Community discussions

Search found 472 matches

  • 1
  • 2
by lapsio
Sun Oct 22, 2017 1:06 am
Forum: General
Topic: ROS firewall - DNS-ip corelarion enrichment?
Replies: 0
Views: 383

ROS firewall - DNS-ip corelarion enrichment?

Is there any "normal" way to corelate IP in ROS logs with DNS server running on ROS? I mean - I have firewall set up on ROS and DNS server. Is it possible for ROS to resolve IP to DNS using recent DNS queries?
by lapsio
Mon Oct 09, 2017 7:35 pm
Forum: Wireless Networking
Topic: What is connect-list and why do I need it?
Replies: 1
Views: 1114

What is connect-list and why do I need it?

Hello. I'm using MikroTik for many years and for the first time I got messages in logs like: sep/01 01:17:54 wireless,debug PiPi: wlan1: C2:9F:DB:8F:B5:20 failed to join recently sep/01 01:17:54 wireless,debug PiPi: wlan1: no network that satisfies connect-list, by default choose with strongest sign...
by lapsio
Sun Oct 08, 2017 10:30 pm
Forum: General
Topic: ROS ovpn-client doesn't verify server certificate.
Replies: 7
Views: 1394

Re: How ROS ovpn-client verifies server?

I tested it multiple times in various combinations and ovpn-client doesn't verify server certificate allowing trivial MIM attack and sniffing in networks with SSL decryptor proxy. I classify it as serious vulnerability making ovpn-client useless feature silently compromising security of network.
by lapsio
Fri Oct 06, 2017 3:44 pm
Forum: General
Topic: ROS ovpn-client doesn't verify server certificate.
Replies: 7
Views: 1394

Re: How ROS ovpn-client verifies server?

In order to see if it works I imported invalid certificate (of CA generated on other mikrotik, not one hosting ovpn) but ovpn-client still connects without any problem [lapsio@CHRgw] > /certificate print detail Flags: K - private-key, D - dsa, L - crl, C - smart-card-key, A - authority, I - issued, ...
by lapsio
Fri Oct 06, 2017 1:53 am
Forum: General
Topic: ROS ovpn-client doesn't verify server certificate.
Replies: 7
Views: 1394

ROS ovpn-client doesn't verify server certificate.

I noticed that ovpn-client doesn't take server CA certificate as argument. How does ROS verify server then (if at all)
by lapsio
Wed Oct 04, 2017 7:47 pm
Forum: Wireless Networking
Topic: PEAP-MSCHAPv2
Replies: 46
Views: 7921

Re: PEAP-MSCHAPv2

Wait I was just trying to connect for an hour to realize that I had to type my username as supplicant-identity. What is difference between mschapv2-username and supplicant-identity? Linux systems (and Android) shows identity and anonymous identity or username and anonymous identity. Why those names ...
by lapsio
Fri Sep 29, 2017 4:20 pm
Forum: Wireless Networking
Topic: vwlan with CAPsMAN?
Replies: 1
Views: 293

Re: vwlan with CAPsMAN?

Okay I guess I figured it out - I need to add vwlans on CAPsMAN by adding more CAP interfaces on CAPsMAN with master interface set to original physical radio cap interface of CAP device. It'll create automatically vwlan interfaces on CAP device.
by lapsio
Fri Sep 29, 2017 3:49 pm
Forum: Wireless Networking
Topic: vwlan with CAPsMAN?
Replies: 1
Views: 293

vwlan with CAPsMAN?

Hello I'm testing what CAPsMAN is capable of and I really like fact that interfaces just appear on CAPsMAN device as "local" interfaces, but when I'm adding virtual wlans on CAP device it disconnects from CAPsMAN. I'm a bit confused - is there some other way of configuring multiple vwlan per radio w...
by lapsio
Thu Sep 28, 2017 12:31 pm
Forum: RouterBOARD hardware
Topic: How to use smart card slot in CCR?
Replies: 3
Views: 2044

Re: How to use smart card slot in CCR?

Okay so it seems this card is GlobalPlatform 2.1.1 Java Card (as mentioned in that old thread). I can order them as it looks quite affordable and easily available. I can get that even providing minimal volume is 20. http://www.cs-adams.pl/karta-hybrydowa-csa.html So assuming I have one, just unboxed...
by lapsio
Thu Sep 28, 2017 12:02 pm
Forum: RouterBOARD hardware
Topic: How to use smart card slot in CCR?
Replies: 3
Views: 2044

Re: How to use smart card slot in CCR?

I know I didn't want to necro bump topic without answer
by lapsio
Thu Sep 28, 2017 11:37 am
Forum: RouterBOARD hardware
Topic: How to use smart card slot in CCR?
Replies: 3
Views: 2044

How to use smart card slot in CCR?

How can I use Smart Card slot in CCR? As in how do i generate keys on such card and what card do I need (where to get such card)
by lapsio
Tue Sep 26, 2017 11:06 am
Forum: RouterBOARD hardware
Topic: Woobm-USB How Much Can It Do?
Replies: 31
Views: 4585

Re: Woobm-USB How Much Can It Do?

yes, RouterOS has supported USB-Serial adapters for quite some time.
What other kinds of usb devices does it support? >.>
by lapsio
Mon Sep 25, 2017 1:52 pm
Forum: RouterBOARD hardware
Topic: CRS317-1G-16S+RM MPLS Support
Replies: 53
Views: 14170

Re: CRS317-1G-16S+RM MPLS Support

I´m dreaming of "Ethernet Over IP" (EoIP) with hardware acceleration on CRS317, .i.e. 10Gbit/s EoIP tunnels for Vmware VMotion (layer 2 interconnect). Would this be possible with the CRS317?
+1

But I doubt that it's ethernet over IP and IP is pretty much router stuff.
by lapsio
Mon Sep 25, 2017 12:54 pm
Forum: General
Topic: ROS anti-spoofing mechanics on routers/switches
Replies: 0
Views: 369

ROS anti-spoofing mechanics on routers/switches

Hello. Today I blew up lab network by accidentally assigning network address (172.30.130.30/24) to loopback device on one Linux machine. Linux responds to any address inside loopback assigned network so I ended up with machine that performed mass ip-spoofing and hijacked all IPs from entire network,...
by lapsio
Tue Sep 19, 2017 2:41 pm
Forum: RouterBOARD hardware
Topic: Mikrotik USB Port with WiFi USB Dongle
Replies: 13
Views: 17695

Re: Mikrotik USB Port with WiFi USB Dongle

Don't bother, it will not work no matter what anyone tell.
How about... forwarding USB to metarouter with openwrt? Then bridging it with virtual ethernet and using in host ROS? >.>
<determination intensifies> xD
by lapsio
Mon Sep 18, 2017 7:25 pm
Forum: RouterBOARD hardware
Topic: CRS317-1G-16S+RM MPLS Support
Replies: 53
Views: 14170

Re: CRS317-1G-16S+RM MPLS Support

So .. I got landed with a batch of 3 of these .... and so far, VLans can't be configured in RouterOS/Winbox at all. Nevermind MPLS etc. Looks like the hardware hit the market before the software was ready. /M Welp... I guess you can say then that you use the only unmanaged full 10G switch in the ma...
by lapsio
Mon Sep 18, 2017 1:07 am
Forum: RouterBOARD hardware
Topic: hEX nand size ONLY 16MB !!!!
Replies: 61
Views: 16993

Re: hEX nand size ONLY 16MB !!!!

@jowos @netflow - hEX is multicore device - it wouldn't run metarouter anyways just like CCR don't. But I also don't like 16m storage. In fact - it's not really about storage bc idgaf but about storage expansion options - precisely why most devices don't have card slot and more importantly - why the...
by lapsio
Mon Sep 18, 2017 12:55 am
Forum: RouterBOARD hardware
Topic: Woobm-USB How Much Can It Do?
Replies: 31
Views: 4585

Re: Woobm-USB How Much Can It Do?

Yeah I'd also like to ask about this product. What it even is? Is it like routerboard with ROS powered via usb or is it more like just wifi card compatible with ROS devices with usb. Does ROS support other usb wifi cards as well? What Woobm really does and how ROS sees it. Can I use it as second wif...
by lapsio
Wed Sep 13, 2017 4:53 pm
Forum: Forwarding Protocols
Topic: ovpn client - routing loop problem
Replies: 0
Views: 390

ovpn client - routing loop problem

Hello. I'm using MikroTik CHR router as gateway for my VMs (physical interface forwarded to VM). Also for additional security and privacy it's using VPN client to connect to VPN server in my home. The problem is that when I actually AM at home it doesn't work properly for some reason. I think it's r...
by lapsio
Fri Sep 08, 2017 12:29 am
Forum: RouterBOARD hardware
Topic: Are routerboard products having silent hardware revisions?
Replies: 4
Views: 1461

Re: Are routerboard products having silent hardware revisions?

No I'm serious xD. I even found some old website that says it's 400mhz. So that I wonder what was previous cpu in this thing (if my theory is correct). Original mAP is quite old router, significantly older than hAP, hAP lite, mAP lite, hAP ac etc.
by lapsio
Thu Sep 07, 2017 11:35 pm
Forum: RouterBOARD hardware
Topic: Are routerboard products having silent hardware revisions?
Replies: 4
Views: 1461

Are routerboard products having silent hardware revisions?

Maybe my memory is a bit flawed but did this guy:

https://mikrotik.com/product/RBmAP2nD

always have 650 mhz cpu since the very first day it came out?
by lapsio
Sun Sep 03, 2017 11:44 pm
Forum: General
Topic: OpenVPN Server error: TLS failed
Replies: 43
Views: 77309

Re: OpenVPN Server error: TLS failed

Sorry for necro bumping but this issue seems to be still relevant. I'm getting TLS failed when require-certificate is set to "on". Without it openvpn works fine. I followed this tutorial: https://www.medo64.com/2016/12/simple-openvpn-server-on-mikrotik/ And additionally set certifiacates to trusted ...
by lapsio
Fri Sep 01, 2017 12:32 am
Forum: Scripting
Topic: mAP lite - easy physical script toggle?
Replies: 5
Views: 1289

Re: mAP lite - easy physical script toggle?

