MikroTik

Posted: **Wed Mar 25, 2009 11:18 am**

I just wonder... Why MT has not supported IS-IS?

Its just sooooo coooooooooool protocol...

Posted: **Wed Mar 25, 2009 11:55 am**

I don't see any reason why MT needs IS-IS, it already have OSPF which is also coooool protocol

Posted: **Wed Mar 25, 2009 12:41 pm**

Well... Cisco and Juniper also have OSPF but that didnt stopped them thinking: well IS-IS is... IS-IS after all

It is thinking of big league players...

Posted: **Wed Mar 25, 2009 1:07 pm**

Any specific reason why you can't use OSPF instead IS-IS

Posted: **Wed Mar 25, 2009 1:22 pm**

I think you don't understand my question. My point isn't which protocol is better... Although, I think IS-IS is better primary because everyone who knows thematic know that IS-IS better use available bandwidth as CPU and memory.

Back on topic...

My point is why MT hasn't supported it? Is it because of some kind of license or something like that? Ićm just curious...

Cheers

Posted: **Wed Mar 25, 2009 1:24 pm**

OSPF provides more features and is supported by all devices. IS-IS is similar, but provides less features, and is not suported by all devices.

Hmm ...

Posted: **Wed Mar 25, 2009 1:39 pm**

Posted: **Wed Mar 25, 2009 3:18 pm**

I must admit I'm an IS-IS fan as well, and I believe that it does a few things better than OSPF, such as the TLV concept making it much more flexible. Read http://www.nada.kth.se/kurser/kth/2D149 ... 1.txt.html for a good analysis of the various differences.

However, I don't think IS-IS should be a focus for MikroTik at the moment. They would have to invent an ISO-protocol stack with CLNS, ISO addressing and all that in order to make it work. There are no such implementations for Linux, so they would have to engineer it from the bottom. I believe that MikroTik should focus on the areas they are already involved in, trying to extend the protocols they support, eg. extending the current MPLS implementation, extend IPv6, extend BGP etc.

Out of curiosity, what are your motivations for requesting IS-IS support? If you have a large telecom backbone that runs IS-IS, do you want to place MikroTik equipment inside of that backbone (no critique meant, just plain curiosity)?

Posted: **Wed Mar 25, 2009 10:07 pm**

I found this excellent blog post about integrated IS-IS vs. OSPF, and it does an excellent job on explaining why IS-IS can be superior to OSPF... Again, I still stand with my previous post on why MikroTik shouldn't work on IS-IS yet...

http://packetrancher.com/the-service-pr ... ted-is-is/

Posted: **Fri Sep 18, 2009 9:29 am**

I must admit I'm an IS-IS fan as well, and I believe that it does a few things better than OSPF, such as the TLV concept making it much more flexible. Read http://www.nada.kth.se/kurser/kth/2D149 ... 1.txt.html for a good analysis of the various differences.

However, I don't think IS-IS should be a focus for MikroTik at the moment. They would have to invent an ISO-protocol stack with CLNS, ISO addressing and all that in order to make it work. There are no such implementations for Linux, so they would have to engineer it from the bottom. I believe that MikroTik should focus on the areas they are already involved in, trying to extend the protocols they support, eg. extending the current MPLS implementation, extend IPv6, extend BGP etc.

Out of curiosity, what are your motivations for requesting IS-IS support? If you have a large telecom backbone that runs IS-IS, do you want to place MikroTik equipment inside of that backbone (no critique meant, just plain curiosity)?

No ofcourse. I am network admin in my company (over 12 big factories in one system with over 4000 employee). We have cisco routers everywhere but also, we have mikrotik routers for wireless on few places (ap access and p2p links). I was considering is-is but MT inability was discouraged me. I could do redistribution but that just make my configuration more complicated so I stayed with ospf.

Regards!

Posted: **Wed Jun 26, 2013 12:08 pm**

another reason for is-is is because it support both ipv4 and ipv6, so we only need to run 1 ibgp protocol, not two as in ospf

Posted: **Thu Jun 27, 2013 10:27 pm**

...so we only need to run 1 ibgp protocol, not two as in ospf

what? ibgp <> ospf.

OSPF and OSPFv3 handle IPv4 and IPv6 so whats the comparison here?

Posted: **Fri Jun 28, 2013 9:36 pm**

what? ibgp <> ospf.

quess he meant IGP

OSPF and OSPFv3 handle IPv4 and IPv6 so whats the comparison here?

with IS-IS you have one protocol daemon instead of two, the less complicity the better

Posted: **Fri Jun 28, 2013 11:48 pm**

OSPF and OSPFv3 handle IPv4 and IPv6 so whats the comparison here?

with IS-IS you have one protocol daemon instead of two, the less complicity the better[/quote]

ok, I won't completely argue that point *but* having separate daemons too me means simplicity because I think it's easier to handle IPv4 and IPv6 nuances separately. Things are less muddled.

Posted: **Tue Jul 09, 2013 4:09 am**

Typically ISIS is used in larger provider networks as it scales a bit better when you start getting to networks that have thousands of routers. OSPF is perfectly capable of handling several thousand routers if designed properly. They both use the same SPF algorithm and are very similar.

That said, because ISIS is so prevalent in the carrier and cloud world as an IGP, it would be nice to have it as a native protocol.

ISIS is also being used at Layer 2 to replace spanning tree in newer bridging technologies like TRILL, SPB and Cisco's FabricPath

Posted: **Thu Jan 19, 2017 7:27 pm**

To say that one protocol is better than the other really isn't the argument. They were both developed around the same time, if anything OSPF was the lazy approach to implementation by tying you to IPv4. What IS-IS does give you that OSPF cannot is protocol independence. One protocol to handle v4 and v6 address families among others. You wouldn't have to run a separate protocol like you do with OSPF. But I do understand that there are alot of devices in certain market segments that just don't have IS-IS as an option. But this feature is something that could help Mikrotik become an even more serious contender in the service provider space.

<poke>

Posted: **Wed Feb 01, 2017 11:49 am**

Well... Cisco and Juniper also have OSPF but that didnt stopped them thinking: well IS-IS is... IS-IS after all

It is thinking of big league players...

i guess for same reason why CISCO didn't support things like IPIP and other MikroTik -specific things(there was Several and many of them STILL remain Very popular among MT consumers).
i bit wonder more lack support of things like say PCP and other, really "meaningful", usable things.

Posted: **Tue Sep 12, 2017 9:19 pm**

I think that the lack of IS-IS on Mikrotik's roadmap is going to be my reason from turning away from them. Other open source routing platforms are getting better and have some sort of basic IS-IS implimentation. But this might just not be a good space for Mikrotik to play in.

Posted: **Tue Sep 12, 2017 11:44 pm**

We have multiple vendors routers in our networks, Juniper, Cisco, Nokia and Mikrotik.

All but Mikrotik support ISIS

so for now we are running OSPF as our IGP.

We would love to move to ISIS due to:

- Less complex architecture at scale
- Layer2 protocol minimises attack surface
- Support for IPv4 and IPv6 natively
- Support for extended functionality due to TLV support, e.g. signalling remote COS re-write via ISIS...

Mikrotik, please consider adding ISIS to RouterOS. The protocol is well documented, and there are several open source implementations to use as references.

Posted: **Tue Jan 09, 2018 7:08 pm**

+1 to add IS-IS to Router OS.

I think we would be able to to build larger IGP flooding domains with IS-IS due to features like incremental SPF - especially since the Tilera processor doesn't do as well under a heavy computational load like what we have seen in large BGP table sizes and slow convergence speed.

Typically from what i've seen with my ISP clients is that we can get a few thousand routes in a MikroTik based OSPF network (in the same area) before convergence speeds start to suffer due to heavy OSPF database updates.

