Community discussions

MikroTik App

Search found 548 matches

  • 1
  • 2
by loloski
Tue Dec 24, 2024 3:11 am
Forum: SwOS
Topic: MLAG in ring topology
Replies: 7
Views: 645

Re: MLAG in ring topology

I hope i have the same optimism with you, best of luck for 7.18 if they have a significant code drop for L2 features I already stopped believing
by loloski
Mon Dec 23, 2024 11:48 am
Forum: Forwarding Protocols
Topic: OpenFlow feature?
Replies: 19
Views: 81736

Re: OpenFlow feature?

I personally want this in but I already loose hope if simple DAI "Dynamic Arp Inspection" L2 feature is not in the roadmap how much more on this, We don't really know what market segment they want to position themselves if they want to route/switch/IoT/NAS/storge the world who knows?
by loloski
Sun Dec 22, 2024 3:00 pm
Forum: SwOS
Topic: MLAG in ring topology
Replies: 7
Views: 645

Re: MLAG in ring topology

yes somehow but the switching capacity is very limited VS with real stacking solution on Cisco / Juniper and another pita if my memory serves correctly is MSTP and Double Tag Stacking
by loloski
Sun Dec 22, 2024 1:18 pm
Forum: SwOS
Topic: MLAG in ring topology
Replies: 7
Views: 645

Re: MLAG in ring topology

stacking on the other hand can go up to 8 switches with most vendors which support stacking.
Another missed opportunity with Mikrotik Stacking / Virtual Chassis in Juniper world is pretty much after sought feature
by loloski
Sun Dec 22, 2024 1:07 pm
Forum: SwOS
Topic: MLAG in ring topology
Replies: 7
Views: 645

Re: MLAG in ring topology

We already moved on for any advance L2/switching features go somewhere else this MLAG implementation of MT is not fully baked, we learned the hard lesson plain and simple
by loloski
Tue Dec 03, 2024 4:46 am
Forum: Beginner Basics
Topic: Port forwarding FQDN
Replies: 3
Views: 559

Re: Port forwarding FQDN

You need reverse proxy in TCP mode to do this, you can put haproxy or nginx as reverse proxy in a container inside the TIK or you can do it outside your router and make port forwarding
by loloski
Fri Nov 15, 2024 9:41 am
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 773
Views: 160713

Re: v7.17beta [testing] is released!

@normis I don't think that's practical on operation standpoint I also can feel their pain, can we revert or go back to 7.16 and moved on and don't touch that device-mode thing!, you guys are shooting yourself on the foot there are lot of people don't like where this is heading, just my 0.02$
by loloski
Fri Nov 01, 2024 2:44 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 773
Views: 160713

Re: v7.17beta [testing] is released!

Yep you can disagree with me anytime but it's happening, we can no longer wait for mikrotik to mature its routing and switching portfolio our company is now restructuring the team willing to let go some MT engineer not willing to be re-assigned or adapt other platform, MT not wanting to spend develo...
by loloski
Fri Nov 01, 2024 5:11 am
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 773
Views: 160713

Re: v7.17beta [testing] is released!

The future with MT is bleak anything with Service Provider solution my company accept that facts now, we are now going back to Juniper as much as possible and put mikrotik on some areas as we see it fit or put them in the shelves for eternity who knows one of these days they are going to land some c...
by loloski
Sun Oct 27, 2024 11:05 am
Forum: General
Topic: How to route packets from private to public ip
Replies: 2
Views: 314

Re: How to route packets from private to public ip

what you want is hairpin nat, just google it https://www.youtube.com/watch?v=1I5FywY6opQ
by loloski
Mon Sep 30, 2024 10:52 pm
Forum: General
Topic: Vlan Demux Interface - auto decapsule vlans
Replies: 4
Views: 908

Re: Vlan Demux Interface - auto decapsule vlans

Hi fischerdouglas,

Let see how it will pan out in the end I hope the solution will not be half baked
by loloski
Sat Aug 31, 2024 5:58 pm
Forum: Beginner Basics
Topic: Firewall Address List enhancement
Replies: 5
Views: 789

Re: Firewall Address List enhancement

That's one of the purpose of VLAN to segregate some subnet like your management VLAN where's the problem? don't put a router that will do inter-vlan routing for that subnet or better yet make a dedicated VRF for your management VLAN, I'm sorry if i failed to see your point
by loloski
Thu Aug 29, 2024 5:17 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1630
Views: 434391

Re: 📣 WinBox 4 is here 📣

while we are on the subject of making winbox more mondern and useful how about also bringing back proper routing filters to streamline the process and still leave the current behavior/design for some power/advance users?, just my 0.2$
by loloski
Thu Aug 29, 2024 2:21 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1630
Views: 434391

Re: 📣 WinBox 4 is here 📣

and also the set of icons is very fresh and professional I hope the skins is also align and haven't tried it yet :)
by loloski
Thu Aug 29, 2024 2:17 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1630
Views: 434391

Re: 📣 WinBox 4 is here 📣

return back my esc :) and the tab vs dropdown should be user configurable and the rest is history, the UI is gorgeous eeehhheeh finally i say something good with MT
by loloski
Mon Aug 19, 2024 2:40 pm
Forum: 3rd party tools
Topic: Introducing MikroWizard: An Open-Source Solution for MikroTik Router Management
Replies: 74
Views: 17239

Re: Introducing MikroWizard: An Open-Source Solution for MikroTik Router Management

The application and the device that has to be manage was separated by wireguard vpn, L3 connection from ubuntu console where this application was installed to the device needs to be manage is workiing properly like ping and ssh but on the GUI of this application using scanner the device won't show u...
by loloski
Mon Aug 19, 2024 7:24 am
Forum: Beginner Basics
Topic: Help configuring routes
Replies: 1
Views: 613

Re: Help configuring routes

This is the broadstroke of what you want to accomplish at least on the side of mikrotik /interface/vlan/add interface=ether2 vlan-id=2 name=TRUNK-VLAN-2 /ip/address/add address=192.168.2.2/30 interface=TRUNK-VLAN-2 Just open winbox and launch terminal then copy and paste this will be a lot faster th...
by loloski
Fri Aug 09, 2024 5:09 pm
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 213
Views: 64669

Re: Feature Request : IPv6 Fasttrack

Since MT won't confirm or deny if they are working on it, I presume this won't see the light and day I for one also hoping this will become reality because we have a lot of CPE (hapac2) will surely benefit from this but I'm slowly starting to accept that this won't happen and started to lose hope :(
by loloski
Fri Aug 09, 2024 5:02 pm
Forum: Beginner Basics
Topic: Help with VLAN firewall rules and SMB transfer speed.
Replies: 11
Views: 1445

Re: Help with VLAN firewall rules and SMB transfer speed.

Configure VLAN in switch menu since this is not CRS3XX series to utilize switch chip
by loloski
Thu Aug 08, 2024 12:47 am
Forum: General
Topic: CRS504-4XQ | ROS 7.14.3 | 100% CPU always | 40+% networking [SOLVED]
Replies: 2
Views: 2600

Re: CRS504-4XQ | ROS 7.14.3 | 100% CPU always | 40+% networking [SOLVED]

You need a single vlan aware bridge to take advantage the switch chip and activate L3 hardware offload if you need intervlan routing, remember CRS is geared toward a switch with limited routing capability This is a great guide https://www.youtube.com/watch?v=c2sAA6jMjCY Mikrotik is very verbose comp...
by loloski
Wed Aug 07, 2024 11:43 pm
Forum: Beginner Basics
Topic: CRS310-1G-5S-4S+ Random reboot
Replies: 7
Views: 1267

Re: CRS310-1G-5S-4S+ Random reboot

After we recall this switch from production, we were able to identify what cause the reboot but we don't know how to reproduce this at will, the culprit is L3 hardware offload if we turn it off the switch is performing well In the lab this switch is for days now running without incident, we believed...
by loloski
Mon Aug 05, 2024 5:12 am
Forum: Beginner Basics
Topic: New to RouterOS - could use assist with Site-to-Site VPN
Replies: 5
Views: 1163

Re: New to RouterOS - could use assist with Site-to-Site VPN

Use this video from network berg very straightforward 
https://www.youtube.com/watch?v=uVag_e475zc
by loloski
Mon Aug 05, 2024 12:39 am
Forum: General
Topic: Inbound Proxy?
Replies: 3
Views: 665

Re: Inbound Proxy?

There's no built-in support for reverse proxy, If your device has sufficient resource like RB4011 / RB5009 install container package and pull image like nginx or haproxy
by loloski
Sun Aug 04, 2024 10:35 am
Forum: Virtualization
Topic: Feature Request - CHR - VPP & ISO version CHR ROS
Replies: 42
Views: 3990

Re: Feature Request - CHR - VPP & ISO version CHR ROS

VyOS CLI is pretty much the same with Juniper so I don't have problems with it, I just commissioned a box yesterday doing OSPF + NAT and it's working as expected with light load around 1G, what I'm really interested and want to see how does it perform with VyOS + VPP
by loloski
Wed Jul 31, 2024 6:59 pm
Forum: Virtualization
Topic: Feature Request - CHR - VPP & ISO version CHR ROS
Replies: 42
Views: 3990

Re: Feature Request - CHR - VPP & ISO version CHR ROS

Did you test VyoS 1.5 rolling + VPP addons how is it? anyway there's no excuse for me now to create a test environment since VPP addons is now available for testing
by loloski
Wed Jul 31, 2024 6:30 pm
Forum: Virtualization
Topic: Feature Request - CHR - VPP & ISO version CHR ROS
Replies: 42
Views: 3990

Re: Feature Request - CHR - VPP & ISO version CHR ROS

@ Tom I hope if you don't mind asking this question do you have current test setup at least with FRR + VPP how's the performance and any gotcha? I don't mind getting my hands dirty again to rollout pure linux solution as long as they are worth it. I'm also eyeing for VyOS but as far as i know they a...
by loloski
Wed Jul 31, 2024 5:59 pm
Forum: Virtualization
Topic: Feature Request - CHR - VPP & ISO version CHR ROS
Replies: 42
Views: 3990

Re: Feature Request - CHR - VPP & ISO version CHR ROS

Actually I don't think they can't do it, they just have a miss opportunity to hire good engineering talent because they require the developer to know their language as prerequisite I don't think it's a bad thing for them, but that will surely impact the hiring process. Honestly you are right they ar...
by loloski
Wed Jul 31, 2024 2:27 pm
Forum: Virtualization
Topic: Feature Request - CHR - VPP & ISO version CHR ROS
Replies: 42
Views: 3990

Re: Feature Request - CHR - VPP & ISO version CHR ROS

They can do it for sure they have R & D and programming team that can work hand in hand if they have incentive to do it as a business entity. This is just business decision after all if they gonna do it or not, just my 0.2$
by loloski
Wed Jul 31, 2024 11:55 am
Forum: Virtualization
Topic: Feature Request - CHR - VPP & ISO version CHR ROS
Replies: 42
Views: 3990

