Community discussions

MikroTik App

How happy are you

Poll ended at Fri Oct 05, 2012 5:33 am

Thrilled - better than I imagined
17 (40%)
Happy - Works fine
15 (36%)
Neutral - Same as the rest of the pack
3 (7%)
Unhappy - Frustrating
5 (12%)
Regretting - Should never have spend the money
2 (5%)
 
Total votes: 42
 
User avatar
ocgltd
Member Candidate
Member Candidate
Topic Author
Posts: 112
Joined: Sun Sep 02, 2012 12:53 am
Location: Ontario, Canada

Happy with your purchase?

Wed Sep 05, 2012 5:31 am

I'm new to Mikrotik, just bought a couple of RB to play with thinking I could start to deploy these at clients. My first week with the RB has been rough...including:

- Discover OpenVPN is over TCP only (not practical)
- Discover PPTP/IPSec rules/design is a mess (i set this up easily on Linux...). After 20 hours I still can't get this working...
- Found little to no mikrotik support on forums
- Lots of 1/2/3 year old postings gone unanswered.
- No bug list/tracker to know what's outstanding and when it will be fixed

Before I recommend more of these (or invest a lot more time learning MT), I'm curious about the experience of others!? Is just the PPP/IPSEC portion problematic? Are the MT's more of a router only (not a VPN endpoint) or access point? Regrets?

I couldn't find a good forum for this..so "general" seemed right :) Look for honest experience (not fan boy stuff), not trolling either
 
andriys
Forum Guru
Forum Guru
Posts: 1543
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: Happy with your purchase?

Wed Sep 05, 2012 3:00 pm

Mikrotik products are awesome, especially taking into account how little they cost. Just take into account, that RouterOS (as everything around here) has its limitations.

Great router. As to the VPN endpoint role, IPsec works fine for L2L. It's useless for road-warrior configurations, however. I use OpenVPN as a road-warrior solution, but I need it for a secure management access only, so I'm happy with TCP.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26918
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: Happy with your purchase?

Wed Sep 05, 2012 3:21 pm

. It's useless for road-warrior configurations
could you clarify why you think so ?
 
andriys
Forum Guru
Forum Guru
Posts: 1543
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: Happy with your purchase?

Wed Sep 05, 2012 3:48 pm

. It's useless for road-warrior configurations
could you clarify why you think so ?
Sure I can. I have actually already done so here and here.

In general:
- No split-tunnel (split-routing) support.
- No split-DNS support.

IPsec specific:
- No ModeCfg support.
- No XAuth support.
- No hybrid authentication support (no so critical).
- It is not possible to distinguish between encrypted and unencrypted traffic in FW rules (which is required to make dynamic policy generation secure).
 
rjickity
Member Candidate
Member Candidate
Posts: 212
Joined: Sat Jul 17, 2010 10:40 am
Location: Perth, Australia

Re: Happy with your purchase?

Wed Sep 05, 2012 3:55 pm

I have been 'playing around' with mikrotik for a few years, mainly at home. In this time it sparked enough curiosity topursue it more.

In the past year and a bit i have taken them more seriously and spent alot of time learning them more and have started deploying them in alot of my customer sites.

My opinions/discoveries so far:

1. Excellent value - there's nothing at their pricepoint that has the capabilities these RB's have

2. Poor Communication - Bugs and Changelogs aren't communicated well, Mikrotik have a great community presence but are selectively quiet sometimes :)

3. Somewhat complex config - This isn't really a bad thing, but it does ward off alot of potential customers for mikrotik

Usage Observations:

1. RB as a appliance - The firewall is extremely powerful and i have used it in many loadbalancing projects successfully.

2. RB as a business access point - Deployed in many small businesses, again the best value vs. capabilities but unfortunately looses
out in large corporate for smarter AP's that operate in a lightweight configuration or have

3. RB as a firewall - great, works well but for some may be a steep learning curve. If you're coming from IPTables this most likely wont be the case

4. RB User interface (Winbox and Webfig) - Feedback from my peers is that its not that good for people coming in from most other Router or Firewall vendors, this hasn't bothered me and i actually like winbox quite alot now.

5. RB for VPN - Fairly average, IPSec unfortunately doesn't play well with other vendor devices and is slightly odd to configure the first few times around. Some odd irregularities have come up (like a roadwarrior setup that decides to lose its SA's) that have pushed me to other vendors for some projects.

