Community discussions

MikroTik App

Search found 1975 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 7
by mducharme
Fri Oct 27, 2023 12:58 am
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 160650

Re: v7.11.2 [stable] is released!

Is it normal for Device -> RouterOS -> Route tab to have empty lines? The Dude has not been properly updated to work with RouterOS v7. The routing table has changed design and probably it is no longer able to parse the new table correctly. Likely you can still view the routing table in the Snmp tab...
by mducharme
Fri Oct 20, 2023 10:15 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 90108

Re: v7.12rc is released!

I think it's generally not a good idea to upgrade from anything that isn't the latest 6.49.x to begin with, and better to upgrade to some recent stable 7.x like 7.11.2 instead of to a release candidate. If you want to go to a release candidate, it would be much safer after going to 7.11.2 first.
by mducharme
Wed Oct 18, 2023 6:31 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 90108

Re: v7.12rc is released!

#1. The VLAN should never appear as a secondary entry when its already added to the bridge vlan table when a wireless client connects ( Thats a bug ) I would agree with this, it seems to be a bug. #2. BRIDGE/VLAN interface "TAGGED" ports are expected to carry vlan traffic, and should not ...
by mducharme
Wed Oct 18, 2023 1:17 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 90108

Re: v7.12rc is released!

HERE IS A VIDEO SHOWING THE ISSUE https://www.youtube.com/watch?v=PLI-1Qm1Lp4 I'm not sure why the vlan appears twice in the list in your video, but the interface appearing under "tagged" should not be a problem and is correct. If it was untagged then your packets would likely have two ta...
by mducharme
Tue Oct 17, 2023 10:11 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 90108

Re: v7.12rc is released!

What I do not get is how this is backward thinking as I'm using the recommended config from Mikrotik. I didn't specifically mean *you* here, but in general, what I mean is on the CAP devices people shouldn't need bridge VLAN filtering at all. The official MikroTik config you linked to has bridge VL...
by mducharme
Tue Oct 17, 2023 9:17 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 90108

Re: v7.12rc is released!

I suspect there are some misunderstandings here regarding VLANs with the wifiwave2 CAPsMAN. I currently don't have access to any MikroTik wifi6 devices and only set them up once a few months back, so this is from memory, but unless I'm remembering wrong, and I could be, I believe this is accurate: -...
by mducharme
Tue Oct 17, 2023 12:17 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 90108

Re: v7.12rc is released!

These wifi wave2's capsmans is not yet as fully functional as the legacy CAPsMAN, and I'm just pointing out where this vlan/datapath/ tagging function needs to be fixed.. My example I'm using is not in the production environment. I have 10 new cAP AX's on the shelf, and waiting to install once this...
by mducharme
Thu Sep 07, 2023 4:57 am
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122490

Re: v7.12beta [testing] is released!

Why in IPv6 DHCP server POOL option do I get a double static-only entry's listed:
That's been showing up that way for a while and isn't related specifically to this beta.
by mducharme
Mon Aug 28, 2023 8:11 am
Forum: Beginner Basics
Topic: CRS326, CRS312, How do i setup DSCP for use with Dante?
Replies: 3
Views: 1463

Re: CRS326, CRS312, How do i setup DSCP for use with Dante?

qos-hw is a new feature that does not work with RouterOS v6 as far as I am aware. You'll need to upgrade the switches to v7 to allow you to do QoS with the new function. You won't really have any options for this on v6.
by mducharme
Fri Aug 25, 2023 9:22 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122490

Re: v7.12beta [testing] is released!

What MPLS Hardware functionality was in RouterOS v6 that is not in v7 ?
If I recall correctly the CRS317 supported MPLS hardware offload when acting as a P router in RouterOS v6. I'm not sure if this has been brought to v7 yet.
by mducharme
Mon Aug 21, 2023 10:31 am
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122490

Re: v7.12beta [testing] is released!

What I have found was not EOIP solution, but creating a VXLAN interface on both sides, adding those to local bridges, doing few twists to filtering, etc. Will experiment with that - https://forum.mikrotik.com/viewtopic.php?t=180369#p990815 Yes, VXLAN is the way I work around this at the moment, and...
by mducharme
Fri Aug 18, 2023 1:53 am
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122490

Re: v7.12beta [testing] is released!

*) mpls - added option to match and set MPLS EXP with bridge and mangle rules; - need more info pls They already answered this question higher in the thread. This isn't really a new feature. They've just restored a missing feature that was there in RouterOS v6 but was missing from v7. The behaviour...
by mducharme
Thu Aug 17, 2023 1:40 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122490

Re: v7.12beta [testing] is released!

Thanks for the details. Yes, I am familiar with the entire ingress-priority and priority process and the automatic copying from v6, but the wording of the change made it sound like it was implemented differently using a separate matcher for EXP instead of being folded under ingress-priority and prio...
by mducharme
Thu Aug 17, 2023 12:57 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 122490

Re: v7.12beta [testing] is released!

*) mpls - added option to match and set MPLS EXP with bridge and mangle rules; Any info/docs for this? We want to test as soon as possible. How are you able to "match" MPLS EXP for incoming packets with mangle rules when MPLS packets bypass the firewall - are these packets no longer bypas...
by mducharme
Sat Jul 15, 2023 10:06 pm
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 369
Views: 128290

Re: v7.10, 7.10.1 and more [stable] are released!

I'm glad that BFD got rid of most peoples last issue before upgrading, but we are still stuck not being able to upgrade to version 7 for something that was fine on version 6, and that is MPLS QoS (EXP bits not being set). Reported a year ago, no word yet on a fix. We can't upgrade most of our infras...
by mducharme
Wed Jul 12, 2023 5:21 am
Forum: General
Topic: SONAR - anybody using SONAR in an ISP Mikrotik network?
Replies: 3
Views: 469

Re: SONAR - anybody using SONAR in an ISP Mikrotik network?

It wasn't much of a pain for us to go to v2. The only reconfigurations we had to do were to do with things like switching a few inline devices to the SSL-API. Some re-learning is required as the interface is different, a bit more complicated, and sometimes it isn't obvious what things do or where th...
by mducharme
Wed Jul 12, 2023 4:00 am
Forum: General
Topic: SONAR - anybody using SONAR in an ISP Mikrotik network?
Replies: 3
Views: 469

Re: SONAR - anybody using SONAR in an ISP Mikrotik network?

Yes to both, and we have been delivering dual stack to all customers since 2017. We just upgraded to Sonar v2 less than two months ago. However, our solution may not work great for everyone, as we use PPPoE, and a lot of ISPs do not.
by mducharme
Mon Jul 10, 2023 1:43 pm
Forum: Forwarding Protocols
Topic: VoIP help
Replies: 9
Views: 2820

Re: VoIP help

Your masquerade rule doesn't have a direction specified, so it will probably do NAT in both directions, which is highly unusual. I'm not completely sure if this is the cause of the issue or not, but it should not be set up this way. Usually you would have out-interface or out-interface-list set for ...
by mducharme
Sat May 27, 2023 1:03 am
Forum: Announcements
Topic: v7.10rc is released!
Replies: 183
Views: 52191

Re: v7.10rc is released!

Hello,

Any updates on SUP-88676 (MPLS EXP bits not being properly set from "set priority" bridge filter rule on VPLS ingress)? I just tested on rc1 and it is still broken. This single issue is preventing is from upgrading the vast majority of routers on our network to v7.x.
by mducharme
Tue May 23, 2023 5:09 pm
Forum: Forwarding Protocols
Topic: OSPF operation between ROS V6 and ROS V7 [SOLVED]
Replies: 30
Views: 5636

Re: OSPF operation between ROS V6 and ROS V7 [SOLVED]

All of your OSPF config is disabled on the 5009 router - the interface is disabled, area is disabled, and interface templates are disabled. OSPF isn't going to work like that. You're also doing masquerade on the GRE tunnel on the 5009, which is probably going to prevent a neighbor relationship from ...
by mducharme
Tue May 23, 2023 9:23 am
Forum: Forwarding Protocols
Topic: OSPF operation between ROS V6 and ROS V7 [SOLVED]
Replies: 30
Views: 5636

Re: OSPF operation between ROS V6 and ROS V7 [SOLVED]

Export your full config from both routers instead of just part of the config. hide-sensitive is used as the default in RouterOS v7 so the export should not share any sensitive details.
by mducharme
Mon May 22, 2023 11:13 pm
Forum: Forwarding Protocols
Topic: OSPF operation between ROS V6 and ROS V7 [SOLVED]
Replies: 30
Views: 5636

Re: OSPF operation between ROS V6 and ROS V7 [SOLVED]

This might be a firewall issue and your OSPF issues might be just a symptom and not the cause.
by mducharme
Tue May 16, 2023 1:04 am
Forum: SwOS
Topic: Voice VLAN
Replies: 6
Views: 5855

Re: Voice VLAN

Simply tagging the voice vlan on all ports of the switch and configuring LLDP-MED to the vlan ID doesn't seem to do anything. I am using Yealink phones and they always end up on the default vlan. What you have done should do exactly that. Perhaps the config file for your phones is setting them to i...
by mducharme
Mon May 15, 2023 9:11 am
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 53725

Re: v7.9 [stable] is released!

Isn't that on purpose as a part of this change?

*) console - show Ethernet advertise, speed and duplex settings depending on configured auto-negotiation;
by mducharme
Thu May 11, 2023 7:54 pm
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 43835

Re: FORUM MAINTENANCE: Password reset will be needed

I'm wondering if some people are getting mixed up between Discourse and Discord. Discourse is forum software, Discord is a chat program. They are completely different programs and solutions, only potentially confused because of the similar first five letters of the name. I never mentioned Discord...
by mducharme
Thu May 11, 2023 11:31 am
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 43835

Re: FORUM MAINTENANCE: Password reset will be needed

I didn't know there was a hatred out there for Discourse, I've always liked it, personally..
by mducharme
Thu May 11, 2023 10:58 am
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 43835

Re: FORUM MAINTENANCE: Password reset will be needed

I was just suggesting it, because I think it would be good to migrate. I have used Discourse quite a bit and I find the search a lot better than phpBB. Sometimes I go looking for an old MikroTik forum post that I know exists because I have seen it before and it is still difficult to find. I agree ab...
by mducharme
Thu May 11, 2023 10:42 am
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 43835

Re: FORUM MAINTENANCE: Password reset will be needed

One of the downsides of phpBB is the way it indexes quotes as part of the response when searching. Does moving to a newer phpBB solve this? That particular downside is applicable to these forums, as quoting is discouraged here because of this behaviour and removing most/all quotes can make individua...
by mducharme
Thu May 11, 2023 10:28 am
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 43835

Re: FORUM MAINTENANCE: Password reset will be needed

Steinberg (a big music software company) has their forums set up really nicely with Discourse, they migrated from phpBB a a few years ago: https://forums.steinberg.net They were able to use an included script to migrate all posts going back many years, including attachments/images/etc. I think it co...
by mducharme
Thu May 11, 2023 10:22 am
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 43835

Re: FORUM MAINTENANCE: Password reset will be needed

Has MikroTik ever considered moving the forums to a more modern solution than phpBB? I know of several forums that were able to migrate from phpBB to Discourse fairly easily, and it has some very nice features..
by mducharme
Thu May 11, 2023 9:59 am
Forum: General
Topic: QoS Hardware Offloading (QoS-HW)
Replies: 46
Views: 11733

Re: QoS Hardware Offloading (QoS-HW)

What about the ability to do hardware QoS at arbitrary rates less than line rate? I'm thinking specifically about situations where one might buy a circuit from an upstream provider that is something that isn't a normal Ethernet speed like 200Mbps or something.
by mducharme
Fri May 05, 2023 4:40 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 1853

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

The reason for capsman forwarding mode is it's the only one that allows hands-off provisioning Local forwarding mode still requires logging into the AP and manually creating the bridge interface and assigning the interfaces to it. I don't want any intervention on the SM side, the entire thing shoul...
by mducharme
Fri May 05, 2023 4:23 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 1853

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

If there's only a dozen rooms perhaps, when there's 200 rooms that's 200 vlans to configure across a bunch of switches, 200 subnets, 200 DHCP ranges etc etc it's a pain in the dickens. Switches? If you are using CAPsMAN forwarding mode, why do you need to set up all these VLANs on switches? And yes...
by mducharme
Fri May 05, 2023 4:15 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 1853

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

If you want each room to have its own network so that devices can communicate with others in the same room, a VLAN per room might be a better solution than multiple bridges.
by mducharme
Fri May 05, 2023 2:52 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 1853

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

The workaround I could find is bridge them at the CAPSMAN controller, but this is not what I call elegant or efficient because - correct me if i'm wrong - I then need to create a separate bridge for each and every apartment (to avoid traffic going between different rooms) I'm not completely sure th...
by mducharme
Mon May 01, 2023 9:29 pm
Forum: Scripting
Topic: FastTrack-Friendly QoS Script
Replies: 61
Views: 38570

Re: FastTrack-Friendly QoS Script

Yup, that's correct, the new-priority=from-dscp-high-3-bits takes care of it. It maps the values like this:
DSCP 0-7 -> Priority 0
DSCP 8-15 -> Priority 1
DSCP 16-23 -> Priority 2
etc.
by mducharme
Sun Apr 23, 2023 2:19 am
Forum: RouterOS beta
Topic: v7 MPLS hardware offload?
Replies: 25
Views: 10003

Re: v7 MPLS hardware offload?

