Community discussions

MikroTik App
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Wed Nov 06, 2019 6:56 pm

I have the RB2011 and upgraded from grandfathered Time Warner Cable's 200Mbps to Spectrum's Ultra 400Mbps. I was getting close to 400Mbps with the router in place.

But just last Saturday, we decided that we had enough of paying too much to DirecTV and went to the Spectrum Store in town and added Spectrum TV to our account (because we were just getting Internet from them). I specifically remember asking the Spectrum lady that was handling our account if she knew NOT to touch the 400Mbps internet package we had, and just to add the TV package to our account. The lady said, "Oh you had Ultra? Oh, hold on...." then proceeded to start typing on her keyboard as if she made a drastic mistake. Dammit.

Now, when I connect the PC to the modem (some kind of Hitron modem), I can get 400/20. But when I connect the RB2011 to the modem and do a Speedtest.net from one of my computers, I can only get 150/20.

I've tried the following: removing the bridge and reconfiguring the routing, disabling all the firewall rules, I've upgraded the firmware and ROS to latest versions, trying fasttrack (lets me get to 200/20...but I need to have the use of queues), disabling queues. I've been reading around that the RB2011 doesn't have what it takes to handle connections like Spectrum's Ultra....but I've seen my own RB2011 get to 400/20 BEFORE we added the TV package.

I've even tried cloning the MAC address of the computer I connected directly to the modem that got me 400/20...to the ETHER1 port's MAC address field. That didn't work.

Do I just need to upgrade this router, like to a hEX S, or am I missing something here?
 
romihg
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Tue Jun 24, 2014 9:07 am
Location: SLOVENIA

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Wed Nov 06, 2019 7:53 pm

Hi
I was geting 270M MAX on 350/40 link PPPOE. On just simple nating nothing else. Now i have RB4011 and i get full 350/40 speed. CPU on speedtest was onn 100% Never research on depth of this
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 2098
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Krugersdorp (Home town of Brad Binder)
Contact:

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Wed Nov 06, 2019 11:11 pm

Can you post full config here, using export hide-sensitive, place output of export between code brackets, on the button menus, please look for it
 
Cvan
Member Candidate
Member Candidate
Posts: 129
Joined: Sat Jun 09, 2018 3:32 am

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Thu Nov 07, 2019 12:44 am

Got the same exact board as you and same ISP in LA (Spectrum)..

Was already upgraded to 6.45.7 ROS
Looking at the config now and I don't even have ether1 on any bridge..

We had a Spectrum plan at 100Mbps plan and got some free upgrade to Spectrum business 400Mbps.
On initial speed test was getting at best 150Mbps... ( THIS test was with the upgraded Spectrum modem already installed )

A couple of days later tried again around 9:30 PM LA time and was getting 481.34Mbps on speedtest.net from Spectrum Business to Bel Air Internet LLC..

I have a screen capture of this but gave up on trying to put it in this post...

And I did NOT change one config setting on the MT router... this was all effective last week...

I will say even though we had been upgraded for sometime; which I didn't even know... the original modem we had from spectrum did not even support speeds greater then 300Mbps.. So they gave a us a free upgraded 1Gbps modem.. this all required me to call them on the phone to sort it all out..
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Thu Nov 07, 2019 1:01 am

Cyan, what modem do you have from Spectrum? I was given this Hitron model...

I found this in the forums: viewtopic.php?t=138895 and the prevailing idea in that thread is that problem manifests itself after ROS version 6.36.4. Anything before that, speeds are supposedly fine. I'm thinking about downgrading, but with all the vulnerabilities between 6.36.4 and 6.45.7....I don't know if it's really worth it.
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Thu Nov 07, 2019 1:14 am

