Community discussions

MikroTik App

Search found 438 matches

  • 1
  • 2
by mada3k
Fri Jul 30, 2021 12:39 pm
Forum: Forwarding Protocols
Topic: Can someone explain the point of VRF to me?
Replies: 5
Views: 377

Re: Can someone explain the point of VRF to me?

An other example is that you have several routers (with different customers, networks, etc.), but you wan't to do the firewalling in only one place.
by mada3k
Fri Jul 30, 2021 12:36 pm
Forum: Forwarding Protocols
Topic: LDP session error (KeepAlive expired)
Replies: 2
Views: 154

Re: LDP session error (KeepAlive expired)

6.24!? Thats a 7 year old software

The issue might even be resolved in newer version
by mada3k
Mon Jul 26, 2021 5:16 pm
Forum: RouterBOARD hardware
Topic: Hardware recommendation for Internet gateway
Replies: 7
Views: 414

Re: Hardware recommendation for Internet gateway

PPPOE is very CPU intense. If you want to reach 950Mbps you probably need a RB4011 or better.
by mada3k
Thu Jul 22, 2021 8:38 pm
Forum: RouterBOARD hardware
Topic: MikroTik RB5009UG+S+IN
Replies: 103
Views: 8807

Re: MikroTik RB5009UG+S+IN

Or a footprint for a LTE/5G module possible. The four packages to the left looks like something related to PoE-model maybe.

I agree that two SFP slots would be more useful for some scenarios, instead of the 2.5GbE.
by mada3k
Thu Jul 22, 2021 11:12 am
Forum: RouterBOARD hardware
Topic: MikroTik RB5009UG+S+IN
Replies: 103
Views: 8807

Re: MikroTik RB5009UG+S+IN

And the Pi as only one network interface. It can't even compete with a hEX.

CCR2004-16G-2S+ looks awesome as well.
by mada3k
Wed Jul 21, 2021 6:21 pm
Forum: RouterBOARD hardware
Topic: MikroTik RB5009UG+S+IN
Replies: 103
Views: 8807

Re: MikroTik RB5009UG+S+IN

And a DC terminal block! Wow! Very wise to go ahead with Marvell swtich-chips instead.

No.. no wireless in the same box please. Use suitable access-points instead if wireless is needed.
by mada3k
Sun Jul 18, 2021 5:19 pm
Forum: RouterBOARD hardware
Topic: Precision Time Protocol (PTP, IEEE 1588) Support
Replies: 20
Views: 1215

Re: Precision Time Protocol (PTP, IEEE 1588) Support

EtherCAT doesn’t run over anything. Would make it totally useless. Ethernet over EtherCAT would be more interesting but for the price I can lay fibre everywhere and run 40GbE over it. And standard EtherCAT is 100Mbit. You were talking about EtherCAT (over Ethernet) EtherCAT (Ethernet for Control Au...
by mada3k
Sun Jul 18, 2021 1:03 pm
Forum: RouterBOARD hardware
Topic: Precision Time Protocol (PTP, IEEE 1588) Support
Replies: 20
Views: 1215

Re: Precision Time Protocol (PTP, IEEE 1588) Support

No, IPQ401x has no IEEE1588, PTP och SyncE support. It's for home/enterprise wireless.

So you want to run industrial automation bus at home, over the switch in your hAP?
by mada3k
Fri Jul 16, 2021 2:42 pm
Forum: Forwarding Protocols
Topic: best way to bridge 2 CCR2004 together?
Replies: 3
Views: 341

Re: best way to bridge 2 CCR2004 together?

Since CCR2004 is a router, you have to resort to using software bridges. Performance will be good but not "wirespeed" and vary depending on the CPU load.
by mada3k
Fri Jul 16, 2021 11:19 am
Forum: General
Topic: wireless bridge between two Mikrotiks for IPTV STB
Replies: 23
Views: 1364

Re: wireless bridge between two Mikrotiks for IPTV STB

With good wiring and on same phase Powerline works very well for Multicast IPTV. There are actually some TV-vendors that provides this bundled sometimes.

Otherwise I would guess that a VPLS over a PtP WiFi would be the last choise.
by mada3k
Fri Jul 16, 2021 11:13 am
Forum: RouterBOARD hardware
Topic: Precision Time Protocol (PTP, IEEE 1588) Support
Replies: 20
Views: 1215

Re: Precision Time Protocol (PTP, IEEE 1588) Support

If you have the need for PTP (e.g audio, industrial, TDM-services, LTE), you most likely probably can afford a CRS3xx with support for it. It's not always about time, but syncronization.
by mada3k
Fri Jul 16, 2021 9:44 am
Forum: General
Topic: Site to site Layer 2 VPN with full ethernet MTU -- over IPv6
Replies: 11
Views: 816

Re: Site to site Layer 2 VPN with full ethernet MTU -- over IPv6

What is the LTE MTU set to ?
by mada3k
Thu Jul 15, 2021 7:40 pm
Forum: RouterBOARD hardware
Topic: Precision Time Protocol (PTP, IEEE 1588) Support
Replies: 20
Views: 1215

Re: Precision Time Protocol (PTP, IEEE 1588) Support

It seems like Tilera does have IEEE1588v2 support in hardware at least.
https://www.mellanox.com/related-docs/p ... E-Gx36.pdf

Why would you ever need PTP on a home-device (hAP ac2)?
by mada3k
Thu Jul 15, 2021 1:53 pm
Forum: General
Topic: Firmware mirror and automatic updates
Replies: 23
Views: 1355

Re: Firmware mirror and automatic updates

Another is simply to have a scheduled scripts that does a /fetch http://... from a known URL then reboots. "known URL" can be geo-balanced with DNS or scripted as well.
by mada3k
Tue Jul 13, 2021 3:03 pm
Forum: RouterBOARD hardware
Topic: Accessing serial console on RB260GS
Replies: 3
Views: 495

Re: Accessing serial console on RB260GS

SwOS has no serial console - thus pointless. Fun to know that it at least spits out something via TTL UART :)
by mada3k
Mon Jul 12, 2021 2:39 pm
Forum: RouterBOARD hardware
Topic: Switch CRS326-24S+2Q+RM + (SFP Cisco)
Replies: 2
Views: 503

Re: Switch CRS326-24S+2Q+RM + (SFP Cisco)

I'm quite sure they will work. I have used a GLC-T once myself.

If the optical one has some troubles then just try to set auto-negotiation=off and speed=1Gbps manually.
by mada3k
Mon Jul 12, 2021 2:35 pm
Forum: RouterBOARD hardware
Topic: Uncertainty before buying equipment (MikroTik CRS112-8P-4S-IN) [SOLVED]
Replies: 7
Views: 885

Re: Uncertainty before buying equipment (MikroTik CRS112-8P-4S-IN) [SOLVED]

"Bridge VLAN" is the new approach (done under /interface bridge) - on CRS3xx-series this automatically translates down to the hardware. The CRS112 has filtering to but is done under /interface ethernet switch as well. Of course it would be welcomed that CRS1xx would align with CRS3xx confi...
by mada3k
Sun Jul 11, 2021 6:32 pm
Forum: RouterBOARD hardware
Topic: Uncertainty before buying equipment (MikroTik CRS112-8P-4S-IN) [SOLVED]
Replies: 7
Views: 885

Re: Uncertainty before buying equipment (MikroTik CRS112-8P-4S-IN) [SOLVED]

VLAN switching and other L2-functions works great, but you have to do it correctly under /interface ethernet switch and not under /interface bridge.

And it will do some L3 routing/firewall as well for slower connections if needed.
by mada3k
Sat Jul 10, 2021 2:04 pm
Forum: General
Topic: Firmware mirror and automatic updates
Replies: 23
Views: 1355

Re: Firmware mirror and automatic updates

Yes, the "Auto Upgrade" seems abandoned, and require another Mikrotik as server.

We use Ansible for distributing updates. It checks the current version and looks if's it should download a new. Then it creates a scheduled task to reboot.
by mada3k
Fri Jul 09, 2021 8:18 pm
Forum: RouterBOARD hardware
Topic: Routers Experiencing Poor Service Disconnects. SFP Heat Issue? Light tolerance?
Replies: 3
Views: 704

Re: Routers Experiencing Poor Service Disconnects. SFP Heat Issue? Light tolerance?

For some reason, mixing SFPs and vendors sometimes results i excessive SFP heat - I have still not found a good reason for it (overclocking? wrong protocol? wrong data-bus voltages?)

BiDi's is extra sensitive to high and varying temperatures, I have been told.
by mada3k
Fri Jul 09, 2021 6:06 pm
Forum: Announcements
Topic: Newsletter June 2021 (#100)
Replies: 54
Views: 15264

Re: Newsletter June 2021 (#100)

statistics collection (usage), and Layer 2 client isolation.
That often solved with SNMP counters and PVLAN/NNI-UNI for customer to customer isolation.
by mada3k
Thu Jul 08, 2021 6:31 pm
Forum: RouterBOARD hardware
Topic: SFP+ on the small devices
Replies: 14
Views: 1180

Re: SFP+ on the small devices

Connecting a NAS with 10G or higher of course make sense. But seriously, how many regular wireless users does high-bandwidth sustained transfers? If you are editing 4K videos all day long you probably will connect yourself with 10G together with the NAS. Why doesn't Cisco offer any of these combinat...
by mada3k
Wed Jul 07, 2021 6:10 pm
Forum: RouterBOARD hardware
Topic: SFP+ on the small devices
Replies: 14
Views: 1180

Re: SFP+ on the small devices

Yes, it is theoretically possible. But how often does that happen? And does Mikrotik need to design and construct a specific device for that short scenario?
by mada3k
Wed Jul 07, 2021 5:23 pm
Forum: RouterBOARD hardware
Topic: SFP+ on the small devices
Replies: 14
Views: 1180

Re: SFP+ on the small devices

Is it realistic that four APs would max out their 1 or 2.5Gbps uplink simultaneously?
by mada3k
Wed Jul 07, 2021 1:57 pm
Forum: RouterBOARD hardware
Topic: SFP+ on the small devices
Replies: 14
Views: 1180

Re: SFP+ on the small devices

8P-2S+ would make sense in some ring-like scenarios. 4P-1S+ would just be ridiculous.
by mada3k
Tue Jul 06, 2021 11:40 pm
Forum: RouterBOARD hardware
Topic: Repurposing old FibreChannel SFP transceivers [SOLVED]
Replies: 4
Views: 1035

Re: Repurposing old FibreChannel SFP transceivers [SOLVED]

I've used some 2Gb-FC SFP as regular 1 Gigabit Ethernet in Mikrotiks. Just set auto-negotiation=no and speed=1Gbps. For 4Gb and 8Gb I have no experience.
by mada3k
Sun Jul 04, 2021 3:16 pm
Forum: RouterOS v7 BETA
Topic: Layer-3 MPLS VPN
Replies: 4
Views: 776

Re: Layer-3 MPLS VPN

MPLS support is not ready yet ?
by mada3k
Sun Jul 04, 2021 2:25 pm
Forum: RouterBOARD hardware
Topic: Holes at the low end of the CRS product line
Replies: 10
Views: 1193

Re: Holes at the low end of the CSR product line

Sure, I can understand if your building a "loop of switches" and want to have a higher backbone bandwidth of the loop. But if your having a star network and as few as 8 devices/clients/customers in a switch they will probably never ever require 10G uplink bandwidth at any moment. If you ne...
by mada3k
Fri Jul 02, 2021 9:34 pm
Forum: General
Topic: So why do I want to run ROS on a Switch when SWOS is just fine?
Replies: 17
Views: 1235

Re: So why do I want to run ROS on a Switch when SWOS is just fine?

SwOS
- doesn't have any CLI
- No readable configuration
- No SSH or HTTPS
- No logging of events

But's OK for plain home usage
by mada3k
Fri Jul 02, 2021 9:28 pm
Forum: RouterBOARD hardware
Topic: Holes at the low end of the CRS product line
Replies: 10
Views: 1193

Re: Holes at the low end of the CSR product line

Well. Mikrotik often have some odd feature-sets and port combinations. I don't think they do any detailed market research of model demand, instead they look in their toolbox and see what they can make with the available chips and components. I don't think that CRS112-8P-4S is strange, it's a very ni...
by mada3k
Fri Jul 02, 2021 4:56 pm
Forum: RouterBOARD hardware
Topic: SFP+ on the small devices
Replies: 14
Views: 1180

Re: SFP+ on the small devices

CSS610 - Or it has one port to much?

