Community discussions

Search found 68 matches

  • 1
  • 2
by flameproof
Fri Jun 14, 2019 3:00 pm
Forum: General
Topic: Limit PPPoE flood after CCR reboot/link loss
Replies: 0
Views: 160

Limit PPPoE flood after CCR reboot/link loss

Hi, We have some CCR1016s running PPPoE servers, handling up to 800 sessions in one case. If the CCR reboots or the uplink to the RADIUS server etc. is lost, when things go back to normal, all clients want to connect, all at once. The RADIUS server is thus hit with hundreds of access & accounting re...
by flameproof
Mon May 20, 2019 9:20 am
Forum: RouterBOARD hardware
Topic: LtAP Kit no registration - Vodafone ES SIM
Replies: 2
Views: 324

Re: LtAP Kit no registration - Vodafone ES SIM

Thanks for the suggestion, I did notice the graphic with two SIMs and two small dots - it would be nice to have an extended manual for this device. However, this was not the issue, the SIM was recognized fine. I have got the LtAP to register, barely (121 link downs overnight!) doing: - Removed the h...
by flameproof
Mon May 20, 2019 1:37 am
Forum: Wireless Networking
Topic: wAP LTE Kit EU - Slow LTE speed
Replies: 67
Views: 11401

Re: wAP LTE Kit EU - Slow LTE speed

I have just received two units, testing for an order of ~30. Cannot even connect to the network. Cannot change to 3G, keeps reverting to LTE upon saving. Same SIM and settings as used in an SXT LTE which worked fine (within reason, it had to have a good view of a cell tower). I have a Linksys LTE ro...
by flameproof
Mon May 20, 2019 12:39 am
Forum: RouterBOARD hardware
Topic: LtAP Kit no registration - Vodafone ES SIM
Replies: 2
Views: 324

LtAP Kit no registration - Vodafone ES SIM

I have an oldish SXT LTE which has worked fine with a Vodafone Spain SIM card. I have ordered two LtAP Kit units, which has a followup order of 30 more to be used as backups on our remote sites. Nothing I have tried has gotten this device to register on the network. I have tried two other SIMs, same...
by flameproof
Wed Feb 13, 2019 11:55 am
Forum: RouterBOARD hardware
Topic: PowerBox powering options
Replies: 10
Views: 758

Re: PowerBox powering options

The PowerBox Pro has a self-consumption of 3.1W vs. less than 1W for the PowerBox. With the LightBeam and two UniFis connected, it's drawing 15W with no traffic, vs 11.5W of the PowerBox. It's also a lot more expensive :-)
by flameproof
Mon Feb 11, 2019 11:48 pm
Forum: RouterBOARD hardware
Topic: PowerBox powering options
Replies: 10
Views: 758

Re: PowerBox powering options

So, new results are in, with a super-duper-wondercable ordered from Amazon (20€). Cat6, 30m, supposedly "high quality". Measured resistance 5.8 ohms vs. 21 ohms from the grey cable. This time, the PowerBox PSU + injector keeps the three devices powered, even during the same speed tests on three devi...
by flameproof
Mon Feb 11, 2019 10:53 am
Forum: RouterBOARD hardware
Topic: PowerBox powering options
Replies: 10
Views: 758

Re: PowerBox powering options

Try these:

https://mikrotik.com/product/rbgpoe_con_hp

Or a power supply with 28/30v

Thanks for the suggestion, but this would add too much extra cost (converter + 48V injector + waterproof box on the roof).
by flameproof
Mon Feb 11, 2019 10:52 am
Forum: RouterBOARD hardware
Topic: PowerBox powering options
Replies: 10
Views: 758

Re: PowerBox powering options

Thanks for the comments! Check the specs of your wireless gear. If they can run on voltage higher than 24V (e.g. up to 48V), then go for 30V power supply (that's maximum that powerbox handles). The Ubiquiti gear won't take higher - well it might, but it may wear out the caps faster etc. This is also...
by flameproof
Mon Feb 11, 2019 1:35 am
Forum: RouterBOARD hardware
Topic: PowerBox powering options
Replies: 10
Views: 758

