Community discussions

MikroTik App

Search found 3377 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 12
by Amm0
Sat Mar 02, 2024 8:59 pm
Forum: General
Topic: MikroTik RouterOS boot speed is very slow- vmware
Replies: 9
Views: 2007

Re: MikroTik RouterOS boot speed is very slow- vmware

Just tested this on VMWare Fusion. Tried an upgrade from v7.14betaX to 7.14 stable... After a reboot, it got the "Load system" message... after 2+ minutes ... the login shows up. Tried OVA and VMDK with Fusion in new machine too. Both take minutes to start. Reboot from RouterOS, same few m...
by Amm0
Sat Mar 02, 2024 5:30 am
Forum: Scripting
Topic: SNMP OID for LTE
Replies: 3
Views: 151

Re: SNMP OID for LTE

True. But carrier is not available from SNMP AFAIK. While carrier can likely be inferred from mtxrLTEModemIMSI since MCC/MNC are in first part, but not quite same as saying the carrier name. Overall, there are few others items "missing" in SNMP for LTE, like info about carrier aggregation,...
by Amm0
Sat Mar 02, 2024 4:47 am
Forum: Beginner Basics
Topic: 2 MIKROTIKs and 2 isolated LANs
Replies: 5
Views: 285

Re: 2 MIKROTIKs and 2 isolated LANs

While the rule shown, if on Mikrotik B, is mostly right. Likely not the whole story however, why config would help. The related questions are: - should "Mikrotik A" LAN (192.168.88.0/24) be able connect to "Mikrotik B" LAN (192.168.77.0/24)? - should LAN clients on 192.168.77.0/2...
by Amm0
Fri Mar 01, 2024 3:39 pm
Forum: Scripting
Topic: fetch seems to behave different when called in function [SOLVED]
Replies: 12
Views: 398

Re: fetch seems to behave different when called in function [SOLVED]

Whole system has to fit in 16MB, so there are some limits on how many features scripting can have... so no linter to find the "use of undefined global in function". There is ":import verbose=yes <scriptfile.rsc>" that helps find what line something is failing. On this one: For ex...
by Amm0
Thu Feb 29, 2024 9:11 pm
Forum: Virtualization
Topic: CHR using Apple Virtualization Framework (via UTM)
Replies: 18
Views: 1154

Re: CHR using Apple Virtualization Framework (via UTM)

But Mikrotik does have "AMPERE" on their download page (grayed out). To me, that's Mikrotik messed-up marketing for ARM64 ("aarch64") as ISO coming soon - but dunno. But gives hope for M1+ Macs. I used VMWare Fusion for a long while (since it come out) but CPU use is ~half with U...
by Amm0
Thu Feb 29, 2024 8:54 pm
Forum: Virtualization
Topic: CHR using Apple Virtualization Framework (via UTM)
Replies: 18
Views: 1154

Re: CHR using Apple Virtualization Framework (via UTM)

Rosetta on ARM Mx only helps with X86 AFTER a ARM-based Linux is loaded. The boot process does not go through Rosetta, only user applications. So this won't work for non-Intel Macs. :(. Apple docs say: Rosetta doesn’t support the bootstrapping or installation of Intel Linux distributions on Mac comp...
by Amm0
Thu Feb 29, 2024 7:49 pm
Forum: Wireless Networking
Topic: Wireless Wire Cube (Preconfigured) Plug 'n' Play...Doesn't [SOLVED]
Replies: 14
Views: 457

Re: Wireless Wire Cube (Preconfigured) Plug 'n' Play...Doesn't [SOLVED]

And, good call on not upgrading. It's hard to know what version Mikrotik uses...these V6 – while newest version is V7 but various releases have had bugs in 60G... But V6 hasn't changed... more of mystery why this does not just work. My only thought is the "hidden default"* in the config is...
by Amm0
Thu Feb 29, 2024 7:04 pm
Forum: Virtualization
Topic: CHR using Apple Virtualization Framework (via UTM)
Replies: 18
Views: 1154

Re: CHR using Apple Virtualization Framework (via UTM)

I took @kriszos's "gdisk+bash" script, with small modification to fetch RouterOS in loop, and put it into a GitHub repo "fat-chr" to build FAT UEFI images automatically via GitHub's Action CI . Since 7.14 stable came out today, I tried out my GH Action script with @kriszos's gdis...
by Amm0
Thu Feb 29, 2024 1:35 am
Forum: Wireless Networking
Topic: Wireless Wire Cube (Preconfigured) Plug 'n' Play...Doesn't [SOLVED]
Replies: 14
Views: 457

Re: Wireless Wire Cube (Preconfigured) Plug 'n' Play...Doesn't [SOLVED]

Well, they should have been plug-and-play... The sticker is vague on which one is the "ap" (master) and "station" (slave) - but it shouldn't matter. I'd email Mikrotik it's not good the "kit" did work out of the box - it should. To speed the process, connect to each of ...
by Amm0
Wed Feb 28, 2024 10:39 pm
Forum: General
Topic: Possible? ZeroTier Low Bandwidth Mode
Replies: 9
Views: 370

Re: Possible? ZeroTier Low Bandwidth Mode

Yup, I was looking at your screenshot. ;) More general advice... since there is NOT low bandwidth mode in RouterOS AFAIK. A queue to throttle OP's issue is about what you can do. But, if the ZeroTier network has a lot of "members"/peers, that also generates more traffic too. Not much you c...
by Amm0
Wed Feb 28, 2024 10:20 pm
Forum: General
Topic: Possible? ZeroTier Low Bandwidth Mode
Replies: 9
Views: 370

Re: Possible? ZeroTier Low Bandwidth Mode

Options I can think of right away: - Apply simple queue to ZT interface ? - If your traffic is mostly outbound, apply a schedule so ZT interface is not enabled all the time ? "zerotier1" interface's traffic counter likely include attempts at failed paths too - so reading maybe higher from...
by Amm0
Wed Feb 28, 2024 6:12 pm
Forum: Virtualization
Topic: CHR using Apple Virtualization Framework (via UTM)
Replies: 18
Views: 1154

Re: CHR using Apple Virtualization Framework (via UTM)

I am glad that my work help you resolve your problem. Totally @kriszos - it was worth a search for UEFI in the forum.... but I would have never got to the partition scheme in the RAW image was the reason EFI didn't work & given up before trying gdisk ;). I filed a feature request for UEFI suppo...
by Amm0
Tue Feb 27, 2024 9:27 am
Forum: General
Topic: WinBox Software license agreement
Replies: 14
Views: 831

Re: WinBox Software license agreement

Linux will soon have a native "Winbox" Some folks use packaging system to install ALL their software from repos & want their distro-specific "Application" icon for it. I doubt the manual download part is going to change with some "native Winbox". We'll see, soon.
by Amm0
Tue Feb 27, 2024 7:20 am
Forum: General
Topic: HOWTO: Import ZeroTier Members into Mikrotik DNS using $ZT2DNS
Replies: 0
Views: 96

HOWTO: Import ZeroTier Members into Mikrotik DNS using $ZT2DNS

I have a bash scripts that used `jq` and `awk` to create DNS host files using the ZeroTier API to extract ZT member name and IPs (see bottom). I "ported" the linux-style one to Mikrotik script today, thought I share since imagine other have similar need to get hostname from the list of zer...
by Amm0
Mon Feb 26, 2024 8:49 pm
Forum: Scripting
Topic: export scripts from the repository saved under a specific owner
Replies: 8
Views: 327

Re: export scripts from the repository saved under a specific owner

Ah... you want to restrict :export to the current user. That's not possible. The idea with :export is that you can re-build an entire config, so it includes other user's scripts – that is what :export should do. :export has no filter options, other than the starting path. So a for loop around [find ...
by Amm0
Mon Feb 26, 2024 8:04 pm
Forum: Scripting
Topic: export scripts from the repository saved under a specific owner
Replies: 8
Views: 327

Re: export scripts from the repository saved under a specific owner

That's odd. Assuming your user is a full admin with all policies allowed... my expectation be the :export would include all scripts. They made changes else where in script policy, so I suspect this is new. But begs the question of how to save the entire config if your admin. I think this is a bug, b...
by Amm0
Mon Feb 26, 2024 7:48 pm
Forum: General
Topic: What happened to anav and "The DEFACTO DEFAULT FIREWALL Setup"
Replies: 18
Views: 788

Re: What happened to anav and "The DEFACTO DEFAULT FIREWALL Setup"

Mikrotik drops the ball on the docs. It's not a new problem. But how to change the default firewall for a particular use case is totally missing. e.g. default firewall uses the interface-list concept, but "Your First Firewall" docs all describe using address-list. While @pcunite + @anav sc...
by Amm0
Sun Feb 25, 2024 5:25 pm
Forum: The Dude
Topic: Screenshot's for inspiration
Replies: 5
Views: 415

Re: Screenshot's for inspiration

LOL, if only excalidraw would help.... In the Dude, it more like programming the "map" than drawing. And the Dude has some very fix rules how items on the map interact (and some are device or links – which have restrictions). e.g. stuff like @voodoovood points out, the speed shown comes fo...
by Amm0
Sat Feb 24, 2024 10:49 pm
Forum: Scripting
Topic: $PIANO - interactive "player piano" & studio-quality recorder using :beep
Replies: 6
Views: 638

Re: $PIANO - interactive "player piano" & studio-quality recorder using :beep

I have only one note - you should correct octive to octave :D LOL. My spelling was in a higher octave of vowels. Thanks, fixed octAve spelling in script/text. Also added support for the left and right arrow keys to change octAve & also now check octAve they are between 1 and 9. Plus, note sizes...
by Amm0
Sat Feb 24, 2024 6:22 pm
Forum: The Dude
Topic: Screenshot's for inspiration
Replies: 5
Views: 415

Re: Screenshot's for inspiration

Wow! Some cleaver tricks there. Never thought of making ports static objects to organize the links that way... And really nice how the "submap" look like Christmas ornaments connected to the "static" objects. Although you make it look easy, that was a TON of work and near the lim...
by Amm0
Fri Feb 23, 2024 11:47 pm
Forum: General
Topic: A place for poetry
Replies: 60
Views: 246258

Re: A place for poetry

In code's dance, patterns,
Joy blooms with each match found true,
Regex bliss embraced.
—ChatGPT
by Amm0
Fri Feb 23, 2024 10:38 pm
Forum: General
Topic: app for end user on ios [SOLVED]
Replies: 7
Views: 607

Re: app for end user on ios [SOLVED]

Beyond just CAPsMAN. On ARM wAPacR, wireless setting don't show up when using "old" wi-fi package using iOS app. I reported it as a bug a little bit ago, so hopeful be fixed at some point soon. They split the wi-fi drivers in 7.13, so I suspect app isn't deal with that correctly. Although ...
by Amm0
Fri Feb 23, 2024 5:42 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 247968

Re: v7.13.5 [stable] is released!

Well, I recall DEC VMS too. Mikrotik went down that road in shell, instead of Bourne and pipes – ending in even IS-IS now. Why "grep" is odd. But regex is TOTALLY useful. Just in form of ":grep" on RouterOS, not sure. Scripting already has ~= regex matchers and other primitive to...
by Amm0
Fri Feb 23, 2024 5:04 pm
Forum: General
Topic: WinBox Software license agreement
Replies: 14
Views: 831

Re: WinBox Software license agreement

IANAL and don't work for Mikrotik. But I'm 100% supportive of your efforts. If a package/snap cause a download from mikrotik.com when end-user installs, that's not redistribution. And it's redistribution where things get tricky legally. No policy AFAIK, but various packaging schemes of winbox+wine h...
by Amm0
Fri Feb 23, 2024 3:40 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 247968

Re: v7.13.5 [stable] is released!

I do like the "as-array" instead of a generic "as-value" used on grep however — helpful to control the type returned from commands. But "as-array" is how you'd store the results of :grep to a variable. On note, If you want to use grep a string variable, you need to &quo...
by Amm0
Fri Feb 23, 2024 3:10 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 247968

Re: v7.13.5 [stable] is released!

How do I use grep command? Cannot find any reference in the docs or forums. Would be nice to be able to do something like :grep pattern [/ip/firewall/address-list export] The F1 key for help does give some clues for :grep : :grep <F1> <script> -- source of the script to execute after -- lines to be...
by Amm0
Fri Feb 23, 2024 12:39 am
Forum: Virtualization
Topic: CHR using Apple Virtualization Framework (via UTM)
Replies: 18
Views: 1154

Re: CHR using Apple Virtualization Framework (via UTM)

Did a try on mac arm and it doesn't work for me. [...] Probably AMPERE (coming soon) may solve that? Yup. Apparently, the specific are Rosetta will help with any X86's running inside Apple Virtualized machine – the actual Linux disto needs to also be same arm. So "Ampere" support is neede...
by Amm0
Thu Feb 22, 2024 9:23 pm
Forum: Scripting
Topic: Script to update RouterOS after X days of release
Replies: 51
Views: 7571

Re: Script to update RouterOS after X days of release

I ran into this one today. Rather than some "script" based in RouterOS itself, something like this calls for real network automation. Use Ansible or something similar, or custom python code that runs on a seperate box. Or at least document/publish the change in URLs. The, now wrong, "...
by Amm0
Thu Feb 22, 2024 5:33 pm
Forum: Announcements
Topic: v7.14rc [testing] is released!
Replies: 176
Views: 45306

Re: v7.14rc [testing] is released!

