Community discussions

MikroTik App

Search found 544 matches

  • 1
  • 2
by millenium7
Sat Mar 09, 2024 2:04 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 634831

Re: Feature requests

More context options for DHCP leases would be nice. Especially right clicking and choosing mac-telnet, winbox, SSH, HTTPS etc I'm almost exclusively looking in DHCP leases for a particular device that I need to do something with by connecting to it. Cutting out those extra steps of them opening putt...
by millenium7
Fri Mar 08, 2024 1:08 am
Forum: Wireless Networking
Topic: Problems aiming nRAY [SOLVED]
Replies: 15
Views: 1095

Re: Problems aiming nRAY [SOLVED]

I find the best alignment is the same as what I do with any other radio Lay your phone flat against the top/bottom surface of the dish and use the camera to align it (use an app that gives you a center cross/mark). This'll do your left/right alignment Then rotate your phone around 180 degrees and do...
by millenium7
Fri Mar 08, 2024 12:05 am
Forum: Wireless Networking
Topic: Problems aiming nRAY [SOLVED]
Replies: 15
Views: 1095

Re: Problems aiming nRAY [SOLVED]

To further add to my 'even mikrotik doesn't know' statement, i've very successfully used a LHG60G as a multipoint that covers a 90 degree spread with 8x other LHG 60G dishes, yet according to them it only has a 3 degree beam width and must be aligned to within 1 degree. It's just blatantly wrong but...
by millenium7
Thu Mar 07, 2024 2:21 am
Forum: Wireless Networking
Topic: Problems aiming nRAY [SOLVED]
Replies: 15
Views: 1095

Re: Problems aiming nRAY [SOLVED]

Good info. I searched this forum for aiming info and the Microtik setup instructions are pretty short. I'd this stuff documented somewhere? No, much to my frustration I voiced this on this forum several times, even after figuring out exactly how to work with the 60ghz devices and posting detailed i...
by millenium7
Wed Mar 06, 2024 11:56 pm
Forum: Wireless Networking
Topic: Problems aiming nRAY [SOLVED]
Replies: 15
Views: 1095

Re: Problems aiming nRAY [SOLVED]

Start with a rough alignment by eye Log into both radios, open terminal and manually set tx-sector=36 in order to disable beamforming. And if the range is >400m the use 64800 for the frequency. And you'll want the solidmount Then type in 'align 0' to enter alignment mode and give a real-time readout...
by millenium7
Wed Mar 06, 2024 4:02 am
Forum: Wireless Networking
Topic: Problems aiming nRAY [SOLVED]
Replies: 15
Views: 1095

Re: Problems aiming nRAY [SOLVED]

Don't worry about the alignment arrows, its not the correct way to align the 60ghz products anyway, but at 50 metres it doesn't matter. You can spin the dish 70 degrees to the side and still get over a gigabit
by millenium7
Wed Mar 06, 2024 12:13 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 634831

Re: Feature requests

Unless I've missed it somewhere... Please for the love of God add a command or hotkey toggle to show all 'sensitive' fields in the console and not have them blocked out When typing or pasting in a command that contains a password, it will blank that entire line out as soon as the enter key is presse...
by millenium7
Tue Feb 20, 2024 10:22 am
Forum: RouterBOARD hardware
Topic: L009 with no 5GHz wireless
Replies: 16
Views: 1390

Re: L009 with no 5GHz wireless

No way to satisfy all. Sure, but there's a big difference between not trying to satisfy everybody, and releasing total gimp.... .. Like should any device now ever be released with 10mbit ethernet ports? No absolutely not 2.4ghz is not quite on that level, and it has some justification in niche situ...
by millenium7
Tue Feb 20, 2024 8:13 am
Forum: RouterBOARD hardware
Topic: L009 with no 5GHz wireless
Replies: 16
Views: 1390

Re: L009 with no 5GHz wireless

The earlier reply from MikroTik has been that the L009 is intended solely as the replacement for their most successful device ever, the RB2011. .... makes no sense. It's silly to not have put 5ghz in I'm pretty sure people aren't buying the 2011 specifically because it DOESNT have 5ghz in it Should...
by millenium7
Sat Feb 17, 2024 7:58 am
Forum: Announcements
Topic: Newsletter #116 | January 2024
Replies: 90
Views: 29189

Re: Newsletter #116 | January 2024

It does seem very strange to even bother announcing the AP product if the SM isn't ready. It would have some use as an outdoor directional multipoint for a pool/gym/outdoor area, but not as a WISP product, yet that's what they are advertising it as... That said, I don't know how anyone can deploy Mi...
by millenium7
Mon Feb 12, 2024 4:33 am
Forum: General
Topic: PPPoE Bonding - MLPPP vs Bonding vs NTH?
Replies: 1
Views: 309

PPPoE Bonding - MLPPP vs Bonding vs NTH?

Which method would generally be recommended on MikroTik for equal cost bonding? Same destination server, same line speeds

- MLPPP
- Bonding interface with PPPoE on it
- NTH per packet bonding

Advantages/disadvantages to each method?
by millenium7
Mon Feb 12, 2024 4:07 am
Forum: Scripting
Topic: RouterOSv7 - Terminal is substantially worse to use?
Replies: 9
Views: 1198

Re: RouterOSv7 - Terminal is substantially worse to use?

An interesting question here is how many use terminal vs gui to configure the router. I do most config from gui when play around to test stuff. For setting opp multiple routers, terminal is used with copy past, so do not really need all that help. UI is great for individual configuration except in ...
by millenium7
Mon Feb 12, 2024 12:18 am
Forum: Scripting
Topic: RouterOSv7 - Terminal is substantially worse to use?
Replies: 9
Views: 1198

Re: RouterOSv7 - Terminal is substantially worse to use?

I don't think V7 is "worse" than V6. Using "?" as help key, meant that the "?" needed to be escaped if used in command (e.g. like AT command to LTE e.g. "AT+COPS?"). So borrowing the F1 from "windows" kinda make more sense (although in some terminal...
by millenium7
Wed Feb 07, 2024 12:38 am
Forum: Scripting
Topic: RouterOSv7 - Terminal is substantially worse to use?
Replies: 9
Views: 1198

Re: RouterOSv7 - Terminal is substantially worse to use?

The other major pain in the ass is hiding of text when pasting in passwords etc. Surely there is a way to turn this off? It makes debugging frustrating as hell as I can't see the code block I've just pasted in
by millenium7
Tue Feb 06, 2024 3:41 am
Forum: Announcements
Topic: Newsletter #116 | January 2024
Replies: 90
Views: 29189

Re: Newsletter #116 | January 2024

The best we can say about these devices being released today with too little storage and RAM is that it will force Mikrotik to optimise the software, and then everybody will benefit. Is that along the same lines of thinking MikroTik will be forced to make their AC wifi products fantastic when the r...
by millenium7
Mon Feb 05, 2024 4:01 am
Forum: Scripting
Topic: How should the local variable be called in if? [SOLVED]
Replies: 11
Views: 1179

Re: How should the local variable be called in if? [SOLVED]

Thats because you are using the 'local' type which confines variables to the scope they are created within (and scopes deeper inside) but cannot exist outside of that scope. Thus as you've found it doesn't exist outside of the 'if' statement Use :global instead of :local or place the :log command in...
by millenium7
Mon Feb 05, 2024 2:22 am
Forum: Scripting
Topic: Syntax difference in versions, how to handle? [SOLVED]
Replies: 12
Views: 1975

Re: Syntax difference in versions, how to handle? [SOLVED]

Does :execute command exists in ROS6? You try with it if does, :if ([/system package get 0 version] ~ "^6") do={:execute "/export terse" as-string} else={:execute "/export terse show-sensitive" as-string} Syntax will not be checked in string for execute, it will only b...
by millenium7
Thu Feb 01, 2024 7:22 am
Forum: Scripting
Topic: RouterOSv7 - Terminal is substantially worse to use?
Replies: 9
Views: 1198

RouterOSv7 - Terminal is substantially worse to use?

Am I missing something or the terminal/cli significantly worse in V7? The ? key does nothing, making it difficult to see all valid commands. And tab completion seems to ignore A LOT of the possible commands, i.e. typing :pi<TAB> will autocomplete it as :ping yet ignore :pick as a possibility Same wi...
by millenium7
Wed Jan 31, 2024 11:51 pm
Forum: Wireless Networking
Topic: Any plans for spectrum analyzer on new wifi6 products?
Replies: 9
Views: 665

Re: Any plans for spectrum analyzer on new wifi6 products?

I thought that professionals had a (self-standing) spectrum analyzer device as a common tool in their toolbox (rather that relying on whatever is built in the device they are installing), just like the rj45 crimper (I am not familiar with any AP/router/switch coming with a built-in crimper). It wou...
by millenium7
Wed Jan 31, 2024 2:44 pm
Forum: Wireless Networking
Topic: Any plans for spectrum analyzer on new wifi6 products?
Replies: 9
Views: 665

Re: Any plans for spectrum analyzer on new wifi6 products?

... as essential of a tool as a RJ45 crimper.... What's wrong with prefabricated UTP patch cables? :wink: Yeah super convenient running those up towers, through wall cavities, conduits and risers etc. Very convenient, especially with the 20m of coiled excess on the roof I suppose whilst we're at it...
by millenium7
Wed Jan 31, 2024 12:54 pm
Forum: Wireless Networking
Topic: Any plans for spectrum analyzer on new wifi6 products?
Replies: 9
Views: 665

Any plans for spectrum analyzer on new wifi6 products?

Seeing the new NetBox 5 AX gives some hope for actually using MikroTik again as an outdoor wireless provider. However without spectrum scanning capability it is completely pointless as you're just playing 'guess a frequency' at random, hoping and praying with zero direction. Every other outdoor play...
by millenium7
Wed Jan 31, 2024 12:38 pm
Forum: RouterBOARD hardware
Topic: Everything but hAP ax2 is pointless?
Replies: 24
Views: 2476

Re: Everything but hAP ax2 is pointless?

Surely there are "intended cases" for these L009 devices, but I am struggling to understand what they are. See now you're getting it MikroTik almost always gets about 95% of the way to something great then drops the ball on the last part - L009 wireless is 2.4ghz only, why!???? - CRS PoE ...
by millenium7
Wed Jan 31, 2024 6:26 am
Forum: RouterBOARD hardware
Topic: Everything but hAP ax2 is pointless?
Replies: 24
Views: 2476

Re: Everything but hAP ax2 is pointless?

MMIPS & MIPSBE are by far the most stable and reliable chips in the mikrotik range. HEX & HEX S thus hold value in that regard, hence I use them a hell of a lot and never have to question their stability. ARM chips have gotten better but are still unreliable in their performance metrics and ...
by millenium7
Tue Jan 23, 2024 12:46 pm
Forum: General
Topic: User poll about using Winbox
Replies: 100
Views: 64132

Re: User poll about using Winbox

That said, perhaps a low hanging fruit that would 'supercharge' this feature for me, is another drop down menu at the top called 'Layouts' for saving/loading presets. One that is usable whilst logged into a router, not beforehand I could then just go to the Layouts drop down menu, choose one of my n...
by millenium7
Tue Jan 23, 2024 12:41 pm
Forum: General
Topic: User poll about using Winbox
Replies: 100
Views: 64132

Re: User poll about using Winbox

Never once used or knew what this was about. So yes it is very poorly worded That said, i'm almost always logging into routers and then choosing 'Close all Windows' due to the clutter. This is because I didn't even know what 'session' was and never paid any attention to it. But inevitably the winbox...
by millenium7
Tue Jan 23, 2024 11:28 am
Forum: RouterOS beta
Topic: EIGRP
Replies: 3
Views: 2513

Re: EIGRP

Most people are very short sighted on EIGRP and insist OSPF is a flawlessly optimal protocol. I've had this discussion on this forum and others, it rarely leads anywhere productive. Yet EIGRP absolutely would be a phenomenally better protocol in the WISP world, as it doesn't have the overly restrict...
by millenium7
Tue Jan 23, 2024 9:22 am
Forum: Wireless Networking
Topic: Suggested change to CAPSMAN - channel handling
Replies: 0
Views: 490

Suggested change to CAPSMAN - channel handling

I was desperately hoping that the new CAPSMAN implementation would fix my biggest gripe with it, alas no such luck And that is the needless mess and doubling up of configurations SOLELY because of channels, it's not simple nor neat. As soon as you want any sort of control over channels - as is the c...
by millenium7
Thu Jan 11, 2024 12:46 pm
Forum: Scripting
Topic: Syntax difference in versions, how to handle? [SOLVED]
Replies: 12
Views: 1975

Re: Syntax difference in versions, how to handle? [SOLVED]

get 0 Please stop writing on this way, no matter if is only one example. Why? It's entirely valid in this example, there will ALWAYS be at least 1 package, and packages have the same version number (but may change in name, thus 0 is perfectly suited) If it was something like a firewall rule then ye...
by millenium7
Thu Jan 11, 2024 11:26 am
Forum: Scripting
Topic: Syntax difference in versions, how to handle? [SOLVED]
Replies: 12
Views: 1975

Re: Syntax difference in versions, how to handle? [SOLVED]

v7 is still beta at best and definitely not a full replacement for v6

Besides, managing a dozen routers that you own is fine, managing hundreds/thousands of devices it's just not practical to enforce an upgrade to v7 (that then breaks other things) that sort of idea is nonsensical
by millenium7
Thu Jan 11, 2024 8:24 am
Forum: Scripting
Topic: Syntax difference in versions, how to handle? [SOLVED]
Replies: 12
Views: 1975

Syntax difference in versions, how to handle? [SOLVED]

This is a conundrum since MikroTik decided to change the behavior of /export terse I don't mind the change in itself but the problem is how do I handle this with a single line? Using 2 lines will not work as it will include the output in the config backup So at first I thought I could use this, whic...
by millenium7
Fri Dec 15, 2023 5:44 am
Forum: General
Topic: Request: add user with password hash
Replies: 10
Views: 4528

Re: Request: add user with password hash

It is stupid that this is still not a thing If nothing else, hash is extremely useful for identifying vulnerable passwords. I.e. old/outdated/common passwords on devices that should be changed. This is EASILY checked if the hash exists in the config, very simple regex or any other comparator that sc...
by millenium7
Wed Nov 22, 2023 9:35 am
Forum: Scripting
Topic: BTest to multiple routers or all OSPF neighbors
Replies: 1
Views: 1044

BTest to multiple routers or all OSPF neighbors

Needed a way to occasionally run a bandwidth test on every distribution router in the network to assess real-world link speeds, as well as net backhaul capacity out of the network. Finally get around to writing a script to accomplish this Essentially this will let you specify 1 or more routers by fi...
by millenium7
Mon Nov 13, 2023 11:32 am
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 134
Views: 52947

Re: IS-IS

All I can say is FANTASTIC!!!! I won't ask for any concrete information but I do hope its at least IPv4 functionally capable for production use within a years time. OSPF is, always has been and always will be an utterly shit protocol for ISP and especially WISP environments. It's just completely the...
by millenium7
Sun Nov 12, 2023 12:51 am
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 134
Views: 52947

Re: IS-IS

This page was updated along with 7.12 release:
I see no mention of it in the patch notes and no routing is-is menu or CLI commands
There is however
/routing fantasy
MikroTik playing a cruel joke perhaps?
by millenium7
Thu Oct 26, 2023 2:26 am
Forum: General
Topic: Load balancing with speed detection?
Replies: 0
Views: 1430

Load balancing with speed detection?

