*) bgp - added initial support for prefix limit;
The setting is documented on https://help.mikrotik.com/docs/display/ ... escriptionWhere can read about lacp-user-key?
/interface bonding monitor-slaves
Now I have the same key on all the bonding interfaces. As far as I understand, this is normal. Could you give an example when need to manually change the key?The setting is documented on https://help.mikrotik.com/docs/display/ ... escriptionWhere can read about lacp-user-key?
LACP key can be monitored with:Code: Select all/interface bonding monitor-slaves
what details would you require for supporting the L860 and L850?*) lte - added MCS, CQI and RI value reporting for Fibocom FG621;
You post that in every release topic, but it is completely unclear what you mean.- "Old style" routing filters add (like v6), not only syntax
<3*) gps - added GPS package support for Chateau devices;
*) lte - added SMS sending support for MBIM protocol;
*) lte - improved stability when configuring multiple APN's at the same time in MBIM mode;
*) lte - improved stability when upgrading LTE firmware on Chateau 5G;
Correct, the second rule is needed due to switch limitation. For CRS3xx, there is a slightly more advanced ACL matcher that can correctly find ARP and IPv4 packets using a single rule.Is mac-protocol=arp setting requirement (so the need for the second rule) a limitation from the RB5009 switch chip (88E6393X) ?
It is perfectly fine to use the same key for multiple LACPs. We received a feature request asking for this option, I guess it was up to their network policy to use unique keys for each LACP. It was fairly easy to implement it in RouterOS, so here you go.Now I have the same key on all the bonding interfaces. As far as I understand, this is normal. Could you give an example when need to manually change the key?
Thanks a ton. However please refer to SUP-78389. @normis @emilis @edpa*) torch - properly capture all related IPv6 traffic;
How do you think where the fixes for 7.2.1 were tested?Beta 33? Out of the world version numbering.
How do you think where the fixes for 7.2.1 were tested? :)
Doesn't sound the new routing engine was very well thought out before implementing.Currently there is no mechanism to count exact session prefixes, That is why this parameter is not even set. If you want to know exact prefixes installed in the routing table received from a specific peer, then use /roruting route print command with appropriate filtering options, like "belongs-to" or "bgp.peer-cache-id"
+1Doesn't sound the new routing engine was very well thought out before implementing.
How is it possible that basic features were not even considered during the design phase?
It would already be nice when the old /routing filter rule add syntax could be accepted and converted on-the-fly to new syntax and stored.As it was already mentioned in one of the topics we will try to think of some user friendly GUI method to add routing filters but doing that and implement it is not going to happen right away.
But it will have to be written for the prefix limit handling anyway, isn't it? When that is done, can't it be shown in the session table as well?Currently there is no mechanism to count exact session prefixes, That is why this parameter is not even set.
/interface 6to4
add !keepalive mtu=1480 name=HE remote-address=X.X.X.X
/ip vrf
add interfaces=HE name=VRF-HE
/ipv6 address
add address=2001:470:xxxx:cc::2 advertise=no interface=HE no-dad=yes
/routing/route/pr det where immediate-gw=HE
I sincerely hope that Mikrotik developers are working on a solution to this.Currently there is no mechanism to count exact session prefixes, That is why this parameter is not even set. If you want to know exact prefixes installed in the routing table received from a specific peer, then use /roruting route print command with appropriate filtering options, like "belongs-to" or "bgp.peer-cache-id"
- View received-prefixes on a per peer basis[/b]
[zuul@ccr2216-02.test.lab.ipa] > routing/stats/origin/print interval=1 where instance-id=1686070274
Flags: Y - synthetic; Z - terminal; X - stopping; D - owner-dead; H - hold; U - attrs-updated; M - attrs-merge
12 name="BGP IP routes from 198.18.92.254" instance-id=1686070274 publisher-idx=12 route-type="8" owner=28 route-count=0,387726,0,0,0,0,0,0,0,0,0,0,0 total-route-count=387726
13 name="BGP IP routes from 198.18.92.253" instance-id=1686070274 publisher-idx=13 route-type="8" owner=30 route-count=0,329737,0,0,0,0,0,0,0,0,0,0,0 total-route-count=329737
14 name="BGP IP routes from 100.126.100.1" instance-id=1686070274 publisher-idx=14 route-type="8" owner=31 route-count=0,517453,0,0,0,0,0,0,0,0,0,0,0 total-route-count=517453
Don't be ridiculous. Bare essential functionality is very well though out and has the highest development priority. Which means that features that are not absolutely essential for BGP to work or their functionality can be done alternatively with other already existing features but in a bit less convenient way has lower priority. What you are asking here are mostly cosmetic things with lower priority. Pretty GUI and convenient counters are not the things that are needed for BGP to work properly, but it does not mean that these features will not be implemented ever (as already mentioned in this topic and other topics).+1Doesn't sound the new routing engine was very well thought out before implementing.
How is it possible that basic features were not even considered during the design phase?
Not only that, but it takes ages and many versions to get it fixed.
Prefix count per peer can easily be extracted from /routing route print count only or from /routing stats originPrefix count per peer
Already possible. from /routing route menu, see few posts above- View received-prefixes on a per peer basis
Already possible starting from v7.2- View advertised-prefixes on a per peer basis
You are commenting on the versions topic where this is already possiblemax-prefix-limit
I have posted the list of features we NEED to have to be able to deploy v7 several times. BFD is certainly at the top of that list, but there are several others:Don't be ridiculous. Bare essential functionality is very well though out and has the highest development priority. Which means that features that are not absolutely essential for BGP to work or their functionality can be done alternatively with other already existing features but in a bit less convenient way has lower priority. What you are asking here are mostly cosmetic things with lower priority. Pretty GUI and convenient counters are not the things that are needed for BGP to work properly, but it does not mean that these features will not be implemented ever (as already mentioned in this topic and other topics).
+1
Not only that, but it takes ages and many versions to get it fixed.
From your requests should we stop working for example, on BFD support, just to implement cosmetic counter in session stats? Or should we stop fixing found problems just to try to make pretty GUI for routing filters?
