Community discussions

MikroTik App

Search found 639 matches

by p3rad0x
Fri Feb 16, 2024 11:57 am
Forum: Forwarding Protocols
Topic: OSPF link change causes all BGP sessions to drop
Replies: 7
Views: 874

Re: OSPF link change causes all BGP sessions to drop

So I may have found the culprit here. Static blackhole routes with distance 1 to prevent routing loops. Because the is public addresses on the ospf interfaces and I'm blackholing /24's. As soon as there is a link state change for a split second(i assume all the routes gets withdrawn) then it looks l...
by p3rad0x
Thu Feb 15, 2024 7:29 pm
Forum: Forwarding Protocols
Topic: OSPF link change causes all BGP sessions to drop
Replies: 7
Views: 874

Re: OSPF link change causes all BGP sessions to drop

The ospf only propagates loopback addresses and the point to point addresses between routers.
BGP is handling our public /24s and announces a default route
by p3rad0x
Thu Feb 15, 2024 12:33 pm
Forum: Forwarding Protocols
Topic: OSPF Transit Fabric - Issues with OSPF/BGP Drops
Replies: 2
Views: 878

Re: OSPF Transit Fabric - Issues with OSPF/BGP Drops

Interesting, suddenly seeing the same behaviour.

viewtopic.php?t=204591
by p3rad0x
Thu Feb 15, 2024 11:41 am
Forum: Forwarding Protocols
Topic: OSPF link change causes all BGP sessions to drop
Replies: 7
Views: 874

Re: OSPF link change causes all BGP sessions to drop

The very first small step ... try to catch logs with external syslog to spot what's happening. After sending ospf and bgp to a remote logging server I noticed something(no link has dropped yet, I need to manually simulate a failure to test) Link State Update x.x.x.x -> 224.0.0.5 on vlan1011 some of...
by p3rad0x
Thu Feb 15, 2024 8:00 am
Forum: Forwarding Protocols
Topic: OSPF link change causes all BGP sessions to drop
Replies: 7
Views: 874

OSPF link change causes all BGP sessions to drop

Good morning everyone. I'm experiencing a ospf issue i have never seen before. We have a 1072 that was running a fairly old ROS running solid for the last past years. There are 3 10G links to the datacentre and I use OSPF with BFD to peer to the loopback of the core router in the DC. Now the issue I...
by p3rad0x
Thu Jul 20, 2023 11:10 am
Forum: Announcements
Topic: v6.49.8 [long-term] is released!
Replies: 49
Views: 67977

Re: v6.49.8 [stable] is released!

ROS 6 CVE-2023-30799
https://nvd.nist.gov/vuln/detail/CVE-2023-30799
Actual ???
I see 6.49.8 is showing longterm, and 6.49.7 stable. Strange
by p3rad0x
Thu Jul 13, 2023 3:06 pm
Forum: Beginner Basics
Topic: Problems with CCR-1016 12G
Replies: 2
Views: 873

Re: Problems with CCR-1016 12G

Hello. I had one RB3011 on a branch office, the router was working fine but due to an increase of the users i decided to change it with a Cloud Core. I configured the Cloud Core identically as the 3011, but even with the same configuration i am having troubles. with my Unify Controller. Everything ...
by p3rad0x
Thu Jul 13, 2023 2:57 pm
Forum: Beginner Basics
Topic: Access modem behind mikrotik
Replies: 5
Views: 1249

Re: Access modem behind mikrotik

You will need to add the 192.168.1.x/24 network on the Mikrotik bridge interface, not ether 1.

Also remove the
/ip arp
add address=192.168.1.254 interface=ether1 mac-address=1C:57:3E:79:16:8F
Then you should be able to login/ping the modem from the 10.0.0.0/24 network
by p3rad0x
Thu Jul 13, 2023 2:50 pm
Forum: Scripting
Topic: pppoe-out interface auto disconnect huge problem all traffic stop
Replies: 13
Views: 2773

Re: pppoe-out interface auto disconnect huge problem all traffic stop

i'm wondering how this even work This is magic that most Mikrotik experts not known. This is self-made engineering This is not magic, I believe its a overcomplicated solution for a simple problem. PPPoE session that disconnects and not automatically reconnect could be high CPU usage on your device(...
by p3rad0x
Wed Jul 05, 2023 11:09 am
Forum: General
Topic: CCR2116-12G-4S+ Lockups
Replies: 0
Views: 514

CCR2116-12G-4S+ Lockups

Good day all, I have a CCR2216 that seems to have a issue. It functions as a second NAT router on our network. When we first installed it a couple of months back it was on 7.6 and locked up a few days later, with minimum config and no traffic passing. After a hard reboot it comes back to life. It wa...
by p3rad0x
Thu Jun 29, 2023 12:48 pm
Forum: Beginner Basics
Topic: Cannot port forward through dstnat
Replies: 10
Views: 1755

Re: Cannot port forward through dstnat

Are you getting a public IP address from your ISP?

Your dst-nat rules seems to be correct, but you can add your public IP address in the dst-address=
by p3rad0x
Thu May 25, 2023 4:37 pm
Forum: Announcements
Topic: v7.9.1 [stable] is released!
Replies: 59
Views: 18171

Re: v7.9.1 [stable] is released!

BFD support would be nice
by p3rad0x
Fri Feb 10, 2023 12:06 pm
Forum: Beginner Basics
Topic: Creating LAN for ether 1 and 2 [SOLVED]
Replies: 2
Views: 459

Re: Creating LAN for ether 1 and 2 [SOLVED]

It has been years since I used a RB450g. Back in the day I could remember that our RB1200's did not have any default config and its possible that its the same with the 450g running older versions of winbox. So in order to create a so called LAN on 2 ports you need to do the following. First create a...
by p3rad0x
Fri Feb 10, 2023 11:54 am
Forum: Beginner Basics
Topic: Forward port 80 on wan to 192.168.1.10:80 from outside and inside networks [SOLVED]
Replies: 11
Views: 3265

Re: Forward port 80 on wan to 192.168.1.10:80 from outside and inside networks [SOLVED]

You can setup a hairpin NAT for this.

/ip firewall nat chain=src-chain src-address=192.168.1.0/24 dst-address=192.168.1.0/24 out-interface={Your lan facing interface or bridge} action=masquerade 
by p3rad0x
Fri Feb 10, 2023 11:48 am
Forum: Beginner Basics
Topic: Public IP assignment via L2TP
Replies: 7
Views: 1425

Re: Public IP assignment via L2TP

If you are not using multiple routing tables on the client side then try the following. On the l2tp client tick add default route. The client should now have a default routes pointing to the l2tp and the ethernet1 interface. Add a static route for your management space and make the gateway the same ...
by p3rad0x
Fri Feb 10, 2023 11:40 am
Forum: Beginner Basics
Topic: Firewall ether1 - pppoe - vlan7
Replies: 4
Views: 685

Re: Firewall ether1 - pppoe - vlan7

Good day, I'm I correct in saying that your DSL modem is connecting to port 1 on the mikrotik. VLAN7 has been assigned to the interface and VLAN7 is the interface for the PPPoE? If this is the case I would say only worry about VLAN7 and the PPPoE. Add vlan7 and the pppoe into your WAN interface list...
by p3rad0x
Fri Feb 10, 2023 11:21 am
Forum: General
Topic: CCR2216-1G-12XS-2XQ + CRS312-4C+8XG-RM with gigabit connections is way off in speed
Replies: 13
Views: 1570

Re: CCR2216-1G-12XS-2XQ + CRS312-4C+8XG-RM with gigabit connections is way off in speed

I wonder if it has something to do with the CCR2216. The ports is 2x 100G and 12x 25G ports. You can try to disable the auto neg on the ports between your router and switch and set it to 10G I have a CCR2216 , CRS326 and a RB5009 on my table. I can try and reproduce the issue as soon as i find the t...
by p3rad0x
Fri Feb 10, 2023 11:12 am
Forum: General
Topic: Graphing 100% cpu usage
Replies: 9
Views: 2249

Re: Graphing 100% cpu usage

Hi, on my CRS there is no space-Limit. What can be the source of the Problem? I need graphing...but no 100% CPU Usage of this after a time... and rebott every night is no option. Christian The built in mikrotik graphing is terrible. If you 100% need it it would be best to setup a server with someth...
by p3rad0x
Fri Feb 10, 2023 11:09 am
Forum: General
Topic: Can I use hEX S as VLAN Switch + Router (300 Mbit/s)?
Replies: 9
Views: 960

Re: Can I use hEX S as VLAN Switch + Router (300 Mbit/s)?

One thing to keep in mind is that routers route and switches switch. In most cases you can use one mikrotik to do it all but it does not scale well.

Why not get the HEX S and a CRS326 for your switching needs
by p3rad0x
Fri Feb 10, 2023 11:04 am
Forum: General
Topic: Do i need a static IP for any VPN setup? [SOLVED]
Replies: 12
Views: 3607

Re: Do i need a static IP for any VPN setup? [SOLVED]

You don't need a public static address for each branch. Depending on your needs you can get it setup with only 1 location having a static public address eg the Head office. Setup the VPN server at the head office and connect all the clients to it. for 58 branches you can setup OSPF or BGP to redistr...
by p3rad0x
Wed Jan 11, 2023 8:48 am
Forum: General
Topic: Visit To Test PPPOE [SOLVED]
Replies: 9
Views: 1521

Re: Visit To Test PPPOE [SOLVED]

/tool bandwidth-test
by p3rad0x
Fri Jan 06, 2023 11:45 am
Forum: Beginner Basics
Topic: How many networks can be added to the CCR 1036
Replies: 4
Views: 592

Re: How many networks can be added to the CCR 1036

I'm confused,

Do you want to advertise the 500 + /23 blocks to your ISP?

Is this public /23 blocks assigned to you?
by p3rad0x
Thu Dec 22, 2022 11:37 am
Forum: General
Topic: Graphing 100% cpu usage
Replies: 9
Views: 2249

Re: Graphing 100% cpu usage

Hi there,
we had same problem on CCR1036. we do everyday reboot at 04:00 AM.
After exchange for CCR2116 problem has gone.
Now we had same problem again on other CCR2116.
Anybody find solution without reboot?
Well the answer for me was to just disable graphing on the device. Problem solved.
by p3rad0x
Thu Dec 22, 2022 11:34 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 632147

Re: Feature requests

Not sure if this is supported or I am being an idiot.

Handing out /32 dhcp leases using radius and unnumbered interfaces.

currently using dhcp lease script to add the correct address and network in the address table of the dhcp server
by p3rad0x
Thu Dec 22, 2022 11:20 am
Forum: General
Topic: CRS305 Poor VLAN Performance
Replies: 20
Views: 1580

Re: CRS305 Poor VLAN Performance

Are you seeing high CPU usage while testing? it could be that the hw offloading is not working properly
by p3rad0x
Thu Dec 22, 2022 11:16 am
Forum: General
Topic: Router "dies" after 10 exact minutes
Replies: 18
Views: 1752

Re: Router "dies" after 10 exact minutes

CPU usage quite high for the amount of traffic passing over it. did you try to login using mac-telnet to see if it still disconnects you?
by p3rad0x
Thu Dec 22, 2022 10:42 am
Forum: General
Topic: NO WAY?! AI writes Mikrotik-Scripts...
Replies: 23
Views: 3130

Re: NO WAY?! AI writes Mikrotik-Scripts...

The AI has "MTUNA", but is still unable to set the wireless mode correctly?
by p3rad0x
Thu Dec 22, 2022 10:32 am
Forum: General
Topic: Login with Default Admin and No Password is Failing
Replies: 27
Views: 18562

Re: Login with Default Admin and No Password is Failing

The default admin with a blank password is the only default password.

