Community discussions

MikroTik App

Search found 47 matches

by ajgnet
Wed Jul 10, 2024 4:35 pm
Forum: General
Topic: Better Control Over Fan Speeds on CCR2116
Replies: 3
Views: 891

Re: Better Control Over Fan Speeds on CCR2116

I can't figure out the sudden high fan speeds. Even when sfp-temperature is < 70 fan speed appears to randomly jump to 7000+ rpm. MikroTik friends, is it possible to add slightly better fan control options to keep these units quieter when possible? Columns: NAME, VALUE, TYPE # NAME VALUE TYPE 0 cpu-...
by ajgnet
Tue Jul 02, 2024 4:19 pm
Forum: General
Topic: Better Control Over Fan Speeds on CCR2116
Replies: 3
Views: 891

Better Control Over Fan Speeds on CCR2116

I am experiencing an issue with the fan speeds on my CCR2116 router. The fans seem to ramp up and down arbitrarily even when the temperatures are quite low, leading to unnecessary noise. Below are the current readings from the system health check: [a@gw01] > /system/health/print Columns: NAME, VALUE...
by ajgnet
Mon Jul 01, 2024 4:21 pm
Forum: RouterOS beta
Topic: Static DNS FWD entries using DoH not working [SOLVED]
Replies: 22
Views: 21060

Re: Static DNS FWD entries using DoH not working [SOLVED]

7.16beta3 (2024-Jun-27 08:33):
dns - added support for DoH with static FWD entries;

Thanks, guys! Amazing.
by ajgnet
Wed Jun 19, 2024 11:34 pm
Forum: RouterOS beta
Topic: Static DNS FWD entries using DoH not working [SOLVED]
Replies: 22
Views: 21060

Re: Static DNS FWD entries using DoH not working [SOLVED]

Is there any workaround to have FWD domains working with DoH? Thanks
by ajgnet
Wed Jun 19, 2024 2:20 pm
Forum: General
Topic: Traffic Flow Export and Fast Track Offloaded Flows
Replies: 3
Views: 782

Traffic Flow Export and Fast Track Offloaded Flows

I have a question regarding the IP --> Traffic Flow feature. I'm currently using Traffic Flow to export traffic data to ntop for analysis, and I'm considering enabling Fast Track for performance improvements. My question is: Will the IP --> Traffic Flow export still function correctly for flows that...
by ajgnet
Mon Jun 17, 2024 5:15 pm
Forum: General
Topic: QoS Hardware Offloading (QoS-HW)
Replies: 79
Views: 20781

Re: QoS Hardware Offloading (QoS-HW)

The config looks file. Please check if bridge1 has the H flag in "/interface/bridge print". The switch chip supports only one hardware bridge, let's double-check if the system picked the right one. [adam@gw01] /interface/bridge> /interface/bridge print Flags: X - disabled, R - running 0 R...
by ajgnet
Mon Jun 17, 2024 1:55 pm
Forum: General
Topic: QoS Hardware Offloading (QoS-HW)
Replies: 79
Views: 20781

Re: QoS Hardware Offloading (QoS-HW)

You can limit the egress rate of the port (or even a particular queue): /interface/ethernet/switch/port set sfp1 egress-rate=5G For some reason when I do this, max bandwidth gets capped around 800Mbps not 5G Also, I followed the Dante instructions but it does not seem like the below configuration h...
by ajgnet
Fri Jun 14, 2024 1:52 pm
Forum: General
Topic: QoS Hardware Offloading (QoS-HW)
Replies: 79
Views: 20781

Re: QoS Hardware Offloading (QoS-HW)

Thank you very helpful. But what if the uplink port has a 10G link but ISP bandwidth is only 5G? How can I make sure the buffer is not saturated at the ISP and thereby nullifying the priority queues? For example, should I set the sfp1 interface to 95% of 5Gbps so that the switch QoS takes effect? Ho...
by ajgnet
Wed Jun 12, 2024 6:09 pm
Forum: General
Topic: QoS Hardware Offloading (QoS-HW)
Replies: 79
Views: 20781

Re: QoS Hardware Offloading (QoS-HW)

I need to achieve two main goals with my QoS setup on a CCR2116 and would like to use L3HW if possible:

1. De-prioritize all traffic on TCP port 21 (FTP).
2. Prioritize all VoIP traffic by matching DSCP values.

Is this possible with QoS-HW? What would the configuration look like, as an example?
by ajgnet
Wed Jun 12, 2024 6:01 pm
Forum: General
Topic: L3HW QoS on CCR2116: Enabling CoDeL or Cake and WAN Prioritization
Replies: 2
Views: 518

