Community discussions

Search found 526 matches

by lambert
Wed Jul 08, 2015 2:47 am
Forum: RouterBOARD hardware
Topic: Seeking Hardware Recommendation?
Replies: 4
Views: 810

Re: Seeking Hardware Recommendation?

You didn't tell us how much bandwidth you have coming in. Do you want to handle VPN connections from outside? You said you want to get rid of the TDS router. But you also said you cannot get rid of the TDS router and keep your video service. You would need input from someone who knows the TDS system...
by lambert
Wed Jul 08, 2015 2:32 am
Forum: General
Topic: Bandwidth management on the fly
Replies: 1
Views: 440

Re: Bandwidth management on the fly

How do you decide to rate limit them? What queueing method are you using?
by lambert
Sun Jul 05, 2015 8:26 am
Forum: General
Topic: BGP with CCR1009 ?
Replies: 5
Views: 707

Re: BGP with CCR1009 ?

That is completely up to your choice of network architecture design, and budget. It is considered good practice to have one router do the eBGP and other routers handle the IGP. But that is not strictly required. Whether you use one router or two to handle the eBGP peers, is up to you. Two routers ei...
by lambert
Sun Jul 05, 2015 8:00 am
Forum: General
Topic: BGP with CCR1009 ?
Replies: 5
Views: 707

Re: BGP with CCR1009 ?

That depends on your tolerance to slow BGP table loads. *I* would use what I have and if BGP table loads are too painful for *my* environment, grab an x86 router. You have to make your own decision... :-) Even a Pentium 4 would likely have faster BGP table loads. A decent i7, in a network appliance ...
by lambert
Sun Jul 05, 2015 7:47 am
Forum: General
Topic: BGP with CCR1009 ?
Replies: 5
Views: 707

Re: BGP with CCR1009 ?

CPU wise for handling the throughput, the CCR1009 should be able to handle it in its sleep. BGP wise, if you are taking full routes from both providers, it will likely take some time to get the routes downloaded and integrated. It's a single threaded process at this time so only one core is used. A ...
by lambert
Wed Jul 01, 2015 10:42 am
Forum: General
Topic: Leap Second insertion
Replies: 7
Views: 1467

Re: Leap Second insertion

We only have a handful of CCRs, 1036 and 1009. 6.18, 6.24, and 6.27.

No lockups.

The RouterOS NTP client, in unicast mode, is pointed at 2 of our FreeBSD servers which are synced to pool.ntp.org.
by lambert
Fri May 15, 2015 1:57 am
Forum: RouterBOARD hardware
Topic: RB2011UAS-2HnD-IN Questions Topic
Replies: 215
Views: 91408

Re: RB2011UAS-2HnD-IN Questions Topic

first i've setup an basic setup for notebook and xbox(360/ONE) in the web utility. wireless connections are all stable and good, however on the 1Gbit port of the Routerboard it totally collapse the connection when i want to advertise only on 1Gbit full duplex. (the 1Gbit port is literally going off...
by lambert
Fri May 15, 2015 1:18 am
Forum: RouterBOARD hardware
Topic: RB2011UAS-2HnD-IN Questions Topic
Replies: 215
Views: 91408

Re: RB2011UAS-2HnD-IN Questions Topic

How many active users does this hardware (Rb2011) handle simuntaneously without any Hic-ups or system crashes? How many vehicles can be carried on a ferry without tipping over? It depends. Are some vehicles buses and some vehicles "Smart" cars? How many of each exactly? How many are motorcycles? Ho...
by lambert
Wed May 13, 2015 9:35 pm
Forum: RouterBOARD hardware
Topic: Need more CPU and 10 eth ports - which device to choose?
Replies: 12
Views: 1408

Re: Need more CPU and 10 eth ports - which device to choose?

Oh and the RB1100AHx2 is a 5 port router with two 4 port switches.
by lambert
Wed May 13, 2015 9:33 pm
Forum: RouterBOARD hardware
Topic: Need more CPU and 10 eth ports - which device to choose?
Replies: 12
Views: 1408

Re: Need more CPU and 10 eth ports - which device to choose?

