Community discussions

MikroTik App

Search found 587 matches

  • 1
  • 2
by millenium7
Tue Dec 10, 2024 3:34 am
Forum: General
Topic: Request: Take OSPF state changes out of 'debug' log category
Replies: 9
Views: 4107

Re: Request: Take OSPF state changes out of 'debug' log category

No updates but I'm appalled mikrotik still has done nothing about this. Its a 5 minute task on a Friday afternoon job, literally just move the classification of specific OSPF messages into the correct category, done I guess it's a chicken and egg scenario, which comes first? No one seems to care bec...
by millenium7
Mon Oct 14, 2024 3:59 am
Forum: RouterBOARD hardware
Topic: Many PSU failures in CCR1036
Replies: 49
Views: 5528

Re: Many PSU failures in CCR1036

So.... does anyone actually have a replacement they can share with us? I know technically you can use any 24v power supply with sufficient wattage, but i'm chasing one that actually fits in the original location without having to mess about, no soldering, no 3d printing brackets, no swapping caps et...
by millenium7
Fri Sep 27, 2024 3:10 am
Forum: General
Topic: PPP 'link established' but not Running?
Replies: 0
Views: 645

PPP 'link established' but not Running?

Is this a bug with RouterOSv7? Seeing this on 7.15 and 7.16 (and possibly below, havn't tested) I've tried L2TP, OVPN and even PPTP and i'm getting exactly the same behavior The client side states 'Status: link established' and the server side log files say that a connection has been established fro...
by millenium7
Mon Sep 23, 2024 3:06 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1630
Views: 434463

Re: 📣 WinBox 4 is here 📣

Unsure if its been mentioned but its not pinned in the first post - Indentation with sub-interfaces (i.e. VLANs) is missing i.e. ether2 -ether2.100 - Customer A VRF --ether2.100.20 - VoIP I've always been in the habit of labeling sub interfaces based on the primary. But when logging into a router th...
by millenium7
Tue Sep 03, 2024 1:39 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1630
Views: 434463

Re: 📣 WinBox 4 is here 📣

Late to the party, and seeing there's already a lot of comments so I havn't read them all I did read the first post and a lot of others, most things have been covered already. I'll still throw an extra vote in for largely (or even entirely) bringing back tabs as opposed to drop downs In a profession...
by millenium7
Mon Aug 19, 2024 6:30 am
Forum: Forwarding Protocols
Topic: HELP! Need Help on IXP BGP Peering
Replies: 4
Views: 1643

Re: HELP! Need Help on IXP BGP Peering

Give it a go but it's fairly straightforward, Weight is a parameter that will stay locally on your router so you can freely modify it and it won't propagate to other routers. If you start needing to add more complexity, multiple transit providers with equal costs, multiple BGP transit routers etc th...
by millenium7
Mon Aug 12, 2024 9:47 am
Forum: General
Topic: Routing rule VS mangle mark routing
Replies: 20
Views: 9143

Re: Routing rule VS mangle mark routing

Anyone know when this was fixed? It's working in 7.15.3 but not 7.12.1 or below
by millenium7
Mon Aug 12, 2024 9:47 am
Forum: General
Topic: VXLAN NAT Problem [SOLVED]
Replies: 21
Views: 11373

Re: VXLAN NAT Problem [SOLVED]

Wow what an absolute pain in the ass this was. Came across this thread and can confirm this is indeed a bug. Don't know what version of ROS v7 fixed it but 7.12.1 and below definitely has this bug and routing won't work properly. Upgraded to 7.15.3 and it works, so somewhere in between it has been f...
by millenium7
Wed Aug 07, 2024 7:53 am
Forum: Forwarding Protocols
Topic: HELP! Need Help on IXP BGP Peering
Replies: 4
Views: 1643

Re: HELP! Need Help on IXP BGP Peering

This seems fairly straightforward. Just add a routing filter that applies to the IXP and sets BGP weight to 200, as they are only sending you domestic routes is that correct?
Everything else will use the other transit provider
by millenium7
Wed Aug 07, 2024 2:29 am
Forum: Forwarding Protocols
Topic: Up-to-date reliability of OSPF network types?
Replies: 0
Views: 1116

Up-to-date reliability of OSPF network types?

I've historically always used point-to-point as its the only mode I know to be reliable on RouterOS Recently have changed a lot of sites to PTMP as they have active-active backup routers, so trying to create point-to-point adjacencies requires a separate VLAN between each router and makes things mes...
by millenium7
Mon Aug 05, 2024 6:57 am
Forum: Scripting
Topic: If the uptime was more than 1 minute
Replies: 14
Views: 1842

Re: If the uptime was more than 1 minute

Seems like a roundabout way to go about it, having to go to an external URL

Can achieve the same internally without reaching out to an external source
:if ([/system resource get uptime] > 00:01:00) do={:put "yes"}
by millenium7
Sat Aug 03, 2024 7:00 am
Forum: General
Topic: UDP faster than TCP - why?
Replies: 11
Views: 3555

Re: UDP faster than TCP - why?

TCP is quite a bit more CPU intensive and goes through a different process I don't know the exact mechanism on MikroTik but when you test from a router using BTest then I presume there's some double handling via the CPU. Presumably related to the firewall and connection table, packet order checks an...
by millenium7
Wed Jul 24, 2024 10:04 am
Forum: Scripting
Topic: Host based load balancing and failover
Replies: 0
Views: 1467

Host based load balancing and failover

Here is a method to provide load balancing and/or failover to servers with a MikroTik router There are alternative (and better) methods to achieve this where possible such as Keepalived, DNS, NLB, Failover Clustering etc however I had a niche case where none of these were suitable and I did not want...
by millenium7
Wed Jul 17, 2024 3:09 am
Forum: Wireless Networking
Topic: Try 20 MHz for a week
Replies: 16
Views: 2523

Re: Try 20 MHz for a week

I'm unsure if they are simplifying it down to 20mhz wide slices, or if its more granular than that and can carve out i.e. multiple individual 2mhz wide slices of the spectrum In either case no it doesn't just screw you, your device can and will at some point transmit even if there is 100% saturation...
by millenium7
Mon Jul 15, 2024 8:36 am
Forum: Wireless Networking
Topic: Try 20 MHz for a week
Replies: 16
Views: 2523

Re: Try 20 MHz for a week

I can't wait until my neighbor sets up his WiFi 7 AP that uses 40 MHz on 2.4 GHz, 160 MHz on 5 GHz and 320 MHz on 6 GHz, all at the same time, all bands being used together (MLO shit). Then my second neighbor finds that his system that was perfectly functioning yesterday, needs an upgrade. So he to...
by millenium7
Fri Jul 12, 2024 1:15 pm
Forum: General
Topic: Access points shows an error "Warning: CPU not running at default frequency" [SOLVED]
Replies: 17
Views: 8693

Re: Access points shows an error "Warning: CPU not running at default frequency" [SOLVED]

However, if your L2 network is not segmented, then you'll have hard time to anything useful. Not necessary. It depends on the desired outcome I.e. if you don't actually care about traffic between end nodes and you instead want more of a hub-and-spoke topology where everything can see the router, an...
by millenium7
Fri Jul 12, 2024 12:52 pm
Forum: Wireless Networking
Topic: Try 20 MHz for a week
Replies: 16
Views: 2523

Re: Try 20 MHz for a week

Wifi7 also supports MLO (Multi-Link Operation) so unlike every prior wifi standard, it can simultaneously utilize 2.4ghz, 5ghz and 6ghz. So no it will not be 'shorter range' it will utilize any band that is useful. It may even use 2.4ghz up close for small packets like syn-ack, dhcp, VoIP traffic et...
by millenium7
Fri Jul 12, 2024 12:38 pm
Forum: General
Topic: Any plans to bring back UI for routing filters in v7?
Replies: 5
Views: 813

Re: Any plans to bring back UI for routing filters in v7?

Setting up rules through GUI is less efficient and troublesome where copying a single (or multiple) row(s) and do the changes textual is way faster. What is really inefficient is smashing your head against a wall due to typo's or not fully understanding the syntax The GUI shows you every potential ...
by millenium7
Fri Jul 12, 2024 12:24 pm
Forum: General
Topic: Winbox feature request: ICMP/Port Knocking for administrative access
Replies: 25
Views: 1828

Re: Winbox feature request: ICMP/Port Knocking for administrative access

Well, or maybe there will be a programmer who can write a shell with his own Address Book, knocking and launching a VPN, which, when initiating a connection, will first work out these preparatory procedures, and then call Winbox in the standard way through the command line with parameters. Here you...
by millenium7
Fri Jul 12, 2024 11:53 am
Forum: Wireless Networking
Topic: Try 20 MHz for a week
Replies: 16
Views: 2523

Re: Try 20 MHz for a week

Am patiently awaiting Wifi7 which - in theory at least - should make wider channels a genuinely useful and viable thing. Until then, above 40mhz is largely self defeating in most environments and its been a horrible disservice with so many devices defaulting to 80/160mhz wide channels. It's basicall...
by millenium7
Fri Jul 12, 2024 9:12 am
Forum: General
Topic: What changed with SSH on 6.49?
Replies: 6
Views: 769

Re: What changed with SSH on 6.49?

I assure you posting the config doesn't help. I can take any router and wipe its config, do the absolute bare minimum which is just give it an IP address, and it'll fail on 6.49.x, yet succeed on any other version I remember having an issue with rancid (https://github.com/haussli/rancid) ssh a few y...
by millenium7
Thu Jul 11, 2024 3:59 pm
Forum: General
Topic: Winbox feature request: ICMP/Port Knocking for administrative access
Replies: 25
Views: 1828

Re: Winbox feature request: ICMP/Port Knocking for administrative access

I don't think this needs to be part of winbox itself It can be done with a PowerShell or python script that prompts for an IP and choose from a list of preset port knock combinations that you create, executes them and then launches winbox and connects for you This should be trivial for ChatGPT or Cl...
by millenium7
Thu Jul 11, 2024 10:03 am
Forum: General
Topic: DHCP server grants new IP to device after "make static"
Replies: 10
Views: 929

Re: DHCP server grants new IP to device after "make static"

The client-ID is likely to blame. I actually wish that it DIDNT fill this field out when clicking make static I use a script to periodically to and remove the entry in the client ID field. I can't think of a single scenario where both the MAC 'and' client ID are needed. Maybe there is an edge case b...
by millenium7
Thu Jul 11, 2024 3:24 am
Forum: General
Topic: What changed with SSH on 6.49?
Replies: 6
Views: 769

Re: What changed with SSH on 6.49?

It's not a config issue, its something inherent to the 6.49.x firmware If I take a problematic router and downgrade it to 6.48.x or upgrade it to 7.x with no changes to the config at all, it works fine Every single device regardless of what it is or what config is in place it does not work with 6.49...
by millenium7
Wed Jul 10, 2024 9:16 am
Forum: General
Topic: What changed with SSH on 6.49?
Replies: 6
Views: 769

What changed with SSH on 6.49?

I've just discovered a problem with some MikroTik devices where the config poller (Solarwinds NCM in this case) is having difficulty logging in and running commands It can successfully connect, however its not recognising commands being echoed back properly I have narrowed this down to version 6.49 ...
by millenium7
Wed Jul 03, 2024 2:59 am
Forum: General
Topic: Any plans to bring back UI for routing filters in v7?
Replies: 5
Views: 813

Any plans to bring back UI for routing filters in v7?

Are there any plans to bring back a UI for routing filters? I understand some validity in having it as a scripting language, but its also a massive step back. I don't write routing filters every day and don't have the syntax memorized, so working with V7 means having to look up the syntax regularly....
by millenium7
Tue Jun 25, 2024 4:16 am
Forum: Virtualization
Topic: Increase CHR Free license limit to 10 Mbit/s
Replies: 33
Views: 4766

Re: Increase CHR Free license limit to 10 Mbit/s

Are licenses transferrable by deactivating and reactivating on a new device? Or are they tied to a single installation forever? If the former then there's definitely no reason for any other tiers its ridiculously reasonable. Especially given you can just spin up as many unlimited speed/feature trial...
by millenium7
Fri Jun 07, 2024 7:38 am
Forum: General
Topic: VXLAN to Proxmox cluster - can't get working
Replies: 0
Views: 1169

VXLAN to Proxmox cluster - can't get working

I'm trying to configure a VXLAN tunnel to a cluster of servers running on Proxmox and I can't get traffic to flow across at all, can't ping either end etc I've first verified reachability by IP addresses to all nodes and the remote CHR instance I've then configured Proxmox as follows - On the Datace...
by millenium7
Wed Jun 05, 2024 6:49 am
Forum: General
Topic: CHR can upgrade to v7 but breaks connectivity
Replies: 1
Views: 297

Re: CHR can upgrade to v7 but breaks connectivity

Solved. I had legacy IPSec configuration that wasn't in use, V6 correctly identifies that the policies don't apply without an active connection and thus marks them as invalid V7 appears to have different behavior and when upgrading it made those policies active - despite having no active IPSec peers...
by millenium7
Wed Jun 05, 2024 5:30 am
Forum: General
Topic: CHR can upgrade to v7 but breaks connectivity
Replies: 1
Views: 297

CHR can upgrade to v7 but breaks connectivity

Have a CHR running as a virtual machine on a QEMU host. Was originally installed with v6 and has had no problem with periodic upgrades I want to move it to v7 as I need to use VXLAN, I can upgrade fine but ether2 breaks..... There's a WAN facing interface (ether1) which works fine, ether2 is connect...
by millenium7
Sun Jun 02, 2024 5:41 am
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 172
Views: 63954