It turns out mikrotik is not ready after boot. Even after those 3 seconds. Waiting a bit more and doing everything really slowly makes scripts work properly. In case someone would be interested here are full scripts: [lapsio@PiPi] /system script> print without-paging Flags: I - invalid 0 name="modet...
by lapsio
Thu Aug 31, 2017 10:46 pm
Forum: Scripting
Topic: mAP lite - easy physical script toggle?
Replies: 5
Views: 1289

Re: mAP lite - easy physical script toggle?

I ran into an issue. Many issues: 1. [lapsio@PiPi] > /system routerboard mode-button set enabled=yes on-event=autorun Error, please generate supout file blah blah blah So i upgraded to release-candidate. Now it doesn't say anything. But I can't really print value and it doesn't seem to work [lapsio@...
by lapsio
Tue Aug 29, 2017 5:09 pm
Forum: Scripting
Topic: mAP lite - easy physical script toggle?
Replies: 5
Views: 1289

mAP lite - easy physical script toggle?

Hi I'm using mAP lite as my pocket swiss-knife ap / station for rackmount servers configuration when i need to connect them to dirty line or simply as ap on the go if there's no wifi in around. I made quite streamlined config scheme and script that is simple on/off toggle for station / ap mode (more...
by lapsio
Wed Aug 09, 2017 8:21 pm
Forum: RouterBOARD hardware
Topic: New product : HAP Mini (RB931-2ND)
Replies: 15
Views: 7964

Re: New product : HAP Mini (RB931-2ND)

Hello! So this MikroTik hAP mini can be used as a normal WIFI router right ? like Tp-LINK. And don't need to buy antennas or something else. Yes. It's preconfigured out of box this way. But you can use it for whatever you want. It uses internal antenna. Also comparing it to some consumer TP-Link is...
by lapsio
Wed Aug 02, 2017 12:41 pm
Forum: RouterBOARD hardware
Topic: Removing water residue
Replies: 6
Views: 712

Re: Removing water residue

Welp. I cleaned it but no luck so I gave up. Oh well at least I have some spare capacitors now xD
by lapsio
Mon Jul 31, 2017 11:39 am
Forum: RouterBOARD hardware
Topic: Removing water residue
Replies: 6
Views: 712

Re: Removing water residue

There are PCB specific cleaning sprays with rust and damp proof/removal effect, most come with a cleaning brush attachment to ease application (be gentle rubbing!).
You mean something like DeoxIT? I'm not sure how to google for such product.
by lapsio
Mon Jul 31, 2017 11:34 am
Forum: RouterBOARD hardware
Topic: CRS317-1G-16S+RM MPLS Support
Replies: 53
Views: 14170

Re: CRS317-1G-16S+RM MPLS Support

The system runs silently, but there are two fans for situations where ambient temperature gets close to maximum. They will run automatically and only when it gets too hot. Very nice! Would love if this mechanic could be added to the other CSS/CRS RM models as well. I agree it's incredibly awesome f...
by lapsio
Mon Jul 31, 2017 11:16 am
Forum: RouterBOARD hardware
Topic: Removing water residue
Replies: 6
Views: 712

Removing water residue

Hi. My friend asked me "to check if his router is dead". After disassembling it turned out that router has been watered at some point so badly that there's water residue all over the board. Unfortunately router has been connected to power and only power LED was active all the time. It's quite clear ...
by lapsio
Tue Jul 18, 2017 10:07 am
Forum: RouterBOARD hardware
Topic: CRS317 - any fresh info about that buddy?
Replies: 8
Views: 1337

Re: CRS317 - any fresh info about that buddy?

Oh god it's like few days in the market and It's already out of stock in case of many distributors xDDDD. I feel it'll be another CCR1009 in desktop chassis for which I had to wait 6 months to be available xD
by lapsio
Tue Jul 18, 2017 12:33 am
Forum: General
Topic: Any advantages of stateless firewall on RouterOS?
Replies: 4
Views: 828

Re: Any advantages of stateless firewall on RouterOS?

What do you mean by "pereformance hit" - memory, cpu or both? Also how serious it is? Device used here is RB951 so quite weak device considering it's handling monitoring traffic and parking lot hotspot I'd need to perform some tests to give more detailed info but roughly what's the performance impac...
by lapsio
Mon Jul 17, 2017 11:44 am
Forum: General
Topic: Any advantages of stateless firewall on RouterOS?
Replies: 4
Views: 828

Any advantages of stateless firewall on RouterOS?

I've noticed several times already that people configure RouterOS firewall in stateless fashion on production. Is there any actual reason not to use conntrack/fasttrack in more security critical installations? Because I have opportunity to "fix" terribly illegible and messed up mtk config backing mo...
by lapsio
Mon Jul 10, 2017 9:06 pm
Forum: Beginner Basics
Topic: Site-to-site VPN through NAT and firewall on one side
Replies: 1
Views: 535

Site-to-site VPN through NAT and firewall on one side

Hi, I need to connect remote lab network to primary lab network over VPN using VM installed in primary network. I have full control over remote lab however primary lab network is part of huge corporate infrastructure and port forwarding is not an option as It'd require a lot of changes. So network s...
by lapsio
Thu Jun 29, 2017 11:38 pm
Forum: Virtualization
Topic: Connecting to CHR over virtual serial port
Replies: 2
Views: 854

Re: Connecting to CHR over virtual serial port

Oooohh... so those 8 "linux" terms are not serial consoles... I can't believe I didn't realize that it's normal TTY, not STTY after more than decade in linux environments... I always used ROS on routerboards which never had VGA so somehow I assumed those are all unallocated serial ports, my bad. Tha...
by lapsio
Thu Jun 29, 2017 5:18 am
Forum: Virtualization
Topic: Connecting to CHR over virtual serial port
Replies: 2
Views: 854

Connecting to CHR over virtual serial port

I'm trying to connect to ROS in VirtualBox VM over serial port but it doesn't really seem to work. Did anyone manage to create such setup? When I'm connecting to ROS over certain serial it doesn't respond with anything even though /system console is enabled on all ports. I tried both host to guest a...
by lapsio
Fri Jun 16, 2017 6:16 pm
Forum: RouterBOARD hardware
Topic: Where did CRS226-24G-2S+RM disappear ?
Replies: 10
Views: 1945

Re: Where did CRS226-24G-2S+RM disappear ?

Besides - why 16mb flash? I mean it's understandable in those 19.99 routers like hAP lite,mini,mAP etc. But why CRS326? Why hEX, why PowerBox or OmniTik. Why all new devices that are not RB2011/RB3011/RB1100/CCR have 16mb flash? Is cost reduction really THAT high? You could at least give microSD slo...
by lapsio
Fri Jun 16, 2017 6:10 pm
Forum: RouterBOARD hardware
Topic: Where did CRS226-24G-2S+RM disappear ?
Replies: 10
Views: 1945

Re: Where did CRS226-24G-2S+RM disappear ?

It is still white, Lapsio, don't worry :)
Now I'm 100% convinced to get one
by lapsio
Thu Jun 15, 2017 3:50 am
Forum: RouterBOARD hardware
Topic: Powerful Wave 2 routers - when to expect?
Replies: 2
Views: 857

Re: Powerful Wave 2 routers - when to expect?

Look at when MTK introduced ac routers comparing to when this technology had hit the market.

So hold your horses cuz you're probably about to wait a while...
by lapsio
Thu Jun 15, 2017 3:33 am
Forum: RouterBOARD hardware
Topic: Where did CRS226-24G-2S+RM disappear ?
Replies: 10
Views: 1945

Re: Where did CRS226-24G-2S+RM disappear ?

But CRS326: Doesn't have LCD Has only 16 mb storage (my experience with hAP lite tells me that sometimes it's too few to even store few previous configuration versions and some scripts, and ROS behavior when you're out of storage is HIGHLY ambiguos. I got something like "unknown error") Higher power...
by lapsio
Wed Jun 07, 2017 12:41 am
Forum: RouterBOARD hardware
Topic: CRS317 - any fresh info about that buddy?
Replies: 8
Views: 1337

CRS317 - any fresh info about that buddy?

It's been a while since last time I heard any news about CRS317. Is there some new info? About expected release dates or something else interesting? Some pricing info, some photos, anything? Iirc it was announced for Q2 and it's June alreadys sooo... As long as you don't count from 0 it should be ou...
by lapsio
Mon Apr 03, 2017 2:03 am
Forum: SwOS
Topic: SwOS vs RouterOS considering switch-only functionality
Replies: 3
Views: 2084

SwOS vs RouterOS considering switch-only functionality

I have a question. Considering "refresh" of SwOS and that it's going to be available on this new hardcore 160 gbps switch - is it going to be new "flagship" OS for switch functionality? I mean - if I'm going to get CRS with RouterOS is it going to provide all functions available on CSS with SwOS, or...
by lapsio
Tue Mar 28, 2017 11:19 pm
Forum: Beginner Basics
Topic: DHCP assigns the same address to multiple machines
Replies: 1
Views: 384

Re: DHCP assigns the same address to multiple machines

Linux by default uses UUID as Client-ID for dhcp. Those were 2 cloned VMs with the same UUIDs. Changing Client-ID source to mac solved the issue. Just in case anyone has similar issue - options are: change UUID set unique MAC and set Client-ID source to MAC ([DHCP] ClientIdentifier=mac with systemd)...
by lapsio
Tue Mar 28, 2017 10:29 pm
Forum: Beginner Basics
Topic: DHCP assigns the same address to multiple machines
Replies: 1
Views: 384

DHCP assigns the same address to multiple machines

Hello. I've set up network and ROS offers the same address to 2 machines connected. Here's debug log: 19:19:42 dhcp,debug,packet dhcp-net1 received discover with id 1914728561 from 0.0.0.0 19:19:42 dhcp,debug,packet secs = 1 19:19:42 dhcp,debug,packet ciaddr = 0.0.0.0 19:19:42 dhcp,debug,packet chad...
by lapsio
Sun Mar 26, 2017 2:03 am
Forum: Virtualization
Topic: Adding more vCPUs increases latency
Replies: 4
Views: 816

Re: Adding more vCPUs increases latency

Ok. ROS version? Unless you are more specific it won't be possible to reproduce your results... Bugfix. I downloaded it like 4h ago xD I doubt they updated since then. 6.37.5. VDI image Other info: 2 interfaces (gw and lan), both bridged with host OS bridges - brwan and brvm. Functional vm bridged ...
by lapsio
Sun Mar 26, 2017 1:45 am
Forum: Virtualization
Topic: Adding more vCPUs increases latency
Replies: 4
Views: 816

Re: Adding more vCPUs increases latency

Which version?

