I have a strange issue, and it started a few days ago. I have CCR1016-12G. I have Hotspot on few ports and some other ports. My Internet is on ether1 and It was running fine. But now, none of my devices can get speed beyond 7mbps. I have changed the ISP and it is still giving the same results. on the hotspot ports it is suppose to limit but i.e. according to the profiles; but it is treating every IP/device the same way meaning no speed more than 8mbps.
I have checked via iperf by sending and receiving data on a VM and it gives 946 mbps which is what is accepted.
I have connected my PC to my ISP and it gives 450+ speed.
Strange thing, i used bandwidth test from CCR to my another mikrotik (hex, which I introduced between ISP and lan router) and this also gives the same result i.e. 8 or less mbps.
I disconnected the LAN CCR and connected my laptop to the hex, and it gives 450+ mbps internet speed.
I just dont understand what is the matter with this device. I am also attaching my config. Please do check and help me. I am in dire need.
P.S. I have removed names and passwords etc and because of privacy reasons. I hope people understand that.
Code: Select all
# sep/28/2022 12:48:20 by RouterOS 7.5
# software id = I66E-W9EM
#
# model = CCR1016-12G
/interface bridge
add name="VMs Bridge"
add name=bridge1
/interface ethernet
set [ find default-name=ether1 ] comment=Ether1 loop-protect=on name=\
"WAN ISP"
set [ find default-name=ether2 ] comment=Ether2 loop-protect=on name=\
"WAN2 Backup GPON1"
set [ find default-name=ether3 ] loop-protect=on name="ether3 "
set [ find default-name=ether4 ] loop-protect=on
set [ find default-name=ether8 ] comment="Link"
set [ find default-name=ether9 ] comment="VMs Bridge"
set [ find default-name=ether10 ] comment="VMs Bridge"
set [ find default-name=ether11 ] comment="VM Bridge"
/interface l2tp-client
add connect-to=XXXXX disabled=no name="Cloud Router" use-ipsec=yes \
user=voguelan
add connect-to=XXXXX8.81 name=HP user=abcd
/interface list
add exclude=dynamic name=discover
add name="check backup"
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-server option
add code=43 name=unifi value=0x0104C0A84405
/ip hotspot profile
add hotspot-address=10.5.50.1 name=hsprof2
/ip hotspot user profile
set [ find default=yes ] address-list="Normal Users" incoming-packet-mark=\
NormalUsers mac-cookie-timeout=4w2d name=Team_DK outgoing-packet-mark=\
NormalUsers rate-limit=9072k/9072k shared-users=5
add !idle-timeout !keepalive-timeout mac-cookie-timeout=1d name="Trial User" \
rate-limit=6072k/6072k session-timeout=2h shared-users=unlimited
add address-list="Normal Users" idle-timeout=12h incoming-packet-mark=\
NormalUsers !keepalive-timeout mac-cookie-timeout=4w2d name=Residents \
outgoing-packet-mark=NormalUsers rate-limit=7572k/7572k shared-users=2
add address-list="Normal Users" idle-timeout=2h incoming-packet-mark=\
NormalUsers !keepalive-timeout mac-cookie-timeout=1d name=Nomad \
outgoing-packet-mark=NormalUsers rate-limit=7572k/7572k shared-users=20
add idle-timeout=9h incoming-packet-mark=NormalUsers !keepalive-timeout \
mac-cookie-timeout=3w1d name=housekeeping outgoing-packet-mark=\
NormalUsers rate-limit=5072k/5072k session-timeout=14h
add address-list="Normal Users" idle-timeout=12h incoming-packet-mark=\
NormalUsers !keepalive-timeout mac-cookie-timeout=4w2d name=Premium \
outgoing-packet-mark=NormalUsers rate-limit=10072k/10072k shared-users=3
add address-list="Normal Users" !idle-timeout incoming-packet-mark=\
