Community discussions

Search found 744 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 15
by mducharme
Mon Jun 17, 2019 9:30 pm
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

First question: Are you changing the hardware queue type on the MikroTik's? What are you using and what settings? Second question: Are you using a common template for QoS settings and would you care to share it? First question: No we aren't. One thing you need to realize is that, at least on MikroT...
by mducharme
Mon Jun 17, 2019 6:15 am
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

Also, AirFiber (except for the AF5XHD) can only read CoS, so you have to copy DSCP to CoS for the AirFiber devices to be able to read it. CoS is really the most universal priority tag available - basically everything supports it, even if DSCP or MPLS EXP bits are not supported. The only downside of ...
by mducharme
Mon Jun 17, 2019 6:04 am
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

Ok but I have heard its best practice to use QoS tags at Layer3 as opposed to Layer2 so why not use DSCP tags instead of CoS? And does a MikroTik router actually do anything with DSCP tagged packets by default or does it need to configured with mangle or queue's to apply prioritization to traffic? ...
by mducharme
Mon Jun 17, 2019 5:26 am
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

The router-router links don't use VLAN's though They just speak to each other on the ethernet link i.e. ether5 on RouterA connects to PTP670 link connects to ether7 on RouterB So using the set priority mangle rule wouldn't do anything? Or would it still tag packets with native VLAN id so that prior...
by mducharme
Mon Jun 17, 2019 4:52 am
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

Here is an example setup from memory: concentrator <-cable-> P-1 <-radio-> P-2 <-radio-> PE <-cable-> CE (customer router) In this example VPLS tunnel runs from concentrator to PE router, so concentrator and PE apply MPLS labels. VPLS tunnel on concentrator would terminate on a bridge (running the P...
by mducharme
Mon Jun 17, 2019 4:15 am
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

Ok so i'm a bit confused as to which method to use here. So lets step it back and i'll give a couple of different scenario's that may need different methods Background: We primarily use Cambium radio's but do use some Ubiquiti and a few Mikrotik I'm going to talk about our backbone infrastructure a...
by mducharme
Sun Jun 16, 2019 10:20 pm
Forum: Wireless Networking
Topic: Guest Wi-Fi Captive Portal Setup
Replies: 1
Views: 108

Re: Guest Wi-Fi Captive Portal Setup

You can accomplish this with the hotspot feature in MikroTik - edit the login page to remove the "username" and "password" prompts, add the EULA, and rename the "Connect as Guest" link to "Accept EULA"
by mducharme
Fri Jun 14, 2019 4:53 am
Forum: General
Topic: vlan bridge to port [SOLVED]
Replies: 10
Views: 388

Re: vlan bridge to port [SOLVED]

What the OP is doing is OK and is simply the old way of creating "access" ports for VLANs where the VLAN is untagged (before bridge VLAN filtering). Doing it the old way can still be justified on platforms other than CRS3xx due to the fact that you can have VLANs while not losing hardware offload fo...
by mducharme
Thu Jun 13, 2019 8:50 am
Forum: General
Topic: Queues lie
Replies: 11
Views: 417

Re: Queues lie

Manifestly improbable, as our bandwidth tests quite often show speeds well in excess of any customer's bursted queue. I can run BTest from one end of our network to the other (three or four wireless hops) and see speeds in the range of of 80-140Mb. That speed will also be reflected in the first que...
by mducharme
Thu Jun 13, 2019 8:05 am
Forum: General
Topic: Queues lie
Replies: 11
Views: 417

Re: Queues lie

1-POE-Host is port 1 on the PowerBox, which would normally supply the host's own service, except the property is vacant currently so there's no connection. Here is a partial printout of the queue, the rest of the rules are identical except for address. sqcli.jpg OK Thanks. So, there are a few thing...
by mducharme
Thu Jun 13, 2019 7:43 am
Forum: General
Topic: Queues lie
Replies: 11
Views: 417

Re: Queues lie

It's pretty difficult to misconfigure simple queues. Queue, queue, queue, that's the one that matches this customer, we're done. There are no other queues. Removing them and putting exactly the same queues back should not fix a bandwidth problem like this... and yet it does. Can you share an export...
by mducharme
Thu Jun 13, 2019 7:14 am
Forum: General
Topic: Queues lie
Replies: 11
Views: 417

