Community discussions

MikroTik App

Search found 131 matches

by hknet
Tue Feb 20, 2024 7:48 am
Forum: The Dude
Topic: DUDE v7 server "needed packages are not available"
Replies: 35
Views: 13694

Re: DUDE v7 server "needed packages are not available"

So - finally we also do see this issue as we tried upgrading v7.13.x recently using the Dude. As we now have devices that simply need ROS v7 to work - this is getting an issue as our emergency upgrade plans in case of a serious security issue with ROS is currently to go to the dude and upgrade all d...
by hknet
Wed Jan 31, 2024 9:07 am
Forum: RouterOS beta
Topic: Unable to route on my local breakout 7.1beta2
Replies: 11
Views: 8593

Re: Unable to route on my local breakout 7.1beta2

You did put me on the right track, disabling & enabling the ip address on the VLAN interface actually fixed it. thank you for pointing this out - in fact still on v7.13.3 - disabling and re-enabling the IP on the vrf bound interface that reports the "invalid argument" fixes the situat...
by hknet
Tue Oct 24, 2023 3:37 am
Forum: Forwarding Protocols
Topic: ospfv3 - ROS 7.11.2 vs 6.48.6 CRS317 - adjacency fails after 5 min
Replies: 0
Views: 2181

ospfv3 - ROS 7.11.2 vs 6.48.6 CRS317 - adjacency fails after 5 min

Hi, we got a well running CRS317 based network, then we introduced ROS v7 to get hardware forwarding. OSPFv2 (IPv4) works well on all devices and between different releases. OSPFv3 (IPv6) is quite another beast: if ROS7 does ospfv3 on the dedicated (not bridge-swichted) ethernet (1G) port - everythi...
by hknet
Mon Aug 28, 2023 7:17 pm
Forum: Forwarding Protocols
Topic: [Stability] Multiple PPPoE servers (+10) at the same router - Is there any alternatives?
Replies: 10
Views: 6771

Re: [Stability] Multiple PPPoE servers (+10) at the same router - Is there any alternatives?

For sure, use one PPPoE Server per VLAN. Much better than bridge them
I'd seriously doubt this argument: pppoe usually is a user-context process, while bridges are done in kernel-context.
If pppoe is a kernel-module in ROS, then I would stand corrected, but I would be surprised also :).
by hknet
Mon Aug 28, 2023 7:11 pm
Forum: Forwarding Protocols
Topic: [Stability] Multiple PPPoE servers (+10) at the same router - Is there any alternatives?
Replies: 10
Views: 6771

Re: [Stability] Multiple PPPoE servers (+10) at the same router - Is there any alternatives?

We evaluated such a setup for quite a similar usecase. Not willing to risk any bridges bringing down the CPU we went for CCR1072 and later (smaller setups) CCR2004. The older CCR takes _forever_ to load such a config (reboot takes up to 20 minutes), but it is running 7k+ VLAN-Interfaces and bridging...
by hknet
Fri Aug 25, 2023 8:42 pm
Forum: Forwarding Protocols
Topic: VPN4 tunnels limit.
Replies: 1
Views: 2180

Re: VPN4 tunnels limit.

I'm not exactly sure if I get your setup by this description. Basically I do understand your have a route reflector offering all vpnv4 routes to its clients, right? To get those routes into your routing table you will have to configure your RDs in /routing/bgp/vpn/ (v7) and import those routes using...
by hknet
Fri Aug 25, 2023 8:30 pm
Forum: Forwarding Protocols
Topic: How to prefer OSPF routes over BGP routes
Replies: 3
Views: 2335

Re: How to prefer OSPF routes over BGP routes

Since you got BGP on all devices, why even bother running ospf (except for maybe IGP)?
You could attribute a better local preference to routes learned via your favorite router and prefer these routes.
hth, hk
by hknet
Thu Aug 24, 2023 4:56 am
Forum: Forwarding Protocols
Topic: Mikrotik 7.10.2 mpls packets loss
Replies: 1
Views: 2372

Re: Mikrotik 7.10.2 mpls packets loss

I'm interested did you reduce ospf timings in ROS v6.x to keep mpls-ldp and ospf in sync?
If so maybe ROS v7 would need a similar setting, but we are also only in the testing-phase of ROS v7 and mpls in our own network.
Will look for packetloss now during our tests - thanks for your post.
by hknet
Thu Aug 24, 2023 4:49 am
Forum: Forwarding Protocols
Topic: VPNv4 route inconsistant.
Replies: 2
Views: 2151

Re: VPNv4 route inconsistant.

according to your cli-prompt I guess you're on ROS 6.x - which does not support multipath vpnv4 afair.
by hknet
Mon May 15, 2023 3:46 am
Forum: Forwarding Protocols
Topic: OSPFv3 + IGMP snooping on CRS317 (7.8) (workaround)
Replies: 3
Views: 2327

Re: OSPFv3 + IGMP snooping on CRS317 (7.8) (workaround)

thanks for the idea! little issue: running ospfv3 ontop of vlan interfaces attached to the hardware-bridge - this does not solve the problem in our case (ROSv7.9). also tried to filter the port and the vlan using an additional switch-filter this does not solve the issue either. any further hints ver...
by hknet
Tue Feb 14, 2023 8:06 am
Forum: Announcements
Topic: v7.8rc is released!
Replies: 125
Views: 44764

Re: v7.8rc is released!

Upgraded a CRS305 and CRS309 without any issues so far. OSPFv2, OSPFv3, HW L3. Just need to verify DHCP has been fixed.
how did you get ospf3? I'm testing on two CRS317 which converge fine in ospf2, but never using IP6
by hknet
Sat Nov 19, 2022 1:58 am
Forum: RouterOS beta
Topic: v7 MPLS hardware offload?
Replies: 25
Views: 10177

Re: v7 MPLS hardware offload?

this escalated quickly... Here is the reasoning: ROS v6 already supported MPLS in Hardware on the CRS317 platform. This feature was removed (for now) in v7 https://help.mikrotik.com/docs/display/ROS/CRS3xx%2C+CRS5xx%2C+CCR2116%2C+CCR2216+switch+chip+features#CRS3xx,CRS5xx,CCR2116,CCR2216switchchipfe...
by hknet
Thu Nov 17, 2022 3:58 am
Forum: RouterOS beta
Topic: v7 MPLS hardware offload?
Replies: 25
Views: 10177

Re: v7 MPLS hardware offload?

any hope for this featureset to materialize?
by hknet
Wed Dec 08, 2021 7:13 am
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 224909

Re: v7.1 is released!

after adding a full ipv4-table to a RB4011iGS the device itself is running fine, but winbox gets disconnected if you try to open the ip/route window. trying "/routing/route/print count-only where bgp" to get the number of routes learned takes several minutes; while "/routing/route/pri...
by hknet
Wed Dec 08, 2021 5:14 am
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 224909

Re: v7.1 is released!

tried bgp with tcp-md5-key with some ciscos - ends up with "%TCP-6-BADAUTH: Invalid MD5 digest from " always.
configuring a new session without md5-key the session gets established just fine...
by hknet
Wed May 19, 2021 8:47 pm
Forum: RouterOS beta
Topic: v7.1beta6 [development] is released!
Replies: 377
Views: 242191

Re: v7.1beta6 [development] is released!

