

No core routing (BFD,EVPN, buggy VPN4) functionality for routers
Would be nice to have an alternative to hideously expensive Cisco/Juniper/Arista EVPN switches instead of relying on spanning-tree.
by mada3k
Mon Jan 23, 2023 1:53 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 73138

Re: v7.8beta [testing] is released!

I would wait until they actually releases any SAN/NAS hardware, or else it's pointless (since it exists so many NAS platforms for generic x86 already) in general called SD-WAN. This is implemented in v7 using ZeroTier. Thats properitary and requires a central controller somewhere, and can't co-exist...
by mada3k
Sat Jan 21, 2023 9:41 pm
Forum: RouterBOARD hardware
Topic: Is CRS305-1G-4S+IN fast enough for 1000mbit home router?
Replies: 11
Views: 4051

Re: Is CRS305-1G-4S+IN fast enough for 1000mbit home router?

Fasttrack is just a software acceleration scheme. L3HW uses a on-chip routing table with in-chip lookups and forwarding.

Pure L3 routing = no firewall rules, no connection tracking, no QoS, no NAT, no mangle.
by mada3k
Sat Jan 21, 2023 3:48 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 73138

Re: v7.8beta [testing] is released!

This is a disappointing release as 7.8, should have been 7.7.1. When are we going to see Mikrotik address those critical route/switch features that most enterprises use. Specifically: 1. BFD fixed 2. BGP-VPNv4-VRF RR fixed 3. Something equivalent to Cisco DMVPN, HP DVPN, Meraki AutoVPN, or Fortinet...
by mada3k
Fri Jan 20, 2023 8:04 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 73138

Re: v7.8beta [testing] is released!

Intresting. Mikrotik planning to enter the SAN/NAS business?
by mada3k
Fri Jan 20, 2023 5:38 pm
Forum: RouterBOARD hardware
Topic: Is CRS305-1G-4S+IN fast enough for 1000mbit home router?
Replies: 11
Views: 4051

Re: Is CRS305-1G-4S+IN fast enough for 1000mbit home router?

I would not trust a switch as a firewall. Only for pure L3 routing.
by mada3k
Tue Jan 17, 2023 3:20 pm
Forum: RouterBOARD hardware
Topic: CCR1036 -12G-4S not starting after reboot. [SOLVED]
Replies: 4
Views: 1527

Re: CCR1036 -12G-4S not starting after reboot. [SOLVED]

These are getting a bit old by now. The capacitors are probably going end of life.
by mada3k
Tue Jan 17, 2023 3:19 pm
Forum: RouterBOARD hardware
Topic: Hardware selection
Replies: 11
Views: 2107

Re: Hardware selection

For speeds over 100Mbps, you should buy a proper router, not a switch with limited CPU resources.
by mada3k
Mon Jan 16, 2023 1:49 pm
Forum: RouterBOARD hardware
Topic: Hardware selection
Replies: 11
Views: 2107

Re: Hardware selection

I am still stuck on a CRS125 routing at 1Gig??? It's primarly a switch. If you can afford 2Gbps of Internet then you probably can afford a router that can handle it as well. Cries in 50/10 internet connection And I'm on 100/10. I can upgrade to 1000/100 but thats €89/month and simply not worth it.
by mada3k
Sun Jan 15, 2023 5:43 pm
Forum: Scripting
Topic: Built in function library
Replies: 132
Views: 134684

Re: Built in function library

Creating a new file and appending input from CLI. Adding a new public ssh key as file, and importing it to a user. Today it has to be done via SCP/SFTP, then imported.

For example:
/file add name="user.pub" content="ssh-rsa XXXXXXXXXXXXXXXXXXXXX"
by mada3k
Sun Jan 15, 2023 5:19 pm
Forum: RouterBOARD hardware
Topic: Any Chance for a CRS610-8P-2S+IN
Replies: 7
Views: 1694

Re: Any Chance for a CRS610-8P-2S+IN

The host table doesn't show IP or VLAN ID... Ugh.
I't cant show IPs of connected hosts, it's a L2 switch
by mada3k
Sun Jan 15, 2023 11:40 am
Forum: RouterBOARD hardware
Topic: Any Chance for a CRS610-8P-2S+IN
Replies: 7
Views: 1694

Re: Any Chance for a CRS610-8P-2S+IN

SwOS is unfortunally just impossible to manage in scale since it's a basic web-managed switch with no security or central managebility. It's for pure home-usage.

I could have been the successor of the excellent CRS112
by mada3k
Sun Jan 15, 2023 11:34 am
Forum: RouterBOARD hardware
Topic: Hardware selection
Replies: 11
Views: 2107

Re: Hardware selection

The 2Gb pipe will come through ethernet.
Yes but at what standard? A single 2.5GBase-T ?
by mada3k
Sat Jan 14, 2023 9:34 pm
Forum: RouterBOARD hardware
Topic: Any Chance for a CRS610-8P-2S+IN
Replies: 7
Views: 1694

Re: Any Chance for a CRS610-8P-2S+IN

I agree, SwitchOS is a no-no for some envoriments.
by mada3k
Fri Jan 13, 2023 1:13 pm
Forum: RouterBOARD hardware
Topic: 2CC-5G CA, or NR CA found a modem that supports it
Replies: 3
Views: 1868

Re: 2CC-5G CA, or NR CA found a modem that supports it

Why on earth would you use USB instead of PCIe ?
by mada3k
Fri Jan 13, 2023 1:11 pm
Forum: RouterBOARD hardware
Topic: Hardware selection
Replies: 11
Views: 2107

Re: Hardware selection

An Rb5009 for example.

How will this 2Gbit line be delievered? As a SFP+, 2.5G SFP or 1G 2xRJ45?
by mada3k
Wed Jan 11, 2023 6:33 pm
Forum: General
Topic: EoIP split traffic [SOLVED]
Replies: 14
Views: 1494

Re: EoIP split traffic [SOLVED]

I use OSPF between two locations with 3-4 subnets on each side just for simplicity. Sure, you can use EoIP, but why would you need to carry VLANs over Internet? IPIP has lower overhead. Just point the dhcp-relay to the Windows DHCP server at HQ. Traffic/network isolation and will be done in the near...
by mada3k
Wed Jan 11, 2023 1:49 pm
Forum: General
Topic: EoIP split traffic [SOLVED]
Replies: 14
Views: 1494

Re: EoIP split traffic [SOLVED]

I agree, setup some IPIP-tunnels and run OSFP over them. Let each branch access Internet by themselves.

