Community discussions

Search found 526 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 11
by lambert
Tue Nov 07, 2017 5:09 pm
Forum: General
Topic: RESOLVED -simple queue without packets drop on ccr1036 v6.18
Replies: 9
Views: 3641

Re: RESOLVED -simple queue without packets drop on ccr1036 v6.18

A queue which is passing traffic at close to the max limit speed will drop packets. You did not provide any information about your configuration. We cannot know the cause of your dropped packets. We can only guess. You may want to start your own topic. Tell us everything about the hardware, your que...
by lambert
Fri Sep 29, 2017 7:50 pm
Forum: Wireless Networking
Topic: Wireless Access List Not Dropping Clients with Weak Signal
Replies: 4
Views: 981

Re: Wireless Access List Not Dropping Clients with Weak Signal

I think the signal level access-list entry is only evaluated at connect time. It works that way with Ubiquiti's "threshold" setting also. I think if you want to kick weak signal clients, you will have to write a script to parse their current signal levels and kick them if below some threshold, proba...
by lambert
Sat Sep 16, 2017 5:06 am
Forum: Beginner Basics
Topic: Some ethernet devices won't lease from DHCP ?
Replies: 6
Views: 721

Re: Some ethernet devices won't lease from DHCP ?

Have you tried moving the Linux boxes to a different port on the bridge?
by lambert
Wed Sep 13, 2017 7:22 am
Forum: Beginner Basics
Topic: DHCP stays in "Offered" state for 2 wireless devices - Logitech Squeezeboxes
Replies: 7
Views: 940

Re: DHCP stays in "Offered" state for 2 wireless devices - Logitech Squeezeboxes

Now it would be fun to export the working config and compare it detail for detail with the non-working config to find what the root cause was. :-)
by lambert
Mon Sep 11, 2017 4:36 am
Forum: General
Topic: VPN Address List
Replies: 5
Views: 1484

Re: VPN Address List

I don't see anything wrong without loading it into an actual router. I don't do a lot of policy based routing. I may just be missing something obvious. You might try coming up with a couple of benign test websites which only use one IP address and use it consistently. Add one to each list and show u...
by lambert
Mon Sep 11, 2017 4:19 am
Forum: Beginner Basics
Topic: DHCP stays in "Offered" state for 2 wireless devices - Logitech Squeezeboxes
Replies: 7
Views: 940

Re: DHCP stays in "Offered" state for 2 wireless devices - Logitech Squeezeboxes

You didn't show us your access-list which puts the device into the correct VLAN. Another thought: Do all static leases have the always-broadcast=yes option? It is not a default option so could be something which is "different". add address=192.168.52.27 always-broadcast=yes comment=IOT-Media-Squeeze...
by lambert
Sun Sep 10, 2017 10:19 am
Forum: Beginner Basics
Topic: Is there way to upgrade?
Replies: 5
Views: 517

Re: Is there way to upgrade?

Upgrading RouterOS is done under System --> Packages. Like Windows, or OS X on your PC / Mac. The firmware you are looking at under System --> RouterBoard is equivalent to the BIOS on your PC. That doesn't get updated so often. After you update RouterOS under System --> Packages and reboot, it may o...
by lambert
Sun Sep 10, 2017 10:12 am
Forum: General
Topic: VPN Address List
Replies: 5
Views: 1484

Re: VPN Address List

Please, show your work. We cannot divine the answer without seeing your rules.
by lambert
Sun Sep 10, 2017 10:03 am
Forum: Beginner Basics
Topic: DHCP stays in "Offered" state for 2 wireless devices - Logitech Squeezeboxes
Replies: 7
Views: 940

Re: DHCP stays in "Offered" state for 2 wireless devices - Logitech Squeezeboxes

If you're using access-lists, to put things into VLANs, we may need to see the access-lists. Other times I see things like this, I'm not using ACLs, it is due to packet loss from the router (dhcp server) and the client device. Sometimes it's wireless loss, sometimes it's a bad ethernet cable on the ...
by lambert
Sun Sep 10, 2017 12:35 am
Forum: Beginner Basics
Topic: Understanding DHCP on Mikrotik [SOLVED]
Replies: 7
Views: 1027

Re: Understanding DHCP on Mikrotik [SOLVED]

Is your server on a loopback type bridge? In other words, are there any real interfaces connected to the DHCP server's interface?