I hope this might be a sign that MPLS EXP bits might get fixed soon. We can't move many routers to v7 until MPLS QoS is working correctly again.
by mducharme
Sat Mar 25, 2023 5:02 am
Forum: Announcements
Topic: v7.9beta [testing] is released!
Replies: 118
Views: 25322

Re: v7.9beta [testing] is released!

Great fix list with some long-standing issues fixed, but still no working MPLS experimental bits. I have a large network that relies on this for QoS and we can't move to v7 until this is working, similar to the situation with others who need BFD for v7.
by mducharme
Thu Mar 16, 2023 6:54 pm
Forum: RouterOS beta
Topic: Feature Request: RFC 8781 or PREF64 in router advertisements
Replies: 2
Views: 2666

Re: Feature Request: RFC 8781 or PREF64 in router advertisements

They already added PREF64, it is in the changelog...
by mducharme
Wed Feb 15, 2023 10:49 am
Forum: General
Topic: What are your show stoppers for migrating to ROS7?
Replies: 22
Views: 1796

Re: What are your show stoppers for migrating to ROS7?

Our showstopper is MPLS experimental bits not yet working properly, as it has been for months. Moving to ROS 7 now would destroy our QoS completely.
by mducharme
Tue Feb 14, 2023 11:09 am
Forum: Announcements
Topic: v7.8rc is released!
Replies: 125
Views: 44255

Re: v7.8rc is released!

mducharme - Actually, this functionality is already on the way to you and will be available in v7.9beta. I must have misunderstood then. I saw the following change and figured that it was that: *) route - fixed IPv6 default route presence when received from RA; If that is not what I thought, then w...
by mducharme
Fri Feb 10, 2023 11:06 am
Forum: Announcements
Topic: v7.8rc is released!
Replies: 125
Views: 44255

Re: v7.8rc is released!

Still no default route appearing in the IPv6 route list, even though I can ping out to the internet just fine over IPv6.
by mducharme
Thu Feb 02, 2023 10:22 pm
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 72209

Re: v7.8beta [testing] is released!

It works for me... maybe there is some other factor in your setup that influences it. Perhaps - but I just reset my hAP mini (which I only use for testing) to no-default-configuration, logged into it and disabled "IPv6 forward" so that it gets an address from the RA. The address appears, ...
by mducharme
Thu Feb 02, 2023 12:18 am
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 72209

Re: v7.8beta [testing] is released!

*) route - fixed IPv6 default route presence when received from RA;
This does not seem to be working - I do not see this route either in the Winbox GUI or the CLI.
by mducharme
Sun Jan 22, 2023 12:22 am
Forum: Announcements
Topic: v7.8beta [testing] is released!
Replies: 307
Views: 72209

Re: v7.8beta [testing] is released!

As someone have already mentioned - how realistic is wave2 on 40xx devices? I've been running wave2 at home since 7.7 with no complaints on a 4011 and an Audience, although I wasn't really using the 2.4ghz on the 4011 so I didn't really miss it. If I did need the 2.4ghz I would be tempted to pick u...
by mducharme
Fri Jan 20, 2023 8:18 pm
Forum: RouterOS beta
Topic: Feature Request: Zero Trust Tunnel - Cloudflare Version
Replies: 28
Views: 9409

Re: Feature Request: Zero Trust Tunnel

Btw, to be honest I really don't get the idea in the current thread about a Zero Trust "Tunnel" in the context of implementing ZTNA. He didn't mean a zero trust tunnel in a general sense. Instead a cloudflared Cloudflare Zero Trust tunnel, specifically for Cloudflare Access and Gateway. I...
by mducharme
Fri Jan 20, 2023 12:21 pm
Forum: RouterOS beta
Topic: Feature Request: Zero Trust Tunnel - Cloudflare Version
Replies: 28
Views: 9409

Re: Feature Request: Zero Trust Tunnel

Hi, coul I use ZTT without public IP address?
Yes, there is no need for a public IP for it. You can be behind multiple levels of NAT and it will still work.
by mducharme
Fri Jan 20, 2023 9:28 am
Forum: RouterOS beta
Topic: Feature Request: Zero Trust Tunnel - Cloudflare Version
Replies: 28
Views: 9409

Re: Feature Request: Zero Trust Tunnel

I would prefer an add on package for such a thing vs having to deploy a container, yes. I do not think it should be part of the core ROS as it is a third party solution, similar to ZeroTier, and so an add-on package would make the most sense.
by mducharme
Thu Jan 19, 2023 10:46 pm
Forum: RouterOS beta
Topic: Feature Request: Zero Trust Tunnel - Cloudflare Version
Replies: 28
Views: 9409

Re: Feature Request: Zero Trust Tunnel

We are running almost everything through Cloudflare Zero Trust tunnel (and have been doing so for about a year). The tunnel in the modern day is entirely configured through the Cloudflare admin webpage, unless you are doing some weird/advanced things. There is a config file, but we've set up dozens ...
by mducharme
Tue Jan 17, 2023 7:26 pm
Forum: RouterOS beta
Topic: Invalid IPv6 route enries from OSPFv3
Replies: 3
Views: 3950

Re: Invalid IPv6 route enries from OSPFv3

This has been the case for a long time now. I think it is lower priority to get fixed as it doesn't cause any issues other than the routing table being larger than it needs to be.
by mducharme
Tue Jan 17, 2023 7:05 pm
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112139

Re: v7.7 [stable] is released!

This means thath WiFiWave2 devices are capable to be used as repeater in Station mode? This has always worked assuming you didn't need bridging and were fine with the repeater using a different SSID than the main network. I think you're probably getting four-way TKIP handshake mixed up with four ad...
by mducharme
Tue Jan 17, 2023 4:47 am
Forum: General
Topic: Wifiwave2 bridge interface unknown V7.7
Replies: 4
Views: 727

Re: Wifiwave2 bridge interface unknown V7.7

Is this expected behaviour?
For me, I see the actual interface under bridge->hosts on an RB4011 and Audience in 7.7 with wifiwave2.
by mducharme
Mon Jan 16, 2023 9:03 am
Forum: Wireless Networking
Topic: HAP AX3 WifiWave2 CAPSMAN
Replies: 43
Views: 18798

Re: HAP AX3 WifiWave2 CAPSMAN

Thanks for the reply. How do I share the config ? From the command line run: /export and paste the results in here. By default it hides sensitive info from the export. You can have the export only include the wifiwave2 config (as it is probably the only applicable section) if you run: /interface wi...
by mducharme
Sun Jan 15, 2023 11:15 am
Forum: Wireless Networking
Topic: HAP AX3 WifiWave2 CAPSMAN
Replies: 43
Views: 18798

Re: HAP AX3 WifiWave2 CAPSMAN

I have it working, but in my case it isn't an ax3, but instead an RB4011 and an Audience. Share your config.
by mducharme
Fri Jan 13, 2023 1:39 pm
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112139

Re: v7.7 [stable] is released!

Is there any way around this for non-ax interfaces with wave2, where you want different SSIDs on different VLANs?
by mducharme
Fri Jan 13, 2023 1:22 pm
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112139

Re: v7.7 [stable] is released!

I just tried setting up VLANs with the wifiwave2 CAPsMAN like how I would with the older CAPsMAN (putting the VLAN ID into the datapath settings on the CAPsMAN unit) and I get this error for the interfaces for remote CAPs: "interface does not support assigning vlans" Does wave2 capsman not...
by mducharme
Fri Jan 13, 2023 9:29 am
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112139

Re: v7.7 [stable] is released!

I have an audience as a wave2 cap. When I reboot it, the two CAP interfaces do not start getting managed by capsman properly until I disable them and re-enable them, and after that they work fine. It seems to be a bug.
by mducharme
Fri Jan 13, 2023 9:03 am
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112139

Re: v7.7 [stable] is released!

Thank you for the explanation! That makes sense now.
by mducharme
Fri Jan 13, 2023 4:33 am
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 112139

Re: v7.7 [stable] is released!

Now that this is stable, I'm experimenting for the first time with the new wifiwave2 capsman support. I can't find the local-forwarding setting for wifiwave2, and the "bridge" setting in the CAP configuration seems to be missing. I've added the interfaces manually as bridge ports on the CA...
by mducharme
Wed Jan 04, 2023 9:47 pm
Forum: Wireless Networking
Topic: Wifiwave2 Capsman compatibility
Replies: 17
Views: 9772

Re: Wifiwave2 Capsman compatibility

Will I ever be able to run wifiwave2 on my rb5009 and manage non wifiwave2 Caps? Or will I have to upgrade all my Caps to hardware that wifiwave2 supports? You can run non-wave2 CAPsMAN on one of the non-wave2 CAPs and manage the other non-wave2 CAPs from that one. Both the old and new CAPsMANs sho...
by mducharme
Wed Jan 04, 2023 3:37 am
Forum: Announcements
Topic: v7.7rc is released!
Replies: 259
Views: 88421

Re: v7.7rc is released!

I think we are likely to see VTI at some point because it should be possible with the new kernel. Obviously though the priority must be on getting things working in RouterOS v7 that were working fine in v6, like BFD, MPLS QoS, etc.
by mducharme
Thu Dec 15, 2022 9:44 am
Forum: General
Topic: Cloudflare tunnels vs mikrotik open ports
Replies: 2
Views: 1762

Re: Cloudflare tunnels vs mikrotik open ports

If the exploit was on the running server itself, i do not see how the cloudflare's tunnel would protect against attacks. It isn't about protection from MikroTik vulnerabilities, it is for protection against exploits on the server. Cloudflare Access (part of Cloudflare Zero Trust) reverse proxies yo...
by mducharme
Thu Dec 15, 2022 9:32 am
Forum: RouterOS beta
Topic: Routing filter to discard routes
Replies: 15
Views: 11641

Re: Routing filter to discard routes

I'm looking to drop these "rejected" routes from memory/routing table; however I'm unable to figure out how to do so. We're only running OSPF, not BGP. Could anyone provide a brief example of how to prevent these rejected routes from showing up in our routing table at all, regardless of i...
by mducharme
Wed Dec 14, 2022 1:41 pm
Forum: Announcements
Topic: v7.7rc is released!
Replies: 259
Views: 88421

Re: v7.7rc is released!

the 7,7rc1 in our case (more then 5M routes) freezes when modify a filter rule.
Firewall filter? or route filters?
by mducharme
Mon Dec 05, 2022 8:53 pm
Forum: Virtualization
Topic: Metarouter on Hap AC 3
Replies: 3
Views: 2256

Re: Metarouter on Hap AC 3

Hmmm, alright. Can I run another instance of RouterOS in a docker container?
Not at the moment, anyway. What is the reason you want to run RouterOS inside RouterOS? Usually people who wanted Metarouter did because they wanted to do something that you could only do in OpenWRT and not RouterOS.
by mducharme
Mon Dec 05, 2022 10:58 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

Are there any updates on four address mode support in wifiwave2?
by mducharme
Sun Dec 04, 2022 12:37 am
Forum: Virtualization
Topic: Metarouter on Hap AC 3
Replies: 3
Views: 2256

Re: Metarouter on Hap AC 3

I don't think Metarouter has ever supported ARM architecture. Regardless of this, Metarouter is deprecated, it has been replaced by Docker container support in RouterOS v7. You're best off just looking into Docker and ignoring Metarouter.
by mducharme
Fri Dec 02, 2022 2:42 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

But installing wifiwave2 in x86 will disable the existing local wireless device, but add the menu for wifiwave2 Yes, so you currently have to choose between your x86 device supporting local wireless interfaces vs. it being able to act as a CAPsMAN for wifiwave2 CAP devices. In many cases the x86 de...
by mducharme
Fri Nov 11, 2022 2:57 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

Did you try it? It does not work for me (set priority from DSCP)...
No, I have not tried it yet, unfortunately, these are a crazy few weeks for me.
by mducharme
Wed Nov 09, 2022 6:21 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

I would be perfectly happy with a RouterOS v7 where you can select between a "routing-legacy" and "routing-new" package and run the v6 autorouting modules. they worked fine. I don't think this is even possible. The v6 routing protocols were all written with route caching in mind...
by mducharme
Tue Nov 08, 2022 8:46 pm
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

A feature that is even bigger for me than that is the set-priority being added to IPv6 mangle - we can finally have QoS fully working on IPv6.
by mducharme
Tue Nov 08, 2022 2:53 pm
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

I think it doesn't make any sense to have a wifiwave2 CAPsMAN on mipsbe, but the ability to have them on mmips (hEX devices) might be useful.
by mducharme
Tue Nov 08, 2022 2:23 pm
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

They could yet release wifiwave2 packages for other architectures, like mmips or tile, to allow them to act as a wifiwave2 CAPsMAN. I can't see MikroTik deciding to restrict wifiwave2 CAPsMAN to only arm/arm64 architectures.
by mducharme
Tue Nov 08, 2022 4:14 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

Does that mean only those who have wifiwave2 interface can act as the CAPsMAN ? like CHR/x86 architecture RouterOS, they cannot act as the CAPsMAN, correct ? Any device that has the wifiwave2 package available for that architecture can be used as the CAPsMAN, you just have to install the wifiwave2 ...
by mducharme
Tue Nov 08, 2022 3:22 am
Forum: Beginner Basics
Topic: MX204 alternative?
Replies: 7
Views: 1615

Re: MX204 alternative?