6. RB for QoS - I'm still undecided on this one, from what i read it is extremely powerful and i have set it up a few times. I'm not really sold on it 100% yet but i hope that it is just due to my understanding.

7. RB for SMB/SoHo - I see Mikrotik aiming alot for this space but there are a few things holding them back from what i can see. One is the lack of DSL modems, bridging works well but means another device for the end user. WiFi doesn't seem to hold up to media rich applications as well as other vendors, it may have only been the RB751 models i used but still none the less was a roadblock. They will also need to pay attention to VoIP a bit more to be successful in this space also.

8. RB for Wireless (PtP-PtMP)- I believe this is almost where Mikrotik started, I have not had the chance to really use all of its potential here but there are many on the forums who have created businesses out of Mikrotik so i'm sure it is a great product.

9. RB for Switching - I saw potential with this to get a share of the market that would have a use for a cheap smart switch however this has seemingly died all together. SwOS has a terribly basic featureset, there's alot of potential here but they'd need to provide much higher density models, PoE and a revised OS before I could put them out in the wild.

All in all i like them very much and i've decided to get some of their certifications :)
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7188
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Happy with your purchase?

Wed Sep 05, 2012 4:12 pm

. It's useless for road-warrior configurations
could you clarify why you think so ?
Sure I can. I have actually already done so here and here.

In general:
- No split-tunnel (split-routing) support.
- No split-DNS support.

IPsec specific:
- No ModeCfg support.
- No XAuth support.
- No hybrid authentication support (no so critical).
- It is not possible to distinguish between encrypted and unencrypted traffic in FW rules (which is required to make dynamic policy generation secure).
We can consider adding ModeCFG and Xauth in the future versions.

As I understand split routing is simple policy routing setup un the client the same goes for spit DNS.
I don't see any problems configuring so called "split-tunnel" if client is routeros.
 
andriys
Forum Guru
Forum Guru
Posts: 1543
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: Happy with your purchase?

Wed Sep 05, 2012 4:26 pm

We can consider adding ModeCFG and Xauth in the future versions.
Thanks in advance.
As I understand split routing is simple policy routing setup un the client the same goes for spit DNS.
Not 'policy routing', just ordinary (destination based) routing- server (VPN concentrator) tells client what prefixes should be routed through the tunnel. Same goes for split-DNS. And it is reqlly easy, the only thing RouterOS should support as a server is ModeCfg- everything else will be done by a compliant client (ShrewSoft VPN client, vpnc, Cisco VPN client just to name a few).
I don't see any problems configuring so called "split-tunnel" if client is routeros.
We are talking about road-warrior, right? So the clients are ordinary laptops, mostly. :)
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7188
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Happy with your purchase?

Wed Sep 05, 2012 4:51 pm

It can be done on regular windows client.

By disabling in VPN interface settin "use default gateway on remote network"
add switch to use satic DNS server.


But yes, Mode-CFG would help to do that automatically without any additional client input (if I understood it correctly).
 
andriys
Forum Guru
Forum Guru
Posts: 1543
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: Happy with your purchase?

Wed Sep 05, 2012 5:22 pm

It can be done on regular windows client.

By disabling in VPN interface settin "use default gateway on remote network"
Not quite. I have a couple of devices of different vendors nearby, with road-warrior VPN configured. When client connects to one of these devices, it receives a list of prefixes, say 192.168.10.0/22, 172.16.1.0/24, 172.20.1.0/27, ... and all and only these prefixes are routed through the tunnel. And these prefixes have no relation to the IP range the client gets its inner VPN tunnel IP address from.
add switch to use satic DNS server.
Again, I need not only the DNS server address, but also a list of domain name suffixes, that should be resolved using these DNS server.
But yes, Mode-CFG would help to do that automatically without any additional client input (if I understood it correctly).
Yes, you understand it correctly. Zero configuration on the client side.
 
hel
Member Candidate
Member Candidate
Posts: 199
Joined: Sun Jun 12, 2011 6:31 am

Re: Happy with your purchase?

Wed Sep 05, 2012 5:39 pm

I bought rb1100 mostly for QoS setup and clients bandwidth limitations, but now I feel that I've been fooled by the advertisements, tiktube's presentations and posts on forums. This is only feature (QoS), that I missed in mikrotik. It's present maybe, but from what I know - it is very-very bad or even not working. The rest is working fine.

