Community discussions

MikroTik App

Search found 4002 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 14
by Amm0
Mon May 20, 2024 11:45 pm
Forum: General
Topic: GUIDE: Running Netinstall Server on a Tik
Replies: 54
Views: 5410

Re: GUIDE: Running Netinstall Server on a Tik

Leave it like it is please. It works :lol: I created a new spin on @semaja2's excellent work. See https://github.com/tikoci/netinstall which builds to DockerHub (ammo74/netinstall:latest) and GHCR (ghcr.io/tikoci/netinstall:latest). Instead of the Dockerfile using a mount, it download all the files...
by Amm0
Mon May 20, 2024 10:17 pm
Forum: General
Topic: IPTV cuts and pixelations with Movistar Spain and HAP ax3
Replies: 33
Views: 1618

Re: IPTV cuts and pixelations with Movistar Spain and HAP ax3

Yeah perhaps. About all I have is you might want to update your case with Mikrotik that you also tried the bridge igmp method too. That actually should have worked in your case IMO.... Maybe not fix the packet loss, but work. Maybe Mikrotik can search their Jira for another case where Movistar setup...
by Amm0
Mon May 20, 2024 9:45 pm
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 10458

Re: [Discussion] MikroTik configuration abstraction complexity

Agreed?
Well, it is a thread @DarkNate started – not some bitting invective injected into someone else's posting. Kinda different cases IMO.

The back-and-forth over some folk's tone get's annoying too. ;)
by Amm0
Mon May 20, 2024 9:25 pm
Forum: Scripting
Topic: remove [find] gets stuck while executing
Replies: 4
Views: 182

Re: remove [find] gets stuck while executing

Hmm. Does doing just the [find] work, or is it in the "remove" part. There is the :time command to see how things take. Be curious what if it's the "find" part or the "remove" works. :put [:time {/interface/bridge/port find}]] And/or try if you using the list as a strin...
by Amm0
Mon May 20, 2024 8:50 pm
Forum: General
Topic: IPTV cuts and pixelations with Movistar Spain and HAP ax3
Replies: 33
Views: 1618

Re: IPTV cuts and pixelations with Movistar Spain and HAP ax3

Yeah I'm not convinced everything multicast is 100% on RouterOS. If I disable IGMP Proxy, the TV doesn't work. That's to be expected since you don't have a IGMP querier enabled when /routing/igmp-proxy is disabled. Essentially, the long page about "Bridge IGMP/MLD" essentially boils down ...
by Amm0
Mon May 20, 2024 8:32 pm
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 10458

Re: [Discussion] MikroTik configuration abstraction complexity

RouterOS v8 could be “from scratch” [...] For RouterOS v7, the only option is XDP/eBPF data-plane. Forget DPDK/VPP probably. Or in RouterOS v7, don't fuck with the data plane. Fix bugs, and there many. Make the AX more centerialized and simple. And add more docs, especially on interop with cisco/et...
by Amm0
Mon May 20, 2024 8:25 pm
Forum: General
Topic: IPTV cuts and pixelations with Movistar Spain and HAP ax3
Replies: 33
Views: 1618

Re: IPTV cuts and pixelations with Movistar Spain and HAP ax3

Yeah I'm not convinced everything multicast is 100% on RouterOS. But without delving into packet trace, hard to know. And Movistar does some specific things based on many years of reports here that don't make it simplier. FWIW, the RTSP proxy support was added largely for Movistar AFAIK. And /routin...
by Amm0
Mon May 20, 2024 7:56 pm
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 10458

Re: [Discussion] MikroTik configuration abstraction complexity

When Mikrotik started it was have been unthinkable to run routing on Linux at large scale. Different world for a while. And we seem back to talking ASIC again... I hate C cisco [...] I dislike Arista for being a Cisco-fake That explains a lot. My take on Mikrotik history is that someone had the idea...
by Amm0
Sun May 19, 2024 4:23 am
Forum: General
Topic: IPTV cuts and pixelations with Movistar Spain and HAP ax3
Replies: 33
Views: 1618

Re: IPTV cuts and pixelations with Movistar Spain and HAP ax3

Boy I would have bet money is was something in the wifi-qcom drivers... cable kinda eliminates that theory... There just not a lot of knobs to turn here. Only other one that effect a wired and wireless is the bridge MC cache: /interface bridge set bridge multicast-router=permanent Cannot say if it h...
by Amm0
Sat May 18, 2024 8:29 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 1886

Re: Ready variable from file.rsc [SOLVED]

I kinda missed that limiting access to only SMB. Now :import follows the current logged in user, so it's not "unsafe". But in this case, if allowing SMB to an non-admin to edit it & some later script run it... yeah there is room for some privilege escalation. Question was how to read f...
by Amm0
Fri May 17, 2024 10:12 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 1886

Re: Ready variable from file.rsc [SOLVED]

If the file has globals, you can actually just use ":import <file>" to read them from a file.
by Amm0
Fri May 17, 2024 8:37 pm
Forum: General
Topic: LHGGR underperforming LTE speeds
Replies: 25
Views: 907

Re: LHGGR underperforming LTE speeds

Fair enough, "SS7" is technically incorrect, just old and lump all "carrier stuff" as SS7. I'm just not convinced it's a device/antenna selection issue in this case. e.g. SINR is 15db. Only point was the LTE carrier can send a requested MTU to the modem. And on Mikrotik this does...
by Amm0
Fri May 17, 2024 7:19 pm
Forum: General
Topic: LHGGR underperforming LTE speeds
Replies: 25
Views: 907

Re: LHGGR underperforming LTE speeds

Shouldn't MSS clamping be done by operator's TCP Proxy (they are often running on mobile networks, at least for APNs without inbound access)? But you're right, it's probably a good idea to check it. Hard to know. Kinda my point... there is even more ways for things to go wrong even if RF were diale...
by Amm0
Fri May 17, 2024 6:24 pm
Forum: RouterBOARD hardware
Topic: GRE Zscaler can't load website
Replies: 1
Views: 228

Re: GRE Zscaler can't load website

"clamp-tcp-mss" option requires the MTU to be correct in the first place, otherwise it's just forcing TCP MSS to be wrong – which actually a worse problem... Maybe not the case.... But if your WAN has a lower MTU than 1500, then the default GRE MTU needs to be reduced. The default 1476 is ...
by Amm0
Fri May 17, 2024 5:55 pm
Forum: General
Topic: LHGGR underperforming LTE speeds
Replies: 25
Views: 907

Re: LHGGR underperforming LTE speeds

Well, tabling the RF stuff... i.e. If you want to optimize RF, it at least a dozen things to research/measure/do/tweak. And no doubt you're better off with a high-category modem vs a lower one – but trying quantify speeds linearly does not give enough credit to 3GPP specs that try to ensure fairness...
by Amm0
Thu May 16, 2024 11:02 pm
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 10458

Re: [Discussion] MikroTik configuration abstraction complexity

As a networker who cut his teeth on Cisco IOS, I'm #TeamPort myself :) LOL, #TeamPort, agree I think.... I take you to mean being able to express normal things like "access"/"trunk"/"hybrid" on /interface/bridge/port including what's tagged for trunks WITHOUT having to...
by Amm0
Thu May 16, 2024 7:03 pm
Forum: General
Topic: [Formal Complaint] Support is ignoring my problem for 3 weeks
Replies: 50
Views: 6925

Re: [Formal Complaint] Support is ignoring my problem for 3 weeks

Which has been deleted from the support panel
I suspect it has not been deleted, but marked closed. There is a filter "closed" issues in JIRA-based help.mikrotik.com portal.
by Amm0
Thu May 16, 2024 4:31 pm
Forum: RouterBOARD hardware
Topic: Switch Synergistic Research UEF
Replies: 4
Views: 325

Re: Switch Synergistic Research UEF

If one ignore the snake oil about audio enhancing ethernet...

They put in some time to make it look nice with a decent power supply. And bet they take a phone call if there is a problem. Sounds like cisco, and priced accordingly.
by Amm0
Thu May 16, 2024 3:42 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 662
Views: 194976

Re: v7.14.3 [stable] is released!

That's a 20-bit number (1 and then 20 0's) ... looks like something hardcoded. It's calculated max-entries can be shown via: /ip/firewall/connection/tracking/print Now if there is free memory, docs do suggest it show grow. Still, if you're hitting these limits, using "raw" rules for stuff...
by Amm0
Thu May 16, 2024 3:22 pm
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1051

Re: Slow FTP upload speed via GRE Tunnel

Good explanation @rplant. Does seem like MTU issue... i.e. "slow" often a sign of wrong MTU & "slow" also means it's getting through the firewall so ain't fw filters... Even if not, it still best to know/confirm your MTU with the ping test. In similar MTU vain, make sure icmp...
by Amm0
Thu May 16, 2024 6:40 am
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 310
Views: 81503

Re: v7.15rc [testing] is released!

*) bridge - added MVRP support; Finally tried out MVRP. Seems to work in limited testing. Two grips: 1. If /interface/vlan has been enabled for MVRP (mvrp=yes), then VLAN ID should be dynamically added to /interface/bridge/vlan with tagged=bridge. Instead, the vlan-id must be manually added to loca...
by Amm0
Wed May 15, 2024 9:57 pm
Forum: Announcements
Topic: Newsletter #118 | May 2024
Replies: 26
Views: 4156

Re: Newsletter #118 | May 2024

LOL re official font, manrope ... at least it's description matches the product ;)
This font is a crossover of different font types: it is semi-condensed, semi-rounded, semi-geometric, semi-din, semi-grotesque. It employs minimal stoke thickness variations and a semi-closed aperture.
by Amm0
Wed May 15, 2024 5:31 pm
Forum: The Dude
Topic: Required Dude server package [SOLVED]
Replies: 4
Views: 6601

Re: Required Dude server package [SOLVED]

And... then copy the dude.npk to the root of the Files & reboot. You need to enable it Dude > Settings and pick a path to store the database. You'd need the Dude client for Windows to then manage it, using same RouterOS login in Dude app.
by Amm0
Wed May 15, 2024 5:51 am
Forum: Containers
Topic: Horrible container performance from 7.14 up to 7.15rc2
Replies: 3
Views: 490

Re: Horrible container performance from 7.14 up to 7.15rc2

Have you deleted and re-created the VETH interface used by the container?

Sometime stuff goes bad between versions with VETH interface I've found. Never slowness you're describing. But still may be worth it to remove/add VETH interface, even with same IP.
by Amm0
Wed May 15, 2024 5:45 am
Forum: General
Topic: Transit over two EOIP tunnels over PPTP
Replies: 10
Views: 517

Re: Transit over two EOIP tunnels over PPTP

Agreed, even with PPTP, one end still need to be public IP. Or otherwise routable over an internal network as noted. PPTP still uses GRE, like EoIP...it just uses an TCP port to setup so client side can be behind a NAT. As far as I know, you have to have permanent IP addresses for establishing EOIP ...
by Amm0
Wed May 15, 2024 5:29 am
Forum: Scripting
Topic: my script gets data running in terminl but not from system scripts
Replies: 9
Views: 461

Re: my script gets data running in terminl but not from system scripts

Since you already have the ".id" from the :foreach on [find], you do not need the 2nd [find] since "get" works with the .id. :foreach E in=[/system script environment find] do={:log info $E;:local name [ /system/script/environment get [find .id=$E ] ];:log info $name;} :foreach E...
by Amm0
Wed May 15, 2024 1:37 am
Forum: Scripting
Topic: my script gets data running in terminl but not from system scripts
Replies: 9
Views: 461

Re: my script gets data running in terminl but not from system scripts

RoS has an undocumented flaw when running the terminal in interactive mode that allows indexing objects with regular numbers. [...] It's not a "flaw" in scripting. If you want to see the .id, use "print show-ids". For interactive CLI use, the "always sequential" number...
by Amm0
Wed May 15, 2024 1:15 am
Forum: Scripting
Topic: my script gets data running in terminl but not from system scripts
Replies: 9
Views: 461

Re: my script gets data running in terminl but not from system scripts

Replace the "1" .id you used, with a "find".
 /system/script/environment get [find name="myvarname"]
But keep in mind what's "global" is tied to context/user where it was created.
by Amm0
Tue May 14, 2024 10:58 pm
Forum: General
Topic: Transit over two EOIP tunnels over PPTP
Replies: 10
Views: 517

Re: Transit over two EOIP tunnels over PPTP

Fair enough. But why not just use IPSec directly on the EoIP interface with a shared-secret? This seems simpler/cleaner, and perhaps faster, than PPTP tunnels.
by Amm0
Tue May 14, 2024 9:44 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

I suspect the \\\" fixed it in the string that's being sent. Since my 2nd example above using [:serialize to=json]* would NOT actually work for your 000000 case.... i.e. I learned something new here actually. Apparently [:serialize to=json] will automatically convert strings into numbers - even...
by Amm0
Tue May 14, 2024 6:45 am
Forum: Beginner Basics
Topic: Internal clients DNS over HTTPS
Replies: 6
Views: 432

Re: Internal clients DNS over HTTPS

Tend to agree. If concerned about privacy on the LAN, you should just encrypt all data using a VPN to router – still enough HTTP and other protocols that "leak" information if one can snoop the wire on a LAN. What a shame, seems to be a huge miss in the entire market space. Well... AFAIK o...
by Amm0
Mon May 13, 2024 8:01 pm
Forum: General
Topic: Wrong country when selecting Time Zone Autodetect
Replies: 23
Views: 2113

