Community discussions

MikroTik App

Search found 43 matches

by LunaticRv
Wed Apr 17, 2024 11:10 pm
Forum: General
Topic: Static Route and NAT - Cannot reach server in R1 while reachable on outside and R2
Replies: 3
Views: 675

Re: Static Route and NAT - Cannot reach server in R1 while reachable on outside and R2

There is nothing related with firewall in R2, meaning no nat/masquerading. No, there is not a misconfiguration, since I don't want to waste any public ipv4 its Mikrotik way of PTP links. (rfc3021) I am probably missing some part in routing part, but not sure where. There is no issue when trying to r...
by LunaticRv
Wed Apr 17, 2024 1:33 am
Forum: General
Topic: Static Route and NAT - Cannot reach server in R1 while reachable on outside and R2
Replies: 3
Views: 675

Static Route and NAT - Cannot reach server in R1 while reachable on outside and R2

I'm encountering an issue with my MikroTik router configuration regarding NAT and static routing. Here's my setup: Topology: EdgeRouter -> R1 - NAT -> R2 - BNG Configuration: ### Router 1 /ip address add address=11.11.11.11 interface=VL_100-NAT-to-BNG network= 11.11.11.12 /ip route add distance=1 ds...
by LunaticRv
Mon Jun 26, 2023 10:10 pm
Forum: General
Topic: netbox and napalm
Replies: 7
Views: 3204

Re: netbox and napalm

I've done this using a custom python script to extract the info I needed from the mikrotik api then pushing it to netbox via their api. I think I used the routeros library, I will have to go back and check. Hello, it would be really nice if you could share the script you have used. I am trying to a...
by LunaticRv
Fri Jun 23, 2023 11:21 pm
Forum: RouterOS beta
Topic: IPv6 Radius Accounting Not Working for PPPOE Clients (Delegated Prefix)
Replies: 53
Views: 23000

Re: IPv6 Radius Accounting Not Working for PPPOE Clients (Delegated Prefix)

There should be somthing which we can do about it. Is there any chance of logging the same using the Traffic Flow IPFIX???
Hey, did you find any solution to that? Is this feature still not implemented?
by LunaticRv
Mon Jun 05, 2023 1:49 pm
Forum: General
Topic: Using Traffic Flow with L3 HW Offloading, Suggestions?
Replies: 3
Views: 855

Re: Using Traffic Flow with L3 HW Offloading, Suggestions?

When traffic is offloaded to hardware (ASIC), either L2 or L3, then none of software functionality apply, only ASIC (switch chip) features do. Which essentially means that one has to choose between high performance and wide packet processing options. Both is not possible ... not in MT hardware. I s...
by LunaticRv
Mon Jun 05, 2023 1:47 pm
Forum: General
Topic: CCR2216 High CPU Usage even with 20 Gbps traffic (Fast Path, L3 HW Offloading Enabled) [SOLVED]
Replies: 13
Views: 4977

Re: CCR2216 High CPU Usage even with 20 Gbps traffic (Fast Path, L3 HW Offloading Enabled) [SOLVED]

can you explain wich part you revised? can you post the relevant part of config, before and after, so can be usefult for the users? This was the part I was having issue; https://help.mikrotik.com/docs/display/ROS/L3+Hardware+Offloading#L3HardwareOffloading-VLANinterfaceonaswitchportorbond Looks lik...
by LunaticRv
Sat Jun 03, 2023 12:13 pm
Forum: General
Topic: Using Traffic Flow with L3 HW Offloading, Suggestions?
Replies: 3
Views: 855

Using Traffic Flow with L3 HW Offloading, Suggestions?