PowerBox powering options

Hi all, I'm testing the PowerBox for deployment on rooftops with a 30m Cat6 cable run from the 24V PoE injector into ETH1, then two UniFi Mesh APs + one LightBeam AC for backhaul, connected on ETH3 to ETH5. Measuring while directly powered via the barrel connector over a 50cm cable, setup works fine...
by flameproof
Thu Jan 17, 2019 6:34 pm
Forum: RouterBOARD hardware
Topic: RouterBOARD naming... not consistent!
Replies: 4
Views: 424

Re: RouterBOARD naming... not consistent!

Not wanting to change it, just have a consistent way of identifying a router model over SSH, without complicated regex...
by flameproof
Thu Jan 17, 2019 5:27 pm
Forum: RouterBOARD hardware
Topic: RouterBOARD naming... not consistent!
Replies: 4
Views: 424

Re: RouterBOARD naming... not consistent!

Have done so, model name remains the same. I thought it may have been in the firmware where v3.x had “old” naming and 4.x “new” based on RBxxxx, but looks to be fully baked in.
by flameproof
Thu Jan 17, 2019 4:44 pm
Forum: RouterBOARD hardware
Topic: RouterBOARD naming... not consistent!
Replies: 4
Views: 424

RouterBOARD naming... not consistent!

Hi all, We use an in-house App for provisioning CPEs, currently the hAP Lite model (RB941-2nD-TC). The App first identifies the device it's connecting to, to make sure we don't try to provision say an RB951 with the config parameters for the hAP Lite. We have found a discrepancy in what is returned ...
by flameproof
Tue Oct 02, 2018 10:37 am
Forum: General
Topic: Failover route fails to carry traffic upon primary failure
Replies: 7
Views: 428

Re: Failover route fails to carry traffic upon primary failure

@stoser how did you fix specifically? I believe the issue is how our masquerade is configured - we masquerade PPPoE to a specific upstream IP address, which of course breaks when the secondary route takes over, as the upstream IP range is different. I'm simulating all this in the lab but have a few ...
by flameproof
Fri Sep 28, 2018 12:43 pm
Forum: General
Topic: Failover route fails to carry traffic upon primary failure
Replies: 7
Views: 428

Failover route fails to carry traffic upon primary failure

Hi all, I have a CCR1016 configured with a default gateway on ETH1 (10.20.10.1), distance 1, check gateway via ping. Then, another route on ETH5 (10.20.16.1) with distance 2. When I disable the primary interface on the upstream router, the CCR correctly marks the primary route as unreachable, and ma...
by flameproof
Wed May 16, 2018 4:29 pm
Forum: RouterBOARD hardware
Topic: S-31DLC20DI vs S-31DLC20D
Replies: 0
Views: 442

S-31DLC20DI vs S-31DLC20D

Hi all,

We have ordered some S-31DLC20D SFP modules and received S-31DLC20DI instead. They seem to work fine, but they are physically different from other S-31DLC20D we have. I cannot find any differences on any website, and the S-31DLC20DI is not even on Mikrotik's site.

Anyone can shed some light?
by flameproof
Wed Apr 25, 2018 9:12 pm
Forum: General
Topic: Radius Problem with WebFig
Replies: 19
Views: 4120

Re: Radius Problem with WebFig

Apologies for reviving an old thread... but it's almost mid 2018, we're on 6.42.1, and RADIUS-based WebFig login still does not work . My RADIUS server is sending all the right replies. Log shows: Message RADIUS: MS-CHAP2-Success = 0x00533d35443744314535453536393636 Message user test.user logged in ...
by flameproof
Fri Sep 15, 2017 2:07 pm
Forum: RouterBOARD hardware
Topic: SXT LTE too low sensitivity? Not connecting
Replies: 8
Views: 888

