Yes, and adding the "Radio Name" field is something that should, IMO, be relatively easy for them to do.APIs are good but tbh SNMP is far easier to work with in NMS tools. I've found a handful of OIDs I'd really like to see supported. Particularly IPv6 traffic tracking and connection counts. Saying it's solved with scripting to custom OIDs is a total hack over supporting standardized mibs.
Re: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Re: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
There is probably a list of things that are relatively easy to do that is so long that it requires considerable effort to sort it all out...that should, IMO, be relatively easy for them to do.
Re: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
By the way, I now can see two block diagrams for routers, one for non-switched config and other is for switched. So as 6.41 is out both still be there but "switched" become "attached to the same bridge", right?
Also, on this diagram:
am I right to say that if I set 2-4 ports to be switched, and port 1 as non-switched, then port 1 will be 1 Gbps, and four remaining will share another 1 Gpbs in routing scenario?
Also, on this diagram:
am I right to say that if I set 2-4 ports to be switched, and port 1 as non-switched, then port 1 will be 1 Gbps, and four remaining will share another 1 Gpbs in routing scenario?
Re: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Running 6.40rc38 (won't be upgrading until 6.41rc is released) I don't get hardware offload on any ports. That's ok for me because I have the hex doing intervlan routing which is done in CPU anyways per MikroTik support. I have a separate layer 2 switch that is capable of faster speeds between the hex and my various devices for intravlan traffic.By the way, I now can see two block diagrams for routers, one for non-switched config and other is for switched. So as 6.41 is out both still be there but "switched" become "attached to the same bridge", right?
Also, on this diagram:
am I right to say that if I set 2-4 ports to be switched, and port 1 as non-switched, then port 1 will be 1 Gbps, and four remaining will share another 1 Gpbs in routing scenario?
Re: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
As in v6.39.2 still not changing dynamic ipsec src. address in policies and peers, when setting it in ipip tunnel interface in local address setting. And if I delete dynamic entries in ipsec policies or peers, the will not appear anymore until reboot, or set another dst address.
Re: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
@HeadCraft be more specific, what you described works:
Code: Select all
[admin@rack1_b3] /interface ipip> /ip ipsec policy print
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default template=yes priority=0x10000
1 D ;;; ipip-tunnel4
src-address=1.1.1.1/32 src-port=any dst-address=1.1.1.2/32 dst-port=any protocol=ipencap action=encrypt
level=require ipsec-protocols=esp tunnel=no proposal=default priority=0x20000 ph2-count=0
[admin@rack1_b3] /interface ipip> print
Flags: X - disabled, R - running, D - dynamic
# NAME MTU ACTUAL-MTU LOCAL-ADDRESS REMOTE-ADDRESS KEEPALIVE DSCP
0 ipip-tu... auto 1480 1.1.1.1 1.1.1.2 10s,10 inherit
[admin@rack1_b3] /interface ipip> set 0 local-address=2.2.2.2
[admin@rack1_b3] /interface ipip> /ip ipsec policy print
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default template=yes priority=0x10000
1 D ;;; ipip-tunnel4
src-address=2.2.2.2/32 src-port=any dst-address=1.1.1.2/32 dst-port=any protocol=ipencap action=encrypt
level=require ipsec-protocols=esp tunnel=no proposal=default priority=0x20000 ph2-count=0
Re: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Sorry, I just found why it is not working correct (may be I doing it incorrect). The reason is that I use mikrotik DDNS as destination address in tunnel. So situation is:@HeadCraft be more specific, what you described works:
Code: Select all[admin@rack1_b3] /interface ipip> /ip ipsec policy print Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default 0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default template=yes priority=0x10000 1 D ;;; ipip-tunnel4 src-address=1.1.1.1/32 src-port=any dst-address=1.1.1.2/32 dst-port=any protocol=ipencap action=encrypt level=require ipsec-protocols=esp tunnel=no proposal=default priority=0x20000 ph2-count=0 [admin@rack1_b3] /interface ipip> print Flags: X - disabled, R - running, D - dynamic # NAME MTU ACTUAL-MTU LOCAL-ADDRESS REMOTE-ADDRESS KEEPALIVE DSCP 0 ipip-tu... auto 1480 1.1.1.1 1.1.1.2 10s,10 inherit [admin@rack1_b3] /interface ipip> set 0 local-address=2.2.2.2 [admin@rack1_b3] /interface ipip> /ip ipsec policy print Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default 0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default template=yes priority=0x10000 1 D ;;; ipip-tunnel4 src-address=2.2.2.2/32 src-port=any dst-address=1.1.1.2/32 dst-port=any protocol=ipencap action=encrypt level=require ipsec-protocols=esp tunnel=no proposal=default priority=0x20000 ph2-count=0
Code: Select all
[admin@MikroTik] > /interface ipip
add allow-fast-path=no ipsec-secret=123 !keepalive local-address=1.1.1.1 name=\
ipip-tunnel1 remote-address=google-public-dns-a.google.com
Code: Select all
[admin@MikroTik] > ip ipsec policy print
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default
template=yes
Code: Select all
[admin@MikroTik] > ip ipsec policy print
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default
template=yes
1 D ;;; ipip-tunnel1
src-address=1.1.1.1/32 src-port=any dst-address=8.8.8.8/32 dst-port=any
protocol=ipencap action=encrypt level=require ipsec-protocols=esp tunnel=no
proposal=default priority=0 ph2-count=0
Now we will change settings in tunnel interface:
Code: Select all
[admin@MikroTik] > /interface ipip set [find name=ipip-tunnel1] local-address=3.3.3.3
Code: Select all
[admin@MikroTik] > ip ipsec policy print
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default
template=yes
1 D ;;; ipip-tunnel1
src-address=1.1.1.1/32 src-port=any dst-address=8.8.8.8/32 dst-port=any
protocol=ipencap action=encrypt level=require ipsec-protocols=esp tunnel=no
proposal=default priority=0 ph2-count=0
Code: Select all
[admin@MikroTik] > ip ipsec peer print
Flags: X - disabled, D - dynamic, R - responder
0 D ;;; ipip-tunnel1
address=8.8.8.8/32 local-address=1.1.1.1 auth-method=pre-shared-key secret="123"
generate-policy=no policy-template-group=default exchange-mode=main
send-initial-contact=yes nat-traversal=yes proposal-check=obey hash-algorithm=sha1
enc-algorithm=aes-128,3des dh-group=modp1024 lifetime=1d dpd-interval=2m
dpd-maximum-failures=5
Re: v6.40rc [release candidate] is released! (New bridge implementation delayed till 6.41rc)
Version 6.41rc has been released:
viewtopic.php?f=21&t=123936
viewtopic.php?f=21&t=123936