Re: Queues lie

You're not going to tell me the queues were not at fault here. You're also not going to tell me I had them configured wrong, because the configuration I put back was EXACTLY the same configuration that I wiped clean, and it worked just fine from then on… not only for this customer, but for about fi...
by mducharme
Thu Jun 13, 2019 6:04 am
Forum: General
Topic: Queues lie
Replies: 11
Views: 417

Re: Queues lie

This isn't a question, it's a warning. There is a bug of long standing in RouterOS that causes invisible, internal queue corruption. I have experienced it with both tree queues and simple queues, over a period of something like eight years, and have incontrovertibly proved it is happening. The symp...
by mducharme
Thu Jun 13, 2019 5:57 am
Forum: RouterOS v6 RC and v7 BETA
Topic: 10G support for Traffic Engineering
Replies: 1
Views: 189

Re: 10G support for Traffic Engineering

We've been running traffic-engineering based bandwidth limits for at least 5 years. Now that we have 10G interfaces, the 32bit limitation, or whatever the problem, is requiring us to look for different solutions for limiting vpls connections. You can use a queue tree on both sides of the VPLS tunne...
by mducharme
Wed Jun 12, 2019 11:50 pm
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

The other way around, UBNT AP no WDS with MikroTik client connected can often pass VLAN tagged traffic but sometimes it stops and needs to be re-associated to continue. Of course between 2 UBNT devices in WDS mode, and between 2 MikroTik devices in bridge mode there is no issue. In our case the UBN...
by mducharme
Wed Jun 12, 2019 10:57 pm
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

Ok, my experience with UBNT radios that are not in "WDS" mode has been that tagged VLAN traffic over the link does not always work correctly. As we have a mix of UBNT/MikroTik in het network (both at the AP and client side) we often cannot run in "WDS" mode. This should be the same difference as be...
by mducharme
Wed Jun 12, 2019 9:30 pm
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

With the UBNT devices, do you use VLAN tagging only on ethernet and then strip it in the radio, or extend VLAN all over the WiFi link? I have not-so-good experience with the latter when it is not in PtP mode. Sometimes it works fine, sometimes it fails in strange ways. We extend the VLAN over the W...
by mducharme
Wed Jun 12, 2019 6:22 pm
Forum: General
Topic: EoIP tunnels randomly fail
Replies: 8
Views: 357

Re: EoIP tunnels randomly fail

I have a x86 router now running 6.44.3, it was running 42.x, remotely we have a mixture of MK routers but most of them are GR3's We have 10 EoIP tunnels over L2Tp/IPSec vpn/bridge coming into that router. Every now and again one of the EoIP tunnels will drop. We can see traffic from both sides of t...
by mducharme
Wed Jun 12, 2019 5:01 pm
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

Well, when the radio is UBNT (quite common as they operate in the same market segment as MikroTik), the whole QoS thing will work automatically, also without VLAN tagging. It uses the WMM defined queue mapping based on DSCP high 3 bits with 4 queues. This is not true for all of their radios. We hav...
by mducharme
Wed Jun 12, 2019 8:57 am
Forum: Beginner Basics
Topic: My first Mikrotik Router - Firewall Help
Replies: 16
Views: 661

Re: My first Mikrotik Router - Firewall Help

Your port forwarding is not working because there is no firewall filter forward chain rule that allows that traffic.
by mducharme
Wed Jun 12, 2019 8:45 am
Forum: Forwarding Protocols
Topic: ❗️❓ UNSTABLE VPLS on Wireless networks
Replies: 12
Views: 610

Re: ❗️❓ UNSTABLE VPLS on Wireless networks

If you have MikroTik radios, use "set priority" action to 7 for OSPF traffic. If the radio is routing you can do that with a mangle rule, or if the radio is bridging you will need to do it with a bridge filter. That will prioritize it as long as you are using either NV2 or WMM. If you are using NV2 ...
by mducharme
Wed Jun 12, 2019 8:35 am
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

Also you should use new priority from dscp high 3 bits, not just from dscp. The mapping from-dscp is probably not what you want. DSCP high 3 bits results in a more useful mapping.
by mducharme
Wed Jun 12, 2019 8:20 am
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

So for all our routers just add a rule at the top of mangle with passthrough ticked 'set priority' new priority: from dscp And that's all thats needed? (Assuming DSCP is already set, otherwise add more mangle rules to set DSCP bits) No queue's added? Yes, *but* whatever you are using for wireless n...
by mducharme
Wed Jun 12, 2019 7:04 am
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 23
Views: 697

Re: QoS prioritization only, without shaping?

