Community discussions

Search found 25 matches

by alaskanjackal
Tue Jul 31, 2018 7:34 pm
Forum: General
Topic: Setting up a VLAN that bypasses NAT/Firewall
Replies: 14
Views: 1349

Re: Setting up a VLAN that bypasses NAT/Firewall

Ehm... I must have been sleeping. Extend /interface bridge vlan add bridge=bridge1 tagged=bridge1 untagged=ether1 vlan-ids=10 to /interface bridge vlan add bridge=bridge tagged=bridge1 ,ether3 untagged=ether1 vlan-ids=10 (or you may add the other ports to the tagged list if you need). Background: i...
by alaskanjackal
Tue Jul 31, 2018 7:57 am
Forum: General
Topic: Setting up a VLAN that bypasses NAT/Firewall
Replies: 14
Views: 1349

Re: Setting up a VLAN that bypasses NAT/Firewall

While you have missed some points in the L3 part, the fact that the L2 one doesn't perform as expected is due to my stupidity, not yours. I was suspecting that the access/hybrid ports won't be that easy but I should have looked into it more. No worries! I'm just glad you're taking the time to help ...
by alaskanjackal
Mon Jul 30, 2018 5:05 am
Forum: General
Topic: Setting up a VLAN that bypasses NAT/Firewall
Replies: 14
Views: 1349

Re: Setting up a VLAN that bypasses NAT/Firewall

Combining the two methods certainly wasn't my intent! I was actually trying to follow yours...but like I said before, I'm just lost at how bridges and VLANs worth together. :) Anyway, I decided to reset my config to factory default and then try to implement what you suggested in your latest post. Un...
by alaskanjackal
Sun Jul 29, 2018 1:42 am
Forum: General
Topic: Setting up a VLAN that bypasses NAT/Firewall
Replies: 14
Views: 1349

Re: Setting up a VLAN that bypasses NAT/Firewall

OK, I'll just post my config after trying to implement sindy's suggestions here so you guys can all laugh at me. Of course it didn't work, but I just can't make heads or tails of it. I'm having trouble understanding how the /interface bridge vlan stuff plays with the /interface vlan stuff (and if it...
by alaskanjackal
Sun Jul 29, 2018 12:57 am
Forum: General
Topic: Setting up a VLAN that bypasses NAT/Firewall
Replies: 14
Views: 1349

Re: Setting up a VLAN that bypasses NAT/Firewall

My setup originates from pre-6.41 times so it's kinda mess when you look st it from post 6.42 perspective. Therefore I'm hesitant to post my config. Anyhow, I deal with VLANs in /interface ethernet switch (both in port and vlan). The only VLAN related stuff I do on bridge is creation of vlan interf...
by alaskanjackal
Sat Jul 28, 2018 8:17 pm
Forum: General
Topic: Setting up a VLAN that bypasses NAT/Firewall
Replies: 14
Views: 1349

Re: Setting up a VLAN that bypasses NAT/Firewall

Wow, thanks for the replies. I was thinking nothing had happened because I hadn't gotten any email alerts from the forum, so I was surprised to log in today and see! Right, and thanks for the ASCII art to help clarify what the set-up should be. I think I was conceptually close. A couple of points: -...
by alaskanjackal
Sat Jul 28, 2018 2:48 am
Forum: General
Topic: Setting up a VLAN that bypasses NAT/Firewall
Replies: 14
Views: 1349

Setting up a VLAN that bypasses NAT/Firewall

Been playing with this and reading all about VLANs for the last two hours and making no headway. My ISP engages in CGNAT, so it will hand out as many IP addresses as I ask for. (I.e., if I swap my hEX for a plain-jane switch, all of my devices will get their own IP addresses handed out by my ISP's D...
by alaskanjackal
Tue Apr 24, 2018 2:27 am
Forum: General
Topic: Blocking P2P traffic & scheduling access
Replies: 6
Views: 3351