A CRS610 would be nice though.
by mada3k
Fri Jul 02, 2021 4:54 pm
Forum: RouterBOARD hardware
Topic: S+RJ10 turns itself off due to overheating
Replies: 6
Views: 832

Re: S+RJ10 turns itself off due to overheating

S+RJ10 unfortunally gets insanley hot. 89 degress is just way to hot to function properly.
by mada3k
Thu Jul 01, 2021 7:01 pm
Forum: General
Topic: MIkrotik Syslog New Format
Replies: 23
Views: 1148

Re: MIkrotik Syslog New Format

As i understood the first post showed an example of the intended format. I would just set the start= and stop= to the whatever the event time is and call it a day.
by mada3k
Thu Jul 01, 2021 6:03 pm
Forum: RouterBOARD hardware
Topic: Internal power supplies instead of wall warts
Replies: 9
Views: 1160

Re: Internal power supplies instead of wall warts

Yes, wall warts suck. But we run many of our devices on 24 or 48 volts DC, so please don't remove that option.

Mikrotik basiclly have two DC standards +11-30V and +18-57V
by mada3k
Thu Jul 01, 2021 6:01 pm
Forum: General
Topic: Syslog to log NAT/CGN-Nat translations
Replies: 12
Views: 839

Re: Syslog to log NAT/CGN-Nat translations

Yes, if using CGNAT then IPv6 is a must.
by mada3k
Thu Jul 01, 2021 5:59 pm
Forum: General
Topic: MIkrotik Syslog New Format
Replies: 23
Views: 1148

Re: MIkrotik Syslog New Format

The stop/start is nonsense. An packet gets forwarded when it does, it's not a phone call. However, I can agree that I would also prefer a key=value like format for firewalls logs. Anyways, this re-formattning can be done with logstash . Just parse the default messages from the Mikrotik, and re-forma...
by mada3k
Tue Jun 29, 2021 10:20 pm
Forum: Announcements
Topic: Newsletter June 2021 (#100)
Replies: 54
Views: 15264

Re: Newsletter June 2021 (#100)

But you can ask "select your country and ISP from this list".
Users that don't know why they need a router of their own - usually sticks with the ISP provided one.
Users that want a specific router probably knows how to configure it because they want that specific router.
by mada3k
Tue Jun 29, 2021 6:59 pm
Forum: Beginner Basics
Topic: Saving logs remotely via TLS [SOLVED]
Replies: 9
Views: 621

Re: Saving logs remotely via TLS [SOLVED]

No, RouterOS has no Syslog-over-TCP+TLS support, only UDP support.
by mada3k
Sun Jun 27, 2021 11:21 am
Forum: General
Topic: Feature requests
Replies: 1374
Views: 343310

Re: Feature requests

Abut we stuck on the switch itself as the hardware offload turned-off when we activated vlan-filtering.
Then you are doing it wrong. You should do the configuration under /interface ethernet switch

But I can agree that it would be nice if the CRS1xx had the same configuration style as CRS3xx
by mada3k
Sat Jun 26, 2021 6:01 pm
Forum: Announcements
Topic: Newsletter June 2021 (#100)
Replies: 54
Views: 15264

Re: Newsletter June 2021 (#100)

It's not just WISP networks, but in networks where the operator sells g, using PPP they can hand the login off to the relevant service provider's AAA server. I am sure you could eventually achieve similar results with MPLS, or one-VLAN-per-SP in your wholesale network, or whatever, but PPPoE + L2TP...
by mada3k
Fri Jun 25, 2021 9:11 am
Forum: Announcements
Topic: Newsletter June 2021 (#100)
Replies: 54
Views: 15264

Re: Newsletter June 2021 (#100)

I can see the point of PPPoE in WISP-networks with the air as a medium. PPPoE existed in the DSL-days in my country, but was only used by a few providers. For Cable/Ethernet/FTTH it's just plain DHCP. Not sure why you need an extra layer for authentication and encapsulation when you control the last...
by mada3k
Thu Jun 24, 2021 6:21 pm
Forum: General
Topic: So why do I want to run ROS on a Switch when SWOS is just fine?
Replies: 17
Views: 1235

Re: So why do I want to run ROS on a Switch when SWOS is just fine?

RouterOS for security and management i would say.
SwOS is easyer for a regular "home"-user. More typical switch-type configuration.

SwOS lacks both HTTPS, SSH and a CLI. SwOS works but puts the switch in a very different category of device.
by mada3k
Thu Jun 24, 2021 6:17 pm
Forum: RouterBOARD hardware
Topic: No Link with Copper SFP (CRS112-8P-4S)
Replies: 9
Views: 1210

Re: No Link with Copper SFP (CRS112-8P-4S)

Sounds like incompability. Is it a 1-Gigabit class SFP or for less speeds?

I have used a Cisco GLC-T "clone" in my CRS112 with no issue, correct identification and all, but the Mikrotik RJ01 does indeed work best.
by mada3k
Thu Jun 24, 2021 6:12 pm
Forum: RouterBOARD hardware
Topic: Block diagram "1 Gb/s": full or half duplex? [SOLVED]
Replies: 1
Views: 1329

Re: Block diagram "1 Gb/s": full or half duplex? [SOLVED]

All internal "links" is usually some form av *GMII and is always full duplex.
by mada3k
Tue Jun 22, 2021 12:17 pm
Forum: General
Topic: Feature Request: SAFE MODE time based
Replies: 22
Views: 4950

Re: Feature Request: SAFE MODE time based

I can see the point. Sometimes when you perform a change, maybe a routing-change or vlan-change. The break of the TCP-connection is expected, however it's reachable via another IP, then a timeout-based rollback would be prefered. I have sometime solved it with a scheduled job - if it didn't work, th...
by mada3k
Sat Jun 19, 2021 4:56 pm
Forum: General
Topic: From Mikrotik to Ubiquiti UniFi and back to Mikrotik
Replies: 46
Views: 3982

Re: From Mikrotik to Ubiquiti UniFi and back to Mikrotik

Mikrotik kills Ubnt when it comes to routing. However their APs are really good.

The CRS328 has a good enough CPU for a handle a NAT and firewall for at least a 100/100M connection.
by mada3k
Fri Jun 18, 2021 1:55 pm
Forum: Announcements
Topic: Newsletter June 2021 (#100)
Replies: 54
Views: 15264

Re: Newsletter June 2021 (#100)

The only product-space that Mikrotik excell is in Prosumer, small ISP and small/medium Enterprise. And no one there uses some fancy phone app to setup their network. The "app target market" will probably choose Google, D-Link, Asus, TP-Link or some generic Chinese white-label box with the ...
by mada3k
Tue Jun 15, 2021 9:42 pm
Forum: RouterBOARD hardware
Topic: Mikrotik cAP (RBcAP2nD) Video calls crash wifi connection on os X
Replies: 4
Views: 1294

Re: Mikrotik cAP (RBcAP2nD) Video calls crash wifi connection on os X

Very strange problem. Not much more to say.

I use both Facetime, Zoom and Facebook Messenger video on a Mac. No issues.
by mada3k
Mon Jun 14, 2021 7:04 pm
Forum: RouterBOARD hardware
Topic: Battery driven RB get bricked
Replies: 6
Views: 1258

Re: Battery driven RB get bricked

Hmm. Strange. RouterOS does write on startup/shutdown, so very frequent reboots will wear out the flash memory. But two months?

I also think that a DC/DC converter can have problems and get damaged with very choppy and unstable supply voltage (the compensation/feedback-loop will break down)
by mada3k
Fri Jun 11, 2021 9:52 pm
Forum: RouterBOARD hardware
Topic: CRS112-8G-4S-IN - DC input/POE-out questions
Replies: 11
Views: 2380

Re: CRS112-8G-4S-IN - DC input/POE-out questions

It's a bit hard. You basicly have to detach all ground-points on the PCB from the chassis, or make the chassi floating ground, and you can't use shielded cables.
by mada3k
Thu Jun 10, 2021 8:51 pm
Forum: RouterBOARD hardware
Topic: VLAN problem with CRS112-8P-4S [SOLVED]
Replies: 9
Views: 1452

Re: VLAN problem with CRS112-8P-4S [SOLVED]

The vlan225 bridge interface looks correct to me
by mada3k
Wed Jun 09, 2021 6:27 pm
Forum: RouterBOARD hardware
Topic: VLAN problem with CRS112-8P-4S [SOLVED]
Replies: 9
Views: 1452

Re: VLAN problem with CRS112-8P-4S [SOLVED]

Default L2MTU is 1588 so it should be fine. There is a lot of VLANs going into the switch1-cpu. That might cause much broadcast/multicast to reach the CPU. I only include switch1-cpu in VLAN1 and VLAN-MGMT. I don't see any ingress-taggning? Not used? Example from mine: /interface ethernet switch egr...
by mada3k
Wed Jun 09, 2021 6:13 pm
Forum: RouterBOARD hardware
Topic: CCR1036 Hard Upgrade
Replies: 13
Views: 1602

Re: CCR1036 Hard Upgrade

L3-switches is usually only useful for campus/metro/enterprise-routing due to the maximum number of hardware entries.
by mada3k
Wed Jun 09, 2021 6:07 pm
Forum: General
Topic: Hardware based secured virtual connexion
Replies: 5
Views: 487

Re: Hardware based secured virtual connexion

Yes, of course it's possible!

1) With L2 EoIP-tunnels and Bridges
2) With L3 IPIP/GRE-tunnels and VRF

One issue may be that your "hub" site is behind NAT(?), this may cause issues with tunnels and IPSec in general.
by mada3k
Mon Jun 07, 2021 6:59 pm
Forum: RouterBOARD hardware
Topic: Which router/switch for distributing to 10 individual RouterBOARDs 951-2n?? [SOLVED]
Replies: 4
Views: 1526

Re: Which router/switch for distributing to 10 individual RouterBOARDs 951-2n?? [SOLVED]

It sounds like you need to do some NAT and queues, then you most probably need a router. However, the CRS328 has a decent CPU and actually can act as a router/firewall as well.
by mada3k
Mon Jun 07, 2021 6:43 pm
Forum: RouterBOARD hardware
Topic: CCR1036 Hard Upgrade
Replies: 13
Views: 1602

Re: CCR1036 Hard Upgrade

BGP sessions and queue tree for traffic prioritization. (56 queues in total) Split BGP and queues into separate units. Combing all those in the same box will never yield any great performance. 1072 will not make it any better either. 2004 is really good at BGP but it has some bugs that probably won...
by mada3k
Mon Jun 07, 2021 6:39 pm
Forum: RouterBOARD hardware
Topic: 3 routerboards bricked this week
Replies: 27
Views: 2317

Re: 3 routerboards bricked this week

I have no experience of this myself. Are you using the storage as something more than software and configuration? e.g logs? database? packet-captures?
by mada3k
Fri Jun 04, 2021 6:16 pm
Forum: General
Topic: VLAN Routing is slow on hex S
Replies: 10
Views: 704

Re: VLAN Routing is slow on hex S

I reach about 250Mbps for plain VLAN-routing on a regular hEX with one port used as route-on-a-stick.

hEX <-trunk->switch<-trunk->switch<-trunk->(server with vm's on different vlans)
by mada3k
Thu Jun 03, 2021 7:59 pm
Forum: RouterBOARD hardware
Topic: CRS112-8p-4s won't boot
Replies: 8
Views: 1136

Re: CRS112-8p-4s won't boot

That unfortunally looks like it's stuck in bootup. Maybe it's possible to netinstall, maybe not.

The PoE leds is the top row. Bottom row is link/activity.
by mada3k
Fri May 21, 2021 2:27 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta6 [development] is released!
Replies: 336
Views: 46215

Re: v7.1beta6 [development] is released!

!) added support for Let's Encrypt certificate generation;
Fun feature, but why? Who absolutly needs valid certificates for the www-ssl service, and can not do it separatly?
by mada3k
Fri May 14, 2021 9:06 pm
Forum: RouterBOARD hardware
Topic: CRS354-48P-4S+2Q
Replies: 2
Views: 1129

Re: CRS354-48P-4S+2Q

How do you use the Cisco-switch today? Just plain switch and some VLANs?
by mada3k
Sat May 08, 2021 8:44 pm
Forum: Beginner Basics
Topic: IIS service from Windows
Replies: 2
Views: 921

Re: IIS service from Windows

If you have one public internet IP-adress then you have to do a "portforward" for e.g port tcp/80 and 443 to the IIS-server.