Re: Feature Request - CHR - VPP & ISO version CHR ROS

They are going to be slave on fixing does you mentioned issues indefinitely if MT continue on their journey for what appears of not giving much attention to unit testing and somehow luck of leader / visionary for much of the codebase instead they just let the individual programmer to be the king of ...
by loloski
Tue Jul 30, 2024 9:37 pm
Forum: Virtualization
Topic: Router Os 7.15.3 on Qnap Nas
Replies: 14
Views: 2084

Re: Router Os 7.15.3 on Qnap Nas

priceless :) interesting perfect!!
by loloski
Tue Jul 30, 2024 7:47 pm
Forum: General
Topic: Vlan Demux Interface - auto decapsule vlans
Replies: 4
Views: 908

Re: Vlan Demux Interface - auto decapsule vlans

I don't think that feature is available in ROS today, you can kinda sort of emulate that via ros api whenever you are provisioning another BRAS but is clunky at least for my personal taste
by loloski
Tue Jul 30, 2024 7:30 pm
Forum: RouterBOARD hardware
Topic: CubePro Perfomance
Replies: 6
Views: 1940

Re: CubePro Perfomance

How do you measure performance bandwidth test inside MT device or using iperf? how about distance and weather condition? i'm not pretending to be expert in wireless but that's the common theme usually ask by the expert here in wireless so that someone can point you in right direction
by loloski
Tue Jul 30, 2024 6:37 pm
Forum: Virtualization
Topic: Router Os 7.15.3 on Qnap Nas
Replies: 14
Views: 2084

Re: Router Os 7.15.3 on Qnap Nas

ROS is not possible to run on your QNAP device, if you truly want to experience ROS download CHR and buy a desired license for your use case and install it on your preferred virtualization platform like Proxmox,HyperV, and Vmware. Just wondering why you want to run ROS in your storage device though
by loloski
Tue Jul 30, 2024 3:51 am
Forum: Announcements
Topic: WinBox v3.41 released!
Replies: 41
Views: 22252

Re: WinBox v3.41 released!

I haven't notice anything unusual here...
by loloski
Mon Jul 29, 2024 7:59 pm
Forum: Virtualization
Topic: Feature Request - CHR - VPP & ISO version CHR ROS
Replies: 42
Views: 3990

Re: Feature Request - CHR - VPP & ISO version CHR ROS

@Tom, I do agree with you I hope whoever decides on the other side of the aisle also think the same way as you do, but evidently this is not the case here I think and firmly believed they have their own winning formula that they believed to make them thrived and Service Provider oriented product is ...
by loloski
Mon Jul 29, 2024 6:56 pm
Forum: Virtualization
Topic: Feature Request - CHR - VPP & ISO version CHR ROS
Replies: 42
Views: 3990

Re: Feature Request - CHR - VPP & ISO version CHR ROS

Isn't it counterintuitive for MT to push their hardware sales rather than CHR + VPP that's why it appears they are not interested to make this happen? I hope this is not the case I think most of the SP guys here including us is willing to pay for a reasonable price just to make this happen anyone ca...
by loloski
Mon Jul 29, 2024 3:07 pm
Forum: Beginner Basics
Topic: CRS310-1G-5S-4S+ Random reboot
Replies: 7
Views: 1267

Re: CRS310-1G-5S-4S+ Random reboot

Yes 200% because it's a regen site so network engineer was station there in any shape or form the roving guard stay outside the premises, I have no choice we have to replace the switch this weekend and continue triaging this issue in the sidelines, thanks for your time looking into I just hope there...
by loloski
Mon Jul 29, 2024 2:21 pm
Forum: Beginner Basics
Topic: CRS310-1G-5S-4S+ Random reboot
Replies: 7
Views: 1267

Re: CRS310-1G-5S-4S+ Random reboot

Potential problem with power supply ? Any chance to have that replaced by a spare (you should have a spare if it's critical equipment) ? Well that's next in my TODO list yes this is critical i'm going to send someone in the DC I just hate the ton of paperwork just to pull this out and replace :) Th...
by loloski
Mon Jul 29, 2024 2:11 pm
Forum: Beginner Basics
Topic: CRS310-1G-5S-4S+ Random reboot
Replies: 7
Views: 1267

Re: CRS310-1G-5S-4S+ Random reboot

The switch was indeed had been rebooted it was confirm with our NMS and the actual logs from the switch, the switch is running fine the traffic is around 4gb+ during the outage as per the zabbix graph and we have around 2 dozens of this switch in the field running 24x7 having almost the same traffic...
by loloski
Mon Jul 29, 2024 8:24 am
Forum: Beginner Basics
Topic: CRS310-1G-5S-4S+ Random reboot
Replies: 7
Views: 1267

CRS310-1G-5S-4S+ Random reboot

# 2024-07-29 13:12:15 by RouterOS 7.15.1 # software id = 1ZQI-INIS # # model = CRS310-1G-5S-4S+ # serial number = HDF0860Q6TP /interface bridge add add-dhcp-option82=yes admin-mac=18:FD:74:FE:43:7C auto-mac=no \ dhcp-snooping=yes frame-types=admit-only-vlan-tagged mvrp=yes name=\ DISTRIBUTION vlan-...
by loloski
Mon Jul 29, 2024 3:11 am
Forum: General
Topic: CCR1009 as customer router + CRS326 as NAT router
Replies: 3
Views: 517

Re: CCR1009 as customer router + CRS326 as NAT router

3Gbps traffic it usually sits about 75% CPU CCR1009-7G-1C-1S+ this is pretty much the max of this device and yes connection tracking will disable NAT/Masquerade CRS-326 is a switch with limited routing capability so it won't benefit you use CCR2116 instead the difference is night and day you can st...
by loloski
Sun Jul 28, 2024 5:09 pm
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 122064

Re: v7.16beta [testing] is released!

This is the setup I use at home: hex S / RB760iGS as CAPsMAN + UserManager 3 cAP ax as access points controlled by CAPsMAN This setup only uses wifi-qcom and dynamic vlans using usermanager are absolutely working as intended. One SSID is wpa3-eap only using peap with dynamic vlans and I have two ad...
by loloski
Sun Jul 28, 2024 2:57 pm
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 122064

Re: v7.16beta [testing] is released!

so what's with my avatar? it has nothing to do with you and it's there since day one, my opinion is mine alone I don't represent MT on any way shape or form and i'm not the only one using that kind of avatar
by loloski
Sun Jul 28, 2024 1:04 pm
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 122064

Re: v7.16beta [testing] is released!

as per the above post this is not encouraging my hopes already sunk, 802.1x + 802.1q is pretty much standard in the campus/enterprise, I'm not a native english speaker so please bare with me with the question 802.1x + 802.1q + radius (usermanager/freeradius) with wifi-qcom-ac/wifi-qcom latest and gr...
by loloski
Sun Jul 28, 2024 11:27 am
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 122064

Re: v7.16beta [testing] is released!

wifi-qcom-ac? No, no dynamic VLAN assignment
ouch another mishap and potential savings is already lost, we got the speed we need at the expense of loosing another non optional important feature sigh...

Thanks for your reply anyway greatly appreciate it!!!
by loloski
Sun Jul 28, 2024 10:56 am
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 122064

Re: v7.16beta [testing] is released!

Does capsman + wifi-qcom-ac/wifi-qcom works with radius + 802.1x and VLAN?, aruba is so expensive for our needs but it works for us over the years, the project is few months away and it so small (10 x WIFI6 AP) and worth to take a risk and I do have enough time to do experimentation. Please could so...
by loloski
Sat Jul 27, 2024 1:23 pm
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 122064

Re: v7.16beta [testing] is released!

This is really a sad affair only MT know what they are cooking behind the scene and release the code to the mass and hope it stick, you are the unlucky ones if the code they are messing up with broke your environment, honestly starting from 7.13 to 7.15.3 you have to have a separate semi production ...
by loloski
Sat Jul 27, 2024 6:12 am
Forum: Virtualization
Topic: Feature Request - CHR - VPP & ISO version CHR ROS
Replies: 42
Views: 3990

Re: Feature Request - CHR - VPP & ISO version CHR ROS

However some years old x86 Xeon motherboards with VPP enabled Linux are sustaining 100-Gig network routing throughputs ( measured and verified ).
are you referring to FRR + VPP or something else care to elaborate more please?
by loloski
Fri Jul 26, 2024 11:58 pm
Forum: Virtualization
Topic: Feature Request - CHR - VPP & ISO version CHR ROS
Replies: 42
Views: 3990

Re: Feature Request - CHR - VPP & ISO version CHR ROS

- PfSense currently have a VPP software router ( TNSR on a Linux kernel ). I have heard that it is near 100-Gig wire-speed on good/modern x86 bare-metal hardware with newer PCIe # 100-Gig network interfaces. - Linux already has VPP options you can package install. - VyOS already has VPP options you...
by loloski
Fri Jul 26, 2024 11:12 pm
Forum: Virtualization
Topic: Feature Request - CHR - VPP & ISO version CHR ROS
Replies: 42
Views: 3990

Re: Feature Request - CHR - VPP & ISO version CHR ROS

@ OP / Tom We are in the same boat as you we are growing but in a much slowly pace as a side effect I think we can still wait at least a few more years to wait for VYoS or Bison Router to mature, any chance you can share other cost and effective solution you are looking into?, I hate to ask this sin...
by loloski
Wed Jul 24, 2024 4:58 am
Forum: Beginner Basics
Topic: Setting Up 10 PPPoE Connections with PCC Load Balancing on MikroTik, All Sharing the Same Gateway?
Replies: 3
Views: 924

Re: Setting Up 10 PPPoE Connections with PCC Load Balancing on MikroTik, All Sharing the Same Gateway?

I have a lot of deployment with more than 10 (1G individual connection) on a single CCR2116 with policy based routing but not with PCC since I don't have a use case for it and I hate that i can't predict where the customer traffic is being routed / natted from. In my opinion this PCC won't scale in ...
by loloski
Tue Jul 23, 2024 11:03 pm
Forum: Beginner Basics
Topic: Setting Up 10 PPPoE Connections with PCC Load Balancing on MikroTik, All Sharing the Same Gateway?
Replies: 3
Views: 924

Re: Setting Up 10 PPPoE Connections with PCC Load Balancing on MikroTik, All Sharing the Same Gateway?

what you are asking for this little device is unreasonable, even if you made it to work this will surely crawl and grinding to halt
by loloski
Mon Jul 22, 2024 4:59 pm
Forum: General
Topic: Load-balancing NAT with multiple WAN interfaces WITHOUT BONDING and WITH L3HW/NAT-PMP?
Replies: 1
Views: 482

Re: Load-balancing NAT with multiple WAN interfaces WITHOUT BONDING and WITH L3HW/NAT-PMP?