For DHCP you can use the dhcp-relay service. DNS can continue to point at the HQ.
by mada3k
Thu Jan 05, 2023 2:03 pm
Forum: RouterBOARD hardware
Topic: Discussion on CPU Architectures
Replies: 5
Views: 2545

Re: Discussion on CPU Architectures

Just a bunch of Chinese development boards with horrible software support. Where is the actual products?
by mada3k
Wed Dec 28, 2022 10:25 pm
Forum: General
Topic: Modem hunged up problem
Replies: 10
Views: 6082

Re: Modem hunged up problem

This may be a valid point. But wouldn't this cause all devices offline? For example in one city in Germany I have two devices. They were both online when I was last there to install them. After 2 days one of those devices went offline and never got back. One is always online since then (>1week). Or...
by mada3k
Mon Dec 26, 2022 6:53 pm
Forum: General
Topic: Modem hunged up problem
Replies: 10
Views: 6082

Re: Modem hunged up problem

Ericsson F5521gw
At least in my country, all providers are shutting down 3G services (making room for 5G) this last year. Maybe that's you old 3G modems are getting kicked out.
by mada3k
Fri Dec 23, 2022 1:11 pm
Forum: RouterBOARD hardware
Topic: RouterOS v7.6 in CCR1072
Replies: 19
Views: 6075

Re: RouterOS v7.6 in CCR1072

The 1072 was probably a bit on the bleeding edge of reasonable hardware design.
by mada3k
Fri Dec 16, 2022 5:52 pm
Forum: RouterBOARD hardware
Topic: Please in the future remove DC Jack input...
Replies: 19
Views: 2252

Re: Please in the future remove DC Jack input...

USB-PD needs quite complicated logic to provide more power than a regular USB. That logic comes with a cost.
by mada3k
Thu Dec 08, 2022 7:19 pm
Forum: RouterOS beta
Topic: v7 MPLS hardware offload?
Replies: 25
Views: 10162

Re: v7 MPLS hardware offload?

No. The CPU does the FIB calculation, then the forwarding is done in hardware.
by mada3k
Thu Dec 01, 2022 11:01 am
Forum: RouterBOARD hardware
Topic: RB1100AHx4 vs CCR series for core/distribution?
Replies: 17
Views: 11476

Re: RB1100AHx4 vs CCR series for core/distribution?

The biggest drawback of the rb1100ahx4 is the lack of SFP ports otherwise a great router.
by mada3k
Sat Nov 26, 2022 1:10 pm
Forum: Beginner Basics
Topic: MX204 alternative?
Replies: 7
Views: 1649

Re: MX204 alternative?

Depending on the specific function and workload, Mikrotiks might be able to do the job.

You simply have to buy and test, but it will never "replace" a MX204 or a Cisco ASR as a complete product replacement.
by mada3k
Fri Nov 25, 2022 7:33 pm
Forum: RouterBOARD hardware
Topic: XS+31LC10D and CRS318-16P-2S+out no link after reboot
Replies: 3
Views: 2585

Re: XS+31LC10D and CRS318-16P-2S+out no link after reboot

Tried setting no-negotiate and static speed & duplex?
by mada3k
Tue Nov 22, 2022 6:41 pm
Forum: General
Topic: Does mikrotik fast path works in X86 custom build PC
Replies: 2
Views: 560

Re: Does mikrotik fast path works in X86 custom build PC

Probably none. It's quite exotic with x86 boards with built in manageable switch chip.
by mada3k
Tue Nov 22, 2022 5:03 pm
Forum: RouterOS beta
Topic: v7 MPLS hardware offload?
Replies: 25
Views: 10162

Re: v7 MPLS hardware offload?

It's also the one of the hardest protocols to get right when developing for an ASIC so tackling easier protocols first is understandable.
I'n my view it should be the simpliest. The MPLS FIB is basically Label in & out and swap or pop.

HW NAT and/or HW IPv6 sounds like a logical nightmare.
by mada3k
Sun Nov 20, 2022 10:28 pm
Forum: RouterBOARD hardware
Topic: req: wAP AC w/ PoE passthrough
Replies: 6
Views: 3359

Re: req: wAP AC w/ PoE passthrough

Sometimes it's very useful to be able to daisy-chain some APs when new cabling is not possible.
by mada3k
Fri Nov 18, 2022 6:34 pm
Forum: RouterOS beta
Topic: v7 MPLS hardware offload?
Replies: 25
Views: 10162

Re: v7 MPLS hardware offload?

The most cases of inter-VLAN routing have some kind of firewalling in mind, and that most likley will break the HW acceleration. The hardware can never fit a full real-life Internet BGP-table either.

MPLS is used by many smaller WISP/ISP for VPLS services customers and VPN VRFs.
by mada3k
Fri Nov 18, 2022 11:29 am
Forum: RouterOS beta
Topic: v7 MPLS hardware offload?
Replies: 25
Views: 10162

Re: v7 MPLS hardware offload?

It's a bit strange to begin with IPv4&6 HW offload, and not MPLS. All major providers use MPLS for carrying internal traffic between core nodes. IPv4/6 offloading only work with plain forwarding, and people except to be able to use complicated firewall rules, nat, tracking, pppoe, tunnels and ot...
by mada3k
Sun Nov 13, 2022 6:38 pm
Forum: RouterBOARD hardware
Topic: CRS112-8p power supply
Replies: 9
Views: 1435

Re: CRS112-8p power supply

I say that it's a great feature to be able to power both 24V and 48V systems with the same device, depending on what powersupply you use. If you don't use any PoE at all then you can just use a simple 12V/1A plug to power the switch itself. But I see the hassle then someone is buying a "PoE swi...
by mada3k
Fri Nov 04, 2022 9:24 pm
Forum: General
Topic: Installing RouterOS on Protectli Vault 6-Port Hardware
Replies: 4
Views: 1418

Re: Installing RouterOS on Protectli Vault 6-Port Hardware

I've have run RouterOS x86 bare metal on some old appliances. Sometimes it worked and sometimes not.

But the machine your linked to is very new, so I would probably use some Linux KVM or FreeBSD/bhyve, then CHR on top.
by mada3k
Thu Oct 27, 2022 9:05 pm
Forum: RouterBOARD hardware
Topic: RB750gr3 IPv6 Performance
Replies: 13
Views: 3138

Re: RB750gr3 IPv6 Performance

I would say that the performance is astonishing for a router released in 2016 for $60
by mada3k
Thu Oct 20, 2022 11:53 am
Forum: RouterBOARD hardware
Topic: KNOT Power consumption - power saving possible?
Replies: 10
Views: 1461

Re: KNOT Power consumption - power saving possible?