Mmmm MLAG - sounds tasty.

Any hint on how this could be configured and how it is implemented between boxes?

thx!
by hknet
Sat Apr 24, 2021 8:44 pm
Forum: RouterOS beta
Topic: new feature request MLAG!!!
Replies: 33
Views: 16974

Re: new feature request MLAG!!!

802.1BR is NOT MC-LAG and has a different use case. It is for bridge extension, port expanders and the like. You could possibly use it for stacking... MC-LAG is still needed, it removes the "single control plane" point of failure. I'd take any stack or MC-LAG solution as long as the contr...
by hknet
Wed Mar 31, 2021 12:45 am
Forum: General
Topic: MLPPP MTU testing...
Replies: 2
Views: 862

Re: MLPPP MTU testing...

Most tutorials recommend MRI to be set at 1600
MRI?
by hknet
Fri Mar 26, 2021 1:51 pm
Forum: Forwarding Protocols
Topic: Problems with MPLS IPv4 VPN
Replies: 72
Views: 32275

Re: Problems with MPLS IPv4 VPN

we asked MT support for help, maybe we can get help - if it says ROS7 I guess we will have to install cisco boxes again...
well got this exact answer: will not be fixed in V6, will have to hope for ROSv7 to get mpls and bgp vpnv4 working in a multipath-setup.
by hknet
Thu Mar 25, 2021 5:49 pm
Forum: General
Topic: MLPPP MTU testing...
Replies: 2
Views: 862

MLPPP MTU testing...

Hi we are experiencing some really strange MLPPP situations with RouterOS: we set MRU = 1470 and MRRU=1500 we get an mlppp-interface-mtu=1480 we set the interface mtu for the ethernet-interfaces carrying the ppp-streams to MTU=1520 no special mtu/mru/mrru settings in mlppp-dialer we get a nominal MT...
by hknet
Mon Mar 22, 2021 7:16 pm
Forum: General
Topic: vrrp ip mask
Replies: 2
Views: 1744

Re: vrrp ip mask

Hi I just came along this issue as mikrotik support told me to use /32 for the vrrp IP address netmask. well, if I do this - at least on ROS 6.48.1 on a RB3011 - I can not ping the vrrp IP anymore from the connected subnet. if I do set the netmask to the same value as the subnet (eg /24) then at lea...
by hknet
Mon Mar 22, 2021 3:41 am
Forum: Forwarding Protocols
Topic: Problems with MPLS IPv4 VPN
Replies: 72
Views: 32275

Re: Problems with MPLS IPv4 VPN

this keeps on giving it seems. we recently tested MT's ROS6.48.1 on RB3011 as PE talking to its CE via ospf. only when we introduced redundancy this got weird: it seems only one PE will report its CE-routes to the route-reflectors. as soon as we filter some CE route from being announced to the RRs, ...
by hknet
Mon Feb 15, 2021 10:31 pm
Forum: Announcements
Topic: WinBox v3.27 released!
Replies: 100
Views: 59225

Re: WinBox v3.27 released!

recently found that on one CCR (latest long-term ROS) with lots of interfaces (meaning thousands) when we try to resize column sizes or re-sort bridge-filters winbox is actig out: column width either gets reduced to minimum or is scaled at max for this window, trying to rearrange that always ends up...
by hknet
Sun Feb 14, 2021 7:18 pm
Forum: Forwarding Protocols
Topic: MPLS incorrect forwarding table
Replies: 23
Views: 9584

Re: MPLS incorrect forwarding table

thx for the ospf timing idea will try this :)
by hknet
Fri Jan 15, 2021 1:54 am
Forum: RouterOS beta
Topic: Segment Routing and IS-IS
Replies: 22
Views: 10910

Re: Segment Routing and IS-IS

+1 on IS-IS and segmented routing - pleeease :)
by hknet
Wed Jan 13, 2021 2:24 pm
Forum: Announcements
Topic: v6.48 [stable] is released!
Replies: 295
Views: 127619

Re: v6.48 [stable] is released!

On my CRS326-24G-2S+ after updating I no longer have any interfaces nor will the device reboot cleanly. This is the output from terminal: [admin@CRS326] > /interface [admin@CRS326] /interface> print Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE ACTUAL-MTU L2MTU [admin@CRS326]...
by hknet
Fri Aug 21, 2020 12:48 am
Forum: Announcements
Topic: Winbox v3.24 released!
Replies: 103
Views: 89044

Re: Winbox v3.24 released!

well, would like to go back to 3.20 with no HiDPI support - at least it worked :)
anyone got an archive link as I seem to dumb to find the previous releases in the download-section...
by hknet
Thu Aug 20, 2020 11:01 pm
Forum: Announcements
Topic: Winbox v3.24 released!
Replies: 103
Views: 89044

Re: Winbox v3.24 released!

well, I'm now also in the having to zoom in three times for any window to get readable business...
please fix this.
Win10 2004, Surface Pro, HiDPI - if that makes any difference.
by hknet
Wed Jul 29, 2020 5:33 am
Forum: RouterOS beta
Topic: v7.1beta1 [development] is released!
Replies: 103
Views: 57516

Re: v7.1beta1 [development] is released!

@hknet please, don't mess up count of NAT rules with conntrack table size limit.
not me :)
by hknet
Sat Jul 25, 2020 4:50 pm
Forum: General
Topic: BGP - 1072
Replies: 5
Views: 2488

Re: BGP - 1072

I'm curious - have you found the culprit bogging your cores to full load?
by hknet
Sat Jul 25, 2020 4:42 pm
Forum: RouterOS beta
Topic: v7.1beta1 [development] is released!
Replies: 103
Views: 57516

Re: v7.1beta1 [development] is released!