I have posted the list of features we NEED to have to be able to deploy v7 several times. BFD is certainly at the top of that list, but there are several others:
- working aggregation, both as a source and when processing/forwarding aggregated routes
- working route refresh (when filters are changed, for example)
- meaningful error messages when some connection fails, not "Holdtime expired, session *=0x30110240" but a session NAME instead. nor "Write to bgp failed (32) { #buf=1 max=64 sk=Socket{ 5[" but some message that includes a session name instead, so I can know where to look for a potential problem.
VxLAN tunnels keep lose their previous mac address after every reboot. It is a big issue because on one of our peering LANs we have mac filtering. Kindly take a note. Already opened a ticket a month ago. If any internal testing is needed for the same I am willing to do it.You are missing the point, should we stop working on these features then just to implement prefix counter to show up in BGP session?
You are willing to tolerate BGP crashes that we could fix instead of possibility to get a counter in a specific manner?
You already can get prefix count with methods mentioned previously. If you already had a script to get prefix count for monitoring of ROS v6, then only difference is that this script line will look a bit different for ROS v7. Its not like you cannot get prefix count at all.
Regarding cryptic error messages, I am really surprised that MT didn't take the opportunity to introduce error numbering in V7 that could be explained in more details on, for example, the help page and a corresponding text file with error messages (which is a good solution if you want to keep the program size down)Meaningful error messages when some connection fails, not "Holdtime expired, session *=0x30110240" but a session NAME instead. nor "Write to bgp failed (32) { #buf=1 max=64 sk=Socket{ 5[" but some message that includes a session name instead, so I can know where to look for a potential problem.
Just speculating but perhaps MT made a decision that instead of starting from an OSS version, develops its own BGP stack from scratch which is a challenge when it comes to adding new features.However what I do not understand is why this new v7 with the new BGP takes so long to get feature-complete. After all, we are hearing nearly 10 years from MikroTik about this exciting new routing engine that will be part of v7 and will end all troubles. After all that preparation it could have been a bit more polished.
No, but every new release there are many items in the changelist that are about fixing features that are new to v7 and usually there are almost no changelist items related to BGP.You are missing the point, should we stop working on these features then just to implement prefix counter to show up in BGP session?
You are willing to tolerate BGP crashes that we could fix instead of possibility to get a counter in a specific manner?
And also to filter and recognize error messages in either internal scripts or an external system...Regarding cryptic error messages, I am really surprised that MT didn't take the opportunity to introduce error numbering in V7 that could be explained in more details on, for example, the help page and a corresponding text file with error messages (which is a good solution if you want to keep the program size down)Meaningful error messages when some connection fails, not "Holdtime expired, session *=0x30110240" but a session NAME instead. nor "Write to bgp failed (32) { #buf=1 max=64 sk=Socket{ 5[" but some message that includes a session name instead, so I can know where to look for a potential problem.
Exactly because of the above mentioned priorities. According to forum users "bgp advertisements" and "prefix limits" were the most essential features, so it was set as a highest priority and took all the development time instead of fixing actually important problems.and usually there are almost no changelist items related to BGP.
Exactly that and it was not just a BGP that got a rewrite, whole routing stack was completely rewritten.develops its own BGP stack from scratch which is a challenge
Fair enough! Then I'd like to push these and thank you for the amazing work you've done so far on V7!It is all about the priorities you guys are pushing.
Actually I have mentioned my BGP priorities from the first time I ran a v7 beta and that was way before those things came up.Exactly because of the above mentioned priorities. According to forum users "bgp advertisements" and "prefix limits" were the most essential features, so it was set as a highest priority and took all the development time instead of fixing actually important problems.and usually there are almost no changelist items related to BGP.
It is all about the priorities you guys are pushing.
Apr/06/2022 10:39:06 route,bgp,error HoldTimer expired
Apr/06/2022 10:39:06 route,bgp,error Session *=0x30100010
Apr/06/2022 10:39:12 route,bgp,error HoldTimer expired
Apr/06/2022 10:39:12 route,bgp,error Session *=0x301a0470
Apr/06/2022 10:39:14 route,bgp,error HoldTimer expired
Apr/06/2022 10:39:14 route,bgp,error Session *=0x30190240
Apr/06/2022 10:40:00 script,info 194.109.6.8 is up
Apr/06/2022 10:40:35 route,bgp,error HoldTimer expired
Apr/06/2022 10:40:35 route,bgp,error Session *=0x30080010
Apr/06/2022 10:40:57 route,bgp,info Connection closed
Apr/06/2022 10:40:57 route,bgp,info Session *=0x30180010
Apr/06/2022 10:41:03 script,warning 44.137.0.1 is down
Apr/06/2022 10:41:06 route,bgp,info Connection closed
Apr/06/2022 10:41:06 route,bgp,info Session *=0x30190240
Apr/06/2022 10:41:07 route,bgp,info Connection closed
Apr/06/2022 10:41:07 route,bgp,info Session *=0x30100010
Apr/06/2022 10:41:13 route,bgp,error HoldTimer expired
Apr/06/2022 10:41:13 route,bgp,error Session *=0x30160470
Hear, hear... Fighting with scripts and filters that fails is a challenge when there is no way to capture error messages (or the lack of error numbers)And also to filter and recognize error messages in either internal scripts or an external system...
Yeah, I know the feeling. Should be the opposite, ie 20% troubleshooting and 80% fixing the problems.Probably more time has been spent on discussing the problem than would have to be spent on fixing it.
Chateau12 updated, running wellHas anyone updated a chateau yet?
No poll needed, continue as you are currently doing.Maybe create the poll? Should we stop fixing crashes and switch to working on pretty logs because you do not experience crashes ?
Please do not.Maybe create the poll? Should we stop fixing crashes and switch to working on pretty logs because you do not experience crashes ?
Fixing bad code vs implementing needed (basic) features is not a sane tradeoff to ask customers.The same question again, do you think that we should stop working on BFD or fixing crashes to make pretty BGP logs?
Yup but why?Any RB5009 owners updated?
P3 - Capsman V7 with new wifi driver
P4 - Announce Cap AX and Cap AX-E 2x2 & 4x4
This week I was researching why my Chromebook L2TP/IPsec VPN (to a CCR running RouterOS v6.49.5) was no longer working after an update. It cut out after 3 minutes.Yes, IPsec / IKEv2 should rather be used instead IMO...