Why do you need to put the WAN interface under the bridge in the first place?
Well now that's more a philosophical question... The illusion of order?
by Amm0
Thu Feb 22, 2024 5:50 am
Forum: Virtualization
Topic: CHR using Apple Virtualization Framework (via UTM)
Replies: 18
Views: 1154

Re: CHR using Apple Virtualization Framework (via UTM)

I tried this tonight WITHOUT using UTM, only Apple. I used some swift from an Apple sample project that used VZEFIBootLoader() & another sample with the serial console window. To confirm, This window is not the VGA graphics from the CHR VM, but a SwiftUI window connecting to the serial port of ...
by Amm0
Wed Feb 21, 2024 6:32 pm
Forum: General
Topic: WinBox Software license agreement
Replies: 14
Views: 831

Re: WinBox Software license agreement

I've wonder this myself. They have https://mikrotik.com/downloadterms.html . Not a lawyer but comes down to if winbox is encompassed by the "MIKROTIK ROUTEROS SOFTWARE ROUTER SYSTEM " since they do say: You may not: permit other individuals to use the SOFTWARE except under the terms listed...
by Amm0
Wed Feb 21, 2024 10:39 am
Forum: Virtualization
Topic: CHR using Apple Virtualization Framework (via UTM)
Replies: 18
Views: 1154

Re: CHR using Apple Virtualization Framework (via UTM)

I tried this tonight WITHOUT using UTM, only Apple. I used some swift from an Apple sample project that used VZEFIBootLoader() & another sample with the serial console window. And changed the disk image to use same converted CHR disk image (e.g. 1st/boot just changed from EXT2 to FAT16 type, as ...
by Amm0
Wed Feb 21, 2024 3:12 am
Forum: General
Topic: DDNS issue with ECMP in ROSv7
Replies: 2
Views: 174

Re: DDNS issue with ECMP in ROSv7

More details are in fact needed. e.g. if ECMP selects a route without a public IP, DDNS isn't going to work. Among other potential reasons. Without no logs, config, diagram, etc... really hard to know.
by Amm0
Tue Feb 20, 2024 9:18 pm
Forum: Virtualization
Topic: CHR using Apple Virtualization Framework (via UTM)
Replies: 18
Views: 1154

Re: CHR using Apple Virtualization Framework (via UTM)

Well, I'm surprised CHR even worked – why I shared. Not really not sure why there isn't a pre-made CHR image that works with UEFI since X86 does. I'm sure there is probably a more optimized path to a working .IMG file than my write up since I just wrote down what I did than figure out the best way t...
by Amm0
Tue Feb 20, 2024 9:14 pm
Forum: Scripting
Topic: $PIANO - interactive "player piano" & studio-quality recorder using :beep
Replies: 6
Views: 638

Re: $PIANO - interactive "player piano" & studio-quality recorder using :beep

In terms of design and implementation, this is very cool! Thank you very much to the author! And also a very good tutorial for writing scripts! LOL. I was thinking of you when I added the "todo": perhaps add a "$PIANO help" that will show full docs — current help text is too lon...
by Amm0
Tue Feb 20, 2024 5:25 am
Forum: Virtualization
Topic: CHR using Apple Virtualization Framework (via UTM)
Replies: 18
Views: 1154

CHR using Apple Virtualization Framework (via UTM)

I'd been experiment using Apple Virtualization Framework (https://developer.apple.com/documentation/virtualization) using the option in MacOS-version of UTM (https://mac.getutm.app). I normally using VMWare Fusion/ESXi. But UTM (in Apple, NOT QEMU, mode) seems to work okay in my limited testing for ...
by Amm0
Sun Feb 18, 2024 10:05 pm
Forum: The Dude
Topic: Is too much to ask for Dude x64 windows client?
Replies: 33
Views: 7488

Re: Is too much to ask for Dude x64 windows client?

Maybe. The Dude "speak" winbox, so all the data-srcs/probes are just "richer" than via SNMP & I like that it goes to a simple SQLite database. But The Dude actually collects data extreme well & and no external cloud/server is needed – is my main use case. So I pull/view h...
by Amm0
Sun Feb 18, 2024 7:56 pm
Forum: The Dude
Topic: Is too much to ask for Dude x64 windows client?
Replies: 33
Views: 7488

Re: Is too much to ask for Dude x64 windows client?

But dear ChatGPT, there is no development of Dude anymore! So why would "developers" be interested in that? While true... I agree with the robots here. I use it every day still. And, it's annoying on a Intel Mac as it requires a VM... But wine on ARM Mac (via Rosetta) and Linux (with i386...
by Amm0
Sun Feb 18, 2024 4:52 am
Forum: Scripting
Topic: Some Music
Replies: 46
Views: 58401

Re: Some Music

Now its perfect! Great job, thank you ! Well, not quite. In my experience, every musician wants to record themselves. So added a recording feature, a bpm= option , and better help & improved status bar . Created a thread to discuss further (since I hijacked this one)... with new version of $PIA...
by Amm0
Sun Feb 18, 2024 4:47 am
Forum: Scripting
Topic: $PIANO - interactive "player piano" & studio-quality recorder using :beep
Replies: 6
Views: 638

$PIANO - interactive "player piano" & studio-quality recorder using :beep

Another thread gave me an idea for a "interactive piano" using /terminal/inkey. It got more complex than I intended... But essentially everything that's played is saved to an array & played. A status bar shows the current octave, note length, last note played — even a "tape counte...
by Amm0
Sun Feb 18, 2024 4:19 am
Forum: General
Topic: MikroTik LHG LTE18 and Zerotier
Replies: 6
Views: 560

Re: MikroTik LHG LTE18 and Zerotier

If you go to files and remove any files under /flash, it should fit when trying upgrade. You shouldn't need the wireless or wifi-qc-comm on LHG LTE18 – so if present in /system/package uninstall them.

Or you try, "testing" channel in /system/package, perhaps 7.14rc will work.
by Amm0
Sat Feb 17, 2024 4:49 am
Forum: Scripting
Topic: Some Music
Replies: 46
Views: 58401

Re: Some Music

The key layout needs little improvement, I changed it to be more piano-like, just like in this picture below (ignore octave and velocity keys). But I haven't figured out how to change a script description, so your help will be welcome :) upd. made a little video with this script :D https://youtu.be...
by Amm0
Sat Feb 17, 2024 1:47 am
Forum: Scripting
Topic: Some Music
Replies: 46
Views: 58401

Re: Some Music

That's right: velocity is loudness/attenuation/volume. Correct, not possible ;). I thought it was "note length". It's how quarter/half/ull notes are handled, not so sure. e.g. currently: 1 = 125ms, 2 = 250ms, 3 = 375ms, etc.
by Amm0
Sat Feb 17, 2024 1:09 am
Forum: Scripting
Topic: Some Music
Replies: 46
Views: 58401

Re: Some Music

Well since you have a keymap... This has all the octives with your keymap (again in scientific/MIDI scale), defaulting for 4th octive but the "z" and "x" should change it. And even the next octive "k" (C5) "o" (C#5) and "l" (D5) are mapped. Probably ...
by Amm0
Sat Feb 17, 2024 12:02 am
Forum: Scripting
Topic: Some Music
Replies: 46
Views: 58401

Re: Some Music

Scripting is easier for me, my music theory is more limited. Perhaps an interactive player piano script be fun? ** ROUTEROS PLAYER PIANO ** Type a key to play a note... The note will play for 00:00:00.125. Keep holding to continue playing. A 466 Hz C 277 Hz D 311 Hz F 370 Hz G 415 Hz a 440 Hz b 493 ...
by Amm0
Fri Feb 16, 2024 8:00 pm
Forum: Announcements
Topic: v7.14rc [testing] is released!
Replies: 176
Views: 45306

Re: v7.14rc [testing] is released!

*) bgp - allow to leak routes between local VRFs; For those that do not use VRF but use manually created route tables, it would be very convenient when there would be an option to import Connected routes into a newly created table (so they can be distributed using BGP). E.g.: add an option to /rout...
by Amm0
Fri Feb 16, 2024 6:25 pm
Forum: General
Topic: Mikrotik Chateau AX (5G) eth1 + lte1 load balancer with failover - looking for a tutorial
Replies: 24
Views: 1129

Re: Mikrotik Chateau AX (5G) eth1 + lte1 load balancer with failover - looking for a tutorial

So it would appear ether1, is a fixed private IP you get from an upstream router? The LTE would appear to be possibly a public IP that is dynamic (can change)?? Both are dynamic I believe. First step be making sure LTE is working ;) Out of the box... if LTE is working, and WAN is plugged into ether...
by Amm0
Fri Feb 16, 2024 5:46 pm
Forum: Scripting
Topic: Some Music
Replies: 46
Views: 58401

Re: Some Music

Nice work. Perhaps there needs to be some Mikotik "music notation" e.g. an array of notes/duration? Some of the music scripts get long since each note is it's own line and the ":beep frequency= duration=" while a :foreach k,v in=$musicArray do={ :beep ... } would shorten these mu...
by Amm0
Fri Feb 16, 2024 3:55 pm
Forum: General
Topic: Mikrotik Chateau AX (5G) eth1 + lte1 load balancer with failover - looking for a tutorial
Replies: 24
Views: 1129

Re: Mikrotik Chateau AX (5G) eth1 + lte1 load balancer with failover - looking for a tutorial

You mention load balance & failover. Do you mean: if BOTH "ether1" ("dorm server with DHCP") and "lte1" have working internet, split the traffic between them & if one fails all internet traffic goes out the one working one? Or do you want it always using ether1 ...
by Amm0
Fri Feb 16, 2024 3:42 pm
Forum: Beginner Basics
Topic: Two DNS server behind one IP address?
Replies: 8
Views: 755

Re: Two DNS server behind one IP address?

That looks like it should work. Do the NAT rules packet counters go up? From the LAN can you use nslookup to access the Pi-Hole at 192.168.0.32? The alternative is the 192.168.0.0/24 network is not bridged to the Pi-Hole. e.g. There are few networking stops in proxmox>Ubuntu+Docker>Pi-Hole container...
by Amm0
Wed Feb 14, 2024 5:48 am
Forum: Beginner Basics
Topic: Help Needed: Transitioning NTH Load Balancing from RouterOS v6 to v7 with Stability Issues
Replies: 5
Views: 331

Re: Help Needed: Transitioning NTH Load Balancing from RouterOS v6 to v7 with Stability Issues

I cannot recall, but I believe the two routes do need to appear in the main table, in addition to the specific routing-table. I believe in V6 that wasn't a requirement. /ip route add disabled=no dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=2 add disabled=no dst-address=0.0.0.0/0 gateway=192.16...
by Amm0
Wed Feb 14, 2024 3:17 am
Forum: Beginner Basics
Topic: Tilde sign in Terminal (Mac) [SOLVED]
Replies: 37
Views: 1765

Re: Tilde sign in Terminal (Mac) [SOLVED]

For US you have much simpler shortcut, shift+` prints ~ True. It's just a key left of the 1. But do know not all keyboards are created equal. Well thanks, but Opt+n followed by spacebar is still the standard procedure for producing a plain 'tilde'.. Well...on a US keyboard, Option-N+Space gets you ...
by Amm0
Tue Feb 13, 2024 8:29 pm
Forum: Beginner Basics
Topic: Tilde sign in Terminal (Mac) [SOLVED]
Replies: 37
Views: 1765

Re: Tilde sign in Terminal (Mac) [SOLVED]

Something is wrong in on that macOS if copy from bytes is needed to get plain text character anyway... Whole thing sounds strange. But yeah RouterOS would drop high ASCII chars (unicode) on a paste. Maybe a mismatch between the keyboard being used and type selected in System Preference under Keyboa...
by Amm0
Tue Feb 13, 2024 6:39 pm
Forum: Scripting
Topic: Test if array is associative, multi-dimensional, or simple list [SOLVED]
Replies: 15
Views: 765

Re: Test if array is associative, multi-dimensional, or simple list [SOLVED]

I forgot what I did for this in my $YAML... So you can also check the array "subtype" in two-value foreach like: :foreach k,v in=$ar do={ :if ([:typeof $v]="array") do={ :if ([:typeof "$k"]="num") do={:put "list"} else={:put "map"} } } But ...
by Amm0
Tue Feb 13, 2024 6:15 pm
Forum: Scripting
Topic: Test if array is associative, multi-dimensional, or simple list [SOLVED]
Replies: 15
Views: 765

Re: Test if array is associative, multi-dimensional, or simple list [SOLVED]

FWIW, while no "pretty print"... v7.13 has JSON support as built-in function Yip I'm aware thanks, and I expect I will swap to that eventually as I've no interest in reinventing the wheel - I've been using that script for the last few years on 6.x and early 7.x thus a script as a workarou...
by Amm0
Tue Feb 13, 2024 4:04 pm
Forum: Scripting
Topic: /port using the used-by property
Replies: 20
Views: 706

Re: /port using the used-by property

On v7.14rc I get a syntax error with :put [/port/find !inactive] syntax error (line 1 column 12) But using =no work instead of the !... :put [/port find inactive=no] *1;*2 And "used-by" is a string, and apparently empty if not used. :put [/port/find inactive=no used-by=""] *2 Thi...
by Amm0
Tue Feb 13, 2024 6:00 am
Forum: Scripting
Topic: Test if array is associative, multi-dimensional, or simple list [SOLVED]
Replies: 15
Views: 765

Re: Test if array is associative, multi-dimensional, or simple list [SOLVED]

For use in this script (its not 100% yet) https://gist.github.com/mike548141/ba1216c7dff8644c39d99ccc2887f6d6 FWIW, while no "pretty print"... v7.13 has JSON support as built-in function :put [:serialize {a=123} to=json] {"a":123} :put [:deserialize "{ \"a\": 123 ...
by Amm0
Tue Feb 13, 2024 3:23 am
Forum: General
Topic: app for end user on ios [SOLVED]
Replies: 7
Views: 607

Re: app for end user on ios [SOLVED]

Here is a link to the app: https://apps.apple.com/us/app/mikrotik/id1323064830 I think the iOS app be fine if you have one WAN that's plugged into ether1 on Mikrotik. The app has a setup wizard that let you set WAN IP and/or LAN subnet, Wi-Fi name/password, etc. The app lets you setup Port Forwardin...
by Amm0
Tue Feb 13, 2024 2:14 am
Forum: Beginner Basics
Topic: Tilde sign in Terminal (Mac) [SOLVED]
Replies: 37
Views: 1765

Re: Tilde sign in Terminal (Mac) [SOLVED]

On Mac, if you enable "Show input menu in menu bar" option in System Preferences — in Keyboard section, there is the "Text Input" section, and button for "Edit...". Then in the task bar, another icon will appear where you can select the "Show Keyboard Viewer" ...
by Amm0
Mon Feb 12, 2024 9:05 pm
Forum: Beginner Basics
Topic: Tilde sign in Terminal (Mac) [SOLVED]
Replies: 37
Views: 1765

Re: Tilde sign in Terminal (Mac) [SOLVED]

Hold on... Are we talking about tilde as diacritic? e.g. Ñ ã õ ñ etc unicode chars VS a plain ~ char? There is no unicode support in winbox's Terminal — so it will not let you enter accented chars. It will store and display them in comments, but you can't enter them from the Terminal window. Only vi...
by Amm0
Mon Feb 12, 2024 7:51 pm
Forum: Beginner Basics
Topic: Forum rules
Replies: 14
Views: 19056

Re: Forum rules

Not clear to me from the text that sending a config file has no use if the router is still in the default config, only if changes have been made. Post starts with taking the router out of the box, but than says to enter credentials and not use the default (admin/none). I have to assume something ha...
by Amm0
Mon Feb 12, 2024 6:07 pm
Forum: Scripting
Topic: Test if array is associative, multi-dimensional, or simple list [SOLVED]
Replies: 15
Views: 765

Re: Test if array is associative, multi-dimensional, or simple list [SOLVED]

:put [:typeof ($x->10)] this is "nothing" because the 11th element (is 0 based, so 0 i s the first) do not exist and in most other languages this is index out of bounds error/exception... Most other language don't have to marshall their data types via environment variables & fit langu...
by Amm0
Mon Feb 12, 2024 4:38 pm
Forum: Announcements
Topic: v7.14rc [testing] is released!
Replies: 176
Views: 45306

Re: v7.14rc [testing] is released!