Example:
/ip firewall nat
add action=dst-nat chain=dstnat dst-port=80 in-interface-list=WAN log=yes protocol=tcp to-addresses=192.168.1.20
by mada3k
Sat May 08, 2021 7:14 pm
Forum: RouterBOARD hardware
Topic: 24V-DC-Mod-on-CRS328-24P-4S+RM
Replies: 7
Views: 1906

Re: 24V-DC-Mod-on-CRS328-24P-4S+RM

That ALG power-supply look neat. I also run some stuff on 24V battery backed power. However I use the built in voltage sensor with some scripting to determine battery/utility status.

I think that Mikrotik should put a DC terminal block on all typical non-home devices (like the CCR/CRS'es)
by mada3k
Tue May 04, 2021 9:56 pm
Forum: RouterBOARD hardware
Topic: what is difference flash vs nand?
Replies: 5
Views: 3891

Re: what is difference flash vs nand?

Generally... NOR Flash is limited to 16MB, but it exists 32M and 64M as well. NAND Flash can be several gigabytes. NOR Flash is like a SD-card or SSD-drive. It's a self-contained device manages itself (mapping, wear-leveling, error-handling etc.) and is mostly used for loading firmware or boot image...
by mada3k
Sat Apr 17, 2021 8:18 pm
Forum: Announcements
Topic: v6.48.2 [stable] is released!
Replies: 154
Views: 30268

Re: v6.48.2 [stable] is released!

WebFig stopped working after update. Justs says "ERROR: Not Found" in red when trying to login. Strange...
by mada3k
Fri Apr 16, 2021 9:34 pm
Forum: RouterOS v7 BETA
Topic: Segment Routing and IS-IS
Replies: 18
Views: 3607

Re: Segment Routing and IS-IS

IS-IS and SR would indeed be a big step forward
by mada3k
Mon Apr 12, 2021 6:27 pm
Forum: Beginner Basics
Topic: Issue with my network setup
Replies: 43
Views: 2993

Re: Issue with my network setup

Do you have 192.168.188.2 reserved in the DHCP-server on the FIOS so it's not handed out to some other device (causing IP collision) ? /ip address add address=192.168.188.2/24 interface=ether2 network=192.168.188.0 You can't set an IP-adress on a switchport on a switch. You have to set in on bridge1...
by mada3k
Mon Apr 12, 2021 2:58 pm
Forum: RouterBOARD hardware
Topic: RB5011?
Replies: 19
Views: 2599

Re: RB5011?

There is some "prosumers" that have a taste super all-in-one boxes (12 antennas with 802.11ax, 10G switch, PoE, a lot of CPU cores, etc..) Any professional knows this is the wrong way to do it.

That said, I also think that Mikrotik does some strange decisions sometimes.
by mada3k
Sun Apr 11, 2021 10:38 am
Forum: Beginner Basics
Topic: How do I set UBoot to boot RouterOS?
Replies: 5
Views: 696

Re: How do I set UBoot to boot RouterOS?

Let me rephrase, USB-based storage as OS storage. USB contacts can be glitchy and USB controllers sometimes does random resets when it's encounter some problem.
by mada3k
Sat Apr 10, 2021 1:37 pm
Forum: Beginner Basics
Topic: How do I set UBoot to boot RouterOS?
Replies: 5
Views: 696

Re: How do I set UBoot to boot RouterOS?

If your uBoot can boot an kernel+initrd from some filesystem, or an MBR-device, then yes. The format of the kernel and differ however (there is some variants). I would also strongly suggest not running from an USB memory. USB-sticks can be very unreliable and random USB bus resets. You should use so...
by mada3k
Sat Apr 10, 2021 10:17 am
Forum: Beginner Basics
Topic: Issue with my network setup
Replies: 43
Views: 2993

Re: Issue with my network setup

If you need to use a specific MAC-adress for the WAN-side/DHCP-client, then create an additional bridge with the physical port. Example: /interface bridge add admin-mac=CC:2D:E0:4C:0D:B2 auto-mac=no comment=defconf name=bridge add admin-mac=11:22:33:44:55:66 auto-mac=no comment=WAN name=bridge-wan /...
by mada3k
Fri Apr 09, 2021 10:17 pm
Forum: General
Topic: MacTelnet-Client
Replies: 12
Views: 3120

Re: MacTelnet-Client

mactelnet is wonderfull when L3 has been messed up. A simple Linux client would be handy indeed.
by mada3k
Fri Apr 09, 2021 9:56 pm
Forum: Beginner Basics
Topic: Issue with my network setup
Replies: 43
Views: 2993

Re: Issue with my network setup

The CRS112 maxes out ~70-90Mbps as a router/firewall without any fancy features, maybe that enough for you. It's also important that you verify that the "LAN" ports has the H flag, or else the traffic will be pushed via the CPU. It's the main pitfall with Mikrotik switches that it can do a...
by mada3k
Thu Apr 08, 2021 9:55 pm
Forum: Beginner Basics
Topic: Issue with my network setup
Replies: 43
Views: 2993

Re: Issue with my network setup

First of all.
Are you planning to use the CRS112 as switch or a router?

It looks like you are using it as a router and software bridgeing. Expect very low performance with this setup.
by mada3k
Thu Apr 08, 2021 9:45 pm
Forum: Beginner Basics
Topic: Mikrotik Switch - it is not a switch?
Replies: 30
Views: 2407

Re: Mikrotik Switch - it is not a switch?

No, untagged=ether1,ether2,ether3,ether4 means that those ports will be access ports (no vlan tags) that will work with regular servers and clients. Then pvid=20 will instruct the switch that this ports are member for VLAN20 (as in should be tagged with 20). Also, you should enable VLAN-filtering on...
by mada3k
Thu Apr 08, 2021 8:20 pm
Forum: Beginner Basics
Topic: Mikrotik Switch - it is not a switch?
Replies: 30
Views: 2407

Re: Mikrotik Switch - it is not a switch?

One of the biggest pitfalls with Mikrotik and RouterOS is that you can do anything - and even those things you really don't want to do. You can also do stupid things on a Mikrotik-switch and make all traffic pass trough the CPU instead of the Switch-chip. You can also lock yourself out completly and...
by mada3k
Mon Apr 05, 2021 12:07 pm
Forum: Forwarding Protocols
Topic: CARP protocol support?
Replies: 1
Views: 877

Re: CARP protocol support?

RouterOS 7 will have support for firewall session syncronization.
by mada3k
Sun Apr 04, 2021 11:07 am
Forum: General
Topic: CCR1072 wt Queues -> High CPU load
Replies: 16
Views: 3481

Re: CCR1072 wt Queues -> High CPU load

Well, 500Mbit/s is quite a bandwidth to queue, shape or police. PPPoE also adds a lot of overhead as well. I'm not surprised.

You probably should split that up to several boxes. A single 1072 isn't that great of a device.
by mada3k
Fri Apr 02, 2021 10:51 am
Forum: RouterBOARD hardware
Topic: T-Mobile and LTE6 R11 modem alternative?
Replies: 3
Views: 856

Re: T-Mobile and LTE6 R11 modem alternative?

How does that work? Does T-Mobile use some kind of device whitelist for devices in their network? And why?
by mada3k
Thu Apr 01, 2021 1:47 pm
Forum: General
Topic: FTTH OLT brand mikrotik
Replies: 1
Views: 367

Re: FTTH OLT brand mikrotik

OLT and PON is quite expensive and often very vendor proprietary. Many times it's just cheaper and more reliable to just use regular BiDi SFPs.
by mada3k
Sat Mar 27, 2021 12:07 pm
Forum: Forwarding Protocols
Topic: OSPF with redundant Routers
Replies: 3
Views: 1218

Re: OSPF with redundant Routers

It sounds like a decent solution. All four routers is, in other words, on the same Layer 2 network?

All four is present on /routing ospf neighbour print?
And you are running R(STP) over the VPLS tunnels?
by mada3k
Fri Mar 19, 2021 6:55 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta5 [development] is released!
Replies: 293
Views: 47381

Re: v7.1beta5 [development] is released!

It's indeed strange. They tend to rely on SPI NOR-flash on cheaper devices or switches, witch is sufficient for the most cases. But limited to 16MB (exists 32MB as well, not always supported by the SoC). Raw NAND flash is cheap but has much higher pin-count (adds PCB complexity) But today eMMC price...
by mada3k
Fri Mar 19, 2021 5:50 pm
Forum: RouterBOARD hardware
Topic: CRS112-8P-4S-IN believe it or not
Replies: 6
Views: 1258

Re: CRS112-8P-4S-IN believe it or not

Yes, thats the older non PoE(out)-version.
by mada3k
Fri Mar 19, 2021 1:36 pm
Forum: RouterBOARD hardware
Topic: CRS112-8P-4S-IN believe it or not
Replies: 6
Views: 1258

Re: CRS112-8P-4S-IN believe it or not

Mine has two DC-jacks. Have it simple gone missing in production?

You should ofcourse send it back to the supplier.
by mada3k
Fri Mar 19, 2021 10:52 am
Forum: General
Topic: Feature requests
Replies: 1374
Views: 343310

Re: Feature requests

Please make some adjustments to OSPF neighbor reporting First and foremost please take adjacency changes out of the debug,raw log location, its ridiculous. At the moment only 'Down' is included in 'route, ospf, info' so you can see when a neighbor goes down, but you cannot get a log message when ne...
by mada3k
Wed Mar 17, 2021 4:03 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta5 [development] is released!
Replies: 293
Views: 47381

Re: v7.1beta5 [development] is released!

!) enabled initial MPLS support (CLI only);
Thanks! That a important one
by mada3k
Sat Mar 13, 2021 12:57 pm
Forum: RouterBOARD hardware
Topic: hEX block diagram
Replies: 44
Views: 5658

Re: hEX block diagram

Here a 1000/1000 FTTH connection is about €60-99/mo. A hEX costs about €65. If I would to spend that money on an Internet connection, then I would probably also invest in a router on that level (like a RB4011 or so) instead of spend hours figuring out how to achieve wire-speed performance on an entr...
by mada3k
Sat Mar 13, 2021 10:22 am
Forum: RouterBOARD hardware
Topic: hEX block diagram
Replies: 44
Views: 5658

Re: hEX block diagram

I think it's hilarious that we are discussing a 1Gbit bottleneck on a router that costs as much as the monthly fee as the connection :)
by mada3k
Sat Mar 13, 2021 10:15 am
Forum: RouterBOARD hardware
Topic: New Router / WiFi
Replies: 3
Views: 949

Re: New Router / WiFi

All-in-one has severe drawbacks. WiFi gets old. Routing/firewall performance needs upgrades with faster connections. Software needs more storage. Then you you have to change the whole device. A good switch lasts for years.
by mada3k
Fri Mar 12, 2021 9:38 pm
Forum: RouterOS v7 BETA
Topic: Request: iPhone USB tether 2021 "a Blackmagic Design Atem video mixer can do this on its own... but Mikrotik doesn't ?"
Replies: 4
Views: 1014

Re: Request: iPhone USB tether 2021 "a Blackmagic Design Atem video mixer can do this on its own... but Mikrotik doesn't

It's probably not a big deal to support USB CDC Network, but I'm not sure you will find that support on other network equipment vendors. It's quite a nische feature. especially when Mikrotik does many proper LTE routers to begin with.
by mada3k
Fri Mar 12, 2021 6:10 pm
Forum: RouterBOARD hardware
Topic: FTTH, PPPoE, 2 VLANs and IPTV - performance issue
Replies: 3
Views: 904

Re: FTTH, PPPoE, 2 VLANs and IPTV - performance issue

It's important to take advantage of the swtich chip. or else all the IPTV multicast traffic will be running thru the CPU.

PPPoE is always done in software/CPU
by mada3k
Thu Mar 11, 2021 7:39 pm
Forum: Announcements
Topic: Newsletter March 2021 (#99)
Replies: 38
Views: 14131

Re: Newsletter March 2021 (#99)

In Sweden? I didn't read all the small print in the contract, but Finnish operator Elisa sells contracts with unlimited roaming data in all Nordic countries. Monthly fee is around 30€ for 5G 300M contract. All their contracts include public (but non-static) IP. I have no idea about their roaming pa...
by mada3k
Wed Mar 10, 2021 6:36 pm
Forum: Announcements
Topic: Newsletter March 2021 (#99)
Replies: 38
Views: 14131

Re: Newsletter March 2021 (#99)

KNOT looks interesting!

