Community discussions

MUM Europe 2020

Search found 1093 matches

by IPANetEngineer
Wed Sep 02, 2015 10:47 pm
Forum: General
Topic: inner-VLAN Latency
Replies: 6
Views: 864

Re: inner-VLAN Latency

Can you post your config? What code level are you on. Typically you should see 1-2 ms in InterVLAN routing. I pushed more than 10 Gig of TCP based traffic through the CCR1009 we have in our lab. Another important consideration for that specific platform is there have been reports of some physical is...
by IPANetEngineer
Wed Sep 02, 2015 10:39 pm
Forum: General
Topic: what is the latest version that work?
Replies: 7
Views: 1138

Re: what is the latest version that work?

is it 6.31? or 6.30.4? I have try to understand the new order- without any success :-| so what is the working for now? Thanks , This all depends on what features you need. Right now, I have three sets that I tend to use and i'm moving more and more towards the latest bugfix releases as they seem to...
by IPANetEngineer
Wed Sep 02, 2015 10:32 pm
Forum: General
Topic: How to block Microsoft via static DNS entry
Replies: 16
Views: 3370

Re: How to block Microsoft via static DNS entry

Glad you found a solution that worked :-) Indeed MikroTik routers are full of possibilities. Either way is valid for you to do this. I tend to prefer L7 firewall rules because invariably, you will need block or restrict traffic on more and more things and it can all be managed from one place. The ot...
by IPANetEngineer
Wed Sep 02, 2015 10:13 pm
Forum: General
Topic: Syntax Highlighting for Forum?
Replies: 3
Views: 520

Re: Syntax Highlighting for Forum?

Not sure on that one....would love to know what to select if it's still there.

If it isn't, + 1 to bring the colors back :-)
by IPANetEngineer
Wed Sep 02, 2015 8:28 pm
Forum: General
Topic: Syntax Highlighting for Forum?
Replies: 3
Views: 520

Re: Syntax Highlighting for Forum?

You mean like this?
/ip address 
add address=10.1.1.2 interface=ether1
add address=172.16.1.1/30 interface=ether2
add address=192.168.1.1/24 interface=ether3
Or are you talking about with the colors?
by IPANetEngineer
Wed Sep 02, 2015 8:25 pm
Forum: Beginner Basics
Topic: Bit of routing advice needed.
Replies: 14
Views: 1432

Re: Bit of routing advice needed.

Since you have two gateways in the same subnet, i'm curious, is your firewall allowing ICMP redirects?
by IPANetEngineer
Wed Sep 02, 2015 7:42 pm
Forum: RouterBOARD hardware
Topic: Hardware to Support 1Gbps EoIP Tunnel?
Replies: 2
Views: 755

Re: Hardware to Support 1Gbps EoIP Tunnel?

I would probably start with a CCR1009 on each side. you'll get AES-CBC hardware offload and plenty of horsepower to reach a gig with EoIP. The performance requirements largely depend on what kind of MTU and overhead you'll have and if you'll need to allow EoIP to frame fragment or not which slows do...
by IPANetEngineer
Wed Sep 02, 2015 7:04 pm
Forum: General
Topic: RouterOS Virtual Labs
Replies: 84
Views: 116120

Re: RouterOS Virtual Labs

As someone who uses GNS3/virtualization daily to simulate customer networks as well as do development, labs and benchmarking, this is Awesome!

Will be trying this today so I can post my screenshots! :D
by IPANetEngineer
Wed Sep 02, 2015 5:10 pm
Forum: Forwarding Protocols
Topic: 5 Different Bandwidth and ISP connection, what method is the best way for load balancing?
Replies: 1
Views: 572

Re: 5 Different Bandwidth and ISP connection, what method is the best way for load balancing?

This depends on a number of factors.

Are these BGP peerings in which you are advertising multiple IP blocks or just one?
Are these static connections with multiple IPs?
Are all the circuits equal speed or do you need to load balance unequally?
by IPANetEngineer
Tue Sep 01, 2015 10:02 pm
Forum: General
Topic: BGP in 6.31
Replies: 1
Views: 283

Re: BGP in 6.31

Which CCRs have you tried this on?
by IPANetEngineer
Tue Sep 01, 2015 10:01 pm
Forum: General
Topic: Queue Tree Problem
Replies: 1
Views: 275

Re: Queue Tree Problem

Can you post your config? What routerboard and version are you using?
by IPANetEngineer
Tue Sep 01, 2015 9:56 pm
Forum: General
Topic: New Hex Router Wan to Lan Speed
Replies: 12
Views: 6591

Re: New Hex Router Wan to Lan Speed

best throughput in a lab environment according to MikroTik is 986.1 Mbps. In a real world scenario, I would not choose a device that is under a gig in the lab as you will most certainly not be able to replicate the perfect conditions of a lab. Depends on your application, but we typically use CCR100...
by IPANetEngineer
Tue Sep 01, 2015 9:49 pm
Forum: General
Topic: CRS 226-24G-2S-RM+ Switch port tunk
Replies: 1
Views: 361

Re: CRS 226-24G-2S-RM+ Switch port tunk

Can you post your config for both the Cisco and the CRS?
by IPANetEngineer
Tue Sep 01, 2015 9:16 pm
Forum: General
Topic: Hardware encryption only support AES-xxx-CBC
Replies: 2
Views: 1922

Re: Hardware encryption only support AES-xxx-CBC

As far as I know, yes. Only CBC is supported in hardware right now.

MRZ confirms this in this thread:

http://forum.mikrotik.com/viewtopic.php?t=94625
by IPANetEngineer
Tue Sep 01, 2015 9:12 pm
Forum: General
Topic: How to block Microsoft via static DNS entry
Replies: 16
Views: 3370

Re: How to block Microsoft via static DNS entry

Sounds like you need Layer 7 firewall rules...below is a link for blocking Facebook, but it could be used as a template for just about any domain name.

https://rbgeek.wordpress.com/2012/05/29 ... s-layer-7/
by IPANetEngineer
Tue Sep 01, 2015 9:07 pm
Forum: General
Topic: RouterOS not detecting traffic - Can't Mangle, use QoS.
Replies: 3
Views: 550

Re: RouterOS not detecting traffic - Can't Mangle, use QoS.

What kind of RouterBoard are you using? Typically, you will need traffic to go through the CPU which means bridging. In the CRS series, you can use switching and only bridge the CPU for routing out of the subnet. in the short term, you can bridge all the needed ports together which will allow the ma...
by IPANetEngineer
Tue Sep 01, 2015 8:47 pm
Forum: Forwarding Protocols
Topic: Symmetric BGP Routing
Replies: 4
Views: 1192

Re: Symmetric BGP Routing

Are you using only BGP learned default routes or are you taking in full tables as well?
by IPANetEngineer
Tue Sep 01, 2015 6:48 pm
Forum: Virtualization
Topic: Cloud Hosted Router
Replies: 583
Views: 193908

Re: Cloud Hosted Router

Great! will try these ASAP. Really like the direction the CHR is going :-)
by IPANetEngineer
Mon Aug 31, 2015 11:10 pm
Forum: Forwarding Protocols
Topic: BGP Default route to OSPF router
Replies: 3
Views: 740

Re: BGP Default route to OSPF router

Depends on what you timers are set for and what type of failure you are talking about.
by IPANetEngineer
Fri Aug 28, 2015 2:53 am
Forum: Forwarding Protocols
Topic: BGP Hold Time
Replies: 10
Views: 4938

Re: BGP Hold Time

Looks like something interrupted your traffic especially since OSPF seems to have torn down a little later as well. BGP is inherently marked with DSCP 48 (and so is OSPF) in MikroTik, so you can create a mangle rule that matches DSCP 48 and then put it into a queue so BGP always has priority when th...
by IPANetEngineer
Fri Aug 28, 2015 12:56 am
Forum: Forwarding Protocols
Topic: BGP Hold Time
Replies: 10
Views: 4938

Re: BGP Hold Time

Not so much a question of limiting BGP as it is prioritizing BGP updates over all other types of traffic. Most QoS schemes put network management / control plane traffic as the highest class of traffic.
by IPANetEngineer
Fri Aug 28, 2015 12:41 am
Forum: Forwarding Protocols
Topic: MPLS - Fast reroute. When?
Replies: 23
Views: 7468

Re: MPLS - Fast reroute. When?

+1 Again :-)
by IPANetEngineer
Fri Aug 28, 2015 12:36 am
Forum: Forwarding Protocols
Topic: BGP Hold Time
Replies: 10
Views: 4938

Re: BGP Hold Time

It is better to implement a queue/QoS for TCP/179 traffic than to turn the timers way up. BGP doesn't require much in the way of bandwidth and you'll have a more consistent peering if you just provide BGP priority queuing. On the flip side.... The timers that are standard for BGP (60/180) work well ...
by IPANetEngineer
Fri Aug 21, 2015 10:04 pm
Forum: RouterBOARD hardware
Topic: CCR-1072 PPPoE Performance Test
Replies: 3
Views: 1987

Re: CCR-1072 PPPoE Performance Test

Outside of MikroTik, I think we have published more performance metrics on the CCR1072 at http://www.stubarea51.com than anyone else, so we can definitely look at putting it into our growing list of requests for the 1072 since we have one in our lab. Right now we are in the middle of the following t...
by IPANetEngineer
Thu Aug 13, 2015 3:58 pm
Forum: Forwarding Protocols
Topic: Traffic Flow ( netflow) Autonomous system information
Replies: 44
Views: 12626

Re: Traffic Flow ( netflow) Autonomous system information

+1 for this and BGP session status in SNMP.

Oh and OAM for ethernet.....ok i'll stop now :D
by IPANetEngineer
Tue Aug 11, 2015 6:24 pm
Forum: Forwarding Protocols
Topic: NTPon VRF
Replies: 1
Views: 548

Re: NTPon VRF

There is no easy way to specify a source address in a VRF with NTP...

However, you can setup an output rule to match ntp and then apply a routing-mark for the VRF you want it to be in. That should get you working. :D
by IPANetEngineer
Fri Aug 07, 2015 4:55 pm
Forum: Virtualization
Topic: Cloud Hosted Router
Replies: 583
Views: 193908

Re: Cloud Hosted Router

Just catching up on this thread and the ESXi hosts in our lab are already doing cartwheels :-) This is an excellent addition to MikroTik portfolio of goodies. Will be spinning up some of these this morning. Some people have fishtanks in their office....we watch performance graphs in VSphere on all o...
by IPANetEngineer
Tue Aug 04, 2015 6:18 pm
Forum: Announcements
Topic: v6.30.2 bugfix release
Replies: 148
Views: 39597

Re: v6.30.2 bugfix release

Comments and info on the new MikroTik release cycle with bugfix

http://www.stubarea51.net/2015/08/04/mi ... ent-cycle/
by IPANetEngineer
Thu Jul 30, 2015 5:44 pm
Forum: RouterBOARD hardware
Topic: CCR-1072 release date?
Replies: 71
Views: 14297

Re: CCR-1072 release date?

I'm not really sure data center and service provider is a niche market. :D 3.5 Trillion dollars are predicted to be spent in IT/Technology globally in 2015. If you look at the breakdown, Data Center and Telecommunications make up close to half of that 3.5 Trillion. http://www.gartner.com/technology/...
by IPANetEngineer
Tue Jul 28, 2015 10:16 pm
Forum: RouterBOARD hardware
Topic: CCR-1072 release date?
Replies: 71
Views: 14297

Re: CCR-1072 release date?

I dont know what will be the use of 72cores when RouterOS cant even utilize 36 cores already. PPP-No multi-threading Simple Queses- No multithreading What would you do with a 72x core router if you wont be able to use it as a Broadband Access Concentrator ? When you get into really large networking...
by IPANetEngineer
Sat Jul 25, 2015 4:29 am
Forum: RouterBOARD hardware
Topic: CCR1072 Availability
Replies: 29
Views: 16250

Re: CCR1072 Availability

Here is Part 2, which is the full BGP review on the CCR-1072-1G-8S+. Enjoy!

http://www.stubarea51.net/2015/07/25/mi ... rformance/
by IPANetEngineer
Sat Jul 25, 2015 4:28 am
Forum: RouterBOARD hardware
Topic: CCR-1072 release date?
Replies: 71
Views: 14297

Re: CCR-1072 release date?