Usually <0.5W is only possible with sleep/deep-sleep modes, and that usually stops many functions in the operating system, something a router/gateway never can do.

KNOT is not the IoT device, it's just a gateway.
by mada3k
Mon Oct 17, 2022 9:04 pm
Forum: RouterBOARD hardware
Topic: KNOT Power consumption - power saving possible?
Replies: 10
Views: 1461

Re: KNOT Power consumption - power saving possible?

I also would use arduino of some kind that acts as a timer and turning on the KNOT. But I'm not sure how much the KNOT likes to be powered down/up all the time. The only better way is to do your application in an arduino/rpi-zero/esp32 native and connect it to a NB-IoT modem of some kind. For exampl...
by mada3k
Thu Sep 29, 2022 2:18 pm
Forum: RouterBOARD hardware
Topic: Using CCR2004-1G-2XS-PCIe from a RouterOS host (CHR/x86)
Replies: 18
Views: 3250

Re: Using CCR2004-1G-2XS-PCIe from a RouterOS host (CHR/x86)

Are people buying this as a cheap dual 25G NIC?
by mada3k
Sat Sep 24, 2022 2:34 pm
Forum: RouterBOARD hardware
Topic: CCR2004-1G-2XS-PCIe blown fuse, would need specification
Replies: 3
Views: 880

Re: CCR2004-1G-2XS-PCIe blown fuse, would need specification

Looks like it's on the +12V rail. Try to verify that there is not a short after the fuse with a multimeter.
by mada3k
Sat Sep 24, 2022 11:16 am
Forum: RouterBOARD hardware
Topic: CRS504-4XQ-IN, LTT, LinusTechTips
Replies: 6
Views: 1383

Re: CRS504-4XQ-IN, LTT, LinusTechTips

I'd rather kill myself than using juniper or cisco again....
Don't mind working with juniper & cisco devices, but the cost is sometimes prohibitive and I hate working with licensing.
by mada3k
Thu Sep 15, 2022 9:25 pm
Forum: RouterBOARD hardware
Topic: hardware idea for two-port high performance router
Replies: 16
Views: 3219

Re: hardware idea for two-port high performance router

Sounds like a horrible idea with only two ports.

You you need to NAT/Firewall 10Gbps of traffic, then you probably can afford a CCR2004-16G-2S+PC
by mada3k
Sat Aug 27, 2022 8:42 pm
Forum: RouterBOARD hardware
Topic: CCR2216-1G-12XS-2XQ (New Flagship)
Replies: 69
Views: 16144

Re: CCR2216-1G-12XS-2XQ (New Flagship)

"totaly useless" sound a bit over exaggerated. But it would be better if the used routes where offloaded, not everything.
by mada3k
Wed Aug 17, 2022 5:34 pm
Forum: Wireless Networking
Topic: Correct way of Virutal SSIDs & VLANs
Replies: 8
Views: 1237

Re: Correct way of Virutal SSIDs & VLANs

As I mentioned earlier, we are talking about a wAP AC - so there is no switch chip to take in consideration.

DHCP and firewalling is done on another device behind the switch, so that's outside this topic.
by mada3k
Tue Aug 16, 2022 5:09 pm
Forum: Wireless Networking
Topic: Correct way of Virutal SSIDs & VLANs
Replies: 8
Views: 1237

Re: Correct way of Virutal SSIDs & VLANs

Thanks, I'm aware of CAPSMAN but it's overkill for my home. ether1 runs to my central switch. 30 is currently for all clients, 39 is for management. It's the vlan-mode=use-tag vlan-id=X bits I'm a bit unsure of. Should it be used or not, and then how? /interface wireless add master-interface=wlan1 n...
by mada3k
Mon Aug 15, 2022 9:30 pm
Forum: Wireless Networking
Topic: Correct way of Virutal SSIDs & VLANs
Replies: 8
Views: 1237

Correct way of Virutal SSIDs & VLANs

Hi, I'm a bit unsure here. What is the correct way of setting up virtual SSID's that related to some VLANs? I'm using two wAPs at home and would like to create a guest SSI and maybe some IoT SSID as well, that ends up on separate VLANs. Current setup: /interface bridge add name=bridge1 protocol-mode...
by mada3k
Mon Aug 15, 2022 6:01 pm
Forum: Announcements
Topic: Newsletter 107
Replies: 50
Views: 26329

Re: Newsletter 107

Can't have a hAP in the ceiling. When is the cAP/wAP ax ready?
by mada3k
Tue Aug 09, 2022 8:04 pm
Forum: General
Topic: CCR2004-1G-2XS-PCIe and FreeBSD
Replies: 29
Views: 3873

Re: CCR2004-1G-2XS-PCIe and FreeBSD

FreeBSD is indeed a wonderfull OS, but it's most likely up to the kernel developers to implement the Mikrotik-specific stuff in the alc driver, that have been done to the Linux kernel one.
by mada3k
Sat Aug 06, 2022 9:56 pm
Forum: General
Topic: CRS328 / high CPU-Lod SPI
Replies: 7
Views: 1374

Re: CRS328 / high CPU-Lod SPI

As chechito says. The flash memory sits on the SPI-bus. Are you using the flash memory for something?
by mada3k
Sat Aug 06, 2022 9:42 pm
Forum: RouterBOARD hardware
Topic: hAP ax² dual band Wi-Fi 6 (802.11ax)
Replies: 287
Views: 66733

Re: hAP ax² dual band Wi-Fi 6 (802.11ax)

Waiting for the cAP or wAP version.
by mada3k
Sat Aug 06, 2022 12:25 pm
Forum: RouterBOARD hardware
Topic: New High Performance Routers ! ?
Replies: 85
Views: 26116

Re: New High Performance Routers ! ?