*) disk - added global disk "settings" menu; Is the menu suppose to do something? /disk settings print auto-smb-sharing: yes auto-smb-user: ***** I had only one share before... but checking the "auto share" box does not add other non-shared partitions, or do anything it seems. D...
by Amm0
Mon Feb 12, 2024 3:35 pm
Forum: Scripting
Topic: Test if array is associative, multi-dimensional, or simple list [SOLVED]
Replies: 15
Views: 765

Re: Test if array is associative, multi-dimensional, or simple list [SOLVED]

:global x [:toarray ""] :set ($x->9) 9 :put [:len $x] :put [:typeof ($x->0)] :put [:typeof ($x->10)] :put $x [...] no matter the order, everytime numeric index be first, and undeclared numbers automatically created for fill the gap, keyed values are at the end, and everytime sorted (I use...
by Amm0
Mon Feb 12, 2024 3:21 pm
Forum: Scripting
Topic: "Mginx" Container - Reverse Proxy for CORS & X.509 support using Nginx
Replies: 17
Views: 4296

Re: "Mginx" Container - Reverse Proxy for CORS & X.509 support using Nginx

But would prefer that CORS header be returned by RouterOS. I did file a "feature request" at help.mikrotik.com (SUP-99112) about built-in CORS support for REST. It really is just half-dozen headers (with very specific things) that REST API need to return & all this nonsense be avoided.
by Amm0
Mon Feb 12, 2024 3:13 pm
Forum: Scripting
Topic: "Mginx" Container - Reverse Proxy for CORS & X.509 support using Nginx
Replies: 17
Views: 4296

Re: "Mginx" Container - Reverse Proxy for CORS & X.509 support using Nginx

I didn't make the proxy running inside the Mikrotik unit. However, I still used nginx and proxy_pass stuff exactly the same. NGNIX works better OUTSIDE a container. But for containers on Mikroitk, either Traefik or Caddyserver from dockerhub likely be easier – I just knew NGNIX when I wrote this ar...
by Amm0
Mon Feb 12, 2024 2:56 pm
Forum: Scripting
Topic: "Mginx" Container - Reverse Proxy for CORS & X.509 support using Nginx
Replies: 17
Views: 4296

Re: "Mginx" Container - Reverse Proxy for CORS & X.509 support using Nginx

The docs for NGNIX suggest "If is evil": https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ So yeah I'd believe your changes might be right since the "if" does not work like it appears... One note, the config file here uses environment vars — that's actually a feat...
by Amm0
Mon Feb 12, 2024 2:34 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 247968

Re: v7.13.4 [stable] is released!

I encountered a new and for me unknown property on lte interface. It is "sms-read". [...] At that moment my mind exploded. How can a new config option from 7.14 testing branch be available in 7.13 stable branch? There is not even a single mention in the 7.13 changelog for this. IDK, stran...
by Amm0
Mon Feb 12, 2024 2:24 pm
Forum: Scripting
Topic: Test if array is associative, multi-dimensional, or simple list [SOLVED]
Replies: 15
Views: 765

Re: Test if array is associative, multi-dimensional, or simple list [SOLVED]

What you can check is that ([:typeof ($var->0)] = "nothing"). A key-value "map" cannot be accessed using a num index (only ->"key"), while a simple "list" would have ->0... so if $var is array and has $var->0 then it's a list type... e.g. :global isList do={:i...
by Amm0
Sun Feb 11, 2024 10:15 pm
Forum: Scripting
Topic: Need help with a script that fails on some routers
Replies: 4
Views: 582

Re: Need help with a script that fails on some routers

It works on 7.14beta8 on RB1100AHx4. It does not have a long history (4 records). But $cmd has a value at end without error and :put did there thing.

All my hEX-S run Dude+V6, so can't test it there. So if it's platform/version thing, IDK...
by Amm0
Sun Feb 11, 2024 8:52 pm
Forum: General
Topic: MikroTik LHG LTE18 and Zerotier
Replies: 6
Views: 560

Re: MikroTik LHG LTE18 and Zerotier

Yeah the logs should show what the issue is. Could be a mismatched version — the version of zerotier.npk copied MUST match the version of RouterOS installed (now, once installed the package will get automatically upgraded in future). Or, more likely, it's out of disk space — it has only 16MB for pac...
by Amm0
Sun Feb 11, 2024 7:02 pm
Forum: Beginner Basics
Topic: Two DNS server behind one IP address?
Replies: 8
Views: 755

Re: Two DNS server behind one IP address?

Hmm. Are you sure the AdGuard is NOT using Mikrotik as a DNS server? – that create a loop. Also, is AdGuard at 192.168.0.254 or 192.168.0.32? – or what's !192.168.0.32 in your NAT Might want to post your config (":export file=dnsissues.rsc" at Terminal & download from files) & reda...
by Amm0
Sun Feb 11, 2024 6:01 pm
Forum: Wireless Networking
Topic: new capsman client works on hAP ac2 but not on wAP ac [SOLVED]
Replies: 11
Views: 730

Re: new capsman client works on hAP ac2 but not on wAP ac [SOLVED]

I have not tested the wAPac with capsman2 (e.g. new drivers with ZeroTier don't fit). There were changes in the default configuration for the hAPac2 in some recent release that fixed this problem. They might not have fixed the defconf on the wAPac, dunno. You can check this by comparing out from the...
by Amm0
Sun Feb 11, 2024 5:50 pm
Forum: Wireless Networking
Topic: LTE modem fail after RouterOS update
Replies: 7
Views: 1003

Re: LTE modem fail after RouterOS update

Never said there ain't problems. ;) Issue is the EG18EA in the Chateau here is different modem. But more tickets at help.mikrotik.com makes them aware. And 7.14 changelog does list a lot of LTE fixes. I'm sure google/etc could turn up the firmware file. And maybe the EG18EA modem is linked here some...
by Amm0
Sun Feb 11, 2024 5:28 pm
Forum: Beginner Basics
Topic: Two DNS server behind one IP address?
Replies: 8
Views: 755

Re: Two DNS server behind one IP address?

Tricky problem. Make sense what you're trying to do (e.g. DNS is always up, with AdGuard perferred) since you never how multiple DNS servers are used by a client - so you want to only one DNS provided to clients. All makes sense. I'm not sure there is an easy solution however. Mikrotik DNS has a &qu...
by Amm0
Sun Feb 11, 2024 4:24 pm
Forum: Wireless Networking
Topic: LTE modem fail after RouterOS update
Replies: 7
Views: 1003

Re: LTE modem fail after RouterOS update

Different modem than here (Quectel vs Fibocom). I think it's worthwhile to put in a ticket, with a supout.rif generated from winbox. You can brick a modem if things are done wrong as the modem firmware upgrade/downgrade is rather complex internally. You also can also try installing 7.14 from the &qu...
by Amm0
Sun Feb 11, 2024 3:17 pm
Forum: General
Topic: iOS app serves up WiFi menu for no apparent reason
Replies: 5
Views: 635

Re: iOS app serves up WiFi menu for no apparent reason

Whether it's in the app or RouterOS, IDK. But setting Wi-Fi using iOS seems to be broken. See viewtopic.php?t=203149&hilit=ios
by Amm0
Sat Feb 10, 2024 11:55 pm
Forum: General
Topic: CLOUD DDNS BEING HIJACKED
Replies: 7
Views: 709

Re: CLOUD DDNS BEING HIJACKED

Or UPnP is enabled & creating a dynamic port map at the request of the Hikvision camera/NVR... Most cameras system try UPnP to enable cloud mgmt. /ip/firewall/nat would show.
by Amm0
Sat Feb 10, 2024 8:19 pm
Forum: General
Topic: After configuring PCC load balancing, the required DDNS public IP address cannot be obtained. [SOLVED]
Replies: 9
Views: 742

Re: After configuring PCC load balancing, the required DDNS public IP address cannot be obtained. [SOLVED]

So can we assume the OP needs MYNETNAME to point to router WAN2 IP address? But the Primary Route is via WAN1. Can we assume its because he has LAN servers for people to reach and they should reach it over WAN2? Dunno OP's specific rational. But certainly if one internet was more reliable/stable/et...
by Amm0
Sat Feb 10, 2024 7:54 pm
Forum: Scripting
Topic: RouterOSv7 - Terminal is substantially worse to use?
Replies: 9
Views: 1034

Re: RouterOSv7 - Terminal is substantially worse to use?

Ironically, always works on Mac with "fn" key. Now...let's say you can hit F1, somehow. You very quickly run into a lot of stuff that has not text describing parameters/"args". e.g. "/interface/wifi add<F1>" – nearly all the new wi-fi setting are missing ANY text/help &...
by Amm0
Sat Feb 10, 2024 5:24 pm
Forum: General
Topic: After configuring PCC load balancing, the required DDNS public IP address cannot be obtained. [SOLVED]
Replies: 9
Views: 742

Re: After configuring PCC load balancing, the required DDNS public IP address cannot be obtained. [SOLVED]

Good to hear. Yeah since PCC connection marking has the filter, "connection-mark=no-mark"... So, as along as you do action=mark-connection in chain=prerouting BEFORE any PCC rules... you can force any traffic out a particular WAN – since the PCC rules will ignore them. The later mark-routi...
by Amm0
Sat Feb 10, 2024 3:31 pm
Forum: Scripting
Topic: RouterOSv7 - Terminal is substantially worse to use?
Replies: 9
Views: 1034

Re: RouterOSv7 - Terminal is substantially worse to use?

And one note abut the F1 / help for the parameters. Just ":pick<F1>" will show general help, so you actually need a space to see docs are the arguments — that part is annoying. What is more annoying about F1 / help IMO is that not argument have some descriptive text — often the arg help is...
by Amm0
Sat Feb 10, 2024 2:53 pm
Forum: Scripting
Topic: RouterOSv7 - Terminal is substantially worse to use?
Replies: 9
Views: 1034

Re: RouterOSv7 - Terminal is substantially worse to use?

I don't think V7 is "worse" than V6. Using "?" as help key, meant that the "?" needed to be escaped if used in command (e.g. like AT command to LTE e.g. "AT+COPS?"). So borrowing the F1 from "windows" kinda make more sense (although in some terminal,...
by Amm0
Fri Feb 09, 2024 3:07 pm
Forum: Beginner Basics
Topic: The ABC of CAPsMAN v2 (with updates) [SOLVED]
Replies: 41
Views: 2040

Re: The ABC of CAPsMAN v2 (with updates) [SOLVED]

Some users have already done this. Neither uses a cloud-based solution however & both below could run as a /container theoretically ;) @tangent uses fossil SCM's built in wiki: https://tangentsoft.com/mikrotik/home @eworm uses git-based web server: https://git.eworm.de/cgit/routeros-scripts/abou...
by Amm0
Thu Feb 08, 2024 11:36 pm
Forum: Beginner Basics
Topic: The ABC of CAPsMAN v2 (with updates) [SOLVED]
Replies: 41
Views: 2040

Re: The ABC of CAPsMAN v2 (with updates) [SOLVED]

Can you post the config which does not work please ? I am not following what you mean. Even if OP is giving up, still be good as few folk are following along now. Personally I'd also collect a supout.rif from the main router & 1-3 of caps and email Mikrotik at support@mikrotik . @Guntis knows h...
by Amm0
Thu Feb 08, 2024 8:25 pm
Forum: Beginner Basics
Topic: The ABC of CAPsMAN v2 (with updates) [SOLVED]
Replies: 41
Views: 2040

Re: The ABC of CAPsMAN v2 [SOLVED]

We will adjust the documentation for configuration profiles to make it clearer - regarding "blank" fields under sub-profile, thank you for bringing this to our attention. Perhaps we can make it show what properties are inherited from the sub-profile in the main configuration profile, like...
by Amm0
Thu Feb 08, 2024 7:32 pm
Forum: Beginner Basics
Topic: Backup - WAP ac LTE6 [SOLVED]
Replies: 2
Views: 280

Re: Backup - WAP ac LTE6 [SOLVED]

Under Files on left in webfig/winbox. There a button to create one locally, or the "Cloud Backup" tab on File dialog that store it at Mikrotik encrypted/password The CLI differs here (via Terminal on top/right in webfig, left in webfig), but that would be: /system backup save name=mybackup
by Amm0
Thu Feb 08, 2024 6:46 pm
Forum: Scripting
Topic: No-IP & DNSdynamic update
Replies: 18
Views: 40857

Re: No-IP & DNSdynamic update

Might try adding "ftp" policy.
by Amm0
Thu Feb 08, 2024 4:22 pm
Forum: General
Topic: Feature requests
Replies: 1712
Views: 618185

Re: Feature requests

The Mikrotik would be an excellent place for a print server!
I don't know about that. I'd think some mDNS support be more useful, than a print server, in 2024?
by Amm0
Thu Feb 08, 2024 12:16 am
Forum: General
Topic: Is architecture emulation under docker supported?
Replies: 6
Views: 417

Re: Is architecture emulation under docker supported?