Can you post full config here, using export hide-sensitive, place output of export between code brackets, on the button menus, please look for it
I hope I did this right....
# nov/06/2019 15:03:44 by RouterOS 6.45.7
# software id = ZA4A-W5CN
#
# model = 2011UiAS-2HnD
# serial number = **********
/interface bridge
add admin-mac=00:0C:42:D7:D9:12 auto-mac=no fast-forward=no mtu=1500 name=\
    bridge-gigabit protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] advertise=100M-full,1000M-full name=\
    ether1-WAN
set [ find default-name=ether2 ] advertise=10M-full,100M-full,1000M-full \
    speed=100Mbps
set [ find default-name=ether3 ] advertise=100M-full,1000M-full
set [ find default-name=ether4 ] advertise=100M-full,1000M-full speed=100Mbps
set [ find default-name=ether5 ] advertise=100M-full,1000M-full speed=100Mbps
set [ find default-name=ether6 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether7 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether8 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether9 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether10 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-g/n country="united states" \
    disabled=no distance=indoors frequency=2447 hw-retries=4 mode=ap-bridge \
    ssid=celery359 wps-mode=disabled
/interface ethernet switch port
set 6 vlan-mode=fallback
set 7 vlan-mode=fallback
set 8 vlan-mode=fallback
set 9 vlan-mode=fallback
set 10 vlan-mode=fallback
set 12 vlan-mode=fallback
/interface list
add exclude=dynamic name=discover
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" \
    group-key-update=1h mode=dynamic-keys supplicant-identity=MikroTik
add authentication-types=wpa2-psk eap-methods="" management-protection=\
    allowed mode=dynamic-keys name=guest-wifi1 supplicant-identity=""
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=dhcp ranges=192.168.88.150-192.168.88.175
add name=wifi-dhcp ranges=192.168.89.100-192.168.89.200
/ip dhcp-server
add address-pool=dhcp authoritative=after-2sec-delay disabled=no interface=\
    bridge-gigabit lease-time=1d name=default
add address-pool=wifi-dhcp authoritative=after-2sec-delay disabled=no \
    interface=wlan1 lease-time=1d name=wifiDHCP
/queue type
set 0 pfifo-limit=500
set 9 pfifo-limit=100
/queue interface
set ether1-WAN queue=default
set ether2 queue=default
set ether3 queue=default
set ether4 queue=default
set ether5 queue=default
set toNMS2-Spectrum queue=default-small
/queue simple
add limit-at=0/100M max-limit=0/100M name=DHCP_Pool queue=\
    pcq-upload-default/pcq-download-default target="192.168.88.155/32,192.168.\
    88.156/30,192.168.88.160/28,192.168.88.176/30,192.168.89.100/30,192.168.89\
    .104/29,192.168.89.112/28,192.168.89.128/26,192.168.89.192/29,192.168.89.2\
    00/32,192.168.88.6/32" total-queue=default
add limit-at=0/250M max-limit=0/250M name=Joe queue=default/default target="19\
    2.168.88.32/27,192.168.89.241/32,192.168.89.242/31,192.168.89.244/30,192.1\
    68.89.248/30,198.168.89.252/31,192.168.88.152/32,10.0.0.61/32" \
    total-queue=default
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
set 3 remote=1.1.1.1
/interface bridge port
add bridge=bridge-gigabit disabled=yes interface=ether2
add bridge=bridge-gigabit disabled=yes interface=wlan1
add bridge=bridge-gigabit interface=ether3
add bridge=bridge-gigabit interface=ether4
add bridge=bridge-gigabit disabled=yes interface=ether7
add bridge=bridge-gigabit disabled=yes interface=ether8
add bridge=bridge-gigabit disabled=yes interface=ether9
add bridge=bridge-gigabit disabled=yes interface=ether10
add bridge=bridge-gigabit interface=ether5
/interface bridge settings
set allow-fast-path=no
/interface ovpn-server server
set certificate=cert_export_ovpnCA.crt_0
/interface sstp-server server
set authentication=mschap2 certificate=sstpserver-cert default-profile=\
    default-encryption enabled=yes force-aes=yes pfs=yes port=25443
/interface wireless access-list
add interface=wlan1 mac-address=F0:27:65:6D:BF:C5 vlan-mode=no-tag
add interface=wlan1 mac-address=34:4D:F7:71:93:21 vlan-mode=no-tag
/ip address
add address=192.168.88.1/24 comment="default configuration" interface=\
    bridge-gigabit network=192.168.88.0
add address=192.168.89.1/24 interface=wlan1 network=192.168.89.0
/ip dhcp-client
add comment="default configuration" dhcp-options=hostname,clientid disabled=\
    no interface=ether1-WAN use-peer-dns=no use-peer-ntp=no
/ip dhcp-server lease
add address=192.168.88.5 always-broadcast=yes client-id=1:0:b:82:3c:c4:ca \
    comment="My VOIP" mac-address=00:0B:82:3C:C4:CA server=default