PS: Running torrents at 6144kbytes/sec (full internet speed) with QoS disabled and QoS enabled - absolutely no difference in google news page load time (~10 seconds). Without torrents it loads in 2 seconds.

So, I'm unhappy with the purchase.
 
User avatar
karina
Member
Member
Posts: 462
Joined: Sat Feb 06, 2010 2:18 am
Location: Spain

Re: Happy with your purchase?

Wed Sep 05, 2012 11:39 pm

Not a fair comment. Ros is very powerfull but only as clever as you make it. I challenge you to find better for similar money

routing just a little bit of the world
 
gsloop
Member Candidate
Member Candidate
Posts: 213
Joined: Wed Jan 04, 2012 11:34 pm
Contact:

Re: Happy with your purchase?

Thu Sep 06, 2012 12:51 am

- It is not possible to distinguish between encrypted and unencrypted traffic in FW rules (which is required to make dynamic policy generation secure)
i.e. IPsec policy matching.

Add my voice to this. _Loudly_ too!

While it's been an endless complaint, UDP on OpenVPN is a big deal. Always will be.

It will be an even bigger deal without IPSec policy matching to secure L2TP or IPSec for RW connect.
It will also be a bigger deal until SSTP is stable on a current version. Reports are of SSTP being unstable for months now.

So, that leaves OpenVPN as the only really viable Road-warrior VPN - and it's half-baked. No LZO compression and no UDP support.
Certificate revocation lists aren't there yet either. [Though that's promised, vs UDP/LZO - but there's no idea of when.]

It's like every single VPN in RoS has is like 80% complete, and if you'd just finish IPSec, and OpenVPN off, we'd largely quit bitching and be really pretty happy. But when really *basic* stuff like mentioned above is unfinished, then it's pretty hard to say that RoS has an even marginally competitive VPN environment.

-Greg
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 2182
Joined: Mon Jan 14, 2008 1:53 pm
Location: Over the Rainbow
Contact:

Re: Happy with your purchase?

Thu Sep 06, 2012 7:30 am

In general:
- No split-tunnel (split-routing) support.
- No split-DNS support.

IPsec specific:
- No ModeCfg support.
- No XAuth support.
- No hybrid authentication support (no so critical).
- It is not possible to distinguish between encrypted and unencrypted traffic in FW rules (which is required to make dynamic policy generation secure).
+1

There are two things preventing us from selling more Mikrotik

- No xDSL interfaces
- Very basic IPSEC implementation. We need ModeCfg, xAuth, Split tunnelling, Virtual Tunnel Interfaces(VTI) and Next Hop Tunnel Binding(NHTB).

The lack of these features limit the Mikrotik's usefulness to deploy to Remote Branch Offices. With Mikrotik we need to deploy both a RouterBoard + a xDSL modem, and then we cant do IPSEC mesh networks with OSPF due to the lack of VTI and NHTB.
It also stops us from deploying them as access concentrators for road warriors due to the lack of xAuth and ModeCfg.

Because of the lack of these features we still sell a large number of Cisco and Fortigate devices. We would happily pay USD $300-400 for a RouterBoard that could be wall mounted, had a rack mount kit and could take ADSL2/VDSL2/SHDSL interfaces and had the above IPSEC features with crypto acceleration. Hell if it had 8 ports with 802.3af and the above features they would be a killer product for the enterprise market.

Even if there was a Enterprise IPSEC "feature licence" we would pay for it.
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1770
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Re: Happy with your purchase?

Thu Sep 06, 2012 8:53 am

I bought rb1100 mostly for QoS setup and clients bandwidth limitations, but now I feel that I've been fooled by the advertisements, tiktube's presentations and posts on forums. This is only feature (QoS), that I missed in mikrotik. It's present maybe, but from what I know - it is very-very bad or even not working. The rest is working fine.

PS: Running torrents at 6144kbytes/sec (full internet speed) with QoS disabled and QoS enabled - absolutely no difference in google news page load time (~10 seconds). Without torrents it loads in 2 seconds.

So, I'm unhappy with the purchase.

Most likely you simply don't know how to do it. Make a separate topic in the forum - paste "/queue export compact" into post and also describe your desired setup (make sure you have v5.20)
 
kgninfos
Member
Member
Posts: 387
Joined: Thu Jun 21, 2012 7:34 pm
Location: Earth
Contact:

Re: Happy with your purchase?

