MikroTik

Max

onnoossendrijver, thank you for your reply. 1)I was thinking about an Atom board, but the whole thing gets complicated, needs more aditional stuff to buy,eats more space, pricey, and also more power hungry. 2)That CCR should do the job just fine, but it's also pretty expensive. 3)Consumer-grade rout...

Max

Hi,

Currently I have RB450G, and I really like RouterOS. I'm looking to upgrade my internet connection to a Gigabit one, and I think that I'll need a new router also.

Any suggestions for a Gigabit NAT/RouterOS capable router?

LE: Forgot to mention, the connection type is PPPOE.

Max

I was suggested a while ago to use a script that increases or decreases the max-limit of a queue based on ping-latency. For start, I've tried to implement some scripts that activates a queue whenever Traffic Monitor is over 0bytes for a specific interface, and disable it with a 2min delay when it wa...

Max

Has anyone tried something similar?

Max

Hopefully, this shall be the last topic regarding this QoS issue that I have. In this topic, I'd like to discuss the possible approaches for a very common scenario, IMHO. The Scenario: -2 subnets, NAT behind Mikrotik RB450G -one ISP connection with MIR external 2mbps down/1mbps up metropolitan 100mb...

Max

It doesn't work right because it seems that there are subnets in the metropolitan address-list that my ISP doesnt' have peering with, rendering the whole thing(queue+mangle rules) useless. I really don't know what else to do. Should I conclude that with RouterOS you can't share the bandwidth for 2 s...

Max

last picture.

Max

Here's what I've done recently: 1) implemented a metropolitan peering address-list(hopefully, these are the networks that my ISP has peering with) 2) split traffic in metropolitan, extern, tcp, udp, other streams 3)implemented the correspoding queue tree for these streams Still, haven't decided what...

Max

Please help me out with this problem. I can't continue like this.

Max

rmichael, I am going to separate UDP and TCP traffic, but there is one thing that I don't really know how to do it. Do I have to add a mark-connection rule each time I add a new mark-packet rule? For example, first I'd have to mark traffic for each network(44.0 and 45.0), and here I have mark-connec...

Max

I've changed the value back to 50, but the problem persists. I've set PC1 to download a few files, from external sources. It was downloading them at ~ 2mbps. On PC2, I've opened 3 pages, a google search, an youtube clip, and an wikipedia page. All of them were moving painfully slow. After 30secs I'v...

Max

rmichael, thank you for your suggestion. I've tried it but, unfortunately I didn't get the expected results. I've noticed an improvement in downloading streams, but pages still load with a large delay. I read here[http://www.opalsoft.net/qos/DS-25.htm] that SFQ works well only when the queues are fu...

Max

I'm trying to do some bandwith management for my home network. I've been told that PCQ is the simplest way to distribute bandwidth equally. This is the tutorial that I followed: http://mum.mikrotik.com/presentations/CZ09/QoS_Megis.pdf My network setup looks like this: network_setup.png I want to add...

Max

I'm trying to do some bandwith management for my home network. I've followed these 2 examples(+some adjustments, because I have 2 separate networks behind the router), but I failed miserably. http://www.mikrotik.com/testdocs/ros/3.0/qos/queue_content.php#.6.3 http://mum.mikrotik.com/presentations/CZ...

Max

Problem solved. An update to the NIC drivers was the problem. Uninstalled the NIC, reinstalled old drivers, everything got back to normal. Funny thing is that it worked fine without the router.

Thank you for your support, SurferTim.

Max

Now it froze again, for the 5th time.....I switched to direct connection.

What shall I do?

Max

I've tried it, too, and it works fine. Info entries appear in the log file.

IMHO, the problem is beyond software, it's highly unlikely that an "info" entry to cause a freeze.

Max

My mistake, I did not set the "info" entries to be written to NAND.

Max

It's empty.

