2. Please move the "Torch" selection from the "Tools" to the "Main Menu" !!!

Thanks
-tp
It would not be a good idea to do that because it introduces new possibilities for bugs.But what is preventing Mikrotik from making it possible to create hidden lists from several IPs specified in a single rule or having a rule match if IP exists in list A or list B?
Tom:NV2 - increase NV2 client scan-for-AP b4 connect to AP
Unlike 802.11 or nstream, nv2 clients do not background scan for better APs to connect or roam to. All client nv2 connections want to stay connected to the original nv2 AP they first connected to. Longer nv2 client scan times would at least get equal client-connect loads distributed evenly among all nv2 APs of equal signal strength found in the client nv2 scan list.
North Idaho Tom Jones
How about performing an IP / neighbor command on your main router (that should 'see' all units) and order by device type? You'll immediately see if a units is 'n' or 'ac'. My antenas all have their designated AP in their name so I can then also set the filter and thus see in an instance which units are 'n' or 'ac' (and thus can do 80Mhz wide channel in 'ac') for each AP.Re: Feature requests (ability to view wireless capabilities)
Is there a feature to see/view the capabilities of a wireless wlan ?
If not , then I would like to see a new feature to show the wireless capabilities and possible settings.
My issue, I have more than 1,000 nv2 client Mikrotiks. I currently use a Linux expect script to sequentially connect up to each client and perform some commands. The results of the commands are stored in a directory on my Linux machine (results-directory/IP-address-of-client-mikrotik). I am then able to grep the results-directory for pattern matches I am looking for and with this list, I am then able to obtain a client list of IP addresses I am searching for.
I am searching for a method to find all client Mikrotiks that are AC capable, and/or Ceee capable, and/or 2x2 capable. My problem is, I don't know the client wireless capabilities without actually attempting to configure the wireless interface. Thus, it would be a nice feature to be able to print the wireless capabilities without actually making wireless configuration changes.
North Idaho Tom Jones
rfc 6286 - AS-wide Unique BGP Identifier for BGP-4 support for routerOS BGP.
it relaxes some strict definitions: routerid can be now an arbitrary 32 bit unsigned integer, while the older definition restricts it to "valid unicast address".
this breaks BGP compatibility with mikrotik devices right now if not taken in consideration.
in general you only need to remove the check that was required in rfc4271.
this needs to be worked out with IPv6-only devices where you don't have no IPv4 address to be used as bgp identifer.
opened a support request for it earlier today:Just ran into this issue today.
@TomjNorthIdaho: So it's enterprise feature then? That's good, it won't agitate people for being another frivolous home feature.A WISP could possibly use something like this to play a sound file ...
It would pretty much be a tool for what ever a Mikrotik admin might want/need. Also , because I am suggesting it be an optional package, it would not necessarily be pre-loaded on a fresh Mikrotik router. This optional package could potentially be a nifty tool when used with scripts (including netwatch) to provide audio/verbal information. Also , because I know this type of motherboard speaker driver works on old/slow 16 MHz 16-bit computers , it would not be a Mikrotik resource drain sucking performance away from L2/L3 throughput.@TomjNorthIdaho: So it's enterprise feature then? That's good, it won't agitate people for being another frivolous home feature.A WISP could possibly use something like this to play a sound file ...![]()
How about the possibilities of a new wireless driver for Wireless chipsets ? With a developent package , a new wireless driver could be created (using all of the available Atheros chipset registers/settings) to make new high-performance high-thoughput wireless drivers (such as a new/better nv2 'TDMA') system that might way outperform the current Mikrotik properitery hybrid TDMA (nv2). Or how about the tens of thousands of Linux drivers and applications/tools/utilities already freely available.Good luck with that. It doesn't seem to me that MikroTik is much for opening up. For example, according to developer of open-source MAC telnet, they don't even want to share details about new 6.43+ authentication, which is something that has no reason to be secret. And you want them to let you plug in your own code in their kernel...
But it could be nice. Even if it was something significantly more modest, just custom packages for strictly user-space non-root stuff. You could easily add custom services, simple web server, full-featured DNS server, UDP proxy, etc. Things that people sometimes want and MikroTik is not eager to implement. Combine it with some API to integrate own configuration interface for these things in WinBox/WebFix/CLI and it would be wonderful. But I'm not holding my breath.
Yes it would certainly be nice to have user-mode daemons under isolated user IDs so they cannot mess with the MikroTik part of the system, but frankly I doubt that the infrastructure for that is currently in place."my plan" (if we can call it that) seems more realistic, because even though they would lose some control, isolated package could not easily mess up whole system.
I'd like to ask to complete IPSEC/IKEv2 implementation.
Motivation is : lots of VPN providers - NordVPN and others - are moving to that, leaving L2TP/IPsec disappearing.
System > scripts > environment (both winbox and webfig) ( it's only the current values however)There sould be a new section, a table in webfig and in winbox for global variables with initial values.
Such request is pretty useless. Defince what you consider "complete"? Which features you are missing?I join the request, i need secure way to use NordVPN.
I'd like to ask to complete IPSEC/IKEv2 implementation.
Motivation is : lots of VPN providers - NordVPN and others - are moving to that, leaving L2TP/IPsec disappearing.
This can be done using scripting. The underlying mechanism in the kernel does not support a DNS name so it would have to be solved in a similar way.Please consider adding FQDN and DDNS support to the Local and Remote Address fields of the GRE Interface.
Isn't the support already here for some time?.. quite long time...Please consider adding FQDN and DDNS support to the Local and Remote Address fields of the GRE Interface.
What's new in 6.33 (2015-Nov-06 12:49):
*) tunnels - eoip,eoipv6,gre,gre6,ipip,ipipv6,6to4 tunnels now support dns name as remote address;
Why not just unset it?Yes, it's there, but only for remote address. Local address accepts only IP address.
Yeah, in nginx you simply use try_files for your custom files on local server and proxy_pass to the original MikroTik server for the restIn that case one can choose to retrieve the LATEST file from a local server and still get the npk files from "upgrade.mikrotik.com".
(so it is not required to keep a complete mirror of those files)
But of course it should be possible to mimic that with a reasonably flexible "transparent proxy" (that allows some files to be served locally and the remainder to be proxied)
I should have provided more detail.Isn't the support already here for some time?.. quite long time...Please consider adding FQDN and DDNS support to the Local and Remote Address fields of the GRE Interface.
What's new in 6.33 (2015-Nov-06 12:49):
*) tunnels - eoip,eoipv6,gre,gre6,ipip,ipipv6,6to4 tunnels now support dns name as remote address;
+1 for allowing MAC address prefixes in lists as well for identify entire classes of devices like VoIP phones.Please add:
MAC address lists
Port lists in Firewall
Having MAC addresses in a list would not be very useful for that. What you want is to match MAC address by prefix, usually by the first 3 octets (manufacturer).+1 for allowing MAC address prefixes in lists as well for identify entire classes of devices like VoIP phones.
So, updates work via plain HTTP? No encryption?Well, as I can see, you just create static DNS entry on the router "upgrade.mikrotik.com" with the IP of your server, then run HTTP server on that IP, serving one-line files "/routeros/LATEST.(6|6fix|6rc|7)" containing "$VERSION $TIMESTAMP" (for example, "1.0 1"). Then create "/routeros/$VERSION" dir with CHANGELOG (any text you want to see) and .npk files. Done![]()