Here is Part 2, which is the full BGP review on the CCR-1072-1G-8S+. Enjoy!

http://www.stubarea51.net/2015/07/25/mi ... rformance/
by IPANetEngineer
Sat Jul 25, 2015 4:26 am
Forum: General
Topic: Going enterprise with Mikrotik CCR - Performance?
Replies: 5
Views: 1016

Re: Going enterprise with Mikrotik CCR - Performance?

Here is part 2 of the CCR-1072-1G-8S+ which includes extensive testing on BGP performance. Part 3 will include load tests which should be out in the next week or so.

http://www.stubarea51.net/2015/07/25/mi ... rformance/
by IPANetEngineer
Fri Jul 24, 2015 8:27 pm
Forum: General
Topic: Going enterprise with Mikrotik CCR - Performance?
Replies: 5
Views: 1016

Re: Going enterprise with Mikrotik CCR - Performance?

Just to elaborate on what Normis posted, we have multiple large enterprise customers that are utilizing MikroTik CCRs in the Entrprise and in the Data Center. If you look through the review we did that Normis posted, there is a link to a MUM presentation we did on using CCRs in HA configurations to ...
by IPANetEngineer
Fri Jul 24, 2015 5:18 pm
Forum: Forwarding Protocols
Topic: Feature request in routing filters-> BGP Actions-> Set BGP Origin
Replies: 4
Views: 1372

Re: Feature request in routing filters-> BGP Actions-> Set BGP Origin

+1 Would also like to see the ability to set origin. More BGP nerd knobs = :mrgreen:
by IPANetEngineer
Wed Jul 22, 2015 8:56 pm
Forum: Forwarding Protocols
Topic: routeros as ESXi guest VPLS/MPLS problem
Replies: 2
Views: 671

Re: routeros as ESXi guest VPLS/MPLS problem

Have you tried a different NIC? I had some issues with E1000 in ESXi 6.0 and ended up using VMXNET3.
by IPANetEngineer
Wed Jul 22, 2015 6:51 pm
Forum: General
Topic: CCR 1036- Max number of PPPoE Support
Replies: 10
Views: 2695

Re: CCR 1036- Max number of PPPoE Support

The nice thing about a load balancer is that you can set it to balance based on a number of conditions using rulesets. Just some of the options are: 1) Box with least connections 2) Box with lowest resource utilization 3) Evenly distribute between available pool members The load balancer will sit lo...
by IPANetEngineer
Tue Jul 21, 2015 10:12 pm
Forum: Forwarding Protocols
Topic: CPU usage problems in CCR1036 -8G2S and quues tree
Replies: 4
Views: 1212

Re: CPU usage problems in CCR1036 -8G2S and quues tree

What version of RouterOS are you running and can you post your config?

You should be able to get more than 200 Mbps out of a 1036
by IPANetEngineer
Tue Jul 21, 2015 5:33 pm
Forum: Announcements
Topic: v6.30.x bugfix release
Replies: 136
Views: 35029

Re: v6.30.1 bugfix release

Well done MikroTik team! Really liking the new plan for code development and download options for bugfix only. We have received positive feedback from our customers on this change as well :-)
by IPANetEngineer
Mon Jul 20, 2015 11:13 pm
Forum: General
Topic: CCR 1036- Max number of PPPoE Support
Replies: 10
Views: 2695

Re: CCR 1036- Max number of PPPoE Support

I would probably look at a hardware load balancer like F5 or Barracuda to do load balancing at Layer 2 and then add CCRs as needed. If you really need flexible scaling, I probably would use a hypervisor like ESX or Hyper V and launch x86 RouterOS VMs and then you can keep scaling without changing yo...
by IPANetEngineer
Mon Jul 20, 2015 7:59 pm
Forum: Forwarding Protocols
Topic: IPSEC phases 1 and 2 successful, but no traffic is forwarded
Replies: 6
Views: 7972

Re: IPSEC phases 1 and 2 successful, but no traffic is forwarded

Sounds like you might need a NAT bypass to prevent the source and destination traffic from hitting your Internet NAT. It's just a rule in NAT that accepts rather than masquerades traffic based on the criteria you set to match. Once the source/destination are excluded from NAT, it will hit the IPSEC ...
by IPANetEngineer
Sun Jul 19, 2015 10:35 pm
Forum: General
Topic: IPSEC over EoIP - Dropping out
Replies: 2
Views: 725

Re: IPSEC over EoIP - Dropping out

Interesting as we are doing some testing on that feature right now for a an article on EoIP performance over IPSEC @ stubarea51.net. I've been using two CCRs to do the testing.

What hardware are you seeing this issue on?
by IPANetEngineer
Sun Jul 19, 2015 2:55 am
Forum: RouterBOARD hardware
Topic: CCR1072 Availability
Replies: 29
Views: 16250

Re: CCR1072 Availability

Preview of our BGP testing on the CCR1072-1G-8S+

1.69 Million routes in under 3 minutes from 4 peers :-)

http://www.stubarea51.com/2015/07/18/mi ... e-preview/
by IPANetEngineer
Sun Jul 19, 2015 2:53 am
Forum: RouterBOARD hardware
Topic: CCR1072 Availability
Replies: 29
Views: 16250

Re: CCR1072 Availability

check with Tom @ roc-noc.com.
by IPANetEngineer
Sun Jul 19, 2015 1:17 am
Forum: RouterBOARD hardware
Topic: CCR-1072 release date?
Replies: 71
Views: 14297

Re: CCR-1072 release date?

Preview of our BGP testing on the CCR1072-1G-8S+

1.69 Million routes in under 3 minutes from 4 peers :-)

http://www.stubarea51.com/2015/07/18/mi ... e-preview/
by IPANetEngineer
Sat Jul 18, 2015 6:44 pm
Forum: Beginner Basics
Topic: Stacking CRS
Replies: 1
Views: 1010

Re: Stacking CRS

You will need to add a transit subnet between the two CRS switches - it can be public or private - both will route the public /29 properly to the internet. So something like 100.64.0.0/30 to connect the CRS switches And then you will need to add the /29 on the second CRS with a default route pointin...
by IPANetEngineer
Fri Jul 17, 2015 5:42 pm
Forum: Forwarding Protocols
Topic: BGP Multihomed
Replies: 1
Views: 667

Re: BGP Multihomed

It really depends on the speed of your data center interconnects as to how you want to network that together What is it you want to pass between the datacenters? Public traffic? Storage replication? VM Mobility? We just published the first part of a review on the CCR1072 last week that includes a da...
by IPANetEngineer
Tue Jul 14, 2015 11:17 pm
Forum: Forwarding Protocols
Topic: vrf connected route leaking
Replies: 20
Views: 5917

Re: vrf connected route leaking

We would also like to be involved in a v7 alpha / beta program. We have a large mikrotik lab with many different CCRs / routerboards and APs.
by IPANetEngineer
Sun Jul 12, 2015 5:05 pm
Forum: Forwarding Protocols
Topic: vrf connected route leaking
Replies: 20
Views: 5917

Re: vrf connected route leaking

Thanks! Since I started using the CGN space as an alternative to private IPs, i've noticed it in some larger networks as well,. Level3 MPLS handoffs use 100.64.x.x/30. However when working with Verizon for their MPLS interconnects, they re-use public IPs out of their ARIN range within customer VRFs....
by IPANetEngineer
Sun Jul 12, 2015 3:58 am
Forum: General
Topic: Crooks Use Hacked Routers to Aid Cyberheists
Replies: 5
Views: 3550

Re: Crooks Use Hacked Routers to Aid Cyberheists

Always possible people are disabling the firewall and not setting the password. Did a write up on this issue as it seems to have been more of an issue on the Ubiquity side with some actual evidence of the router being used as a distribution point for Dyre: http://www.stubarea51.net/2015/07/11/mikrot...
by IPANetEngineer
Sat Jul 11, 2015 3:07 am
Forum: Forwarding Protocols
Topic: vrf connected route leaking
Replies: 20
Views: 5917

Re: vrf connected route leaking

So if you make friends with 100.64.0.0/12 for transit and loopbacks then all your RFC1918 overlap problems go away 8) However, from a security perspective, it will be nice to ensure complete isolation especially with Cisco getting a lot of press this year on a fairly recent VRF DDoS vulnerability in...
by IPANetEngineer
Fri Jul 10, 2015 6:21 pm
Forum: Forwarding Protocols
Topic: Load balance with OSPF
Replies: 1
Views: 952

Re: Load balance with OSPF

This would be very difficult with OSPF and would most likely involve policy routing. BGP is really what you want to use to move subnets around via policy. You can still use BGP in conjunction with OSPF. Here is a presentation we did at the USA MUM in 2013 on using BGP as your IGP. Take a look at loc...
by IPANetEngineer
Fri Jul 10, 2015 5:46 pm
Forum: RouterBOARD hardware
Topic: CCR1072 Availability
Replies: 29
Views: 16250

Re: CCR1072 Availability

Here is a review of the CCR1072 with pics (based on the pre-production model). Production pics are coming soon.

http://www.stubarea51.net/2015/07/10/mi ... use-cases/
by IPANetEngineer
Fri Jul 10, 2015 6:18 am
Forum: RouterBOARD hardware
Topic: CCR-1072 release date?
Replies: 71
Views: 14297

Re: CCR-1072 release date?

Here is a review of the CCR 1072 with Pics

http://www.stubarea51.net/2015/07/10/mi ... use-cases/
by IPANetEngineer
Thu Jul 09, 2015 4:59 pm
Forum: Announcements
Topic: MikroTik smartphone app (ex Tik-App)
Replies: 431
Views: 154410

Re: Tik App, MikroTik android utility ALPHA test

Waiting on my request to be approved...can't wait to test this. Kudos for getting this off the ground :-)
by IPANetEngineer
Thu Jul 09, 2015 2:35 am
Forum: Announcements
Topic: 6.30 released
Replies: 180
Views: 44062

Re: 6.30 released

Thanks MikroTik.

Just tested the new IPSEC key feature of EoIP and it works very well.....Great feature!
by IPANetEngineer
Thu Jul 09, 2015 2:25 am
Forum: Forwarding Protocols
Topic: Feature request: BGP flowspec (RFC5575)
Replies: 24
Views: 7017

Re: Feature request: BGP flowspec (RFC5575)

Very slick +2!
by IPANetEngineer
Mon Jul 06, 2015 10:40 pm
Forum: Forwarding Protocols
Topic: BGP AS PATH and active route
Replies: 1
Views: 881

Re: BGP AS PATH and active route

Are there other attributes applied before it gets to the AS PATH length or is it set to ignore AS-PATH length? http://wiki.mikrotik.com/wiki/Manual:BGP_Best_Path_Selection_Algorithm One thing I noticed right away is they have different communities tagged...are you performing an action on any of thos...
by IPANetEngineer
Mon Jul 06, 2015 9:50 pm
Forum: Forwarding Protocols
Topic: Ring network and OSPF
Replies: 5
Views: 1614

Re: Ring network and OSPF

Have you added the cost up around both sides of the ring to see why it is still taking the original path?
by IPANetEngineer
Mon Jul 06, 2015 9:43 pm
Forum: Beginner Basics
Topic: ibgp inside ipsec problem
Replies: 5
Views: 720

Re: ibgp inside ipsec problem

No problem...Tunnel mode isn't needed when building a Layer2 EoIP tunnel, because the only IPs needed for the SA relationship are the tunnel source and destination - in other words a single set of IP pairings for transport. Transport mode has less overhead than Tunnel and performs a little better. I...
by IPANetEngineer
Fri Jul 03, 2015 7:56 pm
Forum: Beginner Basics
Topic: ibgp inside ipsec problem
Replies: 5
Views: 720

Re: ibgp inside ipsec problem

Good luck...routers don't generate enough broadcast traffic to really be concerned about at all. When WAN link speeds were measured in Kbps, this was more of a concern as there just wasn't much bandwidth available, but on modern WAN circuits, and even on a T-1, the broadcast traffic generated by a r...
by IPANetEngineer
Fri Jul 03, 2015 7:45 pm
Forum: Announcements
Topic: Leap Second issue on CCR units
Replies: 12
Views: 7561

Re: Leap Second issue on CCR units

Thanks for the patch guys....will test it out soon.
by IPANetEngineer
Fri Jul 03, 2015 5:44 pm
Forum: Forwarding Protocols
Topic: Ring network and OSPF
Replies: 5
Views: 1614

Re: OSPF failover link

While you can set the cost to fix you immediate problem, there are really only two long term solutions to managing traffic that we tend to use when designing Service Provider networks. 1) BGP - OSPF isn't designed to influence the path of subnets using policy, BGP is designed to do exactly that 2) M...
by IPANetEngineer
Thu Jul 02, 2015 8:25 pm
Forum: Beginner Basics
Topic: ibgp inside ipsec problem
Replies: 5
Views: 720