Which kind of ethernet interface did you set in VirtualBox under Advanced settings?
virtio, KVM paravirtualization. VirtualBox 5.0.2
by lapsio
Sun Mar 26, 2017 12:31 am
Forum: Virtualization
Topic: Adding more vCPUs increases latency
Replies: 4
Views: 816

Adding more vCPUs increases latency

Hello Today I tried p-unlimited trial in VM and found out that when I add more than 1 vCPU latency skyrockets. With 1 vCPU I have 0.7 ms ping to edge router. However after increasing to 4 vCPUs ping dropped to above 9 ms (over 10 times). I trid it multiple times and it's reproducible. I'm using Virt...
by lapsio
Thu Mar 23, 2017 9:26 pm
Forum: Virtualization
Topic: RouterOS demo/limited free VM
Replies: 5
Views: 2559

Re: RouterOS demo/limited free VM

With VMware, it supports both vmxnet3 and pvscsi. I don't know about VirtualBox, but it should be very easy to try - either it will work or not. But I'm using Linux host so... Yes it is that simple. Except if it doesn't work - now step 2 - it doesn't work because ROS doesn't support it and it's nor...
by lapsio
Thu Mar 23, 2017 7:39 pm
Forum: Virtualization
Topic: RouterOS demo/limited free VM
Replies: 5
Views: 2559

Re: RouterOS demo/limited free VM

Oh it's just as simple as downloading and running image. Okay, ur the best xD. Also considering it's already CHR related thread... You could post some info about hypervisor settings (eg. you provide .vdi image so what settings should I use for VBox? I assumed Other Linux 2.6/3.x/4.x (32bit) but Othe...
by lapsio
Thu Mar 23, 2017 6:54 pm
Forum: Virtualization
Topic: RouterOS demo/limited free VM
Replies: 5
Views: 2559

RouterOS demo/limited free VM

Hi I remember some time ago I came across some info about educational limited ROS image or something like that - basically iirc it was possible to download VM image with router that had capped bandwidth at 1MB/s or something like that. Is that still available? And can I use it for software developme...
by lapsio
Mon Mar 13, 2017 10:51 am
Forum: RouterBOARD hardware
Topic: Which RB products feature system speaker?
Replies: 2
Views: 525

Which RB products feature system speaker?

Which routerboards feature system speaker (beeper)? Sometimes it's marked on block diagram but not all devices have them published on website.
by lapsio
Sat Mar 11, 2017 5:39 pm
Forum: General
Topic: What is MikroTik update server domain name?
Replies: 1
Views: 1722

Re: What is MikroTik update server domain name?

Okay tracked it down

upgrade.mikrotik.com
by lapsio
Sat Mar 11, 2017 5:23 pm
Forum: General
Topic: What is MikroTik update server domain name?
Replies: 1
Views: 1722

What is MikroTik update server domain name?

Hi. What domain names (or IPs) do I need to allow and on which port in orded to make auto uptade work? My firewall is blocking any internet access for important nodes and only update servers are whitelisted. I got IP 54.192.229.248 captured on fw but reverse DNS shows "cloudfront.net" so I'm not sur...
by lapsio
Thu Feb 23, 2017 2:21 pm
Forum: RouterBOARD hardware
Topic: CCR1009 local link performance - what sorcery is this???
Replies: 4
Views: 886

Re: CCR1009 local link performance - what sorcery is this???

it's a completely different CPU on those. A new Intel i7 CPU does more work per Hz than an old Pentium.. :) I thought Tile Gx is just another power efficiency optimized CPU like some ARM or MIPS. I totally didn't expect it to be anything high performance. It's... wow. I can't wait for metaROUTER su...
by lapsio
Thu Feb 23, 2017 2:10 pm
Forum: RouterBOARD hardware
Topic: CCR1009 local link performance - what sorcery is this???
Replies: 4
Views: 886

CCR1009 local link performance - what sorcery is this???

I used to have RB2011 as primary router between workstations. However I wanted to use firewall on bridge so fasttrack didn't work and I didn't want to use switch. Okay. Even with fasttrack RB2011 was bottlenecking at around 600-700mbps. Without fasttrack - it barely exceeded 120-150mbps when CPU was...
by lapsio
Fri Feb 17, 2017 12:38 am
Forum: Beginner Basics
Topic: Source based routing
Replies: 0
Views: 596

Source based routing

Hello lapsio@nuc ~> ip route show 10.0.0.0/24 dev brguestservice proto kernel scope link src 10.0.0.1 10.0.1.0/24 dev brguestlapsio proto kernel scope link src 10.0.1.1 10.0.2.0/24 dev brguestmilosz proto kernel scope link src 10.0.2.1 192.168.1.0/24 dev brhost proto kernel scope link src 192.168.1....
by lapsio
Fri Feb 17, 2017 12:20 am
Forum: General
Topic: Could you please change font color of combo interface? (bugfix?)
Replies: 2
Views: 577

Re: Could you please change font color of combo interface? (bugfix?)

As far as I know it's blue if the parent interface is disabled.
Oh. Indeed you seem to be right. That makes a bit of sense then. Kind of...
by lapsio
Thu Feb 16, 2017 9:08 pm
Forum: General
Topic: Could you please change font color of combo interface? (bugfix?)
Replies: 2
Views: 577

Could you please change font color of combo interface? (bugfix?)

Uhm... Could you please change color of combo interfaces in ssh/serial console? Because it's kind of illegible af... https://dl.dropbox.com/u/44131220/undeletable/susecap318.png No, seriously. Change it. https://dl.dropbox.com/u/44131220/undeletable/susecap318b.png OH JUST COME ON https://dl.dropbox...
by lapsio
Thu Feb 16, 2017 12:42 am
Forum: Beginner Basics
Topic: src addr in output chain
Replies: 1
Views: 307

src addr in output chain

Maybe quite silly question but - what is src address of packets going through output chain? 127.0.0.1 or interface address? Iirc on linux it's always 127.0.0.1 so i'd assume it's the same for MTK.
by lapsio
Tue Feb 14, 2017 9:15 pm
Forum: Beginner Basics
Topic: Maximizing MTU
Replies: 5
Views: 960

Re: Maximizing MTU

Mhm. So I need separate subnet & bridge for devices with 9k MTU, 4k MTU, and 1.5k MTU? That sounds like some management overhead and more points of failure but well if that's the only option then okay I guess :<
by lapsio
Tue Feb 14, 2017 8:28 pm
Forum: Beginner Basics
Topic: Maximizing MTU
Replies: 5
Views: 960

Re: Maximizing MTU

Don't use a bridge for things where you want best performance... Keep your servers on a separate switch and use jumboframes only there. Yeah but I also want firewall. I prefer firewall and general control/monitoring over performance. I have ip-firewall enabled on all bridge interfaces anyways so tr...
by lapsio
Tue Feb 14, 2017 8:07 pm
Forum: Beginner Basics
Topic: Maximizing MTU
Replies: 5
Views: 960

Maximizing MTU

Hi I had really nice plan to push MTU of primary bridge between servers to around 4-9k since it's supported by both CCR1009 and RB44Ge. However once I created bridge and added some VLANs to it in order to bridge with RB2011 as AP i noticed that L2 MTU dropped to max value supported by RB2011. Then a...
by lapsio
Fri Feb 10, 2017 6:51 pm
Forum: Beginner Basics
Topic: dst NAT ports range offset
Replies: 1
Views: 516

dst NAT ports range offset

Is it possible to perform port remap on whole range of ports? Lets say I have 3 servers .2.2, .2.3, .2.4 and one public IP .1.1 Is it possible to remap all 1024 privileged ports in following manner: ,1,1:[8000....9023] -> .2.2:[0..1023] .1.1:[9024...10047] -> .2.3:[0..1023] .1.1:[10048..11071] -> .2...
by lapsio
Sun Jan 29, 2017 8:06 am
Forum: RouterBOARD hardware
Topic: Poor quality of bundled manuals
Replies: 8
Views: 1026

Re: Poor quality of bundled manuals

How much bandwith you have? It's for LAN only. I use 10TB btrfs RAID6 array in PC with plenty of data (various graphical projects etc I'm not professionally related to networking, it's just hobby). From time to time I'm syncing it with laptop or backup drives in second machine over LAN and it takes...
by lapsio
Sun Jan 29, 2017 7:44 am
Forum: RouterBOARD hardware
Topic: Poor quality of bundled manuals
Replies: 8
Views: 1026

Re: Poor quality of bundled manuals

some type of hardware are buyed from professional. i do not see any CCR inside one home There always must be this first time https://lapsio.bestpony.ml/public/inet/ccr0.jpg all declaration of conformity, guide, brochure are online, why waste paper? I know I'm totally fine with online documents. The...
by lapsio
Sat Jan 28, 2017 9:11 pm
Forum: RouterBOARD hardware
Topic: What is exactly direct attach cable?... Does it contain SFP+ interface?
Replies: 15
Views: 2673

Re: What is exactly direct attach cable?... Does it contain SFP+ interface?