Re: Wrong country when selecting Time Zone Autodetect

How often does the device change countries/time zones during normal use? Agree with you. Except @normis said it's regularly updated & the defaults use automatic timezone. So I'd imagine it's annoying it's always wrong and requires changing manually on 100 devices, when you got it updated in the...
by Amm0
Mon May 13, 2024 6:45 pm
Forum: General
Topic: Ccr2216 rebooted by watchdog timer
Replies: 10
Views: 2229

Re: Ccr2216 rebooted by watchdog timer

After todays reboot finally received autosupout.rif file and there is open ticket about it - SUP-152819. waiting ... One tip, if you don't know, is you can read the autosupout.rif from https://mikrotik.com/client/supout (if have/create an account at www.mikrotik.com). Sometimes the stored logs in s...
by Amm0
Mon May 13, 2024 6:40 pm
Forum: General
Topic: IP-sec secret (pre-shared key) is too complex L2TP/IPsec
Replies: 3
Views: 1713

Re: IP-sec secret (pre-shared key) is too complex L2TP/IPsec

( and ) are problem in your password. And I have tried ; It is also a problem. Maybe bug here with (). But question is it from winbox or CLI, or both? winbox shouldn't need any escaping (i.e. it should do that when you click OK for the config). Now at CLI you'd want double-quotes after pre-shared k...
by Amm0
Mon May 13, 2024 6:22 pm
Forum: General
Topic: Wrong country when selecting Time Zone Autodetect
Replies: 23
Views: 2113

Re: Wrong country when selecting Time Zone Autodetect

It's the contraction between the geoip database gets updated monthly part that odd here. And @Blancatel says IPs are the database Mikrotik is using for many months. While true, it's not hard to set for one router.... But I think @Blancatel is a ISP-ish scenario... so stuff like "just set it&quo...
by Amm0
Mon May 13, 2024 7:13 am
Forum: Scripting
Topic: snmpwalk/snmpget can't read global variable [SOLVED]
Replies: 14
Views: 7338

Re: snmpwalk/snmpget can't read global variable [SOLVED]

Yeah there is a lot of stuff you just cannot read from SNMP, so /system/note may not be a bad option. But just note since it updates config, it does increase flash writes since an update is stored in config. In terms of SNMP+scripts, it's a shame there stored /persistent variables, for a lot of reas...
by Amm0
Mon May 13, 2024 1:48 am
Forum: Beginner Basics
Topic: AT&T FTTH, VLANs, CapsMAN Full Config (RouterOS 7 Updated)
Replies: 29
Views: 5783

Re: AT&T FTTH, VLANs, CapsMAN Full Config

An entire topic should be spent on Service Discovery between VLANs, I should think. Oh it's been a topic ;), at least in terms of SSDP and mDNS. At present have the following options* if only using Mikrotik gear: 1. Use bridge filtering, most current is here https://forum.mikrotik.com/viewtopic.php...
by Amm0
Sun May 12, 2024 5:41 pm
Forum: Wireless Networking
Topic: hAP ax2 - best WiFi configuration for range?
Replies: 12
Views: 601

Re: hAP ax2 - best WiFi configuration for range?

@mkx is right 20Mhz would get you smidgen more range.

Sometimes just even minor re-positioning router helps too (e.g.. put on top of bookcase, vs. in the bookcase, ... etc.). And, check your clients RSSI in various locations to see if that helps.
by Amm0
Sun May 12, 2024 4:51 pm
Forum: General
Topic: BTH BUG Bleeding Into Regular Wireguard.
Replies: 21
Views: 1570

Re: BTH BUG Bleeding Into Regular Wireguard.

I have the same problem with the exact same scenario with two WANs and WG on the non-primary WAN. Well, you're better off using use routing rules, not mangle. While mangle should work here to be consistent with RouterOS... but WG seems to overly follow what Linux kernel does, not Mikrotik's packet ...
by Amm0
Sun May 12, 2024 6:30 am
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1051

Re: Slow FTP upload speed via GRE Tunnel

Did you check the MTU?
by Amm0
Sat May 11, 2024 10:48 pm
Forum: General
Topic: IPTV cuts and pixelations with Movistar Spain and HAP ax3
Replies: 33
Views: 1618

Re: IPTV cuts and pixelations with Movistar Spain and HAP ax3

Also, I'm not sure quick-leave=yes is needed in the IGMP settings. Perhaps it has a bad interaction with AX drivers, dunno. Anyway, another thing to try.
by Amm0
Sat May 11, 2024 10:44 pm
Forum: General
Topic: IPTV cuts and pixelations with Movistar Spain and HAP ax3
Replies: 33
Views: 1618

Re: IPTV cuts and pixelations with Movistar Spain and HAP ax3

You have the RTSP helper, which I believe is critical for Movistar (/ip firewall service-port set rtsp disabled=no)... so it's not that. There is not a lot of detail on multicast-enhance, so really hard to know here. One thing is you may want to enable the querier=yes on the bridge in /routing/igmp-...
by Amm0
Sat May 11, 2024 7:07 pm
Forum: General
Topic: BTH BUG Bleeding Into Regular Wireguard.
Replies: 21
Views: 1570

Re: BTH BUG Bleeding Into Regular Wireguard.

@anav, did you report a bug on this? Until such time MT sorts out this mess. :-( They may never... Part of why WG is fast is that it happens in the kernel, so dropping down to mangle likely be some performance hit. But I don't know. Kinda the reverse complaint of @DarkNate's [Discussion] MikroTik co...
by Amm0
Sat May 11, 2024 6:51 pm
Forum: Scripting
Topic: Script triggered by API not executed properly [SOLVED]
Replies: 7
Views: 5446

Re: Script triggered by API not executed properly [SOLVED]

Assuming you're using REST or "native API" to run /system/script with update code, might be easy to try setting "Don't Check Permissions" on that script to see if it works then. And/or make sure the script owner is same as the user you're using to login with REST/API.
by Amm0
Sat May 11, 2024 6:42 pm
Forum: General
Topic: IPTV cuts and pixelations with Movistar Spain and HAP ax3
Replies: 33
Views: 1618

Re: IPTV cuts and pixelations with Movistar Spain and HAP ax3

It not working at all be easier problem... And multicast with AX drivers, I'm less familar. But I'd add the multicast-enhance=enabled to the parent 5Ghz interface as well. The docs are unclear if a child SSID can set that independent of the parent. But I don't think it hurt your normal LAN traffic, ...
by Amm0
Sat May 11, 2024 3:19 am
Forum: General
Topic: Flexibel DHCP-client options
Replies: 4
Views: 353

Re: Flexibel DHCP-client options

In theory I could start wiresharking and put the values in DHCP-options on the LAN-side, until the ISP changes them for some reason then my TV-box would not work anymore. You'd still need to sniff the existing DHCP from your ISP router what's in the Option 43 Vendor. Hard to know if it's dynamicall...
by Amm0
Sat May 11, 2024 2:11 am
Forum: General
Topic: Flexibel DHCP-client options
Replies: 4
Views: 353

Re: Flexibel DHCP-client options

I've never used them, but did you try to add those additional options via: /ip/dhcp-client/option/add name=bootfilename code=67 value="'somefile'" Those are also in winbox, and docs are explain the format for value follows the dhcp-server scheme: DHCP client has the possibility to set up o...
by Amm0
Fri May 10, 2024 6:32 pm
Forum: General
Topic: Chateau 5G ax - Automatic cellular reconnect on provider disconnect
Replies: 20
Views: 3172

Re: Chateau 5G ax - Automatic cellular reconnect on provider disconnect

Anyway, out of curiosity and just in case disabling it and enabling it again is not effective, I would like to know if it is possible to reset the lte1 interface using AT commands or in any other way using only one command. There is also a "power-reset" command to kill USB power (to reboo...
by Amm0
Fri May 10, 2024 6:17 pm
Forum: RouterBOARD hardware
Topic: NetMetal ax / L23-UGSR — initial feedback from specs
Replies: 9
Views: 863

Re: NetMetal ax / L23-UGSR — initial feedback from specs

no we need any AX outdoor client I'd imagine some wAPax is in the works. Technically, the NetMetal AX could be AX client FWIW. Mainly wanted to highlight the lack of 48V PoE – that be a deal killer on some future outdoor AX client IMO, where standard 802.3at/af PoE be common. And, if new routers ar...
by Amm0
Fri May 10, 2024 6:10 pm
Forum: Forwarding Protocols
Topic: default route check with BFD
Replies: 10
Views: 468

Re: v7.15rc [testing] is released!

Also "BFD for OSPF" means that BFD is used to detect whether the OSPF neighbor is down, it is unrelated to setting check gateways for the ospf routes. Fair enough. Recent BFD docs do say "Features not yet supported: ... enabling BFD for ip route gateways". Except Route Selection...
by Amm0
Fri May 10, 2024 1:06 am
Forum: Useful user articles
Topic: mDNS between VLANs with just bridge filters - Look Mum, no containers!
Replies: 50
Views: 8795

Re: mDNS between VLANs with just bridge filters - Look Mum, no containers!

I think it's great you can make something like an mDNS repeater in Mikrotik from rules. It's what all the levers and knobs are for. True. But should still be built-in to /ip/dns stuff... And Mikrotik @normis said they're working on it & "be a while"... so we're 1 year into that, perha...
by Amm0
Fri May 10, 2024 12:42 am
Forum: Useful user articles
Topic: mDNS between VLANs with just bridge filters - Look Mum, no containers!
Replies: 50
Views: 8795

Re: mDNS between VLANs with just bridge filters - Look Mum, no containers!

LOL re sausage analogy. I tend to agree your filter approach is doing what something in user space would do. So other than being more confusing than making a French Soufflé ... it arguably faster than some built-in thing. I have tried addresses 224.0.0.250 and 224.0.0.252 as static GMPs and they sho...
by Amm0
Fri May 10, 2024 12:03 am
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1051

Re: Slow FTP upload speed via GRE Tunnel

Could be wrong, but I don't think you can use fast-track with IPSec-enabled GRE tunnel. Also, are you setting MTU lower on the GRE interface, or is MTU 1500? If it's 1500, you can use ping and don't fragment to determine the MTU (search here/google for using ping to calculate mtu size). Relatedly, m...
by Amm0
Thu May 09, 2024 10:35 pm
Forum: The Dude
Topic: Dude in external disk
Replies: 1
Views: 246

Re: Dude in external disk

Essentially it's all stored in a SQLite database, so you just need to move the files and update dude settings to use new path. To do this... first, disable Dude service in Winbox under Dude > Settings. Note the path to the data files is stored there. If you then go to Files section in winbox, just m...
by Amm0
Thu May 09, 2024 9:37 pm
Forum: Forwarding Protocols
Topic: default route check with BFD
Replies: 10
Views: 468

Re: default route check with BFD

Not sure where this going wrong... You should be able to use route rule for OSPF to set the check-gateway=bfd.

But...you cannot set check-gateway=bfd in a static /ip/route as that is "not yet support" per docs. So if it's a static route, that be your issue here.
by Amm0
Wed May 08, 2024 9:03 pm
Forum: Scripting
Topic: Functions and function parameters
Replies: 54
Views: 102726

Re: Functions and function parameters

now it's ok, I found the solution https://forum.mikrotik.com/viewtopic.php?t=197800 I put ':put' and everything works For avoid useless print, like It's the [] sub-command that's the issue if I recall - if it's command result isn't going to a variable, there is no need for the [] backets. e.g. [$fl...
by Amm0
Wed May 08, 2024 8:56 pm
Forum: General
Topic: Access to router lost after setting EtherType to 0x88a8. Recovery possible? [SOLVED]
Replies: 2
Views: 3837

Re: Access to router lost after setting EtherType to 0x88a8. Recovery possible? [SOLVED]

Clearly any port using the bridge is not going to work. But just to confirm you tried Layer2 winbox using MAC address of the ether1 while connected to it?

Did you have RoMON enabled on it, if so it MIGHT show up on another router with RoMON enabled.
by Amm0
Wed May 08, 2024 8:39 pm
Forum: General
Topic: RoMON and VRF's [SOLVED]
Replies: 2
Views: 3835

Re: RoMON and VRF's [SOLVED]

RoMON works at the ethernet level, using non-IP ether-type. So it has nothing to do with routing tables or VRF.
It only works on "ethernet-like" interfaces, and a VRF "interface" is not ethernet-like since it does not have a MAC address.
by Amm0
Wed May 08, 2024 8:18 pm
Forum: General
Topic: VRRP - DHCP Entries On All VLANS [SOLVED]
Replies: 25
Views: 4647

Re: VRRP - DHCP Entries On All VLANS [SOLVED]

Good to hear! Lesson is posting the entire config is helpful... And even then I had to look /ip/dhcp-server/alert docs myself since I didn't know HOW it worked. The yellow box in docs told the whole story however: https://i.ibb.co/xghv7rh/Screenshot-2024-05-08-at-9-52-02-AM.png I still wonder why it...
by Amm0
Wed May 08, 2024 4:00 pm
Forum: RouterBOARD hardware
Topic: Can't find a suitable router... product lines a mess
Replies: 26
Views: 1822

Re: Can't find a suitable router... product lines a mess

home office gets stuffed with 5 more plants and flowers EVERYWHERE and you have to water them and dust the leaves" :D
Given Wi-Fi's natural enemy is foliage, this makes sense. I guess explaining with more plants, you'll need more Wi-Fi, is not going to work.
by Amm0
Wed May 08, 2024 5:34 am
Forum: General
Topic: VRRP - DHCP Entries On All VLANS [SOLVED]
Replies: 25
Views: 4647

Re: VRRP - DHCP Entries On All VLANS [SOLVED]

Thanks for indulging in the vlan-filtering=yes. I just know that works with VRRP, and if there was a bug/config-issue/etc here... I figured it block or change the issue. No such luck it seems. Scanned your config again... I did notice one of the routers was using /ip/dhcp-server/alert & that mig...
by Amm0
Wed May 08, 2024 12:35 am
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

FWIW, another way of building the GQL string is using RouterOS array to store it, and the use [:serialize] to convert RouterOS array to JSON, this avoid some of the more complex escaping (and uses a { } block so :local variables can be used at the CLI, since you'd want to use :local variables a fina...
by Amm0
Tue May 07, 2024 11:47 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

Your HTTP example is useful. HTTP bodies do NOT need any escaping, but GraphQL must want the \" with your leading 0 case. And you can see that cURL use the single quotes, so quotes shouldn't need escaping there either. So I think the issue is in RouterOS you need a "triple backsplash"...
by Amm0
Tue May 07, 2024 9:28 pm
Forum: Useful user articles
Topic: mDNS between VLANs with just bridge filters - Look Mum, no containers!
Replies: 50
Views: 8795

Re: mDNS between VLANs with just bridge filters - Look Mum, no containers!