I wish MikroTik would give us the ability to source UDP services from specific IPs / interfaces. This would help with SNMP also.
by lambert
Sat Sep 09, 2017 9:26 pm
Forum: Beginner Basics
Topic: Brand New to MikroTik
Replies: 5
Views: 1120

Re: Brand New to MikroTik

One possibility that I was thinking about: I'm going to have a web-accessible CalDAV calendar on the Synology for church events which anyone can view and which authorized users can access to enter events. Can you think of any way of integrating this with the Wi-fi system, either through RouterOS, t...
by lambert
Thu Sep 07, 2017 9:03 pm
Forum: General
Topic: Mikrotik as L2TP/IPSEC Client
Replies: 1
Views: 1498

Re: Mikrotik as L2TP/IPSEC Client

What does the log on your MikroTik say? Add more logging for IPsec and L2TP topics under System -> Logging. If you accept L2TP/IPSec connections to your MikroTik for your own use, make a new PPP profile which is used for outbound connections which doesn't have anything in the Local or remote IP fiel...
by lambert
Thu Sep 07, 2017 8:45 pm
Forum: The Dude
Topic: Mikrotik SNMP ifspeed variables
Replies: 2
Views: 596

Re: Mikrotik SNMP ifspeed variables

Show the ifTable.ifEntry.ifDescr for the same .1, .2, or .3 indexes to find out what RouterOS is showing you.
by lambert
Thu Sep 07, 2017 6:49 am
Forum: Beginner Basics
Topic: Brand New to MikroTik
Replies: 5
Views: 1120

Re: Brand New to MikroTik

Doing all of this on a new to you platform is going to involve a steep learning curve. That's great if you have the time. If you know how to do all of this with something else, you may want to go that direction, even if it costs more. If you have to learn how to do this for any platform you might us...
by lambert
Mon Aug 28, 2017 7:49 pm
Forum: General
Topic: Issue with VPN connecting behind router
Replies: 7
Views: 834

Re: Issue with VPN connecting behind router

Lambert, been trying to make the new mangle rule work. I basically copied the original rule exactly, except modified it around the IP structure for the "dial-in" VPN. It does not work. Here is what I have: <Mangle Rule> {General} Chain: prerouting Src: 192.168.15.0/24 Dst: ! 192.168.15.0/24 (I thin...
by lambert
Sat Aug 26, 2017 8:49 am
Forum: General
Topic: Issue with VPN connecting behind router
Replies: 7
Views: 834

Re: Issue with VPN connecting behind router

Add another mangle rule which doesn't mark anything but does not passthrough before that rule. It should match the same src address, AND the dst address of your office LAN. Or, you can just add the dst-address of your Office LAN to the PureVPN rule and negate it by checking the box in front of the a...
by lambert
Sat Aug 26, 2017 8:41 am
Forum: General
Topic: IPSec Client in Mikrotik problem
Replies: 1
Views: 366

Re: IPSec Client in Mikrotik problem

All of my users use the Windows built-in IPSec/L2TP client. I don't know if Windows has a pure IPSec client. The checkpoint software may default some options to be checkpoint specific. I have no experience with them. You have to make sure your client's settings, whatever vendor made your client, mat...
by lambert
Wed May 10, 2017 2:47 am
Forum: General
Topic: Which one is use fewer CPU load ??
Replies: 3
Views: 475

Re: Which one is use fewer CPU load ??

NAT will be less load on the CCR. Doing DNS on the CCR will be less load on your DNS server hardware. I am not a fan of using the MikroTiks as cacheing name servers. I've seen some oddities that went away when I stopped using the MikroTik cacheing name service for 50 - 200 user pools of customers. I...
by lambert
Wed May 10, 2017 2:33 am
Forum: General
Topic: Flapping IPSEC VPN Between Mikrotik and VyOS
Replies: 3
Views: 1218

