Community discussions

Search found 463 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 10
by lapsio
Mon Aug 12, 2019 9:47 am
Forum: RouterBOARD hardware
Topic: CRS312, CRS326-24S+2Q+ MIPSBE CPU?
Replies: 5
Views: 627

Re: CRS312, CRS326-24S+2Q+ MIPSBE CPU?

I'm sure QSFP+ enabled routers (CCR2xxx) range will be in the pipeline, these switches are basically the introduction to them. A 1072 equivalent with 2x QSFP and 6+ SFP+ ports will be magical for core routing.
Now you got me hyped! xD
by lapsio
Mon Aug 12, 2019 4:44 am
Forum: RouterBOARD hardware
Topic: CRS312, CRS326-24S+2Q+ MIPSBE CPU?
Replies: 5
Views: 627

Re: CRS312, CRS326-24S+2Q+ MIPSBE CPU?

These aren't marketed (or priced) as full L3 switches. Yes you can route ports to CPU and run some L3 functions, but it is not a fully featured / full wire rate L3 switch, so if thats what you want this product for then this product is not for you. You'd have to send in your recommendations to Mikr...
by lapsio
Sun Aug 11, 2019 7:05 pm
Forum: RouterBOARD hardware
Topic: CRS312, CRS326-24S+2Q+ MIPSBE CPU?
Replies: 5
Views: 627

CRS312, CRS326-24S+2Q+ MIPSBE CPU?

Is there any particular reason why those switches have MIPSBE CPU as opposed to dual core ARM in CRS317 and CRS309? I mean well CRS317 and CRS309 may not be best routing performers but 3gbps, with 9k jumbo probably much closer to actual 10G is not too shabby for simple inter-vlan routing or uplink r...
by lapsio
Thu Aug 08, 2019 1:42 pm
Forum: RouterBOARD hardware
Topic: Woobm-USB How Much Can It Do?
Replies: 31
Views: 4217

Re: Woobm-USB How Much Can It Do?

Uhm..I was looking for a "cleaner" way than powered usb-hub with a bunch of serial to usb adapters - that's why i'm considering woobm. The alternative would be serial switch but costs would be too high. :lol: Would be nice to have a rack-mountable wireless device - like crs or a rb2011 chassis with...
by lapsio
Thu Aug 08, 2019 1:18 pm
Forum: RouterBOARD hardware
Topic: Woobm-USB How Much Can It Do?
Replies: 31
Views: 4217

Re: Woobm-USB How Much Can It Do?

Hi, What's the behavior of the console port when woobm is plugged in ? Do you still have console connection over rj port ? Since woobm can't follow the full boot cycle of the device, you'd use console port up to a point and then woobm ? MikroTik allows for up to 9 serial consoles iirc. So Woobm is ...
by lapsio
Sun Aug 04, 2019 9:38 pm
Forum: RouterBOARD hardware
Topic: hEX S - switch functionality?
Replies: 4
Views: 407

Re: hEX S - switch functionality?

Keep on living. You are seeking hardware vlan and Mikrotik does support vlan in software. So no need to jump of the cliff. I probably would complain less if I didn't find crapload of issues with NAT and connection tracking when using software VLANs and bridges when connection goes through router mo...
by lapsio
Sun Aug 04, 2019 8:37 pm
Forum: RouterBOARD hardware
Topic: hEX S - switch functionality?
Replies: 4
Views: 407

Re: hEX S - switch functionality?

hEX S has MT7621 switch chip onboard. And according to Mikrotik's wiki it does not support VLAN table in hardware. Check this page out. Yeah I hoped there's more to that. It's quite miserable. I mean hES S is half that bad since only 5 ports. But RB4011? 10 ethernet ports without VLANs? What the he...
by lapsio
Sun Aug 04, 2019 8:09 pm
Forum: RouterBOARD hardware
Topic: hEX S - switch functionality?
Replies: 4
Views: 407

hEX S - switch functionality?

