Community discussions

Search found 57 matches

  • 1
  • 2
by ConnectivityEngineer
Thu Mar 28, 2019 7:37 pm
Forum: General
Topic: Running IPv6 on Mikrotik? You're out of business in 12 days time
Replies: 32
Views: 13898

Re: Running IPv6 on Mikrotik? You're out of business in 12 days time

Interesting to say the least. We have quite a number of networks we have deployed IPv6 into. I always wish when things like this happened I knew more to be able to protect our clients - but of course that is the nature of the beast. Hoping Mikrotik can patch the issue. IPArchitects has a decent idea...
by ConnectivityEngineer
Fri Jan 15, 2016 12:38 am
Forum: General
Topic: WISP Monitoring Software
Replies: 2
Views: 825

Re: WISP Monitoring Software

For a simple setup - I suggest you peek at Mikrotik's revamped "The DUDE" Keep in mind - it runs on the router OS itself - and DOES NOT use windows or linux workstations to perform its tasks. I personally like some other solutions - Good Old Nagios, I was using Observium but then read some postings ...
by ConnectivityEngineer
Fri Jan 15, 2016 12:29 am
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!
Replies: 19
Views: 5831

Re: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!

YUP - kick but router ... but when I am working with enterprise customers who are demanding some options -I do not have a choice. On the other hand - when dealing with a large portion of our customer base - they get a Mikrotik EVERY time... not only because of cost - but because it is an easy system...
by ConnectivityEngineer
Tue Dec 29, 2015 5:11 pm
Forum: Beginner Basics
Topic: Adblocking on routeros
Replies: 7
Views: 6231

Re: Adblocking on routeros

Good Point ZeroByte

Joshaven has a great solution for some RBL's - i run locally to verify myself - and the above solution works -
Needs to get tweaked for v6 i think however
by ConnectivityEngineer
Tue Dec 29, 2015 4:32 pm
Forum: Beginner Basics
Topic: Adblocking on routeros
Replies: 7
Views: 6231

Re: Adblocking on routeros

While you will need to tweak this to your liking - might try using the script below which pulls from the blocklister.gefoo.org lists Keep in mind... Thousands of entries in the firewall CAN create a slow internet experience if Every Packet has to go through it. To that end - might decide to edit the...
by ConnectivityEngineer
Tue Dec 29, 2015 12:33 pm
Forum: General
Topic: Bandwidth management on home network
Replies: 5
Views: 1515

Re: Bandwidth management on home network

This thread (see the end ) has a decent script if your comfortable playing in that arena http://forum.mikrotik.com/viewtopic.php?t=87219 I personally like Queue Trees better - because the system (at least it was like this on version 5 of RouterOS not sure on RouterOS 6.x) goes through every simple q...
by ConnectivityEngineer
Tue Dec 29, 2015 12:27 pm
Forum: General
Topic: Bandwidth management on home network
Replies: 5
Views: 1515

Re: Bandwidth management on home network

Few methods - easiest if you are unsure how to operate Queues is to simply assign Simple Queues This can be done a few ways - just limit how much bandwidth each system is given via DHCP - and then static your own and set your priority to be 1 where theirs would be placed at the back end - and given ...
by ConnectivityEngineer
Tue Dec 29, 2015 12:04 pm
Forum: RouterBOARD hardware
Topic: FCC Certification
Replies: 4
Views: 910

Re: FCC Certification

Let me first say - IT WAS NOT the trainer. He actually stated he thought they were - but I figured let me ask. Butch Evans normally steers folks in the right direction... but I felt it was wise to ask just in case especially since we have more companies beginning to use our services daily to support...
by ConnectivityEngineer
Tue Dec 29, 2015 11:59 am
Forum: General
Topic: How add address List From The TXT File to Firewall Address List
Replies: 4
Views: 1077

Re: How add address List From The TXT File to Firewall Address List

One other note: you might want to check out the script from Joshaven. http://joshaven.com/resources/tricks/mikrotik-automatically-updated-address-list/ Blocking known bad guys from even getting THROUGH your router is a great start :-) We mirror the lists he wgets and creates as well http://connectiv...
by ConnectivityEngineer
Tue Dec 29, 2015 11:42 am
Forum: General
Topic: How add address List From The TXT File to Firewall Address List
Replies: 4
Views: 1077

