Community discussions

MikroTik App

Search found 273 matches

by volkirik
Tue Feb 13, 2024 11:12 pm
Forum: Beginner Basics
Topic: Are the AMSDU settings even doing something?
Replies: 5
Views: 1577

Re: Are the AMSDU settings even doing something?

if the clients (cpes) are not mikrotik set AMSDU to 7935 for compat..
by volkirik
Tue Feb 13, 2024 10:59 am
Forum: Wireless Networking
Topic: Terribly slow Wi-Fi speed
Replies: 16
Views: 7541

Re: Terribly slow Wi-Fi speed

interface wireless/set [find] wmm-support=enabled mtu=1500 l2mtu=2290 hw-protection-mode=rts-cts hw-protection-threshold=2285 hw-fragmentation-threshold=1500 hw-retries=15 tx-chains=0,1,2,3 rx-chains=0,1,2,3 country=netherlands 2 bytes=WMM 4 bytes=VLAN change sfq to pcq. others ≈ default remove simp...
by volkirik
Sun Dec 24, 2023 7:33 am
Forum: RouterOS beta
Topic: Feature Request NAT-PMP
Replies: 18
Views: 12414

Re: Feature Request NAT-PMP

It is time for USB-EXTRAS package..

USB ethernet adapter and USB wireless adapter drivers seperate package for example realtek branded USB adapters..
by volkirik
Tue Dec 12, 2023 6:23 pm
Forum: General
Topic: Interface queue type
Replies: 11
Views: 14429

Re: Interface queue type

try decreasing PCQ buffers or better fq_codel with lower buffer sizes

you can even set 1 packet buffer with PCQ or any other queue type.

for example set 2-kbytes for MTUs in range of 1000-2000 bytes.

Please do not set buffer sizes lower than your MTU. It may cause problems.
by volkirik
Tue Nov 21, 2023 4:48 am
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 12199

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

Try mixing OPEN (none) with WPA2 then.

Thanks & Regards
by volkirik
Mon Nov 20, 2023 7:56 pm
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 12199

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

when you have virtual wireless interface and wireless security does not match main wireless interface's security,; this bug occurs.

hope this wireless driver bug can be fixed. thanks!

best regards & wishes.
by volkirik
Sun Oct 29, 2023 12:46 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 95058

Re: v7.12rc is released!

However, different wireless drivers do interact with passing frames beyond basic MAC addressing and some drivers might burp on frames they don't recognize. I think the problem is that the drivers have to do some kind of workaround to replace ARP. The WiFi has the same MAC for all clients, but they ...
by volkirik
Sun Oct 29, 2023 1:55 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 95058

Re: v7.12rc is released!

rc3 is available for testing. if you get support ticket response indicating that your bug-report is FIXED, you may try this experimental testing release

https://box.mikrotik.com/d/c1ce5f170ea1467db0d2/

no changelog. no warranty. experimental.
by volkirik
Tue Oct 24, 2023 11:39 am
Forum: Beginner Basics
Topic: Failover between 2 ISPs using gateways with same IP (was NAT traffic to VRF)
Replies: 38
Views: 7005

Re: Failover between 2 ISPs using gateways with same IP (was NAT traffic to VRF)

You do not need to change addresses...

Just use src-nat action in src-nat chain and type source ip address of mikrotik router for NAT'ing.

Masquerade action is buggy.
by volkirik
Wed Oct 18, 2023 4:30 pm
Forum: Beginner Basics
Topic: Failover between 2 ISPs using gateways with same IP (was NAT traffic to VRF)
Replies: 38
Views: 7005

Re: Failover between 2 ISPs using gateways with same IP (was NAT traffic to VRF)

src-nat and masquerading are the same thing, in the first case you force the IP to use and in the second it is automatically assigned by the router.
wrong; please read wiki. masquerading is incompatible with failover. connections break. with src-nat action they resume.
by volkirik
Wed Oct 18, 2023 3:11 pm
Forum: Beginner Basics
Topic: Failover between 2 ISPs using gateways with same IP (was NAT traffic to VRF)
Replies: 38
Views: 7005

Re: Failover between 2 ISPs using gateways with same IP (was NAT traffic to VRF)

use action=srcnat instead of masquerade in Firewall->NAT (so connections can always resume).

source: https://wiki.mikrotik.com/wiki/Manual:I ... Masquerade
by volkirik
Tue Oct 17, 2023 7:26 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

there is a bug in IP firewall mangle.. do not use routing-mark selector "main". it matches everything.

MT support said they are implementing "no-mark" selector for routing-mark selection
by volkirik
Sun Oct 15, 2023 8:26 pm
Forum: Beginner Basics
Topic: Failover between 2 ISPs using gateways with same IP (was NAT traffic to VRF)
Replies: 38
Views: 7005

Re: Cannot NAT traffic to VRF

Maybe You need to use mark-routing fw mangle rule OR routing->rule for outgoing traffic?
by volkirik
Sun Oct 08, 2023 10:58 am
Forum: Wireless Networking
Topic: "lost connection, no beacons received"
Replies: 53
Views: 7308

Re: "lost connection, no beacons received"

I found a link from Huawei, https://support.huawei.com/enterprise/en/doc/EDOC1100064352/a4a798cb/calibrate-noise-floor-threshold They do not allow positive values for noise-floor-threshold.. Setting noise-floor-threshold may help stability but offers less speed. IMO, setting very high values screw u...
by volkirik
Fri Oct 06, 2023 7:28 pm
Forum: General
Topic: How to setup WiFi calling (aka VoWIFI) on mikrotik
Replies: 20
Views: 10926

Re: How to setup WiFi calling (aka VoWIFI) on mikrotik

Unfortunately UGLY mobile operators go UGLY about IPsec keepalives, too. :lol:
by volkirik
Fri Oct 06, 2023 6:58 pm
Forum: General
Topic: How to setup WiFi calling (aka VoWIFI) on mikrotik
Replies: 20
Views: 10926

Re: How to setup WiFi calling (aka VoWIFI) on mikrotik

okay, thanks for your response..

then here is a feature request

allow to set special connection timeout for VOWIFI ports (UDP/500 and UDP/4500).. instead of generic UDP timeout..

many people cant increase UDP timeout because it is used for Denial of Service attacks..
by volkirik
Fri Oct 06, 2023 6:25 pm
Forum: General
Topic: Conn Tracking tcp timeout setting question.
Replies: 6
Views: 16880

Re: Conn Tracking tcp timeout setting question.

set 3 minutes for TCP established and UDP stream.. and set maximum of 15 seconds for all other timeouts and be done with that. if anyone complains tell them to enable connection keep-alives... then you got rid of garbage. same applies for ARP garbage..; /interface bridge set [find] arp-timeout=15s a...
by volkirik
Fri Oct 06, 2023 9:27 am
Forum: RouterBOARD hardware
Topic: L009 with 5ghz or 4011 with .ax HW MODEL REQUEST
Replies: 0
Views: 2722

L009 with 5ghz or 4011 with .ax HW MODEL REQUEST

HardWare MODEL REQUEST

L009 with 5ghz support or 4011 with .ax support
by volkirik
Thu Oct 05, 2023 10:35 pm
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 12199

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

If you used simple or interface queues, you will see lots of packet drops and retransmits, which are usual for TCP to tell server/CPE to lower the rate. TCP congestion avoidance [Reno, new Reno, Cubic, Compound, ...) and queue rates, and Access List TX/RX rates, are not, and are not related to wifi...
by volkirik
Thu Oct 05, 2023 10:00 pm
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 12199

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

And if station roaming means, unlocking from set frequency, and loss of the link, they could disable it altogether on station mode.. I am open to discuss your ideas. What do you think? We disabled it on stations, to be able to solve loss-of-strong-signal. For example, in mobile (GSM) phones, it can ...
by volkirik
Thu Oct 05, 2023 9:56 pm
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 12199

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

My WISP friends tell me that use another brand for home setups, for sure.. Maybe thats because you cant set distance between 1-1000 meters? lots of disconnects due to ACK timeout? I can understand that MT ROS is optimized for PtP long-distance links, but they could simply allow 0.N in distance,, for...
by volkirik
Thu Oct 05, 2023 9:52 pm
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 12199

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

On wireless; "indoor" means 150 feet (46 meters) while outdoor means 300 feet. then you set "any" in "Installation". I see indoor/outdoor/any under 'installation'. Then there is indoors/dynamic for the 'Advanced Distance' AFAIK and experienced, the installation "a...
by volkirik
Thu Oct 05, 2023 7:11 pm
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 12199

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

dont forget to disable station-roaming on CPEs; if you dont have multiple APs

you can also use wireless access list (for connection of clients) / wireless connect list (for connection to APs), there you can setup allow-signal-out-of-range for 15 seconds?
by volkirik
Sat Sep 30, 2023 7:55 pm
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 12199

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

On wireless; "indoor" means 150 feet (46 meters) while outdoor means 300 feet. then you set "any" in "Installation". set wireless-advanced-distance = 1 km instead of indoors or dynamic, then you get higher ACK timeout, but probably less speed. set on-fail-retry-time=0.1...
by volkirik
Wed Jun 28, 2023 2:06 pm
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 366
Views: 132144

Re: v7.10 and 7.10.1 [stable] is released!

I suggest MT Team to get IPVanish account for testing OVPN and try to get it working with their latest ROS. They can also write tutorial on their Wiki.

I hope they can add OPENVPN Scramble support, too. Better implement it, ASAP.
by volkirik
Wed Jun 28, 2023 1:49 pm
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 366
Views: 132144

Re: v7.10.1 [stable] is released!

OVPN fixed ???
Nope. Anything going out to OVPN interface is marked "invalid" by ROS' firewall. Even if they are properly routed and NAT'ed.

