Community discussions

MUM Europe 2020
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

450G + 5.0 Beta1 issue

Sat Apr 24, 2010 8:15 am

I am a newbie. So sorry if I am not perfect in reporting this issue. I am a end user with a 450G.

It seemed everything was perfect...

Then I noticed that randomly, about once a day or even once every few days, I would loose connectivity for a brief period through the router. I then also noticed that during these periods winbox could not connect to the router. These outages last around 5 minutes. They do self correct and everything then works fine.

The router does not reboot. It makes no entry in the log. The watchdog is disabled.

I am doing quite a bit with the router, mostly for education purposes. I am running a Metarouter.

I have attached a support.rif
You do not have the required permissions to view the files attached to this post.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Wed Apr 28, 2010 3:08 am

I turned on the watchdog and it has reset once. However a short time before that I was playing with webconfig and that is really new so it might have caused some issue..

Strangely the winbox service got turned off. Its possible I suppose I did it by accident, but that seems highly unlikely. I did use webconfig to reenable it tho.

I have noticed another issue. I am running a metarouter. Mostly just for fun and experience, It crashed separately from the main router. Required a power cycle reboot.

I should point out that I used 4.5 with this exact same config for months with no issues at all.. Now, rather randomly, after days of perfect operation, data flow stops and I cant log in using winbox. After some number of minutes, it corrects itself and everything is fine again. NOTHING in the logs. It did this with the watchdog turned off.
 
fewi
Forum Guru
Forum Guru
Posts: 7734
Joined: Tue Aug 11, 2009 3:19 am

Re: 450G + 5.0 Beta1 issue

Wed Apr 28, 2010 7:15 am

Maybe try setting up NetWatch with a short interval against a reliable host, and fire a script that just logs something. If you get that log message when you experience the outage, you could change the script to generate a supout.rif instead. Having it generated when the condition occurs is probably more useful than one from after/before the fact unless you have steps to reliably reproduce the issue.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Thu Apr 29, 2010 10:53 am

good idea... I already have a netwatch hitting google to discover if the net is up/down... I will add to that script..
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Apr 30, 2010 5:38 pm

Testing Beta 2. Release notes show fixes that might address my problems, specifically MetaRouter fixes on 450
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Apr 30, 2010 8:10 pm

Watchdog timer just tripped. Got about 2 hours before trip.

Attached is autosup
You do not have the required permissions to view the files attached to this post.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: 450G + 5.0 Beta1 issue

Sat May 01, 2010 5:15 am

Mate are you making it ping a single IP address? What happens if there is some outage along the way? Or when google shut down their machine, because they have DNS fail-over and load balance? Hm?
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sat May 01, 2010 9:06 am

The watchdog timer isn't pinging anything. Its just doing its internal check.

I am also pinging google as a separate thing using netwatch just to let me know that the internet might be down and beeping if it cant get through. Ive been doing that for a year and google has never missed a ping actually. But yes, your point is really valid. I did want a good target that would most likely not be down that was on the net... Its worked actually really well...

I am also using siteuptime to monitor the router from the WAN side. It detects the router being down during the intervals when it sorta locks up, IE when I dont use the watchdog to reset it.

ANYWAY... The watchdog timer was tripping almost every few hours on 5.0 B1 and B2..

12 hours ago a moved it back to 4.9. No other changes...

No issues at all. If it goes 24 hours, then i will switch back to 5.0 B2 and see what happens. If it starts tripping the watchdog timer again, then its gotta be a combo of my config + 5.0B2 + 450G

Besides the Metarouter, I am also using a microSD card and reading / writing from/to it once a hour doing a DDNS update. Yes I should trigger it better then just just checking once a hour, but as I said I am a newbie and im learning scripts.. I have not checked to see if the issue occurs when the MicroSD card is written to. I will when I change it back to 5.0 B2 in 12+ hours..
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: 450G + 5.0 Beta1 issue

Sat May 01, 2010 9:47 am

Well done mate. Keep us posted.
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Mon May 03, 2010 12:42 am

I went 36 hours perfectly using 4.8

Upgraded to 5.0 B2 and 2 hours later, watchdog timer tripped. Then again another 3 hours later...

Some combo of 450g+5.0B2+myconfig is causing issues...

While the watchdog timer is set to generate autosup files, it did not generate these for either watchdog trip.. It also did not email them either...

The log does show improper shutdoqn caused by watchdog time tho

Im going to let it run 36 or so hours and see how it goes.. These reboots are annoying enough tho that I might just downgrade to 4.8 till the next beta...
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Mon May 03, 2010 9:19 am

Too many reboots for me on 5.0B2... Im back on 4.9... I saw 5 watchdog triggered reboots in 9 hours. No doubt, 5.0B2 does not work for me with my config on a 450G. 4.9 works perfectly stable.

These may be occurring when my script to update ddns runs. It does talk to the sd card. However it does not always result in a reboot. It sometimes goes 5 hours without rebooting.

This script I got here. I run this once a hour..
_______________________________________________

# DNSoMatic automatic DNS updates
# User account info of DNSoMatic
:global maticuser "xxxxxxxx"
:global maticpass "xxxxxxx"
:global matichost "all.dnsomatic.com"
:global matichostp "/micro-sd/all.dnsomatic.com"
# No more changes need

:global previousIP

# Print values for debug
:log info "DNSoMatic: Updating dynamic IP on DNS for host $matichost"
:log info "DNSoMatic: User $maticuser y Pass $maticpass"
:log info "DNSoMatic: Last IP $previousIP"

# get the current IP address from the internet (in case of double-nat)
/tool fetch mode=http address="checkip.dyndns.org" src-path="/" dst-path="/micro-sd/dyndns.checkip.html"
:local result [/file get micro-sd/dyndns.checkip.html contents]

# parse the current IP result
:local resultLen [:len $result]
:local startLoc [:find $result ": " -1]
:set startLoc ($startLoc + 2)
:local endLoc [:find $result "</body>" -1]
:global currentIP [:pick $result $startLoc $endLoc]
:log info "DNSoMatic: IP actual $currentIP"

# Touching the string passed to fetch command on "src-path" option
:local str "/nic/update?hostname=$matichost&myip=$currentIP&wildcard=NOCHG&mx=NOCHG&backmx=NOCHG"

:if ($currentIP != $previousIP) do={
:log info "DNSoMatic: Update need"
:set previousIP $currentIP
:log info "DNSoMatic: Sending update $currentIP"
:log info [ :put [/tool fetch host=MT user=$maticuser password=$maticpass mode=http address="updates.dnsomatic.com" src-path=$str dst-path=$matichostp]]
:log info "DNSoMatic: Host $matichost updated on DNSoMatic with IP $currentIP"
} else={
:log info "DNSoMatic: Previous IP $previousIP and current $currentIP equal, no update need"
}
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Tue May 04, 2010 2:32 am

This sounds exactly like the issue I am having...

http://forum.mikrotik.com/viewtopic.php ... 4&p=176713
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Tue May 04, 2010 3:17 am

I have removed the metarouter from my config and moved back to 5.0B2. I will now wait and see what happens...
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Tue May 04, 2010 7:01 am

I completely reworked my metarouter. Did one from scratch. Used a mikrotik one. I did all the work using 5.0B2. Its up and working... BUT its disabled.. I want to run 5.0B2 without a metarouter for a bit and see what happens, then enable it...

There were some hiccups.

