Community discussions

MikroTik App

Search found 59 matches

by ahmet82
Mon Dec 16, 2024 5:48 pm
Forum: General
Topic: Routing slows down after a while
Replies: 1
Views: 228

Routing slows down after a while

I have a RB5009. It is a fairly regular setup. 1 port is connected to a switch, and 2 ports are connected to two separate WANs (1gbit each). Everything works as usual. However after a while under 1 hour, the routing speed reduces. I can see about 20mbit on speedtest.net. When I restart the router. I...
by ahmet82
Sun Dec 15, 2024 2:59 am
Forum: General
Topic: DoH DNS queries with multi WAN redundancy
Replies: 2
Views: 307

DoH DNS queries with multi WAN redundancy

I have DoH DNS working without any issues. I have multiple WAN. For client internet connection, the failover works. So if one WAN gateway is down, the other one is being used. However, this doesn't work for DoH queries. So the mikrotik router itself, doesn't use the failover WAN. This is what I have...
by ahmet82
Sun Sep 08, 2024 4:38 pm
Forum: Beginner Basics
Topic: order of fasttrack
Replies: 3
Views: 758

Re: order of fasttrack

So I understand go with option 1?
by ahmet82
Sun Sep 08, 2024 3:41 pm
Forum: Beginner Basics
Topic: order of fasttrack
Replies: 3
Views: 758

order of fasttrack

I am trying to create fast track for specific address lists. I have seen both examples of it on the forum. With both versions CPIU is lowered and I see fastrrack counter incremented in IP/Settings. Which one is suppose to be first? With this version, I see both fasttrack rule and accept rule packets...
by ahmet82
Wed Sep 04, 2024 5:51 pm
Forum: General
Topic: Device information for nextdns and DNS over HTTPS
Replies: 0
Views: 711

Device information for nextdns and DNS over HTTPS

I started using nextdns with DoH. it is working without any issues. I see that the hostname of mikrotik is always being captured as the device name. Is there a way to make mikrotik send dhcp client hotnames or something else with the request. It seems nextdns is accepting the information in various ...
by ahmet82
Mon Jul 01, 2024 11:34 pm
Forum: General
Topic: Apple tv on wireguard
Replies: 5
Views: 1844

Re: Apple tv on wireguard

Does it make sense to make it only be valid for wireguard interface? Or does it have no impact at all in terms of performance
by ahmet82
Mon Jul 01, 2024 11:17 pm
Forum: General
Topic: Apple tv on wireguard
Replies: 5
Views: 1844

Re: Apple tv on wireguard

Hello

Which side am I suppose to add this? Server or client wireguard? or both?

Can you also explain the reasoning a little please?
by ahmet82
Mon Jul 01, 2024 10:03 pm
Forum: General
Topic: Apple tv on wireguard
Replies: 5
Views: 1844

Apple tv on wireguard

I have an apple tv abroad. I have a mikrotik rb5009 router that works as wireguard server. I have another rb5009 router as wireguard client. I did a speed-test on apple tv. I can consistently see 50mbit/sec. Everything works but the app store. The search results and downloads randomly fail, or it wo...
by ahmet82
Thu May 30, 2024 9:00 pm
Forum: Beginner Basics
Topic: What is the purpose of client-dns setting in wireguard
Replies: 3
Views: 1016

What is the purpose of client-dns setting in wireguard

Hello,

Can someone please explain what is the purpose of the client-dns setting in wireguard?

Thank you
by ahmet82
Thu May 02, 2024 11:22 am
Forum: General
Topic: Wireshark peer ip addresses
Replies: 0
Views: 476

Wireshark peer ip addresses

I have two mikrotik routers connected with wireshark over the internet. My ip changed the ip address of the server router. The client still continued to remain connected to the server router. How is this possible? When i looked at the admin panel, i saw peer endpoint showing old ip address. Current ...
by ahmet82
Sat Feb 10, 2024 1:15 am
Forum: Beginner Basics
Topic: Change vlan id from cpu
Replies: 0
Views: 416

Change vlan id from cpu

My router does not support assigning a new vlan id for a specific mac address with switch rules. Is there another to do it through bridge or cpu etc?
by ahmet82
Sat Feb 10, 2024 12:59 am
Forum: Beginner Basics
Topic: Lease ip address from another dhcp server
Replies: 1
Views: 459

Lease ip address from another dhcp server

Hello

I have a device which uses vlan id 500. For this vlan there is a dhcp server attached and it works. However, for another device with a specific mac id, again using vlan id 500, i want to assign from another ip pool and another dhcp server.