Re: Flapping IPSEC VPN Between Mikrotik and VyOS

Just as a test, I would increase or decrease your lifetime settings. See if the interval of "outages" changes. I have a router which connects via IPSec to an unknown vendor IPSec router with lifetime of 8 hours. That one drops a few ICMP packets approximately every 8 hours. My monitoring is a schedu...
by lambert
Fri Mar 10, 2017 11:42 pm
Forum: General
Topic: PPPoE Server Issue
Replies: 5
Views: 527

Re: PPPoE Server Issue

Look for dynamic Simple Queue entries for the PPPoE users. If they exist, for what speeds are they set? Look at the IP fIrewall Mangle rules and make sure the MSS rules are dynamically inserted at the top, or very nearly, of the list. I have some PPPoE clients but the fastest plan they can have is 1...
by lambert
Thu Mar 09, 2017 10:23 pm
Forum: General
Topic: PPPoE Server Issue
Replies: 5
Views: 527

Re: PPPoE Server Issue

Firmware version?
by lambert
Thu Feb 09, 2017 7:02 pm
Forum: General
Topic: Strangeness with devices losing one-way comm with network?
Replies: 30
Views: 1852

Re: Strangeness with devices losing one-way comm with network?

It may be that some device needed its ARP table cleared after switching to WDS due to the MAC address translation which the bridge uses when not in WDS mode. I would try making sure lease times are short, like 10 minutes maximum. Then while at the other building, probably after business hours , conv...
by lambert
Tue Feb 07, 2017 9:27 pm
Forum: General
Topic: Strangeness with devices losing one-way comm with network?
Replies: 30
Views: 1852

Re: Strangeness with devices losing one-way comm with network?

Your bridge is not in a "transparent" mode. Look through Engenious documentation for how to make the bridge fully transparent.
by lambert
Mon Feb 06, 2017 10:44 am
Forum: General
Topic: SNMP doesn't work with asymmetric routes?
Replies: 31
Views: 6838

Re: SNMP doesn't work with asymmetric routes?

At all sites, I monitor the IP on the lan-bridge bridge. If there is a second router at a tower, it is connected via that bridge. onsite laptops also plug into a lan-bridge interface if a tech is onsite. It's pretty close to being a loopback interface. I've also tried a actual /32 on a dedicated loo...
by lambert
Mon Feb 06, 2017 10:10 am
Forum: General
Topic: Strangeness with devices losing one-way comm with network?
Replies: 30
Views: 1852

Re: Strangeness with devices losing one-way comm with network?

Look at the ARP table on the router for the bridge and other devices at the other building. Are they the mac addresses all different? There may be several IPs showing as having the same MAC address. Also look at the log on the router for anything unusual, maybe loops or something. When you replaced ...
by lambert
Mon Feb 06, 2017 9:45 am
Forum: Wireless Networking
Topic: basic help in wireless network needed
Replies: 1
Views: 418

Re: basic help in wireless network needed

Jajeblonsky, That's not helpful. People have to start learning somewhere. This does not appear to be a large corporate network. dieterjava, While plugged in to the MikroTik, can you ping both of the Lite-beam devices that make up the second wireless link? Do all four Lite-beam devices have WDS enabl...
by lambert
Mon Feb 06, 2017 8:50 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Mikrotik Package not installing
Replies: 8
Views: 3830

Re: Mikrotik Package not installing

Is the package file still in the files listing after the reboot? What architecture is the router? mipsbe, tile, powerpc, x86? For what architecture was the package file built? Uploading packages for the wrong architecture is probably the most common reason for problems like this. Corrupt uploads are...
by lambert
Mon Feb 06, 2017 8:32 am
Forum: General
Topic: Strangeness with devices losing one-way comm with network?
Replies: 30
Views: 1852

Re: Strangeness with devices losing one-way comm with network?

