Community discussions

Search found 57 matches

by ConnectivityEngineer
Thu Mar 28, 2019 7:37 pm
Forum: General
Topic: Running IPv6 on Mikrotik? You're out of business in 12 days time
Replies: 32
Views: 15457

Re: Running IPv6 on Mikrotik? You're out of business in 12 days time

Interesting to say the least. We have quite a number of networks we have deployed IPv6 into. I always wish when things like this happened I knew more to be able to protect our clients - but of course that is the nature of the beast. Hoping Mikrotik can patch the issue. IPArchitects has a decent idea...
by ConnectivityEngineer
Fri Jan 15, 2016 12:38 am
Forum: General
Topic: WISP Monitoring Software
Replies: 2
Views: 888

Re: WISP Monitoring Software

For a simple setup - I suggest you peek at Mikrotik's revamped "The DUDE" Keep in mind - it runs on the router OS itself - and DOES NOT use windows or linux workstations to perform its tasks. I personally like some other solutions - Good Old Nagios, I was using Observium but then read some postings ...
by ConnectivityEngineer
Fri Jan 15, 2016 12:29 am
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!
Replies: 19
Views: 6029

Re: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!

YUP - kick but router ... but when I am working with enterprise customers who are demanding some options -I do not have a choice. On the other hand - when dealing with a large portion of our customer base - they get a Mikrotik EVERY time... not only because of cost - but because it is an easy system...
by ConnectivityEngineer
Tue Dec 29, 2015 5:11 pm
Forum: Beginner Basics
Topic: Adblocking on routeros
Replies: 7
Views: 6609

Re: Adblocking on routeros

Good Point ZeroByte

Joshaven has a great solution for some RBL's - i run locally to verify myself - and the above solution works -
Needs to get tweaked for v6 i think however
by ConnectivityEngineer
Tue Dec 29, 2015 4:32 pm
Forum: Beginner Basics
Topic: Adblocking on routeros
Replies: 7
Views: 6609

Re: Adblocking on routeros

While you will need to tweak this to your liking - might try using the script below which pulls from the blocklister.gefoo.org lists Keep in mind... Thousands of entries in the firewall CAN create a slow internet experience if Every Packet has to go through it. To that end - might decide to edit the...
by ConnectivityEngineer
Tue Dec 29, 2015 12:33 pm
Forum: General
Topic: Bandwidth management on home network
Replies: 5
Views: 1614

Re: Bandwidth management on home network

This thread (see the end ) has a decent script if your comfortable playing in that arena http://forum.mikrotik.com/viewtopic.php?t=87219 I personally like Queue Trees better - because the system (at least it was like this on version 5 of RouterOS not sure on RouterOS 6.x) goes through every simple q...
by ConnectivityEngineer
Tue Dec 29, 2015 12:27 pm
Forum: General
Topic: Bandwidth management on home network
Replies: 5
Views: 1614

Re: Bandwidth management on home network

Few methods - easiest if you are unsure how to operate Queues is to simply assign Simple Queues This can be done a few ways - just limit how much bandwidth each system is given via DHCP - and then static your own and set your priority to be 1 where theirs would be placed at the back end - and given ...
by ConnectivityEngineer
Tue Dec 29, 2015 12:04 pm
Forum: RouterBOARD hardware
Topic: FCC Certification
Replies: 4
Views: 956

Re: FCC Certification

Let me first say - IT WAS NOT the trainer. He actually stated he thought they were - but I figured let me ask. Butch Evans normally steers folks in the right direction... but I felt it was wise to ask just in case especially since we have more companies beginning to use our services daily to support...
by ConnectivityEngineer
Tue Dec 29, 2015 11:59 am
Forum: General
Topic: How add address List From The TXT File to Firewall Address List
Replies: 4
Views: 1220

Re: How add address List From The TXT File to Firewall Address List

One other note: you might want to check out the script from Joshaven. http://joshaven.com/resources/tricks/mikrotik-automatically-updated-address-list/ Blocking known bad guys from even getting THROUGH your router is a great start :-) We mirror the lists he wgets and creates as well http://connectiv...
by ConnectivityEngineer
Tue Dec 29, 2015 11:42 am
Forum: General
Topic: How add address List From The TXT File to Firewall Address List
Replies: 4
Views: 1220