First and foremost CRS309-1G-8S+ is a switch with limited routing capability you will be disappointed that it won't hit your 1G mark, just my 0.2$
by loloski
Mon Jul 22, 2024 4:43 pm
Forum: General
Topic: Stacking/unstacking Q-in-Q using VLAN filtering / hardware chip
Replies: 6
Views: 593

Re: Stacking/unstacking Q-in-Q using VLAN filtering / hardware chip

Well we are lucky because we are the ISP :) , if you are a customer just get metro-e services from your upstream and be done with it :) they will be happy to oblige whatever you need
by loloski
Mon Jul 22, 2024 4:17 pm
Forum: General
Topic: Stacking/unstacking Q-in-Q using VLAN filtering / hardware chip
Replies: 6
Views: 593

Re: Stacking/unstacking Q-in-Q using VLAN filtering / hardware chip

our simple use case is just like this and we haven't gotten really far due to the said limitation apart from simple tag stacking we also need double tag stacking since we are offering last mile service https://help.mikrotik.com/docs/display/ROS/Bridging+and+Switching#BridgingandSwitching-VLANTunneli...
by loloski
Mon Jul 22, 2024 6:37 am
Forum: Virtualization
Topic: Slow upload speed when fast track is on
Replies: 2
Views: 1093

Re: Slow upload speed when fast track is on

I don't know if this makes difference but can you replace your fasttrack rules with this
/ip/firewall/filter add chain=forward action=fasttrack-connection connection-state=established,related
/ip/firewall/filter add chain=forward action=accept connection-state=established,related
by loloski
Mon Jul 22, 2024 6:25 am
Forum: General
Topic: Stacking/unstacking Q-in-Q using VLAN filtering / hardware chip
Replies: 6
Views: 593

Re: Stacking/unstacking Q-in-Q using VLAN filtering / hardware chip

This is possible we have done this in the past but the performance isn't great specially if your intentions is to link your DC, all processing is done in CPU we used CRS317 before and we gave up so we are force to used Juniper instead just my 0.2$, this is another wish list from us that we don't kno...
by loloski
Sun Jul 21, 2024 7:55 pm
Forum: Forwarding Protocols
Topic: BGP Testing
Replies: 1
Views: 774

Re: BGP Testing

Be sure you have ROA records so that you can be certain you were able to announce your prefix successfully, check for HE looking glass so that you can traceroute your PI address from various location and also if you are multi home make it sure that no one will use your link to become transit from ot...
by loloski
Tue Jul 16, 2024 10:23 am
Forum: General
Topic: Freeradius authentication issue [SOLVED]
Replies: 7
Views: 5625

Re: Freeradius authentication issue [SOLVED]

if I entered a wrong password, instead of giving me an error of wrong password, it gives out Radius server not responding. It would have been nice if it gives the correct error message of invalid username and password. Is this normal or am I missing something? That's by design at least in ROS v6, I...
by loloski
Sat Jul 13, 2024 10:30 am
Forum: General
Topic: Feature Request: Port-Security & Dynamic Arp Inspection
Replies: 7
Views: 1323

Re: Feature Request: Port-Security & Dynamic Arp Inspection

In as much as we want it too it's dead on the water already, DAI was closely tied up in DHCP snooping database and the customer will surely not going to do any manual task on this even though it's possible in Cisco and also as an Integrator you want a proper solution in the long run I'm just barely ...
by loloski
Sat Jul 13, 2024 9:44 am
Forum: General
Topic: Problem with StevenBlack list in DNS Adlist [SOLVED]
Replies: 26
Views: 18307

Re: Problem with StevenBlack list in DNS Adlist [SOLVED]

I think the problem is you are using this on lower end device that's why the list won't populated try this on RB5009 it should work
by loloski
Fri Jul 12, 2024 3:48 pm
Forum: General
Topic: Feature Request: Port-Security & Dynamic Arp Inspection
Replies: 7
Views: 1323

Re: Feature Request: Port-Security & Dynamic Arp Inspection

Yeah, we lost the sales already and I can even look in the eyes of the customer, their CTO are willing to wait if only Mikrotik can/will commit a timeline but that's all a dream now they don't even reply to my support ticket with regards to this issue, sad it's hard to push them in the right directi...
by loloski
Wed Jul 03, 2024 2:20 pm
Forum: Beginner Basics
Topic: ISP provided static IP, how to setup?
Replies: 4
Views: 763

Re: ISP provided static IP, how to setup?

No problem
by loloski
Wed Jul 03, 2024 1:42 pm
Forum: Beginner Basics
Topic: ISP provided static IP, how to setup?
Replies: 4
Views: 763

Re: ISP provided static IP, how to setup?

Assumption ether1 is the port towards your ISP modem/media converter and vlan 735 is your assignment and the service handover to you is via a tagged/port, if you are having a hard time I suggest ask them to handover to you the service via access port so you just simply assign the IP to your interfac...
by loloski
Tue Jul 02, 2024 8:07 pm
Forum: General
Topic: Feature Request: Port-Security & Dynamic Arp Inspection
Replies: 7
Views: 1323

Re: Feature Request: Port-Security & Dynamic Arp Inspection

Indeed, this feature is not optional and MT should implement this feature soon most major brand support these
by loloski
Tue Jul 02, 2024 7:55 pm
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 122064

Re: v7.16beta [testing] is released!

This is really scary whenever someone from the dev enhancing the DNS code base one way or another they always broke the dns resolver, can you just adapt other code base like tinydns/dnscache from djb or any reputable alternatives so that you can concentrate on more pressing issues and do what you do...
by loloski
Tue Jul 02, 2024 8:32 am
Forum: General
Topic: Feature Request: Port-Security & Dynamic Arp Inspection
Replies: 7
Views: 1323

Feature Request: Port-Security & Dynamic Arp Inspection

@MT Last week we are in the middle of presentation for a potential big customers and we stumble a requirement that caught us off guard, the potential customer want to migrate their ageing cisco catalyst gear to Mikrotik they are almost sold to the extent the purchase order is about to sign but the ...
by loloski
Tue Jul 02, 2024 5:25 am
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 122064

Re: v7.16beta [testing] is released!

@Apachez are you the same Apachez on VYOS forum, if you are I'm glad you are here too
by loloski
Mon Jul 01, 2024 12:22 pm
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 122064

Re: v7.16beta [testing] is released!

 
 *) dns - added support for mDNS proxy (CLI only);
 *) ipv6 - fixed "no-dad" functionality; 
 
finally we can test anycast now and mDNS proxy this is awesome any docs?
by loloski
Mon Jun 17, 2024 5:30 pm
Forum: General
Topic: QoS Hardware Offloading (QoS-HW)
Replies: 79
Views: 20775

Re: QoS Hardware Offloading (QoS-HW)

[adam@gw01] /interface/bridge> /interface/bridge print Flags: X - disabled, R - running 0 R name="bridge1" mtu=auto actual-mtu=1500 l2mtu=1584 arp=enabled arp-timeout=auto mac-address=D4:01:C3:0E:BC:7E protocol-mode=none fast-forward=yes igmp-snooping=no auto-mac=yes ageing-time=5m vlan-f...
by loloski
Mon Jun 17, 2024 11:59 am
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 122064

Re: v7.16beta [testing] is released!

On this beta the switch menu is present in CHR please hide it just like with the previous CHR version
by loloski
Fri Jun 14, 2024 12:25 pm
Forum: General
Topic: Long Term release or new functions?
Replies: 22
Views: 2356

Re: Long Term release or new functions?

We need both stability and new feature focus specially on service provider just my humbly opinion
by loloski
Thu Jun 13, 2024 11:08 am
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 122064

Re: v7.16beta [testing] is released!

*) bgp - fixed cluster-list and originator-id;
Cisco peer will now be happy
by loloski
Tue Jun 11, 2024 6:11 pm
Forum: General
Topic: QA of software releases
Replies: 26
Views: 2913

Re: QA of software releases

Am i kidding hell no! we are not a hobby shop and we need real stability on ROS I know money is hard to come by these days that's why we are lock into their ecosystem if we can motivate them by giving some premium or extra why not? a lot of small and medium size business depends on ROS whether we li...
by loloski
Tue Jun 11, 2024 4:47 pm
Forum: General
Topic: QA of software releases
Replies: 26
Views: 2913

Re: QA of software releases

@normis Don't you think it's about time to charge extra premium to ROS I know a lot of people is willing to shell out money us included and the money you gather on this can fund ROS even further to improve not only the software stack but to improved the product overall?, I hate to admit that sometim...
by loloski
Thu Jun 06, 2024 7:07 pm
Forum: Beginner Basics
Topic: /29 for customer
Replies: 1
Views: 521

Re: /29 for customer

it's a network route the /29 that you hand over to them via PPPoE should be assign on their CPE as LAN IP and the /29 that you assign to your customer should be advertise going to your edge with your IGP of choice to make a proper routing /29 Public IP (X.X.Y.Y) WWW -> EDGE -> BRAS -> CPE 100.64.X.X...
by loloski
Mon Jun 03, 2024 10:28 am
Forum: General
Topic: Feature Request: IP source guard / arp inspection
Replies: 9
Views: 5877

Re: Feature Request: IP source guard / arp inspection

+1 on this, I hope they won't forgot this important feature
by loloski
Fri May 31, 2024 7:36 am
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 649
Views: 266212

Re: v7.15 [stable] is released!

if you have OSPF and assign some local address like 10.255.255.1/32 on loopback (lo) interface this is connected route is this allowed or not? or just the hardcoded (127.0.0.1) is not allowed?
by loloski
Sun May 26, 2024 3:49 am
Forum: General
Topic: NAT Pool with afinity
Replies: 3
Views: 470

Re: NAT Pool with afinity

use netmap instead of src-nat it will work
by loloski
Sat May 25, 2024 10:35 am
Forum: Forwarding Protocols
Topic: Graceful restart
Replies: 13
Views: 10955

Re: Graceful restart

GR is not supported atm no one knows where this could be implemented
by loloski
Thu May 23, 2024 1:22 pm
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22570

Re: 802.1AE MACsec Progress or Examples ?

I believed if you are passing traffic less than 1G i think you are safe, I think someone test this on CCR2004 if my memory serves correctly they were able to get 1G speed, you can certainly try this on your environment before going live
by loloski
Tue May 21, 2024 4:20 pm
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22570

Re: 802.1AE MACsec Progress or Examples ?

even if it remotely possible don't do it because macsec and vxlan encapsulation/decapsulation is process by CPU for now, some of the marvel hardware is capable but the codebase of mikrotik does not support it that's what I'm reading here in the forum all the time look at what post https://forum.mikr...
by loloski
Tue May 21, 2024 8:44 am
Forum: Announcements
Topic: WinBox v3.40 released!
Replies: 165
Views: 171670

Re: WinBox v3.40 released!