5G is not relevant in my country unfortunally, it's just too expensive for regular usage. Also having a public IP is hideously expensive (and you have to be a business customer)

Will SDVoE be integrated in current products, or result in a new line of products?
by mada3k
Sun Mar 07, 2021 12:21 pm
Forum: General
Topic: Gre Ipsec between Mikrotik and Fortigate
Replies: 5
Views: 651

Re: Gre Ipsec between Mikrotik and Fortigate

Can't recall it right now but I had to set some "peer-identity-type" or "localid-type address" on the Fortigate to make a regular IPSec tunnel work at least. It's was the Mikrotik that simply denied the setup, not the Fortigate.
by mada3k
Sat Mar 06, 2021 5:16 pm
Forum: RouterBOARD hardware
Topic: What sort of write speeds should I expect from a modern SDXC card in my CCR1009-8G-1S-1S+?
Replies: 3
Views: 866

Re: What sort of write speeds should I expect from a modern SDXC card in my CCR1009-8G-1S-1S+?

I would guess that you will get a couple of 100kB/s out if it. It's simply not designed to be used as mass storage.
by mada3k
Fri Mar 05, 2021 5:11 pm
Forum: General
Topic: What is IP SOCKS ? I got hacked and they open this
Replies: 14
Views: 4823

Re: What is IP SOCKS ? I got hacked and they open this

6.40.1 is ancient. And never ever leave winbox or any other services open to Internet.
by mada3k
Wed Mar 03, 2021 10:40 am
Forum: RouterBOARD hardware
Topic: RB4011 SFP+ WAN at 2.5G with Arris S33 Modem
Replies: 7
Views: 1734

Re: RB4011 SFP+ WAN at 2.5G with Arris S33 Modem

My provider actually offers 1.2Gbps, but only with 30-40Mbps of upload, so it's quite worthless.
by mada3k
Mon Mar 01, 2021 6:16 pm
Forum: RouterBOARD hardware
Topic: RB4011 SFP+ WAN at 2.5G with Arris S33 Modem
Replies: 7
Views: 1734

Re: RB4011 SFP+ WAN at 2.5G with Arris S33 Modem

If I had the possibility and could afford a 2.5Gbps Internet connection then I would probably use a CRS305+RB4011 or CRS326+RB4011
by mada3k
Wed Feb 24, 2021 7:35 pm
Forum: General
Topic: Constantly changing SSH keys and missing users
Replies: 4
Views: 494

Re: Constantly changing SSH keys and missing users

Filesystem errors and corruption can trigger very strange behaviour in general.
by mada3k
Wed Feb 24, 2021 7:23 pm
Forum: RouterBOARD hardware
Topic: Problem with CRS112-8P-4S no more than 100Mbps of cpu at 100%
Replies: 2
Views: 749

Re: Problem with CRS112-8P-4S no more than 100Mbps of cpu at 100%

It looks like you are doing the VLAN filtering in software, hence putting all load on the CPU. Configuration must be done under /interface ethernet switch to take advantage of the switch properly. Example from my setup: # egress tagging /interface ethernet switch egress-vlan-tag add tagged-ports=swi...
by mada3k
Sun Feb 21, 2021 1:17 pm
Forum: SwOS
Topic: HOW-TO: Spanning Tree BPDU Filtering with ACLs
Replies: 1
Views: 968

Re: HOW-TO: Spanning Tree BPDU Filtering with ACLs

Thanks for the tip!

Mikrotik often misses this standard types of "standard features" some some reason (bdpu filter/guard, swichport security sticky, etc.) but it's good that it's possible to do manually at least.
by mada3k
Wed Feb 17, 2021 9:24 pm
Forum: General
Topic: CCR2004 traffic but no SFP Light or 10G Light
Replies: 3
Views: 373

Re: CCR2004 traffic but no SFP Light or 10G Light

I don't have any CCR2004 of my own but have you looked under /system led ?
by mada3k
Sun Feb 14, 2021 7:00 pm
Forum: SwOS
Topic: CRS 112 Slow Throughput
Replies: 17
Views: 1958

Re: CRS 112 Slow Throughput

A working switched network will only switch the traffic on the paths intended. But the drawbacks of a L2 switched network is that you can't use multiple links or load-balancing.

Give us a network diagram and what you are trying to solve.
by mada3k
Sun Feb 14, 2021 6:49 pm
Forum: RouterBOARD hardware
Topic: Which ROS devices do you expect the most?
Replies: 18
Views: 2638

Re: Which ROS devices do you expect the most?

More port-versatility and telecom-format
viewtopic.php?f=3&t=172301
by mada3k
Sat Feb 13, 2021 11:17 pm
Forum: SwOS
Topic: CRS 112 Slow Throughput
Replies: 17
Views: 1958

Re: CRS 112 Slow Throughput

So you are running both PPPoE, OSPF, MPLS and multiple bridges? Sorry, it's simply not designed for that with it's 400Mhz CPU. For the management but not for bulk traffic. You need to setup proper switching under /interface ethernet switch to be able to reach full speed, but routing & mpls perfo...
by mada3k
Sat Feb 13, 2021 8:57 pm
Forum: General
Topic: CCR1036 capacity
Replies: 7
Views: 795

Re: CCR1036 capacity

Specs says ~15Gbps with just plain IPv4 routing. NAT, connection tracking and PPPoE adds a lot of overhead to that.
by mada3k
Sat Feb 13, 2021 12:05 pm
Forum: SwOS
Topic: CRS 112 Slow Throughput
Replies: 17
Views: 1958

Re: CRS 112 Slow Throughput

CRS112 can't run SwOS, so you must be running RouterOS.

If you have 100% CPU usage it sounds like it's not using the hardware switch properly. CRS1xx/CRS2xx can be a lite tricky to configure.

Do a /interface bridge port print and verify that the ports are "H".
by mada3k
Sat Feb 13, 2021 11:49 am
Forum: RouterBOARD hardware
Topic: Netinstall from a ROS device?
Replies: 7
Views: 1091

Re: Netinstall from a ROS device?

It should be possible with a remote-netinstall over a EoIP/VPLS tunnel, with a Linux/Windows host on the other side?
by mada3k
Wed Feb 10, 2021 9:16 pm
Forum: RouterBOARD hardware
Topic: Radio towers using Mikrotik RB1100ahx4
Replies: 2
Views: 754

Re: Radio towers using Mikrotik RB1100ahx4

A network diagram and running configuration from one router would be helpful.

There are no "WAN" ports on RouterOS, it all up to your configuration.
by mada3k
Mon Feb 08, 2021 2:00 pm
Forum: Wireless Networking
Topic: Feature Request - Zigbee
Replies: 9
Views: 1409

Re: Feature Request - Zigbee

Zigbee would indeed be nice since it's an open protocol/standard (in contrast to Z-wave and Apple Homekit)

I currently use a CC2530 USB-stick to control my devices via zigbee2mqtt. Works OK but range is not that great.
by mada3k
Mon Feb 08, 2021 1:58 pm
Forum: RouterBOARD hardware
Topic: "fcs error on link", every day
Replies: 10
Views: 1115

Re: "fcs error on link", every day

We also have "fcs error on link" on our CCR1009s sometimes, but on the Ether-ports. Not experiencing any packetloss or issues.
by mada3k
Sun Feb 07, 2021 6:20 pm
Forum: General
Topic: Which is better like Ubiquity
Replies: 8
Views: 1025

Re: Which is better like Ubiquity

Yes, Ubiquiti does faster WiFi (among others). And yes, they have a better NMS/controller for it as well.

But personally I think Mikrotik wins in versatility and routing.
by mada3k
Sun Feb 07, 2021 1:35 pm
Forum: Beginner Basics
Topic: How to TV Box on Other Subnet?
Replies: 3
Views: 499

Re: How to TV Box on Other Subnet?

But the network between the ISP router and your Mikrotik is 192.168.0.0/24 ? - and you want the TV-box on that network as well?

Then basiclly you wan't ether1 & ether2 acting as a switch (bridge-wan)
The you want to switch the other ports on "home" side (bridge-lan)
by mada3k
Sun Feb 07, 2021 1:26 pm
Forum: General
Topic: Is RouterOS and (routing in general) still faster on routers than on dedicated computer ? [SOLVED]
Replies: 13
Views: 1723

Re: Is RouterOS and (routing in general) still faster on routers than on dedicated computer ? [SOLVED]

Yes, the only "ASIC-Mikrotik" is the CRS3xx-series with it's (limited) MPLS-switching and IPv4-routing features. PC/x86 generally starts to having issues with approaching 10G speeds, this it not CPU- or PCIe-related but to the fact of the software/kernel that has to handle all the IRQs and...
by mada3k
Sun Feb 07, 2021 11:41 am
Forum: RouterBOARD hardware
Topic: 10G Fiber run of 700m, which SFP+ module and cable?
Replies: 6
Views: 1325

Re: 10G Fiber run of 700m, which SFP+ module and cable?

If buying or deploying new (and self owned) cables, then duplex is the way to go. Simplex/BiDi usually makes most sense when leasing/renting dark-fibre. You should also always plan for some spare fibre-pairs in case something new or some breaks and you can make a quick change to get it up running ag...
by mada3k
Sat Feb 06, 2021 11:14 am
Forum: RouterBOARD hardware
Topic: 10G Fiber run of 700m, which SFP+ module and cable?
Replies: 6
Views: 1325

Re: 10G Fiber run of 700m, which SFP+ module and cable?

If you are not going to use CWDM (witch those different wavelenghts are for) then you should go with ordinary ~1310nm. And yes, above 300m you generally need to use single-mode. If you are going to use dual fibre = XS+31LC10D For single fibre ("BiDi") = S+2332LC10D Of course almost all SFP...
by mada3k
Fri Feb 05, 2021 9:15 pm
Forum: Beginner Basics
Topic: How to TV Box on Other Subnet?
Replies: 3
Views: 499

Re: How to TV Box on Other Subnet?

You can't have two 192.168.0.0/24 networks on both sides of the Mikrotik. You can't do a "passtrough" of the 192.168.0.0/24 network with unmanaged switches, you need VLAN support. But you can do a "passtrough" in the Mikrotik, example: /interface bridge add auto-mac=no name=bridg...
by mada3k
Thu Feb 04, 2021 10:12 pm
Forum: RouterBOARD hardware
Topic: GPEN21 Eth2 to SFP Communication not working
Replies: 9
Views: 2772

Re: GPEN21 Eth2 to SFP Communication not working

A block-diagram would be helpful to avoid this confusion
by mada3k
Thu Feb 04, 2021 9:18 pm
Forum: RouterBOARD hardware
Topic: "telecom"-style & versatility ?
Replies: 0
Views: 691

"telecom"-style & versatility ?

