Community discussions

Search found 788 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 16
by mducharme
Sun Jun 16, 2019 10:20 pm
Forum: Wireless Networking
Topic: Guest Wi-Fi Captive Portal Setup [SOLVED]
Replies: 1
Views: 303

Re: Guest Wi-Fi Captive Portal Setup [SOLVED]

You can accomplish this with the hotspot feature in MikroTik - edit the login page to remove the "username" and "password" prompts, add the EULA, and rename the "Connect as Guest" link to "Accept EULA"
by mducharme
Fri Jun 14, 2019 4:53 am
Forum: General
Topic: vlan bridge to port [SOLVED]
Replies: 10
Views: 605

Re: vlan bridge to port [SOLVED]

What the OP is doing is OK and is simply the old way of creating "access" ports for VLANs where the VLAN is untagged (before bridge VLAN filtering). Doing it the old way can still be justified on platforms other than CRS3xx due to the fact that you can have VLANs while not losing hardware offload fo...
by mducharme
Thu Jun 13, 2019 8:50 am
Forum: General
Topic: Queues lie
Replies: 11
Views: 556

Re: Queues lie

Manifestly improbable, as our bandwidth tests quite often show speeds well in excess of any customer's bursted queue. I can run BTest from one end of our network to the other (three or four wireless hops) and see speeds in the range of of 80-140Mb. That speed will also be reflected in the first que...
by mducharme
Thu Jun 13, 2019 8:05 am
Forum: General
Topic: Queues lie
Replies: 11
Views: 556

Re: Queues lie

1-POE-Host is port 1 on the PowerBox, which would normally supply the host's own service, except the property is vacant currently so there's no connection. Here is a partial printout of the queue, the rest of the rules are identical except for address. sqcli.jpg OK Thanks. So, there are a few thing...
by mducharme
Thu Jun 13, 2019 7:43 am
Forum: General
Topic: Queues lie
Replies: 11
Views: 556

Re: Queues lie

It's pretty difficult to misconfigure simple queues. Queue, queue, queue, that's the one that matches this customer, we're done. There are no other queues. Removing them and putting exactly the same queues back should not fix a bandwidth problem like this... and yet it does. Can you share an export...
by mducharme
Thu Jun 13, 2019 7:14 am
Forum: General
Topic: Queues lie
Replies: 11
Views: 556

Re: Queues lie

You're not going to tell me the queues were not at fault here. You're also not going to tell me I had them configured wrong, because the configuration I put back was EXACTLY the same configuration that I wiped clean, and it worked just fine from then on… not only for this customer, but for about fi...
by mducharme
Thu Jun 13, 2019 6:04 am
Forum: General
Topic: Queues lie
Replies: 11
Views: 556

Re: Queues lie

This isn't a question, it's a warning. There is a bug of long standing in RouterOS that causes invisible, internal queue corruption. I have experienced it with both tree queues and simple queues, over a period of something like eight years, and have incontrovertibly proved it is happening. The symp...
by mducharme
Thu Jun 13, 2019 5:57 am
Forum: RouterOS v6 RC and v7 BETA
Topic: 10G support for Traffic Engineering
Replies: 1
Views: 372

Re: 10G support for Traffic Engineering

We've been running traffic-engineering based bandwidth limits for at least 5 years. Now that we have 10G interfaces, the 32bit limitation, or whatever the problem, is requiring us to look for different solutions for limiting vpls connections. You can use a queue tree on both sides of the VPLS tunne...
by mducharme
Wed Jun 12, 2019 11:50 pm
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 26
Views: 1306

Re: QoS prioritization only, without shaping?

The other way around, UBNT AP no WDS with MikroTik client connected can often pass VLAN tagged traffic but sometimes it stops and needs to be re-associated to continue. Of course between 2 UBNT devices in WDS mode, and between 2 MikroTik devices in bridge mode there is no issue. In our case the UBN...
by mducharme
Wed Jun 12, 2019 10:57 pm
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 26
Views: 1306

Re: QoS prioritization only, without shaping?

Ok, my experience with UBNT radios that are not in "WDS" mode has been that tagged VLAN traffic over the link does not always work correctly. As we have a mix of UBNT/MikroTik in het network (both at the AP and client side) we often cannot run in "WDS" mode. This should be the same difference as be...
by mducharme
Wed Jun 12, 2019 9:30 pm
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 26
Views: 1306

Re: QoS prioritization only, without shaping?