NormalUsers !keepalive-timeout mac-cookie-timeout=4w2d name=Devices \
outgoing-packet-mark=NormalUsers rate-limit=5072k/5072k shared-users=10
add address-list="Normal Users" idle-timeout=2h incoming-packet-mark=\
NormalUsers !keepalive-timeout mac-cookie-timeout=1d name=Event_Customers \
outgoing-packet-mark=NormalUsers rate-limit=7572k/7572k shared-users=40
add address-list="Normal Users" !idle-timeout incoming-packet-mark=\
NormalUsers !keepalive-timeout mac-cookie-timeout=5w5d name=Ultra \
outgoing-packet-mark=NormalUsers rate-limit=21072k/21072k \
session-timeout=2h shared-users=3
add idle-timeout=12h incoming-packet-mark=NormalUsers !keepalive-timeout \
mac-cookie-timeout=4w2d name=Inov8 outgoing-packet-mark=NormalUsers \
rate-limit=7572k/7572k shared-users=2
add address-list="For Static GPON 1" idle-timeout=12h incoming-packet-mark=\
NormalUsers !keepalive-timeout mac-cookie-timeout=4w2d name=GPON1_Static \
outgoing-packet-mark=NormalUsers rate-limit=7572k/7572k shared-users=2
add address-list="For Static GPON 2" idle-timeout=12h incoming-packet-mark=\
NormalUsers !keepalive-timeout mac-cookie-timeout=4w2d name=GPON2_Static \
outgoing-packet-mark=NormalUsers rate-limit=7572k/7572k shared-users=2
add address-list="Normal Users" idle-timeout=3h incoming-packet-mark=\
NormalUsers !keepalive-timeout mac-cookie-timeout=5w5d name=safi-testing \
outgoing-packet-mark=NormalUsers shared-users=unlimited
add address-list="Normal Users" idle-timeout=12h incoming-packet-mark=\
NormalUsers !keepalive-timeout mac-cookie-timeout=4w2d name="Ultra 24/7" \
outgoing-packet-mark=NormalUsers rate-limit=21072k/21072k shared-users=3
add address-list="Normal Users" idle-timeout=12h incoming-packet-mark=\
NormalUsers keepalive-timeout=none mac-cookie-timeout=4w2d name=\
Residents+ outgoing-packet-mark=NormalUsers rate-limit=15572k/10072k \
shared-users=2
add address-list="Normal Users" idle-timeout=12h incoming-packet-mark=\
NormalUsers keepalive-timeout=none mac-cookie-timeout=4w2d name=\
"Premium low" outgoing-packet-mark=NormalUsers rate-limit=7572k/7572k \
shared-users=3
add address-list="For Static GPON 3" idle-timeout=12h incoming-packet-mark=\
NormalUsers keepalive-timeout=none mac-cookie-timeout=4w2d name=\
GPON3_Static outgoing-packet-mark=NormalUsers rate-limit=7572k/7572k \
shared-users=2
add idle-timeout=12h incoming-packet-mark=NormalUsers keepalive-timeout=none \
mac-cookie-timeout=4w2d name="Device logins" outgoing-packet-mark=\
NormalUsers rate-limit=7572k/7572k shared-users=20
add address-list="Normal Users" idle-timeout=12h incoming-packet-mark=\
NormalUsers keepalive-timeout=none mac-cookie-timeout=4w2d name=\
"Careem login" outgoing-packet-mark=NormalUsers rate-limit=7572k/75572k \
shared-users=55
add address-list="Normal Users" idle-timeout=12h incoming-packet-mark=\
NormalUsers !keepalive-timeout mac-cookie-timeout=4w2d name=\
"Ultra max (only for dk staff)" outgoing-packet-mark=NormalUsers \
rate-limit=51072k/51072k shared-users=4
/ip hotspot profile
add dns-name=wifi.daftarkhwan.com hotspot-address=192.168.50.1 login-by=\
cookie,http-chap,http-pap,trial,mac-cookie name=hsprof3 \
trial-user-profile="Trial User"
/ip pool
add name=hs-pool-9 ranges=10.5.50.2-10.5.50.254
add name=dhcp_pool7 ranges=172.16.0.2-172.16.3.254
add name=dhcp_pool10 ranges=192.168.68.50-192.168.68.254
add name=Spillover6 ranges=173.16.0.10-173.16.3.240
/ip dhcp-server
add address-pool=dhcp_pool10 interface="VMs Bridge" name=dhcp2