I would like to suggest a further development of the RB1100AHx4 and possible make it more "telecom"-focused (almost ETSI-300, AC or 48V, fanless) and add some versatility. The RB1100AHx4 falls short with it's lack of SFP+, SFP or even combo-ports. A typical application or use case would be...
by mada3k
Tue Feb 02, 2021 7:40 pm
Forum: Forwarding Protocols
Topic: Juniper to MikroTik - OSPF
Replies: 1
Views: 697

Re: Juniper to MikroTik - OSPF

Great article! :)
by mada3k
Mon Feb 01, 2021 6:03 pm
Forum: RouterBOARD hardware
Topic: PPPoE & IPTV problem - router CRS125-24G - how to use integrated chip for better performance [SOLVED]
Replies: 9
Views: 1607

Re: PPPoE & IPTV problem - router CRS125-24G - how to use integrated chip for better performance [SOLVED]

Well, now you are using VLAN1 as both Internet and LAN, but separating them at a CPU-level instead. Also no VLAN filtering on the WAN-interface. I can't recommend this apporach, but it yes, it will probably work :)

I would at least put all your LAN ports on another VLAN
by mada3k
Mon Feb 01, 2021 11:29 am
Forum: RouterBOARD hardware
Topic: PPPoE & IPTV problem - router CRS125-24G - how to use integrated chip for better performance [SOLVED]
Replies: 9
Views: 1607

Re: PPPoE & IPTV problem - router CRS125-24G - how to use integrated chip for better performance [SOLVED]

Now you have two bridges, not sure if thats want you want. To be honest, I'm a bit unsure about the "hybrid" and translation port (translate untagged to a vlan, IPTV as tagged) - but I think it's the most resonable instead of running the Internet and PPPoE client directly on VLAN1/default ...
by mada3k
Fri Jan 29, 2021 8:52 pm
Forum: RouterBOARD hardware
Topic: PPPoE & IPTV problem - router CRS125-24G - how to use integrated chip for better performance [SOLVED]
Replies: 9
Views: 1607

Re: PPPoE & IPTV problem - router CRS125-24G - how to use integrated chip for better performance [SOLVED]

Yes, the IP-TV VLAN is unfortunally going via the CPU. For the CRS1xx series you have to configure the switching under /interface ethernet switch since the switching must take place before the CPU. I did a bit of copy&paste and rewrite from my working CRS112 setup. Maybe it will help you on the ...
by mada3k
Fri Jan 29, 2021 6:49 pm
Forum: RouterBOARD hardware
Topic: PPPoE & IPTV problem - router CRS125-24G - how to use integrated chip for better performance [SOLVED]
Replies: 9
Views: 1607

Re: PPPoE & IPTV problem - router CRS125-24G - how to use integrated chip for better performance [SOLVED]

Well. The CRS125 is primarly a switch, and unfortunally all PPPoE encap/decap is done in software. PPPoE is very CPU heavy. I also suspect that you are doing the switching in software as well. Do a /interface bridge port print and make sure it says " H " on the right ports. Is it Multicast...
by mada3k
Thu Jan 28, 2021 7:38 pm
Forum: RouterBOARD hardware
Topic: DSL Modem Routers
Replies: 5
Views: 1117

Re: DSL Modem Routers

Can be problematic to have the certified/accepted for all the Telco and providers that exists.
by mada3k
Mon Jan 25, 2021 6:59 pm
Forum: Forwarding Protocols
Topic: VRRP + OSPF
Replies: 1
Views: 603

Re: VRRP + OSPF

There is no need to run VRRP between between OSPF nodes, and it will probably screw things up. VRRP is used for provide a redundant default gateway to non-dynamic-routing-aware clients.

The you probably have to annonce the VRRP network under /routing ospf network
by mada3k
Sat Jan 16, 2021 1:28 pm
Forum: RouterOS v7 BETA
Topic: Bonding HW offload on CRS112 [SOLVED]
Replies: 2
Views: 1008

Re: Bonding HW offload on CRS112 [SOLVED]

Static trunking does work (not LACP or "software" bonding)
https://wiki.mikrotik.com/wiki/Manual:C ... s#Trunking
by mada3k
Sat Jan 16, 2021 11:24 am
Forum: RouterBOARD hardware
Topic: RB4011, 260GS and SFP link [SOLVED]
Replies: 4
Views: 1121

Re: RB4011, 260GS and SFP link [SOLVED]

Generally SFP+ is not compatible in SFP devices. I'm amazed that it works. But yes, probably only in manual speed settings.
by mada3k
Thu Jan 14, 2021 7:24 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 114
Views: 11632

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

When we hit a brick wall in terms of performance (DNS resolver, PPPoE server, etc.) .... We are testing splitting BRAS / NAT functionality across two CCRs (suggested by other community members), but that instantly doubles our cost base, in a market where $15/mo for a 5Mbps service is luxury. You re...
by mada3k
Wed Jan 13, 2021 6:28 pm
Forum: General
Topic: Share public IP to router behind mikrotik
Replies: 7
Views: 733

Re: Share public IP to router behind mikrotik

Not sure how you can make that work. RouterOS doesn't support /31 subnets.

You could create a bridge with sfp1 and ether6. Then put you own IP on that bridge-interface.
by mada3k
Tue Jan 12, 2021 10:18 pm
Forum: RouterBOARD hardware
Topic: POE out - why do most MikroTik products not follow the standards?
Replies: 24
Views: 11666

Re: POE out - why do most MikroTik products not follow the standards?

This is rather simple Passive is simpler and cheaper. Higher voltage (30V>) DC/DC converters is worse at lower voltages - witch many home devices run on (typically 12V) Passive PoE is non-negotiated. 803.af/at is negotiated. Some Active devices doesn't care about the providers response. Then Passive...
by mada3k
Wed Jan 06, 2021 11:00 am
Forum: RouterBOARD hardware
Topic: Topology help - what should go where? (for best VPN performance ;) )
Replies: 5
Views: 721

Re: Topology help - what should go where? (for best VPN performance ;) )

Okay, So not a site to site VPN but a commercial VPN breakout service. I run a site to site between two locations.

Well, openvpn works great with AES-NI on Linux, but OpenVPN is generally slow.
Wireguard can't use AES-NI at all (different ciphers). Router OS 7 will have Wireguard support.
by mada3k
Wed Dec 30, 2020 10:35 am
Forum: RouterBOARD hardware
Topic: Topology help - what should go where? (for best VPN performance ;) )
Replies: 5
Views: 721

Re: Topology help - what should go where? (for best VPN performance ;) )

What kind of VPN tunnel?

I run a IPSec between two RB750Gr3. Basiclly maxes out the Internet connection.
by mada3k
Mon Dec 28, 2020 1:04 pm
Forum: General
Topic: Is it possible to "subnet" a /64 prefix between 2 internal LANs?
Replies: 10
Views: 1181

Re: Is it possible to "subnet" a /64 prefix between 2 internal LANs?

Yes, /64 delegations makes it impossible for autoconf with separate networks/vlans.

However, You could setup a DHCPv6-server and hand out global addresses locally (can be run on any Linux-device). Then assign a /96 to each network/vlan (that is within the /64).
by mada3k
Mon Dec 28, 2020 12:58 pm
Forum: General
Topic: VPN for Mikrotik for game Mobile legend
Replies: 9
Views: 1300

Re: VPN for Mikrotik for game Mobile legend

I'm afraid a VPN tunnel won't solve any lag or high latency, it will most likely introduce more.
by mada3k
Sun Dec 27, 2020 4:22 pm
Forum: General
Topic: Mikrotik device behind limited ISP modem
Replies: 15
Views: 1480

Re: Mikrotik device behind limited ISP modem

Try to break into the thing and setup a static route, or find VoIP settings?
by mada3k
Sat Dec 26, 2020 2:58 pm
Forum: General
Topic: "Road warrior" VPN client
Replies: 1
Views: 359

Re: "Road warrior" VPN client

The only resonable alternative on RouterOS for this is a SSTP VPN. It the most "SSL-VPN" like alternative. IPSec-based "road-warrior" VPN works bad with NAT and guest networks. Client-wise it's mixed: Windows should have native support. Never tried Linux and OSX - I have tried wi...
by mada3k
Fri Dec 25, 2020 6:14 pm
Forum: RouterOS v7 BETA
Topic: Chateau Config Backup & Restore
Replies: 14
Views: 1913

Re: Chateau Config Backup & Restore

export and import of configuration can't be done in a "blind" way like on a Cisco. The export/import function except a "empty" router. For templating new devices, i usually put in some "remove all"'s before adding new entries. For example /ip address remove [find] # fir...
by mada3k
Fri Dec 25, 2020 12:48 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 114
Views: 11632

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

There is for certainly many millions of dollars put in to R&D there.
by mada3k
Wed Dec 23, 2020 8:19 pm
Forum: RouterOS v7 BETA
Topic: Feature Request: Proper support for RTL8367
Replies: 5
Views: 1526

Re: Feature Request: Proper support for RTL8367

I was planning on buying an RB4011 as a combined switch/router, and one of the reasons to move away from consumer stuff was to venture into VLAN configurations where all my IoT stuff is separate and not connected to the internet, etc. ALL traffic will be on one or multiple VLANs. Am I to understand...
by mada3k
Sun Dec 20, 2020 12:04 pm
Forum: RouterOS v7 BETA
Topic: REST
Replies: 11
Views: 2232

Re: REST

Amazing.

We have done a lot of automation with Ansible and SSH, but this will for sure be next level.
by mada3k
Sun Dec 20, 2020 11:28 am
Forum: RouterOS v7 BETA
Topic: Feature Request: Proper support for RTL8367
Replies: 5
Views: 1526

Re: Feature Request: Proper support for RTL8367

You you plan to push a lot of L2 traffic within VLANs, then the RB4011 is simply a bad choise since it's designed to be a router. I think you should consider buying a switch instead that is the correct device for the job. RTL8367 is a very basic switch chip. But sure, they could have chosen to prese...
by mada3k
Wed Dec 16, 2020 11:42 pm
Forum: Announcements
Topic: v6.48rc [testing] is released!
Replies: 18
Views: 6471

Re: v6.48rc [testing] is released!

[i]branding - fixed LCD logo loading from new style branding package[/i]

We currently have all our LCDs turned off since we find it not to useful and mainly a security concern. However it would be great to be able to display a static logotype and an asset name/tag.
by mada3k
Tue Dec 15, 2020 6:19 pm
Forum: RouterBOARD hardware
Topic: Infos regarding CCR1036-8G-2S+EM to migrate from Vyos.
Replies: 10
Views: 1327

Re: Infos regarding CCR1036-8G-2S+EM to migrate from Vyos.

For BGP performance choose CCR2004 or CHR

CCR10xx is slow on single-core performance as needed by BGP.
by mada3k
Sat Dec 12, 2020 10:48 am
Forum: RouterBOARD hardware
Topic: New High Performance Routers ! ?
Replies: 82
Views: 17317

Re: New High Performance Routers ! ?

Large ISP often has several platforms for different workloads. They never do everything in one single platform.
by mada3k
Fri Dec 11, 2020 8:50 pm
Forum: RouterBOARD hardware
Topic: New High Performance Routers ! ?
Replies: 82
Views: 17317

Re: New High Performance Routers ! ?

RouterOS is essentially a software based router. Thats a fact. I also think a lot of Mikrotik users are trying do to much in the same box. Pushing a lot of PPPoE, Queues, tunneling, NAT and connection-tracking is very very heavy and can only be done i software basically. Not sure that a Cisco or Jun...
by mada3k
Mon Dec 07, 2020 4:43 pm
Forum: RouterBOARD hardware
Topic: Actual Driver Support 40G Cards on ROS 6.47.x/6.48x
Replies: 5
Views: 1166

Re: Actual Driver Support 40G Cards on ROS 6.47.x/6.48x

The x86 release of RouterOS 6 is not really made for high performance workloads, more like single-boards computers and embedded stuff.

Use CHR release on top of KVM or whatever.
by mada3k
Fri Dec 04, 2020 11:10 pm
Forum: RouterBOARD hardware
Topic: Router for multicasting
Replies: 5
Views: 832

Re: Router for multicasting

I see. So you convert the RTMP to UDP packetized MPEG-TS or something like that. And you need the router to forward this over some Layer 3 infrastructure?

Server -> Switch(multicast) -> Router(unicast) -> Switch(multicast).

Is this correct?
by mada3k
Fri Dec 04, 2020 8:50 pm
Forum: RouterBOARD hardware
Topic: Router for multicasting
Replies: 5
Views: 832

Re: Router for multicasting

I also use a separate VLANs for heavy multicasts.

10Mbps is not that heavy, can be done with the most boxes.
by mada3k
Thu Dec 03, 2020 10:53 pm
Forum: RouterOS v7 BETA
Topic: v7.1beta3 [development] is released!
Replies: 262
Views: 50526

Re: v7.1beta3 [development] is released!

Every new 7-beta release brings amazing features. Lets just hope that they eventually become stable as well :)
by mada3k
Thu Dec 03, 2020 10:49 pm
Forum: RouterOS v7 BETA
Topic: MikroTik does bad WiFi?
Replies: 2
Views: 1000

Re: MikroTik does bad WiFi?

I think Mikrotik does good RF design and well made flexible products. But yes, not the fastest.

Many other stuff has newer and faster chipsets, but has shitty software and RF-design.
by mada3k
Fri Nov 27, 2020 6:01 pm
Forum: RouterBOARD hardware
Topic: Ageing wireless cards?
Replies: 2
Views: 810

Re: Ageing wireless cards?

From my experience - Yes, radio-hardware does degrade with age.