Ubiquiti manages to do load balancing dramatically better than MikroTik and somehow can utilise all available capacity of all lines (unequal speeds are no problem) without the need to specify bandwidth manually, and will dynamically change the bandwidth split depending on conditions I'm guessing the...
by millenium7
Thu Sep 28, 2023 12:31 am
Forum: General
Topic: Suggestion: Safe mode with countdown backup restore
Replies: 4
Views: 686

Re: Suggestion: Safe mode with countdown backup restore

If you lock yourself out you may not be able to get to the device to restart it. Almost everything I configure is remote
Problem with separate running/saved Configs is when forgetting to save them, same situation as above. 6 months might go by and the device reboots and loses its config
by millenium7
Wed Sep 27, 2023 2:35 pm
Forum: General
Topic: Suggestion: Safe mode with countdown backup restore
Replies: 4
Views: 686

Re: Suggestion: Safe mode with countdown backup restore

Safe mode is just inherently so unreliable. I'd say I have a 80% success rate with it, but that other 20% it just does not recognize loss of connection at all. It seems especially so when i'm changing anything to do with L2 connectivity, such as VLAN's, DHCP snooping, port isolation etc. And when it...
by millenium7
Wed Sep 27, 2023 12:53 pm
Forum: General
Topic: Suggestion: Safe mode with countdown backup restore
Replies: 4
Views: 686

Suggestion: Safe mode with countdown backup restore

Since Safe Mode is known to be woefully unreliable at detecting the device is no longer being accessed - especially with anything involving Layer2 connectivity changes - can I please suggest MikroTik implement an alternate method that is far more reliable. As well as allowing the user to momentarily...
by millenium7
Thu Sep 21, 2023 1:03 am
Forum: General
Topic: Mikrotik SUCKS
Replies: 82
Views: 12591

Re: Mikrotik SUCKS

VLANs and switching in general is needlessly complicated. New bridge menu method is 'ok' at best but it's far from optimal. For one I don't understand why they couldn't just make it a very simple tag/untag/exclude option for each port in a bridge instead of the way it's handled. It's not clear, it's...
by millenium7
Tue Sep 19, 2023 4:17 am
Forum: General
Topic: Mikrotik SUCKS
Replies: 82
Views: 12591

Re: Mikrotik SUCKS

100% agree. There's network engineers and there's vendor-only engineer. If this guy only knows Cisco, he's a Cisco engineer, not a network engineer. About the only viable complaint with MikroTik is their VLAN and Switch menu implementation, its a bit bass ackwards and definitely requires a thought ...
by millenium7
Tue Sep 19, 2023 1:04 am
Forum: RouterOS beta
Topic: mDNS repeater feature
Replies: 330
Views: 100492

Re: mDNS repeater feature

I really wouldn't worry about it, if there is a valid use case (practical management is absolutely a viable one) then by all means use multiple bridges. If its just a home based setup with multiple VLAN's sure single bridge is a good idea. However as with everything it depends on the use case. Often...
by millenium7
Mon Sep 18, 2023 10:33 am
Forum: RouterOS beta
Topic: mDNS repeater feature
Replies: 330
Views: 100492

Re: mDNS repeater feature

Have used multiple phones and found this to be woefully unreliable, some it works and others it just does not work whatsoever. Multicast routing itself seems to work but evidently multicast routing alone its not the only thing required for chromecast streaming to work 100% of the time (am testing wi...
by millenium7
Fri Sep 15, 2023 5:30 am
Forum: RouterOS beta
Topic: mDNS repeater feature
Replies: 330
Views: 100492

Re: mDNS repeater feature

I'm having absolutely no success with getting chromecast to work. Read the entire thread, followed posted examples, not working First question which may answer why its not working: Does all multicast traffic need to be in the same 'bridge' for PIM or IGMP Proxy to work? I've been testing with a lab ...
by millenium7
Fri Sep 15, 2023 1:43 am
Forum: General
Topic: Anyone have VLAN and Chromecast working?
Replies: 16
Views: 6345

Re: Anyone have VLAN and Chromecast working?

Anyone have an update to this? Is it finally viable to be able to stream to chromecasts across separate networks/VLAN's natively in RouterOS 'without' the need to install docker containers? Main constraint there being this only works on ARM/CHR architecture and thus not devices like the HEX (mmips) ...
by millenium7
Mon Aug 21, 2023 8:50 am
Forum: General
Topic: Switch menu config not working as expected on Powerbox Pro
Replies: 6
Views: 1373

Re: Switch menu config not working as expected on Powerbox Pro

I've finally had some time to lab it I think the MikroTik help page is wrong, or has bad wording that isn't clear I also think it's just a complete bug, and things are broken and cannot be implemented as expected Here is a direct quote from the site Note: QCA8337 and Atheros8327 switch chips ignore ...
by millenium7
Fri Jul 28, 2023 7:37 am
Forum: General
Topic: Switch menu config not working as expected on Powerbox Pro
Replies: 6
Views: 1373

Re: Switch menu config not working as expected on Powerbox Pro

I thought it was fairly clear given that I outlined requirements as well as existing bridge mode config Terminology depends on your perspective. As an ISP the customer is on and remains solely in VLAN10 Ether1 is an access port, untagged traffic only. Will end up on VLAN10 by the time it egresses ou...
by millenium7
Fri Jul 28, 2023 5:08 am
Forum: Forwarding Protocols
Topic: Shortest Path Bridging (SPB)
Replies: 10
Views: 7952

Re: Shortest Path Bridging (SPB)

Not to mention MPLS is very broken on MikroTik.... After years of dealing with sporadic mismatches in forwarding table that causes unreachable customers/devices/routers i've resorted to completely ripping MPLS out of our MikroTik network. It's just not the right way to run a business having to rando...
by millenium7
Fri Jul 28, 2023 4:26 am
Forum: General
Topic: Switch menu config not working as expected on Powerbox Pro
Replies: 6
Views: 1373

Switch menu config not working as expected on Powerbox Pro

I'm baffled as to what the heck is happening when I seemingly configure the switch menu correctly, yet traffic just does not do what is intended At the moment most of our PowerBox deployments are configured solely with the Bridge menu, as it's much simpler to do so. The downside is no hardware offlo...
by millenium7
Wed Jul 12, 2023 12:45 pm
Forum: General
Topic: Optimal method to rate limit for a BGP neighbor?
Replies: 3
Views: 498

Re: Optimal method to rate limit for a BGP neighbor?

Let me try and clarify with a simple example using 1 company and 2 different sites (they get to the internet through my network) My network leases transit and an IP space of 1.0.0.0/24 to CompanyX CompanyX pays me for 150/150mbit of bandwidth to the internet CompanyX has 2 sites that connect to my n...
by millenium7
Wed Jul 12, 2023 11:51 am
Forum: General
Topic: Optimal method to rate limit for a BGP neighbor?
Replies: 3
Views: 498

Optimal method to rate limit for a BGP neighbor?

What is the most effective and straightforward method for rate limiting a BGP neighbor? Little more complicated than an interface queue because there can be traffic from multiple sources, and there are overlapping subnets for multiple neighbors (but more precise /32 routes) In addition, how about ra...
by millenium7
Mon Jul 10, 2023 1:21 pm
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 105
Views: 21992

Re: CubeSA 60Pro ac: 60Ghz clients flapping

at 300m in a multipoint setup (i'm assuming they are more than 5 degrees apart) i'd strongly suggest not using 58ghz. Try 64.8ghz and if thats stable step it down to 62ghz if you have other radio's in the area, or you're using it for a point-to-point backhaul I havn't extensively tested frequency on...
by millenium7
Fri May 19, 2023 3:32 am
Forum: Wireless Networking
Topic: Band Steering implementation?
Replies: 80
Views: 37713

Re: Band Steering implementation?

I may have a small Mikrotik network, but the number of times I've had a 5Ghz capable client connect to 2.4Ghz radio is extremely ware. This is before the WiFiwave2 package was even released. Yes, a single room is indeed small :D It's a very common thing, it's not just in MikroTik networks but since...
by millenium7
Thu May 18, 2023 3:13 am
Forum: Useful user articles
Topic: How to: Edge router and BNG optimization for ISPs Topic is solved
Replies: 54
Views: 88727

Re: How to: Edge router and BNG optimization for ISPs Topic is solved

You are confusing how port mapping works. MikroTik uses a code logic whereby if 100.64.0.10:1234 traffic comes in towards egress NAT interface, src-nat chain netmap action will map 100.64.0.10:1234 to public:1234. This ensures 1:1 port mapping, eliminating the need for TURN. However, for additional...
by millenium7
Thu May 18, 2023 2:53 am
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 105
Views: 21992

Re: CubeSA 60Pro ac: 60Ghz clients flapping

The latest 7.10beta5 appears to have fixed the issue I was having, can now run upload tests from client side without causing radio disconnections. Note that importantly it never disconnected with a mikrotik btest, it was only specific types of traffic Note also that you only need to update the AP an...
by millenium7
Wed May 17, 2023 8:48 am
Forum: Useful user articles
Topic: How to: Edge router and BNG optimization for ISPs Topic is solved
Replies: 54
Views: 88727

Re: How to: Edge router and BNG optimization for ISPs Topic is solved

I'd like to get some further clarification on a couple of topics RP-Filtering. Can someone explain how loose mode is in any way different to 'none' when a default route exists in the table? From what i've read, MikroTik does consider a default route when performing reverse path lookup. Hence every I...
by millenium7
Fri May 12, 2023 12:48 am
Forum: Forwarding Protocols
Topic: [Stability] Multiple PPPoE servers (+10) at the same router - Is there any alternatives?
Replies: 10
Views: 6797

Re: [Stability] Multiple PPPoE servers (+10) at the same router - Is there any alternatives?

You're overthinking it. There will be zero difference in CPU usage. PPPoE sessions terminate and then must hit the routers CPU. No they are not tied to individual cores or anything like that Just throw everything into a bridge with a horizon value (same on all) to avoid traffic flowing between custo...
by millenium7
Fri May 05, 2023 4:33 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 1901

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

Or....... I could use any other vendor and it just works without all the fluff The reason for capsman forwarding mode is it's the only one that allows hands-off provisioning Local forwarding mode still requires logging into the AP and manually creating the bridge interface and assigning the interfac...
by millenium7
Fri May 05, 2023 4:20 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 1901

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

If you want each room to have its own network so that devices can communicate with others in the same room, a VLAN per room might be a better solution than multiple bridges. If there's only a dozen rooms perhaps, when there's 200 rooms that's 200 vlans to configure across a bunch of switches, 200 s...
by millenium7
Fri May 05, 2023 3:53 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 1901

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

Not sure why this is not a clear concept so i'll try again Here's what i'd like to be able to do: Take any MikroTik AP directly out of the box with no configuration, plug it into a network and have CAPSMAN configure it with the details of the room it resides in Following me so far? The same as any o...
by millenium7
Fri May 05, 2023 1:50 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 1901

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

It's not niche at all, it's really quite a simple concept and extremely common to have both 2.4ghz and 5ghz treated like the same layer2 segment, so that when you have devices connected on both bands they can still communicate with each other, and not forcefully have to switch bands. This is the way...
by millenium7
Thu May 04, 2023 4:01 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 1901

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

Not a great solution either way, i'm hoping CAPSMAN gets a complete overhaul and rewritten from the ground up with the concept of multiple radio's and ease of management in mind. It seems to me that it was never designed that way, and assumed only a single radio was ever going to be present. As a re...
by millenium7
Wed May 03, 2023 1:07 pm
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 105
Views: 21992

Re: CubeSA 60Pro ac: 60Ghz clients flapping

We updated to the latest RC a couple weeks ago and the AP's stopped soft locking However there's still an issue, not sure if its always been there (I would say so) but we have only just recently narrowed it down to being replicate able Using 3x Cube60Pro AC's in a multipoint setup, when I run mikrot...
by millenium7
Wed May 03, 2023 5:04 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

I could be wrong but the other issue is the device will never boot back to RouterOS if its set to flash-boot (unsure if there's an integrated time-out?) I can see this being a problem, especially if flashfig doesn't work. Your device is essentially soft-bricked and you'd need a console cable to set ...
by millenium7
Wed May 03, 2023 4:00 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 1901

CAPSMAN - Config to bridge 2.4 and 5ghz together?