Properly supported by MikroTik, and by all OSes / mobiles devices etc...
Much nicer solution...
Ah thanks, I believed it was an Android issue. Well, hopefully it will be solved sometime.I agree about split-tunnelling issue with multiple networks, only the first subnet is considered by some clients, and especially macOS.
SUP-59668 created months ago regarding this, MikroTik knows the issue and will fix it (as the problem is on RouterOS side), but no ETA unfortunately :-/
The "so you think we should not focus on bugs that crash the device" is a non-sequitur introduced by mrz. Of course I am not against working on solving crashes. But I am against promoting a new major release to "stable" status (and prominently recommending it for installation on the webpage) before it is even feature-complete relative to the previous one (and without mentioning that in the description).Sorry about this one guys, but every time we have a new version released I see some kind of battle here and I sort of (unfortunately) understand both sides.
Thing is: it is non-sense to ask a customer if MikroTik should focus or not on any (kind of) feature that... crashes one device. Crashing is that kind of behavior that should (almost) never happen.
[zuul@ccr2216-01.test.lab.ipa] > routing/bgp/connection/disable 0
[zuul@ccr2216-01.test.lab.ipa] > routing/bgp/connection/set input.limit-process-routes-ipv4=5000 0
[zuul@ccr2216-01.test.lab.ipa] > routing/bgp/connection/enable 0
[zuul@ccr2216-01.test.lab.ipa] > routing/bgp/session/print
Flags: E - established
0 remote.address=198.18.91.254 .refused-cap-opt=no
local.address=198.18.91.1
output.last-notification=ffffffffffffffffffffffffffffffff0015030601 limit-exceeded
[zuul@ccr2216-01.test.lab.ipa] > routing/bgp/connection/set input.limit-process-routes-ipv4=1000000 0
[zuul@ccr2216-01.test.lab.ipa] > routing/bgp/session/clear 0
flag:
input-last-notification limit-exceeded output-last-notification refused-cap-opt stopped
flag: limit-exceeded
[zuul@ccr2216-01.test.lab.ipa] > routing/bgp/session/print
Flags: E - established
0 E remote.address=198.18.91.254 .as=65101 .id=198.18.91.254 .refused-cap-opt=no .capabilities=mp,rr,role,gr,as4 .messages=227341 .bytes=22502859 .eor=""
local.address=198.18.91.1 .as=8675309 .id=100.127.100.101 .capabilities=mp,rr,gr,as4 .messages=1 .bytes=19 .eor=""
output.procid=60 .filter-chain=deny-all .last-notification=ffffffffffffffffffffffffffffffff0015030601
input.procid=60 .limit-process-routes=1000000 ebgp
hold-time=3m keepalive-time=1m uptime=34s270ms
[zuul@ccr2216-01.test.lab.ipa] >
I think MikroTik's strategy has painted them into a corner here. On one hand, they have been forced to start shipping an OS with a newer Linux kernel because they can no longer reasonably backport hardware support to the old kernels. The writing has been on the wall for two years now, with the introduction of the CCR2004-1G-12S+2XS it became obvious that ROS v6 could not be made to support all new hardware properly.But I am against promoting a new major release to "stable" status (and prominently recommending it for installation on the webpage) before it is even feature-complete relative to the previous one (and without mentioning that in the description). … There apparently is a (human) resource bottleneck in working on BGP and other (auto)routing. I do not know which of the MikroTik employees is/are working on this and if we ever see them here, but it looks like they are overburdened in finishing their work.
Actually, you are the one missing the point.You are missing the point, should we stop working on these features then just to implement prefix counter to show up in BGP session?
If it is that much difficult to implement basic stuff like showing the prefix count and advertisements (and no, pcap dumps is a joke), that it would take sooo much time from implementing and fixing other BGP stuff, then something is seriously wrong with the new BGP implementation.
If it is that much difficult to implement basic stuff like showing the prefix count and advertisements (and no, pcap dumps is a joke), that it would take sooo much time from implementing and fixing other BGP stuff, then something is seriously wrong with the new BGP implementation.
Either that, or you don't know how it's implemented and why it's implemented that way, and you're making prescriptions from that point of ignorance.
The old (v6) BGP implementation was single-threaded, which caused it to have serious scalability problems. We can no longer depend on more GHz to solve problems like this. Instead, we rely on more CPU cores, but to make use of that, you need a parallel implementation, which requires a rewrite. You can't just take a single-threaded program and launch N threads on it and expect it to work properly because reasons…
In rewriting their BGP implementation to be multi-core friendly, they caused there to be no single location for certain details like these counters you're wanting. It's possible to bottleneck everything down to a single thread to collate these values, but in doing so, you throw away the speed advantage of v7's BGP implementation.
I get that you want all of the features, and you want them 2 years ago. However, you might want to consider the possibility that MikroTik's software developers are doing their best with the resources they have.
Yes you should. You first implement basic features according to industry standard spec. Bugs will get found forever.You are missing the point, should we stop working on these features then just to implement prefix counter to show up in BGP session?
You are willing to tolerate BGP crashes that we could fix instead of possibility to get a counter in a specific manner?
Peeking from the outside in the black box it appears that the new BGP has a separate thread per peer, that just accepts all routes from the peer and puts them into a big table, and then the filtering is done in another thread that marks those table entries with a filtered/not_filtered status, and the active route is chosen from those that are not filtered.This is completely false and shows no understanding on threading. If we're able to use filters for export/import of prefixes that shows there should not be any reason not to also add a counter to that since there's already logic in place to permit or deny prefixes.
If they designed it without communication between the peer-processes and the filter process(es) then I can understand why it wouldn't work. But that would be a strange way of designing it. The filter process gets the remote peer ip etc also so it's not that it just sees routes flying in without knowing where they came from.Peeking from the outside in the black box it appears that the new BGP has a separate thread per peer, that just accepts all routes from the peer and puts them into a big table, and then the filtering is done in another thread that marks those table entries with a filtered/not_filtered status, and the active route is chosen from those that are not filtered.This is completely false and shows no understanding on threading. If we're able to use filters for export/import of prefixes that shows there should not be any reason not to also add a counter to that since there's already logic in place to permit or deny prefixes.
So, the process handling the peer connections does not know how many of the received routes actually make it past the filtering, and the filtering process has no "counters".