Nope, can't reproduce your issue, did you try to remove your cache and try again?
by loloski
Tue May 21, 2024 5:48 am
Forum: RouterOS beta
Topic: Feature Request : IPv6 Fasttrack
Replies: 213
Views: 64669

Re: Feature Request : IPv6 Fasttrack

I'm just genuinely curious can someone from MT camp/support can tell us why they are having a hard time to implement this very important feature for SOHO markets, if they can do it in IPV4 why not in IPV6 been using other gears for the last 5 to 6 years and never seen this is an issue, Is this purel...
by loloski
Sun May 19, 2024 8:20 am
Forum: Beginner Basics
Topic: Is it public IP OR not
Replies: 2
Views: 614

Re: Is it public IP OR not

you have private IP and it's being natted in the ISP router
by loloski
Sat May 18, 2024 8:22 am
Forum: General
Topic: Mikrotik.com error 503
Replies: 1
Views: 389

Mikrotik.com error 503

Please check your main site
by loloski
Fri May 17, 2024 3:39 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 670
Views: 232902

Re: v7.14.3 [stable] is released!

Indeed I agree with pe1chl, I once hit this limit 1000 customers with individual /32 learned route from OSPF because of a misconfigured BNG router i believed the router can handle more load if only this connection tracking is settable, not some magic dynamic hard limit based on free memory from the ...
by loloski
Sun May 12, 2024 3:10 am
Forum: General
Topic: Struggling to get src-nat masquerade to work on hAP AC Lite [SOLVED]
Replies: 12
Views: 6890

Re: src-nat - reply IP packets are forwarded to WAN instead of WAN [SOLVED]

that's how NAT works, it's a return packet from 8.8.8.8 going to LAN host that's why it's outgoing interface is ether1 which is your WAN interface isn't it?
by loloski
Fri May 10, 2024 2:14 pm
Forum: Forwarding Protocols
Topic: default route check with BFD
Replies: 10
Views: 1941

Re: v7.15rc [testing] is released!

@Infabo This is not a routing filter issue because the syntax is working fine, the issue that I want to raise is clear, if you apply that rule in in-filter-chain in OSPF instance, the adjacency between neighbor will teardown what MT should do is don't allow the user to set "gw-check bfd" s...
by loloski
Fri May 10, 2024 10:42 am
Forum: Forwarding Protocols
Topic: default route check with BFD
Replies: 10
Views: 1941

Re: v7.15rc [testing] is released!

Thanks for the heads up, but it doesn't warrant why the adjacency between ospf neighbor will teardown for me it's a bug. I think the bug here is set gw-check bfd; when you just accept everything Adjacency formed and stable I file a support ticket for this https://help.mikrotik.com/servicedesk/servic...
by loloski
Fri May 10, 2024 6:02 am
Forum: Forwarding Protocols
Topic: default route check with BFD
Replies: 10
Views: 1941

Re: v7.15rc [testing] is released!

I hope they don’t in this RC OSPF adjacency is tearing down if bfd is enabled and you have in-filter-chain in your ospf instance with this rule chain=ospf-in rule=“if(protocol ospf && dst==0.0.0.0/0) { set gw-check bfd; } accept;” I try latest 7.14 stable same thing in my understanding BFD f...
by loloski
Thu May 02, 2024 4:29 pm
Forum: Forwarding Protocols
Topic: received advertisements from devices to be forwarded to a web based BMS
Replies: 2
Views: 915

Re: received advertisements from devices to be forwarded to a web based BMS

make a REST services/api that will post process the data after receiving from your MT devices, problem solved
by loloski
Thu May 02, 2024 3:29 pm
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 340
Views: 120328

Re: v7.15rc [testing] is released!

Is that PPP accounting radius issue is not covered with unit testing so that you can catch that early and minimize releasing software that has birth defects? hahaha just kidding, I'm just curious
by loloski
Thu May 02, 2024 2:53 pm
Forum: Beginner Basics
Topic: Unable to block YOUTUBE,FAEBOOK,...
Replies: 4
Views: 640

Re: Unable to block YOUTUBE,FAEBOOK,...

If this is in a corporate settings, talk to HR and help them craft a policy that watching youtube or doing anything outside the scope of work is subject for expulsion, we've done this and it works 100% of time sometimes technology is not answer for a modern tech world, just my 0.2$
by loloski
Sat Apr 27, 2024 11:29 am
Forum: Forwarding Protocols
Topic: eBGP v6.x to v7.x migration
Replies: 5
Views: 1322

Re: eBGP v6.x to v7.x migration

Just read the manual mate, make a lab and learn it it's hard to config something without a real context
by loloski
Sat Apr 27, 2024 11:26 am
Forum: Forwarding Protocols
Topic: Question with BGP
Replies: 4
Views: 1273

Re: Question with BGP

This is just pure routing then let your L7 load balancer handle the routing to your apps problem solved you don't have to worry the IP or NAT issues if that what's worries you, just my 0.2$
by loloski
Fri Apr 26, 2024 12:41 pm
Forum: Forwarding Protocols
Topic: eBGP v6.x to v7.x migration
Replies: 5
Views: 1322

Re: eBGP v6.x to v7.x migration

/routing/filter/rule/add chain=BGP-IN rule="if(dst==0.0.0.0/0) { accept; } else { reject; }"
by loloski
Fri Apr 26, 2024 8:54 am
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 340
Views: 120328

Re: v7.15rc [testing] is released!

@mkx

Thanks i don't know what i'm thinking i download the wrong extra package :)
by loloski
Fri Apr 26, 2024 7:18 am
Forum: Forwarding Protocols
Topic: Question with BGP
Replies: 4
Views: 1273

Re: Question with BGP

In prolexic we got a 2 byte AS number and established a bgp peer with them if there's an attack they are going to notify you and ask for confirmation since this is a manage service they are going to annouce your prefix to them and they are going to mitigate DDoS in their scrubbing center and pass yo...
by loloski
Fri Apr 26, 2024 2:41 am
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 340
Views: 120328

Re: v7.15rc [testing] is released!

Where did wifi-qcom-ac package go? can't seems to find in extra package and why?
by loloski
Thu Apr 25, 2024 3:20 pm
Forum: Forwarding Protocols
Topic: eBGP v6.x to v7.x migration
Replies: 5
Views: 1322

Re: eBGP v6.x to v7.x migration

#### Put your prefix here that you want to announce /ip/firewall/address-list/add list=MYSUBNET address=122.23.0.0/24 ### this is just a sample #### i assume that you have point to point connection to your peer so this is not a multihop host and address families is IP #### assumption your peer addr...
by loloski
Wed Apr 24, 2024 4:54 am
Forum: Forwarding Protocols
Topic: BGP confederation
Replies: 4
Views: 3377

Re: BGP confederation

Did it work in previous version rosv6?, I'm also interested into this at least in a lab setting because our network is not as big as yours, we don't need it today :)
by loloski
Wed Apr 24, 2024 1:42 am
Forum: Forwarding Protocols
Topic: As Override vs Allow-As-In Behavior
Replies: 1
Views: 941

Re: As Override vs Allow-As-In Behavior

routing/bgp/session/refresh 0 address-family=ip
found it at least it doesn't tear down the whole connection
by loloski
Tue Apr 23, 2024 10:40 pm
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 340
Views: 120328

Re: v7.15rc [testing] is released!

[user@DCCJ-POP1-R1-EDGESW] > /interface/bridge/port export # 2024-04-24 03:36:24 by RouterOS 7.14.1 # software id = 12DQ-9QUD # # model = CRS326-24G-2S+ # serial number = HCQXXXXX /interface bridge port add bridge=DISTRIBUTION frame-types=admit-only-untagged-and-priority-tagged \ interface=ether1 p...
by loloski
Tue Apr 23, 2024 3:03 pm
Forum: Wireless Networking
Topic: Radius-Disconnect will not Disconnect the client
Replies: 2
Views: 1134

Re: Radius-Disconnect will not Disconnect the client

Change of Authority is half bake in RouterOS afaict, I'm happy to be corrected by anyone, I haven't seen anyone claim that it's working without a quirk
by loloski
Tue Apr 23, 2024 2:55 pm
Forum: Scripting
Topic: Telegram inline keyboard
Replies: 3
Views: 1393

Re: Telegram inline keyboard

What that program does you can communicate to your Mikrotik device from telegram in the form of chat / bot and you can execute any script stored in your MT just want to set the expectation
by loloski
Tue Apr 23, 2024 9:19 am
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 340
Views: 120328

Re: v7.15rc [testing] is released!

You can always go back to v7.14.X DHCP snooping is working as expected on this version
by loloski
Tue Apr 23, 2024 8:59 am
Forum: Scripting
Topic: Telegram inline keyboard
Replies: 3
Views: 1393

Re: Telegram inline keyboard

I think this is the closes you can get and for me at least it works great!
https://github.com/eworm-de/routeros-scripts/blob/main/doc/telegram-chat.md
by loloski
Tue Apr 23, 2024 7:16 am
Forum: Forwarding Protocols
Topic: As Override vs Allow-As-In Behavior
Replies: 1
Views: 941

As Override vs Allow-As-In Behavior

Hi All, Good day, Just want to ask if I use As Override on both PE1 or PE2 the effect is instantaneous both loopback address was learned and installed on each CE's rib, while Allow-As-In if you set in to 1 on CE side the effect is not immediate you have to disable and tear down the peer connection b...
by loloski
Tue Apr 23, 2024 4:11 am
Forum: Forwarding Protocols
Topic: BGP Feature Status
Replies: 0
Views: 974

BGP Feature Status

Hi MT,

May we ask if any of this feature will be on the pipeline?, care to share if you do have some crazy workaround?
2.png
by loloski
Mon Apr 22, 2024 8:25 am
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 340
Views: 120328

Re: v7.15rc [testing] is released!

@strods

like i said this is on GNS3 but on real device i haven't seen this issue, will send the file momentarily

edit: done SUP-150754
by loloski
Fri Apr 19, 2024 3:31 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 670
Views: 232902

Re: v7.14.3 [stable] is released!

Thanks for heads up
by loloski
Fri Apr 19, 2024 2:07 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 670
Views: 232902

Re: v7.14.3 [stable] is released!

*) queue - improved system stability (introduced in v7.6);

Can someone elaborate on this please?, thanks
by loloski
Fri Apr 19, 2024 1:02 pm
Forum: Announcements
Topic: v7.15rc [testing] is released!
Replies: 340
Views: 120328

Re: v7.15rc [testing] is released!

using this RC in GNS3 you can't login via winbox it just simply saying logging even ssh connection it's not working :(, never seen this before
2.png
edit: webfig works
1.png
by loloski
Thu Apr 18, 2024 7:25 pm
Forum: Forwarding Protocols
Topic: BGP no-export attribute
Replies: 10
Views: 6683

Re: BGP no-export attribute

no-export will be passed to the peer in new routing version. But for v6, most likely it will stay as it is.
May we ask for the progress on this?
by loloski
Wed Apr 17, 2024 5:28 pm
Forum: Beginner Basics
Topic: Upgrade not booting
Replies: 7
Views: 591

Re: Upgrade not booting

i'm afraid you have to netinstall and be it on site
by loloski
Tue Apr 16, 2024 6:08 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 492
Views: 143316

Re: v7.15beta [testing] is released!