I'm trying to find some info about switch chip used in hEX S (in partucular its support for hardware VLANs) but from what I see it does not support VLANs on switch level at all right? So the only way to use VLANs on this thing is to use software VLANs and bridge?
by lapsio
Fri Aug 02, 2019 4:31 pm
Forum: General
Topic: Policy based IPSec
Replies: 7
Views: 638

Re: Policy based IPSec

And there's option to apply mode-config to either src-address-list (not really what I want but that's what has been presented in official tutorial so I thought it's the only way) but also to connection-mark. I forgot about that. It's very new and I didn't test it yet. I just tested it in lab with s...
by lapsio
Fri Aug 02, 2019 1:50 pm
Forum: General
Topic: Policy based IPSec
Replies: 7
Views: 638

Re: Policy based IPSec

I just figured out I'm dumb I didn't check that in CHR lab before. It turns out that additional /ip ipsec mode-config options unlock after actually configuring IPSec till the end. And there's option to apply mode-config to either src-address-list (not really what I want but that's what has been pres...
by lapsio
Fri Aug 02, 2019 4:03 am
Forum: General
Topic: Policy based IPSec
Replies: 7
Views: 638

Re: Policy based IPSec

If you use different addresses for incoming and outgoing connections and policy reflects that, it would work. Either give those addresses to servers directly, or you can use NAT on router. I want servers to also go via VPN but only for server-initiated connections. So when user accesses server then...
by lapsio
Fri Aug 02, 2019 12:32 am
Forum: General
Topic: Policy based IPSec
Replies: 7
Views: 638

Policy based IPSec

Is it possible to make PBR for IPSec? I mean I'd like to push all new outgoing connections through IPSec tunnel, but all connections incoming from world to servers to return directly, not via VPN tunnel..
by lapsio
Fri Aug 02, 2019 12:15 am
Forum: General
Topic: IPSec and ppp tunnel precedence
Replies: 1
Views: 232

IPSec and ppp tunnel precedence

Hello I just bought NordVPN VPN and they prefer using IPSec. I'd also like to use PIA and daisy chain those 2 VPNs. At first I didn't like IPSec option since I have in general trust issues with IPSec and since OpenVPN client implementation has been fixed in last RouterOS update it sounds like viable...
by lapsio
Thu Aug 01, 2019 3:11 pm
Forum: RouterBOARD hardware
Topic: RouterBOARD naming
Replies: 47
Views: 22979

Re: RouterBOARD naming

I'm afraid I must agree with LEDs argument. hAP ac² LEDs are barely visible under angle.
by lapsio
Tue Jul 16, 2019 11:11 pm
Forum: General
Topic: ROS ovpn-client doesn't verify server certificate.
Replies: 7
Views: 1276

Re: ROS ovpn-client doesn't verify server certificate.

It's supposedly been fixed 2 weeks ago in release 6.44.5

*) ovpn - added "verify-server-certificate" parameter for OVPN client (CVE-2018-10066);

viewtopic.php?t=150045
by lapsio
Mon Jul 08, 2019 12:43 pm
Forum: Beginner Basics
Topic: /ip firewall NAT on bridge with use-ip-firewall not working
Replies: 4
Views: 358

Re: /ip firewall NAT on bridge with use-ip-firewall not working

If there is no IP address on an interface, then NAT cannot translate.
What are security implications of adding 'dummy' IP address (eg. 1.2.3.4) on interface that is supposed to work as pure L2 bridge, with drop all input on firewall, just to allow for NAT?
by lapsio
Mon Jul 08, 2019 12:30 am
Forum: Beginner Basics
Topic: /ip firewall NAT on bridge with use-ip-firewall not working
Replies: 4
Views: 358

Re: /ip firewall NAT on bridge with use-ip-firewall not working

Concur with the approach of simply stating the requirements in terms of desired functionality users will experience without mention of config/settings. I have users x and users y, I want to ensure that users X access the internet with the following limitations...................., I want to ensure ...
by lapsio
Sun Jul 07, 2019 10:21 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Interface lists include/exclude
Replies: 1
Views: 525