Re: ibgp inside ipsec problem

In order to simply the IPSEC, use EoIP over IPSEC on both links and then you can put a subnet across the EOiP interfaces as if they were connected via an ethernet cable. We have deployed OSPF, BGP and MPLS in this way with successful results. This will give you a good idea of what it needs to look l...
by IPANetEngineer
Thu Jul 02, 2015 6:36 pm
Forum: Forwarding Protocols
Topic: BGP IPv6 route reflection
Replies: 27
Views: 5067

Re: BGP IPv6 route reflection

Assuming the cluster-id bug is not contributing to this, the main difference between our setups seems to be the code version. There have been a number of IPv6 improvements / bug fixes throughout the 6.x series and it would be helpful to do one of two things. 1) Upgrade at a minimum, a RR and two RR ...
by IPANetEngineer
Thu Jul 02, 2015 4:06 pm
Forum: Forwarding Protocols
Topic: OSPF + VRRP
Replies: 1
Views: 1113

Re: OSPF + VRRP

From a design perspective, I use VRRP to host a Virtual IP for subnets that contain hosts - servers, phones, PCs, etc. For router to router redundancy, I almost always use a routing protocol to connect routers. The only exception to this is when using MikroTiks as an HA Firewall, then I typically us...
by IPANetEngineer
Thu Jul 02, 2015 5:09 am
Forum: Forwarding Protocols
Topic: OSPF use case
Replies: 6
Views: 1175

Re: OSPF use case

With an OSPF network type of broadcast, the BDR will take over if the DR fails, so yes that will work. As far as the way you want to position them across two areas, you would need to post a diagram to clarify your design.
by IPANetEngineer
Thu Jul 02, 2015 3:42 am
Forum: General
Topic: Leap second bug present on TILE devices?
Replies: 49
Views: 10776

Re: Leap second bug present on TILE devices?

It would have been helpful to have a patch from MikroTik, but for most of the customer networks we manage, we began leap second planning a while ago and removed any equipment from an NTP server that was suspect until the leap second passed and then re-enabled it. That proved to be a very simple, ye...
by IPANetEngineer
Thu Jul 02, 2015 3:39 am
Forum: Forwarding Protocols
Topic: BGP IPv6 route reflection
Replies: 27
Views: 5067

Re: BGP IPv6 route reflection

Two things.

Is route reflection enabled on the BGP instance?

What code are you trying this on?
by IPANetEngineer
Wed Jul 01, 2015 5:48 pm
Forum: General
Topic: CCR1009: ether1 through ether4 sporadically drop then instantly come back up - switch chip problem?
Replies: 26
Views: 3043

Re: CCR1009: ether1 through ether4 sporadically drop then instantly come back up - switch chip problem?

Just curious....are the flapping ports connected to other MikroTik equipment or another vendor? If it's another vendor, which one is it?

Haven't seen this with the CCR1009 in our lab, but it only connects to other MT equip...may hook it up to a Cisco 6509 and see what happens.
by IPANetEngineer
Wed Jul 01, 2015 5:37 pm
Forum: General
Topic: Leap second bug present on TILE devices?
Replies: 49
Views: 10776

Re: Leap second bug present on TILE devices?

It would have been helpful to have a patch from MikroTik, but for most of the customer networks we manage, we began leap second planning a while ago and removed any equipment from an NTP server that was suspect until the leap second passed and then re-enabled it. That proved to be a very simple, yet...
by IPANetEngineer
Wed Jul 01, 2015 4:40 pm
Forum: Forwarding Protocols
Topic: OSPF use case
Replies: 6
Views: 1175

Re: OSPF use case

Might be helpful if you drew it out....but the short answer is, yes OSPF is a good protocol to use when you have multiple links. If you need traffic engineering, then BGP is the protocol you want to use.
by IPANetEngineer
Tue Jun 30, 2015 9:20 pm
Forum: Forwarding Protocols
Topic: BGP IPv6 route reflection
Replies: 27
Views: 5067

Re: BGP IPv6 route reflection

We have it working in our service provider lab on 6.29.1 ... have you enabled the IPv6 address family on every peer as well as the route-reflection commands on the instance and peers? Here is the config of an IPv6 RR from our lab: /routing bgp instance set default as=1 redistribute-connected=yes rou...
by IPANetEngineer
Tue Jun 30, 2015 4:38 pm
Forum: Beginner Basics
Topic: VLAN tunking
Replies: 11
Views: 1641

Re: VLAN tunking

All VLANS that you need to route between must be trunked all the way to the router unless you want to use the CRS to do that. In this case, the CCR 1009 has way more forwarding capacity than the crs.

I would trunk everything to the CCR 1009 if it were me and use VRRP
by IPANetEngineer
Mon Jun 29, 2015 7:50 pm
Forum: Beginner Basics
Topic: CRS125 egress-vlan-translation does not work
Replies: 4
Views: 1451

Re: CRS125 egress-vlan-translation does not work

Take a look at this presentation from USA MUM 2015....it successfully does ingress/egress VLAN translations on a CRS 125 :

http://www.mikrotik.com/download/share/ ... 4_by_3.pdf
by IPANetEngineer
Thu Jun 25, 2015 8:10 pm
Forum: Beginner Basics
Topic: VLAN tunking
Replies: 11
Views: 1641

Re: VLAN tunking

CRS switches don't have spanning tree implemented yet except in bridging mode, so multiple links between the same two switches in L2 switching mode will cause loops unless they are bonded. You might want to post a diagram of your topology.
by IPANetEngineer
Tue Jun 23, 2015 8:09 pm
Forum: Forwarding Protocols
Topic: VPLS and customer VLAN Trunking
Replies: 8
Views: 4056

Re: VPLS and customer VLAN Trunking

You need to ensure your PPPoE server (BRAS) is able to accept dot1q VLAN tags. Then you can use VPLS to extend the VLAN over a routed MPLS network all the way to the end subscriber at the edge.

You must have a minimum L2 and MPLS mtu of 1530 to hand off a tagged 1500 byte frame
by IPANetEngineer
Tue Jun 23, 2015 6:13 pm
Forum: Forwarding Protocols
Topic: Anyone running MPLS on production WISP network ?
Replies: 4
Views: 1786

Re: Anyone running MPLS on production WISP network ?

1) Don't use any radio gear that can't handle at least 1530 on L2 MTU and ideally, you should be shooting for 9000+ on the L2MTU for transport 2) Stay away from x86 routers, i've dealt with a number of issues with MPLS on x86 that I could never prove but disappeared when RouterBoard hardware was swa...
by IPANetEngineer
Mon Jun 22, 2015 7:19 pm
Forum: Forwarding Protocols
Topic: BGP with MPLS
Replies: 6
Views: 1668

Re: BGP with MPLS

I guess the real question is what are your throughput requirements? Two full BGP feeds could be anywhere from 50 Mbps of traffic up to multiple 10 gig links. If your Internet requirements don't exceed 40 Gbps, then you can select the appropriate RouterBoard to meet that need. You probably won't see ...
by IPANetEngineer
Mon Jun 22, 2015 7:02 pm
Forum: Forwarding Protocols
Topic: Ospf error "Discarding packet: Locally originated"
Replies: 1
Views: 2078

Re: Ospf error "Discarding packet: Locally originated"

Can you post the config of the OSPF neighbors you are trying to bring up? Are your router-id's unique on every router.

If I recall correctly, this is usually caused by duplicate router ids but has also been a MikroTik bug in previous 6.x releases.
by IPANetEngineer
Mon Jun 22, 2015 6:18 pm
Forum: Forwarding Protocols
Topic: How originate default route in VPNV4
Replies: 7
Views: 2356

Re: How originate default route in VPNV4

What I have done in the past is to create a static route with a gateway check and then select 'redistribute static' with a filter to permit the prefix 0.0.0.0/0

That is the only way I am aware of to originate a default route from a MikroTik router within a VPNV4 VRF.
by IPANetEngineer
Wed Jun 17, 2015 4:33 pm
Forum: Forwarding Protocols
Topic: Default Route from BGP to OSPF
Replies: 21
Views: 7359

Re: Default Route from BGP to OSPF

Do you see the LSA for the static route? How disruptive would it be to try a different version of RouterOS? I tested this on 6.29.1 without issues.

Can you post a drawing of the topology?
by IPANetEngineer
Wed Jun 17, 2015 4:25 pm
Forum: Forwarding Protocols
Topic: OSPF, Two backbone areas
Replies: 4
Views: 1353

Re: OSPF, Two backbone areas

You can build more than one instance using the same router-id and have two backbones. You will however have to redistribute between the two instances if you need to exchange routes and that could get messy for you. I would suggest using GNS3 and VirtualBox to lab this before putting it into producti...
by IPANetEngineer
Tue Jun 16, 2015 4:39 pm
Forum: Forwarding Protocols
Topic: BGP4-MIB
Replies: 17
Views: 7470

Re: BGP4-MIB

Doesn't seem to be a priority for MT, either that or it is coming in v7
by IPANetEngineer
Mon Jun 15, 2015 11:25 pm
Forum: General
Topic: DSLAM & Mikrotik
Replies: 2
Views: 755

Re: DSLAM & Mikrotik

Depends on what function you want the MikroTik to perform. We do a lot of Telco consulting and have seen MikroTik used for:

BRAS (PPPoE Termination)
Layer 3 core
Layer 2 aggregation
MPLS Core and PE

What specifically do you need done?
by IPANetEngineer
Sun Jun 14, 2015 6:44 pm
Forum: Forwarding Protocols
Topic: BGP aggregate prefix
Replies: 4
Views: 1275

Re: BGP aggregate prefix

Have you submitted this as a bug yet?

It appears to have happened to someone else running 6.28 as well

http://forum.mikrotik.com/viewtopic.php?f=14&t=97634
by IPANetEngineer
Sun Jun 14, 2015 6:40 pm
Forum: Forwarding Protocols
Topic: Disater ... all router dies at the sametime...
Replies: 12
Views: 1915

Re: Disater ... all router dies at the sametime...

Sorry to hear about all your troubles....as others have said, it is usually a best practice to test code for critical environments before deploying. VMs are a great way to do this if you don't have the budget to get a hardware test environment. You can replicate a topology and let it run for a few d...
by IPANetEngineer
Sun Jun 14, 2015 6:28 pm
Forum: Forwarding Protocols
Topic: Default Route from BGP to OSPF
Replies: 21
Views: 7359

Re: Default Route from BGP to OSPF

Yes because OSPF by default, requires all routers in an area to have knowledge of all LSAs in that area. You may need to raise the distance of the static route or put it into another routing table if you don't want it to take priority over the BGP learned defaults for the traffic that is being funne...
by IPANetEngineer
Fri Jun 12, 2015 2:59 am
Forum: Forwarding Protocols
Topic: Default Route from BGP to OSPF
Replies: 21
Views: 7359

Re: Default Route from BGP to OSPF

You can definitely redistribute the default route from BGP into OSPF. On the router that is doing the redistribution from BGP into OSPF, use the following config and the default will be advertised in OSPF only as long as it exists in BGP. /routing ospf instance set [ find default=yes ] distribute-de...
by IPANetEngineer
Tue Jun 09, 2015 9:50 pm
Forum: Forwarding Protocols
Topic: BGP aggregate prefix
Replies: 4
Views: 1275

Re: BGP aggregate prefix

Can you post the log messages?
by IPANetEngineer
Mon Jun 08, 2015 5:33 pm
Forum: Forwarding Protocols
Topic: VPLS/MPLS via ospf in wireless network
Replies: 31
Views: 5995

Re: VPLS/MPLS via ospf in wireless network

1508 is incorrect for a VPLS deployment if you need to hand off 1500 bytes without fragmentation, then 1526 is the absolute minimum...this is not a MikroTik requirement but rather a basic network engineering requirement. Cisco, Juniper, Adtran, etc all have the same 1526 minimum to hand off a 1500 b...
by IPANetEngineer
Sat Jun 06, 2015 8:38 pm
Forum: Forwarding Protocols
Topic: Encrypt 10Gb/s Links
Replies: 5
Views: 2018

