MikroTik

locodog

I've found SSD and connected it over USB-to-SATA connector and for now dude is working over it. I will leave it for the night and see how it behaves.

locodog

My latest observations leads me to the actual conclusion that in case of this error it is enough just to restart the dude. As soon as possible in order to gat the smallest gap in recorded data. Finally I have created and regularly scheduled this script that checks the status "running" an ...

locodog

My Dude dB also runs from sdcard. I'm considering to swap micro SD card for USB to sata connector and connect small ssd for database. I've tried connecting hard disk over USB-to-SATA connector, hard disk is detected, I got it formatted but when I try to write data to it Mikrotik restarts, I'm guessi...

locodog

Do you (or anyone else) know what is causing it?

locodog

I imported older backup of dude but I'm concerned that this will happen again.

I have enough storage available.

locodog

This morning I was greeted with this error message and my Dude is not running. Database was around 30MB. I've found on Wiki manual for db repair, but there is a warning: Works only on db versions up to v6.37 software builds. So since i have 6.40.8, repair from wiki won't work for me. I did try vacuu...

locodog

If I understood you correctly, this is what you should do: With this command we will mark all packets originating from 40.20.0.0/20 and assign it routing mark "ForVPN" /ip firewall mangle add chain=prerouting action=mark-routing new-routing-mark=ForVPN passthrough=yes src-address=40.20.0.0...

locodog

From Winbox or Webfig, you click on IP > DNS and there you will see "Servers", type DNS you want (in this case 8.8.8.

, if you want to add secondary, click on arrow next to server and type 8.8.4.4. Confirm with OK.

locodog

To have all your users working from 1 dhcp server you need either to: 1. Set IP address on etherX, create dhcp server on etherX and connect cable from etherX to switch and all connect all your users to that switch. or if you don't have/need/want switch 2. Create bridge, in Bridge>Ports add all ether...

locodog

It can be bad cable from media converter to Mikrotik, bad media converter, problem with fiber optic cable between 2 media converters, port on neighbor device and of course port on Mikrotik. Way to go about this is to change everything until problem stops. 1. Change utp cable between Mikrotik and med...

locodog

I'm running CCR1036 with about 1100 connections without problems. Are your customers all on same L2 segment? Having 1000+ customers in same L2 segment could cause problem such as yours.

locodog

I've had similar problem, where Mikrotik will not obey configured 1500 MTU on EoIP. One day it was working great with 1500 MTU, router rebooted and after that i couldn't get packets bigger than 1458 through EoIP, even though no other changes in network were made. I fixed my problem after updating Ro...

locodog

Why are you doing double vlan tagging in Huawei? Wouldn't it be simpler to only have single tag and avoid having switch between?

You can also use packet sniffer on Mikrotik to check what packets are received.

locodog

I've had CCR1036-12G-4S and it was to be replaced with CCR1036-8G-2S+ so I've created backup, performed restore on new router, fixed manually few things interface related and everything was working, but then I noticed that my LEDs on SFP+ ports are not behaving as expected (they weren't blinking). I...

locodog

What OLT are you using? In all I've seen you need to add ONT to OLT.

locodog

I solved a problem differently. I've added my router 2 into same ASN as R1, and in R1 on peer configuration I've checked "Route reflect". So all routes received are forwarded to R2 with bogon community (I receive them marked with community) and that community is set as blackhole. And yes, ...

locodog

RouterOS version you are running is over 4 years old, you really should consider updating it and see if that helps your problem.

locodog

I reject your reality and substitute my own!

locodog

Hi, On router A I've configured peering session with Team Cymru to receive bogon routes and everything works fine. I'm using separate BGP instance "bogon" just for this. Let's say my ASN is 1 for this instance. All routes received from TC are set as blackhole. Now, for testing purposes I w...

locodog

Problem is not in Mikrotik dhcpv6 server, when you set prefix length in ubnt lan interface to /64 it requests from Mikrotik /64 and that is != /60 configured in Pool, that's why error happens. If you configure ubnt lan to request /60 and set stateless dhcp, there is no error in log, prefix is accept...

locodog

Can you implement changes one by one and monitor customer logging? For example (if everything is in same network, radius, customers and powerbeams, like your original design): 1. Move RADIUS to separate interface. Is there a problem with customer logging? If there is no problem proceed to #2 2. Crea...

locodog

Hmm, it is very weird problem and I honestly don't see how would configuration changes I suggested cause this. Does it happen on both sites or only on one? Did you try capturing traffic on interface with pppoe server on it to see what exactly happens? Maybe RADIUS doesn't respond in timely manner, m...

locodog

Solution for that would be private vlan, but your switch must support it. Other than that you can do router on a stick with vlan for each customer and pppoe server on each vlan.

locodog

If your servers are for example 10.6.6.0/24, just add simple queue for that network and set it as unlimited. Every connection going to or from 10.6.6.0/24 network will be withing that queue and simple queue of customers will not include traffic to and from servers.

locodog

Do you have correct gateway configured on computers in both networks? If gateways are configured correctly check firewall config on Mikrotik.

locodog

What device is connected to ether-gw? What is IP address of that device?