It would randomly drop the winbox connection to it. Reconnecting after a drop produced odd results, sometimes it said my connection was refused. Sometimes it seemed to loose the user database. I could however login fine from the Metarouter console. No doubt it was acting a bit weird during config..

When I decide to turn on the metarouter again I will run multiping through it so I can monitor if it goes down or is weird...

Not that I even need a metarouter. But I guess I can help isolate issues with beta 5.0
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Wed May 05, 2010 9:10 am

With the metarouter disabled I have gone 23 hours with no reboots at all on 5.0B2...

Im going to let it run longer just to be sure.

It looks like its the metarouter causing the whole router to hang and then the watchdog timer to reboot the router. I will confirm this soon by starting the metarouter again. I suppose what is interesting will be if some specific thing the metarouter is doing causes the hang. I will try and play with it some to maybe isolate what action in the metarouter causes the hang...

Im going to start a metarouter now, but not set any vm.interfaces to it.. So its isolated.. Just let it run and see what happens..
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Thu May 06, 2010 11:00 am

A step at a time...

I ran with just the metarouter setup. Default config when you first add one.. NO INTERFACES so no connection to the outside world..

This ran for 30 hours on the main router without any reboots..

I just added a full config and interfaces to it and rebooted everything.

So now we wait to see what happens..
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sat May 08, 2010 8:49 am

It ran fine for around 8 hours and then started watchdog timer rebooting..

I have disabled the metarouter and I am testing again.. Just to be 100% sure its the metarouter..

Other issues I have noticed along the way. supout.rif hangs and does not complete. Mikrotik support is aware and the issue is being worked on. When I do a backup, the log says "error creating backup file: could not read all configuration files"..

I gave Mikrotik support a login to my router. They are looking at it :)

This is a annoyingly hard problem to isolate.. I wish I could help more to find it..
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Wed May 12, 2010 9:03 am

Well........

36 hours of perfect operation with the metarouter disabled. No doubt the problem is with the metarouter.

I then enabled the metarouter again and rebooted. After around 8 hours, its rebooted and I had a new symptom. I could no longer log into the main router with winbox. I got the error "Could not get index: fatal error". I could get in via SSH. I power cycled and looked around at everything and could not discover why it suddenly started doing that. I also could not fix it.

The router was working correctly, I just could no longer login via winbox.

I could log into the metarouter with winbox.

I decided to try loading a backup. I did this and it then worked perfectly. Som something in the config of the main router got messed up when the router crashed/hung during my testing that I could only resolve by loading a backup..

Then I made a mistake... :)

I loaded a backup from the metarouter into the main router. Oops. Dont try this at home folks. This bricked my router and required a full reset by shorting out the reset "hole". hehehehe oops.. But took zero time and was very easy to recover.. This also did a nice full reset. I decided to hand configure everything and did not load a backup file.

I then had a clean fresh install and config. I started the metarouter and 5 hours later it crashed. Stopped the meta router and it ran for 24 hrs. Started the metarouter and it has been crashing randomly for the last 24 hours. I am running it so Mikrotik support could play with it. They have a login.. If anyone else wants to play with it let me know and I will get you a login..

It has been running with metarouter now for 19 hours ?!?.. So it had a few watchdog reboots and has now been stable for 19 hours ?!? I have now enabled debug logging, on both the main router and the metarouter... We shall see...
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Wed May 12, 2010 11:27 am

Just had 3 watchdog reboots over about a hour..

I dont think I caught anything in the debug logs..

Im going to disable the watchdog... see what happens...
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri May 14, 2010 8:41 am

With the watchdog disabled, I see about 2 or 3 events a day that last about 3-8 minutes. Each time the router is 100% not responsive and does not pass any data and you cannot log into it. The issue will clear on its own and the router will resume normal operations.

During these periods there are no log entries at all. The CPU graph does not show anything during this period.

This effects both the metarouter and the main router.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sat May 15, 2010 8:23 am

After 40 hours I had a lot of hangs.

I have downgraded to 4.9 and will run for a few days to see if I have any hangs at all..
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sat May 15, 2010 3:25 pm

Another issue that effects 4.9 and 5.0B2...

For some reason connecting to the metarouter via winbox will suddenly stop working from the WAN side. The LAN side works fine.

This led to to ping it from the WAN side and this also seems dead..

These are enabled via the firewall. They normally work. At some point they just stop working. Rebooting does not bring them back. Its just sorta random.

Its like there is something wacky with the firewall. The rules look fine.. Again, it works sometimes and sometimes it does not. It will fail while running as well.

NAT'ed traffic seems to flow through it ok.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sun May 16, 2010 11:06 pm

38 hours of perfect operation without any hangs at all by downgrading to 4.9.. So no doubt something got wacky with the metarouter with 5.0+

Well im sure the Mikrotik guys will find it. Difficult issue tho as its intermittent and not perfectly reproducible.

Im done testing it for now. I will revisit this as new betas come out.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Wed May 19, 2010 3:07 am

I believe 4.9 and maybe further back, has the same issue but far less frequently. I just saw a hang for around 3 minutes then it returned back to normal. 3 days have gone by with perfect operation.. I have a second 450G that I reset/config'ed/started at the same time as this one with identical setup EXCEPT the metarouter is disabled. It is still going without a issue.

So maybe the problem exists already in 4.X but for some reason gets way worse in 5.X ?
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: 450G + 5.0 Beta1 issue

Wed May 19, 2010 11:42 am

This is where i am with this problem.

this is problem appear on RB450G when MetaROUTER is enabled. But not sure how exactly MetaROUTER causes the router to freeze and why.

have tried everything starting from running OpenWRT with asterisk (no crashes in 2 month or more), RouterOS with OSPF as part of network (no freezes for 2 month until today 15.05.2010)

It seems that disabling some packages makes it more stable, but leaving all the packages there, it still can work stable for long periods of time (OSPF router).

BTW, running 2 instances did not change anything.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri May 21, 2010 10:19 am

This is a difficult problem to isolate. I wish I could help more.

The config I was using caused a hang of a mikrotik Metarouter about once a day. I sent in my config to support and I gave support a login into my router.

I am on 4.9 now and testing for stable operation. Next week I am going to go back to 5.0B2 and will share my config and provide support a login.

Some random thoughts on the problem:

What hangs ? Does the CPU hang or does it have 100% CPU usage ? Some hardware monitoring watching the logic would reveal a lot. A Logic analyzer connected to the router CPU should show exactly what happens when it hangs. This might provide the answer or a very good clue.

Maybe some outside automated attack coming from the internet causes a CPU spike ? There is ALOT of junk that goes around on the net and maybe something causes a MetaROUTER to hang ? To test this a 450G would have to be disconnected from the net and still fail. I might try this test.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sat May 22, 2010 10:49 am

5 days of perfect operation on 4.9 -without- the metarouter running.

I have now installed 5.0B2 with the Metarouter disabled.

I did a full reset after upgrade and used the terminal to do config. I noticed its on bootloader 2.6 for 5.0B2.

I am using pingplotter on 2 computers. One computer is pinging from the lan side to it and also through it to the cable modem. I am using the second computer to ping it from the wan side and also ping a device that goes through NAT. This is the same setup I used to test 4.9.

Multiping is set to ping 3 times a second so I will see any hang.

I am going out of town for a few days and it will chart the results while I am gone.

After a few days of testing I am going to enable Metarouter and continue testing.

Im doing this to carefully verify the problem. I was not doing full config resets before so I want to make sure I have this issue well understood.