RouterOS really needs an mDNS solution out of the box (both as multicast and Wide Area Bonjour).
Well the DNS-SD part could have been done by simply allowing a PTR RR in the /ip/dns/static YEARS ago. Being able to statically configure mDNS be useful, but cannot even do that. Frustrating.
by Amm0
Tue May 07, 2024 9:22 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

It not so easy with container if it's an event like dhcp-client where this script lives. I doubt there is a bug in /tool/fetch here... but one wrong escape char in query, it ain't going to work. If it works in Postman, with the leading 0, can you cut-and-paste Postman's HTTP and cURL "Code snip...
by Amm0
Tue May 07, 2024 8:33 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

The leading 0 in the value of $testname? If so, you might want to quoting $testname. (Also, as quoted above, the variable name looks wrong.) :global data file "{\"query\":\"query inventory{inventory_model_field_data(general_search: \" $testname \" ){entities{id}}}\"...
by Amm0
Tue May 07, 2024 7:50 pm
Forum: General
Topic: VRRP - DHCP Entries On All VLANS [SOLVED]
Replies: 25
Views: 4647

Re: VRRP - DHCP Entries On All VLANS [SOLVED]

Okay, so you want all trunk ports, that make sense. I still recommend using bridge vlan-filtering=yes. Your issue with that is the BRIDGE-LAN itself needs to be in the tagged= list. /interface bridge vlan add bridge=BRIDGE-LAN disabled =yes tagged= BRIDGE-LAN ,sfp-sfpplus2-LAN vlan-ids=2,5-7,10,12,1...
by Amm0
Tue May 07, 2024 5:58 pm
Forum: Beginner Basics
Topic: iPhone lock update.
Replies: 10
Views: 567

Re: iPhone lock update.

That's kinda far away from the defaults... I don't have much in the configuration because I'm just starting out. Are firewall rules enough for you? You do have some blocking rules... So if some update on iPhone uses same CDN/cloud/etc as something that's blocked... That be one reason it wouldn't wor...
by Amm0
Tue May 07, 2024 5:39 pm
Forum: RouterBOARD hardware
Topic: NetMetal ax / L23-UGSR — initial feedback from specs
Replies: 9
Views: 863

Re: NetMetal ax / L23-UGSR — initial feedback from specs

1. Any reason it does not support USB 3.0? USB3.0 can kill 2.4GHz WiFi. USB2.0 can do up to (realistically) 400Mbps, which is not that bad either. Fair point. But annoying since always some compromise to upgrade. I still have quite a few RB953s I'd like to upgrade, and still no decent replacement b...
by Amm0
Tue May 07, 2024 5:14 pm
Forum: General
Topic: VRRP - DHCP Entries On All VLANS [SOLVED]
Replies: 25
Views: 4647

Re: VRRP - DHCP Entries On All VLANS [SOLVED]

I'm pretty sure this is a VLAN tagging issue – this is not easy to get right as all the parts have to align... So just enabling vlan-filtering=yes is not the whole story for sure... Can you post a redacted config of one of the routers, and some description of what VLANs should be tagged/untagged on ...
by Amm0
Tue May 07, 2024 4:18 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

Thanks for this. I am terrible at programming but RouterOS seems a bit different than anything else I have looked at(python, JS). FWIW, the [:deserialize from=json] is new operation – before :deserialize was added your problem here be a nightmare. But fair enough, it is different from anything else...
by Amm0
Tue May 07, 2024 3:55 am
Forum: Wireless Networking
Topic: Full wifi device isolation
Replies: 6
Views: 647

Re: Full wifi device isolation

Mikrotik QuickSet config use a bridge filter that block forwarding. So that's another way to do client isolation:
/interface bridge filter
add action=drop chain=forward in-interface=wifiXX
add action=drop chain=forward out-interface=wifiXX
by Amm0
Mon May 06, 2024 11:42 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

Yeah that's how it RouterOS output's an array, but the array "->" operator can be used. In routeros there an "index" using numbers (e.g. JSON backets [ ]), or if "map" with key-values, then quoted named is used with the "->" routeros array accessor operator......
by Amm0
Mon May 06, 2024 11:35 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

Yeah that's how it RouterOS output's an array, but the array "->" operator can be used. In routeros there an "index" using numbers (e.g. JSON backets [ ]), or if "map" with key-values, then quoted named is used with the "->" routeros array accessor operator......
by Amm0
Mon May 06, 2024 10:46 pm
Forum: General
Topic: Sending priority-tagged frames?
Replies: 2
Views: 367

Re: Sending priority-tagged frames?

by Amm0
Mon May 06, 2024 9:26 pm
Forum: General
Topic: VRRP - DHCP Entries On All VLANS [SOLVED]
Replies: 25
Views: 4647

Re: VRRP - DHCP Entries On All VLANS [SOLVED]

FWIW, If you don't want to use vlan-filtering approach. You'd need seperate bridges for each VLAN, which is going to be bigger PITA than figuring out the bridge VLAN table approach....
by Amm0
Mon May 06, 2024 9:24 pm
Forum: General
Topic: VRRP - DHCP Entries On All VLANS [SOLVED]
Replies: 25
Views: 4647

Re: VRRP - DHCP Entries On All VLANS [SOLVED]

Was you VLAN+bridge without filtering working before VRRP? Also, looks like sfpplus-2 is the one with issues, and that's the one with horizon=0 while rest are horizon=1. Regardless, you should use vlan-filtering=yes on the bridge. See https://help.mikrotik.com/docs/display/ROS/Bridge+VLAN+Table One ...
by Amm0
Mon May 06, 2024 8:45 pm
Forum: General
Topic: VRRP - DHCP Entries On All VLANS [SOLVED]
Replies: 25
Views: 4647

Re: VRRP - DHCP Entries On All VLANS [SOLVED]

It has to be the VLAN tagging in the bridge. VRRP doesn't effect broadcast scope for DHCP, but untagged/mistagged PVIDs would...

Can you post the bridge configuration?
by Amm0
Mon May 06, 2024 6:46 pm
Forum: RouterBOARD hardware
Topic: NetMetal ax temperature at sunny outdoor location
Replies: 3
Views: 335

Re: NetMetal ax temperature at sunny outdoor location

While I get aesthetics of black, does seem like asking for trouble with AX chips... It's a pity that NetBox 5 AX only operates at 5GHz. Otherwise, it would probably be a better choice because of the white plastic case. LOL. I made my own list of complaints: https://forum.mikrotik.com/viewtopic.php?t...
by Amm0
Mon May 06, 2024 6:38 pm
Forum: RouterBOARD hardware
Topic: NetMetal ax / L23-UGSR — initial feedback from specs
Replies: 9
Views: 863

NetMetal ax / L23-UGSR — initial feedback from specs

In general I like the upcoming NetMetal ax and L23UGSR-5HaxD2HaxD , as an alternative in Mikrotik's "custom LTE router" lineup... But some feedback based on specs... 1. Any reason it does not support USB 3.0? This kinda limits it for use with high-speed LTE networks because of the USB bus ...
by Amm0
Mon May 06, 2024 5:54 pm
Forum: RouterBOARD hardware
Topic: NetMetal ax temperature at sunny outdoor location
Replies: 3
Views: 335

Re: NetMetal ax temperature at sunny outdoor location

It's a fair question. The AX chips seem "hotter" generally. They don't list weight in specs..., but suspect it has more metal than older one to compensate.
by Amm0
Mon May 06, 2024 5:44 pm
Forum: Beginner Basics
Topic: ISP CONFIGURATION [SOLVED]
Replies: 8
Views: 4436

Re: ISP CONFIGURATION [SOLVED]

It more that there isn't one setting for setting up queues. And a lot of considerations go into a queue type/strategy. So there is no simple answer to your question...
by Amm0
Mon May 06, 2024 5:30 pm
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

I just know Hauwei LTE modem sticks are a PITA. Generally if RouterOS is doing what Linux is doing that what I'd expect with LTE setting mode=auto, so that's working... - stick in a Linux PC. This is another story, since, even if it is automatically recognized by Linux, Linux gets a private IP and I...
by Amm0
Mon May 06, 2024 5:23 pm
Forum: General
Topic: VRRP - DHCP Entries On All VLANS [SOLVED]
Replies: 25
Views: 4647

Re: VRRP - DHCP Entries On All VLANS [SOLVED]

Fair enough. I didn't notice the /23...assumed /24. Otherwise the VRRP part looks right. I'd look at your bridge configuration, on why clients are getting address on all. Some VLAN filtering misconfiguration could cause that. e.g. /interface/bridge/vlans vs PVID/frame-type etc.... What interface is ...
by Amm0
Mon May 06, 2024 8:38 am
Forum: General
Topic: Mikrotik ControlD container config issue arm32
Replies: 3
Views: 344

Re: Mikrotik ControlD container config issue arm32

Put the VETH in LAN interface list, otherwise default firewall will drop the traffic.
by Amm0
Mon May 06, 2024 1:52 am
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

C) modem set to AUTO, reboot the 5009, the LTE interface pops up end is present. The IP address obtained by the LTE is PRIVATE \ behind NAT It could be in ECM mode, and it's using NAT on the stick. And Mikrotik isn't setting it to MBIM mode automatically Perhaps you might be access some web UI on t...
by Amm0
Sun May 05, 2024 8:19 pm
Forum: RouterBOARD hardware
Topic: Can't find a suitable router... product lines a mess
Replies: 26
Views: 1822

Re: Can't find a suitable router... product lines a mess

Fair enough re 5Ghz. Worth trying wifi-qcom-ac if you haven't yet on the Audience yet. But if you have concrete...a cable makes total sense. While agree there are odd gaps in the line-up. I'm not convinced "wi-fi less" hAPax3 is what's missing.... e.g. it be the only "hAP" withou...
by Amm0
Sun May 05, 2024 3:32 am
Forum: RouterBOARD hardware
Topic: Can't find a suitable router... product lines a mess
Replies: 26
Views: 1822

Re: Can't find a suitable router... product lines a mess

So I bought an Audience to cover the living room and the terrace and the kitchen. Wife approves, Audience is pretty. I have it piggybacked to my ax3 on the 2.4 GHz channel as station pseudobridge. But the most I can get is 50-ish Mbps. The Audience has 2 x 5Ghz radios – that's how it was designed t...
by Amm0
Sun May 05, 2024 3:17 am
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

Try setting the LTE mode back to "auto" instead of serial or mbim? Also make sure to update the /system/routerboard firmware too. Serial should be able get same public IP. There is an APN setting in PPP, I suspect that need to be explicitly set to something to get public address. Hopefully...
by Amm0
Sat May 04, 2024 6:57 pm
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

Installed 7.15rc2 yesterday evening. This morning the story is TOTALLY different. Still working? If so, you might want to update your support case with Mikrotik with your findings. Maybe they'd know why the 7.15rc fix does not cover the "If unplugged while the router is UP ... Then if I plug a...
by Amm0
Sat May 04, 2024 6:22 pm
Forum: General
Topic: help with adguard container setup
Replies: 4
Views: 420

Re: help with adguard container setup

Looks like this covers it: /ip/firewall/filter add action=accept chain=forward comment="LAN to Adguard" dst-address=172.17.0.2 src-address-list=LAN I don't see anything wrong there. You're correct to leave the address-list entry for 172.17.0.0/24 disabled - otherwise the container be allow...
by Amm0
Sat May 04, 2024 5:53 pm
Forum: General
Topic: help with adguard container setup
Replies: 4
Views: 420

Re: help with adguard container setup

Your firewall is blocking access to the VETH / 172.17.0.0/24. You seem to add the VETH subnet to LAN address -list add address=172.17.0.0/24 BUT it is marked a disabled=yes. The quicker fix may be to add VETH to the LAN interface -list. Mikrotik example for pihole uses a dst-nat rule, which you use ...
by Amm0
Sat May 04, 2024 12:47 am
Forum: Beginner Basics
Topic: Port forwarding trouble with PCC load balancing
Replies: 30
Views: 2194

Re: Port forwarding trouble with PCC load balancing

You can use a script on PPP profile to add/update static entires for the check-gateway=ping, similar to /ip/dhcp-client script ... but a two-step profile via a new /ppp/profile with a script to set check-gateway, and that new PPP profile linked in the PPPoE interface. But this complexity is why I su...
by Amm0
Fri May 03, 2024 9:40 pm
Forum: General
Topic: VRRP - DHCP Entries On All VLANS [SOLVED]
Replies: 25
Views: 4647