Thu Sep 06, 2012 9:55 am

Check this
http://forum.mikrotik.com/viewtopic.php?f=7&t=65245

No help from Support Staff
No reply to support Mails

and no help from Distributor Also

That is why i regret on purchase of mikrotik product
 
burkni
newbie
Posts: 29
Joined: Tue Mar 29, 2011 1:55 pm

Re: Happy with your purchase?

Thu Sep 06, 2012 12:45 pm

I've got several RB750G and I'm happy with my purchase. I've had some problems with IPsec tunnel to Cisco when connected straight to ethernet on WAN port, see here:http://forum.mikrotik.com/viewtopic.php?f=2&t=64908
But I've had help on the forum so that's great. I'm still working on this problem, at the moment I have a script that restarts the router early every morning and I'm going to see how and if that has any effect on the problem.

What I've seen though is that there are a lot of zero reply threads. Too many in my opinion. What I think would be good is using same method they use at LinuxQuestions.org. Every know and then they have a "campaign" to eliminate zero reply threads. Not saying they really eliminate the threads but this works really well to cut id down. When this "campaign" is on they encourage members to take a look at the zero reply threads and see if they can help with the question asked. I've done it here, I take a look at zero reply threads and if I think I can be of any help I answer.
So, what do you say? Anyone up for a combat against zero reply threads? :)
 
djdrastic
Member
Member
Posts: 368
Joined: Wed Aug 01, 2012 2:14 pm

Re: Happy with your purchase?

Thu Sep 06, 2012 11:46 pm

A lot of those zero reply threads are down to poorly worded questions , very customized and difficult to troubleshoot configuration or complete lack of detail regarding a technical problem.LQ like zero-thread eliminators might help to kill those dead threads.

@ocgltd . I find it great as a router/traffic shaper and since most of my boxes I used to do this were all linux based the general configuration makes sense to me.I'm with you on the vpn/roadwarrior side though.UDP less openvpn and wonky ipsec have made these boards non starters for me when doing this.

Forwarding protocol support is also pretty strong , and from my experience works pretty reliably.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26918
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia
Contact:

Re: Happy with your purchase?

Fri Sep 07, 2012 8:40 am

Check this
http://forum.mikrotik.com/viewtopic.php?f=7&t=65245

No help from Support Staff
No reply to support Mails

and no help from Distributor Also

That is why i regret on purchase of mikrotik product
Your signal is bad, and you are running a very old RouterOS version. Also in the forum you got many answers which recommend you to align antenna and improve signal. Please do these things before complaining.
 
kgninfos
Member
Member
Posts: 387
Joined: Thu Jun 21, 2012 7:34 pm
Location: Earth
Contact:

Re: Happy with your purchase?

Fri Sep 07, 2012 2:27 pm

i already have upgraded the ROS version to 5.20
and also aligned the antenna to be best possible
still disconnection now when i configured it in bridge + station mode i am getting disconnection with new error message(Screenshot attached check the signal and the wireless disconnection log)

i have seen people running links over -80db signal and also the bandwidth test is showing 11Mbps/11Mbps average
if signal is the issue how i am getting the bandwidth??
You do not have the required permissions to view the files attached to this post.
 
uldis
MikroTik Support
MikroTik Support
Posts: 3446
Joined: Mon May 31, 2004 2:55 pm

Re: Happy with your purchase?

Fri Sep 07, 2012 2:49 pm

most likely you have interference on that frequency or maybe some Nv2 wireless link running nearby?
 
kgninfos
Member
Member
Posts: 387
Joined: Thu Jun 21, 2012 7:34 pm
Location: Earth
Contact:

Re: Happy with your purchase?

Fri Sep 07, 2012 2:58 pm

no
i did a wireless frequency scan and did not found any signal/interference

and also i tried using other frequency and also Wireless Turbo 40Mhz
same result

throughput is good but frequent disconnection
 
User avatar
honzam
Forum Guru
Forum Guru
Posts: 2397
Joined: Wed Feb 27, 2008 10:27 pm
Location: Czech Republic

Re: Happy with your purchase?