During this testing I have discovered a issue with my new DOCSIS 3.0 Cisco cable modem, the DPC 3000. About once a day it looses connectivity for about 10-20 seconds. This was a interesting discovery.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Wed May 26, 2010 6:35 am

5 days of flawless operation with 5.0B2 on a 450G and 750G.

Im not sure this has any meaning but I am doing more in depth testing.

A sample 24 hr plot. Note the scale. Top of the scale is 0.1ms.. I am using multiping to ping the LAN side of the router and ping the cable modem thru the router.
I am pinging at .1 Sec intervals, 10 times a second. This provides a high resolution plot.

The load on the CPU of the router can be sensed by how quickly the ping is returned it turns out.

Top chart is the 450G
Bottom chart the cable modem thru the router

Typical 24hr period. The cisco cable modem does some weird stuff.. The 450G is perfect... Over days.
24hrNoMetarouter.gif
Once I started the Metarouter these plots changed and got quite noisy. I presume a higher CPU load to run the Metarouter. But odd patterns emerged. Fairly long periods of what might be higher CPU usage.. The loads on all the routers had not changed at all. This was not seen in 5 days of plotting...

Note this is a 3hr chart and the scale is larger..
3hrMetaRouterON.gif
This is most likely meaningless.. But interesting :)
You do not have the required permissions to view the files attached to this post.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: 450G + 5.0 Beta1 issue

Wed May 26, 2010 10:17 am

...The load on the CPU of the router can be sensed by how quickly the ping is returned it turns out....
This is logical but maybe not precise. Someone can confirm this? Is this true at least for Linux?

A very good post by the way. I like how you went really deep to investigate. I like that the ping investigation is plotted and can be so easily presented here.
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Thu May 27, 2010 3:42 am

I think that works on any computer.. BUT yea the differences would be small...

Multiping gets down to .1 but you can see .05ms... Of course MANY things can influence it..

So a baseline... This is the router with the MetaRouter set to disabled.. Note the scale. Full scale is 0.1ms. This is a 24 hour chart recorded with 100 ping per second resolution. Im pinging the LAN side of the router. I have Multiping options @ .1ms ping interval, 0 interval between pings, 28 byte packet size..
WithoutMeatRouter.gif
Then I turned on the meta router.. My CPU usage increased, Winbox siad about 2%-7%. In fact its amazingly visible.. Note the scale is 10 times higher now at 1ms. So this is at least 10 times noisier.. The red spots are 100% packet loss, this is the "hang".. During 24hrs it got hung up twice. But different intervals, no log entries, not triggered by any action I can see. They are also not a set distance apart in time. The hangs were 2min 49 seconds and 9 min and 50 seconds.

The more interesting parts are the raised ping times that last for 10-30 minutes.. Must be higher CPU usage ? There is no additional data traffic during these intervals. In fact really heavy data flow does not seem to effect these results. High data flow does not lead to much increase in ping times at all.
MetarouterOn.gif

Later I turned off the meatrouter and everything returned to normal..
Metarouterturnoff.gif

So what does this tell us... Most likely nothing !.. Might just be normal...

Something fairly serious happens tho when you turn on a metarouter.. The router is obviously stressed more..
You do not have the required permissions to view the files attached to this post.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: 450G + 5.0 Beta1 issue

Thu May 27, 2010 9:12 am

I'm a performance freak that would almost go to extremes. So if I needed Asterisk for example I would run that in a separate OpenWRT-enabled device or even - waaaaay better - in a mothaf'ing second hand x86 piece of scrap metal desktop PC from our ancestors :D (overclocked, stress-tested, coooled, and with new caps re-soldered in the PSU and mobo by my trusty electronics guy).

Unless MikroTik can prove to us that the main routing performance will be intact when you run something with Metarouter/KVM :) So far you mate, have proven the opposite :D
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: 450G + 5.0 Beta1 issue

Thu May 27, 2010 2:31 pm

on ppc boards (RB1000, RB800) metarouter is stable. On RB433AH it hasn't hanged for several month and only reboots are install of new version.

Only black sheep is RB450G that have weird issues with metarouter running on them.

KVM is completely different story - as far as i have seen - it has not crashed ever. And i am running Ubuntu and RouterOS as 2 KVM guests on X86 with 4 cores. There this impact of running guest OS is negligible, because main packet processing happens on single core anyway. Only slow down can happen if guest OS does something memory intensive.

Also, on every single core router you will feel some drag when you start using virtualization. Consider that that there is completely other OS with its services and all the interrupts have to be processed by guest and then by host OS. And for some operations that introduces quite an overhead. But that should be expected. On the other hand, what good is hardware if it runs with 10 - 20% load, if adding guest brings it up to 40 - 50% costs increase only up to maximum 10% if that much at all.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: 450G + 5.0 Beta1 issue

Thu May 27, 2010 2:44 pm

Thank you for saving Virtualsiation for us, JanisK.

So if I have a x86 MT Router that runs at 40% CPU load at max, in peak hours, And if I would add a KVM with Asterisk, and I see that CPU goes only up to 80% for example.... Should I expect No raises in ping times, still good latency.. still perfect routing performance?

P.S. another important question. Let's say the x86 MT Router goes to 90% CPU usage but very rarely for a few moments from time to time in peak hours. And let's say that I have a KVM with a service running on it that is not so important. For example a website, a forum, a CRM, who knows. What if RouterOS could take complete prioirty over the KVM? So that when RouterOS needs the CPU - it gets it without any delay whatsoever. And when the KVM needs the CPU - it waits for RouterOS to free some. So the service running in the KVM would work a little slower but this would happen very rarely. Is this prioritising of processes inside the router possible? :)
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Thu May 27, 2010 9:50 pm

And for some operations that introduces quite an overhead. But that should be expected. On the other hand, what good is hardware if it runs with 10 - 20% load, if adding guest brings it up to 40 - 50% costs increase only up to maximum 10% if that much at all.
The main router ping time increases as a result of the virtualization are extremely minor. They look dramatic in the chart, but a increase of .5ms is really minor.

The advantages of using virtualization are many. Its truly amazing you can do it on a $120 router !

Is the performance of the MetaROUTER the same on a single CPU 450G as the main router ? of course not. Thats to be expected. Are there trade off for using a metarouter ? Of course.

Its a stunningly cool option. It would be cool to get it to work on the 450G correctly :)

virtualization is not exactly simple. This issue is also intermittent and so far not easily reproducible. Its gotta be annoying to try and fix.

What is interesting to me in the charts is the elevated response times that last 20-30 minutes. Im not sure what runs for 20-30 minutes at a time in the router. It also occurs somewhat randomly but separated by hours. Thats a long time for a process to run taking up some CPU time.

I have not run Multiping against the metarouter yet. I am currently just running it against the main router. I will setup multiping to ping the metarouter and see what happens.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: 450G + 5.0 Beta1 issue

Thu May 27, 2010 10:20 pm

Those 20-30 mins graph activity may be some process scheduled underneath. A cron job inside RouterOS. I hope those don't harm routed packets performance.
Oh wait. Those .05ms increases may be due to a process on the host that sent the ping requests. Or due to network activity along the way.
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri May 28, 2010 11:16 am

Oh wait. Those .05ms increases may be due to a process on the host that sent the ping requests. Or due to network activity along the way.
Thats why I have done a weeks worth of testing... None of the noise or steady increases appears in the tests until I activate the Metarouter. I have 24 hours of flat line charts. .1ms full scale. Just black flat line almost.... This eliminates all other sources of unwanted interference. I am connected with everything gigabit with good 3 foot cables.