Hello, I am (was) using Traffic Flow for DDoS Detection and Graphing for some part of my network. It looks like Traffic Flow does not work when the traffic is offloaded. I tried several ACL rules to atleast copy specific amount of packets to CPU but it does not seem to work. For logging and graphing...
by LunaticRv
Fri Jun 02, 2023 9:54 am
Forum: Announcements
Topic: EDITED Forum THEME / SKIN change
Replies: 92
Views: 14157

Re: EDITED Forum THEME / SKIN change

Here are some suggestions: 1 - Metro — A Responsive Theme for phpBB3 https://themeforest.net/item/metro-a-responsive-theme-for-phpbb3/4559274 2 - Volare - Material Design phpBB 3.3 Theme https://themeforest.net/item/volare-material-design-phpbb-32-theme-responsive/21578782 3 - Milk - Multipurpose Re...
by LunaticRv
Thu Jun 01, 2023 6:06 pm
Forum: General
Topic: CCR2216 High CPU Usage even with 20 Gbps traffic (Fast Path, L3 HW Offloading Enabled) [SOLVED]
Replies: 13
Views: 4977

Re: CCR2216 High CPU Usage even with 20 Gbps traffic (Fast Path, L3 HW Offloading Enabled) [SOLVED]

For inter-VLAN routing, L3HW requires a hardware bridge for VLAN tagging. Please check out the following documentation topics: Layer 2 Dependency Inter-VLAN Routing Typical Misconfiguration: VLAN interface on a switch port or bond Thank you very much, I configured accordingly and voila CPU dropped ...
by LunaticRv
Wed May 31, 2023 9:44 pm
Forum: General
Topic: CCR2216 High CPU Usage even with 20 Gbps traffic (Fast Path, L3 HW Offloading Enabled) [SOLVED]
Replies: 13
Views: 4977

Re: CCR2216 High CPU Usage even with 20 Gbps traffic (Fast Path, L3 HW Offloading Enabled) [SOLVED]

in ccr1072 average cpu usage It is the result of averaging the use of the 72 cores, which tends to deliver extremely low values even when you may have some cores with a lot of load. in ccr2216 this average calculation is done only by 16 cores which leads us in most cases to a higher more realistic ...
by LunaticRv
Wed May 31, 2023 7:33 pm
Forum: General
Topic: CCR2216 High CPU Usage even with 20 Gbps traffic (Fast Path, L3 HW Offloading Enabled) [SOLVED]
Replies: 13
Views: 4977

Re: CCR2216 High CPU Usage even with 20 Gbps traffic (Fast Path, L3 HW Offloading Enabled) [SOLVED]

same configuration My config; In terms of configuration everything is exact same with my CCR1072 but the CPU is really high I dont know why. Any advices? Thanks in advance! I think you cannot use the same config you must reconfigure using bridge VLAN filtering to be able to enjoy L2 and L3 Hardware...
by LunaticRv
Wed May 31, 2023 5:47 pm
Forum: General
Topic: CCR2216 High CPU Usage even with 20 Gbps traffic (Fast Path, L3 HW Offloading Enabled) [SOLVED]
Replies: 13
Views: 4977

CCR2216 High CPU Usage even with 20 Gbps traffic (Fast Path, L3 HW Offloading Enabled) [SOLVED]

Hello, Today I upgraded my shiny 1072 ( v7.8 ) to 2216 ( v7.9.1 ) as my network starts to grow. In terms of speed, nothing has been changed for now; 30 Gbps at peak times. After migrating to 2216, I noticed high CPU even with 20 Gbps of traffic which is around 50-55% all the time while 1072 only had...
by LunaticRv
Mon May 29, 2023 9:36 am
Forum: General
Topic: bonding on CCR2216 not working/crashing the router [SOLVED]
Replies: 6
Views: 1857

Re: bonding on CCR2216 not working/crashing the router [SOLVED]

I am using it with CRS518 and Huawei57XX series with bonding (802.3ad mode) and never had issues besides unbalanced traffic sometimes even with 30 gbps traffic.
by LunaticRv
Sun May 21, 2023 8:49 pm
Forum: General
Topic: Best way to observe DNS QPS
Replies: 3
Views: 750