Re: IS-IS

Yep, asking about features at this stage is a bit like asking if you can move boxes into the attic of your new house and it's still just a timber frame Nowhere even close yet. Let's get fundamentals in and properly integrated before contemplating anything else. Though I wish MikroTik would put some ...
by millenium7
Wed May 22, 2024 1:27 am
Forum: General
Topic: Ethernet through put VERY slow
Replies: 18
Views: 2705

Re: Ethernet through put VERY slow

Ah, you set the speed on ether2. It means you end up as 100Mb/s half-duplex. Can you remove the speed setting on ether2? This isn't correct. RouterOS frustratingly puts this line into the config by default but it doesn't mean anything. It's essentially saying "if you untick auto negotiation, t...
by millenium7
Mon May 20, 2024 1:53 am
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 16315

Re: [Discussion] MikroTik configuration abstraction complexity

You're missing the points and issue with MikroTik completely. Re-read this thread one more time. It has nothing to do with $30k routers or switches. And yet you completely missed what I wrote. Maybe try re-reading my post The purpose was to illustrate a simple use case with MikroTik of 1) not needl...
by millenium7
Sat May 18, 2024 4:37 am
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 16315

Re: [Discussion] MikroTik configuration abstraction complexity

I smell an enterprise guy right here from 1995, who's still doing layer 2 access networks and switch daisy chains. No sir, where I come from, we've moved SP, DC and enterprise (offices or campus etc) to 10000% layer 3 routed networks all the way to each access switch in the office room or floors et...
by millenium7
Fri May 17, 2024 3:52 pm
Forum: General
Topic: Route failover testing NOT a gateway
Replies: 4
Views: 470

Re: Route failover testing NOT a gateway

Tools->Netwatch handles the sending of pings and defining timeouts without needing to script those However it still requires manual scripting to actually do anything Problem you may have with the routing method alone is that the connection table can break things. NAT in particular can be problematic...
by millenium7
Fri May 17, 2024 3:39 pm
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 16315

Re: [Discussion] MikroTik configuration abstraction complexity

One use case is where you want port isolation but the switches don't support it. Port isolation aka Private VLAN is supported in the original Linux bridge codebase, it's also on Tik: https://help.mikrotik.com/docs/display/ROS/Switch+Chip+Features#SwitchChipFeatures-Portisolation I've used this feat...
by millenium7
Fri May 17, 2024 2:06 am
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 16315

Re: [Discussion] MikroTik configuration abstraction complexity

I cannot imagine a situation where you would usefully have a port as an untagged member of multiple VLANs, which is a flexibility that this config provides. Most other manufacturers do not even allow such a configuration. I can't even imagine how such a config would work in practice. Destination IP...
by millenium7
Thu May 16, 2024 6:02 am
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 16315

Re: [Discussion] MikroTik configuration abstraction complexity

Especially complicated when the vlan bridge method changed to be more CPU bound [all vlan bridge], instead of relying on switch chip [specfic models]. Wait, what????.... Old switch menu is horrible. Bridge menu isn't the best and it does not automatically handle certain capabilities in hardware acr...
by millenium7
Thu May 16, 2024 1:22 am
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 16315

Re: [Discussion] MikroTik configuration abstraction complexity

Id be very much against a split segment model One of the best parts of MikroTik is NOT artificially gimping functionality and having a (mostly) uniform OS across the board regardless of what piece of hardware you pick up. Aside from a few things (like wireguard not on MIPS chipsets) you can use any ...
by millenium7
Mon May 13, 2024 10:00 am
Forum: General
Topic: Please bring back 'Make Static' in DHCP Lease menu
Replies: 2
Views: 490

Please bring back 'Make Static' in DHCP Lease menu

This is really annoying, please bring back the 'Make Static' option to the right-click menu under DHCP Server -> Leases Yes I am aware I can double click on an entry and then click the 'Make Static' button however this can't be done for multiple entries simultaneously, and its just an extra step I u...
by millenium7
Mon May 13, 2024 6:16 am
Forum: General
Topic: [Discussion] MikroTik configuration abstraction complexity
Replies: 164
Views: 16315

Re: [Discussion] MikroTik configuration abstraction complexity

The comparison to Cisco/Juniper/Huawei/etc is not really relevant. May as well go pick on TPLink and ask why they aren't 'Carrier Grade'. I don't think most people would ever bother to try and make the comparison because clearly TPLink is almost entirely residential focused with a few soho grade bus...
by millenium7
Thu May 02, 2024 11:43 am
Forum: Wireless Networking
Topic: Cube60SA - Woeful end-client performance
Replies: 1
Views: 874

Cube60SA - Woeful end-client performance

This ones a bit of a head scratcher Here's the fast and dirty - Customers are getting approx 30mbit/s, though radio's can do at least 180mbit/s, main uplink is capable of 500mbit/s+ and no CPU or ethernet bottlenecks anywhere The network topology for any given customer is... DistRouter -> SwitchA ->...
by millenium7
Wed Apr 03, 2024 7:20 am
Forum: General
Topic: Winbox - everything empty unless I clear cache before logging in
Replies: 0
Views: 417

Winbox - everything empty unless I clear cache before logging in

This only happens to a select few routers in the network. There is 1 in particular that is particularly bad for this. Whenever I go to log into it with winbox, I get logged in fine but there are no interfaces listed, no IP's, no neighbors, not even the routers name is shown in the winbox titlebar If...
by millenium7
Sat Mar 09, 2024 2:04 am
Forum: General
Topic: Feature requests
Replies: 1792
Views: 677366

Re: Feature requests

More context options for DHCP leases would be nice. Especially right clicking and choosing mac-telnet, winbox, SSH, HTTPS etc I'm almost exclusively looking in DHCP leases for a particular device that I need to do something with by connecting to it. Cutting out those extra steps of them opening putt...
by millenium7
Fri Mar 08, 2024 1:08 am
Forum: Wireless Networking
Topic: Problems aiming nRAY [SOLVED]
Replies: 15
Views: 4896

Re: Problems aiming nRAY [SOLVED]

I find the best alignment is the same as what I do with any other radio Lay your phone flat against the top/bottom surface of the dish and use the camera to align it (use an app that gives you a center cross/mark). This'll do your left/right alignment Then rotate your phone around 180 degrees and do...
by millenium7
Fri Mar 08, 2024 12:05 am
Forum: Wireless Networking
Topic: Problems aiming nRAY [SOLVED]
Replies: 15
Views: 4896

Re: Problems aiming nRAY [SOLVED]

To further add to my 'even mikrotik doesn't know' statement, i've very successfully used a LHG60G as a multipoint that covers a 90 degree spread with 8x other LHG 60G dishes, yet according to them it only has a 3 degree beam width and must be aligned to within 1 degree. It's just blatantly wrong but...
by millenium7
Thu Mar 07, 2024 2:21 am
Forum: Wireless Networking
Topic: Problems aiming nRAY [SOLVED]
Replies: 15
Views: 4896

Re: Problems aiming nRAY [SOLVED]

Good info. I searched this forum for aiming info and the Microtik setup instructions are pretty short. I'd this stuff documented somewhere? No, much to my frustration I voiced this on this forum several times, even after figuring out exactly how to work with the 60ghz devices and posting detailed i...
by millenium7
Wed Mar 06, 2024 11:56 pm
Forum: Wireless Networking
Topic: Problems aiming nRAY [SOLVED]
Replies: 15
Views: 4896

Re: Problems aiming nRAY [SOLVED]

Start with a rough alignment by eye Log into both radios, open terminal and manually set tx-sector=36 in order to disable beamforming. And if the range is >400m the use 64800 for the frequency. And you'll want the solidmount Then type in 'align 0' to enter alignment mode and give a real-time readout...
by millenium7
Wed Mar 06, 2024 4:02 am
Forum: Wireless Networking
Topic: Problems aiming nRAY [SOLVED]
Replies: 15
Views: 4896

Re: Problems aiming nRAY [SOLVED]

Don't worry about the alignment arrows, its not the correct way to align the 60ghz products anyway, but at 50 metres it doesn't matter. You can spin the dish 70 degrees to the side and still get over a gigabit
by millenium7
Wed Mar 06, 2024 12:13 am
Forum: General
Topic: Feature requests
Replies: 1792
Views: 677366

Re: Feature requests

Unless I've missed it somewhere... Please for the love of God add a command or hotkey toggle to show all 'sensitive' fields in the console and not have them blocked out When typing or pasting in a command that contains a password, it will blank that entire line out as soon as the enter key is presse...
by millenium7
Tue Feb 20, 2024 10:22 am
Forum: RouterBOARD hardware
Topic: L009 with no 5GHz wireless
Replies: 17
Views: 4024

Re: L009 with no 5GHz wireless

No way to satisfy all. Sure, but there's a big difference between not trying to satisfy everybody, and releasing total gimp.... .. Like should any device now ever be released with 10mbit ethernet ports? No absolutely not 2.4ghz is not quite on that level, and it has some justification in niche situ...
by millenium7
Tue Feb 20, 2024 8:13 am
Forum: RouterBOARD hardware
Topic: L009 with no 5GHz wireless
Replies: 17
Views: 4024

Re: L009 with no 5GHz wireless

The earlier reply from MikroTik has been that the L009 is intended solely as the replacement for their most successful device ever, the RB2011. .... makes no sense. It's silly to not have put 5ghz in I'm pretty sure people aren't buying the 2011 specifically because it DOESNT have 5ghz in it Should...
by millenium7
Sat Feb 17, 2024 7:58 am
Forum: Announcements
Topic: Newsletter #116 | January 2024
Replies: 106
Views: 37310

Re: Newsletter #116 | January 2024

It does seem very strange to even bother announcing the AP product if the SM isn't ready. It would have some use as an outdoor directional multipoint for a pool/gym/outdoor area, but not as a WISP product, yet that's what they are advertising it as... That said, I don't know how anyone can deploy Mi...
by millenium7
Mon Feb 12, 2024 4:33 am
Forum: General
Topic: PPPoE Bonding - MLPPP vs Bonding vs NTH?
Replies: 1
Views: 434

PPPoE Bonding - MLPPP vs Bonding vs NTH?

Which method would generally be recommended on MikroTik for equal cost bonding? Same destination server, same line speeds

- MLPPP
- Bonding interface with PPPoE on it
- NTH per packet bonding

Advantages/disadvantages to each method?
by millenium7
Mon Feb 12, 2024 4:07 am
Forum: Scripting
Topic: RouterOSv7 - Terminal is substantially worse to use?
Replies: 9
Views: 2513

Re: RouterOSv7 - Terminal is substantially worse to use?

An interesting question here is how many use terminal vs gui to configure the router. I do most config from gui when play around to test stuff. For setting opp multiple routers, terminal is used with copy past, so do not really need all that help. UI is great for individual configuration except in ...
by millenium7
Mon Feb 12, 2024 12:18 am
Forum: Scripting
Topic: RouterOSv7 - Terminal is substantially worse to use?
Replies: 9
Views: 2513

Re: RouterOSv7 - Terminal is substantially worse to use?

I don't think V7 is "worse" than V6. Using "?" as help key, meant that the "?" needed to be escaped if used in command (e.g. like AT command to LTE e.g. "AT+COPS?"). So borrowing the F1 from "windows" kinda make more sense (although in some terminal...
by millenium7
Wed Feb 07, 2024 12:38 am
Forum: Scripting
Topic: RouterOSv7 - Terminal is substantially worse to use?
Replies: 9
Views: 2513

Re: RouterOSv7 - Terminal is substantially worse to use?

The other major pain in the ass is hiding of text when pasting in passwords etc. Surely there is a way to turn this off? It makes debugging frustrating as hell as I can't see the code block I've just pasted in
by millenium7
Tue Feb 06, 2024 3:41 am
Forum: Announcements
Topic: Newsletter #116 | January 2024
Replies: 106
Views: 37310

Re: Newsletter #116 | January 2024

The best we can say about these devices being released today with too little storage and RAM is that it will force Mikrotik to optimise the software, and then everybody will benefit. Is that along the same lines of thinking MikroTik will be forced to make their AC wifi products fantastic when the r...
by millenium7
Mon Feb 05, 2024 4:01 am
Forum: Scripting
Topic: How should the local variable be called in if? [SOLVED]
Replies: 11
Views: 7787

Re: How should the local variable be called in if? [SOLVED]

Thats because you are using the 'local' type which confines variables to the scope they are created within (and scopes deeper inside) but cannot exist outside of that scope. Thus as you've found it doesn't exist outside of the 'if' statement Use :global instead of :local or place the :log command in...
by millenium7
Mon Feb 05, 2024 2:22 am
Forum: Scripting
Topic: Syntax difference in versions, how to handle? [SOLVED]
Replies: 12
Views: 8710

Re: Syntax difference in versions, how to handle? [SOLVED]

Does :execute command exists in ROS6? You try with it if does, :if ([/system package get 0 version] ~ "^6") do={:execute "/export terse" as-string} else={:execute "/export terse show-sensitive" as-string} Syntax will not be checked in string for execute, it will only b...
by millenium7
Thu Feb 01, 2024 7:22 am
Forum: Scripting
Topic: RouterOSv7 - Terminal is substantially worse to use?
Replies: 9
Views: 2513

RouterOSv7 - Terminal is substantially worse to use?

Am I missing something or the terminal/cli significantly worse in V7? The ? key does nothing, making it difficult to see all valid commands. And tab completion seems to ignore A LOT of the possible commands, i.e. typing :pi<TAB> will autocomplete it as :ping yet ignore :pick as a possibility Same wi...
by millenium7
Wed Jan 31, 2024 11:51 pm
Forum: Wireless Networking
Topic: Any plans for spectrum analyzer on new wifi6 products?
Replies: 9
Views: 1085

Re: Any plans for spectrum analyzer on new wifi6 products?