Posted: **Tue Jan 09, 2018 7:18 pm**

I've got to say, Why not support an inherently better protocol? IS-IS, while bad in the middle east, is great in ISPs. The largest ISPs don't use OSPF for a reason, and BGP isn't going to improve on the tilera processors any time soon. At least not to the point that makes it usable with multiple peers and full tables

Posted: **Tue Jan 09, 2018 8:02 pm**

Please add support for IS-IS as it is far superior to OSPF (including how it handles tree changes). It would also make configuring large routed networks be far less of a headache.

Posted: **Mon Apr 16, 2018 6:03 am**

+1 for IS-IS

Posted: **Mon Apr 16, 2018 5:08 pm**

I don't think it will ever show up in v6 but we may see it in v7 whenever that comes out.

Posted: **Mon Apr 16, 2018 8:46 pm**

we may see it in v7 whenever that comes out. :-)

Can't tell if those are the words of a man who has had a sneak peek of something…

…or words that are heavily laden in sarcasm! ;-)

Posted: **Tue Apr 17, 2018 1:35 pm**

Its just sooooo coooooooooool protocol...

I'd really like to know where hell I can use it in real life, so please tell the truth :)

So to say, I have neither ISPs to establish ISIS with, nor software/hardware within the LAN to use it internally.

But the proto is nice, really.

Posted: **Tue Apr 17, 2018 3:28 pm**

we may see it in v7 whenever that comes out.
Can't tell if those are the words of a man who has had a sneak peek of something…

…or words that are heavily laden in sarcasm!

#2

Posted: **Tue Apr 17, 2018 8:48 pm**

Its just sooooo coooooooooool protocol...
I'd really like to know where hell I can use it in real life, so please tell the truth

So to say, I have neither ISPs to establish ISIS with, nor software/hardware within the LAN to use it internally.

But the proto is nice, really.

IS-IS can scale much larger than OSPF due to the way it designs the hierarchy of flooding domains and by using Incremental SPF. This is why it's used as the IGP of choice for most large ISPs and Data Centers

Posted: **Wed Apr 18, 2018 12:22 am**

IS-IS can scale much larger than OSPF due to the way it designs the hierarchy of flooding domains and by using Incremental SPF. This is why it's used as the IGP of choice for most large ISPs and Data Centers

I have an ISP customer with around 200 POP's and OSPF scalability is a real problem. We have had to make active efforts to remove any dynamic interfaces from OSPF and reduce the prefix count to minimise SPF re-calculations from loading up router CPU's. IS-IS would vastly minimise these specific problems.

Posted: **Wed Apr 18, 2018 5:55 pm**

IS-IS can scale much larger than OSPF due to the way it designs the hierarchy of flooding domains and by using Incremental SPF. This is why it's used as the IGP of choice for most large ISPs and Data Centers
I have an ISP customer with around 200 POP's and OSPF scalability is a real problem. We have had to make active efforts to remove any dynamic interfaces from OSPF and reduce the prefix count to minimise SPF re-calculations from loading up router CPU's. IS-IS would vastly minimise these specific problems.

I recently found out at the European MUM that OSPFv2 has a bug that will only allow 120 LSAs under certain conditions and cannot fragment the data beyond a single packet in the OSPF database exchange. The workaround is to use the highest MTU possible but it still can't be fixed in the current RouterOS version.

Wonder if this is at the root of issues with large scale OSPF deployments that we've seen

Posted: **Mon Jul 30, 2018 10:31 am**

We have an ISP struggling with power hungry Ciscos at their towers because they implement IS-IS ....
Has Mikrotik changed its position on this ...!!!
Should we expect anything
Thank you.

Posted: **Mon Jul 30, 2018 10:42 am**

Looks like MT has a lot to implement beside IS-IS.

Anyway noone will use MT devices instead of Ciscos or Jun's in ISP environment.

Posted: **Mon Jul 30, 2018 11:55 am**

We do not have plans to implement ISIS at least not in near future.

Posted: **Mon Jul 30, 2018 12:34 pm**

We do not have plans to implement ISIS at least not in near future.

Posted: **Mon Jul 30, 2018 10:29 pm**

Regarding the 200+ PoP scaling issue...

Yes, IS-IS scales "better", but you shouldn't really be running into issues at that size even with OSPF in a single area...

Best practice for a network that large is to put only loopbacks and link-nets into your IGP (be it OSPF, IS-IS, or even EIGRP), while keeping all other networks in BGP (via Loopback addresses and next-hop-self) with the BGP routes recursively resolving against the IGP routes. Reflectors (with next-hop-propagate, not next-hop-self!) will help that scale.

This keeps OSPF stable and fast, and the number of routes it needs to deal with to a minimum of the number of routers, plus the number of links between them.

Personally, I'd go further and make it a multi-service transport network, by adding in MPLS and constraining BGP to the edge (without it, all routers will need BGP); but if IP is your only thing, and you can tolerate excessive BGP sessions, it isn't necessary.

--Eric

Posted: **Mon Jul 30, 2018 10:35 pm**

IS-IS can scale much larger than OSPF due to the way it designs the hierarchy of flooding domains and by using Incremental SPF. This is why it's used as the IGP of choice for most large ISPs and Data Centers
I have an ISP customer with around 200 POP's and OSPF scalability is a real problem. We have had to make active efforts to remove any dynamic interfaces from OSPF and reduce the prefix count to minimise SPF re-calculations from loading up router CPU's. IS-IS would vastly minimise these specific problems.

I recently found out at the European MUM that OSPFv2 has a bug that will only allow 120 LSAs under certain conditions and cannot fragment the data beyond a single packet in the OSPF database exchange. The workaround is to use the highest MTU possible but it still can't be fixed in the current RouterOS version.

Wonder if this is at the root of issues with large scale OSPF deployments that we've seen

What are those conditions? I haven't seen anything like that, and checking just now, I have 296 'router' LSAs and 344 'network' LSAs (plus 4 external LSAs that shouldn't be there... got some fixing to do there :-/ ), all working fine.

--Eric

Posted: **Tue Jul 31, 2018 5:11 am**

OSPF just for BGP, can scale out to thousands. ISIS for this role is just lazy.

Posted: **Tue Apr 16, 2019 7:04 am**

+1 for IS-IS
+1000 for EIGRP which is not Cisco proprietary and hasn't been for years

Posted: **Tue Apr 16, 2019 11:07 am**

They would have to invent an ISO-protocol stack with CLNS, ISO addressing and all that in order to make it work. There are no such implementations for Linux, so they would have to engineer it from the bottom.

There now is a Linux implementation of IS-IS (and multithreaded BGP) and it was suggested multiple times to Mikrotik: https://frrouting.org/

viewtopic.php?f=1&t=129910&p=722727&hil ... ng#p722727
viewtopic.php?f=1&t=141920&p=699565&hil ... ng#p699565
viewtopic.php?f=14&t=98095&p=691015&hil ... ng#p691015
viewtopic.php?f=2&t=120397&p=592274&hil ... ng#p592036

Posted: **Wed Jun 05, 2019 11:40 am**

What are those conditions? I haven't seen anything like that, and checking just now, I have 296 'router' LSAs and 344 'network' LSAs (plus 4 external LSAs that shouldn't be there... got some fixing to do there :-/ ), all working fine.

--Eric

Some users have thousand routers and several hundred of thousand networks

Posted: **Fri Jun 28, 2019 3:28 pm**

Posted: **Mon Jul 15, 2019 8:10 pm**

Also, in the world of ever increasing security threats, IS-IS runs at Layer 2 and not Layer 3 to form IGP adjacencies, so it is much harder to DDoS the control plane when it doesn't use L3.