I would not worry about number of ports on the router unless you need that many WAN connections, or have a lot of isolated internal LAN subnets. You need WAN and LAN connections on the new router. Continue to use your existing CRS as a switch. If you have multiple internal LANs that need to be route...
by lambert
Tue May 12, 2015 6:10 pm
Forum: General
Topic: Help! PPPoE and Static same interface
Replies: 15
Views: 3231

Re: Help! PPPoE and Static same interface

Hi all, I am trying to find out how to make a connection similar to the one I have at the moment but I want to improve the network to RouterOS. I bought a CRS109 and want to make it my default router at home. I have a bridge that brings ADSL as a PPPoE, but I would like to still access this bridge'...
by lambert
Thu Apr 30, 2015 10:02 pm
Forum: General
Topic: nonat in mikrotik
Replies: 1
Views: 462

Re: nonat in mikrotik

That would go something like: /ip firewall address-list add list=nonat address=nonatIP /ip firewall address-list add list=nonat address=nonatsubnet/prefix comment="if desired, document here" /ip firewall nat chain=src-nat src-address-list=nonat action=accept /ip firewall nat chain=src-nat src-addres...
by lambert
Thu Apr 23, 2015 7:12 am
Forum: General
Topic: Torrent
Replies: 43
Views: 9639

Re: Torrent

normis, I modified your script slightly. It should work on *BSD and Mac OS X/Darwin without having to install extra software and everywhere else with wget. Tested on FreeBSD and MacOS X. #!/usr/bin/env sh ARCH=$(uname -s) case $ARCH in FreeBSD) GETIT="fetch -q"; OUT="-o -"; ;; *BSD|Darwin) GETIT="ft...
by lambert
Wed Apr 15, 2015 3:23 pm
Forum: Beginner Basics
Topic: In-network websites unreachable
Replies: 9
Views: 1051

Re: In-network websites unreachable

That depends on the specifics of what RouterOS version and how you configured everything.
by lambert
Wed Apr 15, 2015 3:19 pm
Forum: Scripting
Topic: script for only e.g. facebook
Replies: 3
Views: 781

Re: script for only e.g. facebook

block 443
by lambert
Wed Apr 15, 2015 8:04 am
Forum: Scripting
Topic: script for only e.g. facebook
Replies: 3
Views: 781

Re: script for only e.g. facebook

Maybe you could use an access rule with the web proxy which is transparently applied only for your "certain group of users" however you decide to identify them?

http://wiki.mikrotik.com/wiki/Manual:IP/Proxy
by lambert
Wed Apr 15, 2015 7:59 am
Forum: Beginner Basics
Topic: In-network websites unreachable
Replies: 9
Views: 1051

Re: In-network websites unreachable

It might be MTU issues. Do large pings work? Does SSH hang when you move a lot of data through the connection?
by lambert
Sat Apr 04, 2015 9:53 am
Forum: General
Topic: Is QuickSet a threat with pppoe?
Replies: 10
Views: 964

Re: Is QuickSet a threat with pppoe?

I am new to Mikrotik and ROS and I'm currently using ROS 6.27 with a RB951Ui-2HnD. My ISP uses pppoe for authentication and I used QuickSet with the "HomeAP"-Setting. When taking a look at firewall rules the device is open to the whole world. After half an hour, I got 200 failed logins in the log v...
by lambert
Fri Apr 03, 2015 7:43 pm
Forum: Forwarding Protocols
Topic: Making BGP Changes
Replies: 11
Views: 1191

Re: Making BGP Changes

For outbound traffic, probably. Do it at 2AM anyway. If you are advertising routes to your provider, (Why would you run BGP if you're not?), then the routes you are advertising will probably go away until the BGP session rebuilds. That will most likely make your static default route immaterial from ...
by lambert
Thu Mar 26, 2015 8:07 pm
Forum: General
Topic: Router Suggestion
Replies: 3
Views: 601

Re: Router Suggestion

Well, without knowing your WAN speeds I have to say "get the RB1100AHx2." If you have more than 100Mbps total, you will likely run out of power with the RB2011 series.
by lambert
Thu Mar 26, 2015 7:37 pm
Forum: General
Topic: 1 year uptime on CCR1036-12G-4S
Replies: 7
Views: 1217