Re: How add address List From The TXT File to Firewall Address List

I would suggest asking in the thread you posted - especially since it appears the author may be in the thread. I would also however suggest a much different approach. Allowing Access TO your router should Only happen if you know WHO IS COMING Allowing Access THROUGH Your Router on the other hand is ...
by ConnectivityEngineer
Thu Dec 24, 2015 8:43 am
Forum: General
Topic: CPU Usage Very High For www Profile
Replies: 5
Views: 1107

Re: CPU Usage Very High For www Profile

Few things to help us on the forums who volunteer to help you: 1. Mind posting your config? (and please remember to strip out External IP addresses as needed for security reasons) 2. This is an RB951 - how many users are connecting and running through the system? I am wondering if it is a limit due ...
by ConnectivityEngineer
Thu Dec 24, 2015 8:32 am
Forum: General
Topic: Atheros AR8151
Replies: 1
Views: 525

Re: Atheros AR8151

Great Question: http://cateee.net/lkddb/web-lkddb/NET_VENDOR_ATHEROS.html shows that vendor: 1969 ("Qualcomm Atheros"), device: 1073 ("AR8151 v1.0 Gigabit Ethernet") vendor: 1969 ("Qualcomm Atheros"), device: 1083 ("AR8151 v2.0 Gigabit Ethernet") Are supported in Linux Kernels 3.17–3.19, 4.0–4.2, 4....
by ConnectivityEngineer
Thu Dec 24, 2015 4:34 am
Forum: General
Topic: Bridge ports packet loss
Replies: 6
Views: 1570

Re: Bridge ports packet loss

Interesting thats for sure.

You could make sure to change the TTL for icmp
/ip firewall mangle add chain=prerouting out-interface=!ether1 action=change-ttl new-ttl=set:64 passthrough=yes  
where ether1 is the interface in question (tune to your hearts desire in other words )
by ConnectivityEngineer
Thu Dec 24, 2015 4:23 am
Forum: General
Topic: DHCP static lease disappears !!!
Replies: 4
Views: 810

Re: DHCP static lease disappears !!!

Good Question - I have seen this happen - on a few different Tik Versions - and this has been the fix.

I know bit odd - but give it a shot.
by ConnectivityEngineer
Tue Dec 22, 2015 1:07 pm
Forum: General
Topic: Forgot My Mikrotik Winbox Password and Need to Recover it without Backup Configuration File
Replies: 7
Views: 17018

Re: Forgot My Mikrotik Winbox Password and Need to Recover it without Backup Configuration File

Without the backup config file - good luck.
If you had that - it might be possible...
by ConnectivityEngineer
Tue Dec 22, 2015 1:02 pm
Forum: Scripting
Topic: [SOLVED] Netwatch via API (php)
Replies: 5
Views: 1662

Re: Netwatch via API (php)

I am sitting waiting another train - however - this link might help you as well...

https://github.com/pear2/Net_RouterOS/wiki
by ConnectivityEngineer
Tue Dec 22, 2015 12:58 pm
Forum: Scripting
Topic: [SOLVED] Netwatch via API (php)
Replies: 5
Views: 1662

Re: Netwatch via API (php)

found this as well: http://wiki.mikrotik.com/wiki/API_PHP_package#Ping_from_router <?php use PEAR2\Net\RouterOS; require_once 'PEAR2/Autoload.php'; if (isset($_GET['act'])) {//This is merely to ensure the form was submitted. //Adjust RouterOS IP, username and password accordingly. $client = new Rout...
by ConnectivityEngineer
Tue Dec 22, 2015 12:53 pm
Forum: Scripting
Topic: repository for scripts
Replies: 4
Views: 929

Re: repository for scripts

The easiest way is to simply setup a shared file location on a webserver Then run /tool fetch url=http://yourdomain.com/files/data.txt[code] Every script I run also has the following at the top [code] # Printing local time for Log purposes ... :local CurrentTime [/system clock get time]; :log warnin...
by ConnectivityEngineer
Tue Dec 22, 2015 11:29 am
Forum: Scripting
Topic: [SOLVED] Netwatch via API (php)
Replies: 5
Views: 1662