NAT Hardware Offloading ! Great news. When is this coming to the actual router products like CCR series or new router products ? Same Question from my side! word of advice: if you're on 1036 oder 1072 your box can usually handle any 10G nat traffic, of course depending on your setup you could also ...
by hknet
Mon Jul 20, 2020 1:29 am
Forum: General
Topic: BGP - 1072
Replies: 5
Views: 2488

Re: BGP - 1072

based on your ROS release I'd assume this setup has been in production for some time. band-aid suggestions: switch on fastpath, yes you have to remove firewall-policies, also make sure your ip services are secured. as your network processing load seems incredibly high I'd suspect some kind of loopin...
by hknet
Mon Jul 20, 2020 12:58 am
Forum: Announcements
Topic: Future of LTE products, user feedback requested
Replies: 208
Views: 101766

Re: Future of LTE products, user feedback requested

could I ask for 5G supporting modems?
Location: Austria, Europe
by hknet
Fri Apr 10, 2020 1:54 pm
Forum: General
Topic: Feature request: Force sending of DHCP options to clients
Replies: 71
Views: 21352

Re: Feature request: Force sending of DHCP options to clients

+1 - seriously needed.
by hknet
Sun Feb 23, 2020 10:19 am
Forum: Forwarding Protocols
Topic: IEEE1588 PTPv2 support for CRS317
Replies: 24
Views: 83499

Re: IEEE1588 PTPv2 support for CRS317

Maybe you could give us some feedback if you would like to use that feature in our CRS switches? What additional options you would like us to add for this feature? from a provider point-of-view - this is nice to have, but honestly I'd prefer other chip-features implemented available on crs317 hardw...
by hknet
Fri Feb 07, 2020 3:52 am
Forum: Useful user articles
Topic: Using RouterOS to QoS your network - 2020 Edition
Replies: 275
Views: 504272

Re: Using RouterOS to QoS your network - 2020 Edition

as this is trending and the initial target if I understand it correctly was VoIP priority, here is a small example on how we do it. the assumption is like this: download-link can be oversaturated, though this is not desireable we usually can't do much about it if incoming packets are thrown at the C...
by hknet
Fri Feb 07, 2020 2:43 am
Forum: General
Topic: CRS3xx Q-in-Q MTU max 1496?
Replies: 5
Views: 2495

Re: CRS3xx Q-in-Q MTU max 1496?

after talking to support - this is kind of by design:
https://wiki.mikrotik.com/wiki/MikroTik ... t_Ethernet

S+RJ10 modules deliver MTU at max 1504 for linkspeeds up to 1Gbps....

this was unexpected.
by hknet
Thu Feb 06, 2020 4:59 am
Forum: General
Topic: CCR1072 or VyOS on 3.6ghz CPu?
Replies: 3
Views: 2165

Re: CCR1072 or VyOS on 3.6ghz CPu?

stuff to read: https://www.intel.com/content/dam/www/public/us/en/documents/case-studies/att-cpu-impact-on-packet-processing-perfomance-paper.pdf you will get no where near the packets per second the CCR can handle. suggestion would be to rethink your setup, the added value of 10x full-routingtable ...
by hknet
Thu Feb 06, 2020 4:31 am
Forum: General
Topic: CRS3xx Q-in-Q MTU max 1496?
Replies: 5
Views: 2495

Re: CRS3xx Q-in-Q MTU max 1496?

little update on this case: the problem seems to be related to S+RJ10 modules.
after moving to a "classic" sfp module - the payloadsize is back to at least 1500...
by hknet
Tue Feb 04, 2020 4:37 am
Forum: General
Topic: CRS3xx Q-in-Q MTU max 1496?
Replies: 5
Views: 2495

Re: CRS3xx Q-in-Q MTU max 1496?

for the record L2MTU on all ports (and the bridge) is well above 1500 - if you never tested Q-in-Q on these switch-models please do not speculate :)
by hknet
Sat Feb 01, 2020 3:09 am
Forum: General
Topic: CRS3xx Q-in-Q MTU max 1496?
Replies: 5
Views: 2495

CRS3xx Q-in-Q MTU max 1496?

at first there was disbelieve, but when we try to transport QinQ frames through this switch (testing on CRS317) we obviously get into a frame-size problem. the usual setup works: one accessport (removing the outer-tag) and one provider port sending and receiving a trunk of outer tags. if we would li...
by hknet
Fri Jan 31, 2020 4:25 am
Forum: Forwarding Protocols
Topic: Create BGP Peer within VRF
Replies: 10
Views: 10525

Re: Create BGP Peer within VRF

praise to @tomranson

indeed the criteria: two MTs having both their BGP-peers in VRFs then you _must_ use the routing rule to do a forced lookup for the other BGP peer IP and then force the policy-route to be resolved via the specific routing-table.
by hknet
Mon Jul 29, 2019 2:06 pm
Forum: Scripting
Topic: Fake IPv6 recursive nexthops
Replies: 3
Views: 4010

Re: Fake IPv6 recursive nexthops

+1
nice idea :)
by hknet
Wed Apr 03, 2019 8:59 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 110
Views: 49874

Re: IPv6 recursive nexthops via iBGP

#funfact a little over three years ago we were teased about the working solution with ROSv7 and we were shown a printout on how it behaves, but that's about it I guess... actually I guess that's one main reason we use MTs for layer2-setups and as CPEs, the core is and probably will be junipers and c...
by hknet
Fri Nov 02, 2018 9:29 pm
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 169213

Re: v6.44beta [testing] is released!

Hi regarding the issue: bridge - fixed packet forwarding when changing MSTI VLAN mappings could someone from MT please elaborate? we have been quite unsuccessfull integrating crs317 devices in our network using MSTP the RSTP from other devices arriving on vlans is simply not being replicated to othe...
by hknet
Wed Oct 24, 2018 3:29 am
Forum: Announcements
Topic: v6.43.4 [stable] is released!
Replies: 78
Views: 50790

Re: v6.43.4 [stable] is released!

Hi
upgraded CCR1072 - works fine.
but: snmp, warning arises with "timeout while waiting for program 79"
which is not ideal.

regards,
hk
by hknet
Tue Sep 11, 2018 12:01 am
Forum: Announcements
Topic: v6.43 [current] is released!
Replies: 147
Views: 70828

Re: v6.43 [current] is released!

*bridge - added per-port based "tag-stacking" feature trying to wrap my head around this vs the (previous) QinQ support by using ethertype=0x88a8 if I'm not mistaken this is now the more common support for QinQ using 0x8100 frames packing another 0x8100 frame into it (aka stacking). my que...
by hknet
Mon Sep 10, 2018 11:44 pm
Forum: Announcements
Topic: v6.43 [current] is released!
Replies: 147
Views: 70828

Re: v6.43 [current] is released!