What wireless links are you using? In most cases, you will need to use a "set priority" mangle rule or bridge filter rule to prioritize the traffic.
by mducharme
Wed Jun 12, 2019 7:02 am
Forum: Forwarding Protocols
Topic: ❗️❓ UNSTABLE VPLS on Wireless networks
Replies: 12
Views: 610

Re: ❗️❓ UNSTABLE VPLS on Wireless networks

Decreasing downtime is good so certainly follow that feedback but also prioritize OSPF to prevent the downtime from happening in the first place. We have very reliable OSPF over wireless, in some places even set to broadcast (although as scampbell said point-to-point is better), that are completely ...
by mducharme
Tue Jun 11, 2019 9:33 pm
Forum: Forwarding Protocols
Topic: ❗️❓ UNSTABLE VPLS on Wireless networks
Replies: 12
Views: 610

Re: ❗️❓ UNSTABLE VPLS on Wireless networks

I don't find any good document about it, if is possible get some help that how can I configure it.
I don't have any QOS or priority configuration on routers / links.
What radios are you using?
by mducharme
Tue Jun 11, 2019 5:02 pm
Forum: Forwarding Protocols
Topic: ❗️❓ UNSTABLE VPLS on Wireless networks
Replies: 12
Views: 610

Re: ❗️❓ UNSTABLE VPLS on Wireless networks

We run long distance wireless links and do not experience this. Even if VPLS tunnels go down for some reason, they typically only take 10 seconds to come back, not 60. The 60 seconds makes me suspect that it is actually something else that is going down, most likely something like OSPF, or possibly ...
by mducharme
Thu Apr 11, 2019 12:16 am
Forum: Beginner Basics
Topic: Limit Bandwidth to Per IP
Replies: 5
Views: 359

Re: Limit Bandwidth to Per IP

it will effect only connection limit?? then what will i do for bandwidth limit???
I think what you want is PCQ - please see: https://wiki.mikrotik.com/wiki/Manual:Q ... Q_Examples
by mducharme
Wed Mar 13, 2019 9:21 am
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 274
Views: 55937

Re: v6.45beta [testing] is released!

*) dhcpv6-server - added RADIUS accounting support;
This is excellent news - does this also work with DHCPv6 servers over PPP (ex. PPPoE)?
by mducharme
Mon Mar 04, 2019 5:08 am
Forum: Announcements
Topic: v6.44 [stable] is released!
Replies: 219
Views: 30049

Re: v6.44 [stable] is released!

MikroTik as remote DHCP server for relay purposes (not connected directly to the network that DHCP is used on) stops giving leases after upgrade, seemingly due to new ARP conflict detection feature. Disabling conflict detection resolves the issue. Shouldn't this feature shut itself off if the router...
by mducharme
Sun Feb 17, 2019 11:49 pm
Forum: Announcements
Topic: v6.44rc [testing] is released!
Replies: 67
Views: 11002

Re: v6.44rc [testing] is released!

I upgraded from 6.43.12 and had two IPsec peers with RSA key auth. After upgrading to 6.44rc1, only one of the two peers was added to the new ipsec identities tab. I had to recreate the other to bring it up again.
by mducharme
Tue Jan 15, 2019 11:28 am
Forum: General
Topic: Asymmetric Routing
Replies: 7
Views: 455

Re: Asymmetric Routing

I will try a config reset later on Router 1. For the time being it's working in the opposite traffic flow.
can you run /ip route export and paste the results? And the same for /ip route print?
by mducharme
Tue Jan 15, 2019 10:58 am
Forum: General
Topic: Asymmetric Routing
Replies: 7
Views: 455