If you search the forums, someone has made a docker container for the cli netinstall program. They have put in a (x64 I think) emulator into the container (it is smaller than the netinstall executable) The netinstall container use QEMU. Netinstall is tiny executable so the emulation would not matte...
by Amm0
Wed Feb 07, 2024 9:24 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

RB1100AHx4 with previously existing ROSE+RAID1
Hi Amm0, does it also work without the ROSE package and without RAID?
That's a fair question: do the SMB server parts of ROSE bloating the routeros package, actually work without ROSE being installed... Geez, I'd like to think so... But dunno.
by Amm0
Wed Feb 07, 2024 7:24 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

Correction, old SMB did not work with macOS. New v7.14 SMB works with all Operating Systems now. And is fast too. I tested this again. And does seem to work, from RB1100AHx4 with previously existing ROSE+RAID1 to a macOS Sonoma(Intel). ⌘K in Finder, smb://<routeros_ip> then it prompts for share. Bo...
by Amm0
Wed Feb 07, 2024 6:44 pm
Forum: General
Topic: Is architecture emulation under docker supported?
Replies: 6
Views: 417

Re: Is architecture emulation under docker supported?

Alpine Linux has a freeswitch package for armv7 (hAPax3, etc.), so if you should be able to use alpine as base then use apk to add freeswitch. e.g. https://pkgs.alpinelinux.org/package/edge/main/armv7/freeswitch While this is not the docker way to do it, you can use "alpine:latest" as the ...
by Amm0
Wed Feb 07, 2024 5:43 pm
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 72
Views: 3924

Re: [Discussion] MikroTik configuration abstraction complexity

maybe make quickset a little bit more functional, some of the suggestions: - VLAN manager of some sort, option to use or not to use VLANs and others complain that quickset is already too complex for home user Well, it is both "too complex" for SOHO. But QuickSet is how I workaround the &q...
by Amm0
Tue Feb 06, 2024 10:41 pm
Forum: General
Topic: User poll about using Winbox
Replies: 91
Views: 39705

Re: User poll about using Winbox

FWIW, more people use a smartphone, than either Windows or Mac. If effort was going to be made in "easy of use", that belong with smartphone apps IMO. On the poll's #5 question (...after reading this thread) — it's @pe1chl "sessions as shortcut" which deserves some consideration....
by Amm0
Tue Feb 06, 2024 8:02 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

I found a setting on AX Lite LTE related to esim.
I think that's been there (at least on other models)... But it's not usable AFAIK & nothing about it in docs.

It maybe related to DW5821e-eSIM modems, but IDK.
by Amm0
Tue Feb 06, 2024 7:55 pm
Forum: Announcements
Topic: Newsletter #116 | January 2024
Replies: 90
Views: 25811

Re: Newsletter #116 | January 2024

300 euro for a 5011 with specs as I hinted would be a good deal. That be nice. Every newsletter I await any new devices in the RB5xxx/L009 form factor — I really like the "25% 1U" design. I'll repeat my plea for some >CAT6 LTE device for US/CA... Especially an AX Audience with great LTE/5...
by Amm0
Tue Feb 06, 2024 1:18 am
Forum: General
Topic: How good is PCC with a 1:2 ratio
Replies: 16
Views: 1134

Re: How good is PCC with a 1:2 ratio

If I understand ECMP correctly it will use a "per-src-dst-address combination load balancing" so one will never be able to fully use all the bandwidth for a multiple connections download. Not really easy to accomplish at such speeds, but if downloading from a CDN that is close it may work...
by Amm0
Tue Feb 06, 2024 12:49 am
Forum: Beginner Basics
Topic: MikroTik WebFig Not Working With SSL/TLS enabled
Replies: 23
Views: 4030

Re: MikroTik WebFig Not Working With SSL/TLS enabled

I'm not sure the issue is what certs are bundled – installing X3 cert is the workaround. The issue is Let's Encrypt client on RouterOS need to be updated to generate comptible certificates I think (e.g. from https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/). I think it's a bug....
by Amm0
Mon Feb 05, 2024 7:47 am
Forum: Scripting
Topic: How should the local variable be called in if? [SOLVED]
Replies: 11
Views: 553

Re: How should the local variable be called in if? [SOLVED]

I modified the above code but it still doesn't work. Is it a bug in ROS? No. The issue is the "1" in "/file get 1 content" (or, /file get "1" content, both same). What using a numeric (or string that is a number) in "get" does is tell it to get the file at in...
by Amm0
Mon Feb 05, 2024 2:46 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 247968

Re: v7.13.3 [stable] is released!

It has been already explained that separating packages creates a lot of overhead
Well, the "overhead" in packaging has to be less then 17kb... since that the size of the lora.npk (which has code for LoRaWAN too).
by Amm0
Mon Feb 05, 2024 2:32 am
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 72
Views: 3924

Re: [Discussion] MikroTik configuration abstraction complexity

Probably if RouterOS had been open source, ForumOS64 would now exist with everything it needed... Even the useless Dark-Mode... If Nokia, a REAL CARRIER-CLASS network vendor, can benefit from open source, so can MikroTik: https://github.com/nokia?q=srlinux&type=all&language=&sort=name O...
by Amm0
Sun Feb 04, 2024 9:34 pm
Forum: General
Topic: Feature request: Add sorting
Replies: 9
Views: 5354

Re: Feature request: Add sorting

Surprisingly, never run into this need myself. But I can see some "sortby=" on a print be helpful. One note is that the "print" is ordered by when they were added. While not ideal, you add (or remove+re-add) them in the order you'd to see later. Obviously, does not solve some gen...
by Amm0
Sun Feb 04, 2024 6:02 pm
Forum: Wireless Networking
Topic: cAP vs cAP XL
Replies: 31
Views: 14974

Re: cAP vs cAP XL

Or if anything changes with these after the new wifi-qcom-ac driver – thread is pretty old.
by Amm0
Sun Feb 04, 2024 4:05 pm
Forum: Scripting
Topic: How should the local variable be called in if? [SOLVED]
Replies: 11
Views: 553

Re: How should the local variable be called in if? [SOLVED]

:log warning [$q]
should not be:
:log warning "$q"

[] execute cmd/function, but you have a string/num.
by Amm0
Sun Feb 04, 2024 3:53 pm
Forum: Beginner Basics
Topic: Time to learn policy routing
Replies: 9
Views: 608

Re: Time to learn policy routing

Mikrotik's doc do leave you hanging on the "why". But it all comes down to what you're trying to do.

But @pcunite has an article on MultiWAN with example config using /routing/rule and /routing/table: viewtopic.php?t=192736
by Amm0
Sun Feb 04, 2024 3:23 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 247968

Re: v7.13.3 [stable] is released!

100% on more package separation. But...that's not quite fair math between 7.13.3 and 7.14beta8+.

The wireless package is ~500kb smaller in 7.14, so while there is ~320kb increase in main package... 7.14 uses ~180kb less space than 7.13.3 (using same wireless+routeros combo).
by Amm0
Sun Feb 04, 2024 2:01 am
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 72
Views: 3924

Re: [Discussion] MikroTik configuration abstraction complexity

The real issue here is MikroTik lacks software engineering expertise, may be financial reasons, may be understaffed, maybe both, maybe more, but they don't seem to care. I take a different view: Mikrotik is what happens when you let engineers run a company. The results are predictable. They just ke...
by Amm0
Sat Feb 03, 2024 11:07 pm
Forum: Beginner Basics
Topic: Time to learn policy routing
Replies: 9
Views: 608

Re: Time to learn policy routing

I think part of the problem is using term "policy routing". To me, that just means using /routing/rules in a configuration. And, does what winbox shows: you create a "filter" on top, and pick the action on bottom to select a route table. Now...that alone does NOT solve a "mu...
by Amm0
Sat Feb 03, 2024 5:45 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

Unfortunately I can't use ROSE due to lack of space. And that's the brutal irony: You might want to use client parts of ROSE/NAS on a 16MB device to mount an external disk. While now you're getting SMB server parts to potentially share the 16MB flash? The "full" ROSE is only applicable on...
by Amm0
Sat Feb 03, 2024 4:23 am
Forum: Scripting
Topic: How using .query stack in REST API?
Replies: 14
Views: 642

Re: How using .query stack in REST API?

For some reason, I have never encountered such an approach with a stack to organizing logical calculations before. Really liked its simplicity of implementation, will use it in my projects when need to be able to set the behavior of an object by user in settings. I like esoteric programming languag...
by Amm0
Fri Feb 02, 2024 11:07 pm
Forum: Beginner Basics
Topic: Time to learn policy routing
Replies: 9
Views: 608

Re: Time to learn policy routing

The docs starting here: https://help.mikrotik.com/docs/display/ ... CMP)routes
give some context too.
by Amm0
Fri Feb 02, 2024 11:04 pm
Forum: Beginner Basics
Topic: Time to learn policy routing
Replies: 9
Views: 608

Re: Time to learn policy routing

Very True. I was going to say it basically the Load Balance YT: https://www.youtube.com/watch?v=nlb7XAv57tw&t=467s Just skip the 3 PCC lines in mangle & replace with LAN subnet(s) as dst-address to main as first rule(s) and whatever other rules to steer traffic. You can also use it to drop c...
by Amm0
Fri Feb 02, 2024 10:41 pm
Forum: Beginner Basics
Topic: Time to learn policy routing
Replies: 9
Views: 608

Re: Time to learn policy routing

There is thread here that might have some background: https://forum.mikrotik.com/viewtopic.php?t=192006&hilit=mrz Depending on how you do it, you still often need some mangle rule to mark-connection/mark-routing. You just can use /routing/rules to avoid some mangles. e.g. "input" traff...
by Amm0
Fri Feb 02, 2024 9:43 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

Maybe legacy SMB needed more space than the new one. Could that be? I think they didn't want two different SMB implementations, one if you installed ROSE and another from the "classic" samba-like one. That part makes sense – although imagine new ROSE-based SMB might break a few folks who ...
by Amm0
Fri Feb 02, 2024 6:20 pm
Forum: General
Topic: hAP Lite LTE6 LTE Modem upgrade fails
Replies: 9
Views: 1443

Re: hAP Lite LTE6 LTE Modem upgrade fails

Ok, after several reset the configuration it is working now :), I don't know what was the reason but it works now - maybe there was a problem with the operator's SIM card? Anything possible. But when you do a reset-configuration, you'll get the latest default configuration (e.g. 7.13). See the defa...
by Amm0
Fri Feb 02, 2024 5:41 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

SMB sharing that works with 7.13.3 no longer works with 7.14beta9... I had/have ROSE installed. So in 7.14beta9, I see "D" dynamic entries for share+user from previous ROSE smb-export... configuration. That works (although does not support reconnection, same as before). But when I add new...
by Amm0
Fri Feb 02, 2024 5:17 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 247968

Re: v7.13.1 [stable] is released!

It would always be best to adhere to common hostname format standards as system identity translates to hostname of the device. Then Mikrotik should check that, when setting the identity and not accept spaces (and other characters that doesn't belong there) :) It's not "wrong". Space shoul...
by Amm0
Fri Feb 02, 2024 4:37 pm
Forum: General
Topic: vrrp in firewall filter rules
Replies: 7
Views: 938

Re: vrrp in firewall filter rules

I'm a simple man: one VRRP per VLAN. With VRRP as .1, and router as .254 counting down, even if there is just one router I just enable it from start. I've test Group Authority.. but VRRP master are often split between routers so not too useful. Similar with connection tracking*, a few seconds for re...
by Amm0
Fri Feb 02, 2024 4:14 pm
Forum: Scripting
Topic: How using .query stack in REST API?
Replies: 14
Views: 642

Re: How using .query stack in REST API?

, except perhaps to do obfuscation. {".query": [...,"#&!","#2&1&0"]} Well...there we're no example of using the "stack index" operators AKAIK. Bravo! Do think "#|" and "#&" – in right spots – is likely what most folks need ...
by Amm0
Fri Feb 02, 2024 3:46 pm
Forum: Virtualization
Topic: hAP lite - not enough space for update
Replies: 9
Views: 2164

Re: hAP lite - not enough space for update

They've been reducing the size of the wireless package in 7.14beta. Personally, I'd stick at 7.12 & wait for 7.14 to come out. But I suspect 7.14beta9 would update/fit.
by Amm0
Fri Feb 02, 2024 6:08 am
Forum: Scripting
Topic: How using .query stack in REST API?
Replies: 14
Views: 642

Re: How using .query stack in REST API?

FWIW, I'm pretty sure the last "#&" is unnecessary since default is AND. And in the example above, the stack have [true, true] on a match.
by Amm0
Fri Feb 02, 2024 6:03 am
Forum: Scripting
Topic: How using .query stack in REST API?
Replies: 14
Views: 642

Re: How using .query stack in REST API?

I did use an HP calculator for years.

I kinda use "jq" in shell scripts or map()/reduce() in JavaScript to avoid dealing with the .query – although it more efficient to use .query to avoid unneeded data transfer.
by Amm0
Fri Feb 02, 2024 5:52 am
Forum: Scripting
Topic: How using .query stack in REST API?
Replies: 14
Views: 642

Re: How using .query stack in REST API?

LOL. I read what you wrote but cut-and-pasted the wrong one. I think this should work: ["list=a","list=b","list=c","#|","#|","address=159.148.147.252","comment=rem", "#|", "#&"] adding this to above... /ip/...
by Amm0
Fri Feb 02, 2024 5:19 am
Forum: Scripting
Topic: How using .query stack in REST API?
Replies: 14
Views: 642

Re: How using .query stack in REST API?