Do I read this correctly as _no_ routerboard-firmware upgrade is usually required coming from 6.43rc or 6.42.7?

thx
hk
by hknet
Sat Aug 25, 2018 10:04 am
Forum: Announcements
Topic: Security announcement blog
Replies: 117
Views: 73546

Re: Security announcement blog

RSS is good, but will be nice to have some mailing list for security announcement and firmware update
+1 for security announcement mailinglist
+2
by hknet
Fri Aug 24, 2018 10:23 am
Forum: Announcements
Topic: v6.42.7 [current] is released!
Replies: 159
Views: 69868

Re: v6.42.7 [current] is released!

Well you guys did want a security blog and more awareness. Now you complain that the issues are not serious enough :D We will try to find a balance. I hope you understand that when you post a new version AND update the bugfix version at the same time, mentioning 4 security issues that have no descr...
by hknet
Tue Jul 31, 2018 11:02 pm
Forum: Forwarding Protocols
Topic: VPLS with QinQ breakouts?
Replies: 1
Views: 1756

VPLS with QinQ breakouts?

Hi this might be a tricky one, any food for thought would be appreciated (and consulting offers are welcome too if you know what you're doing). The scenario goes like this: there is one QinQ port that is shared between several users of this shared infrastructure. the s-tags are generated per infrast...
by hknet
Tue Jul 31, 2018 3:38 pm
Forum: General
Topic: CCR1072 microSD howto?
Replies: 1
Views: 905

CCR1072 microSD howto?

Hi
feeling a bit dumb, but has anyone ever managed to use a microSD in the ccr1072?

we seem to be unable to solve this riddle.

and while we are at it any tested smartcards for the smart card slot?

thx
hk
by hknet
Mon Jul 23, 2018 6:23 pm
Forum: Forwarding Protocols
Topic: set next-hop anyhow?
Replies: 2
Views: 3540

set next-hop anyhow?

Hi on a cisco router we do something like this: route-map RK permit 50 match ip address RK set ip next-hop 192.168.1.1 this route-map is then bound to an interface that is the incoming gateway for packets like interface vl10 ip policy route-map RK in other words if the source IP matches the RK addre...
by hknet
Sat Jul 21, 2018 7:52 am
Forum: Announcements
Topic: v6.42.6 [current]
Replies: 102
Views: 63941

Re: v6.42.6 [current]

after seeing issues with CRS317 an 1G SFPs (not 10G) not linking with latest 6.43rc44 (getting auto negotiation as incomplete) we tested a downgrade to the current 6.42.6 and see auto negotiation failed. copper 1G SFPs do not see any advertised 10/100/1000M link-speeds while the other end gets auton...
by hknet
Fri Jul 20, 2018 11:44 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 557
Views: 222401

Re: v6.43rc [release candidate] is released!

model: CRS317-1G-16S+
release: v6.43rc44

we use some ports with non-10G SFPs (ie 1G-SX and 1G-TX modules with fiber and copper).

those modules get auto negotiation 'incomplete', while claiming the link is ok but no working datatransmission can be established.

regards,
hk
by hknet
Fri May 18, 2018 5:56 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 557
Views: 222401

Re: v6.43rc [release candidate] is released!

I like: "crs3xx - added initial Q-in-Q hardware offloading support (CLI only);"
could someone please point me to the correct manual/wiki entry on this one?
by hknet
Thu May 17, 2018 9:35 pm
Forum: General
Topic: Bug: CRS317 cuts off C-tag in qinq packets
Replies: 27
Views: 7209

Re: Bug: CRS317 cuts off C-tag in qinq packets

I don't know the inner workings of CRS3xx but...
q.e.d.
by hknet
Tue May 15, 2018 4:27 am
Forum: General
Topic: Bug: CRS317 cuts off C-tag in qinq packets
Replies: 27
Views: 7209

Re: Bug: CRS317 cuts off C-tag in qinq packets

@RoadkillX you do not test your setup on the mentioned HW therefore it's invalid and not what anybody was asking for. @TestCRS thx for the ethertype reminder from RoadkillX I found the relatively simple case to do: set the vlan added to the bridge with "use service tag" and you should be f...
by hknet
Sun May 13, 2018 11:33 pm
Forum: General
Topic: Bug: CRS317 cuts off C-tag in qinq packets
Replies: 27
Views: 7209

Re: Bug: CRS317 cuts off C-tag in qinq packets

QinQ requires intervlan. it's a vlan interface inside another vlan interface so revisit the docs ;-), to be more clear QinQ requires 2 vlan interfaces which can't be hw-offloaded because they are L3. you might brush up your knowledge, you are misinformed and did not read the first post to understan...
by hknet
Sun May 13, 2018 11:07 pm
Forum: General
Topic: Bug: CRS317 cuts off C-tag in qinq packets
Replies: 27
Views: 7209

Re: Bug: CRS317 cuts off C-tag in qinq packets

it should do 10Gb within the same vlan but not intervlan
the original poster was never talking about inter-vlan-anything maybe you should revisit the original problem-report.
by hknet
Sun May 13, 2018 10:12 pm
Forum: General
Topic: Bug: CRS317 cuts off C-tag in qinq packets
Replies: 27
Views: 7209

Re: Bug: CRS317 cuts off C-tag in qinq packets

This is not a bug, its clearly misconfiguration respectfully disagree - the CRS and the new bridge-hardware-accelleration config to use it as a switch and get hardware-forwarding is what the original poster tried to achieve imho (and I see no flaw in the config); you are referencing the implementat...
by hknet
Sun May 13, 2018 9:49 am
Forum: General
Topic: Bug: CRS317 cuts off C-tag in qinq packets
Replies: 27
Views: 7209

Re: Bug: CRS317 cuts off C-tag in qinq packets

I cant se your C tag in your setup. A ctag is a vlan to a vlan interface... You need to paste your complete setup with vlan tagged to another vlan interface. well, I guess there is no specific c-tag configured (as the CRS317 wouldn't support qinq in hardware anyway), therefore the claimed s-tag (vl...
by hknet
Tue May 01, 2018 5:56 am
Forum: RouterBOARD hardware
Topic: CRS 317 support 802.1ad QinQ
Replies: 15
Views: 8066

Re: CRS 317 support 802.1ad QinQ

As other people wonder - Are we/Have we gotten hardware support for QinQ?
Doesn't look like it, though the Marvell 98DX8216 is a metro chipset (marvell's words) which would suggest 802.1ad should be available at the HW level.
But my guess is we won't see this with this HW.

regards,
hk
by hknet
Tue May 01, 2018 1:28 am
Forum: Forwarding Protocols
Topic: What Mikrotik product is the fastest for BGP with 10-gig load with 2 BGP feeds ?
Replies: 11
Views: 6094

Re: What Mikrotik product is the fastest for BGP with 10-gig load with 2 BGP feeds ?