RX counters show all zeros. Somehow TX queue is also FULL
by volkirik
Sun Jun 25, 2023 8:07 pm
Forum: General
Topic: Rationale behind the default sfq-allot value of 1514
Replies: 1
Views: 1415

Re: Rationale behind the default sfq-allot value of 1514

Default (1514 bytes) corresponds to the Ethernet MTU plus the hardware header length of 14 bytes.

sfq-perturb should be 4294967295 s; somehow it is not disabled if you set 0s. :?
by volkirik
Sat Jun 24, 2023 10:57 pm
Forum: Beginner Basics
Topic: defining a specified data limit for users without using hotspot or user manager
Replies: 12
Views: 2843

Re: defining a specified data limit for users without using hotspot or user manager

i didnt find any explination in mikrotik documentation about this CE threshold thing.
so please advise me..!
Marks packets above a configured threshold with ECN. (congestion encountered)

I use 1600000 µs = 1600 ms = 1.6 second. YMMV
by volkirik
Thu Jun 22, 2023 9:43 pm
Forum: Announcements
Topic: v7.11beta [testing] is released!
Replies: 373
Views: 108571

Re: v7.11beta [testing] is released!

yes, but it is alpha, alpha should be older than beta....and there is no changelog so it is woth to try it?
unfortunately, there is no changelog. but please re-read my post, build time is newer (later) than beta2. so it should be fixing beta2 bug.
by volkirik
Thu Jun 22, 2023 7:33 pm
Forum: Announcements
Topic: v7.11beta [testing] is released!
Replies: 373
Views: 108571

Re: v7.11beta [testing] is released!

there is newer alpha (development) release (with build time of 16:17:11) on mikrotik website..

you may need to check it out before reporting issues

https://box.mikrotik.com/d/c1ce5f170ea1467db0d2/
by volkirik
Tue Jun 20, 2023 7:52 pm
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 366
Views: 132144

7.11alpha126

get 7.11alpha (development) for testing

https://box.mikrotik.com/d/c1ce5f170ea1467db0d2/

contact support for feedback
by volkirik
Tue Jun 20, 2023 11:19 am
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 366
Views: 132144

Re: v7.10 [stable] is released!

Dear Mikrotik Team;

Please fix OPENVPN, its time for 7.11 beta1
by volkirik
Mon Jun 19, 2023 10:45 pm
Forum: General
Topic: How to deal with MTU size
Replies: 16
Views: 8233

Re: How to deal with MTU size

You will also need to use Routing->Rules instead of firewall mark-routing to be compatible with FAST-TRACKING For a resource-intensive script, See also; https://forum.mikrotik.com/viewtopic.php?p=1001255#p1001255 You may also choose to route all traffic or selected prefixes via OPENVPN, using Routin...
by volkirik
Mon Jun 19, 2023 10:35 pm
Forum: General
Topic: How to deal with MTU size
Replies: 16
Views: 8233

Re: How to deal with MTU size

41 bytes security layer overhead per packet (includes packet tag (1), HMAC-SHA1 signature (20), initialization vector (16), sequence number (4)) 28 bytes tunneling overhead per UDP packet (includes IP + UDP header) OR 40 bytes tunneling overhead per TCP packet (includes IP + TCP header) so, in concl...
by volkirik
Sat Jun 17, 2023 12:54 pm
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 366
Views: 132144

Re: v7.10 [stable] is released!

*) ovpn - improved system stability;

not to sure what u mean by that. On v7.10 ovpn is totally broken
indeed. doesnt even show local & remote addresses

lets hope stable ovpn in next release..
by volkirik
Fri Jun 02, 2023 5:41 pm
Forum: Announcements
Topic: v7.10rc is released!
Replies: 183
Views: 54770

Re: v7.10rc is released!

wifi seems running on RouterOS, no error/warn log in system log, SSID is invisible. lots of disconnects.

Please fix wifi, thanks.
by volkirik
Thu Jun 01, 2023 10:23 am
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54463

Re: Feature Request : IPv6 Fasttrack

Yes we can expect.

There are other vendors supporting ipv6 fasttrack
by volkirik
Thu May 25, 2023 2:43 pm
Forum: Announcements
Topic: v7.10beta [testing] is released!
Replies: 249
Views: 53972

Re: v7.10beta [testing] is released!

16 mb flash chips should be cheaper than 32 mb. they count each and every penny

sad, but it is trading. if it is working, they will use it.
by volkirik
Thu May 25, 2023 2:33 pm
Forum: Announcements
Topic: v7.10beta [testing] is released!
Replies: 249
Views: 53972

Re: v7.10beta [testing] is released!

Hi, I had another error login with WiFi on this 7.10beta8. It has been reported as SUP-116195. Mobile can not join WiFi mobile say the password is not correct and after reboot all is OK and mobile can join the WiFi without any chage. Im using only WPA/WPA2. I will go back to ROS7.8.. same here. i c...
by volkirik
Thu May 25, 2023 1:16 pm
Forum: General
Topic: Out-Of-Order and Retransmissions
Replies: 8
Views: 2193

Re: Out-Of-Order and Retransmissions

I have been seeing lots of retransmissions in WireShark's latest builds, too. It was solved after changing from SFQ to PCQ which is apparently FIFO based. anything not-FIFO-based screw up packet order. dunno why SFQ is the default for wireless.. I thought I should share the know-how/experience. Ther...
by volkirik
Thu May 25, 2023 12:16 pm
Forum: General
Topic: Out-Of-Order and Retransmissions
Replies: 8
Views: 2193

Re: Out-Of-Order and Retransmissions

Okay boss.
by volkirik
Thu May 25, 2023 12:12 pm
Forum: General
Topic: Out-Of-Order and Retransmissions
Replies: 8
Views: 2193

Re: Out-Of-Order and Retransmissions

the topic is not solved or closed! so I responded!

are you a moderator, questioning me?
by volkirik
Thu May 25, 2023 11:26 am
Forum: General
Topic: Out-Of-Order and Retransmissions
Replies: 8
Views: 2193

Re: Out-Of-Order and Retransmissions

you need to use FIFO or better: FIFO based PCQ with 4 classifiers checked (enabled) which are: dst-ip, src-ip, dst-port and src-port. I call it PCQ-FULL this way packets will be in order. you may increase buffer (cache) as much as your router's HW resources allow to increase throughput. do not use S...
by volkirik
Fri May 19, 2023 8:24 am
Forum: Announcements
Topic: v7.10beta [testing] is released!
Replies: 249
Views: 53972

Re: v7.10beta [testing] is released!

is it the time for 7.10 next beta release? or rc1? . Absolutely NOT! Let the dev team take the time they need to get it to the closest to stable conditions. There's absolutely no need to rush anything :) alpha, beta, and rc releases do not have to be stable.. actually they could release alpha's in ...
by volkirik
Thu May 18, 2023 11:19 am
Forum: Announcements
Topic: v7.10beta [testing] is released!
Replies: 249
Views: 53972

Re: v7.10beta [testing] is released!

is it the time for 7.10 next beta release? or rc1?
by volkirik
Tue May 16, 2023 6:10 pm
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

Linux has wide-range of selector for applying Routing Rule

https://man7.org/linux/man-pages/man8/ip-rule.8.html

Please implement them in ancient quirky MT ROS

thanks and regards
by volkirik
Tue May 16, 2023 11:06 am
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

read #74 and #75 in this topic. it is slower and you know it. why act a fool?
by volkirik
Tue May 16, 2023 11:02 am
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

How is this even relevant to this topic? How is LATVIA's IPV6 availability even relevant to IPV6 fasttrack implementation if you are routing " the world "? If you dont have IPv6, buy an IPv6 prefix, AS Number from RIPE LIR and bgp-supported virtual machine in europe. then you can test eac...
by volkirik
Tue May 16, 2023 10:55 am
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

You have test lab. share IPV6 test results so we can get to know what we are buying if we buy 5009 series..

we are not interested in bridged performance as we are not buying a switch. but a router.. so IPv6 routing performance is what to look.

You are over-promising.
by volkirik
Tue May 16, 2023 10:50 am
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

whoever wants to do the work, finds the result; Those who don't want to, find an excuse.

I am paying customer (both cloud and physical), you are the responsible party to test the feature.. I do not have test lab.

In my SOHO setup with HAP AC, I get 68M/100M for IPV6/IPv4, YMMV
by volkirik
Tue May 16, 2023 10:28 am
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

Percentage of TLDs with IPv6 nameservers: 98.5% Percentage of TLDs that have nameservers with IPv6 glue in the root zone: 98.3% Percentage of top 1000 Usenet Servers with direct addresses with IPv6 support: 41.56% Percentage of ASes (IPv4 or IPv6) running IPv6: 38.7% Percentage reachable IPv6 rDNS ...
by volkirik
Tue May 16, 2023 10:16 am
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

I proposed extra package to be able to use IPV4 FASTTRACK with VPN protocols. wrote an example script, but it is resource-intensive.. Contacted MT support for proper implementation (kernel module or userspace application as extra package or bundled with ROS) nobody cares... and first I got response ...
by volkirik
Tue May 16, 2023 10:11 am
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

I use default routing.. You do not need anything else if you are single-homed SOHO. You can continue your obstinacy about not implementing V6 F.T. I dunno what people @ ros development are doing more important. With your company's products and ancient quirky ROS, it is like buy gigabit hardware and ...
by volkirik
Tue May 16, 2023 9:59 am
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

can this thing (L009) "route" 1 gbps link-rate ipv6 traffic? no. why would I pay same price for gigabit ports if I can not utilize them because your ancient quirky software lacks IPV6 FastTrack and IPV6 RouteCache? Even TPLINK gaming routers are faster than mikrotik nowadays if you dont ne...
by volkirik
Tue May 16, 2023 9:57 am
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

you could just keep port count @ 10 ports. Cost per port is simply increased.. Not everyone need gigabit..

and you respond with "pay even more to upgrade more expensive models..."
by volkirik
Tue May 16, 2023 9:45 am
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

ipv6 fasttrack is not available in RouterOS, so there are better alternatives, too..
by volkirik
Tue May 16, 2023 9:43 am
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

coz ownership cost per port is apparently higher?
by volkirik
Sat May 13, 2023 11:46 am
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 46027

Re: FORUM MAINTENANCE: Password reset will be needed

@normis
Regarding submitting time people are complaining about - just change scripts execution order, first post and then announce it in the background (asynchronously).
+1
by volkirik
Fri May 12, 2023 5:09 pm
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 46027

Re: FORUM MAINTENANCE: Password reset will be needed

Please disable notification... Too much time... 7~10 seconds every post... Maybe it's better to wait for the switch to the new server? There are phpBB forums with millions of posts and active notifications that are not so slow when posting a message. totally. couldnt agree more. time to check buyvm...
by volkirik
Fri May 12, 2023 5:03 pm
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 46027

Re: FORUM MAINTENANCE: Password reset will be needed

It is not a bug, it is a feature... at a cost.
by volkirik
Fri May 12, 2023 4:56 pm
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 46027

Re: FORUM MAINTENANCE: Password reset will be needed

for god's sake. let them decide themselves!

you are not sending them anything if they are not subscribed!
by volkirik
Fri May 12, 2023 4:47 pm
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 46027

Re: FORUM MAINTENANCE: Password reset will be needed

you can turn-off in your own browser. there are people using it. for existing notifications disable on https://forum.mikrotik.com/ucp.php?i=ucp_main&mode=subscribed set NO to Notify me upon replies by default in https://forum.mikrotik.com/ucp.php?i=ucp_prefs&mode=post to prevent further auto...
by volkirik
Thu May 11, 2023 12:26 pm
Forum: Announcements
Topic: FORUM MAINTENANCE: Password reset will be needed
Replies: 162
Views: 46027

Re: FORUM MAINTENANCE: Password reset will be needed

https://flarum.org/

Modern, fast, and free!