Yeah it's working fine with cisco in GNS3
2.png
1.png
by loloski
Mon Apr 15, 2024 11:29 am
Forum: General
Topic: Unstable CRS326-4C+20G+2Q [SOLVED]
Replies: 16
Views: 2609

Re: Unstable CRS326-4C+20G+2Q [SOLVED]

add bridge=main tagged=qsfpplus1-1,combo4 untagged=\ ether1,ether2,ether3,ether4,ether5,ether7,ether14,ether15,ether16,ether17 \ vlan-ids=1 for some vlans your ether1 is a tagged port but for vlan-ids=1 it's an access port for can you disabled this first and try again? not unless this is hybrid por...
by loloski
Mon Apr 15, 2024 10:12 am
Forum: General
Topic: Unstable CRS326-4C+20G+2Q [SOLVED]
Replies: 16
Views: 2609

Re: Unstable CRS326-4C+20G+2Q [SOLVED]

I don't think if this will help you or not, but can you make a single vlan aware bridge and remove a bridge dedicated for the management?
by loloski
Sat Apr 13, 2024 6:54 pm
Forum: Virtualization
Topic: QEMU vm speed problem
Replies: 2
Views: 1748

Re: QEMU vm speed problem

that is expected PNET/GNS3 is just for lab/simulation only what do you expect? and even it can route properly, CHR is limited to 1MB only if you don't have a valid license, you can obtain a demo P1 license and try again if you are that persistent :)
by loloski
Sat Apr 13, 2024 5:25 pm
Forum: Beginner Basics
Topic: netinstall for ax2
Replies: 7
Views: 915

Re: netinstall for ax2

I have higher chance of doing netinstall in linux VS windows 10/11 but if your hands are tied make it sure that you disable all lan adapters in windows except for the wired LAN and disable windows firewall to make it sure, ether1 is the port you are going to use for netinstall, In my experience you ...
by loloski
Fri Apr 12, 2024 9:41 pm
Forum: Wireless Networking
Topic: CAPsMANv2 configuration for secondary SSIDs on different VLANs
Replies: 40
Views: 14295

Re: CAPsMANv2 configuration for secondary SSIDs on different VLANs

I really love MT for what is worth and the value it bring to a lot of company startup whether it's big and small, but this wireless radio/driver issues and capsman drama makes a lot of users look elsewhere, luckily for us we don't have use case for wireless other than out of band management connecti...
by loloski
Fri Apr 12, 2024 3:09 pm
Forum: Beginner Basics
Topic: Routing Query
Replies: 4
Views: 835

Re: Routing Query

if this is the subnet behind cisco (10.0.0.0/24) via ether1 you are trying to reach? i would suggest make a point to point connection /30 between mikrotik and cisco like e.g 10.100.10.1/30 on ether1 and 10.100.10.2/30 on cisco and route the LAN subnet 10.0.0.0/24 to 10.100.10.2 ip route add dst-addr...
by loloski
Wed Apr 10, 2024 10:14 pm
Forum: Beginner Basics
Topic: Using NAT on Mikrotik
Replies: 5
Views: 858

Re: Using NAT on Mikrotik

Please don't double post, I believed the issue here is the same with your other post which i reply as well It is common issue with new user is that they don't RTFM i believed it was mentioned in the docs that you should enumerate your WAN and LAN interface in the interface list , so that you are not...
by loloski
Wed Apr 10, 2024 9:46 pm
Forum: Beginner Basics
Topic: Can't ping with firewall (nat)
Replies: 9
Views: 1019

Re: Can't ping with firewall (nat)

you don't need NAT for them to reach each other make sure both raspberry pi and the pc has their appropriate default gateway and you are set, In the Router see to it the firewall rules (filter) in FORWARD chain should allows this two subnet 10.10.1.0/24 and 10.10.5.0/24 to traverse, if you do have a...
by loloski
Wed Apr 10, 2024 9:28 pm
Forum: Scripting
Topic: Script add user from LOG
Replies: 3
Views: 1452

Re: Script add user from LOG

to be honest it would be better if you ship the logs to a remote syslog server and parse it from there like a small VM perhaps, you have full blown scripting language at your disposal when it's outside MT device, even it's possible you have to store it somehow the previously stored e-mail for post p...
by loloski
Wed Apr 10, 2024 8:55 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 8736

Re: BGP VPLS with route reflector [SOLVED]

I redo this using eBGP approach between PE BGP is up OSPF is up VPLS is up and still can't ping :), i'll attach all configs except for CE1 and CE2 because they are just static IP
1.png
by loloski
Wed Apr 10, 2024 7:03 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 8736

Re: BGP VPLS with route reflector [SOLVED]

Hard to say without full config dumps, but yes, the P router should just do two things: ospf underlay to learn/export loopbacks of each PE loopback and LDP/MPLS enabled on both interfaces facing each PE. Then eBGP signalling from PE to PE with AS900 and AS901 should work. I just tested this again i...
by loloski
Wed Apr 10, 2024 6:44 pm
Forum: Forwarding Protocols
Topic: Passive Interfaces MPLS - VPLS RouterOS v7
Replies: 6
Views: 1818

Re: Passive Interfaces MPLS - VPLS RouterOS v7

This works for me, it worked but not really great because you still have ros v6 at play
1.png
by loloski
Wed Apr 10, 2024 6:33 pm
Forum: Forwarding Protocols
Topic: Passive Interfaces MPLS - VPLS RouterOS v7
Replies: 6
Views: 1818

Re: Passive Interfaces MPLS - VPLS RouterOS v7

I have a similar post to you, as per some folks here they said v7 has still some bug in VPLS even though everything seems right the VPLS tunnel is up IGP is up and BGP sessildons is all up it still won't work... If you really want to make VPLS work make the P router as Route Reflector with v6.49.X i...
by loloski
Wed Apr 10, 2024 4:27 pm
Forum: Beginner Basics
Topic: Help in traffic redirection
Replies: 3
Views: 561

Re: Help in traffic redirection

If you are behind a CGNAT you are mostly out of luck, there are few ways to overcome this with various degree of hassle / difficulty on your part option A first get a business line and ask your ISP to provide you /30 or /29 V4 address or even better get IPV6 address allocation option B pop a VM to a...
by loloski
Wed Apr 10, 2024 2:33 pm
Forum: General
Topic: Recommend me a VPN
Replies: 4
Views: 1983

Re: Recommend me a VPN

This is mikrotik forum, you can instantly google it if you need to
by loloski
Tue Apr 09, 2024 2:57 pm
Forum: Forwarding Protocols
Topic: DT - Wp Flags MPLS RouterOS v7.14.2 [SOLVED]
Replies: 2
Views: 6156

Re: DT - Wp Flags MPLS RouterOS v7.14.2 [SOLVED]

it's either use static routing or use IGP like OSPF so that each router will learn each router's loopback address and also you don't need a separate bridge to emulate loopback interface lo is now exposed by default on 7.14.2
by loloski
Sun Apr 07, 2024 2:18 am
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 8736

Re: BGP VPLS with route reflector [SOLVED]

Yeah you are both right it's unrelated i follow what clambert suggest i change the "P" address to something else the passive flag is gone and still not working :), thanks mrz for the confirmation
by loloski
Sat Apr 06, 2024 6:22 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 8736

Re: BGP VPLS with route reflector [SOLVED]

Thanks a lot for the post at least i have a workaround for now running the "P" router in ros v6. I can now finally rest literally :) and replicate this combo in production, I hope this VPLS issue will get the right attention it deserved and finally put to end
by loloski
Sat Apr 06, 2024 4:03 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 8736

Re: BGP VPLS with route reflector [SOLVED]

I recently learnt there are folks who opt for eBGP based networks and played with it, in my lab, I ran BGP signalled VPLS with eBGP and no route reflectors, loopback IPs for BGP peer with OSPF underlay. And it works fine, no problems. I redo the lab and try your approach it doesn't work because the...
by loloski
Sat Apr 06, 2024 1:48 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 8736

Re: BGP VPLS with route reflector [SOLVED]

@Darknate

Thanks will try that approach, I think mikrotik knows this that's why they don't want to create an LTS release yet because v7 still not feature parity with V6
by loloski
Sat Apr 06, 2024 1:09 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 8736

Re: BGP VPLS with route reflector [SOLVED]

I think this is an LDP issue after all because with v6.49.14 all LDP interface in P1 is in DO (Dynamic,Operational) state while in v7.15b9 it's in DOp (Dynamic,Operational,Passive) I already file a bug report SUP-149275 I think i'm one on a few if not many encounter this issue, this is really a sad ...
by loloski
Sat Apr 06, 2024 8:47 am
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 8736

Re: BGP VPLS with route reflector [SOLVED]

I redo the whole thing and change P1 to v6.49.14 and it work, my conclusion is v7 BGP RR + v7 BGP signal VPLS is not working, but v7 route reflector alone is working as advertise.

@ MT could someone from your end confirm this behavior?

1.png
2.png
by loloski
Sat Apr 06, 2024 3:47 am
Forum: Beginner Basics
Topic: Can someone share a full working /29 config
Replies: 6
Views: 783

Re: Can someone share a full working /29 config

your diagram/networks It's fine as it is but really depends on what you are doing and trying to achieve, but i will do it differently because public ip is very scarce i will conserve it if i have to as much as possible, if some servers or workstation can be behind a NAT i'll do it.
1.png
by loloski
Fri Apr 05, 2024 5:14 pm
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 8736

Re: BGP VPLS with route reflector [SOLVED]

This is really red herring I’m just going in circles, could someone please confirm if BGP signal VPLS with rosv7 route reflector still not supported till this day? Just a hint will do thanks
by loloski
Fri Apr 05, 2024 2:37 am
Forum: Beginner Basics
Topic: Virtualized VLANs (for Proxmox) [SOLVED]
Replies: 12
Views: 5543

Re: Virtualized VLANs (for Proxmox) [SOLVED]

There are many ways how to make a VLAN in mikrotik, even if it works it doesn't mean it's correct because if you are doing that on non CRS 3xx series it will consume CPU, so be careful
by loloski
Fri Apr 05, 2024 1:09 am
Forum: Beginner Basics
Topic: Virtualized VLANs (for Proxmox) [SOLVED]
Replies: 12
Views: 5543

Re: Virtualized VLANs (for Proxmox) [SOLVED]

You need a trunk port on both router and proxmox, this is how you are going to do it if your equipment is a CRS 3xx switch this is device specific , this is just a bare minimum and assume that your tagged port is ether1 [admin@RT] > export # 2024-04-04 22:01:36 by RouterOS 7.15beta9 # software id = ...
by loloski
Thu Apr 04, 2024 6:42 am
Forum: Forwarding Protocols
Topic: No neighbors with OSPF [SOLVED]
Replies: 2
Views: 6774

Re: No neighbors with OSPF [SOLVED]

Please check if you are blocking OSPF incorporate this rule with your existing firewall
ip firewall filter add action=accept chain=input protocol=ospf
by loloski
Thu Apr 04, 2024 6:04 am
Forum: Forwarding Protocols
Topic: BGP VPLS with route reflector [SOLVED]
Replies: 14
Views: 8736

BGP VPLS with route reflector [SOLVED]

Good day to all, i want to migrate our small production MPLS/VPLS setup to v7 but before we do that we want to lab it first with GNS3 but I hit a snag, all bgp session is up and VPLS interface is all up but can't seems to pass tagged vlan100 from CE1 to CE2, all mtu on all participating LDP interfac...
by loloski
Tue Apr 02, 2024 7:34 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 670
Views: 232902

Re: v7.14.2 [stable] is released!