I looked this into a while ago and couldn't find an elegant solution, so here goes again incase I just missed something obvious How can I make CAPSMAN AP's work like every single other wifi device out there on the market, and have both 2.4ghz and 5ghz radio's be treated like a single network? Not th...
by millenium7
Sun Apr 30, 2023 6:56 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

OCR has been used in critical real-time industry-scale applications for decades. For computer-printed text, it's a solved problem, to the extent that researchers have been focusing on handwriting recognition instead, the original problem from the 1980s considered too easy now. Provided the text is ...
by millenium7
Sat Apr 29, 2023 7:04 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

The next 10% is please include a barcode for the password Not quite a barcode. But I suspect if the font/size was better, OCR would likely work. I use the iPhone with IMEIs and ICCIDs and surprised how well it works to read them. stick it straight on the box - optionally the product as well I belie...
by millenium7
Sat Apr 29, 2023 1:21 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

We did also notice the issue with ambiguous characters and bad font. We will find a solution ASAP. One option is to switch to all caps letters only, another is to avoid O/0/I/l/1/8/B. In any case, we are workinng on it. Fantastic! that's a good start, and is 90% of why I originally created the thre...
by millenium7
Thu Apr 27, 2023 6:53 am
Forum: General
Topic: PPPoE upload speed problem
Replies: 19
Views: 5643

Re: PPPoE upload speed problem

I'm having this problem with a customer as well. The PPPoE server is a MikroTik router, download test are fine but upload is garbage Client PPPoE has been tested as other routers as well direct PPPoE session on PC's and its maxing out at around 200mbit/s Changing to IP connectivity it maxes out the ...
by millenium7
Thu Apr 27, 2023 5:06 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

I only stick to things that can actually be done without giving a damn about the default password. Nothing more, nothing less. Ahhhh now it's starting to make sense. So if you encounter a situation like a radio/router/switch being factory reset on top of a tower, you just walk away and don't do any...
by millenium7
Wed Apr 26, 2023 9:21 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

have you read my posts at all? Yes I have, there is some merit in theory but not always in practice 1) I may not have any clue who the original distributor was of equipment that I take over. Or I may not have access to get those records 2) Netinstall/flashfig is a PITA at best, and completely usele...
by millenium7
Wed Apr 26, 2023 8:55 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

the sticker has only the DEFAULT password which you must change. this is not comparable to "I inherited a router that somebody password protected" Yes it is normis. Re-read what I said as you clearly misunderstood it If I factory reset a device then guess what password it gets? THE DEFAUL...
by millenium7
Wed Apr 26, 2023 8:48 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

*** I still haven't read a valid example (other than protected-routerboot) where this default password is a problem. But a concrete example, not bullshit. Of course I too could be wrong, but for now I have no data regarding something insurmountable that you haven't made me consider yet. If you havn...
by millenium7
Mon Apr 24, 2023 1:47 pm
Forum: General
Topic: pppoe client isolation
Replies: 12
Views: 1475

Re: pppoe client isolation

@ ponline well, how about try to make a p2p pppoe link for each client, instead of regular broadcast pppoe pool?? 🤔 this setup will be expensive in terms of ip number used, subscription maintenance and each pppoe p2p setup. 1 pppoe server for 1 pppoe client, uses 2 ips. PPPoE is not a broadcast seg...
by millenium7
Mon Apr 24, 2023 9:13 am
Forum: General
Topic: pppoe client isolation
Replies: 12
Views: 1475

Re: pppoe client isolation

You need to leave connection tracking on Sounds like you probably don't want the absolute most CPU optimal method, and it'd be better to have something that's easily managed. As it sounds like this router is doing other duties, so its best to keep things nicely separated into their own compartments....
by millenium7
Mon Apr 24, 2023 7:27 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

You are impossible to get through to. No that isn't what I've been saying, you are twisting my words around and clearly you've not gone through any of the scenarios I've proposed and thus it doesn't make sense to you
by millenium7
Mon Apr 24, 2023 5:27 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

Hang on a sec. Your plan is to have a mode where someone remote can blank out the configuration and provide a new one, including a new non-empty password, in order to get around a regulation passed to avoid having routers completely taken over by LAN worms? Are you proofreading your proposals or ju...
by millenium7
Mon Apr 24, 2023 4:04 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

I'm no lawyer but I wonder if they would remain compliant if they did revert back to a blank password, but the device is essentially unusable until a new password is set. All routing/switching/wireless functionality is disabled and nothing can be assigned except for very minimal management functiona...
by millenium7
Sun Apr 23, 2023 11:14 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

Just regarding netinstall... Anything physical is a no-go on remote applications and isn't an appropriate solution. Even if you get a layer2 tunnel to every site (lets be realistic, its just not feasible en-masse nor on most radio tower installs) you need to physically do something to the device, th...
by millenium7
Fri Apr 21, 2023 1:55 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

If you were expecting to be able to walk up to a router someone else installed and used to manage, but get full admin access on it without a reset of some kind, you're either dreaming or hoping for a world without any security at all. You are completely missing the mark here. Not one person here is...
by millenium7
Thu Apr 20, 2023 2:09 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

We've done plenty of mergers/acquisitions of equipment. Doesn't matter how perfect 'your' records may be, if you take over responsibility for other equipment you have get absolutely zero documentation and your only option is to factory reset the device to take over control of it. Well now you can't ...
by millenium7
Thu Apr 20, 2023 1:30 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

What is the story here? I'm confused. Multiple scenario's mixed together? There are plenty of scenario's where random default passwords are atrociously piss poor. The only one i'm addressing specifically in this thread is the difficulty in reading it as its so small and uses ambiguous characters. T...
by millenium7
Wed Apr 19, 2023 7:07 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

Not a QR code, should just be a regular old barcode QR codes work better for things like wifi passwords as it can contain a lot more information (such as URLs) but provide no benefit in this instance and have some drawbacks - most handheld barcode scanners don't do QR codes - much slower to read/rec...
by millenium7
Wed Apr 19, 2023 5:55 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

Barcodes would go a very long way to helping this situation. Not everyone has a barcode scanner, but it's a pretty easy sell if you have to configure lots of them For individual units and field techs at least they can use a phone to snap a pic and have it convert that to text. At least it would.be c...
by millenium7
Wed Apr 19, 2023 11:03 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Re: Something NEEDS to be done about the default passwords

Convenience is the worst enemy of security. Do it properly or not at all. This goes way beyond 'convenience', these sorts of random passwords absolutely will result in a lot of pointless e-waste, financial waste and needless man-hours solely because the device got factory reset and can no longer be...
by millenium7
Wed Apr 19, 2023 4:17 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 13849

Something NEEDS to be done about the default passwords

MikroTik need to keep it for EU compliance, frustrating as hell and should not apply to products sent outside the EU but whatever..... the main issue is make the password readable! Stop using characters like O/0/I/l/1/8/B as trying to decipher what they are gets really old really fast after repeated...
by millenium7
Thu Apr 13, 2023 8:44 am
Forum: Announcements
Topic: Newsletter #112 | April 2023
Replies: 66
Views: 11980

Re: Newsletter #112 | April 2023

The outdoor 5009 has no information on input wattage per ethernet port. Is it only 25w input as well? Or full 130w input is possible? My intention is to replace some Powerbox Pro's that have 60ghz radios hanging off then, as the powerbox is also setup as a router and it struggles. I don't want to ru...
by millenium7
Tue Apr 11, 2023 7:33 am
Forum: Forwarding Protocols
Topic: Deny OSPF prefix out a certain interface
Replies: 1
Views: 2025

Re: Deny OSPF prefix out a certain interface

Yes, maybe... If you are just using the default/backbone/area0 everywhere then no you cannot do any selective route filtering at all. Every router participating in OSPF will all have the same OSPF routes in memory, it's a hardcoded rule in the protocol itself as its by definition how OSPF actually w...
by millenium7
Sun Mar 26, 2023 1:40 am
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 105
Views: 21992

Re: CubeSA 60Pro ac: 60Ghz clients flapping

I seem to have a slightly different issue, only recently have I used the newer cube60 pro radio's in a multipoint setup (all radio's are the cube60 pro's, not the cube60sa) and it seems the AP soft locks, it responds to pings but you can't log into it, winbox shows no content, no interfaces etc. and...
by millenium7
Tue Mar 14, 2023 1:54 am
Forum: General
Topic: PowerboxPro / QCA8337 - VLAN with HW offload possible?
Replies: 1
Views: 327

PowerboxPro / QCA8337 - VLAN with HW offload possible?

I have a few sites that are running a powerbox pro as a distribution switch. Fine for lower data rates <200mbit/s but they choke up and limit speeds a lot after that The standard model I use is creating a bridge, adding all the ports, enabling VLAN filtering, assigning VLAN's and port isolation/hori...
by millenium7
Mon Feb 20, 2023 1:13 pm
Forum: General
Topic: Strange issue, I believe connections are being dropped?
Replies: 1
Views: 287

Re: Strange issue, I believe connections are being dropped?

I don't think this is related to number of connections (could still be wrong though) I converted the router to not need TCP tracking and moved the NAT functionality elsewhere. Problem still exists, TCP connections are dying It's similar to some threads i've managed to come across, except adjust conn...
by millenium7
Mon Feb 20, 2023 2:21 am
Forum: General
Topic: Strange issue, I believe connections are being dropped?
Replies: 1
Views: 287

Strange issue, I believe connections are being dropped?

I'm investigating a strange issue in our network thats related to connections seemingly dropping out. I.e. downloading a large file it will just outright fail at some point This seems to predominantly affect international traffic, but that may be related to the fact it takes longer to complete One t...
by millenium7
Sun Feb 19, 2023 5:13 am
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 105
Views: 21992

Re: CubeSA 60Pro ac: 60Ghz clients flapping

We're seeing the exact same thing with all 60ghz mikrotik products. hot garbage, do not buy, return if you can. No reply what so ever from Mikrotik with issues. Rubbish, in multipoint they are a bit meh but in point-to-point setups they are AWESOME. Just cannot be beaten for anywhere close to the m...
by millenium7
Thu Feb 16, 2023 1:59 am
Forum: Wireless Networking
Topic: Cube 60Pro ac Max Distance on 60Ghz?
Replies: 17
Views: 4017

Re: Cube 60Pro ac Max Distance on 60Ghz?

Thanks for answering! I was thinking about max distance during perfect clear line of sight conditions, is it 2.4km as they promote them? I accept decrease in performance due to weather (failing over to 5Ghz). Is it still max 6-700m in 60Ghz? /Patricio The problem with the Cube's (and every 60ghz pr...
by millenium7
Mon Dec 12, 2022 10:37 am
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 105
Views: 21992

Re: CubeSA 60Pro ac: 60Ghz clients flapping

Mikrotik 60 Ghz devices are great thank you guys your Siberian fan You can't say they are great when they just flat out have problems My biggest gripe is MikroTik has done NOTHING in actually educating the community on the ins and outs of their 60ghz products, nor how to use them properly It's frus...
by millenium7
Thu Nov 03, 2022 2:59 am
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 105
Views: 21992

Re: CubeSA 60Pro ac: 60Ghz clients flapping

Can they be downgraded to ROSv6? I havn't tried the CubeSA yet, but found with other 60ghz mikrotik products that its quite stable with 6.49.6 Other things to think of... /int w60g set 0 mgmt-fix=yes Can try that on the AP, no idea if its supported with the CubeSA products. Not even entirely sure wh...
by millenium7
Fri Oct 28, 2022 12:25 pm
Forum: RouterBOARD hardware
Topic: Any current issues with CCR2xxx series? Stay with CCR1xxx?
Replies: 1
Views: 611

Any current issues with CCR2xxx series? Stay with CCR1xxx?