/ip pool
add name="Spillover pool5" next-pool=Spillover6 ranges=\
192.168.57.10-192.168.57.250
add name=spillover_pool4 next-pool="Spillover pool5" ranges=\
192.168.56.10-192.168.56.200
add name=spillover_pool3 next-pool=spillover_pool4 ranges=\
192.168.55.10-192.168.55.225
add name=spillover_pool2 next-pool=spillover_pool3 ranges=\
192.168.51.101-192.168.51.230
add name=spillover_pool1 next-pool=spillover_pool2 ranges=\
192.168.51.10-192.168.51.100
add name=dhcp_pool9 next-pool=spillover_pool1 ranges=\
192.168.50.10-192.168.50.254
/ip dhcp-server
add address-pool=dhcp_pool9 interface=bridge1 lease-time=1h10m name=dhcp1
/ip hotspot
add address-pool=dhcp_pool9 addresses-per-mac=1 disabled=no idle-timeout=none \
interface=bridge1 name=hotspot1 profile=hsprof3
/port
set 0 name=serial0
set 1 name=serial1
/queue simple
add max-limit=8M/8M name="G Mi" target=\
192.168.50.231/32,192.168.50.230/32,192.168.50.229/32
add max-limit=25M/25M name="Velo Temp" target=192.168.50.111/32
add max-limit=12M/12M name="TaarServer" target=\
192.168.55.12/32,192.168.55.13/32,192.168.55.14/32,192.168.55.15/32
add max-limit=10M/10M name="Alchemative Server" target=192.168.55.5/32
add max-limit=15M/15M name="TCL" target=192.168.55.238/32
add max-limit=15M/15M name=PS4 target=192.168.55.228/32,192.168.50.42/32
add disabled=yes max-limit=40M/40M name="Saji" target=192.168.50.81/32
add comment=Devices max-limit=30M/45M name="DVR" target="192.168.50.\
246/32,192.168.51.49/32,192.168.55.248/32,192.168.55.247/32,192.168.50.214\
/32,192.168.50.97/32,192.168.55.112/32,192.168.50.213/32,192.168.51.135/32\
"
add max-limit=20M/20M name="TCL Lounge" target="192.168.50.238/32,192.168.50.2\
37/32,192.168.50.236/32,192.168.50.235/32,192.168.51.229/32,192.168.55.91/\
32,192.168.56.114/32"
add max-limit=10M/10M name="A" target="192.168.50.235/32,192.168.50.239/3\
2,192.168.50.240/32,192.168.50.241/32,192.168.50.242/32,192.168.55.242/32,\
192.168.55.241/32,192.168.50.144/32,192.168.55.19/32"
add max-limit=30M/30M name="Faisal PC" target=\
192.168.51.80/32,192.168.51.103/32,192.168.56.43/32
add max-limit=50M/95M name="A PC" target=\
192.168.50.245/32,192.168.50.244/32,192.168.50.243/32,192.168.55.67/32
add max-limit=10M/10M name="LED" target=\
192.168.51.171/32,192.168.55.160/32,192.168.51.21/32,192.168.55.32/32,,
add comment="Access Points" disabled=yes max-limit=200M/200M name=\
"ALL Access Points" target="192.168.50.248/32,192.168.50.249/32,192.168.50\
.251/32,192.168.50.252/32,192.168.50.253/32,192.168.50.254/32"
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0 name=notpublic
add addresses=0.0.0.0/0 name=librenms security=private
/system logging action
set 1 disk-file-count=4 disk-lines-per-file=10000
add email-start-tls=yes email-to=XXXXXX name=email target=email
add name=graylogDNS remote=172.16.0.2 remote-port=5571 target=remote
add name=graylogINFO remote=172.16.0.2 remote-port=5572 target=remote
add name=graylogcritical remote=172.16.0.2 remote-port=5573 target=remote
add name=graylogsystem remote=172.16.0.2 remote-port=5574 target=remote
add name=graylogwarning remote=172.16.0.2 remote-port=5575 target=remote
/interface ovpn-client
add certificate=*1 cipher=aes256 connect-to=XXXXXX disabled=yes \
mac-address=02:2D:7C:72:CE:D8 name=ovpn-out1 use-peer-dns=no user=\
voguelan-ovpn verify-server-certificate=yes
/interface bridge port
add bridge=bridge1 ingress-filtering=no interface="ether3 "
add bridge=bridge1 ingress-filtering=no interface=ether4