There's also a product called "active optical cable" which is a cable, usually uniaxial single mode fiber with a permanently attached pair of transceivers. It's hard for me to see the appeal of such a product over just getting a pair of SFP/SFP+/QSFP+ transceivers, and a pre-terminated lc-upc/lc-up...
by lapsio
Sat Jan 28, 2017 4:31 pm
Forum: RouterBOARD hardware
Topic: Poor quality of bundled manuals
Replies: 8
Views: 1026

Re: Poor quality of bundled manuals

CSR? CRS is not like CCR ... Manuals should reflect the physical model differences and contain the basic safety information. I'm kind of disappointed because whereas there's available RouterOS documentation which pretty much covers any aspect of software side I feel strong lack of corresponding doc...
by lapsio
Fri Jan 27, 2017 11:00 pm
Forum: RouterBOARD hardware
Topic: Poor quality of bundled manuals
Replies: 8
Views: 1026

Poor quality of bundled manuals

Hello I'd just like to point out that CCR manual mentions 192.168.88.1 as default IP on port Ether1 whereas irl there's no IP assigned to any port out of box / after factory reset and I had to assign it using touchscreen. I'm not sure if it's just my hardware but I've noticed the same thing about RB...
by lapsio
Thu Jan 26, 2017 3:34 pm
Forum: RouterBOARD hardware
Topic: How to remove MikroTik 1m DAC cable? [SOLVED]
Replies: 2
Views: 741

Re: How to remove MikroTik 1m DAC cable? [SOLVED]

Thanks it worked :)
by lapsio
Thu Jan 26, 2017 4:50 am
Forum: RouterBOARD hardware
Topic: How to remove MikroTik 1m DAC cable? [SOLVED]
Replies: 2
Views: 741

How to remove MikroTik 1m DAC cable? [SOLVED]

Hi I installed 1m DAC between RB2011 and CCR1009. It clicked and now I don't know how to pull it out. I tried dragging this black latch but it doesn't seem to work and latch looks quite fragile I don't want to damage it. I found some instructions about 40G qsfp modules that you should push cable and...
by lapsio
Thu Jan 26, 2017 2:54 am
Forum: RouterBOARD hardware
Topic: Which switch with CCR1016-12G?
Replies: 17
Views: 1984

Re: Which switch with CCR1016-12G?

Finally we got Mikrotik RB/CCR1016-12G (router) TP-LINK TL-SG1048 (switch) A question. I will connect 2 lines (two ISP) to same router, is it possible? Creating vlan maybe? BTW, I connect switch to port 2 of router (for example), can router see 48 ports switch? Thanks again. Afaik RouterOS doesn't ...
by lapsio
Thu Jan 26, 2017 2:48 am
Forum: Beginner Basics
Topic: How to connect to CCR1009 using RS232?
Replies: 1
Views: 701

How to connect to CCR1009 using RS232?

Hi, CC1009-PC just arrived and providing it has RS232 port and I happen to have RS232 port in PC and RS232 cable I'd like to configure router using RS232 instead of ssh/web/winbox. So I connected cable aaaand I think it doesn't work. I never really used serial port in Linux before. I tried to connec...
by lapsio
Sat Jan 21, 2017 2:14 am
Forum: RouterBOARD hardware
Topic: Which switch with CCR1016-12G?
Replies: 17
Views: 1984

Re: Which switch with CCR1016-12G?

Maybe CSS326 then? it's using SwOS but it's significantly cheaper. And still provides 10g despite low price.
by lapsio
Wed Jan 18, 2017 2:29 am
Forum: RouterBOARD hardware
Topic: CSS326-24G-2S+RM - with POE
Replies: 7
Views: 5674

Re: CSS326-24G-2S+RM - with POE

The CCS looks more like a "smart" switch, i.e to compete with the lower end other brands "managed" switches - yet the Mikrotik has more features. Interesting that they are continuing with SWOS though. It's still confusing I keep failing to get difference between SwOS and ROS /switch menu in webfig ...
by lapsio
Mon Jan 16, 2017 10:58 pm
Forum: RouterBOARD hardware
Topic: CSS326-24G-2S+RM - with POE
Replies: 7
Views: 5674

Re: CSS326-24G-2S+RM - with POE

What is difference between CRS226 and CCS326? And why CCS is so much cheaper? Is it only about SwOS? Does SwOS offer less than ROS from switch functionality point of view?
by lapsio
Mon Jan 16, 2017 10:36 pm
Forum: RouterBOARD hardware
Topic: RB3011UiAS-RM max internet speed
Replies: 3
Views: 1362

Re: RB3011UiAS-RM max internet speed

That assumes of course your configuration doesn't disable fasttrack. Performance impact from lack of fasttrack is serious (on RB2011 in my case it drops from around 800mbps to barely above 100mbps)
by lapsio
Sun Jan 15, 2017 11:33 pm
Forum: RouterBOARD hardware
Topic: New product : HAP Mini (RB931-2ND)
Replies: 15
Views: 7964

Re: New product : HAP Mini (RB931-2ND)

OOOEEEMGEEE this is the cutest little MikroTik I've ever seen! And I thought mAP lite is already cute. Must have as personal portable mtk router on the go :D
by lapsio
Sun Jan 15, 2017 11:27 pm
Forum: Scripting
Topic: Some Music
Replies: 10
Views: 13962

Re: Some Music

Oh my god... This is exactly what i was looking for as notification sound about detected server failure... MORE :D
by lapsio
Sun Jan 15, 2017 7:02 pm
Forum: Beginner Basics
Topic: What's the reason to use SwOS instead of RouterOS?
Replies: 11
Views: 8108

Re: What's the reason to use SwOS instead of RouterOS?

Just because it's an OS doesn't mean that it can just be installed anywhere, swos can only be installed on rb260/260gsp I thought it's based on Linux kernel like RouterOS. I never saw in my life device not capable of booting Linux as long as arch is supported and there's a way to provide boot image.
by lapsio
Sun Jan 15, 2017 6:36 pm
Forum: Beginner Basics
Topic: What's the reason to use SwOS instead of RouterOS?
Replies: 11
Views: 8108

Re: What's the reason to use SwOS instead of RouterOS?

I think you missing the question and it's a good one. What reason would you have to use swos vs routers (except if you haven't managed to learn the difficult paths of the switch menu). All switching is hardware (or should be) so there is no performance benefit. RouterOs then has all of its built in...
by lapsio
Sun Jan 15, 2017 2:50 pm
Forum: Beginner Basics
Topic: What's the reason to use SwOS instead of RouterOS?
Replies: 11
Views: 8108

Re: What's the reason to use SwOS instead of RouterOS?

Swos is suitable for limited hardware. Lighter than RouterOS so when you have good hardware run RouterOS. Question was related to announced CSR317 which is supposed to support both thus I'm quite confused. It totally doesn't look like "limited hardware" at least not more limited than current CRS se...
by lapsio
Sun Jan 15, 2017 2:40 pm
Forum: Beginner Basics
Topic: What's the reason to use SwOS instead of RouterOS?
Replies: 11
Views: 8108

What's the reason to use SwOS instead of RouterOS?

Is there any reason to use SwOS instead of RouterOS on devices that support both? As in - does SwOS provide any feature ROS doesn't?
by lapsio
Sat Jan 14, 2017 12:51 pm
Forum: RouterBOARD hardware
Topic: What is exactly direct attach cable?... Does it contain SFP+ interface?
Replies: 15
Views: 2673

Re: What is exactly direct attach cable?... Does it contain SFP+ interface?

... Is it okay? I tried looking for 850nm but most shops don't mention wavelength so I'm a bit confused. It's ok for S+85DLC03D but why don't you use the DAC ? I must say It was quite disappointing to hear that DAC is copper :< Because I really wanted to use optical interface for the first time in ...
by lapsio
Fri Jan 13, 2017 5:11 pm
Forum: RouterBOARD hardware
Topic: What is exactly direct attach cable?... Does it contain SFP+ interface?
Replies: 15
Views: 2673

Re: What is exactly direct attach cable?... Does it contain SFP+ interface?

Sorry, I tried really hard to not ask "lazy questions" but I'm googling for hours, reading dozens of optical patchcords guides and I still have no idea which parameters of cable matter. For now I know that I need: LC-LC multi mode duplex Patchcord, possibly good quality (OM2/3 means good right?). Is...
by lapsio
Fri Jan 13, 2017 10:19 am
Forum: RouterBOARD hardware
Topic: What is exactly direct attach cable?... Does it contain SFP+ interface?
Replies: 15
Views: 2673

Re: What is exactly direct attach cable?... Does it contain SFP+ interface?

To make it explicit: DAC cable is not optical cable, but copper cable.
:o

Is S+85DLC03D faster then (lower latency)? Or it makes no difference on such short distance? Or higher latency because of optical signal generation overhead?
by lapsio
Fri Jan 13, 2017 4:47 am
Forum: RouterBOARD hardware
Topic: What is exactly direct attach cable?... Does it contain SFP+ interface?
Replies: 15
Views: 2673

Re: What is exactly direct attach cable?... Does it contain SFP+ interface?

I think it would be nice if MTK would explicitly mention that package includes SFP+ interfaces. At least in brochure or somewhere deeper. I mean well I know I could be more careful with shopping but still for people new in this topic it's not that obvious and photos usually show products with some a...
by lapsio
Thu Jan 12, 2017 8:46 pm
Forum: RouterBOARD hardware
Topic: What is exactly direct attach cable?... Does it contain SFP+ interface?
Replies: 15
Views: 2673

What is exactly direct attach cable?... Does it contain SFP+ interface?