Re: Encrypt 10Gb/s Links

We have a full lab of everything from Cisco 6509-E to just about ever flavor of CCR and rack mount MikroTik. When I get a chance I'll try this on a couple of VMs that go through our 40 Gbps CCR Data Center lab. Here is thread where MikroTik comments on IPSEC throughput in CCRs and it appears to top ...
by IPANetEngineer
Fri Jun 05, 2015 5:13 pm
Forum: Forwarding Protocols
Topic: VPLS/MPLS via ospf in wireless network
Replies: 31
Views: 5995

Re: VPLS/MPLS via ospf in wireless network

That's it...the smallest L2MTU in your transport network is the largest MPLS MTU you can support.
by IPANetEngineer
Fri Jun 05, 2015 3:15 am
Forum: Forwarding Protocols
Topic: VPLS/MPLS via ospf in wireless network
Replies: 31
Views: 5995

Re: VPLS/MPLS via ospf in wireless network

Yes the MPLS-MTU needs to change from 1508 to 1526 on every router. The MPLS MTU cannot be larger than the L2 MTU So...it needs to be this [admin@mikrotik] /mpls interface> pr Flags: X - disabled, * - default # INTERFACE MPLS-MTU 0 * all 1526
by IPANetEngineer
Thu Jun 04, 2015 7:04 pm
Forum: Forwarding Protocols
Topic: VPLS/MPLS via ospf in wireless network
Replies: 31
Views: 5995

Re: VPLS/MPLS via ospf in wireless network

Correct, 1526 is the absolute minimum to hand off a 1500 byte frame to the customer. Your MTUs should look like this L2 MTU - 1526 or higher (L2 MTUs should match on each side of a link and can be higher than 1526) L3 MTU - 1500 bytes (This must match on every IP in that subnet to be RFC compliant) ...
by IPANetEngineer
Thu Jun 04, 2015 1:16 am
Forum: Forwarding Protocols
Topic: VPLS/MPLS via ospf in wireless network
Replies: 31
Views: 5995

Re: VPLS/MPLS via ospf in wireless network

Tagged VPLS is when you hand off the Layer 2 segment to the customer or endpoint with an 802.1q VLAN tag. The extra 4 bytes for that tag is what causes the MTU requirement to change from 1526 to 1530.
by IPANetEngineer
Wed Jun 03, 2015 8:36 pm
Forum: Forwarding Protocols
Topic: Problems with MPLS IPv4 VPN
Replies: 64
Views: 19897

Re: Problems with MPLS IPv4 VPN

We are working on an MPLS network that includes x86 routers and routerboards which has been running well on MPLS with VPLS on 6.24, but in converting to L3VPN recently, we experienced some issues with LDP neighbors flapping. We haven't completely ruled out MTU issues in the transport, but did see a ...
by IPANetEngineer
Mon Jun 01, 2015 5:49 pm
Forum: Forwarding Protocols
Topic: VPLS/MPLS via ospf in wireless network
Replies: 31
Views: 5995

Re: VPLS/MPLS via ospf in wireless network

1522 is too small because VPLS requires two MPLS labels instead of one. One label is for the MPLS endpoint, and the other is for the VPLS tunnel identification. hence the 1526 minimum. Standard MTUs for MPLS to hand off a 1500 bytes frame are: minimum of: 1526 - if planning to use untagged frames wi...
by IPANetEngineer
Mon Jun 01, 2015 5:41 pm
Forum: Beginner Basics
Topic: CRS125-24G-1S Setup as a Router
Replies: 3
Views: 720

Re: CRS125-24G-1S Setup as a Router

Sounds like you have a rogue DHCP server you need to identify. Some switches have tools like DHCP snooping to lock out rogue DHCP servers, but this would probably have to be achieved with some custom Layer2 ACLs in a CRS.
by IPANetEngineer
Thu May 28, 2015 5:41 pm
Forum: Announcements
Topic: v6.29 released
Replies: 193
Views: 51390

Re: v6.29 released

Nothing makes my day like a new RouterOS update :-)

We have tested upgrade of the following platforms in our OPSF/MPLS/BGP design lab without issue so far

CCR1036-8G-2S+
CCR1009-8G-1S-1S+
CRS-125-24G-1S
RB2011UiAS
RB951Ui-2HnD
RB751U-2HnD
RBmAP2n
by IPANetEngineer
Wed May 06, 2015 4:21 pm
Forum: Forwarding Protocols
Topic: BGP & ICMP
Replies: 9
Views: 1442

Re: BGP & ICMP

If your DNS is solid, do you have any firewall rules that could be filtering ICMP?
by IPANetEngineer
Wed May 06, 2015 4:18 pm
Forum: General
Topic: CCR1036-8G-2S+EM as a BGP router
Replies: 4
Views: 911

Re: CCR1036-8G-2S+EM as a BGP router

Here is a great thread on CCRs and BGP...it will give you a good idea of what can be done. CCR 1036-8G-2S+EM can take two full feeds and push beyond 20+ Gbps.

http://forum.mikrotik.com/viewtopic.php?f=14&t=85249
by IPANetEngineer
Fri May 01, 2015 4:49 pm
Forum: Forwarding Protocols
Topic: Traffic Engineering - how to route over the tunnel
Replies: 1
Views: 1099

Re: Traffic Engineering - how to route over the tunnel

BGP is the most common way as it is the core building block of most provider networks. See the MikroTik manual for setting the TE Tunnel endpoint as a next hop dynamically with BGP

http://wiki.mikrotik.com/wiki/Manual:TE_Tunnels
by IPANetEngineer
Fri May 01, 2015 4:24 pm
Forum: Forwarding Protocols
Topic: 2 BGP Peers - different uplink Speed
Replies: 11
Views: 2511

Re: 2 BGP Peers - different uplink Speed

I think you may be thinking about the MED which does have all the requirements you mentioned Actually, because the bgp link bandwidth feature is extended community based, it will transit any AS that is configured to be aware of and act on that community. It is not limited to eBGP and can pass betwee...
by IPANetEngineer
Fri May 01, 2015 12:38 am
Forum: Forwarding Protocols
Topic: Problems with MPLS IPv4 VPN
Replies: 64
Views: 19897

Re: Problems with MPLS IPv4 VPN

Interesting...I wonder who deals with MPLS more often at MikroTik? We are always working on complex multi-vendor MPLS networks that involve MikroTik and it's nice to have a product expert to bounce the high level development stuff off of.
by IPANetEngineer
Fri May 01, 2015 12:34 am
Forum: Forwarding Protocols
Topic: BGP RB1100
Replies: 2
Views: 797

Re: BGP RB1100

No issues with an 1100, but as Celtic said a lower CCR will work well.

A CCR1009 will easily take two tables and have plenty of horsepower left over for forwarding. What are your throughout requirements?
by IPANetEngineer
Tue Apr 28, 2015 8:07 pm
Forum: Forwarding Protocols
Topic: Problems with MPLS IPv4 VPN
Replies: 64
Views: 19897

Re: Problems with MPLS IPv4 VPN

We have also seen a lot of stability improvements running L3VPN in RouterOS since it was fixed a few versions ago. We are also using BGP for the PE / CE handoff for most deployments.

Now we just need fast reroute :-)
by IPANetEngineer
Tue Apr 28, 2015 7:03 pm
Forum: General
Topic: New features and routerOS v6
Replies: 8
Views: 3266

Re: FastTrack - New feature in 6.29

You don't get this with major vendors. You get bugs, don't get me wrong there. But the stuff is usually tested better, and there are proper support/workflows in place that make it slightly less painful when something does happen. Most major vendors (That I'm aware of anyway) separate the firmware c...
by IPANetEngineer
Tue Apr 28, 2015 6:19 pm
Forum: RouterBOARD hardware
Topic: CCR-1072 release date?
Replies: 71
Views: 14297

Re: CCR-1072 release date?

UPDATE on CCR1072 (unofficial): Word on the street from the USA MUM in Miami is that the 1072 should be here by summer. According to what we heard from MT at the conference, there were some issues with packet loss in the RFC pattern/throughput testing that had to be corrected before it could be cert...
by IPANetEngineer
Tue Apr 28, 2015 6:06 pm
Forum: Forwarding Protocols
Topic: 2 BGP Peers - different uplink Speed
Replies: 11
Views: 2511

Re: 2 BGP Peers - different uplink Speed

The feature you are looking for does exist in BGP, just not in MikroTik. BGP Link bandwidth can be advertised to another AS as an extended community in Cisco routers. If the routers you are peering to are Cisco and will accept this community, then you might be able to make this work by doing the Com...
by IPANetEngineer
Tue Apr 28, 2015 6:00 pm
Forum: Forwarding Protocols
Topic: How to Access Mikrotik from different IP location
Replies: 4
Views: 2182

Re: How to Access Mikrotik from different IP location

If the IP locations are fairly constant or always come out of the same subnet, then you can build an address list and tie it to a permit rule on the firewall for SSH (22) or Winbox (8291).

http://wiki.mikrotik.com/wiki/Manual:IP ... dress_list
by IPANetEngineer
Tue Apr 28, 2015 5:56 pm
Forum: Forwarding Protocols
Topic: Load balance 2 ISP connected to 2 different routers at different physical location (same network)
Replies: 4
Views: 956

Re: Load balance 2 ISP connected to 2 different routers at different physical location (same network)

There is no problem with the gateways being in the same subnet as long as they aren't overlapping subnets. OSPF requires the subnet to be the same on both sides of an adjacency.

As far as the wireless link goes, you can build some queues to protect replication traffic when a failover occurs.
by IPANetEngineer
Tue Apr 28, 2015 5:48 pm
Forum: General
Topic: New features and routerOS v6
Replies: 8
Views: 3266

Re: FastTrack - New feature in 6.29

This really bothers me. This should not be added in any 6.x releases. This is not a "small" new feature as it probably required serious changes to the firewall coding. Stuff like this needs to be fully tested before hitting the actual release chain. The 6.28 release broke a LOT of stuff, and now 6....
by IPANetEngineer
Mon Apr 27, 2015 5:11 pm
Forum: General
Topic: where can I downlaod v7 Beta?
Replies: 7
Views: 2352

Re: where can I downlaod v7 Beta?

No problem!
by IPANetEngineer
Mon Apr 27, 2015 5:10 pm
Forum: Announcements
Topic: RouterOS v6.28 released
Replies: 229
Views: 63978

Re: RouterOS v6.28 released

I have the same problem as leandrobianchin except my CRS-226 just has a 10GBE uplink to the CCR1036 via SFP+. The uplink also serves as the master of the entire CRS. The CCR has been running ok on 6.28 and 6.29rc10 but SFP+ on CRS has been a frequent problem after 6.27. So far I've found the relati...
by IPANetEngineer
Mon Apr 27, 2015 5:04 pm
Forum: Forwarding Protocols
Topic: What BGP setups need to be optimized
Replies: 58
Views: 22140

Re: What BGP setups need to be optimized

Anyway to Bind more cores to the routing processes? Currently see only core dealing with this... would like to see more CPU for this. If I remember correctly from the presentation about v7, the way routing (at least some parts of it) is implemented in Linux makes it impossible to take advantage of ...
by IPANetEngineer
Mon Apr 27, 2015 4:51 pm
Forum: Forwarding Protocols
Topic: Load balance 2 ISP connected to 2 different routers at different physical location (same network)
Replies: 4
Views: 956

Re: Load balance 2 ISP connected to 2 different routers at different physical location (same network)

OSPF will get you to a state of redundancy fairly easily. Be sure to advertise the default route from the failover point and as long as you have a static route going out to your main ISP, the OSPF route will only be used if the primary ISP goes down. Here are some examples of OSPF in MikroTik http:/...
by IPANetEngineer
Mon Apr 27, 2015 4:26 pm
Forum: Forwarding Protocols
Topic: 2 BGP | No down time
Replies: 1
Views: 729

Re: 2 BGP | No down time

Have you verified that prepends work without the script? I would start there and make sure you can swing your traffic over to the other peering with a prepend. If so, then you just need to work on the scripting.
by IPANetEngineer
Sun Apr 26, 2015 10:06 pm
Forum: Beginner Basics
Topic: Linking switch chip and routing processor
Replies: 5
Views: 846

Re: Linking switch chip and routing processor

Bridging does not enable the wire speed switching and relies on the CPU.

Choose a master port and as many slave ports you want to create a group of switched ports. Traffic at L2 will switch at wirespeed between ports in that group
by IPANetEngineer
Sun Apr 26, 2015 6:22 pm
Forum: General
Topic: where can I downlaod v7 Beta?
Replies: 7
Views: 2352

Re: where can I downlaod v7 Beta?