Re: Best way to observe DNS QPS

Thank you, but I think this is not suitable for my case, I would like to measure it before installing my resolver. If its passing 1500 QPS and less than 2000 QPS then I will just create a ticket to increase my QPS limit to Google. But before doing that I need to figure out exact way of measuring my ...
by LunaticRv
Sat May 20, 2023 4:14 pm
Forum: General
Topic: bonding on CCR2216 not working/crashing the router [SOLVED]
Replies: 6
Views: 1857

Re: bonding on CCR2216 not working/crashing the router [SOLVED]

I don't think transmit hash policy layer 3 and layer 4 supported on LACP. Maybe try changing it to layer 2 and layer 3?
by LunaticRv
Sat May 20, 2023 4:09 pm
Forum: General
Topic: Best way to observe DNS QPS
Replies: 3
Views: 750

Best way to observe DNS QPS

Hello, I am using GoogleDNS for my customers and planning to install my own HA recursive DNS servers. But before doing that I would like to measure my networks DNS queries per second. What I did/tried is; ip/firewall/filter/add chain=forward protocol=udp src-port=53 action=passthrough connection-sta...
by LunaticRv
Fri May 05, 2023 11:15 am
Forum: General
Topic: SNMP timeouts and polling issue on ROS v7.6.
Replies: 8
Views: 3811

Re: SNMP timeouts and polling issue on ROS v7.6.

I can confirm that this issue still exists up to 7.8, havent tested with 7.9 yet. In my scenario I tested with several 1072 using LibreNMS. Some of these 1072's has lots of routing, vlans along with BGP, some has lots of NAT rule and other has lots of queues up. I never had this issue before upgradi...
by LunaticRv
Thu Oct 27, 2022 9:46 am
Forum: General
Topic: Dead PPPoE Server Bindings (No MTU no MRU, nothing) on v7.6 - 1036-8G-2S+
Replies: 0
Views: 467

Dead PPPoE Server Bindings (No MTU no MRU, nothing) on v7.6 - 1036-8G-2S+

Recently I upgraded my setup from 6.49.x to 7.6. After upgrading to v7, I started to see empty PPPoE-Server-Bindings bound to my clients which prevents them to re-authenticate until I remove these bindings. This happens mostly when termination cause is "Lost Carrier" and when user retries ...
by LunaticRv
Mon Jan 24, 2022 4:06 pm
Forum: General
Topic: Best Method for 10 Equal WAN Load Balancing
Replies: 2
Views: 1189

Re: Best Method for 10 Equal WAN Load Balancing

PCC load balancing...... if done correctly should work. However what is the device doing the work ?? Hi, thanks for reply. I have tested with CCR1036-12G-4S with both ROS6 and ROS7. My sample config for ROS6 can be seen below; /ip address add address=192.168.100.1/224 network=192.168.100.0 interfac...
by LunaticRv
Mon Jan 24, 2022 10:28 am
Forum: General
Topic: Best Method for 10 Equal WAN Load Balancing
Replies: 2
Views: 1189

Best Method for 10 Equal WAN Load Balancing

Hello, I am trying to figure out which Load Balancing method is best for combining 10 equal WAN into single Uplink. What I tried is to use PCC and simple firewall marking method but it looks like I lose almost 25-30% of the total traffic. I have 10 physically separate WAN with equal speed; 100 Mbps....
by LunaticRv
Tue Jan 26, 2021 9:51 pm
Forum: Forwarding Protocols
Topic: BGP - Routing Filters Seems Not Working
Replies: 0
Views: 1124

BGP - Routing Filters Seems Not Working

I have a peer (allowed for /22) between my main ISP but as soon as I start peering connection, it auto gets disconnected. My ISP tells me that I'm exceeding number of routes I'm allowed to send. Their side log; number of routes learned has exceeded configured maximum (1050) moved from higher state E...
by LunaticRv
Fri Nov 27, 2020 8:35 am
Forum: General
Topic: Allow CGNat IP to Establish PPTP Connection
Replies: 3
Views: 2689

