It seems that it was corrected by rc41 as in Changelog of RouterOS 6.40rc41.I had the same problem yesterday. RB2011UASUnable to export configuration to a file
Is anyone else having this issue? I can run /export from the CLI, but if I do:
/export file=x (or /export file="x")
No files get created.
I thought I was too stupid to find the file.
ISSUE since rc38
Webfig:
No File download possible
ftp download is OK
*) pppoe-server - fixed situation when some of 100+ pppoe-servers can become invalid on reboot;
I'll keep on 6.40rc38 until 6.41rc hits the downloads then. Can't say i'm interested in reverting my new VLAN aware bridges back to the old way and then back again into VLAN aware bridges. Good progress. Don't fall asleep at the wheel. I hope you guys got some good initial testing on MSTP / VLAN ware bridging.v6.40 is scheduled for release, so we reverted hw-offload as well as igmp-snooping, because it requires more testing and bugfixes.
Most likely it will be back in v6.41rc
Important: This means all the new bridge/switch/igmp-snooping functionality is removed and will return in 6.41rc. The reason is that we found that these new features need more testing, and v6.40 was too close to release, so it would delay the release for some time. Those of you who used the RC, there is no painless way to upgrade or downgrade.!) bridge hw-offload implementation reverted back to pre-6.40rc36 state (testing will continue in v6.41rc);
!) wireless - added Nv2 AP synchronization feature "nv2-modes" and "nv2-sync-secret" option;
*) bonding - fixed 802.3ad mode on RB1100AHx4;
*) export - fixed export to a file (introduced in v6.40rc39);
*) hotspot - added "address-list" support in "walled-garden" IP section;
*) hotspot - fixed firewall accept rules created by "/ip hotspot walled garden ip" (introduced in v6.40rc18);
*) ike1 - create tunnel policy when no split net provided;
*) ike1 - wait for cfg set reply before ph2 creation with xAuth;
*) ipsec - allow to specify chain in "firewall" peer option;
*) ppp - fixed non-standard PAP or CHAP packet handling;
*) pppoe-server - fixed situation when some of 100+ pppoe-servers can become invalid on reboot;
*) routerboard - added "caps-mode" option for "reset-configuration";
*) sfp - fixed invalid temperature reporting when ambient temperature is less than 0;
*) winbox - make IPSec policies table an order list;
*) winbox - show "/interface wireless cap print" warnings;
Can I make partition(s) on my mAP Lite? It has only 32MB disk space.I really think Mikrotik should discuss using partitions in addition to backups.
You are right, but try to use partitioning on a hEX (or any other "zero flash") devices!This was very easy to roll back with a partition. Just make the partition..
Are you sure about that? mAP lite should have 64MB RAM and 16MB flash ... and no you cant use partitions ...Can I make partition(s) on my mAP Lite? It has only 32MB disk space.I really think Mikrotik should discuss using partitions in addition to backups.
+1This was very easy to roll back with a partition. Just make the partition active that was right before the upgrade. Took seconds.. As I mentioned, everyone doing RCs should use partitions. I copy my current RC and config over to a partition before I try out a new RC. Any issue, I just move back..
I had to with 38, upgraded to 41. On the 2011 it was still causing the display to flash. So 41 did not fix something from 38. So I "made active" my original partition and the issue was gone.
I really think Mikrotik should discuss using partitions in addition to backups.
Normis, what is the time-line for 6.40 GA and 6.41rc?Important: This means all the new bridge/switch/igmp-snooping functionality is removed and will return in 6.41rc. The reason is that we found that these new features need more testing, and v6.40 was too close to release, so it would delay the release for some time. Those of you who used the RC, there is no painless way to upgrade or downgrade.
It can boot off the secondary partition when booting off the first partition fails. Although it is not clearly defined what failing to boot really means.This is a wonderful idea. I didn't even know this was possible till you mentioned so as well some means to boot once off a secondary partition?
In the V6.40rc41 version, I can not find this option. Please tell me the details of the setup steps and methods, thanks. Please forgive me, my English is very badYes, the below methods.Currently RouterOS6.40rc does support any of EAP authentication methods?
The EAP section is on Wireless > Security Profiles > Profile entries (via winbox).In the V6.40rc41 version, I can not find this option. Please tell me the details of the setup steps and methods, thanks. Please forgive me, my English is very bad
+1I'm with you guys. I'm not sure what class embedded designers are taught to use tiniest flash chip available on the market but I'd like to alter that curriculum. That said, I do get that in the hardware world, cents does multiply out to dollars when the sale quantity gets high enough. It seems like an area were you could cheaply separate yourself from other router brands even with a 128mb or 256mb flash chip.