Did not found how to pm here. Wonna honest answer? Go mx80 for your business. second that. if you could talk your upstreams into limiting your bgp-view (ie only local routes and no full feed) you might still have fun with CCRs. Would you mind elaborating a bit more in detail, why your suggestion to...
by hknet
Tue May 01, 2018 12:07 am
Forum: General
Topic: Which types of ports would you like to see for a high speed router
Replies: 179
Views: 58872

Re: Which types of ports would you like to see for a high speed router

12 x SFP+ (10G)
4 x QSFP (4x10G)
1 x Management (no PoE)
1 x serial management
second that.
by hknet
Wed Apr 25, 2018 3:50 am
Forum: Announcements
Topic: v6.42.1 [current]
Replies: 272
Views: 98682

Re: v6.42.1 [current]

EoIP Ethernet Frame issue is still there (introduced in 6.42 breaking fragmenting big frames somehow broken) verified on RB2011 and sent supout to MT-support.
by hknet
Tue Apr 17, 2018 10:20 pm
Forum: Announcements
Topic: v6.42 [current]
Replies: 147
Views: 76681

Re: v6.42 [current]

it seems we lost packet fragmentation for EoIPs connecting bridges between two MTs we no longer can transport big pppoe-frames there; was working with 6.41.4
by hknet
Mon Apr 16, 2018 7:34 pm
Forum: Forwarding Protocols
Topic: Access Web SSH through VLAN IP in seperate VRF
Replies: 5
Views: 2966

Re: Access Web SSH through VLAN IP in seperate VRF

Web, winbox, ssh etc access to the router works only in main routing table. It isn't totally correct. Because if you've got access to the Internet from main route table, mikrotik gets inbound request on VRF interface and sends reply via Internet interface in main route table. Is it possible to chan...
by hknet
Sun Apr 15, 2018 1:37 am
Forum: General
Topic: MLPPP second link flapping
Replies: 2
Views: 1085

Re: MLPPP second link flapping

well after fixing the threshold issue on the ciscos-side we see a MLPPP issue on the mikrotk end... it can be reproduced quite simply: if we max out all our mlppp-pppoe-links (using bw-test) then we see dropped links which are established immediately, but the linkd-down causes loss in bandwidth and ...
by hknet
Sat Apr 14, 2018 12:51 pm
Forum: General
Topic: MLPPP second link flapping
Replies: 2
Views: 1085

Re: MLPPP second link flapping

it's a cisco issue, the box believes it has to drop link though fully loaded...
by hknet
Fri Apr 13, 2018 6:14 pm
Forum: General
Topic: MLPPP second link flapping
Replies: 2
Views: 1085

MLPPP second link flapping

Hi we test MLPP on ROS 6.41.4 using two ethernet-interfaces and a PPPoE interface that uses those interfaces and connect successfully. We tested using 2 and 4 (i.e. using eth1 twice and eth2 twice) links. the interesting phenomenon is that we always loose the second pppoe-session (pppoe1.2) no matte...
by hknet
Sat Mar 31, 2018 10:05 pm
Forum: Forwarding Protocols
Topic: What Mikrotik product is the fastest for BGP with 10-gig load with 2 BGP feeds ?
Replies: 11
Views: 6094

Re: What Mikrotik product is the fastest for BGP with 10-gig load with 2 BGP feeds ?

Did not found how to pm here. Wonna honest answer? Go mx80 for your business.
second that. if you could talk your upstreams into limiting your bgp-view (ie only local routes and no full feed) you might still have fun with CCRs.
by hknet
Sat Mar 31, 2018 9:46 pm
Forum: Announcements
Topic: Urgent security advisory
Replies: 110
Views: 142402

Re: Urgent security advisory

We see a development (and others too) port scanning for winbox 8291 is dropping while port 2000 (bandwidth-test-service) is going strong.
Also telnet ist still highly active with those hijacked mikrotiks.
by hknet
Thu Mar 29, 2018 3:41 pm
Forum: The Dude
Topic: Dude v6/v7 - Feature request list
Replies: 109
Views: 154946

Re: Dude v6 - Feature request list

please enable the dude to connect to routeros devices on other than the default port (eg. multiple devices on different winbox-ports or multiple devices behind one nat-gateway and portmapping active); connecting to those boxes via winbox is done using ip:port but the dude does not allow this, specif...
by hknet
Wed Mar 28, 2018 11:11 pm
Forum: Announcements
Topic: Urgent security advisory
Replies: 110
Views: 142402

Re: Urgent security advisory

Just to make it clear: only devices running a not up-to-date RouterOS version are affected, whose HTTP port (TCP/80) are open and provides the login facility and management GUI, right? I never allow unencrypted connections and always disable the HTTP and HTTPS interfaces. Only SSH and Winbox is ena...
by hknet
Sat Mar 17, 2018 1:55 am
Forum: RouterBOARD hardware
Topic: CRS 317 support 802.1ad QinQ
Replies: 15
Views: 8066

Re: CRS 317 support 802.1ad QinQ

as we are approaching v6.42 is no-QinQ-in-hardware still the case with the upcoming release?
by hknet
Sun Sep 03, 2017 9:17 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 110
Views: 49874

Re: IPv6 recursive nexthops via iBGP

Well "Nexthop self" in an bgp environment is an abomination. It should not be needed - agreed, but real world teaches us: One looses an external interface and therefore the nexthop is removed from the IGP. In a small network this converges fast and causes virtually no service disruption. T...
by hknet
Sun Sep 03, 2017 3:03 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 110
Views: 49874

Re: IPv6 recursive nexthops via iBGP

Hi. RR's need not to be in data path (most often aren't) so please consider your own setup before fiddeling with above statement. ahem, the nexthop delivered by RRs was not implying the nexthop in fact is the RR, in fact the nexthop is usually the IP set by "next-hop self" (or similar) by...
by hknet
Tue Aug 29, 2017 5:39 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 110
Views: 49874

Re: IPv6 recursive nexthops via iBGP

Hi saw this thread reactivated :) The only workaround we have seen so far for iBGP IPv6 routes to get active is to add a static ipv6 route for the loopback IP for the next-hop delivered through the route-reflectors. (again tested with RouterOS 6.40.2) If there is any workaround, I'd be glad to hear ...
by hknet
Wed Feb 22, 2017 3:38 am
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 613
Views: 256127

Re: RouterOS v7.0 beta1 - when?

as we won't get ROSv7 anytime soon, anyone with knowledge how to crosscompile for the CCR platform and build a system to run quagga or similar? But does it support multi thread? Last time I read quaggas docs it says that quagga is planned to support but so does not have the right libs for that... T...
by hknet
Sun Jan 15, 2017 4:09 pm
Forum: Forwarding Protocols
Topic: Redundant / Load Balancing VPN tunnel with 4 routers
Replies: 1
Views: 1319