add bridge=bridge1 ingress-filtering=no interface=ether5
add bridge="VMs Bridge" interface=ether10
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether7
add bridge="VMs Bridge" interface=ether9
add bridge="VMs Bridge" interface=ether11
/ip neighbor discovery-settings
set discover-interface-list=none
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface detect-internet
set detect-interface-list="check backup"
/interface list member
add interface="WAN2 Backup GPON1" list="check backup"
/interface ovpn-server server
set auth=sha1,md5
/ip address
add address=192.168.50.1/24 interface=bridge1 network=192.168.50.0
add address=192.168.202.2/24 interface="WAN2 Backup GPON1" network=\
192.168.202.0
add address=192.168.51.1/24 interface=bridge1 network=192.168.51.0
add address=172.16.0.1/22 interface=ether12 network=172.16.0.0
add address=192.168.55.1/24 interface=bridge1 network=192.168.55.0
add address=192.168.185.252/24 interface="WAN ISP" network=192.168.185.0
add address=192.168.56.1/24 interface=bridge1 network=192.168.56.0
add address=192.168.68.1/24 interface="VMs Bridge" network=192.168.68.0
add address=10.2.2.1/24 interface=ether8 network=10.2.2.0
add address=192.168.57.1/24 interface=bridge1 network=192.168.57.0
add address=173.16.0.1/22 interface=bridge1 network=173.16.0.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add add-default-route=no disabled=yes interface="WAN ISP" use-peer-dns=\
no
add disabled=yes interface="WAN2 Backup GPON1"
add add-default-route=no disabled=yes interface="WAN ISP" use-peer-dns=\
no
add disabled=yes interface="WAN2 Backup GPON1"
/ip dhcp-server alert
add disabled=no interface=bridge1 on-alert="#if rougue is detected\r\
\n#send email\r\
\n/tool e-mail send subject=(\"Rogue DHCP Server is detected at vogue\") \
\\\r\
\nbody=(\"this is the mac adddress\" . [/ip dhcp-server alert get [find in\
terface=bridge1] unknown-server]) \\ to=(\"XXXXXXX\") tls=yes\
\r\
\n" valid-server="2C:C8:1B:B2:F0:24,2C:C8:1B:B2:F0:25,2C:C8:1B:B2:F0:26,2C\
:C8:1B:B2:F0:27,2C:C8:1B:B2:F0:28"
/ip dhcp-server lease
add address=192.168.68.5 comment="Unifi Controller" mac-address=\
00:0C:29:41:4B:13 server=dhcp2
add address=192.168.68.4 client-id=\
ff:bc:9a:4a:2d:0:2:0:0:ab:11:5d:81:54:e8:e7:ff:56:43 comment=NMS \
mac-address=00:0C:29:F6:D5:34 server=dhcp2
add address=192.168.68.9 client-id=1:0:23:24:ab:a8:51 comment=VMware \
mac-address=00:23:24:AB:A8:51 server=dhcp2
add address=192.168.68.6 client-id=1:00:0C:29:99:04:3B comment=\
"Windows Anviz Host" mac-address=00:0C:29:99:04:3B server=dhcp2
add address=192.168.68.254 client-id=1:ec:f4:bb:be:f1:50 comment=VMware \
mac-address=EC:F4:BB:BE:F1:50 server=dhcp2
add address=192.168.68.253 client-id=1:0:c:29:70:13:3f mac-address=\
00:0C:29:70:13:3F server=dhcp2
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.68.5 name=XXXXXX
/ip firewall filter
add action=fasttrack-connection chain=forward disabled=yes hw-offload=yes \
src-address=192.168.68.240
add action=fasttrack-connection chain=forward disabled=yes dst-address=\
192.168.68.240 hw-offload=yes
add action=drop chain=forward comment=\
"For Blocking port 80, 22, and 443 for servers" disabled=yes \
dst-address-list="to Block for Servers" dst-port=80,443,22,21 protocol=\
tcp src-address-list="!Rogue Pro"
add action=drop chain="server blocking" disabled=yes dst-address-list=\
"to Block for Servers" dst-port=80,443,21,22 protocol=tcp
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=accept chain=input comment=OpenVPN dst-port=1194 protocol=tcp