Best will be to do the netinstall without the default config, then config it from there.
by p3rad0x
Thu Dec 22, 2022 10:29 am
Forum: General
Topic: How loud is the CCR2216-1G-12XS-2XQ? Are there fan curves?
Replies: 1
Views: 381

Re: How loud is the CCR2216-1G-12XS-2XQ? Are there fan curves?

All the mikrotik CCRs are very quite compared to vendors like cisco.

If there is airflow in the cabinet then the desk users should not notice it at all
by p3rad0x
Fri Nov 18, 2022 11:32 am
Forum: General
Topic: Switch crs317-1g-16s+RML6 cant handle 2 Gb of traffic
Replies: 12
Views: 935

Re: Switch crs317-1g-16s+RML6 cant handle 2 Gb of traffic

Switches switch, routers route. CRS is not designed to be a router. Rather get a small CCR or RB4011/5009
by p3rad0x
Wed Jul 20, 2022 3:55 pm
Forum: Scripting
Topic: Automation Scripting with ansible
Replies: 0
Views: 722

Automation Scripting with ansible

Good day, This may seem a bit far fetched. Running ansible scripting to push config to devices that has an IP address is pretty simple enough, but I want to automate the assigning IP addresses to devices on specific vlan interfaces. So the plan is, setup the basic IP and gateway config on the main r...
by p3rad0x
Thu Jun 24, 2021 9:15 pm
Forum: General
Topic: Graphing 100% cpu usage
Replies: 9
Views: 2249

Graphing 100% cpu usage

Good day, I have a interesting issue with a CRS326-24S+2Q+ that is sitting pegged at 100% usage. Running the profiler shows that its graphing taking up all the CPU. Thing is, there is no graphing setup on this device. Rebooting it solves the issue, but after a few weeks the problem returns. Also dis...
by p3rad0x
Sat Dec 05, 2020 6:21 pm
Forum: Beginner Basics
Topic: Mikrotik Default Hotspot Radius Server
Replies: 1
Views: 424

Re: Mikrotik Default Hotspot Radius Server

Hi,

you can use user manager for hotspot and radius on mikrotik

https://wiki.mikrotik.com/wiki/Manual:User_Manager
by p3rad0x
Sat Dec 05, 2020 6:19 pm
Forum: Beginner Basics
Topic: mangle rule - prerouting
Replies: 1
Views: 647

Re: mangle rule - prerouting

Hi,

in your mangle rule you are using-out interface.

Packet will only get marked when data is leaving the port.

Try using in-interface as eth10 for a start.

If eth10 is in a bridge then you are going to have issues
by p3rad0x
Sat Dec 05, 2020 6:14 pm
Forum: General
Topic: Vlan Interface Drops?
Replies: 2
Views: 703

Re: Vlan Interface Drops?

Are you seeing any FCS errors in the log file ?

if so it could be a physical issue like a network cable or the port on the switch
by p3rad0x
Sat Dec 05, 2020 6:11 pm
Forum: General
Topic: ONU not connected through PPPOE
Replies: 2
Views: 607

Re: ONU not connected through PPPOE

It could be that no local IP address is defined in the ppp profile.

In that case the pppoe will connect but wont get any ip address
by p3rad0x
Mon Jun 29, 2020 12:26 pm
Forum: Scripting
Topic: Export specific address list
Replies: 2
Views: 4678

Re: Export specific address list

I can send the address list to Splunk using script. On Splunk you can do a lot of stuff with it. What is your goal?
I want to use it for non-payer IP's on a second router
by p3rad0x
Fri Jun 26, 2020 12:13 pm
Forum: Scripting
Topic: Export specific address list
Replies: 2
Views: 4678

Export specific address list

Good day all, I need to export a specific address list that contains over a 1000 entries. then fetch the file using FTP and upload it to a different router. Fetching a file via FTP works 100% but exporting the specific address list is being a pain. I followed this post https://forum.mikrotik.com/vie...
by p3rad0x
Sun Dec 29, 2019 8:50 am
Forum: General
Topic: Cannot Access mikrotik.com
Replies: 1
Views: 998

Cannot Access mikrotik.com

Good day, For the past 12 hours we have been unable to access anything at mikrotik.com over IPV4, V6 works just fine. Before you say its MTU or DNS please take a look at this traceroute. [CWN@CWN-BGP1-TeracoJHB] > tool traceroute src-address=102.164.1.0 address=159.148.172.226 # ADDRESS LOSS SENT LA...
by p3rad0x
Tue Apr 23, 2019 12:57 pm
Forum: General
Topic: Ping Loss at line 9
Replies: 6
Views: 1699

Re: Ping Loss at line 9

Do you get any timeouts if you use just normal icmp and not trace route?
by p3rad0x
Tue Apr 23, 2019 12:10 pm
Forum: Beginner Basics
Topic: no ping from lan to wan and router to wan
Replies: 2
Views: 945

Re: no ping from lan to wan and router to wan

Maybe check your filter rules if you are dropping icmp on the forward chain
by p3rad0x
Tue Apr 23, 2019 12:05 pm
Forum: Beginner Basics
Topic: internet not working despite pingable addresses
Replies: 10
Views: 1876

Re: internet not working despite pingable addresses

This sounds like a nat rule not setup correctly.

Can you post your config so we can check it?
by p3rad0x
Thu Feb 28, 2019 11:50 am
Forum: General
Topic: pppoe falls constantly
Replies: 2
Views: 1191

Re: pppoe falls constantly

Are they directly connected to that tick or some ware on your bridged network
by p3rad0x
Thu Feb 28, 2019 8:50 am
Forum: General
Topic: Connecting two Hex POE or S via fiber
Replies: 15
Views: 3001

Re: Connecting two Hex POE or S via fiber

I don't think there is anything extra you may want to do.

Maybe add some Filter rules to drop traffic from their subnet to your
by p3rad0x
Thu Feb 28, 2019 8:46 am
Forum: General
Topic: inconsistent speeds across mulitple hops [SOLVED]
Replies: 3
Views: 1817

Re: inconsistent speeds across mulitple hops [SOLVED]

Hi,

Is all that ubnt links connecting at 1G FD.

If one end of the link is 1G and the far side is only 100M you can run into flow issues that kills TCP
by p3rad0x
Thu Feb 28, 2019 8:41 am
Forum: General
Topic: Firewall in Access Points
Replies: 8
Views: 2388

Re: Firewall in Access Points

I would create a management VLAN for them.

Then just disable the mac server on the client side facing interfaces and disable forwarding on the ap's/
by p3rad0x
Thu Feb 28, 2019 8:26 am
Forum: General
Topic: Internet-BGP-Firewall or Internet-FW-BGP
Replies: 2
Views: 1030

Re: Internet-BGP-Firewall or Internet-FW-BGP

Hi

I would suggest the BGP at the edge and the FW ccr as the core.

Provider <--> BGP CCR <--> FW CCR <--> Rest of your network
by p3rad0x
Thu Feb 28, 2019 8:22 am
Forum: Forwarding Protocols
Topic: MPLS/VPLS ECMP
Replies: 9
Views: 4672

Re: MPLS/VPLS ECMP

You cannot do this setup with LDP signaled VPLS (only one VPLS will be active), here is the example with BGP signaled VPLS: https://wiki.mikrotik.com/wiki/Transparently_Bridge_two_Networks_using_MPLS_extended Thanks that seems to work Only issue now is it creates dynamic interface, if one BGP drops...
by p3rad0x
Tue Feb 26, 2019 9:11 am
Forum: Forwarding Protocols
Topic: MPLS/VPLS ECMP
Replies: 9
Views: 4672

Re: MPLS/VPLS ECMP

Let's see the config. then. Are you sure the problem isn't at the other end of the link? Here we go R1 [admin@R1] > export /interface bridge add name=bridge1 add name=bridge2 /interface ethernet set [ find default-name=ether1 ] disable-running-check=no mtu=1580 set [ find default-name=ether2 ] disa...
by p3rad0x
Mon Feb 25, 2019 7:31 pm
Forum: Forwarding Protocols
Topic: MPLS/VPLS ECMP
Replies: 9
Views: 4672

Re: MPLS/VPLS ECMP

You have the same MAC address on both interfaces.
It is probably not a good idea to use Winbox's Copy facility for this, which is what I assume you did to end up with it like that.
Thanks, did not even realize.

Did create new interfaces now but still the same behavior
by p3rad0x
Mon Feb 25, 2019 12:46 pm
Forum: Forwarding Protocols
Topic: MPLS/VPLS ECMP
Replies: 9
Views: 4672

Re: MPLS/VPLS ECMP

You can make VPLS tunnel over each link and then add ECMP route to route over both tunnels. Thanks, I seem to ran into a different issue, Only the first tunnel will establish. I also tried manually specifying the transport address in LDP interface. [admin@R1] /mpls ldp neighbor> print Flags: X - di...
by p3rad0x
Sat Feb 23, 2019 1:08 pm
Forum: Forwarding Protocols
Topic: MPLS/VPLS ECMP
Replies: 9
Views: 4672

MPLS/VPLS ECMP

Good day, I'm busy experimenting to transport pppoe over mpls/vpls Now the issue i'm experiencing is we are using at least 2 microwave links to our main towers because the require from 600-1.2bgps. As soon as MPLS is enabled between the two sites the traffic starts flowing only over 1 link. Any way ...
by p3rad0x
Fri Feb 15, 2019 5:03 pm
Forum: Forwarding Protocols
Topic: My own ASN (with my IP's) with ISP's IPs too
Replies: 2
Views: 2591

Re: My own ASN (with my IP's) with ISP's IPs too

Hi,

What i would suggest is to also install a switch in the rack.

Connect all your severs to the switch.

Then setup a BGP session to your provider from the router and announce your ip space.

You should be sorted then.
by p3rad0x
Mon Feb 11, 2019 4:11 pm
Forum: Forwarding Protocols
Topic: Problem while using VRRP between routers with BGP
Replies: 7
Views: 3956

Re: Problem while using VRRP between routers with BGP

You could cheese it.

Its not the correct way but it should work until you can get it working properly.

In vrrp there is a script feature. on master and on backup.

when the second router is on backup disable the bgp session to the provider, when on master you can enable it again.
by p3rad0x
Mon Feb 11, 2019 3:58 pm
Forum: Forwarding Protocols
Topic: Create prefix list from learned peer routes
Replies: 7
Views: 4006

Re: Create prefix list from learned peer routes

Hi, Accept all inbound routes accept your IP space and bogons. Then create a out filter to just so only your space gets advertised and the rest gets dropped. 99.9% of the time your peers will have their own filters in place to only accept your IP space, but you could never be too careful. It should ...
by p3rad0x
Mon Feb 11, 2019 3:49 pm
Forum: Forwarding Protocols
Topic: Multihoming and connection tracking
Replies: 5
Views: 3574

Re: Multihoming and connection tracking

It should work yes.

But I will add a third router for just the internal servers and NAT on it so the edge routers only does routing.
by p3rad0x
Thu Feb 07, 2019 10:36 am
Forum: Beginner Basics
Topic: Port Forwarding to other subnet
Replies: 3
Views: 1096

Re: Port Forwarding to other subnet

Hi,

Is the ips setup on different interfaces on the router?
by p3rad0x
Fri Oct 12, 2018 2:37 pm
Forum: General
Topic: New Neighbor discovery
Replies: 4
Views: 1456

Re: New Neighbor discovery

Ok I see part of the issue is that default forwarding was still enabled in the access list on the device i'm testing.

Thanks
by p3rad0x
Fri Oct 12, 2018 2:32 pm
Forum: General
Topic: New Neighbor discovery
Replies: 4
Views: 1456

Re: New Neighbor discovery

Disable default-forward
-Chris
This is also part of the issue,

Default forward is disabled on all my access points, but they are still able to communicate over the bridge on the AP for some reason.