Re: Netwatch via API (php)

What you could do is setup a script so when netwatch on the host finds it is down send an snmp trap to Zabbix. We stopped using Zabbix because of the lack of dependencies AND thinks like this (admit its been a few years) Just our usage case... Anyhow - You can setup a trigger prototype using the "no...
by ConnectivityEngineer
Tue Dec 22, 2015 10:48 am
Forum: General
Topic: DHCP lease assigned based on agent-circuit-id
Replies: 2
Views: 777

Re: DHCP lease assigned based on agent-circuit-id

Most likely the ONU is NOT passing this data upstream to the DHCP server. By definition a Layer 2 CPE does not have any Layer 3 capabilities (well depending upon your system it may allow communication with the captive portal for entering the Registration ID The issue is that your looking for the ONU...
by ConnectivityEngineer
Tue Dec 22, 2015 10:31 am
Forum: The User Manager
Topic: Multiple usermanager customers and hotspots on same router
Replies: 3
Views: 4935

Re: Multiple usermanager customers and hotspots on same router

Rather than retyping - this should help. In short - each location gets their own network. https://aacable.wordpress.com/2012/11/21/different-login-page-for-multiple-network-on-mikrotik-hotspot/ Does not matter if that interface is a Wireless or Wired @ that point. The option to allow or not allow wo...
by ConnectivityEngineer
Tue Dec 22, 2015 10:28 am
Forum: General
Topic: how connect two usermanger mikrotik
Replies: 1
Views: 271

Re: how connect two usermanger mikrotik

Best solution - run Radius.

Technically there are work arounds - however they take a bit of scripting AND are not bulletproof.

Radius will do exactly what your looking for Mikrotik has a decent writeup available here: http://wiki.mikrotik.com/wiki/RouterOs_MySql_Freeradius
by ConnectivityEngineer
Tue Dec 22, 2015 10:24 am
Forum: General
Topic: DHCP static lease disappears !!!
Replies: 4
Views: 810

Re: DHCP static lease disappears !!!

Check the Lease time: If set to 0s lease will never expire, if not - then after it expires it will drop.

This might help: http://wiki.mikrotik.com/wiki/Manual:IP ... figuration
by ConnectivityEngineer
Tue Dec 22, 2015 10:16 am
Forum: General
Topic: CCR1036 and mirror ports
Replies: 3
Views: 2645

Re: CCR1036 and mirror ports

If you add the port you wish to monitor to a bridge - and then add another port to the bridge the second port on the bridge will act like a mirrored port. I know its a bit clunky - however since there are NO SWITCH CHIPS in the Cloud Core Router series - this is the work around if you need something...
by ConnectivityEngineer
Tue Dec 22, 2015 10:09 am
Forum: The User Manager
Topic: how connect two router board to the same radius server by internet
Replies: 2
Views: 1459

Re: how connect two router board to the same radius server by internet

Hello - Sorry I think the community is a bit stuck trying to figure out what you are asking. So lets start by answering the question that we think you asked - and then if not - having you restate the question. To set a Mikrotik to utilize a Radius Server - you simply go to the Radius menu and enter ...
by ConnectivityEngineer
Tue Dec 22, 2015 9:55 am
Forum: Forwarding Protocols
Topic: pppoe over mpls/vpls mtu?
Replies: 1
Views: 1459

Re: pppoe over mpls/vpls mtu?

Forwarding labeled packets is quite different from forwarding IP packets in that not only is the IP lookup replaced with a lookup of the label in the label forwarding information base (LFIB) but different label operations are also possible. All IPv4 packets have one or more labels. This does imply t...
by ConnectivityEngineer
Tue Dec 22, 2015 9:48 am
Forum: General
Topic: NetCut issue..
Replies: 2
Views: 705

Re: NetCut issue..