Re: Interface lists include/exclude

Are recursive interface lists there yet?
by lapsio
Sun Jul 07, 2019 8:32 pm
Forum: Beginner Basics
Topic: /ip firewall NAT on bridge with use-ip-firewall not working
Replies: 4
Views: 358

/ip firewall NAT on bridge with use-ip-firewall not working

I'm using use-ip-firewall on bridges and if I add any NAT rule that affects traffic on bridge it basically gets blackholed. Why is that? It only happens when there's no IP address on bridge. Would bridge NAT work in such scenario? I want to redirect port 53 to local DNS server on bridge level since ...
by lapsio
Sun Jul 07, 2019 3:54 pm
Forum: General
Topic: Cannot scp rsc file to router
Replies: 2
Views: 188

Re: Cannot scp rsc file to router

It seems to be caused by fish shell for whatever reason. When using plain bash, scp to MikroTik works fine
by lapsio
Sat Jul 06, 2019 11:45 pm
Forum: General
Topic: Cannot scp rsc file to router
Replies: 2
Views: 188

Cannot scp rsc file to router

I can't seem to properly transfer .rsc file to device. When I perform: scp ./file.rsc ac:/import.rsc upload hangs at 100%. If i interrupt it and try to import file it fails with bad command name 8 (line 1 column 1) When I download uploaded file back to PC it has 1 additional line at the beginning: 8...
by lapsio
Fri May 17, 2019 11:00 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 63101

Re: RB4011

It is less than 10 meters CAT5E without shild. oh. Well... 10G SR module 15$ x2 : https://www.fs.com/de-en/products/74668.html 10m OM2 LC-LC patchcord 5$ : https://www.fs.com/de-en/products/74394.html total 35$ (or 42$ incl. VAT) S+RJ10 65$ x2 cat5 cable 0$ total 130$ actually even using original M...
by lapsio
Thu May 16, 2019 9:04 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 63101

Re: RB4011

I can not use fiber because of my existing cables. The only one problem with RB4011 is the high working temperature of the SFP+ module. So I assume you use longer copper cables if replacement would be problematic? What cable length do you use? I was always interested in actual maximum cable length ...
by lapsio
Thu May 16, 2019 8:52 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 63101

Re: RB4011

Yes, i am using S+RJ10 modules between RB4011 and CRS328. Ouch. Any particular reason to go with such setup? Existing, long cabling? 10G-SR modules cost like 16$ plus few bucks for LC optical patchcords comparing to 65$ for S+RJ10. 10G copper seems to be insanely expensiive. Especially non-mikrotik...
by lapsio
Tue May 14, 2019 12:21 am
Forum: Beginner Basics
Topic: CCR1009-8G-1S-1S+, Smart card and Certificates
Replies: 10
Views: 3858

Re: CCR1009-8G-1S-1S+, Smart card and Certificates

I'd be interested to know more too if anyone has found a compatible product and some guidelines on how to set up. Thanks I got a reply from @support: Unfortunately, we cannot recommend any Smart Card for use in MikroTik devices. The Smart Card support in RouterOS requires significant rebuild and cu...
by lapsio
Sun May 12, 2019 8:01 pm
Forum: RouterBOARD hardware
Topic: CRS317 Problems with 100MBit Devices / What a shame
Replies: 28
Views: 3213

Re: CRS317 Problems with 100MBit Devices / What a shame

The older S+RJ10 are crap. Wrong DDM information, low MTU, ... There was a post showing newer with MTU size depending on negotiation speed. So it is guesswork and luck making it work ...
Is S-RJ01 also that troublesome?
by lapsio
Sat May 11, 2019 10:26 pm
Forum: RouterBOARD hardware
Topic: CRS317 Problems with 100MBit Devices / What a shame
Replies: 28
Views: 3213

