SNMPSET and SNMPGET : to manage switches ports from Router OS scripts.
TCPDUMP : To allow for faster IP debuging. Torch does not allow to see some important things like DSCP.
Packet Sniffer
The main problem with Packet Sniffer is that it is not realtime. You need to stop it to get the result. If you watch for a problem, most often you don’t know when it will happen. So basically, non realtime sniffers are most of the time useless.
Sending a stream through TZSP encapsulation to Wireshark is an option but not always possible because it does take bandwith. Most of the time using TZSP is complicated.
Another better option would be to be able to connect Wireshark through remote connection to Router OS. But this would need to implement WinPcap deamon inside Router OS.
The advantage of this is that you can define what you want to dump directly from Wireshark. All interfaces are available.
But the simplest and more efficient is certainly TCPDUMP.
CoA/PoD for PPTP/PPPOE/L2TP/OVPN/SSTP/HotSpot
I would like to see the ability to get the value of total connections to a hotspot , total unique users to a hotspot (probably checking different mac addresses) and total tx/rx bytes in hotspot since the beggining without reset of this value if the router reboots.
Something like a stats menu in winbox that stores the values.Or maybe embed this feature in graphing.
Is this possible?
I don’t know if it would help as a workaround, but I run a script on my Hotspot routers that every five minutes logs the number of users per Hotspot. The router is set up for remote syslog. On the syslog server I use syslog-ng, which finds those specific syslog messages and writes them to a named pipe. A Perl script runs as a daemon and listens on that named pipe, parses the incoming messages, and uses rrdtool to graph them. Finally, a web interface (PHP) allows users to query usage based on a date range and the target router.
I can’t just post all of that because it’s part of a larger system that contains stuff my employer wouldn’t want shared, but I could post more details and some code if it would be useful to you. The whole thing wasn’t particularly hard to do, a colleague and I put everything together in less than a day.
It could easily be adjusted to also log rx/tx, and probably connections per Hotspot, though I am not sure what you mean by that. Any value that can be derived via router scripts can be sent to the outside world and recorded and displayed somehow.
I use similar workaround for now.The problem is that I have a website in shared hosting and can’t use cacti or rrdtool.They instructed me to use perl for using rrdtool but I have no idea how to do that.If you can find a guide and send me a link on how to use rrdtool in a shared hosting environment (I have cpanel/whm access) I’d appriciate that.
Right now I am using fetch tool as described in the link below sending in a mysql database the active users in the hotspot.
Thank you for everything.I might start a new topic about that (as this topic refers to other things) or see the link at the end of my post.
I just want to display in my webpage something like: xxxx number of users transfered xxxxx mb of data from the beggining.
If I could get these values I could use the script below and use fetch tool calling for a php file every 5min,storing the values to a database and use php to display to website like fosben did.
True.I would like to retrieve with scripting the values Tx/Rx Bytes in the last tab called “traffic” in winbox for the interface wlan1.Can you tell me how to get these values? (winbox 4.13 gets these values as a table in console so I can’t send them with fetch tool-Stats command for an interface)
I have posted the workaround I am using here (Originaly fosben’s script):
http://forum.mikrotik.com/t/netwatch-on-web-script/24843/1
Anyway I thought it would be easier for us all (you and me) asking for this feature rather than asking for php,rrdtool,perl and other programming help.After all many people use mikrotik for free hotspots and the only thing that matters is if the router is online, statistics and health of the system.I think.(Please correct me if I’m wrong)
Also see this post I did:
http://forum.mikrotik.com/t/ros-v-4-total-wireless-hotspot-connections/43206/1
Support ECMP routes with MPLS/LDP:
In current state, a network with a lot of ecmp routes via ospf ( with multiple links) when LDP is enabled, only one of the multiple routes gets a label, so all traffic goes only to one path and doing bonding and another work arrounds like create vpls and bonding then is not an option because of over head as router OS doesnt support l2mtu in X86 routers so only 1500mpls mtu works on our isp. Wit ldp distributing and using multiple labels for the same route, we can overcame that problem.
Support BGP as route source for LDP.
The current ISP BCP ( best common pratices) is that ospf should be used only for infrastructure routes ( loopbacks and /30) and bgp for all other routes ( customer routes) because bgp works better with large routes. the current RouterOs LDP implementation doesnt support bgp as route source to assign mpls labels to the routes. So enable bgp as route source to bind labels , will be a very good option for large networks with more than thousands of customer routes.
+1,
It’s sad to see the development of the MPLS implementation stop like it has done. Come on MT let’s finish it for v5 !! =)
Most Router OS functions comes from the opensource world, so they need to wait for updates from other groups like OpenWRT to put them inside Router OS.
You’re so funny 
THE LATEST REMARK IS NOT POSTED BY ME. I WOULD BE INTERESTED TO KNOW HOW IT IS POSSIBLE TO EDIT MESSAGES FROM SOMEONE ELSE ON THIS FORUM
UDP for OpenVPN
+1 for UDP for OpenVPN.
Please we need this.
“ARP watch” or “Dynamic ARP Inspection” function for RoS strictly needed. ARP spoofing/poisoning is much more frequent phenomenon. ArpON solution is not possible on WAN’s connected directly to fiber optic links through media convertor.
We have about 5000 ARP addresses on the list every moment, clearing ARP list doesn’t help.
ARP / DHCP spoofing control is more a switch function, like 802.1x.
All well known manufacturers have this function in their managed level 2 entry level switches. (just after managed smartswitches).
If you need it on a wan link, then put a fiber module in the switch, and define a VLAN for it so that you can send it to the router. You will avoid to buy an external media converter.
More you put inside the software router, more you will get lost packets. Except if you have high end XXXXXX $ routers, with hardware ASIC / FPGA acceleration for everything.
Tried with this configuration but with no success, ARP list are going to be filled out to the maximum of 8192 entries so I decided to configure complete firewall-ing under Open BSD and to run ArpON on it also just between media convertor and MikroTik.
P.S. Let’s not to go to off-topic. Thanks for giving advice. 
UDP support for OpenVPN !!! desperately need this to work for a new project we’d like to build.
Perhaps Mikrotik do not want to implemented this because they think that UDP is not reliable and they could have problems like with MAC Winbox access.
But OpenVPN is reliable with UDP even if there are lost packets, because each packet is validated before passing in the engine.
If there are corrupted packets, they are simply dropped.
In the end, OpenVPN is almost transparent for tuneled data, it just add checks, dropping corrupted packets.
So i don’t see any reason why it would not be implemented, except perhaps if Mikrotik needs to work on assembler code (there is assembler code inside OpenVPN needing porting for each different processor).
No, it’s certainly not the reason. I have previously already explained that there were many unfixed problems in the OpenVPN itself, so we have stopped development, and concentrated on more reliable projects like SSTP. We don’t plan to make UDP support in OpenVPN in near future.
Why use OpenVPN when there are much better options like PPTP, SSTP, L2TP ?
I would suggest IPSEC too but Mikrotik are still missing VTI support…