Re: 1 year uptime on CCR1036-12G-4S

The CCRs need some reports of good uptimes under load to counter the bad "press" they deservedly received when first released. I see some people who wrote off the CCR line entirely back in the pre-6.7 days. These people haven't noticed that most issues appear to be fixed, for many, not all and maybe...
by lambert
Thu Mar 26, 2015 1:51 am
Forum: General
Topic: 1 year uptime on CCR1036-12G-4S
Replies: 7
Views: 1217

Re: 1 year uptime on CCR1036-12G-4S

Thought I would share this for you all, from one of our CCR's... Would you mind telling us what functions this router is fulfilling? BGP, OSPF, Queue Trees, NTP server ......? I had 270+ days on my BGP(1 peer, partial routes)/OSPF/50 firewall rules/20 vlans/occasional L2TP/IPsec server/500Mbps CCR1...
by lambert
Sat Mar 14, 2015 12:31 am
Forum: Beginner Basics
Topic: What about EIGRP at Mikrotik
Replies: 7
Views: 2096

Re: What about EIGRP at Mikrotik

The protocol is not supported on RouterOS. You will want to use RIP, OSPF, or iBGP.
by lambert
Fri Mar 13, 2015 3:39 am
Forum: General
Topic: Terminating outdoor cable inside
Replies: 1
Views: 397

Re: Terminating outdoor cable inside

Sounds like a plan if your install budget can handle it. There have got to be less expensive cat6 surface mount parts. If you don't feel strongly about having the entry point stuck down, you could go with something like : http://www.deepsurplus.com/Network-Structured-Wiring/Ethernet-CAT5e-Inline-Ada...
by lambert
Thu Mar 12, 2015 6:20 pm
Forum: General
Topic: Router Suggestion
Replies: 3
Views: 601

Re: Router Suggestion

WAN speeds?

Off-site VPN clients? If yes, what type of VPN?

Rate limiting or traffic prioritization for internal users?
by lambert
Thu Mar 12, 2015 4:59 pm
Forum: General
Topic: _HUGE_ Packet loss on CRS125 :(((
Replies: 66
Views: 8614

Re: _HUGE_ Packet loss on CRS125 :(((

I have no opinion on whether or not this will help your issue. Have you tried http://forum.mikrotik.com/viewtopic.php?t=92711#p463429.
by lambert
Thu Mar 12, 2015 12:01 am
Forum: General
Topic: Billing software with Radius support
Replies: 3
Views: 1314

Re: Billing software with Radius support

If you are a typical Wireless ISP, off the top of my head: http://freeside.biz/freeside http://wispmon.com http://powercode.com http://visp.net http://azotel.com http://ispbilling.com http://billmax.com There are probably other options. If you just want to do hotspot billing, there are other package...
by lambert
Tue Mar 03, 2015 2:06 am
Forum: General
Topic: RouterOS DHCP + Freeradius - Queues
Replies: 19
Views: 4771

Re: RouterOS DHCP + Freeradius - Queues

That fixes a problem which was introduced after 6.18.
by lambert
Wed Feb 18, 2015 5:56 am
Forum: Beginner Basics
Topic: When auto updating, Error connection timed out
Replies: 29
Views: 16302

Re: When auto updating, Error connection timed out

While all management traffic works to my RouterOS devices and I can ping and SSH to the general Internet from the RouterOS devices, the auto update checker timed out until I added the state checking rules to the firewall's input chain. Maybe it is using FTP underneath. I didn't dig into why it would...
by lambert
Mon Feb 16, 2015 11:17 pm
Forum: General
Topic: _HUGE_ Packet loss on CRS125 :(((
Replies: 66
Views: 8614

Re: _HUGE_ Packet loss on CRS125 :(((

Do you have any packet loss with -i 0.01? Do you have any packet loss with -s 1472? The CPU on the CRS is small. Watch cpu utilization while you run the ping command. You are doing a serious flood ping with your existing ping command. Your existing size is forcing it to send 7 packets over the wire ...
by lambert
Mon Feb 16, 2015 7:11 pm
Forum: General
Topic: Need help: DHCP on VLAN bridge not working, works on just an interface?
Replies: 11
Views: 7585

Re: Need help: DHCP on VLAN bridge not working, works on just an interface?