I thought that professionals had a (self-standing) spectrum analyzer device as a common tool in their toolbox (rather that relying on whatever is built in the device they are installing), just like the rj45 crimper (I am not familiar with any AP/router/switch coming with a built-in crimper). It wou...
by millenium7
Wed Jan 31, 2024 2:44 pm
Forum: Wireless Networking
Topic: Any plans for spectrum analyzer on new wifi6 products?
Replies: 9
Views: 1085

Re: Any plans for spectrum analyzer on new wifi6 products?

... as essential of a tool as a RJ45 crimper.... What's wrong with prefabricated UTP patch cables? :wink: Yeah super convenient running those up towers, through wall cavities, conduits and risers etc. Very convenient, especially with the 20m of coiled excess on the roof I suppose whilst we're at it...
by millenium7
Wed Jan 31, 2024 12:54 pm
Forum: Wireless Networking
Topic: Any plans for spectrum analyzer on new wifi6 products?
Replies: 9
Views: 1085

Any plans for spectrum analyzer on new wifi6 products?

Seeing the new NetBox 5 AX gives some hope for actually using MikroTik again as an outdoor wireless provider. However without spectrum scanning capability it is completely pointless as you're just playing 'guess a frequency' at random, hoping and praying with zero direction. Every other outdoor play...
by millenium7
Wed Jan 31, 2024 12:38 pm
Forum: RouterBOARD hardware
Topic: Everything but hAP ax2 is pointless?
Replies: 24
Views: 8049

Re: Everything but hAP ax2 is pointless?

Surely there are "intended cases" for these L009 devices, but I am struggling to understand what they are. See now you're getting it MikroTik almost always gets about 95% of the way to something great then drops the ball on the last part - L009 wireless is 2.4ghz only, why!???? - CRS PoE ...
by millenium7
Wed Jan 31, 2024 6:26 am
Forum: RouterBOARD hardware
Topic: Everything but hAP ax2 is pointless?
Replies: 24
Views: 8049

Re: Everything but hAP ax2 is pointless?

MMIPS & MIPSBE are by far the most stable and reliable chips in the mikrotik range. HEX & HEX S thus hold value in that regard, hence I use them a hell of a lot and never have to question their stability. ARM chips have gotten better but are still unreliable in their performance metrics and ...
by millenium7
Tue Jan 23, 2024 12:46 pm
Forum: General
Topic: User poll about using Winbox
Replies: 107
Views: 111281

Re: User poll about using Winbox

That said, perhaps a low hanging fruit that would 'supercharge' this feature for me, is another drop down menu at the top called 'Layouts' for saving/loading presets. One that is usable whilst logged into a router, not beforehand I could then just go to the Layouts drop down menu, choose one of my n...
by millenium7
Tue Jan 23, 2024 12:41 pm
Forum: General
Topic: User poll about using Winbox
Replies: 107
Views: 111281

Re: User poll about using Winbox

Never once used or knew what this was about. So yes it is very poorly worded That said, i'm almost always logging into routers and then choosing 'Close all Windows' due to the clutter. This is because I didn't even know what 'session' was and never paid any attention to it. But inevitably the winbox...
by millenium7
Tue Jan 23, 2024 11:28 am
Forum: RouterOS beta
Topic: EIGRP
Replies: 3
Views: 3601

Re: EIGRP

Most people are very short sighted on EIGRP and insist OSPF is a flawlessly optimal protocol. I've had this discussion on this forum and others, it rarely leads anywhere productive. Yet EIGRP absolutely would be a phenomenally better protocol in the WISP world, as it doesn't have the overly restrict...
by millenium7
Tue Jan 23, 2024 9:22 am
Forum: Wireless Networking
Topic: Suggested change to CAPSMAN - channel handling
Replies: 0
Views: 638

Suggested change to CAPSMAN - channel handling

I was desperately hoping that the new CAPSMAN implementation would fix my biggest gripe with it, alas no such luck And that is the needless mess and doubling up of configurations SOLELY because of channels, it's not simple nor neat. As soon as you want any sort of control over channels - as is the c...
by millenium7
Thu Jan 11, 2024 12:46 pm
Forum: Scripting
Topic: Syntax difference in versions, how to handle? [SOLVED]
Replies: 12
Views: 8710

Re: Syntax difference in versions, how to handle? [SOLVED]

get 0 Please stop writing on this way, no matter if is only one example. Why? It's entirely valid in this example, there will ALWAYS be at least 1 package, and packages have the same version number (but may change in name, thus 0 is perfectly suited) If it was something like a firewall rule then ye...
by millenium7
Thu Jan 11, 2024 11:26 am
Forum: Scripting
Topic: Syntax difference in versions, how to handle? [SOLVED]
Replies: 12
Views: 8710

Re: Syntax difference in versions, how to handle? [SOLVED]

v7 is still beta at best and definitely not a full replacement for v6

Besides, managing a dozen routers that you own is fine, managing hundreds/thousands of devices it's just not practical to enforce an upgrade to v7 (that then breaks other things) that sort of idea is nonsensical
by millenium7
Thu Jan 11, 2024 8:24 am
Forum: Scripting
Topic: Syntax difference in versions, how to handle? [SOLVED]
Replies: 12
Views: 8710

Syntax difference in versions, how to handle? [SOLVED]

This is a conundrum since MikroTik decided to change the behavior of /export terse I don't mind the change in itself but the problem is how do I handle this with a single line? Using 2 lines will not work as it will include the output in the config backup So at first I thought I could use this, whic...
by millenium7
Fri Dec 15, 2023 5:44 am
Forum: General
Topic: Request: add user with password hash
Replies: 10
Views: 5190

Re: Request: add user with password hash

It is stupid that this is still not a thing If nothing else, hash is extremely useful for identifying vulnerable passwords. I.e. old/outdated/common passwords on devices that should be changed. This is EASILY checked if the hash exists in the config, very simple regex or any other comparator that sc...
by millenium7
Wed Nov 22, 2023 9:35 am
Forum: Scripting
Topic: BTest to multiple routers or all OSPF neighbors
Replies: 1
Views: 1705

BTest to multiple routers or all OSPF neighbors

Needed a way to occasionally run a bandwidth test on every distribution router in the network to assess real-world link speeds, as well as net backhaul capacity out of the network. Finally get around to writing a script to accomplish this Essentially this will let you specify 1 or more routers by fi...
by millenium7
Mon Nov 13, 2023 11:32 am
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 172
Views: 63954

Re: IS-IS

All I can say is FANTASTIC!!!! I won't ask for any concrete information but I do hope its at least IPv4 functionally capable for production use within a years time. OSPF is, always has been and always will be an utterly shit protocol for ISP and especially WISP environments. It's just completely the...
by millenium7
Sun Nov 12, 2023 12:51 am
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 172
Views: 63954

Re: IS-IS

This page was updated along with 7.12 release:
I see no mention of it in the patch notes and no routing is-is menu or CLI commands
There is however
/routing fantasy
MikroTik playing a cruel joke perhaps?
by millenium7
Thu Oct 26, 2023 2:26 am
Forum: General
Topic: Load balancing with speed detection?
Replies: 0
Views: 1539

Load balancing with speed detection?

Ubiquiti manages to do load balancing dramatically better than MikroTik and somehow can utilise all available capacity of all lines (unequal speeds are no problem) without the need to specify bandwidth manually, and will dynamically change the bandwidth split depending on conditions I'm guessing the...
by millenium7
Thu Sep 28, 2023 12:31 am
Forum: General
Topic: Suggestion: Safe mode with countdown backup restore
Replies: 4
Views: 1000

Re: Suggestion: Safe mode with countdown backup restore

If you lock yourself out you may not be able to get to the device to restart it. Almost everything I configure is remote
Problem with separate running/saved Configs is when forgetting to save them, same situation as above. 6 months might go by and the device reboots and loses its config
by millenium7
Wed Sep 27, 2023 2:35 pm
Forum: General
Topic: Suggestion: Safe mode with countdown backup restore
Replies: 4
Views: 1000

Re: Suggestion: Safe mode with countdown backup restore

Safe mode is just inherently so unreliable. I'd say I have a 80% success rate with it, but that other 20% it just does not recognize loss of connection at all. It seems especially so when i'm changing anything to do with L2 connectivity, such as VLAN's, DHCP snooping, port isolation etc. And when it...
by millenium7
Wed Sep 27, 2023 12:53 pm
Forum: General
Topic: Suggestion: Safe mode with countdown backup restore
Replies: 4
Views: 1000

Suggestion: Safe mode with countdown backup restore

Since Safe Mode is known to be woefully unreliable at detecting the device is no longer being accessed - especially with anything involving Layer2 connectivity changes - can I please suggest MikroTik implement an alternate method that is far more reliable. As well as allowing the user to momentarily...
by millenium7
Thu Sep 21, 2023 1:03 am
Forum: General
Topic: Mikrotik SUCKS
Replies: 89
Views: 21633

Re: Mikrotik SUCKS

VLANs and switching in general is needlessly complicated. New bridge menu method is 'ok' at best but it's far from optimal. For one I don't understand why they couldn't just make it a very simple tag/untag/exclude option for each port in a bridge instead of the way it's handled. It's not clear, it's...
by millenium7
Tue Sep 19, 2023 4:17 am
Forum: General
Topic: Mikrotik SUCKS
Replies: 89
Views: 21633

Re: Mikrotik SUCKS

100% agree. There's network engineers and there's vendor-only engineer. If this guy only knows Cisco, he's a Cisco engineer, not a network engineer. About the only viable complaint with MikroTik is their VLAN and Switch menu implementation, its a bit bass ackwards and definitely requires a thought ...
by millenium7
Tue Sep 19, 2023 1:04 am
Forum: RouterOS beta
Topic: mDNS repeater feature
Replies: 331
Views: 116507

Re: mDNS repeater feature

I really wouldn't worry about it, if there is a valid use case (practical management is absolutely a viable one) then by all means use multiple bridges. If its just a home based setup with multiple VLAN's sure single bridge is a good idea. However as with everything it depends on the use case. Often...
by millenium7
Mon Sep 18, 2023 10:33 am
Forum: RouterOS beta
Topic: mDNS repeater feature
Replies: 331
Views: 116507

Re: mDNS repeater feature

Have used multiple phones and found this to be woefully unreliable, some it works and others it just does not work whatsoever. Multicast routing itself seems to work but evidently multicast routing alone its not the only thing required for chromecast streaming to work 100% of the time (am testing wi...
by millenium7
Fri Sep 15, 2023 5:30 am
Forum: RouterOS beta
Topic: mDNS repeater feature
Replies: 331
Views: 116507

Re: mDNS repeater feature

I'm having absolutely no success with getting chromecast to work. Read the entire thread, followed posted examples, not working First question which may answer why its not working: Does all multicast traffic need to be in the same 'bridge' for PIM or IGMP Proxy to work? I've been testing with a lab ...
by millenium7
Fri Sep 15, 2023 1:43 am
Forum: General
Topic: Anyone have VLAN and Chromecast working?
Replies: 16
Views: 7795

Re: Anyone have VLAN and Chromecast working?

Anyone have an update to this? Is it finally viable to be able to stream to chromecasts across separate networks/VLAN's natively in RouterOS 'without' the need to install docker containers? Main constraint there being this only works on ARM/CHR architecture and thus not devices like the HEX (mmips) ...
by millenium7
Mon Aug 21, 2023 8:50 am
Forum: General
Topic: Switch menu config not working as expected on Powerbox Pro
Replies: 6
Views: 1496

Re: Switch menu config not working as expected on Powerbox Pro

I've finally had some time to lab it I think the MikroTik help page is wrong, or has bad wording that isn't clear I also think it's just a complete bug, and things are broken and cannot be implemented as expected Here is a direct quote from the site Note: QCA8337 and Atheros8327 switch chips ignore ...
by millenium7
Fri Jul 28, 2023 7:37 am
Forum: General
Topic: Switch menu config not working as expected on Powerbox Pro
Replies: 6
Views: 1496

Re: Switch menu config not working as expected on Powerbox Pro

I thought it was fairly clear given that I outlined requirements as well as existing bridge mode config Terminology depends on your perspective. As an ISP the customer is on and remains solely in VLAN10 Ether1 is an access port, untagged traffic only. Will end up on VLAN10 by the time it egresses ou...
by millenium7
Fri Jul 28, 2023 5:08 am
Forum: Forwarding Protocols
Topic: Shortest Path Bridging (SPB)
Replies: 12
Views: 10128

Re: Shortest Path Bridging (SPB)

Not to mention MPLS is very broken on MikroTik.... After years of dealing with sporadic mismatches in forwarding table that causes unreachable customers/devices/routers i've resorted to completely ripping MPLS out of our MikroTik network. It's just not the right way to run a business having to rando...
by millenium7
Fri Jul 28, 2023 4:26 am
Forum: General
Topic: Switch menu config not working as expected on Powerbox Pro
Replies: 6
Views: 1496

Switch menu config not working as expected on Powerbox Pro

I'm baffled as to what the heck is happening when I seemingly configure the switch menu correctly, yet traffic just does not do what is intended At the moment most of our PowerBox deployments are configured solely with the Bridge menu, as it's much simpler to do so. The downside is no hardware offlo...
by millenium7
Wed Jul 12, 2023 12:45 pm
Forum: General
Topic: Optimal method to rate limit for a BGP neighbor?
Replies: 3
Views: 758

Re: Optimal method to rate limit for a BGP neighbor?