I would recommend ditching PPPoE at such high speeds. It's just unnecessary overhead.
by mada3k
Sat Aug 06, 2022 12:10 pm
Forum: RouterBOARD hardware
Topic: wifi 6E AX11000
Replies: 3
Views: 2087

Re: wifi 6E AX11000

Everything is not about speed.
by mada3k
Sun Jul 31, 2022 9:45 pm
Forum: Forwarding Protocols
Topic: MPLS Multitenant PE Router
Replies: 2
Views: 1065

Re: MPLS Multitenant PE Router

Not use I understand what your asking for. Just create bridges for the different services/tentants. i.e. eoip-cust1-serv1 <-> bridge-cust1-serv1 <-> Ether1 eoip-cust2-serv1 <-> bridge-cust2-serv1 <-> Ether2 eoip-cust2-serv2 <-> bridge-cust2-serv2 <-> Ether3 eoip-cust2-serv3 <-> bridge-cust2-serv3 <-...
by mada3k
Fri Jul 29, 2022 12:21 pm
Forum: General
Topic: User Manager 5 [SOLVED]
Replies: 8
Views: 1268

Re: User Manager 5 [SOLVED]

bad idea running user manager on a switch
Agree

That's the issue with many users of RouteROS. When everything's possible, then it's suddenly possible to do stupid things, and then you run into problems.
by mada3k
Mon Jul 25, 2022 11:50 am
Forum: General
Topic: L2 Raw packet switching
Replies: 8
Views: 806

Re: L2 Raw packet switching

It's possible that the FCS bits is completly unused to keep complexity down. Any bit-errors will just show up as "bad pixels", thus no point to discard the whole frame.
by mada3k
Sun Jul 24, 2022 11:26 am
Forum: Announcements
Topic: Newsletter 106
Replies: 29
Views: 18189

Re: Newsletter 106

CSS610-8P-2S+IN looks good. Would prefer CRS (RouterOS).
Agree. We simply have no use for CSS series because the lack of security.
by mada3k
Sat Jul 23, 2022 5:22 pm
Forum: General
Topic: TLS Webfig (www-ssl) PCI DSS compliance - weak ciphers
Replies: 14
Views: 1904

Re: TLS Webfig (www-ssl) PCI DSS compliance - weak ciphers

One of my customers is subject to PCI DSS quarterly vulnerability scans. They sent me a report which enumerates several problems with www-ssl service (Webfig over TLS). What is doing the scanning and why does it have access to the Mikrotik admin interfaces? The auditors often requires and asks for ...
by mada3k
Fri Jul 22, 2022 12:12 pm
Forum: General
Topic: L2 Raw packet switching
Replies: 8
Views: 806

Re: L2 Raw packet switching

Are you sure that the LED displays are talking valid Ethernet and not some custom protocol?
by mada3k
Fri Jul 22, 2022 12:09 pm
Forum: General
Topic: CRS309-1G-4SIN isn´t recognised by Winbox (Crossover) [SOLVED]
Replies: 2
Views: 742

Re: CRS309-1G-4SIN isn´t recognised by Winbox (Crossover) [SOLVED]

SwOS doesn't support Winbox. Only HTTP management.
by mada3k
Sat Jul 16, 2022 8:59 pm
Forum: RouterBOARD hardware
Topic: RB5009UG+S+IN with WiFi release date
Replies: 6
Views: 1387

Re: RB5009UG+S+IN with WiFi release date

Much better with separate devices.
by mada3k
Wed Jul 13, 2022 9:21 pm
Forum: RouterBOARD hardware
Topic: Discussion on CPU Architectures
Replies: 5
Views: 2545

Re: Discussion on CPU Architectures

PowerPC is certainly soon dead. Some telecoms-vendors still hang on but the next generations will be ARM or embedded x86. ARM is more or less replacing MIPS in SoHo devices.

RISC-V, haven't seen a single device with it yet, a part for some development-boards.
by mada3k
Wed Jul 13, 2022 6:47 pm
Forum: RouterBOARD hardware
Topic: RBM33G supports MODBUS?
Replies: 2
Views: 819

Re: RBM33G supports MODBUS?

It's probably RS-232 3.3V TTL and you should be able to run MODBUS over it yes. RouterOS has built in "Terminal server" capabilities. But it will not automaticlly be MODBUS-TCP (port 502)
by mada3k
Fri Jul 08, 2022 1:05 pm
Forum: Wireless Networking
Topic: My frustration with WISP
Replies: 39
Views: 3507

Re: My frustration with WISP

You already seems to be behind three layers of NAT, so getting a public IP adress on your own equipment looks very unlikley.
by mada3k
Thu Jul 07, 2022 11:06 pm
Forum: RouterBOARD hardware
Topic: US product availability crunch increasing in scope...
Replies: 9
Views: 1540

Re: US product availability crunch increasing in scope...

Indeed. We tried to order a couple of Catalyst 9200's and got dates in 2023.
by mada3k
Tue Jul 05, 2022 11:41 am
Forum: General
Topic: Port Forwarding 445 & 139
Replies: 4
Views: 3643

Re: Port Forwarding 445 & 139

Running SMB over Internet sounds like a horrible idea. Not even sure it will work behind NAT at all.

Use some VPN tunneling at least.
by mada3k
Mon Jul 04, 2022 10:38 am
Forum: General
Topic: Cloud Core Router VS Custom Build PC Server
Replies: 3
Views: 657

Re: Cloud Core Router VS Custom Build PC Server

How long is a rope?

What is the purpose and use case of the router?
by mada3k
Sun Jun 12, 2022 12:35 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 234290

Re: MikroTik Devices Controller

I think we are talking about two things.
A "device manager" that acts as a hub for CPEs and stuff.
And a conventional NMS that actually monitors and manages a network.
by mada3k
Mon Jun 06, 2022 10:07 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 234290

Re: MikroTik Devices Controller

TR-069 is horrible and basically just good for customer CPEs.

There should be two ways for handling management. API from devices to the management server (for devices behind NAT) - and - direct management/monitoring (as in the management server is reaching directly to a device via ssh or some api)
by mada3k
Mon May 30, 2022 9:08 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 234290

Re: MikroTik Devices Controller

- As a VM appliance - Web based. Not phone apps and such non-sense. - Manage software updates, pushing out updates in a controlled manner - Configuration templates, backup and change-logs - "Global rules" such as firewall, access-lists and so on - REST-API for integrations with other syste...
by mada3k
Fri May 27, 2022 1:19 pm
Forum: RouterBOARD hardware
Topic: CCR2004 with SFP ONU module: fail both PSU [SOLVED]
Replies: 17
Views: 7641

Re: CCR2004 with SFP ONU module: fail both PSU [SOLVED]

It's probably running over the same I2C-bus as the sensors, and the ONU corrupts the data.
by mada3k
Wed May 04, 2022 9:48 pm
Forum: RouterBOARD hardware
Topic: Device request CRS318-16P-2S+RM
Replies: 12
Views: 1625

Re: Device request CRS318-16P-2S+RM

Basically a CCR2004-16G-2S+ but as a pure switch.
by mada3k
Tue Apr 26, 2022 9:52 pm
Forum: General
Topic: Bandwidth pinched through VxLAN tunnel
Replies: 12
Views: 2796

Re: Bandwidth pinched through VxLAN tunnel

Smells like MTU issues. What the the maximum allowed MTU on the line between the CCR'es?
by mada3k
Sat Apr 23, 2022 9:24 pm
Forum: General
Topic: redundant hardware or spare in entreprise infrastructure [SOLVED]
Replies: 5
Views: 1303

Re: redundant hardware or spare in entreprise infrastructure [SOLVED]

Reasons for redundancy is of course availability and ability to perform maintenance without downtime.