Re: CRS317 Problems with 100MBit Devices / What a shame

Did anyone try actual 10/100 modules with CRS317? Or 10/100/1000 other than S-RJ01? I tried one 10/100 Cisco and some F5 Networks 1000 BASE-T but they don't seem to work with at 10/100 speed (not all that surprising). I used auto-negotiation=off speed=100mbps. S+RJ10 also doesn't work when configure...
by lapsio
Fri Apr 26, 2019 9:36 pm
Forum: RouterBOARD hardware
Topic: CRS317 10G -> 1G traffic slow, everything else fine
Replies: 21
Views: 6729

Re: CRS317 10G -> 1G traffic slow, everything else fine

Seriously Mikrotik team! When do you plan on fixing this shit, I have so much of your 10g switches ( all models ) collecting dust! It doesn’t work 10g to 1g On any switches 1g port gets 30mbps download speed If I negotiate it to 100base-t it does almost 100mbps Until mikrotik can fix this issue I d...
by lapsio
Tue Apr 23, 2019 12:40 am
Forum: RouterBOARD hardware
Topic: CRS328-24P-4S+RM - 24x7 fans or temperature sensitive?
Replies: 64
Views: 8380

Re: CRS328-24P-4S+RM - 24x7 fans or temperature sensitive?

You can mount two CRS112 in 1U right? Since they're exactly half U?

It measures 200mm wide (7.875 inch). Would be nice to have a 1U case that holds both.
You can mount each one using 1 ear.
by lapsio
Mon Apr 22, 2019 8:42 pm
Forum: RouterBOARD hardware
Topic: CRS328-24P-4S+RM - 24x7 fans or temperature sensitive?
Replies: 64
Views: 8380

Re: CRS328-24P-4S+RM - 24x7 fans or temperature sensitive?

There is no any device with passive cooling from any vendor, right? You might be better served with two CRS112 . I use one for my PoE equipment. Very happy with it. Note you'll also need to purchase the 48POW or the 48V2A96W . You can mount two CRS112 in 1U right? Since they're exactly half U?
by lapsio
Wed Apr 03, 2019 2:18 am
Forum: Beginner Basics
Topic: CCR1009-8G-1S-1S+, Smart card and Certificates
Replies: 10
Views: 3858

Re: CCR1009-8G-1S-1S+, Smart card and Certificates

Any luck so far?
by lapsio
Mon Apr 01, 2019 1:44 am
Forum: RouterBOARD hardware
Topic: CRS317 and CRS326 - "fixing" slow LEDs with script
Replies: 0
Views: 264

CRS317 and CRS326 - "fixing" slow LEDs with script

If anyone is interested in fixing CRS326 and CRS317 slow LEDs here are scripts interpolating rx-bytes and tx-bytes stats to generate faster LED blinking:

viewtopic.php?f=9&t=147168&p=724305#p724305
by lapsio
Mon Apr 01, 2019 1:36 am
Forum: Scripting
Topic: Script "fixing" slow CRS3xx LEDs
Replies: 0
Views: 310

Script "fixing" slow CRS3xx LEDs

So I asked MikroTik support why LEDs in CRS3xx are so slow and if they're gonna do anything about it. They said that LEDs are controlled by CPU thus they're so slow and that newer CRS3xx devices will have LEDs controlled by switch chips itself so LEDs won't be slow but won't be programmable either. ...
by lapsio
Sat Mar 09, 2019 9:25 pm
Forum: General
Topic: CRS326 VLAN leakage to CPU?
Replies: 8
Views: 736

Re: CRS326 VLAN leakage to CPU?