Max

It froze again. Orange LEDs both blinking(for WAN and ether2 LAN). Doesn't connect with WinBox by IP/MAC(it rembembers the last used MAC). MAC doesn't show up/refresh on the dropdown list. Where can I see the log? I've set "error", "warning", "critical" to "disk&qu...

Max

I have upgraded to RouterOS v4.11 and v2.27 firmware. :) I am amazed that this happened because it worked fine for months, and now for the first time, in 14 hours, I got 3 freezes. The only thing that I was doing in the last weeks was to try different queues and packet marks. I've disabled all of th...

Max

RouterOS 4.6 >> system routerboard pr routerboard: yes model: "450G" serial-number: ..... current-firmware: "2.20" upgrade-firmware: "2.25" later edit: uptime: 1h6m28s version: "4.6" free-memory: 243732kB total-memory: 257360kB cpu: "MIPS 24K V7.4" c...

Max

Yes, but I've tried connecting by MAC address, every time the router froze, from each of the 3 ports that I'm currently using(ether1-WAN, ether2,3-LAN) and I received that "request timed out" error. Connecting by MAC address saved me in the past(made some mask errors, and could not connect...

Max

I use WinBox.

Max

I don't have a serial cable.

It stopped responding again, 10mins ago.

(
I didn't check the activity LEDs...

Max

Yes, the transformer is connected to an UPS.
The router was powered(LEDs light up), and it did not respond at all, I disconnected the WAN cable, used another port for the PC, and nothing. I had to turn it off and then back on in order to connect to it.

Max

Hi, I'm a beginner and I realize that I can be a bit stressful for you, guys. As usual I had another problem. The router(RB450G) stopped working 2 times in the last 8 hours, no internet connection, no WinBox access(it said that the request timed out). I had to unplug the transformer, and then plug i...

Max

How can I remove the unused packet marks?
I've done some test in order to figure out some things and now I want to get rid off those unused entries.

Max

It's TCP.

I'm trying to limit ApexDC's upload speed, but I believe that the same rules apply when trying to limit other applications.

Max

Maybe someone is willing to do a test and limit ApexDC++'s upload and then share the config with me.
I've tried many ideas and none of them worked right.

Max

nobody knows why doesn't it work?

Max

yes, it is behind ether2, but I've even changed it to "all" and still nothing shown on the graphs.

Max

add burst-limit=0/32k burst-threshold=0/0 burst-time=1s/1s comment="" \ direction=both disabled=no dst-address=0.0.0.0/0 interface=ether2 \ limit-at=0/32k max-limit=0/32k name=limit-port60000 packet-marks=\ port60000 parent=none priority=8 queue=default-small/default-small \ target-address...

Max

Thank you for the explanation. However, there is also something else that I'm doing wrong, because after I added the limit to the download instead of upload, I get no input on the graphs, everything is on 0 bps. I guessing that is has something to do with the chain that I've selected(prerouting). I ...

Max

add action=mark-packet chain=prerouting comment="" disabled=no \ new-packet-mark=port60000 passthrough=yes protocol=tcp src-address=\ 10.223.44.5 src-port=60000 add burst-limit=32k/0 burst-threshold=0/0 burst-time=1s/1s comment="" \ direction=both disabled=yes dst-address=0.0.0.0...

Max

the rest of the attachments.

Max

I want to limit the upload speed on port 60000. I've marked the packets, and added the queue, but things don't work as expected. The upload speed still has some burts, and at the same time, the download speed drops severely to bytes/s. 1,2,3-packet marking 4,5,6-adding the queue Any idea of what am ...

Max

Hi, Sob.

Yes I'm always connected to the same server, eDonkeyServer No2.

Max

I did, but I still get few results.

Max

In NAT I have some forwardings for various ports, and in Filter rules I have 2 rules to isolate the PCs that are behind the router. I've NAT-ed them with their own network.
Any Ideas what could cause this behaviour since I haven't used filters?

Max

I want to solve this problem.

Max

And the last picture:

Capture0004.JPG

I'm guessing that the search returns lots of UDP packets in a short period and the router drops most of them.