Hope things are going well. Sadly we do not know how your hotspot is setup - SO it is a bit difficult to give you a clear answer. Andrew COX wrote a decent script for making sure users are limited to specific bandwidth settings. So might want to try this (of course edit to your needs) Andrew's is pa...
by ConnectivityEngineer
Tue Dec 22, 2015 9:36 am
Forum: General
Topic: Mikrotik RB with thunder cache
Replies: 1
Views: 1859

Re: Mikrotik RB with thunder cache

You need to redirect port80 for the PPPoE users to the web proxy - since the PPPoE users basically create a dynamic interface - this might be part of the issue. Instead of working on an interface I would much rather work from an IP range. This is especially true if you wish in the future to have som...
by ConnectivityEngineer
Tue Dec 22, 2015 9:25 am
Forum: General
Topic: Slow download speeds
Replies: 1
Views: 892

Re: Slow download speeds

Without knowing your specific setup it is hard to say. What other jobs (if any) is the Mikrotik performing. Do you have any layer7 rules running, Firewall rules? etc Are the connections working as they should - (ie autonegotiate for interfaces working) If you have a 1/2 duplex or similar issue on a ...
by ConnectivityEngineer
Tue Dec 22, 2015 9:22 am
Forum: Beginner Basics
Topic: ccr1072 performance and ping lose
Replies: 2
Views: 1163

Re: ccr1072 performance and ping lose

Simple Queues are exactly that - Simple. You may need to expand a bit pass the simple Queues. Traffic is most likely (depending on your setup) still First In / First Out /ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=ICMP_PING passthrough=yes protocol=icmp add ch...
by ConnectivityEngineer
Tue Dec 22, 2015 9:18 am
Forum: General
Topic: Forcing out interface based on internal IP address
Replies: 4
Views: 742

Re: Forcing out interface based on internal IP address

This is done via Policy Based Routing

Butch Evans has an excellent blog posting on this - http://blog.butchevans.com/2008/09/mikr ... n-example/rather than me retyping all this stuff over.

If your US Based - I suggest checking out Butch's Training Sessions as well.
by ConnectivityEngineer
Tue Dec 22, 2015 9:14 am
Forum: General
Topic: What did a do wrong
Replies: 3
Views: 519

Re: What did a do wrong

Awesome. Thanks for updating the forum - far to often folks keep threads hanging !

+1 for your reputation :-)
by ConnectivityEngineer
Tue Dec 22, 2015 9:13 am
Forum: RouterBOARD hardware
Topic: System freez or hang when I reboot the router
Replies: 3
Views: 860

Re: System freez or hang when I reboot the router

Did you get this figured out?
:?
by ConnectivityEngineer
Tue Dec 22, 2015 9:12 am
Forum: General
Topic: Dns Problem?
Replies: 6
Views: 1103

Re: Dns Problem?

servers: 8.8.8.8 dynamic-servers: 10.90.5.1,8.8.8.8,78.136.107.50 allow-remote-requests: no That last line basically is making it so that the LOCAL system IS NOT answering requests for DNS You might need to enable that - and then create the firewall rules as needed. I will test in a lab tomorrowish ...
by ConnectivityEngineer
Tue Dec 22, 2015 9:07 am
Forum: General
Topic: Don't upgrading RB3011 to 6.34rc20
Replies: 3
Views: 1488

Re: Don't upgrading RB3011 to 6.34rc20

RC = release Candidate ... (which I am thinking you know)

Can you let us know what happens when you get a console cable connected?
by ConnectivityEngineer
Tue Dec 22, 2015 9:04 am
Forum: Beginner Basics
Topic: Restoring Windows 7 PC
Replies: 1
Views: 362

Re: Restoring Windows 7 PC

This most likely is FAR outside of the support of this forum.... especially because Installing the Dude Client WILL NOT wipe your hard drive. In any event - let's try helping you here: I would suggest first looking into the BIOS of the machine and seeing if there is an option to boot from the hard d...
by ConnectivityEngineer
Tue Dec 22, 2015 9:01 am
Forum: Beginner Basics
Topic: Mikrotik and provider 1und1 (resolved)
Replies: 4
Views: 1165