I noticed similar issues with RB2011 switch. Some packets just for some reason leak to CPU even though I use RB2011 ethernet ports as pure switch (in theory VLANs don't even have access to switch-cpu port). Such incidents are extremely rare but they occur repeatedly. Over past several months around ...
by lapsio
Fri Mar 08, 2019 11:22 am
Forum: RouterBOARD hardware
Topic: Powerline with 1gbit
Replies: 10
Views: 1114

Re: Powerline with 1gbit

they make a decent enough devices https://www.devolo.com/ Though I'm afraid nobody except MikroTik makes managed powerline adapters. I'm tunneling 3 VLANs using PWR-Line with IPSec EoIP over pwr-line interface for additional security. will be nice to see how much throughput can you achieve with so ...
by lapsio
Thu Mar 07, 2019 5:26 pm
Forum: RouterBOARD hardware
Topic: Powerline with 1gbit
Replies: 10
Views: 1114

Re: Powerline with 1gbit

they make a decent enough devices https://www.devolo.com/
Though I'm afraid nobody except MikroTik makes managed powerline adapters. I'm tunneling 3 VLANs using PWR-Line with IPSec EoIP over pwr-line interface for additional security.
by lapsio
Wed Mar 06, 2019 7:25 pm
Forum: RouterBOARD hardware
Topic: hardware idea for a multiport switch
Replies: 40
Views: 6724

Re: hardware idea for a multiport switch

Not a bad idea, but if mounted IN FRONT of other equipment. Cable management must be in front side of rack to avoid headaches when maintaning patch cord connections I though of rear mounting since we were talking about environment with long servers and servers always have rear facing network cards....
by lapsio
Wed Mar 06, 2019 7:23 pm
Forum: RouterBOARD hardware
Topic: hardware idea for a multiport switch
Replies: 40
Views: 6724

Re: hardware idea for a multiport switch

dont think this concept will work. what i would like to see is a "port expander": a Master Switch with all the intelligence and 1 or 2 Expand-Ports a Expander with 24 or 48 Ports without intelligence Just expand the port count without the need to manage another switch (nexus like) +1 but it'd proba...
by lapsio
Wed Mar 06, 2019 12:07 am
Forum: RouterBOARD hardware
Topic: Using USB Hub with Router Mikrotik
Replies: 1
Views: 224

Re: Using USB Hub with Router Mikrotik

Yes. Usually... I mean I didn't test it specifically with 3G dongles but once I connected powered HUB, to which I attached second hub and plugged 3 gigabit ethernet dongles, 2 hard drives, usb RS232 serial adapter and some other random crap I had laying around. Everything worked and MikroTik properl...
by lapsio
Mon Mar 04, 2019 2:30 pm
Forum: RouterBOARD hardware
Topic: Issue with SFP+ Transceiver in CRS317-1G-16S+
Replies: 3
Views: 436

Re: Issue with SFP+ Transceiver in CRS317-1G-16S+

Yes I have tried all that. I ended up ordering a Transceiver that said it was compatible with mikrotik. I can recommend FS.COM optical modules (copper ones are not that good tho) since they work quite well with MikroTik and seem to be affordable. Also their 1G optical modules actually work with aut...
by lapsio
Mon Mar 04, 2019 12:14 pm
Forum: RouterBOARD hardware
Topic: Does an RB4011iGS+RM support a S-RJ01?
Replies: 8
Views: 726

Re: Does an RB4011iGS+RM support a S-RJ01?

Hi,

answer from the support:
S-RJ01 is supported in RB4011 since RouterOS v6.44.
We have corrected the information in the wiki.

Greeting Tobias
Not all heroes wear capes
by lapsio
Sun Mar 03, 2019 10:44 pm
Forum: RouterBOARD hardware
Topic: hardware idea for a multiport switch
Replies: 40
Views: 6724

Re: hardware idea for a multiport switch

You're right, mounting two regular equipment pieces in same U-position is only possible for short equipment and that's what I've had in mind. But then I'd never mount just anything behind full server chasis which could obstruct warm air exhaust ... 1-U server can easily consume 500W+ (and generate ...
by lapsio
Sun Mar 03, 2019 6:45 pm
Forum: RouterBOARD hardware
Topic: hardware idea for a multiport switch
Replies: 40
Views: 6724