I tried your version and it works for me... and this version of .query also worked: USER=admin ROUTER=192.168.88.1; curl -l -u $USER -X POST http://$ROUTER/rest/ip/firewall/address-list/print -H "Content-Type: application/json" --data '{".query": ["list=a","list=b&...
by Amm0
Fri Feb 02, 2024 4:48 am
Forum: Scripting
Topic: How using .query stack in REST API?
Replies: 14
Views: 642

Re: How using .query stack in REST API?

I have an example here: https://forum.mikrotik.com/viewtopic.php?t=198974#p1021503 e.g. USER=admin ROUTER=192.168.88.1; curl -l -u $USER -X POST http://$ROUTER/rest/ip/firewall/nat/print -H "Content-Type: application/json" --data '{".query": ["chain=dstnat","chain=...
by Amm0
Fri Feb 02, 2024 12:39 am
Forum: General
Topic: User poll about using Winbox
Replies: 91
Views: 39705

Re: User poll about using Winbox

Please rewrite winbox in Java, so that non-Windows users can finally remove 2GB of wine...
viewtopic.php?t=200431&hilit=winbox#p1050586
by Amm0
Thu Feb 01, 2024 11:37 pm
Forum: Useful user articles
Topic: mDNS between VLANs with just bridge filters - Look Mum, no containers!
Replies: 3
Views: 735

Re: mDNS between VLANs with just bridge filters - no containers!

Great work! Very Cleaver. You've been at this problem for a while now ;). Very minor nit on the example. The BridgemDNS is a "dumb" switch (e.g. vlan-filtering =no ). And maybe the :export does this, but the frame-types & pvid & VLAN assignment should NOT be needed (and do nothing)...
by Amm0
Thu Feb 01, 2024 5:51 pm
Forum: General
Topic: EoIP with one side behind 1-to-1 NAT: am I doing something wrong? [SOLVED]
Replies: 8
Views: 458

Re: EoIP with one side behind 1-to-1 NAT: am I doing something wrong? [SOLVED]

Geez, I could have checked nat-traversal=yes. There is the packet flow diagram might kinda help: https://help.mikrotik.com/docs/display/ROS/Packet+Flow+in+RouterOS#PacketFlowinRouterOS-FlowofRoutedPacket But IPSec get weird in the Packet Flow... And I'm not sure myself if the IPSec & GRE are don...
by Amm0
Thu Feb 01, 2024 5:37 pm
Forum: Virtualization
Topic: SR-IOV with CHR - What hypervisors are you using ?
Replies: 15
Views: 1068

Re: SR-IOV with CHR - What hypervisors are you using ?

I am really starting to think a KVM hypervisor ( open source ) might be a possible SR-IOV solution to get my Mikrotik CHRs with SR-IOV running at the speeds I am looking for. If you're not using the vSphere HA stuff (like vMotion etc)... then it should be easy to switch away from VMWare. Personally...
by Amm0
Thu Feb 01, 2024 3:52 pm
Forum: Wireless Networking
Topic: Wireless info does not show in the IOS app
Replies: 5
Views: 1642

Re: Wireless info does not show in the IOS app

I filed a bug report on this: SUP-142578

This did used to work, but I don't regularly use the app myself, so not sure WHEN it broke.... Pretty I'm sure something broke as part of the wireless/wifiwave2/wifi-qcom* package "transition".
by Amm0
Thu Feb 01, 2024 5:18 am
Forum: General
Topic: EoIP with one side behind 1-to-1 NAT: am I doing something wrong? [SOLVED]
Replies: 8
Views: 458

Re: EoIP with one side behind 1-to-1 NAT: am I doing something wrong? [SOLVED]

The outer tunnel is IPSec – so it's encrypted before you get to GRE (and EoIP and the underlying LAN). So unless the IPSec secret is a "hackable" or well-known password, you should be okay.
by Amm0
Thu Feb 01, 2024 5:14 am
Forum: General
Topic: How to enable ROMON correctly? (I have three switches with identical ID)
Replies: 21
Views: 2852

Re: How to enable ROMON correctly? (I have three switches with identical ID)

I'd pay attention to @bpwl... it keeps changing Bridge addresses change when ports go up/down (up/down like wifi interface does when clients are connected or not). Set "Admin. MAC address" on a bridge, to keep it steady. The bridge get it's MAC address based on the first port it find UNLES...
by Amm0
Thu Feb 01, 2024 3:13 am
Forum: General
Topic: User poll about using Winbox
Replies: 91
Views: 39705

Re: User poll about using Winbox

5) After reading a bit through the posts, it turns out sessions are something completely different than what I had in mind...so nevermind! LOL. Seem you figured it has more to with layouts/styling ;) What you describe is closer to "safe mode": https://help.mikrotik.com/docs/display/ROS/Co...
by Amm0
Thu Feb 01, 2024 12:58 am
Forum: Announcements
Topic: Newsletter #116 | January 2024
Replies: 90
Views: 25811

Re: Newsletter #116 | January 2024

Any reason there isn't a L11UG-5HaxD with M.2 or miniPCI option– it looks to have the headers...
Or any chance you'd offer something that works with US/CA/MX LTE bands to avoid needing a slots for a custom modem? Even the new Chateau LTE16 has no/zero LTE bands for United States.
by Amm0
Thu Feb 01, 2024 12:40 am
Forum: RouterBOARD hardware
Topic: Everything but hAP ax2 is pointless?
Replies: 23
Views: 1551

Re: Everything but hAP ax2 is pointless?

(...) the Hex S has 16 MB only of storage, which seems to be already very tight, unless it is found a way to put the RoS on a diet, it likely won't be upgradable for long (...) Wow, I haven't realized its THAT small. Is it even upgradable with current version of RouterOS 7? It has a SD slot if you ...
by Amm0
Wed Jan 31, 2024 9:22 pm
Forum: Scripting
Topic: Easy container update script
Replies: 5
Views: 1199

Re: Easy container update script

I like the simplicity of the OP's posting. e.g. you create the container "by hand" once, then just use a script to update what you setup. Great work! Some can have other config properties set to container like CMD, host, DNS, etc... Why just not find current container by comment variable, ...
by Amm0
Wed Jan 31, 2024 8:43 pm
Forum: General
Topic: Wrong use of example IPs in docs and videos
Replies: 2
Views: 271

Re: Wrong use of example IPs in docs and videos

Agree, at least when there suppose to be public IP address. Using a private range does make things confusing if it's not a "LAN" in example.

But "non-RFC compliance problem" is also in the videos. One I watch recently, show the DNS server as an example of public IP.
by Amm0
Wed Jan 31, 2024 8:33 pm
Forum: Wireless Networking
Topic: Any plans for spectrum analyzer on new wifi6 products?
Replies: 9
Views: 520

Re: Any plans for spectrum analyzer on new wifi6 products?

Mikrotik routing... but gotta go elsewhere for client serving WiFi. LOL. I didn't say "great" ;). But Mikrotik is trying to resolve them it seems. It was more long-range PtP link cases I was think about. Cynically, think someone may hit more problem BEFORE even getting to needing a spectr...
by Amm0
Wed Jan 31, 2024 7:10 pm
Forum: General
Topic: 7.13 wireless package split question
Replies: 74
Views: 16236

Re: 7.13 wireless package split question

Personally, all care about is the packages I used before still fit. ;) The "how" is kinda less important – but moving to "more monolithic" doesn't seem like the right direction, but maybe. One benefit with the wireless/qcom being seperate in 7.13+, is it allows wi-fi to be remove...
by Amm0
Wed Jan 31, 2024 6:52 pm
Forum: Wireless Networking
Topic: Wireless interface detect message in log (Detect Internet)
Replies: 9
Views: 448

Re: Wireless interface detect message in log (Detect Internet)

Note that Detect Internet can install DHCP clients, default routes, DNS servers and affect other facilities. Use with precaution, and after enabling the service, check how it interferes with your other configuration. it seems like a sort of auto-magical, non-deterministic gizmo without a declared r...
by Amm0
Wed Jan 31, 2024 6:30 pm
Forum: General
Topic: 7.13 wireless package split question
Replies: 74
Views: 16236

Re: 7.13 wireless package split question

So we don't have to mess around with wifi packages and confuse users. If you just follow /system/package/upgrade... theoretically , all should work fine & if not, it's a bug IMO. It's only when you want to use the "new drivers" on an old device that take messing with packages. But foi...
by Amm0
Wed Jan 31, 2024 6:07 pm
Forum: Virtualization
Topic: SR-IOV with CHR - What hypervisors are you using ?
Replies: 15
Views: 1068

Re: SR-IOV with CHR - What hypervisors are you using ?

Yeah, the news around VMWare has not been good. But are you network cards on the HCL and marked with SR-IOV support? https://www.vmware.com/resources/compatibility/search.php OpenNebula, Proxmox VE, KVM, Xen, XCP-ng, Virt-Manager, oVirt ... and others all utilize more or less the same fundamental Li...
by Amm0
Wed Jan 31, 2024 5:17 pm
Forum: RouterBOARD hardware
Topic: L009 and ZeroTier
Replies: 20
Views: 1701

Re: L009 and ZeroTier

Enter Mikrotik BTH ... (or setup your own WG server and work from there) Maybe. But you'd need EoIP with WG to mimic ZeroTier. Since more generally BTH/WireGuard has no multicast or Layer2 stuff like RoMON... while ZeroTier does. But if the BTH desktop clients supported terminating GRE/EoIP as a ps...
by Amm0
Wed Jan 31, 2024 5:04 pm
Forum: General
Topic: How good is PCC with a 1:2 ratio
Replies: 16
Views: 1134

Re: How good is PCC with a 1:2 ratio

Is the traffic VPNs/tunnels/etc – e.g. are connections going to small set of destinations on WANs? Or, is the there a lot of general internet traffic flowing (e.g. lots of connections with many different destination IPs). Basically be good to know if the issue is hashing not creating a suitably rand...
by Amm0
Wed Jan 31, 2024 3:48 pm
Forum: Wireless Networking
Topic: Any plans for spectrum analyzer on new wifi6 products?
Replies: 9
Views: 520

Re: Any plans for spectrum analyzer on new wifi6 products?

And the older Atheros wifi chips did include a spectrum analyzer, so it's really a remove feature ;). But even with the older drivers/devices, the ARM chips never support a SA... So not hopeful we'll see one. But be curious to see how the new outdoor AX stuff plays out. I'm sure be fine for basic Wi...
by Amm0
Wed Jan 31, 2024 6:57 am
Forum: General
Topic: Netwatch Failover Script
Replies: 11
Views: 577

Re: Netwatch Failover Script

but would self heal after about 10 to 15 seconds (in the worse cases) Netwatch takes time to detect, that is somewhat controllable. But it also takes some time for the client to detect the problem, which is not controllable. Basically an app needs to timeout – just dropping the connection does not ...
by Amm0
Wed Jan 31, 2024 5:26 am
Forum: General
Topic: Netwatch Failover Script
Replies: 11
Views: 577

Re: Netwatch Failover Script

Well, whether you even need to find the connections, depends on the specific NAT rule you're using... In your /ip/firewall/nat, using if your using two "action=masquerade", on for each WAN, will cause flush the connections. From https://help.mikrotik.com/docs/display/ROS/NAT#NAT-Masquerade...
by Amm0
Wed Jan 31, 2024 3:45 am
Forum: General
Topic: Netwatch Failover Script
Replies: 11
Views: 577

Re: Netwatch Failover Script

So using .ids will execute the commands faster ? and they wont change if the tables receive new routes ? If route is static and you only edit them, then .id is stable. Essentially the .id is assigned by the /ip/route/add — so if you remove it, and then add same again, only then will it get a new .i...
by Amm0
Wed Jan 31, 2024 3:39 am
Forum: General
Topic: Netwatch Failover Script
Replies: 11
Views: 577

Re: Netwatch Failover Script

You may want to cut-and-paste the .id... you forget a zero in the ID. ;) And I might have been sloppy, if the WAN is a physical port, then it could be fast-tracked. Since rule covers already established/related, the mangle would have already been done when the rule hits. But you have a rule connecti...
by Amm0
Wed Jan 31, 2024 3:14 am
Forum: General
Topic: EoIP with one side behind 1-to-1 NAT: am I doing something wrong? [SOLVED]
Replies: 8
Views: 458

Re: EoIP with one side behind 1-to-1 NAT: am I doing something wrong? [SOLVED]

Now, if you search for similar topics on this forum, you will find plenty. People are setting up all kinds of stuff (without bothering to post configs). But where this topic differs is... I actually kinda did set it up already, stumbling upon my solution by accident. The problem is, what I did is s...
by Amm0
Wed Jan 31, 2024 2:38 am
Forum: General
Topic: Netwatch Failover Script
Replies: 11
Views: 577

Re: Netwatch Failover Script

Also, if you have static routes for you WAN, you can use the .id (/ip/route/print show-ids) of the route instead of a /ip/route/find. i.e. /ip route enable [find where comment=WAN1-21] If you don't have a lot of routers, it's likely insignificant compared with TCP re-establishments. But find ain't f...
by Amm0
Wed Jan 31, 2024 2:33 am
Forum: General
Topic: Netwatch Failover Script
Replies: 11
Views: 577

Re: Netwatch Failover Script

was wondering if doing this in any way breaks fast track before im using Mangle (even tho that particular network, I have rules above that are capturing those packets before fast track, but just kind want to know.) Going out a WAN is already going to "break" fasttrack (and not covered by ...
by Amm0
Tue Jan 30, 2024 9:04 pm
Forum: General
Topic: After configuring PCC load balancing, the required DDNS public IP address cannot be obtained. [SOLVED]
Replies: 9
Views: 742

Re: After configuring PCC load balancing, the required DDNS public IP address cannot be obtained. [SOLVED]

At a high level, you can do this in two steps: - add an address list in firewall that resolves "cloud2.mikrotik.com" - add prerouting rule for new + mark-connection that uses the dst-address-list= set to the address-list above for cloud2.mikroitk.com — just before the PCC rules so the conn...
by Amm0
Tue Jan 30, 2024 7:45 pm
Forum: Scripting
Topic: Script for LTE1 reset in access the LTE access technology is Evolved 3G (LTE)
Replies: 2
Views: 287