Hello I ordered CCR1009 and I'm planning to connect it to CSR using 10g SFP+. So I also ordered 2x S+85DLC03D and 1m direct attach sfp+ cable. Because well I thought it's CABLE I can plug into those S+85DLC03D as name says. But... I see that there's 1m/3m DAC on SFP comparibility list and... I think...
by lapsio
Thu Jan 12, 2017 7:06 pm
Forum: RouterBOARD hardware
Topic: CCR1009-PC how it handles overheating?
Replies: 7
Views: 1606

CCR1009-PC how it handles overheating?

Hello I have some questions regarding cooling of CCR1009 in PC variant. It's relatively powerful device, passively cooled unlike rackmoount version and also has a bit downclocked CPU. Passive cooling is quite static from hardware point of view as there's no equivalent of increasing fan rpm, so here ...
by lapsio
Thu Jan 12, 2017 4:21 pm
Forum: General
Topic: Raw Accept vs IP Firewall FastTrack, which one is faster and light weight?
Replies: 7
Views: 2246

Re: Raw Accept vs IP Firewall FastTrack, which one is faster and light weight?

fastest way to get packet through - FASTPATH if you need connection tracking (NAT in most cases) , and nothing else - FASTTRACK. If you need to use other features, but some traffic doesn't require connection tracking - RAW table Can I use FASTPATH on RouterOS? Edit: nvm found it. There's quite a lo...
by lapsio
Wed Jan 11, 2017 10:36 pm
Forum: General
Topic: Raw Accept vs IP Firewall FastTrack, which one is faster and light weight?
Replies: 7
Views: 2246

Re: Raw Accept vs IP Firewall FastTrack, which one is faster and light weight?

JFYI: accept action in raw table does not mean to bypass all others. Oh. So action accept in RAW just ends packet processing in RAW table? I thought it maybe stops all tables processing as in skips NAT, filtering, mangling etc. In case it doesn't i guess it makes sense how those 2 things can't be u...
by lapsio
Wed Jan 11, 2017 5:45 pm
Forum: General
Topic: Raw Accept vs IP Firewall FastTrack, which one is faster and light weight?
Replies: 7
Views: 2246

Re: Raw Accept vs IP Firewall FastTrack, which one is faster and light weight?

as you know raw is feature to drop packets before connection tracking it means that we can drop packets before the packets process by router. fast track (FastPath+contrack=fasttrack) actually usage of fast track and raw dependence based on scenario and solution.(fast track use mange facility and wo...
by lapsio
Mon Jan 09, 2017 8:30 pm
Forum: RouterBOARD hardware
Topic: CRS317-1G-16S+RM MPLS Support
Replies: 53
Views: 14170

Re: CRS317-1G-16S+RM MPLS Support

So it seems from the looks of it on the back we see a heatsink. Does that mean that this switch will be fully fanless? Or will it have a fan on the inside? I think this heatsink looks exactly the same as one in CCR1009-PC so my blind guess is that it's passive because this heatsink internally looks...
by lapsio
Mon Jan 09, 2017 7:46 pm
Forum: Scripting
Topic: swap 2 interfaces in whole config
Replies: 1
Views: 338

swap 2 interfaces in whole config

Hi I'm using RB2011 as terminal router and I made terrible mistake of using gigabit interface for WAN even though it's only 60/6 DSL. All other 4 gigabit ports are used for machines capable of producing gigabit traffic. Now one gigabit socket got physically damaged and doesn't work so I need 1 more ...
by lapsio
Sat Jan 07, 2017 10:26 am
Forum: General
Topic: winbox for ubuntu
Replies: 37
Views: 35556

Re: winbox for ubuntu

I'm still at a loss as to why using WINE to run Winbox is such an issue? Why not implore devs to do something useful rather than create functionality we already have? Idk, have you ever read "Why it's bad idea to install X in production environment"? or "Why it's bad idea to install gcc in producti...
by lapsio
Fri Jan 06, 2017 11:51 am
Forum: General
Topic: winbox for ubuntu
Replies: 37
Views: 35556

Re: winbox for ubuntu

I'm still at a loss as to why using WINE to run Winbox is such an issue? Why not implore devs to do something useful rather than create functionality we already have? Idk, have you ever read "Why it's bad idea to install X in production environment"? or "Why it's bad idea to install gcc in producti...
by lapsio
Mon Dec 19, 2016 8:22 pm
Forum: RouterBOARD hardware
Topic: New CCR1009-7G-1C-1S+PC ?
Replies: 5
Views: 3392

Re: New CCR1009-7G-1C-1S+PC ?

I wanted to order it but it was available for literally 2 days and now It's out of stock again... Was it like pilot series to check if it sells well and real supplies are still to come or we need to wait another 3 months till it's gonna be available again?
by lapsio
Mon Dec 19, 2016 2:12 pm
Forum: General
Topic: V7 ALPHA/BETA Testers needed?
Replies: 45
Views: 10614

Re: V7 ALPHA/BETA Testers needed?

You obviously didn't get what I am talking about... I am not moaning here that I so desperately want v7 and they should release an unfinished anything - I am ok with v6 and its features but what I don't like is how the way how the whole v7 thing is being communicated. Mikrotik should give some offi...
by lapsio
Sun Dec 18, 2016 6:06 pm
Forum: General
Topic: winbox for ubuntu
Replies: 37
Views: 35556

Re: winbox for ubuntu

I am waiting for a snap rather than a deb or rpm.
We can have .tar.gz because I don't see any reason why should it be packaged for deb, for rpm, for slax, for arch, for gentoo, for slackware, for whatever the hell you use...
by lapsio
Sun Dec 18, 2016 5:51 pm
Forum: Beginner Basics
Topic: Mikrotik hap lite - hardware sufficient for me?
Replies: 7
Views: 1432

Re: Mikrotik hap lite - hardware sufficient for me?

I'm using 2 hAPs lite and RB2011 and biggest problem with hAP lite is 10/100 ethernet. I mean when you're using this device in LAN for lets say transferring data through Samba shares or NFS, sshfs, ftp, whatev you'll be seriously bottlenecked by 10/100 socket. It's around 8-10MB/s realistically. Whe...
by lapsio
Sun Dec 18, 2016 5:36 pm
Forum: General
Topic: V7 ALPHA/BETA Testers needed?
Replies: 45
Views: 10614

Re: V7 ALPHA/BETA Testers needed?

Forum section says "RouterOS v6 RC and v7 BETA". But apart from this thread I don't see anything about v7 nor any download links or something. So is there actually any v7 BETA or it's just misleading forum section name that probably should be changed in order to avoid misunderstanding?
by lapsio
Sat Dec 17, 2016 8:28 pm
Forum: General
Topic: winbox for ubuntu
Replies: 37
Views: 35556

Re: winbox for ubuntu

Ideally winbox should be written in Java, let say using swing as GUI, or even much better newly created technology JavaFX You mean like now Linux users complain about WINE as huge "useless" dependency, with Java WinBox everyone could join the party and complain the same way about Java? Yep, sounds ...
by lapsio
Sat Dec 17, 2016 6:48 pm
Forum: General
Topic: Feature request: Port-based VLAN for routers with switch-chip
Replies: 14
Views: 2308

Re: Feature request: Port-based VLAN for routers with switch-chip

In fact I guess MTK switches don't support it either.

https://community.hpe.com/t5/Switches-H ... -p/3652542

Here you can find some guy trying to do that on HP switch and it didn't work as expected.
by lapsio
Sat Dec 17, 2016 6:26 pm
Forum: General
Topic: Feature request: Port-based VLAN for routers with switch-chip
Replies: 14
Views: 2308

Re: Feature request: Port-based VLAN for routers with switch-chip

So packets incoming to port 3 or 4 should be assigned to... which VLAN? Because I'm afraid packet can be assigned only to 1 VLAN. I think i see what you mean now by port-based VLANs and why you see it as something different from internal tagged vlans. I don't know if it always works like this but in...
by lapsio
Sat Dec 17, 2016 5:37 pm
Forum: General
Topic: Feature request: Port-based VLAN for routers with switch-chip
Replies: 14
Views: 2308

Re: Feature request: Port-based VLAN for routers with switch-chip

read first post link ("Port-based VLAN Overview" from page 151) currently routers with switch-chip cannot do this. I saw it they can. It's what I just posted. If you really need those "names"/IDs for whatever reason (as they're completely useless if you don't export VLANs outside of switch) you can...
by lapsio
Sat Dec 17, 2016 4:42 pm
Forum: General
Topic: Feature request: Port-based VLAN for routers with switch-chip
Replies: 14
Views: 2308

Re: Feature request: Port-based VLAN for routers with switch-chip

I'm not sure if I get what you want but afaik ROS supports VLANs on switch chip level. No, currently routers with switch-chip can only Tagged Vlan (802.1Q). My suggestion about port-based Vlan. It two absolutely different types of Vlan. There are 2 types of VLANs: port based and MAC based. and both...
by lapsio
Sat Dec 17, 2016 3:43 am
Forum: General
Topic: Feature request: Port-based VLAN for routers with switch-chip
Replies: 14
Views: 2308

Re: Feature request: Port-based VLAN for routers with switch-chip

Configuration is a bit complex comparing to average ROS complexity ... And WTF?! level complex compared to usual managed switch, but maybe it's just me. ;) I meant that CLI for switch level VLANs in ROS feels goofy af. Especially in comparison with interface level VLANs config. And it's not just me...
by lapsio
Sat Dec 17, 2016 1:18 am
Forum: General
Topic: Feature request: Port-based VLAN for routers with switch-chip
Replies: 14
Views: 2308

Re: Feature request: Port-based VLAN for routers with switch-chip

I'm not sure if I get what you want but afaik ROS supports VLANs on switch chip level. I'm even using it lol. You can find info on CRS page how to set this up but all those settings (or at least most of them) are available on my RB2011 so i guess it's available everywhere where you have switch chip....
by lapsio
Sat Dec 17, 2016 12:40 am
Forum: General
Topic: WebFig login failed for user admin at every page reload
Replies: 0
Views: 435

WebFig login failed for user admin at every page reload

Hello I'm not sure if it's bug or I'm doing something wrong but it annoys me for quite a long time already. I have set up mail notifications for errors on router. And every single time I even open webfig or hit f5 to reload some counters my mailbox is getting spammed with "login failure for user adm...
by lapsio
Sat Dec 17, 2016 12:18 am
Forum: RouterBOARD hardware
Topic: CCR1009 single TCP connection performance (without fasttrack)
Replies: 0
Views: 465

CCR1009 single TCP connection performance (without fasttrack)

Hello I'm about to order that new CCR1009-PC but i guess performance-wise it's gonna be similar to old version so if anyone knows answer for old CCR1009-PC please share. What is single TCP connection performance without fasttrack? No fasttrack, software bridging, firewall between bridge ports, some ...
by lapsio
Tue Oct 18, 2016 10:18 pm
Forum: General
Topic: how block connection of p2p?
Replies: 291
Views: 153677

Re: how block connection of p2p?