add address=192.168.88.39 always-broadcast=yes client-id=1:d4:be:d9:bb:b7:22 \
    comment="192.168.88.32/27" mac-address=D4:BE:D9:BB:B7:22 server=\
    default
add address=192.168.88.41 client-id=1:f4:ce:46:51:9f:51 comment="HP P2055DN" \
    mac-address=F4:CE:46:51:9F:51 server=default
add address=192.168.88.6 client-id=1:0:b:82:69:b6:53 comment=\
    "VOIP" mac-address=00:0B:82:69:B6:53 server=default
add address=192.168.88.157 always-broadcast=yes client-id=1:b8:ac:6f:90:71:9a \
    mac-address=B8:AC:6F:90:71:9A server=default
add address=192.168.89.100 client-id=1:34:4d:f7:71:93:21 mac-address=\
    34:4D:F7:71:93:21 server=wifiDHCP
add address=192.168.89.103 mac-address=74:C2:46:5C:F4:F5 server=wifiDHCP
add address=192.168.89.245 client-id=1:d8:eb:97:d0:b4:36 mac-address=\
    D8:EB:97:D0:B4:36 server=wifiDHCP
add address=192.168.88.40 client-id=1:2c:27:d7:e2:fb:58 mac-address=\
    2C:27:D7:E2:FB:58 server=default
add address=192.168.89.242 client-id=1:0:9d:6b:20:a7:25 mac-address=\
    00:9D:6B:20:A7:25 server=wifiDHCP
add address=192.168.89.244 client-id=1:bc:20:a4:7a:e4:6c mac-address=\
    BC:20:A4:7A:E4:6C server=wifiDHCP
add address=192.168.88.38 client-id=1:0:c:29:83:e1:ea mac-address=\
    00:0C:29:83:E1:EA server=default
add address=192.168.89.241 client-id=1:68:9a:87:5f:11:e2 comment=\
    "Wifi IP Range 192.168.89.241-253" mac-address=68:9A:87:5F:11:E2 \
    server=wifiDHCP
add address=192.168.89.243 client-id=1:c0:f8:da:3c:c8:d9 mac-address=\
    C0:F8:DA:3C:C8:D9 server=wifiDHCP
add address=192.168.89.246 mac-address=AC:AE:19:39:47:A7 server=wifiDHCP
/ip dhcp-server network
add address=192.168.88.0/24 comment="default configuration" dns-server=\
    1.1.1.1,1.0.0.1 gateway=192.168.88.1 netmask=24
add address=192.168.89.0/24 dns-server=1.1.1.1,1.0.0.1 gateway=192.168.89.1
/ip dns
set cache-size=8192KiB max-udp-packet-size=8192 servers=8.8.4.4,4.2.2.2
/ip dns static
add address=192.168.88.1 disabled=yes name=router
/ip firewall address-list
add address=192.168.3.0/24 list=routeraccess
add address=192.168.88.0/24 list=routeraccess
add address=192.168.5.0-192.168.6.254 list=routeraccess
/ip firewall filter
add action=drop chain=input comment="Drop ICMP pings" in-interface=ether1-WAN \
    protocol=icmp
add action=drop chain=input comment=\
    "Block incoming DNS requests from outside" dst-port=53 in-interface=\
    ether1-WAN protocol=udp
add action=drop chain=forward comment=\
    "Block incoming DNS requests from outside" dst-port=53 in-interface=\
    ether1-WAN protocol=tcp
add action=drop chain=input comment="Drop Invalid connections - INPUT" \
    connection-mark="" connection-state=invalid
add action=drop chain=forward comment="Drop Invalid Connections - FORWARD" \
    connection-state=invalid
add action=accept chain=input comment=\
    "Allow Established and Related Connections" connection-state=\
    established,related
add action=accept chain=forward comment=\
    "Allow Already Established and Related Connections" connection-state=\
    established,related
add action=accept chain=forward comment="VOIP FXS port 1" protocol=udp \
    src-address=192.168.88.5 src-port=5060
add action=accept chain=forward comment="VOIP FXS Port 1" protocol=udp \
    src-address=192.168.88.5 src-port=5004
add action=accept chain=forward comment="VOIP" protocol=udp \
    src-address=192.168.88.6 src-port=25060
add action=accept chain=forward comment="VOIP" protocol=udp \
    src-address=192.168.88.6 src-port=25004
add action=drop chain=forward comment="Drop Everything Else" in-interface=\
    ether1-WAN
add action=drop chain=input comment="Drop Everything Else" in-interface=\
    ether1-WAN
/ip firewall nat
add action=dst-nat chain=dstnat dst-port=15900 in-interface=ether1-WAN \
    protocol=tcp to-addresses=192.168.88.39 to-ports=5900
add action=dst-nat chain=dstnat dst-port=20080 in-interface=ether1-WAN \
    protocol=tcp to-addresses=192.168.89.151 to-ports=80
add action=masquerade chain=srcnat comment="default configuration" \
    out-interface=ether1-WAN
/ip firewall service-port
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set pptp disabled=yes
/ip ipsec policy
set 0 disabled=yes dst-address=0.0.0.0/0 src-address=0.0.0.0/0
/ip proxy
set cache-path=web-proxy1
/ip route
add distance=1 dst-address=192.168.3.0/24 gateway=10.9.9.50
add distance=1 dst-address=192.168.5.0/24 gateway=10.9.9.50
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=192.168.89.0/24,192.168.88.0/24,192.168.3.0/24
set api disabled=yes
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes always-allow-password-login=yes forwarding-enabled=\
    remote
/ip upnp interfaces