I would probably agree, if you are actually using the MX204 to a good portion of its total capacity. The CCR2216 is unlikely to be able to match the same performance, as it is a few thousand dollars instead of $40k. But, a lot of providers and companies sometimes go overboard on the core routers, an...
by mducharme
Tue Nov 08, 2022 2:01 am
Forum: Beginner Basics
Topic: MX204 alternative?
Replies: 7
Views: 1615

Re: MX204 alternative?

There are lots of MikroTiks used in datacenters, cloud, and even larger ISPs, but mostly in supporting roles (acting as things like DNS caches) as they have not had any routers with ports > 10Gbps, and the fact that they did not have hardware offload for routing meant that the CPU could become a bot...
by mducharme
Mon Nov 07, 2022 11:37 pm
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

That leaves out A LOT of devices then ...
Are you wanting to use a mipsbe device for wifiwave2-capsman or something?
by mducharme
Sat Nov 05, 2022 8:41 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

V6 is perfectly stable, there is absolutely no reason to do this step. There is, if you need to install a new device. Deploying CCR1xxx seems like a mistake now, it is a product that will be end of life sooner than later, and who knows if MikroTik will bother having RouterOS v8 (when that comes out...
by mducharme
Wed Nov 02, 2022 7:47 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

I do not use BFD myself, but since it is a working feature in RouterOS v6 (at least for the most part), I hope MikroTik does not release a "long-term" RouterOS v7 version without it.

I still need a bunch of other bugs fixed before I can move certain routers to v7 myself.
by mducharme
Mon Oct 31, 2022 7:56 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

mducharme - Yes, LLDP support has been there for a while now and RouterOS under IP/Neighbo list can also show other installations, besides RouterOS. Yes, I know this, that isn't what I mean. I mean RouterOS shows for my Windows system "discovered by: MNDP, LLDP". I don't think Microsoft h...
by mducharme
Sun Oct 30, 2022 7:45 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

*) discovery - added "discovered-by" parameter to indicate which protocol discovered the neighbor; This new feature seems to be listing MNDP for everything, including my Windows desktop (which is sending LLDP but I doubt Microsoft programmed an MNDP client in there). The LLDP and CDP dete...
by mducharme
Sun Oct 30, 2022 4:14 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

There are usually other ways of handling that without resorting to making a VLAN per customer.
by mducharme
Sun Oct 30, 2022 3:21 am
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 122495

Re: v7.7beta [testing] is released!

One PPPoE server and VLAN for each client? What is the purpose of such a complicated setup?
by mducharme
Sat Oct 15, 2022 3:11 pm
Forum: Announcements
Topic: v7.6rc is released!
Replies: 94
Views: 28037

Re: v7.6rc is released!

OSPFv3 seems to be creating extra invalid route entries for local interfaces. See https://forum.mikrotik.com/viewtopic.php?t=189285 This is normal behaviour on RouterOS v7 as far as I can determine. I don't believe this is a bug exactly. MPLS also creates additional inactive routes similar to this.
by mducharme
Mon Sep 26, 2022 6:28 am
Forum: RouterOS beta
Topic: Performance regression + IPv6 not working - RB750Gr3
Replies: 7
Views: 4677

Re: Performance regression + IPv6 not working - RB750Gr3

I gave it another try, with RouterOS v7.5 I said to check /system/resource/cpu/print, which shows the per core utilization. You are looking at the average usage of all cores with /tool/profile, which is useless in determining if a single core is overloaded. Although you can use /tool/profile, you h...
by mducharme
Sat Sep 24, 2022 5:20 am
Forum: Announcements
Topic: v7.6beta [testing] is released!
Replies: 226
Views: 60951

Re: v7.6beta [testing] is released!

I think they plan to put the received number of routes in /routing/bgp/sessions in the prefix-count field, which currently always reads 0.
by mducharme
Tue Sep 20, 2022 5:03 am
Forum: Announcements
Topic: v7.6beta [testing] is released!
Replies: 226
Views: 60951

Re: v7.6beta [testing] is released!

No! The uptime is ticking but it still displays fake information when a winbox "sessions" screen is open! The uptime continues to tick up even when the session has been closed or failed. It seems to be fixed at the CLI. They might need to do additional things to fix this in Winbox, as it ...
by mducharme
Thu Sep 15, 2022 3:40 pm
Forum: RouterOS beta
Topic: RFC5838 - OSPFv3 address families support
Replies: 1
Views: 2343

RFC5838 - OSPFv3 address families support

Hello, I was wondering if MikroTik has any plans to support RFC5838, which allows OSPFv3 to carry information about IPv4 routes in addition to IPv6 routes. I thought that this might be an intended feature, given how both OSPFv2 and OSPFv3 have the same configuration interface in RouterOS v7, and thi...
by mducharme
Thu Sep 15, 2022 3:00 pm
Forum: Forwarding Protocols
Topic: OSPF "drop-outs" (routes originated from MT gets dropped from the rest of the network)
Replies: 22
Views: 5011

Re: OSPF "drop-outs" (routes originated from MT gets dropped from the rest of the network)

In other words, Mikrotik must send (and receive ACKs) for LSAs every half an hour. It doesn't do this. Hi, I don't understand this. The reason this doesn't make sense to me is the only issue that we have with OSPFv2 on RouterOS is that, in certain circumstances for us, it goes into "full"...
by mducharme
Thu Sep 15, 2022 5:58 am
Forum: Forwarding Protocols
Topic: OSPF "drop-outs" (routes originated from MT gets dropped from the rest of the network)
Replies: 22
Views: 5011

Re: OSPF "drop-outs" (routes originated from MT gets dropped from the rest of the network)

And to re-fill the BGP tables takes quite a while longer than that ... which mikrotik would just incorporate frr into routeros and move on. You're comparing RouterOS v6 with other platforms, rather than RouterOS v7, which has the entire routing stack, including all protocols, rewritten from the gro...
by mducharme
Tue Sep 13, 2022 3:58 am
Forum: RouterOS beta
Topic: Routing Mark and route traffic to a different GW
Replies: 7
Views: 10470

Re: Routing Mark and route traffic to a different GW

This may or may not help with this type of situation, but on RouterOS v7 I do something like this, to force any packets on VPN_VLAN through my Wireguard VPN, without needing mangle rules at all: /routing rule add action=lookup disabled=no interface=VPN_VLAN min-prefix=1 table=main add action=lookup ...
by mducharme
Tue Sep 13, 2022 2:46 am
Forum: Forwarding Protocols
Topic: OSPF "drop-outs" (routes originated from MT gets dropped from the rest of the network)
Replies: 22
Views: 5011

Re: OSPF "drop-outs" (routes originated from MT gets dropped from the rest of the network)

I just wanted to say that I agree completely with @AlexDF. I find OSPFv2 pretty bulletproof on MikroTik when advertising everything through OSPF->Networks and having redistribution turned off. And, if you previously had an interface set as passive and you had a neighbor relationship formed anyway, t...
by mducharme
Sun Sep 11, 2022 4:36 am
Forum: Useful user articles
Topic: Creating an SSID with Mullvad VPN over Wireguard
Replies: 0
Views: 2902

Creating an SSID with Mullvad VPN over Wireguard

Sorry to not include much detail here, but somebody asked for an example of how I created a special SSID in my MikroTik environment that policy routes everything over Mullvad VPN via Wireguard. I hope to revise this in the future to include explanations and fill in anything that is missing. /caps-ma...
by mducharme
Sat Sep 10, 2022 11:38 pm
Forum: Forwarding Protocols
Topic: Upstream must route through other ASN
Replies: 1
Views: 2972

Re: Upstream must route through other ASN

Careful here, anybody who might normally offer help. I strongly suspect (based on certain specific details) that the OP is the admin of the notorious kiwifarms doxxing site trying to bring it back online. See this link: https://twitter.com/DropKiwifarms/status/1568680754170761216 The capitalization ...
by mducharme
Fri Sep 09, 2022 10:12 am
Forum: Useful user articles
Topic: 📌 Tool: Using Splunk to analyse MikroTik logs 3.9 (Graphing everything) 💾 🛠 💻 📊
Replies: 318
Views: 117369

Re: 📌 Tool: Using Splunk to analyse MikroTik logs 3.7 (Graphing everything) 💾 🛠 💻 📊

Too bad the "Kid Control" is actually not accurate on my 7.4.1 box. Not too sure what is happening, but the use-case is simple. On my ShieldTV I've just watched a 16Gbytes movie. This is served from my NAS. It is very possible that Kid Control does not properly account for traffic that is...
by mducharme
Thu Sep 08, 2022 6:04 am
Forum: Announcements
Topic: v7.6beta [testing] is released!
Replies: 226
Views: 60951

Re: v7.6beta [testing] is released!

What I mean with previous version is the 7.4 behavior. The winbox uptime is copied from the router when you open the window, but then it continues ticking upward even when the connection actually is down. I understand now. I suspect, to fix this issue, they might have had to re-engineer the peer up...
by mducharme
Wed Sep 07, 2022 9:38 pm
Forum: Announcements
Topic: v7.6beta [testing] is released!
Replies: 226
Views: 60951

Re: v7.6beta [testing] is released!

The previous version showed the current uptime in commandline but when you opened the sessions tab in winbox it showed a fake ticking uptime... I'm still running 7.5 with BGP and can confirm that it does not show the uptime in the command line, and it displays in winbox with a fake uptime. I have a...
by mducharme
Wed Sep 07, 2022 7:57 pm
Forum: Announcements
Topic: v7.6beta [testing] is released!
Replies: 226
Views: 60951

Re: v7.6beta [testing] is released!

the difference from previous version is the before it was a coundown, now it is just empty. Being empty is their fix for now. They had completely removed the uptime field for some reason, I believe on purpose. You cannot see it in the CLI at all either (and you could in earlier versions when it dis...
by mducharme
Sat Sep 03, 2022 4:34 am
Forum: Useful user articles
Topic: MikroTik Wireguard server with Road Warrior clients
Replies: 104
Views: 88270

Re: MikroTik Wireguard server with Road Warrior clients

There is a typo in the first post. The client should use address 192.168.66.2/24, not 192.168.66.3/24, in order to match the peer definition in the RouterOS. After fixing this, it works perfectly. Unfortunately it seems there are no default logs to give any kind of errors or warnings on RouterOS, w...
by mducharme
Fri Sep 02, 2022 2:06 am
Forum: The Dude
Topic: dude-install.sh - The Dude Client for Mikrotik installer on Linux.
Replies: 10
Views: 8900

Re: dude-install.sh - The Dude Client for Mikrotik installer on Linux.

You also have "Link Mint" instead of "Linux Mint"
by mducharme
Thu Aug 25, 2022 4:15 am
Forum: Announcements
Topic: v7.5rc is released!
Replies: 86
Views: 20817

Re: v7.5rc is released!

If ROSv7 is still not ready please allow ROSv6 in CCR2004 and 2216 hardwares...
I think the reason that we don't see this is that the one CCR2004 model that can run RouterOS v6 has been shown to be unstable, with random reboots every few weeks, and they were unable to fix this without v7.
by mducharme
Wed Aug 24, 2022 3:01 am
Forum: Announcements
Topic: v7.5rc is released!
Replies: 86
Views: 20817

Re: v7.5rc is released!