Re: How add address List From The TXT File to Firewall Address List

I would suggest asking in the thread you posted - especially since it appears the author may be in the thread. I would also however suggest a much different approach. Allowing Access TO your router should Only happen if you know WHO IS COMING Allowing Access THROUGH Your Router on the other hand is ...
by ConnectivityEngineer
Thu Dec 24, 2015 8:43 am
Forum: General
Topic: CPU Usage Very High For www Profile
Replies: 5
Views: 1019

Re: CPU Usage Very High For www Profile

Few things to help us on the forums who volunteer to help you: 1. Mind posting your config? (and please remember to strip out External IP addresses as needed for security reasons) 2. This is an RB951 - how many users are connecting and running through the system? I am wondering if it is a limit due ...
by ConnectivityEngineer
Thu Dec 24, 2015 8:32 am
Forum: General
Topic: Atheros AR8151
Replies: 1
Views: 473

Re: Atheros AR8151

Great Question: http://cateee.net/lkddb/web-lkddb/NET_VENDOR_ATHEROS.html shows that vendor: 1969 ("Qualcomm Atheros"), device: 1073 ("AR8151 v1.0 Gigabit Ethernet") vendor: 1969 ("Qualcomm Atheros"), device: 1083 ("AR8151 v2.0 Gigabit Ethernet") Are supported in Linux Kernels 3.17–3.19, 4.0–4.2, 4....
by ConnectivityEngineer
Thu Dec 24, 2015 4:34 am
Forum: General
Topic: Bridge ports packet loss
Replies: 6
Views: 1426

Re: Bridge ports packet loss

Interesting thats for sure.

You could make sure to change the TTL for icmp
/ip firewall mangle add chain=prerouting out-interface=!ether1 action=change-ttl new-ttl=set:64 passthrough=yes  
where ether1 is the interface in question (tune to your hearts desire in other words )
by ConnectivityEngineer
Thu Dec 24, 2015 4:23 am
Forum: General
Topic: DHCP static lease disappears !!!
Replies: 4
Views: 735

Re: DHCP static lease disappears !!!

Good Question - I have seen this happen - on a few different Tik Versions - and this has been the fix.

I know bit odd - but give it a shot.
by ConnectivityEngineer
Tue Dec 22, 2015 1:02 pm
Forum: Scripting
Topic: [SOLVED] Netwatch via API (php)
Replies: 5
Views: 1494

Re: Netwatch via API (php)

I am sitting waiting another train - however - this link might help you as well...

https://github.com/pear2/Net_RouterOS/wiki
by ConnectivityEngineer
Tue Dec 22, 2015 12:58 pm
Forum: Scripting
Topic: [SOLVED] Netwatch via API (php)
Replies: 5
Views: 1494

Re: Netwatch via API (php)

found this as well: http://wiki.mikrotik.com/wiki/API_PHP_package#Ping_from_router <?php use PEAR2\Net\RouterOS; require_once 'PEAR2/Autoload.php'; if (isset($_GET['act'])) {//This is merely to ensure the form was submitted. //Adjust RouterOS IP, username and password accordingly. $client = new Rout...
by ConnectivityEngineer
Tue Dec 22, 2015 12:53 pm
Forum: Scripting
Topic: repository for scripts
Replies: 4
Views: 847

Re: repository for scripts

The easiest way is to simply setup a shared file location on a webserver Then run /tool fetch url=http://yourdomain.com/files/data.txt[code] Every script I run also has the following at the top [code] # Printing local time for Log purposes ... :local CurrentTime [/system clock get time]; :log warnin...
by ConnectivityEngineer
Tue Dec 22, 2015 11:29 am
Forum: Scripting
Topic: [SOLVED] Netwatch via API (php)
Replies: 5
Views: 1494

Re: Netwatch via API (php)

What you could do is setup a script so when netwatch on the host finds it is down send an snmp trap to Zabbix. We stopped using Zabbix because of the lack of dependencies AND thinks like this (admit its been a few years) Just our usage case... Anyhow - You can setup a trigger prototype using the "no...
by ConnectivityEngineer
Tue Dec 22, 2015 10:48 am
Forum: General
Topic: DHCP lease assigned based on agent-circuit-id
Replies: 2
Views: 674