Re: SXT LTE too low sensitivity? Not connecting

OK thanks, good to know. I have moved the antenna's location, and it now establishes a link to the cell:
Registered.png
Download 28Mbps, upload 3.5Mbps. I'm on 6.40.3. It would be really really nice to have some real-time tools eg. scan working :-)
by flameproof
Fri Sep 15, 2017 1:44 pm
Forum: RouterBOARD hardware
Topic: SXT LTE too low sensitivity? Not connecting
Replies: 8
Views: 888

Re: SXT LTE too low sensitivity? Not connecting

While we are at it - how long does a PLMN search cycle take? In order to align the antenna, on a normal SXT the LEDs are updated rather frequently - not sure how this works on the SXT LTE. I'd like to pan the SXT but I need to leave it for one full "cycle" before I can see the effect.
by flameproof
Fri Sep 15, 2017 1:42 pm
Forum: RouterBOARD hardware
Topic: SXT LTE too low sensitivity? Not connecting
Replies: 8
Views: 888

Re: SXT LTE too low sensitivity? Not connecting

So while we have 800MHz LTE, in this case the Android phone and TP-Link are connected to Band 3. I have checked with Field Test on iOS and it is connected to an 800MHz tower.
by flameproof
Fri Sep 15, 2017 12:53 pm
Forum: RouterBOARD hardware
Topic: SXT LTE too low sensitivity? Not connecting
Replies: 8
Views: 888

Re: SXT LTE too low sensitivity? Not connecting

The tower is on Band 3. These are the tower details as per the official government database:
Tower 735.png
Is there any way to get more details about the scanning / PLMN search progress?
by flameproof
Fri Sep 15, 2017 12:34 pm
Forum: RouterBOARD hardware
Topic: SXT LTE too low sensitivity? Not connecting
Replies: 8
Views: 888

SXT LTE too low sensitivity? Not connecting

I'm trying to get an SXT LTE connected to Vodafone Spain. It connects fine in areas with good signal, but I'm in a place where the nearest cell tower is 4km away. I have two phones connected, plus a TP-Link LTE "MiFi" router. One phone and TP-Link show "two bars", but the Android phone with LTE info...
by flameproof
Fri Sep 15, 2017 12:26 pm
Forum: Scripting
Topic: Stop a running background /tool fetch
Replies: 2
Views: 983

Re: Stop a running background /tool fetch

Thanks so much for this - we use Bandwidth Test for certain segments of the network, but we want to be able to test traffic under "real" conditions, passing traffic through all Mikrotik boxes in the chain. Other than having a device behind each SXT doing its own traffic (expensive!!) we chose to hav...
by flameproof
Thu Sep 14, 2017 12:43 pm
Forum: Scripting
Topic: Stop a running background /tool fetch
Replies: 2
Views: 983

Stop a running background /tool fetch

I have the following setup to do load testing: - An array of 20 SXTs - One mANT - A server behind the mANT On each SXT there is a script that when run, it starts 10 scheduler tasks which in turn start parallel /tool fetch commands to download (and discard) a 10 MB .zip. This works really nice, but I...
by flameproof
Fri Sep 01, 2017 10:22 pm
Forum: Wireless Networking
Topic: mANTBox 19s dropping speed to zero
Replies: 5
Views: 1138

Re: mANTBox 19s dropping speed to zero

We have tried all settings, it doesn't matter if the channel is free or not. We see this on quite clean links. It'd be nice to have a spectrum analysis tool like Ubiquiti has in AirOS 8...
by flameproof
Fri Sep 01, 2017 10:47 am
Forum: Wireless Networking
Topic: mANTBox 19s dropping speed to zero
Replies: 5
Views: 1138