Re: L3HW QoS on CCR2116: Enabling CoDeL or Cake and WAN Prioritization

Thanks, has WRED offloading been enabled yet? Any simple examples you could point to?
by ajgnet
Wed Jun 12, 2024 4:09 pm
Forum: General
Topic: L3HW QoS on CCR2116: Enabling CoDeL or Cake and WAN Prioritization
Replies: 2
Views: 518

L3HW QoS on CCR2116: Enabling CoDeL or Cake and WAN Prioritization

I am currently using a CCR2116 and exploring options for implementing hardware offloaded QoS. Specifically, I am interested in enabling CoDeL or Cake using hardware queues if possible, if not, simple priorities. From my understanding, CoDeL and Cake are typically software-based solutions. Does anyon...
by ajgnet
Fri Mar 03, 2023 3:13 pm
Forum: General
Topic: Block IPv6 Portscans - Rule works for IPv4 but not IPv6
Replies: 10
Views: 1928

Re: Block IPv6 Portscans - Rule works for IPv4 but not IPv6

you missed an importaint part "psd", this option exists in the ipv4 firewall, but not implemented in the ipv6 firewall...
Thank you - I understand what you mean and this explains it. So it sounds like there is currently no way to do this in IPv6 until that feature is implemented.
by ajgnet
Thu Mar 02, 2023 3:10 am
Forum: General
Topic: Block IPv6 Portscans - Rule works for IPv4 but not IPv6
Replies: 10
Views: 1928

Block IPv6 Portscans - Rule works for IPv4 but not IPv6

I'm trying to block IPv6 portscans coming to my router. The below filter rules work for IPv4 but get ignored for IPv6 (no traffic matches). What am I doing wrong? add action=drop chain=input comment="BLOCK PORT SCAN - Drop Port scanners" src-address-list=port_scanners add action=drop chain...
by ajgnet
Sun Feb 26, 2023 10:08 pm
Forum: General
Topic: How can I collect daily, weekly, and monthly traffic totals by interface?
Replies: 0
Views: 360

How can I collect daily, weekly, and monthly traffic totals by interface?

Hello, is there an easy way to collect traffic totals by interface for day/week/month/year? Thanks
by ajgnet
Thu Jan 12, 2023 12:25 am
Forum: RouterBOARD hardware
Topic: Safe operating temperature of 10G S+RJ10 SFP+ module on a CCR2116?
Replies: 2
Views: 1871

Re: Safe operating temperature of 10G S+RJ10 SFP+ module on a CCR2116?

And as a follow up: what exactly is the SFP temperature measuring? If I pluck the module out of the switch and measure with a laser thermometer, it registers around 50C. So I'm not sure what is ~100C?
by ajgnet
Wed Jan 11, 2023 11:53 pm
Forum: RouterBOARD hardware
Topic: Safe operating temperature of 10G S+RJ10 SFP+ module on a CCR2116?
Replies: 2
Views: 1871

Safe operating temperature of 10G S+RJ10 SFP+ module on a CCR2116?

Hello - We have 3 Mikrotik 10G S+RJ10 modules on our CCR2116 and I noticed the temps in the range of 90-100C. Is this a safe operating temperature? The switch chip is a cool 40C as well as the CPU at a cool 45C. I'm just a little spooked by this high temperature, particularly since I believe the aut...
by ajgnet
Mon Jan 09, 2023 2:38 am
Forum: RouterBOARD hardware
Topic: Has anyone successfully replaced the CCR2116-12G-4S+ fans with quieter Noctuas?
Replies: 9
Views: 4471

Re: Has anyone successfully replaced the CCR2116-12G-4S+ fans with quieter Noctuas?

I did have luck with one brand, but I forget which one (I have about four). I believe the one that's in there now is QSFPTEK and the fans aren't ramping up. I think it's because some brands don't report SFP+ module temp. My 10GTek modules don't report and I get lower fan speeds. The Mikrotik SFP+ N...
by ajgnet
Sun Jan 08, 2023 9:09 pm
Forum: RouterBOARD hardware
Topic: Has anyone successfully replaced the CCR2116-12G-4S+ fans with quieter Noctuas?
Replies: 9
Views: 4471

Re: Has anyone successfully replaced the CCR2116-12G-4S+ fans with quieter Noctuas?