Re: DHCP lease assigned based on agent-circuit-id

Most likely the ONU is NOT passing this data upstream to the DHCP server. By definition a Layer 2 CPE does not have any Layer 3 capabilities (well depending upon your system it may allow communication with the captive portal for entering the Registration ID The issue is that your looking for the ONU...
by ConnectivityEngineer
Tue Dec 22, 2015 10:31 am
Forum: The User Manager
Topic: Multiple usermanager customers and hotspots on same router
Replies: 3
Views: 4745

Re: Multiple usermanager customers and hotspots on same router

Rather than retyping - this should help. In short - each location gets their own network. https://aacable.wordpress.com/2012/11/21/different-login-page-for-multiple-network-on-mikrotik-hotspot/ Does not matter if that interface is a Wireless or Wired @ that point. The option to allow or not allow wo...
by ConnectivityEngineer
Tue Dec 22, 2015 10:28 am
Forum: General
Topic: how connect two usermanger mikrotik
Replies: 1
Views: 240

Re: how connect two usermanger mikrotik

Best solution - run Radius.

Technically there are work arounds - however they take a bit of scripting AND are not bulletproof.

Radius will do exactly what your looking for Mikrotik has a decent writeup available here: http://wiki.mikrotik.com/wiki/RouterOs_MySql_Freeradius
by ConnectivityEngineer
Tue Dec 22, 2015 10:24 am
Forum: General
Topic: DHCP static lease disappears !!!
Replies: 4
Views: 735

Re: DHCP static lease disappears !!!

Check the Lease time: If set to 0s lease will never expire, if not - then after it expires it will drop.

This might help: http://wiki.mikrotik.com/wiki/Manual:IP ... figuration
by ConnectivityEngineer
Tue Dec 22, 2015 10:16 am
Forum: General
Topic: CCR1036 and mirror ports
Replies: 3
Views: 2334

Re: CCR1036 and mirror ports

If you add the port you wish to monitor to a bridge - and then add another port to the bridge the second port on the bridge will act like a mirrored port. I know its a bit clunky - however since there are NO SWITCH CHIPS in the Cloud Core Router series - this is the work around if you need something...
by ConnectivityEngineer
Tue Dec 22, 2015 10:09 am
Forum: The User Manager
Topic: how connect two router board to the same radius server by internet
Replies: 2
Views: 1366

Re: how connect two router board to the same radius server by internet

Hello - Sorry I think the community is a bit stuck trying to figure out what you are asking. So lets start by answering the question that we think you asked - and then if not - having you restate the question. To set a Mikrotik to utilize a Radius Server - you simply go to the Radius menu and enter ...
by ConnectivityEngineer
Tue Dec 22, 2015 9:55 am
Forum: Forwarding Protocols
Topic: pppoe over mpls/vpls mtu?
Replies: 1
Views: 1404

Re: pppoe over mpls/vpls mtu?

Forwarding labeled packets is quite different from forwarding IP packets in that not only is the IP lookup replaced with a lookup of the label in the label forwarding information base (LFIB) but different label operations are also possible. All IPv4 packets have one or more labels. This does imply t...
by ConnectivityEngineer
Tue Dec 22, 2015 9:48 am
Forum: General
Topic: NetCut issue..
Replies: 2
Views: 650

Re: NetCut issue..

Hope things are going well. Sadly we do not know how your hotspot is setup - SO it is a bit difficult to give you a clear answer. Andrew COX wrote a decent script for making sure users are limited to specific bandwidth settings. So might want to try this (of course edit to your needs) Andrew's is pa...
by ConnectivityEngineer
Tue Dec 22, 2015 9:36 am
Forum: General
Topic: Mikrotik RB with thunder cache
Replies: 1
Views: 1705

Re: Mikrotik RB with thunder cache

You need to redirect port80 for the PPPoE users to the web proxy - since the PPPoE users basically create a dynamic interface - this might be part of the issue. Instead of working on an interface I would much rather work from an IP range. This is especially true if you wish in the future to have som...
by ConnectivityEngineer
Tue Dec 22, 2015 9:25 am
Forum: General
Topic: Slow download speeds
Replies: 1
Views: 855