Fri Sep 07, 2012 3:54 pm

We have a lot of problems with NV2
http://forum.mikrotik.com/viewtopic.php ... &hilit=nv2

still NOT solved with 5.20 :(
 
User avatar
ocgltd
Member Candidate
Member Candidate
Topic Author
Posts: 112
Joined: Sun Sep 02, 2012 12:53 am
Location: Ontario, Canada

Re: Happy with your purchase?

Fri Sep 07, 2012 9:09 pm

*** Please don't hijack with specific issues (perhaps link to another top where your details are) ***

I'm still waiting for a response to: http://forum.mikrotik.com/viewtopic.php?f=2&t=65316
This is a showstopper for me...(keeping old router on standby to switch back in case this is not resolvable).

Results so far are split between love em vs hate em. Wondering as well if the 'love em' group is using the RB's more as routers? Wireless AP's?
 
gsloop
Member Candidate
Member Candidate
Posts: 213
Joined: Wed Jan 04, 2012 11:34 pm
Contact:

Re: Happy with your purchase?

Mon Sep 10, 2012 11:08 pm

Posted a little response elsewhere... I'm sure you've seen it.

IMO, the "It's the best $hit ever" crowd is usually WISPS.

The "WTF?" crowd, is usually people like you and me.

---
It works pretty well for baseline routers for WISPS, from what I can tell, especially if you're not willing to spring for Cisco gear.
And since MTK was here for WiFi stuff for a long time, WISPS have lots of exp and investment in MTK.

Some of that investment, esp in Wifi gear is now going to ubiquiti - but there's still no great mainline router to take the MTK spot. So, that's where things sit.

---
For us? I dunno. Not a lot of choices, and MTK is cheap. While the scripting is really rough, I really like the options provided. [I have written scripts to handle dynamic fail-over to a backup WAN. I don't think I could do that easily with any other product. (But again, scripting is really rough, and half-baked. You can do a lot in it, but watch your back, since it's so primitive.)]

Plusses:
In short, it's pretty cheap for the performance.
Dumping in configs via command-line is a big plus. [Multiple setups, iptables/fw rules etc are a lot faster.]
Scripting is nice, but sketchy.
Since the hardware is cheap, I can keep hot spares for any client devices that croak.

Minus: [And some of these are BIG!]
MTK attitude when you point out something trashy they've done.
Stuff that only half works. Like IPSec policy match, or OpenVPN [udp/lzo] etc. (Once you know what it is, you can avoid it, or work around it, but it's a steep learning curve until you do.)
Sketchy FW updates. (Fixes some stuff, breaks others. Stay on a good FW version until you know the new one doesn't break stuff you need.)
No security announce lists, or really organized/structured management of tickets/bugs etc.
Changes to stuff without much/any notice, hardware/software/firmware. [See RB 1100AHx2 disk size debacle for example.]

For me, at least currently, it's a net plus. But it's not all sweetness and light. It's more like a 60/40 or even 55/45 split.

-Greg
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1076
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Happy with your purchase?

Wed Sep 12, 2012 4:30 pm

IMO, the "It's the best $hit ever" crowd is usually WISPS.

The "WTF?" crowd, is usually people like you and me.
I beg to differ. It is not only about WISPs, a lot of MikroTik Routers are used as core routers.
I do a have a customer who is using it for sth like 700Mbps traffic with tunnels and BGP routes, faultless.
It is all about a careful configuration, I think. I am not a network or RouterOS geek, but have seen some
guys doing pretty good job with these routers.

About the forum, it is has being said a lot of times that this a user forum, not official Mikrotik support.
So, it is up to us to make it a better place.
 
gsloop
Member Candidate
Member Candidate
Posts: 213
Joined: Wed Jan 04, 2012 11:34 pm
Contact:

Re: Happy with your purchase?

Wed Sep 12, 2012 9:14 pm

@Caci99
Note the *usually*.

I'm aware that it's *possible* to make them work and to work pretty well.
However there are a host of hidden rocks at the bottom of the lake that is RoS, and it's really easy to hit an undocumented rock and sink your boat.

As for alternatives, well, that looks to be changing - starting now. [I didn't imagine to see it this soon.] I hope it encourages MikroTik to really step up their game.

Better response here would be really good. User supported or not, I've seen and experienced a lot better elsewhere - both from users and from the company too.

I'll quit re-hashing things - but IMO, the problem isn't "us" - it's "them."
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1076
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Happy with your purchase?