If i disable the bridge then default forwarding takes care of the issue
by p3rad0x
Fri Oct 12, 2018 2:17 pm
Forum: General
Topic: New Neighbor discovery
Replies: 4
Views: 1456

New Neighbor discovery

Good day, I have a question regarding neighbor discovery on the new versions of router OS. I had a script that disabled discovery on the WLAN interface of the CPE's, after the latest updates the discovery has been changed to !dynamic and they start discovering all other devices on the bridged AP. Ho...
by p3rad0x
Wed Sep 26, 2018 2:40 pm
Forum: Beginner Basics
Topic: WISP AP configuration for dual Band in Quick Set
Replies: 1
Views: 1751

Re: WISP AP configuration for dual Band in Quick Set

Try not to use quick set
by p3rad0x
Tue Sep 18, 2018 2:11 pm
Forum: General
Topic: Best software to monitor bgp peers?
Replies: 2
Views: 901

Re: Best software to monitor bgp peers?

I just setup netwatch to monitor the remote peer address if it goes down it sends a notification to telegram
by p3rad0x
Wed Sep 12, 2018 5:00 pm
Forum: General
Topic: Changed router country, now can't access router
Replies: 4
Views: 1019

Re: Changed router country, now can't access router

Hi

Try and login using mac telnet
by p3rad0x
Wed Sep 12, 2018 4:58 pm
Forum: The Dude
Topic: Issue with custom probe
Replies: 0
Views: 2271

Issue with custom probe

Good day, I need some help setting up a probe for a alarm. Onsite we have a device that monitors voltage and if the ac is on or off. Then i use the dude to send notification to telegram if ac goes down. Now i try to to the exact same with the alarm, snmp will return value 0 or 1 0 = Alarm off and 1 ...
by p3rad0x
Thu Sep 06, 2018 12:17 pm
Forum: Forwarding Protocols
Topic: BGP Peering Advice
Replies: 6
Views: 2295

BGP Peering Advice

Good day a quick question. We have 3 providers all different circuit speeds 1G / 2G /4G Currently we have one BGP session to the 2G is and they only advertise a default route down to us. Question is when the other 2 peers goes live wont one of them be overloaded ? I will be taking in local routes fr...
by p3rad0x
Wed Aug 15, 2018 2:11 pm
Forum: Forwarding Protocols
Topic: Public IPs on network with OSPF
Replies: 3
Views: 2261

Re: Public IPs on network with OSPF

If you dont have a lot of towers, a shortcut could be to add all the ips on your edge and create src nat rules for each tower. But I recommend planing for the future. Advertise your local loopbacks on ospf and your private IP's and use BGP for all the public IP's. Then later when you get more addres...
by p3rad0x
Fri Aug 10, 2018 10:51 pm
Forum: Wireless Networking
Topic: Wireless Wire Dish Password
Replies: 1
Views: 1091

Re: Wireless Wire Dish Password

I'm afraid its time to get the harness ready again
by p3rad0x
Fri Aug 10, 2018 10:49 pm
Forum: Wireless Networking
Topic: When coming AC Wave2 chip?
Replies: 41
Views: 12835

Re: When coming AC Wave2 chip?

I don't expect them to come anytime soon
by p3rad0x
Tue Jul 17, 2018 2:00 pm
Forum: Beginner Basics
Topic: Script to reduce Wi-Fi transmitter power on schedule/at night
Replies: 34
Views: 8052

Re: Script to reduce Wi-Fi transmitter power on schedule/at night

Don't worry,

The router wont give you a brain tumor any time soon
by p3rad0x
Tue Jul 17, 2018 1:54 pm
Forum: Beginner Basics
Topic: How to put priority to lol
Replies: 2
Views: 3401

Re: How to put priority to lol

Hi, I find marking specific packet sizes and src ports a issue with online gaming. What I did is lookup the ASN number for Riot inc. Then create a address list with their prefixes and mark all connections going to that prefixes. Then create 3 simple queues, one must serve as the parent and the ohter...
by p3rad0x
Mon Jul 16, 2018 5:55 pm
Forum: General
Topic: TX Queue drops per second
Replies: 0
Views: 2047

TX Queue drops per second

Good day, A while back we replaced a RB1100ahx4 that was causing packet loss. Running interface monitor traffic revealed that there was about 500 tx queue drops per second. Only strange thing is there was no queues setup on the device. Replaced it with a ccr1036 and issue solved, the 1100 was doing ...
by p3rad0x
Fri Jun 01, 2018 11:16 am
Forum: Beginner Basics
Topic: Internet and Winbox stop working
Replies: 2
Views: 1084

Re: Internet and Winbox stop working

Are you able to login via Mac Telned?

If you have bgp enabled to your ISP they could be sending you bogon routes causing this issue.
by p3rad0x
Fri Jun 01, 2018 10:59 am
Forum: General
Topic: Best way to Monitor PPPoE servers
Replies: 1
Views: 1779

Best way to Monitor PPPoE servers

Good day,

I'm in the process of setting up pppoe for authentication.

There will be one or two pppoe servers on each tower site.

What is the best way to monitor all of these and make sure the servers is up and running?
by p3rad0x
Fri Jun 01, 2018 10:48 am
Forum: General
Topic: EoIP tunnel to VyOS router
Replies: 2
Views: 1839

Re: EoIP tunnel to VyOS router

EoIP is a proprietary protocol for mikrotik and will only work using router OS.

You could try to establish a GRE tunnel between RoS and VyOS
by p3rad0x
Mon May 28, 2018 11:01 am
Forum: Wireless Networking
Topic: mikrotik login redirect not working
Replies: 2
Views: 1070

Re: mikrotik login redirect not working

Do you mean its not redirecting to the hotspot login page?

If so, you can reset the HTML if you goto ip --> hotspot
by p3rad0x
Mon May 28, 2018 10:45 am
Forum: Beginner Basics
Topic: Email Sorta Works........... Rcve Only :-(
Replies: 11
Views: 1645

Re: Email Sorta Works........... Rcve Only :-(

If i understand correctly.

Check gateway will only check if 192.168.1.1 is reachable and not the dst-address
by p3rad0x
Mon May 28, 2018 10:30 am
Forum: Beginner Basics
Topic: RouterOS 5.20 - IP Route List
Replies: 13
Views: 4859

Re: RouterOS 5.20 - IP Route List

Hi,

Create a mangle rule and apply a routing mark to the 2 subnets you want to route to WAN 1

Then add a 0.0.0.0/0 route gateway=192.168.1.1 routing-mark=your mark;

then just add a second gateway to 172.10.10.1.

All the marked traffic will go over WAN1 and all the other WAN2
by p3rad0x
Tue May 15, 2018 8:33 pm
Forum: General
Topic: loopback interfaces and OSPF Areas
Replies: 4
Views: 1505

loopback interfaces and OSPF Areas

Good day,

Quick question.

Is it better to put the loopback interface in the backbone are + the ptp links or the loopback interface in their own ospf area?
by p3rad0x
Tue May 15, 2018 3:54 pm
Forum: Beginner Basics
Topic: UPNP issue with PS4
Replies: 4
Views: 1959

Re: UPNP issue with PS4

Hi,

Upnp will only forward that port to one of the ps4's

If you want open nat on all devices you will need to give them all a public ip address.
by p3rad0x
Tue May 15, 2018 11:38 am
Forum: Forwarding Protocols
Topic: Filter Spesific OSPF routes
Replies: 11
Views: 3862

Re: Filter Spesific OSPF routes

Had an interesting issue where ospf grabbed one of the /32's and redistributed that.

Checked all the routers and ospf does not redistribute connected or bgp routes.

Back to the lab I Guess :D
by p3rad0x
Mon May 14, 2018 1:38 pm
Forum: Forwarding Protocols
Topic: Main link swap over
Replies: 3
Views: 1335

Re: Main link swap over

Do you mean the failover when isp1 goes down.

If you want ISP2 to be your mainlink set the distance to 1 and and for ISP1 set distance to 2
by p3rad0x
Mon May 14, 2018 1:37 pm
Forum: Forwarding Protocols
Topic: Filter Spesific OSPF routes
Replies: 11
Views: 3862

Re: Filter Spesific OSPF routes

I played around with some filter rules. One issue i had with redistributing connected was that some of the connected routes was already in the routing table because of ospf. So what is did is create a bgp-out filter. for example. /routing filter add chain=bgp-out prefix=10.10.0.0/24 prefix-length=24...
by p3rad0x
Fri May 11, 2018 4:13 pm
Forum: Forwarding Protocols
Topic: Filter Spesific OSPF routes
Replies: 11
Views: 3862

Re: Filter Spesific OSPF routes

Thanks for all the reply's I'm busy testing in the lab using eBGP. Each tower site i assign a different AS and if there are more then one router on a site i will setup iBGP for them. I then redistribute connected routes so the /32 routes So far its working good. It would be nice if it could advertis...
by p3rad0x
Fri May 11, 2018 10:25 am
Forum: General
Topic: PPPoE Server on EOIP interface.
Replies: 3
Views: 1748

Re: PPPoE Server on EOIP interface.

Thanks for all your feedback so far,

I will take the MPLS/VPLS into consideration
by p3rad0x
Thu May 10, 2018 1:52 pm
Forum: Forwarding Protocols
Topic: Filter Spesific OSPF routes
Replies: 11
Views: 3862

Re: Filter Spesific OSPF routes

But I recommend to you to redistribute PPPoE global addresses with BGP tools. Manage OSPF only for your core network as a transport protocol to redistribute ptp links and your loopbacks. Thanks Anumrak, I'm still new to the BGP game and this will be a much needed learning experience. If i get this ...
by p3rad0x
Thu May 10, 2018 1:31 pm
Forum: General
Topic: PPPoE Server on EOIP interface.
Replies: 3
Views: 1748

PPPoE Server on EOIP interface.

Good day, I'm in the process of implementing pppoe servers on every high site. client dials in and gets a public ip address that gets redistributed with ospf. First of all, I'm not a fan of bridging anything. I have 2 options, i'm also open to any other suggestions. 1. Bridge the AP's ether and WLAN...
by p3rad0x
Thu May 10, 2018 1:14 pm
Forum: Forwarding Protocols
Topic: Filter Spesific OSPF routes
Replies: 11
Views: 3862

Filter Spesific OSPF routes

Good day, I have a question, I'm busy implementing pppoe servers at all my highsites. The clients connects to the pppoe server and gets a public ip address from the radius server. Ospf then redistributes that public address, now my issue is, not really a issue but something that bugs me. I don't wan...
by p3rad0x
Mon May 07, 2018 1:32 pm
Forum: General
Topic: Dude server on RB-3011 CPU at 100%
Replies: 4
Views: 2109

Re: Dude server on RB-3011 CPU at 100%

How many devices are you polling in the dude?

I had a RB750Gr3 doing about 20 devices and experienced the same issue.

Setting up CHR as a virtual machine sorted all the problems.
by p3rad0x
Mon May 07, 2018 12:54 pm
Forum: Wireless Networking
Topic: Only 3 x 60Ghz bands for 60G devices?
Replies: 17
Views: 7050

Re: Only 3 x 60Ghz bands for 60G devices?

I think for now the 60Ghz products are meant to be for ptp deployments.

Sure you can use it for ptmp now, but with some limitations.

Maybe in the next few years we will have the option to select different channel widths @60Ghz
by p3rad0x
Mon Apr 30, 2018 3:12 pm
Forum: Beginner Basics
Topic: Follow-up sites for user on mikrotik router board 912 ?? [SOLVED]
Replies: 2
Views: 1335

Re: Follow-up sites for user on mikrotik router board 912 ?? [SOLVED]

You will need your own DNS server then log all the queries
by p3rad0x
Wed Apr 25, 2018 4:47 pm
Forum: Beginner Basics
Topic: Block crypto currency mining
Replies: 3
Views: 6082

Re: Block crypto currency mining

First you will have to test and see what kind of traffic a mining app or device generates.