With the UBNT devices, do you use VLAN tagging only on ethernet and then strip it in the radio, or extend VLAN all over the WiFi link? I have not-so-good experience with the latter when it is not in PtP mode. Sometimes it works fine, sometimes it fails in strange ways. We extend the VLAN over the W...
by mducharme
Wed Jun 12, 2019 6:22 pm
Forum: General
Topic: EoIP tunnels randomly fail
Replies: 8
Views: 501

Re: EoIP tunnels randomly fail

I have a x86 router now running 6.44.3, it was running 42.x, remotely we have a mixture of MK routers but most of them are GR3's We have 10 EoIP tunnels over L2Tp/IPSec vpn/bridge coming into that router. Every now and again one of the EoIP tunnels will drop. We can see traffic from both sides of t...
by mducharme
Wed Jun 12, 2019 5:01 pm
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 26
Views: 1306

Re: QoS prioritization only, without shaping?

Well, when the radio is UBNT (quite common as they operate in the same market segment as MikroTik), the whole QoS thing will work automatically, also without VLAN tagging. It uses the WMM defined queue mapping based on DSCP high 3 bits with 4 queues. This is not true for all of their radios. We hav...
by mducharme
Wed Jun 12, 2019 8:57 am
Forum: Beginner Basics
Topic: My first Mikrotik Router - Firewall Help
Replies: 16
Views: 964

Re: My first Mikrotik Router - Firewall Help

Your port forwarding is not working because there is no firewall filter forward chain rule that allows that traffic.
by mducharme
Wed Jun 12, 2019 8:45 am
Forum: Forwarding Protocols
Topic: ❗️❓ UNSTABLE VPLS on Wireless networks
Replies: 13
Views: 984

Re: ❗️❓ UNSTABLE VPLS on Wireless networks

If you have MikroTik radios, use "set priority" action to 7 for OSPF traffic. If the radio is routing you can do that with a mangle rule, or if the radio is bridging you will need to do it with a bridge filter. That will prioritize it as long as you are using either NV2 or WMM. If you are using NV2 ...
by mducharme
Wed Jun 12, 2019 8:35 am
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 26
Views: 1306

Re: QoS prioritization only, without shaping?

Also you should use new priority from dscp high 3 bits, not just from dscp. The mapping from-dscp is probably not what you want. DSCP high 3 bits results in a more useful mapping.
by mducharme
Wed Jun 12, 2019 8:20 am
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 26
Views: 1306

Re: QoS prioritization only, without shaping?

So for all our routers just add a rule at the top of mangle with passthrough ticked 'set priority' new priority: from dscp And that's all thats needed? (Assuming DSCP is already set, otherwise add more mangle rules to set DSCP bits) No queue's added? Yes, *but* whatever you are using for wireless n...
by mducharme
Wed Jun 12, 2019 7:04 am
Forum: General
Topic: QoS prioritization only, without shaping?
Replies: 26
Views: 1306

Re: QoS prioritization only, without shaping?

What wireless links are you using? In most cases, you will need to use a "set priority" mangle rule or bridge filter rule to prioritize the traffic.
by mducharme
Wed Jun 12, 2019 7:02 am
Forum: Forwarding Protocols
Topic: ❗️❓ UNSTABLE VPLS on Wireless networks
Replies: 13
Views: 984

Re: ❗️❓ UNSTABLE VPLS on Wireless networks

Decreasing downtime is good so certainly follow that feedback but also prioritize OSPF to prevent the downtime from happening in the first place. We have very reliable OSPF over wireless, in some places even set to broadcast (although as scampbell said point-to-point is better), that are completely ...
by mducharme
Tue Jun 11, 2019 9:33 pm
Forum: Forwarding Protocols
Topic: ❗️❓ UNSTABLE VPLS on Wireless networks
Replies: 13
Views: 984

Re: ❗️❓ UNSTABLE VPLS on Wireless networks

I don't find any good document about it, if is possible get some help that how can I configure it.
I don't have any QOS or priority configuration on routers / links.
What radios are you using?
by mducharme
Tue Jun 11, 2019 5:02 pm
Forum: Forwarding Protocols
Topic: ❗️❓ UNSTABLE VPLS on Wireless networks
Replies: 13
Views: 984

