Need a setting in routeros and userman to change the log writing.
I have setup a hotspot and userman but when a user connect to the hotspot userman write every minut a log I want to have the possibility for some logging to change the write time to disk or usb disk.

Directions for changing the settings for the log can be found here:
http://wiki.mikrotik.com/wiki/Manual:System/Log
Unfortunately, you can move the log to a USB device and that is documented here:
http://wiki.mikrotik.com/wiki/Manual:Store

You can move the log to a remote log server and you can use the not (!) feature (i.e. not the hotspot).

Have a chance to read more than 4096B of files using command strings

Let me just start my broken record…

It would be great for RouterOS 7 to have:

• IPSEC Virtual Tunnel Interfaces (Like Cisco/Juniper/Fortinet/Vyatta/Ubiquiti)
• Xauth + RADIUS support
• Encrypt/IPSEC Policy action
• VRF aware PPP
• VRF aware services (WinBox, SSH, DNS)
• RIPv2 as a PE-CE protocol (RIP instances)
• Make IPv6 loopback/ospf behavior the same as Cisco/Juniper
• Equivalents of the Cisco/JunOS commands:

show ip bgp vpnv4 vrf vrf-blah-wan neighbors 172.16.95.1 advertised-routes       (Routes advertised)
show ip bgp vpnv4 vrf vrf-blah-wan neighbors 172.16.95.1 received-routes (Routes received)
show ip bgp vpnv4 vrf vrf-blah-wan neighbors 172.16.95.1 routes          (Routes inserted)

• MPLS Fast Re-Route capability
• Routing filter action “Add to Address List”

Im sure the great team at Mikrotik are going to give us at least a couple of the above features

Can extend format of EOIP remote-address be a FQDN, not only IPv4?

Many thanks!!

+1 for all of those and I may add:

• Ability to create PPP interfaces in a specific VRF via RADIUS-Attribute
• full L2TP LAC functionality (for forwarding PPPoE sessions via L2TP)
• OSPFv3 for IPv6 and IPv4 address families
• maybe a longer evaluation period, 1 week or so, 24h just aren’t enough sometimes for evaluation of some features.

EAP-TTLS\EAP-PEAP
http://forum.mikrotik.com/t/feature-request-eap-ttls-eap-peap/64120/1
Please add DNSSEC Support:
http://forum.mikrotik.com/t/dnssec/38478/1
BGP ASN In Traffic flow:
http://forum.mikrotik.com/t/traffic-flow-netflow-autonomous-system-information/39677/1

Haha, great minds. I should have been more specific on the PPP stuff, yes there should be support for specifying which VRF via a RADIUS VSA.

Im all for the longer eval period, but Mikrotik should introduce and enforce support contracts so they can make some money off RouterOS. They could offer 3 months support with each RouterBoard purchased and then require a valid support contract per device to be able to download updates, and to log tickets. Just like Cisco, Juniper, Fortinet do.

This would allow them to hire more developers, more support staff, and generally kick more ass.

Interfaces für IPSEC-Tunnels. So that the IN-Interface in the Firewall-rules is not the WAN-Interface and we could better match the ipsec-traffic

BGP option like Juniper “advertise-inactive”.
At the moment it is not possible to advertise learned BGP routes to other BGP neighbors if that particular route is not in the active routing table because it is overriden by OSPF with better administrative distance.
Other bgp impementations (Cisco, Fortinet, Quagga) always advertise all learned BGP routes unless they are explicitly filtered out.
This advertise-inactive option is vital for setups where you run OSPF and iBGP within your AS and redistribute BGP into OSPF.

+1, apart from that, in my opinin MikroTik should complement its BGP implementation, for example on displaing routing paths. Without that, operators wouldn’t be happy to put CCR’s in core.

