I have the following config (ftth, fiber7), and I was wondering several things.
Windows 10 shows me that I am connected to 2 networks (network 4, and network undefined), my other computer shows me network 3 ( and cannot reach the residential network). Is it normal, or is there a malfunction?
Also, if I have an upload reaching >800 mbs but it never goes above 550 mbs in download (shouldn’t be some consistency, I know it is hard to reach 940, but at least both should be similar?)
I dare asking one last thing. I have a wd mybook on ether 8, works fine except that it is supposed to go on sleep after 10 minute of inactivity (it was doing it with a broadband router) but it does not anymore .
I am learning the basic, but I am still very confused…
Thank you very much if you can provide some help.
# jan/30/2016 20:41:06 by RouterOS 6.33.5
# software id = 9UVX-6RL1
#
/interface bridge
add mtu=1598 name=bridge1 protocol-mode=none
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n country=switzerland disabled=no mode=ap-bridge \
ssid=Hi-Wifi wireless-protocol=802.11
/interface ethernet
set [ find default-name=ether1 ] comment=WAN
set [ find default-name=ether2 ] master-port=ether1
set [ find default-name=ether3 ] master-port=ether1
set [ find default-name=ether4 ] master-port=ether1
set [ find default-name=ether5 ] master-port=ether1
set [ find default-name=ether6 ] master-port=ether1
set [ find default-name=ether7 ] master-port=ether1
set [ find default-name=ether8 ] master-port=ether1
/ip neighbor discovery
set ether1 comment=WAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=dynamic-keys \
wpa-pre-shared-key=********** wpa2-pre-shared-key=**********
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=wlan1
/ip address
add address=192.168.88.1/24 interface=ether1 network=192.168.88.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=sfp1
/ip dhcp-server network
add address=192.168.88.0/24 dns-server=77.109.128.2,213.144.129.20 gateway=192.168.88.1 netmask=24
/ip firewall address-list
add address=82.197.188.0/24 comment="NOC RANGE" list=NOC-ACCESSv4
add address=213.144.129.128/26 comment="FIBER7 MGMT RANGE" list=NOC-ACCESSv4
/ip firewall filter
add action=fasttrack-connection chain=forward comment=fasttrack connection-state=\
established,related
add chain=forward comment="permit connection state related inbound connections to forward chain" \
connection-state=related
add chain=forward comment=\
"permit connection state established inbound connections to forward chain" connection-state=\
established
add action=drop chain=forward comment="drop everything else to forward chain" connection-state=\
invalid
add chain=input protocol=icmp
add chain=input connection-state=established
add chain=input connection-state=related
add action=drop chain=input in-interface=sfp1
/ip firewall nat
add action=masquerade chain=srcnat out-interface=sfp1 to-addresses=0.0.0.0
/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
set pptp disabled=yes
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www-ssl disabled=no
set api disabled=yes
set winbox disabled=yes
set api-ssl disabled=yes
/lcd interface
set ether1 disabled=yes
set ether2 disabled=yes
set ether3 disabled=yes
set ether4 disabled=yes
set ether5 disabled=yes
set ether6 disabled=yes
set ether7 disabled=yes
set ether8 disabled=yes
/lcd screen
set 1 disabled=yes
set 2 disabled=yes
set 3 disabled=yes
set 4 disabled=yes
set 5 disabled=yes
/system clock
set time-zone-name=Europe/Zurich
/system routerboard settings
set protected-routerboot=disabled
It sounds like you have an ethernet cable plugged in AND your wireless active. Turn off the wireless while connected to the LAN with ethernet.
The network numbers are just an internal construct to Windows - it’s how it remembers which networks you connect to, and which of those is “home” or “office” or “public” settings. The other computer probably thinks the network is type “public” and thus disables your lan stuff like file sharing and device discovery, etc. You’ll have to go change your network settings in that computer (google the procedure if you don’t know how)
This is probably your firewall configuration and/or a limitation of the CRS CPU. Make sure your firewall > filter rules have a rule very early in the forward chain:
connection-state=established,related action=fasttrack-connection
and immediately after that rule in the forward chain as well:
connection-state=established,related action=accept
This will speed up your performance quite a bit.
If it’s already set up like that, then you’re probably getting as good as you can get with whatever your firewall rules are set up like. Watch the CPU of the CRS while you do a speed test. If it hits 100%, then there’s your answer.
The router shouldn’t have anything to do with that. Look into however it defines “inactivity” - the switch just forwards traffic that’s handed to it - it can’t reach inside the operating system of your wd book and tell it not to go to sleep.
Normally if an interface is designated as the WAN interface it will be a routed port and you should not make the rest of your ports slave to it. Ideally you would have ether1 = WAN, ether3-8=master-port=ether2.
/interface ethernet
set [ find default-name=ether1 ] comment=WAN
set [ find default-name=ether2 ] master-port=ether1
set [ find default-name=ether3 ] master-port=ether1
set [ find default-name=ether4 ] master-port=ether1
set [ find default-name=ether5 ] master-port=ether1
set [ find default-name=ether6 ] master-port=ether1
set [ find default-name=ether7 ] master-port=ether1
set [ find default-name=ether8 ] master-port=ether1
The way you have it currently setup, all the devices attached to ethr2-8 are “connected” to the ISP’s network. You will want to check that to begin with, maybe that is your intent.
So ether1 is configured as your WAN interface on the Mikrotik; what IP are you getting from your ISP? Is it a public or private? If it’s Public, leave off the first three octets, i.e. x.x.x.134. You have assigned an IP address to your WAN interface of 192.168.88.1 - why? You then have a DHCP scope that is in the same network as your WAN IP - why?
Currently I have a very poor speedtest connection, I could not reach a value above 300 mbs and the CPU hit 40%. I ll try later again.
Regarding the multi connection “issue”, I do not have wifi on the motherboard. It shows both connection linked to my only ethernet network 4 and undefined. Network 4 has “residential network”. I did not see it with my former router. I was wondering what mikrotik (or windows) setup that was triggering this behavior.
For the wd myBook, is there any way to setup a very passive connection somehow? The device never switch off even though all devices connected to the network are off, there was no issue before.
someone else can correct me if I’m wrong - but doesn’t the DHCP server on RouterOS default to a 10 minute DHCP lease? Maybe that is what is keeping his WDMyBook up - it has to keep renewing it’s IP? I always set my DHCP leases to 1day for residential uses.