From there you can start playing with firewalls.

The packets sent and received is also most probably encrypted.
by p3rad0x
Tue Apr 10, 2018 12:56 pm
Forum: General
Topic: CRS326 with 6.41, best bridge or switch
Replies: 2
Views: 958

Re: CRS326 with 6.41, best bridge or switch

If you use switching performance should be much better.

You should still be able to create multiple switch groups to segment the ports.

To set mtu of all ports you could use
/interface ethernet set mtu=9000 [find]
by p3rad0x
Tue Apr 10, 2018 12:47 pm
Forum: Beginner Basics
Topic: I'm at a loss, any help is good help at this moment...
Replies: 22
Views: 4587

Re: I'm at a loss, any help is good help at this moment...

I have a same strange issue with twitch.

Can watch 1080p60fps on on 1 laptop and 2 ios devices, but buffers on other 2 windows computers.

1ms ping to the ap from all devices and 100M up and down speedtest but twitch is crazy
by p3rad0x
Wed Feb 28, 2018 5:34 pm
Forum: General
Topic: Highsite Voltage Monitoring
Replies: 0
Views: 785

Highsite Voltage Monitoring

Good day all, A question of what programs you use to monitor voltages at your sites especially solar sites. Currently I'm using advanced host monitor to monitor voltage across 74 high sites. It works but I would like something better. Something that can send push notifications to a mobile devices if...
by p3rad0x
Wed Feb 28, 2018 11:18 am
Forum: RouterBOARD hardware
Topic: RB750Gr3 temperature
Replies: 4
Views: 2731

Re: RB750Gr3 temperature

Does if feel warmer to the touch?
by p3rad0x
Wed Feb 28, 2018 11:06 am
Forum: Wireless Networking
Topic: Bandwidth restriction is not working
Replies: 2
Views: 981

Re: Bandwidth restriction is not working

Hi

Check if fast-track is enabled in your filter rules
by p3rad0x
Wed Feb 21, 2018 9:57 am
Forum: Beginner Basics
Topic: Random drops during gaming
Replies: 7
Views: 2983

Re: Random drops during gaming

This, - ethernet over powernet connection (500 Mb/s network)

Are you using power line adapters to connect to the router?

If so your issue is most probably in the connection between you and the router
by p3rad0x
Wed Feb 21, 2018 9:24 am
Forum: General
Topic: 10M port causes CRS326-24G-2S+ to freak out
Replies: 0
Views: 785

10M port causes CRS326-24G-2S+ to freak out

Good day, I have noticed some strange behavior on a CRS326 running as a router, only static routes no nat or firewall. CPU load is about 5% when pushing 100Mbps. After a lightning storm one night one of the Netmetals connected had a port flap and the port was only connecting at 10Mbps FD. This cause...
by p3rad0x
Thu Feb 15, 2018 11:05 am
Forum: Wireless Networking
Topic: QRT-2 as hotspot?
Replies: 5
Views: 1559

Re: QRT-2 as hotspot?

The connectors are exactly the same, it should work if the distance is not too far
by p3rad0x
Thu Feb 15, 2018 10:34 am
Forum: Wireless Networking
Topic: wAP 60G experience
Replies: 313
Views: 93198

Re: wAP 60G experience

I have one installed about 100m away and it works like a charm.

Getting 100 up and down even in the rain, haven't replaced the poe's yet to get a gig link
by p3rad0x
Thu Feb 15, 2018 10:29 am
Forum: General
Topic: CCR1072-1G-8S+ PPPoE and bandwidth
Replies: 6
Views: 2317

Re: CCR1072-1G-8S+ PPPoE and bandwidth

Good day,

Check out this link from stubarea51.net

http://www.stubarea51.net/2015/10/23/mi ... nd-queues/
by p3rad0x
Thu Feb 15, 2018 10:15 am
Forum: General
Topic: 2 ISP on CCR009
Replies: 1
Views: 795

Re: 2 ISP on CCR009

Hi,

You can checkout this link https://wiki.mikrotik.com/wiki/Manual:PCC
by p3rad0x
Thu Feb 15, 2018 10:13 am
Forum: Beginner Basics
Topic: Team Speak 3 - layer 7
Replies: 1
Views: 984

Re: Team Speak 3 - layer 7

Hi, do you wish to block teamspeak or setup a queue for it?
by p3rad0x
Thu Feb 15, 2018 10:06 am
Forum: Beginner Basics
Topic: How to list reserved IP addresses
Replies: 4
Views: 2921

Re: How to list reserved IP addresses

Why reserve a IP address if you could just statistically assign it outside the dhcp scope
by p3rad0x
Thu Feb 15, 2018 10:03 am
Forum: Beginner Basics
Topic: Mikrotik Per minute basis Burst Queue
Replies: 7
Views: 2171

Re: Mikrotik Per minute basis Burst Queue

Then it should be configured some way in free radius.

Why not just use normal burst for 60s?
by p3rad0x
Thu Feb 15, 2018 9:54 am
Forum: Beginner Basics
Topic: How to properly turn off PC with MikroTik?
Replies: 4
Views: 4847

Re: How to properly turn off PC with MikroTik?

If the router loses power it will say rebooted without proper shutdown.
I wont worry about it, just removing the power never caused any problems for me. Had to power cycle a CCR1072 once due to a hard crash and all was fine afterwords
by p3rad0x
Thu Feb 15, 2018 9:51 am
Forum: Beginner Basics
Topic: Static Router Config
Replies: 12
Views: 3130

Re: Static Router Config

Also reset that CCR to factory with no default config
by p3rad0x
Thu Feb 15, 2018 9:47 am
Forum: Beginner Basics
Topic: Problems with VLAN accessing Internet
Replies: 3
Views: 1747

Re: Problems with VLAN accessing Internet

Maybe the 2 last drop rules causing your problem. Try disabling only those and check if it fixes the issue.
by p3rad0x
Thu Feb 15, 2018 9:44 am
Forum: Beginner Basics
Topic: Mikrotik Per minute basis Burst Queue
Replies: 7
Views: 2171

Re: Mikrotik Per minute basis Burst Queue

A simple queue alone won't do the trick.

You should create 2 simple queues and add schedulers to turn on and off the queues every few minutes
by p3rad0x
Wed Feb 14, 2018 3:42 pm
Forum: General
Topic: Some services are not working with pppoe connection
Replies: 19
Views: 5616

Re: Some services are not working with pppoe connection

Just a quick question how many clients are you running on that network at the moment?
by p3rad0x
Wed Feb 14, 2018 3:37 pm
Forum: General
Topic: P2P connection to security camera recorder behind MTik
Replies: 13
Views: 6176

Re: P2P connection to security camera recorder behind MTik

I always rather do manual port forwarding to DVR's.

I think the p2p option is too unreliable.
by p3rad0x
Wed Feb 14, 2018 3:33 pm
Forum: General
Topic: List of devices with beeper
Replies: 4
Views: 2941

Re: List of devices with beeper

Interesting Question, there should be a beeper field in the specs of the devices. The beeper is actually very useful. I use a Hap AC at home and setup the beeper to go off if there is a power outage at the core site(batteries can only last so long) and if one of our up-links goes down. Rather attend...
by p3rad0x
Mon Feb 12, 2018 2:14 pm
Forum: Beginner Basics
Topic: MikroTik RB951Ui-2Hnd. Your opinions?
Replies: 7
Views: 1412

Re: MikroTik RB951Ui-2Hnd. Your opinions?

Hi,

The software on both of them is exactly the same.

For me huwawei's usb modems works fine on both
by p3rad0x
Tue Feb 06, 2018 10:15 am
Forum: General
Topic: Quaranteed bit rate
Replies: 2
Views: 849

Re: Quaranteed bit rate

Hi,

Check if you have fasttrack enabled in ip --> firewall --> filter
by p3rad0x
Tue Feb 06, 2018 10:13 am
Forum: Beginner Basics
Topic: Upgraded CRS125 New Bridge thing Broke DHCP
Replies: 5
Views: 1703

Re: Upgraded CRS125 New Bridge thing Broke DHCP

It looks like some default config is messing with you.

That config you posted should work.

Maybe try removing the dhcp server and create a new one
by p3rad0x
Tue Feb 06, 2018 10:07 am
Forum: General
Topic: Permission error
Replies: 1
Views: 703

Re: Permission error

Hi,

Goto system users and groups to check if all the boxes is ticked under full
by p3rad0x
Tue Feb 06, 2018 10:04 am
Forum: Wireless Networking
Topic: hAP ac improving wifi
Replies: 5
Views: 6947

Re: hAP ac improving wifi

The only way to fix poor signal is to get a second AP. Maybe install the one on the first floor and the other one the second floor. You can use auto freq so the AP pics the cleanest channel. Also take note that some wireless devices can completely kill the 2Ghz spectrum like Wireless CCTV cameras or...
by p3rad0x
Tue Feb 06, 2018 9:59 am
Forum: Wireless Networking
Topic: How to diagnose sxt sa5ac wireless problem?
Replies: 8
Views: 2404

Re: How to diagnose sxt sa5ac wireless problem?

Looks like the wireless card died,

The sxt qlite5 will work you just need to set the band to 5Ghz only N and not AC
by p3rad0x
Tue Feb 06, 2018 9:57 am
Forum: General
Topic: Help with 1 website, can't access [SOLVED]
Replies: 10
Views: 4249

Re: Help with 1 website, can't access [SOLVED]

Its most probably your IP being blacklisted by them.

If it was more then one site we could say maybe MTU related issue.
by p3rad0x
Tue Feb 06, 2018 9:55 am
Forum: General
Topic: Which device for 10GbE Bandwidth-Test
Replies: 9
Views: 4153

Re: Which device for 10GbE Bandwidth-Test

I dont think you will be able to reach 10G tcp using b-test.

You could try running iperf between 2 servers connected to the 10G ports.

For what will you be using this router?

Just routing should give you close to 10G, but as soon as you start adding fw rules or nat rules expect way less
by p3rad0x
Tue Feb 06, 2018 9:46 am
Forum: Beginner Basics
Topic: Cant install Router OS 6.35 on one of my Dell Servers R710
Replies: 3
Views: 1694

Re: Cant install Router OS 6.35 on one of my Dell Servers R710

Also CHR has much better performance then x86
by p3rad0x
Mon Feb 05, 2018 1:37 pm
Forum: Scripting
Topic: Coding a RB Simulator
Replies: 6
Views: 2380

Re: Coding a RB Simulator

You can use ip --> services and filter rules to prevent any possible intrusion.

Only make winbox/ssh accessible from a certain ip or subnet and disable the mac server on client facing interfaces, then you should be safe.
by p3rad0x
Mon Feb 05, 2018 1:32 pm
Forum: Beginner Basics
Topic: Need help converting a port with it's own vlan
Replies: 2
Views: 941

Re: Need help converting a port with it's own vlan

I have to say, I'm not a fan of the changes in 6.41.
by p3rad0x
Mon Feb 05, 2018 1:25 pm
Forum: Wireless Networking
Topic: Terrible NV2 Ac Network P2MP
Replies: 13
Views: 3660

Re: Terrible NV2 Ac Network P2MP

Are you running the radios at full power?

Because -60 @200m seems a bit low.
I'havn't no manage about power settings because in .ac device on the power section winbox can't show anything...
Is the tx power set to manual tx power or regulatory domain?
by p3rad0x
Mon Feb 05, 2018 1:24 pm
Forum: Wireless Networking
Topic: capsman ping 50% loss [SOLVED]
Replies: 2
Views: 2092

Re: capsman ping 50% loss [SOLVED]

It could be a network loop maybe.

I see a lot of network loops at clients with lightning damage on the router, one port on the router would show as running even if there is no cable plugged into it causing a loop.