Re: Allow CGNat IP to Establish PPTP Connection

PPTP uses GRE as a transport protocol. If several of your clients connect to the same VPN server, your Mikrotik cannot determine to which of the clients to forward the GRE packet coming from that server to your Mikrotik's public WAN address, because GRE has no notion of ports and both the source an...
by LunaticRv
Thu Nov 26, 2020 11:48 am
Forum: General
Topic: Allow CGNat IP to Establish PPTP Connection
Replies: 3
Views: 2689

Allow CGNat IP to Establish PPTP Connection

Hello, I am using Carrier-Grade NAT for my PPPoE customers. Some of them are complaining about failure of connecting their VPNs (they are using Mikrotiks aswell). Sample NAT rule for customer; /ip firewall nat add action=jump chain=srcnat jump-target=CGN64_9 out-interface=VL_46-CORE src-address=100....
by LunaticRv
Sat Sep 12, 2020 1:12 pm
Forum: General
Topic: Best Way to let L2TP server accessible only from Local IPs
Replies: 2
Views: 524

Best Way to let L2TP server accessible only from Local IPs

Hello,

I would like to block incoming L2TP tunnel requests from outside and would only like to allow requests coming from local side. Is there any practical way of doing this? I'm trying not to consume CPU as much as I can, so I am wondering the optimal way of achieving this.

Thanks!
by LunaticRv
Tue Apr 07, 2020 9:59 pm
Forum: General
Topic: Cannot Reach PPP Server from Router A to C Through B [SOLVED]
Replies: 3
Views: 3620

Re: Cannot Reach PPP Server from Router A to C Through B [SOLVED]

A network diagram is always better for someone to understand even the simplest network topology... So, you have a PPPoE Client on router A and you want to Connect on a PPPoE Server on Router C? If yes, PPPoE is a Layer 2 network protocol, so you need Layer 2 connectivity from A to C... Hi Zacharias...
by LunaticRv
Tue Apr 07, 2020 7:25 pm
Forum: General
Topic: Cannot Reach PPP Server from Router A to C Through B [SOLVED]
Replies: 3
Views: 3620

Cannot Reach PPP Server from Router A to C Through B [SOLVED]

Hello, I'm trying to access PPPoE Server from Router A to C. My topology is Router A --- Router B --- Router C. I'm able to access and use PPPoE Server from Router B but somehow I cannot access it from Router C even if I can ping its gateway. I have static route between A to B but I don't know how t...
by LunaticRv
Fri Apr 03, 2020 6:05 pm
Forum: General
Topic: CRS3xx Series Best VLAN Approach
Replies: 1
Views: 1765

CRS3xx Series Best VLAN Approach

Hello, I've been using and enjoying Mikrotik Routers for a while.I decided to change my switches with Mikrotik Switches. I have a setups like following; Main Router ---> SW1 ---> End_Switches I have multiple VLAN for End_Switches and would like to configure them properly. What I want is the connecti...
by LunaticRv
Fri Apr 03, 2020 9:46 am
Forum: General
Topic: Routing a Block of Public IP Addresses to Other Mikrotik [SOLVED]
Replies: 15
Views: 11667

Re: Routing a Block of Public IP Addresses to Other Mikrotik [SOLVED]

Yes because in a /30 or even a /29 netowrk the netowrk address is the .160/30... Also how exactly you made it work with no routes on Mikrotik 2 ? @millenium missed the route on that... Hi Zacharias, Of course thats not possible with no routes on M2, In the example above I added route 0.0.0.0/0 to M...
by LunaticRv
Thu Apr 02, 2020 12:08 pm
Forum: General
Topic: Routing a Block of Public IP Addresses to Other Mikrotik [SOLVED]
Replies: 15
Views: 11667

Re: Routing a Block of Public IP Addresses to Other Mikrotik [SOLVED]