Im also using 3 different computers and see the same spikes at the same time on all three. So the computers are not influencing the results in any meaningful way.

In reality I can run just tons of traffic through the router and see very little difference in these charts. I can get a slight peak when I first start winbox.

If I write a script loop I can create much bigger sustained stuff on the charts.

So data throughput does not seem to influence the charts hardly at all. CPU usage does influence the charts.

ANYWAY...

Its interesting.... And easy to try yourself. Pick a fast computer, gigabit interface, hook it to the router with a short high quality cable.

Go get the free demo of Multiping http://www.nessoft.com/multiping/download.html

add in your router IP address... Change the ping interval by TYPING in .01 and press enter.

Set some options... Edit>Options>Packet
Time Interval between pings: 0
Packet Size 28
Number Of Samples to hold in Memory 0

Apply/save and your done...

Right click on the chart to look at different time scales... Its possible to add custom time scales to look at 14 days for example.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sat May 29, 2010 8:11 am

O M G....

I might have progress... At the very least I have clearly effected the issue...

I was thinking about how it could only effect the 450G and not other routers based on the same chips. I also remembered that someone thought that the power supply made a difference..

I am a analog electrical engineer. One of the things I do is make analog electronics...

I looked at the router and decided to supplement the 330uF cap that is across the 1.2Vdc supply for the CPU... I went completly overboard and put 4400uF cap there which would really make sure that CPU supply was s t a b l e.... So a more then 10 times increase... I might get around to doing the other power supply caps..

The idea here is that some spike in CPU usage is causing a lower then normal voltage on the 1.2 supply for the CPU for a very brief time causing weirdness and causing hangs...

This has had a apparent effect... I am still testing, but I have not had ANY hangs on the main router in 20 hours. That is a huge difference. BUT I am still testing to make sure.. Also I have seen something interesting occur that was not visible before and might indicate something important...

I think what happens now is a CPU usage spike occurs but the main router stays working and does not suffer from a power issue when a huge increase of current is required for the usage spike..

AGAIN IM JUST GUESSING AT MOST OF THIS.... BUT I have some interesting results...

This was before my cap mod.. This shows red packet loss when the router hung up. It also shows to ever present increases in ping times sustained for 10-30+ minutes..

Image

I then did the cap mod.. Strangely the plot is cleaner.. But the import thing is no red blotches..

There is however a weird increase in ping times that went off chart..

Image

Zooming in on this section of chart..

Image

Zooming in more on just the 4 minute high spike and changing the vertical scale so I can see the whole spike, I notice a much shorter spike that is WAY off the scale.. And this spike preceeds a much higher then normal ping time..

Image

Looking even closer

Image

Zooming in more on just that spike and allowing a MUCH higher vertical scale..

This yielded a HUGE ping spike which was around 6000ms or 6 seconds.. This lasts for around one second and I have about 80 pings for that second.

Image

THIS spike is unlike anything I have seen during my testing so far.. This was some REALLY HIGH CPU usage.. However it did NOT cause the MAIN router to hang up this time.. Maybe that cap allowed the CPU to keep running through this obvious spike in usage and CPU current draw..

The Metarouter however DID hang up. It locked up at exactly the moment of this spike...

Image


So........

By placing a MUCH bigger cap on the power supply rail to the CPU I made it more stable and doing this kept the main router working while something in the metarouter caused a huge increase in CPU demand and current flow from the supply...

Now what software issue is causing the metarouter to produce a runaway CPU usage for a VERY short 1 second period,,, I dont know that...

I think I did confirm what the other guys were saying about power supplies possibly making a difference tho and this might explain why..

Im going to continue my testing. I want to confirm that by placing a MUCH bigger cap on the power supply rail I have stabilized the CPU to make it through this impressive spike in usage and current.. I am hoping I will not see another main router hang. I expect to see Metarouter hangs however...

INTERESTING.... Wow this problem has been pretty fun to work on.

I think if I help isolate and resolve the issue i should get a free 450G :)
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: 450G + 5.0 Beta1 issue

Sat May 29, 2010 9:07 am

Please post pics. I want to see the exact capcitor you replaced, I want to see the one that was put there in manufacturing to compare with my RB450Gs. I can't believe how helpful your work is. A little research can get you light years ahead. So thank you.
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sat May 29, 2010 8:32 pm

I spoke too soon.... I think I am mistaken...

Man this problem is annoying...

From the last 12 hours.. Clearly the problem is still there, just like it was before... I think...

Image

So I am afraid Network Pro you will need to take back your Karma vote ! hehehehe
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sat May 29, 2010 9:04 pm

Hmmmmmmmmmm..........


This is from pinging the main router on the LAN side...
Image

And this is from pinging the MetaROUTER from the Meta Router LAN side. Notice how pings went up and stayed up. Notice right at the end when I rebooted the router and pings came back to normal.. And note how some hangs on the main router did not result in lost packets, just really long ping times..

Image
 
robertfranz
newbie
Posts: 37
Joined: Tue Apr 21, 2009 3:30 am

Re: 450G + 5.0 Beta1 issue

Sun May 30, 2010 8:05 am

You haven't lost your mind.

I can't offer any pretty graphs, but I've been plagued the last week with a lot of hangs and weirdness running v5.0B2 on a 450G at home.

I thought at first this was just because I was doing a lot of goofy stuff, and changing the config constantly, presumably with a lot of noob errors.

Then I looked at the Health monitor once when it bogged down, but didn't completely hang.

It was showing under 10vdc.

I'd blame the ps, but the temp was clearly way off too, so I'm thinking this is a sensor error.

However, if the sensor is reading erratically, the router as a whole becomes suspect.

I think I'll roll back to a previous version.

Metarouter on the 450g is pretty ghetto anyway.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sun May 30, 2010 9:07 am

Well I think MetaROUTER is pretty cool if you use it in a way that makes sense.

The ONLY problem I have noticed in all this testing is the MetaROUTER issues. If I turn off the MetaROUTER it works perfectly on 5.0B2. I have noticed that if I do tons of configuring, way more then any normal router should endure, it can get corrupted and get really weird however. This is true for 4.9 too. So what i do is complete config reset using the jumper on the board. I then use the RS232 terminal to "r" "remove" the config and then copy/paste a config script. I reboot and connect with winbox and then start a console to the metarouter and copy/paste a config script. I then reboot and try not to touch the config at all. This also makes certain that i am testing with exactly the same config each time. Yes with lots of configuring it can get corrupt, but so does every router it seems. Open-wrt, dd-wrt, UBNT, some cisco stuff, it all gets corrupt if you fool with it long enough..

After putting ludicrous amounts of power supply caps on the 1.2 and 3V rails it seems power dips caused by demand spikes are unlikely. I did see a difference in how the chart looked, which was weird, but I saw no improvement in performance and the problem is just as prevelent as before. I admit the charts clearly look cleaner after adding the caps. So it seems there is some tiny amount less jitter ? I donno. I could have used a scope and looked at noise on the rails, but I didn't.