Havn't been following all the 2xxx series closely but am aware of widespread reboot issues especially on the 2004. And have not heard of any actual confirmation that its been completely fixed Unsure of any specifics on other models, and whether to be looking at hardware or ROSv7 specific issues (Sti...
by millenium7
Fri Oct 28, 2022 5:08 am
Forum: General
Topic: Suggestion: Quick access/port forward wizard
Replies: 0
Views: 282

Suggestion: Quick access/port forward wizard

Something we do quite often is accessing internal devices such as a switch, access point, VoIP phone etc We often don't manage a customers internal network - hence we don't have remote access agents etc. But we do manage quite a few devices such as the above, as well as their main router If we manag...
by millenium7
Mon Oct 24, 2022 3:01 pm
Forum: General
Topic: Downgraded firmware, users reset, lost sticker - how to gain access
Replies: 14
Views: 1106

Re: Downgraded firmware, users reset, lost sticker - how to gain access

Yeah I read it completely backwards. Edited my post
by millenium7
Mon Oct 24, 2022 2:38 pm
Forum: General
Topic: Downgraded firmware, users reset, lost sticker - how to gain access
Replies: 14
Views: 1106

Re: Downgraded firmware, users reset, lost sticker - how to gain access

Why did you install v7 on a v6 device? There is no advantage over the Cube. Using netinstall, with no default configuration, reset the password to blank. Wanted to try V7. However latest V7 release breaks links and misses some stability improves in the latest V6 release, hence why I went back to V6...
by millenium7
Sun Oct 23, 2022 1:51 pm
Forum: General
Topic: Downgraded firmware, users reset, lost sticker - how to gain access
Replies: 14
Views: 1106

Re: Downgraded firmware, users reset, lost sticker - how to gain access

Stickers were long since removed and thrown away That was the WORST decision you ever made! You should at least have noted down the passwords and saved them somewhere. Get used to this, it will likely be introduced in ALL models, because due to EU directive it will be forbidden to sell devices with...
by millenium7
Sun Oct 23, 2022 11:58 am
Forum: General
Topic: Downgraded firmware, users reset, lost sticker - how to gain access
Replies: 14
Views: 1106

Downgraded firmware, users reset, lost sticker - how to gain access

This is the WORST design decision mikrotik has made, flapping randomized admin password. I downgraded a couple of Cube60 radio's from ROS 7.4 to 6.49.7 and its reset the user accounts so now I cannot log in. Stickers were long since removed and thrown away How can I access these radio's now? I have ...
by millenium7
Sat Oct 01, 2022 9:45 am
Forum: General
Topic: What are missing in /export and why. Bug?
Replies: 3
Views: 638

Re: What are missing in /export and why. Bug?

Yeah its a crap design decision/issue/bug/feature from MikroTik. I would REALLY REALLY REALLY REALLY like for all user accounts including MD5/SHA hashes of passwords to be included in /export It's way too easy to replace a faulty router, load the backup config and 'forget' to change the user details...
by millenium7
Mon Sep 26, 2022 12:56 am
Forum: RouterBOARD hardware
Topic: CubeG-5ac60ad
Replies: 23
Views: 6944

Re: CubeG-5ac60ad

Can you set up the cubes as ptmp with out the Mikrotik wAP 60Gx3 AP?
Yes, but you need to buy a Level4 licence through a MikroTik account and then apply it (only on the AP)
by millenium7
Sun Sep 18, 2022 5:20 am
Forum: Wireless Networking
Topic: Cube 60Pro - Real world range/reliability/alignment
Replies: 8
Views: 3199

Re: Cube 60Pro - Real world range/reliability/alignment

Also I believe the centre sector pattern is the same as LHG60G with an 8x8 array 27,28 35,36 Are the 4 centre sector numbers.... But id like a mikrotik rep to confirm it is indeed the case All our links tend to favor sector 35 when aligned as best as possible. The beamforming appears to be more stab...
by millenium7
Sun Sep 18, 2022 5:10 am
Forum: Wireless Networking
Topic: Cube 60Pro - Real world range/reliability/alignment
Replies: 8
Views: 3199

Re: Cube 60Pro - Real world range/reliability/alignment

We've put a few up The longest is still 1.35km and I've noticed it has dropped out more frequently in moderate to heavy rain, presumably it's moved a tiny fraction but whatever the case it's a 'real world' deployment, with real equipment in real conditions. If it's slipped by 1 degree and that cause...
by millenium7
Thu Sep 15, 2022 5:54 am
Forum: Forwarding Protocols
Topic: Stuck route? bug? how to see originator
Replies: 0
Views: 1293

Stuck route? bug? how to see originator

This is on v6.47.9 Have a seemingly phantom route thats stuck in the routing table, I have absolutely no idea where its coming from It's showing 'DAbU' as the flags, with a distance of 20 and no gateway. So it's implying its originating via an eBGP peer. However I specifically have rules to block th...
by millenium7
Wed Aug 31, 2022 3:27 pm
Forum: Forwarding Protocols
Topic: ROSv7 routing filter make an accept all rule?
Replies: 1
Views: 1021

ROSv7 routing filter make an accept all rule?

I understand that the default behavior now in ROSv7 is the opposite of v6 and it will reject all routes unless a match is found Thats fine (and probably should have been the default) however........ how exactly do I flip this behavior? or rather how do I add an 'accept all' rule to the bottom of the...
by millenium7
Mon Aug 08, 2022 3:22 pm
Forum: RouterBOARD hardware
Topic: hAP ax² dual band Wi-Fi 6 (802.11ax)
Replies: 287
Views: 67177

Re: hAP ax² dual band Wi-Fi 6 (802.11ax)

The vast majority of CPE facing radios are 24v, hence perfect for PoE out on port1 which is also the internet facing interface. It's literally labelled Internet. Just yet 1 more thing to avoid confusion with customers or even techs. I don't want to change interface assignment at all if I can avoid i...
by millenium7
Mon Aug 08, 2022 11:41 am
Forum: RouterBOARD hardware
Topic: hAP ax² dual band Wi-Fi 6 (802.11ax)
Replies: 287
Views: 67177

Re: hAP ax² dual band Wi-Fi 6 (802.11ax)

In theory and on paper yes. In reality no The reality is port1 is used for internet connectivity, thats precisely why the factory default config blocks on port1, and almost everyone will use port1 for that purpose There's been plenty of times we've done an installation (or even just pre-provisioned ...
by millenium7
Mon Aug 08, 2022 7:08 am
Forum: RouterBOARD hardware
Topic: hAP ax² dual band Wi-Fi 6 (802.11ax)
Replies: 287
Views: 67177

Re: hAP ax² dual band Wi-Fi 6 (802.11ax)

I think this one pretty much nails the essentials Yes plenty of other things 'could' have been put in but I feel that Wifi6 and higher gain antenna's are by far the most important thing, and would happily sacrifice everything they have in order to make it happen at a good price point USB is nice to ...
by millenium7
Fri Aug 05, 2022 4:44 am
Forum: Wireless Networking
Topic: HotSpot: How to keep people from mooching?
Replies: 6
Views: 900

Re: HotSpot: How to keep people from mooching?

I like the idea of passwords being printed on a receipt that change daily. Not practical in all situations though There's not really any good method. I would highly advise NOT implementing any sort of signal strength based denial process, it just will not work as intended Signal strength is affected...
by millenium7
Fri Jul 29, 2022 11:31 am
Forum: Wireless Networking
Topic: CAPSMAN - Surely there's a simpler/cleaner way?
Replies: 19
Views: 2950

Re: CAPSMAN - Surely there's a simpler/cleaner way?

anyone who praises CAPSMAN would be blown off their rocking chair. I new Mikrotik AP do not even look at the sticker. :D I connect the point, press reset for 10 seconds to switch the device into CAP mode and go to connect the next one. You just need to set up the Capsmans properly Now create 130 un...
by millenium7
Fri Jul 29, 2022 11:25 am
Forum: Wireless Networking
Topic: CAPSMAN - Surely there's a simpler/cleaner way?
Replies: 19
Views: 2950

Re: CAPSMAN - Surely there's a simpler/cleaner way?

Finally someone has found a Grandstream product that works!!! :shock: :shock: :shock: Old ones are shit New Wifi6 gear is fantastic I have zero brand loyalty, I look at individual products on their own merits. Brand loyalty does not work in technology, smart people come and go from a company (often...
by millenium7
Fri Jul 29, 2022 12:55 am
Forum: Wireless Networking
Topic: CAPSMAN - Surely there's a simpler/cleaner way?
Replies: 19
Views: 2950

Re: CAPSMAN - Surely there's a simpler/cleaner way?

Easy dont use capsman. I dont and dont regret it all. I have not lost one nanosecond of my life and when I see the gazillion of threads, with hair pulled out, teeth gnashing and the like, I just have to smile, knowing what I avoided. When deploying dozens/hundreds its great. Back in the predominant...
by millenium7
Wed Jul 27, 2022 11:18 am
Forum: Wireless Networking
Topic: CAPSMAN - Surely there's a simpler/cleaner way?
Replies: 19
Views: 2950

Re: CAPSMAN - Surely there's a simpler/cleaner way?

And when you think about it, it's logical. 2.4GHz settings are not the same as 5GHz settings. They ARE different interfaces in HW too. I think about every single other wireless controller i've used and how ridiculously illogical CAPSMAN is in its config/provisioning in comparison, its rubbish It wa...
by millenium7
Wed Jul 27, 2022 8:49 am
Forum: Wireless Networking
Topic: CAPSMAN - Surely there's a simpler/cleaner way?
Replies: 19
Views: 2950

CAPSMAN - Surely there's a simpler/cleaner way?

CAPSMAN with nothing but 2.4ghz gear, fine, easy, neat However 2.4ghz and 5ghz devices is a total mess and a pain in the ass, but maybe there's something i'm missing? (i'm hoping so) It's really simple, I just want 2.4ghz and 5ghz with the same name, but obviously subtle differences like 20mhz chann...
by millenium7
Thu Jul 21, 2022 12:43 pm
Forum: Wireless Networking
Topic: CUBE 60PRO AC
Replies: 28
Views: 3815

Re: CUBE 60PRO AC

5GHz interface is designed as backup for 0.001% of time when main 60GHz interface is unavailable. it's not designed as Access point for other wireless clients or other uses. A backup for what exactly? listening to an internet radio station? Because it isn't a backup for customer data. That would im...
by millenium7
Thu Jul 21, 2022 4:59 am
Forum: General
Topic: Force PPPOE users to use only one DNS
Replies: 5
Views: 654

Re: Force PPPOE users to use only one DNS

Can't realistically be done due to DNS over HTTPS A lot of websites are now enforcing DNS over HTTPS which effectively means it does not care what DNS servers you set. I.e. google knows valid IP addresses, if any DNS server attempted to redirect google.com to somewhere else, it denies it and instead...
by millenium7
Tue Jul 19, 2022 7:10 am
Forum: Wireless Networking
Topic: CUBE 60PRO AC
Replies: 28
Views: 3815

Re: CUBE 60PRO AC

We have a link currently doing 1.35km. It has dropped in very, very heavy rain - no idea what that is in mm/H, but think tropical thunderstorm type of rain where you can barely see more than 100m Anything less than that it has stayed up. This actually makes it slightly better than the 60ghz long ran...
by millenium7
Mon Jul 18, 2022 2:28 am
Forum: General
Topic: MikroTik Bonding interface - 1 way communication problem
Replies: 4
Views: 840

Re: MikroTik Bonding interface - 1 way communication problem

Well, using the same pair of physical links for two bonds is really an "extremely unusual" approach (my English vocabulary lacks more appropriate expressions ;-) ) It's because MikroTik lacks the appropriate routing techniques to allow selective pathing If you know how to do it via routin...
by millenium7
Sun Jul 17, 2022 3:38 am
Forum: General
Topic: MikroTik Bonding interface - 1 way communication problem
Replies: 4
Views: 840

Re: MikroTik Bonding interface - 1 way communication problem

The concept is to provide active/backup over 2 different radio links. 60ghz primary and 5ghz failover Currently using OSPF with BFD on the primary and regular OSPF on the secondary. This technically allows for fast failover but what I want is to treat them like a single link and suppress OSPF events...
by millenium7
Wed Jul 13, 2022 1:45 pm
Forum: Wireless Networking
Topic: My frustration with WISP
Replies: 39
Views: 3535

Re: My frustration with WISP

Seeing multiple private IP's means nothing whatsoever, it does not imply there's multiple layers of NAT going on If customers do a traceroute in our network they too will see multiple private IP's, yet the ones that have been assigned a public will not have any NAT occuring except what is set on the...
by millenium7
Wed Jul 13, 2022 9:34 am
Forum: General
Topic: MikroTik Bonding interface - 1 way communication problem
Replies: 4
Views: 840

MikroTik Bonding interface - 1 way communication problem

Is there a way around this? I've noticed if using a Bonding interface in an active/backup setup, it is susceptible to 1 way traffic failures that will not properly failover. One router will correctly fail the active link and fall over to the backup. But the other will not and hence communication is ...
by millenium7
Tue Jul 05, 2022 11:30 am
Forum: Wireless Networking
Topic: My frustration with WISP
Replies: 39
Views: 3535

Re: My frustration with WISP

Yes it will cost you slightly On the other hand you are asking the ISP to use one of their public IP addresses (which costs money) solely for you, and potentially set up additional routing just for you, for free And since they've already told you no, now you're complaining here on this public forum ...
by millenium7
Tue Jul 05, 2022 10:07 am
Forum: Wireless Networking
Topic: My frustration with WISP
Replies: 39
Views: 3535

Re: My frustration with WISP

double NAT is not inherently a problem on its own, it depends on the protocols. Vast majority of services these days will handle it, its only when you need a direct connection to someone that it can be a problem (and in some cases VoIP/PBX etc) If you absolutely must have an open connection, VPN doe...
by millenium7
Tue Jul 05, 2022 4:44 am
Forum: Wireless Networking
Topic: My frustration with WISP
Replies: 39
Views: 3535

Re: My frustration with WISP

Have only skimmed through the thread but i'll try and lay out a simple explanation from an ISP perspective Firstly it doesn't matter that its a WISP. This is not a reason for you to not have a public IP address, however there's a lot more behind-the-scenes going on that can be a very viable explanat...
by millenium7
Thu Jun 30, 2022 5:02 am
Forum: Wireless Networking
Topic: Cube 60Pro - Real world range/reliability/alignment
Replies: 8
Views: 3199

Cube 60Pro - Real world range/reliability/alignment

Having (mostly) mastered the fine art of the LHG60G, I feel I now need to figure out the Cube60Pro's since MikroTik has very lacklustre documentation on actual real world usability First and foremost what are people actually managing to achieve with their point-to-point setups? At the moment we have...
by millenium7
Thu Jun 23, 2022 12:14 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 235323

Re: MikroTik Devices Controller

it doesn't tell you if the existing config is correct, That would be interesting for sure. But might be difficult to implement. What is a correct config? Today one is not sure ROS will act as expected. "Toruble" shooting can take some time, as there are so many settings, and so many thing...
by millenium7
Thu Jun 23, 2022 12:55 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 235323

Re: MikroTik Devices Controller

Interesting idea. Actually the current experience is already quite good. Managing nearly 100 MT routers at a very remote location, can be done. Can be done yes, but could be done immensely better with a central cloud controller It's not just about number of devices either Relatively simple things l...
by millenium7
Mon Jun 20, 2022 5:41 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 235323

Re: MikroTik Devices Controller

Lot of this probably been mentioned already but i'll throw my 2c in - Cloud based, absolutely. Something that can just reach a known public server out-of-the-box as long as it gets an internet connection. Make it something that runs over port 443 to get through firewalls and not need ANY config depl...
by millenium7
Mon May 23, 2022 8:18 am
Forum: Scripting
Topic: flushing firewall connections on a specific interface?
Replies: 2
Views: 748

Re: flushing firewall connections on a specific interface?

yes but there are no parameters that correspond to a specific interface, nor with a route Only IP addresses are listed, meaning additional steps are required to extrapolate the required information I managed to figure it out, bit of a pain in the ass as I need to extract the information from the 'ga...
by millenium7
Mon May 23, 2022 4:18 am
Forum: Scripting
Topic: flushing firewall connections on a specific interface?
Replies: 2
Views: 748

flushing firewall connections on a specific interface?