Re: mANTBox 19s dropping speed to zero

The current config is: 0 R name="W_AP" mtu=1500 l2mtu=1600 mac-address=********* arp=enabled disable-running-check=no interface-type=Atheros AR9888 radio-name="*******" mode=ap-bridge ssid="********" area="" frequency-mode=manual-txpower country=no_country_set antenna-gain=0 frequency=5200 band=5ghz...
by flameproof
Thu Aug 31, 2017 6:04 pm
Forum: Wireless Networking
Topic: mANTBox 19s dropping speed to zero
Replies: 5
Views: 1138

mANTBox 19s dropping speed to zero

Hi all, I have an mANTBox 19s, with 19 connected SXT 5s, and I see the following, every so often the total throughput drops to zero. Have tried various combinations of HW retries, protection modes, etc. and see changes in throughput, but the drops are still there: Screenshot at Aug 31 17-02-14.png A...
by flameproof
Mon Jul 24, 2017 2:06 pm
Forum: Wireless Networking
Topic: RB client won't accept EAP-TTLS certificate from RADIUS
Replies: 5
Views: 784

Re: RB client won't accept EAP-TTLS certificate from RADIUS

Only ROS limitation is it needs the CA to contain the complete CA chain (on the server). But this is the case - my server is sending the full chain including the root CA that's used for the two intermediates. As they say, the proof is in the pudding, so I've gone out and spent $300 on two SSL certi...
by flameproof
Sun Jul 23, 2017 6:25 pm
Forum: Wireless Networking
Topic: RB client won't accept EAP-TTLS certificate from RADIUS
Replies: 5
Views: 784

Re: RB client won't accept EAP-TTLS certificate from RADIUS

I have been testing the RADIUS server further using eapol_test (found in wpa_supplicant). The SSL certificate chain sent by RADIUS is now correct: /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA...
by flameproof
Sun Jul 23, 2017 5:05 pm
Forum: Wireless Networking
Topic: RB client won't accept EAP-TTLS certificate from RADIUS
Replies: 5
Views: 784

Re: RB client won't accept EAP-TTLS certificate from RADIUS

Thanks for your input. I have investigated further, and find that NameCheap issues a bundle composed of: #1 COMODO RSA Certification Authority (as the root) #2 COMODO RSA Domain Validation Secure Server CA (issued by #1) But I have found that #1 is actually issued by AddTrust External CA Root, of wh...
by flameproof
Sun Jul 23, 2017 1:49 am
Forum: Wireless Networking
Topic: RB client won't accept EAP-TTLS certificate from RADIUS
Replies: 5
Views: 784

RB client won't accept EAP-TTLS certificate from RADIUS

Hi all, I'm stumped by this problem, I have some RB connecting as wireless clients to a RB AP running in EAP mode, against a RADIUS server. I am using signed certificates for a valid domain, so no self-generated ones. No matter what I try, RADIUS ends up throwing up this: Reply-Message = "EAP TTLS H...
by flameproof
Tue Jul 18, 2017 3:48 pm
Forum: Wireless Networking
Topic: SXT 5 ac PtP unstable link speeds
Replies: 7
Views: 938

Re: SXT 5 ac PtP unstable link speeds

Thanks for your input. I have to add we also tried the SXT HG5 ac, same result. Alignment is not the issue otherwise we would be incapable of aligning the NanoBeams too. Mikrotik needs a guide to maximize performance on their hardware, I keep finding posts here about it but they are unanswered or th...
by flameproof
Tue Jul 18, 2017 11:03 am
Forum: Wireless Networking
Topic: SXT 5 ac PtP unstable link speeds
Replies: 7
Views: 938

Re: SXT 5 ac PtP unstable link speeds

We have finally replaced the SXT 5s with NanoBeam ACs (19dBi versions) and the link is stable, with -60 to -62 dBm both sides. Throughput is stable, and our problems are solved. Our links from SXT 5 to mANTBox 19s are working much better for some reason.
by flameproof
Tue Jun 13, 2017 9:00 pm
Forum: Wireless Networking
Topic: SXT 5 ac PtP unstable link speeds
Replies: 7
Views: 938

Re: SXT 5 ac PtP unstable link speeds

Likely bad alignment. We have good LOS with no obstacles in the fresnel zone. On other grounds, if I change the TX power to one of the manual settings, its default value is 17dBm, whereas the SXT can reach 30. Does the "default" setting increase power above 17dBm? I have also noticed I cannot get a ...
by flameproof
Tue Jun 13, 2017 5:58 pm
Forum: Wireless Networking
Topic: SXT 5 ac PtP unstable link speeds
Replies: 7
Views: 938