Re: Slow download speeds

Without knowing your specific setup it is hard to say. What other jobs (if any) is the Mikrotik performing. Do you have any layer7 rules running, Firewall rules? etc Are the connections working as they should - (ie autonegotiate for interfaces working) If you have a 1/2 duplex or similar issue on a ...
by ConnectivityEngineer
Tue Dec 22, 2015 9:22 am
Forum: Beginner Basics
Topic: ccr1072 performance and ping lose
Replies: 2
Views: 1096

Re: ccr1072 performance and ping lose

Simple Queues are exactly that - Simple. You may need to expand a bit pass the simple Queues. Traffic is most likely (depending on your setup) still First In / First Out /ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=ICMP_PING passthrough=yes protocol=icmp add ch...
by ConnectivityEngineer
Tue Dec 22, 2015 9:18 am
Forum: General
Topic: Forcing out interface based on internal IP address
Replies: 4
Views: 684

Re: Forcing out interface based on internal IP address

This is done via Policy Based Routing

Butch Evans has an excellent blog posting on this - http://blog.butchevans.com/2008/09/mikr ... n-example/rather than me retyping all this stuff over.

If your US Based - I suggest checking out Butch's Training Sessions as well.
by ConnectivityEngineer
Tue Dec 22, 2015 9:14 am
Forum: General
Topic: What did a do wrong
Replies: 3
Views: 483

Re: What did a do wrong

Awesome. Thanks for updating the forum - far to often folks keep threads hanging !

+1 for your reputation :-)
by ConnectivityEngineer
Tue Dec 22, 2015 9:13 am
Forum: RouterBOARD hardware
Topic: System freez or hang when I reboot the router
Replies: 3
Views: 789

Re: System freez or hang when I reboot the router

Did you get this figured out?
:?
by ConnectivityEngineer
Tue Dec 22, 2015 9:12 am
Forum: General
Topic: Dns Problem?
Replies: 6
Views: 1013

Re: Dns Problem?

servers: 8.8.8.8 dynamic-servers: 10.90.5.1,8.8.8.8,78.136.107.50 allow-remote-requests: no That last line basically is making it so that the LOCAL system IS NOT answering requests for DNS You might need to enable that - and then create the firewall rules as needed. I will test in a lab tomorrowish ...
by ConnectivityEngineer
Tue Dec 22, 2015 9:07 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Don't upgrading RB3011 to 6.34rc20
Replies: 3
Views: 1420

Re: Don't upgrading RB3011 to 6.34rc20

RC = release Candidate ... (which I am thinking you know)

Can you let us know what happens when you get a console cable connected?
by ConnectivityEngineer
Tue Dec 22, 2015 9:04 am
Forum: Beginner Basics
Topic: Restoring Windows 7 PC
Replies: 1
Views: 331

Re: Restoring Windows 7 PC

This most likely is FAR outside of the support of this forum.... especially because Installing the Dude Client WILL NOT wipe your hard drive. In any event - let's try helping you here: I would suggest first looking into the BIOS of the machine and seeing if there is an option to boot from the hard d...
by ConnectivityEngineer
Tue Dec 22, 2015 9:01 am
Forum: Beginner Basics
Topic: Mikrotik and provider 1und1 (resolved)
Replies: 4
Views: 1023

Re: Mikrotik and provider 1und1 (resolved)

quick note of thanks: Far to often folks DO NOT update their requests to let folks know they found a solution... +1
by ConnectivityEngineer
Tue Dec 22, 2015 9:00 am
Forum: General
Topic: Preformance issues on RB750
Replies: 5
Views: 711

Re: Preformance issues on RB750

Generally speaking the RB750 is a decent product - and it even supports MPLS as shown here: http://routerboard.com/RB750 Just the other night we had a customer call into our Mikrotik TAC complaining their systems were dropping and locking up (we blogged here about it: http://connectivity.engineer/ne...
by ConnectivityEngineer
Tue Dec 22, 2015 8:42 am
Forum: General
Topic: Spamhous list implementation
Replies: 3
Views: 664

Re: Spamhaus list implementation

Joshaven is TOP NOTCH. I have met him personally, done dinner etc with his family. He knows his stuff !!! I would however suggest you use his script BUT pull the data into / from your own source. WHY? because if his server ever were to go offline - simply said - your solution would STOP working If y...
by ConnectivityEngineer
Tue Dec 22, 2015 8:38 am
Forum: General
Topic: RADIUS hotspot page 404 not found
Replies: 3
Views: 1649

Re: RADIUS hotspot page 404 not found

You should be able to do this - as long as a few things are in place.