Having some difficulty with scripting this properly I'm about to implement a failover script that uses netwatch and tests for reachability of a public IP address. If a route is unreachable it'll purge the firewall connection table The problem is this is not selective, it will purge the entire connec...
by millenium7
Mon May 09, 2022 3:04 am
Forum: Forwarding Protocols
Topic: iBGP vs Static priorities
Replies: 2
Views: 839

Re: iBGP vs Static priorities

This is a routing engine problem. It will not replace an existing route if they are an exact match I.e. 10.0.0.0/8 will not be replaced with another 10.0.0.0/8 even if its substantially better This applies to differing route types, i.e. static and BGP, OSPF and BGP, OSPF and static etc If it's the s...
by millenium7
Thu Apr 28, 2022 2:44 pm
Forum: RouterBOARD hardware
Topic: NetPower 16p.... Rubbish PoE design. Workarounds?
Replies: 20
Views: 4405

Re: NetPower 16p.... Rubbish PoE design. Workarounds?

I mount this inside the netpower and supply with 48 volts. the output goes to 24 volt input. the 48 volts goes to 48 volt input. direct replacement for ubnt. works awesome. https://www.ebay.com/itm/110730441396?hash=item19c80c72b4:g:Wj0AAMXQigBR7Mve This is a step in the right direction but the net...
by millenium7
Wed Mar 02, 2022 6:25 am
Forum: RouterBOARD hardware
Topic: PowerBox Pro - 4 Pair Input? Full .at output?
Replies: 7
Views: 1413

Re: PowerBox Pro - 4 Pair Input? Full .at output?

I suggest get rid the 'powerbox' entirely as its a stupid product, who wants 100mbit ports just to save a tiny amount Then rename the PowerBox Pro to just 'PowerBox' Now release PowerBox Pro v2 that is actually a 'pro' model, with 24/48v switching (with a single 48-60v input on eth1, not silly dual ...
by millenium7
Fri Feb 11, 2022 9:03 am
Forum: RouterOS beta
Topic: DHCP Option 82 circuit/remote ID for server leases in v7?
Replies: 3
Views: 3848

Re: DHCP Option 82 circuit/remote ID for server leases in v7?

Perhaps you can use Docker on your Mikrotik model to run exactly a instance of a DHCP Server that supports your needs. So you do not need an extra device for this job. This requires learning how to work with docker, setting up a new DHCP server etc. It's a lot of administrative overhead as I want t...
by millenium7
Thu Feb 10, 2022 3:35 am
Forum: RouterOS beta
Topic: New User Manager in RouterOS v7
Replies: 211
Views: 80688

Re: New User Manager in RouterOS v7

I have a request: please add optional circuit ID and remote ID fields for user accounts, without needing to specify MAC address or any other options We really need DHCP option 82 functionality to authenticate guests by port/location, not by voucher code which is pointless in our case Use cases are t...
by millenium7
Tue Feb 08, 2022 8:59 am
Forum: RouterOS beta
Topic: DHCP Option 82 circuit/remote ID for server leases in v7?
Replies: 3
Views: 3848

DHCP Option 82 circuit/remote ID for server leases in v7?

This has been a huge limitation for us for a long time, being unable to do leases via DHCP Option82 parameters I saw in RouterOS v7 that User Manager has had an overhaul, i'm wondering if its now possible to somehow use this (or just the base DHCP server) to assign addresses based on either the Circ...
by millenium7
Tue Jan 25, 2022 3:35 am
Forum: General
Topic: Request: Take OSPF state changes out of 'debug' log category
Replies: 6
Views: 3247

Re: Request: Take OSPF state changes out of 'debug' log category

Bumping this up. MikroTik please implement this in the next firmware update. It should be an incredibly simple and easy thing to do, the messages are already there, just literally take the 'up' message (and all other key state changes) and assign it into the 'ospf, info' category. Very simple, 30 mi...
by millenium7
Tue Jan 25, 2022 2:29 am
Forum: Forwarding Protocols
Topic: Speed drop OSPF/MPLS/VPLS
Replies: 2
Views: 2307

Re: Speed drop OSPF/MPLS/VPLS

It may not be MTU related but to check if it is, you want to do a ping from the customer (or closest router if possible) do a 1500 byte ping with the 'do not fragment' box ticked, out to furthest possible point, end of where MPLS stops at least Then - very importantly - also do the same in reverse. ...
by millenium7
Mon Jan 24, 2022 11:10 am
Forum: General
Topic: Autosensing passive PoE?
Replies: 11
Views: 2040

Re: Autosensing passive PoE?

Nothing against passive PoE, just passive PoE 'detection' You don't need to use the 'auto' mode, just manually turn it off/on In addition passive PoE detection doesn't always work when it is supposed to either. Powering a Cambium radio from a MikroTik for example, most of the time it will not detect...
by millenium7
Mon Jan 24, 2022 8:36 am
Forum: General
Topic: Autosensing passive PoE?
Replies: 11
Views: 2040

Re: Autosensing passive PoE?

802.3af/at standard PoE detection works properly every time passive PoE detection I do not like at all and I really wish it wasn't a thing. I've had several times when i've plugged something in and passive PoE has decided to kick in and supply power. This absolutely can and likely will kill end devi...
by millenium7
Mon Jan 24, 2022 7:51 am
Forum: General
Topic: Has MikroTik changed something with SSH output?
Replies: 6
Views: 2361

Re: Has MikroTik changed something with SSH output?

This is still present in 6.49.2, config diffs are all useless as i'm just getting spammed with change notifications all the time when nothing has changed, because its logging every character as its typed (sometimes multiple times and not exactly repeated hence a change notification) How are others d...
by millenium7
Fri Dec 17, 2021 7:58 am
Forum: General
Topic: Help guides for TR069/CWMP software and setup?
Replies: 4
Views: 1597

Re: Help guides for TR069/CWMP software and setup?

Do you have links to any good resources for learning about it and the best way to set it up? i.e. tutorial series or step by step guides
What about FreeACS?
by millenium7
Thu Dec 16, 2021 9:12 am
Forum: General
Topic: Help guides for TR069/CWMP software and setup?
Replies: 4
Views: 1597

Help guides for TR069/CWMP software and setup?

This is something i've been wanting to setup and deploy in hotels and for many locations in our private network. Hotels especially as we use a mixture of vendors equipment and I really would like the ability to simply plug any vendors DSL or Ethernet ether into the wall and have it automatically con...
by millenium7
Mon Nov 29, 2021 5:06 am
Forum: General
Topic: Has MikroTik changed something with SSH output?
Replies: 6
Views: 2361

Re: Has MikroTik changed something with SSH output?

doesn't work. When adding 'e' solarwinds fails to recognize a successful login

This really needs to be fixed. Right now we're blind to config changes because its just emailing through a tonne of garbage
by millenium7
Fri Nov 19, 2021 4:54 am
Forum: Forwarding Protocols
Topic: Migrate BGP to another company address
Replies: 5
Views: 3351

Re: Migrate BGP to another company address

If you are using full tables, OSPF can't handle those, so you will want to iBGP peer those two routers to make sure that they have the same view of the global routing table. If you are only getting a default route, that probably isn't necessary. I wouldn't be advertising the BGP table across the li...
by millenium7
Fri Nov 19, 2021 4:37 am
Forum: Forwarding Protocols
Topic: Migrate BGP to another company address
Replies: 5
Views: 3351

Re: Migrate BGP to another company address

I would do this by simply advertising the /24 at both physical locations. And then have your own connection between these 2 locations and run iBGP or OSPF between the routers (you can use EoIP or any other tunnel for this in the meantime) so i.e. you have 1.2.3.0/24 advertising out both locations, b...
by millenium7
Tue Nov 16, 2021 5:23 am
Forum: General
Topic: Has MikroTik changed something with SSH output?
Replies: 6
Views: 2361

Re: Has MikroTik changed something with SSH output?

we're using +ct2000w, tried +cte2000w and it fails

I'll have to troubleshoot later
by millenium7
Tue Nov 16, 2021 4:20 am
Forum: General
Topic: Has MikroTik changed something with SSH output?
Replies: 6
Views: 2361

Re: Has MikroTik changed something with SSH output?

Yes, they have recently changed some things. What are you using to backup the config via SSH?
Solarwinds NCM

What version did MikroTik change this?
by millenium7
Tue Nov 16, 2021 3:58 am
Forum: General
Topic: Mikrotik router Hacked!!!
Replies: 140
Views: 55436

Re: Mikrotik router Hacked!!!

There are information about windows malware, that knows how to connect to MT router with default password and make a configuration changes to add it to botnet. So admin: no password to local network are not safe anymore. Well this has to be changed by MikroTik anyway, as it will be forbidden to sel...
by millenium7
Tue Nov 16, 2021 1:17 am
Forum: General
Topic: Has MikroTik changed something with SSH output?
Replies: 6
Views: 2361

Has MikroTik changed something with SSH output?

In anything since 6.44.x onwards Noticing a lot of our devices are now screwing up with config exports and the software is logging individual characters as a line / /e /ex /exp /expo /expor /export /export /export t /export te /export ter /export ters Wondering if anything at all has changed in the ...
by millenium7
Tue Nov 02, 2021 2:45 am
Forum: Wireless Networking
Topic: LHG 60G Alignment question
Replies: 1
Views: 2145

Re: LHG 60G Alignment question

The alignment information can be very misleading The best way to align these radio's is to login and type /int w60g set 0 tx-sector=36 To force it only use the middle of the grid antenna Then go into alignment mode /int w60g align 0 And finally run a UDP bandwidth test with direction=both to fully s...
by millenium7
Thu Oct 28, 2021 2:48 pm
Forum: Wireless Networking
Topic: RB4011 Wirelesss
Replies: 4
Views: 1893

Re: RB4011 Wirelesss

I've trialed the TPLink EAP620 and it's actually surprisingly really good with fantastic range. Only thing is it's physically enormous and quite off-putting. But I have to say I think I prefer its performance over a Cambium XV2 (if you don't need any of the fancy features and management). And in an ...
by millenium7
Thu Oct 28, 2021 2:25 pm
Forum: Wireless Networking
Topic: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]
Replies: 19
Views: 7182

Re: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]

This comment tells me you don't understand how MikroTik works as a company. Without specifics nothing will change. If all you want to do is share your frustration and anecdotal results with the WiFi performance, no big deal, but it doesn't really benefit anyone. What specifics do you actually want?...
by millenium7
Thu Oct 28, 2021 12:55 am
Forum: Wireless Networking
Topic: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]
Replies: 19
Views: 7182

Re: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]

Here's really the bottom line: Anyone can go out and do their own testing in their own environments But when doing those tests don't 'only' test peak bandwidth with iPerf because as anyone should know thats only part of the equation. 500mbit/s is great but not if your latency is fluctuation +/-80ms ...
by millenium7
Mon Oct 25, 2021 4:37 am
Forum: Wireless Networking
Topic: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]
Replies: 19
Views: 7182

Re: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]

Problem though is you can't test and apply exact measures with wifi because every single environment is different. The best you can do is manage relative comparisons and approximations RF environments are not like ethernet or fiber where you can go 'yep she's good to XXX metres at exactly that speed...
by millenium7
Sun Oct 24, 2021 12:05 pm
Forum: Wireless Networking
Topic: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]
Replies: 19
Views: 7182

I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]

I seriously cannot believe how garbage it is. But this is not just a rant its a plea to please do something about it. You've lagged so incredibly far behind the industry that its actually insulting that you still sell wireless products (outside of your 60ghz which is quite frankly awesome if used ap...
by millenium7
Sun Oct 24, 2021 3:26 am
Forum: Forwarding Protocols
Topic: How to do OSPF with pt(m)p over a /31 tunnel? [SOLVED]
Replies: 2
Views: 4158

Re: How to do OSPF with pt(m)p over a /31 tunnel? [SOLVED]

The simple solutions (if possible) are 1) don't use /31 it has issues in mikrotik, just use /32 which you can use the same addressing anyway, or you can totally save on it and use just 1 IP address on the hub router for all neighbours 2) use point to point type, ptmp also has issues. Simply create 1...
by millenium7
Thu Oct 21, 2021 3:37 pm
Forum: Forwarding Protocols
Topic: OSPF - Is it Possible to have a Backbone Area over a regular Area?
Replies: 3
Views: 3059

Re: OSPF - Is it Possible to have a Backbone Area over a regular Area?

