Community discussions

Search found 788 matches

  • 1
  • 3
  • 4
  • 5
  • 6
  • 7
  • 16
by mducharme
Tue Oct 02, 2018 6:44 pm
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 25039

Re: v6.42.9 [long-term] is released!

Reading is underrated, as statement to have 2x bridges on the same switch chip on RB2011 seemed too unrealistic, my brain didn't registered that, why the hell would you need setups like this, if you can have it all in one hw bridge/switch and configure port isolation? I do not know why @vortex has ...
by mducharme
Tue Oct 02, 2018 6:26 pm
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 25039

Re: v6.42.9 [long-term] is released!

Wrong What? You are saying on a 2011 with 6.40.x you could have 4 master ports? Two master ports per switch chip? I have never seen this work with a MikroTik SOHO device, they normally only support one master port per switch chip (so 2 master ports on the 2011). And I could similarly have four brid...
by mducharme
Tue Oct 02, 2018 6:12 pm
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 25039

Re: v6.42.9 [long-term] is released!

I have one bridge on the gigabit chip and 2 bridges on the fast chip.
If you have two bridges on one chip it will only be able to hardware accelerate one of those two bridges (this was also the case before, where you could only have one master port per switch chip).
by mducharme
Tue Oct 02, 2018 5:20 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Report "Delegated-IPv6-Prefix" attribute for PPPoE
Replies: 192
Views: 36791

Re: Report "Delegated-IPv6-Prefix" attribute for PPPoE

Looks like it is fixed in the 6.44 beta:

viewtopic.php?f=21&t=139057&start=50#p689985
*) dhcpv6-server - recreate DHCPv6 server binding if it is no longer within prefix pool when rebinding/renewing;
by mducharme
Tue Oct 02, 2018 5:13 pm
Forum: General
Topic: Setting up public IPv6 addresses - best approach
Replies: 5
Views: 450

Re: Setting up public IPv6 addresses - best approach

So, do we tunnel out and if so which tunnel? There is just about zero info out there on IPv6. IPv4 is old hat but, routing v6 is new for me and I am finding getting our presence on the internet a challenge. It is pretty easy actually, just get a free BGP tunnel from Hurricane Electric tunnelbroker ...
by mducharme
Tue Oct 02, 2018 10:44 am
Forum: Beginner Basics
Topic: Help - Traffic not visible in Queue Tree
Replies: 6
Views: 593

Re: Help - Traffic not visible in Queue Tree

Each packet can only have one mark. An additional mark will replace the first mark.
by mducharme
Tue Oct 02, 2018 9:39 am
Forum: RouterOS v6 RC and v7 BETA
Topic: RB750GL 6.38.1 don't upgrading
Replies: 3
Views: 580

Re: RB750GL 6.38.1 don't upgrading

Try an older upgrade first (ex. to 6.40.9), and make sure you have enough free space on the router to upgrade. If the router has too little space it can refuse to upgrade and will leave the files untouched.
by mducharme
Tue Oct 02, 2018 8:29 am
Forum: General
Topic: Setting up public IPv6 addresses - best approach
Replies: 5
Views: 450

Re: Setting up public IPv6 addresses - best approach

Thanks Trema, I will have a look. My advice is don't reserve too little for your internal use. We have a /32 and are an ISP, we have half of that allocated to internal stuff and half allocated to customers. The internal stuff is things like management IPs for radios, servers, internal IPs for staff...
by mducharme
Tue Oct 02, 2018 8:20 am
Forum: Beginner Basics
Topic: RADIUS on Different Subnet
Replies: 5
Views: 601

Re: RADIUS on Different Subnet

Greetings I only added 1 RADIUS Server (10.20.0.65) I added similar configuration from 10.20.0.1 router to the 10.20.2.1 router You misunderstand what I am saying. RADIUS servers normally ignore requests from all routers except those routers that have been defined as NAS units in the RADIUS server ...
by mducharme
Tue Oct 02, 2018 7:14 am
Forum: Beginner Basics
Topic: RADIUS on Different Subnet
Replies: 5
Views: 601

Re: RADIUS on Different Subnet

The RADIUS server generally needs to have the NAS IP configured, you probably added the IP of your first NAS but not the second one. The default for most RADIUS servers is to only reply to requests from known NAS IP's.
by mducharme
Tue Oct 02, 2018 5:34 am
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 25039

Re: v6.42.9 [long-term] is released!