It is possible to get counts by doing searches on the table, like "how many routes received from this peer are not filtered", but it is a "costly" operation as it has to walk the entire table every time you want to obtain the count. It can be done in a script, but it isn't done in the "session overview".
Also, the command-line language does not make it easy. E.g.:
/routing/route/print where belongs-to="BGP IP routes from 1.2.3.4"
neatly prints all routes received from that peer.
/routing/route/print count-only
prints the total number of routes in the table. but:
/routing/route/print count-only where belongs-to="BGP IP routes from 1.2.3.4"
always prints zero :-( so you need to write a script that actually does the full print and counts the lines. what a waste!
It can be difficult to make an existing algorithm multi-threaded. And it obviously was an objective of the BGP rewrite, as (especially at that time) MikroTik routers have lots of cores and a single-threaded BGP would not effectively use them. But it looks like while making the multithreaded design, this particular aspect was overlooked or considered not that important.
The peer communication process sees routes coming in but does not keep a table of them to know how many unique routes there are.If they designed it without communication between the peer-processes and the filter process(es) then I can understand why it wouldn't work. But that would be a strange way of designing it. The filter process gets the remote peer ip etc also so it's not that it just sees routes flying in without knowing where they came from.
There is the following matchers in filters,The peer communication process sees routes coming in but does not keep a table of them to know how many unique routes there are.If they designed it without communication between the peer-processes and the filter process(es) then I can understand why it wouldn't work. But that would be a strange way of designing it. The filter process gets the remote peer ip etc also so it's not that it just sees routes flying in without knowing where they came from.
The filtering process runs through the central table and applies the filters but it sees all the routes so it is "difficult" to keep counts per peer (also because the other processes are feeding new data all the time).
Likely the only way to get approximate counts is by walking the table as-it-is, and to get accurate counts you need to "lock" the table while doing that.
Not something you want to do every second to keep a dynamically updated display, like we have in v6.
There is no way to know how it is designed, and conjecture doesn’t get us any closer to a fix. It’s probably best if we don’t continue cluttering a release thread with a ton of what-ifs and instead stick to just reporting issues. We can create threads (see what I did there) to debate the finer points of optimal concurrent design of BGP daemons elsewhere. I would hope/assume everything is threaded and not designed to run as separate processes per-peer as that would be awfully inefficient and wasteful - but it’s a discussion topic for another thread.The peer communication process sees routes coming in but does not keep a table of them to know how many unique routes there are.If they designed it without communication between the peer-processes and the filter process(es) then I can understand why it wouldn't work. But that would be a strange way of designing it. The filter process gets the remote peer ip etc also so it's not that it just sees routes flying in without knowing where they came from.
The filtering process runs through the central table and applies the filters but it sees all the routes so it is "difficult" to keep counts per peer (also because the other processes are feeding new data all the time).
Likely the only way to get approximate counts is by walking the table as-it-is, and to get accurate counts you need to "lock" the table while doing that.
Not something you want to do every second to keep a dynamically updated display, like we have in v6.
There have been occasional descriptions by MikroTik employees of what has changed in BGP operation, and we can see what is going on in the routing table (filtered routes now appear in the table).There is no way to know how it is designed, and conjecture doesn’t get us any closer to a fix.
I understand where you are coming from, but at the end of the day, Mikrotik needs to hear the feedback, and we should not be defending them. They can do that themselves, if so inclined. I'm sure there are a multitude of reasons things have taken this long to progress, but there are some very real and serious issues ongoing right now with these releases, that impact multiple users, and it seems like non-Mikrotik-employed forum members are postulating reasons as to why instead of leaning on Mikrotik to address it themselves. At a certain point they need to see the volume of complaints to gauge need/interest, as it's already been made clear that is how they are prioritizing. Artificially tamping down the complaints by defending them isn't going to help with prioritization of these needed features/functionality.There have been occasional descriptions by MikroTik employees of what has changed in BGP operation, and we can see what is going on in the routing table (filtered routes now appear in the table).There is no way to know how it is designed, and conjecture doesn’t get us any closer to a fix.
I am posting this only because people write "it is stupid that they do not just include a prefix counter" and while I agree with the end-result of that, I try to explain why it is not that simple.
Sure this works?It is perfectly fine to use the same key for multiple LACPs. We received a feature request asking for this option, I guess it was up to their network policy to use unique keys for each LACP. It was fairly easy to implement it in RouterOS, so here you go. :wink:
It will never be finished. The current plan is to finish first the new features and then bugfix things.v7 introduces years ago (i believe more than 5 years ago) and today in 2022 it's not even finished yet, how many years actually need to make the v7 full finished anyway?
You missed this in the documentation I think:And even with unmatching keys (5 / 329) and 17 on the remote system, the bond is Running and I can ping...
There is, but it is impressive the rate that things have been happening so far. They've been doing many many fixes. I think it is still a few months before I can consider putting it into limited production use but it is getting close.Still a lot to be done.
Which UI are you using when you observe this behaviour? If you're using winbox, does the same happen if you log in via ssh? Does the same happen if no management connection is alive (if you're using CHR, then you should be able to see VM resource usabe from hypervisor console)?please check the problem, error of 100% CPU X86 "management" process, it persists in 7.3 beta.
You missed this in the documentation I think:
lacp-user-key: Specifies the upper 10 bits of the port key. The lower 6 bits are automatically assigned based on individual port link speed and duplex.
So what you are seeing is correct and is the expected behavior. The lower 6 bits getting automatically assigned results in the 17 and 329.
It is unclear what you mean. Do you mean the "OID not monotonically increasing" problem? It has plagued RouterOS for years, you will need to work around it.SNMP: SNMP feed seems unstable. Monitoring tools show discontinuous flows.
No, problem described in that ticket is unrelated to VRFs*) ping - fixed socket allocation after VRF change;
cloud it fix the issue related to ticket[SUP-67221].
regards
are you aware about it, working to fix it or nothing yet?No, problem described in that ticket is unrelated to VRFs*) ping - fixed socket allocation after VRF change;
cloud it fix the issue related to ticket[SUP-67221].
regards
So far unsuccessful with netinstall.hAP AC3
installation of 7.3b34 causes bootloop (coming from 7.3b33).