Hi,

It would be a must for mikrotik products …

please could you add 6RD (ipv6 rapid deployment) available for many ISP

Thank you

maxspeed

I strongly, strongly disagree. Although things are far from perfect in MikroTik land and there are clearly some shortcomings with the current support infrastructure and things they could do to improve it, I would argue that the fact that MikroTik doesn’t do business “just like Cisco (gak!), Juniper, Fortinet do” is exactly one of the reasons why they already “kick ass”. Mandatory support contracts would remove one of MikroTik’s core competitive advantages. MikroTik should not aspire to be like Cisco (gag me with a spoon), but rather to disrupt Cisco’s own business model and perhaps eventually make them irrelevant.

Here’s the thing: enterprise support sucks. And we all know it, so why do we enable businesses to practice this sleazy model by rolling over for them instead of challenging it at the customer level (vote with your wallets, people) and at the business level (as MikroTik, thankfully, seems to be doing)? The reason why it sucks is because it lumps in bug reporting and bug fixing with “how do I use your product?” type questions, even though these two types of support tickets are fundamentally different things. Now, I know why most of these companies do it: it is an additional (and often lucrative) revenue stream, it locks the customer in even more, and 90% of the time, people who think they’ve found a bug are wrong and are just being idiots and not using the product correctly, so these companies might as well charge everybody for support and assume most tickets are not going to be defect reports to start with. Also, companies like Cisco et al. make 99% of their sales to enterprises that need their product in order to even run their business (ISPs, etc.), so it’s worth it to them to pay whatever it takes to ensure that Cisco is responsive to them and their needs.

But as a customer, it makes me livid when companies do this, because it essentially penalizes customers who have been legitimately impacted by an actual software bug. It essentially amounts to extortion. Now of course end-users are responsible for their own idiocy, so, sure: go ahead and charge customers to answer their non-defect-related tickets. That’s fair game. But charging me, the customer, to fix your own error? That’s low. Bug fixes should be free: I bought and paid for this product that you advertized as being able to do X, Y, and Z, but Y is broken because of something wrong that your engineers did and which got shipped because of a lack of sufficient testing and QA on your part, and you’re telling me that I now need to pay an additional sum on top of what I already paid in order to gain access to the update that fixes the problem and which actually makes feature Y usable? Where I come from, that’s called “bait and switch”, and if I bought your product specifically because it had feature Y in it, then you can bet I’m going to be mad as hell when a company responds this way. It also pisses me off to no end when a company tells me that I need to have a paid support contract in place in order to talk to anyone, even if what I’m doing is trying to help both them and myself by demonstrating to them a defect in their own product. You’re going to charge ME for the privilege of telling you about YOUR mistake? I don’t think so.

MikroTik doesn’t pull this kind of crap, and it’s one of the reasons why I continue to find myself an advocate for them and their products even when we hit rough patches (and, believe me: we have had our share of them). In fact, not only is MikroTik good about not doing this very thing, but they take the exact opposite approach: they often reward people who report legitimate issues! Imagine that! The last time I found a bug, I spent a good deal of time (hours) replicating the problem in a lab environment, putting together an absolute minimum config that the bug can be reproduced with along with a detailed description of the symptoms, the underlying problem, and how to reproduce the issue, and sent that to MikroTik support, and after they verified my findings, they rewarded me with a gratis RouterOS license key! Now that’s a class act! (Oh, and they didn’t try to charge me for the fix they developed for the problem, either.)

I have no problem with MikroTik making money, or wanting to find additional ways to make money. In fact, I very much want them to make money and grow their staff and generally be successful and keep on “kicking ass”: after all, given how much we use their product, it’s in my interest that they be successful, since when they are successful, we are also successful. However, enforcing mandatory support contracts for any kind of communication with your staff or access to any software updates is absolutely not the right way to increase revenue, nor is it a way to endear yourself to me.