I tried to combine rules mentioned here with some others I found around the internet as follows: add action=jump chain=to-wan comment=fishy jump-target=fishy add action=drop chain=fishy connection-mark=p2p add action=drop chain=fishy p2p=all-p2p add action=drop chain=fishy layer7-protocol=torrentsit...
by lapsio
Fri Sep 23, 2016 8:13 pm
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+PC availability problem
Replies: 5
Views: 845

Re: CCR1009-8G-1S-1S+PC availability problem

I have one more question regarding 1009 then. As actual 10G is kind of expensive (I mean NICs) I'll be probably using 4x 1G bonding instead but it's "port expensive" solution. I see that CRS226-24G-2S+IN (I believe demand was really low) is EOL so there are 2 expansion options - RM version (luckily ...
by lapsio
Fri Sep 23, 2016 7:29 pm
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+PC availability problem
Replies: 5
Views: 845

Re: CCR1009-8G-1S-1S+PC availability problem

Lol. Is it? :D I mean i don't know it sounds a bit funny considering at least to me it looks like kind of total overkill home router because in enterprise RM version is probably better choice. So it's a bit surprising that such really specific router is that popular. Maybe because it's one of a kind...
by lapsio
Fri Sep 23, 2016 12:17 am
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+PC availability problem
Replies: 5
Views: 845

CCR1009-8G-1S-1S+PC availability problem

I can't seem to find CCR1009-8G-1S-1S+PC anywhere in Poland. Literally all shops have "out of stock" or "temporarily unavailable" or "ask for availability" status. Is there any external reason for that? Is this product discontinued? Or super ultra popular? Or it's such specific and not popular produ...
by lapsio
Fri Jun 24, 2016 1:40 am
Forum: Wireless Networking
Topic: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)
Replies: 14
Views: 1787

Re: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)

Well... it'd be just too easy if everything worked out of box :/ On my old laptop everything works flawlessly. On new one. Nope. Card is not even detected by lspci like there would be nothing in pcie port at all... It's not MTK fault ofc as card clearly works, it even clearly works under linux just ...
by lapsio
Tue Jun 21, 2016 5:14 pm
Forum: Wireless Networking
Topic: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)
Replies: 14
Views: 1787

Re: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)

It's also visible in pings: 64 bytes from rb (192.168.1.1): icmp_seq=17 ttl=64 time=3.16 ms 64 bytes from rb (192.168.1.1): icmp_seq=18 ttl=64 time=5.05 ms 64 bytes from rb (192.168.1.1): icmp_seq=19 ttl=64 time=6.99 ms 64 bytes from rb (192.168.1.1): icmp_seq=20 ttl=64 time=3.10 ms 64 bytes from rb...
by lapsio
Tue Jun 21, 2016 5:09 pm
Forum: Wireless Networking
Topic: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)
Replies: 14
Views: 1787

Re: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)

I used cable to reduce fluctuations as much as I can. Because when using end to end cable connection for laptop audio doesn't "choke" and everything works perfectly. When using wifi: https://dl.dropboxusercontent.com/u/44131220/undeletable/s194.png Those fluctuations marked by arrows result in audib...
by lapsio
Tue Jun 21, 2016 4:49 pm
Forum: Wireless Networking
Topic: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)
Replies: 14
Views: 1787

Re: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)

maybe consider attaching a mAP lite to the laptop, this will improve the range much more :)  But... I already did this :D. I also listed issues of such solution in my previous post.    But yeah despite those few issues mAP is super nice device I always keep it in backpack just in case I'd need some...
by lapsio
Tue Jun 21, 2016 4:31 pm
Forum: Wireless Networking
Topic: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)
Replies: 14
Views: 1787

Re: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)

Seems that the problem is the antenna in your laptop. Isn't it easier to change laptop than drill hole for overpowerd WiFI card ? Afaik all laptops have quite crappy antennas. Plus cost of OP MTK wifi card - 40$. Cost of new laptop that meets my requirements - 1.5k$. I heard negative gain is standa...
by lapsio
Tue Jun 21, 2016 3:32 pm
Forum: Wireless Networking
Topic: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)
Replies: 14
Views: 1787

Re: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)

I'm wondering what you are trying to achieve putting that much wireless power into the laptop ... Well my current wifi card is some Intel Centrino N with enormous max output power 15dBm (if we consider crappy laptop antenna with negative gain it'll be probably like 11 dBm). In fact it usually feels...
by lapsio
Mon Jun 20, 2016 9:26 pm
Forum: Wireless Networking
Topic: Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)
Replies: 14
Views: 1787

Is 800mW vs 1000mW output power big difference? (R11e-5HnD vs R11e-5HPnD)

Hello. I'm planning to get wifi card for laptop from MTK and I can't decide between R11e-5HnD and R11e-5HPnD. Afaik all those mPCI-e cards are supported under linux by ath9k module so OS support sounds ok. The difference between them is 200mW output power, connectors and heatsink. While I'm already ...
by lapsio
Fri May 13, 2016 1:27 pm
Forum: Wireless Networking
Topic: How to filter wifi traffic between AP stations on firewall? [SOLVED]
Replies: 6
Views: 1079

Re: [SOLVED]

Not tried so just an idea: Disable default forward on wlan. Force tag each client by his own vlan. Bridge all those vlans together with uplink and set up the firewall on that bridge. I'm afraid that disabled forward sends packets to void. In fact making router capture those packets to local network...
by lapsio
Thu May 12, 2016 11:41 pm
Forum: Beginner Basics
Topic: What's the difference between EoIP, L2TP?
Replies: 4
Views: 2898

Re: What's the difference between EoIP, L2TP?

Why bridging 2 networks is bad plan? I mean well yeah it is kind of bad plan if it's like over an internet because you could easily hog link, but if there's relatively high speed link between them then well why not? Also I have IP firewall on bridge enabled, configured to consider traffic between br...
by lapsio
Thu May 12, 2016 6:10 pm
Forum: Beginner Basics
Topic: What's the difference between EoIP, L2TP?
Replies: 4
Views: 2898

What's the difference between EoIP, L2TP?

L2TP is Layer 2 tunneling protocol. EoIP is ethernet over IP. L2TP also works over IP. Ethernet is Layer 2. So according to name it's the same. Both support IPSec encryption in MT, so... What's the difference basically? I'm talking from site-to-site bridging perspective. Lets say I have 2 sites and ...
by lapsio
Tue May 10, 2016 7:53 pm
Forum: Wireless Networking
Topic: How to filter wifi traffic between AP stations on firewall? [SOLVED]
Replies: 6
Views: 1079

How to filter wifi traffic between AP stations on firewall? [SOLVED]

I'd like MT to filter AP traffic between stations just like /interface bridge is able to use IP firewall to controll traffic between bridge ports. How to do that? I tried to disable default-forwarding and enable ARP-proxy as this seemed to be some reasonable idea but it didn't work, router didn't wa...
by lapsio
Sat Apr 30, 2016 6:28 pm
Forum: Beginner Basics
Topic: Suspicious logs in firewall. How to properly react to such incident?
Replies: 3
Views: 750

Re: Suspicious logs in firewall. How to properly react to such incident?

So I made scripts watching network activity on machines using netstat. Set up RB2011 to forward logs copy to remote logs server and took dedicated machine for this task Now I'm reconfiguring fw to make it really strict for all internal activity but I faced one issue: I was going to create validIP ad...
by lapsio
Wed Apr 27, 2016 1:14 am
Forum: Beginner Basics
Topic: Suspicious logs in firewall. How to properly react to such incident?
Replies: 3
Views: 750

Suspicious logs in firewall. How to properly react to such incident?

Hello. I've noticed some weird unexpected traffic in MT firewall logs: 192.168.2.4:47306->192.168.0.6:57274, len 60 192.168.2.4:39230->192.168.0.101:12394, len 60 192.168.2.4:35307->192.168.0.16:24874, len 60 192.168.2.4:48951->192.168.0.5:39748, len 60 192.168.1.3:50595->192.168.0.101:7611, len 60 ...
by lapsio
Mon Apr 18, 2016 11:23 pm
Forum: Beginner Basics
Topic: Why WebProxy requests don't hit dst-nat ?
Replies: 10
Views: 1252

Re: Why WebProxy requests don't hit dst-nat ?

Oh yeah, it is possible thanks a lot, it works :) wubz.bestponyf.ml action=deny, redirect-to=nuc.bestponyf.ml:8180 A bit glitchy because paths are not preserved so any path redirects just to root and url in browser is not preserved as well but if i'd be looking for perfect solution I'd probably use ...
by lapsio
Mon Apr 18, 2016 11:18 pm
Forum: Beginner Basics
Topic: Why WebProxy requests don't hit dst-nat ?
Replies: 10
Views: 1252

Re: Why WebProxy requests don't hit dst-nat ?