Your description does not sound like "one-way comm". This sounds like loss of connectivity between the remote bridge and the remote router. From your description, it is difficult to divine where the problem is. You glossed over a few details. Lets make sure we have the logical layout right. Router1 ...
by lambert
Sat Feb 04, 2017 8:19 am
Forum: General
Topic: SNMP doesn't work with asymmetric routes?
Replies: 31
Views: 6838

Re: SNMP doesn't work with asymmetric routes?

that is a feature not a bug. SNMP was specially altered to respond on the same interface it received request on. And response source is request destination. Hence, some suggested workarounds do work, like monitoring outgoing interface ip address or creating a tunnel and monitoring through the tunne...
by lambert
Fri Feb 03, 2017 12:07 am
Forum: Scripting
Topic: I need script mange bandwith on two lan
Replies: 2
Views: 422

Re: I need script mange bandwith on two lan

http://wiki.mikrotik.com/wiki/Manual:Queue

You want two simple queues.

max limit should be 10M for each
limit at should be 6 or 4 depending on your match criteria.
by lambert
Fri Oct 21, 2016 9:59 pm
Forum: Wireless Networking
Topic: mikrotik access point / controlling on the time of wireless authentication
Replies: 20
Views: 3032

Re: mikrotik access point / controlling on the time of wireless authentication

As a workaround, you could setup a script which enables and disables "/interface wireless access-list" rules to allow or reject users. Then run the appropriate script at the appropriate time. The key parts would look something like: /interface wireless access-list enable [find comment~"daytimeuser"]...
by lambert
Tue Aug 30, 2016 8:10 am
Forum: Beginner Basics
Topic: MRTG dynamic PPPoE or PPTP interface
Replies: 21
Views: 3629

Re: MRTG dynamic PPPoE or PPTP interface

I'm working on this today....

Target[username]: \<pppoe-username\@udomain.net>:community@router.domain.net

seems to work.
by lambert
Thu Apr 07, 2016 6:53 pm
Forum: General
Topic: SOLVED - L2TP IPSEC stoped working after Upgrade to 6.18
Replies: 19
Views: 63650

Re: SOLVED - L2TP IPSEC stoped working after Upgrade to 6.18

jaytcsd, you should create a new topic for your similar symptom but completely unrelated question. This topic is about upgrades from anything before 6.18 to 6.18 or later. 6.33 to 6.34.2 did not change the behavior of the IPsec stack in the way that 6.17 to 6.18 did. Therefore, you have a new and in...
by lambert
Fri Apr 01, 2016 1:28 am
Forum: General
Topic: Public IP for each pppoe server
Replies: 8
Views: 833

Re: Public IP for each pppoe server

Use different pools for each PPPoE server. They can be in the same overall supernet if you like, as long as the ranges don't overlap. In-interface matching won't work because each client is on his own PPP interface. You might be able to assign a MikroTik-Address-List via RADIUS based on which PPPoE ...
by lambert
Wed Mar 30, 2016 8:24 am
Forum: General
Topic: fcs error on new CCR1009
Replies: 12
Views: 6255

Re: fcs error on new CCR1009

FCS on the same second of every minute, whether that's every 30 seconds or every 60 seconds, may be an AirFiber thing. The AF developers may have identified the issue and be fixing it in the next firmware. I see most FCS errors on port 8 of my CCR1009 routers. That is the PoE in port. I have a hypot...
by lambert
Tue Mar 08, 2016 11:03 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature Request TR-069 CPE
Replies: 72
Views: 23048

Re: Feature Request TR-069 CPE

Not really. Some of ISPs do DSL and WIreless or DOCSIS Cable and Wireless or even just got sick of dealing with customer issues and moved to using TR-069 managed in home devices for the customer. Some ISPs are deploying LTE equipment. At my company, we don't use MikroTik for outdoor wireless. We do ...
by lambert
Tue Mar 08, 2016 5:46 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature Request TR-069 CPE
Replies: 72
Views: 23048

Re: Feature Request TR-069 CPE

Afternoon all,
Has there been any movement on this? We are dying to use TR-069 on MT, it would solve pretty much all our provisioning issues!

