Community discussions

Search found 321 matches

by xvo
Tue Sep 25, 2018 11:51 am
Forum: General
Topic: PCQ the VLANs
Replies: 15
Views: 1181

Re: PCQ the VLANs

you cannot say that traffic of a whole subnet of a given size should be treated as a single stream I'm not sure but it seems that it is possible to use subnets as a sub-stream. There are pcq-dst-address-mask and pcq-src-address-mask parameters and by default they are set to /32 to refer to a single...
by xvo
Mon Sep 24, 2018 6:53 pm
Forum: General
Topic: IPv6 client problems with bonded WAN
Replies: 5
Views: 433

Re: IPv6 client problems with bonded WAN

Have you tried 6.42.7?
It seems that something is broken in DHCPv6 in 6.43
However previous messages were about DHCPv6-server, not the client.
So it's just a wild guess.
by xvo
Sun Sep 23, 2018 2:33 pm
Forum: Beginner Basics
Topic: CAPsMAN Access List Question [SOLVED]
Replies: 3
Views: 390

Re: CAPsMAN Access List Question [SOLVED]

Just add the rule that will NOT authenticate everything as the last one in access list.
by xvo
Fri Sep 21, 2018 7:53 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

I'm starting to think that the only reason for RB4011 to have that SFP+ is that MT can claim it offers "1733 Mbps data rate" (see top most banner on all forum pages).
One could hardly claim that if all wired ports were 1Gbps.
2x1Gbps would be enough for that.
by xvo
Thu Sep 20, 2018 6:36 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 36690

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

Totally agree with WirelessRudy.
by xvo
Thu Sep 20, 2018 12:10 am
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

It should. CPU is similar (the same arch) in hAP ac, CRS-326 and RB4011.
hAP AC is MIPSPBE, CRS-326 and RB4011 are ARM.
by xvo
Thu Sep 13, 2018 12:19 pm
Forum: General
Topic: New bridge implementation - how to bridge 2 VLANs together?
Replies: 2
Views: 572

Re: New bridge implementation - how to bridge 2 VLANs together?

You still can do it "the old way".

Or you can create vlan interfaces for ALL vlans (including the "native" vlan) on top of one bridge, and then bridge the ones you want together.
by xvo
Wed Sep 12, 2018 1:58 pm
Forum: General
Topic: Bridge VLAN Filtering help [SOLVED]
Replies: 7
Views: 485

Re: Bridge VLAN Filtering help [SOLVED]

/interface vlan add interface=ether3 name=vlan200 vlan-id=200 add interface=ether3 name=vlan300 vlan-id=300 add interface=ether3 name=vlan400 vlan-id=400 This part on CHR-1 is wrong: the interfaces should be created on top of the bridge, not ether3. Then you add ether2 to the same bridge1, set PVID...
by xvo
Tue Sep 11, 2018 5:51 pm
Forum: Wireless Networking
Topic: wAP vs cAP ac vs hAP ac vs hAP ac2
Replies: 5
Views: 1756

Re: wAP vs cAP ac vs hAP ac vs hAP ac2

A nother question regarding the hAP ac2: can it be used with capsman and be used as a switch at the same time if i would plug in any laptops or other wired junk if i neded an umph in speed?
Sure.
by xvo
Tue Sep 11, 2018 2:24 pm
Forum: Wireless Networking
Topic: wAP vs cAP ac vs hAP ac vs hAP ac2
Replies: 5
Views: 1756

Re: wAP vs cAP ac vs hAP ac vs hAP ac2

wAP ac is a good device but it is indeed bottlenecked by cpu. With VLAN's configured it can deliver about 200mbit when two chains are used. Haven't tested it with three chains thou. I think you'd better go with newer devices: cAP ac or hAP ac2 (depending on where you would like to mount AP's) - most...
by xvo
Tue Sep 11, 2018 1:42 pm
Forum: General
Topic: Bridge VLAN Filtering help [SOLVED]
Replies: 7
Views: 485