It is successor of FASTEST FLUXBB, man..
by volkirik
Wed May 10, 2023 6:36 pm
Forum: General
Topic: Very slow PPTP tunnel
Replies: 8
Views: 3294

Re: Very slow PPTP tunnel

alternatively use my following script to import (sync) an address-list into routing-rules table.. then you can fasttrack PPTP and you will not need to mark-routing. remember to add ; SRC:(empty) DST:LAN table:main routing rule, manually for the incoming traffic.. :local LANaddr "192.168.88.0/24...
by volkirik
Wed May 10, 2023 5:08 pm
Forum: Announcements
Topic: v7.10beta [testing] is released!
Replies: 249
Views: 53972

Re: v7.10beta [testing] is released!

Unfortunately, it is not possible, linux kernel does not support address lists in route rules. Māris B. but you can write kernel module or user-space program to sync address list into route rules and remove them when address-list entry times out example script: https://forum.mikrotik.com/viewtopic....
by volkirik
Wed May 10, 2023 5:00 pm
Forum: Announcements
Topic: v7.10beta [testing] is released!
Replies: 249
Views: 53972

Re: v7.10beta [testing] is released!

hello dear mikrotik team could you please allow to specify firewall address list in routing->rules? fasttrack doesnt work due to mark-routing rules, but we can use routing->rules page, if you add ability to specify dynamic address list for a routing rule. this will be nice speed improvement for VPN ...
by volkirik
Wed May 10, 2023 12:21 pm
Forum: Announcements
Topic: v7.10beta [testing] is released!
Replies: 249
Views: 53972

Re: v7.10beta [testing] is released!

bug-report:
endpoint-independent-nat:
connections timeout in 10 seconds, instead of 3 minutes (udp stream timeout)
by volkirik
Wed May 10, 2023 12:05 pm
Forum: Announcements
Topic: v7.10beta [testing] is released!
Replies: 249
Views: 53972

Re: v7.10beta [testing] is released!

bug-report : endpoint-independent-nat: ether1 (wan port) has one static IP address to reach modem's WEBUI that is in bridge mode: 192.168.0.2/24 ether1 (wan port) has one dynamic IP address to reach internet via DHCPv4 client: 178.233.176.XX/20 if i disable static IP, endpoint-independent-nat works...
by volkirik
Tue May 09, 2023 7:20 pm
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 43752

Re: Newsletter #113 | May 2023

no mention of ipv6 fasttracking.

cpu powers are not enough to utilize 1gige in standard tracking.
by volkirik
Tue May 09, 2023 12:08 pm
Forum: General
Topic: Very slow PPTP tunnel
Replies: 8
Views: 3294

Re: Very slow PPTP tunnel

you need to exclude vpn from fasttrack. (or accept before fasttrack rule in filter tab)

Or use Routing->Rules instead of firewall's mark-routing..
by volkirik
Tue May 09, 2023 11:51 am
Forum: General
Topic: RB750Gr3 l2tp/ipsec unbearably slow
Replies: 23
Views: 11349

Re: RB750Gr3 l2tp/ipsec unbearably slow

had some problem.. apparently mark-routing is incompatible with fast-tracking and I needed to exclude VPN from fasttrack rule, speed is back to normal..
by volkirik
Tue May 09, 2023 10:10 am
Forum: General
Topic: How to setup WiFi calling (aka VoWIFI) on mikrotik
Replies: 20
Views: 10926

Re: How to setup WiFi calling (aka VoWIFI) on mikrotik

set sip-timeout to 3 minutes (default) and exclude service-ports from fasttrack (action=accept before fasttrack rule) so ALGs could do their work..

it works for me..
by volkirik
Mon May 08, 2023 1:22 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 56349

Re: v7.9 [stable] is released!

Time for 7.10 beta?! I requested 7.10alpha. and the response was negative. :D Hello, Thank You, for contacting Mikrotik support team! The answer to Your inquiry is - no. We are not at liberty to provide You alpha or beta builds of our software. All the publicly available software is listed on Mikro...
by volkirik
Sun May 07, 2023 4:26 pm
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 293
Views: 43143

Re: FEATURE REQUEST: full cone NAT

does anyone have 7.10alpha release for mipsbe?
by volkirik
Sun May 07, 2023 12:24 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 56349

Re: v7.9 [stable] is released!

After upgrading, I'm getting these: invalid mtu 9086 on sfp-sfpplus1 from fe80::ea5c:aff:fe83:f43c .. warnings. Not sure what to do about it, since it's the upstream gateway to the router and I have no control over it, and the interface is set to mtu 1500. Same here. I've been getting "radvd, ...
by volkirik
Sun May 07, 2023 12:17 pm
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 293
Views: 43143

Re: FEATURE REQUEST: full cone NAT

but RFC states that Exactly, this is talking about the LACK of TCP Open support on old OSes at the time AND on NAT devices, aka MikroTik which clearly doesn't support TCP NAT punching. 100 different people in this thread have shown Cisco, Huawei, Juniper all support full cone NAT for both TCP and U...
by volkirik
Sun May 07, 2023 12:13 am
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 293
Views: 43143

Re: FEATURE REQUEST: full cone NAT

I edited my post,
but RFC states that
"Simultaneous TCP Open" is not implemented correctly on many systems, including NAT devices.
by volkirik
Sat May 06, 2023 11:54 pm
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 293
Views: 43143

Re: FEATURE REQUEST: full cone NAT

RFC allows UDP , TCP and ICMP
by volkirik
Sat May 06, 2023 7:33 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 56349

Re: v7.9 [stable] is released!

IPv6 Works OK for me without packet-loss.

Upgrade from 7.8 to 7.9 did not broke my interface-lists.
by volkirik
Sat May 06, 2023 7:28 pm
Forum: General
Topic: PPTP 's MTU ?
Replies: 2
Views: 2848

Re: PPTP 's MTU ?

GRE,GRE-key,GRE-sequence-number,PPPoE,IPv4 ; 1500-4-4-4-8-20 = 1460 Bytes https://baturin.org/tools/encapcalc/?protocols=GRE,GRE-key,GRE-sequence-number,PPPoE,IPv4 Thus, the default MTU/MRU is 1460 for PPTP. https://wiki.mikrotik.com/wiki/Manual:Interface/PPTP TCP connection is seperate from GRE Tun...
by volkirik
Sat May 06, 2023 6:31 pm
Forum: Beginner Basics
Topic: Winbox do not show IPv6 neighbors
Replies: 9
Views: 4211

Re: Winbox do not show IPv6 neighbors

I checked on several PCs and found on all of them that only one ip interface listens to multicast [FF02::1]:5678 when I use winbox. For example, if a PC has a wireless and wired interface, it can only listen on the wireless interface, and if you connect to the Mikrotik via cable, then the router in...
by volkirik
Sat May 06, 2023 1:06 pm
Forum: RouterOS beta
Topic: FEATURE REQUEST: full cone NAT
Replies: 293
Views: 43143

Re: FEATURE REQUEST: full cone NAT

I'm sure that they can improve the feature in the future.
it is called "Simultaneous TCP Open" sessions in RFC
by volkirik
Tue May 02, 2023 2:41 pm
Forum: Beginner Basics
Topic: Winbox do not show IPv6 neighbors
Replies: 9
Views: 4211

Re: Winbox do not show IPv6 neighbors

Up...

any news?

i also suffer from this bug.
by volkirik
Tue May 02, 2023 12:45 pm
Forum: Announcements
Topic: WinBox v3.38 released!
Replies: 50
Views: 48496

Re: WinBox v3.38 released!

thank you. appreciated.
by volkirik
Sun Apr 30, 2023 12:08 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54463

Re: Feature Request : IPv6 Fasttrack

+1...
by volkirik
Fri Apr 28, 2023 12:04 pm
Forum: Wireless Networking
Topic: Mikrotik wifi roaming expirience
Replies: 24
Views: 16247

Re: Mikrotik wifi roaming expirience

Hello bpwl !
what do you suggest? that is reasonable?
by volkirik
Thu Apr 27, 2023 6:01 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 77448

Re: v7.9rc is released!

still no ipv6 fasttracking? you are loosing market-share
by volkirik
Thu Apr 27, 2023 12:36 pm
Forum: Wireless Networking
Topic: Mikrotik wifi roaming expirience
Replies: 24
Views: 16247

Re: Mikrotik wifi roaming expirience

/interface wireless access-list
add signal-range=-85..120
add authentication=no forwarding=no signal-range=-120..-86
/interface wireless
set [ find ] default-authentication=no default-forwarding=no