Re: Redundant / Load Balancing VPN tunnel with 4 routers

Hi tunnels sound like a plan, you then could talk ospf on those tunnels and between routers A+B and C+D. In order to get your upstream in the datacenter to make connectivity redundant you would need to speak some routing protocol there too, usually BGP might be an option, alternate you can form VRRP...
by hknet
Sun Jan 15, 2017 1:18 pm
Forum: Forwarding Protocols
Topic: BGP Advertisements Harassing Server
Replies: 2
Views: 1676

Re: BGP Advertisements Harassing Server

if you just want to suppress this advertisement - do it using a route-filter.
by hknet
Sat Jan 14, 2017 10:57 pm
Forum: Forwarding Protocols
Topic: BGP Routing Help
Replies: 5
Views: 2162

Re: BGP Routing Help

Posting questions and reading answers in forums is already doing some reading. :) Where did you get the two ISP idea? I'd suggest doing some reading on BGP, two ISPs having the same AS is not two ISPs :) probably from: add name=toISP2 add name=toISP1 if you would like to have two links to one ISP a...
by hknet
Sat Jan 14, 2017 12:47 am
Forum: Forwarding Protocols
Topic: Create BGP Peer within VRF
Replies: 10
Views: 10525

Re: Create BGP Peer within VRF

sidenote: you might also notice that you won't see the advertised prefixes in bgp advertisements as vrf advertised prefixes aren't shown there.
by hknet
Sat Jan 14, 2017 12:43 am
Forum: Forwarding Protocols
Topic: BGP Routing Help
Replies: 5
Views: 2162

Re: BGP Routing Help

I'd suggest doing some reading on BGP, two ISPs having the same AS is not two ISPs :)
by hknet
Sat Jan 14, 2017 12:32 am
Forum: Forwarding Protocols
Topic: Need Suggestion CCR
Replies: 3
Views: 1636

Re: Need Suggestion CCR

The mentioned 154 Mbps by your carrier make the access technology smell like ATM. LACP over ATM might create some issues :) Therefore as you have a CCR you might ask your provider to host a small mikrotik for you at one of their PoPs near you. using eg. EoIP-tunnels over each 100M link you get you c...
by hknet
Sat Jan 14, 2017 12:11 am
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 613
Views: 256127

Re: RouterOS v7.0 beta1 - when?

as we won't get ROSv7 anytime soon, anyone with knowledge how to crosscompile for the CCR platform and build a system to run quagga or similar?
by hknet
Tue Jan 03, 2017 10:25 pm
Forum: Announcements
Topic: v6.39rc [release candidate] is released
Replies: 390
Views: 138572

Re: v6.39rc [release candidate] is released

"ppp optimized for multicore" - on all platforms?
by hknet
Tue Jan 03, 2017 10:23 pm
Forum: Announcements
Topic: The Dude, v6.38 [current] release.
Replies: 77
Views: 39207

Re: The Dude, v6.38 [current] release.

Is anyone else having issues with the tools > Winbox tool not showing up on the client for the Dude? I tried version 6.38 and 6.39rc4 and am getting the same result. I upgraded from the previous version 6.37.3 and had no issues. Thanks, Lynn the end of the starting post should help :) -> winbox can...
by hknet
Tue Jan 03, 2017 9:30 pm
Forum: Announcements
Topic: v6.38 [current] is released!
Replies: 168
Views: 63675

Re: The Dude, v6.38 [current] release.

any details on the obviously also new RouterBoard Firmware v.3.36?
by hknet
Sat Oct 08, 2016 6:02 am
Forum: Virtualization
Topic: CHR feature requests
Replies: 81
Views: 36969

Re: CHR feature requests

Hi, first of all: loving it ;) specific to CHR I'd ask for a way to automate deployment, be it to do a dhcp-client-request on the first interface found and get a config file specific for this box by eg requesting a tftp-file based on the mac# of this interface. and for an easy system-reset a specifi...
by hknet
Sun Sep 11, 2016 12:50 pm
Forum: Announcements
Topic: v6.36.3 [current] is released!
Replies: 43
Views: 24514

Re: v6.36.3 [current] is released!

Hi to add to our l2tp-server experience: we have fastpath active - fine. We also "allow fastpath" for the l2tp-server. Though as soon as a client connects fastpath is deactivated. edit: fixed it, got to set "change tcp mss" to no it seems, not quite sure if this is a working way ...
by hknet
Sun Sep 11, 2016 7:17 am
Forum: Announcements
Topic: v6.36.3 [current] is released!
Replies: 43
Views: 24514

Re: v6.36.3 [current] is released!

Problems with server l2tp!!!
fyi - tested l2tp-server on CHR v6.36.3 - works fine - maybe you should elaborate your problem.

regards
hk
by hknet
Sat Sep 10, 2016 8:20 pm
Forum: General
Topic: mass rollout best practice?
Replies: 4
Views: 1608

mass rollout best practice?

We'd like to use some model-configs built for MikroTik CPEs. At the moment a simple way to roll this out is backing up the whole config and restoring it into the new devices, downside is the MAC# are also copied. Is there a sane way to roll out custom "default configs" or more ideally is t...
by hknet
Sat Sep 10, 2016 3:37 am
Forum: Announcements
Topic: v6.36.3 [current] is released!
Replies: 43
Views: 24514

Re: v6.36.3 [current] is released!

ahem, is there by design no dude-client for 6.36.3?
(just let me know if going back to 6.36.2 is the way to go pls)
by hknet
Tue Sep 06, 2016 4:17 pm
Forum: Announcements
Topic: v6.36.3 [current] is released!
Replies: 43
Views: 24514

Re: v6.36.3 [current] is released!

Hi
it seems the dude client is missing for now?

Regards
hk
by hknet
Sun Sep 04, 2016 8:56 pm
Forum: Virtualization
Topic: KVM inside CHR?
Replies: 4
Views: 6612

KVM inside CHR?

Hi
I'm also quite impressed with CHR, the only thing that got me thinking so far is the KVM inside the CHR :)

Should this work somehow or should it just be removed?