Are there any fixes coming for MPLS experimental bits not getting set by set-priority actions? We rely on MPLS EXP bits a lot for our QoS solution and the fact that this functionality is broken means that we can't move routers to v7 that we otherwise could.
by mducharme
Sat Aug 13, 2022 7:44 am
Forum: RouterOS beta
Topic: Drop down for choosing interface on routes in 7.4
Replies: 25
Views: 4634

Re: Drop down for choosing interface on routes in 7.4

You don't have to click on it, if you don't like long lists. Right, but there is almost never any case where you would want to create a route in the first place with a dynamic PPP interface as the gateway. The moment that dynamic interface goes down, the route no longer works and has to be recreated.
by mducharme
Sat Aug 13, 2022 6:20 am
Forum: RouterOS beta
Topic: Drop down for choosing interface on routes in 7.4
Replies: 25
Views: 4634

Re: Drop down for choosing interface on routes in 7.4

is a good idea remove this kind of problems, for example a router with 1.000 active pppoe users it has to show that 1.000 interfaces in a drop down menu Perhaps they could just show static ppp interfaces (which are normally client interfaces) and not show any dynamic ones. I have rarely seen device...
by mducharme
Sat Aug 13, 2022 2:05 am
Forum: RouterOS beta
Topic: Drop down for choosing interface on routes in 7.4
Replies: 25
Views: 4634

Re: Drop down for choosing interface on routes in 7.4

Why not re-add the drop down, but limit it to just PPP interface types? These problems are caused by users selecting things like an ethernet interface as a gateway instead of a PPP interface. If only PPP interfaces appear in a drop down, it would be more easily understood that choosing something lik...
by mducharme
Tue Aug 09, 2022 10:31 am
Forum: Announcements
Topic: v7.5beta [testing] is released!
Replies: 138
Views: 45600

Re: v7.5beta [testing] is released!

I think pe1chl wants to test this on 7.5betaX and not 7.4.x, and that the fix came out on 7.4.x before 7.5betaX.
by mducharme
Sun Aug 07, 2022 11:58 pm
Forum: Announcements
Topic: v7.4 [stable] is released!
Replies: 226
Views: 54635

Re: v7.4 [stable] is released!

I just tried to upgrade a router acting as a road warrior VPN server to RouterOS v7, and found that OSPF does not seem to be working properly with /32 PPP tunnel routes - adding them to interface templates does not result in advertisement, although the ppp interfaces appear in the Interfaces list. N...
by mducharme
Thu Aug 04, 2022 7:23 am
Forum: Announcements
Topic: not strictly related to v7.5beta
Replies: 30
Views: 4914

Re: v7.5beta [testing] is released!

I think that a new kernel is not a major effort anymore (as mkx said). It was true that it was a major effort when making the move from the old RouterOS v6 kernel, as the removal of route caching was a huge change that required rewriting the entire routing stack. However, we are unlikely to see any ...
by mducharme
Wed Aug 03, 2022 3:08 pm
Forum: Announcements
Topic: not strictly related to v7.5beta
Replies: 30
Views: 4914

Re: v7.5beta [testing] is released!

From what I can see, the only changes regarding netmap in Linux kernel 5.8+ were with nftables, but I believe RouterOS still uses iptables and so I don't think these nftables related enhancements would make any difference. I'm sure they will upgrade to a newer kernel at some point in the reasonably ...
by mducharme
Mon Aug 01, 2022 9:03 am
Forum: Beginner Basics
Topic: Graphing - Store to disk / disk wear.
Replies: 7
Views: 1815

Re: Graphing - Store to disk / disk wear.

I am using 24 hours as a setting, and I'm not seeing holes in my data from reboots.
by mducharme
Sat Jul 30, 2022 7:57 pm
Forum: Virtualization
Topic: CHR 7.X, cannot boot when using two disks
Replies: 7
Views: 3193

Re: CHR 7.X, cannot boot when using two disks

Apparently it's been fixed in 7.4
It has not been completely fixed, as this issue happened to me on a 6.49.6 -> 7.4 upgrade.
by mducharme
Thu Jul 28, 2022 3:16 am
Forum: Virtualization
Topic: CHR 7.X, cannot boot when using two disks
Replies: 7
Views: 3193

Re: CHR 7.X, cannot boot when using two disks

I just tried upgrading my Dude CHR from v6 to v7 and am having this exact issue. It runs on VMware ESXi. Had to go back to a snapshot on v6.
by mducharme
Tue Jul 05, 2022 3:13 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 233024

Re: MikroTik Devices Controller

I think the general idea of TR069 is a good one, where the device "phones home" to be told what to do. This works great with devices behind NAT etc as only the server needs to be publicly accessible. Ideally the device would be configured with a URL for the server that it could get all of ...
by mducharme
Mon Jul 04, 2022 4:10 am
Forum: Announcements
Topic: v7.4beta [testing] is released!
Replies: 189
Views: 60458

Re: v7.4beta [testing] is released!

VPLS has been broken for a long time in ROS7, I've disabled it and switched to VxLAN which has been working well so far (and it's easier to use too). VxLAN makes more sense in a datacenter environment where you want to interface with virtual machines. MPLS and VPLS and SR-MPLS make more sense in th...
by mducharme
Sat Jul 02, 2022 4:51 am
Forum: Announcements
Topic: v7.4beta [testing] is released!
Replies: 189
Views: 60458

Re: v7.4beta [testing] is released!

Same trouble. mipsbe
Mikrotik this morning sent me an internal test version and it has fixed my issue - no more VPLS crash.
by mducharme
Mon Jun 20, 2022 4:35 pm
Forum: RouterOS beta
Topic: posts not strictly related to: v7.4beta [testing]
Replies: 165
Views: 11788

Re: v7.4beta [testing] is released!

As soon as some device has more than one interface (for any kind of usage) with IPv6 enabled, it's good to have per-interface setting of SLAAC client. Period. Since underlying linux kernel supports it, the fuss with firewall blocking RAs on interfaces where user doesn't want it is a complicated wor...
by mducharme
Mon Jun 20, 2022 4:57 am
Forum: RouterOS beta
Topic: posts not strictly related to: v7.4beta [testing]
Replies: 165
Views: 11788

Re: v7.4beta [testing] is released!

There seem to be providers that expect this, but they should be educated rather than confirmed (by RouterOS support) that this is the right way to go forward. This isn't the providers doing something wrong. As I understand it, DHCPv6 does not and cannot provide a default gateway to the client, clie...
by mducharme
Sat Jun 18, 2022 9:53 pm
Forum: RouterOS beta
Topic: posts not strictly related to: v7.4beta [testing]
Replies: 165
Views: 11788

Re: v7.4beta [testing] is released!

suppose we have few VLANs, ex: Guest, Lan, VMs, etc, and if there is more than one IPv6 RA, MT wil pickup ALL SLAAC address please MT, let us choose from which interface we accept SLAAC Yes, I would also like to see this. Ideally it could be done by selecting an interface list to be used for SLAAC,...
by mducharme
Sat Jun 18, 2022 5:17 am
Forum: RouterOS beta
Topic: Feature request: VLAN 0 Priority Tagging Support
Replies: 3
Views: 2894

Re: Feature request: VLAN 0 Priority Tagging Support

This does work already, if you add the port to a single-port bridge as a workaround, and I believe you also have to enable VLAN filtering on the bridge. I agree that there should be an easier way to get this to work without having to jump through those hoops. With a modern Ubuntu system it automatic...
by mducharme
Sat Jun 18, 2022 3:45 am
Forum: Announcements
Topic: v7.4beta [testing] is released!
Replies: 189
Views: 60458

Re: v7.4beta [testing] is released!

It is really nice how finally a RouterOS device that gets its IP via SLAAC will show that IP under IPv6->Addresses, thank you for finally doing this (I realize it was done in 7.3.x and not 7.4.x, but still, it is a new feature that I have been requesting for years now). However, the default route be...
by mducharme
Sun Jun 12, 2022 4:48 am
Forum: Announcements
Topic: v7.4beta [testing] is released!
Replies: 189
Views: 60458

Re: v7.4beta [testing] is released!

*) mpls - fixed VPLS functionality when PW peer is an immediate neighbor;

I hoped this would fix the VPLS crash I have been experiencing - alas, it has not. One ping goes through and then one core of my device goes to 100% and it locks up and eventually reboots on its own.
by mducharme
Sun Jun 12, 2022 12:38 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 233024

Re: MikroTik Devices Controller

noooooooooo NOT THAT... The nice thing about the UISP design is how the devices "phone home" to the controller instead of the controller needing to reach them, which works great for devices behind some kind of NAT where the controller does not have direct access as well. TR069 can do this...
by mducharme
Sat Jun 04, 2022 1:45 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 233024

Re: MikroTik Devices Controller

The NETCONF protocol is designed for this sort of thing. Other router vendors are using it for this exactly.

https://en.wikipedia.org/wiki/NETCONF

Probably makes sense for MikroTik to do the same instead of developing a new protocol?
by mducharme
Fri May 27, 2022 6:18 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 101228

Re: v7.3beta [testing] is released!

In 99% of the cases /32 can be used instead of /31. Even in setups where remote end has /31, but MT side has configured ptp /32. Although this is technically true, the reality is that the service provider space in North America tends to view any vendors who don't support /31 as out of date, and not...
by mducharme
Fri May 20, 2022 5:51 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 101228

Re: v7.3beta [testing] is released!

Soon you will find certain forum gurus reply to your post that why you don't need PPP Accounting of sending IPv6 PD in radius accounting packet and justify mikrotik for it's non implementation. We do need this, but it is not a bug - it is instead a feature that they have not implemented yet. It is ...
by mducharme
Tue May 17, 2022 6:43 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 101228

Re: v7.3beta [testing] is released!

I'm guessing that they may have found that the stability issues with cake happen when using it with HTB even on regular Linux, outside of RouterOS. dtaht did say that cake wasn't really designed with HTB in mind. But if that is the case I'm not sure why they wouldn't take dtaht up on his offer as th...
by mducharme
Mon May 16, 2022 7:20 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 101228

Re: v7.3beta [testing] is released!

I still don't have VPLS working at all on my test environment. One ping goes through and then CPU goes to 100% and the device becomes unresponsive - have to disconnect power from it and plug it back in. Is there any headway on fixing this issue? I'm not the only one having it - others on the forum r...
by mducharme
Sat May 14, 2022 7:28 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 101228

Re: v7.3beta [testing] is released!

@dtaht I hope they take up on on that offer. I know they are trying to get v7 stabilized at the moment, and agree with that and hope that happens as soon as possible, but after that I do want to see cake as a functional solution in the reasonably near term.
by mducharme
Sat May 14, 2022 5:26 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 101228

Re: v7.3beta [testing] is released!

Disappointing about cake. We need more options to use it other than just interface queues. There are many instances like downlink where you may have multiple downlink interfaces going through the same internet connection, and then there is no way of specifying a single download amount with cake acro...
by mducharme
Sun May 08, 2022 5:35 am
Forum: RouterOS beta
Topic: Feature request: HSGMII for SFP >1Gbps synchronization. [SOLVED]
Replies: 22
Views: 15111

Re: [SOLVED !!!] Feature request: HSGMII for SFP >1Gbps synchronization. [SOLVED]

Are you seeing the 2.5Gbps speed option on the SFP+ port when you disable auto negotiation?

I upgraded the CRS309 to 7.3beta37, and 2.5Gbps option isn't available.
As it says in the changelog, it is only available from the CLI at the moment, not Winbox.
by mducharme
Tue Apr 19, 2022 3:58 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 101228

Re: v7.3beta [testing] is released!

Still a lot to be done. There is, but it is impressive the rate that things have been happening so far. They've been doing many many fixes. I think it is still a few months before I can consider putting it into limited production use but it is getting close. And I think you meant to say, that they ...
by mducharme
Tue Apr 19, 2022 3:53 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 101228

Re: v7.3beta [testing] is released!

And even with unmatching keys (5 / 329) and 17 on the remote system, the bond is Running and I can ping... You missed this in the documentation I think: lacp-user-key: Specifies the upper 10 bits of the port key. The lower 6 bits are automatically assigned based on individual port link speed and du...
by mducharme
Sat Apr 16, 2022 2:23 am
Forum: RouterOS beta
Topic: IPv6 Radius Accounting Not Working for PPPOE Clients (Delegated Prefix)
Replies: 45
Views: 19209

Re: IPv6 Radius Accounting Not Working for PPPOE Clients (Delegated Prefix)

Can you share the script, please? Does it also work for RouterOS v7? Sure. I'm not sure if it works on RouterOS v7 but I don't see why not. Here it is - it is pretty simple: /ipv6 dhcp-server binding; :foreach i in=[find server~"pppoe"] do={ make-static $i; set $i comment=[get $i server];...
by mducharme
Fri Apr 15, 2022 10:55 pm
Forum: RouterOS beta
Topic: IPv6 Radius Accounting Not Working for PPPOE Clients (Delegated Prefix)
Replies: 45
Views: 19209

Re: IPv6 Radius Accounting Not Working for PPPOE Clients (Delegated Prefix)

Is it possible to assign persistently instead of dynamic when using PPPoE? In our case we have a script that goes through every dynamic v6 binding every 5 minutes and does a "make static" so it never changes. It is much easier than having to manually assign a prefix to each new customer.
by mducharme
Thu Apr 14, 2022 4:22 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 101228

Re: v7.3beta [testing] is released!

Just tested v7.3beta33 to see how VPLS works given that this finally has MPLS fixes. VPLS still hangs the device. One ping goes through the tunnel and gets responded to, followed by one of the four CPU's on my 4011 going to 100% CPU utilization and the device becoming completely unresponsive, requir...
by mducharme
Thu Apr 14, 2022 3:57 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 101228

Re: v7.3beta [testing] is released!