Max

eMule works fine(it downloads, it uploads,etc) except for the global server search which returns 30-50 results instead of 800+(without the router).

Here are the pictures. Are the ports forwarded correctly? IMHO, they are.

Max

Yes, I realize now that it was incorect(but I still don't know how to do it right 100%). All I have done was to assign a PCQ queue to all the used interfaces. No classifier... ether1 is WAN, ether2 and ether3 are LAN, each with it's own separate network. And I'm using NAT between them. Selecting Dst...

Max

I don't want uPnP. uPnP isn't safe. It should work without uPnP.

normis, what do you think?

Max

Why?

It should work fine without uPnP.

Max

No, I did not configure uPnP. I've just forwarded the ports manually. The emule application shows that the ports are forwarded correctly.

Max

Back again with this topic. Things still don't work as expected. So, for the moment I have 2 PCs behind a Mikrotik router. The problem is that the one connected to ether2 eats as much bandwith as possible, leaving almost nothing for the one connected on ether3, so that surfing is very very slow. Wha...

Max

No ideas?

Max

I noticed that there is a problem when I do an eMule server search. With the router I get 30-50 results, but without the router(direct connection) I get 800+ results. KAD search works fine tough. Ports are forwarded properly as far as I know. eMule shows everything green. eMule uses the UDP port for...

Max

My speed is like this:
2mbps down/1mbps up external
100mbps up/down metropolitan

Max

It's not ADSL. My ISP uses FTTB.

Max

Any ideas what could cause this behaviour?

Max

yes, my isp is on 100mbps. Is this the problem?

Max

The left led from the port that I connect the ISP cable to, is not lighted up. Why?
All the other ports that I have PCs connected to them are light up green.

Max

I want to have 2 PCs in the same network. Those PCs are connected to the router via ether2 and ether4. I want them both to receive thier IPs via DHCP. The PC connected on ether4 shall be used only for making a Remote Desktop Connection to the PC connected on ether2, so I'd need to block any other ty...

Max

PCQ seems to work pretty nice. And it was very simple to set. Yes, I think some burts would be even better, but my experience with RouterOS/networking is very poor. Where should I read about bursting? Btw, I face new challenges every week: http://forum.mikrotik.com/viewtopic.php?f=13&t=41949&...

Max

Hi, There's a new challenge for me, every week. :) My ports are like this: ether1: ISP connection ether2: 10.222.44.0/29 network, the gateway acts as a DHCP server ether3: 10.225.44.0/30 network, the gateway acts as a DHCP server ether4: unassigned I want to use ether4 in the same network as ether2,...

Max

Hi, Thank you for your reply. I realized that I forgot to mention some aspects. The external bandwith is most of the time stable, so I know the exact values, but the metropolitan bandwidth varies, from 10 to 100mbps. I'm a bit confused on how to implement QoS, because I want to allocate the bandwith...

Max

I want to give the whole bandwith to a PC when the other is not connected, and a 60%, when both PCs are connected.
The other Pc should be limited at 40% of the bandwith.
The bandwidth is known, and pretty stable.

Is it possible to do this with RB450G?

Max

Please help.

Max

Hi, I noticed that the upload speed goes way down(from 128KB/s to 15KB/s), when the PC maintains a sustained download of ~200KB/s or more. I'm using a RB450G with NAT, for 2 PCs. The other PC is turned off. The RB450G's CPU stays under 10% with rare bursts up to 20%. RouterOS Firewall shows ~2000con...

Max

How do I give WinBox access to a secondary PC from another network, behind the router?

In services I can only specify a single network address for WinBox.

Max

Ok, that's good to know.

Afterall, I'm very happy with it, no bottlenecks at 100mbps bandwidth(CPU@30-50%).

Max

Mine's still 40 bad blocks and 41000 total sectors written.

Max

Problem got solved by adding a line(86.120.68.10 torrents.czteam.ro) in the HOSTS file.