/interface bridge port add bridge=bridge-vlan21 port=ether4-vlan21
by lambert
Mon Feb 16, 2015 7:03 pm
Forum: General
Topic: Router and 2 AP
Replies: 2
Views: 484

Re: Router and 2 AP

Please start by reading the pages linked from here: http://wiki.mikrotik.com/wiki/Category:Wireless

If you still have trouble, come back and ask us about the specific item which is giving you trouble.
by lambert
Mon Feb 16, 2015 6:55 pm
Forum: General
Topic: freeradius+dhcp with mikrotik - no netmask and gateway
Replies: 5
Views: 2302

Re: freeradius+dhcp with mikrotik - no netmask and gateway

Hello.. i'm try this case too .. but still no running. please let me know the detail ... You tried which way? There are two scenarios described before your post and we cannot tell to which message you are referring. Please describe your setup, tell us what version of RouterOS you are using, and sho...
by lambert
Fri Jan 23, 2015 10:38 am
Forum: General
Topic: Issue with DHCP and PPPoE servers on the same bridge?
Replies: 0
Views: 309

Issue with DHCP and PPPoE servers on the same bridge?

We have a WISP with several towers. There are multiple APs per tower. All of the APs are in one bridge with port horizon and / or bridge filters to keep the users from speaking to one another. We use DHCP + RADIUS auth to hand IPs to the customer. It works. But we are missing the accounting records ...
by lambert
Mon Jan 19, 2015 8:06 am
Forum: Beginner Basics
Topic: rb850gx2 speed problem
Replies: 7
Views: 1299

Re: rb850gx2 speed problem

I would start by putting the passthrough=no rules immediately following the rules which create the connections marks they look for. I think you will spend less time comparing traffic for each possible condition before short circuiting out of the loop. Then, look for the set of rules which see the mo...
by lambert
Fri Jan 16, 2015 9:40 am
Forum: Wireless Networking
Topic: Contention Ratio calculation
Replies: 1
Views: 1504

Re: Contention Ratio calculation

I think there have been several conversations on this forum on this topic. You might want to use the search function.
by lambert
Tue Dec 30, 2014 10:20 am
Forum: General
Topic: Ditch ubiquiti and come to mikrotik?
Replies: 39
Views: 7255

Re: Ditch ubiquiti and come to mikrotik?

i'll go in there and run a cable around the perimeter of my office temporarily to test...... as which i'm sure you and the others that mentioned doing so are correct. so, for each device that talks to the ap, cut the rate in two and divide by the number of connected devices? starting with say 144, ...
by lambert
Tue Dec 30, 2014 10:14 am
Forum: General
Topic: Ditch ubiquiti and come to mikrotik?
Replies: 39
Views: 7255

Re: Ditch ubiquiti and come to mikrotik?

Possibly because the AP is screaming. Possibly because of other noise. Do you have both chains enabled on the AP? 40 MHz, 1 chain = 144mbps.
by lambert
Tue Dec 30, 2014 9:41 am
Forum: General
Topic: Ditch ubiquiti and come to mikrotik?
Replies: 39
Views: 7255

Re: Ditch ubiquiti and come to mikrotik?

- the 15GB vid is at least 2hrs. in length. so that should be a paltry 125MB/minute or 2.08MB/sec (16.66Mbit/sec). That should be easily achieved, even on the lesser 144Mbit connection....... right? 144Mbps air rate yields approximately 72Mbps of data throughput. Now, with two devices talking to ea...
by lambert
Thu Dec 11, 2014 1:37 am
Forum: General
Topic: l2tp keepalive?
Replies: 5
Views: 1279

Re: l2tp keepalive?

Did you change the keepalive setting on both sides?