If capsman detects a probable loop then it downs the interface for a few seconds
by p3rad0x
Mon Feb 05, 2018 1:17 pm
Forum: Wireless Networking
Topic: How to limit unknown unicast traffic (in pps or mbps)
Replies: 4
Views: 3116

Re: How to limit unknown unicast traffic (in pps or mbps)

Is there any EoIP tunnels running over that links?
by p3rad0x
Mon Feb 05, 2018 1:15 pm
Forum: Wireless Networking
Topic: Wireless guest mode or something limiting speed.
Replies: 2
Views: 922

Re: Wireless guest mode or something limiting speed.

Hi,

You can create a virtual ap and set the ssid to guest then just queue the virtual interface.

Or you can create a dhcp server on that and queue the guest subnet
by p3rad0x
Mon Feb 05, 2018 1:13 pm
Forum: General
Topic: VPN connection drops
Replies: 6
Views: 3558

Re: VPN connection drops

Hi,

Most probably a connection issue between the vpn server and die client device.

If its clients connecting over a cellular network there is not much you can do

But if they are on your network most probably a port flap or wireless link disconnecting
by p3rad0x
Mon Feb 05, 2018 9:48 am
Forum: General
Topic: CCR1072-1G-8S+ Load Question
Replies: 5
Views: 1646

Re: CCR1072-1G-8S+ Load Question

Simple Queue + Parent will give you the best performance on CCR
by p3rad0x
Thu Feb 01, 2018 9:49 am
Forum: Wireless Networking
Topic: Terrible NV2 Ac Network P2MP
Replies: 13
Views: 3660

Re: Terrible NV2 Ac Network P2MP

Are you running the radios at full power?

Because -60 @200m seems a bit low.
by p3rad0x
Tue Jan 23, 2018 12:51 pm
Forum: General
Topic: Help with No track Raw rule
Replies: 2
Views: 2887

Help with No track Raw rule

Good day, I have 3 subnets of public addresses i want to disable tracking for. And all the other connections needs te be tracked because of NAT. Last night one of the clients got hit by a ddos, low bandwidth high pps filling up the connection tracking table and pegging the ccr1072 to 100% usage. I c...
by p3rad0x
Wed Jan 17, 2018 7:44 pm
Forum: General
Topic: Strange TCP BTest behaviour
Replies: 1
Views: 696

Re: Strange TCP BTest behaviour

Quick update,

I tested a different link that has the same setup.

1036 and 1100ahx4 and those work fine.

Im thinking that something in the first 1100 is causing the problem
by p3rad0x
Wed Jan 17, 2018 7:27 pm
Forum: General
Topic: Strange TCP BTest behaviour
Replies: 1
Views: 696

Strange TCP BTest behaviour

So this is the situation. I have 2 microwave links connecting a CCR1036 and a 1100ahx4 all 4 Ethernet ports is connecting 1Gbps full duplex with flow control enabled. Lets say router A has 192.168.0.1/29 and B 192.168.0.4/29 ether 1 A 192.168.1.1/29 and B 192.168.1.4/29 ether 2 Then router b has on ...
by p3rad0x
Thu Jan 04, 2018 7:31 pm
Forum: Wireless Networking
Topic: Limit Bandwith problem
Replies: 3
Views: 1087

Re: Limit Bandwith problem

Hi Pradox, how i can know if the packets gets by the fast track? what do you refer with fast track? thanks you man. Ok i saw the filter rules and i dont see nothing about fasttrack. :(. Should i active fastrack? sorry for the later reply Fasttrack should be disabled. Can you maybe post the config s...
by p3rad0x
Thu Jan 04, 2018 7:18 pm
Forum: General
Topic: help on setup tunnel
Replies: 8
Views: 1419

Re: help on setup tunnel

thank you buddy

i solved the above issues .

i just have 1 more problem here

when i connect lt2p "without" preshare key it connects

but as i set preshared key into my vpn client it wont connect

whats the matter?
Do you get any errors in the log?
by p3rad0x
Thu Jan 04, 2018 10:55 am
Forum: Wireless Networking
Topic: 6GHz products not working well at >=6300 MHz
Replies: 4
Views: 2329

Re: 6GHz products not working well at >=6300 MHz

I tested dynadish 6. And confirm that. Its look like as very bad antena design ? sigal is ok to 6200MHz, but at 6300 and above it is unusable (signal very bad on low distance at >=6300MHz). I have a feeling that the dyna-dish 6 and sxt 6 is using the exact same antenna as their 5ghz models. only wa...
by p3rad0x
Thu Jan 04, 2018 10:50 am
Forum: General
Topic: CCR 1016-12G CPU maxed out
Replies: 1
Views: 994

Re: CCR 1016-12G CPU maxed out

On that nat rules, Are you using src-nat or masquerade on the public interface. If you use masquerade and a few of the tunnels starts disconnecting then you will see that high CPU usage. Check out this video a very good presentation that describes your problem https://www.youtube.com/watch?v=D80_a_O...
by p3rad0x
Thu Jan 04, 2018 10:39 am
Forum: General
Topic: Error on log - running out of disk space
Replies: 4
Views: 9985

Re: Error on log - running out of disk space

Hi,

What device are you using?

It seems like your issue is the log files that user manager is creating.

Every time something authenticates or fails its being logged

You will need to disable this logging in UM itself, If i can remember correctly its where you add the routers that use radius
by p3rad0x
Thu Jan 04, 2018 10:36 am
Forum: General
Topic: CPU load goes way up randomly CCR1072
Replies: 3
Views: 1317

Re: CPU load goes way up randomly CCR1072

I had a issue where disconnecting L2tp tunnels would cause 100% cpu spikes for about 1sec. What would happen is a areas power would go out and about 200 l2tp's would disconnect because the cpe devices went offline and this caused a domino affect where the high cpu load would cause the other tunnels ...
by p3rad0x
Thu Jan 04, 2018 10:25 am
Forum: General
Topic: WAN <> LAN Throughput Routerboard 1200
Replies: 1
Views: 870

Re: WAN <> LAN Throughput Routerboard 1200

Hi,

I think it should be able to do about 200mbps or even more with fast track enabled and no simple queues and filter rules.

RB1200 is a bit old tho.
by p3rad0x
Thu Jan 04, 2018 10:21 am
Forum: General
Topic: help on setup tunnel
Replies: 8
Views: 1419

Re: help on setup tunnel

Hi, If you already created the l2tp tunnel and it is connected then all you will need to do is decide who can use the vpn, will it be anyone connected or specific users. If its everyone you can tick add default route on the l2tp interface and just add a src nat rule on that interface and you should ...
by p3rad0x
Thu Jan 04, 2018 10:08 am
Forum: General
Topic: Creating a computer network
Replies: 3
Views: 1190

Re: Creating a computer network

I would say you are over complicating the setup by using all those VLANS
by p3rad0x
Thu Jan 04, 2018 10:02 am
Forum: General
Topic: Doing NAT with bridged ports on routerboard, help needed [SOLVED]
Replies: 3
Views: 3224

Re: Doing NAT with bridged ports on routerboard, help needed [SOLVED]

hi, why are you using a /32 network for 192.168.1.1?

I would make ether1 192.168.2.1/30 and the device 192.168.2.2/30 and ether 2 192.168.3.1/30 ect

Then that mangle rules and marks wont be needed but the VLAN may be a issue then.
by p3rad0x
Thu Jan 04, 2018 9:44 am
Forum: General
Topic: camera
Replies: 2
Views: 1106

Re: camera

Hes most probably trying to connect using the public IP from the lan side.

Hairpin NAT should solve that issue
by p3rad0x
Wed Jan 03, 2018 5:03 pm
Forum: Wireless Networking
Topic: 6GHz products not working well at >=6300 MHz
Replies: 4
Views: 2329

Re: 6GHz products not working well at >=6300 MHz

Hi,

What kind of signal level are you seeing at 5.9-6.1Ghz?
by p3rad0x
Wed Jan 03, 2018 4:55 pm
Forum: Wireless Networking
Topic: Wireless issues - can't figure out why
Replies: 6
Views: 2771

Re: Wireless issues - can't figure out why

How does the signal levels look like on those aps when you are connecting devices? What you can try is to set all ap's to 20Mhz only-n and set the frequency to auto. Reason behind this is if a legacy device that is a bit out of range connects on 2ghz G then all the following devices will connect on ...
by p3rad0x
Wed Jan 03, 2018 4:46 pm
Forum: Wireless Networking
Topic: Side Lobe bandwidth capacity
Replies: 4
Views: 1625

Re: Side Lobe bandwidth capacity

SnR and CCQ will be worse on the sidelobe. If you have 5 clients connected and 1 or 2 is on a side lobe there wont be much difference. Problems will start when you are adding more and more clients onto that sector. Best advice is, don't connect on sidelobes. Rather replace the sector with a 120deg i...
by p3rad0x
Wed Jan 03, 2018 4:40 pm
Forum: Wireless Networking
Topic: what routerboard is suitable for me?
Replies: 10
Views: 2387

Re: what routerboard is suitable for me?

RB1100ahx4 should be plenty of power for that amount of clients. If you already have the nano stations then there is no point to spend money if you are starting. You can always upgrade AP's and back haul links in the future. If you have no equipment at the moment then it will be in your best interes...
by p3rad0x
Wed Jan 03, 2018 4:07 pm
Forum: General
Topic: CCR 1072 IPsec speed issue [SOLVED] [SOLVED]
Replies: 7
Views: 3995

Re: CCR 1072 IPsec speed issue [SOLVED]

Hi, I don't have much experience with ipsec. Using that combination should be HW accelerated but something seems to be causing it to fall back to software. I had a issue where connection tracking was still active even if it was disabled. in Winbox the connections was not visible but you could see it...
by p3rad0x
Wed Jan 03, 2018 3:48 pm
Forum: General
Topic: Active Congestion Controller (ACC)
Replies: 5
Views: 1730

Re: Active Congestion Controller (ACC)

Hi, First you will need to identify the root cause of your speed issues. IS it the devices on your network saturating your down/upstream limit, is it the connection between your CPE and the ISP AP or is the problem some ware on their network. If your issue is your own devices then a queue tree can s...
by p3rad0x
Wed Jan 03, 2018 3:36 pm
Forum: Beginner Basics
Topic: how to connect my routerboard to tp link wirless
Replies: 1
Views: 760

Re: how to connect my routerboard to tp link wirless

Hi, You goto your wireless tab and then security profile. Then you enter the wpa and wpa2 key of the tplink(the wireless password). You can then goto wireless and hit the scan button, all the networks in the close area should appear you can then click on the tplink's ssid and hit connect. Do you wan...
by p3rad0x
Wed Jan 03, 2018 3:32 pm
Forum: Beginner Basics
Topic: Web browser did not send challenge response
Replies: 1
Views: 1846

Re: Web browser did not send challenge response

Its most probably that repeater messing around with the authentication method breaking it.

Maybe check on the repeater if there is something like use radius authentication enabled.
by p3rad0x
Wed Jan 03, 2018 3:28 pm
Forum: Beginner Basics
Topic: very new to this need help
Replies: 4
Views: 1154

Re: very new to this need help

Also keep in mind that the 941 is not very powerful.