I think they always intended to implement the prefix count for received prefixes, otherwise the field to display the prefix count would not be there, rather than being there but displaying zero instead of the correct value. For the other things, I agree, I'm not sure why they weren't anticipated as ...
by mducharme
Thu Apr 14, 2022 2:50 am
Forum: RouterBOARD hardware
Topic: Dying Gasp Syslog message.
Replies: 2
Views: 1189

Re: Dying Gasp Syslog message.

This dying gasp message would be useful for us as well as in some cases we can't always tell if it is a power outage or not. We have other vendor equipment that sends this and it is helpful in those cases. Might be best to open a support ticket about this to request the feature as they may not see i...
by mducharme
Tue Apr 12, 2022 7:38 am
Forum: General
Topic: IPv6 and NAT - how I changed my mind
Replies: 59
Views: 30849

Re: IPv6 and NAT - how I changed my mind

but I sincerely hope that IPv4 norms don't cause IPv6 deployments to backslide into using NAPT66 with any regularity. I don't think this is going to happen. The only reason why people actually *want* to use NAPT66 is the misguided notion of it being more secure or enhancing privacy. Some people sti...
by mducharme
Tue Apr 12, 2022 5:19 am
Forum: General
Topic: IPv6 and NAT - how I changed my mind
Replies: 59
Views: 30849

Re: IPv6 and NAT - how I changed my mind

There's nothing wrong with using masquerade on IPv6 when you have to, for instance things like VPN services where you might just get a single IPv6 but connect that to a router. It is better to have NAT-ed IPv6 than no IPv6 at all. What you shouldn't do is enable masquerade for security or privacy - ...
by mducharme
Wed Apr 06, 2022 5:38 am
Forum: RouterOS beta
Topic: Surprising changes in RouterOS7 cli vs RouterOS6 cli [SOLVED]
Replies: 17
Views: 4917

Re: Surprising changes in RouterOS7 cli vs RouterOS6 cli [SOLVED]

I like the slashes too, as mentioned it makes it look more like a file path. If we can tolerate slashes in file paths, we should be able to tolerate them as separators for levels in the RouterOS command tree, and this is very logical.
by mducharme
Fri Apr 01, 2022 7:44 am
Forum: Announcements
Topic: v7.2rc6 and v7.2rc7 is released!
Replies: 100
Views: 19659

Re: v7.2rc6 and v7.2rc7 is released!

I don't use OpenVPN and never have, so there are no old "echoes" of OpenVPN configuration for it to trigger off. Shouldn't /export suppress that? When they make a change to a default setting in a new version, and you upgrade a device to that new version, the device retains the old default...
by mducharme
Thu Mar 17, 2022 8:12 am
Forum: Useful user articles
Topic: 📌 Tool: Using Splunk to analyse MikroTik logs 3.9 (Graphing everything) 💾 🛠 💻 📊
Replies: 318
Views: 117369

Re: 📌 Tool: Using Splunk to analyse MikroTik logs 3.5 (Graphing everything) 💾 🛠 💻 &#1282

@jotne I've never used Splunk before but thought I would give it a try for home. Under MikroTik Device Traffic (although I properly have kid-control enabled), the hostname is blank for all entries, even though I can see in kid-control devices the hostname is shown for some of those. Also instead of ...
by mducharme
Thu Mar 17, 2022 4:47 am
Forum: Beginner Basics
Topic: WireGuard: allowed IPs - Unofficial WireGuard Documentation
Replies: 112
Views: 42872

Re: WireGuard: allowed IPs - Unofficial WireGuard Documentation

@mducharme: Quick test with Linux and WG has different result, IPv4 works the same as IPv6, if there's no address on interface, it chooses another one from elsewhere. I expect it's probably configurable somewhere, but so far I didn't find any info about it. Edit: there's a difference between ROS v6...
by mducharme
Thu Mar 17, 2022 3:01 am
Forum: Beginner Basics
Topic: WireGuard: allowed IPs - Unofficial WireGuard Documentation
Replies: 112
Views: 42872

Re: WireGuard: allowed IPs - Unofficial WireGuard Documentation

If it's IPv6 and there's no non-link-local address on WG interface, it chooses another one. IPv4 doesn't, even logging ICMP in output doesn't show anything. Interesting - thanks. It is good to know the behaviour anyway. I wonder if this is something MikroTik specific, or if this same thing occurs o...
by mducharme
Thu Mar 17, 2022 1:46 am
Forum: Beginner Basics
Topic: WireGuard: allowed IPs - Unofficial WireGuard Documentation
Replies: 112
Views: 42872

Re: WireGuard: allowed IPs - Unofficial WireGuard Documentation

But if you got rid of it without knowing what you're doing, there's no address to use and there won't be any icmp message. So you just lost useful functionality. Was it worth it? But fortunately it can be fixed by adding pref-src to route and router will use that address, e.g. on Router B: Are you ...
by mducharme
Wed Mar 16, 2022 10:08 am
Forum: RouterOS beta
Topic: Is not possible to downgrade beyond the factory installed version 7.1.1
Replies: 9
Views: 2869

Re: How to downgrade beyond the factory installed version 7.1.1

This is completely unacceptable for a vendor to start pushing new HW revision without backward compatibility and without any EOS/EOL dates announcement for the previous HW revision. Well I guess it is ok for one's cheap home wifi router.... so nice reminder of where these products are targeted at, ...
by mducharme
Tue Mar 15, 2022 5:38 am
Forum: RouterOS beta
Topic: MAJOR webfig issues, on ALL versions 7.x
Replies: 8
Views: 2488

Re: MAJOR webfig issues, on ALL versions 7.x

I just noticed you have Winbox for Linux, I didn't know that, and I will thus give it a try.
Winbox isn't really natively for Linux, but it is fully tested on wine in each release.
by mducharme
Mon Mar 14, 2022 11:38 am
Forum: RouterOS beta
Topic: Hardware IPv6 (dedicated thread)
Replies: 6
Views: 4579

Re: Hardware IPv6 (dedicated thread)

Stabilization is more important than hardware IPv6. I hope to see hardware IPv6 at some point too, but I am glad about this set of priorities.
by mducharme
Sat Mar 12, 2022 1:13 am
Forum: Announcements
Topic: v6.49.4 [stable] is released!
Replies: 38
Views: 18145

Re: v6.49.4 [stable] is released!

But I never use XX or XXXX for an AP, not even auto. And if CAPsMAN is not aligning the 40MHz and 80 MHz channels, or the user sets it unaligned, that is a problem then. MikroTik's default config for the 5GHz interface on most home devices is XXXX. Our default config for our home customer routers i...
by mducharme
Fri Mar 11, 2022 3:58 am
Forum: Announcements
Topic: v6.49.4 [stable] is released!
Replies: 38
Views: 18145

Re: v6.49.4 [stable] is released!

What I'm trying to say: in order to have fully compatible 80MHz channel in lowest part of spectrum, only these combinations are valid: 5180-Ceee, 5200-eCee, 5220-eeCe and 5240-eeeC. It can't be say 5200-Ceee ... this makes valid 20MHz channel, but neither 40 nor 80 MHz. Yes, I have found this same ...
by mducharme
Fri Mar 11, 2022 2:53 am
Forum: RouterOS beta
Topic: v7 new CLI style VS export
Replies: 10
Views: 2968

Re: v7 new CLI style VS export

Hopefully there will be some time, when v7 has been made feature complete and reasonably bug free, when someone at MikroTik looks at the whole export/import thing. It requires some rework to handle standard tasks like transfer of a config to a new device, reload of a config after a full config rese...
by mducharme
Thu Mar 10, 2022 10:05 pm
Forum: RouterOS beta
Topic: MAJOR webfig issues, on ALL versions 7.x
Replies: 8
Views: 2488

Re: MAJOR webfig issues, on ALL versions 7.x

I think these webfig issues are known problems. They have mostly been focused on getting winbox working properly in 7.x, and then I imagine they will turn their attention to webfig. Most people use winbox and not webfig to configure their devices. Using SSH to log into the device and adding the rout...
by mducharme
Thu Mar 10, 2022 4:50 am
Forum: RouterOS beta
Topic: Feature Request: Bulk Port Allocation for CGNAT
Replies: 18
Views: 3953

Re: Feature Request: Bulk Port Allocation for CGNAT

+1 for this feature
by mducharme
Thu Mar 10, 2022 2:17 am
Forum: Beginner Basics
Topic: Wireguard not working
Replies: 24
Views: 9130

Re: Wireguard not working

When you set up WG In routing table is dynamic route created to WG so there should not be a problem,no? You are almost certainly missing some basic fundamental knowledge of how routing works. Watch this video: https://www.youtube.com/watch?v=ZYeMuYBAVrQ Following that video, try to get routing work...
by mducharme
Wed Mar 09, 2022 4:51 am
Forum: Beginner Basics
Topic: Wireguard not working
Replies: 24
Views: 9130

Re: Wireguard not working

OP: If it is PTP you want, I notice you have each router on a different wireguard subnet - it is nonsensical. One router has 192.168.144.1/24 on the wireguard interface and the other has 10.1.168.1/24 on its wireguard interface. I don't see how you expect to get a point to point link working when us...
by mducharme
Tue Mar 08, 2022 9:53 pm
Forum: Beginner Basics
Topic: Wireguard not working
Replies: 24
Views: 9130

Re: Wireguard not working

You didn't even explain how you wanted to set up wireguard. Do you want those two routers connected to each other over wireguard? Or are you simply setting up two completely different routers for a roadwarrior type configuration? or is it something else?
by mducharme
Tue Mar 08, 2022 5:14 am
Forum: RouterOS beta
Topic: v7 new CLI style VS export
Replies: 10
Views: 2968

Re: v7 new CLI style VS export

I suspect the export will change to the new format once v6 moves to legacy (after v7 long term is released).
by mducharme
Mon Mar 07, 2022 9:10 am
Forum: RouterBOARD hardware
Topic: The big CCR2004 reboot thread (was 2004 hardware issues?)
Replies: 458
Views: 146169

Re: The big CCR2004 reboot thread (was 2004 hardware issues?)

I hope so too. Most people I know have had the remaining issues disappear in RouterOS v7. I suspect the remaining issues are instead more general bugs and not platform specific.

We have a bunch of CCR2004's, never deployed, collecting dust. I would like to be able to deploy them.
by mducharme
Wed Mar 02, 2022 3:29 am
Forum: RouterOS beta
Topic: RoS 7.1.3..all even more [SOLVED]
Replies: 13
Views: 3414

Re: RoS 7.1.3..all even more [SOLVED]

It may not be exactly same what we have now (but AFAIK there's some compatibility layer with iptables interface and internal nftables, so it could be possible), but there must be something. I agree, that is why I said "we may lose the current GUI design " instead of saying "we may lo...
by mducharme
Tue Mar 01, 2022 9:20 pm
Forum: RouterOS beta
Topic: RoS 7.1.3..all even more [SOLVED]
Replies: 13
Views: 3414

Re: RoS 7.1.3..all even more [SOLVED]

Route filters have absolutely nothing to do with firewall filters. Yes, except MikroTik's route filter configuration imitated iptables in RouterOS v6. What I am thinking is when RouterOS moves from iptables to nftables, we may lose the current GUI design for firewall rules and instead get something...
by mducharme
Tue Mar 01, 2022 9:00 pm
Forum: RouterOS beta
Topic: RoS 7.1.3..all even more [SOLVED]
Replies: 13
Views: 3414

Re: RoS 7.1.3..all even more [SOLVED]

(we can only hope it will be added back later) I had a look at the new nftables syntax, which is the replacement for iptables in newer Linux versions. It looks a great deal more like the new RouterOS v7 route filter syntax than iptables. I wonder if this is also part of the reason for this decision.
by mducharme
Mon Feb 28, 2022 7:58 pm
Forum: Announcements
Topic: v7.2rc4 is released!
Replies: 143
Views: 41631

Re: v7.2rc4 is released!

Strange that 7.1.3 is stable and 7.1 is long term :)
7.1 isn't really long term. It is just there as a dummy placeholder until there is an actual long term v7.
by mducharme
Mon Feb 28, 2022 1:01 am
Forum: Announcements
Topic: v7.2rc4 is released!
Replies: 143
Views: 41631

Re: v7.2rc4 is released!