If it's acceptable with an hour or so to restore functionality, and if you can plan downtime for maintenance, then you're fine with "spares on the shelf".
by mada3k
Sat Apr 23, 2022 8:17 pm
Forum: General
Topic: Very Slow output for traffic passing through CHR
Replies: 8
Views: 3534

Re: Very Slow output for traffic passing through CHR

Hmm... MTU or fragmentation issue?

Just start count the overhead backwards from the MTU used by your ISP
by mada3k
Fri Apr 22, 2022 4:52 pm
Forum: RouterBOARD hardware
Topic: CCR2004-1G-2XS-PCIe In Hyper Converged Infrastructure
Replies: 6
Views: 1859

Re: CCR2004-1G-2XS-PCIe In Hyper Converged Infrastructure

Probably the wrong choise for general storage network and such things.
by mada3k
Sat Apr 09, 2022 7:17 pm
Forum: RouterBOARD hardware
Topic: CRS504-4XQ-IN - Nice, now more ports please.
Replies: 10
Views: 2034

Re: CRS504-4XQ-IN - Nice, now more ports please.

It's indeed a very nice backbone/ring product. ETSI-format, 48-volts. etc.

"ToR" 10/25/40/100G datacenter switches is a completly different product category.
by mada3k
Fri Apr 08, 2022 5:46 pm
Forum: RouterBOARD hardware
Topic: Mikrotik vs Napatech
Replies: 6
Views: 1176

Re: Mikrotik vs Napatech

You are not using the PTP/IEEE1588 functions of the Napatech?
by mada3k
Mon Apr 04, 2022 6:17 pm
Forum: General
Topic: clickbite: How do members of the Forum feel about this article?
Replies: 54
Views: 4413

Re: How MikroTik Routers Became a Cybercriminal Target

Well, thats sometimes the downside with selling highly configurable devices to pure home users. It's no difference to having "admin/admin" configured Cisco-routers at every home with telnet open. ISPs in my country tend to ship very dumbed-down devices with basically no user-configuable se...
by mada3k
Sun Apr 03, 2022 4:29 pm
Forum: General
Topic: MikroTik - connections between 2 internal bridges [SOLVED]
Replies: 3
Views: 1504

Re: MikroTik - connections between 2 internal bridges [SOLVED]

You can't bridge two bridges, just use one bridge then with VLANs (to separate access)

But you can route IP traffic between two bridges.
by mada3k
Fri Apr 01, 2022 9:04 pm
Forum: Announcements
Topic: v7.2rc6 and v7.2rc7 is released!
Replies: 100
Views: 19972

Re: v7.2rc6 and v7.2rc7 is released!

Is anyone really using RIP anymore?
by mada3k
Fri Apr 01, 2022 9:01 pm
Forum: Announcements
Topic: Newsletter 104
Replies: 54
Views: 25872

Re: Newsletter 104

I agree, NGFW is a stupid term. Also, it starting to fade out since everything moving to the cloud and you use local firewalls and (H)IDS software on all nodes instead.
by mada3k
Tue Mar 29, 2022 9:48 pm
Forum: Announcements
Topic: v7.2rc5 is released!
Replies: 91
Views: 23796

Re: v7.2rc5 is released!

Did IPv6 and MPLS get enabled for hw-offload? I'm pushing 1.6Gbps over VPLS using LDPv6 through a CCR2116 P router and have two CCR2004-16G-2S+ acting as PEs The routing/route output shows IPv6 labeled prefixes as hw-offloaded and the cpu on the CCR2116 is only at 4% under a 1.6Gbps load Wow!!
by mada3k
Sat Mar 19, 2022 11:30 am
Forum: General
Topic: Microsoft creates tool to scan MikroTik routers for TrickBot infections
Replies: 4
Views: 1357

Re: Microsoft creates tool to scan MikroTik routers for TrickBot infections

Can't get it to work either
  File "/usr/local/lib/python3.9/site-packages/paramiko/transport.py", line 1498, in auth_password
    raise SSHException("No existing session")
paramiko.ssh_exception.SSHException: No existing session
by mada3k
Tue Mar 01, 2022 8:55 pm
Forum: General
Topic: how does L3HW actually works?
Replies: 128
Views: 32436

Re: how does L3HW actually works?

But isn't quite inefficent to try to store millions of routes in a HW FIB ? Cisco once solved it many years ago with caching "active traffic" in the hardware, but letting "unused" routes just reside in regular memory until needed. It's not likley that you will communicate with th...
by mada3k
Tue Mar 01, 2022 8:47 pm
Forum: RouterOS beta
Topic: nvmeOf - NVME over TCP
Replies: 15
Views: 5184

Re: nvmeOf - NVME over TCP

So Mikrotik should try to get into the market of enterprise storage now ?

Isn't that quite a saturated market by now.
by mada3k
Sun Feb 27, 2022 6:24 pm
Forum: Announcements
Topic: Newsletter 104
Replies: 54
Views: 25872

Re: Newsletter 104

Buy two?

It's still a 10th of Cisco/Juniper 100G stuff.
by mada3k
Wed Feb 23, 2022 12:15 pm
Forum: Announcements
Topic: v7.1.3 is released!
Replies: 251
Views: 56257

Re: v7.1.3 is released!

All routes in WebFig doesn't show up.
by mada3k
Mon Feb 21, 2022 9:24 pm
Forum: RouterBOARD hardware
Topic: CRS-328-24P-4S+RM-WISP WISP EDITION
Replies: 4
Views: 1143

Re: CRS-328-24P-4S+RM-WISP WISP EDITION

Well done!

Everything should have DC power input.
by mada3k
Sat Feb 19, 2022 6:04 pm
Forum: RouterBOARD hardware
Topic: CCR2004-1G-2XS-PCIe network chip
Replies: 45
Views: 7869

Re: CCR2004-1G-2XS-PCIe network chip

Since it's Marvell-based, I guess that will be some Marvell NIC?

