Hello, I created a simple ubuntu server image with just ssh server running on it. It is for CHR. URL for image repo https://hub.docker.com/r/okazdal/ubuntu-ssh-server After properly enabling container and setting up veth interfaces and disks, you can use it like this: /container config set registry-...

Hi! Thats great! Is there any possibility to use the docker-container as iperf3-client? My main usage for iperf would be checking LTE-connections (NAT by provider). Thank you and best wishes Stril That could be done. Same image can also be used as iperf3-client Check out https://hub.docker.com/r/ta...

For amd64 you just need to modify 'docker pull' command like this:

You can view image built for different architectures on this link
https://hub.docker.com/r/taoyou/iperf3- ... st_updated

Hello guys, After 7.1rc3 launch yesterday with Docker support. I wanted to try to run an iperf3 server on my RB4011. docker pull taoyou/iperf3-alpine@sha256:e792a52a949ed14f594c611b1446e40e8318d19c48204c485eda1f951341c10c docker save taoyou/iperf3-alpine > iperf.tar I followed https://help.mikrotik....

Hello,

!) tile - improved overall system performance and stability ("/system routerboard upgrade" required);

Any details about tile improvement?

Regards,

Hello, thank you for rapid response with the patch.

But I'm not seeing 6.39.3 as available update for my router.
It just shows v6.39.2 (stable) as current version, and no packages are available at auto-upgrade section. Is there a reason?

Hi,
6.39.3 is on bugfix channel.

Osman Kazdal

Hi,
This means you do not have any NAT rule on your router.

Hi,
Can you export your NAT table and paste the output here?

/ip firewall nat export

Hi,

1. Yes, I think it will apply to both. LAN transfer might use more cpu though.
2. In that case, I would use CAPsMAN forwarding. It is much simpler with CAPsMAN forwarding.

Osman

Hi, Consider this setup: MikroTik gateway - CAPsMAN running --------------- AP ------------- DSL modem for some special connection I have 2 subnets on main MikroTik gateway. Both MikroTik gateway and DSL modem have internet. But, I want to use DSL for some special needs. I want to setup 3 different ...

Hi, First, disable (carefully) all firewall forward rules and try pinging. If it is working, I am just guessing here, just add following two rules above of your forward rule /ip firewall filter add action=drop chain=forward connection-nat-state="" connection-state=invalid add action=accept...

Hi,
I have two questions:
- Are PPPoE client devices MikroTik?
- What do you have on your main router on your NAT table?

Osman

Hi,
VRF means Virtual Routing and Forwarding. It is one of the main services that you can use with MPLS.
There is very good documentation about it on wiki.
https://wiki.mikrotik.com/wiki/Manual:V ... Forwarding

Hi,
You should analyse the traffic. From what you explained, it sounds like there might be an attack on your router.
- You should filter and drop all unnecessary traffic from your WAN.
- Check Tools -> Profile to see how your CPU utilisation is.

Osman Kazdal

Hi, If you want LAN1 to use WAN1 and LAN2 to use WAN2, you should configure policy routing. https://wiki.mikrotik.com/wiki/Policy_Base_Routing If you want to configure load balancing, RouterOS has many load balancing methods, I would suggest PCC. https://wiki.mikrotik.com/wiki/Manual:PCC Osman Kazdal

Hello, We are a consulting company from Turkey. We have customers from very different sectors, banks, global electronics manufacturers, universities, ISPs, etc... We use MikroTik routers with all of them. We use it mainly as firewall and hotspot. We use CAPsMAN as WiFi controller. In a university, w...

Hi,
I think you should download trafr from http://mikrotik.com/download

Hi, I quickly checked out Maltrail documentation. I think you should set up a mirror port and connect your sensor to that port. Streaming will not help you. Streaming uses tzsp format to send traffic data. Check out https://wiki.mikrotik.com/wiki/Ethereal/Wireshark Maybe you can use streaming with t...

Hi again, You can see them all on IP -> Neighbors window. But Sob's way is easier. There is also much better way, assuming your access points are all MikroTik, just implement CAPSMAN, this way you don't even need to set IP addresses on your access points and you can manage updates and all wireless c...

Hello,
This is totally normal. You should add arp entries for all 9 access points manually on your IP -> Arp table.
Just find out their MAC addresses and add necessary ARP entries.

Osman Kazdal

Hi, First of all, chain input is to protect the router itself and chain forward is to protect your clients / servers. You do not need "Drop DNS queries from WAN" rule if you have "Drop everything else" rule. But be careful about dropping everything since you might lose layer 3 co...

Hi again, I would suggest you watch MUM presentations by Tom Smyth and Wardner Maia. Their presentations are a great start to give you pointers and ideas about what you should do against DDoS. Below are the links to their presentations. I think you can also find videos. https://mum.mikrotik.com//pre...

Hello, You should check if Simple Queues are limiting your connection speed. You can do so by checking traffic tab in your simple queue configuration. If so, you should add one more simple queue with target and destination addresses and give a higher limit, possibly 1000Mbps. Try to create a new sim...

Hello, You can have MikroTik work as a layer 3 stateful firewall. And I must add it is a very good stateful firewall. I have many customers who replaced their Cisco ASA with a CCR MikroTik router. DDOS and intrusion prevention depends on the kind of the attack. You have very good tools to fight agai...