*) queue - improved system stability when processing traffic; *) queue - fixed traffic processing (introduced in v7.2rc2); it works in 7.2rc3 What do queue fixes have to do with a 5ghz mipsbe wireless issue? And, no, I was running 7.2rc3 before this, so I can guarantee that these 5ghz mipsbe wirele...
by mducharme
Sat Feb 26, 2022 10:44 am
Forum: Wireless Networking
Topic: CAPsMAN / Local Forwarding + VLAN-Filtering + dynamically created VLANs
Replies: 3
Views: 900

Re: CAPsMAN / Local Forwarding + VLAN-Filtering + dynamically created VLANs

Do you have a different approach? How can you make 2-3 vlans (office, guest, iot, etc) on cap ac without bridge vlan filtering ? Just don't enable bridge vlan filtering. The only reason to enable it on a cap is if you need to also use the cap as a switch and set ethernet ports for certain tagging c...
by mducharme
Sat Feb 26, 2022 3:53 am
Forum: Wireless Networking
Topic: CAPsMAN / Local Forwarding + VLAN-Filtering + dynamically created VLANs
Replies: 3
Views: 900

Re: CAPsMAN / Local Forwarding + VLAN-Filtering + dynamically created VLANs

I set up an CAPsMAN (CAPac) with Local Forwarding and VLAN-Filtering.
Why do you need bridge vlan filtering on the cAP ac in the first place? In most situations for APs there is no benefit, and instead it is just a make-work thing, by forcing you to configure many VLANs by hand.
by mducharme
Sat Feb 26, 2022 12:29 am
Forum: Wireless Networking
Topic: 802.11ac Really Poor Performance?
Replies: 15
Views: 2318

Re: 802.11ac Really Poor Performance?

WOW - has this always been the way the Bandwidth test tool on the Routerboard works? If you run it on the Access Point or a Station it gives reduced results? So what setup do you suggest to run bandwidth test to get an accurate result. Iperf - from PC to PC over the wireless? If this is the case ot...
by mducharme
Fri Feb 25, 2022 11:55 pm
Forum: Wireless Networking
Topic: 802.11ac Really Poor Performance?
Replies: 15
Views: 2318

Re: 802.11ac Really Poor Performance?

If you are running the bandwidth test from the same device that is doing the wireless, the bandwidth test will give you a reduced result because it uses so much CPU on the device. This will reduce the wireless capacity below what it could handle for actual traffic.
by mducharme
Fri Feb 25, 2022 11:12 pm
Forum: Announcements
Topic: v7.2rc4 is released!
Replies: 143
Views: 41631

Re: v7.2rc4 is released!

This version appears to fix the serious mipsbe 5ghz issues detailed here: viewtopic.php?t=182058

Why is there seemingly nothing in the changelog about this? It is like it was fixed silently. It was not working in 7.2rc3 and 7.1.3.
by mducharme
Fri Feb 25, 2022 5:11 am
Forum: Wireless Networking
Topic: ROS 7.1.1 and 5GHz WiFi upload problem
Replies: 43
Views: 11130

Re: ROS 7.1.1 and 5GHz WiFi upload problem

FYI,

From my testing this issue seems to be gone from 7.2rc4, although there are no changes in the changelog mentioning this at all. Can others confirm?
by mducharme
Thu Feb 24, 2022 9:30 pm
Forum: RouterOS beta
Topic: RoS 7.1.3..all even more [SOLVED]
Replies: 13
Views: 3414

Re: RoS 7.1.3..all even more [SOLVED]

What is bird syntax?
https://bird.network.cz/doc/bird-5.html

Bird has a somewhat similar syntax to the route filters that RouterOS v7 uses, although not identical. Cisco and Juniper also use similar syntaxes.
by mducharme
Sat Feb 19, 2022 6:42 am
Forum: Wireless Networking
Topic: ROS 7.1.1 and 5GHz WiFi upload problem
Replies: 43
Views: 11130

Re: ROS 7.1.1 and 5GHz WiFi upload problem

Just here to add to this issue. I have a hAP AC and while downloading is fine (around 225 Mbps), uploading starts normal but then drops to zero within seconds. Connection then hangs and I get disconnected from Winbox. I monitored the AP's system resources and the CPU maxes out until it hangs and I ...
by mducharme
Fri Feb 18, 2022 8:04 am
Forum: Wireless Networking
Topic: Cube 60 Pro Series - 802.11ay
Replies: 44
Views: 12910

Re: Cube 60 Pro Series - 802.11ay

With 802.11ay having a bigger bandwidth, I'm surprised that it's still limited to a Gigabit port. Although it would affect the depth of the unit, a SFP+ port might be handy.. I think these are only their first 802.11ay products. They will most likely be followed up by the larger dishes, and those a...
by mducharme
Fri Feb 18, 2022 4:43 am
Forum: Announcements
Topic: v6.49.3 [stable] is released!
Replies: 64
Views: 21256

Re: v6.49.3 [stable] is released!

Probably, security updates will continue for sometime. Since these are policy decisions, I expect the change to be slow and a long time will be given before ending development and / or maintenance of v6 branch. I don't expect it to be that long. When RouterOS v6 came out, the last update for v5 cam...
by mducharme
Fri Feb 18, 2022 2:15 am
Forum: Forwarding Protocols
Topic: v7.1 MPLS/VPLS question [SOLVED]
Replies: 16
Views: 10762

Re: v7.1 MPLS/VPLS question [SOLVED]

I was missing the input=yes in my config. Adding it improved things - instead of the VPLS tunnel not doing anything and then the devices freezing, I get exactly one ping through and then the devices freeze and have to be power cycled.
by mducharme
Thu Feb 17, 2022 2:56 am
Forum: Announcements
Topic: v6.49.3 [stable] is released!
Replies: 64
Views: 21256

Re: v6.49.3 [stable] is released!

I thought some devices will never be able to use 7 so 6 was intended to be maintained for the foreseeable future?
No, I believe in another thread they have said that once there is a true long-term channel release of v7, after that point v6 development will completely end, no updates.
by mducharme
Wed Feb 16, 2022 8:16 am
Forum: Announcements
Topic: v6.49.3 [stable] is released!
Replies: 64
Views: 21256

Re: v6.49.3 [stable] is released!

Or some forgot that it was done :)
I suspect the same thing - with all the excitement around v7, somebody possibly forgot that 6.49.3 stable was never actually posted.
by mducharme
Wed Feb 16, 2022 7:50 am
Forum: Announcements
Topic: v7.2rc2 and v7.2rc3 is released!
Replies: 222
Views: 84687

Re: v7.2rc2 and v7.2rc3 is released!

My ISP requires host-uniq as well as user/pass for PPPoE. Can someone confirm I can set this? Yes, I can see there is a host-uniq parameter for PPPoE clients in this version. It is only available through the CLI, not through winbox/webfig. I am able to set it in my own device, but because my ISP do...
by mducharme
Sun Feb 13, 2022 2:11 am
Forum: Forwarding Protocols
Topic: BGP 7.1 parameter DIbH ???
Replies: 4
Views: 3257

Re: BGP 7.1 parameter DIbH ???

Isn't there an option to get only one prefix without any others in memory?
Yes there is, but not in /routing/filters. The option is under bgp, in "input.accept-nlri".

https://help.mikrotik.com/docs/pages/vi ... p/template
by mducharme
Sat Feb 12, 2022 3:09 am
Forum: RouterBOARD hardware
Topic: Wave2 on RB4011iGS+5HacQ2HnD-IN-US ?
Replies: 6
Views: 2098

Re: Wave2 on RB4011iGS+5HacQ2HnD-IN-US ?

I think its because the 5GHz interface is frequency locked. I haven't tried it on a US model device, but I don't think the frequency lock is the reason - otherwise wifiwave2 would not work on any of the US devices, and this has not been stated anywhere. The 5GHz interface should be working. Did you...
by mducharme
Thu Feb 10, 2022 3:21 am
Forum: Announcements
Topic: v7.1.1 is released!
Replies: 443
Views: 223469

Re: v7.1.1 is released!

+ export not working, wait almost forever and the result is nothing
+ Make supout.rif stop at 85%
This is fixed in 7.2rc2.
by mducharme
Wed Feb 09, 2022 5:19 am
Forum: Wireless Networking
Topic: ROS 7.1.1 and 5GHz WiFi upload problem
Replies: 43
Views: 11130

Re: ROS 7.1.1 and 5GHz WiFi upload problem

Interim report. The "old" wAP ac (MIPSBE) devices on 6.48.6 are solid for days now, no issues, at least nothing a user can "feel". Router on 7.1.1. Capsman tested with local forwarding on and off. Yes, this is not a surprise, I have many old wAP ac mipsbe models out there runnin...
by mducharme
Wed Feb 09, 2022 12:42 am
Forum: Useful user articles
Topic: WinBox for MacOS ??
Replies: 32
Views: 13583

Re: WinBox for MacOS ??

I'm sure they would have layer 2 discovery just like the current Winbox, and allow MAC layer 2 connections. I'm not sure if it can be done with electron itself, but maybe by adding a small binary shim that would talk MAC winbox and present some kind of REST API that the electron client could use to ...
by mducharme
Tue Feb 08, 2022 2:44 am
Forum: Useful user articles
Topic: WinBox for MacOS ??
Replies: 32
Views: 13583

Re: WinBox for MacOS ??

An improved iPad app be way more useful, we already use Lighting-to-Ethernet dongles with it, but the Mikrotik iOS app just isn't that great and still buggy. If you think about it, this could actually be a way of unifying the iPhone/iPad app with everything else. The iOS app does have that "ba...
by mducharme
Mon Feb 07, 2022 8:55 pm
Forum: Useful user articles
Topic: WinBox for MacOS ??
Replies: 32
Views: 13583

Re: WinBox for MacOS ??

What if we end up with some Electron-based monstrosity or something?
I wouldn't be surprised if they used Electron, because then they could revamp webfig at the same time and use much of the same code for both. The other way would be to use some popular framework like Qt.
by mducharme
Mon Feb 07, 2022 7:12 pm
Forum: Announcements
Topic: v7.2rc2 and v7.2rc3 is released!
Replies: 222
Views: 84687

Re: v7.2rc2 and v7.2rc3 is released!

Route caching would explain a speed drop from 6.x to 7.x, but not from 7.1.1 to 7.2rc3.
by mducharme
Mon Feb 07, 2022 7:11 pm
Forum: RouterOS beta
Topic: some quick comments on configuring cake
Replies: 285
Views: 101150

Re: some quick comments on configuring cake

That was the test I performed. IPv6 + simple queue using the interface as a target works on 7.2rc3 and CCR2116
It might be fixed then - is that with connection tracking? i.e. do you have an IPv6 allow established,related firewall rule that is working correctly with that queue in place?
by mducharme
Mon Feb 07, 2022 5:54 am
Forum: RouterOS beta
Topic: some quick comments on configuring cake
Replies: 285
Views: 101150

Re: some quick comments on configuring cake

I can confirm that IPv6 and Cake are working on 7.2rc3. The issue reported was not about IPv6 and cake specifically. It was about IPv6 not working when there was a simple queue (of any type) used with an interface as the "target". Cake works fine with IPv6 with queue trees and interface q...
by mducharme
Mon Feb 07, 2022 3:56 am
Forum: Wireless Networking
Topic: ROS 7.1.1 and 5GHz WiFi upload problem
Replies: 43
Views: 11130

Re: ROS 7.1.1 and 5GHz WiFi upload problem

I am having this problem with the hAP ac and hAP ac lite. It is easily reproducible by doing a speedtest. During the upload test, the device will stop communicating on wireless completely. When this happens if you kick the device from the Wireless->Registrations tab it will immediately reconnect and...
by mducharme
Mon Feb 07, 2022 3:13 am
Forum: RouterBOARD hardware
Topic: CCR 2116-12g-4s+ powerhouse
Replies: 6
Views: 2771

Re: CCR 2116-12g-4s+ powerhouse

A few days ago I acquired it and it has problems with overheating, the fans do not activate correctly until it is about to reach 70 ° causing restarts and cannot be modified 70 degrees CPU temperature is not always very high for MikroTik devices. It really depends on the model. We have some of thei...
by mducharme
Mon Feb 07, 2022 12:10 am
Forum: Beginner Basics
Topic: Mikrotik CCR 1009 two IP Pools /24 PPOE server
Replies: 7
Views: 1572

Re: Mikrotik CCR 1009 two IP Pools /24 PPOE server

For your issue in the other thread: Now i cannot access my Radius Server ( 103.xxx.x79.49 ) from my Clients side (PPPoE Clients) that are using above POOL (obviously) The issue is with the subnets. Each PPPoE client gets its own /32 subnet of just one device. Additionally for some unknown reason you...
by mducharme
Sun Feb 06, 2022 9:28 pm
Forum: Announcements
Topic: v7.2rc2 and v7.2rc3 is released!
Replies: 222
Views: 84687

Re: v7.2rc2 and v7.2rc3 is released!

Internet speed through wi-fi dropped a lot
Dropped a lot compared to what? 7.1.1?
by mducharme
Sun Feb 06, 2022 7:50 pm
Forum: RouterOS beta
Topic: Feedback on RouterOSv7 route filtering
Replies: 28
Views: 13325

Re: Feedback on RouterOSv7 route filtering

Source on this?
viewtopic.php?p=901944#p901944

The problem that I would see with moving entirely to a web gui would be that you would lose MAC winbox capabilities.
by mducharme
Sun Feb 06, 2022 3:11 am
Forum: RouterOS beta
Topic: Feedback on RouterOSv7 route filtering
Replies: 28
Views: 13325

Re: Feedback on RouterOSv7 route filtering

They have said they are in development of a new cross-platform Winbox replacement. Presumably this will allow them to create different GUI designs that will be more suitable for something like this.
by mducharme
Thu Feb 03, 2022 4:32 am
Forum: General
Topic: Changing ipv6 prefix
Replies: 95
Views: 17422

Re: Changing ipv6 prefix

Is RouterOS sending an RA with a lifetime of 0 when the prefix changes? Or is there some way to do it with a script?
No, it isn't doing this. I'm not sure how to fix it with a script, it may be possible. This is something I hope they will fix soon in RouterOS v7.
by mducharme
Tue Feb 01, 2022 6:12 pm
Forum: Announcements
Topic: v7.2rc2 and v7.2rc3 is released!
Replies: 222
Views: 84687

Re: v7.2rc2 is released!