Yes 2216 and 2116 is a different beast :) I hope MT support would be able to help you out along the way
by loloski
Tue Apr 02, 2024 7:07 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 670
Views: 232902

Re: v7.14.2 [stable] is released!

We don't do NAT. Everything is routed, there's one forward chain FW rule to deal with private addresses. Sure there are ~1000 queues, but it is, as you say, a big box! (for our heavier traffic we've moved In our experience 1072 is more suitable as edge router doing BGP and OSPF only and disable con...
by loloski
Tue Apr 02, 2024 6:39 pm
Forum: Forwarding Protocols
Topic: Shortest Path Bridging (SPB)
Replies: 12
Views: 10127

Re: Shortest Path Bridging (SPB)

+1
+100 for EVPN/VXLAN

We can dream on :)
by loloski
Tue Apr 02, 2024 6:27 pm
Forum: Announcements
Topic: v7.14.3 [stable] is released!
Replies: 670
Views: 232902

Re: v7.14.2 [stable] is released!

Please create a different thread so that others might be able to help you and by the looks of it is this a one big box doing everything how about NAT? if yes you might rethink your strategy
by loloski
Tue Apr 02, 2024 6:11 pm
Forum: General
Topic: Bandwith problem
Replies: 2
Views: 366

Re: Bandwith problem

Please check if this is not a cable issue (check for negotiated speed on port) or You need better device like RB4011 or RB5009 if you need SFP interface, otherwise you can opt to choose hapac2 at least for less pricey option

Please see MT test result page
1.png
by loloski
Tue Apr 02, 2024 3:22 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 492
Views: 143316

Re: v7.15beta [testing] is released!

IS-IS is available for v4 and v6 as early as 7.13.3 if my memory serves correctly in CLI not winbox though
by loloski
Tue Apr 02, 2024 3:18 pm
Forum: General
Topic: Connectivity to customers mikrotiks via Wireguard. Good idea? [SOLVED]
Replies: 35
Views: 6854

Re: Connectivity to customers mikrotiks via Wireguard. Good idea? [SOLVED]

just use zerotier + romon is much simpler and use routing if you need to reach LAN subnet, just my 0.2$
by loloski
Tue Apr 02, 2024 1:26 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 492
Views: 143316

Re: v7.15beta [testing] is released!

I hope this 7.15 release once become "battle tested" in the field will become the LTS release this is long time coming and badly needed
by loloski
Tue Apr 02, 2024 12:41 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 492
Views: 143316

Re: v7.15beta [testing] is released!

MVRP appear to work correctly on my initial test :) I can't hold my excitement the vlan is withdrawn automatically in the other switch if for some reason a specific vlanids is no longer in-use :)
by loloski
Tue Apr 02, 2024 10:30 am
Forum: RouterBOARD hardware
Topic: CRS317-1G-16S+RM MPLS Support
Replies: 62
Views: 29946

Re: CRS317-1G-16S+RM MPLS Support

Any progress in this front please or we just keep on dreaming?
by loloski
Tue Apr 02, 2024 5:58 am
Forum: The User Manager
Topic: Vouchers Template
Replies: 1
Views: 3035

Re: Vouchers Template

well first look for the obvious, check your disk space
by loloski
Sat Mar 30, 2024 3:55 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

Re: VRF Route Leaking between VRF network and Main [SOLVED]

Will try that in the future
by loloski
Sat Mar 30, 2024 12:08 pm
Forum: General
Topic: Feature Request: LACP Monitoring via SNMP
Replies: 0
Views: 301

Feature Request: LACP Monitoring via SNMP

Today we are monitoring this in our NMS periodically via SSH is there any plans that active-ports and inactive-ports will be available via SNMP? [user@POP1-R2-CORESW] > /interface/bonding/monitor numbers: 0 mode: 802.3ad active-ports: sfp-sfpplus1,sfp-sfpplus2 inactive-ports: lacp-system-id: 78:9A:1...
by loloski
Fri Mar 29, 2024 12:59 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

Re: VRF Route Leaking between VRF network and Main [SOLVED]

Thanks I hope the workaround is soon to be implemented
by loloski
Fri Mar 29, 2024 3:06 am
Forum: General
Topic: Wi‑Fi 7 / 802.11be
Replies: 96
Views: 32070

Re: Wi‑Fi 7 / 802.11be

I've seen in Normis post since they are not using their in-house Wi-Fi driver anymore they can jump on the wifi7 band wagon with ease, I guess the demand will only be the limiting factor here time will tell of course
by loloski
Fri Mar 29, 2024 3:00 am
Forum: Scripting
Topic: "Wait" and reboot [SOLVED]
Replies: 4
Views: 6913

Re: "Wait" and reboot [SOLVED]

Shameless plug, I personally use e-worm collection for this purpose https://github.com/eworm-de/routeros-sc ... reboot.rsc
by loloski
Thu Mar 28, 2024 5:24 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

Re: VRF Route Leaking between VRF network and Main [SOLVED]


It is not possible to leak "main" connected routes and be able to reach local addresses.
May i ask if it is fixable in the future or it is what it is?
by loloski
Thu Mar 28, 2024 1:35 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

Re: VRF Route Leaking between VRF network and Main [SOLVED]

I attach the config from "P - Router" to wrap your head around on it. a friendly tip read the routing table entries per VRF for you to grasp the concept, feel free to ask if you have question
by loloski
Thu Mar 28, 2024 3:06 am
Forum: RouterOS beta
Topic: Routing mark and Os7 with two isp [SOLVED]
Replies: 10
Views: 12807

Re: Routing mark and Os7 with two isp [SOLVED]

Actually this easy a few routing rules and routing adjustment to your environment it's done, People think this is hard because they don't know how routing works there are two ways to achieved this in RouterOS by using routing rules or mangle for a start you should watch this video to get the concept...
by loloski
Wed Mar 27, 2024 7:07 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

Re: VRF Route Leaking between VRF network and Main [SOLVED]

I found a way through trial and error and I don't think i know enough how VRF works in MT in low level because there's no documentation at all just config snippets
1.png
by loloski
Wed Mar 27, 2024 5:34 am
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 492
Views: 143316

Re: v7.15beta [testing] is released!

The protocol is intended to be compatible with other vendors, but it is still undergoing testing to ensure compatibility. Let us know if you have any feedback. Will going to test this thoroughly if it's working properly with CHR, I don't have a spare equipment at the moment to lab this up in actual...
by loloski
Wed Mar 27, 2024 2:58 am
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

Re: VRF Route Leaking between VRF network and Main [SOLVED]

It seems the limitation is real you can't reach a subnet subnet if the flag is not "DAC" / directly connected even though it is reachable in Main Routing Table. What a bummer, in other platform this is well supported I hope this limitation has a fix in sight :(, This is really unfortunate ...
by loloski
Tue Mar 26, 2024 7:01 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

Re: VRF Route Leaking between VRF network and Main [SOLVED]

I slightly modify the topology and have a loopback address 10.0.0.1/32 on R1 so in theory I should be able to reach 192.168.50.1 and 10.0.0.1/32 from C1 and C2 if this this route leaking feature was really working as advertise
1.png
by loloski
Tue Mar 26, 2024 6:18 pm
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

Re: VRF Route Leaking between VRF network and Main [SOLVED]

I don't think that's the case look carefully the VRF and the routing table of main evidently 192.168.50.0/24 on ether4 is on main routing table and it's working properly
1.png
by loloski
Tue Mar 26, 2024 3:11 pm
Forum: General
Topic: REQ: batman-adv interface
Replies: 1
Views: 1718

Re: REQ: batman-adv interface

+1 on this, this is game changer for wISP
by loloski
Tue Mar 26, 2024 1:16 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 492
Views: 143316

Re: v7.15beta [testing] is released!

@MT quick question if MVRP implementation is working properly in the next few beta/rc, is it compatible with other implementation like Juniper or it will never be?
by loloski
Tue Mar 26, 2024 12:40 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 492
Views: 143316

Re: v7.15beta [testing] is released!

Yes RouterOS lite it is and allow big files like drivers (wifi-qcom/wifi-qcom-ac) or any extra package to be loaded in external place like USB if present in the device. /* Dream On */
by loloski
Tue Mar 26, 2024 12:22 pm
Forum: Beginner Basics
Topic: How to configure LAN IP Pool
Replies: 15
Views: 6362

Re: How to configure LAN IP Pool

Substitute to your real subnet 1.png [admin@R1] > export # 2024-03-26 10:18:18 by RouterOS 7.14.1 # software id = # /interface vlan add interface=ether1 name=VLAN1530 vlan-id=1530 /port set 0 name=serial0 /ip address add address=117.1.1.218/29 interface=VLAN1530 network=117.1.1.216 add address=117.2...
by loloski
Tue Mar 26, 2024 8:17 am
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

Re: VRF Route Leaking between VRF network and Main [SOLVED]

Hooraahh... i made it to work the routing entries for subnet 192.168.50.0/24 the gateway should be the ether4@main :)
1.png
by loloski
Tue Mar 26, 2024 7:23 am
Forum: Forwarding Protocols
Topic: BCP 38: Routing Filters and Address lists
Replies: 2
Views: 1261

Re: BCP 38: Routing Filters and Address lists

I believed there were similar request in the past that rp_filter can be turned on/off per interface but nothing come up to a fruition from MT camp
by loloski
Tue Mar 26, 2024 6:31 am
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

Re: VRF Route Leaking between VRF network and Main [SOLVED]

I now add a routing entries to each VRF that I think might solve the issue but still is not working, the C2 router can reach internet and VRF_CUSTOMER-A and VRF_CUSTOMER-B but not 192.168.50.0/24 subnet in the main routing table of the Provider Router
1.png
2.png
3.png
by loloski
Tue Mar 26, 2024 5:43 am
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

Re: VRF Route Leaking between VRF network and Main [SOLVED]

1.png 2.png This is how far I go from R1 192.168.50.1 using this routing rules above I was able to reach 192.168.0.1 and 192.168.1.1 but not the whole subnet I know I'm missing a routing entries for 192.168.50.0/24 subnet in both vrf_cusotmer_a and vrf_customer_b routing table to make this work I j...
by loloski
Tue Mar 26, 2024 5:23 am
Forum: Forwarding Protocols
Topic: VRF Route Leaking between VRF network and Main [SOLVED]
Replies: 20
Views: 10331

VRF Route Leaking between VRF network and Main [SOLVED]

In Ros v7.14.1 Route leaking between VRF is so easy I just follow the Simple VRF Setup in the mikrotik documents and it works like a charm, however the docs never mentioned or give a snippet config on how to leak between the VRF network with the Main routing table on the Provider Router https://help...
by loloski
Sat Mar 23, 2024 12:37 pm
Forum: Beginner Basics
Topic: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]
Replies: 32
Views: 5080

Re: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]

Draw a basic network diagram including vlan assignment so that we can easily help you, I just interpret what you said
by loloski
Sat Mar 23, 2024 12:15 pm
Forum: Beginner Basics
Topic: Subdomain redirection (NAT) to the local IP address.
Replies: 1
Views: 569

Re: Subdomain redirection (NAT) to the local IP address.