Re: VRRP - DHCP Entries On All VLANS [SOLVED]

VRRP isn't too hard. But the VRRP address needs to be /32 (which it is). But the VRRP and LAN do need to be in same subnet. And looks like CCTV-Access has mismatched IPs (likely typo ... but would for sure cause issues): /ip address add address=10.110 .3 .2. 253/23 comment=CCTV-Access interface=CCTV...
by Amm0
Fri May 03, 2024 7:31 pm
Forum: Beginner Basics
Topic: Port forwarding trouble with PCC load balancing
Replies: 30
Views: 2194

Re: Port forwarding trouble with PCC load balancing

Do you have "Use Default Route" enabled on the PPPoE interface? One thing you can do there is make sure that's check, but use a higher distance like 11 and 12 respectively. Right now there is only interface routes, no IP route to internet. You can then have lower distance= value for static...
by Amm0
Fri May 03, 2024 6:29 pm
Forum: Scripting
Topic: Functions and function parameters
Replies: 54
Views: 102726

Re: Functions and function parameters

But, when I execute the same code via another script, the global variable value2 is always empty.
FWIW, this is covered by doc's "tips and tricks":
https://wiki.mikrotik.com/wiki/Manual:S ... her_script
by Amm0
Fri May 03, 2024 5:31 am
Forum: RouterBOARD hardware
Topic: New L11UG-5HaxD
Replies: 35
Views: 7854

Re: New L11UG-5HaxD

Why dream so faintly? 7HbeQ, 7HbeO :wink: Can we add the letter "R" in these dreams? Bingo! Just noticed new L23UGS R -5HaxD2HaxD. My complaints about the L11UG was the lack of miniPCIe/SIM and no SFP (or 2nd port) seem solved: https://mikrotik.com/product/l23ugsr_5haxd2haxd I'll be getti...
by Amm0
Thu May 02, 2024 10:16 pm
Forum: General
Topic: /user group policy and :global variables
Replies: 3
Views: 289

Re: /user group policy and :global variables

IDK. But agree what's :global, to what users, is really inconsistent for sure. I'm just not sure what's "correct" since how globals (and permissions) are handled has been a moving target across past half dozen releases. Underlying the bigger issue that the available policy options do not m...
by Amm0
Thu May 02, 2024 7:34 pm
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

I agree with you RouterOS should recover if Linux recovers after the carrier's 4 hour session limit. A lot folks, include me, uses the LTE modems in remote places so IMO if some script is need to "recover" LTE interface, that's a workaround to some RouterOS bug that should be fixed. And, h...
by Amm0
Thu May 02, 2024 6:40 pm
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

I agree that something is "fishy" here. Perhaps it's the USB hardware/driver/kernel, IDK. But if it's not detecting it...worth checking an older version or different hardware. Over the years, I've seen some LTE bug fix in a release, cause problems for other modems – why I do suggest checki...
by Amm0
Thu May 02, 2024 6:20 pm
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

At the moment I think it is more a "RB5009 USB issue" than a "LTE stick issue".... Boy that be good to know if same stick worked in another Mikrotik. I guess if wanted experiment more, try an older RouterOS on RB5009 to see if some of the various "refactoring" changes ...
by Amm0
Thu May 02, 2024 9:42 am
Forum: General
Topic: [Feature Request] Data Center Bridge support
Replies: 24
Views: 3572

Re: [Feature Request] Data Center Bridge support

I believe RouterOS 7.15rc add some HW QoS, see https://help.mikrotik.com/docs/pages/vi ... =189497483
by Amm0
Thu May 02, 2024 3:12 am
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

If something does not come up in serial mode... it's not a good sign of stability. Mikrotik does have a list of modems they've tested here: https://help.mikrotik.com/docs/display/ROS/Peripherals But yeah the particular USB ID needs to be mapped. I guess getting a miniPCI-to-USB case and using one of...
by Amm0
Thu May 02, 2024 1:23 am
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

Try setting putting into serial mode: /interface/lte/settings/set mode=serial You should power off and power on after this change. And if shows as ports then, you can try PPP. using /interface/ppp-out (which may appear automatically if port is found). I doubt this modem is going to work as LTE. If i...
by Amm0
Wed May 01, 2024 9:06 pm
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

Check if USB has shows any serial channels, using "/ports print". My guess is this a QMI modem, so it does not support ECM or MBIM need to make an "lte" interface in RouterOS. If it has any chanels, you might be able to use /interface/ppp-out to try to connect to it via PPP. e.g....
by Amm0
Wed May 01, 2024 8:54 pm
Forum: Beginner Basics
Topic: system gps monitor - basd command name "gps"
Replies: 2
Views: 220

Re: system gps monitor - basd command name "gps"

Yeah you need gps.npk. It's surprising it doesn't come preinstalled since GPS is always present. But I can see how that be annoying – it be like a few help pages to figure it out if not familar with RouterOS. You might want to make a feature request at https://help.mikrotik.com, since GPS.npk should...
by Amm0
Wed May 01, 2024 8:15 pm
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 10458

Re: [Discussion] MikroTik configuration abstraction complexity

Certainly Mikrotik has a curious business strategy from this silicon valley denizen POV. I kinda view Mikrotik more as a redhat that made the choice to fund itself by selling low-margin hardware, over a high-margin services. It's a choice. On this front and to @DarkNate points on "config comple...
by Amm0
Wed May 01, 2024 6:51 pm
Forum: Wireless Networking
Topic: wifi-qcom(-ac) and VLAN-filtering
Replies: 17
Views: 1564

Re: wifi-qcom(-ac) and VLAN-filtering

The day I enable capsman on any of my devices, means my brain has been taken over by fungi!
It's not very friendly for sure. But worth noting that there is no fast roaming without CAPsMAN...
by Amm0
Wed May 01, 2024 6:47 pm
Forum: Wireless Networking
Topic: wifi-qcom(-ac) and VLAN-filtering
Replies: 17
Views: 1564

Re: wifi-qcom(-ac) and VLAN-filtering

Why is this the case? I thought we lived in a VLAN-Filtered world now. Well, the idea is keep the cAPs simple. The default config uses a "dumb" bridge. So that bridge to pass whatever vlan added by wifi driver. e.g. more hybrid port like UBNT APs. The wifi-qcom-ac driver do not support VL...
by Amm0
Tue Apr 30, 2024 11:26 pm
Forum: Scripting
Topic: router keeps resetting to default every reboot
Replies: 14
Views: 707

Re: router keeps resetting to default every reboot

verified that the post to the API it does in fact confirm the config and eliminate the reset loop cycle. it's a bit of a weird solution, but it 100% resolves the issue.
Great work. But this is a bug (or at least doc issue on how one should do this "correctly").
by Amm0
Tue Apr 30, 2024 9:25 pm
Forum: Scripting
Topic: router keeps resetting to default every reboot
Replies: 14
Views: 707

Re: router keeps resetting to default every reboot

tool/fetch url=http://192.168.88.1/rest/system/note user=user password=password http-method=post http-data="{\"note\":\"system configured\"}" http-header-field="Content-Type:application/json" With POST, it URL is url=h ttp://192.168.88.1/rest/system/note /set...
by Amm0
Tue Apr 30, 2024 8:05 pm
Forum: Scripting
Topic: router keeps resetting to default every reboot
Replies: 14
Views: 707

Re: router keeps resetting to default every reboot

As for the $action, I am hoping that it is possible to do something like :set action "confirmed" It may need at ":return 1" or something, but "guess-and-test" is rather annoying approach to something like this. To be honest, I don't care how it works. It just be good t...
by Amm0
Tue Apr 30, 2024 7:44 pm
Forum: Scripting
Topic: router keeps resetting to default every reboot
Replies: 14
Views: 707

Re: router keeps resetting to default every reboot

Well better docs on the mechanics of branding/default configuration be a good start. But exactly how stuff like $action in defconf is suppose to work be good to document. Just not seeing enterprise support, if they cannot keep the docs up to date. I have a lot of the wAPacRs with 16MB & use zero...
by Amm0
Tue Apr 30, 2024 5:02 am
Forum: Scripting
Topic: router keeps resetting to default every reboot
Replies: 14
Views: 707

Re: router keeps resetting to default every reboot

Hmm. I have defconf scripts, but I've never see anything like this. But $action is provided in a custom V7 defconf, and you AFAIK you do not have to confirm anything. Now I have NOT tested this recently... So perhaps this has changed when they separated out the caps-man defconf script. Also, I use a...
by Amm0
Mon Apr 29, 2024 5:57 am
Forum: Scripting
Topic: Unexpected behavior when finding by variable value
Replies: 6
Views: 501

Re: Unexpected behavior when finding by variable value

All seem to work just fine... But I guess, you learn something new every day 🤷 LOL, Lisp and Ada examples. Now, RouterOS's logic inherits some from LUA actually, which ver 5(?) supported. I think they created the current language to be more "config centric" than a general-purpose language...
by Amm0
Mon Apr 29, 2024 5:09 am
Forum: General
Topic: Bringing my own router to work - idea validation
Replies: 5
Views: 670

Re: Bringing my own router to work - idea validation

I am just thinking in terms of “does it make sense” Well is the office Wi-Fi crappy? Then it make sense. If your need is "security", I guess an extra router add additional layer beyond whatever your laptop's default firewall is doing. Just seems like marginal benefit, since I suspect you ...
by Amm0
Mon Apr 29, 2024 5:03 am
Forum: General
Topic: /tool wol - target IP address?
Replies: 35
Views: 2044

Re: /tool wol - target IP address?

It would still be nice to see a user-friendly addition to the existing RouterOS WOL tool to specify that the magic packet must be unicast. Not sure how wide-spread the problem, but given @fragtion is also interested. You should file as a feature request at help.mikrotik.com. From the wireshark, it'...
by Amm0
Mon Apr 29, 2024 2:19 am
Forum: Scripting
Topic: Unexpected behavior when finding by variable value
Replies: 6
Views: 501

Re: Unexpected behavior when finding by variable value

The solution is don't use the same local variable name as the attribute. See https://wiki.mikrotik.com/wiki/Manual:Scripting_Tips_and_Tricks#Always_use_unique_variable_names So using $comment would be it being nil/[:nothing], and find's matcher with nil is ignore... so it returns them all. And it re...
by Amm0
Sun Apr 28, 2024 6:04 pm
Forum: General
Topic: Get Two public IP on the same interface [SOLVED]
Replies: 23
Views: 2856

Re: Get Two public IP on the same interface [SOLVED]

Depends on the problem you're trying to solve. There are many ways to configure things. As it stands, the NAT rules use one public for one subnet 192.168.1.0, and 2nd IP for 192.168.0.0. To use rules and routing table, the gateway needs to use an interface qualifier & add'l NAT rules. Specifical...
by Amm0
Sat Apr 27, 2024 10:39 pm
Forum: Scripting
Topic: [how] Script sending an AT command to a GSM modem
Replies: 4
Views: 356

Re: [how] Script sending an AT command to a GSM modem

USB modem typically have several ports, /port/print will show how many. And on the /interface/ppp-client interface, it's the info-channel= that's used for AT commands. So it using the 2nd port (zero index), you might try making info-channel=0 or info-channel=2... Also may want to disable/uncheck dia...
by Amm0
Sat Apr 27, 2024 9:35 pm
Forum: Scripting
Topic: [how] Script sending an AT command to a GSM modem
Replies: 4
Views: 356

Re: [how] Script sending an AT command to a GSM modem

Use can use /interface/ppp-out/at-chat input=ATI for a serial-based or modem may appear as /interface/lte, and that too has the /interface/lte/at-chat input=ATI.

The /system/serial-terminal is only for interactive use, no scripting.
by Amm0
Sat Apr 27, 2024 9:23 pm
Forum: General
Topic: Get Two public IP on the same interface [SOLVED]
Replies: 23
Views: 2856

Re: Get Two public IP on the same interface [SOLVED]

The first NAT rule should use a src-nat, not masquerade. If action=masquerade, then the to-address= is NOT used... e.g. /ip firewall nat add action=masquerade chain=srcnat src-address=192.168.0.0/24 to-addresses=xx.xx.55.84 ==> /ip firewall nat add action=src-nat chain=srcnat src-address=192.168.0.0...
by Amm0
Sat Apr 27, 2024 6:44 pm
Forum: General
Topic: No DHCP on Bridge VLAN interface.
Replies: 21
Views: 1236

Re: No DHCP on Bridge VLAN interface.

"port with pvid added to untagged group" is not actually a hard error. My current understanding is that it is a call to attention to clue the user in that some dynamic config has happened and the end state of that should be verified to ensure it is as intended, but it isn't immediately an...
by Amm0
Fri Apr 26, 2024 8:19 pm
Forum: Scripting
Topic: "my script does not work" in v7.10
Replies: 5
Views: 423

Re: "my script does not work" in v7.10

Not easily in v7.10, but in latest stable this work: { :local bgwtime [:deserialize from=json ([/tool/fetch url=https://worldtimeapi.org/api/timezone/Asia/Baghdad as-value output=user]->"data")] # debug to show output :put $bgwtime # print one value from the worldtimeapi.org data :put ($bg...
by Amm0
Fri Apr 26, 2024 8:04 pm
Forum: Scripting
Topic: "my script does not work" in v7.10
Replies: 5
Views: 423

Re: "my script does not work" in v7.10

It's just hard to help when it bit unclear what the script is trying to do...