All the mangle rules and routing marks will hog a a fair bit of cpu, it should be good for about 70mbps aggregate throughput maybe more
by p3rad0x
Wed Jan 03, 2018 3:25 pm
Forum: Beginner Basics
Topic: RB2011 iLRM for WiFi Router
Replies: 2
Views: 940

Re: RB2011 iLRM for WiFi Router

Hi, If you are planning to use the 2011 iLRM with the ubnt access points then you are out of luck. You will need unify control software so that the ubnts can broadcast different ssids. What you can use the 2011 for is a radius server. I have no experience with setting up ubnt ap's to authenticate cl...
by p3rad0x
Wed Jan 03, 2018 3:05 pm
Forum: Beginner Basics
Topic: Need Help Regarding Firewall Rules
Replies: 1
Views: 774

Re: Need Help Regarding Firewall Rules

Hi, 1. Do you mean mac discovery like what you see in winbox when going to neighbors? 2. Blocking ping/trace route /ip firewall filter add chain=forward src-address=![your allowed IP] protocol=icmp action=drop This should drop all ICMP packets except ones from the allowed address, this will only wor...
by p3rad0x
Fri Dec 08, 2017 1:58 pm
Forum: General
Topic: do not ping version 6.38.7
Replies: 3
Views: 1220

Re: do not ping version 6.38.7

I had the same issue on a ccr1036 a while back.

Unfortunately the fix was to restart the device
by p3rad0x
Thu Dec 07, 2017 12:56 pm
Forum: Wireless Networking
Topic: Limit Bandwith problem
Replies: 3
Views: 1087

Re: Limit Bandwith problem

Good day,

Check if you have fast track enabled in IP--> firewall --> filter.

If packets gets fast-tracked they will bypass any queues and firewall.
by p3rad0x
Thu Dec 07, 2017 12:53 pm
Forum: Wireless Networking
Topic: Net Metal5 AC unable to carry 30 Mbps
Replies: 3
Views: 1026

Re: Net Metal5 AC unable to carry 30 Mbps

Also, try setting channel width to 20Mhz and selecting a different frequency.

20Mhz on a clear channel should get you just below 100Mbps of possible throughput
by p3rad0x
Thu Dec 07, 2017 12:50 pm
Forum: Wireless Networking
Topic: Wireless Data Rates - Optimizing AP
Replies: 22
Views: 18294

Re: Wireless Data Rates - Optimizing AP

I would say set it as high as possible while retaining a stable link. What i do is set is set the minimum data rate to prevent rate flapping. on 5ghz a i set 18Mbps Basic rate and supported 18Mbps + all the other after it. If it starts giving issues drop the max limit by 1 or the min limit. Same app...
by p3rad0x
Thu Dec 07, 2017 12:44 pm
Forum: Wireless Networking
Topic: big mistake [SOLVED]
Replies: 21
Views: 7313

Re: big mistake [SOLVED]

all my problem is disconnection with various logs that are extensive data loss, unicast exchange time out!! extensive data loss = user too far from ap or in fixed wireless interference, bad alignment poor LOS. unicast key exchange timeout = 99% of the time its a user that is trying to connect with ...
by p3rad0x
Thu Dec 07, 2017 12:41 pm
Forum: Wireless Networking
Topic: big mistake [SOLVED]
Replies: 21
Views: 7313

Re: big mistake [SOLVED]

What you can do if the AP doesn't want to go above 54Mbps

Set the band to only-n and de select all the basic/supported a/g rates.
by p3rad0x
Thu Dec 07, 2017 12:14 pm
Forum: Wireless Networking
Topic: getting 20km wireless link issues
Replies: 2
Views: 1054

Re: getting 20km wireless link issues

Did you check if the signal gets worse during that times?

I experience the same issue but only with links longer than 80km just before the summer starts
by p3rad0x
Thu Nov 23, 2017 11:36 am
Forum: General
Topic: Lots of weird traffic from CCR1009 to UBNT Nanostation
Replies: 9
Views: 1793

Re: Lots of weird traffic from CCR1009 to UBNT Nanostation

Hi,

Can you maybe post a screenshot of that strange traffic you see when running torch?
by p3rad0x
Thu Nov 23, 2017 10:28 am
Forum: Beginner Basics
Topic: firewall rules
Replies: 2
Views: 827

Re: firewall rules

The basic universal firewall is a good place to start. I would say its a bit overkill, especially if you are going to deploy it at clients. Each one will have a different network. The basics would be (in my opinion) allow established, related connection on input chain drop invalid on input chain all...
by p3rad0x
Thu Nov 23, 2017 10:05 am
Forum: Beginner Basics
Topic: Need help on prioritizing bandwith with game port
Replies: 6
Views: 5841

Re: Need help on prioritizing bandwith with game port

Best thing will be is to run torch when gaming to check the ports its using.
by p3rad0x
Thu Nov 23, 2017 10:01 am
Forum: Beginner Basics
Topic: Ubuntu File Server Port Forwarding NAT Rule not working
Replies: 4
Views: 1999

Re: Ubuntu File Server Port Forwarding NAT Rule not working

I think the issue may be that http and ftp is enabled in ip --> services

Now the router is catching all the connections instead of forwarding them to the server.

Do you see any packets passing to the server when trying to access it remotely on port 80?
by p3rad0x
Wed Nov 22, 2017 11:42 am
Forum: General
Topic: Where is my 10 Gb ?
Replies: 4
Views: 1367

Re: Where is my 10 Gb ?

Remember that its a switch , the CPU is only there to run the OS and such.

all L2 traffic will be handled by the switch chip.

If it was a CCR1036 or 1072 then the cpu would happily generate that kind of traffic
by p3rad0x
Wed Nov 22, 2017 11:03 am
Forum: General
Topic: NAT table not cleared correctly [SOLVED]
Replies: 78
Views: 19396

Re: NAT table not cleared correctly [SOLVED]

What usually happens om my network is the reply dst-address is incorrect. Instead of it being the public ip address it ends up being the private ip address of the router or sip device. Its almost as if NAT did not work when the link came back up. Manually removing the connection from connection trac...
by p3rad0x
Wed Nov 22, 2017 9:58 am
Forum: Wireless Networking
Topic: RB951G-2HnD: wireless 300Mbps, how to?
Replies: 7
Views: 5466

Re: RB951G-2HnD: wireless 300Mbps, how to?

Or just plugin a network cable :D
by p3rad0x
Wed Nov 22, 2017 9:27 am
Forum: The Dude
Topic: Dude causes monitored networks to be erratic and slow
Replies: 2
Views: 1286

Re: Dude causes monitored networks to be erratic and slow

Did you bridge that 3 GRE tunnels by any chance?

I have about 500 devices monitored by dude running on a CHR and I have experienced no issues with the monitored devices.
by p3rad0x
Tue Nov 14, 2017 11:42 am
Forum: RouterBOARD hardware
Topic: CRS210-8G-2S+IN TOO HOT
Replies: 5
Views: 2772

Re: CRS210-8G-2S+IN TOO HOT

I have a CRS326 running at about 94C during the day and about 60C at night.

I wonder if that spf+ is the cause of that high temps.

But for the sake of testing, I am going to leave that switch until it dies of heat
by p3rad0x
Tue Nov 14, 2017 11:26 am
Forum: Wireless Networking
Topic: looking for the best wifi router (ISP)
Replies: 9
Views: 3954

Re: looking for the best wifi router (ISP)

What cpe antennas are you using to get that kind of throughput ?
by p3rad0x
Tue Nov 14, 2017 11:01 am
Forum: General
Topic: Routing Mark stopped working properly
Replies: 4
Views: 1322

Re: Routing Mark stopped working properly

Ok,

Problem solved.

For some reason fasttrack broke my marked tcp packets causing this.

Disabling fast track fixed the problem.

But now, how do i fast track these tcp packets and let them go over the correct interface
by p3rad0x
Tue Nov 14, 2017 10:58 am
Forum: General
Topic: Routing Mark stopped working properly
Replies: 4
Views: 1322

Re: Routing Mark stopped working properly

Thanks,

I see this issue only happens with TCP traffic.

udp sends and receives on the same correct interface

I tested with iperf3
by p3rad0x
Tue Nov 14, 2017 10:31 am
Forum: General
Topic: Routing Mark stopped working properly
Replies: 4
Views: 1322

Routing Mark stopped working properly

Good day, For a few days now I have noticed some funniness with users routed over our second uplink. What happens is they get error connection reset messages when trying to access sites like twitter/speedtest.net First i thought it may be a mss or mtu issue but it was not the case. Yesterday I disco...
by p3rad0x
Tue Nov 14, 2017 10:14 am
Forum: Wireless Networking
Topic: Unknown MAC connect/disconnect to wireless
Replies: 5
Views: 2275

Re: Unknown MAC connect/disconnect to wireless

What you could do is add all the wifi devices you trust in the access list and disable default authentication.
Hi!
Is access list based on the MAC address?
Its based on the mac address yes.
by p3rad0x
Tue Nov 14, 2017 10:13 am
Forum: Wireless Networking
Topic: Configure a second AP as a slave to the main AP.
Replies: 3
Views: 2516

Re: Configure a second AP as a slave to the main AP.

If its running default config the you can go turn off nat/dhcp and the firewall rulles.

It should work 100% like that
by p3rad0x
Mon Nov 13, 2017 2:09 pm
Forum: Beginner Basics
Topic: Bandwidth test GRE secret
Replies: 2
Views: 1063

Re: Bandwidth test GRE secret

Its the encryption that is slowing the 750 down.

The 750 Gr 3 has hardware encryption for ipsec but only in a few combinations, AES-CBC and sha1/sha256.

Any other combinations will use software encryption
by p3rad0x
Mon Nov 13, 2017 2:01 pm
Forum: Beginner Basics
Topic: Limit connections per user (IP)
Replies: 5
Views: 5939

Re: Limit connections per user (IP)

You should be able to check more or less in the connection tracking table how many connections there are to any one give internal IP address.
by p3rad0x
Mon Nov 13, 2017 1:59 pm
Forum: Beginner Basics
Topic: Limited Speed
Replies: 2
Views: 977

Re: Limited Speed

For a 1 Gbps connection I would recommend a CCR1016-12S-1S+ .

RB3011 should work fine but will start slowing down if you start adding firewall rules ect
by p3rad0x
Mon Nov 13, 2017 1:54 pm
Forum: Wireless Networking
Topic: Network Mikrotik with Cameras [SOLVED]
Replies: 3
Views: 1731

Re: Network Mikrotik with Cameras [SOLVED]

What you can try first is to make sure all the MT devices is running the same version of routerOS

A few updates back they changed something with rstp witch may cause the funniness you are experiencing
by p3rad0x
Mon Nov 13, 2017 1:50 pm
Forum: Wireless Networking
Topic: building a 1 Gbps wireless link for 2 Kms.
Replies: 10
Views: 3267

Re: building a 1 Gbps wireless link for 2 Kms.

Normis: 7,11,17 and 24Ghz with routerOS would be nice tho
by p3rad0x
Mon Nov 13, 2017 1:40 pm
Forum: Wireless Networking
Topic: Mikrotik vs Ubiquiti Unifi
Replies: 23
Views: 22315

Re: Mikrotik vs Ubiquiti Unifi

Another nice feature on the Ubiquity, which I which was on MT, is the bandwidth management. You can quickly see who uses how much bandwidth and easily limit them very quickly. The torch feature om MT also work very well. What I usually do is I create a script that would automatically create a simpl...
by p3rad0x
Mon Nov 13, 2017 1:36 pm
Forum: Wireless Networking
Topic: Mikrotik vs Ubiquiti Unifi
Replies: 23
Views: 22315

Re: Mikrotik vs Ubiquiti Unifi

Hi, I'll need multiple AP per level and my only backbone is at level 1, to reach the other level I'll need to push the communication in Wifi no network cable are present I would suggest trying to make a plan to connect those AP's with Ethernet of fiber to the core. It would save you a few headaches...
by p3rad0x
Mon Nov 13, 2017 1:31 pm
Forum: Wireless Networking
Topic: Why is MikroTik's new product—S+RJ10 10GBASE-T module so cheap?
Replies: 10
Views: 7377

Re: Why is MikroTik's new product—S+RJ10 10GBASE-T module so cheap?