For poops and giggles, a quick google search shows:
0.61 USD = 32MB flash chip
3.43 USD = 256MB flash chip
9.52 USD = 1GB flash chip
These numbers are very quick and dirty. Naturally the product would have to be vetted to make sure it fits the design and volume purchase discounts could soften the cost. I was just hoping to put a cost per unit for the upgrade into print in hopes of giving us all a little perspective on what kind of price impact we'd see if MikroTik moved to larger chips and passed that cost onto consumers. A device like the hap AC already in that +100 USD cost may handle an additional ~9 USD different easier than say a cap lite. I personally would be very happy with a 256MB (even 128MB) upgrade at a ~3 USD impact per device across the product line. The cost increase for storage capacity would be a justifiable reason that would increase my likelyhood to purchase MikroTik. That is just me, I can't speak for all forum members in all markets.
This does seem strange in today's world.... but then again, as Idlemind points out - $2 for every unit sold can translate to hundreds of thousands or millions of dollars less in profits for a particular unit if it's popular...You are right, but try to use partitioning on a hEX (or any other "zero flash") devices!
There is no common sense in putting 16mb flash on new devices.. IMHO .. the real reason is obviously NOT save 2 bucks
I see yours point, but .... less in profits ..
Thanks null31, i try to try mikrotik route to build an iKEV2 VPN server, i have no radius, my client is windows7, i read wik i but still can not succeed. Would you like to help me?The EAP section is on Wireless > Security Profiles > Profile entries (via winbox).In the V6.40rc41 version, I can not find this option. Please tell me the details of the setup steps and methods, thanks. Please forgive me, my English is very bad
I forgot to ask.
Do you want the Mikrotik as EAP Client or as EAP Access Point?
The print that I showed is about EAP Client.
Now about EAP AP:
Page 16.
> https://mum.mikrotik.com//presentations ... 009077.pdf (Spanish language)
I'm with you guys. I'm not sure what class embedded designers are taught to use tiniest flash chip available on the market but I'd like to alter that curriculum. That said, I do get that in the hardware world, cents does multiply out to dollars when the sale quantity gets high enough. It seems like an area were you could cheaply separate yourself from other router brands even with a 128mb or 256mb flash chip.
For poops and giggles, a quick google search shows:
0.61 USD = 32MB flash chip
3.43 USD = 256MB flash chip
9.52 USD = 1GB flash chip
These numbers are very quick and dirty. Naturally the product would have to be vetted to make sure it fits the design and volume purchase discounts could soften the cost. I was just hoping to put a cost per unit for the upgrade into print in hopes of giving us all a little perspective on what kind of price impact we'd see if MikroTik moved to larger chips and passed that cost onto consumers. A device like the hap AC already in that +100 USD cost may handle an additional ~9 USD different easier than say a cap lite. I personally would be very happy with a 256MB (even 128MB) upgrade at a ~3 USD impact per device across the product line. The cost increase for storage capacity would be a justifiable reason that would increase my likelyhood to purchase MikroTik. That is just me, I can't speak for all forum members in all markets.
I don't think he did get it wrong, 8gbit (1gbyte) FLASH on digikey can cost as little as between $6.16 (each in 1000 of quantity) and $9.45 (each in 1 of quantity).You got this wrong ... flash chips are declared in Megabits ... so the prices you found are for 4MB, 32MB and 128MB respectively ...
Better use API call, will be faster way I suppose, likeAny chance you could add 'Radio Name' in the SNMP wireless registrations table? It is great having graphs of wireless clients but I do not know which is which without the name. Thanks.
/interface/wireless/registration-table
This is not realistic.Better use API call, will be faster way I suppose, likeAny chance you could add 'Radio Name' in the SNMP wireless registrations table? It is great having graphs of wireless clients but I do not know which is which without the name. Thanks.and play with.Code: Select all/interface/wireless/registration-table
I do understand your pain but Mikrotik is quite slow with SNMP so far. Keep asking, maybe one day?..This is not realistic.
Oh, I see you're wise person already, will not teach you this way I can't say how many routers you need to monitor from you initial question. Yes, let's wait for MT to help with this.scalable or manageable. Hence not realistic for production environment.
+1 support for thisAny chance you could add 'Radio Name' in the SNMP wireless registrations table? It is great having graphs of wireless clients but I do not know which is which without the name. Thanks.
That feature is actually available! But it is a bit hard to find and understand.They should add scripting into SNMP server, so you can set OID and which script to execute to reply the query This is where MT win all the time - scripting!
+1+1 support for thisAny chance you could add 'Radio Name' in the SNMP wireless registrations table? It is great having graphs of wireless clients but I do not know which is which without the name. Thanks.
Yes, and adding the "Radio Name" field is something that should, IMO, be relatively easy for them to do.APIs are good but tbh SNMP is far easier to work with in NMS tools. I've found a handful of OIDs I'd really like to see supported. Particularly IPv6 traffic tracking and connection counts. Saying it's solved with scripting to custom OIDs is a total hack over supporting standardized mibs.
There is probably a list of things that are relatively easy to do that is so long that it requires considerable effort to sort it all out...that should, IMO, be relatively easy for them to do.