Let me try and clarify with a simple example using 1 company and 2 different sites (they get to the internet through my network) My network leases transit and an IP space of 1.0.0.0/24 to CompanyX CompanyX pays me for 150/150mbit of bandwidth to the internet CompanyX has 2 sites that connect to my n...
by millenium7
Wed Jul 12, 2023 11:51 am
Forum: General
Topic: Optimal method to rate limit for a BGP neighbor?
Replies: 3
Views: 758

Optimal method to rate limit for a BGP neighbor?

What is the most effective and straightforward method for rate limiting a BGP neighbor? Little more complicated than an interface queue because there can be traffic from multiple sources, and there are overlapping subnets for multiple neighbors (but more precise /32 routes) In addition, how about ra...
by millenium7
Mon Jul 10, 2023 1:21 pm
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 120
Views: 27470

Re: CubeSA 60Pro ac: 60Ghz clients flapping

at 300m in a multipoint setup (i'm assuming they are more than 5 degrees apart) i'd strongly suggest not using 58ghz. Try 64.8ghz and if thats stable step it down to 62ghz if you have other radio's in the area, or you're using it for a point-to-point backhaul I havn't extensively tested frequency on...
by millenium7
Fri May 19, 2023 3:32 am
Forum: Wireless Networking
Topic: Band Steering implementation?
Replies: 80
Views: 40045

Re: Band Steering implementation?

I may have a small Mikrotik network, but the number of times I've had a 5Ghz capable client connect to 2.4Ghz radio is extremely ware. This is before the WiFiwave2 package was even released. Yes, a single room is indeed small :D It's a very common thing, it's not just in MikroTik networks but since...
by millenium7
Thu May 18, 2023 3:13 am
Forum: Useful user articles
Topic: How to: Edge router and BNG optimization for ISPs Topic is solved
Replies: 68
Views: 106319

Re: How to: Edge router and BNG optimization for ISPs Topic is solved

You are confusing how port mapping works. MikroTik uses a code logic whereby if 100.64.0.10:1234 traffic comes in towards egress NAT interface, src-nat chain netmap action will map 100.64.0.10:1234 to public:1234. This ensures 1:1 port mapping, eliminating the need for TURN. However, for additional...
by millenium7
Thu May 18, 2023 2:53 am
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 120
Views: 27470

Re: CubeSA 60Pro ac: 60Ghz clients flapping

The latest 7.10beta5 appears to have fixed the issue I was having, can now run upload tests from client side without causing radio disconnections. Note that importantly it never disconnected with a mikrotik btest, it was only specific types of traffic Note also that you only need to update the AP an...
by millenium7
Wed May 17, 2023 8:48 am
Forum: Useful user articles
Topic: How to: Edge router and BNG optimization for ISPs Topic is solved
Replies: 68
Views: 106319

Re: How to: Edge router and BNG optimization for ISPs Topic is solved

I'd like to get some further clarification on a couple of topics RP-Filtering. Can someone explain how loose mode is in any way different to 'none' when a default route exists in the table? From what i've read, MikroTik does consider a default route when performing reverse path lookup. Hence every I...
by millenium7
Fri May 12, 2023 12:48 am
Forum: Forwarding Protocols
Topic: [Stability] Multiple PPPoE servers (+10) at the same router - Is there any alternatives?
Replies: 10
Views: 8147

Re: [Stability] Multiple PPPoE servers (+10) at the same router - Is there any alternatives?

You're overthinking it. There will be zero difference in CPU usage. PPPoE sessions terminate and then must hit the routers CPU. No they are not tied to individual cores or anything like that Just throw everything into a bridge with a horizon value (same on all) to avoid traffic flowing between custo...
by millenium7
Fri May 05, 2023 4:33 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 2455

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

Or....... I could use any other vendor and it just works without all the fluff The reason for capsman forwarding mode is it's the only one that allows hands-off provisioning Local forwarding mode still requires logging into the AP and manually creating the bridge interface and assigning the interfac...
by millenium7
Fri May 05, 2023 4:20 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 2455

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

If you want each room to have its own network so that devices can communicate with others in the same room, a VLAN per room might be a better solution than multiple bridges. If there's only a dozen rooms perhaps, when there's 200 rooms that's 200 vlans to configure across a bunch of switches, 200 s...
by millenium7
Fri May 05, 2023 3:53 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 2455

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

Not sure why this is not a clear concept so i'll try again Here's what i'd like to be able to do: Take any MikroTik AP directly out of the box with no configuration, plug it into a network and have CAPSMAN configure it with the details of the room it resides in Following me so far? The same as any o...
by millenium7
Fri May 05, 2023 1:50 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 2455

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

It's not niche at all, it's really quite a simple concept and extremely common to have both 2.4ghz and 5ghz treated like the same layer2 segment, so that when you have devices connected on both bands they can still communicate with each other, and not forcefully have to switch bands. This is the way...
by millenium7
Thu May 04, 2023 4:01 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 2455

Re: CAPSMAN - Config to bridge 2.4 and 5ghz together?

Not a great solution either way, i'm hoping CAPSMAN gets a complete overhaul and rewritten from the ground up with the concept of multiple radio's and ease of management in mind. It seems to me that it was never designed that way, and assumed only a single radio was ever going to be present. As a re...
by millenium7
Wed May 03, 2023 1:07 pm
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 120
Views: 27470

Re: CubeSA 60Pro ac: 60Ghz clients flapping

We updated to the latest RC a couple weeks ago and the AP's stopped soft locking However there's still an issue, not sure if its always been there (I would say so) but we have only just recently narrowed it down to being replicate able Using 3x Cube60Pro AC's in a multipoint setup, when I run mikrot...
by millenium7
Wed May 03, 2023 5:04 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

I could be wrong but the other issue is the device will never boot back to RouterOS if its set to flash-boot (unsure if there's an integrated time-out?) I can see this being a problem, especially if flashfig doesn't work. Your device is essentially soft-bricked and you'd need a console cable to set ...
by millenium7
Wed May 03, 2023 4:00 am
Forum: Wireless Networking
Topic: CAPSMAN - Config to bridge 2.4 and 5ghz together?
Replies: 12
Views: 2455

CAPSMAN - Config to bridge 2.4 and 5ghz together?

I looked this into a while ago and couldn't find an elegant solution, so here goes again incase I just missed something obvious How can I make CAPSMAN AP's work like every single other wifi device out there on the market, and have both 2.4ghz and 5ghz radio's be treated like a single network? Not th...
by millenium7
Sun Apr 30, 2023 6:56 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

OCR has been used in critical real-time industry-scale applications for decades. For computer-printed text, it's a solved problem, to the extent that researchers have been focusing on handwriting recognition instead, the original problem from the 1980s considered too easy now. Provided the text is ...
by millenium7
Sat Apr 29, 2023 7:04 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

The next 10% is please include a barcode for the password Not quite a barcode. But I suspect if the font/size was better, OCR would likely work. I use the iPhone with IMEIs and ICCIDs and surprised how well it works to read them. stick it straight on the box - optionally the product as well I belie...
by millenium7
Sat Apr 29, 2023 1:21 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

We did also notice the issue with ambiguous characters and bad font. We will find a solution ASAP. One option is to switch to all caps letters only, another is to avoid O/0/I/l/1/8/B. In any case, we are workinng on it. Fantastic! that's a good start, and is 90% of why I originally created the thre...
by millenium7
Thu Apr 27, 2023 6:53 am
Forum: General
Topic: PPPoE upload speed problem
Replies: 24
Views: 9283

Re: PPPoE upload speed problem

I'm having this problem with a customer as well. The PPPoE server is a MikroTik router, download test are fine but upload is garbage Client PPPoE has been tested as other routers as well direct PPPoE session on PC's and its maxing out at around 200mbit/s Changing to IP connectivity it maxes out the ...
by millenium7
Thu Apr 27, 2023 5:06 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

I only stick to things that can actually be done without giving a damn about the default password. Nothing more, nothing less. Ahhhh now it's starting to make sense. So if you encounter a situation like a radio/router/switch being factory reset on top of a tower, you just walk away and don't do any...
by millenium7
Wed Apr 26, 2023 9:21 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

have you read my posts at all? Yes I have, there is some merit in theory but not always in practice 1) I may not have any clue who the original distributor was of equipment that I take over. Or I may not have access to get those records 2) Netinstall/flashfig is a PITA at best, and completely usele...
by millenium7
Wed Apr 26, 2023 8:55 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

the sticker has only the DEFAULT password which you must change. this is not comparable to "I inherited a router that somebody password protected" Yes it is normis. Re-read what I said as you clearly misunderstood it If I factory reset a device then guess what password it gets? THE DEFAUL...
by millenium7
Wed Apr 26, 2023 8:48 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

*** I still haven't read a valid example (other than protected-routerboot) where this default password is a problem. But a concrete example, not bullshit. Of course I too could be wrong, but for now I have no data regarding something insurmountable that you haven't made me consider yet. If you havn...
by millenium7
Mon Apr 24, 2023 1:47 pm
Forum: General
Topic: pppoe client isolation
Replies: 12
Views: 2066

Re: pppoe client isolation

@ ponline well, how about try to make a p2p pppoe link for each client, instead of regular broadcast pppoe pool?? 🤔 this setup will be expensive in terms of ip number used, subscription maintenance and each pppoe p2p setup. 1 pppoe server for 1 pppoe client, uses 2 ips. PPPoE is not a broadcast seg...
by millenium7
Mon Apr 24, 2023 9:13 am
Forum: General
Topic: pppoe client isolation
Replies: 12
Views: 2066

Re: pppoe client isolation

You need to leave connection tracking on Sounds like you probably don't want the absolute most CPU optimal method, and it'd be better to have something that's easily managed. As it sounds like this router is doing other duties, so its best to keep things nicely separated into their own compartments....
by millenium7
Mon Apr 24, 2023 7:27 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

You are impossible to get through to. No that isn't what I've been saying, you are twisting my words around and clearly you've not gone through any of the scenarios I've proposed and thus it doesn't make sense to you
by millenium7
Mon Apr 24, 2023 5:27 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

Hang on a sec. Your plan is to have a mode where someone remote can blank out the configuration and provide a new one, including a new non-empty password, in order to get around a regulation passed to avoid having routers completely taken over by LAN worms? Are you proofreading your proposals or ju...
by millenium7
Mon Apr 24, 2023 4:04 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

I'm no lawyer but I wonder if they would remain compliant if they did revert back to a blank password, but the device is essentially unusable until a new password is set. All routing/switching/wireless functionality is disabled and nothing can be assigned except for very minimal management functiona...
by millenium7
Sun Apr 23, 2023 11:14 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

Just regarding netinstall... Anything physical is a no-go on remote applications and isn't an appropriate solution. Even if you get a layer2 tunnel to every site (lets be realistic, its just not feasible en-masse nor on most radio tower installs) you need to physically do something to the device, th...
by millenium7
Fri Apr 21, 2023 1:55 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

If you were expecting to be able to walk up to a router someone else installed and used to manage, but get full admin access on it without a reset of some kind, you're either dreaming or hoping for a world without any security at all. You are completely missing the mark here. Not one person here is...
by millenium7
Thu Apr 20, 2023 2:09 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

We've done plenty of mergers/acquisitions of equipment. Doesn't matter how perfect 'your' records may be, if you take over responsibility for other equipment you have get absolutely zero documentation and your only option is to factory reset the device to take over control of it. Well now you can't ...
by millenium7
Thu Apr 20, 2023 1:30 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

What is the story here? I'm confused. Multiple scenario's mixed together? There are plenty of scenario's where random default passwords are atrociously piss poor. The only one i'm addressing specifically in this thread is the difficulty in reading it as its so small and uses ambiguous characters. T...
by millenium7
Wed Apr 19, 2023 7:07 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

Not a QR code, should just be a regular old barcode QR codes work better for things like wifi passwords as it can contain a lot more information (such as URLs) but provide no benefit in this instance and have some drawbacks - most handheld barcode scanners don't do QR codes - much slower to read/rec...
by millenium7
Wed Apr 19, 2023 5:55 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

Barcodes would go a very long way to helping this situation. Not everyone has a barcode scanner, but it's a pretty easy sell if you have to configure lots of them For individual units and field techs at least they can use a phone to snap a pic and have it convert that to text. At least it would.be c...
by millenium7
Wed Apr 19, 2023 11:03 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Re: Something NEEDS to be done about the default passwords

Convenience is the worst enemy of security. Do it properly or not at all. This goes way beyond 'convenience', these sorts of random passwords absolutely will result in a lot of pointless e-waste, financial waste and needless man-hours solely because the device got factory reset and can no longer be...
by millenium7
Wed Apr 19, 2023 4:17 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 17544

Something NEEDS to be done about the default passwords

MikroTik need to keep it for EU compliance, frustrating as hell and should not apply to products sent outside the EU but whatever..... the main issue is make the password readable! Stop using characters like O/0/I/l/1/8/B as trying to decipher what they are gets really old really fast after repeated...
by millenium7
Thu Apr 13, 2023 8:44 am
Forum: Announcements
Topic: Newsletter #112 | April 2023
Replies: 66
Views: 14182

Re: Newsletter #112 | April 2023

The outdoor 5009 has no information on input wattage per ethernet port. Is it only 25w input as well? Or full 130w input is possible? My intention is to replace some Powerbox Pro's that have 60ghz radios hanging off then, as the powerbox is also setup as a router and it struggles. I don't want to ru...
by millenium7
Tue Apr 11, 2023 7:33 am
Forum: Forwarding Protocols
Topic: Deny OSPF prefix out a certain interface
Replies: 1
Views: 2344

Re: Deny OSPF prefix out a certain interface

Yes, maybe... If you are just using the default/backbone/area0 everywhere then no you cannot do any selective route filtering at all. Every router participating in OSPF will all have the same OSPF routes in memory, it's a hardcoded rule in the protocol itself as its by definition how OSPF actually w...
by millenium7
Sun Mar 26, 2023 1:40 am
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 120
Views: 27470

Re: CubeSA 60Pro ac: 60Ghz clients flapping

I seem to have a slightly different issue, only recently have I used the newer cube60 pro radio's in a multipoint setup (all radio's are the cube60 pro's, not the cube60sa) and it seems the AP soft locks, it responds to pings but you can't log into it, winbox shows no content, no interfaces etc. and...
by millenium7
Tue Mar 14, 2023 1:54 am
Forum: General
Topic: PowerboxPro / QCA8337 - VLAN with HW offload possible?
Replies: 1
Views: 467

PowerboxPro / QCA8337 - VLAN with HW offload possible?