I have the same issue with mine - very quiet until I put in a 10GbaseT SFP+ module, then fans ramp up to 8000 rpm.
by ajgnet
Sun Jan 08, 2023 1:28 pm
Forum: RouterBOARD hardware
Topic: Has anyone successfully replaced the CCR2116-12G-4S+ fans with quieter Noctuas?
Replies: 9
Views: 4471

Has anyone successfully replaced the CCR2116-12G-4S+ fans with quieter Noctuas?

Curious if anyone has replaced the stock fans on the CCR2116-12G-4S+, and what the results were? Any tips or suggestions? Thanks
by ajgnet
Sat Dec 31, 2022 1:19 pm
Forum: Containers
Topic: First Container in list doesn't start on boot
Replies: 6
Views: 7624

Re: First Container in list doesn't start on boot

Reporting the same issue
by ajgnet
Thu Dec 29, 2022 3:51 am
Forum: RouterBOARD hardware
Topic: CCR2216-1G-12XS-2XQ (New Flagship)
Replies: 69
Views: 18211

Re: CCR2216-1G-12XS-2XQ (New Flagship)

I am currently using a CCR2216-1G-12XS-2XQ with L3HW enabled in firewall compatible mode (enabled on the switch, disabled on the interfaces, fast-tracking established/related connections). On a saturated 10G line, my CPU is ~3% with around 4,000 tracked flows on the Marvell chip.
by ajgnet
Tue Dec 27, 2022 8:45 pm
Forum: General
Topic: On the CCR2116 with firewall compatible L3HW offload, should L3hw offloading be enabled on the LAN port?
Replies: 2
Views: 596

Re: On the CCR2116 with firewall compatible L3HW offload, should L3hw offloading be enabled on the LAN port?

Thanks for that clarification - makes total sense to me now.

And what does enabling L3 Hw Offloading on the switch1 cpu do?
by ajgnet
Tue Dec 27, 2022 5:31 pm
Forum: General
Topic: IPsec passthrough issue (WiFi Calling)
Replies: 5
Views: 4267

Re: IPsec passthrough issue (WiFi Calling)

Out of curiosity, are you using Unifi APs?
by ajgnet
Tue Dec 27, 2022 2:58 am
Forum: General
Topic: Is there a way to check utilization or temperature of the switch chip in a CCR2X16 router?
Replies: 0
Views: 297

Is there a way to check utilization or temperature of the switch chip in a CCR2X16 router?

Hello, just curious if there is a way to get statistics off the 98DX3255 or 98DX8525 chips? Thank you
by ajgnet
Mon Dec 26, 2022 6:28 pm
Forum: General
Topic: On the CCR2116 with firewall compatible L3HW offload, should L3hw offloading be enabled on the LAN port?
Replies: 2
Views: 596

On the CCR2116 with firewall compatible L3HW offload, should L3hw offloading be enabled on the LAN port?

Hello, I am configuring a CCR2116 with firewall compatible layer 3 hardware offloading (via fast track rules). I have L3 hardware offloading disabled on the WAN port, but enabled on the switch, on the CPU, and enabled on all other ports including the LAN ports. I am using a bridge, and the LAN port ...
by ajgnet
Thu Dec 22, 2022 7:35 pm
Forum: General
Topic: Feature requests
Replies: 1792
Views: 677386

Re: Feature requests

Would love the ability to specify a DoH server but also FWD entries to specific DNS servers. Currently, enabling DoH disables all FWD entries.
by ajgnet
Wed Dec 21, 2022 5:42 pm
Forum: General
Topic: How loud is the CCR2216-1G-12XS-2XQ? Are there fan curves?
Replies: 1
Views: 485

How loud is the CCR2216-1G-12XS-2XQ? Are there fan curves?

Hello, looking into the CCR2216-1G-12XS-2XQ for a project but the server closet is near desks and we'd like to keep noise to a minimum. We are looking into the CCR2216 and CCR2116 but would strongly prefer the CCR2216 due to the QSFP28 ports. What's the noise like? Thank you
by ajgnet
Sun Dec 11, 2022 6:44 pm
Forum: General
Topic: how does L3HW actually works?
Replies: 128
Views: 38054

Re: how does L3HW actually works?