Just note that 'all areas must connect to the backbone' still occurs.... Even with virtual links. So if you have say Area2->Area1->Area0 then guess how Area2 and Area1 communicate? Nope you guessed wrong Area2 will tunnel traffic to Area0 then back to Area1...... ....yes OSPF design sucks and yes we...
by millenium7
Thu Oct 21, 2021 10:44 am
Forum: General
Topic: Can licence be swapped? (identical devices)
Replies: 1
Views: 603

Can licence be swapped? (identical devices)

An upgraded licence was applied to the wrong device but identical hardware
Can the licences both be exported and swapped over between the different devices?

This is for 60ghz LHG radio's, not CHR
by millenium7
Thu Oct 21, 2021 4:21 am
Forum: Forwarding Protocols
Topic: MPLS bugs, had enough
Replies: 21
Views: 9266

Re: MPLS bugs, had enough

We havnt used VPLS in a while, still get problems with MPLS with regular routing of traffic. So advertising filters have nothing to do with it I don't think you understand - by using advertise filters, you can make it so that only your VPLS traffic has MPLS labels placed on it and nothing else, so ...
by millenium7
Thu Oct 21, 2021 1:25 am
Forum: Forwarding Protocols
Topic: MPLS bugs, had enough
Replies: 21
Views: 9266

Re: MPLS bugs, had enough

We havnt used VPLS in a while, still get problems with MPLS with regular routing of traffic. So advertising filters have nothing to do with it Only problem with moving PPPoE closer vs having it aggregated at a central location, is the customer router then can't tell if there's a problem upstream. To...
by millenium7
Wed Oct 20, 2021 4:23 pm
Forum: Forwarding Protocols
Topic: MPLS bugs, had enough
Replies: 21
Views: 9266

Re: MPLS bugs, had enough

I assume you guys have also limited mapping with the mpls advertise filter? I tend to bring up the hello timers, because by default they do not match. Between the mpls advertise filters and timers match, I have eliminated losing mpls sites in my system. I may not be as big a fish as some of you, bu...
by millenium7
Mon Oct 18, 2021 9:15 am
Forum: Forwarding Protocols
Topic: MPLS bugs, had enough
Replies: 21
Views: 9266

MPLS bugs, had enough

Here's my last ditch effort to see if anyone has a surefire 100% effective method for making MPLS 'just work' with MikroTik - otherwise i'm ripping it entirely out of our network 99.9% of the time it seems to work perfect, but that 0.1% is just too painful. A link somewhere in our network may go dow...
by millenium7
Mon Oct 11, 2021 8:30 am
Forum: Wireless Networking
Topic: What algorithm of alignment the 60 Ghz devices is right?
Replies: 14
Views: 4445

Re: What algorithm of alignment the 60 Ghz devices is right?

MikroTik really needs to clarify further with the 60ghz products. They are actually REALLY good but it took us a long time to finally figure out how to actually use them properly First and foremost, the alignment according to direction is COMPLETELY wrong, its totally useless with 1 exception*** You...
by millenium7
Wed Oct 06, 2021 12:46 pm
Forum: RouterBOARD hardware
Topic: CCR1036-8G-2S+ - SFP+ port stops transmitting data?
Replies: 31
Views: 17277

Re: CCR1036-8G-2S+ - SFP+ port stops transmitting data?

That's not good to hear it still occurs...... I havn't touched the network topology and been considering changing it all back to how it logically should be, but if this is still happening today then no chance..... this is hugely service impacting Think I lost 5 years of my life last time, not game t...
by millenium7
Thu Sep 30, 2021 1:22 pm
Forum: General
Topic: Routing a Block of Public IP Addresses to Other Mikrotik [SOLVED]
Replies: 15
Views: 10364

Re: Routing a Block of Public IP Addresses to Other Mikrotik [SOLVED]

If its not working then consider traffic in 'both' directions It's very simple to create a new 'bridge' with no ports assigned to it (thats the closest thing to a 'loopback' interface in the MikroTik world) and then just put a single IP address from that range on there as a /32 Then check your routi...
by millenium7
Thu Sep 30, 2021 9:09 am
Forum: RouterBOARD hardware
Topic: new AP - cAP XL ac - spotted on fcc site
Replies: 19
Views: 9961

Re: new AP - cAP XL ac - spotted on fcc site

Be realistic, we are in the midst of a global chip shortage with lead times from Qualcomm on some WiFi products at 60 weeks.. MikroTik has the ability to jump the queue, often that involves paying more MikroTik needs to learn how to you know.... charge money for their products.... It's good that mo...
by millenium7
Mon Sep 27, 2021 12:52 pm
Forum: General
Topic: RB4011 Slow Inter-VLAN Routing
Replies: 24
Views: 2968

Re: RB4011 Slow Inter-VLAN Routing

My switch is a CSS326-24G-2S+-RM, no routing in it. It has a single 10G trunk to the RB4011 with all the VLANs on it. Traffic staying on the same VLAN won't be going through the router, its staying on that switch. Ergo if your performance is slow within the same VLAN, the router (and thus firewall ...
by millenium7
Mon Sep 27, 2021 3:03 am
Forum: General
Topic: RB4011 Slow Inter-VLAN Routing
Replies: 24
Views: 2968

Re: RB4011 Slow Inter-VLAN Routing

I get the same speed if I stay on the same VLAN or go between them in file transfers. Surprised no ones picked up on this yet In order for you to go to the same VLAN, this means you either have a switch behind one of your ports, or if both devices were connected to the RB4011 you'd need a bridge se...
by millenium7
Wed Sep 15, 2021 7:19 am
Forum: Forwarding Protocols
Topic: OSPF Out Filter
Replies: 6
Views: 4812

Re: OSPF Out Filter

OSPF has many frustrating issues, this is one of them. All routers in an area need to agree on the routing table, this means you can't filter rules to another router in the same area. The rule is there for a reason but unfortunately it's just not suitable in many modern dynamically expanding network...
by millenium7
Mon Sep 13, 2021 1:51 pm
Forum: Forwarding Protocols
Topic: MPLS - Fast reroute. When?
Replies: 24
Views: 15354

Re: MPLS - Fast reroute. When?

Whilst we wait, how are others dealing with quick fail-over? Poorly In our case its a routed network between almost all links. And on the ones with multiple links thats where we use BFD (as BFD is buggy on mikrotik and not entirely reliable) However this still isn't great because its only a hop-to-...
by millenium7
Mon Sep 13, 2021 1:35 pm
Forum: Forwarding Protocols
Topic: /30 with OSPF Network
Replies: 4
Views: 3126

Re: /30 with OSPF Network

Are you assigning /30 to customers because you want to give them 4 public IP addresses? Or because you want to assign them just 1 public IP address and you are using the other 3 as network/broadcast/gateway addresses? i.e. wasting 3 Because if you are doing the latter, you don't need to. You are jus...
by millenium7
Mon Sep 13, 2021 5:27 am
Forum: Forwarding Protocols
Topic: /30 with OSPF Network
Replies: 4
Views: 3126

Re: /30 with OSPF Network

If I understand correctly, you want to assign both a private IP i.e. 10.0.0.6, as well as additional IP addresses? You can assign additional IP's with additional RADIUS options. It depends if your system supports this or not (Splynx for instance does, you can assign as many IP addresses to a single ...
by millenium7
Mon Sep 13, 2021 4:27 am
Forum: RouterBOARD hardware
Topic: NetPower 16p.... Rubbish PoE design. Workarounds?
Replies: 20
Views: 4405

Re: NetPower 16p.... Rubbish PoE design. Workarounds?

Don't need to run all 16 ports no. I'm fully aware of current limitations However current design is stupid. Ideally this device should support DC jack input as well as PoE-In with voltage switching Since it doesn't do the latter, it should at least have 24v-in on Ether1 and 48v-in on Ether2 (ideally...
by millenium7
Mon Sep 13, 2021 2:35 am
Forum: RouterBOARD hardware
Topic: NetPower 16p.... Rubbish PoE design. Workarounds?
Replies: 20
Views: 4405

NetPower 16p.... Rubbish PoE design. Workarounds?

I can't actually wrap my head around the design philosophy of this design, it just seems so incredibly......... rubbish.... many known issues such as non isolated ground, no 24/48v switching capability etc Nevertheless we have some in stock and are trying to find a use for them. The main issue is th...
by millenium7
Sat Sep 04, 2021 2:01 am
Forum: Scripting
Topic: RouterOS SNMP Get [SOLVED]
Replies: 19
Views: 13616

Re: RouterOS SNMP Get [SOLVED]

Outputting to file is still not a great method, it's slow (will likely slow the router down while it waits) and going to wear out the flash memory very quickly when writing often. So it's not suitable for i.e. radio link monitoring every 5 seconds I just don't understand it, it makes me think MikroT...
by millenium7
Thu Sep 02, 2021 3:07 am
Forum: Forwarding Protocols
Topic: Customer and ISP failover not working as expected
Replies: 2
Views: 2804

Re: Customer and ISP failover not working as expected

Seemingly the same problem was reported 4 years ago https://forum.mikrotik.com/viewtopic.php?t=119493 MikroTik please implement a feature (even if just in CLI) to override this behavior. It's not like this is a super niche scenario. Having a static route as a backup with OSPF internally is exceeding...
by millenium7
Tue Aug 31, 2021 11:25 am
Forum: Wireless Networking
Topic: Low throughput with 3x Audience
Replies: 37
Views: 8209

Re: Low throughput with 3x Audience

MikroTik wireless performance in general is garbage. It really hasn't improved much at all for years, and has been left in the dust by even very cheap off-the-shelf alternatives Audience is like buying a Ferrari but the handbrake is permanently on. Fantastic hardware but its so incredibly let down b...
by millenium7
Tue Aug 31, 2021 5:44 am
Forum: Forwarding Protocols
Topic: Customer and ISP failover not working as expected
Replies: 2
Views: 2804

Re: Customer and ISP failover not working as expected

I've just labbed this and it still happens In essence it's a problem with OSPF. If the source of the route is redistributed (i.e. an external route) then it will not install in the routing table if a route already exists I've tested this with Static, BGP and other OSPF instance routes. If redistribu...
by millenium7
Mon Aug 30, 2021 12:19 pm
Forum: Forwarding Protocols
Topic: Customer and ISP failover not working as expected
Replies: 2
Views: 2804

Customer and ISP failover not working as expected

https://i.ibb.co/FKXYQZm/image.png This basic diagram illustrates whats going on. We provide internet for a customer that has 2 sites, those sites are linked and by default both will use the much faster and more reliable primary link. This works perfectly fine Customer routers have OSPF between the...
by millenium7
Mon Aug 30, 2021 5:04 am
Forum: RouterOS beta
Topic: v7.1rc1 reasonable for production for my usecase?
Replies: 15
Views: 3127

Re: v7.1rc1 reasonable for production for my usecase?

It is completely inadequate, and devoid of any logic, to use "rc" software in production. But it's even worse to use a version (any) that just came out two days ago for something to put into production. Really absurd. (And it goes for anything, not just RouterOS) This sort of broad sweepi...
by millenium7
Tue Aug 24, 2021 2:52 pm
Forum: General
Topic: Urgently need help with strange forwarding issue
Replies: 6
Views: 1018

Re: Urgently need help with strange forwarding issue

Sorry yes I see now how it's confusing. 'Customer' in this instance is the company to which we provide the primary ISP service. But we still manage the entire Infrastructure In much the same way an ISP would sell to a business with its main router, yet also manages the internal equipment i.e. switch...
by millenium7
Tue Aug 24, 2021 2:24 pm
Forum: General
Topic: Urgently need help with strange forwarding issue
Replies: 6
Views: 1018

Re: Urgently need help with strange forwarding issue

I'll draw up a diagram tomorrow that explains better But no, the DSLAM exists between all customers and the RB3011. The 3011 is the 'internet gateway's or essentially just 'the router' in most organisations and the DSLAM is the switch. All VDSL routers behind it are acting as their own router (so do...
by millenium7
Tue Aug 24, 2021 5:30 am
Forum: General
Topic: Urgently need help with strange forwarding issue
Replies: 6
Views: 1018

Urgently need help with strange forwarding issue

We've got an issue popping up thats causing a lot of grief and is seemingly unsolvable We've got VDSL2 modems connected to a DSLAM, and the DSLAM connects to a RB3011 (have also used a HEX) This is a common setup where nothing is different across almost a hundred DSLAM's that we've installed, there ...
by millenium7
Thu Jul 15, 2021 11:47 am
Forum: Forwarding Protocols
Topic: ospf nbma
Replies: 6
Views: 4308

Re: ospf nbma

It depends how OSPF is configured since you can set the dead timer. This just means if the hello packets havn't been received, the neighbor is considered down It could be that 99.99% of traffic gets through just fine but it just so happens to be that the 0.01% were OSPF hello packets, lose enough in...
by millenium7
Wed Jul 14, 2021 6:26 am
Forum: Forwarding Protocols
Topic: OSPF second area
Replies: 2
Views: 3423

Re: OSPF second area

What you are posting violates the operational rules of OSPF and will not work properly OSPF requires all area's to directly connect to the backbone/Area0 In your example, area 20 is not connected to area 0 You can bend this rule with 'virtual links' to form a tunnel between area0 and area20, however...
by millenium7
Wed Jul 14, 2021 6:15 am
Forum: Forwarding Protocols
Topic: ospf nbma
Replies: 6
Views: 4308

Re: ospf nbma

If you are losing OSPF adjacency its because you are losing packets, there is a link problem. You mention this is happening during weather well......... theres ur answer. Wireless link is not able to handle the weather conditions Essentially you either improve the wireless links themselves (ensuring...
by millenium7
Thu Jul 01, 2021 2:42 am
Forum: RouterOS beta
Topic: v7 launch date
Replies: 156
Views: 49268

Re: v7 launch date

And Ubiquiti, for exalmple, has AirFiber 60-LR with 2Gbp/s link but only 1Gbp/s Copper ethernet... This is actually a good thing for the most part. You ideally want your air transmission rate to be higher than your actual ethernet throughput rate to allow for a more consistent experience when the c...
by millenium7
Fri Jun 11, 2021 8:33 am
Forum: General
Topic: Multiple RADIUS servers
Replies: 8
Views: 3676

Re: Multiple RADIUS servers

You can add various RAID server, but only one can be used for each service. The single services supported are: dhcp dot1x hotspot ipsec login ppp wireless Thank you, It would be nice if I can authenticate user@domain.one against domain.one RADIUS server, user@domain.two against domain.two RADIUS se...
by millenium7
Fri Apr 23, 2021 4:51 am
Forum: Forwarding Protocols
Topic: script to change ospf cost based on wireless modulation?
Replies: 2
Views: 2368

Re: script to change ospf cost based on wireless modulation?