There is also [:timestamp] which will give you an int of the time (in nanoseconds since 1970). Also time types can be compared without converting to an int.
by Amm0
Fri Apr 26, 2024 7:52 pm
Forum: General
Topic: Get Two public IP on the same interface [SOLVED]
Replies: 23
Views: 2856

Re: Get Two public IP on the same interface [SOLVED]

You'd assign the MACVLAN the public IP address "manually" in /ip/address, instead of using /ip/dhcp-client. For intents in the firewall/routing, it's a different layer2 interface – which means all example that expect an ethernet interface name, should work same with MACVLAN.
by Amm0
Fri Apr 26, 2024 7:48 pm
Forum: General
Topic: Get Two public IP on the same interface [SOLVED]
Replies: 23
Views: 2856

Re: Get Two public IP on the same interface [SOLVED]

And with netmap, you'd need a src-nat rule too, but matching on src-address using the LAN address of the server and a to-address=55.5.5.3
by Amm0
Fri Apr 26, 2024 7:46 pm
Forum: General
Topic: Get Two public IP on the same interface [SOLVED]
Replies: 23
Views: 2856

Re: Get Two public IP on the same interface [SOLVED]

well ok I like this idea here Typically one uses one IP for the router and a second IP directly for a server for example. actually in real situation this second IP for the server and maybe we can use it for other device, but you mean to put the public directly in the server ..? If it's a server, th...
by Amm0
Fri Apr 26, 2024 7:41 pm
Forum: General
Topic: Get Two public IP on the same interface [SOLVED]
Replies: 23
Views: 2856

Re: Get Two public IP on the same interface [SOLVED]

Well that should work. Maybe post the relevant config?

I suppose another approach that allow config closer to the typical dualwan examples is using a MACVLAN interface for the 2nd public IP. And use that MACVLAN as interface instead of something like ether2 in other examples.
by Amm0
Fri Apr 26, 2024 7:38 pm
Forum: General
Topic: Get Two public IP on the same interface [SOLVED]
Replies: 23
Views: 2856

Re: Get Two public IP on the same interface [SOLVED]

Ahh, single interface now thats challenging.......... I'm not sure what it gets you, if it's the same ISP... Normally ISP do throttling/queues by the customer's link, not by specific public IP... but perhaps not. Also, another approach that allow config closer to the typical dualwan examples is usi...
by Amm0
Fri Apr 26, 2024 7:20 pm
Forum: General
Topic: Get Two public IP on the same interface [SOLVED]
Replies: 23
Views: 2856

Re: Get Two public IP on the same interface [SOLVED]

I am really was thinking about that, but the problem is that i have only one out interface ether1 Perhaps the question is what's the purpose of using the 2nd public IP, if it's using same physical upstream? e.g. 1. Do you want to different dst-nat rules based on IP? In this case, you just need to a...
by Amm0
Fri Apr 26, 2024 7:18 am
Forum: Beginner Basics
Topic: Eth1 vlan 911 tagging for ISP connection [SOLVED]
Replies: 21
Views: 3063

Re: Eth1 vlan 911 tagging for ISP connection [SOLVED]

Yeah, they may need to know your MAC address. You can "clone it" but simply entering your old router's MAC address on the ether1 interface, obviously your older router have be unplugged after.
by Amm0
Fri Apr 26, 2024 6:05 am
Forum: Beginner Basics
Topic: Eth1 vlan 911 tagging for ISP connection [SOLVED]
Replies: 21
Views: 3063

Re: Eth1 vlan 911 tagging for ISP connection [SOLVED]

Okay, that all I got. I was guessing at the default gateway, and it's unclear why touchthe dst-addr of 10.x.x.x

Is there a modem to reboot? But I think you're going to have to confirm with your ISP the needed settings. As I said, the first step "IP over ethernet" is just pretty vague.
by Amm0
Fri Apr 26, 2024 5:35 am
Forum: Beginner Basics
Topic: RouterOS Default Configuration startup window missing
Replies: 6
Views: 381

Re: RouterOS Default Configuration startup window missing

Export your configuration by going to Terminal, then use ":export file=config.rsc" and download config.rsc from Files section in winbox/webfig.

Post that here, perhaps ether1 is not being set as a WAN port is my guess at what's going on.
by Amm0
Fri Apr 26, 2024 5:27 am
Forum: Beginner Basics
Topic: Eth1 vlan 911 tagging for ISP connection [SOLVED]
Replies: 21
Views: 3063

Re: Eth1 vlan 911 tagging for ISP connection [SOLVED]

I supose you can try disabling the "input" firewall filter rule with "drop" and "!LAN" & see if you get a DHCP address after that. If that works, then you might have to allow DHCP from the VLAN 911 to the firewall to allow it I guess. And/or, just assign the IP addr...
by Amm0
Fri Apr 26, 2024 5:06 am
Forum: Beginner Basics
Topic: Eth1 vlan 911 tagging for ISP connection [SOLVED]
Replies: 21
Views: 3063

Re: Eth1 vlan 911 tagging for ISP connection [SOLVED]

Maybe disable PoE on ether1? e.g. you have this message: # poe-out status: short_circuit Possible that interfering with the traffic, since your not getting anything back (or at least only a few packets). Can also look at Logs, and see if anything there has errors/warning. But I'm kinda out of sugges...
by Amm0
Fri Apr 26, 2024 4:41 am
Forum: Beginner Basics
Topic: Dynamic port forwarding
Replies: 4
Views: 364

Re: Dynamic port forwarding

Yeah /tool/netwatch is the "poor mans" way of HA. See https://help.mikrotik.com/docs/display/ROS/Netwatch Basically you can ping your primary server using netwatch, and have an "on-down" script that modifies the firewall to change the to-address to the 2nd servers. And also an &q...
by Amm0
Fri Apr 26, 2024 4:33 am
Forum: Beginner Basics
Topic: Eth1 vlan 911 tagging for ISP connection [SOLVED]
Replies: 21
Views: 3063

Re: Eth1 vlan 911 tagging for ISP connection [SOLVED]

This all looks right. The odd thing is that it does look like the ISP thinks your IP is 10.2.118.106 on VLAN 911. You're running an older version. And I want to say some version had some bug in dhcp-client around that time. You may want to download latest stable release, and copy it to the root of F...
by Amm0
Fri Apr 26, 2024 4:04 am
Forum: Beginner Basics
Topic: Eth1 vlan 911 tagging for ISP connection [SOLVED]
Replies: 21
Views: 3063

Re: Eth1 vlan 911 tagging for ISP connection [SOLVED]

Yeah I meant WAN. So that's right.

Try the ether1 in torch, to see if you getting any traffic from upstream. The torch above shows your dhcp-client looking for an address on VLAN 911.

Might want to post your config too. In terminal, :export file=config.rsc then download from Files.
by Amm0
Fri Apr 26, 2024 3:45 am
Forum: Beginner Basics
Topic: Eth1 vlan 911 tagging for ISP connection [SOLVED]
Replies: 21
Views: 3063

Re: Eth1 vlan 911 tagging for ISP connection [SOLVED]

Did you add "vlanfiber" VLAN interface as a LAN in /interface/list?
by Amm0
Fri Apr 26, 2024 3:42 am
Forum: Beginner Basics
Topic: Eth1 vlan 911 tagging for ISP connection [SOLVED]
Replies: 21
Views: 3063

Re: Eth1 vlan 911 tagging for ISP connection [SOLVED]

The 1st requirement is kinda odd: "IP over ethernet". If that mean PPPoE (or perhaps Mikrotik specific EoIP?) that be different story, but I presume they just mean it has VLAN. But step 1 is an odd way to state a requirement. One thing might help here, is if you can use /tool/torch on the ...
by Amm0
Fri Apr 26, 2024 12:46 am
Forum: Beginner Basics
Topic: a basic (I think...) VLAN problem.
Replies: 11
Views: 742

Re: a basic (I think...) VLAN problem.

The docs show assigning an IP address to VLANs and tagged= INCLUDING the bridge interface: Add Bridge VLAN entries and specify tagged ports in them. In this example bridge1 interface is the VLAN trunk that will send traffic further to do InterVLAN routing. Bridge ports with frame-types set to admit-...
by Amm0
Thu Apr 25, 2024 8:48 pm
Forum: Beginner Basics
Topic: a basic (I think...) VLAN problem.
Replies: 11
Views: 742

Re: a basic (I think...) VLAN problem.

Sorry, I thought sfpplus1 was one of your VLANs... Basically as config stands, SSH only be available from sfp-sfpplus1 via 192.168.20.33, from a host in that subnet & connect directly (or via some switch connected sfpplus1). Since sfpplus1 is not connect on this router to the VLANs, and there ar...
by Amm0
Thu Apr 25, 2024 7:57 pm
Forum: Beginner Basics
Topic: RouterOS Default Configuration startup window missing
Replies: 6
Views: 381

Re: RouterOS Default Configuration startup window missing

https://help.mikrotik.com/docs/display/ROS/Default+configurations?preview=/167706788/167706790/RouterMode.txt Hmm. I hadn't noticed they had the config now in the docs. For those, you'd need netinstall to replace the default configuration... but still how well it work still depend somewhat on the r...
by Amm0
Thu Apr 25, 2024 7:55 pm
Forum: Beginner Basics
Topic: RouterOS Default Configuration startup window missing
Replies: 6
Views: 381

Re: RouterOS Default Configuration startup window missing

You can also get into the router via winbox and MAC address, which seems you have. So use: /system/reset-configuration no-default=no keep-users=yes Keep in mind... not all router have a default configuration, or 192.168.88.1 exists only on one port without DHCP. Only the home/CPE-like routers have t...
by Amm0
Thu Apr 25, 2024 7:31 pm
Forum: Beginner Basics
Topic: RouterOS Default Configuration startup window missing
Replies: 6
Views: 381

Re: RouterOS Default Configuration startup window missing

Push and hold reset button for, generally, ~7 seconds while plugging it in (i.e. until, generally, USR light blinks). That will get you back to the default configuration stored. See https://help.mikrotik.com/docs/display/ROS/Reset+Button One note: If you replace the default with netinstall, well, th...
by Amm0
Thu Apr 25, 2024 6:53 pm
Forum: Beginner Basics
Topic: a basic (I think...) VLAN problem.
Replies: 11
Views: 742

Re: a basic (I think...) VLAN problem.

This is an artifact of how RouterOS bridge works & a bit confusing initially. Under /interface/bridge/vlans, you need to have your VLANs listed, and – importantly for SSH – the bridge interface itself needs to be a tagged port . You don't need to add access ports (e.g. ports with frame-trype=all...
by Amm0
Thu Apr 25, 2024 6:12 am
Forum: General
Topic: REST API active users
Replies: 7
Views: 880

Re: REST API active users

I see two entries (plus winbox ones) in 7.15rc1. One that says (unknown) from the remote IP, and 2nd that says "api" with no IP. 1 2024-04-24 11:18:10 xxxuser 192.XX.XX.148 (unknown) 2 2024-04-24 11:18:10 xxxuser api I don't see multiple ones, but I only tested from my laptop, so only one ...
by Amm0
Thu Apr 25, 2024 5:44 am
Forum: General
Topic: REST API active users
Replies: 7
Views: 880

Re: REST API active users

I want to say it used say "api" for via, not "(unknown)" - so that's also not right here. When you say "forever", so you mean longer than 2 minutes. AFAIK REST API is just a proxy layer over the native API, and that api uses sessions... so reasonable it stick around for...
by Amm0
Thu Apr 25, 2024 5:28 am
Forum: Beginner Basics
Topic: Virtual SIM in Mikrotik
Replies: 11
Views: 1959

Re: Virtual SIM in Mikrotik

I have not tested either. But I believe once the vendor's Android app sets up a carrier profile, it stores on the physical SIM with custom JavaCard app that manages it. e.g. esim.me FAQ, Can I turn my existing device into an eSIM-compatible device? Yes, you can do this with eSIM.me. Thanks to the eS...
by Amm0
Thu Apr 25, 2024 5:01 am
Forum: Beginner Basics
Topic: Virtual SIM in Mikrotik
Replies: 11
Views: 1959

Re: Virtual SIM in Mikrotik

AFAIK, the esim.me cards are just some JavaCard applet (software) running on a SIM card. These applet are "run" by SIM Toolkit (STK), which on most modems is accessed via AT command (or QMI on older modems). On Android, any app certainly have to go through the STK to interact with the SIM ...
by Amm0
Thu Apr 25, 2024 2:02 am
Forum: General
Topic: LHG LTE6 with T-Mobile SIM
Replies: 5
Views: 395

Re: LHG LTE6 with T-Mobile SIM

From winbox/webfig, the selected band (and tower info, signal, etc) should show on the lte1 interface under status tab. No outdoor directional antennas work in US other than the LTE6 ones today. The newer ATL does not work. There is slightly better modem in the US-based Chateau, but that's an indoor...
by Amm0
Thu Apr 25, 2024 12:53 am
Forum: Wireless Networking
Topic: Missing Features in hap ax3
Replies: 6
Views: 836

Re: Missing Features in hap ax3

See https://forum.mikrotik.com/viewtopic.php?t=194738&hilit=quickset+access But agree if one is "upgrading" from a hAPac2/3 to a hAPax2/3, they don't seem to care much about removing features. My bigger annoyance is the hAPac2 has USB, while newer hAPax2 does not. IMO Mikrotik just vie...
by Amm0
Thu Apr 25, 2024 12:24 am
Forum: General
Topic: LHG LTE6 with T-Mobile SIM
Replies: 5
Views: 395

Re: LHG LTE6 with T-Mobile SIM

I should have mentioned that I am using the US versions of both LHG units. I will dig into the bands a bit and respond with findings. It may take me a few days. :) Well... only the US models have issues with newer modems having less bands... so easy to guess ;). But I do suspect you'll see old one ...
by Amm0
Wed Apr 24, 2024 10:55 pm
Forum: General
Topic: LHG LTE6 with T-Mobile SIM
Replies: 5
Views: 395

Re: LHG LTE6 with T-Mobile SIM

Well, you might want to look at the bands being used. Don't know if this US T-Mobile, but if you were using US version of LHG LTE, the older unit have band 4 and Band 5. I'm guessing the newer LTE6 is using Band 12, while older one may been using Band 4.... (and Band 66 likely need to get more speed...
by Amm0
Wed Apr 24, 2024 9:59 pm
Forum: General
Topic: RouterOS 7 can't edit dynamic object
Replies: 18
Views: 1695

Re: RouterOS 7 can't edit dynamic object

You should be able to have static filter rule in chain=forward BEFORE the dynamic DNS redirect rule that action=accept the DNS traffic. Hotspot enter their dynamic rules via action=jump, so you're free to add static config BEFORE the initial jump. I understand that. But I DON'T NEED that redirect a...
by Amm0
Wed Apr 24, 2024 8:31 pm
Forum: Beginner Basics
Topic: a basic (I think...) VLAN problem.
Replies: 11
Views: 742

Re: a basic (I think...) VLAN problem.