Are you sure? ZT makes money off the controller – more than one admin, an end customer pays. I'm not sure, but I recall reading about this before. I just had another look at the BSL that ZeroTier uses, MikroTik would not seem to qualify to include it in RouterOS free of charge as RouterOS itself is...
by mducharme
Tue Feb 01, 2022 4:01 am
Forum: RouterOS beta
Topic: Disable Unused Packages
Replies: 14
Views: 9470

Re: Disable Unused Packages

On the other hand, I'm sure that there are independent things that could be easily taken out and made into separate packages, because nothing else depends on them. Question is how much it's worth it. If it would save a megabyte or more, it could help 16MB devices. But if it's just few tens of kilob...
by mducharme
Tue Feb 01, 2022 3:44 am
Forum: Announcements
Topic: v7.2rc2 and v7.2rc3 is released!
Replies: 222
Views: 84687

Re: v7.2rc2 is released!

This would be of great value indeed. ZeroTier should not be missing on all Mikrotik routers. Mikrotik you are already doing a wonderful job do your best and implement ZeroTier on all routers starting with mipsbe. My understanding of the way Zerotier licensing works for hardware vendors is that they...
by mducharme
Tue Feb 01, 2022 3:38 am
Forum: RouterOS beta
Topic: Disable Unused Packages
Replies: 14
Views: 9470

Re: Disable Unused Packages

In my opinion this was a BIG design flaw! One of the ugliest things are enabled but unused features (which one-one cares about). This is a REAL security risk!! The features that are potentially a security risk (or at least most of them) can be disabled by using the new device-mode setting and chang...
by mducharme
Mon Jan 31, 2022 2:40 am
Forum: RouterOS beta
Topic: Bridge filter rules : set-priority for VLAN non functional
Replies: 15
Views: 9720

Re: Bridge filter rules : set-priority for VLAN non functional

Still doesn't work with above configuration (first post).
Probably you should report this via their support system. In the meantime, you can probably work around this with a mangle rule to get the same result.
by mducharme
Mon Jan 31, 2022 12:37 am
Forum: RouterBOARD hardware
Topic: RB433
Replies: 8
Views: 2098

Re: RB433

Although I have never used an RB433, any MikroTik with more than one radio can have the radios configured completely differently, so yes.
by mducharme
Sun Jan 30, 2022 5:14 am
Forum: RouterOS beta
Topic: 7.1.1 - CAKE breaks IPv6
Replies: 18
Views: 12995

Re: 7.1.1 - CAKE breaks IPv6

What you can do is, if your only LAN interface is a single bridge, you can create two queue trees, one on the WAN port for shaping upload and one on the bridge interface for shaping download. They need to fix this, but in the interim, this can work.
by mducharme
Sun Jan 30, 2022 1:32 am
Forum: RouterOS beta
Topic: RB1100AHx4 - RouterOS v7.1 License Level ZERO - Why?
Replies: 9
Views: 7132

Re: RB1100AHx4 - RouterOS v7.1 License Level ZERO - Why?

I don't think I installed anything extra other than dude.
The dude is not available yet on v7, that is why it is failing for you.
by mducharme
Sat Jan 29, 2022 8:53 pm
Forum: RouterOS beta
Topic: Very high CPU usage on PCC Loadbalancing with 7.x
Replies: 22
Views: 11274

Re: Very high CPU usage on PCC Loadbalancing with 7.x

Then why is ip route cache option present in ip>setting?
They haven't removed the setting yet. It is now a dummy setting, the only thing it does is disables fast path, and there is already a check box for disabling fast path.
by mducharme
Sat Jan 29, 2022 8:24 pm
Forum: RouterBOARD hardware
Topic: RB3011 performance issues
Replies: 9
Views: 7710

Re: RB3011 performance issues

Have you tried disabling flow control on all ports to see if there is any change? I don't know whether there would be or not, but I don't typically use flow control on these devices.
by mducharme
Sat Jan 29, 2022 6:40 pm
Forum: RouterBOARD hardware
Topic: The big CCR2004 reboot thread (was 2004 hardware issues?)
Replies: 458
Views: 146169

Re: The big CCR2004 reboot thread (was 2004 hardware issues?)

I know some people whose reboots have completely gone away since the upgrade to 7.x (3 months+ uptime vs only days previously), so I can say it is not true for everybody that it has not fixed things.
by mducharme
Fri Jan 28, 2022 2:35 am
Forum: RouterBOARD hardware
Topic: Which Product for SFP + 4 or 5 PoE Gigabit? [SOLVED]
Replies: 7
Views: 3859

Re: Which Product for SFP + 4 or 5 PoE Gigabit? [SOLVED]

This will definitely disqualify the MikroTik RB960PGS hEX as the goal here would be to support a 24V passive Ubiquity AP and a 48V 802.3af IP phone. I do not know if the Ubiquity AP are tolerant to 48V, just that the spec sheet specifies 24V passive. Plus the whole idea (for me) to utilizing a PoE ...
by mducharme
Thu Jan 27, 2022 10:06 pm
Forum: General
Topic: Feature Request: IPv6 NAT66 Support
Replies: 73
Views: 30523

Re: Feature Request: IPv6 NAT66 Support

Which is the same way as I'd do it with IPv4, then for now I'm going to stick with my theory that MikroTik simply added only half of netmap by mistake. Yes, I noticed this before and came to the same conclusion. Also, the action src-nat is not available in the srcnat chain for some reason, only mas...
by mducharme
Thu Jan 27, 2022 8:01 pm
Forum: Announcements
Topic: v7.2rc1 is released!
Replies: 240
Views: 159336

Re: v7.2rc1 is released!

For some reason I thought it was the specific combination of bridge VLAN filtering + hardware offload that fasttrack didn't support, and not just bridge vlan filtering or hardware offload on their own, but it seems from that explanation that I was mistaken and that it is just bridge VLAN filtering t...
by mducharme
Thu Jan 27, 2022 8:53 am
Forum: Announcements
Topic: v7.2rc1 is released!
Replies: 240
Views: 159336

Re: v7.2rc1 is released!

Fasttrack has nothing to do with bridge vlan filtering.
This is not the case - fasttrack only works in situations where bridge VLAN filtering is not hardware offloaded.

See viewtopic.php?p=898137#p898137
by mducharme
Thu Jan 27, 2022 8:33 am
Forum: Announcements
Topic: v7.2rc1 is released!
Replies: 240
Views: 159336

Re: v7.2rc1 is released!

Am I missing a step that doesn't support hardware offloaded, can you guide me? Besides, on Switch CRS125, all ether is supported hardware offloaded but only "Bonding LAN" is not supported, specifically I don't see the "H" symbol in front. CRS1xx/2xx chips do not support bridge V...
by mducharme
Thu Jan 27, 2022 1:56 am
Forum: RouterBOARD hardware
Topic: Which Product for SFP + 4 or 5 PoE Gigabit? [SOLVED]
Replies: 7
Views: 3859

Re: Which Product for SFP + 4 or 5 PoE Gigabit? [SOLVED]

I've successfully configured a HexS for the task. I am getting >900Mbps throughput between SFP uplink and any ethernet port. So that is good and achieving its objective minus the PoE ability. I am wondering if a MikroTik RB960PGS hEX would provide similar or better performance? Keeping in mind that...
by mducharme
Thu Jan 27, 2022 1:14 am
Forum: Announcements
Topic: v7.2rc1 is released!
Replies: 240
Views: 159336

Re: v7.2rc1 is released!

If that is determined it is not an error, and caching is not applied on RouterOS v7. So is it possible for devices using the following architectures: MMIPS, MIPSBE ... The manufacturer should inform users not to upgrade RouterOS v7, so as not to have to reduce the internal transmission speed ?! Thi...
by mducharme
Wed Jan 26, 2022 7:29 am
Forum: Announcements
Topic: v7.2rc1 is released!
Replies: 240
Views: 159336

Re: v7.2rc1 is released!

But, one thing is confusing that... still the same, I performed earlier with Router OS v6 by disconnecting all devices accessing the network and only testing directly between router RB750 GR3 and Switch CRS125, at this time there are no other accesses or devices using CPU resources, and obviously t...
by mducharme
Tue Jan 25, 2022 9:50 pm
Forum: Announcements
Topic: v7.2rc1 is released!
Replies: 240
Views: 159336

Re: v7.2rc1 is released!

I am using router hEX - 750 GR3, when I upgrade RouterOS version v7.1.1 (stable) or RouterOS version v7.2rc1 (testing), error occurs as shown below. Running btest from the device itself will always give you a lower value as the btest process uses a lot of CPU that otherwise would be used for routin...
by mducharme
Sun Jan 23, 2022 6:52 am
Forum: RouterOS beta
Topic: For ISPS: Motivations and methods for implementing fq_codel and cake
Replies: 48
Views: 26570

Re: For ISPS: Motivations and methods for implementing fq_codel and cake

What packet mark do put for the parent queue ? no-mark ? is cake aware of the dscp value from mangle ?
Yes, use no-mark for the parent, and remove any mangle rules that apply any mark other than no-mark. And, yes, cake is aware of the dscp rule from mangle.
by mducharme
Sat Jan 22, 2022 8:17 pm
Forum: Announcements
Topic: v7.1.1 is released!
Replies: 443
Views: 223469

Re: v7.1.1 is released!

That's not the question, I see it listed among the types. I'm curious why it's not being used..
I'm sure they will add defaults for those later. They probably do not consider it to be urgent at this time, and are focusing on fixing a lot of bugs instead of dealing with minor things like this.
by mducharme
Sat Jan 22, 2022 7:53 pm
Forum: RouterBOARD hardware
Topic: The big CCR2004 reboot thread (was 2004 hardware issues?)
Replies: 458
Views: 146169

Re: The big CCR2004 reboot thread (was 2004 hardware issues?)

On two CCR2004 we have experimented two watchdog reboot, all have 6.49.2,
If you are doing VLAN, routing, basic firewall, you can probably use 7.1.1 on them to fix the reboots.
by mducharme
Sat Jan 22, 2022 7:45 pm
Forum: RouterOS beta
Topic: Performance regression + IPv6 not working - RB750Gr3
Replies: 7
Views: 4677

Re: Performance regression + IPv6 not working - RB750Gr3

You don't have any firewall rules - that isn't a secure configuration. Check system->resources->CPU results when you are doing the speedtest. If a CPU is hitting 100%, use tool profile during the same test to try to determine what process is using the high utilization. It is also good to compare thi...
by mducharme
Sat Jan 22, 2022 7:42 pm
Forum: RouterOS beta
Topic: IPv6 link-local address missing on bridge if auto-mac=no
Replies: 6
Views: 4516

Re: IPv6 link-local address missing on bridge if auto-mac=no

Hello,

If this happens you can go into IPv6->Settings, check disable IPv6 and apply, then uncheck disable IPv6 and apply again. This method will probably get the missing link local back again.
by mducharme
Sat Jan 22, 2022 7:24 pm
Forum: RouterOS beta
Topic: For ISPS: Motivations and methods for implementing fq_codel and cake
Replies: 48
Views: 26570

Re: For ISPS: Motivations and methods for implementing fq_codel and cake

Im using one of your queue tree script with dscp mangling now that cake is possible should i just change the queue type to cake in queue tree. Or is there anything more that should be configured in mangle or queue tree. With cake you don't need the 8 leaf queues anymore for the different priorities...
by mducharme
Sat Jan 22, 2022 4:44 am
Forum: RouterOS beta
Topic: For ISPS: Motivations and methods for implementing fq_codel and cake
Replies: 48
Views: 26570

Re: For ISPS: Motivations and methods for implementing fq_codel and cake

For inspiration in general I recommend looking over how preseem does things.
I have looked at Preseem, but it is a non-starter for us because of its complete lack of MPLS support.
by mducharme
Sat Jan 22, 2022 4:40 am
Forum: RouterOS beta
Topic: For ISPS: Motivations and methods for implementing fq_codel and cake
Replies: 48
Views: 26570

Re: For ISPS: Motivations and methods for implementing fq_codel and cake

It's a more generic problem than that, I suppose. Being unable to provide any parameters at all to any more advanced qdisc on the base interface queue means you can't set flows (for sfq/fq_codel/etc), rtt, or other stuff. I hope they add that feature. I will keep repeating that fq_codel is a genera...
by mducharme
Fri Jan 21, 2022 3:13 am
Forum: RouterOS beta
Topic: For ISPS: Motivations and methods for implementing fq_codel and cake
Replies: 48
Views: 26570

Re: For ISPS: Motivations and methods for implementing fq_codel and cake

You might want to check this openwrt cake script with dscp mangling to see if it can be ported to mikrotik Are you asking for help with this? or trying to help me? If the latter, this is not helpful for my specific use case. If the former, I can explain how you could probably adapt this for RouterO...
by mducharme
Thu Jan 20, 2022 11:54 pm
Forum: RouterBOARD hardware
Topic: The big CCR2004 reboot thread (was 2004 hardware issues?)
Replies: 458
Views: 146169

Re: The big CCR2004 reboot thread (was 2004 hardware issues?)