Is this possible? I have a rb5009
by ahmet82
Tue Nov 15, 2022 2:57 am
Forum: Beginner Basics
Topic: Wireguard with wan backup [SOLVED]
Replies: 3
Views: 1062

Wireguard with wan backup [SOLVED]

Hello, I followed the instructions on this forum, and I am routing all of the traffic via wireguard. Nothing interesting here. However, I noticed that, if I disconnect wireguard, the route stays active, and the servers are unable to reach the internet. If I enable gateway=ping, the route doesn't wor...
by ahmet82
Sun Nov 13, 2022 7:08 pm
Forum: Beginner Basics
Topic: wireguard site to site routing problem [SOLVED]
Replies: 4
Views: 1810

Re: wireguard site to site routing problem [SOLVED]

Hello Sindy’s answer worked. I was following https://help.mikrotik.com/docs/display/ROS/WireGuard which has only one new manually added route. It fixed the problem. I am just curious why the documentation wasnt showing it As for not having a bridge for site 1, i was told on this forum that i didnt n...
by ahmet82
Sun Nov 13, 2022 5:09 pm
Forum: Beginner Basics
Topic: wireguard site to site routing problem [SOLVED]
Replies: 4
Views: 1810

wireguard site to site routing problem [SOLVED]

Hello, I am trying to setup wireguard site to site. I am so close, but for some reason I can not ping or connect between sites. What am I missing? Handshake is there. Routing seems to work, but there is no connection. I flipped through the firewall, but no luck SITE A: reducted SITE B reducted
by ahmet82
Sun Nov 13, 2022 11:07 am
Forum: Beginner Basics
Topic: Masquare required when pinging same vlan over VPN [SOLVED]
Replies: 2
Views: 835

Re: Masquare required when pinging same vlan over VPN [SOLVED]

Got it thank you. I am just setting it up. I will put the firewall rules today
by ahmet82
Sun Nov 13, 2022 4:05 am
Forum: Beginner Basics
Topic: Masquare required when pinging same vlan over VPN [SOLVED]
Replies: 2
Views: 835

Masquare required when pinging same vlan over VPN [SOLVED]

I setup l2tp vpn. it works as expected. When I access other vlans it also works. However, if I try to access a device in the same vlan it doesn't work. Unless I define masqarade. What is the reason for this?


reducted


by ahmet82
Sun Nov 06, 2022 7:33 pm
Forum: Beginner Basics
Topic: vlan routing without a bridge
Replies: 3
Views: 1308

Re: vlan routing without a bridge

On CHR, firewall rules are applied without any additional change.

I have a rb5009., will it be the same? Or Will it require some extra “redirect to cpu” etc to be able to apply rules to block some vlan accessing other vlan
by ahmet82
Sun Nov 06, 2022 5:22 pm
Forum: Beginner Basics
Topic: vlan routing without a bridge
Replies: 3
Views: 1308

vlan routing without a bridge

I tested this on Cloud Hosted Router. It seems to work. VLANs are routed through the router, and I didn't use a bridge. If this is the case, is there a need for a bridge for this case? Will this be hardware offloaded on the real device?


reducted

by ahmet82
Sat Nov 05, 2022 5:20 pm
Forum: Beginner Basics
Topic: hardware only switching
Replies: 3
Views: 590

Re: hardware only switching

Is there any difference if I remove MGMT VLAN from the bridge and move it to ether1?
by ahmet82
Sat Nov 05, 2022 12:48 pm
Forum: Beginner Basics
Topic: hardware only switching
Replies: 3
Views: 590

hardware only switching

I want to use a powerbox pro just as a switch with maximum hardware offloading as possible. I have this configuration, but I am not sure if changing anything will allow me to access even more wire speeds. Do I really need a bridge? Instead, will adding switch rules a faster, more hardware accelerate...
by ahmet82
Sun Oct 30, 2022 1:11 pm
Forum: Beginner Basics
Topic: Switch rule to block wan traffic for a vlan
Replies: 7
Views: 1059

Re: Switch rule to block wan traffic for a vlan

This was my theory as well. I will give it a try
by ahmet82
Sun Oct 30, 2022 11:08 am
Forum: Beginner Basics
Topic: Switch rule to block wan traffic for a vlan
Replies: 7
Views: 1059

Re: Switch rule to block wan traffic for a vlan

You are right 😀. I have a rb5009
by ahmet82
Sun Oct 30, 2022 10:17 am
Forum: Beginner Basics
Topic: Switch rule to block wan traffic for a vlan
Replies: 7
Views: 1059

Re: Switch rule to block wan traffic for a vlan

Hello

This is a hypothetical question. I dont have a setup that doesnt work. So there is not much to export.