Thu Sep 13, 2012 3:17 pm

@gsloop
Well, the "usually" is because there are a lot more wireless routers and small office routers than some high implemented routers around.
For a bunch of a 100 "normal" routers you will have only one core router. So, I think it is obvious that there are a lot more normal users
rather than high technicians users.
The rock underneath that lake, can be found anywhere, don't you think? Not only on RouterOS. I don't think that RouterOS is prone to more
unresolved issues. The fact that now they are dealing with far more problems than before, to me is a indication that they have raised
the expectations of the users themselves. As a result, the users are encountering more problems than before.

Now, don't get me wrong, for sure I want Mikrotik to better they product and solve the issues rather before than latter.
The alternatives as you mentioned are always good, it can push Mikrotik and others to better products. Heck, Mikrotik itself
is an alternative, that's the reason I jumped on Mikrotik some years ago when I needed a solution to my network. Others were
offering it at some crazy prices like 4000USD, while I managed to do it with just a 100USD.

The "problem" with Mikrotik, in my opinion, is that it is not a straight forward router, plug and play. It is blank, and you need some basics
knowledge and figure out how to approach the solutions. After some time experimenting and reading I happy with the way it is, it is even fun.
 
kgninfos
Member
Member
Posts: 387
Joined: Thu Jun 21, 2012 7:34 pm
Location: Earth
Contact:

Re: Happy with your purchase?

Thu Sep 13, 2012 6:50 pm

i was also using mikrotik routers since 4+ years and no issues at all
but this time i tried a 14Km link over wireless and got some serious issues
at first no reply from support team but now things have changed i got about 4-5 reply in just 12 hours

and now i also think they are improving the customer support
But a request for admins please open an online Ticket and Chat system(i know it's not easy to handle so large number of query but think we as service providers suggest people to use mikrotik and when there is some problem we have to wait a long for support this really hampers our prestige and also yours mikrotik guys)

But keep the good work for providing best routes
 
gsloop
Member Candidate
Member Candidate
Posts: 213
Joined: Wed Jan 04, 2012 11:34 pm
Contact:

Re: Happy with your purchase?

Thu Sep 13, 2012 8:52 pm

The rock underneath that lake, can be found anywhere, don't you think? Not only on RouterOS. I don't think that RouterOS is prone to more
unresolved issues.
I don't agree. From my experience the rocks under lake RoS have been much worse than any other comparable product I've ever used in recent times. The learning curve is steep and since support is sketchy and hostile - it's really a struggle to get there.

Look at a whole host of issues.
All the VPN protocols have huge issues for Road-warrior support, IMO.
The least bad choice is OpenVPN, which doesn't support a huge pile of really important and critical OpenVPN options - like UDP, LZO compression, route pushes etc.
That OpenVPN, of all choices, is the *best* one available should be a huge warning sign.

And go look at the docs for OpenVPN. They were not generated by MikroTik and they're old. MikroTik hasn't taken the least effort, that I can see, to update them, correct them, or make them better. [And I've been told by MikroTik that they were going to do so - but to current have not.]

There are a pile of other issues mentioned above, but that whole load is what's most current in my mind.

But we will see what happens. I am quite interested in the announcement [that can't be announced here] that occurred yesterday. I think it's a game changer, if the past is anything to go by/buy. [You're welcome to email me if you are not sure what I'm referring to.]

Mikrotik is cheap, but attitude is bad. Support isn't great. Feature set, like MPLS etc can be high. But some areas, like VPN suck. People will put up with the above if there's no alternative and it's going to save them $3K vs Cisco.

But if that's only going to save you, say $200, or perhaps nothing, then putting up with the odd/crazy/hostile stuff that happens - not so much.
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1076
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Happy with your purchase?

Thu Sep 13, 2012 9:19 pm

I don't agree. From my experience the rocks under lake RoS have been much worse than any other comparable product I've ever used in recent times.
I take your word for granted. I admit I haven't tried very much different products, more so on VPN issues.
The learning curve is steep and since support is sketchy and hostile - it's really a struggle to get there.
As I said, that could be the "problem" of RouterOS, but for me is part of the fun. In my experience, I have come to learn much more about networks
in general while using MikroTik than previously.
I am quite interested in the announcement [that can't be announced here] that occurred yesterday. I think it's a game changer, if the past is anything to go by/buy. [You're welcome to email me if you are not sure what I'm referring to.]
Are you referring to this http://forum.mikrotik.com/viewtopic.php?f=3&t=65516?
 
gsloop
Member Candidate
Member Candidate
Posts: 213
Joined: Wed Jan 04, 2012 11:34 pm
Contact:

Re: Happy with your purchase?