Point is that the old function is binned too soon for industrial/production environments. And auto-convert, even when it works, is just not enough in those cases. In these environments the upgrade requires extensive investments in testing, documentation, re-certification.... In general, what those ...
by mducharme
Tue Oct 02, 2018 3:43 am
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 25039

Re: v6.42.9 [long-term] is released!

The L2 MTU did not fix Winbox. I had used IP to upload. There are no switches. I deleted all the Bridge config, and no bridge was added. The Firewall config still shows empty. And no connectivity. I rolled back again. Send MikroTik a supout from your device, I'm sure they will want to fix the auto ...
by mducharme
Tue Oct 02, 2018 3:15 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Report "Delegated-IPv6-Prefix" attribute for PPPoE
Replies: 192
Views: 36791

Re: Report "Delegated-IPv6-Prefix" attribute for PPPoE

Good afternoon everyone, In fact, in my tests, the DHCPv6 PD pool no longer works. Either by mikrotik in the ppp profile or via radius the way I used it here. I have done all the tests in this version, this option is not functional, the DUAL-STACK clients do not receive the prefix via DHCPv6 via DP...
by mducharme
Tue Oct 02, 2018 3:11 am
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 25039

Re: v6.42.9 [long-term] is released!

I changed the L2 MTU to 1500. I think because of the Airport Extreme.
Can you clarify what you meant by deactivated bridges - did you have a bridge created but it was disabled? Maybe this is why the conversion failed, if it wasn't expecting this.
by mducharme
Tue Oct 02, 2018 3:01 am
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 25039

Re: v6.42.9 [long-term] is released!

I have 1500 as MTU. Are you sure? The default MTU (i.e. layer 3 MTU is 1500) but the default Layer 2 MTU is 1598 (unless you have changed the layer 2 MTU from the default), since MAC winbox is layer 2 it will send the larger 1598 frames and those may get dropped on their way to the Winbox client on...
by mducharme
Tue Oct 02, 2018 2:55 am
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 25039

Re: v6.42.9 [long-term] is released!

Maybe the firewall config is not deleted, just Winbox not showing it, as sometimes everything appears empty. Winbox also disconnects frequently. I cannot even upload. I always use Webfig, but I cannot connect even with the fixed IP. Are you using MAC winbox to connect currently, and it is something...
by mducharme
Tue Oct 02, 2018 2:46 am
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 25039

Re: v6.42.9 [long-term] is released!

The upgrade does not work. Also, this update does not appear on the bugfix channel. I had to upload the package. That's strange, it appears on the bugfix channel for me in "check for updates" on the device. And it certainly should not delete the firewall config, you should open a support ticket. Th...
by mducharme
Tue Oct 02, 2018 2:40 am
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 25039

Re: v6.42.9 [long-term] is released!

Yes, there are some major misunderstandings regarding VLANs with hardware offload in 6.41+. The bottom line is that if you pretend that the new bridge VLAN options do not exist and do not use them, and you set up VLANs the old way using the switch (which still works), you should continue to have har...
by mducharme
Tue Oct 02, 2018 12:47 am
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 25039

Re: v6.42.9 [long-term] is released!

I tried using bridge on my 2011 before and it was too slow. Does this mean I can no longer update my router? It shouldn't be slower than before as long as hardware-offload is working. If hardware offload works, performance should be the same as 6.40.x. If you find there is a big performance drop, a...
by mducharme
Mon Oct 01, 2018 2:46 am
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 37404

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

My hap ac has still memory leak and crashes even in 6.43.2 not really stable kernel failure in previous boot out of memory condition was detected I also have instabilities with my hap AC, crashing every week, although I wasn't graphing memory usage before so I can't be sure there is a leak on mine....
by mducharme
Fri Sep 28, 2018 11:41 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 37404

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

It has now been nearly three weeks since 6.43 was released and DHCPv6 PD server over PPP is still completely broken, preventing all PPP clients from getting IPv6. Is a fix coming soon? It is a rather critical issue.
by mducharme
Fri Sep 28, 2018 11:21 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Report "Delegated-IPv6-Prefix" attribute for PPPoE
Replies: 192
Views: 36791