I believe v7 is still in alpha. MikroTik stated at the 2015 Miami MUM that v7 would be out this year, so I expect we will we a beta by this summer or possible early fall.
by IPANetEngineer
Sun Apr 26, 2015 6:19 pm
Forum: Forwarding Protocols
Topic: OSPF error
Replies: 9
Views: 3112

Re: OSPF error

Can you post your ospf config for each of the routers?

Assuming there are no config issues, I would go back to somewhere around 6.19. This has been a very stable code for most of the routing protocols.
by IPANetEngineer
Sun Apr 26, 2015 6:15 pm
Forum: General
Topic: DNSSEC
Replies: 33
Views: 11536

Re: DNSSEC

+1 for DNSSEC

We have clients that need this feature
by IPANetEngineer
Sun Apr 26, 2015 12:10 am
Forum: Forwarding Protocols
Topic: OSPF error
Replies: 9
Views: 3112

Re: OSPF error

Have you tried rolling back to 6.27 with the exact same config?
by IPANetEngineer
Sat Apr 25, 2015 5:34 pm
Forum: Announcements
Topic: hAP lite
Replies: 392
Views: 169286

Re: hAP lite

Just got my hAP lite at the USA MUM this week and can't wait to try it out.

What are you guys seeing for throughout performance on it?
by IPANetEngineer
Sat Apr 25, 2015 5:30 pm
Forum: Forwarding Protocols
Topic: OSPF error
Replies: 9
Views: 3112

Re: OSPF error

If you haven't made any other changes other than a code upgrade then you may be looking at a bug. Two things I would try to stabilize it are: 1) Turn off authentication, if enabled and ensure the settings match on each side 2) Going from EXSTART to 2-WAY back and forth can be a sign of MTU mismatch....
by IPANetEngineer
Sat Apr 25, 2015 5:26 pm
Forum: Forwarding Protocols
Topic: Big routing table
Replies: 1
Views: 595

Re: Big routing table

You can definitely do 150K routes in a CCR without a problem. I would probably look at using a CCR1036 in whatever port configuration fits your needs.

Here is a good thread on full BGP tables in CCRs and user experiences:

http://forum.mikrotik.com/viewtopic.php?f=14&t=85249
by IPANetEngineer
Sat Apr 25, 2015 5:22 pm
Forum: General
Topic: CRS documentation
Replies: 79
Views: 30722

Re: CRS documentation

Update on Rapid Spanning Tree for the CRS. We spent the week in Miami with MikroTik as exhibitors at the 10th anniversary USA MUM and were able to get a lot of insight into current development and projects at MikroTik. After talking with several of the staff at MikroTik, RSTP is in development right...
by IPANetEngineer
Mon Apr 20, 2015 3:12 pm
Forum: Forwarding Protocols
Topic: VPLS stops working 1-way
Replies: 6
Views: 1851

Re: VPLS stops working 1-way

You might want to do a few packet captures on your network if you have MTU as small as 1520 in an MPLS network handing off 1500 byte frames in VPLS. You are almost certainly fragmenting the frames to be able to pass 1500. While this can work for a while, eventually, it will cause issues due to load ...
by IPANetEngineer
Mon Apr 20, 2015 12:01 am
Forum: Forwarding Protocols
Topic: OSPF with custom routes per IP group
Replies: 6
Views: 845

Re: OSPF with custom routes per IP group

Glad we could help you out. Good luck!!
by IPANetEngineer
Sun Apr 19, 2015 4:17 pm
Forum: Forwarding Protocols
Topic: Transparently Bridge networks using EOIP or MPLS / VPLS
Replies: 19
Views: 4616

Re: Transparently Bridge networks using EOIP or MPLS / VPLS

I would look at replacing the 450g as an MPLS router. It only supports a max L2 MTU of 1522 which means you can't get a full 1500 byte frame across VPLS without fragmentation. Whenever we consult on an MPLS network, the first thing we do is get rid of routers that don't support the minimum MTU for M...
by IPANetEngineer
Sat Apr 18, 2015 11:57 pm
Forum: Forwarding Protocols
Topic: OSPF with custom routes per IP group
Replies: 6
Views: 845

Re: OSPF with custom routes per IP group

Here is a link to a presentation we did on BGP at USA MUM 2013. This will give you a good idea of how to build a basic BGP network. Route Reflectors can be used to provide full mesh.

http://mum.mikrotik.com/presentations/US13/kevin.pdf
by IPANetEngineer
Sat Apr 18, 2015 11:51 pm
Forum: Forwarding Protocols
Topic: VPLS stops working 1-way
Replies: 6
Views: 1851

Re: VPLS stops working 1-way

What's the smallest MTU in the path?
by IPANetEngineer
Sat Apr 18, 2015 11:50 pm
Forum: Forwarding Protocols
Topic: BGP Load Balancing Not as expected
Replies: 1
Views: 477

Re: BGP Load Balancing Not as expected

Depends on how large the subnets are you are advertising and if it is public traffic. There is no mechanism in BGP for MIkroTik that can move traffic to another link if another is at capacity. You could look at some scripting, but you need to have large enough subnets advertised into the global tabl...
by IPANetEngineer
Sat Apr 18, 2015 8:29 am
Forum: Forwarding Protocols
Topic: OSPF and RIP routing cause "System rebooted because of kernel failure"
Replies: 8
Views: 923

Re: OSPF and RIP routing cause "System rebooted because of kernel failure"

Have you set the update source on each side of the BGP peering?
by IPANetEngineer
Fri Apr 17, 2015 8:53 am
Forum: Forwarding Protocols
Topic: OSPF and RIP routing cause "System rebooted because of kernel failure"
Replies: 8
Views: 923

Re: OSPF and RIP routing cause "System rebooted because of kernel failure"

Have you tried rolling back to 6.26 to see if you still have the issue?
by IPANetEngineer
Thu Apr 16, 2015 5:06 pm
Forum: Forwarding Protocols
Topic: OSPFv3->BGP aggregate->eBGP host working logic
Replies: 9
Views: 1842

Re: OSPFv3->BGP aggregate->eBGP host working logic

Good discussion...something I wanted to add for clarification. Unlike Cisco, MikroTik does not require the exact mask length of a route to be present to advertise it in BGP. Actually, it doesn't need a single route in the routing table to advertise into BGP. When using the /routing bgp aggregate com...
by IPANetEngineer
Wed Apr 15, 2015 8:56 pm
Forum: Forwarding Protocols
Topic: OSPF and OpenVPN Cost
Replies: 2
Views: 1144

Re: OSPF and OpenVPN Cost

You could try to define a new instance and then redistribute them into the main instance and set the following command to the metric you want: metric-other-ospf http://wiki.mikrotik.com/wiki/Manual:Routing/OSPF This may not be exactly what you're looking for, but it might be an alternative to script...
by IPANetEngineer
Wed Apr 15, 2015 4:56 pm
Forum: Forwarding Protocols
Topic: MPLS LDP Neighbor Addresses Blank
Replies: 6
Views: 1720

Re: MPLS LDP Neighbor Addresses Blank

Glad you figured it out....MTU can play havoc with an MPLS network. Two basic MTU rules to remember if you want to pass a 1500 byte frame in MPLS.

Minimum MTU for MPLS (for 1500 byte frame)

1526 (L2 and MPLS MTU) - untagged frame
1530 (L2 and MPLS MTU) - tagged frame
by IPANetEngineer
Tue Apr 14, 2015 9:44 pm
Forum: Forwarding Protocols
Topic: MPLS VPLS as remedy for single point of failure in server room
Replies: 5
Views: 1258

Re: MPLS VPLS as remedy for single point of failure in server room

Typically the big driver to use MPLS within the Data Center is to aid with multi-tenant solutions... While it certainly can be used for failover, the complexity involved in implementing BGP signaled VPLS is more complex than using something like LACP across a pair of stackable switches to ensure Lay...
by IPANetEngineer
Tue Apr 14, 2015 6:27 pm
Forum: General
Topic: CRS documentation
Replies: 79
Views: 30722

Re: CRS documentation

As far as I know, you can't use any STP on a CRS unless you use software bridges, which you for sure don't wan't to.
I haven't found any evidence of Spanning Tree except for bridging.

+1 for Rapid STP in switching on the CRS. Love the CRS but need some loop prevention.
by IPANetEngineer
Tue Apr 14, 2015 5:54 pm
Forum: General
Topic: v6.28 will be released this week!
Replies: 72
Views: 19694

Re: v6.28 will be released this week!

Thanks for the info Sergejs and Uldis and the hard work on this release!

Looking forward to testing 6.28 :-)
by IPANetEngineer
Tue Apr 14, 2015 5:40 pm
Forum: Forwarding Protocols
Topic: OSPF - Mikrotik to a Cisco router - a little help please
Replies: 6
Views: 2479

Re: OSPF - Mikrotik to a Cisco router - a little help please

Agree with ZeroByte on redistribution. I have done very complex redistribution scenarios and always limit redistribution where I can. Sometimes you can't avoid it, but you can filter it and give yourself a safety net. One thing to check on OSPF to Cisco is the instance id in the interface config - i...
by IPANetEngineer
Tue Apr 14, 2015 4:39 pm
Forum: Forwarding Protocols
Topic: OSPF with custom routes per IP group
Replies: 6
Views: 845

Re: OSPF with custom routes per IP group

Two things that come to mind right away are

1) Static routes with check gateway enabled. You could also couple this with NetWatch for more advanced failure scenarios.

2) BGP - OPSF starts to break down when you try to move traffic by subnet. BGP is much better suited to this task.
by IPANetEngineer
Mon Apr 13, 2015 5:07 pm
Forum: Announcements
Topic: v6.28 final RC testing
Replies: 92
Views: 32625

Re: v6.28 final RC testing

I agree. I would rather time spent and get a quality release, instead of rushing and releasing garbage. That said, I would like some more communication as to how the fixes are proceeding. IE - We now have SSTP fixed, working on BGP this week, and we want to make sure OSPF is good before we release ...
by IPANetEngineer
Sun Apr 12, 2015 5:58 pm
Forum: Announcements
Topic: v6.28 final RC testing
Replies: 92
Views: 32625

Re: v6.28 final RC testing

@MikroTik

Can you give us any timeframe on when 6.28 will be released?
by IPANetEngineer
Sun Apr 12, 2015 8:45 am
Forum: Announcements
Topic: RouterOS v6.27 released
Replies: 273
Views: 102394

Re: RouterOS v6.27 released

Hello Folks! Trying to upgrade CCR1016 from 6.24 to 6.27 failed due to kernel panic, and it reverted back to 6.24 again and support was generated. I put up a support case to MT with support file. Anyone who have seen this and or know how to mitigate it ? If you can netinstall the router I would do ...
by IPANetEngineer
Wed Apr 08, 2015 7:12 pm
Forum: Announcements
Topic: MUM Europe 2015 (live video)
Replies: 76
Views: 25179

Re: MUM Europe 2015 (live video)

Switches mikrotik without igms snooping and DHCP snooping is cheap toys ! Why these toys you produce? That's a bit unfair to call it a toy just because it doesn't have two features you need. We use MikroTIk routers all over the world for our clients and they do a great job. Sometimes there are bugs...
by IPANetEngineer
Wed Apr 08, 2015 7:08 pm
Forum: Forwarding Protocols
Topic: Mikrotik X86 System Process going High
Replies: 4
Views: 859

Re: Mikrotik X86 System Process going High

Do you normally have 10 Gbps of traffic going through the router? If not, what type of traffic is it?
by IPANetEngineer
Mon Apr 06, 2015 10:32 pm
Forum: Announcements
Topic: MUM Europe 2015 (live video)
Replies: 76
Views: 25179

Re: MUM Europe 2015 (live video)

Great news about the dual band HAP series. Been waiting a long time to have something like that in a SOHO form factor. Also very interested in the 3011 series. There are many times when we design something and want to use a 2011 instead of a CCR for cost, but end up going with a CCR because the band...
by IPANetEngineer
Sat Mar 14, 2015 4:16 am
Forum: Beginner Basics
Topic: What about EIGRP at Mikrotik
Replies: 7
Views: 2366

Re: What about EIGRP at Mikrotik

EIGRP was a Cisco proprietary IGP until 2013, it was then released as an open standard. References: https://tools.ietf.org/html/draft-savage-eigrp-00 http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/enhanced-interior-gateway-routing-protocol-eigrp/qa_C67-726299.html I wouldn't min...
by IPANetEngineer
Thu Mar 12, 2015 9:31 pm
Forum: Forwarding Protocols
Topic: What BGP setups need to be optimized
Replies: 58
Views: 22140

Re: What BGP setups need to be optimized

My list...