I have no proof to back it up.
by mada3k
Thu Nov 26, 2020 9:35 pm
Forum: General
Topic: configure CCR1009-7G-1C 2 svi's, 2 dhcp servers and access port's
Replies: 7
Views: 810

Re: configure CCR1009-7G-1C 2 svi's, 2 dhcp servers and access port's

I agree that you really should't use VLAN ID 1 in a serious envoriment. Here is my take on you config, if I understand correctly ### method 1 ### # separate bridges /interface bridge add name=vlan1 add name=vlan10 # vlan interfaces /interface vlan add interface=ether1 name=ether1.1 vlan-id=1 add int...
by mada3k
Sun Nov 22, 2020 1:43 pm
Forum: RouterBOARD hardware
Topic: Successor to CRS210-8G-2S+ desktop switch?
Replies: 4
Views: 1448

Re: Successor to CRS210-8G-2S+ desktop switch?

It's a fantastic price but I agree that SwOS more or less ties the switch to home usage (or maybe very small business)
by mada3k
Fri Nov 20, 2020 9:43 pm
Forum: RouterBOARD hardware
Topic: Enquiry on 100Gbps SFP Router
Replies: 3
Views: 904

Re: Enquiry on 100Gbps SFP Router

100Gbps linecards for telco-grade routers is tremendously expensive for many reasons. I don't think we will se Mikrotik in that segment for a while.

What is possible then is 100G L2 switches with L3 and MPLS capabilities, as the switching ASICs is becoming cheaper.
by mada3k
Thu Nov 19, 2020 6:40 pm
Forum: General
Topic: Ethernet SOHO router
Replies: 5
Views: 538

Re: Ethernet SOHO router

PPPoE is quite CPU heavy to handle. I would definitely go for a RB4011, if you are planning to use that Gigabit.
by mada3k
Thu Nov 12, 2020 9:10 pm
Forum: Forwarding Protocols
Topic: MPLS over l2tp mtu [SOLVED]
Replies: 2
Views: 948

Re: MPLS over l2tp mtu [SOLVED]

MPLS/VPLS doesn't fragment at all. It requires you to have the actual needed L2MTU headroom.
by mada3k
Sun Nov 08, 2020 2:25 pm
Forum: RouterBOARD hardware
Topic: Idea for 1U Core Router with 4xSFP+
Replies: 7
Views: 998

Re: Idea for 1U Core Router with 4xSFP+

ROS v6 x86 is more focused on low-end/embedded x86 hardware. There are generally no high-performance drivers.
by mada3k
Sat Nov 07, 2020 6:44 pm
Forum: General
Topic: Roku and Chromecast not working through Mikrotik
Replies: 2
Views: 408

Re: Roku and Chromecast not working through Mikrotik

Sounds strange. I have Chromecasts, both wired and wireless. Never have any issues.

Not work as in "can't access internet" or "can't be found"?

Do a /export hide-sensitive and post here.
by mada3k
Sat Nov 07, 2020 6:41 pm
Forum: General
Topic: Connecting layer 2 appliances on separated networks
Replies: 4
Views: 506

Re: Connecting layer 2 appliances on separated networks

EoIP and Bridge is probably the answer. Beware that it has adds some overhead so depending on the connection between it' won't be possible to use full 1500 byte frames.
by mada3k
Fri Nov 06, 2020 7:00 pm
Forum: Announcements
Topic: MikroTik newsletter November 2020 (#98)
Replies: 64
Views: 16367

Re: MikroTik newsletter November 2020 (#98)

Are Mikrotik planning to launch products in the 5G backbone/backhaul segment? Or it's just end-user/consumer?
by mada3k
Tue Oct 27, 2020 9:51 pm
Forum: RouterBOARD hardware
Topic: Hardware Firewall?
Replies: 1
Views: 513

Re: Hardware Firewall?

I have no experience of Meraki but Mikrotik doesn't compare to a Fortigate I can say for sure. There simply are no "NGFW" features. The policy/firewall editor is not made for manage hundreds of rules (witch is very likley for an enterprise). For home or small office usage it will do fine. ...
by mada3k
Sun Oct 25, 2020 10:25 am
Forum: RouterBOARD hardware
Topic: Is CCR1009-7G-1C-1S+ Suitable for my needs?
Replies: 6
Views: 787

Re: Is CCR1009-7G-1C-1S+ Suitable for my needs?

No, same thing, routers. It will probably work but it will cost a bit of CPU load.

If you need wire speed LACP/bonding then a switch is the answer. The CRS3xx-series can do LACP/bonding groups.

Do you need 4 Gbps of bandwidth? Can you use the SFP+ port instead maybe?
by mada3k
Sat Oct 24, 2020 1:57 pm
Forum: RouterBOARD hardware
Topic: Is CCR1009-7G-1C-1S+ Suitable for my needs?
Replies: 6
Views: 787

Re: Is CCR1009-7G-1C-1S+ Suitable for my needs?

CCR1009 is not a switch, it's all routed interfaces attached to the CPU, hence all kind of bonding/LACP will be done in software.
by mada3k
Wed Oct 14, 2020 8:47 pm
Forum: RouterBOARD hardware
Topic: Powering Suggestions for ccr1016-12s-1s+ with DC power
Replies: 3
Views: 723

Re: Powering Suggestions for ccr1016-12s-1s+ with DC power

We have some DC-converted CCRs.

If you can live with the custom modification then it works fine to just supply (usually 24V) directly on the board internally.

Beware of -48V (negative) as it's a completly different story and can vary between -42V to -60V or -36V to -76V.
by mada3k
Wed Oct 14, 2020 6:22 pm
Forum: Announcements
Topic: Newsletter 97 (September 2020)
Replies: 86
Views: 18553

Re: Newsletter 97 (September 2020)

... But at same time in Western Europe, North America and any many other countries many many customers want better Wifi (full 11ac with all the benefits) and Wifi 6 NOW And are ready to pay!!! But there are plenty of other WiFi6 stuff on the market if you really need WiFi6. I don't see why Mikrotik...
by mada3k
Sun Oct 11, 2020 11:26 am
Forum: Announcements
Topic: Newsletter 97 (September 2020)
Replies: 86
Views: 18553

Re: Newsletter 97 (September 2020)

I agree, SwitchOS is not really just usable for an enterprise. It's fine for home or lab usage.
by mada3k
Sat Oct 03, 2020 2:32 pm
Forum: RouterOS v7 BETA
Topic: VRF status with RouterOS v7
Replies: 6
Views: 1422

Re: VRF status with RouterOS v7

Will VPNv4 still be supported in v7 ?
by mada3k
Sat Oct 03, 2020 10:55 am
Forum: RouterBOARD hardware
Topic: NBN router for Australia
Replies: 4
Views: 1041

Re: NBN router for Australia

xDSL is legacy technology. It's just wasted money to put R&D money there.
by mada3k
Sun Sep 27, 2020 12:59 pm
Forum: Forwarding Protocols
Topic: MPLS and MTU
Replies: 5
Views: 1285

Re: MPLS and MTU

A full regular Ethernet frame is 1514 bytes.
With VPLS [mpls+vpls+cw] tags thats +12 bytes (=1526)
Then you need a Ethernet frame around it (=1540)

We use 1560 as MPLS-MTU and 1580 as L2MTU.

https://wiki.mikrotik.com/wiki/Manual:M ... uterBoards
by mada3k
Sat Sep 26, 2020 10:55 am
Forum: Announcements
Topic: Newsletter 97 (September 2020)
Replies: 86
Views: 18553

Re: Newsletter 97 (September 2020)

CSS610-8G-2S+IN looks neat.

I think that more products should have pin terminal connector. DC-barrel jacks is not that professional some times.

Why all the talk about 5G? Mikrotik doesn't do any 5G products?
by mada3k
Sat Sep 26, 2020 10:53 am
Forum: General
Topic: Mikrotik to replace our faulty Cisco core switch
Replies: 6
Views: 795

Re: Mikrotik to replace our faulty Cisco core switch

I think that CRS317-1G-16S+ is the closest thing to a Cisco 4900M.

https://wiki.mikrotik.com/wiki/Manual:C ... Offloading
by mada3k
Tue Sep 22, 2020 9:07 pm
Forum: General
Topic: [FEATURE REQUEST] Two Factor Authentication
Replies: 37
Views: 20401

Re: [FEATURE REQUEST] Two Factor Authentication

Google Authenticator is already available in the RouterOS v7 User Manager for testing purposes: [emils@ez_pair7_r1] /user-manager> user/print Flags: X - disabled 0 name="emils" password="test" otp-secret="JBSWY3DPEHPK3PXP" group=default shared-users=1 attributes="...
by mada3k
Wed Sep 09, 2020 6:26 pm
Forum: RouterBOARD hardware
Topic: Failover solutuion
Replies: 2
Views: 485

Re: Failover solutuion

VRRP needs a working L2 between the routers, either done in software or a switch.

The usual procedure with two BGP providers is to connect them on different physical routers, then run iBGP between them.
by mada3k
Sat Sep 05, 2020 10:30 pm
Forum: RouterBOARD hardware
Topic: HAP AC2 best option for home use
Replies: 13
Views: 3469

Re: HAP AC2 best option for home use

Performance is very dependent on where the access point, or router in this case, is placed. The worst placement is the most common unfortunally - On some shelf/bench with the TV with other equipment. I have a hEX at home and two wAP AC. One placed on the kitchen and the other one in the corridor nex...
by mada3k
Tue Sep 01, 2020 10:41 am
Forum: General
Topic: RouterOS Firewall configuration when using a bridge with multiple VLANs
Replies: 2
Views: 1450

Re: RouterOS Firewall configuration when using a bridge with multiple VLANs

IP Firewall rules is always on L3 interface level. Using firewall rules on a VLAN-aware L2 bridge (without an IP) will have no effect. To protect people from "jumping between VLANs" enable vlan-filtering and frame-types=admit-only-untagged-and-priority-tagged on all client-ports. I'm using...
by mada3k
Mon Aug 31, 2020 11:55 am
Forum: General
Topic: mDNS and WoL across VLANs
Replies: 3
Views: 1335

Re: mDNS and WoL across VLANs

mDNS Reflection is a long asked for feature request on RouterOS. But it can be done on any linux-systems (avahi-daemon)
by mada3k
Fri Aug 28, 2020 5:26 pm
Forum: RouterBOARD hardware
Topic: SFP Throught fast ethernet media converter
Replies: 2
Views: 538

Re: SFP Throught fast ethernet media converter

100Mbit over SFP is very special. Not supported on all ports/platforms. Gigabit is the standard.

When using against media converters, disable auto-negotiation and use 1Gbps-FD
by mada3k
Wed Aug 26, 2020 5:36 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 114
Views: 11632

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

In our field we use both. When we buy Cisco, we look at datasheets, whitepapers, manuals, some calls to some sellers and so on, presents an idea and requirements, then we get quotes. Then we require the features to work , or the sellers consultants has to make it work , with or without Cisco. Then w...
by mada3k
Tue Aug 25, 2020 6:03 pm
Forum: General
Topic: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]
Replies: 114
Views: 11632

Re: Mikrotik or NOT!!! Industry standarts say no!! Why? [SOLVED]

Many enterprises is obsessed with 24x7 support from the vendor. If it can't be delivered, the vendor is simply out. Many enterprises will require a unbrella system of some kind. Like Cisco Prime, Juniper Space etc. DUDE is a joke. It's also important to have long-lived product lines, like the Cisco ...
by mada3k
Sun Aug 23, 2020 6:47 pm
Forum: General
Topic: Correct way of switch in RouterOS
Replies: 5
Views: 1247

Re: Correct way of switch in RouterOS

Thanks tdw, I have now cleaned up my configuration as you gave example on. Works as good as before.
by mada3k
Sat Aug 22, 2020 9:42 pm
Forum: General
Topic: Correct way of switch in RouterOS
Replies: 5
Views: 1247

Re: Correct way of switch in RouterOS

I see. VLAN50 and 59 must reach the CPU since it runs DHCP for VLAN50, and VLAN59 for management. How should the bridge setup look like then? Something like this? /interface bridge port add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether1 add bridge=bridge1 frame-types=admit-only-v...
by mada3k
Sat Aug 22, 2020 6:49 pm
Forum: General
Topic: Correct way of switch in RouterOS
Replies: 5
Views: 1247

Correct way of switch in RouterOS

Hi, I have a CRS112-8P-4S at home and it's a great little PoE-switch. I'm using the setup as done in Example 1 https://wiki.mikrotik.com/wiki/Manual:CRS1xx/2xx_series_switches_examples#VLAN However, I find the configuration a bit... double and redundant.. /interface ethernet switch egress-vlan-tag a...
by mada3k
Mon Aug 17, 2020 9:57 pm
Forum: RouterBOARD hardware
Topic: Need help picking a MikroTik product for AP setup
Replies: 7
Views: 1437

Re: Need help picking a MikroTik product for AP setup

I have a wAP AC. Works great.
by mada3k
Wed Aug 12, 2020 6:05 pm
Forum: RouterBOARD hardware
Topic: SFP module is extremely hot
Replies: 48
Views: 26164

Re: SFP module is extremely hot

It's strange that some SFP's get extremly hot when plugged in to some host devices. Higher voltage? Clock-frequency? Power-saving incompability?