Re: Report "Delegated-IPv6-Prefix" attribute for PPPoE

6.43 version introduces this feature for DHCP service. You are trying to use it with PPP service. Currently such feature is not supported. I dont understand why the Mikrotik-IPv6-Delagated-Pool stop to working in this version while workinkg in previous version, if Mikrotik only introduces the new f...
by mducharme
Thu Sep 27, 2018 10:55 pm
Forum: General
Topic: IPV6 over PPPoE prefix expiry longer than IPv4 lease
Replies: 5
Views: 538

Re: IPV6 over PPPoE prefix expiry longer than IPv4 lease

So is there anything I can do to force the DHCPv6 client to release and renew its lease whenever the PPPoE connection gets established? Another possibly related bug with the DHCPv6 client is that it doesn't acquire a prefix immediately after the PPPoE connection comes up, it just hangs at "rebindin...
by mducharme
Thu Sep 27, 2018 8:12 am
Forum: General
Topic: Site to Site L2TP VOIP
Replies: 21
Views: 1328

Re: Site to Site L2TP VOIP

I connected my 2 mikrotiks router through L2TP connection, My PBX server on my OfficeA and My Phone is in my OfficeB, The problem is when i try to make call to each other there is no audio for both side. My OfficeB cannot connect to my PBX Server in OfficeA through NAT via My Public IP(I don't know...
by mducharme
Thu Sep 27, 2018 3:05 am
Forum: General
Topic: IPV6 over PPPoE prefix expiry longer than IPv4 lease
Replies: 5
Views: 538

Re: IPV6 over PPPoE prefix expiry longer than IPv4 lease

There is no "IPv4 lease time" in this case. PPPoE uses IPCP to give an IPv4 address. This address is allocated until the customer disconnects. The only way of shortening this period is by actually forcing a disconnect of the customer. Your ISP must be doing this every two days, and your DHCPv6 clien...
by mducharme
Tue Sep 25, 2018 8:22 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 37404

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

Is there any information on correcting the error "Delegated-IPv6-Prefix" attribute for PPPoE? The problem is bigger than just the Delegated-IPv6-Prefix - from my testing, DHCPv6 prefix delegation is basically entirely broken, at least with PPP connections, whether or not RADIUS is used. Only if the...
by mducharme
Tue Sep 25, 2018 8:24 am
Forum: Forwarding Protocols
Topic: OSPF: No ping to backbone [SOLVED]
Replies: 17
Views: 1232

Re: OSPF: No ping to backbone [SOLVED]

Sorry for delayed edit! The problem is now solved. I don't know why now, but in some cases I have seen delayed reactions on some lower level Mikrotik routers (like RB750).
Excellent! Glad that helped. It is not always unusual for there to be a delay when making major routing changes.
by mducharme
Tue Sep 25, 2018 8:17 am
Forum: Forwarding Protocols
Topic: OSPF: No ping to backbone [SOLVED]
Replies: 17
Views: 1232

Re: OSPF: No ping to backbone [SOLVED]

Anyway, it seems that turning static redistribution off doesn't solve my problem. Even putting all networks in backbone area doesn't fix pinging problem. Subnets behind routers are always pingable and other IPs are not! The only pingable hop other than HQ is 172.16.2.6 (HAS's PPTP end to HQ). If yo...
by mducharme
Tue Sep 25, 2018 5:31 am
Forum: General
Topic: IPv6 client problems with bonded WAN
Replies: 5
Views: 465

Re: IPv6 client problems with bonded WAN

I tried the release the DHCPv6 lease and disabled the client before it renewed... restarted the modem set up bonding all over again.. kind of the same result when I request an address and prefix it just sits at searching forever... but now when I request only an address it binds instantly like it d...
by mducharme
Tue Sep 25, 2018 2:28 am
Forum: General
Topic: Is RouterOS Blocking VPN? (Noob In need)
Replies: 3
Views: 335

Re: Is RouterOS Blocking VPN? (Noob In need)

Thank you for the response. I am not running a default configuration however, I do have the allow established and related configured in the filter section of the firewall. Might there be more required in order to get this working or at least eliminate the config/router from the problem? No, not rea...
by mducharme
Tue Sep 25, 2018 2:20 am
Forum: Wireless Networking
Topic: WAP ac 5GHz issues with iPhone XS
Replies: 142
Views: 16748