Re: Script for LTE1 reset in access the LTE access technology is Evolved 3G (LTE)

On the LTE interface, there should be some checkbox for "Network Mode". You can prevent it from connecting to 3G by unchecking the other box (and GSM) – so only LTE is checked. Not all modems support selecting this, so YMMV. Also running a continuous ping someplace (e.g. /tool/netwatch), m...
by Amm0
Tue Jan 30, 2024 7:35 pm
Forum: RouterBOARD hardware
Topic: Everything but hAP ax2 is pointless?
Replies: 23
Views: 1551

Re: Everything but hAP ax2 is pointless?

hEX S is not that much slower. The other different is the hEX S does NOT run zerotier, BTH, container, or some other newer V7 features. So that's a disqualification in my book as it does not seem very "future proof". But hEX S does have PoE IN and OUT on separate ports, USB, and SD card –...
by Amm0
Tue Jan 30, 2024 5:31 pm
Forum: General
Topic: Feature requests
Replies: 1712
Views: 618185

Re: Feature requests

Omg not this one. Cisco Configuration Professional. That .hta file that would start a tomcat via an ActiveX component then show a Flash/Flex applet that will itself also embed a Java Applet. WHY would you do that. And I must be old... because I recall cisco IOS's "ip http server" being a ...
by Amm0
Tue Jan 30, 2024 4:45 pm
Forum: General
Topic: 7.13 wireless package split question
Replies: 74
Views: 16236

Re: 7.13 wireless package split question

only wifi is visible in the mobile app, also old CAPsMAN devices are missing from the interfaces. Any clue? There have been complaints about the iOS mobile app in another thread, see... https://forum.mikrotik.com/viewtopic.php?t=203149 On top of top wlanX not showing up in the Advanced menus. Even ...
by Amm0
Mon Jan 29, 2024 8:41 pm
Forum: The Dude
Topic: Dude - how to log interface status
Replies: 5
Views: 1222

Re: Dude - how to log interface status

Thanks everyone. I'll dig into this and see how it works. One thing to note: Dude works by polling ... so it records an instantance reading of something. It does NOT do "traps" or events... so its may not capture if up/down perfectly, but close (and closer if you shorten the polling inter...
by Amm0
Mon Jan 29, 2024 7:08 pm
Forum: General
Topic: How good is PCC with a 1:2 ratio
Replies: 16
Views: 1134

Re: How good is PCC with a 1:2 ratio

PCC decides based on a hash. Is a lot of traffic going to the same destination? Are you using "both-addresses-and-ports"? Since that may help randomize (at the expensive of potential breaking some services that except same src)? What I do not know is if you making you double the PCC rules ...
by Amm0
Mon Jan 29, 2024 6:07 pm
Forum: General
Topic: Which MikroTik?
Replies: 2
Views: 340

Re: Which MikroTik?

It's actually #5 that may require re-thinking... 5- And the possibility of Cloud management. There is no cloud "management". Mikrotik has some services for DDNS, cloud backup , and VPN ("Back to Home") but that's likely not what you're thinking. In RouterOS philosophy, you'd crea...
by Amm0
Mon Jan 29, 2024 2:29 pm
Forum: General
Topic: Feature requests
Replies: 1712
Views: 618185

Re: Feature requests

RouterOS is not for the users that require wizards for everything... That may be true. But request is not far off from /ip/dhcp-server/setup which does prompting (and supports <tab>). So doing a /interface/vlan/add, /ip/address/add then /ip/dhcp-server/setup gets you a working VLAN in three steps (...
by Amm0
Mon Jan 29, 2024 4:22 am
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

*) package - reduced "wireless" package size for ARM, ARM64, MIPSBE, MMIPS devices; While this is true: Starting from netinstall'ed 7.12.1, it was able to do a /system/package upgrade to 7.14beta8 with zerotier, gps, routeros, and wireless (automatically since started at 7.12.1). That was...
by Amm0
Mon Jan 29, 2024 4:10 am
Forum: Wireless Networking
Topic: Wireless info does not show in the IOS app
Replies: 5
Views: 1642

Re: Wireless info does not show in the IOS app

I see same on a wAPacR with "classic" wireless drivers, in 7.12, 7.13, and 7.14beta8. Using Mikrotik iOS App version 1.2.13 (which is latest according to App Store) In previous versions, you'd be able to click on the wifi interface in the Home Screen of iOS app, and the gear icon in upper-...
by Amm0
Sun Jan 28, 2024 8:23 pm
Forum: RouterBOARD hardware
Topic: L009 and ZeroTier
Replies: 20
Views: 1701

Re: L009 and ZeroTier

As far as encryption/ciphers goes including ZeroTier and many others, please correct me if I'm wrong, but isn't 64-Bit CPU/Kernel/Host OS the De facto industry standard across the board? Mikrotik marches to their own beat. I'd like to think they tested it. While dunno know enough about ARM assemble...
by Amm0
Sun Jan 28, 2024 7:12 pm
Forum: RouterBOARD hardware
Topic: L009 and ZeroTier
Replies: 20
Views: 1701

Re: L009 and ZeroTier

Be nice if Mikrotik clarified the HW encryption stuff with ZT. The ZT docs suggest there were issues with 32-bit ARM to @DarkNate's point: ARM If you're planning on embedding ZeroTier in a product such as a router, network attached storage or some other IoT application we see that our partners have ...
by Amm0
Sat Jan 27, 2024 7:08 pm
Forum: Scripting
Topic: `conditional not boolean` bug with :onerror (new in 7.13)
Replies: 24
Views: 2598

Re: `conditional not boolean` bug with :onerror (new in 7.13)

I don't think it's can be a simple as an implied requirement to return something. Perhaps not. To be clear, I was NOT saying it should be a "requirement" ;) FWIW, code blocks already have an implict return of the last value of cmd in block, so why I thought that was involved (like that a ...
by Amm0
Sat Jan 27, 2024 6:21 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

I have always seen the Mikrotik DNS "server" , as a DNS forwarder, with just limited functions as DNS resolver. Agreed. Given the numerous 16MB devices & space is "tight", the 7.14beta8 change makes perfect sense IMO... e.g. prevent a disk full condition from DNS cache overf...
by Amm0
Fri Jan 26, 2024 11:03 pm
Forum: RouterBOARD hardware
Topic: New hAP ax lite LTE
Replies: 199
Views: 24788

Re: New hAP ax lite LTE

Might want to check what Mikrotik sets in /system/default-configuration/print for the LEDs.
by Amm0
Fri Jan 26, 2024 4:34 pm
Forum: RouterBOARD hardware
Topic: Chateau LTE12 D53G-5HacD2HnD - Lack of storage space
Replies: 9
Views: 3210

Re: Chateau LTE12 D53G-5HacD2HnD - Lack of storage space

When buying a device, pay atention to available resources, if you wish to put a lot of custom config on the device. Sadly the quoted part of reply by @Normis shows continuation of denial mode which MT adopted regarding the 16MB flash space on not-so-ancient ARM devices. And that is a on-going conce...
by Amm0
Fri Jan 26, 2024 2:00 am
Forum: Beginner Basics
Topic: LTE SIM LOCKED after reboot
Replies: 20
Views: 7478

Re: LTE SIM LOCKED after reboot

I don't have an FG621-EA modem (e.g. most recent LTE6 devices) nor SIM locking enabled to know. But...I saw this in the release notes for 7.13.3 that seem to indicated this may problem may be fixed: *) sms - fixed SMS inbox for FG621-EA modem (introduced in v7.13); *) lte - improved SIM PIN unlock e...
by Amm0
Thu Jan 25, 2024 7:27 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

[...] What really makes no sense is consistent cache misses once the cache is at capacity. The main problem is that MikroTik are developing their own DNS resolver [...] When will that finally end??? IMO it starts by documenting what Mikrotik's expected DNS caching behavior is WRT TTL: https://help....
by Amm0
Thu Jan 25, 2024 6:41 pm
Forum: Beginner Basics
Topic: Forum rules
Replies: 14
Views: 19056

Re: Forum rules

Good write up. I just that think that content like "How to safely save your configuration for public posting?" belongs in the help.mikrotik.com. Or, better still, some "Download config" in winbox UI to avoid a terminal for newbies. On the specific post, perhaps a note that the de...
by Amm0
Thu Jan 25, 2024 5:02 pm
Forum: General
Topic: MikroTik RouterOS boot speed is very slow- vmware
Replies: 9
Views: 2007

Re: MikroTik RouterOS boot speed is very slow- vmware

I've tried setting the hardware version to 18 (ESXi 7.0 U1 (7.0.1) / Workstation Pro 16.x).
The issue persists.
Perhaps setting the hardware version to 10, as that's what's in the OVA file.
by Amm0
Thu Jan 25, 2024 4:35 pm
Forum: Beginner Basics
Topic: User Manual request for WAP LTE6 Kit
Replies: 9
Views: 517

Re: User Manual request for WAP LTE6 Kit

Activate Roaming on the installed SIM (I believe there will be the need to go in terminal mode and give some command I guess)
That should be a checkbox in Interface > LTE tab > "lte1"
by Amm0
Thu Jan 25, 2024 4:33 pm
Forum: Beginner Basics
Topic: User Manual request for WAP LTE6 Kit
Replies: 9
Views: 517

Re: User Manual request for WAP LTE6 Kit

FWIW, I'm guessing upgrade is the most important thing on the wAP. But there three things to update. First is RouterOS. That is in System > Packages & can use "Download and Install". And after it reboots for RouterOS upgrade, you'll want to reboot 2nd time, as this will cause the Boot ...
by Amm0
Thu Jan 25, 2024 3:04 am
Forum: Beginner Basics
Topic: Why adding EoIP interface to bridge lowers MTU to 1458, and breaks HTTPS connectivity (timeout errors) for some sites?
Replies: 5
Views: 2499

Re: Why adding EoIP interface to bridge lowers MTU to 1458, and breaks HTTPS connectivity (timeout errors) for some site

MTIK needs to correct the default MTU for EoIP to be 1500 if not entered, NOT 1458. EoIP will need to send 2 frames if larger than 1458 frame enters tunnel and frameSize+EoIP overhead is above physical MTU max. between EoIP endpoints. In practical terms, the bridge (or VLAN on bridge) has no choice...
by Amm0
Wed Jan 24, 2024 11:20 pm
Forum: Beginner Basics
Topic: DHCP doesn't deliver an address for a gateway
Replies: 89
Views: 3027

Re: DHCP doesn't deliver an address for a gateway

Folks are trying to help here. Totally right, reset-configuration and/or netinstall is going to get you a blank (or default install). But you still have to configure it to do what you want. Nothing is automatic, unless you have a one DHCP-provided WAN on ether1, and want a LAN on remaining ports – t...
by Amm0
Wed Jan 24, 2024 6:10 pm
Forum: Beginner Basics
Topic: DHCP doesn't deliver an address for a gateway
Replies: 89
Views: 3027

Re: DHCP doesn't deliver an address for a gateway

There is one other thing I am wondering here ... CRS112 is a MIPSBE device having only 16Mb storage. In theory, yes. And seems able to get to the configuration, it's working. On the CRS112, if you can get to the configuration, then you can use System > Reset Configuration. You may want to check &qu...
by Amm0
Wed Jan 24, 2024 5:50 pm
Forum: Beginner Basics
Topic: DHCP doesn't deliver an address for a gateway
Replies: 89
Views: 3027

Re: DHCP doesn't deliver an address for a gateway

e.g. if it just resetting the configuration, you can use the reset button. That's only tricky since take a combo: powering unit off, depress the reset button/pin-hole for ~7 seconds (until "User" light flashes) AND powering on the unit at same time as holding. See https://help.mikrotik.com...
by Amm0
Wed Jan 24, 2024 5:29 pm
Forum: Beginner Basics
Topic: DHCP doesn't deliver an address for a gateway
Replies: 89
Views: 3027

Re: DHCP doesn't deliver an address for a gateway

Boy that went south. Anyway. I just do NOT see netinstall as being particular important here. If you want to use it, it's easier to from Linux IMO, since there's just less steps in setup. If you used QuickSet originally to set the IP on the factory version — that could cause the 0.0.0.0 dhcp network...
by Amm0
Wed Jan 24, 2024 4:13 pm
Forum: Beginner Basics
Topic: DHCP doesn't deliver an address for a gateway
Replies: 89
Views: 3027

Re: DHCP doesn't deliver an address for a gateway

The line with address 0.0.0.0 is new this morning. I have no idea where it comes from. Underlying issue is QuickSet. It had a bug in old versions that created a dhcp-network with 0.0.0.0 instead of the subnet from ether1. So I suspect OP changed the IP in QuickSet, which created the 0.0.0.0. Since ...
by Amm0
Wed Jan 24, 2024 3:53 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 247968

Re: v7.13.2 [stable] is released!

i updated 7.13.2 but i cant downrage back . its not work like before i downrage
What device is it and what is written in the logs?
And if logs report disk space as issue... you may be able to copy to PC and remove the backup files to free space before attempting downgrade.
by Amm0
Tue Jan 23, 2024 8:52 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

Also minor logging bug when you do run out of disk space when attempting an upgrade. After reboot, the logs show:
Image

The (null) looks wrong, either package name or nothing be better.
by Amm0
Tue Jan 23, 2024 8:45 pm
Forum: General
Topic: Wrong country when selecting Time Zone Autodetect
Replies: 16
Views: 1171

Re: Wrong country when selecting Time Zone Autodetect

Maybe a future update will allow different users to have different time zones as other systems allow. I'm just not sure of the use case for "per user" timezones. It starts getting complex if you do something like set scheduled script – is the time RouterOS TZ or the logging user, etc., et...
by Amm0
Tue Jan 23, 2024 8:09 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

If the idea is more unification (ROSE SMB in routeros package)... IMO it should be the the otger way around ... throw SMB out if core ROS. I obviously agree. Now MT's counterpoint has been there is overhead in packaging (and, likely, add complexity in upgrade/migration). So, in practical terms, MQT...
by Amm0
Tue Jan 23, 2024 7:54 pm
Forum: Forwarding Protocols
Topic: Routing rule use cases
Replies: 16
Views: 15189