1. If your using 2 different networks and place one in HotSpot mode - than only that network would require the hotspot...
2. Is the Radius Server authentication working?

What if anything is showing in the logs
by ConnectivityEngineer
Tue Dec 22, 2015 8:37 am
Forum: General
Topic: 2 lan 1 wan
Replies: 1
Views: 815

Re: 2 lan 1 wan

Can you please post the output of your config ?

Chances are there is a missing rule allowing your NAT to work.



If you visit the terminal just paste the output from these commands
/ip address export 
 /ip route export 
/ip firewall export 
by ConnectivityEngineer
Tue Dec 22, 2015 8:31 am
Forum: General
Topic: Bridge ports packet loss
Replies: 6
Views: 1426

Re: Bridge ports packet loss

Are you using AP Bridge mode? or ?
by ConnectivityEngineer
Tue Dec 22, 2015 8:28 am
Forum: General
Topic: PeakFlow SP SNMP Issues
Replies: 2
Views: 543

Re: PeakFlow SP SNMP Issues

I am not using the Arbor Networks product any longer - however - might want to see what you have setup in RouterOS first. /snmp> print I know I needed to provide some MIBs back in the day - If needed - you might need to add the MIB as well You can grab the MIB from here http://download2.mikrotik.com...
by ConnectivityEngineer
Tue Dec 22, 2015 8:23 am
Forum: General
Topic: HMA VPN DDoS Botnet Complaint
Replies: 1
Views: 487

Re: HMA VPN DDoS Botnet Complaint

Simple Firewall Rules for the VPN should work. I do not see your setup - so it is a bit difficult to figure out where the fault 100% is. Are you allowing Anyone to access your router and then use it ? (even by accident? ) Be happy to view your config if needed - chances are someone or something is u...
by ConnectivityEngineer
Tue Dec 22, 2015 8:13 am
Forum: General
Topic: DNS Settings DNS server behaviour
Replies: 4
Views: 556

Re: DNS Settings DNS server behaviour

Round Robin.

While I wondered the same thing - I just did a sniff on port 53 traffic - and sure enough - appeared to be round robin.
by ConnectivityEngineer
Tue Dec 22, 2015 8:10 am
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!
Replies: 19
Views: 5831

Re: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!

IS-IS I do not believe is supported even in the latest Kernel by default (i might be wrong on that one however)- At present this would require Mikrotik to do some very heavy lifting creating a ISO protocol stack - ISO addressing - CLNS etc. Here is a start - https://git.netdef.org/projects/OSR/repos...
by ConnectivityEngineer
Sun Dec 20, 2015 5:23 am
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!
Replies: 19
Views: 5831

Re: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!

until some things like IS-IS are supported - Cisco and other vendors still must be part of many providers portfolios :-(

This is NOT Mikrotik's fault however - IS-IS is not supported in the Kernel
by ConnectivityEngineer
Sun Dec 20, 2015 12:31 am
Forum: The Dude
Topic: I cannot find the dude on mikrotik.com, Have you guys deleted by anyhow?
Replies: 1
Views: 888

Re: I cannot find the dude on mikrotik.com, Have you guys deleted by anyhow?

On Friday 18th - The Dude was Re-Released.
Note - there is NO LONGER A WINDOWS SERVER VERSION

(there is a windows client however)

Visit this link http://forum.mikrotik.com/viewtopic.php?f=8&t=102772 for additional details.
by ConnectivityEngineer
Sun Dec 20, 2015 12:29 am
Forum: General
Topic: Mac address 00:00:00:00:00:00
Replies: 2
Views: 2099

Re: Mac address 00:00:00:00:00:00

Do you have WDS enabled on both AP's?
This should help .

Also - you could create a MAC filter and block the 00:00.... and see WHAT stops
  • 1
  • 2