I have a few sites that are running a powerbox pro as a distribution switch. Fine for lower data rates <200mbit/s but they choke up and limit speeds a lot after that The standard model I use is creating a bridge, adding all the ports, enabling VLAN filtering, assigning VLAN's and port isolation/hori...
by millenium7
Mon Feb 20, 2023 1:13 pm
Forum: General
Topic: Strange issue, I believe connections are being dropped?
Replies: 1
Views: 348

Re: Strange issue, I believe connections are being dropped?

I don't think this is related to number of connections (could still be wrong though) I converted the router to not need TCP tracking and moved the NAT functionality elsewhere. Problem still exists, TCP connections are dying It's similar to some threads i've managed to come across, except adjust conn...
by millenium7
Mon Feb 20, 2023 2:21 am
Forum: General
Topic: Strange issue, I believe connections are being dropped?
Replies: 1
Views: 348

Strange issue, I believe connections are being dropped?

I'm investigating a strange issue in our network thats related to connections seemingly dropping out. I.e. downloading a large file it will just outright fail at some point This seems to predominantly affect international traffic, but that may be related to the fact it takes longer to complete One t...
by millenium7
Sun Feb 19, 2023 5:13 am
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 120
Views: 27470

Re: CubeSA 60Pro ac: 60Ghz clients flapping

We're seeing the exact same thing with all 60ghz mikrotik products. hot garbage, do not buy, return if you can. No reply what so ever from Mikrotik with issues. Rubbish, in multipoint they are a bit meh but in point-to-point setups they are AWESOME. Just cannot be beaten for anywhere close to the m...
by millenium7
Thu Feb 16, 2023 1:59 am
Forum: Wireless Networking
Topic: Cube 60Pro ac Max Distance on 60Ghz?
Replies: 20
Views: 7591

Re: Cube 60Pro ac Max Distance on 60Ghz?

Thanks for answering! I was thinking about max distance during perfect clear line of sight conditions, is it 2.4km as they promote them? I accept decrease in performance due to weather (failing over to 5Ghz). Is it still max 6-700m in 60Ghz? /Patricio The problem with the Cube's (and every 60ghz pr...
by millenium7
Mon Dec 12, 2022 10:37 am
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 120
Views: 27470

Re: CubeSA 60Pro ac: 60Ghz clients flapping

Mikrotik 60 Ghz devices are great thank you guys your Siberian fan You can't say they are great when they just flat out have problems My biggest gripe is MikroTik has done NOTHING in actually educating the community on the ins and outs of their 60ghz products, nor how to use them properly It's frus...
by millenium7
Thu Nov 03, 2022 2:59 am
Forum: Wireless Networking
Topic: CubeSA 60Pro ac: 60Ghz clients flapping
Replies: 120
Views: 27470

Re: CubeSA 60Pro ac: 60Ghz clients flapping

Can they be downgraded to ROSv6? I havn't tried the CubeSA yet, but found with other 60ghz mikrotik products that its quite stable with 6.49.6 Other things to think of... /int w60g set 0 mgmt-fix=yes Can try that on the AP, no idea if its supported with the CubeSA products. Not even entirely sure wh...
by millenium7
Fri Oct 28, 2022 12:25 pm
Forum: RouterBOARD hardware
Topic: Any current issues with CCR2xxx series? Stay with CCR1xxx?
Replies: 1
Views: 718

Any current issues with CCR2xxx series? Stay with CCR1xxx?

Havn't been following all the 2xxx series closely but am aware of widespread reboot issues especially on the 2004. And have not heard of any actual confirmation that its been completely fixed Unsure of any specifics on other models, and whether to be looking at hardware or ROSv7 specific issues (Sti...
by millenium7
Fri Oct 28, 2022 5:08 am
Forum: General
Topic: Suggestion: Quick access/port forward wizard
Replies: 0
Views: 363

Suggestion: Quick access/port forward wizard

Something we do quite often is accessing internal devices such as a switch, access point, VoIP phone etc We often don't manage a customers internal network - hence we don't have remote access agents etc. But we do manage quite a few devices such as the above, as well as their main router If we manag...
by millenium7
Mon Oct 24, 2022 3:01 pm
Forum: General
Topic: Downgraded firmware, users reset, lost sticker - how to gain access
Replies: 14
Views: 1620

Re: Downgraded firmware, users reset, lost sticker - how to gain access

Yeah I read it completely backwards. Edited my post
by millenium7
Mon Oct 24, 2022 2:38 pm
Forum: General
Topic: Downgraded firmware, users reset, lost sticker - how to gain access
Replies: 14
Views: 1620

Re: Downgraded firmware, users reset, lost sticker - how to gain access

Why did you install v7 on a v6 device? There is no advantage over the Cube. Using netinstall, with no default configuration, reset the password to blank. Wanted to try V7. However latest V7 release breaks links and misses some stability improves in the latest V6 release, hence why I went back to V6...
by millenium7
Sun Oct 23, 2022 1:51 pm
Forum: General
Topic: Downgraded firmware, users reset, lost sticker - how to gain access
Replies: 14
Views: 1620

Re: Downgraded firmware, users reset, lost sticker - how to gain access

Stickers were long since removed and thrown away That was the WORST decision you ever made! You should at least have noted down the passwords and saved them somewhere. Get used to this, it will likely be introduced in ALL models, because due to EU directive it will be forbidden to sell devices with...
by millenium7
Sun Oct 23, 2022 11:58 am
Forum: General
Topic: Downgraded firmware, users reset, lost sticker - how to gain access
Replies: 14
Views: 1620

Downgraded firmware, users reset, lost sticker - how to gain access

This is the WORST design decision mikrotik has made, flapping randomized admin password. I downgraded a couple of Cube60 radio's from ROS 7.4 to 6.49.7 and its reset the user accounts so now I cannot log in. Stickers were long since removed and thrown away How can I access these radio's now? I have ...
by millenium7
Sat Oct 01, 2022 9:45 am
Forum: General
Topic: What are missing in /export and why. Bug?
Replies: 3
Views: 874

Re: What are missing in /export and why. Bug?

Yeah its a crap design decision/issue/bug/feature from MikroTik. I would REALLY REALLY REALLY REALLY like for all user accounts including MD5/SHA hashes of passwords to be included in /export It's way too easy to replace a faulty router, load the backup config and 'forget' to change the user details...
by millenium7
Mon Sep 26, 2022 12:56 am
Forum: RouterBOARD hardware
Topic: CubeG-5ac60ad
Replies: 23
Views: 7641

Re: CubeG-5ac60ad

Can you set up the cubes as ptmp with out the Mikrotik wAP 60Gx3 AP?
Yes, but you need to buy a Level4 licence through a MikroTik account and then apply it (only on the AP)
by millenium7
Sun Sep 18, 2022 5:20 am
Forum: Wireless Networking
Topic: Cube 60Pro - Real world range/reliability/alignment
Replies: 9
Views: 4625

Re: Cube 60Pro - Real world range/reliability/alignment

Also I believe the centre sector pattern is the same as LHG60G with an 8x8 array 27,28 35,36 Are the 4 centre sector numbers.... But id like a mikrotik rep to confirm it is indeed the case All our links tend to favor sector 35 when aligned as best as possible. The beamforming appears to be more stab...
by millenium7
Sun Sep 18, 2022 5:10 am
Forum: Wireless Networking
Topic: Cube 60Pro - Real world range/reliability/alignment
Replies: 9
Views: 4625

Re: Cube 60Pro - Real world range/reliability/alignment

We've put a few up The longest is still 1.35km and I've noticed it has dropped out more frequently in moderate to heavy rain, presumably it's moved a tiny fraction but whatever the case it's a 'real world' deployment, with real equipment in real conditions. If it's slipped by 1 degree and that cause...
by millenium7
Thu Sep 15, 2022 5:54 am
Forum: Forwarding Protocols
Topic: Stuck route? bug? how to see originator
Replies: 0
Views: 1503

Stuck route? bug? how to see originator

This is on v6.47.9 Have a seemingly phantom route thats stuck in the routing table, I have absolutely no idea where its coming from It's showing 'DAbU' as the flags, with a distance of 20 and no gateway. So it's implying its originating via an eBGP peer. However I specifically have rules to block th...
by millenium7
Wed Aug 31, 2022 3:27 pm
Forum: Forwarding Protocols
Topic: ROSv7 routing filter make an accept all rule?
Replies: 1
Views: 1330

ROSv7 routing filter make an accept all rule?

I understand that the default behavior now in ROSv7 is the opposite of v6 and it will reject all routes unless a match is found Thats fine (and probably should have been the default) however........ how exactly do I flip this behavior? or rather how do I add an 'accept all' rule to the bottom of the...
by millenium7
Mon Aug 08, 2022 3:22 pm
Forum: RouterBOARD hardware
Topic: hAP ax² dual band Wi-Fi 6 (802.11ax)
Replies: 287
Views: 73045

Re: hAP ax² dual band Wi-Fi 6 (802.11ax)

The vast majority of CPE facing radios are 24v, hence perfect for PoE out on port1 which is also the internet facing interface. It's literally labelled Internet. Just yet 1 more thing to avoid confusion with customers or even techs. I don't want to change interface assignment at all if I can avoid i...
by millenium7
Mon Aug 08, 2022 11:41 am
Forum: RouterBOARD hardware
Topic: hAP ax² dual band Wi-Fi 6 (802.11ax)
Replies: 287
Views: 73045

Re: hAP ax² dual band Wi-Fi 6 (802.11ax)

In theory and on paper yes. In reality no The reality is port1 is used for internet connectivity, thats precisely why the factory default config blocks on port1, and almost everyone will use port1 for that purpose There's been plenty of times we've done an installation (or even just pre-provisioned ...
by millenium7
Mon Aug 08, 2022 7:08 am
Forum: RouterBOARD hardware
Topic: hAP ax² dual band Wi-Fi 6 (802.11ax)
Replies: 287
Views: 73045

Re: hAP ax² dual band Wi-Fi 6 (802.11ax)

I think this one pretty much nails the essentials Yes plenty of other things 'could' have been put in but I feel that Wifi6 and higher gain antenna's are by far the most important thing, and would happily sacrifice everything they have in order to make it happen at a good price point USB is nice to ...
by millenium7
Fri Aug 05, 2022 4:44 am
Forum: Wireless Networking
Topic: HotSpot: How to keep people from mooching?
Replies: 6
Views: 1082

Re: HotSpot: How to keep people from mooching?

I like the idea of passwords being printed on a receipt that change daily. Not practical in all situations though There's not really any good method. I would highly advise NOT implementing any sort of signal strength based denial process, it just will not work as intended Signal strength is affected...
by millenium7
Fri Jul 29, 2022 11:31 am
Forum: Wireless Networking
Topic: CAPSMAN - Surely there's a simpler/cleaner way?
Replies: 19
Views: 3623

Re: CAPSMAN - Surely there's a simpler/cleaner way?

anyone who praises CAPSMAN would be blown off their rocking chair. I new Mikrotik AP do not even look at the sticker. :D I connect the point, press reset for 10 seconds to switch the device into CAP mode and go to connect the next one. You just need to set up the Capsmans properly Now create 130 un...
by millenium7
Fri Jul 29, 2022 11:25 am
Forum: Wireless Networking
Topic: CAPSMAN - Surely there's a simpler/cleaner way?
Replies: 19
Views: 3623

Re: CAPSMAN - Surely there's a simpler/cleaner way?

Finally someone has found a Grandstream product that works!!! :shock: :shock: :shock: Old ones are shit New Wifi6 gear is fantastic I have zero brand loyalty, I look at individual products on their own merits. Brand loyalty does not work in technology, smart people come and go from a company (often...
by millenium7
Fri Jul 29, 2022 12:55 am
Forum: Wireless Networking
Topic: CAPSMAN - Surely there's a simpler/cleaner way?
Replies: 19
Views: 3623

Re: CAPSMAN - Surely there's a simpler/cleaner way?

Easy dont use capsman. I dont and dont regret it all. I have not lost one nanosecond of my life and when I see the gazillion of threads, with hair pulled out, teeth gnashing and the like, I just have to smile, knowing what I avoided. When deploying dozens/hundreds its great. Back in the predominant...
by millenium7
Wed Jul 27, 2022 11:18 am
Forum: Wireless Networking
Topic: CAPSMAN - Surely there's a simpler/cleaner way?
Replies: 19
Views: 3623

Re: CAPSMAN - Surely there's a simpler/cleaner way?

And when you think about it, it's logical. 2.4GHz settings are not the same as 5GHz settings. They ARE different interfaces in HW too. I think about every single other wireless controller i've used and how ridiculously illogical CAPSMAN is in its config/provisioning in comparison, its rubbish It wa...
by millenium7
Wed Jul 27, 2022 8:49 am
Forum: Wireless Networking
Topic: CAPSMAN - Surely there's a simpler/cleaner way?
Replies: 19
Views: 3623

CAPSMAN - Surely there's a simpler/cleaner way?