Trying netinstall now to recover.
Interesting, this came up in NOG group in our country, and it was strongly advised that a retry timer would be bad for the internet, and that's out of the latest IETF draft at https://datatracker.ietf.org/doc/draft- ... x-inbound/ written by both Max Stucchi and Job Snijders. Check section 2 point C.Tested prefix limit in BGP. It works but requires a manual clearing of the peering. Would be nice to have a timer and retry in future releases.
Code: Select all[zuul@ccr2216-01.test.lab.ipa] > routing/bgp/connection/disable 0 [zuul@ccr2216-01.test.lab.ipa] > routing/bgp/connection/set input.limit-process-routes-ipv4=5000 0 [zuul@ccr2216-01.test.lab.ipa] > routing/bgp/connection/enable 0 [zuul@ccr2216-01.test.lab.ipa] > routing/bgp/session/print Flags: E - established 0 remote.address=198.18.91.254 .refused-cap-opt=no local.address=198.18.91.1 output.last-notification=ffffffffffffffffffffffffffffffff0015030601 limit-exceeded [zuul@ccr2216-01.test.lab.ipa] > routing/bgp/connection/set input.limit-process-routes-ipv4=1000000 0 [zuul@ccr2216-01.test.lab.ipa] > routing/bgp/session/clear 0 flag: input-last-notification limit-exceeded output-last-notification refused-cap-opt stopped flag: limit-exceeded [zuul@ccr2216-01.test.lab.ipa] > routing/bgp/session/print Flags: E - established 0 E remote.address=198.18.91.254 .as=65101 .id=198.18.91.254 .refused-cap-opt=no .capabilities=mp,rr,role,gr,as4 .messages=227341 .bytes=22502859 .eor="" local.address=198.18.91.1 .as=8675309 .id=100.127.100.101 .capabilities=mp,rr,gr,as4 .messages=1 .bytes=19 .eor="" output.procid=60 .filter-chain=deny-all .last-notification=ffffffffffffffffffffffffffffffff0015030601 input.procid=60 .limit-process-routes=1000000 ebgp hold-time=3m keepalive-time=1m uptime=34s270ms [zuul@ccr2216-01.test.lab.ipa] >
If netinstall can even bring a Mikrotik router running OpenWRT back to RouterOS again, then surely it should easily recover a failed RouterOS incremental version upgrade? Is this just a case of ID10T user error, or should we all be a bit concerned at the dark irony of devices being bricked at alarmingly heightened rates, in spite of a series of alleged filesystem "improvements" to long-term filesystem stability and data integrity ? 🤔 Probably just another "rare" occurence ;) Any other volunteers want to jump to the front of the line? I'm normally excited about new releases, this time a bit hesitant If I'm honest ..😅So far unsuccessful with netinstall.
It installs but after reboot, still bootloop.
Already tried 7.3b34, 7.3b33, 7.2, ...
Errrmm ...Is this just a case of ID10T user error, ...
Good joke.There is a documentation page about netinstall. And it is wellknown that when you attempt it after a long time of not using it, it usually won't do what you want.
It requires experience and proficiency.
No it doesn't since it is stuck in some sort of bootloop.Does the Router appear automatically again in Netinstall after you reboot it? Sure you didn't change /system/routerboard/settings/boot-device to ethernet?!
Solved.Good joke.There is a documentation page about netinstall. And it is wellknown that when you attempt it after a long time of not using it, it usually won't do what you want.
It requires experience and proficiency.
That documentation page show at the end of the process a "Reboot" button which is NOWHERE to be found on the versions I tried.
7.1 / 7.2 / 7.2.1 / 7.2rc4 / 7.3b33 / 7.3b34
Nada.
Install succeeds EACH TIME (at least that's what the tool indicates) yet after power cycle the device remains stuck in a bootloop.
Care to comment again ?
I am going to throw this towards Support ...
EDIT: I do see one difference... there is not status indicator "done". It does flip back from Installing to Ready.
So it might not install at all ? Even better then ...
Some laptops cannot detect receive package from device, change laptop and works our-of-box. I always use WireShark to watch if computer I use see incomming "BOOTP" request, if not... try uninstall AV and reboot - sometimes not help and only change laptop is option. I not discover why but I agree sometimes that happend.Using Good Ol' Linux and CLI !! (told you I know a thing or two)
That laptop I used before, was already used several times for netinstalling Hex and MapLite, so why not now ?
Most of times it's not a problem on device's side, it's machine hosting netinstall "server" that messes things up. The most frequent one is delayed NIC init after link re-establishes. Next one is the fact netinstall exec doesn't allow to explicitly select which interface to use and this is down to MT devs indeed (if wireshark can do it, why can't netinstall as well?). Only the third one is down to interaction between device and PC (the state where one selects packages to upload but device doesn't get or process them) ... and only with this one it's not really clear which end to blame, device or netinstall exec ... or even BOOTP. Other than that BOOTP is just fine.the netinstall program is just a big mess.
True, when I could not get it to work with a specific MikroTik device and a laptop, I fixed it by putting an unmanaged desktop switch between them so the laptop would see the link up all the time.The most frequent one is delayed NIC init after link re-establishes.
Yes that is a major problem as well! Both in the Windows and Linux version. I am very sure that in Linux it is easy to listen to a specific network interface instead of to a random one. They simply have to fix that to reduce a lot of issues with netinstall.Next one is the fact netinstall exec doesn't allow to explicitly select which interface to use and this is down to MT devs indeed (if wireshark can do it, why can't netinstall as well?).
I know about that requirement and I did disable ALL other network interfaces on my laptop (control panel , network, right-click disable on everything but ethernet).The docs on netinstall recommend taking down all network interfaces but the one you know for a fact goes to the MT box you're trying to recover. If you don't, you can't predict which interface it will use short of trawling the mess of a routing table you get with modern OSes. The last time I made a Windows box barf up its default routing table, it was over a screenful!
if wireshark can do it, why can't netinstall as well?