# source: https://www.youtube.com/watch?v=1kWV7UahBok
by volkirik
Fri Apr 14, 2023 8:48 pm
Forum: General
Topic: Trying to Understand MSS Clamping - Not Working? [SOLVED]
Replies: 13
Views: 9376

Re: Trying to Understand MSS Clamping - Not Working? [SOLVED]

add clamping rule in firewall for TCP-SYN and then
add accept rule for SYN so they are excluded from FASTTRACK'ing
IMHO
by volkirik
Fri Apr 14, 2023 1:20 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 77448

Re: v7.9rc is released!

set factory default of SIP timeout to its default : 3 minutes.

anything above that hurts.
by volkirik
Fri Apr 14, 2023 12:13 pm
Forum: General
Topic: Feature requests
Replies: 1747
Views: 644921

Re: Feature requests

hello,

i would like to request dynamic queues like dhcp for dot1x.
so every devices connected will create dynamic queues according to the parameter given on radius.
do not forget others parameter like insert before, parent queues, etc

cheers

P
+1 for this one.
by volkirik
Mon Apr 10, 2023 8:21 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 77448

Re: v7.9rc is released!

i suggest setting default (factory) value of SIP TIMEOUT to 3 minutes (by default). hope we can see it in next releases. Most routers use 3 minutes udp session timeout. when SIP timeout is higher than 3 minutes, keep alive packets or reconnections will not happen. and this will make your phone numb...
by volkirik
Wed Apr 05, 2023 2:43 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 77448

Re: v7.9rc is released!

i suggest setting default (factory) value of SIP TIMEOUT to 3 minutes (by default). hope we can see it in next releases. Most routers use 3 minutes udp session timeout. when SIP timeout is higher than 3 minutes, keep alive packets or reconnections will not happen. and this will make your phone numbe...
by volkirik
Mon Apr 03, 2023 9:02 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 77448

Re: v7.9rc is released!

it is their market share and they are laughing at it.

ipv6 was introduced 27 years ago. most competitors have fast-track support now.
by volkirik
Mon Apr 03, 2023 4:09 pm
Forum: Announcements
Topic: Newsletter #112 | April 2023
Replies: 66
Views: 12454

Re: Newsletter #112 | April 2023

no ipv6 fast-track? really?!
by volkirik
Mon Apr 03, 2023 2:41 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 77448

Re: v7.9rc is released!

ipv6 fasttrack support is late

please mikrotik team
by volkirik
Sun Apr 02, 2023 9:50 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 77448

Re: v7.9rc is released!

ipv6 fasttrack support please
by volkirik
Sun Apr 02, 2023 4:35 pm
Forum: General
Topic: Feature requests
Replies: 1747
Views: 644921

IPV6 FASTTRACK PLEASE

IPv6 Fasttrack support, please
by volkirik
Mon Jan 23, 2023 6:16 pm
Forum: General
Topic: Feature requests
Replies: 1747
Views: 644921

Multiple Feature requests and a bug report

[feature request] pppoe-relay and broadcast-relay could be extra package possibly bundled with other relay daemons [feature request] ipsec alg (helper) [feature request] dhcpv6 server - address (/128) distribution [feature request] dhcpv6 client: ability to change DUID manually would be useful if y...
by volkirik
Thu Jan 19, 2023 6:53 am
Forum: General
Topic: Winbox losing MAC connection to RB850Gx2
Replies: 46
Views: 20218

Re: Winbox losing MAC connection to RB850Gx2

alternatively add mangle - clamp-to-pmtu in output chain. it should work.
by volkirik
Thu Dec 15, 2022 5:43 pm
Forum: Announcements
Topic: v7.7rc is released!
Replies: 259
Views: 91034

Re: v7.7rc is released!

Hello Dear Mikrotik Team, ipv6 nat does not work correctly with Simple Queues We Use ULA addresses inside our network, with SRC-NAT rules to real IPv6 addresses in IPv6 Firewall's Mangle Tab. But Simple queue for fd00::/8 does not work. UPSTREAM rate is zero, even if packets are marked by Firewall f...
by volkirik
Mon Oct 10, 2022 7:09 pm
Forum: RouterOS beta
Topic: feature request: ability to choose multiple VRFs in IP->Services
Replies: 10
Views: 4650

Re: feature request: ability to choose multiple VRFs in IP->Services

+1

When they first added VRF support to services, was surprised it only supported one VRF and not multiple
appreciate your support.

thanks a lot!
by volkirik
Thu Sep 29, 2022 5:03 pm
Forum: RouterOS beta
Topic: Feature Request NAT-PMP
Replies: 18
Views: 12414

Re: Feature Request NAT-PMP

up..

most wanted..
by volkirik
Sat Sep 24, 2022 5:27 pm
Forum: RouterOS beta
Topic: Feature Request NAT-PMP
Replies: 18
Views: 12414

Re: Feature Request NAT-PMP

+1 for this feature

#[SUP-93321]
by volkirik
Mon Sep 12, 2022 9:19 pm
Forum: RouterOS beta
Topic: [feature request] MULTI-VRF, pppoe-relay and bcrelay, dhcpv6 client and server improvements and other bugfix/improvement
Replies: 19
Views: 5561

Re: [feature request] pppoe-relay and bcrelay, dhcpv6 client and server improvements and other

[feature request]

regarding wireless ANI feature; add one another choice line below: REQUIRED or just ENABLED.
by volkirik
Sat Sep 10, 2022 10:31 pm
Forum: RouterOS beta
Topic: [feature request] MULTI-VRF, pppoe-relay and bcrelay, dhcpv6 client and server improvements and other bugfix/improvement
Replies: 19
Views: 5561

Re: [feature request] pppoe-relay and bcrelay, dhcpv6 client and server improvements and other

[feature request]

Please add;
expired DNS cache size
and
expired DNS cache TTL

and fallback to expired storage when resolver is unable to resolve something.

something like recycle bin

thanks for reading, regards
by volkirik
Sat Sep 10, 2022 7:07 pm
Forum: RouterOS beta
Topic: ROSv7 equivalent of /routing/bgp/advertisements print
Replies: 49
Views: 26328

Re: ROSv7 equivalent of /routing/bgp/advertisements print

+1 for this feature request
by volkirik
Sat Sep 10, 2022 8:53 am
Forum: RouterOS beta
Topic: [feature request] MULTI-VRF, pppoe-relay and bcrelay, dhcpv6 client and server improvements and other bugfix/improvement
Replies: 19
Views: 5561

Re: [feature request] pppoe-relay and bcrelay, dhcpv6 client and server improvements and other

[feature request]

Please add target and destination to queue tree rules

Please add 'any' packet mark matcher to queue tree.
by volkirik
Sun Sep 04, 2022 4:11 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54463

Re: Feature Request : IPv6 Fasttrack

saving money as much as possible is nobility. i disregard "buy more powerful router" advices.

+1 for this feature. please implement it, mikrotik guys.
by volkirik
Thu Sep 01, 2022 5:46 pm
Forum: RouterOS beta
Topic: [feature request] MULTI-VRF, pppoe-relay and bcrelay, dhcpv6 client and server improvements and other bugfix/improvement
Replies: 19
Views: 5561

Re: [feature request] pppoe-relay and bcrelay, dhcpv6 client and server improvements and other

[bug report] 4 uplink with 4 VRF each had add default route feature with distance:10 VRF confuses and one pppoe interface has TX drops and shows RX bytes/bps: 0 thanks for reading hope it can be fixed. changing default route distances fixes the problem temporarily. i guess VRF conflicts with ECMP. f...
by volkirik
Wed Aug 31, 2022 5:40 pm
Forum: RouterOS beta
Topic: [feature request] MULTI-VRF, pppoe-relay and bcrelay, dhcpv6 client and server improvements and other bugfix/improvement
Replies: 19
Views: 5561

Re: [feature request] pppoe-relay and bcrelay, dhcpv6 client and server improvements and other

[feature request]

Please add clear-DF and strip-IPV6-options actions for IPv6 firewall (mangle)
by volkirik
Sun Aug 21, 2022 2:48 pm
Forum: General
Topic: The "output" chain and VRFs/routing marks
Replies: 9
Views: 4625

Re: The "output" chain and VRFs/routing marks

OK BOSS! :D

sorry for thanking here. ;P
by volkirik
Sun Aug 21, 2022 1:13 pm
Forum: General
Topic: The "output" chain and VRFs/routing marks
Replies: 9
Views: 4625

Re: The "output" chain and VRFs/routing marks

useful information, thanks
by volkirik
Sun Aug 21, 2022 10:33 am
Forum: Scripting
Topic: Looking Glass
Replies: 9
Views: 5784

Re: Looking Glass

excellent.. bravo!

i will fork and maintain it..
by volkirik
Sun Aug 21, 2022 10:00 am
Forum: General
Topic: Winbox dicovery behind NAT [SOLVED]
Replies: 4
Views: 2449

Re: Winbox dicovery behind NAT [SOLVED]

thank you, very useful

without romon secret, romon ssh still requires authentication right?
by volkirik
Sat Aug 20, 2022 11:41 pm
Forum: RouterOS beta
Topic: [feature request] MULTI-VRF, pppoe-relay and bcrelay, dhcpv6 client and server improvements and other bugfix/improvement
Replies: 19
Views: 5561

Re: [feature request] dhcpv6 server: address (/128) distribution

Why so many topics for features? There is even special one started: viewtopic.php?t=45934
added to my bookmarks.
by volkirik
Sat Aug 20, 2022 7:16 pm
Forum: RouterOS beta
Topic: [feature request] MULTI-VRF, pppoe-relay and bcrelay, dhcpv6 client and server improvements and other bugfix/improvement
Replies: 19
Views: 5561

[feature request] dhcpv6 client: ability to change DUID manually

[feature request] dhcpv6 client: ability to change DUID manually

would be useful if you have lots of links from same provider.
by volkirik
Sat Aug 20, 2022 7:12 pm
Forum: RouterOS beta
Topic: [feature request] MULTI-VRF, pppoe-relay and bcrelay, dhcpv6 client and server improvements and other bugfix/improvement
Replies: 19
Views: 5561

[feature request] dhcpv6 client: add system ipv6 address from bound prefix

[feature request] dhcpv6 client: add system ipv6 address from bound prefix

with option to announce it. and option to choose local interface for announcement.
by volkirik
Fri Aug 19, 2022 8:31 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

OKay thanks
by volkirik
Fri Aug 19, 2022 5:54 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

i am repeating... i do not have to escalate the bug. i told how to reproduce it.. i do not have to send my topology and all.. we have NDA with the company without exceptions to MT. sorry.
by volkirik
Fri Aug 19, 2022 5:53 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

i am not being dick

do not use interface(-name) or interface-list

create address list with LAN prefixes... (192...., 100...., 10....)

use src-dst address list.. for matching traffic. in mangle.

all combinations create routing loop

thats how to reproduce, at least in our rb4011
by volkirik
Thu Aug 18, 2022 8:48 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

if they have testing labs, well then, they have enough evidence of bugs from the forum

let them invest in bug-finding and fixing. i am not responsible for escalation.
by volkirik
Thu Aug 18, 2022 7:12 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

whatever
by volkirik
Thu Aug 18, 2022 6:21 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

nope. they are not friendly IMO.