You should enable /system/ptp for the ethernet/SFP ports as a first step, as that allows you to configure the ports for PTP. See:
https://help.mikrotik.com/docs/display/ ... e+Protocol

Now whether PTP works on a VLAN on the CRS326, I don't know...
by Amm0
Wed Apr 24, 2024 7:49 pm
Forum: RouterBOARD hardware
Topic: Outdoor LTE solution
Replies: 2
Views: 551

Re: Outdoor LTE solution

I'd recommend the second option
Totally agree, Chateau with external antenna be best. One assumption being the Wi-Fi part is needed INSIDE the trailer. If wi-fi is needed outside, well, it ain't going to get far...
by Amm0
Wed Apr 24, 2024 7:41 pm
Forum: Wireless Networking
Topic: LHG R modem upgrade from LTE6 to LTE18
Replies: 2
Views: 516

Re: LHG R modem upgrade from LTE6 to LTE18

The LM960 be tricky. The LHG has only 2 antenna jacks, and their U.FL...while LM960 uses MHF-4 connections. But Mikrotik has good support for the LM960s (e.g. it shows all the LTE metrics), so it should, generally, work. Assuming you adapt U.FL to MHF-4, you could just use the two antenna ports to L...
by Amm0
Wed Apr 24, 2024 6:28 pm
Forum: General
Topic: RouterOS 7 can't edit dynamic object
Replies: 18
Views: 1695

Re: RouterOS 7 can't edit dynamic object

Just the answer the question, How should I change the hotspot config to change/disable, for example, DNS redirect? You should be able to have static filter rule in chain=forward BEFORE the dynamic DNS redirect rule that action=accept the DNS traffic. Hotspot enter their dynamic rules via action=jump...
by Amm0
Wed Apr 24, 2024 3:30 am
Forum: General
Topic: No DHCP on Bridge VLAN interface.
Replies: 21
Views: 1236

Re: No DHCP on Bridge VLAN interface.

Let not blame CAPsMAN, it really the hybrid port and funky bridge VLAN configuration's fault here ;). Not here, but with Wave2/AX drivers, you need CAPsMAN for roaming, so not so easily wished away... I guess I'm unsure why you're doing this in two phases. Perhaps have good reasons. But FWIW you can...
by Amm0
Wed Apr 24, 2024 3:13 am
Forum: General
Topic: RouterOS 7 can't edit dynamic object
Replies: 18
Views: 1695

Re: RouterOS 7 can't edit dynamic object

Context matters here. While uPnP ones are not cleaned up is different problem than hotspot generated firewall rules and different still from connected routes, BTH, VPNs, etc. For example OP's hotspot rules are not changeable since the rules change based on setting under /ip/hotspot, which is how you...
by Amm0
Tue Apr 23, 2024 10:16 pm
Forum: General
Topic: No DHCP on Bridge VLAN interface.
Replies: 21
Views: 1236

Re: No DHCP on Bridge VLAN interface.

To turn this problem on its head for a minute, would it be better if I made ether1 a pure trunk with no untagged traffic on it? That's not the easiest thing to do in my architecture since it makes bootstrapping much harder, but if that will make the system more robust I can do that. It's not issue ...
by Amm0
Tue Apr 23, 2024 9:15 pm
Forum: General
Topic: No DHCP on Bridge VLAN interface.
Replies: 21
Views: 1236

Re: No DHCP on Bridge VLAN interface.

As noted, 1. ether1 is disabled in /interface/bridge/ports.

2. You still need vlan 450 marked as tagged on bridge (br0)
/interface bridge vlan add bridge=br0 tagged=br0 vlan-ids=450
by Amm0
Tue Apr 23, 2024 8:12 pm
Forum: General
Topic: Watchdog log entries
Replies: 4
Views: 754

Re: Watchdog log entries

Any way to create a log entry that persists a reboot when watchdog is about to reboot? Or send an email with date/time? I should have been clear in my other post. I think the email is only generated when a supout is generated and supout is only generated if there is a hang/etc. Docs say: Watchdog r...
by Amm0
Tue Apr 23, 2024 8:04 pm
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

Also, you can add a /system/watchdog with a ping address supplied. This will reboot the router if ping fails after X seconds/minutes. Not ideal but provides one more backstop.
https://help.mikrotik.com/docs/display/ROS/Watchdog
by Amm0
Tue Apr 23, 2024 7:49 pm
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

I am asking this because the USB LTE stick I have has been used for many years inside other two linux based routers (ADB and Sercomm) with no problems. The same SIM card with the same APN is running in many devices aroud, most of them alarm systems, in remote location, with no problems at all. I'd ...
by Amm0
Mon Apr 22, 2024 9:33 pm
Forum: General
Topic: TR069 with AV system
Replies: 2
Views: 275

Re: TR069 with AV system

You don't have screenshots. But it does seem TR069 has not been updated for the newer AX drivers based on the doc. e.g. schema shows TR069 XML attrs map to "/interface wireless =interface-type!=virtual", not /interface/wifi ...

Might want to file a bug at help.mikrotik.com.
by Amm0
Mon Apr 22, 2024 9:22 pm
Forum: General
Topic: Help choosing the right device
Replies: 4
Views: 320

Re: Help choosing the right device

If one AP is working today, than I'd imagine a newer AX-based hAPax3 would improve things slightly. And I'd imagine at least 2Ghz signal reach most places, which is enough for movies. Certainly, a couple APs, one per floor and/or opposing sides, provide more consistent speeds with Wi-Fi. Now... it y...
by Amm0
Mon Apr 22, 2024 8:03 pm
Forum: General
Topic: system/logging Confusion...
Replies: 5
Views: 364

Re: system/logging Confusion...

You can exclude specific topics, for example: "info,!wireless" will exclude all info log messages that contain also wireless topic I agree merged topics= works well enough from the RouterOS CLI to search logs. BUT... issue is when OTHER system process the logs via syslog where the complai...
by Amm0
Sun Apr 21, 2024 12:59 am
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

other suggested stick? an external LTE modem? Maybe from MikroTik? Any idea is appreciated, but... something working, please :-) Probably already done this, but I'd make sure the APN is right - those log look like it's not getting an IP address, which could mean some specifical APN setup may be req...
by Amm0
Sun Apr 21, 2024 12:34 am
Forum: RouterBOARD hardware
Topic: RB1100 Bypass Ports: Application Example
Replies: 3
Views: 11311

Re: RB1100 Bypass Ports: Application Example

Since often a ISP modem/ONT has one port... the use case for the RB1100's "bypass" with VRRP and 2nd router is undervalued aspect of it. Or ISP gives use a subnet like a typical /29, to allow other routers so that even if the router is rebooted, those servers/routers use a public address f...
by Amm0
Sun Apr 21, 2024 12:21 am
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

Yeah something is fishy with RB5009 and/or USB, seemingly with Hueweis. There's been a few posts. About the only thing a user can do, is try the stable and beta/rc and/or even older V7 to see if those fix. Specifically 7.15rc has a fix to always leave the LTE interface around, so that worth trying. ...
by Amm0
Sat Apr 20, 2024 7:11 pm
Forum: General
Topic: cloudflare have changed the root cert? [SOLVED]
Replies: 7
Views: 3121

Re: cloudflare have changed the root cert? [SOLVED]

Yes, they did change it, and did warn users If you count a forum posting, sure. Cloudflare is $28B company, not Mikrotik. So sharing of certs in a forum posting without some hash (SHA256/etc) and only indica of authority being "Cloudflare Team" next to the user & going on to recommend...
by Amm0
Sat Apr 20, 2024 8:20 am
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

Are you aware of any way\command to connect \ diconntect the LTE? There are two ways. one is to disable and enabled the lte interface (via "/interface/lte lte1"). The other is power cycling the USB (via "/system/routerboard/usb/power-reset"). Using netwatch script is the way to ...
by Amm0
Sat Apr 20, 2024 8:01 am
Forum: Beginner Basics
Topic: Loading ONIE images on Mikrotik Switches
Replies: 6
Views: 618

Re: Loading ONIE images on Mikrotik Switches

Tend to agree with @mkx. I think we'd more likely see ROS support for whitebox switches (if they have required hardware resources) than the other way around. RouterOS as ONIE loadable image be the first step. And likely a good one. It's kinda like another CHR at some level, and they did just release...
by Amm0
Sat Apr 20, 2024 12:11 am
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

By default, there is no check on the distance=1 /ip/route (e.g. fiber). So simply unplugging is not going to cause a failover immediately. If fiber is a static route, you should add a check-gateway=ping on the 0.0.0.0 default route in /ip/route. If the fiber using DHCP client to get the fiber WAN IP...
by Amm0
Fri Apr 19, 2024 8:47 pm
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

Cannot say if to keep the link some pinging is enough, but you could set a script that just pings the (I presume there is one) the DNS that the LTE provider gives you once every (say) hour or so. This could be a netwatch script or a scheduled one. Totally possible carrier may separately force a dro...
by Amm0
Fri Apr 19, 2024 8:30 pm
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

Sure, that work too. But you don't have further ability to limit to just the router (which I don't show above, but /routing/rule let you exclude LAN IP from using LTE for the destination of 1.0.0.1 – a main route for 1.0.0.1 applies to all src-address) A separate routing table keeps things clean IMO...
by Amm0
Fri Apr 19, 2024 8:05 pm
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3369

Re: scripts to keep LTE stick up and running

MikroTik support says that the RB5009 is OK, looking at the logs. IMO, its a bug if it doesn't come back if other OSes do recover... But to force ping out LTE while fiber is the active route in main requires using a routing-table. To create a new seperate routing table that only goes over LTE, it's...
by Amm0
Fri Apr 19, 2024 5:55 pm
Forum: Beginner Basics
Topic: hotspot without username
Replies: 4
Views: 951

Re: hotspot without username

You still need some hotspot user (and password), even if hidden... You can create a hotspot user with the desire setting for the "without username" case, then use that user as a NEW value="..." in HTML as the post describes. e.g. <input type="hidden" name="username...
by Amm0
Fri Apr 19, 2024 4:46 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

A more complex example of using fetch with variables (and wrapping it in a function to make it easier to use from CLI) is one I wrote for extracting ZeroTier members via ZT's HTTP API to add static DNS entries for them:
viewtopic.php?t=204990&hilit=zerotier
by Amm0
Fri Apr 19, 2024 4:37 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

To store as a variable, you can just replace the ":put " with a ":global results " would work. There are also :local variables e.g. { :local results ([...]->"data") :put $results } The result is going to be JSON, so to get that into a RouterOS array, you need to use &qu...
by Amm0
Fri Apr 19, 2024 3:07 pm
Forum: Containers
Topic: Zerotier container - can't ping from ZT client to internal lan devices
Replies: 7
Views: 669

Re: Zerotier container - can't ping from ZT client to internal lan devices

As I said, I haven't used the ZT container, so IDK. So my suggestion was to make sure enabled Logging is checked on the /container for ZT, and the look at "/log print". Alternatively, you might be able to access the shell of the container using /container/print then /container/shell XX whe...
by Amm0
Fri Apr 19, 2024 2:45 pm
Forum: Scripting
Topic: Convert C sample to KNOT script
Replies: 18
Views: 1840

Re: Convert C sample to KNOT script

@Amm0 with the schedule do I script it into the code I have created for the sensor or use the system scheduler in system menu ? You put your code INTO scheduler's on-event. It would just need to be added once. The scheduler (aka `cron`) will then run your script on the interval= set. Using winbox, ...
by Amm0
Fri Apr 19, 2024 3:48 am
Forum: Containers
Topic: Zerotier container - can't ping from ZT client to internal lan devices
Replies: 7
Views: 669

Re: Zerotier container - can't ping from ZT client to internal lan devices

Couple thoughts: 1. Did you put the VETH in LAN interface list (or address-list if using those)? e.g. firewall blocks !LAN by default 2. The Mikrotik ZT client will inject ZT routers to the router, but using a ZT container won't... So you need a static route on CHR/X86 to the ZT network as Mikrotik ...
by Amm0
Fri Apr 19, 2024 12:36 am
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