Funny you mention wireshark.Most of times it's not a problem on device's side, it's machine hosting netinstall "server" that messes things up. The most frequent one is delayed NIC init after link re-establishes. Next one is the fact netinstall exec doesn't allow to explicitly select which interface to use and this is down to MT devs indeed (if wireshark can do it, why can't netinstall as well?). Only the third one is down to interaction between device and PC (the state where one selects packages to upload but device doesn't get or process them) ... and only with this one it's not really clear which end to blame, device or netinstall exec ... or even BOOTP. Other than that BOOTP is just fine.the netinstall program is just a big mess.
control panel , network, right-click disable on everything but ethernet).
Still it did not work.
The device shows up in netinstall (so the network interface is correct, I would think ?
I use a script that sets up a network namespace and required configuration before starting netinstall itself.Both in the Windows and Linux version. I am very sure that in Linux it is easy to listen to a specific network interface instead of to a random one. [...]
a script that sets up a network namespace
Wifiwave2 package causes a bootloop on this release for rb4011igs+5hacq2hnd-inWhat's new in 7.3beta34 (2022-Apr-20 08:23):
*) bgp - improved stability when editing BGP template;
*) ccr - added "passthrough" flag for interfaces on CCR2004-1G-2XS-PCIe;
*) dhcpv4-server - added "age" parameter for dynamic leases;
*) dhcpv4-server - fixed minor logging typo;
*) export - fixed value ID exporting that does not refer to any name;
*) fetch - fixed SFTP upload;
*) filesystem - fixed possible boot failure on RB850Gx2 and RB1100AHx2;
*) filesystem - improved long-term filesystem stability and data integrity;
*) ipsec - fixed IPsec IRQ initialization on startup on TILE;
*) leds - fixed ethernet LED behavior on wAP R ac;
*) lte - disabled extended signal info query for Telit LN940 module;
*) ospf - fixed GRE interface compatibility with OSPF;
*) ospf - improved stability when enabling or removing interface-template entries;
*) ovpn - improved stability when forwarding traffic on TILE;
*) ping - fixed socket allocation after VRF change;
*) ppp - fixed active sessions sometimes getting stuck;
*) queues - improved stability in large list of queue scenarios;
*) rb5009 - fixed 10G linking issues with Intel X520, XXV710 NICs;
*) ssh - fail non-interactive client after first invalid password;
*) supout - added IGMP-Proxy section;
*) winbox - added "Comment" parameter for BGP templates and connections;
*) winbox - made "Interface Templates" table sortable under "Routing/OSPF" menu;
*) winbox - made "MPLS Interface" table sortable under "MPLS" menu;
*) winbox - made 56 the default ping size;
*) winbox - moved "src-address-list" and "dst-address-list" parameters to "General" tab under "IPv6/Firewall" menu;
*) winbox - show correct file system type under "System/Disks" menu;
To upgrade, click "Check for updates" at /system package in your RouterOS configuration interface, or head to our download page: http://www.mikrotik.com/download
If you experience version related issues, then please send supout file from your router to support@mikrotik.com. File must be generated while router is not working as suspected or after some problem has appeared on device
Windows 8/8.1/10 by any chance? I still have to run NetInstall in "Windows 7"-compatibility mode on Windows 10 machines to make it work properly.I know about that requirement and I did disable ALL other network interfaces on my laptop (control panel , network, right-click disable on everything but ethernet).
Still it did not work. The device shows up in netinstall (so the network interface is correct, I would think ? ) but "install" did nothing.
Only one single cable between ether1 of Tik and ethernet port of laptop. Where else can the communication go then ?
Thanks for the heads up,Wifiwave2 package causes a bootloop on this release for rb4011igs+5hacq2hnd-in
Same here.Just to confirm 7.3beta34 boot looped my audience with wifiwave2 as well.
Yup, wifiwave2 on Audience broke 1 year streak of avoiding netinstall. I don't have any other device with enough memory for wifiwave2, so hard to know if just Audience...Just to confirm 7.3beta34 boot looped my audience with wifiwave2 as well.
Same here.
Although could someone explain to me why the device does not just disable the package and boot?only if you want to use wifiwave2 it seems?
The package is fine, it's the driver that install it that likely crashes ;). What to do about that isn't so clear, downgrade to "stock" wireless and convert the config?Although could someone explain to me why the device does not just disable the package and boot?only if you want to use wifiwave2 it seems?
That's a good point. That Audience has the space for a 2nd partition. We use a lot of wAPacR, so there not room for even one partition (or even the wifiwave2 package)Exception is the use of partitioning. When you would partition the device, copy and upgrade a partition, and it fails to boot, it would boot the old (copied) partition and you would be back without netinstall.
That's a good point. That Audience has the space for a 2nd partition. We use a lot of wAPacR, so there not room for even one partition (or even the wifiwave2 package)Exception is the use of partitioning. When you would partition the device, copy and upgrade a partition, and it fails to boot, it would boot the old (copied) partition and you would be back without netinstall.
And here I thought I was being lazy. I do think @pe1chl's partitioning advice is a good one, although unfortunately seemingly inpractical...No, actually partitioning on Audience is not a feasible option when running wifiwave2 package.That's a good point. That Audience has the space for a 2nd partition. We use a lot of wAPacR, so there not room for even one partition (or even the wifiwave2 package)
I have asked for enabling RAM disk on ALL devices for a long time...Using RAM disk would help (my audience is currently at stable 142MB RAM used, so around 100MB unused), but sadly RAM disk is not an option on these devices.
At my github repo...*) sfp - added 2.5Gbps rate for SFP+ and QSFP+ interfaces on 98DXxxxx and 98PX1012 switches (requires disabled auto-negotiation);
*) sfp - improved Q/SFP interface initialization and stability for 98DXxxxx and 98PX1012 switches;
Does that include vxlan interface mac changing on every reboot.?Everyone, thank you very much for all the input regarding the configuration loss problem. For your reports in the forum and support tickets. By putting our heads together and combining all of your reports we managed to reproduce this problem and seems that we have resolved it. The fix is included in v7.3beta and, of course, if it will be proven safe (we have tested it ourselves reliably, but would like to see the feedback from beta releases), then it will be included in stable releases as well.
Please note that the upgrade happens on the old version, not the version which you try to install. So the fix applies only when you try to upgrade FROM 7.3beta37 or a later version.