Max

These are the screens with traceroute.
The address of the website is changed....don't know why.

Max

All of the sites that I know work fine except one. This one gives me "TTL expired in transit" when ping-ing it with router, Strange thing is that it works fine without the router. What could be the problem? Why doesn't it work with the router, and why does it work with the router? I'm talk...

Max

I did that, and it doesn't work. It's very strange. 99% of the websites work without any TTL rule. This tracker is the first one that gives me this error. [It worked 5 minutes ago, for a short period, with the postrouting ttl set to value 53. Now it gives me that expired ttl error again.] Look what ...

Max

I don't understand why does this happen. Why doesn't it ping with the specified TTL? This is a ping originated from ether1(having the active IP address that I have from the ISP). Ping-ing from here should react just like pinging from a PC that has the active IP address that I have from the ISP and i...

Max

I did the following: firewall-mangle: action=change ttl, TTL action = increment, new value=1, general=chain=prerouting. I still get the error TTL expired in transit when I ping the website. I'm guessing that it expects certain ttl values otherwise the ISP drops the packets. When I connect the PC dir...

Max

Thank God the problem got solved without a reset.

Would the software reset have deleted my backup files from the NAND?

Max

The router was set so that I could connect to it only via a specific IP.
By accident,I've changed the class of the IP on ether2 and, of course, I can't connect to the RB450G anymore.
What can I do?

Max

This is the command that I've used. I'm still getting the expired TTL error.
/ip firewall mangle add action=change-ttl chain=postrouting disabled=no dst-address=. . . . / . new-ttl=increment:1

Max

I've started everything from the beginning and I've added only one local network. It seems to work now. The authentication program works too. I'll try to configure QoS, Port Forwarding, Bandwith Management and Security. I'll come back with questions If I don't manage to configure them myself. :) Can...

Max

i've attached the screenshot with pc2 connected.

LE: I forgot to hide the MAC address, is it bad?

Max

nothing in pppoe-client.

LE: I forgot to hide the MAC address, is it bad?

Max

part3

Max

part2

Max

part1

Max

Please wait 5 mins so I can switch the ISP connection to the other computer and I will post all the possible screenshots.

Max

They were disabled during all these tests.

Max

ADD:
pc on ether2:
IP:10.223.44.4
SM:255.255.255.248
GW:10.223.44.1
DNS:10.223.44.1 81.181.x.x 80.96.x.x

LE:It wasn't connected at that moment.

Max

no bridges, master port none to all except ether1

Max

Here it is:

Max

Just one second.

Max

Yes, I can ping from the PC connected to ether2 to WAN(ether1 85.x.x.134).

Max

Yes, I can ping from the fake gateway on ether1, and also from ether1 to fake gateway. Yes I've used this command to add the gateway: /ip route add gateway=85.x.x.129 Yes, on the fake gateway I have 85.x.x.129 /27 or 255.255.255.224 LE: What about the Routes? LE2: Please tell me what screenshots do ...

Max

It still doesn't ping on the fake gateway. I've deleted those 2 NAT commands and added the general one that you told me.
Haven't tried to isolate the local networks.

Max

Will do it right away, but I want 2 different networks. I want the PCs to be isolated from each other, instead of having them in the same network.

Max

yes i can ping the gateway from a pc connected to that network, but i've typed the command anyway.

Max

Something is wrong.
I've put one PC on ether1, as a fake gateway(just by setting the gateway address and the mask), and pinging the fake gateway from another PC connected to ether2 gives only timeouts.

Max

I see.

Let's assume that there wasn't that authentication program, and the router would still not work.
What would you check in order to make sure that everything was set correctly?

Max

They're going to remove the program soon, but this isn't the issue here because using a simple router with TTL incrementing NAT will work without any problems.

IMHO I've set something wrong since I cannot ping from ether1 to ether2 or ether3.