I would rather wait for somebody else to report it.
by volkirik
Wed Aug 17, 2022 8:02 pm
Forum: Announcements
Topic: v7.5beta [testing] is released!
Replies: 138
Views: 47773

Re: v7.5beta [testing] is released!

you can create address list for advertisements and null route them by DNS
by volkirik
Sun Aug 14, 2022 10:33 pm
Forum: Announcements
Topic: Re: v7.4.1 [stable] is released!
Replies: 99
Views: 32781

Re: v7.4.1 [stable] is released!

if you are using free software, it would probably be STABLE when it is EOL!

lol.

MT guys usually fix bugs after months

routeros is not cisco/juniper router software as we all already are aware.
by volkirik
Sun Aug 14, 2022 1:57 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54463

Re: Feature Request : IPv6 Fasttrack

up!

definitely need this..
by volkirik
Sun Aug 14, 2022 12:32 pm
Forum: General
Topic: change MAC Address interface vlan
Replies: 20
Views: 14623

Re: change MAC Address interface vlan

useful guide using bridge as temporary solution. but we definiftely need proper implementation of changing VLAN MACs so we do not end up hundred of useless bridges in our router. BTW try updating wiki pages instead of deleting. you can also put notice/warning if guide/content is no more valid/usable...
by volkirik
Sun Aug 14, 2022 12:16 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

good news and bad news together do not use address-lists. use in-interface-list. it will work using address-lists currently causes routing-loop ; in and out interface becomes WAN interface.. we have been droping WAN to WAN connections in forward chain. thats how we found the issue.. must be fixed by...
by volkirik
Sat Aug 13, 2022 11:31 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

*) firewall - fixed "in-interface-list" matcher when VRF is used;
but; its still broken somehow IMO

we experience lots of random packet loss when VRF is used.
by volkirik
Thu Aug 11, 2022 6:24 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

flaky. lots of packet loss.

VRF needs improvement
by volkirik
Thu Aug 11, 2022 10:37 am
Forum: Announcements
Topic: v7.5beta [testing] is released!
Replies: 138
Views: 47773

Re: v7.5beta [testing] is released!

Now it gets even more weird, the fix is not listed in the 7.5beta8 change list either... I would expect it to be at least in the next beta when it is fixed in stable already. (and of course I am disappointed once more w.r.t. BGP fixes) A Beta changelog contains changes from the last stable release....
by volkirik
Tue Aug 09, 2022 6:38 pm
Forum: Announcements
Topic: v7.5beta [testing] is released!
Replies: 138
Views: 47773

Re: v7.5beta [testing] is released!

same here.

indeed weird that its fixed in stable channel while not in testing.
by volkirik
Sat Aug 06, 2022 5:43 pm
Forum: Announcements
Topic: v7.5beta [testing] is released!
Replies: 138
Views: 47773

Re: v7.5beta [testing] is released!

this design must be fixed sir!
by volkirik
Sat Aug 06, 2022 4:59 pm
Forum: Announcements
Topic: v7.5beta [testing] is released!
Replies: 138
Views: 47773

Re: v7.5beta [testing] is released!

bug report:

ppp on-up and on-down scripts do not run when they have empty line after their (script)name in profile window.

please fix it. it was annoying.
by volkirik
Thu Aug 04, 2022 7:25 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

this is a bug in ROSv7 that needs to be fixed...

fallback to main routing-table is not working...
by volkirik
Fri Jul 29, 2022 7:47 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

found on web. most common 3 ports i would guess.
by volkirik
Fri Jul 29, 2022 7:29 pm
Forum: Scripting
Topic: bugfix script for ROSv7 PPPoE-Client
Replies: 4
Views: 1273

bugfix script for ROSv7 PPPoE-Client

we are running WISP setup with ROSv7.5beta4 running on both PPPoE server and PPPoE clients. if wlan1 goes down, pppoe client also goes down but its ipv4 address stays in /ip address menu as stuck... so we wrote a script to remove dublicate address to prevent "error: could not add address: alrea...
by volkirik
Thu Jul 28, 2022 6:38 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

set rtsp disabled=no ports=554,8554,7236
by volkirik
Tue Jul 26, 2022 8:34 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54463

Re: Feature Request : IPv6 Fasttrack

i think there is a problem with that approach because raw rule still catch and process all traffic, so it will not give the boost fast-track provides for example: ccr1036 8g 2s+ can forward almost 20gbps of internet traffic in routing mode with conn-tracking enabled and some ip firewall rules thank...
by volkirik
Tue Jun 28, 2022 5:40 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 391
Views: 203846

Re: Mikrotik VDSL / DSL Modem?

if it is not supported then it is simply not supported.

dsl - atm/ptm - pppoe are different layers. if atm is not supported it will simply not work as ADSL has to use ATM.
by volkirik
Mon Jun 27, 2022 10:13 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 391
Views: 203846

Re: Mikrotik VDSL / DSL Modem?

lol. does this thing even support ATM (ADSL) ?

thought just VDSL (PTM)
by volkirik
Fri Jun 24, 2022 7:48 am
Forum: RouterOS beta
Topic: VLAN 0 Priority Tagging Support
Replies: 3
Views: 2715

Re: VLAN 0 Priority Tagging Support

+1 for this
by volkirik
Wed Jun 22, 2022 6:31 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54463

Re: Feature Request : IPv6 Fasttrack

+1

please consider IPv6 FastTrack
by volkirik
Sun Jun 19, 2022 10:40 pm
Forum: RouterOS beta
Topic: feature request: ability to choose multiple VRFs in IP->Services
Replies: 10
Views: 4650

feature request: ability to choose multiple VRFs in IP->Services

feature request: ability to choose multiple VRFs in IP->Services items.

we use quad homing from same provider, we had to use VRFs to prevent IP conflicts.

But IP-Services are not available in multiple VRFs. we would request this to be implemented

Thanks and regards
by volkirik
Tue Jun 14, 2022 7:59 pm
Forum: RouterOS beta
Topic: BUG REPORT: queue-tree CLI causes hangs and freeze
Replies: 1
Views: 2332

Re: BUG REPORT: queue-tree CLI causes hangs and freeze

CLI does not hang. sorry for typo

Winbox Queue Tree window hangs (becomes empty)

thanks and regards
by volkirik
Sun Jun 12, 2022 9:04 pm
Forum: RouterOS beta
Topic: BUG REPORT: queue-tree CLI causes hangs and freeze
Replies: 1
Views: 2332

BUG REPORT: queue-tree CLI causes hangs and freeze

hello there we use queue-tree on pppoe-in interfaces to apply customer limits... we do not limit upload (upstream traffic). BUG REPORT: queue-tree CLI modify(set cmd), enable, disable causes hangs and freeze on router QUEUE TREE tab. for example if we modify using CLI; /queue tree set [find name~&qu...
by volkirik
Sun Jun 12, 2022 11:25 am
Forum: RouterOS beta
Topic: RouterOSv7 Bug report (ECMP)
Replies: 0
Views: 2465

RouterOSv7 Bug report (ECMP)

We are experiencing a bug with RouterOS v7.x versions No matter static or dynamic default routes we use,; we have two uplinks (dual homing). If one uplink interface goes down due to maintenance or something else... the other one becomes active without ECMP feature as expected... but it doesnt have E...
by volkirik
Sat Jun 11, 2022 3:15 pm
Forum: Forwarding Protocols
Topic: VRF and NAT Masquerade
Replies: 29
Views: 10923

Re: VRF and NAT Masquerade

/ip firewall address-list add address=10.0.0.0/8 list=LAN_addresses add address=192.168.0.0/16 list=LAN_addresses add address=100.64.0.0/10 list=LAN_addresses /ip firewall mangle add action=mark-routing chain=prerouting comment="mark-routing:main (LAN)" src-address-list=!LAN_addresses dst-...
by volkirik
Sat May 14, 2022 5:17 pm
Forum: RouterOS beta
Topic: feature request: UPNP interface list support
Replies: 6
Views: 3083

Re: feature request: UPNP interface list support

And does it do anything useful? It seems that it just randomly(?) picks one, so it's not very useful. ¯\_(ツ)_/¯ is the OP request... i dont request random interface selection. we have 5 wan interfaces currently (and it is increasing). all of them are in WAN interface list. I just want upnp service ...
by volkirik
Fri May 13, 2022 1:42 pm
Forum: RouterOS beta
Topic: feature request: UPNP interface list support
Replies: 6
Views: 3083

feature request: UPNP interface list support

feature request: UPNP interface list support we have multihoming setup and each wan interface has NAT enabled. I would request if you can add interface-list support to UPNP server? for example we could setup LAN as internal and WAN interface-list as external and it would add firewall rules with int...
by volkirik
Sun Apr 24, 2022 4:37 pm
Forum: RouterOS beta
Topic: multiple bug reports
Replies: 23
Views: 5685

Re: multiple bug reports

ecmp ipv4/ipv6 is broken in ros v7.

hope you can fix it, i reverted back to latest stable of ROSv6
by volkirik
Fri Apr 22, 2022 5:54 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54463

Re: Feature Request : IPv6 Fasttrack

sorry sir
by volkirik
Fri Apr 22, 2022 5:48 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54463

Re: Feature Request : IPv6 Fasttrack

italian is sympathetic language
by volkirik
Fri Apr 22, 2022 5:30 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54463

Re: Feature Request : IPv6 Fasttrack

caratteristica importante che deve essere implementata immediatamente
by volkirik
Fri Apr 22, 2022 8:47 am
Forum: RouterOS beta
Topic: In v7.x.x with ipv6 will the hotspot die?
Replies: 8
Views: 5287

Re: In v7.x.x with ipv6 will the hotspot die?