CAPSMAN with nothing but 2.4ghz gear, fine, easy, neat However 2.4ghz and 5ghz devices is a total mess and a pain in the ass, but maybe there's something i'm missing? (i'm hoping so) It's really simple, I just want 2.4ghz and 5ghz with the same name, but obviously subtle differences like 20mhz chann...
by millenium7
Thu Jul 21, 2022 12:43 pm
Forum: Wireless Networking
Topic: CUBE 60PRO AC
Replies: 28
Views: 4885

Re: CUBE 60PRO AC

5GHz interface is designed as backup for 0.001% of time when main 60GHz interface is unavailable. it's not designed as Access point for other wireless clients or other uses. A backup for what exactly? listening to an internet radio station? Because it isn't a backup for customer data. That would im...
by millenium7
Thu Jul 21, 2022 4:59 am
Forum: General
Topic: Force PPPOE users to use only one DNS
Replies: 5
Views: 761

Re: Force PPPOE users to use only one DNS

Can't realistically be done due to DNS over HTTPS A lot of websites are now enforcing DNS over HTTPS which effectively means it does not care what DNS servers you set. I.e. google knows valid IP addresses, if any DNS server attempted to redirect google.com to somewhere else, it denies it and instead...
by millenium7
Tue Jul 19, 2022 7:10 am
Forum: Wireless Networking
Topic: CUBE 60PRO AC
Replies: 28
Views: 4885

Re: CUBE 60PRO AC

We have a link currently doing 1.35km. It has dropped in very, very heavy rain - no idea what that is in mm/H, but think tropical thunderstorm type of rain where you can barely see more than 100m Anything less than that it has stayed up. This actually makes it slightly better than the 60ghz long ran...
by millenium7
Mon Jul 18, 2022 2:28 am
Forum: General
Topic: MikroTik Bonding interface - 1 way communication problem
Replies: 4
Views: 1151

Re: MikroTik Bonding interface - 1 way communication problem

Well, using the same pair of physical links for two bonds is really an "extremely unusual" approach (my English vocabulary lacks more appropriate expressions ;-) ) It's because MikroTik lacks the appropriate routing techniques to allow selective pathing If you know how to do it via routin...
by millenium7
Sun Jul 17, 2022 3:38 am
Forum: General
Topic: MikroTik Bonding interface - 1 way communication problem
Replies: 4
Views: 1151

Re: MikroTik Bonding interface - 1 way communication problem

The concept is to provide active/backup over 2 different radio links. 60ghz primary and 5ghz failover Currently using OSPF with BFD on the primary and regular OSPF on the secondary. This technically allows for fast failover but what I want is to treat them like a single link and suppress OSPF events...
by millenium7
Wed Jul 13, 2022 1:45 pm
Forum: Wireless Networking
Topic: My frustration with WISP
Replies: 39
Views: 4018

Re: My frustration with WISP

Seeing multiple private IP's means nothing whatsoever, it does not imply there's multiple layers of NAT going on If customers do a traceroute in our network they too will see multiple private IP's, yet the ones that have been assigned a public will not have any NAT occuring except what is set on the...
by millenium7
Wed Jul 13, 2022 9:34 am
Forum: General
Topic: MikroTik Bonding interface - 1 way communication problem
Replies: 4
Views: 1151

MikroTik Bonding interface - 1 way communication problem

Is there a way around this? I've noticed if using a Bonding interface in an active/backup setup, it is susceptible to 1 way traffic failures that will not properly failover. One router will correctly fail the active link and fall over to the backup. But the other will not and hence communication is ...
by millenium7
Tue Jul 05, 2022 11:30 am
Forum: Wireless Networking
Topic: My frustration with WISP
Replies: 39
Views: 4018

Re: My frustration with WISP

Yes it will cost you slightly On the other hand you are asking the ISP to use one of their public IP addresses (which costs money) solely for you, and potentially set up additional routing just for you, for free And since they've already told you no, now you're complaining here on this public forum ...
by millenium7
Tue Jul 05, 2022 10:07 am
Forum: Wireless Networking
Topic: My frustration with WISP
Replies: 39
Views: 4018

Re: My frustration with WISP

double NAT is not inherently a problem on its own, it depends on the protocols. Vast majority of services these days will handle it, its only when you need a direct connection to someone that it can be a problem (and in some cases VoIP/PBX etc) If you absolutely must have an open connection, VPN doe...
by millenium7
Tue Jul 05, 2022 4:44 am
Forum: Wireless Networking
Topic: My frustration with WISP
Replies: 39
Views: 4018

Re: My frustration with WISP

Have only skimmed through the thread but i'll try and lay out a simple explanation from an ISP perspective Firstly it doesn't matter that its a WISP. This is not a reason for you to not have a public IP address, however there's a lot more behind-the-scenes going on that can be a very viable explanat...
by millenium7
Thu Jun 30, 2022 5:02 am
Forum: Wireless Networking
Topic: Cube 60Pro - Real world range/reliability/alignment
Replies: 9
Views: 4625

Cube 60Pro - Real world range/reliability/alignment

Having (mostly) mastered the fine art of the LHG60G, I feel I now need to figure out the Cube60Pro's since MikroTik has very lacklustre documentation on actual real world usability First and foremost what are people actually managing to achieve with their point-to-point setups? At the moment we have...
by millenium7
Thu Jun 23, 2022 12:14 pm
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 375
Views: 261248

Re: MikroTik Devices Controller

it doesn't tell you if the existing config is correct, That would be interesting for sure. But might be difficult to implement. What is a correct config? Today one is not sure ROS will act as expected. "Toruble" shooting can take some time, as there are so many settings, and so many thing...
by millenium7
Thu Jun 23, 2022 12:55 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 375
Views: 261248

Re: MikroTik Devices Controller

Interesting idea. Actually the current experience is already quite good. Managing nearly 100 MT routers at a very remote location, can be done. Can be done yes, but could be done immensely better with a central cloud controller It's not just about number of devices either Relatively simple things l...
by millenium7
Mon Jun 20, 2022 5:41 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 375
Views: 261248

Re: MikroTik Devices Controller

Lot of this probably been mentioned already but i'll throw my 2c in - Cloud based, absolutely. Something that can just reach a known public server out-of-the-box as long as it gets an internet connection. Make it something that runs over port 443 to get through firewalls and not need ANY config depl...
by millenium7
Mon May 23, 2022 8:18 am
Forum: Scripting
Topic: flushing firewall connections on a specific interface?
Replies: 2
Views: 950

Re: flushing firewall connections on a specific interface?

yes but there are no parameters that correspond to a specific interface, nor with a route Only IP addresses are listed, meaning additional steps are required to extrapolate the required information I managed to figure it out, bit of a pain in the ass as I need to extract the information from the 'ga...
by millenium7
Mon May 23, 2022 4:18 am
Forum: Scripting
Topic: flushing firewall connections on a specific interface?
Replies: 2
Views: 950

flushing firewall connections on a specific interface?

Having some difficulty with scripting this properly I'm about to implement a failover script that uses netwatch and tests for reachability of a public IP address. If a route is unreachable it'll purge the firewall connection table The problem is this is not selective, it will purge the entire connec...
by millenium7
Mon May 09, 2022 3:04 am
Forum: Forwarding Protocols
Topic: iBGP vs Static priorities
Replies: 2
Views: 1269

Re: iBGP vs Static priorities

This is a routing engine problem. It will not replace an existing route if they are an exact match I.e. 10.0.0.0/8 will not be replaced with another 10.0.0.0/8 even if its substantially better This applies to differing route types, i.e. static and BGP, OSPF and BGP, OSPF and static etc If it's the s...
by millenium7
Thu Apr 28, 2022 2:44 pm
Forum: RouterBOARD hardware
Topic: NetPower 16p.... Rubbish PoE design. Workarounds?
Replies: 20
Views: 5131

Re: NetPower 16p.... Rubbish PoE design. Workarounds?

I mount this inside the netpower and supply with 48 volts. the output goes to 24 volt input. the 48 volts goes to 48 volt input. direct replacement for ubnt. works awesome. https://www.ebay.com/itm/110730441396?hash=item19c80c72b4:g:Wj0AAMXQigBR7Mve This is a step in the right direction but the net...
by millenium7
Wed Mar 02, 2022 6:25 am
Forum: RouterBOARD hardware
Topic: PowerBox Pro - 4 Pair Input? Full .at output?
Replies: 7
Views: 1784

Re: PowerBox Pro - 4 Pair Input? Full .at output?

I suggest get rid the 'powerbox' entirely as its a stupid product, who wants 100mbit ports just to save a tiny amount Then rename the PowerBox Pro to just 'PowerBox' Now release PowerBox Pro v2 that is actually a 'pro' model, with 24/48v switching (with a single 48-60v input on eth1, not silly dual ...
by millenium7
Fri Feb 11, 2022 9:03 am
Forum: RouterOS beta
Topic: DHCP Option 82 circuit/remote ID for server leases in v7?
Replies: 3
Views: 5384

Re: DHCP Option 82 circuit/remote ID for server leases in v7?

Perhaps you can use Docker on your Mikrotik model to run exactly a instance of a DHCP Server that supports your needs. So you do not need an extra device for this job. This requires learning how to work with docker, setting up a new DHCP server etc. It's a lot of administrative overhead as I want t...
by millenium7
Thu Feb 10, 2022 3:35 am
Forum: RouterOS beta
Topic: New User Manager in RouterOS v7
Replies: 211
Views: 90861

Re: New User Manager in RouterOS v7

I have a request: please add optional circuit ID and remote ID fields for user accounts, without needing to specify MAC address or any other options We really need DHCP option 82 functionality to authenticate guests by port/location, not by voucher code which is pointless in our case Use cases are t...
by millenium7
Tue Feb 08, 2022 8:59 am
Forum: RouterOS beta
Topic: DHCP Option 82 circuit/remote ID for server leases in v7?
Replies: 3
Views: 5384

DHCP Option 82 circuit/remote ID for server leases in v7?

This has been a huge limitation for us for a long time, being unable to do leases via DHCP Option82 parameters I saw in RouterOS v7 that User Manager has had an overhaul, i'm wondering if its now possible to somehow use this (or just the base DHCP server) to assign addresses based on either the Circ...
by millenium7
Tue Jan 25, 2022 3:35 am
Forum: General
Topic: Request: Take OSPF state changes out of 'debug' log category
Replies: 9
Views: 4107

Re: Request: Take OSPF state changes out of 'debug' log category

Bumping this up. MikroTik please implement this in the next firmware update. It should be an incredibly simple and easy thing to do, the messages are already there, just literally take the 'up' message (and all other key state changes) and assign it into the 'ospf, info' category. Very simple, 30 mi...
by millenium7
Tue Jan 25, 2022 2:29 am
Forum: Forwarding Protocols
Topic: Speed drop OSPF/MPLS/VPLS
Replies: 2
Views: 2526

Re: Speed drop OSPF/MPLS/VPLS

It may not be MTU related but to check if it is, you want to do a ping from the customer (or closest router if possible) do a 1500 byte ping with the 'do not fragment' box ticked, out to furthest possible point, end of where MPLS stops at least Then - very importantly - also do the same in reverse. ...
by millenium7
Mon Jan 24, 2022 11:10 am
Forum: General
Topic: Autosensing passive PoE?
Replies: 11
Views: 2544

Re: Autosensing passive PoE?

Nothing against passive PoE, just passive PoE 'detection' You don't need to use the 'auto' mode, just manually turn it off/on In addition passive PoE detection doesn't always work when it is supposed to either. Powering a Cambium radio from a MikroTik for example, most of the time it will not detect...
by millenium7
Mon Jan 24, 2022 8:36 am
Forum: General
Topic: Autosensing passive PoE?
Replies: 11
Views: 2544

Re: Autosensing passive PoE?

802.3af/at standard PoE detection works properly every time passive PoE detection I do not like at all and I really wish it wasn't a thing. I've had several times when i've plugged something in and passive PoE has decided to kick in and supply power. This absolutely can and likely will kill end devi...
by millenium7
Mon Jan 24, 2022 7:51 am
Forum: General
Topic: Has MikroTik changed something with SSH output?
Replies: 6
Views: 2584

Re: Has MikroTik changed something with SSH output?

This is still present in 6.49.2, config diffs are all useless as i'm just getting spammed with change notifications all the time when nothing has changed, because its logging every character as its typed (sometimes multiple times and not exactly repeated hence a change notification) How are others d...
by millenium7
Fri Dec 17, 2021 7:58 am
Forum: General
Topic: Help guides for TR069/CWMP software and setup?
Replies: 4
Views: 1848

Re: Help guides for TR069/CWMP software and setup?

Do you have links to any good resources for learning about it and the best way to set it up? i.e. tutorial series or step by step guides
What about FreeACS?
by millenium7
Thu Dec 16, 2021 9:12 am
Forum: General
Topic: Help guides for TR069/CWMP software and setup?
Replies: 4
Views: 1848

Help guides for TR069/CWMP software and setup?