Re: WAP ac 5GHz issues with iPhone XS

I notice you don't have a country set for your wireless interface. You should set that, otherwise the interface may be able to select a frequency that is not allowed in your country and the phone may then refuse to connect. There are other potential issues, but that jumps out as a possibility.
by mducharme
Tue Sep 25, 2018 2:13 am
Forum: General
Topic: Is RouterOS Blocking VPN? (Noob In need)
Replies: 3
Views: 335

Re: Is RouterOS Blocking VPN? (Noob In need)

Do I need to set up anything in the ipsec area of the router if I am not actually using the router to connect to the client. I would like to just connect my Linux pc to my company hosted vpn server. Again I am not looking to connect my router as the client or connect directly to another router that...
by mducharme
Tue Sep 25, 2018 1:52 am
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 22923

Re: IPv6 recursive nexthops via iBGP

As you state the advertise option is not needed and was most probably only effecting a change by it flapping the IPv6 address when applying the change. Problem resurfaces if the layer 2 VPLS tunnels re-establish and automatically get removed and added to the bridge, thereby changing its MAC address...
by mducharme
Mon Sep 24, 2018 7:47 pm
Forum: General
Topic: IPv6 client problems with bonded WAN
Replies: 5
Views: 465

Re: IPv6 client problems with bonded WAN

to create the bond, I just make a bonding interface, assign ether1 and ether2 as slaves with LACP and mii as the the link monitoring then change all my references to ether1 to the bonding interface as soon as I do this my DHCPv6 client goes into "searching" status and never moves from that. when it...
by mducharme
Mon Sep 24, 2018 7:32 pm
Forum: Forwarding Protocols
Topic: OSPF: No ping to backbone [SOLVED]
Replies: 17
Views: 1232

Re: OSPF: No ping to backbone [SOLVED]

Thanks for spending time on this issue. I have already tried tracing and the only hops I see are 134.30 and 134.10. It seems that in some way, 134.30 passes packets destined to backbone back to 134.10 and because 134.10 is already told that these should be handled by 134.30, a loop is formed. Becau...
by mducharme
Mon Sep 24, 2018 12:15 pm
Forum: Forwarding Protocols
Topic: OSPF: No ping to backbone [SOLVED]
Replies: 17
Views: 1232

Re: OSPF: No ping to backbone [SOLVED]

I'm afraid that text-based map doesn't really give the best view of the topology, so I can't really tell for sure where the problem is. What I would recommend is tracing the route manually by going through the routing tables on the various routers to trace the echo request from the source to the des...
by mducharme
Mon Sep 24, 2018 11:38 am
Forum: Forwarding Protocols
Topic: OSPF: No ping to backbone [SOLVED]
Replies: 17
Views: 1232

Re: OSPF: No ping to backbone [SOLVED]

And which router has the IP 172.16.2.41? The non-pingable one has that as the next hop for basically all routes.
by mducharme
Mon Sep 24, 2018 10:56 am
Forum: Forwarding Protocols
Topic: OSPF: No ping to backbone [SOLVED]
Replies: 17
Views: 1232

Re: OSPF: No ping to backbone [SOLVED]

If this was the case, I would have received timeouts, not TTL expired. And, I'm sure that they do have routes to 192.168.134.0/24, as their routing tables explicitly show that. OK. Can you try pinging a backbone IP that is one hop away (on a neighboring router) and if it doesn't work then paste the...
by mducharme
Mon Sep 24, 2018 10:45 am
Forum: Forwarding Protocols
Topic: OSPF: No ping to backbone [SOLVED]
Replies: 17
Views: 1232

Re: OSPF: No ping to backbone [SOLVED]

It can ping ONLY IPs bound to that router, and nothing else.
Then, the most likely problem is that your other routers are probably missing a route to the 192.168.134.0/24 subnet, and can't get the reply packet back to the PC as a result.
by mducharme
Mon Sep 24, 2018 10:41 am
Forum: Forwarding Protocols
Topic: OSPF: No ping to backbone [SOLVED]
Replies: 17
Views: 1232

Re: OSPF: No ping to backbone [SOLVED]

What else should I provide?
Can that PC ping a backbone IP that is actually bound to that router? Or it cannot ping any backbone IPs, including backbone IPs bound to that router?
by mducharme
Mon Sep 24, 2018 10:34 am
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 22923