I added 10,000uF to the 3V rail and 4400uF to the 1.2V rail. I used good low ESR caps. That is a stupid huge amount and may cause issues with the initial inrush current spike to charge those caps when first plugged in. There is most likely a 0 ohm resistor or fuse that might pop just because of the large inrush current to charge the caps. The high inrush current might also weaken parts over time. As with ANY change in hardware I might have introduced issues and even shortened lifetime because of the initial inrush current to charge these caps. Basically,,, don't try this at home folks.. I dont want to supply pics and a "how to" because I do not want to encourage people to do this.. However most likely all I did was improve stability and may have added some small amount of lifetime.

Its funny, the router will now run for about a second after I pull the power just because of the stored power in the caps.

The choices for power supply caps by Mikrotik seems quite good. In fact the quality of the parts is excellent. The values are more then enough as well. Its clearly well designed.. In fact I don't think its possible to make it much better, its exceptionally well made. I just decided to completely eliminate any possibility that this problem might be power supply related. I feel confident in saying it is not power supply related. Its clearly some software issue.

As far as temps go, I use a small fan. I am constantly at 41C. So in my case temp cant cause issues.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sun May 30, 2010 9:24 am

Update:

I placed the router by itself. Not connected to the internet. I wanted to make sure there was not any weird packets coming from the net that were triggering a issue with the router.. The same problems continued. So I have eliminated some external packets triggering the issue.

I added 10,000uF of caps to the 3V rails. Why not... No change in anything. The router will now work for about a second before dying after I pull the power.

Its JUST AMAZING to me that these super high usage spikes are so random. You would think there would be a pattern.. But nOooooOoo.....
How long the hangs last is rather random as well. As short as 5 seconds and as long as 30 seconds.

It appears there are 2 different kinds of hangs. Ones where packet loss occurs in both the metarouter and the main router, and a second kind where you get A killer spike that results in 6000ms pings for 1 second and complete packet loss on the Meta, then a drop back to a higher then normal period of pings which can last 20 minutes, then back to baseline. Many times there are periods of higher then normal ping times for 10-30 minutes.. Again these ping times appear to be CPU load related. I think.

Clearly there are 2 kinds of hangs.. I think its the same problem however. I think one is the main router hanging and the other is the meta router hanging. I think its the same bug in both.
 
rmichael
Forum Veteran
Forum Veteran
Posts: 718
Joined: Sun Mar 08, 2009 11:00 pm

Re: 450G + 5.0 Beta1 issue

Sun May 30, 2010 10:49 pm

Interesting thread, Xymox. Have you tried to use different ports? It seems ports 2-5 are different than port 1. On top of that this post describes packet loss on ports 3-5: http://forum.mikrotik.com/viewtopic.php ... 0g#p204127 so there could be a difference between 2 and 3-5???

There's also switch-all-ports=yes/no command that you might want to test with. For example I would try to switch-all-ports=no and connect VM to port 1 only. Check for stability, than attach it to port 5 only and test for stability again.

Maybe the switch chip needs a cap too :)
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sun May 30, 2010 11:06 pm

The "hangs" clearly have a pattern to them even tho they seem to occur randomly..

This shows a 2ms full scale.

Image

The raised ping times starting at point 1 occur quite a bit without leading to a hang. I dont know what these raised ping times singify. I would imagine a higher then normal CPU usage caused by some process on the router. They last 15 minutes on average. They normally go from 1 to 5 in time.. These do not seem to effect performance. Sometimes however a huge spike occurs starting at point 2. A higher then normal elevated ping response time then occurs for a while then returns back to the previous elevated ping time, point 4, and eventually returns to normal, point 5...

A higher vertical scale shows the huge spike better. Complete packet loss occurs on the MetaROUTER from point 2 to point 4..

Image

A zoom in time to show the 1 second long super spike. These are 6000ms pings and I have enough resolution to see it very clearly. There are about 90 pings there.

Image

This pattern is one of 2 patterns.. This one has no packet loss on the main router, but 100% packet loss on the MetaROUTER.


12 hours showing the above spike.. You can see the elevated ping times and a few spikes. The green to the left is my playing with the router and rebooting and stuff..

Image
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sun May 30, 2010 11:44 pm

Interesting thread, Xymox. Have you tried to use different ports? It seems ports 2-5 are different than port 1. On top of that this post describes packet loss on ports 3-5: viewtopic.php?f=3&t=40798&p=204127&hilit=rb450g+rb750g#p204127 so there could be a difference between 2 and 3-5???

There's also switch-all-ports=yes/no command that you might want to test with. For example I would try to switch-all-ports=no and connect VM to port 1 only. Check for stability, than attach it to port 5 only and test for stability again.

Maybe the switch chip needs a cap too :)
Hehehe,,, The switch chip's power supply is already capped. I stuffed EVEN MORE on the router last night. Im SURE its not power supply. I have 14400uF on the 3V supply and 12200uF on the 1.2V supply. No WAY there is a power issue now.. I think you could start a fusion reactor with all that reserve current avaliable. Not to mention the supplies must have ZERO noise..

Hmmm... Interesting.... Ive got WAN set at port 1 and LAN as port 2. Switch-all-ports is off. The Meta router is bridged to port 3-4.. I had Switch-all-ports to on for a while and it was the same issue..

Let me go over my testing configuration. Its actually my home setup..

Port 1 is the WAN its connected to the cable modem and internally to a bridge. Port 5 is connected to this bridge and allows me to connect other stuff directly to the modem.

The Firewall and Nat come from this bridge..

Port 2 is the LAN side of the NAT/Firewall. Its not bridged or slaved to anything..

The MetaROUTER comes from the WAN bridge, static, and is static to a "metabridge" which has port 3 and 4. It was tied directly to port 4 without a bridge and it had the same issue.

Im Newbie at this, but I think this is OK ?

Hmmm..... I have tried so far to just study the problem with the same config.. I guess its time to start fooling with the config...
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Mon May 31, 2010 12:28 am

I simplified my config some...

port 1 is tied to "WAN Bridge" and the firewall/NAT all conect to the WAN Bridge as does the MetaROUTER

Port 2 is the LAN side of the firewall/NAT. The weird part is I just noticed that I guess the default output interface is port 2 as the stock Mikrotik config does not specify a output interface. So I guess if you dont specify a output interface, its port 2 ?

Port 3 and 4 are not slaved and are not hooked to anything..

Port 5 is the static output from the meta router. No bridge..

NEWBIE question... If I wanted to change the output of the main firewall/nat to port 3 instead of port 2 I just specify port 3 as the output interface in the firewall and NAT ? Then I could use port 2 as my output port for the MetaROUTER ?
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: 450G + 5.0 Beta1 issue

Tue Jun 01, 2010 1:39 pm

what you mean by output of main firewall?

it was not very clear what you have configured there.

some my suggestions:
nat rule in my configurations usually looks like this:
/ip firewall nat add chain=srcnat action=masquerade out-interface=Out

that way i ensure that all packets leaving my internal network are src-nat'ed. If you need to get like 2 IP addresses from ISP, and you need like 2 routers, then for now, i would suggest you to make bridge interface, and bridge WAN with static virtual ethernet interface (it will slow down stuff a bit, since there will be more steps) and then on host, you set masquerade to bridge interface, so you reach your router external addresses through masquerade.

on the internal side, if you assign static interface (ethernet) to metarouter, do not do anything with this interface on host. That most likely will go awry, like, host will not be able to access metarouter through that interface and vice versa.

I have RB450G (with default caps, and default PSU, since adding 3A 12V PSU did not change anything) running Metarouter and i have interfaces configured in this manner, router and metarouter are only rebooted by hand, when new version is available with run times of several weeks, when i avoid installing new versions. Both (host and guest) does OSPF and OSPFv3 in highly unstable network where due to hangs/reboots/version changes routers come and go.