add interface=ether1-WAN type=external
add interface=bridge-gigabit type=internal
/lcd
set enabled=no
/lcd interface
add
/ppp secret
add local-address=10.0.0.60 name=sstp-joe profile=default-encryption \
    remote-address=10.0.0.61 service=sstp
/system clock
set time-zone-autodetect=no time-zone-name=America/Los_Angeles
/system identity
set name=rden359
/system logging
add topics=wireless
add action=echo topics=packet,info
add topics=debug,script
/system ntp client
set enabled=yes primary-ntp=204.2.134.163 secondary-ntp=69.50.219.51
/system scheduler
add interval=1d name=freednsCheck on-event=freednsCheck policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\
    may/26/2016 start-time=23:59:00
add interval=15m name=routeraccess on-event="/system script run routeraccess" \
    policy=read,write start-date=jul/30/2016 start-time=21:37:16
add comment="Download dshield list" interval=3d name=DownloadDShieldList \
    on-event=Download_dshield policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\
    jan/01/1970 start-time=01:05:20
add comment="Apply dshield List" interval=3d name=InstallDShieldList \
    on-event=Replace_dshield policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\
    jan/01/1970 start-time=01:10:20
/system script
add dont-require-permissions=no name=freedns owner=admin policy=\
    ftp,read,write source="# Installation:\
    \n# 1. Modify settings\
    \n# 2a. Cut&paste contents of this file to console\
    \n# 2b. Or save modified file, upload via tftp, sftp, web, etc.\
    \n# 3b. Run /import freedns.rsc\
    \n\
    \n:global freednsCheckInterval 10m\
    \n\
    \n/system scheduler\
    \nremove [find name=\"freednsCheck\"]\
    \nremove [find name=\"freednsUpdate\"]\
    \n\
    \n/system script\
    \n\
    \nremove [find name=\"freednsCheck\"]\
    \nadd name=\"freednsCheck\" source={\
    \n#   Required. Can be set to 'auto' if there is only one default gateway.\
    \n    :global freednsGateIface \"auto\"\
    \n\
    \n#   Required. Set it to FreeDNS key string (query string after \? char).\
    \n    :global freednsKey \"ODM=\"\
    \n\
    \n#   Optional. Fill it with FQDN or leave it blank to skip verify&retry.\
    \n    :global freednsVerify \"\"\
    \n\
    \n#   In case freednsVerify is not empty, all freednsRetry* settings are r\
    equired!\
    \n    :global freednsRetryInterval 5m\
    \n\
    \n#   Stop trying after this count of failures. 0 means 'infinity'\
    \n    :global freednsRetryMax 100\
    \n\
    \n#   Log warning after this count of failures. 0 means 'never'\
    \n    :global freednsRetryWarn\
    \n\
    \n\
    \n    /ip route\
    \n    :if (\$freednsGateIface=\"auto\") do={\
    \n        :set freednsGateIface [get [ \\\
    \n            find dst-address=0.0.0.0/0 ] \\\
    \n            value-name=\"vrf-interface\"]\
    \n        :log debug \"freednsCheck: gateway interface IP: \$freednsGateIf\
    ace\"\
    \n    }\
    \n\
    \n    :local gateRemoteIp\
    \n    :set gateRemoteIp [get [ \\\
    \n            find dst-address=0.0.0.0/0 and vrf-interface=\$freednsGateIf\
    ace] \\\
    \n        value-name=gateway]\
    \n    :log debug \"freednsCheck: gateway remote IP: \$gateRemoteIp\"\
    \n\
    \n    :local gateLocalIp\
    \n    :set gateLocalIp [get [ \\\
    \n            find gateway=\$freednsGateIface] \\\
    \n        value-name=pref-src]\
    \n    :log debug \"freednsCheck: gateway local IP: \$gateLocalIp\"\
    \n\
    \n    /interface ethernet\
    \n    :local linkStatus\
    \n    monitor [find name=\$freednsGateIface] once do={\
    \n        :set linkStatus \$status\
    \n    }\
    \n    :log debug \"freednsCheck: link status: \$linkStatus\"\
    \n\
    \n    :global freednsIp\
    \n    :if (\$linkStatus = \"link-ok\" and \$freednsIp != \$gateLocalIp) do\
    ={\
    \n        :log info \"freednsCheck: IP changed on \$freednsGateIface from \
    \$freednsIp to \$gateLocalIp\"\
    \n        :set freednsIp \$gateLocalIp\
    \n        :if ([:len \$freednsVerify] > 0) do={\
    \n            :log debug \"freednsCheck: scheduling freednsUpdate at \$fre\
    ednsRetryInterval\"\
    \n            /system scheduler\
    \n            remove [find name=\"freednsUpdate\"]\
    \n            add name=\"freednsUpdate\" interval=\$freednsRetryInterval o\
    n-event=\"freednsUpdate\"\
    \n        }\
    \n        :log debug \"freednsCheck: running freednsUpdate now\"\
    \n        /system script run freednsUpdate\
    \n    } else={\
    \n        :log debug \"freednsCheck: no update required or link is not ok\
    \"\
    \n    }\
    \n}\