Re: Bridge VLAN Filtering help [SOLVED]

/interface vlan add interface=ether3 name=vlan200 vlan-id=200 add interface=ether3 name=vlan300 vlan-id=300 add interface=ether3 name=vlan400 vlan-id=400 This part on CHR-1 is wrong: the interfaces should be created on top of the bridge, not ether3. Then you add ether2 to the same bridge1, set PVID...
by xvo
Tue Sep 11, 2018 11:04 am
Forum: RouterBOARD hardware
Topic: CCR1009-7G-1C-1S+PC
Replies: 2
Views: 385

Re: CCR1009-7G-1C-1S+PC

by xvo
Sun Sep 09, 2018 1:38 pm
Forum: General
Topic: How isolate a WiFi connected device ?
Replies: 4
Views: 430

Re: How isolate a WiFi connected device ?

The only way to do this on mikrotik side only (and the easiest way overall) is to enable wlan on mikrotik solely for this device, exclude wlan interface from the bridge and add a firewall rule that will drop everything from this wlan interface to the rest of the lan. Otherwise you need to look for i...
by xvo
Fri Sep 07, 2018 9:16 am
Forum: General
Topic: CCR1009- PSU2 enetered state FAIL
Replies: 3
Views: 1840

Re: CCR1009- PSU2 enetered state FAIL

thank you for the reply ! So I over-reacted. I don't need to worry about it ?
My CCR1009 behaves the same way.
But if you haven't done that already, I suggest you to temporarily switch the power cord from PSU1 to PSU2 to know for sure that they are both working properly :)
by xvo
Thu Sep 06, 2018 10:17 pm
Forum: General
Topic: CCR1009- PSU2 enetered state FAIL
Replies: 3
Views: 1840

Re: CCR1009- PSU2 enetered state FAIL

It failed to provide power to the unit.
Obviously the reason of this failure is that you didn't connect it to the power outlet :)
by xvo
Thu Sep 06, 2018 9:59 pm
Forum: SwOS
Topic: LAG (LACP) or RSTP or both???
Replies: 16
Views: 2239

Re: LAG (LACP) or RSTP or both???

You really need (R/M)STP to run on top of LACP bonding if you add the "Switch C" for the whole system to work (your lower picture). The LACP bonding itself will be treated like one physical port by RSTP - it can't disable only part of it. But if there is no other potential loops, and the LACP bondin...
by xvo
Thu Sep 06, 2018 9:35 pm
Forum: Wireless Networking
Topic: Trouble with DHCP on Wireless [SOLVED]
Replies: 7
Views: 829

Re: Trouble with DHCP on Wireless [SOLVED]

@xvo: Thanks a lot. Do you have any resources like documentation or tutorials on this? I would like to learn more about this. I thought tagging here is not needed, since it is already done at capsman datapath. You are welcome. The thing is, that the whole approach on vlan filtering on the bridge is...
by xvo
Thu Sep 06, 2018 2:11 am
Forum: Wireless Networking
Topic: Trouble with DHCP on Wireless [SOLVED]
Replies: 7
Views: 829

Re: Trouble with DHCP on Wireless [SOLVED]

The Capsman Interface for the appropriate Wireless under "/interface bridge port" is actually shown as dynamic and can not been changed. I have changed the Interface "CAP" to PVID200 but I dont see a change - the client still dont get an IP from the DHCP-Server. Flags: X - disabled, I - inactive, D...
by xvo
Wed Sep 05, 2018 11:16 pm
Forum: Wireless Networking
Topic: Trouble with DHCP on Wireless [SOLVED]
Replies: 7
Views: 829

Re: Trouble with DHCP on Wireless [SOLVED]

Check that capsman interface is set to be a tagged port for vlan200 on the bridge.
by xvo
Wed Sep 05, 2018 4:00 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