BGPv4 MIB
BGP ECMP
BGP Conditional Advertisements
Ability to see received routes vs routes after filters
BGP multi threaded on CCR
by IPANetEngineer
Thu Mar 12, 2015 9:25 pm
Forum: Announcements
Topic: Newsletter 64
Replies: 28
Views: 12062

Re: Newsletter 64

Really like the passively cooled CCR1009!!!

Any other models planned?
by IPANetEngineer
Thu Mar 12, 2015 9:03 pm
Forum: Forwarding Protocols
Topic: Multi site vpls with BGP with mpls for customers?
Replies: 6
Views: 1714

Re: Multi site vpls with BGP with mpls for customers?

The short answer is yes, depending on the smallest MTU in your L2 network. You can double tag within VPLS. You can also offload the Q in Q portion to a switch and just pass the transport tag to the MikroTik MPLS router. The other option might be to build another MPLS network over VPLS, which is poss...
by IPANetEngineer
Thu Mar 12, 2015 5:22 pm
Forum: Forwarding Protocols
Topic: BGP for Core Router CCR1009-8G-1S-1S+
Replies: 4
Views: 2491

Re: BGP for Core Router CCR1009-8G-1S-1S+

CCR 1009 should be fine for a couple of full feeds if not a little more. I've seen 1100AHx2 used to take in BGP feeds as well although CCR is the norm these days for BGP peering. For what it's worth, we put a full BGP table into a 2011 rack mount just to see what would happen and it took in almost 9...
by IPANetEngineer
Wed Mar 11, 2015 3:22 pm
Forum: Forwarding Protocols
Topic: BGP for Core Router CCR1009-8G-1S-1S+
Replies: 4
Views: 2491

Re: BGP for Core Router CCR1009-8G-1S-1S+

Take a look at this thread...it will give you a good idea of what is being done in production with CCRs and BGP:

http://forum.mikrotik.com/viewtopic.php?f=14&t=85249
by IPANetEngineer
Wed Mar 11, 2015 12:36 am
Forum: Forwarding Protocols
Topic: routing mark IBGP
Replies: 6
Views: 1440

Re: routing mark IBGP

Still, that's not pushing the VRF configuration / route mark - it's using a route descriptor like a community string, and there are rules to translate between the two.... Not sure the distinction makes much difference in a production MPLS network, while it's true the description attached to the rou...
by IPANetEngineer
Tue Mar 10, 2015 9:20 pm
Forum: Forwarding Protocols
Topic: Multi site vpls with BGP with mpls for customers?
Replies: 6
Views: 1714

Re: Multi site vpls with BGP with mpls for customers?

So if I understand correctly, the challenge you are faced with is whether or not to use VPLS to transport Layer 2 between customer sites? If there is a single physical transport link between sites, I would probably build a MPLS and the L3 portions on one VLAN and leave the transport tagged so that y...
by IPANetEngineer
Tue Mar 10, 2015 8:46 pm
Forum: Forwarding Protocols
Topic: routing mark IBGP
Replies: 6
Views: 1440

Re: routing mark IBGP

Are you expecting the routing marks to be passed to iBGP peers? I could be wrong, but I think routing mark only has meaning inside a particular router, and that there is no such parameter in the BGP protocol (this sort of thing is what communities were invented for) to pass this information along. ...
by IPANetEngineer
Fri Mar 06, 2015 10:46 pm
Forum: Forwarding Protocols
Topic: BGP Upstream Failover
Replies: 7
Views: 2262

Re: BGP Upstream Failover

Having a full BGP table stops this from happening because if their router cannot reach destination x.x.0.0/16 anymore, then the route disappears from BGP and your second-best path takes over. I just never did like "ping + script" solution, because BGP is already designed to provide fault tolerance,...
by IPANetEngineer
Fri Mar 06, 2015 8:38 pm
Forum: Forwarding Protocols
Topic: BGP Upstream Failover
Replies: 7
Views: 2262

Re: BGP Upstream Failover

No problem....post back if you get it working. Good luck :)
by IPANetEngineer
Fri Mar 06, 2015 8:26 pm
Forum: Forwarding Protocols
Topic: Transition to routed (MPLS based) network - sugestions ?
Replies: 6
Views: 1824

Re: Transition to routed (MPLS based) network - sugestions ?

Good luck with converting your MPLS network! It will give you many tools to deploy services that add a great deal of value to the network - for both the technical side and the business end. We build a large number of MPLS networks and wanted to share a few resources that should help you out. Take a ...
by IPANetEngineer
Fri Mar 06, 2015 8:11 pm
Forum: Forwarding Protocols
Topic: BGP Upstream Failover
Replies: 7
Views: 2262

Re: BGP Upstream Failover

You can use netwatch to monitor an upstream IP and then tie it into a script that will enable / disable BGP peering based on the status of that upstream. Might be helpful to select an IP to monitor that is in the same provider network as the peering so it doesn't try to monitor via another peering. ...
by IPANetEngineer
Wed Mar 04, 2015 11:29 pm
Forum: Forwarding Protocols
Topic: OSPF overwrite static default-gateway. Possible ?
Replies: 29
Views: 5314

Re: OSPF overwrite static default-gateway. Possible ?

Please post the output of
routing ospf lsa print detail
by IPANetEngineer
Wed Mar 04, 2015 2:36 pm
Forum: Forwarding Protocols
Topic: OSPF overwrite static default-gateway. Possible ?
Replies: 29
Views: 5314

Re: OSPF overwrite static default-gateway. Possible ?

Is the OSPF learned default route you are trying to use being imported from another routing table (VRF/Route Mark)?
by IPANetEngineer
Fri Feb 13, 2015 5:34 pm
Forum: Forwarding Protocols
Topic: CPU usage issues with MPLS setup
Replies: 2
Views: 1075

Re: CPU usage issues with MPLS setup

Which hardware models are you using?
by IPANetEngineer
Fri Feb 13, 2015 5:26 pm
Forum: Forwarding Protocols
Topic: BGP advertising route 0.0.0.0/0
Replies: 2
Views: 1492

Re: BGP advertising route 0.0.0.0/0

What is the default originate set to on your BGP peers? Example of not advertising a default route to a peer:
default-originate=never
by IPANetEngineer
Fri Feb 06, 2015 5:46 pm
Forum: Forwarding Protocols
Topic: BFD + OSPF + CCR1036 Issue
Replies: 24
Views: 5979

Re: BFD + OSPF + CCR1036 Issue

I have the exact same issue with this model. Are you using the 1 Gbps copper or 10 Gbps SFP+ interfaces? I currently have two CCR1036-8G-2S+ in a datacenter and saw this issue when turning BFD on a 20 Gig LACP channel. After some review of the logs and BFD neighbor states, I was able to determine th...
by IPANetEngineer
Wed Feb 04, 2015 7:22 pm
Forum: Forwarding Protocols
Topic: Point-to-point (/31) addresses
Replies: 64
Views: 42612

Re: Point-to-point (/31) addresses

I could go either way on that...it would be nice to have, but given all the development features requested of MikroTik , I'd rather see MPLS fast reroute or BGP ECMP before /31 addresses.
by IPANetEngineer
Wed Feb 04, 2015 7:09 pm
Forum: General
Topic: Newsletter 63
Replies: 20
Views: 6968

Re: Newsletter 63

8x 10gbit switch please. Or more ports. Willing to sell my soul to get one.
That cracks me up :D I am also willing to sell my soul for one of these mega-throughput unicorns
by IPANetEngineer
Wed Feb 04, 2015 3:27 pm
Forum: General
Topic: RouterOS v6.26!
Replies: 72
Views: 24968

Re: RouterOS v6.26!

Just upgraded an x86 VM and RB2011UiAS-RM to 6.26 with no issues...will put it onto several different platforms and see how it goes.

Thanks MT! :D
by IPANetEngineer
Tue Jan 27, 2015 6:14 pm
Forum: General
Topic: Newsletter 63
Replies: 20
Views: 6968

Re: Newsletter 63

Thanks MT! Very exciting to see more news on the CCR1072!!

Will the 1072 system architecture allow for more than 1 Gbps of traffic for a single TCP stream?
by IPANetEngineer
Fri Jan 23, 2015 1:39 am
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 610
Views: 165621

Re: RouterOS v7.0 beta1 - when?

Same here....we are starting to think v7 is a unicorn :D
by IPANetEngineer
Fri Jan 23, 2015 1:20 am
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 104052

Re: CAPsMAN v2 ready for testing

we have seen customers that manage more then 600 cap interfaces on one CAPsMAN.
That's great...what platform were they using for the CAPsMAN?
by IPANetEngineer
Fri Jan 23, 2015 1:18 am
Forum: Forwarding Protocols
Topic: RouterOS 6.25: OSPF: MikroTik & Cisco: wrong AuthType field.
Replies: 5
Views: 1604

Re: RouterOS 6.25: OSPF: MikroTik & Cisco: wrong AuthType fi

Can't speak to the authtype, but I have had issues between MikroTik and Cisco when using a different instance id dating back to 5.xx code. What I found was that not all Cisco IOS / Platforms allow you to change the instance id in OSPF.
by IPANetEngineer
Tue Jan 20, 2015 10:11 pm
Forum: Announcements
Topic: Newsletter 62
Replies: 32
Views: 25240

Re: Newsletter 62

Looking forward to the next newsletter. Hope to see the next one soon!
by IPANetEngineer
Tue Jan 20, 2015 8:22 pm
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 104052

Re: CAPsMAN v2 ready for testing

Just curious how many APs CAPsMAN is designed to support? How many have been tested by MT?
by IPANetEngineer
Tue Jan 20, 2015 8:03 pm
Forum: Forwarding Protocols
Topic: Missing MPLS Features
Replies: 7
Views: 2145

Re: Missing MPLS Features

MPLS TE Auto-Tunnel is still missing :o

Hopefully we see it in RouterOS v7.
+1 Agreed...i'm beginning to think V7 is a Unicorn :D
by IPANetEngineer
Tue Jan 20, 2015 7:18 pm
Forum: General
Topic: RouterOS v6.25
Replies: 110
Views: 33187

Re: RouterOS v6.25

Just installed 6.25 in the IPA Area 0.0.0.51 development lab ( Flowood, MS) and seems to be running fine. Boot times do seem to be improved...Thanks MT!

Equipment we have tested in the dev lab (will update the list as we test more):

RB2011UiAS
RB951G-2HnD
RBcAP2n
RBmAP2n
by IPANetEngineer
Thu Jan 15, 2015 5:49 pm
Forum: Announcements
Topic: 6.24 released
Replies: 91
Views: 36077

Re: 6.24 released

Just to add a little perspective on code updates/stability to add to the discussion... 1) To run a stable network, it is NEVER advisable to jump on the latest RouterOS code just to try it. I would say better than 90% of the instability we see in customer's MikroTik (and really other vendors as well...
by IPANetEngineer
Fri Jan 09, 2015 5:22 pm
Forum: Forwarding Protocols
Topic: BGP MED / Path Selection
Replies: 4
Views: 1341

Re: BGP MED / Path Selection

Prepending or Communities can give you the option to prefer a specific patch inbound across different AS peers.

You can also attempt to write a script to approximate conditional BGP advertisements (cisco BGP feature) which guarantees traffic will come in on a certain path.
by IPANetEngineer
Fri Jan 09, 2015 4:38 pm
Forum: General
Topic: Can someone routing for me (Ready to pay money)
Replies: 1
Views: 471

Re: Can someone routing for me (Ready to pay money)

We regularly handle VMWARE networking in the Data Center.

Please call 1-855-MikroTik or e-mail consulting@iparchitechs.com for assistance
by IPANetEngineer
Fri Jan 09, 2015 4:15 pm
Forum: Forwarding Protocols
Topic: MPLS + OSPF Loopbacks and best practice
Replies: 1
Views: 834

Re: MPLS + OSPF Loopbacks and best practice

Typically you only really need one loopback per routing table for an MPLS/OSPF network. having said that, there isn't anything to prevent you from using more if you have a use case and need them. As far as passive goes, because you aren't forming an OSPF adjacency using the loopback, then passive is...
by IPANetEngineer
Wed Dec 03, 2014 12:55 am
Forum: Forwarding Protocols
Topic: vrf and dynamic interfaces
Replies: 10
Views: 3812

Re: vrf and dynamic interfaces

You could always add a routing mark using a mangle rule and match on the IP range or ranges that are being handed out for the dynamic connections.