Re: Asymmetric Routing

Another thing to check - did you perhaps once have that 172.24.62.0/24 subnet set up directly on router1 and removed the IP but haven't rebooted since? Sometimes there can be strange issues caused by route caching when the cache isn't cleared properly.
by mducharme
Tue Jan 15, 2019 10:10 am
Forum: General
Topic: Asymmetric Routing
Replies: 7
Views: 455

Re: Asymmetric Routing

Hmmm. I would have thought while slightly unusual to setup asymmetrically, the Mikrotiks should be able to do this. It's just a matter of setting the static route for 172.24.62.0/24 to gateway IP 10.0.0.2. MikroTik does asymmetric routing and it is allowed by default. If it is not working, then you...
by mducharme
Tue Jan 15, 2019 9:26 am
Forum: General
Topic: Asymmetric Routing
Replies: 7
Views: 455

Re: Asymmetric Routing

Hello,

A router will in some cases try to use ARP to resolve a remote IP if gateway for one of the routes is incorrectly set to an interface instead of an IP address. Double check your routes and make sure you don't have a route where gateway is incorrectly set to an interface name instead of an IP.
by mducharme
Tue Jan 15, 2019 1:45 am
Forum: Forwarding Protocols
Topic: MPLS TE 2x 1gbps point to point links
Replies: 5
Views: 598

Re: MPLS TE 2x 1gbps point to point links

Hi Guys, I managed to get RSVP TE tunnel up and running between the two routers but traffic doesn't pass over it. I notice that the RSVP TE shows up as an Interface in the router. Should I configure an OSPF connection between the two routers on the RSVP TE interfaces? The issue I am currently havin...
by mducharme
Mon Jan 14, 2019 1:00 am
Forum: General
Topic: CCR1036-8G-2S+with HIGH CPU load
Replies: 9
Views: 712

Re: CCR1036-8G-2S+with HIGH CPU load

I read about the disabling SNMP, tried it too, didn't help for me. This is by the way what the CPU looks like after the reboot. Busy, but normal: cpu.JPG Yes this is exactly what happened to us. In our case it seemed to start when a winbox session terminated abnormally that had a large table open (...
by mducharme
Mon Jan 14, 2019 12:53 am
Forum: Forwarding Protocols
Topic: MPLS TE 2x 1gbps point to point links
Replies: 5
Views: 598

Re: MPLS TE 2x 1gbps point to point links

Hi,

This is accomplished by forcing one VPLS tunnel across one TE tunnel and the other VPLS tunnel across the other TE tunnel. The VPLS tunnels can then be used for load balancing.
by mducharme
Sun Jan 13, 2019 7:14 am
Forum: General
Topic: CCR1036-8G-2S+with HIGH CPU load
Replies: 9
Views: 712

Re: CCR1036-8G-2S+with HIGH CPU load

We experienced this previously - a reboot appeared to clear it. I noticed it happens on our router when a user session is "stuck" - sometimes winbox disconnects but the router still thinks the user is logged in, and continues to think so until it is rebooted. I'm not sure if this is the cause or not...
by mducharme
Sat Jan 05, 2019 10:20 pm
Forum: Announcements
Topic: v6.43.8 [stable] is released!
Replies: 169
Views: 30164

Re: v6.43.8 [stable] is released!

Please suggest me what should i do now? All users are using unlimited bandwidth now, thats why, it's so much tough to me for managing the bandwidth. Another thing is that, when i logged into the mikrotik via winbox, it's showing unsecured mode at the right corner. Potentially the problem is with qu...
by mducharme
Tue Jan 01, 2019 4:38 am
Forum: Scripting
Topic: ":put" problem in scripting [SOLVED]
Replies: 4
Views: 452

Re: ":put" problem in scripting [SOLVED]

This is normal behavior. If you want the script to print output while it runs, use the :log command which will output to the system log.
by mducharme
Mon Dec 31, 2018 6:26 am
Forum: General
Topic: Port forwarding with PPPOE doesn't work
Replies: 2
Views: 365