Posted: **Mon Jul 15, 2019 8:14 pm**

I would imagine that we won't see this even considered until ros7 comes out..

Posted: **Fri Jul 19, 2019 1:31 pm**

I don't see any reason why MT needs IS-IS, it already have OSPF which is also coooool protocol

This shouldnt be the answer from official support team!

Posted: **Thu Jul 25, 2019 12:46 pm**

OSPF suuuuucks for wireless networks, company acquisitions and companies with rapid expansion. It's ok for university campuses or businesses that generally don't change much with a fairly fixed topology, but not for service providers or many modern companies that expand in unpredictable ways
Having to have everything connect to Area0 and no Area-Area connectivity is a rubbish design for them. IS-IS is much better suited just because you don't need those 2 rules and hence you don't need to constantly redesign the network, often in suboptimal ways just to not break connectivity and keep the logical topology under control

Posted: **Mon Aug 31, 2020 4:02 pm**

+1 for IS-IS

Posted: **Tue Sep 01, 2020 4:46 pm**

ISIS would be a nice feature to have. I'm using eBGP as an iBGP to overcome the slowness and other oddities with OSPF and complexity of dual stack with OSPF. ISIS would be a welcome add for sure.

Posted: **Tue Nov 16, 2021 7:14 pm**

+1
In most ISIS is require as part of underlay when integrate bellow Access leaf layer. I found ROS 7rc6 works with iBGP and VRF which make mikrotik perfect part for stitching between sites where are ISIS as underlay.

Posted: **Wed Nov 17, 2021 2:26 am**

@mrz

I'm 100% sure that IS-IS would be better solution than RIP.
As you mentioned above "OSPF which is also coooool protocol

".
So why RIP is still existing?

Posted: **Wed Nov 17, 2021 7:54 am**

OSPF is more popular and supported in general, but IS-IS is much preferred in the service provider space. +1 for IS-IS

Posted: **Wed Nov 17, 2021 10:51 am**

RIP still exists because it was in all the older ROS versions and there are clients that still use it.
Our main priority at this point is to make currently implemented protocols stable enough and only then we can consider adding something new that never existed in ROS.

Posted: **Wed Nov 17, 2021 2:38 pm**

A lot of companies use RIP because they have older Cisco devices with licenses that only allow for RIP and do not allow for the use of more standard protocols like OSPF. Eventually as those devices are replaced, hopefully RIP will no longer be necessary.

Posted: **Wed Nov 17, 2021 2:51 pm**

Our main priority at this point is to make currently implemented protocols stable enough and only then we can consider adding something new that never existed in ROS.

So if you want IS-IS support, start testing RouterOS v7 routing functionality and providing reports back to Mikrotik. This will help RouterOS v7 stabilize more quickly, so the devs can move on to cool new stuff like IS-IS.

Posted: **Wed Nov 17, 2021 4:34 pm**

So if you want IS-IS support, start testing RouterOS v7 routing functionality and providing reports back to Mikrotik. This will help RouterOS v7 stabilize more quickly, so the devs can move on to cool new stuff like IS-IS.

Agree 100%

I've been a huge proponent of getting IS-IS and SR-MPLS into MikroTik because the service provider and data center worlds are rapidly moving away from LDP for MPLS and OSPF as an underlay IGP. (viewtopic.php?p=839437)

Also, since MikroTik has added VxLAN to the list of supported protocols, there is a natural fit with IS-IS and/or SR-MPLS if protocols like EVPN get added to BGP. There aren't many inexpensive devices that can be used in an EVPN/VxLAN or EVPN/MPLS fabric and MikroTik routers and switches would be *perfect* for this.

That said, I've also done a ton of testing and development work on ROSv7 and recognize that we have to get v7 stable and in prod - then push for protocols like IS-IS and SR-MPLS.

Posted: **Tue Nov 23, 2021 1:50 am**

I ran into the gentleman responsible for configuring the google network. He was X Digital, which I believe is where Is-IS came from. Google is all IS-IS.

Posted: **Sat Sep 24, 2022 3:14 pm**

+1 for IS-IS
+1000 for EIGRP which is not Cisco proprietary and hasn't been for years

haha ... EIGRP ... would be fun yes. would be GREAT yes.
but i guess that will never happen (but IF so ... i could replace about 30-50 routers at my company)

Posted: **Sat Sep 24, 2022 5:02 pm**

Only part of EIGRP was released to open source because Cisco holds patents on some other parts and they can't easily open source it. But to be fair to Cisco, they openly offered EIGRP to the IETF as a standard back in the 90s and the response from the IETF was "we already have enough IGPs" which is incredibly short sighted. So it wasn't really Cisco that held it back but rather the IETF.

Honestly, i'd like to see both EIGRP and IS-IS make it into MikroTik because it would allow for interop into so many other networks. Cisco customers that have large EIGRP networks and want to use MikroTik could more easily add it to the network without the complexity of redistribution.

The same is true for IS-IS. It's the preferred IGP of large datacenter networks, cloud operators, large enterprise EVPN fabrics and pretty much any service provider that uses SR-MPLS.

Let's get more MIkroTik boxes in more networks by supporting all mainstream routing protocols. We already have BGP, OSPF and RIP.

Just two more to go

Posted: **Tue Oct 11, 2022 5:49 pm**

ISIS is underlay always, because of traffic engineering and scalability. Also security as protocol match higher than OSPF. Should be no brainer toward ISIS.

Differences between OSPF and ISIS

OSPF operates on the top of IP layer whereas ISIS operates over Layer 2.
OSPF can support virtual links but ISIS can not support (as it operates on Layer 2 directly).
OSPF elects a DR and BDR on broadcast networks which can not be pre-empted however, ISIS elects a single DIS which can be pre-empted.
IP connectivity between the routers to share the routing information is required in case of OSPF, while ISIS doesn’t require IP connectivity as the updates are sent via CLNS instead of IP.
OSPF is prone to attacks hence security overheads are required for protection. The possibility of attacks is very less in case of ISIS as it runs over Layer 2.
OSPF designates a backbone area and standard or non-backbone area for inter-area advertisements whereas ISIS organizes the domain into different levels.
To identify a router on the network, OSPF uses Router ID and ISIS uses System ID.
OSPF is less flexible with more strict requirements for forming neighbor adjacencies. The hello and dead intervals, and the subnet mask must match (except on point-to-point links).

Screen Shot 2022-10-11 at 10.48.44 AM.png

Posted: **Tue Oct 11, 2022 6:00 pm**

please please please implement IS-IS.

Not only is this foundational tech for other things we all want, but it reduces design complexity.

layer2 saves all those OSPF ptp subnets and routing table filled with them. it's more secure, and it doesn't have to update the entire table all the time and scales much better.

Posted: **Tue Oct 11, 2022 7:40 pm**

I'd rather like to see IPSEC VTI in ROS. Shouldn't be too much of an issue since it is possible with the Kernel currently used in ROS 7...

Posted: **Wed Oct 12, 2022 9:58 am**

I'd rather like to see IPSEC VTI in ROS. Shouldn't be too much of an issue since it is possible with the Kernel currently used in ROS 7...

Completely off-topic, but both features are needed and long overdue.

Posted: **Wed Oct 12, 2022 7:44 pm**

ISIS would be a welcomed addition for many of the reasons already listed.