Finally:
RB4011iGSplusRM-180905135303.png
by xvo
Wed Sep 05, 2018 3:54 pm
Forum: RouterBOARD hardware
Topic: CRS328-24P-4S+RM inter vlan routing performance
Replies: 1
Views: 459

Re: CRS328-24P-4S+RM inter vlan routing performance

Routing between vlans is done by CPU and it won't be able to handle 2Gbit, only around 1Gbit:
https://mikrotik.com/product/crs328_24p ... estresults

RB450Gx4, hAP ac2, hEX, hEX S should be able to route around 2Gbit according to official test results.
by xvo
Tue Sep 04, 2018 7:39 pm
Forum: RouterBOARD hardware
Topic: Need new hardware (8ports and 16ports)
Replies: 29
Views: 1703

Re: Need new hardware (8ports and 16ports)

xvo It is a cry in emptiness, we can only give an idea, its development and financial return depends on their decision If you have somewhere to hide the appearance of the device, then you are lucky, and when there is no such opportunity, I have the right to offer my idea, and spit on your opinion D...
by xvo
Tue Sep 04, 2018 7:04 pm
Forum: RouterBOARD hardware
Topic: Need new hardware (8ports and 16ports)
Replies: 29
Views: 1703

Re: Need new hardware (8ports and 16ports)

pe1chl When you come across a problem - one outlet ethernet for the whole department, then we'll talk (socket for 220v - one) xvo Most network devices consist of 8 ports, I just point out that the Mikrotik does not have such devices, even simple switches for 8 ports Why should we buy a device that ...
by xvo
Tue Sep 04, 2018 6:38 pm
Forum: RouterBOARD hardware
Topic: Need new hardware (8ports and 16ports)
Replies: 29
Views: 1703

Re: Need new hardware (8ports and 16ports)

Ok. So now just everybody can ask for a custom device for his specific needs and set a price for it himself?!
No to googling for what is actually an the market?
No to designing the network according to it?
No to trying to fit everything in the budget?
Just like that?!
by xvo
Mon Sep 03, 2018 7:32 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

The spec sheet lists the max operating temp as +45 C, which is much lower than most other models. I've seen ambient (internal) temps of 60c on my routers that are inside telecom closets etc so unless this has some active cooling, I'm worried it won't be able to operate in the same environments as c...
by xvo
Mon Sep 03, 2018 12:57 pm
Forum: Wireless Networking
Topic: Dual-concurrent info
Replies: 1
Views: 248

Re: Dual-concurrent info

Sure. You can use one radio as a client to existing wifi and the second for your own wifi network. And more to it - this can be done even on the devices with only one radio, using virtual wlan interface. The downsides of this approach are that both networks use the same channel and that the overall ...
by xvo
Sun Sep 02, 2018 8:25 pm
Forum: RouterBOARD hardware
Topic: RB 3011
Replies: 5
Views: 584

Re: RB 3011

why not
is rb 3011 best than cloud core crs 125 ? i use it as a switch....
RB3011 is a better router, but CRS125 is a better switch.
So replacing CRS125 by RB3011 as a switch is not a good idea, but adding RB3011 to act like a dedicated router sounds much better.
by xvo
Sun Sep 02, 2018 12:44 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

One question: why you need to push all that through the router? Why not to switch the most part? Long story short - MikroTik switches don't support VEPA and I use VEPA. And datacenter switches that support VEPA cost more than MikroTik router that can handle 10G lol. And I want to have stateful fire...
by xvo
Sat Sep 01, 2018 11:21 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

Correction: 10 Gbps. Or more precisely: 12 Gbps because I use SFP+ link only for VMs networks on home hypervisor plus NAS. Other networks eg. for my laptop and phone go through dedicated LACP bonding 2G to CCR so I have total 12G pipe between CRS317+CRS326 and CCR1009. Also all other ports in CCR a...
by xvo
Sat Sep 01, 2018 10:54 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