Re: hardware idea for a multiport switch

how about... vertical switch >_> like only 5cm deep so that you could mount it behind normal equipment (especially shorter ones), somewhat like giant rackmount PDU. You can mount 19" equipment in front and back of a rack, the only notable problem can be air-flow if two devices share same U-position...
by lapsio
Sun Mar 03, 2019 3:55 pm
Forum: RouterBOARD hardware
Topic: Issue with SFP+ Transceiver in CRS317-1G-16S+
Replies: 3
Views: 436

Re: Issue with SFP+ Transceiver in CRS317-1G-16S+

I have several mikrotik/RB products. Currently I have a CRS326-24G-2S+ as my perimeter firewall, I have a CSS326-24G-2S+ in my office connected via Avago afbr-709smz transceivers, which are 10Gb 850nm Multimode fiber optic. This is working. Now I've added a CRS317-1G-16S+, and when I move the trans...
by lapsio
Sun Mar 03, 2019 3:41 pm
Forum: RouterBOARD hardware
Topic: Does an RB4011iGS+RM support a S-RJ01?
Replies: 8
Views: 726

Re: Does an RB4011iGS+RM support a S-RJ01?

The S-RJ01 is compatible with the RB4011, but will not operate at rate 1000, 100 or 10. https://wiki.mikrotik.com/wiki/MikroTik_SFP_module_compatibility_table#S-RJ01 So.. not supported I guess? 2019-03-03_13-47-36.png it's hilarious xD Probably on RB4011 autonegotiation doesn't work at all. That's ...
by lapsio
Wed Feb 27, 2019 6:57 pm
Forum: RouterBOARD hardware
Topic: Powerline with 1gbit
Replies: 10
Views: 1114

Re: Powerline with 1gbit

Those devices barely reach 100 mbps in practice. Mine achieve 20mbps (connected to single phase). So Gigabit sounds unlikely. Still flexibility coming from ROS is worth more than raw speed to me at least
by lapsio
Mon Feb 25, 2019 8:44 pm
Forum: RouterBOARD hardware
Topic: hardware idea for a multiport switch
Replies: 40
Views: 6724

Re: hardware idea for a multiport switch

Standard 1U 48 ports are already a mess when cable arrangement is not managed That layout would be a pain in the.......rack.... A front-side high density would be ok for a 3 or 4 rack units, but a lot of space wasted in depht. how about... vertical switch >_> like only 5cm deep so that you could mo...
by lapsio
Mon Feb 25, 2019 8:32 pm
Forum: RouterBOARD hardware
Topic: CRS3xx - ridiculously slow LEDs
Replies: 1
Views: 522

CRS3xx - ridiculously slow LEDs

I'm not sure if it's just me but did anyone notice how ridiculously slow activity LEDs are in CRS3xx series devices? I mean like holy crap I thought ports are down, sending only some STP, but actually even when ports are maxed they blink like once per second. It's... unsettling.
by lapsio
Mon Feb 25, 2019 8:29 pm
Forum: General
Topic: Q-in-Q vs tag stacking on CRS3xx
Replies: 1
Views: 438

Re: Q-in-Q vs tag stacking on CRS3xx

Yes, both methods are hardware accelerated on CRS3xx and they work.

Question regarding functional differences remains open.
by lapsio
Mon Feb 25, 2019 3:14 pm
Forum: General
Topic: Q-in-Q vs tag stacking on CRS3xx
Replies: 1
Views: 438

Q-in-Q vs tag stacking on CRS3xx

I have 3 MikroTik switches: 2x CRS317 + CRS326, 2 MikroTik routers: CCR1009 and hAP ac², 1 load balancer. Hardware resides in 2 racks and is connected in following manner: LB --- CRS317 --- | --- CRS317 --- CRS326 --- hAP ac² and CCR1009 | symbol is border between racks. LB has 4 physical gigabit in...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 10