The quoting all looks right, and CURL is doing same "single line" GraphQL. My other thought is /tool/fetch is using \r\n as the line ending, not just \n... Perhaps just add \n to the end, since it's complaining about In latest V7, there is the newer [:tolf] to convert any CRLF. So perhaps ...
by Amm0
Thu Apr 18, 2024 3:25 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

Well, it the -H 'Content-Type: application/json' that's messing in your /tool/fetch - that's setting it as JSON. :put ([/tool fetch url="https://somewebsite/api/graphql" \ http-method=post \ http-header-field="Content-Type:application/json,Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGc...
by Amm0
Thu Apr 18, 2024 3:22 pm
Forum: Scripting
Topic: Convert C sample to KNOT script
Replies: 18
Views: 1840

Re: Convert C sample to KNOT script

@Amm0 thanks will give that a shot.
One note, in scheduler script, you might want to use "/log info TEXT" instead of a :put.
by Amm0
Thu Apr 18, 2024 3:14 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

Hmm unfortunately the same response. It is so weird that it works with Curl or Postman but not with the fetch tool. Can you post the command you're using with `curl` that works? You may also need to add JSON as the content-type to /tool/fetch, since my guess is curl is using a --json (which sets th...
by Amm0
Thu Apr 18, 2024 3:10 pm
Forum: Scripting
Topic: Convert C sample to KNOT script
Replies: 18
Views: 1840

Re: Convert C sample to KNOT script

Or run at CLI, add an other :while (1) do={ ... } around the code, with a :delay 10s before the end of the loop. It take a ctrl-c to exit.
by Amm0
Thu Apr 18, 2024 3:08 pm
Forum: Scripting
Topic: Convert C sample to KNOT script
Replies: 18
Views: 1840

Re: Convert C sample to KNOT script

@Amm0 I am getting somewhere now I need to just get this script to refresh every 10s when the new local pktdata is updated You can put the code into /system/schedule** script with an 10s interval, that starts at "startup". ** likely easier in winbox/webfif to cut-and-paste code than use C...
by Amm0
Thu Apr 18, 2024 2:52 pm
Forum: Scripting
Topic: Convert C sample to KNOT script
Replies: 18
Views: 1840

Re: Convert C sample to KNOT script

Essentially the conversion from hex-in-a-string to an int take the following form today: [:tonum "0x$[:pick $pktdata <index> (<index> + <len>) ]"] So in your code it look like this: # Main function to decode Bluetooth advertisement data /iot bluetooth scanners advertisements { :local adids...
by Amm0
Thu Apr 18, 2024 5:56 am
Forum: General
Topic: question on tunnel performance and getting past single core limits
Replies: 10
Views: 772

Re: question on tunnel performance and getting past single core limits

I suppose you could try the old /ip/packing, as that lets you set an aggregated size. It's old as dirt, but if "packing" smaller packets into a bigger one is the goal, worth a look/try:
https://help.mikrotik.com/docs/display/ROS/IP+packing
by Amm0
Wed Apr 17, 2024 11:10 pm
Forum: Scripting
Topic: Can't Query Graphql site
Replies: 26
Views: 1546

Re: Can't Query Graphql site

I believe you need spaces between attributes and brackets in graphql. Might want to try something like this: http-data="{\"query\":\"query accountid { accounts(id:2) { entities { name }}}\"}" or since query is already in the JSON perhaps http-data="{\"query\&q...
by Amm0
Wed Apr 17, 2024 7:14 pm
Forum: Wireless Networking
Topic: Dante Audio over 60GHz
Replies: 7
Views: 852

Re: Dante Audio over 60GHz

Thanks @sirbryan. My knowledge of 60GHz is limited. I do know that it's jitter that kill you for Dante, so great data. The thing that seem limiting is there are not any MCS-like knobs to tweak – since I'm not sure negotiating a higher MCS is helpful for stability. e.g. Changing MCS has to introduce ...
by Amm0
Wed Apr 17, 2024 6:34 pm
Forum: Wireless Networking
Topic: Dante Audio over 60GHz
Replies: 7
Views: 852

Re: Dante Audio over 60GHz

Re UBNT vs MT.... I think it be more physics, than hardware since it's a standard protocol. Only note be that Mikrotik uses a bond on 60Ghz PtP products with 5Ghz backup... For Dante, 5Ghz be worthless as backup, so using bond would add a smidgen of latency that could be avoided. I'm pretty sure Dan...
by Amm0
Wed Apr 17, 2024 6:21 pm
Forum: General
Topic: Mutliple IP on same interface
Replies: 5
Views: 398

Re: Mutliple IP on same interface

Yeah in V6, pref-src is used for everything in routing. In V7, it's ONLY used for router initiated traffic. RouterOS V7's "FIB logic" when multiple IPs in same subnet... IDK for sure. I'm don't think it's documented what happens. I do know pref-src= on a router in V7 works for something li...
by Amm0
Wed Apr 17, 2024 5:12 pm
Forum: General
Topic: Mutliple IP on same interface
Replies: 5
Views: 398

Re: Mutliple IP on same interface

Assuming it's V7. The address used for "local out" traffic (e.g. telnet from router) should be shown a local-address in /ip/route/print... To set it for traffic originated from the router (e.g. /tool/fetch, /system/ssh, telnet out, etc.), then pref-src= can be used to control. If pref-src ...
by Amm0
Wed Apr 17, 2024 5:54 am
Forum: Wireless Networking
Topic: Dante Audio over 60GHz
Replies: 7
Views: 852

Re: Dante Audio over 60GHz

Couple questions: - Were you in AES67 mode? - Did the Dante controller have a specific error on the clock and/or see a lot of jitter in clock's graphs? One thought is by default 60GHz PtP Mikrotiks use a bond with 5Ghz. I'd remove the bond if it was being used, since failover to 5Ghz is not going to...
by Amm0
Wed Apr 17, 2024 1:58 am
Forum: Wireless Networking
Topic: wAP ax?
Replies: 35
Views: 9149

Re: wAP ax?

wAP ac is not discontinued
Perhaps, but it's "brother" with miniPCIe is marked as discontinued (https://mikrotik.com/product/wap_r_ac)
by Amm0
Wed Apr 17, 2024 1:47 am
Forum: Beginner Basics
Topic: Re-programming remote wAP LTE kit as wireless client
Replies: 2
Views: 383

Re: Re-programming remote wAP LTE kit as wireless client

Assuming you have not upgrade the wireless drivers...

There should be a QuickSet mode (in upper left) for "PTP Bridge CPE", you should be able to use that to connect to Starlink Wi-Fi's SSID and should bridge it to ether2 (and I think ether1).
by Amm0
Tue Apr 16, 2024 11:18 pm
Forum: General
Topic: /tool wol - target IP address?
Replies: 35
Views: 2044

Re: /tool wol - target IP address?

Fair enough, it is even more confusing. I thought it's just UDP with different ether type. That it might not be UDP was a suprise. With NirSoft's WakeMeOnLAN tool, I can successfully wake-on-lan an MSI Cubi2 system on my LAN. A sniffer trace of what WOL packet gets generated with your tool when usin...
by Amm0
Tue Apr 16, 2024 6:22 pm
Forum: General
Topic: /tool wol - target IP address?
Replies: 35
Views: 2044

Re: /tool wol - target IP address?

It may flow via L2 MAC, but it's still formatted as UDP packet AFAIK.

Could be wrong... but I think it's just specific IP address, instead of broadcast 255.255.255.255, in the UDP part of the packet.
by Amm0
Tue Apr 16, 2024 2:35 am
Forum: Announcements
Topic: WinBox v3.40 released!
Replies: 143
Views: 138219

Re: WinBox v3.40 released!

@normis any update on a native mac app for winbox?
Given we're at an icon flashing in task bar: https://youtu.be/sQPlwDSd5LM?t=184 — be a while.

No other proof of life... Like screenshot? Or, at least clue on framework/lang... Can we put rest it's Electron?
by Amm0
Tue Apr 16, 2024 1:15 am
Forum: General
Topic: /tool wol - target IP address?
Replies: 35
Views: 2044

Re: /tool wol - target IP address?

Theoretically WOL could be on a BMC with an IP address, and the WOL turns out rest of system. It does not seem like a bad option to have, although perhaps confusing since IP isn't going to help in most cases. Kinda niche, but Mikrotik has the feature request category at help.mikrotik.com.
by Amm0
Mon Apr 15, 2024 6:18 pm
Forum: General
Topic: Is there a problem with IP Cloud? [SOLVED]
Replies: 70
Views: 25032

Re: Is there a problem with IP Cloud? [SOLVED]

Why on the forum?
They should have a services status on the main website.
Agree. Or perhaps some backup host someplace else for geo-redundancy. Not asking 5-nines here.
Well, they should have a status page. I'd suggest Dude and function to update the web site ;)
by Amm0
Mon Apr 15, 2024 2:33 am
Forum: Useful user articles
Topic: How to: Edge router and BNG optimization for ISPs Topic is solved
Replies: 68
Views: 93545

Re: How to: Edge router and BNG optimization for ISPs Topic is solved

Seriously?
LOL. I don't think @DarkNate was even trying to troll [here] – just a lucky guess. If so, you have some eggs from your pizza to throw at him.

Pineapples, like IPv6, aren't everywhere.
by Amm0
Mon Apr 15, 2024 2:10 am
Forum: General
Topic: Hotspot Configurations and on-prem Windows AD
Replies: 6
Views: 541

Re: Hotspot Configurations and on-prem Windows AD

First bet is DNS.
Good to hear.
It really is always DNS.
by Amm0
Mon Apr 15, 2024 1:00 am
Forum: General
Topic: Hotspot Configurations and on-prem Windows AD
Replies: 6
Views: 541

Re: Hotspot Configurations and on-prem Windows AD

Yeah realized after that DNS was already likely MS AD DNS. I suppose another way to skin that are is set the Mikrotik DNS to your AD's DNS? Since I do think hotspot is sending all DNS to Mikrotik regardless of what DNS IP is used. While you can have a firewall rule before that has a hotspot chain ru...
by Amm0
Sun Apr 14, 2024 4:43 pm
Forum: Beginner Basics
Topic: AT&T FTTH, VLANs, CapsMAN Full Config (RouterOS 7 Updated)
Replies: 29
Views: 5783

Re: AT&T FTTH, VLANs, CapsMAN Full Config (RouterOS 7 Updated)

Capacs take minutes to setup and dont change very often Most Wi-Fi APs have some central manager, so it's not unreasonable to want that on Mikrotik. It's the view of all APs in one place that's useful of CAPsMAN. Or if you want to make a change to SSID/password, etc. are all easier down the road to...
by Amm0
Sun Apr 14, 2024 4:35 pm
Forum: Beginner Basics
Topic: router to mail.hamilton.com
Replies: 9
Views: 562

Re: router to mail.hamilton.com

Config may help here, dunno. But ISP upstream may redirect NTP and/or DNS. Might want to try at the Terminal: :put [:resolve pool.ntp.org] I suspect that will get you the same 173.255.241.249. Be curious to see what DNS servers are getting used: /ip/dns print ; /ip/dns/cache print where data=173.255...
by Amm0
Sun Apr 14, 2024 7:00 am
Forum: General
Topic: MSS-clamp equivalent for udp?
Replies: 3
Views: 437

Re: MSS-clamp equivalent for udp?

Ok, thanks! I think I'm having larger MTU/MSS issues, as its not working, but I'll post a separate topic for that. Set EoIP to 1500 MTU. It will fragment but almost certainly needed since I doubt the HDHomeRun does PMTUD. Generally there 7 MPEG frames per RTP packet, so I'm guess it like needs 1400...
by Amm0
Sun Apr 14, 2024 5:44 am
Forum: RouterBOARD hardware
Topic: Outdoor Starlink
Replies: 13
Views: 1589

Re: Outdoor Starlink

Mikrotik has a pigtail part: https://mikrotik.com/product/acsmaufl

That get you SMA. Most Wi-Fi things RP-SMA. But AFAIK the wAPac is same as LTE ones with u.fl connectors on board for Wi-Fi.
by Amm0
Sun Apr 14, 2024 5:03 am
Forum: Beginner Basics
Topic: AT&T FTTH, VLANs, CapsMAN Full Config (RouterOS 7 Updated)
Replies: 29
Views: 5783

Re: AT&T FTTH, VLANs, CapsMAN Full Config

It was a serious pain in the ass and took a lot of hours. Good news is the EAP supplicant stuff just worked, no fiddling. Oh I'm sure. But the new drivers likely worth the effort. Used the wifiwave2 (now wifi-qcom-ac) on Audiences for long while, it was night-and-day difference. Welp... my RB4011 b...
by Amm0
Sun Apr 14, 2024 3:01 am
Forum: RouterBOARD hardware
Topic: Outdoor Starlink
Replies: 13
Views: 1589

Re: Outdoor Starlink

Are we talking about this one: https://mikrotik.com/product/wap_ac Yes. I mainly use the https://mikrotik.com/product/wap_r_ac which has miniPCIe slot, so I habitually add the "R". But the wAPac is identical, except no LTE modem. It's the plain "wAP R" you wouldn't want as that'...
by Amm0
Sun Apr 14, 2024 2:50 am
Forum: RouterBOARD hardware
Topic: Outdoor Starlink
Replies: 13
Views: 1589

Re: Outdoor Starlink

The wAPacR is a router, and is an AP by default. The newer wifi-qcom-ac drivers will get you Wave2 support on it. So you should not need the Starlink router - assuming the third-party Starlink+PoE to Ethernet adapter works. The Amazon links seem to do that so the ethernet that be usable can be the W...
by Amm0
Sat Apr 13, 2024 5:20 pm
Forum: General
Topic: USB LTE stick disappear
Replies: 15
Views: 1136

Re: USB LTE stick disappear

Some older Huawei modem had issues with IPv6, but you've disabled it in both places, so I dunno.