Hope this happens sooner rather than later.
Normis asked which TR-069 ACS everyone is using. Would you mind listing what you use?
by lambert
Tue Mar 08, 2016 5:41 pm
Forum: RouterBOARD hardware
Topic: ccr 1036 stop working
Replies: 6
Views: 1533

Re: ccr 1036 stop working

Open a support ticket with MikroTik. Email support@MikroTik.com what you describe is not normal.
by lambert
Mon Mar 07, 2016 11:27 pm
Forum: RouterBOARD hardware
Topic: Looking for cause of Ethernet issues CCR1009-8G-1S-1S+PC
Replies: 4
Views: 1050

Re: Looking for cause of Ethernet issues CCR1009-8G-1S-1S+PC

Thank you for the feedback. I have three AF24 links. This is the one ethernet of 6 giving me issues. It is also the longest cable so that may have something to do with it. Good thought on the "PoE in" being a difference between ether8 and all other ports. I think I will reconfigure to use ether5, si...
by lambert
Mon Mar 07, 2016 10:26 pm
Forum: RouterBOARD hardware
Topic: Looking for cause of Ethernet issues CCR1009-8G-1S-1S+PC
Replies: 4
Views: 1050

Re: Looking for cause of Ethernet issues CCR1009-8G-1S-1S+PC

That's the CPU temp. The board temp shows 10 C lower at the moment.
by lambert
Mon Mar 07, 2016 8:58 pm
Forum: RouterBOARD hardware
Topic: Looking for cause of Ethernet issues CCR1009-8G-1S-1S+PC
Replies: 4
Views: 1050

Looking for cause of Ethernet issues CCR1009-8G-1S-1S+PC

I may have multiple issues at this site. I get FCS errors on ether8 24 hours per day, but not all the time. The most immediate problem is the inability to operate at 1 Gbps on ether8 in the afternoon. I don't know what is causing ether8 on one of my units to drop connection and renegotiate at 100Mbp...
by lambert
Mon Mar 07, 2016 8:15 pm
Forum: RouterBOARD hardware
Topic: ccr 1036 stop working
Replies: 6
Views: 1533

Re: ccr 1036 stop working

As a data point, I've not seen this behavior with my five CCR1036 units on various firmware revisions. "RouterOS CCR1036-12G-4S",""6.30.4"" "RouterOS CCR1036-12G-4S",""6.18"" "RouterOS CCR1036-12G-4S",""6.24"" "RouterOS CCR1036-12G-4S",""6.30.4"" "RouterOS CCR1036-12G-4S",""6.32.3"" What are the con...
by lambert
Mon Mar 07, 2016 9:53 am
Forum: RouterBOARD hardware
Topic: Underclock or disable processors on CCR1036-8G-2S+
Replies: 17
Views: 1937

Re: Underclock or disable processors on CCR1036-8G-2S+

Have you asked support@mikrotik.com about this yet? If they respond, please let us know what options they give you. I would like to hear about a setting for significantly reducing the heat from my passively cooled 10% CPU utilization CCR1009s in small metal cabinets outside. I do not think the optio...
by lambert
Wed Mar 02, 2016 1:25 pm
Forum: General
Topic: Port flapping (ether6 link down/up) on RB3011UiAS-RM
Replies: 26
Views: 12799

Re: Port flapping (ether6 link down/up) on RB3011UiAS-RM

Sometimes MikroTik notices issues posted on the forums. Usually not. It would be best to email support@mikrotik.com about this issue and be sure to include a supout file collected while the port is flapping.
by lambert
Tue Mar 01, 2016 11:19 am
Forum: General
Topic: troughput problem CCR1036-12G-4S
Replies: 4
Views: 649

Re: troughput problem CCR1036-12G-4S

AirFiber which, AF24, AF5, AF5x? I've never had to hard set the speeds on an AF to CCR ethernet link. Sometimes you have to fix the tower grounding and make a new cable that will actually negotiate at 1000Mbps/Full-duplex. Every negotiation issue we've had was curable by getting the ethernet and gro...
by lambert
Sun Feb 21, 2016 9:13 am
Forum: General
Topic: Duplicate PPPoE client's
Replies: 5
Views: 1005

Re: Duplicate PPPoE client's

Different MAC addresses, different hosts. One PPPoE session per host. Not one PPPoE session per username.

Or maybe you want to explain your perceived issue more completely?
by lambert
Sun Feb 21, 2016 8:40 am
Forum: Beginner Basics
Topic: Flush DHCP leases on a power cycle
Replies: 4
Views: 1542

Re: Flush DHCP leases on a power cycle

WinBox, IP DHCP server, DHCP config, Store Leases on disk -> Never.

CLI:
>/ip dhcp-server config set store-leases-disk=never
That should do what you are requesting.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 11