/ip firewall filter add action=fasttrack-connection chain=forward connection-state=established,related hw-offload=no protocol=udp add action=fasttrack-connection chain=forward connection-state=established,related hw-offload=yes add action=accept chain=forward connection-state=established,related ^ ...
by ajgnet
Sat Dec 10, 2022 7:16 pm
Forum: General
Topic: Recommendations for linux-based software to read Traffic Flows and make Unifi-like pretty graphs
Replies: 2
Views: 766

Recommendations for linux-based software to read Traffic Flows and make Unifi-like pretty graphs

Hello - Just switched from Unifi to Mikrotik and one thing I miss are the pretty graphs that provide device-level detail on traffic flow. I know Mikrotik can export traffic flows but I am not familiar with software to collect and process such flows to make pretty graphs. I've used ntopng in the past...
by ajgnet
Sat Dec 10, 2022 4:27 pm
Forum: General
Topic: Port mirroring disables firewall compatible l3hw offload
Replies: 1
Views: 634

Port mirroring disables firewall compatible l3hw offload

I have a CCR2116-12G-4S+ w/ L3HW offload enabled at the switch level and disabled on ports. Fasttrack offloading works great. However, I'd like to mirror the LAN switch port to sniff traffic. The LAN interface is currently a member of a bridge w/ several VLANs. When I enable port mirroring in switch...
by ajgnet
Fri Dec 09, 2022 9:47 pm
Forum: General
Topic: Is there a latency tradeoff when offloading via L3HW?
Replies: 2
Views: 475

Is there a latency tradeoff when offloading via L3HW?

I just enabled L3HW offload on my ccr2116-12g-4s+ and it is magical to see NAT'd IPv4 internet traffic routed at 10G line speed w/ <5% CPU usage. Is there any trade-off for offloading to the switch chip instead of CPU routing, particularly with respect to latency? One of the Mikrotik examples mentio...
by ajgnet
Thu Dec 08, 2022 3:03 pm
Forum: Beginner Basics
Topic: Forward reverse DNS lookups to another server?
Replies: 5
Views: 2886

Forward reverse DNS lookups to another server?

Hello, I didn't see an option for PTR records in the built-in DNS server. Is there another way to forward all reverse lookups for an IP range to another server? For example:
any reverse lookup for 172.20.0.0/14 should query 192.168.2.1 for resolution
Thank you
by ajgnet
Sat Nov 19, 2022 10:34 pm
Forum: General
Topic: Is it possible to use QoS on an interface with L3hw offload enabled?
Replies: 2
Views: 649

Is it possible to use QoS on an interface with L3hw offload enabled?

Hello, I am using a CCR2116-12G-4S+ w/ hardware offload via fasttrack enabled. I'd like to set up QoS (fq_codel or cake) for upload and download traffic on the interface. Is this possible without turning l3hw offload off? Thank you
by ajgnet
Wed Oct 05, 2022 3:43 am
Forum: General
Topic: IPv6 with multiple ISPs how can I provide multiple GUAs (one for each network) with SLAAC and get routing working?
Replies: 2
Views: 1258

Re: IPv6 with multiple ISPs how can I provide multiple GUAs (one for each network) with SLAAC and get routing working?

You'd need policy routing, i.e. two routing tables (one with ISP1 as gateway and another with ISP2 as gateway) and tell router that packets from prefix1 should use one (be routed to ISP1) and packets from prefix2 should use the other (go to ISP2). It can be done using either firewall mangle rules (...
by ajgnet
Tue Oct 04, 2022 10:28 pm
Forum: General
Topic: IPv6 with multiple ISPs how can I provide multiple GUAs (one for each network) with SLAAC and get routing working?
Replies: 2
Views: 1258

IPv6 with multiple ISPs how can I provide multiple GUAs (one for each network) with SLAAC and get routing working?

I have two ISPs at home, each provides a ::/56 prefix delegation via dhcpv6. My ISPs don't support BGP or anything. I know I can assign ULAs internally and use NPTv6 or NAT66 to map them but it's a hassle since hosts with ULAs revert to IPv4 first by default and frankly, I'd rather not use NAT. Addi...
by ajgnet
Tue Oct 04, 2022 2:17 pm
Forum: Scripting
Topic: How can I create a IPv6 /64 prefix from dhcpv6 client provided /56 prefix
Replies: 5
Views: 2150

Re: How can I create a IPv6 /64 prefix from dhcpv6 client provided /56 prefix

hah, oh wow that saves me a lot of time. thanks so much. but stupid question - it looks like when I do it this way the valid lifetime is 30 days and there isn't a way to change that. My ISP changes my prefix regularly and if there's a reboot or refresh/renew of the IPv6 address on my router the pref...
by ajgnet
Tue Oct 04, 2022 1:38 pm
Forum: Scripting
Topic: How can I create a IPv6 /64 prefix from dhcpv6 client provided /56 prefix
Replies: 5
Views: 2150