    \n\
    \nremove [find name=\"freednsUpdate\"]\
    \nadd name=\"freednsUpdate\" source={\
    \n    :global freednsGateIface\
    \n    :global freednsIp\
    \n    :global freednsKey\
    \n    :global freednsVerify\
    \n    :global freednsRetryInterval\
    \n    :global freednsRetryMax\
    \n    :global freednsRetryWarn\
    \n\
    \n    /interface ethernet\
    \n    :local linkStatus\
    \n    monitor [find name=\$freednsGateIface] once do={\
    \n        :set linkStatus \$status\
    \n    }\
    \n    :log debug \"freednsUpdate: link status: \$linkStatus\"\
    \n\
    \n    :if (\$linkStatus = \"link-ok\") do={\
    \n        :local resolvedIp\
    \n        :if ([:len \$freednsVerify] > 0) do={\
    \n            /system scheduler\
    \n            :local runCount [get [find name=\"freednsUpdate\"] value-nam\
    e=\"run-count\"]\
    \n            :log debug \"freednsUpdate: retry count: \$runCount\"\
    \n            :if (\$runCount > 0 and \$runCount = \$freednsRetryWarn) do=\
    {\
    \n                :log warning \"freednsUpdate: failed to update \$freedns\
    Verify to \$freednsIp\"\
    \n            }\
    \n            :if (\$freednsRetryMax > 0 and \$runCount > \$freednsRetryMa\
    x) do={\
    \n                :log debug \"freednsUpdate: freednsRetryMax(\$freednsRet\
    ryMax) retry count has reached, stopping\"\
    \n                /system scheduler remove [find name=\"freednsUpdate\"]\
    \n                :return 0\
    \n            } else={\
    \n                :set resolvedIp [:resolve \$freednsVerify]\
    \n                :log debug \"freednsUpdate: resolved \$freednsVerify to \
    \$resolvedIp\"\
    \n            }\
    \n        }\
    \n        :if (\$resolvedIp = \$freednsIp) do={\
    \n            :log debug \"freednsUpdate: successfully updated to \$freedn\
    sIp, stopping scheduler\"\
    \n            /system scheduler remove [find name=\"freednsUpdate\"]\
    \n        } else={\
    \n            :log debug \"freednsUpdate: sending request to freedns.afrai\
    d.org\"\
    \n            /tool fetch \\\
    \n                mode=http \\\
    \n                address=\"freedns.afraid.org\" \\\
    \n                host=\"freedns.afraid.org\" \\\
    \n                src-path=\"dynamic/update.php\\\?\$freednsKey\" \\\
    \n                keep-result=no\
    \n        }\
    \n    }\
    \n}\
    \n\
    \n/system scheduler add name=\"freednsCheck\" interval=\$freednsCheckInter\
    val on-event=\"freednsCheck\"\
    \n\
    \nenvironment remove [find name=\"freednsIp\"]\
    \nenvironment remove [find name=\"freednsCheckInterval\"]\
    \n\
    \nrun freednsCheck\
    \n/log print\
    \n"
add dont-require-permissions=no name=freednsCheck owner=admin policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\r\
    \n#   Required. Can be set to 'auto' if there is only one default gateway.\
    \r\
    \n    :global freednsGateIface \"auto\"\r\
    \n\r\
    \n#   Required. Set it to FreeDNS key string (query string after \? char).\
    \r\
    \n    :global freednsKey \"wODM=\"\r\
    \n\r\
    \n#   Optional. Fill it with FQDN or leave it blank to skip verify&retry.\
    \r\
    \n    :global freednsVerify \"\"\r\
    \n\r\
    \n#   In case freednsVerify is not empty, all freednsRetry* settings are r\
    equired!\r\
    \n    :global freednsRetryInterval 5m\r\
    \n\r\
    \n#   Stop trying after this count of failures. 0 means 'infinity'\r\
    \n    :global freednsRetryMax 100\r\
    \n\r\
    \n#   Log warning after this count of failures. 0 means 'never'\r\
    \n    :global freednsRetryWarn\r\
    \n\r\
    \n\r\
    \n\r\
    \n    /ip route\r\
    \n    :if (\$freednsGateIface=\"auto\") do={\r\
    \n        :set freednsGateIface [get [find dst-address=0.0.0.0/0] value-na\
    me=\"vrf-interface\"]\r\
    \n        :log debug \"freednsCheck: gateway interface IP: \$freednsGateIf\
    ace\"\r\
    \n    }\r\
    \n\r\
    \n    :local gateRemoteIp\r\
    \n    :set gateRemoteIp [get [ \\\r\
    \n            find dst-address=0.0.0.0/0 and vrf-interface=\$freednsGateIf\
    ace] \\\r\
    \n        value-name=gateway]\r\
    \n    :log debug \"freednsCheck: gateway remote IP: \$gateRemoteIp\"\r\
    \n\r\
    \n\r\
    \n    :local gateLocalIp\r\
    \n    :set gateLocalIp [get [ \\\r\
    \n            find gateway=\$freednsGateIface] \\\r\
    \n        value-name=pref-src]\r\
    \n    :log debug \"freednsCheck: gateway local IP: \$gateLocalIp\"\r\
    \n\r\
    \n    /interface ethernet\r\
    \n    :local linkStatus\r\
    \n    monitor [find name=\$freednsGateIface] once do={\r\