I'm actually very exited about this product. We have an issue at one of our sites where there are a few wireless providers on the building and they like to "accidentally" damage one or 2 of our up links going to the core. 10G over copper @30m will be way more durable then even armored fibe...
by p3rad0x
Mon Nov 13, 2017 1:15 pm
Forum: Wireless Networking
Topic: Why is MikroTik's new product—S+RJ10 10GBASE-T module so cheap?
Replies: 10
Views: 7377

Re: Why is MikroTik's new product—S+RJ10 10GBASE-T module so cheap?

Does anybody know when we will have US availability of these? Can't seem to find them anywhere.
They was just announced a few days back,

You should start seeing them at the suppliers in the coming weeks.
by p3rad0x
Mon Nov 13, 2017 1:12 pm
Forum: Wireless Networking
Topic: building a 1 Gbps wireless link for 2 Kms.
Replies: 10
Views: 3267

Re: building a 1 Gbps wireless link for 2 Kms.

I highly doubt that you will be able to get that kinds of speeds ons 5Ghz. A single airfiber 5 wil max out at about 700Mbps @ 50Mhz/1024QAM modulation. Maybe 2x netmetals at each location could do the job if there is very little noise. I know ubnt has a airfiber 5x hd comming out some time in the fu...
by p3rad0x
Mon Nov 13, 2017 1:04 pm
Forum: Wireless Networking
Topic: Configure a second AP as a slave to the main AP.
Replies: 3
Views: 2516

Re: Configure a second AP as a slave to the main AP.

Hi, The easiest way would be to set the 2 aps to the same ssid and just bridge the wlan and ethernet ports. A possible problem with this config could be that the client devices does not automatically switch to the strongest signal. You will then have to setup capsman and create 2 rules in the access...
by p3rad0x
Thu Nov 09, 2017 12:08 pm
Forum: Wireless Networking
Topic: Unknown MAC connect/disconnect to wireless
Replies: 5
Views: 2275

Re: Unknown MAC connect/disconnect to wireless

Hi,

Someone or something is trying to connect using the incorrect wpa/wpa2 key.

What you could do is add all the wifi devices you trust in the access list and disable default authentication.

Even if someone has your wifi password they wont be able to connect from an unknown device.
by p3rad0x
Wed Nov 08, 2017 12:06 pm
Forum: Wireless Networking
Topic: Problem at routerboard 750Gl
Replies: 1
Views: 714

Re: Problem at routerboard 750Gl

He must maybe clear his browser cache and try again.

Also check if his computer is getting a valid IP address, most probably the issue is with that pc and not the router
by p3rad0x
Wed Nov 08, 2017 11:33 am
Forum: Beginner Basics
Topic: RB3011 throughput?
Replies: 6
Views: 6391

Re: RB3011 throughput?

Hopefully one day when Router OS 7 releases we can have filter rules that spread the load over all cores
by p3rad0x
Wed Nov 08, 2017 11:20 am
Forum: Beginner Basics
Topic: Trying to config no change to ip info winbox drops out wont reconnect
Replies: 2
Views: 970

Re: Trying to config no change to ip info winbox drops out wont reconnect

I think what is happening is that you are causing a network loop as soon as you hit apply on the second unit.

Set them up again, when you hit apply just disconnect one of the units from the switch and check if you are able to see both in ip --> neighbors
by p3rad0x
Wed Nov 08, 2017 11:07 am
Forum: Beginner Basics
Topic: Keeping the Firewallrules simple
Replies: 2
Views: 919

Re: Keeping the Firewallrules simple

Hi, I believe if you block invalid connections on the forward and input chain then all the bogons will be dropped anyway because that bogon connection is not in the connection tracking table(will have to check to make 100% sure) The rules would depend on the amount of traffic and the total client be...
by p3rad0x
Wed Nov 08, 2017 10:43 am
Forum: Beginner Basics
Topic: How do I perform a quick check of listening ports on MikroTik devices?
Replies: 5
Views: 24437

Re: How do I perform a quick check of listening ports on MikroTik devices?

The device will only listen ons ports, 8728 (api), 8729(api-ssl), 21,22,23,8291(winbox) and port 80. (Only if its enabled in Ip --> services)

If allow remote requests is enabled in ip dns the in will listen on port 53 udp.
by p3rad0x
Tue Nov 07, 2017 1:37 pm
Forum: Wireless Networking
Topic: Automatic deletion from registration list WLAN
Replies: 1
Views: 745

Re: Automatic deletion from registration list WLAN

Your best bet is to use capsman for this.

You will be able to set in the access list rules to disconnect a station if the signal goes above -80 for instance
by p3rad0x
Tue Nov 07, 2017 1:09 pm
Forum: Wireless Networking
Topic: Limited Internet Access Issue
Replies: 1
Views: 4338

Re: Limited Internet Access Issue

It would seem like the devices is not leasing a dhcp address.

If it shows limited access. check what ips is on the devices with no access and check if you are able to ping the default gateway
by p3rad0x
Tue Nov 07, 2017 1:02 pm
Forum: Wireless Networking
Topic: NV2 protocol big disappointment
Replies: 24
Views: 7841

Re: NV2 protocol big disappointment

For me NV2 works better in high noise environments then nstream and 802.11. The latest nv2 sync and downlink settings is not the Miracle we where hoping for but a step in the right direction(would be better if I could disable DFS on 6.40.x) If mikrotik can implement some kind of mu-mimo tech into nv...
by p3rad0x
Wed Sep 13, 2017 5:47 pm
Forum: General
Topic: SIP calling issue on RB750Upr2
Replies: 6
Views: 1799

Re: SIP calling issue on RB750Upr2

Hi,

Goto ip --> firewall --> connections and check if the dst address and reply dst address are the same om the connections to the sip server
by p3rad0x
Tue Sep 05, 2017 2:44 pm
Forum: Beginner Basics
Topic: Can't limit wlan
Replies: 4
Views: 1359

Re: Can't limit wlan

Hi,

Try and make your target the bridge interface
by p3rad0x
Wed Aug 09, 2017 1:34 pm
Forum: General
Topic: Suggestion: add route check gateway based on link quality
Replies: 2
Views: 1370

Re: Suggestion: add route check gateway based on link quality

+1

I always need to set my 17ghz microwave links to a fixed modulation otherwise ospf wont switch over when it starts raining.

Links stay connected but they run at 700ms+ and drops a ton of packets
by p3rad0x
Fri Aug 04, 2017 6:01 pm
Forum: General
Topic: CCR 1016 - max bridging performance
Replies: 3
Views: 1671

Re: CCR 1016 - max bridging performance

I think something like a crs125 should be able to work fine, just using the switch group.

you should also be able to filter stp packets under the switch menue
by p3rad0x
Fri Aug 04, 2017 5:51 pm
Forum: Wireless Networking
Topic: PtP Link with 10db difference in chain 0 and 1
Replies: 9
Views: 6633

Re: PtP Link with 10db difference in chain 0 and 1

My advice would be not to connect a dual chain client to a single chain ap
by p3rad0x
Fri Aug 04, 2017 5:43 pm
Forum: Wireless Networking
Topic: v 6.40
Replies: 1
Views: 1115

Re: v 6.40

Hi,

Most probably they changed the regulatory freq range in aus.

Have you tried setting frequency mode to superchannel?
by p3rad0x
Fri Aug 04, 2017 5:42 pm
Forum: Wireless Networking
Topic: RouterBoard 912 Settings
Replies: 1
Views: 877

Re: RouterBoard 912 Settings

Hi,

Try setting your wireless protocol to nstream or nv2.

Make sure that the clients connecting to the ap has theirs set to any.
by p3rad0x
Thu Aug 03, 2017 5:20 pm
Forum: General
Topic: Block websites except for couple users
Replies: 7
Views: 2100

Re: Block websites except for couple users

And if all else fails maybe setup a PC with web filtering software like untangle
by p3rad0x
Thu Aug 03, 2017 5:14 pm
Forum: General
Topic: PPPoE server in rip network
Replies: 4
Views: 1389

Re: PPPoE server in rip network

If possible maybe try using l2tp and authenticate the users to a radius server?
by p3rad0x
Thu Aug 03, 2017 5:10 pm
Forum: General
Topic: High CPU on "networking" process
Replies: 6
Views: 7928

Re: High CPU on "networking" process

Hi, are you using all 8 sfp+ interfaces?

And do you have something like a dhcp server setup on the device or using masquarade for the wan interfaces?
by p3rad0x
Thu Aug 03, 2017 4:50 pm
Forum: Wireless Networking
Topic: Disconnect the antenna
Replies: 2
Views: 830

Re: Disconnect the antenna

ah, I'm assuming the entire network is bridged together?

If you are only starting out with the network you should look at moving over to a routed config.

Its much easier to troubleshoot a issue once it starts on a routed network.
by p3rad0x
Thu Aug 03, 2017 4:44 pm
Forum: Wireless Networking
Topic: DiscLite5 chain polarization
Replies: 5
Views: 1781

Re: DiscLite5 chain polarization

The RB921 with the ubnt card is transmitting at a higher power level then the disc.

Depending on the antenna on the 921 the gain is higher on the 921 side also

That is the reason the 2 chains differ from one another.
by p3rad0x
Thu Aug 03, 2017 4:35 pm
Forum: General
Topic: Hotspot configuration
Replies: 8
Views: 2915

Re: Hotspot configuration

Hi, Do you nat enabled on the 2nd routers wan port?
by p3rad0x
Wed Aug 02, 2017 1:46 pm
Forum: General
Topic: Problem with EoIP Tunnel - Websites not working
Replies: 2
Views: 2139

Re: Problem with EoIP Tunnel - Websites not working

Maybe a MTU issue.

try and add mangle rule that changes the mss of the tcp-syn packets to something below 1500.

I had the same issue after replacing a ccr1036 with a 1072, changing the mss to 1418 solved the issue.
by p3rad0x
Wed Aug 02, 2017 1:43 pm
Forum: General
Topic: EOIP over L2PT issues
Replies: 1
Views: 741

Re: EOIP over L2PT issues

The issue seems to be MTU related.

Usually a eoip tunnel has mtu op 1500 or 1458

lt2p tunnel has 1450 as default mtu.

Try and set the l2tp to 1500 + and give it a test again
by p3rad0x
Wed Aug 02, 2017 1:31 pm
Forum: Wireless Networking
Topic: Layer 2 issues
Replies: 4
Views: 1464

Re: Layer 2 issues

Good day,

Did you check cpu usage on the pppoe server when this starts to happen?
by p3rad0x
Tue Aug 01, 2017 1:17 pm
Forum: General
Topic: Lost 3% ping (2 every 60)
Replies: 8
Views: 3106

Re: Lost 3% ping (2 every 60)

Hi,

Did you check if there is any port flapping on the wireless links?

Its very hard to troubleshoot a problem like this on a bridged network.
by p3rad0x
Wed Jul 26, 2017 6:23 pm
Forum: Wireless Networking
Topic: DynaDish5 P2P 9km link low speed
Replies: 2
Views: 1079

Re: DynaDish5 P2P 9km link low speed

Try and set the channel width to 20Mhz and give it a test like that
by p3rad0x
Wed Jul 19, 2017 12:18 am
Forum: General
Topic: High CPU load when PPPoE sessions disconnects
Replies: 57
Views: 23865

Re: High CPU load when PPPoE sessions disconnects

Hi,

Are you using masquerade?
by p3rad0x
Mon Jul 10, 2017 12:28 pm
Forum: Beginner Basics
Topic: CCR 1072 performance
Replies: 24
Views: 6778

Re: CCR 1072 performance

Hi, I have a similar issue, its not constantly 100 but it spikes when a ppp interface like l2tp tunnel disconnects.