There are a lot of legit not-scummy-and-yet-untapped ways of making additional money that I can think of for MikroTik to pursue. Some of them seem painfully obvious to me, and I have to think that these ideas have also occurred to MikroTik but that they have decided not to pursue them for one reason or another. Here are a couple of off-the-top-of-my-head examples:

1. Start charging people again for major version upgrades (e.g., 6.x → 7.x). I actually have no problem with this: I should be paying for new features. It’s just the minor point-releases within a given series (6.1 → 6.2) that I have a problem with being charged for, since 99% of these are strictly maintenance/bugfix releases. I think that officially, it is MikroTik’s policy that you can only upgrade so far before you need to pay for a new license, but ever since they switched from the time-based licenses (remember those?) to the version-based ones, which happened around the end of the 2.9.x series, they have (to my knowledge) never enforced this licensing policy: every time (and I mean EVERY time) we have upgraded to the next major version on a router where the “upgradeable-to” field of the license says that this should be the last major version series we can use, after the upgrade has finished, that number has ALWAYS gone up. So ever since the 2.8.x days have passed, we have never needed to purchase new licenses on any of our routers to upgrade to the next major version that I can remember. I think it is crazy-generous of MikroTik to do this, and I don’t take it for granted, and I’m surprised it has gone on for this long, to be honest.

2. Offer support contracts for premium, PRIORITY support, but don’t require them of anybody or make having one mandatory to access software updates you are entitled to/licensed for (minor point-upgrades). If MikroTik offered this, believe it or not, we would be first in line to buy! I have no problem with the concept of paying extra for priority/front-of-the-line support, with guaranteed rapid response and faster ticket turnaround times (or even prioritizing my defect reports and fixes above defect reports filed by people who don’t have a priority support contract); I just have a problem with feeling like I’m being coerced into paying somebody to correct their own errors. Several years back, there were a couple of show-stopping RouterOS bugs that we were being severely impacted by and which caused us to lose a lot of goodwill with our own customers on account of the network instability that they caused. We filed ticket after ticket, but responses were slow to come and the problems weren’t really being addressed in a timely manner. I understand why today MikroTik can’t prioritize our needs above those of other customers when they don’t have such a product, but if some customers are willing to pay extra to be helped first, I don’t think that’s something that MikroTik should ignore. There is a legitimate need for that kind of thing, and companies that can’t afford the downtime caused by a software defect absolutely will go to Cisco instead because they will be able to get that kind of support from them (the one advantage to that model).

MikroTik actually used to have a paid support contract option SEVERAL years ago, and it even included support by telephone! But for unknown reasons that they never (to my knowledge) bothered to explain, they got rid of it. It was called the Extended Support Program (ESP), and they killed it around the time they started their certification program…now they just point you at certified MikroTik consultants in your area instead if you need “same-day support”, but of course certified consultants don’t have greater access to the engineering teams to file bug reports with than I do already as a regular customer. So having certified consultants is not really a sufficient replacement for this program. I’d love it if MikroTik were to bring back the ESP, or something like it.

– Nathan

multi core bgp
“show ip bgp route” command and process it faster than the current one

Thanks for the great post, Nathan!

As for the ESP program. We don’t outsource our support staff, so when people called us, they were calling our Latvian office, not some guys in a 3rd world country. We decided that questions are much quicker answered if we have the config in front of us, and when the customer has summarized his issues. The average phone call took more than an hour. Not many people could be helped with this approach.

It would be good to upgrade linux kernel, to have betetter support on VMware ESXi, and to start work in HyperV.
Nowdays we often connect offices via vpn+ospf, but there is no WINS server support in ROS to connect samba shares seamless between offices.

MacSec and SecureID support in RouterOS for future products with compatible interfaces/PHY.
as mainstream “a must” L2 security thing for both copper and wireless interfaces.

Firewall based url filtering - the only thing I lack in Mikrotiks.
Up to 36 cores with plenty of RAM and still the need to have Squid for that. Are you kidding on me?

i hope release v7.x it will be support for:

RFC 4818, was RFC-ietf-radext-delegated-prefix-05.txt

ATTRIBUTE Delegated-IPv6-Prefix 123 ipv6prefix

Allow grouping/categorization of stuff (NAT rules, static routes, etc) in WinBox for better organization. Searching for specific rules in middle of dozens/hundreds takes a lot of time (with the risk of picking up the wrong one). Rule comments only worsens the situation.