No, that is an unrelated problem. It will be fixed as soon as possible and the fix will be mentioned in the changelog.Does that include vxlan interface mac changing on every reboot.?Everyone, thank you very much for all the input regarding the configuration loss problem. For your reports in the forum and support tickets. By putting our heads together and combining all of your reports we managed to reproduce this problem and seems that we have resolved it. The fix is included in v7.3beta and, of course, if it will be proven safe (we have tested it ourselves reliably, but would like to see the feedback from beta releases), then it will be included in stable releases as well.
Please note that the upgrade happens on the old version, not the version which you try to install. So the fix applies only when you try to upgrade FROM 7.3beta37 or a later version.
That is great news! Good that you (and we) remained persistent and not believed in that "well that happened but it is so rare that we just imagine that it did not happen and will go away by itself". Because that usually does not work in IT.By putting our heads together and combining all of your reports we managed to reproduce this problem and seems that we have resolved it.
dot1x vlan assignment still brokenWhat's new in 7.3beta37 (2022-Apr-25 15:29):
*) dot1x - improved server stability when using re-authentication;
Confirmed on hAP AC3 using wifiwave2 package. Thanks !!*) system - fixed RouterOS bootup when wifiwave2 package is installed (introduced in v7.3beta34);
Huum, are you really using CRS switches as CapsManagers? how did that work out for you?Unfortunately with 7.3beta37 my ARM routers with CAPsMAN active are still freezing after 3h 43m 26s of uptime... Tested with RB3011, RB4011, CRS326
So I had to deactivate CAPsMAN and configure all radios manually... :/
And even with that I still prefer to use ROS v7 because of features like VxLANs, OpenVPN+UDP and WireGuard.
It was just as a test to confirm the issue exists on different routers, I've run it there only for a few hours and then disabled it after the router hung up due to CAPsMAN.Huum, are you really using CRS switches as CapsManagers? how did that work out for you?
question - why NO routing-table in cli???[admin@Ros7.3b37] > /ip/firewall/mangle/add routing-table
expected end of command (line 1 column 25)
Hi,*) sfp - added 2.5Gbps rate for SFP+ and QSFP+ interfaces on 98DXxxxx and 98PX1012 switches (requires disabled auto-negotiation);
Wow... What's "realm"? It changes when I change "Routing Table" in WinBox and shows some numbers %)why no routing-table ??? in ROS v7.x
connecting to mikrotik ros7.3b37:question - why NO routing-table in cli???[admin@Ros7.3b37] > /ip/firewall/mangle/add routing-table
expected end of command (line 1 column 25)
@marlab I have the exact same issue with my hap ac2 (also arm). The device reboots every ˜3h42m. I'm still trying to find the exact cause for it. This problem started with 7.2.0; 7.1.5 was stable.
Are you absolutely sure capsman is causing this? Anything else running on this device like eoip, wireguard, ospf?
Please tell, what exactly fixed? Will it fix SUP-72355?*) bridge - fixed packet marking for IP/IPv6 firewall;
I sincerely hope the focus for the coming month will be on fixing things that are broken or still missing (relative to v6) and not on working on new features.
I'm not asking for it to be prioritized over stability fixes, but it's not even on the roadmap yet according to the last official statement on the matter. I think that ought to change given that 40% of worldwide traffic is on IPv6 already and in parts of the world, 2/3rds of users are on IPv6.I sincerely hope the focus for the coming month will be on fixing things that are broken or still missing (relative to v6) and not on working on new features.
It is not like this feature is critical. It only means you need to buy a slightly more powerful device in order to handle the speed of your internet connection.I'm not asking for it to be prioritized over stability fixes, but it's not even on the roadmap yet according to the last official statement on the matter. I think that ought to change given that 40% of worldwide traffic is on IPv6 already and in parts of the world, 2/3rds of users are on IPv6.I sincerely hope the focus for the coming month will be on fixing things that are broken or still missing (relative to v6) and not on working on new features.
I have a CCR2004 on 3 gbps service. With this, I get around 90-95% of peak throughput on ipv6 with synthetic benchmarks, as it's bottlenecking on a single core. On real world usage, on things that I can configure to use ipv4 vs ipv6, the ipv6 performance is around 60% of ipv4 performance. So you're saying this $600 router isn't enough for 3 gbps and I need to step up to something "slightly more powerful"? What's the next step up? The $2800 CCR2216?It is not like this feature is critical. It only means you need to buy a slightly more powerful device in order to handle the speed of your internet connection.
For example, I have a 180Mbps internet connection and a RB4011 router, and I do not need any fasttrack whatsoever (v4 nor v6).
Just got a reply from another thread indicating the option is only available via CLI and not WinBox at the moment.*) sfp - added 2.5Gbps rate for SFP+ and QSFP+ interfaces on 98DXxxxx and 98PX1012 switches (requires disabled auto-negotiation);
I don't see it in CRS317 too... On beta37
Maybe 3Gbps is not as easy to route as you would hope.I have a CCR2004 on 3 gbps service. With this, I get around 90-95% of peak throughput on ipv6 with synthetic benchmarks, as it's bottlenecking on a single core. On real world usage, on things that I can configure to use ipv4 vs ipv6, the ipv6 performance is around 60% of ipv4 performance. So you're saying this $600 router isn't enough for 3 gbps and I need to step up to something "slightly more powerful"? What's the next step up? The $2800 CCR2216?It is not like this feature is critical. It only means you need to buy a slightly more powerful device in order to handle the speed of your internet connection.
For example, I have a 180Mbps internet connection and a RB4011 router, and I do not need any fasttrack whatsoever (v4 nor v6).
By your logic, getting missing 6.x features into 7.x isn't critical either, as one can just run 6.x.
The RB4011/RB5009/CCR2004 are quad-core CPU's that all seem to max out around 3-5Gbps, depending on the configuration and software version. Aside from the limited switch chip on 4011/5009, there is little offloaded to hardware (IPSEC is about it).I have a CCR2004 on 3 gbps service. With this, I get around 90-95% of peak throughput on ipv6 with synthetic benchmarks, as it's bottlenecking on a single core. On real world usage, on things that I can configure to use ipv4 vs ipv6, the ipv6 performance is around 60% of ipv4 performance. So you're saying this $600 router isn't enough for 3 gbps and I need to step up to something "slightly more powerful"? What's the next step up? The $2800 CCR2216?