Posted: **Wed Oct 12, 2022 11:25 pm**

+1 for IS-IS

Posted: **Thu Oct 13, 2022 12:09 am**

+1 for IS-IS support on RouterOS

Posted: **Thu Oct 13, 2022 7:06 am**

+1 for IS-IS and SPB/SPBM in the router CCR2216-1G-12XS-2XQ switches CRS518-16XS-2XQ that have it supported in the new ASICS being used. We absolutely run our whole network as a Switch Fabric network based on SPBM. It's more scalable than OSPF. For ISP'S it's a must have to be faster and more scalable, small or large networks. IMO

Posted: **Tue Oct 18, 2022 6:43 pm**

Please mikrotik is ISIS essential of modern network deployments.

++++111111

Posted: **Wed Oct 19, 2022 8:56 am**

1) IS-IS, 2) VTI, 3) something equivalent to Cisco DMVPN or GETVPN or HP DVPN or Meraki AutoVPN, 4) BGP Multipath, 5) Lack of commit/rollback

Those are the five features that prevent me from recommending Mikrotik to large enterprise customers.

Posted: **Fri Aug 04, 2023 7:53 pm**

https://help.mikrotik.com/docs/display/ ... l+Overview

According to the wiki. It is on the way with snippets initial code arriving in 7.12

Posted: **Sat Aug 05, 2023 1:40 pm**

https://help.mikrotik.com/docs/display/ ... l+Overview

it is happening

IS-IS-routing.png

Posted: **Sat Aug 05, 2023 5:02 pm**

This makes me so happy to see!

Posted: **Sun Aug 06, 2023 9:46 pm**

Great news

Posted: **Mon Aug 07, 2023 7:58 am**

I am ecstatic about IS-IS making it's way into RouterOS.

Posted: **Mon Aug 07, 2023 9:01 am**

Does segment routing is inherent with IS-IS or the traffic engineering part is where it got very exciting?

Posted: **Mon Aug 07, 2023 9:12 am**

ISIS is certainly a prerequisite for srv6 but it’s good for other things so I wouldn’t ready in too far. I would love to see srv6 for sure so I’ll cross my fingers for it.

Posted: **Mon Aug 07, 2023 11:55 am**

Well, there probably was an important customer/prospect who insists on having IS-IS.
In general I do not like that MikroTIk embarks on so many new projects, while leaving existing ones unfinished.
I would say: first make sure all those red and yellow squares in the routing status page are removed, only THEN start adding a new protocol...

Posted: **Tue Aug 08, 2023 4:17 am**

I am ecstatic about IS-IS making it's way into RouterOS.

You and me both

Posted: **Tue Aug 08, 2023 9:52 am**

Well, there probably was an important customer/prospect who insists on having IS-IS.
In general I do not like that MikroTIk embarks on so many new projects, while leaving existing ones unfinished.
I would say: first make sure all those red and yellow squares in the routing status page are removed, only THEN start adding a new protocol...

...or implement a .npk package of FRRouting

Posted: **Tue Aug 08, 2023 10:35 am**

What could be of value in the typical wireless network is to have automatic adjustment of metric values (cost) depending on values retrieved from a wireless link (via SNMP, as the link devices may be separate from the router devices).
The usual naive "prefer least number of hops" does not work well in a partly meshed WiFi-linked network, and it often surprises me that MikroTik does not offer a routing protocol that handles this case (which is typical for clients of their product gamma).

Posted: **Tue Aug 08, 2023 6:34 pm**

What could be of value in the typical wireless network is to have automatic adjustment of metric values (cost) depending on values retrieved from a wireless link (via SNMP, as the link devices may be separate from the router devices).
The usual naive "prefer least number of hops" does not work well in a partly meshed WiFi-linked network, and it often surprises me that MikroTik does not offer a routing protocol that handles this case (which is typical for clients of their product gamma).

because there really isn't one that handles this explicitly. I've asked for batman-adv in mikrotik which handles metric via quality measurement rather than link state but it seems there's no interest. I've even posted on here to see if other users would support it because mikrotik may consider it if it's a popular want, low response.

ospf is a hard fail here because every change recomputes everything everywhere, so even if you could poll the radios and get their capacity, updating ospf would be... rough.

ISIS is slightly better, it'll decide if it's a full update or a partial so you could inform it via script or something. This would rely on access to reliable capacity data from the radios which is a whole other effort for non-mikrotik radios.

SNMP is a fail here, plenty of radios... the most popular ones... don't support this properly.

The lowest friction path would be batman-adv. it's link quality measurement and propogation of slow/lossy paths allows data to be steared around the struggling links without taking those links offline. Further, it's hello packets that are used to measure the link can be set to a lower QoS type so be more likely dropped ie saturated links could 'signal' batman-adv by dropping those packets which lowers the metric. batman-adv would also present a flat layer2 to the operator without layer2 pitfalls which would dramatically simplify networks.

Posted: **Tue Aug 08, 2023 11:35 pm**

Yes I know it is a difficult problem, but still it surprises me that there is no support for it at all.
I thought that "WISP" was a major business for MikroTik and would think that several customers would have asked for such a solution.
(be it a suitable standard protocol or some in-house development)

In our network we usually have separate router devices and link devices (not always MikroTik), the links are configured with transparent bridging and a /29 network is assigned to each link with an IP for each router and each link device for such a link. Then BGP is configured over that link.
But BGP only steers towards "least number of hops" and we can only handle complete link down situations (with BFD for better detection).
Indeed it would be nice when there was some handling of poor or saturated links.

I have considered running some software on an external server that polls link devices (and maybe routers, e.g. status of a netwatch) and then uses API to re-configure BGP (e.g. modifying a "local pref" or a "prepend" in a filter rule), but have not started that yet.

Posted: **Wed Aug 09, 2023 12:20 am**

What could be of value in the typical wireless network is to have automatic adjustment of metric values (cost) depending on values retrieved from a wireless link
[...]
I've asked for batman-adv in mikrotik which handles metric via quality measurement rather than link state but it seems there's no interest. I've even posted on here to see if other users would support it because mikrotik may consider it if it's a popular want, low response.
[...]
batman-adv would also present a flat layer2 to the operator without layer2 pitfalls which would dramatically simplify networks.

In fairness, they do have HWMPplus (which I've always thought was batman-adv clone, perhaps not...) but never used it.

Yes I know it is a difficult problem, but still it surprises me that there is no support for it at all.

It's a real problem e.g. lack of innovation in routing beyond Dijkstra / link-state protocols. i.e. choosing path with multiple LTE uplinks, where signal metrics change frequently...and signal is likely most important thing for upstream route selection.

Posted: **Wed Aug 09, 2023 1:13 am**

hwmp+ is nothing like batman-adv, it's a 802.11s clone and is essentially just a link state replacement for RSTP that doesn't split the network into a branch topology.

There's nothing wrong with Dijkstra, it's just being used with simplistic inputs for costing. If you had cost for latency, packet loss, port utilization in the mix then Dijkstra is still a very suitable algorythm.

The primary need of a mesh is that routing/path updates are adjustable on the fly and propogate out non-destructively. ie, not ospf which recomputes the whole thing every time causing scaling issues.

leading candidates are really batman-adv, babel, open/r or inventing something completely new. And open/r is really cumbersome/heavy.

Posted: **Wed Aug 09, 2023 12:27 pm**

I have done some work on it myself back in the days of AX.25 amateur packet radio, and in fact the current use I have for it still is amateur radio networking, and when approaching it without too much theoretical background I soon discovered that making only local observations and adjustments often results in routing loops.

(you cannot just say "well my (A) link to peer B is not so good or seems overloaded, let's send the packets for B to peer C instead because I have a good link to there and I know they have a link to B via D" because C may then send them back to you because they think your path to B is better than theirs.
And while it is possible to avoid that somewhat by adding the criterion that packets should not be sent back to the peer where they come from, this is no longer sufficient when the network is more complex, and loops then occur)

So I can understand that any protocol that works well always has to do global re-calculations based on the locally observed information. That is where those complex and expensive algorithms enter the scene, and the requirement that everyone knows about everyone's local situation.