If there is 30+ dc's then 100% and this causes others to dc and worsens the problem
by p3rad0x
Sun Jul 09, 2017 12:29 am
Forum: General
Topic: Cpu usage Spikes when L2TP interfaces disconnect
Replies: 0
Views: 736

Cpu usage Spikes when L2TP interfaces disconnect

Good day, For the past few hours I have been troubleshooting some packet loss to our core router. What happens is the ping to the ccr1072 is 0ms then every 25s it spikes to 700 or times out. The problem seems to be l2tp tunnels disconnecting and it causes one cpu core to spike to 100% usage for abou...
by p3rad0x
Thu May 25, 2017 11:17 am
Forum: Beginner Basics
Topic: Port Utilization or Bandwidth Consumption Report
Replies: 3
Views: 1806

Re: Port Utilization or Bandwidth Consumption Report

You can goto tools --> graphing --> interface rules.

There you can add all the interfaces you want to check.

After that you enter the router ip in your browser and click on graphs
by p3rad0x
Wed May 24, 2017 6:18 pm
Forum: Virtualization
Topic: CHR Spec'ing VMWare Host
Replies: 1
Views: 3018

Re: CHR Spec'ing VMWare Host

+1

Would we nice if MT can run some test with different hardware configs and provide a chart or something with "expected performance"

Or if someone is brave enough to start up 2 CHR instances on amazon AWS with 128vCores and run tests between them
by p3rad0x
Wed May 24, 2017 6:05 pm
Forum: Virtualization
Topic: CHR or CCR1036 12G 4S
Replies: 3
Views: 4471

Re: CHR or CCR1036 12G 4S

CCR 1036 should work just fine for that amount of users.
by p3rad0x
Wed May 24, 2017 6:02 pm
Forum: Virtualization
Topic: Official Support for XenServer
Replies: 1
Views: 2835

Re: Official Support for XenServer

The best will be to install CHR on XenServer and test it yourself.

As far as deploying it in a production environment it wont recommend Xen, it should run fine but you never know when you will run into some strange issue that no one else experiences.
by p3rad0x
Wed May 24, 2017 5:57 pm
Forum: Virtualization
Topic: Recommendations for CHR Specs?
Replies: 2
Views: 3558

Re: Recommendations for CHR Specs?

I'm also planning to get a CHR router up and running for doing BGP. I think the best solution will be any tipe of workstation board with intel nics, supporting VMDq(Virtual machine Device queues). ECC Ram(Normal ones could also work but we want stability) And the host system running VMWare ESXI. I w...
by p3rad0x
Wed May 24, 2017 5:49 pm
Forum: General
Topic: L2TP is disconnect after every 8 hours
Replies: 52
Views: 34402

Re: L2TP is disconnect after every 8 hours

You can try to change the profile from default-encryption to default and test if that solves the issue.

Sometimes the encryption gets out of sync and resulting that the tunnel gets terminated and the reconnects
by p3rad0x
Wed May 24, 2017 5:46 pm
Forum: Beginner Basics
Topic: Full duplex mimo
Replies: 12
Views: 5889

Re: Full duplex mimo

What about a air Fiber24HD?

Only problem will be rain fade
by p3rad0x
Wed May 24, 2017 5:42 pm
Forum: Beginner Basics
Topic: 3 LANs on one router
Replies: 3
Views: 999

Re: 3 LANs on one router

Also make sure that port 1-3 isn't bridged or switched, otherwise the dhcp will be all over the place
by p3rad0x
Wed May 24, 2017 5:36 pm
Forum: Forwarding Protocols
Topic: Best Practice: How to Correct CCR1072 10G capacity 1.8G
Replies: 6
Views: 4850

Re: Best Practice: How to Correct CCR1072 10G capacity 1.8G

ATM RouterOS does not play well with multi threading. It should be fixed in version 7 but who knows when this will be released. The only way past this issues is CHR with a cpu with good single thread performance and high clock speed. eg i7 7700K It will still use 1 cpu but will be much faster. Usual...
by p3rad0x
Wed May 24, 2017 5:23 pm
Forum: Wireless Networking
Topic: Change Regulatory-domain for US device
Replies: 4
Views: 1937

Re: Change Regulatory-domain for US device

Does the US versions support frequency-mode=superchannel ?

If so you can use that instead and manually change the txpower values
by p3rad0x
Wed May 24, 2017 5:21 pm
Forum: General
Topic: VoiP port forward?
Replies: 3
Views: 5910

Re: VoiP port forward?

Port forwarding for a voip server only caused issues in the past for me. Did you specify the dst address in the forwarding rules eg /ip firewall nat add chain=dstnat dst-address=PUBLIC dst-port=5060 protocol=udp action=dstnat to-address=YOURPBX to-ports=5060 A quick fix was to setup a pptp server on...
by p3rad0x
Wed May 24, 2017 5:13 pm
Forum: General
Topic: Unable to bandwidth
Replies: 5
Views: 1738

Re: Unable to bandwidth

Is there anything showing in the log of the router you are testing too?.

I assume you are also running the latest version of ros?
by p3rad0x
Wed May 24, 2017 5:10 pm
Forum: Beginner Basics
Topic: Mikrotik as Hub
Replies: 3
Views: 2140

Re: Mikrotik as Hub

Rater use switching.

double click on ether 2 for example and set master port to port 1

The repeat for port 3-5.

Bridging it will work, but will get you less throughput
by p3rad0x
Wed May 24, 2017 4:22 pm
Forum: Beginner Basics
Topic: Bandwidth limit problem
Replies: 2
Views: 2402

Re: Bandwidth limit problem

Hallo everyone, Then i did a speed test but the limit didnt work, i could see all 26mbps and upload. Is there anyone can help me with this? I was also wondering is there any way to target a range of ip's-clients ? Aris hi, use eg 192.168.0.0/24 in target, then it should queue the entire subnet. Als...
by p3rad0x
Wed May 24, 2017 4:17 pm
Forum: General
Topic: Packet loss on CCR1009
Replies: 3
Views: 1413

Re: Packet loss on CCR1009

Its most most likely a link that is saturated some ware during peak hours causing this.

Like Steveocee said, a traceroute will show you where to start looking for problerms.
by p3rad0x
Wed May 24, 2017 3:55 pm
Forum: Beginner Basics
Topic: DDoS Protecion for CPU Model
Replies: 13
Views: 3809

Re: DDoS Protecion for CPU Model

Does these attacks originate from specific ip subnets?

Maybe blackhole the traffic
viewtopic.php?f=2&t=114664
by p3rad0x
Wed May 24, 2017 3:47 pm
Forum: General
Topic: Metal 52 AC poor performance
Replies: 12
Views: 7231

Re: Metal 52 AC poor performance

Good day,

Also note, the mobile devices you are connecting the the ap may be able the hear the ap, but struggle to talk back because of much lower gain and tx power.
by p3rad0x
Wed May 24, 2017 3:44 pm
Forum: General
Topic: Need a help on PPP service...
Replies: 2
Views: 814

Re: Need a help on PPP service...

Had the same issue with l2tp tunnels.

So i disabled encryption and all of then reconnected fine
by p3rad0x
Wed May 24, 2017 3:39 pm
Forum: General
Topic: Internet become slow when uploading via FTP to Outside network
Replies: 6
Views: 1209

Re: Internet become slow when uploading via FTP to Outside network

Hi,

And welcome to the forum.

First Question.

Is there load-balancing between the 2 dsl connections?

Second Question.

What is the upload speed of the 2 adsl connections and does the ftp upload speed comes close to that?
by p3rad0x
Wed May 24, 2017 3:28 pm
Forum: General
Topic: how can I see RB behind RB?
Replies: 16
Views: 2353

Re: how can I see RB behind RB?

Now the question is, why do you want to see all your routerboards from winbox neighbors? Maybe try this, create eoip tunnels for all the routers outside your computers subnets. Then just add them to the bridge of your router. Winbox should see them in neighbors with no IP's then you can just mac-tel...
by p3rad0x
Wed May 24, 2017 3:20 pm
Forum: General
Topic: Unable to bandwidth
Replies: 5
Views: 1738

Re: Unable to bandwidth

I have ping between the 2 routers both of them have the same user\password\group=full both of them have the same bandwidth-server setting /tool bandwidth-server print enabled: yes authenticate: yes allocate-udp-ports-from: 2000 max-sessions: 100 but after a 1 min~ he say "Can't connect" n...
by p3rad0x
Tue May 23, 2017 2:02 pm
Forum: General
Topic: Combine Multiple src nat rules into one
Replies: 2
Views: 931

Re: Combine Multiple src nat rules into one

Edit 2:

I have removed all the nat rules and started setting up l2tp tunnels to the different subnet.

Seems to have sorted the high cpu load
by p3rad0x
Tue May 23, 2017 7:34 am
Forum: General
Topic: Combine Multiple src nat rules into one
Replies: 2
Views: 931

Re: Combine Multiple src nat rules into one

Edit

I have created all the rules seperately now, but cpu is spiking to 80% and the router occasionally reboots because of a kernal failure
by p3rad0x
Mon May 22, 2017 12:10 pm
Forum: General
Topic: Combine Multiple src nat rules into one
Replies: 2
Views: 931

Combine Multiple src nat rules into one

Good day, I want to add a src nat rule for about 70 unique subnets and route them all over 70 unique public ips in the same subnet eg 10.10.0.0/24 --> 11.11.11.1 10.10.1.0/24 -->11.11.11.2 What is the best way to do this? Can I add one src nat that would nat all the subnets or should I add 70 rules?
by p3rad0x
Tue May 16, 2017 10:41 am
Forum: Beginner Basics
Topic: Block Port
Replies: 3
Views: 1671

Re: Block Port

Is all these blocks on the same bridge interface/switch group?
by p3rad0x
Fri May 12, 2017 12:16 pm
Forum: General
Topic: Firewall rules only using one CPU
Replies: 8
Views: 2730

Re: Firewall rules only using one CPU

So last night I router most of the torrent users over a different service provider.

And guess what.

The new provider also forwarded the abuse mail from IP-Echelon :(
by p3rad0x
Fri May 12, 2017 12:42 am
Forum: General
Topic: Firewall rules only using one CPU
Replies: 8
Views: 2730

Re: Firewall rules only using one CPU

Good day, Recently our upstream provider has been threatening to terminate our service because they have started to receive a metric Sh!t ton of abuse mails from because internet users on the network is downloading illegal torrents, with 5000 customers that's no surprise. Out of pure curiosity... H...
by p3rad0x
Thu May 11, 2017 4:14 pm
Forum: General
Topic: Firewall rules only using one CPU
Replies: 8
Views: 2730

Re: Firewall rules only using one CPU

I use the following Regexp "^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=get /announce\?info_hash=|get /client/bitcomet/|GET /data\?fid=)|d1:ad2:id20:|\x08'7P\)[RP]" It seems to be catching most (not all) of the traffic. I had that rule up for about 2 hours and there was ove...
by p3rad0x
Thu May 11, 2017 2:27 pm
Forum: General
Topic: Firewall rules only using one CPU
Replies: 8
Views: 2730

Firewall rules only using one CPU

Good day, Recently our upstream provider has been threatening to terminate our service because they have started to receive a metric Sh!t ton of abuse mails from because internet users on the network is downloading illegal torrents, with 5000 customers that's no surprise. So i started to setup a met...
by p3rad0x
Thu May 11, 2017 12:01 pm
Forum: General
Topic: How to VoIP
Replies: 3
Views: 1632

Re: How to VoIP

I noticed on the core router when checking the connection tracking, that some of the connections had the Reply dst address of the clients private ip address of their radio and not the public IP where all the voip is router through. Manually closing these seems to fix the issue Is there any filter ru...
by p3rad0x
Tue May 09, 2017 10:25 pm
Forum: General
Topic: How to VoIP
Replies: 3
Views: 1632

How to VoIP

Good day, I hope all can agree with me that voip can be a headache if its starting to give problems. The issue I have happens maybe one in 2 Years where there is a major outage on the network, eg a core router dies ect. Now what happens is most of the clients voip phones loses registration on port 5...