I asking if there is a way to drop wan packages with switch rules.
by ahmet82
Sun Oct 30, 2022 3:19 am
Forum: Beginner Basics
Topic: Switch rule to block wan traffic for a vlan
Replies: 7
Views: 1059

Switch rule to block wan traffic for a vlan

Hello, I want vlan 10 to access vlan 20, but not be able to access the internet (wan)? I couldn't find any negate filters on switch rules. So I am not sure how can I detect a device trying to access wan with switch rules to drop the package I know I can do all of this in the firewall, but I am curio...
by ahmet82
Sun Oct 16, 2022 10:08 pm
Forum: RouterBOARD hardware
Topic: Rb5009 poe in conflict
Replies: 5
Views: 1163

Re: Rb5009 poe in conflict

I tried all combination of everything I tried. What's weird is that I used to have a hex s, and it worked without any problems. When I plug the same cables to the same ports on rb5009, it doesn't work. I have to flip them to get them to work
by ahmet82
Sun Oct 16, 2022 7:09 pm
Forum: RouterBOARD hardware
Topic: Rb5009 required daily reset
Replies: 3
Views: 1033

Re: Rb5009 required daily reset

I meant i exported from hex s. And line by line executed on rb5009. No fancy migration of any sort.

I know this is not usual and most likely not many people have to reboot for any reason. I am asking what may be a reason for it? How can i debug
by ahmet82
Sun Oct 16, 2022 6:35 pm
Forum: RouterBOARD hardware
Topic: Rb5009 poe in conflict
Replies: 5
Views: 1163

Re: Rb5009 poe in conflict

They are this https://static.tp-link.com/res/down/doc/T1600G-52PS.pdf

Yes they can both power the device from port 1.

It is what happens on port 2 that is weird. One way there is no uplink on port 2. i flip cables and both has uplink
by ahmet82
Sun Oct 16, 2022 5:54 pm
Forum: RouterBOARD hardware
Topic: Rb5009 poe in conflict
Replies: 5
Views: 1163

Rb5009 poe in conflict

Hello I have two identical switches. They both provide poe out. If i connect switch1 to router port 1, and switch2 to router port 2, port1 has uplink but port 2 doesnt have uplink. No led light. If i connect switch2 to router port 1, and switch1 to router port 2, port1 and port 2 both have uplink Wh...
by ahmet82
Sun Oct 16, 2022 5:49 pm
Forum: RouterBOARD hardware
Topic: Rb5009 required daily reset
Replies: 3
Views: 1033

Rb5009 required daily reset

Hello I had a hex s. Never had a problem. Never required a restart. Recently, i switched to rb5009. Upgraded to latest software and firmware. Manually installed the same config. Everything worked for a week. Now, almost every day, some devices become unaccessible. They become accessible again after ...
by ahmet82
Sun Jun 12, 2022 8:09 pm
Forum: General
Topic: Site-to-Site and Client VPN Servers
Replies: 2
Views: 1165

Site-to-Site and Client VPN Servers

Hello, I want to setup site-to-site vpn between two routers. I also want these two routers to host client to site VPN servers independently so that external laptops etc can connect to the network. Is this possible? Will there be collisions with the ports because they are expecting incoming vpn clien...
by ahmet82
Sat Oct 31, 2020 8:09 pm
Forum: General
Topic: translate vlan without switch chip
Replies: 8
Views: 1028

Re: translate vlan without switch chip

Let's ignore VLANs for now, as I'm unable to do it with that approach. Let's say I have 2 dhcp servers. dhcp server 1 with 10.1.2.0/24 dhcp server 2 with 10.1.3.0/24 The VLAN ID that the new device is connecting to is attached to dhcp server 1. So it gets the ip, and everything is working. However, ...
by ahmet82
Sat Oct 31, 2020 6:31 pm
Forum: General
Topic: translate vlan without switch chip
Replies: 8
Views: 1028

Re: translate vlan without switch chip

I tried to assign static ip via dhcp lease settings. I entered the mac id, entered static ip, selected dhcp server that i originally preffered(if the vlan was correct), nothing got assigned Esentially i am fine if i can assign the correct static ip to the new device, but for some reason, i think bec...
by ahmet82
Sat Oct 31, 2020 5:53 pm
Forum: General
Topic: translate vlan without switch chip
Replies: 8
Views: 1028

Re: translate vlan without switch chip

Not sure how it would work though.