add action=accept chain=input dst-port=500,1701,4500 protocol=udp
add action=accept chain=input dst-port=1723 protocol=tcp
add action=accept chain=input protocol=gre
add action=accept chain=input dst-port=123 protocol=udp
add action=accept chain=input dst-port=443,587 protocol=tcp
add action=accept chain=input dst-port=1812,1813 protocol=udp
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
connection-state=established,related
add action=drop chain=input comment="defconf: drop all from WAN" \
in-interface="WAN ISP"
add action=drop chain=input comment="defconf: drop all from WAN" \
in-interface="WAN2 Backup GPON1"
add action=accept chain=forward comment="defconf: accept established,related" \
connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface="WAN ISP"
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface="WAN2 Backup GPON1"
add action=drop chain=input comment="drop ssh brute forcers" dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 in-interface="WAN ISP" \
protocol=tcp src-address-list=ssh_blacklist
add action=drop chain=input comment="drop ssh brute forcers" dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 in-interface="WAN ISP" \
protocol=udp src-address-list=ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=1d chain=input connection-state=new dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 protocol=tcp \
src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=1d chain=input connection-state=new dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 protocol=udp \
src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m chain=input connection-state=new dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 protocol=tcp \
src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m chain=input connection-state=new dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 protocol=udp \
src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 \
address-list-timeout=1m chain=input connection-state=new dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 protocol=tcp \
src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage2 \
address-list-timeout=1m chain=input connection-state=new dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 protocol=udp \
src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 \
address-list-timeout=1m chain=input connection-state=new dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 protocol=tcp
add action=add-src-to-address-list address-list=ssh_stage1 \
address-list-timeout=1m chain=input connection-state=new dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 protocol=udp
add action=drop chain=forward comment="drop ssh brute downstream" dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 in-interface="WAN ISP" \
protocol=tcp src-address-list=ssh_blacklist
add action=drop chain=forward comment="drop ssh brute downstream" dst-port=\
1928,22,21,80,23,5000,5060,1701,500,4500,1194 in-interface="WAN ISP" \
protocol=udp src-address-list=ssh_blacklist
add action=drop chain=forward disabled=yes dst-port=68 out-interface=\
"WAN2 Backup GPON1" protocol=udp
/ip firewall mangle
add action=fasttrack-connection chain=prerouting disabled=yes dst-address=\
192.168.68.240
add action=fasttrack-connection chain=prerouting disabled=yes src-address=\
192.168.68.240
add action=change-dscp chain=prerouting new-dscp=60 passthrough=yes \
src-address-list="For Static GPON 1"
add action=change-dscp chain=prerouting dst-address-list="For Static GPON 1" \