SXT 5 ac PtP unstable link speeds

Hi all, I have a pair of SXT 5 ac pointed at each other, about 1,5km away. For reference a pair of NanoBeams would achieve links speeds of ~400Mbps at 80MHz. These two I can only get up to 50-80Mbps in one direction, and in the other the link goes down to "12 Mbps" bare, no width or other indication...
by flameproof
Tue May 30, 2017 6:11 pm
Forum: General
Topic: Passing traffic through external firewall and back into CCR
Replies: 0
Views: 272

Passing traffic through external firewall and back into CCR

Hi all, I have a bit of a weird situation. A CCR is serving hotspot users and PPPoE clients on one ethernet interface (ETH2), and has another ethernet interface configured as WAN uplink (ETH1). PPPoE sessions are encrypted, the CPE device being a hAP. Hotspot users are just coming in via various WiF...
by flameproof
Tue May 30, 2017 1:52 pm
Forum: Scripting
Topic: Getting realtime traffic speeds from interface
Replies: 3
Views: 847

Re: Getting realtime traffic speeds from interface

Thanks - this was a test using SSH before I move the code to use API. I'll test using API then.
by flameproof
Tue May 30, 2017 1:40 pm
Forum: Scripting
Topic: Getting realtime traffic speeds from interface
Replies: 3
Views: 847

Getting realtime traffic speeds from interface

Hi all, Trying to get realtime traffic speed on PPPoE interfaces on a CCR, and with /interface/monitor-traffic <interface> I get this: name: <pppoe-661806175A84> rx-packets-per-second: 121 rx-bits-per-second: 52.9kbps fp-rx-packets-per-second: 0 fp-rx-bits-per-second: 0bps rx-drops-per-second: 0 rx-...
by flameproof
Wed Feb 22, 2017 4:25 pm
Forum: General
Topic: traffik flow pre/post nat?
Replies: 4
Views: 792

Re: traffik flow pre/post nat?

The thread is a bit old, but I'm having similar issues. I'm trying to collect using nProbe + ntopng, and I see that v9 and IPFIX flows contain post-NAT address information, but this seems to be ignored by nProbe/ntopng - did you ever find a solution? I'm having the same problem whereby clients appea...
by flameproof
Mon Feb 20, 2017 1:29 pm
Forum: General
Topic: Simple queue puts interface at queue limit
Replies: 0
Views: 686

Simple queue puts interface at queue limit

Hi all, Having a weird issue, it may be related to my limited understanding of queues (so far, learning fast...). I have a hotspot setup on a bridge interface, and on the hotspot server profile, Rate Limit set to 18M/18M. Users are auth'd via RADIUS, and given a rate limit of 1M/1M. Thus, I see one ...
by flameproof
Tue Feb 14, 2017 10:59 am
Forum: General
Topic: RB as upgrade source deletes files upon reboot
Replies: 1
Views: 367

RB as upgrade source deletes files upon reboot

Hi all, I'm using an hAP ac to provision hAP Lite CPEs we deploy, and part of that is upgrading the hAP's firmware. I upload the firmware files (smips) to the hAP ac, set the upgrade source on the Lite, it all works beautifully. However, if I reboot the hAP ac, the files uploaded are deleted. Is the...
by flameproof
Wed Jan 18, 2017 7:41 am
Forum: Wireless Networking
Topic: spectral-scan saved file format?
Replies: 19
Views: 3635

Re: spectral-scan saved file format?

On the tool itself, not likely to go on Github as it's internal to our company, but I can post a file format description & and example on how to read it. The file itself is not completely reverse-engineered, I was only interested in reading the RSSI samples, so anything such as frequency mapping of ...
by flameproof
Fri Jan 13, 2017 8:14 am
Forum: RouterBOARD hardware
Topic: SXT LTE wont find any networks. Broken?
Replies: 24
Views: 9283

Re: SXT LTE wont find any networks. Broken?