Fri Sep 14, 2012 1:09 am

Announcement - Yes. [I fully expected it to get nuked, since that's often the response. When I didn't see it in a brief look today, I assumed it was. But evidently I missed it.]

---
I'm no network "newbie" - I'm probably not the absolute best guy around, but I'm very good at what I do, I think.
RoS has been really painful.

Scripting has so many "gotcha's". [eg. Stuff like a failed :resolve bomb the whole script! Seriously!?]
VPN stuff - really bad stuff. Very basic options that have been in Linux for literally ages aren't there. No UDP on OpenVPN?!!? [Seriously!?]
Documentation is really thin and sketchy.
You ask questions and get vague answers or none at all. [Here and via support.]

So, that level of "amateur" seeming stuff is what just boggles me. I can support myself, most of the time, provided the docs are good and things are consistent. But they're not. And when you expect bog-standard features to be there, and they're not - you just can't believe it. You wonder if you missed something and keep trying to figure out what's wrong.

So, I expected something more than semi-hobbiest level docs, support, features.
Perhaps I shouldn't have, but that's what has disappointed me most.

I'm starting at a high level and I expect really functional stuff I don't have to bork-around with dodgy "fixes" to make things work.

I think we largely agree - not that we must - just that I think I expect more professional outcomes than is likely to occur.
I think the result is: The "tinker" crowd may well continue to use MTK, as well as core people who want Cisco level features [like MPLS] but not Cisco level price.

But that's a pretty thin market. If they lose the bread-and-butter people and a fair number of wisps, then it's not going to be pretty. [And as I say, I've got thousands of dollars in equipment and time sunk here. I really want them to do better - but on most of the fronts I care about, it's unlikely in the short-medium term.]

-Greg
 
robertfranz
newbie
Posts: 37
Joined: Tue Apr 21, 2009 3:30 am

Re: Happy with your purchase?

Fri Sep 21, 2012 12:38 pm


So, that level of "amateur" seeming stuff is what just boggles me. I can support myself, most of the time, provided the docs are good and things are consistent. But they're not. And when you expect bog-standard features to be there, and they're not - you just can't believe it. You wonder if you missed something and keep trying to figure out what's wrong.

So, I expected something more than semi-hobbiest level docs, support, features.
Perhaps I shouldn't have, but that's what has disappointed me most.
I think the result is: The "tinker" crowd may well continue to use MTK, as well as core people who want Cisco level features [like MPLS] but not Cisco level price.

But that's a pretty thin market.

-Greg
Well, I just replaced all of my branch 450G's and 750's with Cisco 881's at 5 times the cost.
And my 450g core router with a cisco 2911 at what - 10x the cost?

I did this to save money.

I don't really mind that I have to keep shelf spares for the MT gear.
(HW reliability is all over the map. I've had 450G's that have run for years, and others that fail after a few months.)

However; the lack of accountability at MT is extremely expensive for me in terms of productivity and labor.

If I have an issue with a cisco router, I can open a case with TAC and they own it until resolved.

MT *never* owns an issue.

You are correct about the "hobbyist" level of reliability.

MT isn't remotely ready to play in any space beyond wisp or very low level smb's, largely due to lack of support and crappy support attitudes.

In the 5 years I've used MT products, there has never been an up to date manual.

I would gladly pay MT the same rate for a support contract that I now pay to Cisco, but I realize MT cannot now, and likely never will be able to provide that level of support.

And I'm sure I'm not the only own that hears "upgrade to the latest firmware" and shudders at the thought of having to reach again into MT's grab bag of bugs in the hopes that none of the features they use are re-broken in the updated firmware.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1376
Joined: Mon Jan 05, 2009 6:23 pm
Location: bit.ly/the-qos
Contact:

Re: Happy with your purchase?

Mon Oct 08, 2012 11:20 am

LOL Cisco TAC have closed issues in such a silly way that the truth is in our own ability to solve our problem rather than someone else's.

But if you found happiness in using 2911 and dumping trucks of gold and diamonds on Cisco - then good for you ;)

Who is online

Users browsing this forum: cyrq, mkx, oatis, Partial, the2masters and 72 guests