Posted: **Wed Aug 09, 2023 1:45 pm**

...or implement a .npk package of FRRouting

This would just add complexity with ASIC/Hardware offloading.

What MikroTik can do is build RouterOS's underlying routing stack and possibly other network functions (like BFD) using FRR's latest base code and possibly fork it if required, or use it as is.

In some ways, FRR moves very fast in development compared to vendors (MikroTik, Cisco, Juniper etc). Like take RFC9234 for example it's partial on MikroTik and non-existent on the other vendors, but fully and natively supported on FRR.

Posted: **Wed Aug 09, 2023 6:02 pm**

Although a simple homeowner, good to see MT listening to many respected experts here.

DarkNate......FRR seems interesting for sure!
FRRouting (FRR) is a free and open source Internet routing protocol suite for Linux and Unix platforms. It implements BGP, OSPF, RIP, IS-IS, PIM, LDP, BFD, Babel, PBR, OpenFabric and VRRP, with alpha support for EIGRP and NHRP.

However, it says a routing protocol suite, not an operating system? What is it you are proposing?
How easy is it, for example, to rip out the RoS routing stack and inject a new one........ is it a modular thing? Would one then have to redefine all the ICDs between modules...... imagine that many are standard so maybe only modify proprietary items?

Read sarcastically:
Could it not be in a container.......... since MT is not fond of npk packages for things like zerotrust cloudflare!

PS. Sorry IPNAT, didnt win the powerball, so wont be taking a private jet to Denver for training.

Maybe next time.

Posted: **Wed Aug 09, 2023 7:29 pm**

However, it says a routing protocol suite, not an operating system? What is it you are proposing?
How easy is it, for example, to rip out the RoS routing stack and inject a new one........ is it a modular thing?

Ok children, gather around the fire. Story time!

Once upon a time, RouterOS shipped with Quagga as it's routing engine.
Quagga is a network routing software suite providing implementations of Open Shortest Path First (OSPF), Routing Information Protocol (RIP), Border Gateway Protocol (BGP) and IS-IS for Unix-like platforms, particularly Linux, Solaris, FreeBSD and NetBSD.[1]
Which itself was forked from GNU Zebra. [2]

Nowadays FRRouting is all the rage, which itself is forked from Quagga.

In the [g]olden days of RouterOS v2.x, a buggy version of Quagga was used for BGP/OSPF/RIP.
It was fully configurable/usable through Winbox/CLI, pretty much the same as ROS v3+ when MikroTik decided to reinvent the wheel and implement their own routing protocols suite, which never worked correctly. Ever. Until v7 Routing, which destroyed everything good about the old configuration paradigm of v6 routing stack, but still having new, more complex problems that are still not solved.

So, at some point, it was possible to incorporate Quagga into ROS. Nowadays? Who knows... never gonna happen, so don't worry about it.

[1] https://en.wikipedia.org/wiki/Quagga_(software)
[2] https://en.wikipedia.org/wiki/GNU_Zebra

PS: +1 on IS-IS

Posted: **Wed Aug 09, 2023 7:41 pm**

However, it says a routing protocol suite, not an operating system? What is it you are proposing?
How easy is it, for example, to rip out the RoS routing stack and inject a new one........ is it a modular thing?
Ok children, gather around the fire. Story time!

LOL. For a company that likes re-writing routing code, EIGRP would seem like an ideal canvas. IS-IS gets them "current" for sure ... but I could see how EIGRP actually sell more routers ... than different yet another branch of Quagga...

Posted: **Wed Aug 09, 2023 8:35 pm**

@pe1chl - you don't need to do a global re-compute, you need to update it. the recompute ospf does is a 'wipe and start from scratch' while partial updates just overwrite the necessary values in-place. It's a dramatically different 'experience' when you have a lot of updates being pushed. OSPF will flap and lose packets while eBGP wont, it never actually drops the routes out. It's a very important difference to highlight. Note that ISIS also does partial updates.

Back to batman-adv. It doesn't just operate on a peer to peer model, it also sends packets from it's edge ports that count up TTL so each router knows how far each peer is from an edge WITH a quality metric so that essentially eliminates the route flapping from link state.

For example, a link may be starting to get saturated from sites A>F. The network is A-> B,C,D,E,F, ie 5 backhauls from A. the quality of that path from A>F will slide down a bit as it get's saturated. Now lets say that there is a full mesh of sites G-Z that can take many paths to A. Site N is going N>F>A because that's the best calculated path, however it has a nearly as good of path N>J>B>A but the hop count played enough of a role to keep that from being the primary path. A very small drop in the quality calculation at F isn't enough to make F look for a new path, but it could make N decide to start sending packets down the less saturated N>J>B>A path.

Using a more complex costing metric that doesn't rely heavily on hop count but more more on latency, packet loss, and available capacity can route around sites that are getting a bit saturated dynamically. Further, if that N>J>B>A also starts to get saturated, some other route that is going over it may move to *>K>E>A. This all happens with some sane and adjustable windowing so routes/paths aren't flipping around but taking a measured approach. They also have some stickness so routes with some similar quality numbers wont necessarily switch right when the score changes. say there's a 147 and a 151 and the site has chosen the 147. if that increases to 152, it doesn't necessarily switch because that's very similar. In fact, it might send packets down both paths because they are reasonably similar.

Think about it, as an IT guy or ISP etc, what role does hop count actually play for you? I'd argue that you only use it for troubleshooting or some insights on why the important metrics are what they are. why is my latency high, why and where am I dropping packets, where are my bottlenecks. Hop count might have something to do with it, but we'd all likely take 10 hops on 10G fiber over 1 hop on a airmax ptp link.

We run chains of 60Ghz links because they are low latency and high capacity and we back those up with longer 5Ghz shots that are low capacity and medium latency. I use cost to favor 5 hops on 60ghz over the 5Ghz hop for obvious reasons. I would love my routing protocol to be aware of these things and handle them for me so I just hook links up and let the measurements do the heavy lifting.

Posted: **Wed Aug 09, 2023 11:11 pm**

Awesome chaos, only thing missing was rabbit on a skewer and rye......... { so DarkNates' suggestion seems like a darned good one, I wonder if FRSS allows source-address-lists on routing rules

}

Posted: **Thu Aug 10, 2023 12:41 am**

Back to batman-adv

I recall there was/is kernel support, so maybe it isn't that difficult. Dunno.

Posted: **Thu Aug 10, 2023 1:05 am**

batman-adv is in the mainline kernel and has been for quite a while. Just a matter of enough people requesting it for mikrotik to consider it.

Posted: **Thu Aug 10, 2023 10:59 am**

(long text)

Yes, I fully agree with that. In wireless networks, a link with multiple hops may well be better than a link of a single hop.
That is why routing protocols like eBGP are not optimal for such networks without a lot of tweaking, and the tweaking usually is static so it does not take into account that wireless link quality can change, e.g. due to weather, external interference, etc.

So a protocol (any protocol) that can take that into account is very welcome. That does not only mean more flexible cost metric (which OSPF and IS-IS indeed have) but also a linkage to the actual situation (like CCQ, SNR, datarate etc as measured by the link devices). Preferably not via a scripting hack.

Posted: **Thu Aug 10, 2023 7:03 pm**

"Preferably not via a scripting hack."
unfortunately multi-vendor networks leave little choice, especially when some of the vendors dont appropriately support snmp :/

also, routeros would need to add an snmp poller, say a single OID poller, to be able to extract usable data from radios that are friendly.