Just to contradict the user from Spain, I have an SXT LTE working on Vodafone, the signal is low but that's what I also get on my mobile - Vodafone doesn't have good LTE coverage here. With this signal I still get 19Mbps down, 12Mbps up.
SXT LTE Vodafone.png
by flameproof
Thu Jan 12, 2017 2:36 pm
Forum: Wireless Networking
Topic: spectral-scan saved file format?
Replies: 19
Views: 3635

Re: spectral-scan saved file format?

And a couple more screenshots, one showing a noisy scan, the other an AP doing somewhat intelligent reselection.
RF scan noisy.png
Reselection OK.png
by flameproof
Thu Jan 12, 2017 2:35 pm
Forum: Wireless Networking
Topic: spectral-scan saved file format?
Replies: 19
Views: 3635

Re: spectral-scan saved file format?

So, I finally managed to reverse-engineer the file format, to the extent that I can consistently read and interpret the results of spectral scans. I've now deployed on our network via a custom-made tool, which connects to each AP once an hour, runs the scan for 5 seconds, downloads the file, and pro...
by flameproof
Tue Dec 13, 2016 8:00 am
Forum: Wireless Networking
Topic: spectral-scan saved file format?
Replies: 19
Views: 3635

Re: spectral-scan saved file format?

I was fully aware of that URL and the posts pointing to it. However, after asking said forum member, I was told I could get 5 API calls per day and anything higher it would be paid-for. I need to process hourly readings from 55 APs, so it was going to get expensive fast. It became cheaper for me to ...
by flameproof
Wed Dec 07, 2016 11:13 am
Forum: Wireless Networking
Topic: spectral-scan saved file format?
Replies: 19
Views: 3635

Re: spectral-scan saved file format?

So I have emailed Mikrotik asking for the file format, with the aim of creating a tool to automate the collection and parsing of spectral scans from our AP deployment. We are having bad noise issues so we want to see if there are patterns, wether it's constrained to certain locations, etc. Our topol...
by flameproof
Wed Sep 21, 2016 1:13 pm
Forum: Wireless Networking
Topic: Nv2 Lite5 ac + mANT 19s stuck at 6Mbps
Replies: 1
Views: 582

Re: Nv2 Lite5 ac + mANT 19s stuck at 6Mbps

Nobody has seen this happen before? Anyone from Mikrotik?
by flameproof
Wed Sep 07, 2016 11:45 am
Forum: RouterBOARD hardware
Topic: mAP lite
Replies: 58
Views: 19273

Re: mAP lite

So, we're considering this for a WISP-type deployment, where we cable apartment buildings using the mAP Lite as the end-user device. Our big issue is when we have to mass-configure them - we currently have an auto-config system that does firmware upgrade, configuration, insert into inventory, etc. e...
by flameproof
Wed Sep 07, 2016 11:09 am
Forum: Wireless Networking
Topic: Nv2 Lite5 ac + mANT 19s stuck at 6Mbps
Replies: 1
Views: 582

Nv2 Lite5 ac + mANT 19s stuck at 6Mbps

Hi all, I'm connecting (in the lab) an SXT Lite5 ac to an mANT 19s, in Nv2 mode, and I'm only able to achieve a 6Mbps link. Bandwidth test shows 45Mbps throughput in TCP mode 50 connections, bidirectional. I've left things mostly as defaults, and tried in AC-only and A/N/AC mode too, and tweaking ra...
by flameproof
Thu May 26, 2016 3:12 pm
Forum: Announcements
Topic: MikroTik News May 2016 (Issue #72)
Replies: 26
Views: 21530

Re: MikroTik News May 2016 (Issue #72)

Quick one on the wAP. We run 2.4GHz 912s with a 5GHz board, using the 5GHz for connecting to backhaul, and the 2.4 to give client access. The 2.4 and 5GHz segments are effectively bridged, creating a flat transparent network all the way back to a CCR running the hotspot service. Would the wAP suppor...
  • 1
  • 2