Very cool product.
by mada3k
Wed Feb 16, 2022 7:11 pm
Forum: General
Topic: When to use GRE tunnel with IPSec in 2022
Replies: 4
Views: 3670

Re: When to use GRE tunnel with IPSec in 2022

I often use ipip-tunnels (alternative to GRE) sometimes for 4 reasons: 1) I like to be able to use traceroute. 2) You don't need to add a tunnel policy for all subnets, just route them trough the tunnel. 3) It makes more sense in the firewall to have an actual interface. 4) I have a feeling that PMT...
by mada3k
Wed Feb 16, 2022 6:04 pm
Forum: General
Topic: how does L3HW actually works?
Replies: 128
Views: 32436

Re: how does L3HW actually works?

Connection tracking is a firewall feature, not a router feature.

Personally I would rather see better MPLS-HW support. Just plain flat non-VRF L3 routing is a bit limiting and the hardware can never hold full BGP feeds anyways.
by mada3k
Wed Feb 16, 2022 11:10 am
Forum: General
Topic: EoIP client for Windows
Replies: 8
Views: 10136

Re: EoIP client for Windows

Would be rather pointless since EoIP is only static point-to-point tunnels (as between two network devices).
by mada3k
Fri Feb 11, 2022 9:36 pm
Forum: Beginner Basics
Topic: Airplay two network
Replies: 3
Views: 1098

Re: Airplay two network

You need a mDNS proxy, like Avahi-daemon or similar between the networks/VLANs. This is to forward/relay the mDNS announcements.
by mada3k
Thu Feb 10, 2022 1:03 pm
Forum: RouterBOARD hardware
Topic: powering wall wart devices in a datacenter
Replies: 11
Views: 1681

Re: powering wall wart devices in a datacenter

A proper (and legal) switched power supply should not have any required specific hot or neutral leg.
by mada3k
Wed Feb 09, 2022 11:25 am
Forum: Beginner Basics
Topic: SD Card Uses
Replies: 9
Views: 3851

Re: SD Card Uses

configuration backups
tftp files
logs

I also would love to have a small HTTP service.
by mada3k
Tue Feb 08, 2022 6:40 pm
Forum: RouterBOARD hardware
Topic: powering wall wart devices in a datacenter
Replies: 11
Views: 1681

Re: powering wall wart devices in a datacenter

Aren't most power bricks have an c13/14 and auto-switching 90-240VAC?
by mada3k
Fri Feb 04, 2022 1:51 pm
Forum: General
Topic: If you have a Mikrotik home lab, I have a question for you.
Replies: 17
Views: 3346

Re: If you have a Mikrotik home lab, I have a question for you.

Running 10 CHR's on FreeBSD/bhyve as home lab.
by mada3k
Sat Jan 29, 2022 2:14 pm
Forum: General
Topic: Forward ALL ports to router
Replies: 13
Views: 3471

Re: Forward ALL ports to router

Some VPN types simply don't work over CGNAT. That the reality. IPv6 is the only hope there.
by mada3k
Sat Jan 29, 2022 11:52 am
Forum: General
Topic: Question - How many interfaces can be bonded together? [SOLVED]
Replies: 4
Views: 1760

Re: Question - How many interfaces can be bonded together? [SOLVED]

Since all ports are indivudal interfaces, and not switched ports, i think that all of them can be bonded.

Note that bonding is a in-software feature that will use CPU.
by mada3k
Sun Jan 23, 2022 9:08 pm
Forum: General
Topic: CCR1009-7G-1C-1S+ / 8-10 hEXr3’s in Hub and Spoke, which protocol?
Replies: 6
Views: 1044

Re: CCR1009-7G-1C-1S+ / 8-10 hEXr3’s in Hub and Spoke, which protocol?

Well, I would use IPSec, since it will take advantage of the hardware encryption support. Wireguard does not.

Personally I prefer real tunnels, like IP-IP or GRE. But you can use policy based tunnels as well.
by mada3k
Sun Jan 23, 2022 1:52 pm
Forum: RouterBOARD hardware
Topic: mikro-router product request
Replies: 1
Views: 1828

Re: mikro-router product request

An 3-port high performance router seems a very strange combination.
by mada3k
Thu Jan 20, 2022 6:58 pm
Forum: General
Topic: backup 2011 to rs5009?
Replies: 4
Views: 1213

Re: backup 2011 to rs5009?

export -> edit -> import
by mada3k
Wed Jan 19, 2022 9:55 pm
Forum: General
Topic: Switch ACL to restrict IP usage [SOLVED]
Replies: 25
Views: 7279

Re: Switch ACL to restrict IP usage [SOLVED]

Now I get it... Layer-2 security/filter using Layer-3 addresses.. Switch ACL can never check the L3-adress used.

Hmmm.. Static ARP entries on the router/gateway?
by mada3k
Wed Jan 19, 2022 7:59 pm
Forum: General
Topic: Switch ACL to restrict IP usage [SOLVED]
Replies: 25
Views: 7279

Re: Switch ACL to restrict IP usage [SOLVED]

I don't get it. What switch? Just use /ip services allow-from=x.x.x.x/yy or setup some chain=input firewall rules?
by mada3k
Wed Jan 19, 2022 7:56 pm
Forum: RouterBOARD hardware
Topic: RB750Gv2 repair manual or debug docs?
Replies: 8
Views: 3665

Re: RB750Gv2 repair manual or debug docs?

I agree, there should be warnings. Just add a logging action=disk then your done in a couple of months.
by mada3k
Wed Jan 19, 2022 3:53 pm
Forum: RouterBOARD hardware
Topic: RB750Gv2 repair manual or debug docs?
Replies: 8
Views: 3665

Re: RB750Gv2 repair manual or debug docs?

Many users doesn't understand that the SPI Flash has a limited number of writes, and places logs and graphs on it, hence wearing it out.
by mada3k
Tue Jan 18, 2022 6:26 pm
Forum: Forwarding Protocols
Topic: UDPXY alternative for mikrotik
Replies: 14
Views: 11461

Re: UDPXY alternative for mikrotik

You should never run Multicast UDP/RTP based IPTV över WiFi.
by mada3k
Tue Jan 18, 2022 5:41 pm
Forum: Forwarding Protocols
Topic: UDPXY alternative for mikrotik
Replies: 14
Views: 11461

Re: UDPXY alternative for mikrotik

Why not use the IGMP-Proxy ?
by mada3k
Tue Jan 18, 2022 5:39 pm
Forum: RouterBOARD hardware
Topic: Counterfeit CCR1036?
Replies: 1
Views: 5569

Re: Counterfeit CCR1036?