Re: How can I create a IPv6 /64 prefix from dhcpv6 client provided /56 prefix

You know that IPv6 address has from-pool parameter that can do it automatically, right? Not sure I know what that is. I saw a "from pool" option in the dhcpv6 server but I'm not using dhcpv6 on my LAN only neighbor discovery. Is there a better way to do this?? If that's not good enough fo...
by ajgnet
Tue Oct 04, 2022 1:37 pm
Forum: Scripting
Topic: How can I create a IPv6 /64 prefix from dhcpv6 client provided /56 prefix
Replies: 5
Views: 2150

Re: How can I create a IPv6 /64 prefix from dhcpv6 client provided /56 prefix

I solved this by adding the below to my DHCPv6 Client Advanced Configuration: :if ($"pd-valid" = 1) do={ :local lanVZ ([:pick $"pd-prefix" 0 [:find $"pd-prefix" "/"]]."/64"); :log info "VZ value is $lanVZ"; /ipv6 nd prefix set interface=sfp...
by ajgnet
Tue Oct 04, 2022 2:24 am
Forum: Scripting
Topic: How can I create a IPv6 /64 prefix from dhcpv6 client provided /56 prefix
Replies: 5
Views: 2150

How can I create a IPv6 /64 prefix from dhcpv6 client provided /56 prefix

I'm trying to create a script in my dhcpv6 client that adds an nd prefix for my LAN (a ::/64) from my ISP provided /56. How can I do this? I was thinking of something like: :if ($"pd-valid" = 1) do={ :local lan_vz ([:pick $"pd-prefix" 0 19] . "::/64"); /ipv6 nd prefix a...
by ajgnet
Wed Sep 07, 2022 7:34 pm
Forum: General
Topic: 7.5 l3 hw nat is broken on CCR2116 [SOLVED]
Replies: 4
Views: 1488

Re: 7.5 l3 hw nat is broken on CCR2116 [SOLVED]

Working for me as well now. Thanks for the fast fix
by ajgnet
Sat Sep 03, 2022 3:50 am
Forum: General
Topic: 7.5 l3 hw nat is broken on CCR2116 [SOLVED]
Replies: 4
Views: 1488

Re: 7.5 l3 hw nat is broken on CCR2116 [SOLVED]

Reporting the same issue. Thanks for the update
by ajgnet
Wed Jul 27, 2022 6:57 pm
Forum: Announcements
Topic: not strictly related to v7.5beta
Replies: 30
Views: 6474

Re: v7.5beta [testing] is released!

Anyone know which linux kernel version 7.5b is based off of? Looking forward to full NETMAP support in kernels 5.8+.
by ajgnet
Fri May 06, 2022 2:38 pm
Forum: General
Topic: Fasttrack with multiwan failover policy routing - possible for primary ISP?
Replies: 2
Views: 761

Fasttrack with multiwan failover policy routing - possible for primary ISP?

I have 3 ISPs VZ, NW, and SP. By default, all traffic goes out VZ with NW and SP acting as failover. However, some traffic is marked to exit NW and SP depending on the destination IP, source IP, or destination port using mangle rules. When I fasttrack all established, related traffic on the forward ...
by ajgnet
Thu Apr 28, 2022 3:12 pm
Forum: General
Topic: 6.48.5 DoH unstable, connection tracker bug?
Replies: 2
Views: 595

Re: 6.48.5 DoH unstable, connection tracker bug?

Having the same error here on 7.2.1. Looks like a connection tracking error. Workaround was to allow input from specified dns servers
by ajgnet
Thu Apr 28, 2022 4:08 am
Forum: General
Topic: Feature Request: IPv6 NAT66 Support
Replies: 73
Views: 32331

Re: Feature Request: IPv6 NAT66 Support

Does anyone have a working example of nptv6 netmap? or even nat66? I am trying to translate a ::/56 ULA to ::/56 public prefix.

ipv6 netmap through prefix translation isn’t implemented until kernel 5.8 so curious how Mikrotik has it working; I believe ROS is still 5.6
by ajgnet
Wed Apr 27, 2022 1:14 pm
Forum: Scripting
Topic: Completing a script for checking and updating dynamic ISPs Gateway
Replies: 13
Views: 8248

Re: Completing a script for checking and updating dynamic ISPs Gateway

New to MikroTik and found the below script, added to each dhcp client, very helpful to get my 3 ISPs working: :if ($bound=1) do={/ip route set [find where dst-address=0.0.0.0/0 routing-mark=ISP1] gateway=$"gateway-address" } Just had two questions... first, is this still the best way to up...