I would be pretty cool to have a config item in a peer setup that was like "get capacity metric from snmp: snmpwalk oid x multiply by y to get it into usable" and then "get utilization from" etc. Then poll that and average it over a configurable timeframe.

That could make an ISIS implementation (that has partial updates... not OSPF....) much more dynamic. Could work for BGP also, but path prefixing is a bit ugly/cumbersome in trying to balance many links and using large variation like available throughput over time. ie, do you prepend 20 if you only have 100mbps and prepend 10 if you have 1G?

Something like ISIS with a 24 bit metric would let you assign huge ranges and then round down for ECMP purposes via 'hacky' scripts that pull snmp. If you're using ubiquiti backhauls then you might be SOL with their terrible or absent snmp.

For simplicity, I'd just prefer a batman-adv implementation. unfortunately that might be very difficult to hardware accellerate.

What would be great is some signaling protocol using some of the batman-adv traits but then wrote routes straight to the FIB so native HW accell and fast tracks would work would be awesome.

Posted: **Thu Aug 10, 2023 7:34 pm**

"Preferably not via a scripting hack."
[...]
I would be pretty cool to have a config item in a peer setup that was like "get capacity metric from snmp: snmpwalk oid x multiply by y to get it into usable" and then "get utilization from" etc. Then poll that and average it over a configurable timeframe.
That could make an ISIS implementation (that has partial updates... not OSPF....) much more dynamic.
[...]
What would be great is some signaling protocol using some of the batman-adv traits but then wrote routes straight to the FIB so native HW accell and fast tracks would work would be awesome.

You can do a lot in script, but if all your routing logic is in a long/complex scheduler/netwatch script, it quickly becomes an ugly hack and difficult to maintain. I think @msatter's [PROPOSAL] Event driven scripting deserves some consideration. If scripts to control routing were more tied to "events" (change in config/counters/snmp/routes/etc)... it be WAY less of a "hack" and cleaner to apply heuristic-based routing on top of existing protocols (and, eventual, IS-IS).

Posted: **Sat Aug 12, 2023 4:48 pm**

How easy is it, for example, to rip out the RoS routing stack and inject a new one........ is it a modular thing? Would one then have to redefine all the ICDs between modules...... imagine that many are standard so maybe only modify proprietary items?

I don't know. But what I do know is the open source network community is moving at light speed vs network vendors. The price to performance/feature ratio is better with open networking vendors like say Cumulus or vBNG vendors that are using DPDK/XDP to push 100Gbps line-rate networking on commodity x64 hardware or ONIE hardware.

Times are changing fast, to the point Cisco themselves stole from open source:
https://fd.io/

MikroTik should make use of DPDK for packet forwarding/originating from the router itself and use XDP hardware offloaded mode for packet filtering. Their existing hardware line can definitely hit peak line-rate performance. But that's not going to happen with MikroTik. Hence, we should move to open source derivatives.

Hell even VyOS added support for DPDK/VPP recently to support 100Gbps performance.

Posted: **Sat Aug 12, 2023 6:03 pm**

Takes resources and knowledge to keep on top of such developments. I hope MT is paying attention as it seems your saying, implementation is entirely possible.

Posted: **Sat Aug 12, 2023 11:12 pm**

Thumbs of for IS-IS support!

MikroTik should make use of DPDK for packet forwarding/originating from the router itself and use XDP hardware offloaded mode for packet filtering. Their existing hardware line can definitely hit peak line-rate performance.

Maybe, maximal possible throughput at any cost on x86_64 should *not* be Mikrotiks focus since there are so many alternatives already?

Posted: **Sat Aug 12, 2023 11:39 pm**

Maybe, maximal possible throughput at any cost on x86_64 should *not* be Mikrotiks focus since there are so many alternatives already?

What are you talking about? I'm talking about CCR, CRS and RB series, arm64 devices.

As for x64, that doesn't matter, if it's ASIC, I clearly gave Cisco as example whereby they use DPDK/VPP on their ASR 9000 series routers. The x64 aspect is only for the control plane in such hardware design, for data plane, it's ASIC. What MikroTik can do is implemented DPDK/VPP/XDP for the data plane to push maximum performance in the ASIC + the CPU as well when user wants to forward traffic via CPU for firewall or they are using non-ASIC models from MikroTik such as CCR1072.

Posted: **Fri Oct 06, 2023 3:34 pm**

Hmm. Looking at the 7.12beta and 7.12rc changelog and no mention of IS-IS... Might be punted to after 7.12...

Posted: **Wed Oct 11, 2023 6:58 pm**

Code bits has arrived.

/routing/stats/process/print where tasks=isis
 # TASKS  PRIVATE-MEM-BLOCKS  SHARED-MEM-BLOCKS  PSS  RSS  VMS  ID  PID  RPID  PROCESS-TIME  KERNEL-TIME  MAX-BUSY  MAX-CALC
11 isis                    0                  0    0    0    0  12  402     1  2s870ms       3s340ms      10ms      10ms    

/ip/route/print where is-is 

/routing/route/print where is-is

Having reached the RC's. A minimum-viable-protocol (IPv4) implementation before 7.12 release could be ... a long shot, IMO.

If I have to wait to 7.14, 7.16 for a IPv4 is-is implementation. Does it work out the gate as MVP. I will be very excited to pair it with IS-IS on Linux using FRRouting as the routing suite.

Posted: **Mon Oct 30, 2023 9:20 am**

Also see:

 ip/route/print where 
.dead       bgp               comment      distance        gateway          is-is             pref-src          static                  vrf-interface   
.id         bgp-mpls-vpn      connect      dst-address     hw-offloaded     local-address     rip               suppress-hw-offload     
.nextid     blackhole         dhcp         dynamic         immediate-gw     modem             routing-table     target-scope            
active      check-gateway     disabled     ecmp            inactive         ospf              scope             vpn

is-is is available as an option. and the command ip route print where is-is does run but obviously returns nothing.

FYI.

Posted: **Mon Oct 30, 2023 10:21 am**

If I have to wait to 7.14, 7.16 for a IPv4 is-is implementation.

is-is is not TCP/IP, it's CLNP. Why would it require IPv4 or IPv6 addressing to function?

Posted: **Sat Nov 11, 2023 12:51 pm**

This page was updated along with 7.12 release:

IS-IS Screenshot 2023-11-11 134903.png

Posted: **Sat Nov 11, 2023 1:35 pm**

is-is is not TCP/IP, it's CLNP.

I know.

Why would it require IPv4 or IPv6 addressing to function?

feeling confused

Unable to comprehend how to respond

Posted: **Sat Nov 11, 2023 2:46 pm**

Why would it require IPv4 or IPv6 addressing to function?

feeling confused

Unable to comprehend how to respond
[/quote]

guess it was meant as IS-IS does not need an ipv4/6 connection just to function (because of CLNP)

Posted: **Sat Nov 11, 2023 6:10 pm**

It's correct that IS-IS uses it's own protocol for adjacencies, but you need either IPv4 or IPv6 support to make something useful of it.

OSPF is built around/top of IP
IS-IS has support is extensible and has support for IP

Posted: **Sun Nov 12, 2023 12:51 am**

This page was updated along with 7.12 release:

I see no mention of it in the patch notes and no routing is-is menu or CLI commands
There is however

/routing fantasy

MikroTik playing a cruel joke perhaps?

Posted: **Sun Nov 12, 2023 1:00 am**

Code: Select all
/routing fantasy
MikroTik playing a cruel joke perhaps?

It a feature to test BGP (or presumable IS-IS, eventually)
https://help.mikrotik.com/docs/pages/vi ... d=74678282

Re ISIS, the lack of release note for it and no CLI suggests the status page is what maybe the joke (or to be fair, overly optimistic).