Some SFP just get very warm, especially GPON, long-reach SM and 10GBase-T transcievers generate a lot of heat by themself regardless of host device.
by mada3k
Sun Aug 09, 2020 2:11 pm
Forum: RouterBOARD hardware
Topic: MikroTik DC power 10Gb switch with lots of ports?
Replies: 5
Views: 1751

Re: MikroTik DC power 10Gb switch with lots of ports?

Yes, it should work to bypass the internal powersupplies, they often supply 12 or 24 volts.
by mada3k
Sat Aug 08, 2020 7:11 pm
Forum: RouterBOARD hardware
Topic: Edgerouter 4/6P/12/12P vs MikroTik RB3011/RB4011/CCR1009-7G-1C-1S+PC (Bell Fibe FTTH)
Replies: 2
Views: 4693

Re: Edgerouter 4/6P/12/12P vs MikroTik RB3011/RB4011/CCR1009-7G-1C-1S+PC (Bell Fibe FTTH)

Well, if you are aiming at such speeds (1Gbit+) then you probably can afford a better router. PPPoE introduces a lot of overhead unfortunally. I don't know any regular vendor that has offload-capability for this (the shitty ISP boxes may) Personally I'm stuck on Cable 100/10 (no ludicrous PPPoE alth...
by mada3k
Fri Aug 07, 2020 2:08 pm
Forum: RouterBOARD hardware
Topic: MikroTik DC power 10Gb switch with lots of ports?
Replies: 5
Views: 1751

Re: MikroTik DC power 10Gb switch with lots of ports?

How about CRS309-1G-8S+IN? Or you need is 10GBase-T ?
by mada3k
Fri Aug 07, 2020 2:06 pm
Forum: RouterBOARD hardware
Topic: 10Gb networking
Replies: 4
Views: 1329

Re: 10Gb networking

There is no specific "uplink"
by mada3k
Mon Aug 03, 2020 9:55 pm
Forum: RouterBOARD hardware
Topic: CCR Recommendation
Replies: 4
Views: 1613

Re: CCR Recommendation

Just as DHCP-server? Probably all of them :)
by mada3k
Mon Jul 20, 2020 12:28 pm
Forum: RouterOS v7 BETA
Topic: CRS317 routing speed with pppoe and L3 offloading
Replies: 6
Views: 1928

Re: CRS317 routing speed with pppoe and L3 offloading

It's insane with ISPs that use PPPoE in such speeds. Customers will spend most of their CPU resources to encap/decap packets. It's just sad.

Not sure that a CCR1009 will do it either. Maybe the RB4011 or new CCR2004 have the horsepower.
by mada3k
Mon Jul 20, 2020 10:44 am
Forum: General
Topic: Rogers now has 100G symmetrical Internet
Replies: 17
Views: 4330

Re: Rogers now has 100G symmetrical Internet

If you can spend the money on a 100Gbps Internet connection, then the cost of the router is no issue.
by mada3k
Sat Jul 18, 2020 12:58 pm
Forum: General
Topic: [Web interface] The WAN IP is not displayed if a VLAN is used.
Replies: 3
Views: 1691

Re: [Web interface] The WAN IP is not displayed if a VLAN is used.

Quickset is a "initial config"-tool. Not to be used for regular changes.
by mada3k
Fri Jul 17, 2020 10:33 am
Forum: RouterBOARD hardware
Topic: RB5011
Replies: 40
Views: 14087

Re: RB5011

Yes, the RB1100:s are strange, no SFP/Combo:s at all but -48V supply. And RB2011 is just old. However, I can see understand why the RB4011 has such a dumb switch-chip. Is not supposed to be used as a switch, only as a port-expander. But then the device is somewhat unsuitable for SoHo-usage. The CCR1...
by mada3k
Tue Jul 14, 2020 1:59 pm
Forum: Announcements
Topic: v6.47.1 [stable] is released!
Replies: 147
Views: 67099

Re: v6.47.1 [stable] is released!

Many other devices only have the bootloader in a 2-4MB SPI Flash, then loads the system from SD or eMMC.
by mada3k
Tue Jul 14, 2020 1:55 pm
Forum: RouterBOARD hardware
Topic: RB5011
Replies: 40
Views: 14087

Re: RB5011

I agree that something is missing between the RB4011 and CCR2004. The RB4011 is a bit more tilted against Home-usage. CCR2004 is a datacenter device. Or, your could make two variants of the same device. One with most Ethernets and DC-jack, one with mostly SFPs and telecom-power. Devices with everyth...
by mada3k
Mon Jul 13, 2020 10:18 am
Forum: General
Topic: CRS125 and VLAN on 1Gbps internet.. many questions
Replies: 13
Views: 2728

Re: CRS125 and VLAN on 1Gbps internet.. many questions

Verify that the traffic really is hardware switched (and not software bridged)... Look under /bridge ports and verify that all ports is "H".

But generally: No, CRS125 is not designed to handle 1Gbps of Firewall/NAT.
by mada3k
Sun Jul 12, 2020 7:36 pm
Forum: Forwarding Protocols
Topic: MPLS labels missing in traceroute output [SOLVED]
Replies: 8
Views: 2489

Re: MPLS labels missing in traceroute output [SOLVED]

No need to use Winbox. The MPLS information will show in both telnet and ssh, but the terminal has to be wide enough.
by mada3k
Sun Jul 12, 2020 7:14 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL Router for UK
Replies: 4
Views: 1759

Re: Mikrotik VDSL Router for UK

Nope, no devices with builtin xDSL or DOCSIS.

Use your current modem bridged or some passtrough mode.
by mada3k
Sun Jul 12, 2020 10:42 am
Forum: General
Topic: VoIP over EoIP
Replies: 2
Views: 940

Re: VoIP over EoIP

What is the reason for using EoIP? Do you need L2 connectivity between all the sites?

If the source addresses change, then you are probably doing some NAT somewhere, and SIP with NAT is always problems.
by mada3k
Sat Jul 11, 2020 10:44 am
Forum: General
Topic: Cannot download at 10 gbps [SOLVED]
Replies: 23
Views: 4824

Re: Cannot download at 10 gbps [SOLVED]

Not sure if it will affect performance, but since you are running the ports bridged, the ip-adress should be put on the bridge.

Like:
/ip address add address=10.3.0.254/24 interface=bridge1 network=10.3.0.0
by mada3k
Fri Jul 10, 2020 10:05 pm
Forum: General
Topic: Cannot download at 10 gbps [SOLVED]
Replies: 23
Views: 4824

Re: Cannot download at 10 gbps [SOLVED]

Well. The CCR10xx series is optimized for many-to-many connections (like in the real world), not maximum host-to-host communication. If you start additional 1-2 iperf sessions then I think you should be able to max it out. What kind of BS answer is that? The test results from MT clearly show the OP...
by mada3k
Fri Jul 10, 2020 10:14 am
Forum: General
Topic: Cannot download at 10 gbps [SOLVED]
Replies: 23
Views: 4824

Re: Cannot download at 10 gbps [SOLVED]

Well. The CCR10xx series is optimized for many-to-many connections (like in the real world), not maximum host-to-host communication. If you start additional 1-2 iperf sessions then I think you should be able to max it out.
by mada3k
Thu Jul 09, 2020 6:13 pm
Forum: RouterBOARD hardware
Topic: PPTP 1000Mbit - which router should I choose?
Replies: 6
Views: 1624

Re: PPTP 1000Mbit - which router should I choose?

Both PPTP and PPPoE is horrible slow. I think you need at least RB4011 or higher.
by mada3k
Wed Jul 08, 2020 12:46 pm
Forum: SwOS
Topic: Can CRS305 with swOS allow you to set sfp port specifically to 2.5g
Replies: 4
Views: 1935

Re: Can CRS305 with swOS allow you to set sfp port specifically to 2.5g

I would not expect to much from a USB based Ethernet adaptor, maybe if it's USB-C/Lightning-based.
by mada3k
Sat Jun 27, 2020 11:36 am
Forum: Announcements
Topic: MikroTik Newsletter June 2020 (#96)
Replies: 29
Views: 11290

Re: MikroTik Newsletter June 2020 (#96)

Great stuff!

GPEN21 looks interesting as very light CPE. Is it running SwOS och RouterOS?
by mada3k
Fri Jun 26, 2020 6:07 pm
Forum: RouterBOARD hardware
Topic: Wall mounted Acces point?
Replies: 7
Views: 1758

Re: Wall mounted Acces point?

I have my wAP AC on the wall. Works great.
by mada3k
Thu Jun 25, 2020 9:16 am
Forum: RouterBOARD hardware
Topic: CCR2004-1G-12S+2XS - Throughput Question
Replies: 13
Views: 3951

Re: CCR2004-1G-12S+2XS - Throughput Question

Somewhere there has to be a tradeoff. >50Gbps forwarding capability for $595 is still a bargain.
by mada3k
Wed Jun 24, 2020 9:10 am
Forum: General
Topic: ROS on A10 AX3400
Replies: 4
Views: 1294

Re: ROS on A10 AX3400

It's a bit sad with all custom appliance platforms, when the support/license runs out, then it's basically scrap. In some cases you can get a Linux-distro working but it's hard with the switch-chips (documentation/SDK is often under NDA).
by mada3k
Mon Jun 22, 2020 9:41 am
Forum: General
Topic: ROS on A10 AX3400
Replies: 4
Views: 1294

Re: ROS on A10 AX3400

Hah, I tried the same on some odd network appliance once, but could not get a link on any interfaces. There was some system-management chip that probably handed that.

All those ports is probably behind a switch-chip/asic and not detected/supported by RouterOS.
by mada3k
Sat Jun 20, 2020 3:14 pm
Forum: Scripting
Topic: Have I been hacked?
Replies: 7
Views: 2554

Re: Have I been hacked?

Either that, or some previous owner that used some home-made hotspot-provisioning scripts.

Make sure that you never expose WinBox, API or other services to Internet or users.
by mada3k
Fri Jun 19, 2020 12:00 pm
Forum: RouterBOARD hardware
Topic: Help me choose hardware for my home
Replies: 6
Views: 1508

Re: Help me choose hardware for my home

I have a similar setup.

I have tied the LTE-interface to a separate VRF and separate VLAN. That VLAN ends up in my main router, where it can be used as backup if needed.
by mada3k
Wed Jun 17, 2020 9:14 pm
Forum: RouterBOARD hardware
Topic: Please make a Gigabit Reverse PoE switch, with 14-24 PoE in ports, 1-2 PoE out ports, and a SFP(+) port
Replies: 6
Views: 2655

Re: Please make a Gigabit Reverse PoE switch, with 14-24 PoE in ports, 1-2 PoE out ports, and a SFP(+) port

Maybe Mikrotik will continue with an Gigabit-version. In fact, I see that problem in Sweden sometimes. Cable providers oversell capacity for dirt cheap on their lousy old long-payed-off coax-networks. Their network is often plauged with groundloops, weather-influence, irregular ping-times and regula...
by mada3k
Tue Jun 16, 2020 10:05 pm
Forum: RouterBOARD hardware
Topic: Random SFP question
Replies: 3
Views: 1084

Re: Random SFP question

Basically the most 1Gig SFPs work in a Mikrotik from my experience. I even managed to get old FibreChannel SFPs to run at 1 gigabit.

It's the opposite with 100M SFPs. Those requires certian capabilites in the host. Only a few devices supports 100M SFP, so avoid those if possible.
by mada3k
Tue Jun 16, 2020 9:52 pm
Forum: RouterBOARD hardware
Topic: Please make a Gigabit Reverse PoE switch, with 14-24 PoE in ports, 1-2 PoE out ports, and a SFP(+) port
Replies: 6
Views: 2655

Re: Please make a Gigabit Reverse PoE switch, with 14-24 PoE in ports, 1-2 PoE out ports, and a SFP(+) port

So basically a netPower 15FR with Gigabit and SFP+'s?