Tplink assigns a vlan id to incoming packet
Send it to mikrotik through trunk port
Router receives same vlan id for both access point and the new device

How can i make it differ by mac address?
by ahmet82
Sat Oct 31, 2020 5:16 pm
Forum: General
Topic: translate vlan without switch chip
Replies: 8
Views: 1028

translate vlan without switch chip

I have a unifi access point. I connect to a tplink switch and assigned a port based vlan id. My mikrotik router assigns the correct ip via dhcp server that is targeting the vlan. So all it good here. The access point has a port that i connected another device via ethernet. The switch naturally assig...
by ahmet82
Sat Oct 24, 2020 1:19 am
Forum: General
Topic: Two wan with in the same subnet
Replies: 19
Views: 4749

Two wan with in the same subnet

I have two ISPs. I connect to them via two modems and they give ip from the same ip block 192.168.1.xxx. I can make mikrotik connect via two seperate dhcp clients. I can not change the ip blocks. The only setting i can change is the router ip. So i can make router ip different. I can see that this l...
by ahmet82
Fri Oct 23, 2020 7:25 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

Thank you for all the insight. I have anothef question. Lets say i get 2 more internet connections. So 4 in total. Can i PPC only two at a time and assign it to a specific subnet? So for example Subnet 1 uses isp 1 and isp 2 Subnet 2 uses isp 3 and isp 4 And if for subnet 1, both isp 1 and isp 2 fai...
by ahmet82
Mon Oct 19, 2020 12:00 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

So all is working.

How do I change from gateway address check to an ip address like 8.8.8.8 and 8.8.4.4, so that mikrotik checks the actual internet connection and route traffic to the healthy ISP?

Thank you
by ahmet82
Wed Oct 07, 2020 7:57 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

Thank you for all your explanations

I am just surprised with we got it to work with just a route marking, rather than a bunch of connection markings and then route markings on top of those as described in the PCC wiki.
by ahmet82
Wed Oct 07, 2020 5:54 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

Ok. I figured it out. I don't know the reason, but at least I have it working. For some reason, when dst-address-type=!local is used. Things stop working as well. Just adding dst-address=!10.0.0.0/8 didn't work either. However when I tried reducted 192.168.xx.yy is not part of my local network reall...
by ahmet82
Wed Oct 07, 2020 2:44 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

This really weird.

If both rules are enabled: ping doesn't work
if only one rule is enabled(sometimes first rule, sometimes second I think. Can not be sure): ping works
if rules have a XXXYYYZZZ-1 and XXXYYYZZZ-2 routing mark: ping works

So what can be wrong when both of them are enabled?
by ahmet82
Wed Oct 07, 2020 12:36 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

Hah. Honestly, I don't know about the quotes. I just use winbox to select from the dropdown and check the negation checkbox. If quotes are not meant to be there, I can remove them.

The broken one is just your lines appended to it. Here it is:
reducted
by ahmet82
Tue Oct 06, 2020 7:50 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

OK. Here is the whole thing. I hope it helps. When I append your mangle commands, the servers stop accessing the internet ☹️

reducted

by ahmet82
Tue Oct 06, 2020 11:36 am
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

That looks correct to me
/interface list member
add interface="TTNET1 VLAN" list="WAN"
add interface="TTNET2 VLAN" list="WAN"
by ahmet82
Tue Oct 06, 2020 10:04 am
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

My routes seem to be simple. It makes sense, I get it, but it doesn't work for some weird reason.
reducted
by ahmet82
Tue Oct 06, 2020 12:25 am
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

Thank you. So just to be clear. All I have to do is to have this on my mangle, and remove existing records. Nothing else? The routing rules stays the same? I am afraid it did work. When I had these none of the servers were able to access the internet. /ip firewall mangle add action=mark-routing chai...
by ahmet82
Mon Oct 05, 2020 5:38 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

Hello I think the conversation led off tangent. I dont have a problem with vpn or try to load balance my connections via vpn to the internet. I want to do it to the physical servers on the LAN. Right now, i use ECMP, I underatanf PCC can distrubute the load better. I have many vlans and a bridge. I ...
by ahmet82
Mon Oct 05, 2020 4:08 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

I just have this for NAT. The modems have DMZ set, and direct all traffic to mikrotik dhcp clients with static ip addresses. When I said, I don't use NAT, I meant no special port forwarding. This much NAT seems to work with ECMP. /ip firewall nat add action=masquerade chain=srcnat \ src-address=10.0...
by ahmet82
Mon Oct 05, 2020 2:35 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

I dont use NAT right now. I just have. Mikrotik vpn server setup. People vpn first, grab a local ip, and co nect to internal servers.