Regards
hk
by hknet
Fri Aug 12, 2016 9:37 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 212131

Re: Blacklist Filter update script

Hi currently testing your script on four small RBs. 2 x RB750UP - installed and works fine. 1 x hEX PoE lite - installed and works fine. another hEX PoE lite yet fails: /sys scr run updateBlacklist status: failed failure: closing connection: <400 Bad Request> 172.102.241.58:443 (4) Therefore I'd ask...
by hknet
Fri Aug 12, 2016 1:18 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 212131

Re: Blacklist Filter update script

This initiative by IntrusDave makes for an interesting read! I'd ask IntrusDave to consider delivering this blacklist in another format if possible, this would allow different use-cases, especially multiple 10G+ uplinks make it hard to handle stuff using firewall policies and blackhole-routes would ...
by hknet
Fri Aug 12, 2016 12:55 am
Forum: General
Topic: Tunnel to Natted remote lan
Replies: 3
Views: 1203

Re: Tunnel to Natted remote lan

http://wiki.mikrotik.com/wiki/Manual:Interface/SSTP

-> only one portforward on your side needed at the firewall you can control and you're done.
(lots of things to config though)
by hknet
Fri Aug 12, 2016 12:42 am
Forum: General
Topic: Fastpath on vlan interface.
Replies: 15
Views: 5966

Re: Fastpath on vlan interface.

and there's one more thing... in case you have routing-marks for anything anywhere in your system, this will prevent fastpath, even if it's an inactive RIP-setting ;) and - as far as I found out - there is no way to clear the routing-mark table in the kernel via RouterOS and therefore you're stuck o...
by hknet
Thu Aug 11, 2016 8:39 pm
Forum: General
Topic: Feature request: MLPPP server
Replies: 31
Views: 13126

Re: Feature request: MLPPP server

YMMV, but we usually prefer per packet load-sharing (ppls), especially for customer-connections. typically because: a) lower cpu overhead, b) independent layer3 connections (monitoring is easy), c) policies can decide for different paths in case then again, while activating ppls is just an interface...
by hknet
Thu Aug 11, 2016 2:10 pm
Forum: General
Topic: Fastpath on vlan interface.
Replies: 15
Views: 5966

Re: Fastpath on vlan interface.

well after several support-mails to and from Mikrotik (thanks guys!)
we got fastpath active - the last issue was an ipv6 firewall policy - this also breaks fastpath.
by hknet
Wed Aug 10, 2016 1:24 am
Forum: General
Topic: Fastpath on vlan interface.
Replies: 15
Views: 5966

Re: Fastpath on vlan interface.

I'm a little talking to myself here :) To make the analysis a bit harder in terms of performance, if I read all this stuff correctly one has to have onnectiontracking on auto in order to get fastpath/fasttrack. On the other hand onnectiontracking seems to take cpu cycles, which is again not good for...
by hknet
Tue Aug 09, 2016 11:34 pm
Forum: Forwarding Protocols
Topic: BFD + OSPF + CCR1036 Issue
Replies: 27
Views: 23849

Re: BFD + OSPF + CCR1036 Issue

It is best to avoid BFD until v7 is released.
well, removed it for the time being, as I like stable :)
might try to run it in the future, if MT care to comment on the issue.
by hknet
Tue Aug 09, 2016 11:13 pm
Forum: Forwarding Protocols
Topic: MIkrotik BGP Monitoring
Replies: 64
Views: 38038

Re: MIkrotik BGP Monitoring

Ah has that been implemented? That was a feature I once requested... Will certainly have a look into that! However, currently I am not able to check for new RC version, maybe it has been taken down due to discovering a serious error? releasenote for 6.37rc10 says: snmp - added script table which ex...
by hknet
Tue Aug 09, 2016 1:24 am
Forum: Forwarding Protocols
Topic: ospf interface comment forces reload?
Replies: 1
Views: 1178

ospf interface comment forces reload?

we try to be good admins and do comment interfaces, instances and so on... quite unexpected is the behaviour if I add or change a comment of an ospf interface definition via winbox's fancy yellow comment icon. pressing "enter" to finalize the comment kicks the ospf neighbor association and...
by hknet
Tue Aug 09, 2016 1:16 am
Forum: Forwarding Protocols
Topic: MIkrotik BGP Monitoring
Replies: 64
Views: 38038

Re: MIkrotik BGP Monitoring

well, snmp by the standard would of course be fine, but the current RC promises to have a snmp to script interface which should allow for some interesting private OIDs :)
by hknet
Tue Aug 09, 2016 1:14 am
Forum: Forwarding Protocols
Topic: BFD + OSPF + CCR1036 Issue
Replies: 27
Views: 23849

Re: BFD + OSPF + CCR1036 Issue

just as a "fun fact" note: RouterOS v6.36 on a CCR1036 speaking bfd on a single 1G copper link (OSPF) with a Cisco (IOS 15.2(4)S7) does seem to carry a (at least for now) stable BFD interface (29 minutes and counting)
by hknet
Mon Aug 08, 2016 7:35 pm
Forum: Forwarding Protocols
Topic: MIkrotik BGP Monitoring
Replies: 64
Views: 38038

Re: MIkrotik BGP Monitoring

Sounds in the end you'd monitor your routereflectors :-)
*scnr*
by hknet
Mon Aug 08, 2016 7:03 pm
Forum: Forwarding Protocols
Topic: MIkrotik BGP Monitoring
Replies: 64
Views: 38038

Re: MIkrotik BGP Monitoring

Hi pe1chl,
I bet you, you don't want this hovering-feature on bgp peers transmitting a full v4 (or even v6) table as this would simply take quite long :)

Regards,
hk
by hknet
Mon Aug 08, 2016 6:51 pm
Forum: General
Topic: Fastpath on vlan interface.
Replies: 15
Views: 5966

Re: Fastpath on vlan interface.

Well I'm finally totally puzzled about fastpath/fasttrack - in /ip settings we see this: https://oc.kapper.net/public.php?service=files&t=c28166da8ec363eca0adadfb288edf02&download while on the other hand the interface stats show: https://oc.kapper.net/public.php?service=files&t=80d3e250b...
by hknet
Mon Aug 08, 2016 6:31 pm
Forum: Forwarding Protocols
Topic: BGP instance suddenly disabled?
Replies: 4
Views: 1471

Re: BGP instance suddenly disabled?