Max

I hava an RB450G. Unfortunately I did not manage to make it work. I'll tel you a few things about what I want to do and about the ISP that will be used, so you'll make an idea. Requirements: NAT for 2 PCs, each one getting IPs via DHCP, each PC in each own separate private network, so that they'll b...

Max

The Resources tab says that my RB450G has 40 bad blocks. It's brand new, I've just got it.
How does this affect me and what can I do?

Max

yes, I'm sure. Anyway, meanwhile, I've reseted the router as you said above, and it did just what I needed. Thank you very much. I've reconfigured it again, and I'm close to making the whole thing run. How do I increase TTL by 1? The ISP sends the packets with TTL=1, in order to block some entry lev...

Max

Another question, what does Bad blocks from System->Resources mean? It says 40.

And another one, how do I increase TTL by 1?
The ISP sends the packets with TTL=1, in order to block some entry level routers.

Max

Fewi, would it reload that standard NAT config that the router came with? The problem is that I've made a backup, but when I try to restore it it gives me an error: "Couldn't restore configuration - no file name(5)". And I did not update anything meanwhile, so there's no version conflict a...

Max

How do I restore RouterOS to its original state(with that preloaded config)?

I've tried my first configuration, didn't work, and I want to start again, this time I'll organize better.

Max

Thanks for the tip, mrz. I've just connected to the board via WinBox. The ISP provider that I have forces me to use an application that tries to stop NAT-ing(long story short, they'll drop it soon due to large number of petitions). Anyway, the application can be tricked until they'll drop it: -the W...

Max

Is there a period within I have to update?
Or I can update anytime I want?

Max

Thanks, fewi.

Do I need to update anything? firmware/routeros/etc?
I think I've read somewhere, a while ago, about a time limited update or something like that.

Max

My RB450G has just arrived.

The task is simple, NAT for a few PCs.
Which are the steps that I should follow?
Do I need to update anything?

Max

I don't what? Need to clear up? Or need IDS/IPS?

Max

Ok, so this is settled, RB450G wins over RB750G, just to have that headroom.

As far as security goes RouterOS offers stateful firewall and little else. If you're serious about security you'll need to think about IDS/IPS.

I still have to clear it up whether I need IDS/IPS.

Max

I wasn't trying to be rude, my apologies if it came across as such. I was trying to express that no one else knows your environment, available resources and requirements so it's impossible for anyone else to do a cost/gain analysis. There will be 2-3 PCs, and the usual stuff: browsing, P2P download...

Max

There's no need to be rude.
Of course I'd want security, but there's always the "gain/cost" ratio.

Max

570G is more like soho router in cute plastic case and it can handle a lot of traffic, actual performance will vary depending on configuration and how optimal it is for task at hand. If you have 2 ISPs you will be actively using mangle, some sort of load balancing, queues and most probably queues. ...

Max

And another question, should I go for RB450G or for RB750G? The 450G is actually better than the 750G Why is it better? It has more RAM, but in my case, do I need it? (I want 100mbps NAT and 2000+ TCP simultaneous connections for 3-4 PCs) Do I need to hold the full internet route table? What do you...

Max

And another question, should I go for RB450G or for RB750G?
Do I need the extra RAM?
Do I need to hold the full internet route table?

Max

So, is RB450G fast enough for NAT@100-200mbps + a large number of simultaneous TCP connections(2000+)?
Can I use dual WAN?

Max

Please help.

Max

Hi, I'm looking for a high performance router for a home network consisting of 3 PCs. I'll be using 2 ISP's, that both have 100mbps metropolitan speeds. I want to have little or no speed loss even when working with 600+ TCP connections for each PC. I also want to make it as secure as possible. I'll ...

Max

Am I talking gibberish?

Max

I need your help to solve this problem. In the near future, I'll have 2 internet connections(connection "1" and "2") and 2 PCs(computer "A"-main computer and "B"-family computer). I want to use connection 1 only for computer A. Connection 2 will be either rout...

Search found 116 matches