    \n        :set linkStatus \$status\r\
    \n    }\r\
    \n    :log debug \"freednsCheck: link status: \$linkStatus\"\r\
    \n\r\
    \n    :global freednsIp\r\
    \n    :if (\$linkStatus = \"link-ok\" and \$freednsIp != \$gateLocalIp) do\
    ={\r\
    \n        :log info \"freednsCheck: IP changed on \$freednsGateIface from \
    \$freednsIp to \$gateLocalIp\"\r\
    \n        :set freednsIp \$gateLocalIp\r\
    \n        :if ([:len \$freednsVerify] > 0) do={\r\
    \n            :log debug \"freednsCheck: scheduling freednsUpdate at \$fre\
    ednsRetryInterval\"\r\
    \n            /system scheduler\r\
    \n            remove [find name=\"freednsUpdate\"]\r\
    \n            add name=\"freednsUpdate\" interval=\$freednsRetryInterval o\
    n-event=\"freednsUpdate\"\r\
    \n        }\r\
    \n        :log debug \"freednsCheck: running freednsUpdate now\"\r\
    \n        /system script run freednsUpdate\r\
    \n    } else={\r\
    \n        :log debug \"freednsCheck: no update required or link is not ok\
    \"\r\
    \n    }\r\
    \n"
add dont-require-permissions=no name=freednsUpdate owner=admin policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive source="\
    \n    :global freednsGateIface\
    \n    :global freednsIp\
    \n    :global freednsKey\
    \n    :global freednsVerify\
    \n    :global freednsRetryInterval\
    \n    :global freednsRetryMax\
    \n    :global freednsRetryWarn\
    \n\
    \n    /interface ethernet\
    \n    :local linkStatus\
    \n    monitor [find name=\$freednsGateIface] once do={\
    \n        :set linkStatus \$status\
    \n    }\
    \n    :log debug \"freednsUpdate: link status: \$linkStatus\"\
    \n\
    \n    :if (\$linkStatus = \"link-ok\") do={\
    \n        :local resolvedIp\
    \n        :if ([:len \$freednsVerify] > 0) do={\
    \n            /system scheduler\
    \n            :local runCount [get [find name=\"freednsUpdate\"] value-nam\
    e=\"run-count\"]\
    \n            :log debug \"freednsUpdate: retry count: \$runCount\"\
    \n            :if (\$runCount > 0 and \$runCount = \$freednsRetryWarn) do=\
    {\
    \n                :log warning \"freednsUpdate: failed to update \$freedns\
    Verify to \$freednsIp\"\
    \n            }\
    \n            :if (\$freednsRetryMax > 0 and \$runCount > \$freednsRetryMa\
    x) do={\
    \n                :log debug \"freednsUpdate: freednsRetryMax(\$freednsRet\
    ryMax) retry count has reached, stopping\"\
    \n                /system scheduler remove [find name=\"freednsUpdate\"]\
    \n                :return 0\
    \n            } else={\
    \n                :set resolvedIp [:resolve \$freednsVerify]\
    \n                :log debug \"freednsUpdate: resolved \$freednsVerify to \
    \$resolvedIp\"\
    \n            }\
    \n        }\
    \n        :if (\$resolvedIp = \$freednsIp) do={\
    \n            :log debug \"freednsUpdate: successfully updated to \$freedn\
    sIp, stopping scheduler\"\
    \n            /system scheduler remove [find name=\"freednsUpdate\"]\
    \n        } else={\
    \n            :log debug \"freednsUpdate: sending request to freedns.afrai\
    d.org\"\
    \n            /tool fetch \\\
    \n                mode=http \\\
    \n                address=\"freedns.afraid.org\" \\\
    \n                host=\"freedns.afraid.org\" \\\
    \n                src-path=\"dynamic/update.php\\\?\$freednsKey\" \\\
    \n                keep-result=no\
    \n        }\
    \n    }\
    \n"
add dont-require-permissions=no name=script1 owner=admin policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive source="/ip fir\
    ewall filter\r\
    \nadd chain=ICMP protocol=icmp icmp-options=0:0-255 limit=5,5:packet actio\
    n=accept comment=\"0:0 and limit for 5pac/s\" disabled=no \r\
    \nadd chain=ICMP protocol=icmp icmp-options=3:3 limit=5,5:packet action=ac\
    cept comment=\"3:3 and limit for 5pac/s\" disabled=no \r\
    \nadd chain=ICMP protocol=icmp icmp-options=3:4 limit=5,5:packet action=ac\
    cept comment=\"3:4 and limit for 5pac/s\" disabled=no \r\
    \nadd chain=ICMP protocol=icmp icmp-options=8:0-255 limit=5,5:packet actio\
    n=accept comment=\"8:0 and limit for 5pac/s\" disabled=no \r\
    \nadd chain=ICMP protocol=icmp icmp-options=11:0-255 limit=5,5:packet acti\
    on=accept comment=\"11:0 and limit for 5pac/s\" disabled=no \r\
    \nadd chain=ICMP protocol=icmp action=drop comment=\"Drop everything else\
    \" disabled=no \r\
    \n"
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=none
/tool mac-server ping
set enabled=no
 