I'd add lte,!packet,!raw as a topic /system/logging, reboot, and collect a supout.rif file & email that and what you've seen to support@mikrotik.com
by Amm0
Sat Apr 13, 2024 4:21 pm
Forum: General
Topic: USB LTE stick disappear
Replies: 15
Views: 1136

Re: USB LTE stick disappear

Fair enough. More that if disabled under /ipv6, you have to change the APN under /interface/lte/apn so the ip-type=IPv4 as well.
by Amm0
Sat Apr 13, 2024 3:58 pm
Forum: General
Topic: USB LTE stick disappear
Replies: 15
Views: 1136

Re: USB LTE stick disappear

One thing to try is setting just the "IPv4" option in the APN Profile, instead of "auto", as the "IP Type".
by Amm0
Sat Apr 13, 2024 6:40 am
Forum: General
Topic: Modify the DHCP client of an LTE interface
Replies: 9
Views: 614

Re: Modify the DHCP client of an LTE interface

The only difference is the "LTE way" is there is no scripting actions on it. But if you didn't have that need... I'm not sure what advantage to go through the trouble to "fool" routeros into creating an actual /ip/dhcp-client for an LTE interface? The APN Profile does mimic the o...
by Amm0
Sat Apr 13, 2024 1:49 am
Forum: General
Topic: Hotspot Configurations and on-prem Windows AD
Replies: 6
Views: 541

Re: Hotspot Configurations and on-prem Windows AD

I hear Active Directory. First bet is DNS. I suspect the hotspot clients are using Mikrotik DNS, which isn't going to the know the SRV/etc records needed for AD LDAP. You could confirm by setting a hotspot client's DNS to explicitly use Microsoft AD DNS servers. If that works, it's for sure DNS. Eve...
by Amm0
Fri Apr 12, 2024 9:34 pm
Forum: General
Topic: Modify the DHCP client of an LTE interface
Replies: 9
Views: 614

Re: Modify the DHCP client of an LTE interface

Fair enough. The double-NAT does offer a static config on Mikrotik side, so can see that's being a plus. And L2TP is a different story for the NAT'ed CGNAT going on, than say WG/etc. More note that, in most normal cases (not BGP+L2TP ;) ), likely better if modem operates in MBIM mode if possible in ...
by Amm0
Fri Apr 12, 2024 9:00 pm
Forum: General
Topic: Modify the DHCP client of an LTE interface
Replies: 9
Views: 614

Re: Modify the DHCP client of an LTE interface

V7 support MBIM modems. I'd imagine you'd be able use an AT command to switch it from the "NAT-mode" (Linux ECM driver) to MBIM modem. That get the CGNAT address on the router. If you google for your modem and MBIM (or if specs suggest Windows 8-11 support), I'd imagine there is some AT co...
by Amm0
Fri Apr 12, 2024 8:20 pm
Forum: General
Topic: Modify the DHCP client of an LTE interface
Replies: 9
Views: 614

Re: Modify the DHCP client of an LTE interface

In the LTE Profile, under /interface/lte/apn. /interface/lte/apn/set [find name=default] default-route-distance=2 use-peer-dns=no add-default-route=no Not sure if NTP over MBIM is even possible, but NTP not settable regardless. FWIW, If you're going to use routing tables, set a higher distance for L...
by Amm0
Fri Apr 12, 2024 6:53 pm
Forum: Beginner Basics
Topic: Mikrotik documentation
Replies: 10
Views: 780

Re: Mikrotik documentation

Fair enough. I hate Confluence, as user and admin many years ago. Have you ever looked at AsciiDoc (https://asciidoc.org)? It deals with all the TOC/etc stuff that markdown doesn't. OSS, no Java, and esoteric syntax seems more Mikrotik. Apple uses it for the their new PKL language, https://pkl-lang....
by Amm0
Fri Apr 12, 2024 6:35 pm
Forum: Beginner Basics
Topic: Mikrotik as a backup wireless link with Cisco
Replies: 11
Views: 598

Re: Mikrotik as a backup wireless link with Cisco

Thanks all, I've been playing about with GNS3 last night so might try see if I can lab it out before doing anything and having to get on the roof to reset it! FWIW. You shouldn't have to go to roof, assuming you know the user/password. All Mikrotik support winbox via Layer2, so can connect via MAC ...
by Amm0
Fri Apr 12, 2024 4:55 pm
Forum: Wireless Networking
Topic: Dante Audio over 60GHz
Replies: 7
Views: 852

Re: Dante Audio over 60GHz

I'd see this done once with some UBNT with some AVIO adapters. Venue suggested its work fine. While I believe them... the use case was not something like FOH to a stage where failure be disasterous. Theoretically, 60Ghz should work. You also do have Dante's latency setting to tweak to help. So there...
by Amm0
Fri Apr 12, 2024 12:11 am
Forum: General
Topic: Starlink Chateau LTE18 AX NO Internet
Replies: 7
Views: 752

Re: Starlink Chateau LTE18 AX NO Internet

Your right. I get confused on the Chateau, most are 16MB storage. And I kinda assumed @normis has some reason for his comments however ;)
by Amm0
Thu Apr 11, 2024 11:09 pm
Forum: General
Topic: Starlink Chateau LTE18 AX NO Internet
Replies: 7
Views: 752

Re: Starlink Chateau LTE18 AX NO Internet

@normis has a point: most of the cost on Chateau LTE18 is for the LTE modem. So if LTE is not needed, it's not a great choice. e.g. while starlink is within its routing abilities, it's not a powerful router. A hAPax3 is more powerful router, and has more internal storage, if no LTE is needed. Althou...
by Amm0
Thu Apr 11, 2024 8:02 pm
Forum: General
Topic: DHCP Request & PCC Balance
Replies: 14
Views: 772

Re: DHCP Request & PCC Balance

My question is regarding the router! I have never turned it on and it does not prevent my access via iphone. Neither router nor smartphone apps care if disabled. But if do use the app... it quite visible since it kinda looks like there is no internet (e.g. it says "Internet: disabled" or ...
by Amm0
Thu Apr 11, 2024 7:24 pm
Forum: General
Topic: DHCP Request & PCC Balance
Replies: 14
Views: 772

Re: DHCP Request & PCC Balance

Hey Ammo, I use an Iphone and have not used this functionality. How would it make the experience better??? Don't enable it using the mobile app is my #1 advice**. The "detect-interface-list" is the only important setting. That setting is where it does the detection. Since there is no poin...
by Amm0
Thu Apr 11, 2024 6:46 pm
Forum: Beginner Basics
Topic: Mikrotik as a backup wireless link with Cisco
Replies: 11
Views: 598

Re: Mikrotik as a backup wireless link with Cisco

Layer 2 vs Layer 3. /interface/vlan creates a Layer3 route on a VLAN. While the critical setting vlan-filtering=yes/no on the /interface/bridge is what essentially converts the software bridge from a.dumb switch and a VLAN-aware switch. The /interface/bridge/vlans is how you set hybrid/trunk/access ...
by Amm0
Thu Apr 11, 2024 6:42 pm
Forum: Beginner Basics
Topic: Mikrotik as a backup wireless link with Cisco
Replies: 11
Views: 598

Re: Mikrotik as a backup wireless link with Cisco

If the VLAN already defined on either end of the link. The 60Ghz LHG should just bridge anything passing over it with the default configuration. e.g. you don't need to set vlan-filtering=yes and define VLANs unless you want to restrict traffic going over the link. So if the Cisco's already have VLAN...
by Amm0
Thu Apr 11, 2024 5:57 pm
Forum: Beginner Basics
Topic: Mikrotik documentation
Replies: 10
Views: 780

Re: Mikrotik documentation

there are not so many new features during these revisions.
Think y'all selling yourselves short. ;) And docs themselves do get updated regularly.

Seems like a `cron` job...
by Amm0
Thu Apr 11, 2024 4:57 pm
Forum: Announcements
Topic: WinBox v3.40 released!
Replies: 143
Views: 138219

Re: WinBox v3.40 released!

Winbox, IMHO is the secret sauce, allowing non CLI trained folks to access and modify their configs and view all kinds of information. Agreed. If you BOTH CLI and winbox, or have potentially multiple users making updates, it is really well integrated. e.g. the "live update" of winbox dial...
by Amm0
Thu Apr 11, 2024 4:41 pm
Forum: General
Topic: DHCP Request & PCC Balance
Replies: 14
Views: 772

Re: DHCP Request & PCC Balance

Finally a normal reaction to this :D Part of the detect-internet logic includes adding a dhcp-client. Given "Detect" is in name, it is odd it modifies config. And since adding a dhcp-client could effect routing...why folks have negative reaction. But the graph in mobile app is super usefu...
by Amm0
Thu Apr 11, 2024 3:44 pm
Forum: Announcements
Topic: WinBox v3.40 released!
Replies: 143
Views: 138219

Re: WinBox v3.40 released!

But, that is just a "winbox bug", that could be fixed with some additional code in winbox. After all, it knows which items you have changed. As someone who has noticed this behavior and already complained elsewhere: of course it is a bug IMHO. Mikrotik may see it differently. I think winb...
by Amm0
Thu Apr 11, 2024 7:23 am
Forum: Beginner Basics
Topic: KNOT - cant beck to default configuration
Replies: 3
Views: 444

Re: KNOT - cant beck to default configuration

You might just use netinstall to reset it to defaults. But it is critical you do not press reset button MORE than 10 seconds - it should be around 6-7 seconds from power on & normally some light goes from solid to flashing, at which point you release the reset button. While the button reset shou...
by Amm0
Thu Apr 11, 2024 6:45 am
Forum: Scripting
Topic: REST API - is it a bug? [SOLVED]
Replies: 9
Views: 740

Re: REST API - is it a bug? [SOLVED]

But at first I didn't see the detail as I was using Comfortclick's http driver to test it and it only said Internal server error... FWIW, if you use Postman to test request, I created a RAML/OpenAPI scheme that allows testing of the REST API. See https://forum.mikrotik.com/viewtopic.php?t=199476&am...
by Amm0
Thu Apr 11, 2024 6:40 am
Forum: Scripting
Topic: REST API - is it a bug? [SOLVED]
Replies: 9
Views: 740

Re: REST API - is it a bug? [SOLVED]

Your right it's not a server error so 5xx status code is wrong.

Although the specific permission that's missing be more helpful.
by Amm0
Thu Apr 11, 2024 5:45 am
Forum: General
Topic: RoMON - multiple secrets
Replies: 5
Views: 481

Re: RoMON - multiple secrets

i'll go through the wiki once again, then probably i'll ask support I've never used the interface-specific ones. But just re-read docs since I wrote from my memory and my usage ;). https://help.mikrotik.com/docs/pages/viewpage.action?pageId=8978569#RoMON-Secrets One of the rules is For each interfa...
by Amm0
Thu Apr 11, 2024 12:29 am
Forum: General
Topic: Image body email
Replies: 2
Views: 396

Re: Image body email

Short Answer is NO . It kinda up to the mail client to figure it out. For sure, the file extension has to match the file type (e.g. if it's a png, name should end in .png) But how Mikrotik generates the multipart MIME has some effects. Basically all attachments get added using the follow headers for...
by Amm0
Wed Apr 10, 2024 11:57 pm
Forum: General
Topic: RouterOS v7 best route selection problems
Replies: 8
Views: 764

Re: RouterOS v7 best route selection problems

The skimpy docs on select-rule has come up before: https://forum.mikrotik.com/viewtopic.php?t=206072&hilit=bgp+select It can't hurt to open a ticket at support@mikrotik.com about the poor docs on BGP's select-rule. I'm not sure what is not covered by the V7 BGP filter language e.g. what can only...
by Amm0
Wed Apr 10, 2024 11:23 pm
Forum: General
Topic: BTH basic question
Replies: 19
Views: 1068

Re: BTH basic question

b. BTH configurations where the Peer (server for handshake) has a public IP and has no need to punch out to the proxy MT WG server. I'm not sure how BTH would interfere with other WG config. BTH with a "real" public IP would still use DDNS, but still does not "punch out" a ports...
by Amm0
Wed Apr 10, 2024 8:02 pm
Forum: General
Topic: BTH basic question
Replies: 19
Views: 1068

Re: BTH basic question

Create a routing rule with Source of WAN2 IP address , and force all such traffic to table pointing to WAN2. OR, even sneakier, Dst-NAT traffic to wireguard port to WAN2, to-address=WAN1 This has come up a few times.... Maybe @normis/etc can comment on it somewhere. Although it's WG, not BTH specif...
by Amm0
Wed Apr 10, 2024 7:51 pm
Forum: General
Topic: DHCP Request & PCC Balance
Replies: 14
Views: 772

Re: DHCP Request & PCC Balance

FWIW on this one: 1. I know recommendation. This is my decision for App Android. Yeah if you don't use mobile apps, the use of "detect-internet" is unclear. But if you do use the mobile apps...it front-and-center on the app & does enable a nice graph of WAN usage if enabled. And you've...
by Amm0
Wed Apr 10, 2024 7:37 pm
Forum: Announcements
Topic: WinBox v3.40 released!
Replies: 143
Views: 138219

Re: WinBox v3.40 released!

I would have expected some kind of API as that's more efficient (no need to parse command line) and less prone to breaking changes. All the config methods are abstractions over some internal config schema (see /console/inspect). So...I'm just not sure where efficiency comes in — once config change ...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 14