Changing OSPF link cost will drop the adjacency, keep that in mind. It is not a dynamic process without interruption TX-Rate is also not a suitable metric, you'd want to build a script that uses RSSI, SNR and link quality. TX rate is just that, TX rate. Doesn't mean anything about actual effective r...
by millenium7
Mon Apr 19, 2021 7:37 am
Forum: General
Topic: New hack/bug? User accounts wiped
Replies: 7
Views: 1738

Re: New hack/bug? User accounts wiped

Router has a pretty standard config. It's denied access unless from a trusted address list Enabled services are api/api-ssl/ssh/winbox If this is a hack then its at a level lower than RouterOS. It's either that, or the flash memory is corrupt Noticed now that the router is failing on backups, it can...
by millenium7
Sat Apr 17, 2021 1:21 pm
Forum: General
Topic: Request: Take OSPF state changes out of 'debug' log category
Replies: 6
Views: 3247

Re: Request: Take OSPF state changes out of 'debug' log category

I should make a follow up post, hence I am I've had to disable this script across out entire network. There's a bug somewhere and I can't find out what it is. For the most part this script works just fine, however occasionally for some reason the script just keeps on firing and reporting an 'up' sta...
by millenium7
Fri Apr 16, 2021 4:28 am
Forum: General
Topic: New hack/bug? User accounts wiped
Replies: 7
Views: 1738

Re: New hack/bug? User accounts wiped

RouterOS version is 6.44.6, device is a CCR1036-8G-2S+ I think 6.44.x was vulnerable, so I don't think this is a new'ish hack. Here is a post about it. I updated to 6.47.x a while back to play it safe. just checked, SMB was not enabled (and shouldn't be enabled anywhere in our network. regular comp...
by millenium7
Fri Apr 16, 2021 2:45 am
Forum: General
Topic: New hack/bug? User accounts wiped
Replies: 7
Views: 1738

Re: New hack/bug? User accounts wiped

What is strange is a professional IT person not keeping their exposed to the net equipment up to date on firmware. I do get the fact that IT folks have become extremely lazy compared to olden days now that most apps like virus programs auto udpate files but even still there are major upgrades that ...
by millenium7
Fri Apr 16, 2021 1:23 am
Forum: General
Topic: New hack/bug? User accounts wiped
Replies: 7
Views: 1738

New hack/bug? User accounts wiped

This is a strange one Approx midnight last night one of our routers became unreachable by monitoring software I discovered I could log into it with admin/*blank* and there were no user accounts other than this admin one saying default In addition, AAA/radius was turned off (though the entry in RADIU...
by millenium7
Wed Mar 31, 2021 3:54 am
Forum: General
Topic: Enable port 80 in lan
Replies: 3
Views: 2674

Re: Enable port 80 in lan

Need further clarification I'm guessing that you are running your own website on a server thats in the LAN? is that correct? And so your existing firewall rule would just be a port forward i.e. /ip firewall nat chain=dstnet in-interface=WAN protocol=tcp dst-port=80 action=dst-nat to-addresses=[SERVE...
by millenium7
Wed Mar 31, 2021 3:36 am
Forum: General
Topic: Three Subnets in one ethernet interface [SOLVED]
Replies: 9
Views: 3667

Re: Three Subnets in one ethernet interface [SOLVED]

We run something like a dozen subnets on our office LAN. It's totally legal and a very valid reason for doing so The major use case for us is we deal with a lot of vendors equipment, all that equipment is usually setup for various static IP addresses out-of-the-box or we configure it to go into anot...
by millenium7
Mon Mar 29, 2021 5:22 am
Forum: Forwarding Protocols
Topic: OSPF with redundant Routers
Replies: 3
Views: 2227

Re: OSPF with redundant Routers

PTMP has issues on MikroTik

I'd suggest you create a separate VLAN interface for every router to router link over wireless and then use point-to-point type. You'll have far less issues
by millenium7
Wed Mar 24, 2021 8:57 am
Forum: The Dude
Topic: OSPF state as link status?
Replies: 0
Views: 5130

OSPF state as link status?

I've never really used The Dude as my bigger priority has been a whole lot of custom work for historical monitoring which is why I mostly use NetXMS However I thought i'd install The Dude to function as a link status monitor that I can put up on a TV The one thing I want to monitor are all the links...
by millenium7
Mon Mar 22, 2021 1:59 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192855

Re: LHG 60G experience

This is of course not LHG 60G limited, I'm generally interested in any 60GHz experience. Sure I know crappy plastic LHG is something different to professional grade all-metal antennas/devices etc. but Im interested in any experience Actually it is specifically a problem with the MikroTik 60ghz. The...
by millenium7
Sun Mar 21, 2021 1:44 am
Forum: Forwarding Protocols
Topic: Selective routing with failover in MikroTik - How?
Replies: 8
Views: 3891

Re: Selective routing with failover in MikroTik - How?

Thanks, I read through it. If I understand correctly, you are manipulating the traffic direction for a destination subnet. This seems like it could work if a client is given 2 IP addresses, 1 is used for regular data, the other is used for voice traffic This way you can influence voice to use the le...
by millenium7
Sat Mar 20, 2021 8:32 am
Forum: Wireless Networking
Topic: ETA on a long range 60ghz product?
Replies: 9
Views: 2608

Re: ETA on a long range 60ghz product?

Higher channels would help, but the +3db output is not a solid argument The dishes are already tiny, just make them bigger, much much bigger I would install a 60ghz dish thats 1.5m across if it allowed for significantly improved range in the 6km+ region (reliably in rain, not just on-paper in space)...
by millenium7
Thu Mar 18, 2021 12:03 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 634831

Re: Feature requests

I don't like OSPF for wireless networks, it really isn't a very good protocol for it at all, EIGRP definitely would be better suited but i've had this discussion before but it seemed to fall on deaf ears The next best thing (and I actually agree for more widespread use, not just wireless networks) i...
by millenium7
Wed Mar 17, 2021 11:34 pm
Forum: General
Topic: Hot to handle VOIP on multiple WANs/backup
Replies: 21
Views: 3714

Re: Hot to handle VOIP on multiple WANs/backup

So if what you described is what the RB4011 does, it would be a quite strange thing to do for a router. I would like to be corrected if someone knows for sure, but I believe it is expected behavior if using nothing more than a masquerade rule. But doesn't happen with src-nat rules, the problem is s...
by millenium7
Wed Mar 17, 2021 3:00 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 634831

Re: Feature requests

I agree, but although it would be possible to do all kinds of custom scripting for this it would be even more welcome when there would be some standard facility to automatically use link quality metrics in routing protocols. I.e. a worse link can get a lower preference so it is not completely disab...
by millenium7
Mon Mar 15, 2021 11:50 pm
Forum: General
Topic: Hot to handle VOIP on multiple WANs/backup
Replies: 21
Views: 3714

Re: Hot to handle VOIP on multiple WANs/backup

yes, it seems as some of the traffic would maintain the backup path once swapped for the main connection failure. The backup is flawless because there is "no choice".. the sessions are dead for the down of the WAN1, but when WAN1 comes up again you don't have a down of the WAN2 so all tha...
by millenium7
Mon Mar 15, 2021 8:08 am
Forum: General
Topic: Mikrotik UPS Solution
Replies: 11
Views: 2756

Re: Mikrotik UPS Solution

Is there such a thing but with ethernet inputs/outputs to go in between regular injectors and devices? Would make things a bit simpler Use your existing POE injectors, but power if from a 24 volt battery plant. Use the same thing to power the routers. Much easier than any sort of UPS. I'm confused ...
by millenium7
Mon Mar 15, 2021 6:42 am
Forum: General
Topic: Mikrotik UPS Solution
Replies: 11
Views: 2756

Re: Mikrotik UPS Solution

You can purchase modules designed for just such a use: UPS with battery charging and monitoring, with DC input (from your PSU) and direct battery power when the PSU/mains fails. For instance the DRU-24V10ACZ for 24V: http://www.farnell.com/datasheets/3182601.pdf That one seems to cost around £35; q...
by millenium7
Mon Mar 15, 2021 2:48 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 634831

Re: Feature requests

MikroTik please fix/implement the SNMP-Get output as standard Currently /tool snmp-get does not allow you to store the output to a string/variable, it remains empty, making it a rather useless command I need to be able to poll other devices in our network and then take action Our main use case is fo...
by millenium7
Fri Mar 12, 2021 11:13 am
Forum: Wireless Networking
Topic: ETA on a long range 60ghz product?
Replies: 9
Views: 2608

Re: ETA on a long range 60ghz product?

Mikrotik has been good on 60GHz in my opinion They were an extremely mixed bag for us until we finally got some answers (which was like drawing blood from a stone) It's not until we finally figured out we need to run through a specific process that we could actually rely on them. Out of the box the...
by millenium7
Fri Mar 12, 2021 3:52 am
Forum: Wireless Networking
Topic: ETA on a long range 60ghz product?
Replies: 9
Views: 2608

ETA on a long range 60ghz product?

LHG60 is ok-ish but Ubiquiti's new offering puts it to shame with reports of 8km real world distances without dropping in moderate rainfall, and pushing far beyond that in clear weather I'm frothing at the mouth to get my hands on them to use as backhaul links as it would solve a lot of our problems...
by millenium7
Wed Feb 17, 2021 7:46 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192855

Re: LHG 60G experience

I always use 64800 if the links are above about 250m and often even less than thag 58320 is complete garbage. It theoretically should go much further but we've had radios drop out daily at only ~170m (LHG60G units) when it rains. Others have dropped when it's just overcast it doesn't even need to ra...
by millenium7
Wed Feb 10, 2021 9:38 am
Forum: Forwarding Protocols
Topic: Selective routing with failover in MikroTik - How?
Replies: 8
Views: 3891

Re: Selective routing with failover in MikroTik - How?

I've managed to get this to work but its a lot of commands and a bit messy. Surely there's a cleaner and simpler way..... The way i'm accomplishing it at the moment is to - Create another VLAN and IP addresses on interfaces between routers - in Route->VRF add those VLAN's with a routing mark like &q...
by millenium7
Mon Feb 08, 2021 6:17 am
Forum: Scripting
Topic: Persistent Environment Variables [SOLVED]
Replies: 50
Views: 36859

Re: Persistent Environment Variables [SOLVED]

For the moment you can kinda-sorta get away with it by storing variables as comments. The layer7-protocol area is not a bad one because it is practically unused these days so it doesn't clutter up the interface if you put a bunch of variables in there Comments will not store arrays correctly, or rat...
by millenium7
Fri Feb 05, 2021 10:16 am
Forum: General
Topic: Request: Take OSPF state changes out of 'debug' log category
Replies: 6
Views: 3247

Re: Request: Take OSPF state changes out of 'debug' log category

Since MikroTik still hasn't implemented 'state changed from Down to Up' i've written a script to simulate it in the meantime. It isn't perfect but it does the job. It relies on running as a script so it doesn't notify you immediately And messages show up under the 'script,info' category not 'route,o...
by millenium7
Fri Feb 05, 2021 8:11 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 634831

Re: Feature requests

Please make some adjustments to OSPF neighbor reporting First and foremost please take adjacency changes out of the debug,raw log location, its ridiculous. At the moment only 'Down' is included in 'route, ospf, info' so you can see when a neighbor goes down, but you cannot get a log message when nei...
by millenium7
Sat Dec 05, 2020 12:32 am
Forum: Wireless Networking
Topic: Band Steering implementation?
Replies: 80
Views: 37713

Re: Band Steering implementation?