For any host that requires a "portmap" you could try setting up a deny rule in the proxy access table, but one that redirects to the same URL:8010 where you have a regular direct NAT pinhole from the outside..... I'm not sure if I understand this part. You say that I should deny "wubz.bestponyf.ml"...
by lapsio
Mon Apr 18, 2016 10:46 pm
Forum: Beginner Basics
Topic: Why WebProxy requests don't hit dst-nat ?
Replies: 10
Views: 1252

Re: Why WebProxy requests don't hit dst-nat ?

You could set up the WEB proxy feature But i DO use web proxy ._. I'm not sure if my explanation was too chaotic but I even gave link to tutorial explaining how to set up hostname based routing using web proxy. My actual problem is that whereas it does work with routing between PCs (i have suse.bes...
by lapsio
Mon Apr 18, 2016 10:03 pm
Forum: Beginner Basics
Topic: Why WebProxy requests don't hit dst-nat ?
Replies: 10
Views: 1252

Re: Why WebProxy requests don't hit dst-nat ?

Out of curiosity - do the client devices use the Mikrotik as their DNS server? If not, then they're just not getting the right IP address. Open a command prompt on a client machine and try to ping something by name - e.g. ping wubz.bestponyf.ml and see what IP address it resolves to. Either assign ...
by lapsio
Mon Apr 18, 2016 8:54 pm
Forum: Beginner Basics
Topic: Why WebProxy requests don't hit dst-nat ?
Replies: 10
Views: 1252

Re: Why WebProxy requests don't hit dst-nat ?

Add addresses as in - add as router IPs? in /ip addresses? EDIT: So now i have: add address=192.168.2.4 name=nuc.bestponyf.ml add address=192.168.10.80 name=wubz.bestponyf.ml add address=192.168.10.90 name=recordings.bestponyf.ml add address=192.168.0.2/24 interface=ether1-gateway network=192.168.0....
by lapsio
Mon Apr 18, 2016 8:02 pm
Forum: Beginner Basics
Topic: Why WebProxy requests don't hit dst-nat ?
Replies: 10
Views: 1252

Why WebProxy requests don't hit dst-nat ?

I followed this article: http://wiki.mikrotik.com/wiki/Multiple_Web_Servers And redirection between physical machines works fine. However I'm also running multiple servers on single machine. I know I could use some nginx or other server side software but I think it should be possible to accomplish t...
by lapsio
Fri Apr 15, 2016 2:49 pm
Forum: Beginner Basics
Topic: RB2011+hAP stable, low bandwidth wifi - how to?
Replies: 4
Views: 978

Re: RB2011 stable, low bandwidth wifi - how to?

I'd like to bump this thread because I've bought second mikrotik for second room and it didn't help much... In matter of fact it's kind of terrible. At least on hAP it's pretty terrible. I'm getting even 70/80 Tx/Rx dBm on the distance of like... 2m in straight line from router: https://dl.dropboxus...
by lapsio
Wed Apr 13, 2016 1:13 am
Forum: RouterBOARD hardware
Topic: Why people pair UBNT APs with MikroTik routers?
Replies: 55
Views: 29923

Re: Why people pair UBNT APs with MikroTik routers?

the other reason is cost. Mikrotik outdoor APs are more expensive than ubiquiti's but at the very least all mikrotik hardware run the same OS whereas ubiquiti's products sometimes have a software flaw or some flaw that doesnt make them great for some situations. Is it? I mean, maybe I'm comparing w...
by lapsio
Mon Apr 11, 2016 5:05 am
Forum: RouterBOARD hardware
Topic: Why people pair UBNT APs with MikroTik routers?
Replies: 55
Views: 29923

Re: Why people pair UBNT APs with MikroTik routers?

Indoor APs. Unifi precisely. I found plenty of recommendations. But wasn't eg. RB951 competitive? I mean well there are and were plenty of decent wireless hardware offered by MT including beefy RB2011. So I'm not really sure why now hAP AC is competitive but back then in lets say 2012 there was noth...
by lapsio
Mon Apr 11, 2016 2:27 am
Forum: RouterBOARD hardware
Topic: Why people pair UBNT APs with MikroTik routers?
Replies: 55
Views: 29923

Re: Why people pair UBNT APs with MikroTik routers?

Oh that makes sense. Thanks.
by lapsio
Mon Apr 11, 2016 12:07 am
Forum: RouterBOARD hardware
Topic: Why people pair UBNT APs with MikroTik routers?
Replies: 55
Views: 29923

Why people pair UBNT APs with MikroTik routers?

I found plenty of recommendations in the internet to "buy MikroTik router and few UBNT APs". Why is that? Is it some super nice couple that works great or MT doesn't have equivalent product to ubnt? Or Unifi APs are somehow super awesome, better than ones MT offers? I probably would try to keep sing...
by lapsio
Sun Apr 10, 2016 8:54 pm
Forum: Beginner Basics
Topic: simple queue total bytes not save when power off
Replies: 4
Views: 750

Re: simple queue total bytes not save when power off

I'll join this topic. In general it'd be nice to have an option to preserve counters after reboot. For firewall, queues and everything. It's not that much data to store at shutdown after all.
by lapsio
Sun Apr 10, 2016 2:50 pm
Forum: General
Topic: FastTrack security implications
Replies: 4
Views: 1707

Re: FastTrack security implications

I'm also a bit worried about this whole bypassing thing. I mean okay - lets say I have super fast links between some segments of internal network so I don't need QoS there at all, I need QoS only on internet traffic. There's NAT from outside but inside ofc not and I have plenty of networks with vari...
by lapsio
Fri Apr 08, 2016 9:00 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

Re: bridging multiple networks between routers using single link

... Okay i guess i got what you're talking about. You mean that i don't actually need vlan interfaces on hAP i could just switch all interfaces on L2 level and set vlan mode on VAPs, so that they would "catch" only their packages from trunk and put properly marked packages into trunk. But well i'd ...
by lapsio
Fri Apr 08, 2016 8:42 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

Re: bridging multiple networks between routers using single link

... created wlan10, vlan mode "use tag" 100 vlan10 id 100 from wlan10 router ip .10.2/24, phone .9 static works and actually requires "use tag" on vwlan (after vlan mode disabled phone can't reach router). But torch still doesn't show vlan id when listening to vlan10. @ZeroByte So current config ac...
by lapsio
Fri Apr 08, 2016 8:04 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

Re: bridging multiple networks between routers using single link

... This is because the wlan1 interface itself carries all of the wlans, tagged or not, so when you connect the physical interface to br-main, then the devices on any of those vaps will have their traffic possibly leak onto br-main. Well I thought that's exactly what VLAN mode is supposed to protec...
by lapsio
Fri Apr 08, 2016 7:57 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

Re: bridging multiple networks between routers using single link

I'm starting to think that VLAN mode isn't really what i thought it is? I've just made plain VAP. Gave it router IP directly -> .4.2 address on wlan4-alt interface. And with VLAN mode "use tag" hAP wasn't able to ping phone using ping tool on hAP. After disabling VLAN mode it was able to do it. So i...
by lapsio
Fri Apr 08, 2016 7:36 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

Re: bridging multiple networks between routers using single link

Which wireless package are you using?
Default:
on hAP it's cm2, on RB it's fp. VAP with vlan mode doesn't work on any router
by lapsio
Fri Apr 08, 2016 7:35 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

Re: bridging multiple networks between routers using single link

As I said with vlan mode "use tag" I can't ping gw. I can't ping even router itself from connected device. It doesn't get any responses. Torch shows empty "VLAN Id" field on packets arriving through VLAN interfaces and trunk port, however as I said Torch shows only valid network packages when listen...
by lapsio
Fri Apr 08, 2016 7:30 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

Re: bridging multiple networks between routers using single link

Just in case It'd matter here's export from RB: /interface bridge add name=br-alt add mtu=1500 name=br-extern add mtu=1500 name=br-main add name=br-public /interface ethernet set [ find default-name=ether1 ] name=ether1-gateway set [ find default-name=ether2 ] l2mtu=4074 name=ether2-master-local set...
by lapsio
Fri Apr 08, 2016 7:09 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

Re: bridging multiple networks between routers using single link

... That's pretty much what I'm doing. The problem is VLAN mode doesn't work on VAP interfaces. Yes - bridges with vlan interfaces work properly, as in br-main shows only traffic from .1.0/24, br-alt only from .4.0/24 transferred through trunk (vlan1 and vlan4 respectively) in torch so I think this...
by lapsio
Fri Apr 08, 2016 6:41 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

Re: bridging multiple networks between routers using single link

Torch doesn't show any VLAN Id. Anywhere, on any interface tbh (neither on vlan interfaces nor trunk port) /interface bridge add name=br-alt add name=br-extern add name=br-main add name=br-public /interface ethernet set [ find default-name=ether1 ] l2mtu=2028 name=ether1-gateway set [ find default-n...
by lapsio
Fri Apr 08, 2016 2:26 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

Re: bridging multiple networks between routers using single link

If you want the Hap to provide several diferent, isolated SSIDs, you'll need to set up the virtual AP interfaces with VLAN mode use service tag , and set the VLAN id, so that traffic from wireless clients gets tagged on each VirtualAP interface with its respective VID. You can then bridge the Virtu...
by lapsio
Thu Apr 07, 2016 6:51 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

Re: bridging multiple networks between routers using single link

See http://forum.mikrotik.com/viewtopic.php?f=13&t=104929 No it mentions how to bridge 2 wifi networks but that's simplified version of what I need. I know how to bridge 1 network using one link on L2 level or 4 networks over 4 links but what I'm asking about is situation like this: RB2011 networks...
by lapsio
Thu Apr 07, 2016 2:25 pm
Forum: Beginner Basics
Topic: bridging multiple networks between routers using single link
Replies: 24
Views: 2283

bridging multiple networks between routers using single link

Hello. I just installed second router in network to extend infrastructure coverage. My previous network was handled by RB2011 2HnD, almost everything in one place, plus one device in another part of building connected through ethernet over powerline to RB2011 directly. However whereas it was suffici...
by lapsio
Wed Mar 30, 2016 7:52 pm
Forum: RouterBOARD hardware
Topic: hAP lite TC - is antenna mod possible?
Replies: 8
Views: 6851

hAP lite TC - is antenna mod possible?