Cvan
Member Candidate
Member Candidate
Posts: 129
Joined: Sat Jun 09, 2018 3:32 am

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Thu Nov 07, 2019 1:32 am

I do not know what make or model of modem they installed, nor do I know what was there before. Only that the old one supported 300Mbps and the new supported 1Gbps which was all I really cared about.. This is a remote managed site with a six stack. I was not there during the upgrade/install. I will say I did the ROS upgrade to 6.45.7 AFTER they installed the new modem AND upgraded the line.. AND I ran all tests after ROS was already upgraded to 6.45.7... IMO this not an issue with MT router... more on the ISP (spectrum) side with shared bandwidth allocation; very intermittent results.
 
Cvan
Member Candidate
Member Candidate
Posts: 129
Joined: Sat Jun 09, 2018 3:32 am

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Thu Nov 07, 2019 1:39 am

Well.. after quick glance; does not look like you have any fasttrack rules in place in your firewall. For me this is critical for performance on the cpu.. This marks the packets so the cpu does not peg out.
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Thu Nov 07, 2019 1:41 am

I do not know what make or model of modem they installed, nor do I know what was there before. Only that the old one supported 300Mbps and the new supported 1Gbps which was all I really cared about.. This is a remote managed site with a six stack. I was not there during the upgrade/install. I will say I did the ROS upgrade to 6.45.7 AFTER they installed the new modem AND upgraded the line.. AND I ran all tests after ROS was already upgraded to 6.45.7... IMO this not an issue with MT router... more on the ISP (spectrum) side with shared bandwidth allocation; very intermittent results.
What's even more weird is that when I plug in my PC directly into the modem, I get one IP address, and then it goes 400/20. When I plug my router into the modem and do the power cycle dance for both devices, I get the IP address I had ever since TWC, and then it goes to 150/20. It's almost they incorrectly provisioned the IP address I had since TWC when they added Spectrum TV service to my account on Saturday.

What sucks even more is that the Hitron modem does not have a web interface. And Spectrum support is not like what TWC support used to be (multi-tiered, with the experts in Colorado Springs). The supervisor I talked to didn't even understand a word I was telling her last night, and she's supposed to be the highest level of support. LOL
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Thu Nov 07, 2019 1:45 am

Well.. after quick glance; does not look like you have any fasttrack rules in place in your firewall. For me this is critical for performance on the cpu.. This marks the packets so the cpu does not peg out.
I tried putting fasttrack rules in....it only went up to 210-230/20.

And I use queues, so....I know Fasttrack ignores queues so that wouldn't be an option for me, unfortunately.
 
Cvan
Member Candidate
Member Candidate
Posts: 129
Joined: Sat Jun 09, 2018 3:32 am

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Thu Nov 07, 2019 2:00 am

I have queues but I still use a fasttrack connection fw rule. I queue the whole subnet and then fasttrack specific groups of ips by using address lists in the fw rule...

Checklist...

Are you testing from a 1Gbps NIC on your test PC
Does your Spectrum modem support 1Gbps
Are using a 1Gbps port on the router for testing (1-5)
Is your cable cat6; is your cable cat5e? try a new cable between router and modem?

Configure static IP on MT router that you get from your PC when plugged directly into the modem..?
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Thu Nov 07, 2019 2:12 am

I have queues but I still use a fasttrack connection fw rule. I queue the whole subnet and then fasttrack specific groups of ips by using address lists in the fw rule...

Checklist...

Are you testing from a 1Gbps NIC on your test PC = Yes
Does your Spectrum modem support 1Gbps = Yes, that's what they said about the Hitron
Are using a 1Gbps port on the router for testing (1-5) = Yes
Is your cable cat6; is your cable cat5e? try a new cable between router and modem? = The cable between the computer and router is Cat5e, should be okay, right?

Configure static IP on MT router that you get from your PC when plugged directly into the modem..? = I cloned my PC's MAC address to the ether1 port on my router, got the different address, but still getting 150/20
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Thu Nov 07, 2019 11:14 pm

Configure static IP on MT router that you get from your PC when plugged directly into the modem..? = I cloned my PC's MAC address to the ether1 port on my router, got the different address, but still getting 150/20
If you systematically get the same address whenever you connect the PC to the Hitron, but systematically get another address (or a different address each time but from the same subnet other than that of the PC's address) whenever you connect the Tik with a cloned MAC address from the PC, it is most likely that the DHCP server doesn't link the static lease to the MAC address but to the value of the "client-id" option (DHCP protocol field), or even to some vendor-specific options as well. So you would have to set/add the same DHCP options to the /ip dhcp-client configuration attached to your Tik's WAN. To do that, you need to sniff into a file the DHCPDISCOVER request of the PC while it is connected to the Tik, then use Wireshark to analyse that packet, and then find out what is different in there as compared to the DHCPDISCOVER request sent by the Tik itself (also sniffed into a file and analysed using Wireshark). Then, you would remove the auto-generated client-id option from the options list of Mikrotik's client, and add a manually configured one cloning the one provided by the PC. And if these two client-id options didn't differ in contents, or if they did but using the clone of the PC's one was not sufficient, you'd have to configure also the vendor-specific option (if any).
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Fri Nov 08, 2019 7:50 am

I just got off the phone with Spectrum. They tested the line up to the modem, and of course, they're reading 476Mbps down/20 up. I connect the PC to the modem directly, same result.

But when I connect my RB2011 to the modem, I get about 120/10.

I suspect it's the router and/or its firmware (6.45.7). there's gotta be a fix or an open ticket to mikrotik about this....
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Fri Nov 08, 2019 8:07 am

I also want to add that I have a RB2011 with 6.44 firmware at work, and I just disabled queues and ran a speedtest on it. We have Spectrum Business 400mbps, but I'm only getting 130 down but 20 up.

And that what kills me. The upload speeds are what I'm supposed to be getting, but the download speeds are slow.

Is there any way for the Mikrotik people to look at this issue?
 
Cvan
Member Candidate
Member Candidate
Posts: 129
Joined: Sat Jun 09, 2018 3:32 am

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Fri Nov 08, 2019 8:34 am

I am going to add some more to this because of curiosity... I thought I would remote in and test Spectrum location again.

So I remote into one WIndows 10 Pro PC (192.133.1.4) ; I check the NIC and states 1Gbps; I run speedtest and I get 150Mbps...\

Then...