Some of these higher latency areas in your graphs could be caused by metarouter reading from nand, or trying to write something, as nand is quite slow and IO is operated by CPU.

Anyway, thanks for your findings.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Wed Jun 02, 2010 5:43 am

** I AM A NOOB **

hehehe....
Anyway, thanks for your findings.
Janisk: I just hope something helps to find the problem.. Actually I love this kind of thing. Its like a puzzle :)


My config... Again, I am a noob.. Most of my config comes from the defaults on the 750G. That worked right out of the box for me and I learned on that router, so when i got a 450G I configured it in the same way...

I start with a blank config and copy paste into the RS232 console. Then once thats up I copy paste my meta config via the winbox console.

I have some firewall rules to track and block port scanners.

My config that I have used for testing:

Main Router:

/interface ethernet switch
set switch1 mirror-source=none mirror-target=none name=switch1 \
switch-all-ports=no
/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
comment="" disabled=no forward-delay=15s l2mtu=1524 max-message-age=20s \
mtu=1500 name=WAN-bridge priority=0x8000 protocol-mode=none \
transmit-hold-count=6
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
comment="" disabled=no forward-delay=15s l2mtu=1524 max-message-age=20s \
mtu=1500 name=MetaBridge priority=0x8000 protocol-mode=none \
transmit-hold-count=6
/ip pool
add name=default-dhcp ranges=10.1.1.200-10.1.1.254
/ip dhcp-server
add address-pool=default-dhcp authoritative=after-2sec-delay bootp-support=\
static disabled=no interface=ether2 lease-time=1w name=XDHCP
/metarouter
add comment="" disabled=no disk-size=unlimited memory-size=64MiB name=\
XymoxMeta
/interface bridge port
add bridge=WAN-bridge comment="" disabled=no edge=auto external-fdb=auto \
horizon=none interface=ether1 path-cost=10 point-to-point=auto priority=\
0x80
add bridge=WAN-bridge comment="" disabled=no edge=auto external-fdb=auto \
horizon=none interface=ether5 path-cost=10 point-to-point=auto priority=\
0x80
add bridge=MetaBridge comment="" disabled=no edge=auto external-fdb=auto \
horizon=none interface=ether4 path-cost=10 point-to-point=auto priority=\
0x80
add bridge=MetaBridge comment="" disabled=no edge=auto external-fdb=auto \
horizon=none interface=ether3 path-cost=10 point-to-point=auto priority=\
0x80
/ip address
add address=10.1.1.1/24 broadcast=10.1.1.255 comment="default configuration" \
disabled=no interface=ether2 network=10.1.1.0
/ip dhcp-client
add add-default-route=yes comment="default configuration" \
default-route-distance=0 disabled=no interface=WAN-bridge use-peer-ntp=\
no use-peer-dns=no
/ip dhcp-server network
add address=10.1.1.0/24 comment="default configuration" dns-server=10.1.1.1 \
gateway=10.1.1.1
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=4096KiB \
max-udp-packet-size=512 servers=208.67.222.222,208.67.220.220
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=accept chain=input comment="" disabled=no dst-port=28291 \
protocol=tcp
add action=drop chain=input comment="dropping port scanners" disabled=no \
in-interface=WAN-bridge src-address-list=badguys
add action=accept chain=input comment=ping disabled=no protocol=icmp
add action=accept chain=input comment="" connection-state=established \
disabled=no in-interface=WAN-bridge
add action=accept chain=input comment="" connection-state=related disabled=no \
in-interface=WAN-bridge
add action=add-src-to-address-list address-list=badguys address-list-timeout=\
2w chain=input comment="Port scanners to list " disabled=no in-interface=\
WAN-bridge protocol=tcp psd=21,3s,3,1
add action=add-src-to-address-list address-list=badguys address-list-timeout=\
2w chain=input comment="NMAP FIN Stealth scan" disabled=no in-interface=\
WAN-bridge protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg
add action=add-src-to-address-list address-list=badguys address-list-timeout=\
2w chain=input comment="SYN/FIN scan" disabled=no in-interface=WAN-bridge \
protocol=tcp tcp-flags=fin,syn
add action=add-src-to-address-list address-list=badguys address-list-timeout=\
2w chain=input comment="SYN/RST scan" disabled=no in-interface=WAN-bridge \
protocol=tcp tcp-flags=syn,rst
add action=add-src-to-address-list address-list=badguys address-list-timeout=\
2w chain=input comment="FIN/PSH/URG scan" disabled=no in-interface=\
WAN-bridge protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack
add action=add-src-to-address-list address-list=badguys address-list-timeout=\
2w chain=input comment="ALL/ALL scan" disabled=no in-interface=WAN-bridge \
protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg
add action=add-src-to-address-list address-list=badguys address-list-timeout=\
2w chain=input comment="NMAP NULL scan" disabled=no in-interface=\
WAN-bridge protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg
add action=log chain=input comment="" disabled=no dst-address-type=\
!broadcast,multicast in-interface=WAN-bridge log-prefix=warning
add action=add-src-to-address-list address-list=badguys address-list-timeout=\
2w chain=input comment="" disabled=no dst-address-type=\
!broadcast,multicast in-interface=WAN-bridge
add action=drop chain=input comment="default configuration" disabled=no \
in-interface=WAN-bridge
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" disabled=\
no out-interface=WAN-bridge
/ip neighbor discovery
set ether1 discover=no
set ether2 discover=no
set ether3 discover=no
set ether4 discover=no
set ether5 discover=no
set WAN-bridge discover=no
set MetaBridge discover=no
/ip service
set telnet address=0.0.0.0/0 disabled=yes port=23
set ftp address=0.0.0.0/0 disabled=yes port=28292
set www address=10.1.1.0/24 disabled=yes port=80
set ssh address=0.0.0.0/0 disabled=yes port=49
set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
set api address=0.0.0.0/0 disabled=yes port=8728
set winbox address=0.0.0.0/0 disabled=no port=28291
/metarouter interface
add comment="" disabled=no static-interface=WAN-bridge type=static \
virtual-machine=XymoxMeta vm-mac-address=02:FE:AE:C6:A0:63
add comment="" disabled=no static-interface=MetaBridge type=static \
virtual-machine=XymoxMeta vm-mac-address=02:01:91:99:6E:76
/system clock
set time-zone-name=America/Phoenix
/system identity
set name=XymoxTik
/system ntp client
set enabled=yes mode=unicast primary-ntp=129.6.15.28 secondary-ntp=\
132.163.4.103
/system watchdog
set auto-send-supout=yes automatic-supout=yes no-ping-delay=5m \
send-email-from=xymox1@cox.net send-email-to=c@xymox1.com \
send-smtp-server=68.6.19.4 watch-address=none watchdog-timer=no

The Meta config is basically the same thing except no need for bridges..

The above config is not complete, I left out scripts for DynDNS and a script to beep for netwatch alerts for up/down. I have netwatch ping my cable modem and google and beep/email if they go down...


I am now using less and less config and I am still seeing the issue. However something weird happens if I disconnect ether1. I continue to ping ether2. The problem really really changes.. I thought it went away, but no, it just changes a lot. However i have not seen a hang for 24 hours with ether1 disconnected..

Ive been using my 750G running 5.0B2 without a MetaROUTER for my main router. Its been working really well.