You need reverse proxy for that like nginx or haproxy, you can do port forwarding on port 80 to a local reverse proxy from there handle the routing logic
by loloski
Sat Mar 23, 2024 3:18 am
Forum: Beginner Basics
Topic: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]
Replies: 32
Views: 5080

Re: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]

-- The problem is, that on ports ether46, ether47, ether48 I'm not seeing any traffic that goes into corresponding ports ether6, ether5, ether7. /interface/bridge/port add bridge=bridge comment="Bistro in" frame-types=admit-only-untagged-and-priority-tagged interface=ether5 pvid=119 add br...
by loloski
Fri Mar 22, 2024 4:03 pm
Forum: Beginner Basics
Topic: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]
Replies: 32
Views: 5080

Re: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]

if qsfpplus1-1 is your trunk port
/interface/bridge/vlan/add vlan-ids=111 tagged=bridge,qsfpplus1-1 untagged=ether7,ether48 bridge=bridge
by loloski
Fri Mar 22, 2024 3:45 pm
Forum: Beginner Basics
Topic: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]
Replies: 32
Views: 5080

Re: CRS3xx and vlans: access port doesn't see traffic unless it is removed from bridge [SOLVED]

try this and adapt to your situation you missed where the bridge should be tagged as well /interface/bridge/add pvid=4094 frame-types=admit-only-vlan-tagged name=bridge # Best practice don't set pvid=1 /interface/bridge/port add interface=ether7 frame-types=admit-only-untagged-and-priority-tagged pv...
by loloski
Thu Mar 21, 2024 5:02 pm
Forum: Announcements
Topic: v7.15beta [testing] is released!
Replies: 492
Views: 143316

Re: v7.15beta [testing] is released!

Do you have at least initial draft document for MVRP?
by loloski
Tue Mar 19, 2024 8:19 am
Forum: Scripting
Topic: RouterOS get uptime days [SOLVED]
Replies: 10
Views: 9281

Re: RouterOS get uptime days [SOLVED]

:put [/system/resource/get uptime
11w2d15:59:17
]
by loloski
Tue Mar 19, 2024 3:53 am
Forum: General
Topic: bandwidth managment
Replies: 2
Views: 412

Re: bandwidth managment

Please don't do it CRS112 is geared toward as a switch not a router it has very weak CPU, what you can do put router upfront then Make a Queue in the router
by loloski
Thu Feb 22, 2024 11:29 am
Forum: General
Topic: CCR1072 - ROSv6 - TCP single-stream performance
Replies: 5
Views: 780

Re: CCR1072 - ROSv6 - TCP single-stream performance

For us we learned the hardway, We are only using 1072 for EDGE routing purposes BGP/OSPF no NAT/Firewall and Queues they are fine, for Access Concentrators we stick for a dozen of 1036 with rule of thumb of 950 customers per 1036 doing NAT and Queue, For some of our PoP with premium customers which ...
by loloski
Sun Feb 18, 2024 11:17 am
Forum: Beginner Basics
Topic: netpower 16p with bonding CPU issue
Replies: 1
Views: 387

Re: netpower 16p with bonding CPU issue

check your switch chip 98DX226S if bonding is ever supported

https://help.mikrotik.com/docs/display/ ... Offloading
by loloski
Sun Feb 18, 2024 10:54 am
Forum: Forwarding Protocols
Topic: Route Filter v6 to v7
Replies: 3
Views: 1383

Re: Route Filter v6 to v7

discard is not supported in v7
by loloski
Thu Feb 08, 2024 1:43 am
Forum: Beginner Basics
Topic: CRS3xx (low?) Bandwidth Test Performance
Replies: 3
Views: 890

Re: CRS3xx (low?) Bandwidth Test Performance

please use iperf it was a known fact that bandwidth test inside mikrotik will eat your CPU
by loloski
Thu Feb 08, 2024 1:21 am
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

On beta 8
*) bgp - allow to leak routes between local VRFs;

If you are looking for proper implementation through RD i don't think it will happen today :(
by loloski
Thu Feb 08, 2024 12:16 am
Forum: General
Topic: CRS310-8G-2S+-IN expected internet performance?
Replies: 6
Views: 1527

Re: CRS310-8G-2S+-IN expected internet performance?

CRS310 is geared toward as a switch not much of a router
Screenshot 2024-02-08 060857.png
by loloski
Wed Feb 07, 2024 12:16 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 896
Views: 301088

Re: v7.13.3 [stable] is released!

it would be best, if they allow the package to be stored and install via external USB or make a ROS lite package as suggested by others here, our HAPAC2 CPE fleet would surely welcome this change if this happen :)
by loloski
Tue Jan 23, 2024 1:08 pm
Forum: General
Topic: IPOE with User-Manager
Replies: 1
Views: 695

Re: IPOE with User-Manager

By the way forgot to say thanks in advance for the people who could chime in
by loloski
Tue Jan 23, 2024 12:46 pm
Forum: General
Topic: IPOE with User-Manager
Replies: 1
Views: 695

IPOE with User-Manager

In our quest to ditch PPPoE in our network we decided to give it a whim and put a LAB generally it was ok, the client computer can authenticate it's MAC in user-manager via radius but I found it odd that you can authenticate the same mac address at the same time this is a no go for ISP setup, well h...
by loloski
Mon Jan 22, 2024 2:01 pm
Forum: Beginner Basics
Topic: Renew License CHR ERROR: bad http response [SOLVED]
Replies: 23
Views: 4607

Re: Renew License CHR ERROR: bad http response [SOLVED]

wait is over, I was able to activate the license just an hour ago
by loloski
Mon Jan 22, 2024 5:47 am
Forum: General
Topic: CHR LICENSING SERVER IS DOWN
Replies: 16
Views: 2672

Re: CHR LICENSING SERVER IS DOWN

this cause us trouble because we have a scheduled deployment yesterday and send me 2 people in the DC doing nothing in the middle of the night in the end we pull out the server and will try again somewhere next week not really a big deal but a nuisance indeed
by loloski
Sun Jan 21, 2024 2:24 pm
Forum: General
Topic: CHR LICENSING SERVER IS DOWN
Replies: 16
Views: 2672

Re: CHR LICENSING SERVER IS DOWN

I already contact them via Support Ticket and no one is responding and even in discord this was reported as well on #CHR channel and I'm not alone
by loloski
Sun Jan 21, 2024 2:16 pm
Forum: General
Topic: CHR LICENSING SERVER IS DOWN
Replies: 16
Views: 2672

CHR LICENSING SERVER IS DOWN

MT,

Please take a look into this we can't activate CHR license, there was a bad http response when you try to login your account in the renewal license dialog, thanks!!!!
by loloski
Thu Jan 18, 2024 8:00 am
Forum: Beginner Basics
Topic: Use public IPs from remote router [SOLVED]
Replies: 7
Views: 1763

Re: Use public IPs from remote router [SOLVED]

Established VPN of your choice, then use mangle or routing rules to route your internal subnet to the other side of the tunnel then use srcnat NAT
by loloski
Tue Jan 16, 2024 7:42 am
Forum: Forwarding Protocols
Topic: BGP Filters translate from ros6 to ros7 not working
Replies: 9
Views: 2416

Re: BGP Filters translate from ros6 to ros7 not working

you can use this as a starting point and also discard is no longer available please read the document

https://help.mikrotik.com/docs/display/ ... h+examples
https://help.mikrotik.com/docs/display/ ... nd+Filters
by loloski
Mon Jan 15, 2024 4:13 am
Forum: General
Topic: Incoming SSH being dropped/delayed on 7.13.1, can you reproduce (easy to try)
Replies: 4
Views: 764

Re: Incoming SSH being dropped/delayed on 7.13.1, can you reproduce (easy to try)

This was tested on 7.12, though i seldom open ssh from external but this needs to be look into :(
ss.png
by loloski
Mon Jan 15, 2024 3:22 am
Forum: Forwarding Protocols
Topic: routing filter set administrative distance question
Replies: 0
Views: 1646

routing filter set administrative distance question

We have a situation where our 2 edge router is both originating default route in OSPF domain we want to match the gateway and set appropriate distance just like i shown below is this possible? it was not clear in the documentation how to use the "gw" or can it be used in OSPF context, than...
by loloski
Wed Jan 10, 2024 5:12 am
Forum: Beginner Basics
Topic: Check for Updates: could not resolve DNS name [SOLVED]
Replies: 5
Views: 2882

Re: Check for Updates: could not resolve DNS name [SOLVED]

Download and import this cert if you are using cloudflare DNS it should work
https://cacerts.digicert.com/DigiCertGl ... G2.crt.pem
by loloski
Fri Jan 05, 2024 11:45 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 896
Views: 301088

Re: v7.13 [stable] is released!

https://stubarea51.net/2016/01/21/put-5 ... r-testing/

This is life saver luckily I was able to save the VM, the tool is not downable anymore :) I hope kevin will re-upload this again
by loloski
Fri Jan 05, 2024 11:42 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 896
Views: 301088

Re: v7.13 [stable] is released!

I think you are right :), I stand corrected this design flaw is really a punch in the gut they should fix this, we are going to do some more pre-flight test otherwise we are going to call off again the deployment :( if you have single peer you can get away with it but multiple peer this will blow ou...
by loloski
Fri Jan 05, 2024 11:11 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 896
Views: 301088

Re: v7.13 [stable] is released!

I don't think that's the case i load more than 300K routes and that few /32 slips into crack, if I follow what you say all on that list will be accepted but it's not I think they just made a string match there literally, will going to retest again and remove 0.0.0.0/0 i think I can still reproduce it
by loloski
Fri Jan 05, 2024 9:08 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 896
Views: 301088

Re: v7.13 [stable] is released!