I have not done the research, but you can, to know if the keepalive value is negotiated to the smallest acceptable value between L2TP peers or not.
by lambert
Thu Nov 27, 2014 2:31 am
Forum: General
Topic: Wisp Routing or Bridging
Replies: 3
Views: 1574

Re: Wisp Routing or Bridging

RTFW. If you have specific questions after reading the fine wiki, http://wiki.MikroTik.com/, someone may be able to offer assistance.
by lambert
Wed Nov 26, 2014 10:00 pm
Forum: General
Topic: I need skilled eyes on my config
Replies: 2
Views: 613

Re: I need skilled eyes on my config

This thread has a similar question to yours. You have to define VLANs as sub-interfaces of their master interfaces. Then you use bridges including the VLAN interfaces into the appropriate grouping.

http://forum.mikrotik.com/viewtopic.php ... 88#p457425
by lambert
Wed Nov 26, 2014 9:11 pm
Forum: General
Topic: How much Bandwidth is required? [WISP]
Replies: 16
Views: 3678

Re: How much Bandwidth is required? [WISP]

Given my pricey bandwidth upstream, I can see this topic changing to "How so I conserve bandwidth" and "How do I make my service seem fast". Web cache (squid) is one way. But this is only for httptraffic. Qos is also another important tool (i.e. Give priority to http  and VoIP). Any other 'tricks...
by lambert
Tue Nov 25, 2014 1:16 am
Forum: General
Topic: WISP Project
Replies: 8
Views: 2871

Re: WISP Project

Yeah, that diagram is generally how I would do it. Make sure the AP 10.1.2.2 is configured with default forward turned off. If you have more than one AP, keep them in separate networks or use bridge filters or port horizon settings to keep traffic from coming in on one IP and going back out to a cli...
by lambert
Tue Nov 25, 2014 12:05 am
Forum: General
Topic: How much Bandwidth is required? [WISP]
Replies: 16
Views: 3678

Re: How much Bandwidth is required? [WISP]

It depends. I have towers with 30 clients which use 60Mbps during peak hours. I have towers with 50 clients which use 12Mbps during peak hours. It depends on the customers. Younger clients tend to use more bandwidth than older clients. Wealthier clients tend to use more bandwidth than less wealthy c...
by lambert
Mon Nov 24, 2014 11:40 pm
Forum: General
Topic: Wisp Routing or Bridging
Replies: 3
Views: 1574

Re: Wisp Routing or Bridging

Routing. Always. You can setup VLANs from each AP back to the CCR1036 if you don't want to put a router at each tower. That will keep you from having one huge broadcast domain. If you run PPPoE on the CCR, you will be okay, as long as the back-hauls are managed via a separate VLAN than is used to tr...
by lambert
Mon Nov 24, 2014 11:22 pm
Forum: General
Topic: Remote Syslog Issue in CCR1036 & 450G
Replies: 7
Views: 1923

Re: Remote Syslog Issue in CCR1036 & 450G

Yes, i am able to ping from both routers and kiwi syslog to routers also , even i tried to upgrade and downgrade the versions but same issue repeated. check out the images and .rsc of non working and working Please, do not make gratuitous changes such as changing the version of RouterOS. Let us deb...
by lambert
Sat Nov 22, 2014 8:06 am
Forum: General
Topic: My Internet provider have a "connections limit"..
Replies: 12
Views: 2656

Re: My Internet provider have a "connections limit"..

What kind of connection limit? Session time limit? Bytes transferred limit? Simultaneous TCP connection limit? Something else? You have to actually get around to telling us exactly what the problem is for us to be able to offer suggestions. When plisken asked for more information, you told us the sa...
by lambert
Fri Nov 21, 2014 9:18 am
Forum: General
Topic: WISP Project
Replies: 8
Views: 2871

Re: WISP Project

"Don't bridge networks" which means don't build a network of 100's of clients across several towers all in the same broadcast domain. Bridging your backhauls makes the configuration of the radios simpler. It makes them more like a long ethernet cable between towers. It is not wrong to do it the way ...
by lambert
Fri Nov 21, 2014 8:35 am
Forum: Beginner Basics
Topic: Mikrotik RB2011 UniFi 2 SSID and Local Network
Replies: 6
Views: 3212

Re: Mikrotik RB2011 UniFi 2 SSID and Local Network

I think the mikrotik way is to create vlans 200 and 300 on each of the UniFi ethernet interfaces, then put each VLAN interface in into the appropriate bridge. /interface vlan add interface=ether3 name=E03_V200 vlan-id=200 add interface=ether3 name=E03_V300 vlan-id=300 add interface=ether4 name=E04_V...