So right now the 450G has one wire connected, ether2, and I have a computer running multiping against it. So its not connected to any network. The plots have been weird. I am still exploring it... More later...
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: 450G + 5.0 Beta1 issue

Wed Jun 02, 2010 2:01 pm

for test introduce these changes:
/interface virtual-ethernet add name=mr-WAN
/interface virtual-ethernet add name=mr-LAN

/interface bridge port add bridge=WAN-bridge interface=mr-WAN
/interface bridge port add bridge=MetaBridge interface=mr-LAN

/metarouter interface set 0 static-interface=mr-WAN
/metarouter interface set 1 static-interface=mr-LAN
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Wed Jun 02, 2010 3:05 pm

Ok I have added that..

I enabled the virtual ethernet ports..

Its all working. I am starting a test now..
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: 450G + 5.0 Beta1 issue

Wed Jun 02, 2010 3:29 pm

IMO, you will still have latency increases, but hangs should be rare or at least far between.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Thu Jun 03, 2010 4:39 am

:(

Sadly the hangs are still there.. The same 1 second long hangs.

last 12 hours.

Image

Close up of one of the spikes. There were 2..

Image

I think they do not occur unless something is plugged in to ether 1. I am going to test that now.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Thu Jun 03, 2010 6:32 am

Is there something in the router that runs every 15 minutes ? I think I might see a pattern to the latency bumps. The spikes always occur during a latency bump.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Thu Jun 03, 2010 6:40 am

janisk, you can log into and play with my router. Send me a PM or a email to my public email address @ p u b l i c @ x y m o x 1 . c o m and I will give you the URL and login info.


A 1 second hang is not very long.. It might be that these occur and are difficult to notice without doing all the analysis I am doing. There might be much longer hangs I do not normally see and maybe these are the ones you mention ?
 
rmichael
Forum Veteran
Forum Veteran
Posts: 718
Joined: Sun Mar 08, 2009 11:00 pm

Re: 450G + 5.0 Beta1 issue

Thu Jun 03, 2010 8:17 am

Is there something in the router that runs every 15 minutes ? I think I might see a pattern to the latency bumps. The spikes always occur during a latency bump.
routing table flush maybe?
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Thu Jun 03, 2010 9:37 am

Hmmm... I would think that there is a set of tasks that runs periodically. It would be interesting to disable each one and see which one causes the latency bumps and see if disabling one stops the hangs..

Can I set the router to log huge amounts of debug data ? I have set "debug" in the logging. Mostly that gets me NTP and I think some routing stuff. Is this the maximum logging I can get ?.

How do I turn off the storing of the data for the charting ? Can I just disable the long term storage of this data ?

I have decided to do something different. I set the CPU to run at 400MHz. See if the problem changes at all.

I am also going to disable the metarouter tomorrow and test. I want to see a stable 24 hours with my setup as a reality check. I want to recheck this.

It appears that if you reboot the router and then connect ONLY ether2 ( lan ) and run multiping there are no latency bumps or hangs UNTIL you connect Ether1. HOWEVER I still need to check that again.

I also have some other routers I am going to play with. I think I saw those same latency bumps on a DD-WRT based Linksys WRT-54TM. I am going to test that out.
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: 450G + 5.0 Beta1 issue

Thu Jun 03, 2010 9:42 am

but guest does not reboot now, does it?
 
rmichael
Forum Veteran
Forum Veteran
Posts: 718
Joined: Sun Mar 08, 2009 11:00 pm

Re: 450G + 5.0 Beta1 issue

Thu Jun 03, 2010 10:08 am


It appears that if you reboot the router and then connect ONLY ether2 ( lan ) and run multiping there are no latency bumps or hangs UNTIL you connect Ether1.
I think you mentioned that you are running with switch-all-ports=no. Have you tried switch-all-ports=yes? This will make eth1 part of switchgroup (as are eth2-5) I believe.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Thu Jun 03, 2010 10:11 am

Yes i started with switch-all-ports set to yes.. This makes no difference it seems.

I am trying to limit writing to NAND and see if that matters.

I found the way to disable the graphing... I just removed all the graphing rules via winbox.

That caused a 100% CPU usage lockup. I had to reboot to recover. But all is OK now. When i removed the graphing rules from the metarouter it did not lock up at 100% CPU.

So my changes going into the next 12 hours of testing are:

CPU 400Mhz & No power saving
disabled graphing
I removed my MicroSD card - I was not using it anyway
turned off all logging to disk.
Started logging to memory "debug"
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Jun 04, 2010 5:05 am

INTERESTING...

So I also turned off NTP..

I did all the changes above to both the main router and the MetaROUTER..


Look what happened !

Those last 5 hours was when i switch off the NTP on the MetaROUTER..

Image


While this is interesting.. Im not sure what caused it yet.. Also I am not 100% sure the problem is gone...

I did a bunch of stuff, so now I need to do one at a time and see if I can isolate the issue...

I went 20 hours without a single hang up in either the main or meta router.. This is a first...
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Jun 04, 2010 5:31 am

First this is increasing the CPU frequency back to default 680Mhz...

So I have No CPU Power Saving, disabled graphing, disabled NTP, no disc logging and no MicroSD card. Both the main router and MetaROUTER have the same settings. And of course a clean reboot..
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: 450G + 5.0 Beta1 issue

Fri Jun 04, 2010 8:37 am

i have NTP enabled on host but disabled on guest, 680MHz frequency. Graphing is off on guest.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Jun 04, 2010 9:40 am

I think NTP is causing the elevated latency bumps.. I went 6 hours with no elevated bumps at all... That was a first ever.. I then turned on NTP on guest and main routers and the elevated latency bumps returned right away...

However I need to check for sure..

I have returned everything back to my previous test settings EXCEPT I have disabled NTP for the guest and main routers.

Now I wait and see what happens...

Running at 400Mhz was interesting. My ping times increased on the guest router, which makes sense. The router is taking longer to respond to a ping because its going slower.

So off to testing..

I am running in "normal better for -0C environment" CPU mode. This is how I was running it before. Just FYI...

Wouldn't it be interesting if it was NTP ? Maybe NTP runs some timing loop for a period of time. Maybe when it changes the clock frequency it causes some weirdness.. I could see NTP causing some of the symptoms of this issue... INTERESTING...

But then again maybe not....

Only time will tell.... hehehehe....
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Jun 04, 2010 12:35 pm

So how does NTPd work ? Does someone have a link to what frequency it changes ? And how does this work on a virtual machine ? Is there a clock simulator ?

I understand how the NTP Daemon works, but I don't understand what its adjusting when it adjusts the frequency. There is no actual oscillator outside the CPU. Is it adding and subtracting CPU cycles from some loop ? Is it adjusting a delay in a loop ?..

If NTPd adjusts the clock, what program is the actual clock in *nix ?

This also explains why I had seen these same latency bumps on other router OS's, Everybody uses the same NTPd on *nix.

I still have to complete more testing but... After 6 hours, this is a pretty amazing plot..

Again the only difference from my original testing setup is that I turned off NTP on the MetaROUTER and on the main router..