Re: Port forwarding with PPPOE doesn't work

Besides what is explained above, the other problem with this rule is src-port="", which means src-port=NULL. src-port will never be null, so therefore you will need to adjust this rule; Otherwise, it will never apply.
by mducharme
Sun Dec 30, 2018 11:15 pm
Forum: Beginner Basics
Topic: Voice vlan and mikrotik
Replies: 3
Views: 519

Re: Voice vlan and mikrotik

How to create voice VLAN on Mikrotik? I create as normal VLAN and I add DHCP server but when I plug telephone doesn't receive an IP address. On switch it show that I plug telephone as tagged port. Switch is PLANET gs-4210-24p4c Mikrotik CRS212-1G-10S-1SplusIN and IP telephony is Grandstream. You sh...
by mducharme
Sun Dec 30, 2018 10:45 pm
Forum: Beginner Basics
Topic: RouterOS basic vlan config
Replies: 15
Views: 1182

Re: RouterOS basic vlan config

Also, I would not add the same IP onto two interfaces simultaneously. It could possibly cause an issue - if the device has an IP on the same subnet in two different interfaces, how does it know which to use to reach you? You should probably put the ether2 ip in a different subnet from the IP that yo...
by mducharme
Sun Dec 30, 2018 9:33 pm
Forum: Beginner Basics
Topic: RouterOS basic vlan config
Replies: 15
Views: 1182

Re: RouterOS basic vlan config

no worries. I don't have Windows pcs therefore Winbox is not an option. However I simply reset the CRS and started from scratch. Could also help me understanding the concept a little better. Many people use winbox on MacOS or Linux in Wine. It is designed to work well in Wine. There is even a versi...
by mducharme
Sat Dec 29, 2018 10:38 pm
Forum: Beginner Basics
Topic: RouterOS basic vlan config
Replies: 15
Views: 1182

Re: RouterOS basic vlan config

I added: /ip address add address=192.168.2.60/24 interface=vlan2 network=192.168.2.0 and I removed: /ip address remove numbers=0 (this was the "interface=ether2") the last command unfortunately looked me out. Don't exactly understand why, since Port 17 was supposed to be an untagged access Port on ...
by mducharme
Sat Dec 29, 2018 7:11 pm
Forum: Beginner Basics
Topic: RouterOS basic vlan config
Replies: 15
Views: 1182

Re: RouterOS basic vlan config

and put the IP address on this VLAN interface How do I do this? Can't see an option to set a vlan for the MK IP. To do this, simply change the interface for the IP from "ether2" to "vlan2". Currently you have "/ip address add address=192.168.2.60/24 interface=ether2 network=192.168.2.0", this will ...
by mducharme
Sat Dec 29, 2018 4:29 am
Forum: RouterBOARD hardware
Topic: 10GB SFP+ recognized as 1GB - Question [SOLVED]
Replies: 3
Views: 503

Re: 10GB SFP+ recognized as 1GB - Question [SOLVED]

Thanks, actually I'm embarrassed since I had a look at the block diagram several times and thought even though the channel only provides only 1GB to the CPU it should have a 10GB connection. But I didn't notice it's an SFP only and not SFP+. Aarrrrg. The 4011 has an SFP+ port. If you upgrade to tha...
by mducharme
Sat Dec 29, 2018 4:15 am
Forum: Beginner Basics
Topic: RouterOS basic vlan config
Replies: 15
Views: 1182

Re: RouterOS basic vlan config

Hi again, I didn't have much time recently to keep on trying to set it up. But now I try again and still don't get it properly. second thing I did, was configuring one access port: /interface bridge vlan add bridge=bridge untagged=ether17 vlan-ids=2 so, Port 17 is an access port on vlan 2 untagged....
by mducharme
Fri Dec 28, 2018 11:02 pm
Forum: Beginner Basics
Topic: Firewall is blocking FORWARDING? WHY??
Replies: 9
Views: 570

Re: Firewall is blocking FORWARDING? WHY??

/ip firewall filter add action=accept chain=forward comment="INTERNET USERS TCP" \ connection-state=established,related,new dst-port="" port="" protocol=tcp add action=accept chain=forward comment="INTERNET USERS UDP" \ connection-nat-state="" connection-state=established,related,new port=53 \ prot...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 15