This is something i've been wanting to setup and deploy in hotels and for many locations in our private network. Hotels especially as we use a mixture of vendors equipment and I really would like the ability to simply plug any vendors DSL or Ethernet ether into the wall and have it automatically con...
by millenium7
Mon Nov 29, 2021 5:06 am
Forum: General
Topic: Has MikroTik changed something with SSH output?
Replies: 6
Views: 2584

Re: Has MikroTik changed something with SSH output?

doesn't work. When adding 'e' solarwinds fails to recognize a successful login

This really needs to be fixed. Right now we're blind to config changes because its just emailing through a tonne of garbage
by millenium7
Fri Nov 19, 2021 4:54 am
Forum: Forwarding Protocols
Topic: Migrate BGP to another company address
Replies: 5
Views: 3498

Re: Migrate BGP to another company address

If you are using full tables, OSPF can't handle those, so you will want to iBGP peer those two routers to make sure that they have the same view of the global routing table. If you are only getting a default route, that probably isn't necessary. I wouldn't be advertising the BGP table across the li...
by millenium7
Fri Nov 19, 2021 4:37 am
Forum: Forwarding Protocols
Topic: Migrate BGP to another company address
Replies: 5
Views: 3498

Re: Migrate BGP to another company address

I would do this by simply advertising the /24 at both physical locations. And then have your own connection between these 2 locations and run iBGP or OSPF between the routers (you can use EoIP or any other tunnel for this in the meantime) so i.e. you have 1.2.3.0/24 advertising out both locations, b...
by millenium7
Tue Nov 16, 2021 5:23 am
Forum: General
Topic: Has MikroTik changed something with SSH output?
Replies: 6
Views: 2584

Re: Has MikroTik changed something with SSH output?

we're using +ct2000w, tried +cte2000w and it fails

I'll have to troubleshoot later
by millenium7
Tue Nov 16, 2021 4:20 am
Forum: General
Topic: Has MikroTik changed something with SSH output?
Replies: 6
Views: 2584

Re: Has MikroTik changed something with SSH output?

Yes, they have recently changed some things. What are you using to backup the config via SSH?
Solarwinds NCM

What version did MikroTik change this?
by millenium7
Tue Nov 16, 2021 3:58 am
Forum: General
Topic: Mikrotik router Hacked!!!
Replies: 140
Views: 66115

Re: Mikrotik router Hacked!!!

There are information about windows malware, that knows how to connect to MT router with default password and make a configuration changes to add it to botnet. So admin: no password to local network are not safe anymore. Well this has to be changed by MikroTik anyway, as it will be forbidden to sel...
by millenium7
Tue Nov 16, 2021 1:17 am
Forum: General
Topic: Has MikroTik changed something with SSH output?
Replies: 6
Views: 2584

Has MikroTik changed something with SSH output?

In anything since 6.44.x onwards Noticing a lot of our devices are now screwing up with config exports and the software is logging individual characters as a line / /e /ex /exp /expo /expor /export /export /export t /export te /export ter /export ters Wondering if anything at all has changed in the ...
by millenium7
Tue Nov 02, 2021 2:45 am
Forum: Wireless Networking
Topic: LHG 60G Alignment question
Replies: 1
Views: 2575

Re: LHG 60G Alignment question

The alignment information can be very misleading The best way to align these radio's is to login and type /int w60g set 0 tx-sector=36 To force it only use the middle of the grid antenna Then go into alignment mode /int w60g align 0 And finally run a UDP bandwidth test with direction=both to fully s...
by millenium7
Thu Oct 28, 2021 2:48 pm
Forum: Wireless Networking
Topic: RB4011 Wirelesss
Replies: 4
Views: 1987

Re: RB4011 Wirelesss

I've trialed the TPLink EAP620 and it's actually surprisingly really good with fantastic range. Only thing is it's physically enormous and quite off-putting. But I have to say I think I prefer its performance over a Cambium XV2 (if you don't need any of the fancy features and management). And in an ...
by millenium7
Thu Oct 28, 2021 2:25 pm
Forum: Wireless Networking
Topic: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]
Replies: 19
Views: 8841

Re: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]

This comment tells me you don't understand how MikroTik works as a company. Without specifics nothing will change. If all you want to do is share your frustration and anecdotal results with the WiFi performance, no big deal, but it doesn't really benefit anyone. What specifics do you actually want?...
by millenium7
Thu Oct 28, 2021 12:55 am
Forum: Wireless Networking
Topic: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]
Replies: 19
Views: 8841

Re: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]

Here's really the bottom line: Anyone can go out and do their own testing in their own environments But when doing those tests don't 'only' test peak bandwidth with iPerf because as anyone should know thats only part of the equation. 500mbit/s is great but not if your latency is fluctuation +/-80ms ...
by millenium7
Mon Oct 25, 2021 4:37 am
Forum: Wireless Networking
Topic: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]
Replies: 19
Views: 8841

Re: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]

Problem though is you can't test and apply exact measures with wifi because every single environment is different. The best you can do is manage relative comparisons and approximations RF environments are not like ethernet or fiber where you can go 'yep she's good to XXX metres at exactly that speed...
by millenium7
Sun Oct 24, 2021 12:05 pm
Forum: Wireless Networking
Topic: I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]
Replies: 19
Views: 8841

I'll say it again... MikroTik, your wifi is ATROCIOUS [SOLVED]

I seriously cannot believe how garbage it is. But this is not just a rant its a plea to please do something about it. You've lagged so incredibly far behind the industry that its actually insulting that you still sell wireless products (outside of your 60ghz which is quite frankly awesome if used ap...
by millenium7
Sun Oct 24, 2021 3:26 am
Forum: Forwarding Protocols
Topic: How to do OSPF with pt(m)p over a /31 tunnel? [SOLVED]
Replies: 2
Views: 4732

Re: How to do OSPF with pt(m)p over a /31 tunnel? [SOLVED]

The simple solutions (if possible) are 1) don't use /31 it has issues in mikrotik, just use /32 which you can use the same addressing anyway, or you can totally save on it and use just 1 IP address on the hub router for all neighbours 2) use point to point type, ptmp also has issues. Simply create 1...
by millenium7
Thu Oct 21, 2021 3:37 pm
Forum: Forwarding Protocols
Topic: OSPF - Is it Possible to have a Backbone Area over a regular Area?
Replies: 3
Views: 3252

Re: OSPF - Is it Possible to have a Backbone Area over a regular Area?

Just note that 'all areas must connect to the backbone' still occurs.... Even with virtual links. So if you have say Area2->Area1->Area0 then guess how Area2 and Area1 communicate? Nope you guessed wrong Area2 will tunnel traffic to Area0 then back to Area1...... ....yes OSPF design sucks and yes we...
by millenium7
Thu Oct 21, 2021 10:44 am
Forum: General
Topic: Can licence be swapped? (identical devices)
Replies: 1
Views: 665

Can licence be swapped? (identical devices)

An upgraded licence was applied to the wrong device but identical hardware
Can the licences both be exported and swapped over between the different devices?

This is for 60ghz LHG radio's, not CHR
by millenium7
Thu Oct 21, 2021 4:21 am
Forum: Forwarding Protocols
Topic: MPLS bugs, had enough
Replies: 21
Views: 10566

Re: MPLS bugs, had enough

We havnt used VPLS in a while, still get problems with MPLS with regular routing of traffic. So advertising filters have nothing to do with it I don't think you understand - by using advertise filters, you can make it so that only your VPLS traffic has MPLS labels placed on it and nothing else, so ...
by millenium7
Thu Oct 21, 2021 1:25 am
Forum: Forwarding Protocols
Topic: MPLS bugs, had enough
Replies: 21
Views: 10566

Re: MPLS bugs, had enough

We havnt used VPLS in a while, still get problems with MPLS with regular routing of traffic. So advertising filters have nothing to do with it Only problem with moving PPPoE closer vs having it aggregated at a central location, is the customer router then can't tell if there's a problem upstream. To...
by millenium7
Wed Oct 20, 2021 4:23 pm
Forum: Forwarding Protocols
Topic: MPLS bugs, had enough
Replies: 21
Views: 10566

Re: MPLS bugs, had enough

I assume you guys have also limited mapping with the mpls advertise filter? I tend to bring up the hello timers, because by default they do not match. Between the mpls advertise filters and timers match, I have eliminated losing mpls sites in my system. I may not be as big a fish as some of you, bu...
by millenium7
Mon Oct 18, 2021 9:15 am
Forum: Forwarding Protocols
Topic: MPLS bugs, had enough
Replies: 21
Views: 10566

MPLS bugs, had enough

Here's my last ditch effort to see if anyone has a surefire 100% effective method for making MPLS 'just work' with MikroTik - otherwise i'm ripping it entirely out of our network 99.9% of the time it seems to work perfect, but that 0.1% is just too painful. A link somewhere in our network may go dow...
by millenium7
Mon Oct 11, 2021 8:30 am
Forum: Wireless Networking
Topic: What algorithm of alignment the 60 Ghz devices is right?
Replies: 14
Views: 5140

Re: What algorithm of alignment the 60 Ghz devices is right?

MikroTik really needs to clarify further with the 60ghz products. They are actually REALLY good but it took us a long time to finally figure out how to actually use them properly First and foremost, the alignment according to direction is COMPLETELY wrong, its totally useless with 1 exception*** You...
by millenium7
Wed Oct 06, 2021 12:46 pm
Forum: RouterBOARD hardware
Topic: CCR1036-8G-2S+ - SFP+ port stops transmitting data?
Replies: 31
Views: 18371

Re: CCR1036-8G-2S+ - SFP+ port stops transmitting data?

That's not good to hear it still occurs...... I havn't touched the network topology and been considering changing it all back to how it logically should be, but if this is still happening today then no chance..... this is hugely service impacting Think I lost 5 years of my life last time, not game t...
by millenium7
Thu Sep 30, 2021 1:22 pm
Forum: General
Topic: Routing a Block of Public IP Addresses to Other Mikrotik [SOLVED]
Replies: 15
Views: 11667

Re: Routing a Block of Public IP Addresses to Other Mikrotik [SOLVED]

If its not working then consider traffic in 'both' directions It's very simple to create a new 'bridge' with no ports assigned to it (thats the closest thing to a 'loopback' interface in the MikroTik world) and then just put a single IP address from that range on there as a /32 Then check your routi...
by millenium7
Thu Sep 30, 2021 9:09 am
Forum: RouterBOARD hardware
Topic: new AP - cAP XL ac - spotted on fcc site
Replies: 19
Views: 10527

Re: new AP - cAP XL ac - spotted on fcc site

Be realistic, we are in the midst of a global chip shortage with lead times from Qualcomm on some WiFi products at 60 weeks.. MikroTik has the ability to jump the queue, often that involves paying more MikroTik needs to learn how to you know.... charge money for their products.... It's good that mo...
by millenium7
Mon Sep 27, 2021 12:52 pm
Forum: General
Topic: RB4011 Slow Inter-VLAN Routing
Replies: 24
Views: 3393

Re: RB4011 Slow Inter-VLAN Routing

My switch is a CSS326-24G-2S+-RM, no routing in it. It has a single 10G trunk to the RB4011 with all the VLANs on it. Traffic staying on the same VLAN won't be going through the router, its staying on that switch. Ergo if your performance is slow within the same VLAN, the router (and thus firewall ...
by millenium7
Mon Sep 27, 2021 3:03 am
Forum: General
Topic: RB4011 Slow Inter-VLAN Routing
Replies: 24
Views: 3393

Re: RB4011 Slow Inter-VLAN Routing

I get the same speed if I stay on the same VLAN or go between them in file transfers. Surprised no ones picked up on this yet In order for you to go to the same VLAN, this means you either have a switch behind one of your ports, or if both devices were connected to the RB4011 you'd need a bridge se...
by millenium7
Wed Sep 15, 2021 7:19 am
Forum: Forwarding Protocols
Topic: OSPF Out Filter
Replies: 6
Views: 5444

Re: OSPF Out Filter

OSPF has many frustrating issues, this is one of them. All routers in an area need to agree on the routing table, this means you can't filter rules to another router in the same area. The rule is there for a reason but unfortunately it's just not suitable in many modern dynamically expanding network...
by millenium7
Mon Sep 13, 2021 1:51 pm
Forum: Forwarding Protocols
Topic: MPLS - Fast reroute. When?
Replies: 24
Views: 15797

Re: MPLS - Fast reroute. When?

Whilst we wait, how are others dealing with quick fail-over? Poorly In our case its a routed network between almost all links. And on the ones with multiple links thats where we use BFD (as BFD is buggy on mikrotik and not entirely reliable) However this still isn't great because its only a hop-to-...
by millenium7
Mon Sep 13, 2021 1:35 pm
Forum: Forwarding Protocols
Topic: /30 with OSPF Network
Replies: 4
Views: 3283

Re: /30 with OSPF Network

Are you assigning /30 to customers because you want to give them 4 public IP addresses? Or because you want to assign them just 1 public IP address and you are using the other 3 as network/broadcast/gateway addresses? i.e. wasting 3 Because if you are doing the latter, you don't need to. You are jus...
by millenium7
Mon Sep 13, 2021 5:27 am
Forum: Forwarding Protocols
Topic: /30 with OSPF Network
Replies: 4
Views: 3283

Re: /30 with OSPF Network

If I understand correctly, you want to assign both a private IP i.e. 10.0.0.6, as well as additional IP addresses? You can assign additional IP's with additional RADIUS options. It depends if your system supports this or not (Splynx for instance does, you can assign as many IP addresses to a single ...
by millenium7
Mon Sep 13, 2021 4:27 am
Forum: RouterBOARD hardware
Topic: NetPower 16p.... Rubbish PoE design. Workarounds?
Replies: 20
Views: 5131

Re: NetPower 16p.... Rubbish PoE design. Workarounds?

Don't need to run all 16 ports no. I'm fully aware of current limitations However current design is stupid. Ideally this device should support DC jack input as well as PoE-In with voltage switching Since it doesn't do the latter, it should at least have 24v-in on Ether1 and 48v-in on Ether2 (ideally...
by millenium7
Mon Sep 13, 2021 2:35 am
Forum: RouterBOARD hardware
Topic: NetPower 16p.... Rubbish PoE design. Workarounds?
Replies: 20
Views: 5131

NetPower 16p.... Rubbish PoE design. Workarounds?