Re: ❗️❓ UNSTABLE VPLS on Wireless networks

We run long distance wireless links and do not experience this. Even if VPLS tunnels go down for some reason, they typically only take 10 seconds to come back, not 60. The 60 seconds makes me suspect that it is actually something else that is going down, most likely something like OSPF, or possibly ...
by mducharme
Thu Apr 11, 2019 12:16 am
Forum: Beginner Basics
Topic: Limit Bandwidth to Per IP
Replies: 6
Views: 681

Re: Limit Bandwidth to Per IP

it will effect only connection limit?? then what will i do for bandwidth limit???
I think what you want is PCQ - please see: https://wiki.mikrotik.com/wiki/Manual:Q ... Q_Examples
by mducharme
Wed Mar 13, 2019 9:21 am
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 305
Views: 68039

Re: v6.45beta [testing] is released!

*) dhcpv6-server - added RADIUS accounting support;
This is excellent news - does this also work with DHCPv6 servers over PPP (ex. PPPoE)?
by mducharme
Mon Mar 04, 2019 5:08 am
Forum: Announcements
Topic: v6.44 [stable] is released!
Replies: 219
Views: 34028

Re: v6.44 [stable] is released!

MikroTik as remote DHCP server for relay purposes (not connected directly to the network that DHCP is used on) stops giving leases after upgrade, seemingly due to new ARP conflict detection feature. Disabling conflict detection resolves the issue. Shouldn't this feature shut itself off if the router...
by mducharme
Sun Feb 17, 2019 11:49 pm
Forum: Announcements
Topic: v6.44rc [testing] is released!
Replies: 67
Views: 11798

Re: v6.44rc [testing] is released!

I upgraded from 6.43.12 and had two IPsec peers with RSA key auth. After upgrading to 6.44rc1, only one of the two peers was added to the new ipsec identities tab. I had to recreate the other to bring it up again.
by mducharme
Tue Jan 15, 2019 11:28 am
Forum: General
Topic: Asymmetric Routing
Replies: 7
Views: 515

Re: Asymmetric Routing

I will try a config reset later on Router 1. For the time being it's working in the opposite traffic flow.
can you run /ip route export and paste the results? And the same for /ip route print?
by mducharme
Tue Jan 15, 2019 10:58 am
Forum: General
Topic: Asymmetric Routing
Replies: 7
Views: 515

Re: Asymmetric Routing

Another thing to check - did you perhaps once have that 172.24.62.0/24 subnet set up directly on router1 and removed the IP but haven't rebooted since? Sometimes there can be strange issues caused by route caching when the cache isn't cleared properly.
by mducharme
Tue Jan 15, 2019 10:10 am
Forum: General
Topic: Asymmetric Routing
Replies: 7
Views: 515

Re: Asymmetric Routing

Hmmm. I would have thought while slightly unusual to setup asymmetrically, the Mikrotiks should be able to do this. It's just a matter of setting the static route for 172.24.62.0/24 to gateway IP 10.0.0.2. MikroTik does asymmetric routing and it is allowed by default. If it is not working, then you...
by mducharme
Tue Jan 15, 2019 9:26 am
Forum: General
Topic: Asymmetric Routing
Replies: 7
Views: 515

Re: Asymmetric Routing

Hello,

A router will in some cases try to use ARP to resolve a remote IP if gateway for one of the routes is incorrectly set to an interface instead of an IP address. Double check your routes and make sure you don't have a route where gateway is incorrectly set to an interface name instead of an IP.
by mducharme
Tue Jan 15, 2019 1:45 am
Forum: Forwarding Protocols
Topic: MPLS TE 2x 1gbps point to point links
Replies: 5
Views: 684

Re: MPLS TE 2x 1gbps point to point links

Hi Guys, I managed to get RSVP TE tunnel up and running between the two routers but traffic doesn't pass over it. I notice that the RSVP TE shows up as an Interface in the router. Should I configure an OSPF connection between the two routers on the RSVP TE interfaces? The issue I am currently havin...
by mducharme
Mon Jan 14, 2019 1:00 am
Forum: General
Topic: CCR1036-8G-2S+with HIGH CPU load
Replies: 9
Views: 789

Re: CCR1036-8G-2S+with HIGH CPU load

I read about the disabling SNMP, tried it too, didn't help for me. This is by the way what the CPU looks like after the reboot. Busy, but normal: cpu.JPG Yes this is exactly what happened to us. In our case it seemed to start when a winbox session terminated abnormally that had a large table open (...
by mducharme
Mon Jan 14, 2019 12:53 am
Forum: Forwarding Protocols
Topic: MPLS TE 2x 1gbps point to point links
Replies: 5
Views: 684