Image


HOWEVER... The latency bumps might be 100% normal.. The hangs are not normal.. Im not sure NTP has anything to do with the hangs that I was seeing. It seems it might, but I need at least 24hrs to find out.. This might not be what causes the hangs that only appear after weeks.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8345
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Jun 04, 2010 2:49 pm

Is there something in the router that runs every 15 minutes ? I think I might see a pattern to the latency bumps. The spikes always occur during a latency bump.
yep, NTP client poll interval during normal work is 900s = 15 minutes =)
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Jun 04, 2010 9:31 pm

Wow, keeping time is a seriously deep subject. Its even more complex in virtual machines..

http://www.vmware.com/pdf/vmware_timekeeping.pdf

The 1 second hangs and elevated latency bumps appear to be gone. I am still testing to confirm. More shortly.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Jun 04, 2010 9:53 pm

From the above PDF:
Timekeeping in Linux has changed a great deal over its history. Recently, the direction of kernel development has been toward better behavior in a virtual machine. However, along the way, a number of kernels have had specific bugs that are strongly exposed when run in a virtual machine. Some kernels have very high interrupt rates, resulting in poor timekeeping performance and imposing excessive host load even when the virtual machine is idle.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sat Jun 05, 2010 3:43 am

Well I think turning off NTP has solved the issue I was seeing. In fact it really helped the metarouter latency..

I have 20 hours of flawless operation. I am still doing testing however..

Main Router. The red is me playing with the computer, NOT the router.. The grey line is also me playing with it.

Not sure what the latency ramps are..

The important thing is tjere are ZERO hangs for 20 hours and no latency bumps..
Image

The Guest/MetaRouter is amazingly clean.. This is a HUGE difference...

Again the red is me doing stuff.. NOT a issue with the router. The gray is also me..

Image


After reading the PDF above on how time is kept on a computer I could see how doing NTP on a virtual machine might have all sorts of issues depending on kernel support. I think there is a kernel change from 4.10 to 5.0B2 ? I dont know.. But I believe I have isolated the problem I was seeing to the NTP..

NTP might be a issue with a virtual router on 5.0B2. I have not checked but even time keeping might be a issue on the guest/meta router. It is amazing how complex it is to keep accurate time on a computer..

I might add that I have CPU power saving off. Power saving might cause further issues with time keeping and NTP on the guest/meta router. AGAIN I have not tested to see this.. But it might...
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sat Jun 05, 2010 11:51 am

Im going to start a little longer term monitoring.

I want to go for 3 or 4 days..

Same setup, NTP off on both Meta and main routers. CPU power savings off..

I would like a NTP option for a single update on startup and then maybe a command I can schedule to update it. I don't want to run it all the time. I would just like the correct decade :)
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: 450G + 5.0 Beta1 issue

Sat Jun 05, 2010 11:55 am

I think easiest would be a schedule to enable NTP client. Next problem would be to disable it after 30 seconds for example. What was the waiting syntax for scripts, to wait for 30 seconds? :)
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sun Jun 06, 2010 2:04 pm

Well if its really NTPd that running in there in RouterOS and I think it might be, then there is a command made to just do a single update. I would like that command avaliable to scripting.

I have not fully checked all this out yet, but there is a possibility that a guest/metaROUTER may have trouble keeping accurate time simply because of the seriously difficult problem of keeping time in a VM. So a single time update will not be enough to keep the guest/meta router on time. Again, I have not checked yet. I would bet that a metaROUTER gets behind in time pretty quickly. I will check this later.

Im trying to figure out why I even need to keep my router clock accurate. Except for logging I dont need to have a accurate clock. So I may just stop using it.

Right now I am just testing for any hangs or weird behavior now that I have turned off NTP... I am going to test for 2 more days. First results are just amazing. The charts are flat lines. Perfect behavior. It is kinda amazing how much impact NTPd was having.

Im sure the problem I was seeing is gone. I am now checking for any other long term hangs..

For me 5.0B2 with a metaROUTER is working pretty stable as long as I turn off NTP.
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Thu Jun 10, 2010 6:57 am

Well after 5 days of pinging both the main router and the MetaROUTER 100 times a second, I can say the hangt problem I was seeing is gone..

In fact the charts are stunningly clean.. The stuff I circled on the left is my playing with things and not part of the test... This is the same scale I have used all along, 2ms. Its close to 5 days of charting.. 38,740,000 pings later, not one was lost. Impressive..

So Turning off NTP on the main and MetaROUTER solved the problem I was seeing.

Image

I was running normal home traffic through the router the whole time. ZERO issues. Perfect operation.

I did notice something I need to explore. Skype calls might cause the router to hang and reboot.. Im not sure. Ive noticed it twice. It seems to only happen on long calls. Its rare... The router clearly hung up and then rebooted..
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: 450G + 5.0 Beta1 issue

Thu Jun 10, 2010 9:45 pm

Problems with UPnP there ?
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Jun 11, 2010 3:20 am

Hmmm.... I dont like the idea of uPnP... It just scares me.. Skype allows you to set a dst-nat to a port. Then you dont need uPnP...

Let me start a new thread cuz it is a problem... I have verified it on a 750G and a 450G and also on 4.10 and 5.0B2..
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24422
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: 450G + 5.0 Beta1 issue

Fri Jun 11, 2010 12:02 pm

UPnP scares you ? :) UPnP = NAT, only the rule is added automatically, based on what port it needs at the time. The port can change, you can never know what NAT rules you will need.
No answer to your question? How to write posts
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Jun 11, 2010 12:51 pm

:)

Well its the "the rule is added automatically" part that makes me nervous.

I would rather have a known set of NAT rules that are fixed and I know what they do rather then a set of rules that dynamic change and could, maybe, open up security issues.

I wonder if any virus's/trojans use uPnP to poke a hole in a firewall ?

So far,,,, i have never had to use uPnP, there was always a way to create a fixed NAT rule. So I have avoided uPnP for a long time. So far...
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24422
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: 450G + 5.0 Beta1 issue

Fri Jun 11, 2010 12:57 pm

upnp works from LAN to WAN, not other way around :) well, of course if you configure it so
No answer to your question? How to write posts
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: 450G + 5.0 Beta1 issue

Fri Jun 11, 2010 2:08 pm

Sure sure yeah yeah. And still - UPnP is out of control. For example when the WAN link changes ip address - all Dynamic NAT rules I should babysit and delete myself. Then when the WAN link is not up (ppp etc) the NAT rules are still added but with zeroes for dst-addr and they dont work that way at all. And then when the stupud users application adds a very dumn NAT rule that opens stupid ports like 80 and 8080 - your WAN IP is added to a proxy black list :) just for having those ports open. So UPnP is not managable enough. Maybe I should hire a full time programmer to code scripts to deal with all these thigns :D
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Xymox
Member
Member
Topic Author
Posts: 388
Joined: Thu Jan 21, 2010 5:04 pm
Location: Phoenix, Arizona US
Contact:

Re: 450G + 5.0 Beta1 issue

Sun Jun 13, 2010 6:44 am

Well... This thread got off topic... But... I guess I started that by talking about Skype.. hehehe

I think uPnP has uses.. I think for a home user with no capability to configure anything, uPnP is a automagic miracle. For this type of client its the only way some stuff can work at all. For example a Xbox 360. Gamers would just be calling Xbox support all the time if not for uPnp..

Of course they do end up having to power cycle the router/modem/360 fairly often to fix weird uPnP issues that occur during normal use, like NetworkPro mentioned.. But it does mostly work for configuration challenged users.

So... I think uPnP has a place in the world of users who are IT complexity challenged. :)

Off to update my Skype thread...

Who is online

Users browsing this forum: fusa, Google [Bot], MSN [Bot], vblprs, Zamtron and 94 guests