If done in prerouting, that should keep you from having to script it.
by IPANetEngineer
Wed Sep 24, 2014 4:52 pm
Forum: Forwarding Protocols
Topic: Traffic counting
Replies: 2
Views: 812

Re: Traffic counting

Do you mean the counters for bytes transferred on physical and logical interfaces?
by IPANetEngineer
Tue Sep 23, 2014 5:44 pm
Forum: Forwarding Protocols
Topic: BGP and Equal-cost multi-path routing (ECMP)
Replies: 2
Views: 1453

Re: BGP and Equal-cost multi-path routing (ECMP)

Yes, RouterOS can ECMP up to 128 paths. Because BGP in RouterOS does not support ECMP, you must use loopbacks for peering and static routes or OSPF to get ECMP with BGP.
by IPANetEngineer
Sun Sep 07, 2014 6:30 pm
Forum: General
Topic: 2014 USA MUM Roll Call
Replies: 0
Views: 427

2014 USA MUM Roll Call

Almost here ....who's in? We will be exhibiting again at MUM this year. Can't wait to see and meet everyone!
by IPANetEngineer
Wed Sep 03, 2014 10:46 pm
Forum: General
Topic: Problems with GRE over IPSec between Cisco and RouterOS
Replies: 4
Views: 7598

Re: Problems with GRE over IPSec between Cisco and RouterOS

IPSEC SAs have to match exactly (the Phase 2 SA debug from Cisco is letting you know they don't) ....even source and destination This Cisco thread will help clarify the UID errors you are getting from the debug: https://learningnetwork.cisco.com/thread/39333 give this a shot and let me know. If the ...
by IPANetEngineer
Wed Sep 03, 2014 9:43 pm
Forum: General
Topic: another failover question
Replies: 2
Views: 539

Re: another failover question

What type of failover are you trying to achieve? Config to post would be:

ros code

/export compact
Be sure to remove any sensitive info in the config if needed.
by IPANetEngineer
Wed Sep 03, 2014 9:41 pm
Forum: Forwarding Protocols
Topic: ospf setup help
Replies: 7
Views: 1511

Re: ospf setup help

I think I understand a little better...here are a few pointers: 1) If you want to be able to route networks, you need separate subnets at each site - you can use the subnet 10.10.10.0/24 to form routing adjacency, but will need another subnet at each site to advertise behind the router - like 10.10....
by IPANetEngineer
Wed Sep 03, 2014 4:22 pm
Forum: General
Topic: x86 10g support
Replies: 9
Views: 2955

Re: x86 10g support

I am curious to know the answer to this as well. we have been working on design projects to build large clusters of MikroTik routers to go beyond 100 Gig routing capacity for use in the data center.

This would be useful info to know if we decide to experiment outside of the CCR line...
by IPANetEngineer
Wed Sep 03, 2014 4:15 pm
Forum: Forwarding Protocols
Topic: How many VRF instance supported by CCR Routers
Replies: 7
Views: 2561

Re: How many VRF instance supported by CCR Routers

@mrz thanks for the info, however...

This is very limiting when using MikroTik in larger environments - 250 is fine for a PE router, but some P routers require more than 250 VRFs - when will this be added to the roadmap in ROS?

+1 for more than 250 VRFs
by IPANetEngineer
Wed Sep 03, 2014 1:01 am
Forum: General
Topic: Test racks
Replies: 75
Views: 25413

Re: Test racks

So then MikroTik should write the Draft !!! :D
by IPANetEngineer
Wed Sep 03, 2014 1:00 am
Forum: Forwarding Protocols
Topic: ospf setup help
Replies: 7
Views: 1511

Re: ospf setup help

Can you post your configs?
by IPANetEngineer
Wed Sep 03, 2014 12:52 am
Forum: Beginner Basics
Topic: 'Separating' a Network
Replies: 8
Views: 1943

Re: 'Separating' a Network

Would definitely look into using VLANs since you have voice traffic that needs to be segregated...also might want to consider routing traffic between the building instead of bridging to avoid L2 loops.
by IPANetEngineer
Tue Sep 02, 2014 7:43 pm
Forum: Forwarding Protocols
Topic: How many VRF instance supported by CCR Routers
Replies: 7
Views: 2561

Re: How many VRF instance supported by CCR Routers

So this can probably be answered best by MikroTik but we have created 150,000 VRFs (Routing Marks) in a CCR-1036-8G-2S+ as a lab test....so the objects can be created, but the upper limit of how many can be active with routes may be a different story. We probably could have gone higher and created s...
by IPANetEngineer
Fri Aug 29, 2014 8:10 pm
Forum: Forwarding Protocols
Topic: OSPF neighbourship flapping between 2-WAY and EXCHANGE state
Replies: 5
Views: 2801

Re: OSPF neighbourship flapping between 2-WAY and EXCHANGE s

If the MTUs don't match, you will definitely have issues. Try setting the IP MTU to match and you should get a solid adjacency
by IPANetEngineer
Thu Aug 28, 2014 9:40 pm
Forum: General
Topic: Port Range for UDP Bandwidth test
Replies: 2
Views: 3007

Re: Port Range for UDP Bandwidth test

Assuming the default hasn't been changed, it starts at UDP port 2000 and increments as needed
by IPANetEngineer
Thu Aug 28, 2014 8:19 pm
Forum: General
Topic: v6.19 released
Replies: 256
Views: 95007

Re: v6.19 released

Thanks MikroTik...

Running smoothly on a 2011 series..will test different CCRs in the next few days.
by IPANetEngineer
Thu Aug 28, 2014 8:07 pm
Forum: General
Topic: Test racks
Replies: 75
Views: 25413

Re: Test racks

If we send you more Tik-Tacs will you send us the secret rack pictures :)
by IPANetEngineer
Thu Aug 28, 2014 7:56 pm
Forum: General
Topic: Policy Based Routing
Replies: 2
Views: 830

Re: Policy Based Routing

As long as you have something to match on like a port, protocol or IP host/subnet, then yes, it is possible to policy route in a number of ways beyond the dual wan scenario: Here is a brief example matching a source of 10.10.10.0/24 and setting a next hop of 10.1.1.2: /ip firewall mangle add action=...
by IPANetEngineer
Thu Aug 28, 2014 7:21 pm
Forum: Forwarding Protocols
Topic: OSPF neighbourship flapping between 2-WAY and EXCHANGE state
Replies: 5
Views: 2801

Re: OSPF neighbourship flapping between 2-WAY and EXCHANGE s

As Celtic said...there have been a number of bugs in ROS that relate to OSPF adjacency. If the issue still remains after upgrading, here are some things to verify that have to match on each neighbor for OSPF to work: IP MTU hello timer dead timer area ID authentication type password stub area flag A...
by IPANetEngineer
Thu Aug 28, 2014 1:33 am
Forum: General
Topic: Update 6.19 bricked my RB2011.
Replies: 2
Views: 1069

Re: Update 6.19 bricked my RB2011.

What firmware were you on? what ROS code were you on?

I upgraded a 2011UiAS from 3.10 to 3.14 and then applied the 6.19 update (coming from 6.13) with no issues. After the update, Firmware 3.18 was available and I updated to that version.

So far no stability issues...
by IPANetEngineer
Wed Aug 27, 2014 7:17 pm
Forum: General
Topic: Test racks
Replies: 75
Views: 25413

Re: Test racks

Looks great Normis!

When will the 72 core CCR make it in the test rack :)
by IPANetEngineer
Wed Aug 27, 2014 5:33 pm
Forum: Forwarding Protocols
Topic: BGP4-MIB Support
Replies: 5
Views: 1504

Re: BGP4-MIB Support

+100!!!

Would love to see this added
by IPANetEngineer
Wed Aug 27, 2014 5:24 pm
Forum: General
Topic: Newsletter 60: 802.11ac
Replies: 104
Views: 55692

Re: Newsletter 60: 802.11ac

Very excited about the AC SXTs....we will be testing them for an event in NYC Mid-Town Manhattan...if they can survive that level of interference then I am sold :D
by IPANetEngineer
Wed Aug 27, 2014 5:20 pm
Forum: Forwarding Protocols
Topic: MPLS - Fast reroute. When?
Replies: 23
Views: 7468

Re: MPLS - Fast reroute. When?

+ for FRR !!

This is one of the most frequent questions we are asked by MPLS clients
by IPANetEngineer
Tue Aug 26, 2014 10:12 pm
Forum: Forwarding Protocols
Topic: Source based PBR
Replies: 1
Views: 830

Re: Source based PBR

I've never found a way to do that in RouterOS unfortunately. If you figure it out, post it here
by IPANetEngineer
Tue Aug 26, 2014 9:32 pm
Forum: Forwarding Protocols
Topic: BGP Advertisements in address list
Replies: 13
Views: 3081

Re: BGP Advertisements in address list

Can you post the config? I tried it in 6.11 and the 'Common-Prefixes' chain is present in the match-chain drop down list.


EDIT: It looks like you need to copy the content of the prefix list into a route filter (which has prefix and prefix length range fields) then you will be able to reference it.
by IPANetEngineer
Tue Aug 26, 2014 7:59 pm
Forum: Forwarding Protocols
Topic: BGP Advertisements in address list
Replies: 13
Views: 3081

Re: BGP Advertisements in address list

Ok let me see if I can clarify a bit... Step 1. The filter and chain Common-Prefixes will never get applied to any BGP Peer directly - it exists to provide a common set of prefixes that all BGP Peers should match on to allow. Example: /routing filter add action=accept chain=Common-Prefixes prefix=1....
by IPANetEngineer
Tue Aug 26, 2014 6:37 pm
Forum: Forwarding Protocols
Topic: BGP Advertisements in address list
Replies: 13
Views: 3081

Re: BGP Advertisements in address list

So the Peer-1 chain would be your BGP peer filter...it then uses another chain (Common Prefixes) to match on in addition to any other prefixes you list in the chain. That way you can update the Common-Prefixes chain once for all peers It essentially is the same logic as an address list, but ends up ...
by IPANetEngineer
Tue Aug 26, 2014 6:29 pm
Forum: Forwarding Protocols
Topic: BGP Advertisements in address list
Replies: 13
Views: 3081

Re: BGP Advertisements in address list

Gotcha....match chain is really what you're after. You can build one line of the filter and match another chain that is common to all peers and then add another line to match the peer specific prefixes. So something like this: /routing filter add action=accept chain=Common-Prefixes prefix=1.1.1.0/24...
by IPANetEngineer
Tue Aug 26, 2014 5:42 pm
Forum: Forwarding Protocols
Topic: BGP Advertisements in address list
Replies: 13
Views: 3081

Re: BGP Advertisements in address list

I don;t believe this capability exists - it would probably be a feature request Because the filter list is built almost like an address list, I'm not sure there would be much benefit. You can edit the filter and BGP routes will be updated dynamically. Is there a specific problem you are trying to so...
by IPANetEngineer
Tue Aug 26, 2014 5:37 pm
Forum: Forwarding Protocols
Topic: Is there a bug in MPLS and older hardware?
Replies: 3
Views: 1258

Re: Is there a bug in MPLS and older hardware?

What frame size CAN you get through?

It would be interesting to do a packet capture and look at the frame to see if something is eating up extra header space.
by IPANetEngineer
Tue Aug 26, 2014 5:33 pm
Forum: General
Topic: Gratuitous ARP to update neighbors' ARP table
Replies: 3
Views: 2063

Re: Gratuitous ARP to update neighbors' ARP table

Usually, a simple ping or a flood ping is enough to ensure ARP transitions quickly when moving Layer 2 connectivity. Because ARP is a Layer 2 broadcast, the old host will quit responding and the new host should answer ARP immediately...this method typically causes only a few seconds of an outage. Th...
by IPANetEngineer
Tue Aug 26, 2014 5:25 pm
Forum: Forwarding Protocols
Topic: Hello, I need to do below topology with Mikrotik. But how ?
Replies: 2
Views: 1020

Re: Hello, I need to do below topology with Mikrotik. But h

Is there a reason you have to use a MikroTik router specifically? PCC can do basic load balancing in a round robin fashion, but will require more customization to perform health checks and balance by least number of connections. You might want to check out http://www.zenloadbalancer.com/downloads/ I...
by IPANetEngineer
Tue Aug 26, 2014 5:11 pm
Forum: Forwarding Protocols
Topic: CCR and Internet BGP - survey of user experiences
Replies: 24
Views: 9798

Re: CCR and Internet BGP - survey of user experiences

Glad to see this thread has been useful...i've seen it linked in multiple other forum posts.