For example if that device has IP address 192.168.9.1, you need to setup address on ether-gw 192.168.9.2/24 and your gateway needs to be 192.168.9.1.

locodog

This would be setup with 1 Mikrotik. You will need to add vlan 11 on ether2 and add IP address 192.168.11.1/24 on it. Powerbeam 1 would be setup as Bridge, Access Point and Powerbeam 2 would be Bridge, Station WDS. Also, on both powerbeams in Network (in simple management mode) enable Management Vla...

locodog

Link you posted is GPON and it is not same as GEPON. And at the moment Mikrotik doesn't suport EPON or GEPON.

locodog

If interfaces are not bridged (or one configured as slave to another), vlan 100 on ether3 is not connected in any way to vlan 100 on ether2, so anwer to your question is no. Clients connected to different interfaces will not be able to see each other. Did you consider "router on a stick" s...

locodog

Hmm, yes that would happen. Just add dst-address=!10.103.11.48/30 (or whatever ip of your peer(s) is) to nat rule.

locodog

This is better, because server is on separate interface and not available to customers. Without second Mikrotik this is the only way you can setup a network (because customers on site 2 will need L2 access to PPPoE server). One thing you could do to separate UBNTs from customers is to create vlan 11...

locodog

L2TP/IPSec maybe?

locodog

I find PPP very clear solution to provide dual stack service to customers. Sure, you need L2 connectivity but it can be segregated into vlans or EoIP tunnels over routed network so there are no big broadcast domains. Once customer authenticates over ppp it will get ipv4 address, ipv6 address and pre...

locodog

Problem is that your CCR only has private IP on interface and every packet you source from CCR will have private address as src-address. You can solve this by adding src-nat: ip firewall nat add chain=srcnat action=src-nat src-address=10.103.11.54 out-interface=ether1 to-address=public.1 Also I woul...

locodog

You can do this with netwatch. Just add extra route for host you want to check with ping. For example if you want to ping 10.5.5.1 host over fiber
ip route add dst-address=10.5.5.1 gateway=192.168.92.1 (except you should use fiber ip address as gateway)

locodog

You really should consider putting RADIUS server on separate vlan (if you have managed switch), and if you don't have managed switch use other mikrotik interface for it. I would also use separate vlan (without IP address on that interface) for customers at site 1, and another vlan for powerbeam. My ...

locodog

I'm not sure if I understood your question properly, but why do you need PPPoE, why customer doesn't dial out L2TP to your cloud router and once l2tp connection is established customer gets static IP from Cloud router and uses l2tp connection as default?

locodog

I've seen and replied to your post on reddit, and here is some additional info on how to setup hAP as switch with wireless. On hap create bridge, you can also disable rstp by setting it to none (double click on bridge and find it there). Go to Bridge>Ports and add all ports (ether1-4 and wlan1 and w...

locodog

I use some tagged VLANs between a RB3011 and the CRS box. When I upgrade the CRS box, the interfaces are not useable and the CRS box is not reachable. Did you read the release notes? Also, does this affects L2 connections with another vendors? What exactly changed so that VLAN on 6.38 is different ...

locodog

Hello! Sorry, what mean *) interface - changed loopback interface mtu to 1500; ? There is special loopback interface now? Can't find it. Regards, Boris +1 What does it say? Do we have Loopback Interface Now? Cant seem to find either in winbox nor in cli. There is no Loopback interface added. If you...

locodog

In PPPoE connection on client MT disable MRRU. I've had the same problem and this resolved it.

locodog

After updating my router from 5.26 to 6.34.5 I have problem with RIP routes: my router receives 5 routes via RIP from 2 other Mikrotiks. Routes are displayed in route list, but for some reason they are not active. When I create same static routes they work without any issues. ip route print Flags: X...

locodog

I have The Dude 6.35.2 installed on CCR1016, and for some time all reading are correct (cpu and disk usage on mikrotiks, snmp readings of link throughtput...) and once every few minutes all that is lost, all readings are blank and it takes few minutes to repopulate, it will work for shot time before...

locodog

Same problem here on wine-1.7.52 and wine-1.9.10 I've also tried under PlayOnLinux but it also crashes 6.35.2 BREAKPOINT at: 7b839889 eip=7b839889 eflags=200216 edi=1 esi=2466a0 ebp=a5cfe8 esp=a5cfe8 eax=7b8d3000 ebx=7ed56000 ecx=a5cff0 edx=0 log: cw:1411 backtrace:[416733, 4168a3, 500cbc, 74008c, 5...