Running 6.40rc38 (won't be upgrading until 6.41rc is released) I don't get hardware offload on any ports. That's ok for me because I have the hex doing intervlan routing which is done in CPU anyways per MikroTik support. I have a separate layer 2 switch that is capable of faster speeds between the hex and my various devices for intravlan traffic.By the way, I now can see two block diagrams for routers, one for non-switched config and other is for switched. So as 6.41 is out both still be there but "switched" become "attached to the same bridge", right?
Also, on this diagram:
am I right to say that if I set 2-4 ports to be switched, and port 1 as non-switched, then port 1 will be 1 Gbps, and four remaining will share another 1 Gpbs in routing scenario?
[admin@rack1_b3] /interface ipip> /ip ipsec policy print
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default template=yes priority=0x10000
1 D ;;; ipip-tunnel4
src-address=1.1.1.1/32 src-port=any dst-address=1.1.1.2/32 dst-port=any protocol=ipencap action=encrypt
level=require ipsec-protocols=esp tunnel=no proposal=default priority=0x20000 ph2-count=0
[admin@rack1_b3] /interface ipip> print
Flags: X - disabled, R - running, D - dynamic
# NAME MTU ACTUAL-MTU LOCAL-ADDRESS REMOTE-ADDRESS KEEPALIVE DSCP
0 ipip-tu... auto 1480 1.1.1.1 1.1.1.2 10s,10 inherit
[admin@rack1_b3] /interface ipip> set 0 local-address=2.2.2.2
[admin@rack1_b3] /interface ipip> /ip ipsec policy print
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default template=yes priority=0x10000
1 D ;;; ipip-tunnel4
src-address=2.2.2.2/32 src-port=any dst-address=1.1.1.2/32 dst-port=any protocol=ipencap action=encrypt
level=require ipsec-protocols=esp tunnel=no proposal=default priority=0x20000 ph2-count=0
Sorry, I just found why it is not working correct (may be I doing it incorrect). The reason is that I use mikrotik DDNS as destination address in tunnel. So situation is:@HeadCraft be more specific, what you described works:
Code: Select all[admin@rack1_b3] /interface ipip> /ip ipsec policy print Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default 0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default template=yes priority=0x10000 1 D ;;; ipip-tunnel4 src-address=1.1.1.1/32 src-port=any dst-address=1.1.1.2/32 dst-port=any protocol=ipencap action=encrypt level=require ipsec-protocols=esp tunnel=no proposal=default priority=0x20000 ph2-count=0 [admin@rack1_b3] /interface ipip> print Flags: X - disabled, R - running, D - dynamic # NAME MTU ACTUAL-MTU LOCAL-ADDRESS REMOTE-ADDRESS KEEPALIVE DSCP 0 ipip-tu... auto 1480 1.1.1.1 1.1.1.2 10s,10 inherit [admin@rack1_b3] /interface ipip> set 0 local-address=2.2.2.2 [admin@rack1_b3] /interface ipip> /ip ipsec policy print Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default 0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default template=yes priority=0x10000 1 D ;;; ipip-tunnel4 src-address=2.2.2.2/32 src-port=any dst-address=1.1.1.2/32 dst-port=any protocol=ipencap action=encrypt level=require ipsec-protocols=esp tunnel=no proposal=default priority=0x20000 ph2-count=0
[admin@MikroTik] > /interface ipip
add allow-fast-path=no ipsec-secret=123 !keepalive local-address=1.1.1.1 name=\
ipip-tunnel1 remote-address=google-public-dns-a.google.com
[admin@MikroTik] > ip ipsec policy print
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default
template=yes
[admin@MikroTik] > ip ipsec policy print
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default
template=yes
1 D ;;; ipip-tunnel1
src-address=1.1.1.1/32 src-port=any dst-address=8.8.8.8/32 dst-port=any
protocol=ipencap action=encrypt level=require ipsec-protocols=esp tunnel=no
proposal=default priority=0 ph2-count=0
[admin@MikroTik] > /interface ipip set [find name=ipip-tunnel1] local-address=3.3.3.3
[admin@MikroTik] > ip ipsec policy print
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
0 T * group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default
template=yes
1 D ;;; ipip-tunnel1
src-address=1.1.1.1/32 src-port=any dst-address=8.8.8.8/32 dst-port=any
protocol=ipencap action=encrypt level=require ipsec-protocols=esp tunnel=no
proposal=default priority=0 ph2-count=0
[admin@MikroTik] > ip ipsec peer print
Flags: X - disabled, D - dynamic, R - responder
0 D ;;; ipip-tunnel1
address=8.8.8.8/32 local-address=1.1.1.1 auth-method=pre-shared-key secret="123"
generate-policy=no policy-template-group=default exchange-mode=main
send-initial-contact=yes nat-traversal=yes proposal-check=obey hash-algorithm=sha1
enc-algorithm=aes-128,3des dh-group=modp1024 lifetime=1d dpd-interval=2m
dpd-maximum-failures=5