I can agree that releasing a 10/100 switch in 2019 is, a bit conservative. However I personally chosen to only have 100/100 at home. Haven't seen any need for anything above that.
by mada3k
Mon Jun 15, 2020 9:06 pm
Forum: Beginner Basics
Topic: CCR1009-7G-1C-1S+PC
Replies: 16
Views: 4057

Re: CCR1009-7G-1C-1S+PC

From experience I can tell that sometimes you need to specify combo-mode=sfp, and for 100M-SFP's you always need to set auto-negotiation=no and speed=100M manually. This is highly dependent on the SFP module used.
by mada3k
Fri Jun 05, 2020 8:59 pm
Forum: General
Topic: SFP modules for CCR1009-7G-1C-1S+
Replies: 1
Views: 733

Re: SFP modules for CCR1009-7G-1C-1S+

LC is the physical connector.

Single-mode or Multi-mode?

"Cisco LX" SFP's usually means 10km Single-mode.
by mada3k
Fri Jun 05, 2020 8:33 pm
Forum: RouterOS v7 BETA
Topic: v7.0beta8 [development] is released!
Replies: 180
Views: 73344

Re: v7.0beta8 [development] is released!

WOW. Thats som heavy features and updates :shock:
by mada3k
Wed Jun 03, 2020 6:05 pm
Forum: General
Topic: Compal CH7465LG-VM and RB4011iGS+5HacQ2HnD
Replies: 2
Views: 920

Re: Compal CH7465LG-VM and RB4011iGS+5HacQ2HnD

My experience with Compal DOCSIS modems it that when they loose the connection to the headend they switches over to a 192.168.100.0/24 range so you can access the web-admin-page, even when bridged. When the connection is restored it switches back to bridged mode (with the 192.168.100.1 address still...
by mada3k
Tue Jun 02, 2020 10:14 pm
Forum: Forwarding Protocols
Topic: MPLS - Labels dropping after outage
Replies: 6
Views: 1853

Re: MPLS - Labels dropping after outage

Are you using any LDP accept/advertise filters?
by mada3k
Tue Jun 02, 2020 9:45 pm
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 349
Views: 118340

Re: v6.47 [stable] is released!

Impressive amount of fixes and features.
by mada3k
Mon Jun 01, 2020 9:52 pm
Forum: RouterOS v7 BETA
Topic: Feature Request: Port Forwarding Wizard/Menu in GUI
Replies: 14
Views: 3364

Re: Feature Request: Port Forwarding Wizard/Menu in GUI

Exactly, if you want a edgemax, but an edgemax. If you want a D-Link, buy that.

It's better for RouterOS to focus on small/medium-ISP and datacenter features.
by mada3k
Mon Jun 01, 2020 7:49 pm
Forum: RouterBOARD hardware
Topic: netPower 16P max total power
Replies: 6
Views: 2018

Re: netPower 16P max total power

I agree, over a certain power level they really should use screw och block style terminals.
by mada3k
Sun May 31, 2020 12:15 pm
Forum: RouterBOARD hardware
Topic: Outdoor RouterBoard
Replies: 1
Views: 664

Re: Outdoor RouterBoard

It's always wise to avoid direct sunlight of course.

Probably not performance but high temperatures will generally decrease the overall lifetime of a device (capacitors will age faster, fans wear out).
by mada3k
Sat May 30, 2020 11:17 am
Forum: RouterBOARD hardware
Topic: CRS317-1G-16S+ is near to death strange log
Replies: 6
Views: 1446

Re: CRS317-1G-16S+ is near to death strange log

Sounds either that some process has died, or the filesystem has gone corrupted.
by mada3k
Wed May 27, 2020 6:24 pm
Forum: RouterOS v7 BETA
Topic: LTE APN with fix IP [SOLVED]
Replies: 16
Views: 6089

Re: LTE APN with fix IP [SOLVED]

Sounds a bit strange that it was shipped with beta software. Sure it hasn't been used before?
by mada3k
Mon May 25, 2020 1:15 pm
Forum: RouterBOARD hardware
Topic: Running hardware portably using DC battery power
Replies: 14
Views: 3506

Re: Running hardware portably using DC battery power

For mobility I would go for power-tool batteries as well. They are light and have great capacity.

SLA is for more suited for permanent installations where weight isn't an issue.
by mada3k
Fri May 22, 2020 9:43 pm
Forum: RouterOS v7 BETA
Topic: V7 questions?
Replies: 34
Views: 9668

Re: V7 questions?

Then you just need to mirror ports to the CPU to monitor the actual traffic.

Otherwise it sounds like you want to build a software based switch/bridge. This will be slow, power-consuming and costly.
by mada3k
Thu May 21, 2020 2:43 pm
Forum: RouterBOARD hardware
Topic: Running hardware portably using DC battery power
Replies: 14
Views: 3506

Re: Running hardware portably using DC battery power

I run a accesspoint and router on a 27.2V float charge voltage supply with two 12V SLA batteries. 2A battery fuse. Both the AP and router has voltage monitor and detects and logs and notifies when voltage drops and goes to low.

Mikrotik is very suitable in this kind of setups with varying DC supply.
by mada3k
Thu May 21, 2020 2:26 pm
Forum: RouterBOARD hardware
Topic: CRS326--CRS326, SFP+ only ~700mbit via 10gbit link. Slow performance or bottleneck?
Replies: 7
Views: 2240

Re: CRS326--CRS326, SFP+ only ~700mbit via 10gbit link. Slow performance or bottleneck?

Thats easy. The switch has not the CPU resources to generate or receive 10Gbps.

You have to test with two beefy servers with 10GbE-NICs and iperf.
by mada3k
Thu May 21, 2020 11:30 am
Forum: The Dude
Topic: Reading Syslog from MT [SOLVED]
Replies: 6
Views: 3054

Re: Reading Syslog from MT [SOLVED]

Have you enabled remote logging?

Example:
/system logging action
set remote remote=192.168.xxx.xxx
/system logging
add action=remote topics=info
add action=remote topics=warning
add action=remote topics=error
add action=remote topics=critical
by mada3k
Thu May 21, 2020 11:03 am
Forum: RouterBOARD hardware
Topic: CCR2004-1G-12S+2XS with more RAM ?
Replies: 15
Views: 5720

Re: CCR2004-1G-12S+2XS with more RAM ?

I agree with guipoletto. The cooling solution is a bit odd. Since both 25G and 10G SFP's might get quite hot, running fans is probably mandatory. But the running fans won't be able to cool the switch ASIC since it has it's fins/radiator on the back. This category of device isn't typically a devices ...
by mada3k
Mon May 18, 2020 7:34 pm
Forum: RouterBOARD hardware
Topic: Severe port flapping/reset/unstable in brand new RB4011iGS+5HacQ2HnD-IN
Replies: 2
Views: 992

Re: Severe port flapping/reset/unstable in brand new RB4011iGS+5HacQ2HnD-IN

Does the flapping occur if you disable the wireless?

I once had a routerboard that had frequent flaps, but it was the antenna that was placed to close to the board.
by mada3k
Sat May 16, 2020 6:25 pm
Forum: RouterBOARD hardware
Topic: hardware idea for a multiport switch
Replies: 79
Views: 38141

Re: hardware idea for a multiport switch

I've used them in a few buldings and while the idea and the hardware is great, their management software (nexman) is kind of mediocre. Many industrial and DIN-mounted stuff is horrible from a software and management perspective. The are mostly built to last and not be flexible. And you can't build ...
by mada3k
Sat May 16, 2020 11:13 am
Forum: RouterBOARD hardware
Topic: hardware idea for a multiport switch
Replies: 79
Views: 38141

Re: hardware idea for a multiport switch

Small DIN switches.. Wide input DC power. It'd be nice to be able to mount small switches on walls in closets, cabinets, backboards, industrial situations, etc...
+1
by mada3k
Sat May 16, 2020 10:20 am
Forum: RouterBOARD hardware
Topic: How to read registers of QCA8334 in RBFTC11 media convertor through UART?
Replies: 2
Views: 816

Re: How to read registers of QCA8334 in RBFTC11 media convertor through UART?

Not sure of what you are trying to accomplish. This is very out of scope for this forum, but maybe you will find what och seek in the switch chip datasheet
https://github.com/Deoptim/atheros/blob ... asheet.pdf
by mada3k
Fri May 15, 2020 9:06 pm
Forum: RouterBOARD hardware
Topic: Doubt about HW CRS [SOLVED]
Replies: 4
Views: 2153

Re: Doubt about HW CRS [SOLVED]

Of course you can. However you can expect ~20Mbit of IPsec performance on that models.

SwitchOS only supports switching, nothing else.
by mada3k
Fri May 15, 2020 8:30 pm
Forum: RouterBOARD hardware
Topic: Mikrotik Switch with 2,5G or 5G Ports.
Replies: 6
Views: 2695

Re: Mikrotik Switch with 2,5G or 5G Ports.

2.5G and 5G Ethernet is very uncommon.

CRS309-1G-8S+IN with DAC cables is the most sane choise.
by mada3k
Wed May 13, 2020 10:13 pm
Forum: RouterBOARD hardware
Topic: What is your opinion of Mikrotik routers?
Replies: 3
Views: 1666

Re: What is your opinion of Mikrotik routers?

+ Very wide feature-set. Extremely flexible devices. Wipes the floor with segment competitors in pure routing/mpls-features. + Many model to choose from. + Great CLI, tools and scripting! + DC-input and often wide on some models + Lightweight and usable Web-interface + Often very useful interface-mi...
by mada3k
Mon May 11, 2020 9:43 pm
Forum: RouterBOARD hardware
Topic: hAP ac (and some other new rotuers) too small flash
Replies: 62
Views: 22034

Re: hAP ac (and some other new rotuers) too small flash

Mikrotik has promised us that 16M will not be a obstacle for RouterOS 7 or upcomming features. It will, so let just hope that they will package different features wise.
by mada3k
Mon May 11, 2020 7:46 pm
Forum: RouterBOARD hardware
Topic: 10 GIG version of HEX
Replies: 7
Views: 2098

Re: 10 GIG version of HEX

I agree with andriys. CRS305-1G-4S+IN is almost perfect as a 10G CPE.
by mada3k
Sun May 10, 2020 8:35 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 368
Views: 147257

Re: Mikrotik VDSL / DSL Modem?

I don't think it's possible to fit a DOCSIS frontend in a regular SFP. DOCSIS also needs a fair bit of power for the RF-stuff.

Possible in a QSFP, but that would be ridiculous.
by mada3k
Sat May 09, 2020 1:42 pm
Forum: General
Topic: Low TCP throughput over EoIP set at 1500 mtu
Replies: 3
Views: 1171

Re: Low TCP throughput over EoIP set at 1500 mtu

Is the link capable of 1542 byte sized frames?
by mada3k
Sat May 09, 2020 12:04 pm
Forum: RouterBOARD hardware
Topic: Just going to leave this here...
Replies: 152
Views: 40432

Re: Just going to leave this here...

So instead of making this an architecture- or chip based problem, it is more like a product specification problem. Probably Cisco have a more rigid (and therefore sometimes more restrictive) featureset of products. But they do serve a different market too. That is true. Sometimes I suspect that Mik...
by mada3k
Fri May 08, 2020 8:38 pm
Forum: RouterBOARD hardware
Topic: RB5011
Replies: 40
Views: 14087

Re: RB5011

Just no.

If you need powerful WiFi, get a proper AP and place it properly.
If you need powerful switch or router, get a proper switch or router.

If you don't care but like fancy numbers and lot of antennas, get a Netgear or D-Link.
by mada3k
Fri May 08, 2020 8:12 pm
Forum: RouterBOARD hardware
Topic: Just going to leave this here...
Replies: 152
Views: 40432

Re: Just going to leave this here...

I would say yes and no. No, it doesn't matter if it's MIPS, PPC, ARMv7, ARMv8 etc. Yes, it does matter when the number of interfaces, power consumption, form-factor or performance is drastically changed [because of a SoC-change]. If your network rely on a device like that has a certain number of int...
by mada3k
Thu May 07, 2020 8:19 pm
Forum: RouterBOARD hardware
Topic: No LTE interface when router tethered to Android phone
Replies: 8
Views: 3422

Re: No LTE interface when router tethered to Android phone

A tethered Phone is not a LTE interface.

Is most often a USB CDC/EEM/NCM or smilar, and the compability will vary.
  • 1
  • 2