Two links from forum:
viewtopic.php?t=43517 - Feature Request: IPv6 Hotspot support
viewtopic.php?t=102897 - IPv6 Hotspot (AAAA DNS Filter Workaround) [SOLVED]
+1 for this feature
by volkirik
Thu Apr 21, 2022 10:32 am
Forum: RouterOS beta
Topic: multiple bug reports
Replies: 23
Views: 5685

Re: multiple bug reports

glad you made peace.

i love cats, too. :D
by volkirik
Wed Apr 20, 2022 6:39 pm
Forum: RouterOS beta
Topic: multiple bug reports
Replies: 23
Views: 5685

Re: multiple bug reports

if i was really a troll i would have already replied to @fragtion
:lol:
i would sign it if i could

so if there is any chance, i would also like no-replies from you.
by volkirik
Wed Apr 20, 2022 6:34 pm
Forum: RouterOS beta
Topic: multiple bug reports
Replies: 23
Views: 5685

Re: multiple bug reports

This is user forum, not support forum, and is bad if the user have some problems and do not ask official support for that.
yeah whatever. you must be right, in own way,

do not forget to troll new release topic's bug posts.
by volkirik
Wed Apr 20, 2022 6:20 pm
Forum: RouterOS beta
Topic: multiple bug reports
Replies: 23
Views: 5685

Re: multiple bug reports

appreciate your comment @fragtion. thanks.
by volkirik
Wed Apr 20, 2022 5:27 pm
Forum: RouterOS beta
Topic: multiple bug reports
Replies: 23
Views: 5685

Re: multiple bug reports

i am not violating forum rules. i have already reported to support.
by volkirik
Wed Apr 20, 2022 5:13 pm
Forum: RouterOS beta
Topic: multiple bug reports
Replies: 23
Views: 5685

Re: multiple bug reports

erm, i was expecting bugfix release on fast ring, if possible
by volkirik
Wed Apr 20, 2022 4:56 pm
Forum: RouterOS beta
Topic: multiple bug reports
Replies: 23
Views: 5685

multiple bug reports

ROS 7.3beta33: change default logging rule of info, to info & firewall create a system logging rule of firewall and disable it. all logging functions stop. conflicting rules should not stop logging daemon. SWOS 2.13: Mikrotik S-RJ01 is locked to 1 GBPS couldnt run it on 100 mbps on new RB260GSP...
by volkirik
Tue Apr 19, 2022 9:17 pm
Forum: RouterOS beta
Topic: feature request: ECMP Settings
Replies: 5
Views: 2855

Re: feature request: ECMP Settings

In the future we might enable also layer4.
must have. ECMP is the future, imo.
by volkirik
Tue Apr 19, 2022 9:17 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54463

Re: Feature Request : IPv6 Fasttrack

must have.
by volkirik
Tue Apr 19, 2022 9:16 am
Forum: RouterOS beta
Topic: feature request: ECMP Settings
Replies: 5
Views: 2855

Re: feature request: ECMP Settings

Currently?

Only address combination. Different ports get same route

EDIT: WE HAD TO USE PCC FOR LOAD BALANCING, BUT WOULD PREFER ECMP INSTEAD.
by volkirik
Fri Apr 15, 2022 10:53 pm
Forum: RouterOS beta
Topic: feature request: ECMP Settings
Replies: 5
Views: 2855

feature request: ECMP Settings

feature request: ECMP Settings

please add both addresses and ports choice (option) for ECMP under IP->Settings

thanks!
by volkirik
Fri Apr 01, 2022 7:16 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

They should open source routeros and routerboot just like red hat and sell support service.

Routeros should be merged with openwrt project IMHO

But that's just a dream, because, people are greedy
by volkirik
Wed Mar 30, 2022 1:07 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

They should open source routeros just like red hat and sell support service.

Routeros should be merged with openwrt project IMHO

But that's just a dream, people are greedy
by volkirik
Tue Mar 29, 2022 4:03 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

Sad to hear 😔
by volkirik
Tue Mar 29, 2022 2:09 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

We are real buyers , they are traders

Just register your license into your Mt account
by volkirik
Tue Mar 29, 2022 11:08 am
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

I think we need to be more optimist, here..
by volkirik
Mon Mar 28, 2022 10:25 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

thank you, too, friend!
by volkirik
Mon Mar 28, 2022 9:41 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

customer services do always count calls, tickets, emails, forum posts etc. and report to their supervisors... you get the idea... the more demand they receive from customers for a feature, the more priority it receives in implementation. dunno about forum rules, i try to be nice and friendly, thats ...
by volkirik
Mon Mar 28, 2022 9:20 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

they seem to be counting posts in forum imho

so your users/friends can register and post their request in this forum topic

thats all i know.
by volkirik
Mon Mar 28, 2022 8:54 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

MikroTik support #[SUP-78171]: hello there (regarding RTSP helper) Mon, 28 Mar 2022 17:59:00 +0300 (EEST) Artūrs C. (Jira) <support@mikrotik.com> —-—-—-— Please REPLY ABOVE THIS LINE ^ (for faster response, use our support portal). Hello, Thank you for contacting MikroTik Support. We do not have an...
by volkirik
Mon Mar 28, 2022 4:44 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

MikroTik support #[SUP-78171]: hello there (regarding RTSP helper) -------- Original message -------- Subject: hello there (regarding RTSP helper) Date: Mon, 28 Mar 2022 16:39:41 +0300 To: support@mikrotik.com hello there we definitely need RTSP helper (alg) openwrt has it. but we love routerOS coul...
by volkirik
Tue Mar 22, 2022 4:59 pm
Forum: RouterOS beta
Topic: BGP prefix count in ROS 7.1 stable
Replies: 23
Views: 14002

Re: BGP prefix count in ROS 7.1 stable

Be aware that the default action of the routing filter chain is "reject"

further reading = https://help.mikrotik.com/docs/pages/vi ... d=74678285
by volkirik
Mon Feb 14, 2022 3:31 pm
Forum: RouterOS beta
Topic: RTSP Helper
Replies: 98
Views: 23457

Re: RTSP Helper

indeed

+1 for rtsp helper (alg)
by volkirik
Mon Feb 14, 2022 3:30 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 185
Views: 54463

Re: Feature Request : IPv6 Fasttrack

+ 1 for this Feature Request : need IPv6 Fasttrack
by volkirik
Mon Feb 14, 2022 3:29 pm
Forum: Announcements
Topic: WinBox v3.33 and v3.34 released!
Replies: 102
Views: 26439

Re: WinBox v3.33 and v3.34 released!

good job!
by volkirik
Sat Feb 12, 2022 8:24 am
Forum: RouterOS beta
Topic: [feature request] MULTI-VRF, pppoe-relay and bcrelay, dhcpv6 client and server improvements and other bugfix/improvement
Replies: 19
Views: 5561

[feature request] ipsec alg (helper)

[feature request]

ipsec alg (helper)

thanks and regards
by volkirik
Sun Feb 06, 2022 3:39 pm
Forum: General
Topic: Cannot dial out wifi-call from mobile phone [SOLVED]
Replies: 79
Views: 28409

Re: Cannot dial out wifi-call from mobile phone [SOLVED]

it refresh conntrack timeout each and everytime traffic flows
by volkirik
Sun Feb 06, 2022 3:28 pm
Forum: General
Topic: Cannot dial out wifi-call from mobile phone [SOLVED]
Replies: 79
Views: 28409

Re: Cannot dial out wifi-call from mobile phone [SOLVED]

/ip firewall connection tracking set icmp-timeout=30s udp-stream-timeout=6m udp-timeout=30s loose-tcp-tracking=no /ip settings set arp-timeout=20m /ip firewall service-port set sip disabled=no ports=5060,5061,500,4500,3478,45395,50318,59234 sip-direct-media=no sip-timeout=1h /ip firewall mangle add ...
by volkirik
Fri Feb 04, 2022 5:09 pm
Forum: General
Topic: Cannot dial out wifi-call from mobile phone [SOLVED]
Replies: 79
Views: 28409

Re: Cannot dial out wifi-call from mobile phone [SOLVED]

I can respect your idea. but keepalive may be disabled or interval may be long, so that doesnt keep connection alive. I had the same problem with my provider TURKCELL, inspected their traffic they never ever send keepalive, nor send ka responses. sorry. prolly ip-firewall-drop rule or misconfigurati...
by volkirik
Fri Feb 04, 2022 4:11 pm
Forum: General
Topic: Cannot dial out wifi-call from mobile phone [SOLVED]
Replies: 79
Views: 28409

Re: Cannot dial out wifi-call from mobile phone [SOLVED]

thats the problem. they dont have to enable keepalives

so we need ipsec helper (ALG) to keep conns alive
by volkirik
Fri Feb 04, 2022 3:27 pm
Forum: General
Topic: Cannot dial out wifi-call from mobile phone [SOLVED]
Replies: 79
Views: 28409

Re: Cannot dial out wifi-call from mobile phone [SOLVED]

then please email mikrotik guys and request IPSEC alg. other vendors have it.

vowifi (VOWLAN) use IPSEC
by volkirik
Fri Feb 04, 2022 9:01 am
Forum: RouterOS beta
Topic: Russia only: MTS VoWIFI issues [SOLVED]
Replies: 4
Views: 3511

Re: Russia only: MTS VoWIFI issues [SOLVED]

change udp and udp stream timeout to 1h.

drop connections from WAN that is not NAT'ed.

enable WMM and set priority 7 for udp/500 and udp/4500

works. wish there was VOWLAN helper just like SIP. to keep these connections alive.
by volkirik
Fri Feb 04, 2022 9:00 am
Forum: General
Topic: Cannot dial out wifi-call from mobile phone [SOLVED]
Replies: 79
Views: 28409

Re: Cannot dial out wifi-call from mobile phone [SOLVED]

change udp and udp stream timeout to 10m.

drop connections from WAN that is not NAT'ed.

enable WMM and set priority 7 for udp/500 and udp/4500

works. wish there was VOWLAN helper just like SIP. to keep these connections alive.
by volkirik
Wed Feb 02, 2022 10:13 pm
Forum: RouterOS beta
Topic: [feature request] MULTI-VRF, pppoe-relay and bcrelay, dhcpv6 client and server improvements and other bugfix/improvement
Replies: 19
Views: 5561

[feature request] MULTI-VRF, pppoe-relay and bcrelay, dhcpv6 client and server improvements and other bugfix/improvement

[feature request]

pppoe-relay

and broadcast-relay

could be extra package possibly bundled with other relay daemons

thanks and regards
by volkirik
Wed Feb 02, 2022 8:21 pm
Forum: Wireless Networking
Topic: Where is dtim and beacon interval??
Replies: 9
Views: 9233

Re: Where is dtim and beacon interval??