Re: Mikrotik and provider 1und1 (resolved)

quick note of thanks: Far to often folks DO NOT update their requests to let folks know they found a solution... +1
by ConnectivityEngineer
Tue Dec 22, 2015 9:00 am
Forum: General
Topic: Preformance issues on RB750
Replies: 5
Views: 844

Re: Preformance issues on RB750

Generally speaking the RB750 is a decent product - and it even supports MPLS as shown here: http://routerboard.com/RB750 Just the other night we had a customer call into our Mikrotik TAC complaining their systems were dropping and locking up (we blogged here about it: http://connectivity.engineer/ne...
by ConnectivityEngineer
Tue Dec 22, 2015 8:42 am
Forum: General
Topic: Spamhous list implementation
Replies: 3
Views: 708

Re: Spamhaus list implementation

Joshaven is TOP NOTCH. I have met him personally, done dinner etc with his family. He knows his stuff !!! I would however suggest you use his script BUT pull the data into / from your own source. WHY? because if his server ever were to go offline - simply said - your solution would STOP working If y...
by ConnectivityEngineer
Tue Dec 22, 2015 8:38 am
Forum: General
Topic: RADIUS hotspot page 404 not found
Replies: 3
Views: 1868

Re: RADIUS hotspot page 404 not found

You should be able to do this - as long as a few things are in place.

1. If your using 2 different networks and place one in HotSpot mode - than only that network would require the hotspot...
2. Is the Radius Server authentication working?

What if anything is showing in the logs
by ConnectivityEngineer
Tue Dec 22, 2015 8:37 am
Forum: General
Topic: 2 lan 1 wan
Replies: 1
Views: 877

Re: 2 lan 1 wan

Can you please post the output of your config ?

Chances are there is a missing rule allowing your NAT to work.



If you visit the terminal just paste the output from these commands
/ip address export 
 /ip route export 
/ip firewall export 
by ConnectivityEngineer
Tue Dec 22, 2015 8:31 am
Forum: General
Topic: Bridge ports packet loss
Replies: 6
Views: 1570

Re: Bridge ports packet loss

Are you using AP Bridge mode? or ?
by ConnectivityEngineer
Tue Dec 22, 2015 8:28 am
Forum: General
Topic: PeakFlow SP SNMP Issues
Replies: 2
Views: 608

Re: PeakFlow SP SNMP Issues

I am not using the Arbor Networks product any longer - however - might want to see what you have setup in RouterOS first. /snmp> print I know I needed to provide some MIBs back in the day - If needed - you might need to add the MIB as well You can grab the MIB from here http://download2.mikrotik.com...
by ConnectivityEngineer
Tue Dec 22, 2015 8:23 am
Forum: General
Topic: HMA VPN DDoS Botnet Complaint
Replies: 1
Views: 539

Re: HMA VPN DDoS Botnet Complaint

Simple Firewall Rules for the VPN should work. I do not see your setup - so it is a bit difficult to figure out where the fault 100% is. Are you allowing Anyone to access your router and then use it ? (even by accident? ) Be happy to view your config if needed - chances are someone or something is u...
by ConnectivityEngineer
Tue Dec 22, 2015 8:13 am
Forum: General
Topic: DNS Settings DNS server behaviour
Replies: 4
Views: 633

Re: DNS Settings DNS server behaviour

Round Robin.

While I wondered the same thing - I just did a sniff on port 53 traffic - and sure enough - appeared to be round robin.
by ConnectivityEngineer
Tue Dec 22, 2015 8:10 am
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!
Replies: 19
Views: 6029

Re: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!

IS-IS I do not believe is supported even in the latest Kernel by default (i might be wrong on that one however)- At present this would require Mikrotik to do some very heavy lifting creating a ISO protocol stack - ISO addressing - CLNS etc. Here is a start - https://git.netdef.org/projects/OSR/repos...
by ConnectivityEngineer
Sun Dec 20, 2015 5:23 am
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!
Replies: 19
Views: 6029

Re: CCR1009-8G-1S-1S+ is a BEST ROUTER !!!

until some things like IS-IS are supported - Cisco and other vendors still must be part of many providers portfolios :-(

This is NOT Mikrotik's fault however - IS-IS is not supported in the Kernel
by ConnectivityEngineer
Sun Dec 20, 2015 12:31 am
Forum: The Dude
Topic: I cannot find the dude on mikrotik.com, Have you guys deleted by anyhow?
Replies: 1
Views: 914

Re: I cannot find the dude on mikrotik.com, Have you guys deleted by anyhow?