Re: Blocking P2P traffic & scheduling access

be careful with config with from this presentation - it works very good (no matter what torrent client, en-scripted or not). but it have one big minus - if your have a device with not enough memory (RAM) you will run out of it rather fast (at the end of presentation there is some information about ...
by alaskanjackal
Fri Feb 23, 2018 7:12 pm
Forum: General
Topic: traceroute when 5+ consecutive hops timeout
Replies: 2
Views: 595

Re: traceroute when 5+ consecutive hops timeout

You can make an firewall rule which catches those packets from your IP to ISP LAN and redirects to your own router. I didn't knew the traceroute stops after 5 failures. Thanks. OK, so going with the nugget I gleaned from your advice, I set up a Mangle rule on the Output chain to change the TTL of a...
by alaskanjackal
Thu Feb 22, 2018 10:40 pm
Forum: General
Topic: traceroute when 5+ consecutive hops timeout
Replies: 2
Views: 595

traceroute when 5+ consecutive hops timeout

One of my Mikrotiks is behind an ISP that hides all of its routers from traceroutes from devices on their network (stupid, but whatever). Since there are six hops between that device and the ISP's upstream (the first place that responds to ICMP pings) and the Mikoritik /tool traceroute tool will aut...
by alaskanjackal
Tue Feb 20, 2018 8:40 am
Forum: General
Topic: Public-Mikrotik-Bandwidth-Test-Server(s)
Replies: 577
Views: 426907

Re: Public-Mikrotik-Bandwidth-Test-Server(s)

Just a friendly reminder that my connect is a home connection and not related to any business. I've always been curious--how on earth do you have a 10G connection at home?! :O Or at least that's what TomJ's post #1 in this thread implies. IIRC somewhere in this thread it was speculated that you hav...
by alaskanjackal
Wed Jan 17, 2018 7:15 am
Forum: General
Topic: Public-Mikrotik-Bandwidth-Test-Server(s)
Replies: 577
Views: 426907

Re: Public-Mikrotik-Bandwidth-Test-Server(s)

Try udp protocol. I did try both TCP and UDP on both planetcoop and tomj's...no go. Not a big deal, though. But I may pop back by when the local MDU ISP that manages the complex turns IPv6 on (they assure me it's soon) to do some IPv6 speed/peering testing. :) So it does seem that being behind NAT ...
by alaskanjackal
Sun Dec 24, 2017 2:56 am
Forum: General
Topic: Public-Mikrotik-Bandwidth-Test-Server(s)
Replies: 577
Views: 426907

Re: Public-Mikrotik-Bandwidth-Test-Server(s)

Try udp protocol.
I did try both TCP and UDP on both planetcoop and tomj's...no go.

Not a big deal, though. But I may pop back by when the local MDU ISP that manages the complex turns IPv6 on (they assure me it's soon) to do some IPv6 speed/peering testing. :)
by alaskanjackal
Sat Dec 23, 2017 6:20 am
Forum: General
Topic: Public-Mikrotik-Bandwidth-Test-Server(s)
Replies: 577
Views: 426907

Re: Public-Mikrotik-Bandwidth-Test-Server(s)

I can't get through (to either you or Tom J's, oddly); just unable to connect. It works from another device on a different network I have access to. I have a new 1gbps symmetrical connection I'd like to test. IP address is 38.131.218.243 -- is it blocked on your end, perhaps? The last test i saw wa...
by alaskanjackal
Fri Dec 22, 2017 7:25 pm
Forum: General
Topic: Public-Mikrotik-Bandwidth-Test-Server(s)
Replies: 577
Views: 426907

Re: Public-Mikrotik-Bandwidth-Test-Server(s)

I can't get through (to either you or Tom J's, oddly); just unable to connect. It works from another device on a different network I have access to.

I have a new 1gbps symmetrical connection I'd like to test. IP address is 38.131.218.243 -- is it blocked on your end, perhaps?
by alaskanjackal
Wed Apr 12, 2017 6:15 am
Forum: Beginner Basics
Topic: Use RouterOS as DNS server
Replies: 15
Views: 75083

Re: Use RouterOS as DNS server

Because you are caching the responses, your clients won't suffer from bad performance even if your ISP's DNS isn't good. But I do recommend using your ISPs DNS server because most CDNs relies on the IP address that made the DNS request in order to route you to the closest edge server. So using Goog...
by alaskanjackal
Mon Apr 10, 2017 6:36 am
Forum: Wireless Networking
Topic: Mikrotik WISPs: Where?
Replies: 96
Views: 48367

Re: Mikrotik WISPs: Where?