Re: Routing rule use cases

I have always used Mangle to mark traffic to different routes, but I don't know without the routing rules it is better, worse or a different way to do it. @mrz kinda starts with that assumption. I've never know if it was "better or worse" – I use them more for explainability to someone wh...
by Amm0
Tue Jan 23, 2024 7:35 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

(accidentally edited instead of new post)
by Amm0
Tue Jan 23, 2024 5:49 pm
Forum: General
Topic: Wrong country when selecting Time Zone Autodetect
Replies: 16
Views: 1171

Re: Wrong country when selecting Time Zone Autodetect

In MikroTik, even if I use my own commercial ASN/IP address space, the autodetect never worked correctly, even though RFC8805 information is updated on all popular Geolocation DB providers. This does beg the question what geolocation service is Mikrotik using in /ip/cloud backend. e.g. it's not Ols...
by Amm0
Tue Jan 23, 2024 5:45 pm
Forum: General
Topic: Wrong country when selecting Time Zone Autodetect
Replies: 16
Views: 1171

Re: Wrong country when selecting Time Zone Autodetect

Autodetect TZ is a reasonable default... but setting it a TZ is a better idea. Mainly because the logs only record the clock time, not UTC. And dealing with TZ and logging is hard enough, so the last things you'd want is the vagaries of autodetect TZ. If someone uses any logging system, it's likely ...
by Amm0
Tue Jan 23, 2024 5:29 pm
Forum: General
Topic: Wrong country when selecting Time Zone Autodetect
Replies: 16
Views: 1171

Re: Wrong country when selecting Time Zone Autodetect

GeoIP is pseudo-science, just guessing.. CGNAT ISPs also makes the guessing hard.. I suggest just setting the timezone. Agreed. But to be clear, the geolocation for timezone is based the IP detected by /ip/cloud. See https://help.mikrotik.com/docs/display/ROS/Clock . The time zone is detected depen...
by Amm0
Tue Jan 23, 2024 6:57 am
Forum: General
Topic: /tool/dns-update to bind server
Replies: 9
Views: 744

Re: /tool/dns-update to bind server

It's DNS.. so you use TTL to control when it gets removed. You should be able to replace, but there is no "remove" – it expires based on what you set in dns-update's ttl=.
by Amm0
Mon Jan 22, 2024 8:21 pm
Forum: Announcements
Topic: WinBox v3.40 released!
Replies: 109
Views: 103116

Re: WinBox v3.40 released!

It "just" needs rewrite to use some cross-platform GUI library like Qt or GTK. I've never understood this push to re-write winbox... This Mac user is quite happy with @optio approach — which gets an icon — and worked for years. Guess we're closer to see where this "teaser" goes....
by Amm0
Mon Jan 22, 2024 5:47 pm
Forum: Announcements
Topic: WinBox v3.40 released!
Replies: 109
Views: 103116

Re: WinBox v3.40 released!

It's still called Winbox.
Well, Xbox was taken.

FWIW, viewtopic.php?p=1031799&hilit=multi+platform#p1031799 from Dec 2021:
We do have plans for true multi platform Winbox. Finally. Let this be a teaser for 2022 :) No ETA and no promises though.
by Amm0
Mon Jan 22, 2024 5:29 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

there are bugs, but not crashing type of bugs, good enough for long-term channel of ROSv7 LOL, agree. And running out of disk space is a quick way to have the "crashing type of bugs" IMO. Only issue is scripting in the "7.12.x as long-term" suggestion – there is JSON support and...
by Amm0
Mon Jan 22, 2024 5:11 pm
Forum: Beginner Basics
Topic: RB1100AHx4 sfp upgrade [SOLVED]
Replies: 4
Views: 504

Re: RB1100AHx4 sfp upgrade [SOLVED]

I just like the RB1100 design. Having options is good, even if unused ;). There just been reports of SFP issues in recent builds and GPON compatibility is complex... so if you're not going to get a speed bump from using SFP... I just don't think going to L009 is going to buy you much. If your intern...
by Amm0
Mon Jan 22, 2024 3:48 pm
Forum: Beginner Basics
Topic: RB1100AHx4 sfp upgrade [SOLVED]
Replies: 4
Views: 504

Re: RB1100AHx4 sfp upgrade [SOLVED]

You do have to be careful with replace your ISP modem with an SFP... Depending on exactly what ISP is doing with the fiber (e.g. like GPON), there may not be a SFP. And SFPs get hot, so added concern on the L009. Is the internet speed actually faster than 1Gbps? If not, and ISP modem is bridged, eth...
by Amm0
Mon Jan 22, 2024 3:23 pm
Forum: Announcements
Topic: WinBox v3.40 released!
Replies: 109
Views: 103116

Re: WinBox v3.40 released!

What do you mean "teaser"? That is just a wine install, that has been possible for a long time. Is just a wine link with custom icon? Doubt it. Already 3rd parties that package wine+winbox into an Mac app to get an icon... but given @normis always note this about them it be pretty ironic:...
by Amm0
Mon Jan 22, 2024 1:23 am
Forum: Beginner Basics
Topic: Speed and CPU issue with HEX s
Replies: 28
Views: 2030

Re: Speed and CPU issue with HEX s

Regarding official test results
One more detail... the official specs also use V6, not V7.

If you're not using any V7 features, there might be some merit with latest V6 on a HEX S. Or at least testing it.
by Amm0
Sun Jan 21, 2024 9:31 pm
Forum: General
Topic: Support responses?
Replies: 9
Views: 1199

Re: Support responses?

The company I'm with is doing a surprising amount of work with Mikrotik - and I've learned to use them well enough to slot them in where they make sense from a financial perspective. We had a pair running as L3 Cores for a data center for a short time (data center moniker is overkill, just a single...
by Amm0
Sun Jan 21, 2024 8:40 pm
Forum: General
Topic: Support responses?
Replies: 9
Views: 1199

Re: Support responses?

You can ping them by adding a comment with "Any update?". Dunno if that help. May change response from weeks to days, but not hours ;). Presuming authentication is set to "none" since it's not support in VRRPv3.... One thing to try is "messing" with "Group Master&q...
by Amm0
Sun Jan 21, 2024 8:19 pm
Forum: General
Topic: /tool/dns-update to bind server
Replies: 9
Views: 744

Re: /tool/dns-update to bind server

Yes, but this statement "By default the DNS server listens on port 953..." not sure is correct (unless bind config is modified for DNS service to listen on that port, but then it is not default), it's default for RNDC port and if is even remapped to that port with nat /tool/dns-update wil...
by Amm0
Sun Jan 21, 2024 7:12 pm
Forum: General
Topic: /tool/dns-update to bind server
Replies: 9
Views: 744

Re: /tool/dns-update to bind server

I don't think you can change the port on the /tool/dns-update command.

However, there is likely a workaround by doing a dst-nat in /ip/firewall/nat to change the port. Exactly how to do that depend on your topology/config, but dst-nat should be able re-map the port.
by Amm0
Sun Jan 21, 2024 6:44 pm
Forum: General
Topic: Inline comments [SOLVED]
Replies: 3
Views: 681

Re: Inline comments [SOLVED]

"Sessions" may be the answer. You can save the layout as a session file when connected to a router, and next time pick that file as the "Session" on the winbox login screen. The session aren't specific to the router, so you can use same session file with routers you didn't save i...
by Amm0
Sun Jan 21, 2024 5:56 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

At the moment you are in the situation that the bad decision to use 16MB (or less) flash memory causes problems for some users. And it goes out of topic again. Perhaps. But the problem — in 7.14beta7 — is NOT theoretical. At least specifically on 16MB ARM-based wAPacR's. In 7.12.1 (and before), the...
by Amm0
Sat Jan 20, 2024 8:45 pm
Forum: Wireless Networking
Topic: Maximum MTU Size on virtual WiFi interfaces
Replies: 23
Views: 3658

Re: Maximum MTU Size on virtual WiFi interfaces

looking at the debugger of my crestron controller Ah yes, I knew something common uses LwIP but couldn't remember it. Quick google turned up this thread in another site: https://groups.io/g/crestron/topic/101467579?p=Created%2C%2C%2C20%2C2%2C0%2C0%3A%3Arecentpostdate%2Fsticky%2C%2C%2C20%2C2%2C120%2...
by Amm0
Sat Jan 20, 2024 8:29 pm
Forum: Containers
Topic: Feature request: Docker labels support
Replies: 3
Views: 2393

Re: Feature request: Docker labels support

+1

They have a category for "Feature Request" at help.mikrotik.com.

This would be helpful since there is no "name" field, and you have multiple container with same tag=... so to find one programmatically gets tricky with label or something like that.
by Amm0
Fri Jan 19, 2024 11:28 pm
Forum: Wireless Networking
Topic: Maximum MTU Size on virtual WiFi interfaces
Replies: 23
Views: 3658

Re: Maximum MTU Size on virtual WiFi interfaces

I think you can use dst-address= as the LwIP-based controller instead – but I see if it fixes one. You likely can use interface or use a subnet /24 (or assign them IP with same /25 or smaller group of address). You could also try lowering the MTU on the PC/laptop with the HTTP 400 within OS's networ...
by Amm0
Fri Jan 19, 2024 6:12 pm
Forum: Wireless Networking
Topic: Maximum MTU Size on virtual WiFi interfaces
Replies: 23
Views: 3658

Re: Maximum MTU Size on virtual WiFi interfaces

Wow. Quite the difference in the config from Aug (now that I look). In a quick review, your config is very clean & the local-forwarding=yes should let switches do there things. MTU must be 1500 since is not set AFAIK. I take everything else is working fine in your network? But I'm befuddled in w...
by Amm0
Fri Jan 19, 2024 4:44 pm
Forum: Wireless Networking
Topic: Maximum MTU Size on virtual WiFi interfaces
Replies: 23
Views: 3658

Re: Maximum MTU Size on virtual WiFi interfaces

Ah that makes more sense as to the 400 being related... although 8 fragments seems very odd. I cannot recall specific of V6 capsman MTU rules, so not 100%**... But have you tried just changing the MTU on the wlan1 and wlan2 to 1500 (instead of 1600) & leaving L2MTU at 1600 (or greater)? I'm also...
by Amm0
Fri Jan 19, 2024 2:03 pm
Forum: Beginner Basics
Topic: use CLI to change /ip service
Replies: 4
Views: 571

Re: use CLI to change /ip service

One tip, you can use <tab> at the command line to help figure out commands at the terminal. And the <F1> key will show help on the attributes (sometimes). But clear the winbox allowed addresses, that is just /ip service set winbox address="" disabled=no And you could repeat that pattern fo...
by Amm0
Fri Jan 19, 2024 3:43 am
Forum: General
Topic: vrrp in firewall filter rules
Replies: 7
Views: 938

Re: vrrp in firewall filter rules

@bpwl, I wasn't suggesting to change what you're doing — using real/non-VRRP IPs in RADIUS seems like a safer plan. More noting the difference in the cases. In V6, I want to say you can use pref-src on a /ip route to solve as an alternative to mangle'ing UM... but I do know pref-src with VRRP addres...
by Amm0
Fri Jan 19, 2024 12:35 am
Forum: General
Topic: vrrp in firewall filter rules
Replies: 7
Views: 938

Re: vrrp in firewall filter rules

It's a /32 on the router. BUT...to the PC/laptop client on the VLAN, the VRRP address is the default gateway (and appears part of the /24). VRRP responds to the ARP from PC/laptop, based on master/slave with VLAN's MAC of active. So when the "internet traffic" would go via the default gate...
by Amm0
Thu Jan 18, 2024 11:38 pm
Forum: Scripting
Topic: Netwatch with fetch stopped working after 7.13
Replies: 16
Views: 1267

Re: Netwatch with fetch stopped working after 7.13

(deleted - just read what support said a few posts above)
by Amm0
Thu Jan 18, 2024 11:16 pm
Forum: Announcements
Topic: NEW FEATURE: Back to Home VPN
Replies: 286
Views: 207082

Re: NEW FEATURE: Back to Home VPN

When such outgoing connections are made by the router's BTH client and the iOS/Android BTH client, some unique identifier (e.g. router's serial no) must be passed to the MikroTik cloud. This identifier will help the BTH service in the cloud to logically link these 2 connections. I can see how the B...
by Amm0
Thu Jan 18, 2024 5:17 pm
Forum: Useful user articles
Topic: Using RouterOS to VLAN your network
Replies: 291
Views: 414204

Re: Using RouterOS to VLAN your network

Better to put it in the main text and explain why OFF for start and ON at the end!! Fair enough. Those are a critical steps. But another approach is to enable vlan-filtering=yes from the default configuration on home units at the START. This does NOT break anything in the default configuration sinc...
by Amm0
Thu Jan 18, 2024 4:50 pm
Forum: Wireless Networking
Topic: Maximum MTU Size on virtual WiFi interfaces
Replies: 23
Views: 3658

Re: Maximum MTU Size on virtual WiFi interfaces

I guess this rules out any network issues, or am I wrong here Yeah I'd think so. Your no where the MTU, and even below the lowest TCP MSS. My Laptop is 192.168.110.33 and sends the Status - request with 451 bytes, which this TRV - Device likes. The Pro3 sends the same GET with 60 Bytes and this is ...
by Amm0
Thu Jan 18, 2024 4:25 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 510
Views: 144738

Re: v7.14beta [testing] is released!