Any photos?

I've seen a bunch of 1036 under the hood.
by mada3k
Tue Jan 18, 2022 5:35 pm
Forum: General
Topic: Has anyone ever set up a Ethernet Virtual Private Line
Replies: 16
Views: 2836

Re: Has anyone ever set up a Ethernet Virtual Private Line

So, you are provided with a EPL service via an operator from one site to another?

Well, just consider it a regular L2-link, like Ethernet cable from one place to another. No need for tunneling or strange setups.
by mada3k
Sat Jan 15, 2022 8:11 pm
Forum: General
Topic: Has anyone ever set up a Ethernet Virtual Private Line
Replies: 16
Views: 2836

Re: Has anyone ever set up a Ethernet Virtual Private Line

Yes, for example VPLS. If you need encryption then EoIP may be the better choise.

If you are suggesting Carrier Ethernet features, then no, there is no support for CE in RouterOS.
by mada3k
Fri Jan 14, 2022 9:40 pm
Forum: General
Topic: Make two TV set-top boxes (different sites) visible to each other via VPN EoIP? L2TP? PPTP?
Replies: 3
Views: 984

Re: Make two TV set-top boxes (different sites) visible to each other via VPN EoIP? L2TP? PPTP?

Are they using multicast as well? I think EoIP is the thing you need.

On the primary site, add the tunnel to the default bridge.
On the secondary site, create a new bridge and add the tunnel and one physical port for the box.
by mada3k
Thu Jan 13, 2022 12:10 am
Forum: RouterBOARD hardware
Topic: Voltage accuracy - are any models better?
Replies: 1
Views: 2132

Re: Voltage accuracy - are any models better?

My guess is that they are probably using a simple voltage-divider, and resistors has a certain tolerance (like 5-10%) and that will vary with temperature as well. I would probably take a measurement with a good voltmeter on each individual device, and note the offset from the self-reported value (th...
by mada3k
Fri Jan 07, 2022 12:46 pm
Forum: General
Topic: Having RouterOS boot faster [SOLVED]
Replies: 15
Views: 3800

Re: Having RouterOS boot faster [SOLVED]

Well, RouterOS is very quick in comparison to HPE, Cisco and Juniper, but not instant. To achieve instant-on, you probably need a dumb unmanaged switch.

Disabling RSTP is probably the only way to make it quicker.
by mada3k
Thu Jan 06, 2022 12:39 pm
Forum: General
Topic: Winbox / The Dude Linux App?
Replies: 15
Views: 3826

Re: Winbox / The Dude Linux App?

Which doesn't help very much if you want to access RB using MAC telnet from Linux computer. There's open source client for MAC telnet (https://github.com/haakonnessjoen/MAC-Telnet), but it doesn't work with newer RouterOS, because MikroTik keeps new authentication algorith secret for some strange r...
by mada3k
Tue Jan 04, 2022 1:04 pm
Forum: RouterBOARD hardware
Topic: hAP AC2 successor (WiFi 6 + nBase-T ???)
Replies: 13
Views: 7375

Re: hAP AC2 successor (WiFi 6 + nBase-T ???)

No thanks. I would rather see a cAP with WiFi6 and 2.5GBase-T.
by mada3k
Sun Jan 02, 2022 10:24 pm
Forum: General
Topic: ROS 7.1.1 - WebFig Issues
Replies: 4
Views: 3430

Re: ROS 7.1.1 - WebFig Issues

Same issue here. Chrome + v7.1.1 shows "Error not found" on login. Safari and firefox works.
by mada3k
Sun Jan 02, 2022 10:21 pm
Forum: General
Topic: Mikrotik on x86 sees only 1920Mb of RAM
Replies: 10
Views: 2702

Re: Mikrotik on x86 sees only 1920Mb of RAM

RouterOS 6 x86 is 32-bit only.

Use CHR on KVM/VMware/HyperV for running 64-bit.
by mada3k
Sat Jan 01, 2022 10:15 pm
Forum: SwOS
Topic: Restrict SNMP on SwOS?
Replies: 7
Views: 9460

Re: Restrict SNMP on SwOS?

RouterOS has the same switching-performance as SwOS - if you are doing it correct.
by mada3k
Tue Dec 28, 2021 9:48 pm
Forum: General
Topic: Winbox / The Dude Linux App?
Replies: 15
Views: 3826

Re: Winbox / The Dude Linux App?

To me it seems like all effort should be put into making WebFig on par with WinBox. I suspect things like WinBox MAC-Telnet and ROMMON might be difficult to implement in the browser. All the more reason to have Linux native apps. Just my opinion. WebFig has a terminal and it's possible to use all C...
by mada3k
Tue Dec 28, 2021 7:54 pm
Forum: General
Topic: Winbox / The Dude Linux App?
Replies: 15
Views: 3826

Re: Winbox / The Dude Linux App?

I don't understand what you mean. Winbox is absolutely a native Windows app.
Sorry, I meant that no one does new native Windows management applications. The ones that exists will of course be maintaned. All new development goes to HTML5-based or iOS/Android Apps.
by mada3k
Tue Dec 28, 2021 7:51 pm
Forum: RouterBOARD hardware
Topic: Which MT router has a hardware bandwidth shaper?
Replies: 17
Views: 6191

Re: Which MT router has a hardware bandwidth shaper?

Some switches and switch-chip supports rate-limit, but that its.
by mada3k
Mon Dec 27, 2021 12:31 pm
Forum: General
Topic: Disable logging
Replies: 2
Views: 2266

Re: Disable logging

Thats firewall log. Find the rule and set log=no
by mada3k
Sun Dec 26, 2021 5:30 pm
Forum: General
Topic: Winbox / The Dude Linux App?
Replies: 15
Views: 3826

Re: Winbox / The Dude Linux App?

Well. No one does native Windows-app anymore. Doesn't make sense to put all that work into a nische application.

I'm a Linux user and does all my work with SSH or maybe WebFig for some cases.
by mada3k
Sun Dec 26, 2021 5:14 pm
Forum: General
Topic: Shutdown or not to shutdown
Replies: 6
Views: 3038

Re: Shutdown or not to shutdown

I think that shutdown command should be removed for all non-CHR/x86 installations. To avoid executing a shutdown of a remote device that can be many kilometers away. There is simply no reason to do something like that.
by mada3k
Thu Dec 23, 2021 4:21 pm
Forum: RouterBOARD hardware
Topic: What speed of uSD card reader is used in the RouterBoard products?
Replies: 12
Views: 7129

Re: What speed of uSD card reader is used in the RouterBoard products?