new-dscp=60 passthrough=yes
add action=change-dscp chain=prerouting new-dscp=61 passthrough=yes \
src-address-list="For Static GPON 2"
add action=change-dscp chain=prerouting dst-address-list="For Static GPON 2" \
new-dscp=61 passthrough=yes
add action=change-dscp chain=prerouting new-dscp=62 passthrough=yes \
src-address-list="For Static GPON 3"
add action=change-dscp chain=prerouting dst-address-list="For Static GPON 3" \
new-dscp=62 passthrough=yes
add action=change-dscp chain=prerouting new-dscp=10 passthrough=yes \
src-address-list="For Offline GPON"
add action=change-dscp chain=prerouting dst-address-list="For Offline GPON" \
new-dscp=10 passthrough=yes
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=197.2.2.11 dst-port=8291 \
protocol=tcp src-address=197.2.2.1 to-addresses=197.2.2.11 to-ports=1928
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=192.168.50.0/24
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=192.168.50.0/24
/ip hotspot ip-binding
In bypass there are almost 151 entries. they are not shown due to privacy
/ip hotspot user
In users there are 1300 entries. they are not shown due to privacy
/ip hotspot walled-garden
add comment="place hotspot rules here" disabled=yes
/ip route
add check-gateway=ping comment=Primary disabled=no distance=1 dst-address=\
0.0.0.0/0 gateway=4.2.2.2 pref-src=0.0.0.0 routing-table=main scope=30 \
suppress-hw-offload=no target-scope=10
add comment=Secondary disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
192.168.202.1 pref-src="" routing-table=main scope=30 \
suppress-hw-offload=no target-scope=10
add comment="Probe Primary" disabled=no distance=1 dst-address=8.8.4.4/32 \
gateway=192.168.185.1 pref-src=0.0.0.0 routing-table=main scope=10 \
suppress-hw-offload=no target-scope=10
add disabled=no dst-address=191.1.1.0/24 gateway=191.1.1.1
add comment=Central disabled=no dst-address=192.168.30.0/24 gateway=191.1.1.1
add disabled=yes dst-address=192.168.35.0/24 gateway=191.1.1.1
add disabled=yes dst-address=192.168.40.0/24 gateway=191.1.1.1
add comment=North disabled=no dst-address=192.168.60.0/24 gateway=191.1.1.1
add disabled=yes dst-address=192.168.88.0/24 gateway=191.1.1.1
add comment=Central disabled=no dst-address=192.168.99.0/24 gateway=191.1.1.1
add comment=Vantage disabled=no dst-address=192.168.108.0/24 gateway=\
191.1.1.1
add comment=North disabled=no dst-address=192.168.140.0/24 gateway=191.1.1.1
add disabled=no dst-address=192.168.145.0/24 gateway=191.1.1.1
add disabled=no dst-address=192.168.100.0/24 gateway=192.168.185.1
add comment="Probe Primary" disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway=192.168.185.1 pref-src=0.0.0.0 routing-table=main scope=10 \
suppress-hw-offload=no target-scope=10
add disabled=no distance=1 dst-address=197.2.2.0/24 gateway=197.2.2.1 \
pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add disabled=no dst-address=197.2.2.0/24 gateway=197.2.2.1 routing-table=main \
suppress-hw-offload=no
add disabled=no distance=1 dst-address=198.42.11.0/24 gateway=191.1.1.1 \
pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add comment=North disabled=no distance=1 dst-address=192.168.61.0/24 gateway=\
191.1.1.1 pref-src=0.0.0.0 routing-table=main scope=30 \
suppress-hw-offload=no target-scope=10
add disabled=yes distance=1 dst-address=192.168.30.251/32 gateway=191.1.1.1 \
pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add disabled=no dst-address=192.168.1.0/24 gateway=191.1.1.1 routing-table=\