Posted: **Mon Nov 13, 2023 10:06 am**

Unfortunately for some and fortunately for others it is not a joke. IS-IS is in development but disabled for wider public in v7.12. Stay tuned, its coming soon.

Posted: **Mon Nov 13, 2023 11:32 am**

All I can say is FANTASTIC!!!! I won't ask for any concrete information but I do hope its at least IPv4 functionally capable for production use within a years time. OSPF is, always has been and always will be an utterly shit protocol for ISP and especially WISP environments. It's just completely the wrong protocol for it and does not allow growth and implementation that matches reality. So the sooner I can dump it in favor of IS-IS for backhaul the better

Posted: **Mon Nov 13, 2023 11:51 am**

All I can say is FANTASTIC!!!! I won't ask for any concrete information but I do hope its at least IPv4 functionally capable for production use within a years time. OSPF is, always has been and always will be an utterly shit protocol for ISP and especially WISP environments. It's just completely the wrong protocol for it and does not allow growth and implementation that matches reality. So the sooner I can dump it in favor of IS-IS for backhaul the better

100%

IS-IS and Segment Routing is a match made in heaven for ISP networks.

Posted: **Mon Nov 13, 2023 5:27 pm**

Nice. Just noticed the inclusion of IS-IS in the 7.13beta1. Time for testing it out. :D

Posted: **Tue Nov 14, 2023 1:33 am**

yep, it's in 7.13b1. I've got it up in the lab. pretty straight forward, although I'm having some issue with it forgetting disabled or removed routes. but it does bring routes up so that's step 1! Also, no BFD toggle, BFD is essential for ISIS.

Posted: **Tue Nov 14, 2023 12:27 pm**

yep, it's in 7.13b1. I've got it up in the lab. pretty straight forward, although I'm having some issue with it forgetting disabled or removed routes. but it does bring routes up so that's step 1! Also, no BFD toggle, BFD is essential for ISIS.

quick guess ... they are working on it right now.

Posted: **Tue Nov 14, 2023 5:49 pm**

Looking way back at the comparison table, Virtual Links Supported ( ospf yes / is-is NO ). Isnt that a plus for OSPF?

Posted: **Tue Nov 14, 2023 6:14 pm**

yep, it's in 7.13b1. I've got it up in the lab. pretty straight forward, although I'm having some issue with it forgetting disabled or removed routes. but it does bring routes up so that's step 1! Also, no BFD toggle, BFD is essential for ISIS.
quick guess ... they are working on it right now.

oh yeah, no criticism here, I'm happy to have rought it up in the lab so easily.

Posted: **Tue Nov 14, 2023 6:28 pm**

Looking way back at the comparison table, Virtual Links Supported ( ospf yes / is-is NO ). Isnt that a plus for OSPF?

depends. and 'virtual links' is a big ambiguous. IS-IS requires an ethernet-like layer2 interface, it wont run over IPIP or Wireguard for example, but it will certainly work over anything that looks like layer2, EOIP tunnels, VPLS, WDS, etc.

It's a trade off. Having to build an IP layer to run your dynamic routing for OSPF or BGP for example really makes you a 'hybrid' network, ie you have static IP configurations that enable the dynamic routing. IS-IS removes that, you have some interface templates but otherwise you're just interface routing. Configuration, once well planned, is very very simple.

Posted: **Tue Nov 14, 2023 7:57 pm**

Looking way back at the comparison table, Virtual Links Supported ( ospf yes / is-is NO ). Isnt that a plus for OSPF?
depends. and 'virtual links' is a big ambiguous. IS-IS requires an ethernet-like layer2 interface, it wont run over IPIP or Wireguard for example, but it will certainly work over anything that looks like layer2, EOIP tunnels, VPLS, WDS, etc.

I am looking forward to try IS-IS over primarily Zerotier tunnels (Layer 2). Either than, or VXLAN tunnels (over Layer 3 tunnels). Not to keen on maintaining OpenVPN tap tunnels.

Posted: **Tue Nov 14, 2023 8:03 pm**

When you are just looking for a routing protocol that can do routing in a MikroTik environment, e.g. for VPN, you can just as well use eBGP.
It works quite well and is easy to configure (although in v7 not as easy as in v6). Once you get the hang of it, you get it working in 5 minutes.

Posted: **Tue Nov 14, 2023 8:26 pm**

When you are just looking for a routing protocol that can do routing in a MikroTik environment, e.g. for VPN, you can just as well use eBGP.
It works quite well and is easy to configure (although in v7 not as easy as in v6). Once you get the hang of it, you get it working in 5 minutes.

yes, and we do this, prefer it to OSPF (way faster...)

but, it's still static subnets and ptp configurations etc.

IS-IS is basically setting up the instance and interface templates and it will *just work* and you can change costs etc as needed to direct traffic but it *just works*. That's one thing that's very very attractive about it, no messing up subnets, tracking /29s, no MTU mismatches, unlike OSPF it does differential updates so topology changes to rock the boat.

Posted: **Tue Nov 14, 2023 8:32 pm**

It is possible to make it easier in eBGP by using options like "redistribute connected". Of course it should be avoided but in such a limited environment it can be used.
Whether IP management is an extra burden depends on the underlying VPN. Of course when you use an L2 VPN it is, but I normally use an L3 VPN and it can be simple (e.g. L2TP/IPsec). Especially now that in v7 you do not have to configure every peer separately but rather can use templates and connections without peer address specification (inbound only)...

Posted: **Thu Dec 14, 2023 6:21 pm**

How easy is it, for example, to rip out the RoS routing stack and inject a new one........ is it a modular thing? Would one then have to redefine all the ICDs between modules...... imagine that many are standard so maybe only modify proprietary items?
I don't know. But what I do know is the open source network community is moving at light speed vs network vendors. The price to performance/feature ratio is better with open networking vendors like say Cumulus or vBNG vendors that are using DPDK/XDP to push 100Gbps line-rate networking on commodity x64 hardware or ONIE hardware.

Times are changing fast, to the point Cisco themselves stole from open source:
https://fd.io/

MikroTik should make use of DPDK for packet forwarding/originating from the router itself and use XDP hardware offloaded mode for packet filtering. Their existing hardware line can definitely hit peak line-rate performance. But that's not going to happen with MikroTik. Hence, we should move to open source derivatives.

Hell even VyOS added support for DPDK/VPP recently to support 100Gbps performance.

It might interest you to know that Ubiquiti (yes, them) is using VPP on their 60Ghz Wave line now. I’m not a big fan of how ADHD Ubiquiti is, so don’t worry about me being a fanboi. It was just interesting when I dug in to the CLI in a Wave device and found a vppctl binary; was able to tease the config out and, yep.

On a related note, I think there might be a niche to be filled in our market. It might make sense to offer a generic arm64-based routing appliance that runs all open source software. Run whatever you want on it. It’s just Linux. Offer a value-add OS and support maybe.

I know Netgate offers something like this with TNSR, but it’s not quite a perfect fit for us.

I really like Winbox, and especially couldn’t live without RoMON (which has saved me countless truck rolls in the middle of the night).

Posted: **Thu Dec 14, 2023 7:07 pm**

openwrt can run on quite a number of mikrotiks. From there, you can add FRR and potentially vpp. contributing to openwrt, maybe by just donating hardware, could be your path to this.

Posted: **Fri Dec 15, 2023 3:20 am**

I don't know. But what I do know is the open source network community is moving at light speed vs network vendors. The price to performance/feature ratio is better with open networking vendors like say Cumulus or vBNG vendors that are using DPDK/XDP to push 100Gbps line-rate networking on commodity x64 hardware or ONIE hardware.