The WISP that serves my family's home on the Central Coast of California is a Mikrotik shop: http://www.surfnetusa.com/ That said, the tech who did the installation claimed he wasn't familiar with our gateway device. It's a hAP AC. Slightly scary. (I wasn't present for the install or I would have in...
by alaskanjackal
Fri Mar 24, 2017 10:11 am
Forum: General
Topic: Strict priority queue
Replies: 39
Views: 11795

Re: Strict priority queue

I was also thinking about creating a script that uses the bandwidth test tool to check bandwidth between 2 RB's every x minutes and adept the max-limit of the queues dynamically but this isn't a solid and good solution. Inspired by cFosSpeed, I see a clear way to implement something in RouterOS. Th...
by alaskanjackal
Fri Mar 24, 2017 9:38 am
Forum: General
Topic: CoDel support?
Replies: 45
Views: 13539

Re: CoDel support?

Still nothing? Count my vote in.
by alaskanjackal
Mon Mar 20, 2017 1:12 am
Forum: Beginner Basics
Topic: Using RouterOS to prioritize (Qos) traffic for a Class C net
Replies: 111
Views: 187164

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

alaskanjackal, Would you mind sharing your new script? (My mail: mrjurek@poczta.onet.pl) Thanks. Sorry for my long absence here. Here's an updated version of the script (from another device I have deployed, so I think the interface names might be different than my first script and the connection sp...
by alaskanjackal
Fri Oct 02, 2015 10:06 pm
Forum: General
Topic: Connection Rate not work on RB951-2n
Replies: 6
Views: 1372

Re: Connection Rate not work on RB951-2n

I'm seeing this, too. Dropped the connection-rate parameter from a Mangle rule and it properly marks the traffic. Add it back in and the traffic is not marked (despite being within the connection-rate parameters).

It does seem to be a bug to me, too.
by alaskanjackal
Fri Oct 02, 2015 10:03 pm
Forum: Beginner Basics
Topic: Using RouterOS to prioritize (Qos) traffic for a Class C net
Replies: 111
Views: 187164

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

connection-rate is broken from firmware 6.28 and after. i dont understand why mikrotik dont fix it. http://forum.mikrotik.com/viewtopic.php?f=1&t=100877&p=501644&hilit=connection+rate#p501644 downgrade to 6.28 and you will see that it works! thank you for the nice qos script Thanks. I dropped the c...
by alaskanjackal
Wed Sep 30, 2015 2:00 am
Forum: Beginner Basics
Topic: Using RouterOS to prioritize (Qos) traffic for a Class C net
Replies: 111
Views: 187164

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

OK, so I just did a 1-hour long test (playing music through the line) while completely saturating my connection with multiple concurrent speed tests, uploads, downloads, and several very large Linux torrents going at once, and aside from one 20-second episode during the whole hour of some lightly ch...
by alaskanjackal
Tue Sep 29, 2015 8:35 pm
Forum: Beginner Basics
Topic: Using RouterOS to prioritize (Qos) traffic for a Class C net
Replies: 111
Views: 187164

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

dear "alaskanjackal" giving higher priority to udp packets is not good when u download torrents, right? i think i will place them under http_big Perhaps not. I don't (often) torrent, so that isn't a concern. But that was in pcunite's original script, and while prioritizing UDP traffic like that wou...
by alaskanjackal
Tue Sep 29, 2015 1:57 pm
Forum: Beginner Basics
Topic: Using RouterOS to prioritize (Qos) traffic for a Class C net
Replies: 111
Views: 187164

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

I spent a gazillion hours tonight Googling and working through a bunch of different threads on the topic of QOS. (I'm new to Mikrotik and was going to wade in slowly, but I encountered some choppy voice on a test call today and thought I'd try to clean that up.) I started with the script posted upth...