I can't actually wrap my head around the design philosophy of this design, it just seems so incredibly......... rubbish.... many known issues such as non isolated ground, no 24/48v switching capability etc Nevertheless we have some in stock and are trying to find a use for them. The main issue is th...
by millenium7
Sat Sep 04, 2021 2:01 am
Forum: Scripting
Topic: RouterOS SNMP Get [SOLVED]
Replies: 19
Views: 16365

Re: RouterOS SNMP Get [SOLVED]

Outputting to file is still not a great method, it's slow (will likely slow the router down while it waits) and going to wear out the flash memory very quickly when writing often. So it's not suitable for i.e. radio link monitoring every 5 seconds I just don't understand it, it makes me think MikroT...
by millenium7
Thu Sep 02, 2021 3:07 am
Forum: Forwarding Protocols
Topic: Customer and ISP failover not working as expected
Replies: 2
Views: 2952

Re: Customer and ISP failover not working as expected

Seemingly the same problem was reported 4 years ago https://forum.mikrotik.com/viewtopic.php?t=119493 MikroTik please implement a feature (even if just in CLI) to override this behavior. It's not like this is a super niche scenario. Having a static route as a backup with OSPF internally is exceeding...
by millenium7
Tue Aug 31, 2021 11:25 am
Forum: Wireless Networking
Topic: Low throughput with 3x Audience
Replies: 37
Views: 8866

Re: Low throughput with 3x Audience

MikroTik wireless performance in general is garbage. It really hasn't improved much at all for years, and has been left in the dust by even very cheap off-the-shelf alternatives Audience is like buying a Ferrari but the handbrake is permanently on. Fantastic hardware but its so incredibly let down b...
by millenium7
Tue Aug 31, 2021 5:44 am
Forum: Forwarding Protocols
Topic: Customer and ISP failover not working as expected
Replies: 2
Views: 2952

Re: Customer and ISP failover not working as expected

I've just labbed this and it still happens In essence it's a problem with OSPF. If the source of the route is redistributed (i.e. an external route) then it will not install in the routing table if a route already exists I've tested this with Static, BGP and other OSPF instance routes. If redistribu...
by millenium7
Mon Aug 30, 2021 12:19 pm
Forum: Forwarding Protocols
Topic: Customer and ISP failover not working as expected
Replies: 2
Views: 2952

Customer and ISP failover not working as expected

https://i.ibb.co/FKXYQZm/image.png This basic diagram illustrates whats going on. We provide internet for a customer that has 2 sites, those sites are linked and by default both will use the much faster and more reliable primary link. This works perfectly fine Customer routers have OSPF between the...
by millenium7
Mon Aug 30, 2021 5:04 am
Forum: RouterOS beta
Topic: v7.1rc1 reasonable for production for my usecase?
Replies: 15
Views: 3355

Re: v7.1rc1 reasonable for production for my usecase?

It is completely inadequate, and devoid of any logic, to use "rc" software in production. But it's even worse to use a version (any) that just came out two days ago for something to put into production. Really absurd. (And it goes for anything, not just RouterOS) This sort of broad sweepi...
by millenium7
Tue Aug 24, 2021 2:52 pm
Forum: General
Topic: Urgently need help with strange forwarding issue
Replies: 6
Views: 1122

Re: Urgently need help with strange forwarding issue

Sorry yes I see now how it's confusing. 'Customer' in this instance is the company to which we provide the primary ISP service. But we still manage the entire Infrastructure In much the same way an ISP would sell to a business with its main router, yet also manages the internal equipment i.e. switch...
by millenium7
Tue Aug 24, 2021 2:24 pm
Forum: General
Topic: Urgently need help with strange forwarding issue
Replies: 6
Views: 1122

Re: Urgently need help with strange forwarding issue

I'll draw up a diagram tomorrow that explains better But no, the DSLAM exists between all customers and the RB3011. The 3011 is the 'internet gateway's or essentially just 'the router' in most organisations and the DSLAM is the switch. All VDSL routers behind it are acting as their own router (so do...
by millenium7
Tue Aug 24, 2021 5:30 am
Forum: General
Topic: Urgently need help with strange forwarding issue
Replies: 6
Views: 1122

Urgently need help with strange forwarding issue

We've got an issue popping up thats causing a lot of grief and is seemingly unsolvable We've got VDSL2 modems connected to a DSLAM, and the DSLAM connects to a RB3011 (have also used a HEX) This is a common setup where nothing is different across almost a hundred DSLAM's that we've installed, there ...
by millenium7
Thu Jul 15, 2021 11:47 am
Forum: Forwarding Protocols
Topic: ospf nbma
Replies: 6
Views: 4901

Re: ospf nbma

It depends how OSPF is configured since you can set the dead timer. This just means if the hello packets havn't been received, the neighbor is considered down It could be that 99.99% of traffic gets through just fine but it just so happens to be that the 0.01% were OSPF hello packets, lose enough in...
by millenium7
Wed Jul 14, 2021 6:26 am
Forum: Forwarding Protocols
Topic: OSPF second area
Replies: 2
Views: 3664

Re: OSPF second area

What you are posting violates the operational rules of OSPF and will not work properly OSPF requires all area's to directly connect to the backbone/Area0 In your example, area 20 is not connected to area 0 You can bend this rule with 'virtual links' to form a tunnel between area0 and area20, however...
by millenium7
Wed Jul 14, 2021 6:15 am
Forum: Forwarding Protocols
Topic: ospf nbma
Replies: 6
Views: 4901

Re: ospf nbma

If you are losing OSPF adjacency its because you are losing packets, there is a link problem. You mention this is happening during weather well......... theres ur answer. Wireless link is not able to handle the weather conditions Essentially you either improve the wireless links themselves (ensuring...
by millenium7
Thu Jul 01, 2021 2:42 am
Forum: RouterOS beta
Topic: v7 launch date
Replies: 156
Views: 52181

Re: v7 launch date

And Ubiquiti, for exalmple, has AirFiber 60-LR with 2Gbp/s link but only 1Gbp/s Copper ethernet... This is actually a good thing for the most part. You ideally want your air transmission rate to be higher than your actual ethernet throughput rate to allow for a more consistent experience when the c...
by millenium7
Fri Jun 11, 2021 8:33 am
Forum: General
Topic: Multiple RADIUS servers
Replies: 8
Views: 4485

Re: Multiple RADIUS servers

You can add various RAID server, but only one can be used for each service. The single services supported are: dhcp dot1x hotspot ipsec login ppp wireless Thank you, It would be nice if I can authenticate user@domain.one against domain.one RADIUS server, user@domain.two against domain.two RADIUS se...
by millenium7
Fri Apr 23, 2021 4:51 am
Forum: Forwarding Protocols
Topic: script to change ospf cost based on wireless modulation?
Replies: 2
Views: 2640

Re: script to change ospf cost based on wireless modulation?

Changing OSPF link cost will drop the adjacency, keep that in mind. It is not a dynamic process without interruption TX-Rate is also not a suitable metric, you'd want to build a script that uses RSSI, SNR and link quality. TX rate is just that, TX rate. Doesn't mean anything about actual effective r...
by millenium7
Mon Apr 19, 2021 7:37 am
Forum: General
Topic: New hack/bug? User accounts wiped
Replies: 7
Views: 2006

Re: New hack/bug? User accounts wiped

Router has a pretty standard config. It's denied access unless from a trusted address list Enabled services are api/api-ssl/ssh/winbox If this is a hack then its at a level lower than RouterOS. It's either that, or the flash memory is corrupt Noticed now that the router is failing on backups, it can...
by millenium7
Sat Apr 17, 2021 1:21 pm
Forum: General
Topic: Request: Take OSPF state changes out of 'debug' log category
Replies: 9
Views: 4107

Re: Request: Take OSPF state changes out of 'debug' log category

I should make a follow up post, hence I am I've had to disable this script across out entire network. There's a bug somewhere and I can't find out what it is. For the most part this script works just fine, however occasionally for some reason the script just keeps on firing and reporting an 'up' sta...
by millenium7
Fri Apr 16, 2021 4:28 am
Forum: General
Topic: New hack/bug? User accounts wiped
Replies: 7
Views: 2006

Re: New hack/bug? User accounts wiped

RouterOS version is 6.44.6, device is a CCR1036-8G-2S+ I think 6.44.x was vulnerable, so I don't think this is a new'ish hack. Here is a post about it. I updated to 6.47.x a while back to play it safe. just checked, SMB was not enabled (and shouldn't be enabled anywhere in our network. regular comp...
by millenium7
Fri Apr 16, 2021 2:45 am
Forum: General
Topic: New hack/bug? User accounts wiped
Replies: 7
Views: 2006

Re: New hack/bug? User accounts wiped

What is strange is a professional IT person not keeping their exposed to the net equipment up to date on firmware. I do get the fact that IT folks have become extremely lazy compared to olden days now that most apps like virus programs auto udpate files but even still there are major upgrades that ...
by millenium7
Fri Apr 16, 2021 1:23 am
Forum: General
Topic: New hack/bug? User accounts wiped
Replies: 7
Views: 2006

New hack/bug? User accounts wiped

This is a strange one Approx midnight last night one of our routers became unreachable by monitoring software I discovered I could log into it with admin/*blank* and there were no user accounts other than this admin one saying default In addition, AAA/radius was turned off (though the entry in RADIU...
by millenium7
Wed Mar 31, 2021 3:54 am
Forum: General
Topic: Enable port 80 in lan
Replies: 3
Views: 3598

Re: Enable port 80 in lan

Need further clarification I'm guessing that you are running your own website on a server thats in the LAN? is that correct? And so your existing firewall rule would just be a port forward i.e. /ip firewall nat chain=dstnet in-interface=WAN protocol=tcp dst-port=80 action=dst-nat to-addresses=[SERVE...
by millenium7
Wed Mar 31, 2021 3:36 am
Forum: General
Topic: Three Subnets in one ethernet interface [SOLVED]
Replies: 9
Views: 5068

Re: Three Subnets in one ethernet interface [SOLVED]

We run something like a dozen subnets on our office LAN. It's totally legal and a very valid reason for doing so The major use case for us is we deal with a lot of vendors equipment, all that equipment is usually setup for various static IP addresses out-of-the-box or we configure it to go into anot...
by millenium7
Mon Mar 29, 2021 5:22 am
Forum: Forwarding Protocols
Topic: OSPF with redundant Routers
Replies: 3
Views: 2461

Re: OSPF with redundant Routers

PTMP has issues on MikroTik

I'd suggest you create a separate VLAN interface for every router to router link over wireless and then use point-to-point type. You'll have far less issues
by millenium7
Wed Mar 24, 2021 8:57 am
Forum: The Dude
Topic: OSPF state as link status?
Replies: 0
Views: 6107

OSPF state as link status?

I've never really used The Dude as my bigger priority has been a whole lot of custom work for historical monitoring which is why I mostly use NetXMS However I thought i'd install The Dude to function as a link status monitor that I can put up on a TV The one thing I want to monitor are all the links...
by millenium7
Mon Mar 22, 2021 1:59 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 205126

Re: LHG 60G experience

This is of course not LHG 60G limited, I'm generally interested in any 60GHz experience. Sure I know crappy plastic LHG is something different to professional grade all-metal antennas/devices etc. but Im interested in any experience Actually it is specifically a problem with the MikroTik 60ghz. The...
by millenium7
Sun Mar 21, 2021 1:44 am
Forum: Forwarding Protocols
Topic: Selective routing with failover in MikroTik - How?
Replies: 8
Views: 4294

Re: Selective routing with failover in MikroTik - How?

Thanks, I read through it. If I understand correctly, you are manipulating the traffic direction for a destination subnet. This seems like it could work if a client is given 2 IP addresses, 1 is used for regular data, the other is used for voice traffic This way you can influence voice to use the le...
by millenium7
Sat Mar 20, 2021 8:32 am
Forum: Wireless Networking
Topic: ETA on a long range 60ghz product?
Replies: 9
Views: 2924

Re: ETA on a long range 60ghz product?

Higher channels would help, but the +3db output is not a solid argument The dishes are already tiny, just make them bigger, much much bigger I would install a 60ghz dish thats 1.5m across if it allowed for significantly improved range in the 6km+ region (reliably in rain, not just on-paper in space)...
by millenium7
Thu Mar 18, 2021 12:03 am
Forum: General
Topic: Feature requests
Replies: 1792
Views: 677366

Re: Feature requests

I don't like OSPF for wireless networks, it really isn't a very good protocol for it at all, EIGRP definitely would be better suited but i've had this discussion before but it seemed to fall on deaf ears The next best thing (and I actually agree for more widespread use, not just wireless networks) i...
by millenium7
Wed Mar 17, 2021 11:34 pm
Forum: General
Topic: Hot to handle VOIP on multiple WANs/backup
Replies: 21
Views: 4271

Re: Hot to handle VOIP on multiple WANs/backup

So if what you described is what the RB4011 does, it would be a quite strange thing to do for a router. I would like to be corrected if someone knows for sure, but I believe it is expected behavior if using nothing more than a masquerade rule. But doesn't happen with src-nat rules, the problem is s...
by millenium7
Wed Mar 17, 2021 3:00 am
Forum: General
Topic: Feature requests
Replies: 1792
Views: 677366

Re: Feature requests

I agree, but although it would be possible to do all kinds of custom scripting for this it would be even more welcome when there would be some standard facility to automatically use link quality metrics in routing protocols. I.e. a worse link can get a lower preference so it is not completely disab...
  • 1
  • 2