+1 for this

DTIM and beacon interval is necessary

cheapest tplink models have these settings
by volkirik
Sat Jan 29, 2022 10:45 pm
Forum: General
Topic: Restore config from backup file without restoring admin password
Replies: 1
Views: 2603

Re: Restore config from backup file without restoring admin password

admin password is one-way encrypted AFAIK

please have a look at;
https://github.com/BigNerd95/RouterOS-Backup-Tools

indeed. there should be way to recover backup without admin password.
by volkirik
Fri Dec 17, 2021 6:54 am
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 229371

Re: v7.1 is released!

IP firewall service-port (ALG) for QUIC protocol (HTTP3) is necessary. Before I disable (reject in firewall) QUIC , whatsapp, messenger and many applications experience packet-loss and unacceptable jitter. After I reject QUIC, connections fallback to TCP (HTTP2) and all connections are stable. So I ...
by volkirik
Thu Dec 16, 2021 6:15 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 229371

Re: v7.1 is released!

we do not write those drivers.
never late. hire some low-level programmers if necessary.

just like cloudflare.. to optimize OSS and fix one-in-a-million bugs
by volkirik
Thu Dec 16, 2021 5:59 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 229371

Re: v7.1 is released!

any ticket opened about x86 platform are answered by Arturs in the same very stupid way..... "maybe some drevers are misisng." But it is not the case!!!!! Very disappointed by your low level of support!!!! What a shame! they think that they provide FOSS software for free as in price.. wha...
by volkirik
Thu Dec 16, 2021 8:17 am
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 229371

Re: v7.1 is released!

why did they remove routing_table parameter from PING/TraceRoute ?

could it be readded? We currently do not use VRF but actively use Route Tables.

I would appreciate if it can be re-added in ROS v7. It was very useful for debugging.

Thanks a lot.
by volkirik
Sun Dec 12, 2021 1:34 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 229371

Re: v7.1 is released!

I think v7.1.1 and 7.2(testing) and 6.50(testing) are gonna be fun changelogs to read once they arrive.
indeed! they can also mark 7.1.1 as "very stable" and 7.1.2 as "extremely stable"
by volkirik
Sun Dec 05, 2021 3:57 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 229371

Re: v7.1 is released!

When you feel better at home at such a company, please go buy there and do not bother yourself with using MikroTik!
whatever.
by volkirik
Sun Dec 05, 2021 2:17 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 229371

Re: v7.1 is released!

Downgraded to 6.48.5 and everything works.
I am not able to let the 1036 propagate nor default route nor local connected routes.
6.49.2 is also fine.
by volkirik
Sun Dec 05, 2021 1:16 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 229371

Re: v7.1 is released!

Hello upgraded from latest LTS to 7.1 the BGP router doesnt advertise local connected routes neither default route. any setting that I am overlooked? Just a plain BGP session: a) from CORE ROUTER (with the defaut route) - the CCR receives correctly default route b) to customers, it doesnt propagate...
by volkirik
Sat Dec 04, 2021 11:31 am
Forum: RouterOS beta
Topic: Unable to export configuration on hAP mini 7.1
Replies: 18
Views: 10092

Re: Unable to export configuration on hAP mini 7.1

Export RouterOS 7.1 on: SXT 5HPnD r2 (600Mhz) slow SXT 5HPnD (400Mhz) weeeeery slow. Some time when logging in on the 400MHz I do get "Console has crashed; please log in again." Edit: When trying to export the config from SXT 5HPnD (400Mhz), it does loos its client and Winbox may be disco...
by volkirik
Thu Dec 02, 2021 11:55 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 229371

Re: v7.1 [testing] is released!

Unfortunately, neither BGP settings nor filters are converted to ROSv7
Routing config cannot be upgraded if any other older v7 version was already installed previously. Config is converted only once.
nonsense. nonreasonable.
by volkirik
Thu Dec 02, 2021 8:28 pm
Forum: RouterOS beta
Topic: Unable to export configuration on hAP mini 7.1
Replies: 18
Views: 10092

Re: Unable to export configuration on hAP mini 7.1

same here.

one of many v7 bugs, probably
by volkirik
Wed Dec 01, 2021 6:00 pm
Forum: General
Topic: Enable TCP ECN for bandwidth efficiency
Replies: 14
Views: 8498

Re: Enable TCP ECN for bandwidth efficiency

+1 for ECN support and BBR congestion control

please implement them mikrotik
by volkirik
Sat Nov 27, 2021 1:34 pm
Forum: General
Topic: Mikrotik Router SIP Connection Blocked.
Replies: 79
Views: 62668

Re: Mikrotik Router SIP Connection Blocked.

udp-stream-timeout=1h loose-tracking=NO (standart tracking) limit drop-invalid rule ; incoming from = WAN interface-list if you use fast-tracking exclude TCP SYN,FIN,RST packets; /ip firewall filter add action=accept chain=forward comment="TCP FIN - standard tracking" \ connection-state=es...
by volkirik
Sun Nov 14, 2021 10:19 am
Forum: General
Topic: Interface queue type
Replies: 11
Views: 14429

Re: Interface queue type

The queue type (kind) is about packet buffering and packet processing mechanism. IMHO, PCQ (default size) performs best, offering both zero-packet loss and lowest ping/jitter. //queue type set [find name=default] kind=pcq /queue interface set [find] queue=default /queue simple set [find] queue=defau...
by volkirik
Sat Sep 11, 2021 3:03 pm
Forum: RouterOS beta
Topic: v7.1rc3 [development] is released!
Replies: 172
Views: 51401

Re: v7.1rc3 [development] is released!

select routing table in traceroute tool and it will not work.

works with only main routing table. It seems support routing table selection is broken
There is no routing-table parameter, there is vrf parameter and it accepts only vrf tables, not policy routing tables.
why not
by volkirik
Sat Sep 11, 2021 8:23 am
Forum: RouterOS beta
Topic: v7.1rc3 [development] is released!
Replies: 172
Views: 51401

Re: v7.1rc3 [development] is released!

select routing table in traceroute tool and it will not work.

works with only main routing table. It seems support routing table selection is broken

7.1rc3 winbox 3.30. hope you can fix it, we have 3 routing tables and actively use them
by volkirik
Tue Aug 17, 2021 10:32 pm
Forum: Beginner Basics
Topic: Recommend way to block Ads with Mikrotik
Replies: 64
Views: 70039

Re: Recommend way to block Ads with Mikrotik

I do not reboot, so have not seen any of this. It also may be different from router to router.
LOL. ok. ;P
by volkirik
Tue Aug 17, 2021 10:09 pm
Forum: Beginner Basics
Topic: Recommend way to block Ads with Mikrotik
Replies: 64
Views: 70039

Re: Recommend way to block Ads with Mikrotik

You are wrong at some points.
oh yes? what about boot time?

10 minutes without firewall rules on RB4011 and CPU spike.
by volkirik
Sun Aug 15, 2021 4:37 pm
Forum: General
Topic: How to setup WiFi calling (aka VoWIFI) on mikrotik
Replies: 20
Views: 10926

Re: How to setup WiFi calling (aka VoWIFI) on mikrotik

/ip firewall service-port
set h323 ports=1720
set sip ports=5060,5061,500,4500,5222,3478,80,443 sip-direct-media=yes sip-timeout=3m
by volkirik
Sun Aug 08, 2021 6:14 pm
Forum: Beginner Basics
Topic: Recommend way to block Ads with Mikrotik
Replies: 64
Views: 70039

Re: Recommend way to block Ads with Mikrotik

Works OK but resource intensive.
by volkirik
Sun Aug 08, 2021 1:04 pm
Forum: Beginner Basics
Topic: Recommend way to block Ads with Mikrotik
Replies: 64
Views: 70039

Re: Recommend way to block Ads with Mikrotik

It would be easier if MikroTik officially supported importing hosts file. for example: IP->DNS->Filter Subscriptions you enter URL(s] to download hosts files... and interval (for example: daily, weekly, monthly) after that, they could add whitelisting feature. but whatever. it is just a dream unless...
by volkirik
Sun Aug 08, 2021 12:47 pm
Forum: Beginner Basics
Topic: Recommend way to block Ads with Mikrotik
Replies: 64
Views: 70039

Re: Recommend way to block Ads with Mikrotik

download the file to desktop; https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts open notepad++ replace with regex; find: ^#[^\n]* replace: "" (empty) find: ^![^\n]* replace: "" (empty) find: ^[^0] replace: "" (empty) find: #[^\n]* replace: "" (e...
by volkirik
Sat Jul 31, 2021 11:48 am
Forum: Scripting
Topic: Script of automatically updating gateway address at routes
Replies: 11
Views: 19380