I remote into another different PC still with Windows 10 Pro.. (192.133.1.5); I check the NIC and states 1Gbps; I run speedtest and I get 450+Mbps!!...

And come to think of it; that is the exact same procedure I did the first time when I tested.. So maybe its just the PC your using.. try Linux or Mac or some other device for your testing and see what happens...
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Fri Nov 08, 2019 5:34 pm

Well, my computer at work runs Debian Buster, and that's the computer I remoted into last night to run that speedtest that got me 150/20. And that's with the queues off. So, I don't think it's based on the OS of the computer that would make me lose speed.

What I'm thinking is...that it's the RB2011 itself. I ran "tool /profile" on the CLI, and ran a speedtest from home last night, and I noticed the CPU usage jump to like 50-60% during the test. I'm coming to the realization that maybe the RB2011's hardware can't handle a 400Mbps connection.

On a side note: I had a spare RB2011 with 6.36 installed. I took it home yesterday and transferred my configuration to it without updating the firmware on it. Ran a speedtest through it and I was STILL getting 150/20. I'm going to wipe the spare RB2011 to bare config, bring it home and try again.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11439
Joined: Thu Mar 03, 2016 10:23 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Fri Nov 08, 2019 5:46 pm

Test results on product pages ... as far as my experience goes[*] (none at all regarding RB2011) results indicate that indeed speed around 200Mbps might be ceiling for this device.

[*]personally I find test result for "Routing 25 ip filter rules using 512 byte packets" the best representing real-life performance of devices I'm using.
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Fri Nov 08, 2019 7:01 pm

Test results on product pages ... as far as my experience goes[*] (none at all regarding RB2011) results indicate that indeed speed around 200Mbps might be ceiling for this device.

[*]personally I find test result for "Routing 25 ip filter rules using 512 byte packets" the best representing real-life performance of devices I'm using.
Do you think that the heX S would be a viable upgrade for a 400mbps connection?
 
mbovenka
Member
Member
Posts: 338
Joined: Mon Oct 14, 2019 10:14 am

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Fri Nov 08, 2019 7:10 pm

Do you think that the heX S would be a viable upgrade for a 400mbps connection?
I have no experience with the HEX S, but I have used its' brother from another mother, the Ubiquity EdgeRouter X-SFP, and it will fill a gigabit pipe (in one direction at a time). The HEX S should do 400M without breaking a sweat.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11439
Joined: Thu Mar 03, 2016 10:23 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Fri Nov 08, 2019 8:34 pm

Do you think that the heX S would be a viable upgrade for a 400mbps connection?

According to test results hEX S is some 60% faster than RB2011. So I wouldn't bet anything valuable to me on hEX S to be able to route 400Mbps. IMHO the lowest-priced RB able to do it without a sweat would be RBD52G (hAP ac²). And no, you don't have to use wireless interfaces, you can switch them off. The only problem with it is that it hasn't got SFP interface. Gadget with similar routing power (it's better actually) and having SFP interface (SFP+ actually) is RB4011 with 3-digit dollar/euro price tag.
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Fri Nov 08, 2019 9:06 pm

According to test results hEX S is some 60% faster than RB2011. So I wouldn't bet anything valuable to me on hEX S to be able to route 400Mbps. IMHO the lowest-priced RB able to do it without a sweat would be RBD52G (hAP ac²). And no, you don't have to use wireless interfaces, you can switch them off. The only problem with it is that it hasn't got SFP interface. Gadget with similar routing power (it's better actually) and having SFP interface (SFP+ actually) is RB4011 with 3-digit dollar/euro price tag.


I was looking at the hAP ac². It looks like a very viable option. I really don't need the SFP interface. I just got the RB2011 because the owner of my company got one for us and I thought it was a nice router at the time because it was very configurable.
 
Cvan
Member Candidate
Member Candidate
Posts: 129
Joined: Sat Jun 09, 2018 3:32 am

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Mon Nov 11, 2019 12:43 am

Image

Image
 
mducharme
Trainer
Trainer
Posts: 1777
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Mon Nov 11, 2019 4:25 am

personally I find test result for "Routing 25 ip filter rules using 512 byte packets" the best representing real-life performance of devices I'm using.
+1 on this - when spec'ing a device, always look for the "Routing, 25 ip filter rules, 512 bytes" spec. Your maximum download speed will be approximately that.
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Mon Nov 11, 2019 9:38 pm

Out of curiousity, anyone in here use a hAP ac2 on a connection at or better than 400mbps? I just wanted to see your thoughts about the device when plugging into a connection like that.

thanks
 
gedanjj9972
just joined
Topic Author
Posts: 14
Joined: Wed Nov 06, 2019 6:53 pm

Re: RB2011UiAS-2HnD-IN and Spectrum Cable Ultra (400Mbps)

Tue Nov 19, 2019 8:25 am

***UPDATE***

Just wanted to give an update on my issue. I bought and received my hAP AC2 today. Installed it tonight and transferred the settings I had in my RB2011UiAS into the hAP. Ran a speedtest and instantly got 400mbps down/20 up. The hAP gets warm, but not blazing hot. CPU usage is low and handles Spectrum Ultra with ease.

Problem solved. Thanks everyone for your input!

Who is online

Users browsing this forum: No registered users and 73 guests