On Friday 18th - The Dude was Re-Released.
Note - there is NO LONGER A WINDOWS SERVER VERSION

(there is a windows client however)

Visit this link http://forum.mikrotik.com/viewtopic.php?f=8&t=102772 for additional details.
by ConnectivityEngineer
Sun Dec 20, 2015 12:29 am
Forum: General
Topic: Mac address 00:00:00:00:00:00
Replies: 2
Views: 2175

Re: Mac address 00:00:00:00:00:00

Do you have WDS enabled on both AP's?
This should help .

Also - you could create a MAC filter and block the 00:00.... and see WHAT stops
by ConnectivityEngineer
Sun Dec 20, 2015 12:28 am
Forum: Wireless Networking
Topic: Cannot Multicast within a VLAN
Replies: 2
Views: 1483

Re: Cannot Multicast within a VLAN

I am not 100% sure however when you referenced the WAP is getting its management IP on a different network - it had me thinking. If both the sender and receiver for a multicast group are on the same local broadcast subnet, then the routers do not need to be involved in the process, and communication...
by ConnectivityEngineer
Sun Dec 20, 2015 12:19 am
Forum: General
Topic: mikrotik dns statik host without dot
Replies: 1
Views: 419

Re: mikrotik dns statik host without dot

Mikrotik makes an excellent A Record DNS Server for simple entries - However - the Server still requires fully qualified domain names - Or at minimum NO SPACES http://wiki.mikrotik.com/wiki/Manual:IP/DNS#All_DNS_Entries In short they are following the RFC Specs outlined here: http://www.ietf.org/rfc...
by ConnectivityEngineer
Sun Dec 20, 2015 12:12 am
Forum: General
Topic: Feature or bug? SSTP not working between RouterOS versions
Replies: 7
Views: 2182

Re: Feature or bug? SSTP not working between RouterOS versions

Perhaps we do not have enough information to help you with the request... I do know in the past I personally had issues with a client after an upgrade. I ended up increasing the time outs and voila - worked like a champ. Quick ? Are you using sstp-server interface bindings on server's side, or do yo...
by ConnectivityEngineer
Sun Dec 20, 2015 12:08 am
Forum: RouterBOARD hardware
Topic: System freez or hang when I reboot the router
Replies: 3
Views: 860

Re: System freez or hang when I reboot the router

It might be a simple BIOS setting - might check and see if you have PNP or similar activated. Also - I noticed your using an older version of RouterOS 5.2 There are a large number of advantages to utilizing the later versions - Mind letting us know a bit more about your setup? What system / motherbo...
by ConnectivityEngineer
Sun Dec 20, 2015 12:04 am
Forum: General
Topic: Dns Problem?
Replies: 6
Views: 1103

Re: Dns Problem?

If you go to terminal please do the following /ip dns print It could be that DNS is timing out - OR your provider may be limiting the number of requests - It could also be that you have an invalid setup of sorts When this happens - you might also try to resolve domains on the Mikrotik itself /tools ...
by ConnectivityEngineer
Sat Dec 19, 2015 11:55 pm
Forum: General
Topic: What did a do wrong
Replies: 3
Views: 519

Re: What did a do wrong

There are various solutions for SIP clients behind NAT, some of them in client side (STUN, TURN, ICE), others in server side (Proxy RTP as RtpProxy,MediaProxy). Sadly - we are not sure how your SIP provider is providing the solution to your setup - SO - this information might need to be tweaked just...
by ConnectivityEngineer
Sat Dec 19, 2015 11:41 pm
Forum: RouterBOARD hardware
Topic: FCC Certification
Replies: 4
Views: 956

FCC Certification

Recently in a training I heard that Mikrotik ARE NOT CERTIFIED for use in the USA by the FCC.
Is this correct?