Ummm this is super easy. All you do is add a static route on MikroTik 1 pointing to MikroTik 2 But MikroTik 2 still needs to have an address. Normally on the link between MikroTik 1 and 2 you would give them a private IP i.e. 10.0.12.1/30 and 10.0.12.2/30 Then on MikroTik1 you just add your static ...
by LunaticRv
Wed Apr 01, 2020 10:27 am
Forum: General
Topic: Routing a Block of Public IP Addresses to Other Mikrotik [SOLVED]
Replies: 15
Views: 11667

Routing a Block of Public IP Addresses to Other Mikrotik [SOLVED]

Hello, I would like to route a block of public IP addresses (which is static routed to main IP on Mikrotik 1) to another mikrotik router in my network without adding this to my address list on main mikrotik. What I ment is; MY ISP ------ Mikrotik 1 ------ Mikrotik 2 Mikrotik 1 : 1.2.3.4/30 (main IP ...
by LunaticRv
Mon Mar 30, 2020 3:03 pm
Forum: General
Topic: Using Fasttrack with Simple Queues [SOLVED]
Replies: 3
Views: 17285

Using Fasttrack with Simple Queues [SOLVED]

Hello, I would like to use Fasttrack feature without affecting my simple queues on the router. My scenario is like the following; I have PPPoE customers that are being NAT'ed and their local IP pools is 172.16.25.0/24 and lets say public IP pool is 1.2.3.4/27 What I want to achieve is to keep simple...
by LunaticRv
Wed Nov 06, 2019 3:29 pm
Forum: General
Topic: LACP Bonding + VLAN (2 x 10G SFP+) Problem
Replies: 5
Views: 2627

Re: LACP Bonding + VLAN (2 x 10G SFP+) Problem

The VLAN and the Bond has the same MAC address - Cisco's doesn't like this, and MT refuses to add functionality in order to change MAC addresses for VLANs. The VLAN will always have the same MAC as the parent interface. This would be especially troublesome if the provider does some kind of MAC filt...
by LunaticRv
Wed Nov 06, 2019 11:38 am
Forum: General
Topic: LACP Bonding + VLAN (2 x 10G SFP+) Problem
Replies: 5
Views: 2627

LACP Bonding + VLAN (2 x 10G SFP+) Problem

Hello, Recently my traffic on Mikrotik CCR1072-1G-8S+ is passing 10G and I want to increase my total bandwidth to 13 Gbps. To do that, my ISP gave me 2 links that are bound to sfpplus1 and sfpplus2 and told me to bond these ports. Their side is Cisco and they made the necessary configuration. I have...
by LunaticRv
Thu Oct 31, 2019 11:42 am
Forum: Forwarding Protocols
Topic: BGP | Use /24 in 2 different BGP Instances (Same AS)
Replies: 1
Views: 2736

BGP | Use /24 in 2 different BGP Instances (Same AS)

Hello, I have 2 routers and these routers have BGP configured and running. What I want to do is to separate /24 and use these blocks into these two routers. Currently I am only able to use this block one of the router. Also even if I disable BGP session on X router, Y router cannot use these IPs eve...
by LunaticRv
Thu Oct 03, 2019 5:47 pm
Forum: General
Topic: Bridge STP Issue (Keeps discarding, learning, forwarding)
Replies: 7
Views: 3304

Re: Bridge STP Issue (Keeps discarding, learning, forwarding)

Probably not.. but why dont you test it? It will take you less than 10 seconds to change the BPDU value...!
Thanks a lot for response, yet again :) But unfortuantely that didn't solve the issue :(
by LunaticRv
Thu Oct 03, 2019 3:21 pm
Forum: General
Topic: Bridge STP Issue (Keeps discarding, learning, forwarding)
Replies: 7
Views: 3304

Re: Bridge STP Issue (Keeps discarding, learning, forwarding)

Lower the BPDU value of your Bridge so it becomes a root bridge... make it 7000 instead of 8000
Is the problem about root bridge? If I make this bridge a root bridge, would it solve the STP discarding issue?