There is no separate bgp/ospf etc processes that could be put into separate packages, everything is integrated. Fair enough. Imagine there a lot of dependency. BUT I think folks are looking for more ways to throw something off the boat, whatever/however possible. Dunno, maybe MPLS? Only Mikrotik wo...
by Amm0
Thu Jan 18, 2024 3:07 pm
Forum: Announcements
Topic: NEW FEATURE: Back to Home VPN
Replies: 286
Views: 207082

Re: NEW FEATURE: Back to Home VPN

3) using hole punching. this means relay only helps to find both ends, but traffic will go direct. I guess now I have questions... Under what conditions does it use hole punching? Does that require the BTH app, or can a normal WG use "hole punched" BTH too? Basically I cannot picture how ...
by Amm0
Thu Jan 18, 2024 1:48 am
Forum: Announcements
Topic: NEW FEATURE: Back to Home VPN
Replies: 286
Views: 207082

Re: NEW FEATURE: Back to Home VPN

If im not wrong if you have public IP then BTH will not use mikrotik relay server but your public IP instead. Correct. If you have a public IP and thus NOT using the relay, under /ip/cloud "BTH VPN", it will show "reachable directly (region: ... ip:... rtt: 59.581ms)" next to &q...
by Amm0
Wed Jan 17, 2024 4:58 pm
Forum: Wireless Networking
Topic: Maximum MTU Size on virtual WiFi interfaces
Replies: 23
Views: 3658

Re: Maximum MTU Size on virtual WiFi interfaces

Any ideas on which screws to turn? Use /tool/sniffer, and see what's actually happen with the GET requests. You'd just care about the MTU and packet size. But if it's getting an HTTP error back, it means the packets got there & TCP was established – that does not strike me as a "network is...
by Amm0
Wed Jan 17, 2024 2:30 pm
Forum: RouterBOARD hardware
Topic: Wifi connection deteriorated with USB device attached
Replies: 9
Views: 1276

Re: Wifi connection deteriorated with USB device attached

As alternative to foil, perhaps using a USB cable with a ferrite bead would help.
by Amm0
Wed Jan 17, 2024 3:48 am
Forum: Beginner Basics
Topic: doh server connection error network is unreachable over DNS 1.1.1.1
Replies: 54
Views: 4300

Re: doh server connection error network is unreachable over DNS 1.1.1.1

The command produces a .pem file containing the public certificate for cloudflare-dns.com and the intermediate certificate DigiCert Global G2 TLS RSA SHA256 2020 CA1. However, it may not include the root certificate, which is crucial for establishing a complete certificate chain. "openssl s_cl...
by Amm0
Tue Jan 16, 2024 3:15 am
Forum: Containers
Topic: VLess proxy tunnel on mikrotik via containers.
Replies: 5
Views: 1852

Re: VLess proxy tunnel on mikrotik via containers.

rp-filter is set in /ip/settings, but I'm not sure that's the issue.

Did you see this thread? viewtopic.php?p=1044220&hilit=xray#p984907
by Amm0
Mon Jan 15, 2024 9:24 pm
Forum: General
Topic: MikroTik RouterOS boot speed is very slow- vmware
Replies: 9
Views: 2007

Re: MikroTik RouterOS boot speed is very slow- vmware

Long ago had same problem on Fusion, support suggested using the OVA file, instead of disk image. Might be worth a try on VMWare workstation. I think it may be the VMX version, so adjusting to version of emulated hardware may help, dunno.
by Amm0
Mon Jan 15, 2024 3:10 pm
Forum: General
Topic: User poll about using Winbox
Replies: 91
Views: 39705

Re: User poll about using Winbox

1) Very infrequently, or sometime indirectly (e.g. what session was last set) 2) Save window layout, I thought... 3) Not sure – it's confusing already*. But perhaps showing them in a tab with some metadata on them on the winbox login (vs. the session dropdown with just file) 4) No – IMO it's a &quo...
by Amm0
Mon Jan 15, 2024 2:57 pm
Forum: Beginner Basics
Topic: EoIP
Replies: 19
Views: 1200

Re: EoIP

I read recently about EoIP being used to create a wireless backhaul between two routers. Theoretically, it seems one could create a mesh AP system that way, rather than just 'joining' two ethernet LANs, possibly exploiting additional virtual WiFis. I've not done it, and don't ask me about performan...
by Amm0
Mon Jan 15, 2024 2:34 pm
Forum: Beginner Basics
Topic: doh server connection error network is unreachable over DNS 1.1.1.1
Replies: 54
Views: 4300

Re: doh server connection error network is unreachable over DNS 1.1.1.1

Another option: You can also use "openssl" client at Mac/Linux/WSL terminal to both the certificate chain ("openssl s_client -showcerts -connect 1.1.1.1:443"). A .pem file can be made by cut-and-paste the various "BEGIN CERTIFICATE" to "END CERTIFICATE" (inclu...
by Amm0
Sun Jan 14, 2024 4:37 pm
Forum: Beginner Basics
Topic: EoIP
Replies: 19
Views: 1200

Re: EoIP

So apart from being used for romon over vpn, regular home user have no real reasons to use eoip... Well, you need two Mikrotik routers first, so you may be beyond a "regular home" once you have that. ;) But it's always best to start with the problem and sites/map/diagram... There are many...
by Amm0
Sun Jan 14, 2024 3:09 am
Forum: Beginner Basics
Topic: port forwarding
Replies: 61
Views: 3955

Re: port forwarding

The package also needed to MATCH the version install, so zerotier.npk that needs to copied to root of the disk (and rebooted after) should be here: https://download.mikrotik.com/routeros/7.12.1/all_packages-arm64-7.12.1.zip Technically 7.13 is current, but the upgrade from 7.2 would have stopped at ...
by Amm0
Sun Jan 14, 2024 1:30 am
Forum: General
Topic: The problem that upnp does not work [SOLVED]
Replies: 12
Views: 1816

Re: The problem that upnp does not work [SOLVED]

udp port 1900 tcp port 2828 Do I open these ports on the input chain? And the ports are "destination port"? Normally the default "accept on input from LAN list" rule would cover uPnP negotiation. But if you had a more custom firewall, say VLANs, you'd need to allow those port on...
by Amm0
Sat Jan 13, 2024 10:12 pm
Forum: Beginner Basics
Topic: port forwarding
Replies: 61
Views: 3955

Re: port forwarding

In theory, yes...except you use the "VETH" (once the container is installed) as the "In Interface" (and NO In Interface List) in the dst-nat rule. I cannot help with Cloudflare console-side/cloud-side config, because I've never set it up, but that is likely the best plan (outsid...
by Amm0
Sat Jan 13, 2024 9:38 pm
Forum: Beginner Basics
Topic: port forwarding
Replies: 61
Views: 3955

Re: port forwarding

Running your own game server with a port exposed is a dangerous game, you will be hacked or ddossed for sure. Best bet is cloudflare as that doesnt expose your public IP. Even the zerotier option is good because you control who has access to your server and again public iP not exposed. The cloud op...
by Amm0
Sat Jan 13, 2024 8:55 pm
Forum: Beginner Basics
Topic: port forwarding
Replies: 61
Views: 3955

Re: port forwarding

I'd call LMT and see what a public IP costs, it may be pretty minimal dunno. That's the easiest. Everything else below is a fair amount of work... WG and/or ZeroTier do not alone give you a public IP or anything to help with port forwarding. But if everyone using your server is on the same VPN, you ...
by Amm0
Sat Jan 13, 2024 7:19 pm
Forum: Beginner Basics
Topic: port forwarding
Replies: 61
Views: 3955

Re: port forwarding

So internet works? If you go to IP > Address does the "lte1" interface in the list have a public IP (e.g. NOT 10.x.x.x, 192.168.x.x, or 172.16-31.x.x)? so the ip adress is 10.38.141.188 so i guess its not public. To do port forwarding, you need a "public IP". See this thread abo...
by Amm0
Sat Jan 13, 2024 6:54 pm
Forum: Beginner Basics
Topic: port forwarding
Replies: 61
Views: 3955

Re: port forwarding

So internet works? If you go to IP > Address does the "lte1" interface in the list have a public IP (e.g. NOT 10.x.x.x, 192.168.x.x, or 172.16-31.x.x)? But the NAT rule is right, you need to go to IP > Firewall > NAT tab and change the "dst-nat" rule and double-click it to to ope...
by Amm0
Sat Jan 13, 2024 4:24 pm
Forum: Beginner Basics
Topic: EOIP over Wireguard (For RoMon purposes only) [SOLVED]
Replies: 33
Views: 3715

Re: EOIP over Wireguard (For RoMon purposes only) [SOLVED]

Also, when I open winbox I wanted all to show up, without having to select one with the right password and then hit ROMON. That be nice, but not how it works. RoMON is a poor mans substitute for Zerotier, which get you all your neighbors showing up on the "normal" winbox list. But RoMON r...
by Amm0
Sat Jan 13, 2024 5:59 am
Forum: Beginner Basics
Topic: port forwarding
Replies: 61
Views: 3955

Re: port forwarding

Thanks AMMO, zing above my head but sounds like good info. PS> I thought 7.13.1 was the current latest stable version? That's correct, 7.13.1 – hard to keep track. There is actually some LTE modem fireware bug fixes for LMT, or at least there was a thread about it a while ago. Why upgrading is a go...
by Amm0
Sat Jan 13, 2024 4:09 am
Forum: Beginner Basics
Topic: port forwarding
Replies: 61
Views: 3955

Re: port forwarding

Few things going on here. Critically this is a LMT-branded Chateau (@anav, that's the cell carrier in Latvia that sell these units). The config comes from them and managed by remotely via the TR069 (see last line in configuration). Since the unit is managed by LMT... you may want to ask them what's ...
by Amm0
Fri Jan 12, 2024 11:32 pm
Forum: Beginner Basics
Topic: Wireguard - roadwarrior configuration following guide (no internet or LAN connection)
Replies: 14
Views: 1571

Re: Wireguard - roadwarrior configuration following guide (no internet or LAN connection)

Can the DHCP network with 0.0.0.0 be removed without impacting connectiviity to the clients? What does a DHCP of 0.0.0.0 actually mean or do? I will remove the unused dhcp pool. I restarted some configurations when I received the router and may have forgotten to remove the previous settings. Thanks...
by Amm0
Fri Jan 12, 2024 8:07 pm
Forum: General
Topic: Port forward from LTE [SOLVED]
Replies: 30
Views: 2101

Re: Port forward from LTE [SOLVED]

Take a look at this article in docs... LTE should be same as anything WAN for port forwarding – https://help.mikrotik.com/docs/display/RKB/Port+forwarding It's also possible even if you a public IP that LTE carrier does not let you bind to privileged ports (e.g. ports below 1024). If you still have ...
by Amm0
Fri Jan 12, 2024 6:32 pm
Forum: General
Topic: Forum broken?
Replies: 31
Views: 2223

Re: Forum broken?

FWIW, I noticed yesterday 5000+ active Guest users listed on the home page – don't follow it closely but normally its dozen or hundreds. Maybe that just some crawler.
But I have seen it hang more than usual.
by Amm0
Fri Jan 12, 2024 5:56 pm
Forum: Beginner Basics
Topic: Wireguard - roadwarrior configuration following guide (no internet or LAN connection)
Replies: 14
Views: 1571

Re: Wireguard - roadwarrior configuration following guide (no internet or LAN connection)

1. DHCP SERVER-NETWORK PROBLEM: From: /ip dhcp-server network add address= 0.0.0.0/24 dns-server= 0.0.0.0 gateway= 0.0.0.0 netmask=24 This one is caused by QuickSet. The DHCP network being 0.0.0.0 is a bug in some older version of V7 where if you changed the IP in QuickSet. There is also two IP ran...
by Amm0
Fri Jan 12, 2024 5:39 pm
Forum: Beginner Basics
Topic: doh server connection error network is unreachable over DNS 1.1.1.1
Replies: 54
Views: 4300

Re: doh server connection error network is unreachable over DNS 1.1.1.1

I know, that's why I said, there is nothing automatic you could do to prevent this from happening. Maybe y'all should make a NPK extra-package with just the common Linux/whatever root/intermediate certs inside (like a branding package, but certs). So it can be installed as trusted package, rather t...
by Amm0
Fri Jan 12, 2024 5:29 pm
Forum: Beginner Basics
Topic: doh server connection error network is unreachable over DNS 1.1.1.1
Replies: 54
Views: 4300

Re: doh server connection error network is unreachable over DNS 1.1.1.1

You can add the SSL.com root/intermediate certs from SSL.com, without removing the old DigiCert ones (e.g. use both). The DoH certificate check only checks the entire chain is trusted, NOT the root used...so as long as the new SSL.com certs were added to /certificates, transition should be seamless.
by Amm0
Fri Jan 12, 2024 5:08 pm
Forum: Scripting
Topic: fetch vs curl [SOLVED]
Replies: 2
Views: 702

Re: fetch vs curl [SOLVED]

Your header is wrong:

http-header-field="Content-Type: application/json"

You may want to add output=user, so you can see the results on the screen. Otherwise output is to a file. If it all works, you can add "as-value" to store result to a variable if desired.
by Amm0
Thu Jan 11, 2024 9:58 pm
Forum: Beginner Basics
Topic: EOIP over Wireguard (For RoMon purposes only) [SOLVED]
Replies: 33
Views: 3715

Re: EOIP over Wireguard (For RoMon purposes only) [SOLVED]

No problem, here is FW rule on main router: ;;; EoIP chain=input action=accept protocol=gre in-interface-list=LAN log=no log-prefix="" And that works because wiregard1 is a member of LAN. e.g. @gigabyte091 has the following: /interface list member add interface=wireguard1 list=LAN Basical...
by Amm0
Thu Jan 11, 2024 8:08 pm
Forum: Scripting
Topic: `conditional not boolean` bug with :onerror (new in 7.13)
Replies: 24
Views: 2598

Re: `conditional not boolean` bug with :onerror (new in 7.13)

Or, just always :return something in the in= block... That seems to be the implied requirement...whether that's a bug or just undocumented is better left to Mikrotik. Did you report this to support@mikrotik.com? One thing I noticed in your examples is using # comments in the in= block... That may ac...
by Amm0
Thu Jan 11, 2024 7:48 pm
Forum: Beginner Basics
Topic: hEx not routing between hosts in same lan [SOLVED]
Replies: 18
Views: 1684

Re: hEx not routing between hosts in same lan [SOLVED]

The reason WAS overzealous firewall configurations in ALL of the PCs on the network
FWIW... Most Window's versions block ping, by default. That's a quick way to think things aren't working, when they are working.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 12