Re: Script of automatically updating gateway address at routes

:if ($newgw1 != $routegw1),($newgw2 != $routegw2) do={
https://wiki.mikrotik.com/wiki/Manual:S ... _Operators
:if (($newgw1 != $routegw1) or ($newgw2 != $routegw2)) do={
edit: brackets
by volkirik
Fri Jul 23, 2021 6:48 pm
Forum: The User Manager
Topic: kill user online
Replies: 2
Views: 10692

Re: kill user online

CoA works on my router. just set port to 1700 on usermanager and radius tab of router.

select users, choose disable, then choose enable when desired the user(s) will reconnect
by volkirik
Thu Jul 15, 2021 11:18 pm
Forum: General
Topic: [SOLVED] intermittent status=failed for neighbor discovery?
Replies: 10
Views: 6682

Re: [SOLVED] intermittent status=failed for neighbor discovery?

hello dear mikrotik team winbox accepts 3600 secs as maximum value for reachable time which is 1h. but you wrote ms (milliseconds) on gui, could you please change it from "ms" to "s" in next update there is also bug in the underlying logic. after 3600 milliseconds neighbour becom...
by volkirik
Mon Jul 12, 2021 9:55 pm
Forum: RouterOS beta
Topic: IPv6 forwarding not working in 7.1beta6
Replies: 21
Views: 12220

Re: IPv6 forwarding not working in 7.1beta6

Thank you for your response. Yes lots of bugs to fix, it seems.
7.1beta6 is super buggy on the RB4011, so good thing you made that downgrade.
by volkirik
Mon Jul 12, 2021 8:47 pm
Forum: RouterOS beta
Topic: IPv6 forwarding not working in 7.1beta6
Replies: 21
Views: 12220

Re: IPv6 forwarding not working in 7.1beta6

bug exists on my rb4011 with 7.1beta6...

I rolled-back to 6.49beta54 until v7.1 ipv6 bugfix becomes available.

cleaning firewall rules and then re-importing didnt help. all TCP connections become untracked and invalid on 7.1beta6
by volkirik
Sat May 01, 2021 10:42 am
Forum: General
Topic: How to manage bandwidth youtube with Layer 7?
Replies: 11
Views: 12993

Re: How to manage bandwidth youtube with Layer 7?

Unfortunately, most, if not all, firewalls do not currently recognize QUIC traffic as ‘web’ traffic, therefore it is not inspected, logged or reported on, leaving a gaping hole in your network’s security. it is crypted. With Google making changes to their protocol, we recommend creating additional ...
by volkirik
Fri Feb 12, 2021 5:59 pm
Forum: Scripting
Topic: Script of automatically updating gateway address at routes
Replies: 11
Views: 19380

Re: Script of automatically updating gateway address at routes

i also update srcnat rule.. thanks for posting gateway script :local EthInterfaceName "ether1" :local MyComment "terra" :local newgw [/ip dhcp-client get [/ip dhcp-client find interface="$EthInterfaceName"] gateway]; :local routegw [/ip route get [/ip route find comment...
by volkirik
Sun Jan 17, 2021 3:07 am
Forum: General
Topic: How to manage bandwidth youtube with Layer 7?
Replies: 11
Views: 12993

Re: How to manage bandwidth youtube with Layer 7?

I currently use following setup /ip firewall mangle add action=mark-connection chain=forward comment="youtube tls host youtube.com" new-connection-mark=youtube passthrough=yes \ port=443 protocol=tcp tls-host=*.youtube.com add action=mark-connection chain=forward comment="youtube tls ...
by volkirik
Fri Jan 15, 2021 7:36 pm
Forum: General
Topic: How to manage bandwidth youtube with Layer 7?
Replies: 11
Views: 12993

Re: How to manage bandwidth youtube with Layer 7?

we use tls-host matcher for eba.gov.tr online education portal's bandwidth management you can do the same, just need to rename rules and hostname (domain) /ip firewall mangle add action=mark-connection chain=forward comment="eba tls host eba.gov.tr" new-connection-mark=eba passthrough=yes ...
by volkirik
Sat Dec 12, 2020 6:41 pm
Forum: General
Topic: Clamp TCP MSS function?
Replies: 3
Views: 4638

Re: Clamp TCP MSS function?

/ip firewall mangle
add action=change-mss chain=forward new-mss=clamp-to-pmtu passthrough=yes protocol=tcp tcp-flags=syn

/ipv6 firewall mangle
add action=change-mss chain=forward new-mss=clamp-to-pmtu passthrough=yes protocol=tcp tcp-flags=syn
by volkirik
Sat Dec 12, 2020 6:21 pm
Forum: General
Topic: Trying to Understand MSS Clamping - Not Working? [SOLVED]
Replies: 13
Views: 9376

Re: Trying to Understand MSS Clamping - Not Working? [SOLVED]

actually it is not solved... clamp TCP MSS still not working... MRRU is not supported by my ISP so I add 2 forward rules (one for incoming traffic and another one for outgoing traffic) and clamp-to-pmtu manually. dunno what mechanism Mikrotik use for clamping TCP MSS at interfaces but it is not work...
by volkirik
Thu Dec 03, 2020 8:22 am
Forum: General
Topic: Interfaces Up/Down every 3 seconds
Replies: 4
Views: 3726

Re: Interfaces Up/Down every 3 seconds

disable autoneg.. may solve the problem
by volkirik
Sat Oct 03, 2020 2:53 pm
Forum: Wireless Networking
Topic: Wireless disconnected, group key exchange timeout
Replies: 68
Views: 76213

Re: Wireless disconnected, group key exchange timeout

i recommend 1 day for group key update

and 15 seconds for disconnect-timeout... then you will be ONLINE!

these two should be considered and applied as default values for HOME-AP by mikrotik team due to lots of problems and complaints.
by volkirik
Tue Jul 14, 2020 4:41 pm
Forum: Forwarding Protocols
Topic: BGP not trying to reconnect more than once
Replies: 11
Views: 8031

Re: BGP not trying to reconnect more than once

awesome. thanks.

saved my life. i can have a sleep now

/routing bgp peer {
   :foreach peer in [find state!="established" and disabled=no] do={
      :log warning "Restart stuck BGP Peer: $([get $peer name])"
      disable $peer
      :delay 100ms
      enable $peer
   }
}
by volkirik
Sat Apr 18, 2020 12:54 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 391
Views: 203846

Re: Mikrotik VDSL / DSL Modem?

unfortunately Mikrotik xDSL modem is not going to be produced.. They focus on active fiber and GPON.. the response from mikrotik was:
xDSL and G.fast are old technologies. Big chip makers quited that market long time ago. Intel, Qualcomm, Marvell... they sold or closed their xDSL and G.fast groups.
by volkirik
Tue Apr 14, 2020 5:21 am
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 391
Views: 203846

Re: Mikrotik VDSL / DSL Modem?

unfortunately Mikrotik xDSL modem is not going to be produced.. They focus on active fiber and GPON.. the response from mikrotik was:
xDSL and G.fast are old technologies. Big chip makers quited that market long time ago. Intel, Qualcomm, Marvell... they sold or closed their xDSL and G.fast groups.
by volkirik
Fri Apr 10, 2020 9:18 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 391
Views: 203846

Re: Mikrotik VDSL / DSL Modem?

It is not abandoned.. "NG.fast" and "XG.fast" will be named as "G.mgfast".. But the "NG.fast" prototype was only 5 Gbps. Maybe Swisscom would only be interested in 10 Gbps now. G.mgfast (multi-gigabit fast) will be supporting both 5Gbps and 10Gbps profiles.
by volkirik
Thu Apr 09, 2020 4:49 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 391
Views: 203846

Re: Mikrotik VDSL / DSL Modem?

If the "NG.fast" project was supposed to result in a slower product, maybe it is now abandoned. It is not abandoned.. "NG.fast" and "XG.fast" will be named as "G.mgfast".. I wish mikrotik make 35b/G.fast/G.mgfast SFP/+ modules. To decrease the price on the ma...
by volkirik
Thu Apr 09, 2020 6:07 am
Forum: RouterBOARD hardware
Topic: hAP ac3 spotted at FCC
Replies: 23
Views: 10493

Re: hAP ac3 spotted at FCC

It has elegant design!
by volkirik
Wed Apr 08, 2020 9:36 pm
Forum: General
Topic: BGP Multicore Load Balancing
Replies: 7
Views: 6437

Re: BGP Multicore Load Balancing

soon™ see also: https://m.facebook.com/story.php?story_fbid=1432205596904888&id=186874744771319 From Thrifty: My new response to people saying Mikrotik BGP being single threaded is causing them performance issues: A few points: 1) Control Plane ≠ Forwarding Plane While the processing of routing ...
by volkirik
Mon Apr 06, 2020 5:58 am
Forum: General
Topic: [SOLVED] intermittent status=failed for neighbor discovery?
Replies: 10
Views: 6682

Re: [SOLVED] intermittent status=failed for neighbor discovery?

there may be another problem with clients running MS Windows:
https://superuser.com/questions/984502/ ... by-default

posting here for reference.

it may be solved by disabling WoLAN and WoWLAN (if you are not using) because there seems to be no other solution.
by volkirik
Mon Apr 06, 2020 4:03 am
Forum: Announcements
Topic: v6.47beta [testing] is released!
Replies: 269
Views: 181514

Re: v6.47beta [testing] is released!

So is antenna gain added back now?
yes
by volkirik
Sun Apr 05, 2020 9:04 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 391
Views: 203846

Re: Mikrotik VDSL / DSL Modem?

Not every country has cheap labour, and it is quicker to replace a box than laying FTTH. Very few people need 10 Gbps at home. This "NG.fast" is made for up to 100 meters, so it would be mostly for FTTB (or right outside). modems will be ready from broadcom soon: https://www.broadcom.com/...
by volkirik
Sun Apr 05, 2020 3:46 pm
Forum: Announcements
Topic: v6.47beta [testing] is released!
Replies: 269
Views: 181514

Re: v6.47beta [testing] is released!

You could try "https://1.1.1.1/dns-query" - Cloudflare managed to get the the ip address into the certificate.
thanks