Any update guys ? Does anyone getting reboots with vi stable ? For me, it's still rebooting with v7.1.1 Everbody I know with this issue has had it gone entirely since 7.1.1, except for you. Probably there are two reasons for the reboots, one is fixed by 7.1.1 and the other is possibly configuration...
by mducharme
Thu Jan 20, 2022 4:11 pm
Forum: Beginner Basics
Topic: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs
Replies: 28
Views: 5679

Re: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs

Everything is correct and standard with that configuration. To troubleshoot further at this point, I would try doing ping tests on VLAN 60 to the Cisco and Dlink from the MikroTik to help narrow down where the problem is.
by mducharme
Thu Jan 20, 2022 6:14 am
Forum: Beginner Basics
Topic: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]
Replies: 11
Views: 2935

Re: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]

a bridge that connects two different interface VLANs on two different interfaces Ah I see, a bridge where ports are VLAN interfaces (/interface vlan) and not a bridge with vlan-filtering=yes and differently tagged physical interfaces. Yes, precisely, I could see this configuration potentially being...
by mducharme
Thu Jan 20, 2022 5:04 am
Forum: Beginner Basics
Topic: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]
Replies: 11
Views: 2935

Re: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]

For instance on ether4 you could have an interface VLAN 444 and on ether5 you could have another interface VLAN 444 and you could have a bridge called bridge-vlan-444 that has both the interface VLAN 444 on ether4 and interface vlan 444 on ether5 as ports. In this case I could understand the device ...
by mducharme
Thu Jan 20, 2022 4:59 am
Forum: Beginner Basics
Topic: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]
Replies: 11
Views: 2935

Re: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]

Do you mean that in this case CoS must be set "manually" via a set-priority from-ingress Bridge Filter rule? Probably - I mean it is possible to have a bridge that connects two different interface VLANs on two different interfaces, and in this particular setup, I could understand the devi...
by mducharme
Thu Jan 20, 2022 4:46 am
Forum: Beginner Basics
Topic: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]
Replies: 11
Views: 2935

Re: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]

https://forum.mikrotik.com/viewtopic.php?t=149605 points that CoS may be cleared on a bridge. Although I'm not sure whether it applies to packets that go from one VLAN to another (both ports are part of the bridge, but with different tags) or even when VLAN header is untouched (both bridge ports be...
by mducharme
Thu Jan 20, 2022 4:09 am
Forum: Beginner Basics
Topic: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]
Replies: 11
Views: 2935

Re: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]

In general, when is the "set priority" considered? In particular I have the following layout: WAN <-- untagged --> bridge <-- tagged --> vlan interface (bridge vlan-filtering) <-- tagged --> RouterOS switches <-- tagged --> wlan (WMM enabled, vlan is set on the interface) ((( untagged )))...
by mducharme
Thu Jan 20, 2022 3:30 am
Forum: Beginner Basics
Topic: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]
Replies: 11
Views: 2935

Re: Difference from-dscp, from-dscp-high-3-bits and from-ingress [SOLVED]

from-dscp uses the three low bits instead of the high three bits. The mapping difference is as follows: from-dscp-high-3-bits: DSCP 0-7 -> priority 0 DSCP 8-15 -> priority 1 DSCP 16-23 -> priority 2 DSCP 24-31 -> priority 3 DSCP 32-39 -> priority 4 DSCP 40-47 -> priority 5 DSCP 48-55 -> priority 6 D...
by mducharme
Thu Jan 20, 2022 3:01 am
Forum: The User Manager
Topic: v7.1.1 Feature request : routers address use /24
Replies: 6
Views: 4822

Re: v7.1.1 Feature request : routers address use /24

We don't use user manager but have this issue with other RADIUS servers. We get around it by using a port forward along with src-nat so that we are basically proxying all RADIUS traffic through a single IP so it all appears to be from the same NAS.
by mducharme
Wed Jan 19, 2022 10:33 pm
Forum: Beginner Basics
Topic: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs
Replies: 28
Views: 5679

Re: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs

According to the last paragraph, should I do this? for each vlan. Yes, except for one thing. Under "tagged" you have "bridge" as a port. This is necessary for VLAN 60 on which the device will have an IP, but should be avoided on all other VLANs. Having "bridge" itself ...
by mducharme
Wed Jan 19, 2022 10:25 pm
Forum: RouterOS beta
Topic: For ISPS: Motivations and methods for implementing fq_codel and cake
Replies: 48
Views: 26570

Re: For ISPS: Motivations and methods for implementing fq_codel and cake

thx for attempting to meet my mind in the middle! Perhaps there is a mikrotik person that can fill in more of my blanks? Most likely this would require somebody to explain what is actually happening on the back end (CLI equivalent) for these configuration options I've shown you above for the differ...
by mducharme
Wed Jan 19, 2022 7:36 pm
Forum: RouterOS beta
Topic: For ISPS: Motivations and methods for implementing fq_codel and cake
Replies: 48
Views: 26570

Re: For ISPS: Motivations and methods for implementing fq_codel and cake

Simple queues allow both ingress and egress to be limited at the same time. They are often used at the ISP side for rate limiting of a single customer. It is this that currently has issues with IPv6. Screenshot 2022-01-19 093239.png Screenshot 2022-01-19 093345.png Screenshot 2022-01-19 093436.png I...
by mducharme
Wed Jan 19, 2022 5:53 am
Forum: RouterOS beta
Topic: For ISPS: Motivations and methods for implementing fq_codel and cake
Replies: 48
Views: 26570

Re: For ISPS: Motivations and methods for implementing fq_codel and cake

Queue trees can be either interface-attached (in which case they affect only egress traffic) or "global" attached, in which case they can affect ingress or egress traffic depending on how the packets are marked. Packets can have a mark applied using either firewall mangle rules or bridge f...
by mducharme
Wed Jan 19, 2022 5:46 am
Forum: RouterOS beta
Topic: For ISPS: Motivations and methods for implementing fq_codel and cake
Replies: 48
Views: 26570

Re: For ISPS: Motivations and methods for implementing fq_codel and cake

Hi Dave, I can show you a screenshot in case it helps to clarify things. Screenshot 2022-01-18 194412.png I believe this "interface queue" is equivalent to your "tc qdisc replace dev eth0 root cake", it only affects egress and not ingress. There is no "bandwidth" settin...
by mducharme
Tue Jan 18, 2022 7:40 pm
Forum: RouterOS beta
Topic: For ISPS: Motivations and methods for implementing fq_codel and cake
Replies: 48
Views: 26570

Re: For ISPS: Motivations and methods for implementing fq_codel and cake

ipv6 and these queue types have issues documented here viewtopic.php?t=181705
This only impacts using cake with a simple queue shaper. It works fine with IPv6 when using queue trees instead or interface queues.
by mducharme
Tue Jan 18, 2022 6:37 pm
Forum: Beginner Basics
Topic: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs
Replies: 28
Views: 5679

Re: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs

That configuration is much better. If this is intended to be a layer 2 switch (access layer), there is generally not a good reason to give the switch an IP on other VLANs besides the one that will be used for management of the switch, and in that case the extra VLAN interfaces are unnecessary. If th...
by mducharme
Tue Jan 18, 2022 4:02 am
Forum: Useful user articles
Topic: Using RouterOS to QoS your network - 2020 Edition
Replies: 275
Views: 502108

Re: Using RouterOS to QoS your network - 2020 Edition

I am a little concerned at the smallness of your bucket-size. In some cases a bucket size this small is necessary. Some vendors will police very strictly, and if an upstream provider does this, the "burst" that is allowed by smaller bucket sizes can unfortunately be dropped by the upstrea...
by mducharme
Tue Jan 18, 2022 3:48 am
Forum: Announcements
Topic: v7.1.1 is released!
Replies: 443
Views: 223469

Re: v7.1.1 is released!

fq_codel and cake work brilliantly with flow control on and without a shaper. why turn it off? I am curious as to what you mean by "without a shaper" - do you mean setting fq_codel or cake as the interface queue? MikroTik abstracts away many of the parts of tc (which I haven't used on reg...
by mducharme
Tue Jan 18, 2022 3:47 am
Forum: RouterOS beta
Topic: For ISPS: Motivations and methods for implementing fq_codel and cake
Replies: 48
Views: 26570

Re: For ISPS: Motivations and methods for implementing fq_codel and cake

1) Can someone confirm that 7.2 perhaps has a working ipv6?
I don't fully understand what you mean here as IPv6 is working in 7.1.1. There are some issues or things not implemented yet, but none of those qualify as IPv6 "not working"
by mducharme
Mon Jan 17, 2022 10:57 pm
Forum: Beginner Basics
Topic: hAP ac² upgrade from 6.49.2 -> 7.1.1 issues
Replies: 15
Views: 4656

Re: hAP ac² upgrade from 6.49.2 -> 7.1.1 issues

Also since RouterOS v7 beta was first released back in September 2019 it has been known that the ability to install the individual packages (system, wireless, dhcp, etc) is gone and everything is in one monolithic package, only making upgrades easy from the v6 bundle package, unless the device has a...
by mducharme
Mon Jan 17, 2022 10:46 pm
Forum: Beginner Basics
Topic: hAP ac² upgrade from 6.49.2 -> 7.1.1 issues
Replies: 15
Views: 4656

Re: hAP ac² upgrade from 6.49.2 -> 7.1.1 issues

That would probably erase the corresponding config as well? Possibly (although I have sometimes had such config reappear after the packages are reinstalled), but for things like IPv6 or wireless you could easily do an /export from the command line for those sections only and paste it back in after ...
by mducharme
Mon Jan 17, 2022 10:17 pm
Forum: Beginner Basics
Topic: hAP ac² upgrade from 6.49.2 -> 7.1.1 issues
Replies: 15
Views: 4656

Re: hAP ac² upgrade from 6.49.2 -> 7.1.1 issues

If you uninstall the ipv6 and/or wireless package first, it may free up enough space for the upgrade to be successful.
by mducharme
Mon Jan 17, 2022 4:09 pm
Forum: Beginner Basics
Topic: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs
Replies: 28
Views: 5679

Re: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs

I see a problem in your MSTP configuration above. The region name and region revision should exactly match on all switches on your network (Cisco, Dlink, MikroTik) On the D-Link you have configured an MSTP region name of D-Link-07 with a revision of 1 and on the MikroTik you've configured a region n...
by mducharme
Mon Jan 17, 2022 4:00 pm
Forum: Beginner Basics
Topic: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs
Replies: 28
Views: 5679

Re: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs

I only use vlan 60 on D-link with an ip address, sorry for the Russian interface. I'm not talking about the D-Link! I'm talking about the MikroTik. You've created 18 different VLAN interfaces. The only reason you would ever want to do this is if the MikroTik switch needs 18 IP addresses, one on eac...
by mducharme
Mon Jan 17, 2022 3:58 pm
Forum: Beginner Basics
Topic: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs
Replies: 28
Views: 5679

Re: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs

I understand that I can split VLANs into different bridges, No, no no. You are completely misunderstanding me. You should never have more than one bridge on a MikroTik switch as only the first bridge will be hardware offloaded. I think you wanted to define 18 different VLANs. Instead what you have ...
by mducharme
Mon Jan 17, 2022 3:21 am
Forum: RouterOS beta
Topic: Using WifiWave2 to bridge two Audience wirelessly, thoughts? == 4-address mode
Replies: 56
Views: 22700

Re: Using WifiWave2 to bridge two Audience wirelessly, thoughts?

WDS works with other vendors with 4 address mode though, if you make it an open AP without security. In some cases this can be a reasonable compromise even for PTP across vendors (ex. where you are encrypting everything over the link through some other means like IPsec anyway). It is the only way to...
by mducharme
Sun Jan 16, 2022 10:32 pm
Forum: Beginner Basics
Topic: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs
Replies: 28
Views: 5679

Re: CRS326-24S+2Q+; Cisco 9300; D-Link DGS-1510-52X; TRUNK VLANs

Under bridge->VLANs the normal configuration is to have a separate entry for each VLAN and not have all VLANs crammed into one entry like that. Putting all VLANs into one single entry can work but it doesn't give you any control over which VLANs get passed to which ports, you are stuck dealing with ...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 7