Times are changing fast, to the point Cisco themselves stole from open source:
https://fd.io/

MikroTik should make use of DPDK for packet forwarding/originating from the router itself and use XDP hardware offloaded mode for packet filtering. Their existing hardware line can definitely hit peak line-rate performance. But that's not going to happen with MikroTik. Hence, we should move to open source derivatives.

Hell even VyOS added support for DPDK/VPP recently to support 100Gbps performance.
It might interest you to know that Ubiquiti (yes, them) is using VPP on their 60Ghz Wave line now. I’m not a big fan of how ADHD Ubiquiti is, so don’t worry about me being a fanboi. It was just interesting when I dug in to the CLI in a Wave device and found a vppctl binary; was able to tease the config out and, yep.

On a related note, I think there might be a niche to be filled in our market. It might make sense to offer a generic arm64-based routing appliance that runs all open source software. Run whatever you want on it. It’s just Linux. Offer a value-add OS and support maybe.

I know Netgate offers something like this with TNSR, but it’s not quite a perfect fit for us.

I really like Winbox, and especially couldn’t live without RoMON (which has saved me countless truck rolls in the middle of the night).

Anyone that has a decent 60Ghz product uses vpp. UBNT was using it before "Wave". Their initial Qualcomm 60Ghz utilized vpp as most vendors were jumping on the terragraph wagon and terragraph uses vpp and dpdk. Even if manufactures opted for PTMP over terragraph mesh I think that terragraph really brought the pieces together and gave the manufactures the software concepts to make these products a reality. It's a no-brainer that Mikrotik should implement vpp / dpdk. The question is if they are chasing consumer markets or service provider markets. They would see much more service provider sales with routers that have muscle. The only real way forward is L3HW that is big enough to handle full tables or 8 & 16 core vpp / dpdk routers that can move 100G w/o L3HW offload.

Posted: **Fri Dec 15, 2023 4:33 am**

remember, there's new ampere chips coming soon. that might come with some routing surprises as well. I doubt those are being brought it just for control plan on marvell switch chips.

Posted: **Fri Dec 15, 2023 6:55 am**

remember, there's new ampere chips coming soon. that might come with some routing surprises as well. I doubt those are being brought it just for control plan on marvell switch chips.

It would be stupid if they have a 128 core ampere doing 90s routing vs running vpp / dpdk.

Posted: **Mon Dec 18, 2023 10:43 pm**

remember, there's new ampere chips coming soon. that might come with some routing surprises as well. I doubt those are being brought it just for control plan on marvell switch chips.
It would be stupid if they have a 128 core ampere doing 90s routing vs running vpp / dpdk.

exactly.

Posted: **Fri Dec 29, 2023 3:35 pm**

7.13 IS-IS is available on cli .

Thank you Mikrotik.

Posted: **Mon Jan 01, 2024 9:01 pm**

So

any news on the CPU version Ampere mikrotik will use? at leat they have more cpus, highger clock-rates.. are they trying to reach high performance now.. similar to V7 with XEON E5-2699v4 models? hehehe..

i hope they really make further support for newer AMD EPYC cpus also on mikrotik... 128 Cores ans 256 core versions.. would probably make a nice router Frankenstein insane version.

Posted: **Mon Jan 01, 2024 9:18 pm**

I'm a bit mixed on the new high core count moves. Frankly, for pure routing the 2004 and 2116 are blazing fast, optimizing routeros to use more cores would just keep making those better and better.

The biggest problem I'm seeing still comes down to single core performance. BGP is way faster, but still can get stomped handily by a FRR box on a modern intel chip. A shaping tree get's stuck in a single CPU core. SNMP gets stuck on a single CPU core.

Granted, you could work through some of those limitations by making them multi-threaded but some things are just not well suited for it. A shaper tree for instance sort of needs to have the top level HTB on a single core or some careful balancing of average traffic which would need a separate and new tool from mikrotik, and BGP needs to have each peer on a single core because moving data between cores is so much slower as to negate multi-threading gains.

I think it's a long shot but mikrotik dropping a 13-14th gen xeon box or similar ryzen box with really high core speeds would be awesome. I know there are ways to get routeros on that hardware, CHR, hacking x86 installer into a CHR on bare metal etc, but I'm not really interested in that. I want a *MIKROTIK* box in 1U with port options etc. Like a CCR2004-* but with a very high clock high performance CPU. Frankly, the only ARM series chip that would be interesting here is Apple's, everyone else is well behind on single core performance. Frankly, the i3-13100F would be so incredible in a ccr2004-12SFP+ format...

Posted: **Wed Jan 03, 2024 4:21 am**

I'm a bit mixed on the new high core count moves. Frankly, for pure routing the 2004 and 2116 are blazing fast, optimizing routeros to use more cores would just keep making those better and better.

The biggest problem I'm seeing still comes down to single core performance. BGP is way faster, but still can get stomped handily by a FRR box on a modern intel chip. A shaping tree get's stuck in a single CPU core. SNMP gets stuck on a single CPU core.

Granted, you could work through some of those limitations by making them multi-threaded but some things are just not well suited for it. A shaper tree for instance sort of needs to have the top level HTB on a single core or some careful balancing of average traffic which would need a separate and new tool from mikrotik, and BGP needs to have each peer on a single core because moving data between cores is so much slower as to negate multi-threading gains.

I think it's a long shot but mikrotik dropping a 13-14th gen xeon box or similar ryzen box with really high core speeds would be awesome. I know there are ways to get routeros on that hardware, CHR, hacking x86 installer into a CHR on bare metal etc, but I'm not really interested in that. I want a *MIKROTIK* box in 1U with port options etc. Like a CCR2004-* but with a very high clock high performance CPU. Frankly, the only ARM series chip that would be interesting here is Apple's, everyone else is well behind on single core performance. Frankly, the i3-13100F would be so incredible in a ccr2004-12SFP+ format...

why use CHR ?? is mikrotik v7 RoS runs great in bare metal... with support for SAS and SSD drives now.. run great.. i think CHR its useless unless you pretend to use old V6 RoS... we have running gen12 and gen13 on bare metal X86_64 with multithread enabled on rOS v7 .. running great..with average 10 to 12Gbps traffic with litle over 18% cpu usage.. for PPPOE with over 5k users..

we will try to setup some test servers with script to generate traffic and pppoe users.. see if we can make it up to 15k users for testing..

Posted: **Thu Jan 25, 2024 1:38 pm**

Has anyone managed to configure an MTU greater than 1500? My connection is established only with MTU 1500 (on port). Otherwise, the connection will not be established.
I mean when configuring between Cisco and Mikrotik.

Posted: **Thu Jan 25, 2024 2:14 pm**

why use CHR ?? is mikrotik v7 RoS runs great in bare metal...

OT - In my opinion, one of the major advantages of CHR is that the platform becomes hardware-agnostic and also enables it to move or upgrade "live" including network sessions to new hw without any downtime (aka Hyper-v/vSphere live migration). A perfectly fit for a datacenter virtual BNG using ISIS I might add. Additionally, performance wise using today's modern drivers supporting DirectPath/SR-IOV, it's fast as bare metal and the overhead of the supervisor is barely measurable.

Thus from a purely operational and production perspective, CHR has almost nothing but advantages.

Posted: **Tue Feb 27, 2024 4:31 am**

7.13 IS-IS is available on cli .

Thank you Mikrotik.

Hello,

Have you already tested IS-IS?
Does /instance l2.out-filter-chain work for you?

Regards.

Posted: **Thu Mar 14, 2024 4:45 pm**

Yes,
I added to my lab in EVE-NG so far so good.

MikroTik

IS-IS

IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS

Re: IS-IS