Yeah its too little too late hAP AC1/2 level hardware at a minimum needs to get beamforming and mu-mimo as they are insanely popular and widespread consumer devices And all AC devices need the bloody spectrum analyzer. I actually don't know why anyone would deploy MikroTik outdoor gear in a business...
by millenium7
Fri Dec 04, 2020 1:54 am
Forum: General
Topic: Routing table filtering for 'all subnets containing'?
Replies: 1
Views: 614

Routing table filtering for 'all subnets containing'?

At the moment if filtering for a route to i.e. 1.1.1.1 there's no easy way to see it in the routing table if i.e. the best route is 1.1.1.0/24 Using the route filters 'in' will show no results because 1.1.1.1 is too specific. So I have to manually back off my dst-address search criteria to 1.1.1.0/2...
by millenium7
Thu Dec 03, 2020 2:27 am
Forum: Wireless Networking
Topic: Band Steering implementation?
Replies: 80
Views: 37713

Re: Band Steering implementation?

Late to this party, but yeah the idea of setting the power output on the AP the same as SM is not a great idea Signal is not just there or not there, people are saying "the client needs to be able to talk back" yes thats true, but its all about Signal to Noise Ratio, NOT just signal If cli...
by millenium7
Thu Dec 03, 2020 1:05 am
Forum: Forwarding Protocols
Topic: Disable ECMP on OSPF?
Replies: 8
Views: 3253

Re: Disable ECMP on OSPF?

Ok it can't be turned off, fair enough
But it isn't a bad idea to turn it off, many other vendors allow you to turn it off for precisely the reasons i'm mentioning, it just adds another variable to troubleshooting
Asymmetrical routing is not a good excuse, it's already asymmetrical with ECMP anyway
by millenium7
Wed Dec 02, 2020 11:37 pm
Forum: RouterBOARD hardware
Topic: CubeG-5ac60ad
Replies: 23
Views: 6944

Re: CubeG-5ac60ad

Looks like it will use bonding for failover https://help.mikrotik.com/docs/display/ROS/Fail-over+PtP+CLIexample Bonding failover is waaaaaaaaaaaaay too slow. Modern day failover times should be less than a second Only 1 way I know of to accomplish this in the MikroTik world, and thats with OSPF and...
by millenium7
Tue Dec 01, 2020 10:54 am
Forum: Forwarding Protocols
Topic: Disable ECMP on OSPF?
Replies: 8
Views: 3253

Re: Disable ECMP on OSPF?

We can sit here and debate this but here's the simple reality: ECMP does nothing beneficial for us and only introduces even more unknowns My goal is not to say "well we can't be 100% totally guaranteed of everything so lets just give up, close the whole operation down boys" it's to elimina...
by millenium7
Tue Dec 01, 2020 10:34 am
Forum: Forwarding Protocols
Topic: Disable ECMP on OSPF?
Replies: 8
Views: 3253

Re: Disable ECMP on OSPF?

Vast majority of our environment is wireless. Link speeds are inherently unreliable as they change with conditions. Trees grow, buildings get constructed in the path, others put up radio's that cause interference etc etc etc there's a million possibilities that ultimately mean you cannot predict any...
by millenium7
Tue Dec 01, 2020 8:14 am
Forum: Forwarding Protocols
Topic: Disable ECMP on OSPF?
Replies: 8
Views: 3253

Disable ECMP on OSPF?

Is there a way to disable ECMP?
Yes I am aware I can change costs but its just yet another administrative overhead, i'd rather just disable ECMP as we don't need it anywhere in our network
by millenium7
Tue Dec 01, 2020 4:30 am
Forum: General
Topic: Any way to have a private network inside a single SSID?
Replies: 2
Views: 727

Any way to have a private network inside a single SSID?

Maybe there's a industry feature/implementation for this but i'm unaware of what it would be called Essentially is there a way to have a single Wifi SSID yet have private networks inside of it so that i.e. we have devices A/B/C/D/E connected to it A and B are guests, on their own, client isolation, ...
by millenium7
Wed Nov 11, 2020 3:28 am
Forum: RouterBOARD hardware
Topic: CubeG-5ac60ad
Replies: 23
Views: 6944

Re: CubeG-5ac60ad

Looks like it will use bonding for failover https://help.mikrotik.com/docs/display/ROS/Fail-over+PtP+CLIexample Bonding failover is waaaaaaaaaaaaay too slow. Modern day failover times should be less than a second Only 1 way I know of to accomplish this in the MikroTik world, and thats with OSPF and...
by millenium7
Thu Nov 05, 2020 1:18 pm
Forum: Wireless Networking
Topic: MikroTik as Spectrum Analyzer [SOLVED]
Replies: 15
Views: 5160

Re: MikroTik as Spectrum Analyzer [SOLVED]

but Scan is NOT a spectrum analyzer, it only shows recognized beacons that show i.e. SSID etc. You might pick a channel that looks like it has little or no wireless on it, but in reality its being flooded because something like a Cambium PTP670 is transmitting on that frequency right over your radio...
by millenium7
Thu Nov 05, 2020 12:51 pm
Forum: Wireless Networking
Topic: MikroTik as Spectrum Analyzer [SOLVED]
Replies: 15
Views: 5160

Re: MikroTik as Spectrum Analyzer [SOLVED]

Question to those who actually use MikroTik outdoor radio gear (which we don't except for the 60ghz): What do you actually do? and what are your expectations? Do you just spray and pray and offer 2mbit/s internet services to customers? I cannot fathom how any outdoor gear can be used in pretty much ...
by millenium7
Fri Oct 30, 2020 3:45 pm
Forum: General
Topic: How to identify routers with compromised password?
Replies: 3
Views: 797

Re: How to identify routers with compromised password?

Essentially i want to scan the entire network for any devices that allow login with 'MyAdmin / Password123' (not actual credentials) I can either do that with a machine running a program or script (I don't know of one personally, open to suggestions) but that would only test for SSH, ideally i'd als...
by millenium7
Fri Oct 30, 2020 2:16 am
Forum: General
Topic: How to identify routers with compromised password?
Replies: 3
Views: 797

How to identify routers with compromised password?

Is there a method to identify routers which are using a compromised password? I.e. lets say a bunch were originally setup with user account 'MyAdmin' and 'Password123' I want to do a scan of the network and find any routers that allow that login so I can go in and change it Most of our routers use R...
by millenium7
Mon Sep 28, 2020 12:07 am
Forum: Wireless Networking
Topic: MikroTik AP and Mimosa SM's. No WDS? Workaround?
Replies: 2
Views: 1751

Re: MikroTik AP and Mimosa SM's. No WDS? Workaround?

Yes. We went up to each and every Mimosa radio in our network, unscrewed its high quality hose clamp fitting and promptly turfed it into the nearest bin so as to not infect any potential eBay 2nd hand buyers with deep regret and seething hatred. We then fit MikroTik/Cambium/Ubiquiti and lived a bett...
by millenium7
Thu Sep 24, 2020 7:19 am
Forum: General
Topic: DNS server selection based on Layer7 - viable?
Replies: 10
Views: 3466

Re: DNS server selection based on Layer7 - viable?

I hear you, and we're trying to get that to happen. For now the Mikrotik will suffice at the same time however, the reality is the vast majority of smaller businesses do only run a single AD and DNS server without issue. And the reality is with virtualisation and image backups it's not the end of th...
by millenium7
Thu Sep 24, 2020 5:02 am
Forum: General
Topic: DNS server selection based on Layer7 - viable?
Replies: 10
Views: 3466

Re: DNS server selection based on Layer7 - viable?

Wasn't aware of the DNS changes in 6.47 That would work I've also just setup a lab environment with an AD server and PC It does also work the 'old' way with layer7 protocol and 2x NAT rules /ip firewall layer7-protocol add comment=!!! name=domainrequests regexp="((.*).testdomain.local|(.*).test...
by millenium7
Thu Sep 24, 2020 3:54 am
Forum: General
Topic: DNS server selection based on Layer7 - viable?
Replies: 10
Views: 3466

Re: DNS server selection based on Layer7 - viable?

Specify two DNS servers and clients will try the first and if not responding, try the next. Windows clients are sticky with their DNS selection If I put i.e. the AD server as the first DNS server, and google/cloudflare as an alternative server, then if the AD server is unreachable yes it will fail ...
by millenium7
Thu Sep 24, 2020 3:22 am
Forum: General
Topic: DNS server selection based on Layer7 - viable?
Replies: 10
Views: 3466

DNS server selection based on Layer7 - viable?

Is it viable to use Layer7 filtering to selectively route DNS requests to different servers? I want to use a MikroTik router in an organization as the DNS server. This organization runs Active Directory with only a single Domain/DNS server and relies on it for certain internal resources However if t...
by millenium7
Tue Sep 15, 2020 11:32 am
Forum: General
Topic: Mark routing to establish SSTP not working
Replies: 3
Views: 920

Re: Mark routing to establish SSTP not working

Bingo, you nailed it. Never would have thought that I did log the packets at the server side and it shows the packets coming in from the 'correct' IP (NAT'd by the LTE router) and packets therefore should get sent back correctly. I guess thats not enough, and would have been a nightmare to troublesh...
by millenium7
Tue Sep 15, 2020 9:25 am
Forum: General
Topic: Mark routing to establish SSTP not working
Replies: 3
Views: 920

Mark routing to establish SSTP not working

Can someone help me with this? I have in the mangle rules /ip firewall mangle add action=mark-routing chain=output comment="Establish SSTP via LTE" dst-address=1.2.3.4 dst-port=443 new-routing-mark=LTE passthrough=no protocol=tcp This is placed at the very top, no further mangle rules woul...
by millenium7
Mon Aug 31, 2020 4:34 am
Forum: General
Topic: LTE modem disconnects every 2 minutes
Replies: 9
Views: 6378

Re: LTE modem disconnects every 2 minutes

having the same problem on 6.47 (and many previous versions before that, don't remember one thats 100% stable)
by millenium7
Tue Aug 25, 2020 10:14 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192855

Re: LHG 60G experience

Thanks for responding but that just isn't true..... or at least its woefully inaccurate, or isn't explained correctly. I still don't know if its referring to the AP or the SM (assuming logged into the AP) I was physically up onsite at this location, I know for a fact that this particular location th...
by millenium7
Sat Aug 22, 2020 11:51 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192855

Re: LHG 60G experience

Those are not simple things and each installation is different and there are much more factors that may affect success with link. We can't simplify those details as they are much complicated compared to regular wireless. Simple explanation is available in our wiki. I disagree. MikroTik engineers do...
by millenium7
Fri Aug 21, 2020 3:57 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192855

Re: LHG 60G experience

frequent tx-sector changes indicate, that there is issue related to devices moving in wind or alignment issues. In theory tx-sector should only change on very rare occasions - during first minutes of established connection, rain or on line of sight loss And what about if its rapidly changing but th...
by millenium7
Thu Aug 20, 2020 7:32 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192855

Re: LHG 60G experience

Ok so 'frequency=auto' is seemingly a really bad idea. And using the terminal with 'int w60g mon 0' is essential as tx-error rate shows a more accurate picture than signal/MCS/rssi Pretty sure the way auto works is it just picks 58320 regardless, as i've only ever seen it on that frequency. It defin...
by millenium7
Wed Aug 19, 2020 3:08 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192855

Re: LHG 60G experience

You're using LHG-60's as AP's? The antenna pattern is 3 degrees. So, across 120 degrees at ~100m, you're running off the RF equivalent of fumes. In theory yes, theoretically it shouldn't even work at all, but so far nothings made sense and matched up with the theoretical data. We used the LHG 60G a...
by millenium7
Tue Aug 18, 2020 2:13 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192855

Re: LHG 60G experience

So to add some more experience and more confusion needing clarification.... Went out to the AP side of a site thats doing multipoint, spread is about 10 degrees between the 2 SM's. Distance is ~170m and ~340m respectively All of them are LHG 60G Found it was a little bit out of alignment, slightly u...
by millenium7
Sun Aug 16, 2020 4:17 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192855

Re: LHG 60G experience

I've read through this entire thread and I still don't know exactly how to use these things 'properly'. There's too much confusion We have a few of them out in the field and they are unpredictable. Some links drop in the rain at just 300m, yet people are claiming over 10x that distance Speed doesn't...
by millenium7
Fri Jul 17, 2020 2:04 am
Forum: General
Topic: Why does both L2MTU and MAX-L2MTU exist?
Replies: 11
Views: 3831

Re: Why does both L2MTU and MAX-L2MTU exist?

Thats all well and good in theory, and that is the case for L3 MTU as there is path MTU discovery as well as response mechanisms to indicate the MTU is too large But unless i'm mistaken, L2 MTU will always silently drop. And i'm also not aware of any protocols that specifically go looking for the L2...
by millenium7
Wed Jul 15, 2020 4:50 am
Forum: Forwarding Protocols
Topic: OSPF VPLS/MPLS load balancing and failover
Replies: 7
Views: 5070

Re: OSPF VPLS/MPLS load balancing and failover

I'm investigating the same thing at the moment It appears the only way to do this properly and retain failover in both directions (if backup link goes down, should failover to primary) is using MPLS Traffic Engineering. I'm still investigating how to properly implement it with Mikrotik in the most m...
by millenium7
Mon Jun 22, 2020 3:04 am
Forum: Forwarding Protocols
Topic: Redundant paths to OSPF?
Replies: 1
Views: 1525

Re: Redundant paths to OSPF?

Routes are chosen in this order - Most specific route - Administrative Distance (lower is better) - Metric/Cost (lower is better) If a packet has a destination of 192.168.1.2 and you have the following routes in the table... 192.168.0.0/16 - Distance 1 - Cost 0 192.168.1.0/24 - Distance 110 - Cost 5...
  • 1
  • 2