So if this is the case i should use ecmp? Then is what i currenctly have what i can have as the ideal setup?
by ahmet82
Mon Oct 05, 2020 2:08 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

I think speedtest.net uses multiple connections for download. That is where i saw more than 50mbit. But yeah for the rest i get it. I just need help to change my config to pcc now. Can you help me with that please. I am not sure how to adapt my vlans and bridge to the pcc example
by ahmet82
Mon Oct 05, 2020 1:57 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

Ok. Let's say I want to apply the example here. https://wiki.mikrotik.com/wiki/Manual:PCC How would it work to my current setup? I have many vlans and a bridge. TTNET1 and TTNET2 are my ISPs. My modems only allows dhcp connection from it. Therefore, I have set DMZ on the modems, with a static ip for...
by ahmet82
Mon Oct 05, 2020 12:32 pm
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

Hello

So is the recommended approach to abandon ECMP and instead use PCC? Will this allow me to distribute the connections evenly? Can i make the disrtibution ratio different for download and upload?
Thank yoh
by ahmet82
Mon Oct 05, 2020 10:43 am
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Re: Using most available bandwidth wan

I was hoping something like this. I know my maximum upload bandwidth is 5mbit per ISP. If for ISP1, I'm using 70% of upload bandwidth, and for ISP2, I'm using 30% of upload bandwidth, then the new upload should use ISP2. Is this an unrealistic expectation? As for my config. It is like this. I'm not ...
by ahmet82
Mon Oct 05, 2020 9:21 am
Forum: General
Topic: Using most available bandwidth wan
Replies: 35
Views: 3686

Using most available bandwidth wan

Hello I have two ISPs. Both have 50mbit download and 5mbit upload individually. I believe I have load balancing working correctly. When i do speed tests I can see around 90mbit download speeds. However during uploads, it never passes 5mbit. I even tried paralel but independent upload tests with iper...
by ahmet82
Thu Aug 27, 2020 9:21 am
Forum: Beginner Basics
Topic: unable to port forward form WAN [SOLVED]
Replies: 6
Views: 2085

Re: unable to port forward form WAN [SOLVED]

Ok. I figured it out while trying to setup VPN. Thank you
by ahmet82
Wed Aug 26, 2020 8:38 pm
Forum: Beginner Basics
Topic: unable to port forward form WAN [SOLVED]
Replies: 6
Views: 2085

Re: unable to port forward form WAN [SOLVED]

Thats the point though. Even if i have the second one, it doesn't work
by ahmet82
Wed Aug 26, 2020 7:10 pm
Forum: Beginner Basics
Topic: unable to port forward form WAN [SOLVED]
Replies: 6
Views: 2085

Re: unable to port forward form WAN [SOLVED]

I don't have any firewall rules setup yet. So those are clean. Can you tell me about the second rule that you describe of? I have all of these in place /ip firewall nat add action=masquerade chain=srcnat src-address=10.6.10.0/24 add action=masquerade chain=srcnat src-address=10.6.20.0/24 add action=...
by ahmet82
Wed Aug 26, 2020 12:22 pm
Forum: Beginner Basics
Topic: unable to port forward form WAN [SOLVED]
Replies: 6
Views: 2085

unable to port forward form WAN [SOLVED]

Hello, My isp gives static ip, but my modem doesn't support bridge. So I need to connect my modem to mikrotik via DHCP client. I have also enabled DMZ for the local static IP that my modem is distributing. So far everything works. I am trying to setup port forwarding. I can access web winbox, so I k...
by ahmet82
Mon Aug 24, 2020 9:23 am
Forum: General
Topic: Redirect Internal Public IP Internally
Replies: 2
Views: 1464

Redirect Internal Public IP Internally

Hello, My ISP only allows me to use DHCP Client. Therefore my router only knows about an 192.168.x.x address. However my public IP is static. Let's say my public IP is 12.34.56.78. When I do a traceroute right now to my public IP, the packets reach the modem, and then the ISP, then comes back to my ...