locodog

I'm using CCR1036-12G-4S 6.35.1 as PPPoE concentrator, about 100 PPPoE servers and all of them except one are on EoIP tunnels. That one server is running on ether5 interface with exactly same profile and settings as others. User connected to PPPoE server on ether5 interface will disconnect on exactl...

locodog

I've just checked, and yes, mtu on bridge was lowered to 1458. At the moment I do not have physical access to test if that would fix it, but in the morning I will try to see if it will fix my problem and thus remove need for firewall based solution.

locodog

Today I finally found solution to this problem: ip firewall mangle print Flags: X - disabled, I - invalid, D - dynamic 0 chain=forward action=change-mss new-mss=1410 passthrough=yes tcp-flags=syn protocol=tcp src-address=10.0.34.0/24 tcp-mss=1411-65535 log=no log-prefix="" Where 10.0.34.0/...

locodog

Thanks for the tip, I kinda expected it to be connected route rather than static. I'm all for OSPF, but right now main admin is against it because "we only have single gateway and we don't need it". So in IPv4 we use RIPv2, but when we begin implementing IPv6 into production I will try use...

locodog

Hi, I'm just getting into IPv6 and trying to make PPPoE work with Windows client. So far I got Windows to connect and to get prefix, but I have problem getting DNS server to Windows. PPPoE server works on ether1_hosts and in ND DNS is advertised, but Windows doesn't get it. (when I use SLAAC everyth...

locodog

How much would I get on single connection on SFP port on CCR1036 router?

locodog

I have 2 CCR1036 12G 4S routers they are now connected with 2 bonded ether interfaces. If I would connect them with S+DA0001 cable how much throughput could I expect? Modules on those cables support 10G connections, but CCR doesn't have SFP+ ports, only SFP. I read that SFP can support up to 4.5G, s...

locodog

+1 vote up

locodog

I had to temporarily put it on my home network while my RB493G was out of action due to a bad power supply. I was really surprised to see it handles my home traffic fine. Even at only 5 volts. I'm considering to get one for myself, but I'm still undecided because I read somewhere that wifi coverage...

locodog

Maybe put private IPs on PCs and do dst-nat and src-nat to public addresses?
Or if you get /29 range you could split it into 2 /30

locodog

Tried changing upstream balancing method to IP and it's working. interface monitor-traffic ether11,ether12,bond-Maipu name: ether11 ether12 bond-Maipu rx-packets-per-second: 33 827 32 617 66 559 rx-drops-per-second: 0 0 0 rx-errors-per-second: 0 0 0 rx-bits-per-second: 246.3Mbps 220.1Mbps 468.4Mbps ...

locodog

Thanks. After doing some reading last night I came to the same conclusion. On Maipu there is no layer 2 and 3, there is only balancing by IP (L3) or by MAC (l2) if I understood colleague from upstream ISP. We will try changing balancing mode to ip address.

locodog

I don't know much about Maipu, but I requested setup from upstream provider, so if anyone can tell if there is anything wrong with setup it would be nice maipu-device#sh link-agg group 2 Link Aggregation 2 Mode: LACP Description: MikroTik-bond Load balance method: src-mac Number of ports in total: 2...

locodog

My company and our upstream internet provider are setting up LACP link aggregation, on their end it's Maipu MyPower 3400 and on our is Mikrotik CCR1036. Thing is, we don't have acess to Maipu and we don't have anyone skilled with Maipu devices. On Mikrotik side, settings are pretty straightforward, ...

locodog

I narrowed down problem to http websites. When EoIP tunnel and ether (or wifi) interface are in same bridge and there is hotspot running on that bridge this problem occures. I've found a workaround by adding a web proxy, but it's a bit too resource intensive. I'm not sure on this, but it looks like ...

locodog

My setup is like this on ether1 I have hotspot running and all users function without problems. We are currently into transition from hotspot to PPPoE. I do that by creating EoIP tunnel and bridging it with ether1. Users that go via that tunnel to PPPoE server have internet access without a problem....

locodog

Hi, I'm new at this and I need to make a script that will do backup of mikrotik device over ssh. My idea was to do this ssh -l username 10.11.12.13 ":global sysname [/system identity get name]; /system backup save name=[:put $sysname]" in order to create backup with name=identity of router...

locodog

There seems to be a problem with RB1100AHx when running hotspot and PPPoE at the same time. Users are unable to reach certain websites. On every other version and model of RB with same settings everything works good. Also, when RB1100AHx is running hotspot OR PPPoE, works good, but when it has both ...

locodog

Traceroute is always a good start. Run it and see where your packets get stuck. Then check routes on all devices.

Search found 63 matches