Input Accept NLRI bug

It accept some prefix not in the list of prefix allowed to be accepted i stumble this bug in a lab
ss.png
by loloski
Fri Jan 05, 2024 7:20 am
Forum: RouterOS beta
Topic: Feedback on RouterOSv7 route filtering
Replies: 28
Views: 15273

Re: Feedback on RouterOSv7 route filtering

MT Any chances on improving router filtering in UI/winbox now?, we are not asking for v6 like for like UI but at least some semblance of having a more polish product rather than as if the UI was design after having a drinking session in the party :) the routing filter is v7 is more powerful in v6 bu...
by loloski
Thu Jan 04, 2024 12:26 pm
Forum: Forwarding Protocols
Topic: ipsec Preformance
Replies: 2
Views: 1946

Re: ipsec Preformance

This is impossible with ROS v7 today or in the future, that kind of traffic you are looking for is not for a SOHO environment
by loloski
Wed Jan 03, 2024 3:13 pm
Forum: General
Topic: RB5009 intermittent boot issue
Replies: 5
Views: 2186

RB5009 intermittent boot issue

Hi guys, Just want to ask if somebody encounter this issue, where most of the time i reboot the router it doesn't boot properly you have to properly power cycle the router at least 3 times to work, the 2nd port always lit but dim and it's doing nothing, i already netinstall the device still the prob...
by loloski
Tue Jan 02, 2024 4:09 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

ok thanks a ton, really excited to put this in the field next week

BR
by loloski
Tue Jan 02, 2024 3:40 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

yeah we have our own instance of routinator too, that's good to hear that it was working well, you are in 2216 i'm on 1072 this is what really scare me now :)
by loloski
Tue Jan 02, 2024 3:31 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

Hmm.... that's reassuring but we need to test this thoroughly specially rpki validation this will surely a showstopper to us, BFD is working properly glad it was sorted out.
by loloski
Tue Jan 02, 2024 2:30 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

@rpingar I hope if you don't mind asking hpw's all your ticket related to BGP issues? did MT respond or fix most of your issues? we are going to retry again to put MT in IX scenario and i just feared we are going to pull it again and replace it with Juniper platform inadvertly due to instability I'v...
by loloski
Mon Jan 01, 2024 7:43 am
Forum: Beginner Basics
Topic: Force the router to use a specific WAN
Replies: 5
Views: 1610

Re: Force the router to use a specific WAN

set the distance/cost of your preferred next-hop to 1 and the other remaining link to 2 in this way all traffic generated by the router itself will go to the default gateway with distance/cost of 1 no mangles involved, I hope this suffice enough to meet your requirement and use PBR to steer your tra...
by loloski
Sun Dec 31, 2023 4:04 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

info !wireguard
by loloski
Sat Dec 30, 2023 2:13 pm
Forum: RouterOS beta
Topic: Routing filter to discard routes
Replies: 16
Views: 15672

Re: Routing filter to discard routes

I hope this functionality can be restored in OSPF at least, this is what set apart from MT to other big brand where dynamic routing protocols is rock solid, another grief is when you have millions of routing entries in routing tables winbox start to crawl well that's for another day totally unrelate...
by loloski
Sat Dec 30, 2023 1:25 pm
Forum: RouterOS beta
Topic: Routing filter to discard routes
Replies: 16
Views: 15672

Re: Routing filter to discard routes

sorry for beating the dead horse, can someone shed some light on why discard is no longer available in ros v7?
by loloski
Fri Dec 29, 2023 9:26 am
Forum: Forwarding Protocols
Topic: V7 Route Filter Deny-ALL
Replies: 2
Views: 1913

Re: V7 Route Filter Deny-ALL

In v7 it was rejected / deny by default
by loloski
Mon Dec 25, 2023 1:00 am
Forum: Forwarding Protocols
Topic: Force ZeroTier over specific Internet/WAN connection
Replies: 7
Views: 2898

Re: Force ZeroTier over specific Internet/WAN connection

as a last resort though it's not the _real_ solution he/she could install zerotier in the other device using his/her 2nd ISP as a next-hop then use ROMON if the purpose of this zerotier is just for management purposes no more fiddling with mangle :)
by loloski
Sun Dec 24, 2023 1:58 am
Forum: Forwarding Protocols
Topic: Force ZeroTier over specific Internet/WAN connection
Replies: 7
Views: 2898

Re: Force ZeroTier over specific Internet/WAN connection

you can try to use mangle output and routing mark to make host outbound traffic of the router to go on specific ISP on udp port 9993
/ip firewall mangle
add action=mark-routing chain=output dst-port=9993 new-routing-mark=UG3 passthrough=no protocol=udp
by loloski
Sat Dec 23, 2023 8:58 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

Ok i stand corrected back to the v6 version where it was still not bundled :)
by loloski
Sat Dec 23, 2023 8:53 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

wifi-qcom-ac is already out of the door a year ago who have thought this is possible?, who knows? maybe just maybe they break again the taboo and make v7 semi modular again like what we have in v6 where you can uninstall something at some extent to free up some space or resource.
by loloski
Sat Dec 23, 2023 8:35 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

LOL, you can upgrade beyond 7.12.1 and still have zerotier. What is your point? I can't upgrade to past/beyond 7.12.1 because this is the last version I can have a wireless + zerotier on this device, I'm just wondering why some people here is very apprehensive if all you want is to get the last oun...
by loloski
Sat Dec 23, 2023 12:49 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

Yeah that's why we might stay indefinitely in 7.12.1 because we can't eat our cake and have it too :) unfortunately wireguard is not an option for us :p
by loloski
Sat Dec 23, 2023 11:18 am
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

Well, I certainly consider it a step backward that almost all functionality is now in a single "routeros" package. I can fully understand why packages like "DHCP", "PPP", "ipv6", "security" were merged with the system package! They often have nasty ...
by loloski
Fri Dec 22, 2023 7:49 am
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

Question does MVRP implementation will be vendor neutral? Once it become stable?
by loloski
Thu Dec 21, 2023 11:55 am
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 16601

Re: Status of ROS V7 for BGP, MPLS, VPLS

You are right and spot on, I'm responsible with Engineering In perfect world I got the final say on most things related to network from Core,CO,Pop down to Last mile, but still can be vetoed once there was a big Asian money at stake down to a drain pipe, Cap-ex is hard to come by in emerging market ...
by loloski
Thu Dec 21, 2023 8:51 am
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 16601

Re: Status of ROS V7 for BGP, MPLS, VPLS

Care to share how much MPLS traffic you have at peak and is it in tile arch?, we have a pilot MPLS implementation base on v6 (mpls atom/pseudowire) in one of our PoP and just running < 500mb at peak
by loloski
Thu Dec 21, 2023 8:26 am
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

There's a bug in bridge where a port role is blank in CHR and hapac2 in my limited testing at least
by loloski
Thu Dec 21, 2023 7:42 am
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 16601

Re: Status of ROS V7 for BGP, MPLS, VPLS

@Darknate I can feel you and I can clearly see your point and that was really obvious, but I don't need reasons to ditch MT because the company I work for already accept that fact that MT as a company is not perfect, my personal only sour grape with them is they don't layout their roadmap on what th...
by loloski
Wed Dec 20, 2023 3:47 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

Just notice push route is in the ovpn server setting not per secret/user basis? I hope MT would make it more flexible
by loloski
Wed Dec 20, 2023 3:30 pm
Forum: Announcements
Topic: v7.14beta [testing] is released!
Replies: 498
Views: 171952

Re: v7.14beta [testing] is released!

*) bridge - added MLAG support for MSTP bridges; *) bridge - added MVRP support (CLI only); *) bridge - improved bridge VLAN configuration validation; *) bridge - improved configuration speed on large VLAN setups; *) bridge - improved protocol-mode MSTP functionality; *) bridge - improved protocol-...
by loloski
Wed Dec 20, 2023 4:31 am
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 16601

Re: Status of ROS V7 for BGP, MPLS, VPLS

@DarkNate As a band aid solution whilst we are still waiting for proper EVPN/VXLAN to come in Mikrotik, our tech stack revolves around mikrotik for 3 years now lots of investment already from hardware to people training and we don't want to go back to pure Juniper shop if we can fight for it for cos...
by loloski
Tue Dec 19, 2023 7:02 pm
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 16601

Re: Status of ROS V7 for BGP, MPLS, VPLS

Yeah, Q3 next year if MT can't still produce a decent implementation for all of this critical technologies in ISP space we are going to re-think our strategies, If only LAC mode not just LNS is readily available today we can duct tape our network and still can still wait for another 3 years more, ev...
by loloski
Tue Dec 19, 2023 5:21 pm
Forum: General
Topic: Multi-Wan Concept
Replies: 2
Views: 816

Re: Multi-Wan Concept

you need policy based routing, as a primer check this out https://www.youtube.com/watch?v=1oawZUqB_Eo If i were you since you really want to learn look read network primer in other platforms as well because the learning curve is steep in MIkrotik if you don't have previous solid background in networ...
by loloski
Tue Dec 19, 2023 4:39 pm
Forum: General
Topic: 7.13 wireless package split question
Replies: 91
Views: 38201

Re: 7.13 wireless package split question

at least for me this is fair enough
by loloski
Tue Dec 19, 2023 3:35 pm
Forum: General
Topic: Feature Request: Restore ability to remove dynamic Queue
Replies: 0
Views: 1251

Feature Request: Restore ability to remove dynamic Queue

MT, Would you be so kind if you could restore the functionality that we can remove dynamic simple queue on the fly via up/down script in PPPoE profile and create the simple queue to our liking?, our solution relies on this heavily and we can't move our BRAS/PPPoE concentrator to v7 latest stable ver...
by loloski
Tue Dec 19, 2023 1:25 pm
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 16601

Re: Status of ROS V7 for BGP, MPLS, VPLS

@mrz, if you could be so kind could you please confirm if MP-BGP/EVPN + VXLAN is now on horizon since IS-IS was in too? just a nugget please because this will be very critical to us in near feature
by loloski
Wed Dec 06, 2023 10:51 am
Forum: Forwarding Protocols
Topic: Status of ROS V7 for BGP, MPLS, VPLS
Replies: 70
Views: 16601

Re: Status of ROS V7 for BGP, MPLS, VPLS

Wow, that's good news but the million dollar question is when this going to see the light of the day :) most of the Chinese cheapos switches now a days support this like Rujie/Maipu et al, please add Q-in-Q in hardware in the pipeline please :)
by loloski
Sun Dec 03, 2023 3:07 pm
Forum: Virtualization
Topic: Passthrough - Interface Queue
Replies: 1
Views: 2089

Re: Passthrough - Interface Queue

If your motherboard and NIC support SR-IOV used that instead just my 0.2$
by loloski
Thu Nov 30, 2023 7:33 am
Forum: General
Topic: Feature Request: MRTG / Graphing option
Replies: 0
Views: 1929

Feature Request: MRTG / Graphing option

expose growright or any other MRTG option to MT graphing via CLI or winbox
by loloski
Tue Nov 14, 2023 9:42 am
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 460
Views: 104947

Re: v7.13beta [testing] is released!

Sorry for not filling a proper bug report don't have a good experience of doing it for some occasions now, it's either no one answer or the support claims it's a support issues I'm tired already sorry
by loloski
Tue Nov 14, 2023 9:35 am
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 460
Views: 104947

Re: v7.13beta [testing] is released!

In Hapac2 DOH is working fine for a few minutes then all of the sudden the configuration revert back to the original setting prior of the change, at first I thought I'm just crazy but it happen to me more than 3 times now
  • 1
  • 2