Hi,
no language problem here, he still has access ;)

I can only second your opinion on MikroTik's BGP, while it likes restarts for changes to its configuration it on the other hand needs an extra push to use updated filterrules :)

regards
hk
by hknet
Mon Aug 08, 2016 4:49 pm
Forum: Forwarding Protocols
Topic: BGP instance suddenly disabled?
Replies: 4
Views: 1471

Re: BGP instance suddenly disabled?

not ruling the junior out, but I'm a quite trusting guy on the other hand, because people at our company are allowed to make errors and not get expelled :)

on the positive side: we now do extensive bgp monitoring for the mikrotik boxes in our network...
by hknet
Mon Aug 08, 2016 3:07 pm
Forum: Forwarding Protocols
Topic: MIkrotik BGP Monitoring
Replies: 64
Views: 38038

Re: MIkrotik BGP Monitoring

Dear Pincio, thank you for updating your code, maybe you'd like to put this together in one command request like this: my @cmd = ("/routing/bgp/peer/print","=status=","?remote-address=". $ng->get('peer'),"=.proplist=prefix-count,state"); this way you can simpl...
by hknet
Mon Aug 08, 2016 7:24 am
Forum: General
Topic: Fastpath on vlan interface.
Replies: 15
Views: 5966

Re: Fastpath on vlan interface.

to fast-path or not to fast-path... Dear MikroTik could you please update http://wiki.mikrotik.com/wiki/Manual:Fast_Path ? in RouterOS 6.36 on CCR1036 we currently see: VLAN outgoing traffic is not fastpath, while the interface the VLAN is tagged to shows its packets sent via fastpath? on the other ...
by hknet
Sun Aug 07, 2016 10:28 pm
Forum: Forwarding Protocols
Topic: MIkrotik BGP Monitoring
Replies: 64
Views: 38038

Re: MIkrotik BGP Monitoring

Thanks Cha0s,
this definitely did the trick!

finally the prefix-count can be checked for a remote peer IP like this:
my @cmd = ("/routing/bgp/peer/print","=status=","?remote-address=". $ng->get('peer'),"=.proplist=prefix-count");
regards
hk
by hknet
Sun Aug 07, 2016 9:52 pm
Forum: Forwarding Protocols
Topic: LDP Neighbor - No Addresses shown
Replies: 4
Views: 3826

Re: LDP Neighbor - No Addresses shown

Hi
would you care to share how you put those filters in place?

thank you in advance,
hk
by hknet
Sun Aug 07, 2016 8:25 pm
Forum: Forwarding Protocols
Topic: MIkrotik BGP Monitoring
Replies: 64
Views: 38038

Re: MIkrotik BGP Monitoring

https://github.com/pincioc/check_bgp_mikrotik_nagios Hey pincio, thanks for the API idea, though if possible I'd ask you to go with https://github.com/efaden/MikroTikPerl as the api library. (ssl support and so on) based on your script I was able to check the route-count in a specific vrf: my @cmd ...
by hknet
Sun Aug 07, 2016 6:30 pm
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 110
Views: 49874

Re: IPv6 recursive nexthops via iBGP

after reading this thread I'm still trying to make sense, so I conclude: OSPFv3 and Loopback-bridge-interfaces with /128 IPv6 addresses assigned in RouterOS will only be shown reachable if one sets an admin-mac to the bridge (named eg Loopback0). well, that's not 100% intuitive, but I guess that's s...
by hknet
Sat Aug 06, 2016 8:20 pm
Forum: Scripting
Topic: Mikrotik API “no such command” when trying to get count-only of PPP connections
Replies: 5
Views: 5823

Re: Mikrotik API “no such command” when trying to get count-only of PPP connections

maybe some kind soul at MikroTik could update the wiki page http://wiki.mikrotik.com/wiki/Manual:API#Query_word to mention the count-only attribute to queries, it took me hours to figure this one out...
by hknet
Sat Aug 06, 2016 1:25 am
Forum: General
Topic: CCR SNMP monitoring
Replies: 3
Views: 1707

Re: CCR SNMP monitoring

thanks, but this is the linux-style cpu-load value imho, therefore no percent usage for the whole box.
also getting 72 cpu load values and making some sense for alert values makes me quite clueless here.
by hknet
Fri Aug 05, 2016 11:46 pm
Forum: Scripting
Topic: perl API client
Replies: 109
Views: 68704

Re: perl API client

well, I'm a bit lost, anyone knowing which perl API might be maintained? it seems the later "MikroTik.pm" is no more working for scripts originally based on the "Mtik.pm" by Hugh. our nagios checks use the older lib. now I ran into a problem - I'm trying to implement something li...
by hknet
Fri Aug 05, 2016 4:56 pm
Forum: General
Topic: CCR SNMP monitoring
Replies: 3
Views: 1707

CCR SNMP monitoring

Hi we're trying to monitor critical values of CCR systems in our network. the idea was: there's linux running, so we should be able to monitor ample parameters. well, wenn it comes to CPU monitoring only one value is readable: ssCpuSystem.0 therefore I'd like to know: how to monitor cpu usage? and o...
by hknet
Wed Aug 03, 2016 6:20 pm
Forum: Forwarding Protocols
Topic: BGP instance suddenly disabled?
Replies: 4
Views: 1471

BGP instance suddenly disabled?

Hi strange thing happened to us today: CCR1036 running RouterOS v6.36 today suddenly disabled (all by itself!) a single BGP instance running. We investigated the issue, but the system is only manageable via private IPs and not exposed to remote access, therefore we are quite sure it did this thing b...
by hknet
Tue Aug 02, 2016 6:39 pm
Forum: Forwarding Protocols
Topic: BGP IPv6 route reflection
Replies: 27
Views: 10967

Re: BGP IPv6 route reflection

It is indeed a slippery slope. What if MikroTik took us to the test and started some outside funding project on kickstarter (or whatever crowdfinance portal) in order to get major development done? This way we could (hopfeully) keep our beloved MikroTik HW+SW, but we could help advance their efforts...
by hknet
Tue Aug 02, 2016 7:20 am
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 320
Views: 102548

Re: v6.37rc [release candidate] is released, only one wireless package!

What is the business reason to force the DFS on? Mikrotik should explain it really in details. There are rules that when radar is detected, the Ap should lower its tx power, sometimes, so there is not really necessary to leave the frequency. When radar is stopped, it can revert the tx power back to...
by hknet
Tue Aug 02, 2016 7:03 am
Forum: Forwarding Protocols
Topic: BGP IPv6 route reflection
Replies: 27
Views: 10967

Re: BGP IPv6 route reflection

There are several not so subtle things broken too. E.g.   - BFD - L3VPN + PE-CE BGP NLRI updates (NLRI updates do NOT occur when the best path changes) - IPV6  recursive next-hop lookup - VRF + BGP Passive Peers - Advertised Routes for BGP peers in a VRF - BGP often stops retrying connection attemp...
by hknet
Mon Jul 18, 2016 6:27 am
Forum: Forwarding Protocols
Topic: BGP IPv6 route reflection
Replies: 27
Views: 10967

Re: BGP IPv6 route reflection

We'd a similar issue, as we were running two RRs we could easily show to MT it doesn't work as expected.
They told us we should wait for ROS v7 as this is the only way they would fix this issue.
ergo do not try to use MT as RR for IPv6 running ROS v6.xx