Hello. Is it possible to disassemble hAP lite TC (relatively easily without destroying whole case because idk it's glued or something) and mod it with custom antenna? I mean, how does this antenna used in hAP lite look like? It's something like pigtail inside the case with some standard connector or...
by lapsio
Sun Mar 27, 2016 4:10 am
Forum: Beginner Basics
Topic: QoS i2p priorities don't seem to work
Replies: 11
Views: 1305

Re: QoS i2p priorities don't seem to work

Now I think it actually works. I've hogged 100% of bandwidth with ssh and my web server was still easily accessible, and ssh transfer was dropping to allow others hit limit-at: 0 name="up" parent=global packet-mark="" limit-at=0 queue=default-huge priority=1 max-limit=5400k burst-limit=0 burst-thres...
by lapsio
Sat Mar 26, 2016 6:49 pm
Forum: Beginner Basics
Topic: QoS i2p priorities don't seem to work
Replies: 11
Views: 1305

Re: QoS i2p priorities don't seem to work

So i can't shape incoming traffic? As in - if I have public wifi I can't limit download bandwidth for it? Only upload? (or at least dropping his download won't actually speed up my download, just slow down his and in fact as it'll probably make him use bandwidth for longer period finally dropping hi...
by lapsio
Sat Mar 26, 2016 4:18 pm
Forum: Beginner Basics
Topic: QoS i2p priorities don't seem to work
Replies: 11
Views: 1305

Re: QoS i2p priorities don't seem to work

No, packets can have only one mark. No need to mark upload/download traffic seperately, QoS will know which queue parent/child matches by its "top" parent (packet flow direction). global its usually used as the parent on the top queue tree queue for download, so that no matter "who" or which interf...
by lapsio
Sat Mar 26, 2016 3:04 pm
Forum: Beginner Basics
Topic: QoS i2p priorities don't seem to work
Replies: 11
Views: 1305

Re: QoS i2p priorities don't seem to work

ooooh... now it makes sense. Can I give multiple marks to single packet and combine them for queue? Because whereas some traffic has priorities valid only in external traffic, some (especially ssl) are rather related to LAN traffic. Or i need to mark internal and external ssl separately? How "global...
by lapsio
Sat Mar 26, 2016 2:43 pm
Forum: Beginner Basics
Topic: QoS i2p priorities don't seem to work
Replies: 11
Views: 1305

Re: QoS i2p priorities don't seem to work

You're setting Max-limit to 4Gbps there... also 1Gbps on spam and www queues. Guess you intended to be max-limit=4M and 1M. It's ssl, super top priority. No i just wanted to set some limit-at and it requires max limit to be set to anything so i just set it to some hilarious value which won't ever l...
by lapsio
Fri Mar 25, 2016 11:34 pm
Forum: Beginner Basics
Topic: QoS i2p priorities don't seem to work
Replies: 11
Views: 1305

QoS i2p priorities don't seem to work

Hello. I have a problem with Queue Tree based QoS. Priorities set in queue tree don't really seem to do the job. I'm running www server at home which is also i2p router (similar thing to Tor). Whereas I'd like i2p to use all "unused" bandwidth, allowing it to use anything above 70% of internet speed...
by lapsio
Wed Mar 23, 2016 3:59 pm
Forum: Beginner Basics
Topic: "voided" factory settings
Replies: 2
Views: 470

"voided" factory settings

Hello. About 2 days ago I've bricked RB2011 by firewall drop all. I bricked it dozen of times at the beginning but typically procedure was simple - factory reset, load backup settings. However this time after reset router remained "bricked". Well i didn't brick it for quite a long time recently, lik...
by lapsio
Tue Mar 22, 2016 5:56 pm
Forum: RouterBOARD hardware
Topic: Why mAP lite is so... loud?
Replies: 5
Views: 1111

Re: Why mAP lite is so... loud?

Funny (not really) I have same issues with $300 priced Uniquity UniFi AP AC (1st gen). I reported this to UBNT support a year ago, and they told me it's "normal". Don't think it is. Just very bad design and components quality. Not only it buzzes but also becomes very hot under load. Now I'm really ...
by lapsio
Mon Mar 21, 2016 10:14 pm
Forum: Beginner Basics
Topic: First time setup firewall
Replies: 23
Views: 7517

Re: First time setup firewall

Thanks for explanation :) And then nothing could access .0 subnet, which does not make sense to me. Why prevent anyone from accessing "faulty, vulnerable ISP router", but allow that router to access all internal networks? Shouldn't it be the other way around, i.e. src-address=192.168.0.0/24? Everyth...
by lapsio
Mon Mar 21, 2016 4:47 pm
Forum: Beginner Basics
Topic: First time setup firewall
Replies: 23
Views: 7517

Re: First time setup firewall

I also never configured firewall on my own before but recently I started to read about fasttrack so I feel that I should understand firewall first. This is my RB2011 config: 0 chain=input action=accept connection-state=established,related 1 chain=input action=accept protocol=icmp 2 chain=input actio...
by lapsio
Sun Mar 20, 2016 7:48 pm
Forum: Beginner Basics
Topic: Do disabled firewall / NAT rules affect performance?
Replies: 2
Views: 582

Do disabled firewall / NAT rules affect performance?

Like in question. Do disabled entries in NAT / firewall filter and other lists affect performance? I have plenty of disabled firewall rules which were default or used in previous setup "just in case" and I'm not sure if they don't slow things down.
by lapsio
Sun Mar 20, 2016 5:39 pm
Forum: RouterBOARD hardware
Topic: Why mAP lite is so... loud?
Replies: 5
Views: 1111

Why mAP lite is so... loud?

I've recently bought mAP lite to use as station for laptop and I've noticed that it's quite... loud. Does it have active cooling? Considering compact size it sounds kind of unlikely. It makes me really curious what is responsible for this noise - fan? microdrive? radio? I have totally no idea. It's ...
by lapsio
Sat Mar 19, 2016 2:08 am
Forum: RouterBOARD hardware
Topic: Some sincere thoughts about Mikrotik hardware...
Replies: 34
Views: 4090

Re: Some sincere thoughts about Mikrotik hardware...

Just to clarify 68MB = 544 Megabits or Mb Also, are you using the highest L2/L3 MTU possible on the LAN segment? It makes a big difference and if you're only using 1500 bytes, that's probably why you're stuck at half of a gig. You can raise the MTU on the LAN segment for higher LAN speeds and still...
by lapsio
Sat Mar 19, 2016 1:05 am
Forum: RouterBOARD hardware
Topic: Some sincere thoughts about Mikrotik hardware...
Replies: 34
Views: 4090

Re: Some sincere thoughts about Mikrotik hardware...

Well I also have problem with maxing out CPU in RB2011 below gigabit - around 68 MB/s, something like that - during NAS access and it's quite meh but on the other hand... I don't think it's that bad for 120$ swiss-knife router+wifi+10/100 switch+everything with touch screen, sfp usb, super-duper OS....
by lapsio
Sat Mar 19, 2016 12:33 am
Forum: RouterBOARD hardware
Topic: hAP lite vs hAP lite classic
Replies: 2
Views: 3398

hAP lite vs hAP lite classic

Woohoo! That feel when you enter routerboard.com and there's NEW STUFF from MikroTik and you feel like child in candies shop :lol: Then I found it's rebooted old stuff tho but still... So today I've noticed new RB - hAP lite classic. As I wanted to add hAP lite to my MT collection this week, new opt...
by lapsio
Mon Mar 14, 2016 9:47 pm
Forum: Wireless Networking
Topic: Consumer XXX gigabit routers vs MikroTik how do they compare?
Replies: 5
Views: 5361

Re: Consumer XXX gigabit routers vs MikroTik how do they compare?

Search for 'router vulnerability'. :lol: Okay so lets say OpenWRT. Or even if not then OVPN directly to mikrotik, after all I'm using usb powered mAP lite as wireless card for laptop because Intel had too weak signal to achieve desired stability. This question is strictly hardware related. I'm inte...
by lapsio
Mon Mar 14, 2016 7:49 pm
Forum: Wireless Networking
Topic: Consumer XXX gigabit routers vs MikroTik how do they compare?
Replies: 5
Views: 5361

Consumer XXX gigabit routers vs MikroTik how do they compare?

Hi. I'm using RB2011 with wifi for quite a long time and I'm really satisfied, but recently I've noticed that there's a lot of noise around those "super gaming gigabit whatnot" routers which look like 8 legged spiders (Asus RT-AC88U, RT-AC5300 or D-Link AC5300). And whereas yeah i know it's consumer...
by lapsio
Wed Feb 24, 2016 8:14 pm
Forum: Beginner Basics
Topic: RB2011+hAP stable, low bandwidth wifi - how to?
Replies: 4
Views: 978

Re: RB2011 stable, low bandwidth wifi - how to?

For music I could indeed use protocol with heavy buffering (or even store music on actual playback server which is already done, alternatively use cable which works fine for all stationary PCs and I'm using it when possible) but I'm passing through all audio in general, not just music, I'm using rem...
by lapsio
Wed Feb 24, 2016 5:46 pm
Forum: Beginner Basics
Topic: RB2011+hAP stable, low bandwidth wifi - how to?
Replies: 4
Views: 978

RB2011+hAP stable, low bandwidth wifi - how to?

Hello. I need to use wifi for PCM audio transport in home (flat), short distance without obstacles ~3m. It seems to require stable 350kbps which doesn't really sound like high requirement. I don't need any higher bandwidth. Constant transfer is what's more important to me. Any drop below this value ...
  • 1
  • 2