Re: MPLS TE 2x 1gbps point to point links

Hi,

This is accomplished by forcing one VPLS tunnel across one TE tunnel and the other VPLS tunnel across the other TE tunnel. The VPLS tunnels can then be used for load balancing.
by mducharme
Sun Jan 13, 2019 7:14 am
Forum: General
Topic: CCR1036-8G-2S+with HIGH CPU load
Replies: 9
Views: 789

Re: CCR1036-8G-2S+with HIGH CPU load

We experienced this previously - a reboot appeared to clear it. I noticed it happens on our router when a user session is "stuck" - sometimes winbox disconnects but the router still thinks the user is logged in, and continues to think so until it is rebooted. I'm not sure if this is the cause or not...
by mducharme
Sat Jan 05, 2019 10:20 pm
Forum: Announcements
Topic: v6.43.8 [stable] is released!
Replies: 169
Views: 32084

Re: v6.43.8 [stable] is released!

Please suggest me what should i do now? All users are using unlimited bandwidth now, thats why, it's so much tough to me for managing the bandwidth. Another thing is that, when i logged into the mikrotik via winbox, it's showing unsecured mode at the right corner. Potentially the problem is with qu...
by mducharme
Tue Jan 01, 2019 4:38 am
Forum: Scripting
Topic: ":put" problem in scripting [SOLVED]
Replies: 4
Views: 554

Re: ":put" problem in scripting [SOLVED]

This is normal behavior. If you want the script to print output while it runs, use the :log command which will output to the system log.
by mducharme
Mon Dec 31, 2018 6:26 am
Forum: General
Topic: Port forwarding with PPPOE doesn't work
Replies: 2
Views: 460

Re: Port forwarding with PPPOE doesn't work

Besides what is explained above, the other problem with this rule is src-port="", which means src-port=NULL. src-port will never be null, so therefore you will need to adjust this rule; Otherwise, it will never apply.
by mducharme
Sun Dec 30, 2018 11:15 pm
Forum: Beginner Basics
Topic: Voice vlan and mikrotik
Replies: 3
Views: 693

Re: Voice vlan and mikrotik

How to create voice VLAN on Mikrotik? I create as normal VLAN and I add DHCP server but when I plug telephone doesn't receive an IP address. On switch it show that I plug telephone as tagged port. Switch is PLANET gs-4210-24p4c Mikrotik CRS212-1G-10S-1SplusIN and IP telephony is Grandstream. You sh...
by mducharme
Sun Dec 30, 2018 10:45 pm
Forum: Beginner Basics
Topic: RouterOS basic vlan config
Replies: 15
Views: 1313

Re: RouterOS basic vlan config

Also, I would not add the same IP onto two interfaces simultaneously. It could possibly cause an issue - if the device has an IP on the same subnet in two different interfaces, how does it know which to use to reach you? You should probably put the ether2 ip in a different subnet from the IP that yo...
by mducharme
Sun Dec 30, 2018 9:33 pm
Forum: Beginner Basics
Topic: RouterOS basic vlan config
Replies: 15
Views: 1313

Re: RouterOS basic vlan config

no worries. I don't have Windows pcs therefore Winbox is not an option. However I simply reset the CRS and started from scratch. Could also help me understanding the concept a little better. Many people use winbox on MacOS or Linux in Wine. It is designed to work well in Wine. There is even a versi...
by mducharme
Sat Dec 29, 2018 10:38 pm
Forum: Beginner Basics
Topic: RouterOS basic vlan config
Replies: 15
Views: 1313

Re: RouterOS basic vlan config

I added: /ip address add address=192.168.2.60/24 interface=vlan2 network=192.168.2.0 and I removed: /ip address remove numbers=0 (this was the "interface=ether2") the last command unfortunately looked me out. Don't exactly understand why, since Port 17 was supposed to be an untagged access Port on ...
by mducharme
Sat Dec 29, 2018 7:11 pm
Forum: Beginner Basics
Topic: RouterOS basic vlan config
Replies: 15
Views: 1313

Re: RouterOS basic vlan config

and put the IP address on this VLAN interface How do I do this? Can't see an option to set a vlan for the MK IP. To do this, simply change the interface for the IP from "ether2" to "vlan2". Currently you have "/ip address add address=192.168.2.60/24 interface=ether2 network=192.168.2.0", this will ...
by mducharme
Sat Dec 29, 2018 4:29 am
Forum: RouterBOARD hardware
Topic: 10GB SFP+ recognized as 1GB - Question [SOLVED]
Replies: 3
Views: 566