Using USB for system storage can be very shaky. Are you speaking in general terms? Or RouterOS specifically? In general, USB is "shaky" from the memory used.. In general. USB controllers have a habit to reset when the load to "high". Command queueing doesn't seem to work at all,...
by mada3k
Thu Dec 23, 2021 1:12 pm
Forum: Announcements
Topic: Newsletter 103
Replies: 32
Views: 92439

Re: Newsletter 103

In the video there is a non-full-width CCR2004. Are there any specs or for this yet?

Skärmavbild 2021-12-23 kl. 12.08.46.png
Image
by mada3k
Thu Dec 23, 2021 1:06 pm
Forum: General
Topic: IPSec VTI
Replies: 55
Views: 22865

Re: IPSec VTI

Personally I would find mGRE & NHRP more useful.

We use IPIP or GRE instead of VTI, but I agree that when doing mesh'es it's gets problematic, but thats just IPSec.
by mada3k
Wed Dec 22, 2021 1:46 pm
Forum: RouterBOARD hardware
Topic: What speed of uSD card reader is used in the RouterBoard products?
Replies: 12
Views: 7129

Re: What speed of uSD card reader is used in the RouterBoard products?

Using USB for system storage can be very shaky.
by mada3k
Fri Dec 17, 2021 12:31 pm
Forum: RouterBOARD hardware
Topic: VPN for 6 users with wrieless device
Replies: 1
Views: 3643

Re: VPN for 6 users with wrieless device

Like a regular IPSec site-to-site VPN? Mikrotik does that fine
by mada3k
Sun Dec 12, 2021 6:07 pm
Forum: General
Topic: RouterOS 7.1 stable performance DROP
Replies: 19
Views: 6509

Re: RouterOS 7.1 stable performance DROP

Unfortunally ROS 7 will have some performance impact. This is plainly because of how the Linux kernel has evolved since 3.3.5. Windows XP will probably run faster than Windows 11 on the same hardware. hEX S is a $69 device. Thats the monthly rate for a 1Gbps connection where I live, or a 100GB LTE d...
by mada3k
Sat Dec 11, 2021 7:24 pm
Forum: RouterBOARD hardware
Topic: What speed of uSD card reader is used in the RouterBoard products?
Replies: 12
Views: 7129

Re: What speed of uSD card reader is used in the RouterBoard products?

Why on earth do you need performance on the card reader?

Yes they are connected to the CPU and the CPU differs. No there is no performance to talk about, a MB/s at most.
by mada3k
Sat Dec 11, 2021 7:22 pm
Forum: Announcements
Topic: Newsletter 103
Replies: 32
Views: 92439

Re: Newsletter 103

People seems obsessed with physical throughput. Most people run firewall, nat, tunnels and different things in the same box, then the physical bottlenecks most lilkey becomes a parentheses in the overall solution.
by mada3k
Wed Dec 01, 2021 9:22 pm
Forum: RouterBOARD hardware
Topic: Successor to CRS210-8G-2S+ desktop switch?
Replies: 9
Views: 6887

Re: Successor to CRS210-8G-2S+ desktop switch?

I can see why they cut all corners to reach $99, but many had found it more useful if it would run RouterOS.
by mada3k
Wed Dec 01, 2021 9:09 pm
Forum: RouterBOARD hardware
Topic: RB4011 speed limit at 1GB
Replies: 15
Views: 10380

Re: RB4011 speed limit at 1GB

You should be able to achieve 2x1Gbps session performance, but not 2Gbps single-session performance because thats how TCP/IP works. (yeah sure, the VPS and tunnel-bonding thing, but thats a crazy setup)
by mada3k
Wed Dec 01, 2021 6:53 pm
Forum: RouterBOARD hardware
Topic: Why Mikrotik does not produce the routers on x86 processors?
Replies: 37
Views: 18924

Re: Why Mikrotik does not produce the routers on x86 processors?

I would guess price-point. An multiple-SFP+ x86 board with some quality and required power supplies will cost at least as a Supermicro. Then just buy a Supermicro. Then there exists a million ways to run a router/firewall on x86. VyOS is a great alternative for example. But for many ports, power con...
by mada3k
Tue Nov 16, 2021 8:52 pm
Forum: General
Topic: Propose Mikrotik to adopt TailScale VPN similar to ZeroTierOne VPN
Replies: 55
Views: 19003

Re: Propose Mikrotik to adopt TailScale VPN similar to ZeroTierOne VPN

Mikrotik, please make support for >insert yet another proprietary vpn protocol>...
by mada3k
Fri Nov 12, 2021 10:06 pm
Forum: General
Topic: Public IP blacklisted by BBC Amazon and Netflix
Replies: 20
Views: 3149

Re: Public IP blacklisted by BBC Amazon and Netflix

It's quite common that various streaming sites block VPN providers.
by mada3k
Sun Nov 07, 2021 3:29 pm
Forum: RouterBOARD hardware
Topic: Make VLAN mgmt more easy, please
Replies: 3
Views: 3099

Re: Make VLAN mgmt more easy, please

Zyxel is typically used in homes or very small business. Then you want a very easy set of features so that users doesn't screw up. Fortunally Mikrotik is more leaned to (semi-)professional use, having both CLI and API for manage thousands of devices. What a bit of a failure is that the CRS1xx, CRS2x...
by mada3k
Thu Nov 04, 2021 6:45 pm
Forum: Forwarding Protocols
Topic: MPLS L3 tunnels without BGP?
Replies: 1
Views: 2760

Re: MPLS L3 tunnels without BGP?

You could setup a separate OSPF instance within a VRF, then connect them via VPLS-tunnels.
by mada3k
Mon Nov 01, 2021 8:23 pm
Forum: General
Topic: Multi-site IPSec VPN - Confusion
Replies: 12
Views: 7509

Re: Multi-site IPSec VPN - Confusion

I would use tunnels (for example IPIP or GRE) and a routing protocol on top.
by mada3k
Sun Oct 31, 2021 10:26 am
Forum: General
Topic: Mikrotik with Technicolor DGA2232
Replies: 4
Views: 1417

Re: Mikrotik with Technicolor DGA2232

Some ISP-provided boxes offers the ability to disable the built-in DHCP-server and change LAN-adress, some doesn't.

But then you can't use the modem-part.