The move toward ARM had really boosted up performance per $: hAP ac2, now RB4011.
The next logical move is to extend this further to CCR line: the new ones in 400-500$ range can turn out real beasts if this trend will persist :)
by xvo
Sat Sep 01, 2018 10:05 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

Being a CCR1009 owner I can confirm - it is way overkill for home use. I ended with it only because I found one used for nearly the price of 3011. Otherwise it makes no sense, especially now, when you can get 4011 + CRS326 for the price of 1009. Though even home user can kill CCR1009 if you use too...
by xvo
Sat Sep 01, 2018 8:35 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

I'm especially interested in RB4011 vs CCR1009 on single 10G point to point connection. CCR seems to struggle with that. i think with rb4011rm ccr1009 is dead That's brave statement :D Still CCR1009 has number of features that RB4011 doesn't. It still has significantly higher routing performance, p...
by xvo
Fri Aug 31, 2018 11:15 am
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

The chip itself supports VLANs. So the limitations of this switch chip implementation in RB1100 are at some point artificial, or at least not dependant on switch chip only. Right again. So let's hope MT fixes this on RB1100AHx4 before launch of RB4011 ... then the new unit might become more sexy ag...
by xvo
Fri Aug 31, 2018 11:02 am
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

Hummm ... used switch chip RTL8367 seems not to support VLAN in hardware. So usability of those 10 ethernet ports will be limited as switched ports when VLANs are in use ... as all the traffic will hit CPU. It seems like I won't have to defend the level of sex appeal of this unit from my better hal...
by xvo
Fri Aug 31, 2018 10:48 am
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

I wonder how would two units, rack-mounted side-by-side (custom rack-mount hardware needed), would look like. I guess ugly as well due to weird (for rack-mounting at least) unit height. With 228mm width two of them won't easily fit side-by-side. Not easy but should be doable ... 19" racks accept 48...
by xvo
Fri Aug 31, 2018 10:33 am
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

I wonder how would two units, rack-mounted side-by-side (custom rack-mount hardware needed), would look like. I guess ugly as well due to weird (for rack-mounting at least) unit height.
With 228mm width two of them won't easily fit side-by-side.
by xvo
Thu Aug 30, 2018 9:34 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

I wonder what processors will we see in future RB1100 and CCR series, as RBx011 has 4x1.4GHz now... Prices are probably estimated but from what resellers suggest RB4011 won't be direct RB2011 successor as it's gonna be priced significantly higher (which obviously makes sense, after all it has the s...
by xvo
Thu Aug 30, 2018 8:04 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 61300

Re: RB4011

I wonder what processors will we see in future RB1100 and CCR series, as RBx011 has 4x1.4GHz now...
by xvo
Thu Aug 30, 2018 6:11 pm
Forum: RouterBOARD hardware
Topic: Suggestion: release routers with preinstalled Factory Software from Bugfix release chain
Replies: 6
Views: 607

Re: Suggestion: release routers with preinstalled Factory Software from Bugfix release chain

DON'T do this Mikrotik, very bad idea !!!
RC is development and should be treated as beta software !
...and that is why the suggestion was about the "Bugfix" tree, not "RC"... :)
by xvo
Wed Aug 29, 2018 9:27 pm
Forum: Wireless Networking
Topic: CAPsMAN - can't get 5GHz band on wAP ac to work [SOLVED]
Replies: 14
Views: 1590

Re: CAPsMAN - can't get 5GHz band on wAP ac to work [SOLVED]

/interface wireless info> country-info    
country: kazakhstan
  ranges: 2402-2482/b,g,gn20,gn40(20dBm)
          2417-2457/g-turbo(20dBm)
          902-927/b,g,g-turbo,gn20,gn40(30dBm)
So, just use "no-country-set".
by xvo
Wed Aug 29, 2018 12:43 pm
Forum: Wireless Networking
Topic: CAPsMAN - can't get 5GHz band on wAP ac to work [SOLVED]
Replies: 14
Views: 1590

Re: CAPsMAN - can't get 5GHz band on wAP ac to work [SOLVED]