Thank you!
by LunaticRv
Thu Oct 03, 2019 11:43 am
Forum: General
Topic: Bridge STP Issue (Keeps discarding, learning, forwarding)
Replies: 7
Views: 3304

Re: Bridge STP Issue (Keeps discarding, learning, forwarding)

It seems MikroTik tries to build the RSTP tree but it can't due to the mimosa antenna. Is your Bridge, a root bridge? you will see that in status. Thanks for response Zacharias, No I have 2 bridges, first one is WAN Bridge and there is actually only 1 port assigned to it, and this is root and secon...
by LunaticRv
Thu Oct 03, 2019 10:56 am
Forum: General
Topic: Bridge STP Issue (Keeps discarding, learning, forwarding)
Replies: 7
Views: 3304

Bridge STP Issue (Keeps discarding, learning, forwarding)

Hi, I have a bridge that is bound to my customers and these bridge also contains my antennas. On Port 9 (which is my Mimosa PtP bakchaul device) I keep getting the error below; https://i.imgsafe.org/5a/5a829b860e.png My bridge config; Flags: X - disabled, R - running 0 R ;;; PPPoE Bridge name="...
by LunaticRv
Sat Jun 22, 2019 3:51 pm
Forum: General
Topic: Best Way to Isolate Bridges to Reach Each Other's IPs
Replies: 26
Views: 8428

Best Way to Isolate Bridges to Reach Each Other's IPs

Hello, I have 2 bridged named A and B. What I would like to do is to isolate each bridge from each other to prevent ip accesses. Bridge A has Port 2,3,4 Bridge B has Port 5,6,7 What I currently did for each IP block for each bridge is below (sample): ;;; A_DROP chain=forward action=drop protocol=!gr...
by LunaticRv
Mon May 27, 2019 11:34 am
Forum: General
Topic: [Mikrotik] Best Way to Change Outgoing Traffic Location for 1 Gbps; VPN or Rental IP?
Replies: 3
Views: 1087

Re: [Mikrotik] Best Way to Change Outgoing Traffic Location for 1 Gbps; VPN or Rental IP?

If you need to use another address, BGP is not relevant, it doesn't change your address, and porting a single IP address to another AS is out of question, you'd have to rent a subnet, ISP guys can tell you what size is the minimum required one. So run a virtual Mikrotik (CHR) somewhere in a datacen...
by LunaticRv
Mon May 27, 2019 10:28 am
Forum: General
Topic: [Mikrotik] Best Way to Change Outgoing Traffic Location for 1 Gbps; VPN or Rental IP?
Replies: 3
Views: 1087

[Mikrotik] Best Way to Change Outgoing Traffic Location for 1 Gbps; VPN or Rental IP?

Hello, Since I am having trouble with some of the services thanks to 'neighbor' IPs and country block of my routers IP, I would like to redirect all my traffic to another location/IP and access internet within this path. What I am currently thinking is; 1 - Getting a VPN service with dedicated IP bu...
by LunaticRv
Fri Jan 25, 2019 2:14 pm
Forum: Beginner Basics
Topic: Mikrotik to Mikrotik Connection Doesn't Work
Replies: 3
Views: 942

Re: Mikrotik to Mikrotik Connection Doesn't Work

Default route on Mikrotik B should be via IP address of Mikrotik A - in this case 10.10.1.13. In addition to that: I don't think things will work at all. Mikrotik A has IP address 10.10.1.13/29, which means valid addresses are between 10.10.1.9 and 10.10.1.14 (and 10.10.1.15 is broadcast address fo...
by LunaticRv
Fri Jan 25, 2019 11:54 am
Forum: Beginner Basics
Topic: Mikrotik to Mikrotik Connection Doesn't Work
Replies: 3
Views: 942

Mikrotik to Mikrotik Connection Doesn't Work

Hi, I want to share internet to one of mikrotik from the one that has internet service. What I want to do is to assign local IP to other mikrotik and share internet between these two. My current setup is Mikrotik A: (The one with internet) ip address : 10.10.1.13/29 bound to bridge_X I have src-natt...