Re: 10GB SFP+ recognized as 1GB - Question [SOLVED]

Thanks, actually I'm embarrassed since I had a look at the block diagram several times and thought even though the channel only provides only 1GB to the CPU it should have a 10GB connection. But I didn't notice it's an SFP only and not SFP+. Aarrrrg. The 4011 has an SFP+ port. If you upgrade to tha...
by mducharme
Sat Dec 29, 2018 4:15 am
Forum: Beginner Basics
Topic: RouterOS basic vlan config
Replies: 15
Views: 1313

Re: RouterOS basic vlan config

Hi again, I didn't have much time recently to keep on trying to set it up. But now I try again and still don't get it properly. second thing I did, was configuring one access port: /interface bridge vlan add bridge=bridge untagged=ether17 vlan-ids=2 so, Port 17 is an access port on vlan 2 untagged....
by mducharme
Fri Dec 28, 2018 11:02 pm
Forum: Beginner Basics
Topic: Firewall is blocking FORWARDING? WHY??
Replies: 9
Views: 638

Re: Firewall is blocking FORWARDING? WHY??

/ip firewall filter add action=accept chain=forward comment="INTERNET USERS TCP" \ connection-state=established,related,new dst-port="" port="" protocol=tcp add action=accept chain=forward comment="INTERNET USERS UDP" \ connection-nat-state="" connection-state=established,related,new port=53 \ prot...
by mducharme
Wed Dec 26, 2018 10:29 pm
Forum: Forwarding Protocols
Topic: BGP practice
Replies: 14
Views: 1647

Re: BGP practice

Hello mducharme, My topology goes like this ISP 1 -- Router A ------- Router C ------- Router D ------- router F ----- Router B--- ISP 2 So I setup Router A and Router B as BGP routers, inside Routers C, D , F , A, B all use OSPF, I want to establish that when my ISP 1 is down ( it happens sometime...
by mducharme
Wed Dec 26, 2018 5:57 am
Forum: Beginner Basics
Topic: VLAN hell - NOOB :)
Replies: 3
Views: 454

Re: VLAN hell - NOOB :)

Here is a layout of what I would like to accomplish in Phase I isp modem -> Asus router -> eth01 port - CRS in bridge mode - eth10 port -> Hyper-V ( 192.168.1.10) Static IP - eth15 port -> MAC ( 192.168.1.20 ) DHCP IP from Asus router - eth20 port -> IoT Hub #1 ( 192.168.50.10) DHCP IP from CRS - e...
by mducharme
Wed Dec 26, 2018 3:45 am
Forum: Forwarding Protocols
Topic: BGP practice
Replies: 14
Views: 1647

Re: BGP practice

Hello, So, I setup a default static route metric in OSPF Instance in Router A (primary) to 1, a , and on router B ( secondary) to 5 Router A has a type 1 redistributedef. route : always as type 1 Router B has a type 1 redistrubute def route : always as type 2 with metric 5 So to test it I need to s...
by mducharme
Tue Dec 25, 2018 3:00 am
Forum: General
Topic: v7.00.1 [stable] is released!
Replies: 10
Views: 1262

Re: v7.00.1 [stable] is released!

NOT funny. :(
by mducharme
Tue Dec 25, 2018 1:40 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Report "Delegated-IPv6-Prefix" attribute for PPPoE
Replies: 192
Views: 36851

Re: Report "Delegated-IPv6-Prefix" attribute for PPPoE

Dear friend, I could post the script. Here it is - we run this every 5 minutes using the scheduler: /ipv6 dhcp-server binding; :foreach i in=[find server~"pppoe"] do={ make-static $i; set $i comment=[get $i server]; set $i server=all; } It works well and users always get the same prefix after disco...
by mducharme
Mon Dec 24, 2018 8:41 pm
Forum: Forwarding Protocols
Topic: How can I reeduce load over 1072 to 2 x 1036
Replies: 8
Views: 1030

Re: How can I reeduce load over 1072 to 2 x 1036

amt - I'm afraid I don't quite understand the problem here. If the traffic is coming from the clients and passing through router A and B on the way to the BGP router, why not just do NAT there? Why do you need to send the traffic back to router A and router B after it has come from the inside? If yo...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 16