Re: IPv6 recursive nexthops via iBGP

The environment does now appear to be working consistently, the problem was due to IPv6 addresses associated with the VPLS bridge interfaces having been set as 'advertise=no'. 2nd amendment to the lab environment: R1 + R5 + RR1: /ipv6 address set [ find interface=bridge-ipv6-mpls ] advertise=yes St...
by mducharme
Mon Sep 24, 2018 10:29 am
Forum: Forwarding Protocols
Topic: OSPF: No ping to backbone [SOLVED]
Replies: 17
Views: 1232

Re: OSPF: No ping to backbone [SOLVED]

This is not enough information to help you. Saying that a PC in a subnet cannot ping anything without giving the subnet, IP address, and IP configuration of the PC does not help. What is the PC using as its default gateway? etc.
by mducharme
Mon Sep 24, 2018 5:30 am
Forum: General
Topic: defconf: drop all not coming from LAN really needed?
Replies: 12
Views: 4286

Re: defconf: drop all not coming from LAN really needed?

Trying to summarize here for my sanity. Isn't the real issue is that 127.0.0.1 from which CAPs Manager is run, is not considered from LAN? That would make the defconf firewall work... right? Correct, it is not considered from LAN because, as Sob explained, the lo interface (which has the IP 127.0.0...
by mducharme
Mon Sep 24, 2018 4:09 am
Forum: General
Topic: defconf: drop all not coming from LAN really needed?
Replies: 12
Views: 4286

Re: defconf: drop all not coming from LAN really needed?

Also, it's not really the same, src/dst-address-type=local only checks if given address matches any address assigned to router. But it doesn't care from where the packet came. If I send it from somewhere else (with source address set to something that's also on target router), it will match too. Go...
by mducharme
Mon Sep 24, 2018 1:52 am
Forum: Beginner Basics
Topic: RB2011 slow internet even with fasttrack
Replies: 96
Views: 11137

Re: RB2011 slow internet even with fasttrack

It's strange, I know that I have a good number of mangle rules in place to manage my queue tree structure. I have noticed since this problem started (or maybe I'm just not remembering right...) that CPU usage doesn't really go above 70% when running with fasttrack off. Using the multiple TCP connec...
by mducharme
Sun Sep 23, 2018 8:56 pm
Forum: General
Topic: defconf: drop all not coming from LAN really needed?
Replies: 12
Views: 4286

Re: defconf: drop all not coming from LAN really needed?

So one of the possible rules you have to add to an appropriate position in chain=input of /ip firewall filter to resolve this situation is chain=input action=accept in-interface-list=!all out-interface-list=!all . It permits locally originated packets to be locally received. That rule is really unn...
by mducharme
Sun Sep 23, 2018 2:50 pm
Forum: General
Topic: defconf: drop all not coming from LAN really needed?
Replies: 12
Views: 4286

Re: defconf: drop all not coming from LAN really needed?

Note that because “WAN” is an interface list, you can have multiple wan interfaces if you like (for instance, both ether1 and your pppoe interface). You don’t have to remove ether1 from WAN in order to add the pppoe interface. Surely CAPsMAN communication should be on LAN by default? I can't tell wh...
by mducharme
Sun Sep 23, 2018 8:39 am
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 22923

Re: IPv6 recursive nexthops via iBGP

IPv6 appears extremely unreliable in the GNS3 virtual lab I put together. The following initially only worked in one direction (R1 -> R5) until I restarted R5, after which it worked in both. Again, what I see here as a common link is that you are assigning the same IPv6 address to the loopback inte...
by mducharme
Sun Sep 23, 2018 7:40 am
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 37404

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

It can ALSO mean some other way of still supporting the original config scripts, preferably without (auto)converting them (since this would mean re-certification in certain cases). Almost every major version they have released lately has brought about config changes that, unless they are auto-conve...
by mducharme
Sun Sep 23, 2018 7:06 am
Forum: Forwarding Protocols
Topic: IPv6 recursive nexthops via iBGP
Replies: 108
Views: 22923

Re: IPv6 recursive nexthops via iBGP

The point is to get IPv6 ingressing at a PE switched across P routers using MPLS. You also missed the fact that I can ping R5's IPv6 loopback from R1 and vice versa, so the gateways are reachable. I did not miss this, I can see quite well that the gateways are reachable. We offer IPv6 over VPLS tun...
  • 1
  • 3
  • 4
  • 5
  • 6
  • 7
  • 16