Try specifying the target for provision not by some wide criteria, but by MAC address of the CAP directly.
When you will be sure, that config itself is working right on the cap, you can then play with the provison method.
by xvo
Wed Aug 29, 2018 11:12 am
Forum: Wireless Networking
Topic: CAPsMAN - can't get 5GHz band on wAP ac to work [SOLVED]
Replies: 14
Views: 1590

Re: CAPsMAN - can't get 5GHz band on wAP ac to work [SOLVED]

Your 5GHz is running on 5785 MHz (157 Channel) - not all devices and not in all countries support channels 149,153,157,161.
Try changing to 5150 – 5250 MHz
by xvo
Wed Aug 29, 2018 10:21 am
Forum: General
Topic: NAT Bypass
Replies: 1
Views: 214

Re: NAT Bypass

Add an out-interface= to masquerade rule.
by xvo
Tue Aug 28, 2018 12:15 am
Forum: Beginner Basics
Topic: Mikrotik VLANs (Office, Guest, Managment)
Replies: 10
Views: 1230

Re: Mikrotik VLANs (Office, Guest, Managment)

If you firewall consists of just these two entries for now, then there is no need to add anything else for this to work. Now it accepts all, that is not forbidden. But as I already said - try reading something about firewall in general, because you definitely want to forbid more. If not even reverse...
by xvo
Mon Aug 27, 2018 8:03 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 15547

Re: bridge vlan setup (new way) [SOLVED]

I'd correct it a small bit - for a given VID, you need to add bridge X itself to the list of tagged member ports of bridge X not only if you want to add an /interface vlan for that VID, to which you could attach an IP configuration (static address or dhcp client), but also if you want to make some ...
by xvo
Mon Aug 27, 2018 7:10 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 15547

Re: bridge vlan setup (new way) [SOLVED]

@xvo Thank you for input. These MikroTik devices are really acting as switches -- they're hanging off a Cisco switch (upstream) and the core router is an RB1100ahx4.. So is my entire issue because I never added this master bridge interface to the list of interfaces that need to be set to tagged und...
by xvo
Mon Aug 27, 2018 6:36 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 15547

Re: bridge vlan setup (new way) [SOLVED]

Everything right. As for vlan interfaces: you need to create ones on top of the bridge only for the vlan-ids, for which you have specified the bridge itself as a tagged port - to attach the ip configuration (addresses, dhcp clients/servers etc.) for these vlans. For "default" vlan id (that is set in...
by xvo
Mon Aug 27, 2018 4:18 pm
Forum: Beginner Basics
Topic: CAPsMAN: RB3011 and wAP ac - problems
Replies: 3
Views: 449

Re: CAPsMAN: RB3011 and wAP ac - problems

What is "CAP" configuration on CAPs?
Do they look for capsman in the right interface?

Ant why do you have two provisions if they are identical?
by xvo
Mon Aug 27, 2018 3:49 pm
Forum: Beginner Basics
Topic: Bridge VLAN filtering
Replies: 18
Views: 1214

Re: Bridge VLAN filtering

You still have one of the vlans left as bridge port: add bridge=mainbridge tagged=mainbridge untagged=\ ether4-trunk,vlan1,ether5-vlan10-wlan vlan-ids=1 And on your RB951 ether1-trunk is not a trunk really, it gets only vlan1 untagged, and that's all: /interface bridge vlan add bridge=vlanbridge tag...
by xvo
Mon Aug 27, 2018 12:49 am
Forum: Beginner Basics
Topic: Mikrotik VLANs (Office, Guest, Managment)
Replies: 10
Views: 1230

Re: Mikrotik VLANs (Office, Guest, Managment)

Thank for your reply I did not set anything in the firewall rules. Can you help me and give instructions on what to need set in the traffic between the vlan interfaces ? Well, if it will be your gateway router, you are going to need the firewall anyway. For a standard firewall with "drop everything...