@Mikrotik - what is the status on balancing BGP across multiple cores?
by IPANetEngineer
Tue Aug 26, 2014 4:49 pm
Forum: General
Topic: Config problem or product limitation/weakness
Replies: 1
Views: 519

Re: Config problem or product limitation/weakness

What is your external radius server...have you checked to see if it is up and running?
by IPANetEngineer
Tue Aug 05, 2014 1:22 am
Forum: Forwarding Protocols
Topic: MPLS/VPLS Setup
Replies: 10
Views: 2350

Re: MPLS/VPLS Setup

UK is no problem as we have done work there before...please call 1-855-MikroTik or email consulting@iparchitechs.com to get a qoute for this kind of work from our sales team. We have done many PPPoE over MPLS/VPLS deployments in large wireline and WISP service providers..and will be happy to work wi...
by IPANetEngineer
Mon Aug 04, 2014 5:18 pm
Forum: Forwarding Protocols
Topic: STP Over VPLS
Replies: 12
Views: 4253

Re: STP Over VPLS

Everything looks right on your config....couple more questions: 1) What are your RouterOS versions...have you tried others? 2) You currently don't have RSTP enabled on the bridge (which I would recommend in most cases to pass the STP bpdu through the pseudowire) Have you tried enabling it on one or ...
by IPANetEngineer
Thu Jul 31, 2014 7:27 pm
Forum: Beginner Basics
Topic: CCs226-24G-2S+ enable RX flow control fixes dropped/overrun
Replies: 2
Views: 2170

Re: CCs226-24G-2S+ enable RX flow control fixes dropped/over

In the realm of storage, flow control is an extremely useful feature and is commonly used in large Data Centers to keep the flow of traffic over the ethernet connections at roughly the same rate as the disk can read/write. Typically the disk speed or the SAN controller becomes a bottle neck long bef...
by IPANetEngineer
Thu Jul 31, 2014 7:21 pm
Forum: Forwarding Protocols
Topic: OSPF Loop-d-Loop
Replies: 3
Views: 1828

Re: OSPF Loop-d-Loop

Have you checked redistribution to ensure that you aren't having some issues there?
by IPANetEngineer
Thu Jul 31, 2014 7:14 pm
Forum: Forwarding Protocols
Topic: OSPF database table
Replies: 1
Views: 911

Re: OSPF database table

Looking at the OSPF LSAs will give you what you're looking for.

ros code

routing ospf lsa print
Hope this helps!
by IPANetEngineer
Thu Jul 31, 2014 5:26 pm
Forum: Forwarding Protocols
Topic: Routing filter dont discard
Replies: 8
Views: 1654

Re: Routing filter dont discard

If you are using the redistribute connected or static to get the networks into OSPF, that is likely the reason they are external. You will need to advertise using the network command to get rid of the Type 5 LSA.
by IPANetEngineer
Thu Jul 31, 2014 4:41 pm
Forum: Forwarding Protocols
Topic: {} in BGP AS paths?
Replies: 2
Views: 871

Re: {} in BGP AS paths?

This usually means the AS-SET has been used in a route aggregation

Here is a little more info:

http://www.cisco.com/c/en/us/support/do ... etargument
by IPANetEngineer
Thu Jul 31, 2014 3:27 am
Forum: Forwarding Protocols
Topic: STP Over VPLS
Replies: 12
Views: 4253

Re: STP Over VPLS

Gotcha...wanted to see if RSTP was enabled or not on the bridge. Can you post the running config of the Cisco switch trunk interfaces as well as the full config export of each MPLS PE router?
by IPANetEngineer
Thu Jul 31, 2014 3:15 am
Forum: Forwarding Protocols
Topic: OSPF filtering
Replies: 17
Views: 3173

Re: OSPF filtering

In OSPF, you can only summarize at the ABR or ASBR. This is by design as all routers in an Area should have the same Link State DB. If I remember right, you are working on implementing MPLS for an ISP....just as an FYI, most large Carrier MPLS networks use OSPF (or ISIS) only to advertise transit su...
by IPANetEngineer
Wed Jul 30, 2014 7:12 pm
Forum: Forwarding Protocols
Topic: BGP aggregate configuration
Replies: 9
Views: 4729

Re: BGP aggregate configuration

Can you post your full routing table (assuming it's not a full public)
by IPANetEngineer
Wed Jul 30, 2014 6:24 pm
Forum: Forwarding Protocols
Topic: STP Over VPLS
Replies: 12
Views: 4253

Re: STP Over VPLS

Can you post the output of

ros code

interface bridge print verbose
Would like to see what spanning tree looks like on your bridges
by IPANetEngineer
Mon Jul 28, 2014 6:45 pm
Forum: Forwarding Protocols
Topic: MPLS/VPLS Setup
Replies: 10
Views: 2350

Re: MPLS/VPLS Setup

No problem...I was responding to the OP = bluestu as it seemed like he needed some professional help with MPLS and OPSF convergence tuning.

Good luck with your MPLS rollout and don't hesitate to give us a shout if you need anything!
by IPANetEngineer
Mon Jul 28, 2014 5:59 pm
Forum: Forwarding Protocols
Topic: MPLS/VPLS Setup
Replies: 10
Views: 2350

Re: MPLS/VPLS Setup

We handle a large number of MPLS networks around the world. Our network engineers have many years of experience in large carrier networks and would be happy to assist you.

Please call us at 855-MIKROTIK to speak with sales and get a quote for your project.
by IPANetEngineer
Fri May 23, 2014 4:34 am
Forum: Forwarding Protocols
Topic: OSPF Redundancy and Summarization
Replies: 58
Views: 10255

Re: OSPF Redundancy and Summarization

You absolutely can chose which path you would like to select. Weight or Local Preference can be used to control outbound traffic and Prepending or MED can be used to control inbound traffic - there are many ways to get things done in BGP but those are the basic mechanisms. Can you post the output of...
by IPANetEngineer
Thu May 22, 2014 6:25 pm
Forum: Forwarding Protocols
Topic: OSPF Redundancy and Summarization
Replies: 58
Views: 10255

Re: OSPF Redundancy and Summarization

A couple of things:

Please post all routes (not just filtered for BGP)

What is the source and destination of the traffic that isn't taking the path you would like?
by IPANetEngineer
Thu May 22, 2014 5:49 pm
Forum: Forwarding Protocols
Topic: CCR and Internet BGP - survey of user experiences
Replies: 24
Views: 9798

Re: CCR and Internet BGP - survey of user experiences

Good afternoon very strange request from you. don't you have any CCR with BGP in production ? aren't you "The Largest Carrier-Grade MikroTik Integrator in North America" ? best regards Thierry :) Touche!...you are correct, we ARE the largest Carrier-Grade Integrator in North America and deploy BGP/...
by IPANetEngineer
Thu May 22, 2014 1:00 am
Forum: Forwarding Protocols
Topic: OSPF Redundancy and Summarization
Replies: 58
Views: 10255

Re: OSPF Redundancy and Summarization

As to your other questions, if you already have a /32 route to the far end peer, then you don't need to add one. I was just letting you know that you don't need a default route just for the BGP peering. You're saying that I wouldn't need at least one static route to 10.254.35.253/32 to get BGP esta...
by IPANetEngineer
Wed May 21, 2014 11:15 pm
Forum: Forwarding Protocols
Topic: OSPF Redundancy and Summarization
Replies: 58
Views: 10255

Re: OSPF Redundancy and Summarization

If you only have the two 1100s and aren't going to expand much more than that, then I wouldn't worry about OSPF in HQ long term unless you have multiple paths between the two routers. When you have multiple paths between routers and you need extremely rapid convergence, you can use OPSF and BGP toge...
by IPANetEngineer
Wed May 21, 2014 10:33 pm
Forum: Forwarding Protocols
Topic: OSPF Redundancy and Summarization
Replies: 58
Views: 10255

Re: OSPF Redundancy and Summarization

Looks like you are making progress! 1) Use the same AS for both of your centralized 1100 routers and peer them to each other. 2) Use a different AS number for each remote site - this will simplify traffic management and routing. 3) As long as the BGP peer has a route to the other peer, they don't ha...
by IPANetEngineer
Wed May 21, 2014 4:57 am
Forum: Forwarding Protocols
Topic: OSPF Redundancy and Summarization
Replies: 58
Views: 10255

Re: OSPF Redundancy and Summarization

Not something people generally want to publicize! It is an interesting topic of conversation at Cisco Live though. Of course MPLS is a great service offering and we use and implement it extensively. What is sometimes questioned is whether to "trust" the carrier or take direct responsibility for pro...
by IPANetEngineer
Wed May 21, 2014 3:48 am
Forum: Forwarding Protocols
Topic: OSPF Redundancy and Summarization
Replies: 58
Views: 10255

Re: OSPF Redundancy and Summarization

To the first point - yes. Would love to read about it :D Links? Security is hardly the only reason MPLS transit is so popular and that won't be going away anytime soon even if customers run IPSEC over the links. Guaranteed SLAs on latency and bandwidth as well as honoring DSCP markings in a priorit...
by IPANetEngineer
Wed May 21, 2014 1:07 am
Forum: General
Topic: CRS with 24 SFP
Replies: 2
Views: 1625

Re: CRS with 24 SFP

+1

We would like to see this form factor as well
by IPANetEngineer
Tue May 20, 2014 11:46 pm
Forum: Forwarding Protocols
Topic: OSPF Redundancy and Summarization
Replies: 58
Views: 10255

Re: OSPF Redundancy and Summarization

No, I'm not. I assumed that It would not be necessary, once the traffic in this link is only ours(at least we pay ISP for that!). The traffic between branches over MPLS is not secured for anything but firewall. There is no crypto on this link. Well it all depends how you analyse your risk, but L2 o...
by IPANetEngineer
Tue May 20, 2014 9:33 pm
Forum: Forwarding Protocols
Topic: CCR and Internet BGP - survey of user experiences
Replies: 24
Views: 9798

CCR and Internet BGP - survey of user experiences

This question seems to come up a lot in the MikroTIk forums and I'm curious to see what different types of CCR BGP deployments are out there as well as the experience of the end user. Some users seem to have no issues with multiple public feeds and some aren't stable on only one feed. So.... 1) What...
by IPANetEngineer
Tue May 20, 2014 9:12 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1021694

Re: CLOUD CORE ROUTER

So the reboots were probably being caused by watchdog due to BGP or maybe other CPU utilization...we found in several instances of troubleshooting CCRs that even if all of the other cores are lightly utilized, one core staying pegged at 100% for more than about 30 - 45 seconds usually triggers watch...
by IPANetEngineer
Tue May 20, 2014 7:49 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1021694

Re: CLOUD CORE ROUTER

Just out of curiosity, could you share your watchdog settings?
by IPANetEngineer
Tue May 20, 2014 7:35 pm
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1021694

Re: CLOUD CORE ROUTER

What did CPU utilization for BGP look like during these outages?
by IPANetEngineer
Tue May 20, 2014 7:58 am
Forum: Forwarding Protocols
Topic: OSPF Redundancy and Summarization
Replies: 58
Views: 10255

Re: OSPF Redundancy and Summarization

In case there is any confusion........ OSPF does not need multicast to form adjacencies - that is simply a config issue. No confusion, just didn't see the benefit of using OSPF as it won't be much simpler in this network than BGP since OSPF either needs static neighbor definitions or EOIP. Then add...
by IPANetEngineer
Tue May 20, 2014 3:27 am
Forum: RouterBOARD hardware
Topic: RouterBOARD testing procedures
Replies: 33
Views: 31097

Re: RouterBOARD testing procedures

Great article...looking forward to seeing more detail on testing and performance of the variants of the CCR series
by IPANetEngineer
Tue May 20, 2014 3:19 am
Forum: RouterBOARD hardware
Topic: CLOUD CORE ROUTER
Replies: 1374
Views: 1021694

Re: CLOUD CORE ROUTER

Not sure about that specific model, but we have used FiberXion SFPs in 2011s and CCRs without issue.
by IPANetEngineer
Tue May 20, 2014 3:08 am
Forum: Beginner Basics
Topic: log: excessive or late collision, link duplex mismatch ????
Replies: 24
Views: 49561

Re: log: excessive or late collision, link duplex mismatch

Glad to see this feature is in 6.x...even setting gigabit ethernet to be hard coded on one side and autneg on the other can cause issues. Autoneg is the way to go unless you encounter a problem and then hard code both sides and move on.