main suppress-hw-offload=no
add disabled=no distance=1 dst-address=174.16.0.0/22 gateway=191.1.1.1 \
pref-src=0.0.0.0 routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add disabled=no distance=1 dst-address=175.16.0.0/22 gateway=191.1.1.1 \
pref-src=0.0.0.0 routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add disabled=no distance=1 dst-address=192.168.150.0/24 gateway=191.1.1.1 \
pref-src=0.0.0.0 routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add disabled=yes distance=1 dst-address=192.168.18.0/24 gateway=197.2.2.1 \
pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add disabled=no dst-address=192.168.10.0/24 gateway=191.1.1.1 routing-table=\
main suppress-hw-offload=no
add disabled=no distance=1 dst-address=192.168.1.0/24 gateway=191.1.1.1 \
pref-src=0.0.0.0 routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add disabled=no dst-address=193.11.0.0/16 gateway=191.1.1.1 routing-table=\
main suppress-hw-offload=no
add disabled=no dst-address=192.168.1.0/24 gateway=192.168.1.220 \
routing-table=main suppress-hw-offload=no
add disabled=no dst-address=176.16.0.0/22 gateway=191.1.1.1 routing-table=\
main suppress-hw-offload=no
add disabled=no distance=1 dst-address=177.16.0.0/22 gateway=191.1.1.1 \
pref-src=0.0.0.0 routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add comment=Central disabled=no distance=1 dst-address=192.168.31.0/24 \
gateway=196.1.1.1 pref-src=0.0.0.0 routing-table=main scope=30 \
suppress-hw-offload=no target-scope=10
add disabled=no distance=1 dst-address=10.3.3.0/24 gateway=191.1.1.1 \
pref-src=0.0.0.0 routing-table=main scope=30 suppress-hw-offload=no \
target-scope=10
add disabled=no dst-address=191.1.1.0/24 gateway=191.1.1.1 routing-table=main \
suppress-hw-offload=no
/ip traffic-flow
set enabled=yes
/ip traffic-flow target
add dst-address=172.16.0.2 port=5570 version=5
/routing rule
add action=lookup-only-in-table disabled=yes dst-address=191.1.1.0/24 table=\
main
add action=lookup-only-in-table disabled=yes dst-address=198.42.11.0/24 \
table=main
/snmp
set enabled=yes trap-community=librenms
/system clock
set time-zone-name=Asia/Karachi
/system identity
set name=Lan
/system logging
add action=email topics=critical
add action=graylogDNS topics=dns
add action=graylogINFO topics=info
add action=disk topics=system
add action=disk topics=critical
add action=graylogcritical topics=critical
add action=graylogsystem topics=system
add action=graylogwarning topics=warning
/system note
set note="DO NOT LOGIN\r\
\nUnauthorized Login will be held in court of Law."
/system ntp client servers
add address=216.239.35.8
/system resource irq rps
set "WAN ISP" disabled=no
set "WAN2 Backup GPON1" disabled=no
set "ether3 " disabled=no
set ether4 disabled=no
set ether5 disabled=no
set ether6 disabled=no
set ether7 disabled=no
set ether8 disabled=no
set ether9 disabled=no
set ether10 disabled=no
set ether11 disabled=no
/system scheduler
/system watchdog
set watchdog-timer=no
/tool bandwidth-server
set authenticate=no
/tool e-mail
set address=smtp.gmail.com from="<LAN>" port=587 tls=starttls user=\
dk.phase3
/tool graphing interface
add store-on-disk=no
/tool graphing queue
add allow-target=no store-on-disk=no
add allow-address=192.168.0.245/32 allow-target=no store-on-disk=no
/tool graphing resource
add store-on-disk=no
add allow-address=192.168.0.247/32 store-on-disk=no
/tool mac-server mac-winbox
set allowed-interface-list=none
/tool mac-server ping
set enabled=no