By your logic, getting missing 6.x features into 7.x isn't critical either, as one can just run 6.x.
Thanks for pointing out the CCR2116. What kind of performance are you seeing on it? If I'm bottlenecking at around 2.7-2.9 gbps with ipv6 on 1 out of 4 cores with the CCR2004, wouldn't I also bottleneck on 1 out of 16 cores with the CCR2116? Granted, the CCR2116's cores run at 2 ghz (vs 1.7 ghz on the CCR2004), so I'd get ~20% better performance in this scenario, but that's not a tempting reason to upgrade.I've now deployed a half-dozen 2116's across my network, one of which replaced my busiest 2004. They can be found for just under US$800. They're essentially a CCR3XX switch with a 40Gbps connection to the CPUs, and so far I'm impressed with their performance.
A single TCP connection is always handled on 1 CPU core. This is required to avoid packet reordering.wouldn't it also bottleneck on 1 out of 16 cores with the CCR2116?
Hi:*) sfp - added 2.5Gbps rate for SFP+ and QSFP+ interfaces on 98DXxxxx and 98PX1012 switches (requires disabled auto-negotiation);
Using around 15% cpu at 2Gbps (vs 0% with L3HW for ipv4), worst core at ~50%, using multiple connections.Thanks for pointing out the CCR2116. What kind of performance are you seeing on it? If I'm bottlenecking at around 2.7-2.9 gbps with ipv6 on 1 out of 4 cores with the CCR2004, wouldn't I also bottleneck on 1 out of 16 cores with the CCR2116? Granted, the CCR2116's cores run at 2 ghz (vs 1.7 ghz on the CCR2004), so I'd get ~20% better performance in this scenario, but that's not a tempting reason to upgrade.I've now deployed a half-dozen 2116's across my network, one of which replaced my busiest 2004. They can be found for just under US$800. They're essentially a CCR3XX switch with a 40Gbps connection to the CPUs, and so far I'm impressed with their performance.
Let's hope this is a preparation to get ed25519 keys in...*) ssh - added AES-GCM cipher support;
*) ssh - removed DSA public key authentication support;
queue - do not allow using CAKE type in simple and tree setups (already configured queues will be disabled)
Seeing movement on ciphers in SSH gets me excited. ed25519 would be wonderful.Let's hope this is a preparation to get ed25519 keys in...*) ssh - added AES-GCM cipher support;
*) ssh - removed DSA public key authentication support;
Please explain. Connections always had a name parameter. Sure it would be nice when sessions had a name parameter too!*) bgp - added "name" parameter for connections;
How are we now supposed to set different download/upload speeds for asymmetrical links? Can you add this to Cake queue it self? Now with this change we can't control it via simple/tree queue and by setting 2 different cake queue types one for download and one for upload.CAKE type was always meant only for interface queue, it had no effect when used in simple queue.
Bad joke, it worked with queue tree, but was not stable. I made netwatch script, what disabled and reenabled the queue, only in rare situation was problem, and netwatch script always helped...CAKE type was always meant only for interface queue, it had no effect when used in simple queue.
so my queue trees are worthless? I can only use cake with interface queue? is it always going to be like this?CAKE type was always meant only for interface queue, it had no effect when used in simple queue.
It had effect on queue trees, I was using them successfully. Even though I was not able to specify the direction.so my queue trees are worthless? I can only use cake with interface queue? is it always going to be like this?CAKE type was always meant only for interface queue, it had no effect when used in simple queue.
I am using cake with queue tree too.It works well and i don't understand why CAKE can only be used with interface queue in ros.It had effect on queue trees, I was using them successfully. Even though I was not able to specify the direction.
so my queue trees are worthless? I can only use cake with interface queue? is it always going to be like this?
You guys are lazy.
I'm confused. I run 2 cake queue types on my WAN bridge interface in a simple queue and it works without issues.CAKE type was always meant only for interface queue, it had no effect when used in simple queue.
:-) memories...the cake was a lie all along bros....
How do you specify the Cake bandwidth on asymetric links?
Indeed, the number of changes in BGP is a bit disappointing. We also need BFD. Now we getAny word on a milestone we might expect BFD to show up in the beta? BFD, at least from our perspective, is now the biggest missing feature of v7.
and I already asked for clarification of this item because as far as I know, "name" parameter for connections was present from the beginning of v7 releases, later I thought "maybe they mean the connection name parameter from now on is shown in BGP log messages" but NO, we still get those completely meaningless messages:*) bgp - added "name" parameter for connections;
There is no limit-at=DOWN/UP for interface queues.How do you specify the Cake bandwidth on asymetric links?
limit-at=DOWN/UP ?
It was mentioned on post 230 ;)7.3beta40 is available, why is it buried in this thread.
This is how beta are posted. Look at older beta threads and you will find all beta version in just one thread for each main version.7.3beta40 is available, why is it buried in this thread.
What's new in 7.3beta40 (2022-May-11 12:18):
*) dot1x - fixed RADIUS State attribute when client is reauthenticated;
*) dot1x - fixed port based VLAN ID assignment on devices without a switch chip;
*) dot1x - improved server system stability during authentication;
It supposed to be sessionPlease explain. Connections always had a name parameter. Sure it would be nice when sessions had a name parameter too!*) bgp - added "name" parameter for connections;
[admin@MikroTik] /routing/bgp/session> print
Flags: E - established
0 E name="test_large_community-1"
remote.address=x.x.x.x .as=456 .id=10.155.255.186 .refused-cap-opt=no
.capabilities=mp,rr,gr,as4 .afi=ip,ipv6 .messages=1 .bytes=19 .eor=""
local.address=y.y.y.y .as=444 .id=192.168.44.2 .capabilities=mp,rr,gr,as4
.afi=ip,ipv6 .messages=4 .bytes=219 .eor=""
output.procid=20 .filter-chain=bgp_out .network=test_list .keep-sent-attributes=yes
input.procid=20 .filter=bgp_in_large_comm ebgp
hold-time=3m keepalive-time=1m uptime=58s350ms
Pretty depressing performance there.On a single connection, 1.25Gbps (one core at 98%)
I am using vlan tagging
Good to know.Using around 15% cpu at 2Gbps (vs 0% with L3HW for ipv4), worst core at ~50%, using multiple connections.
CCR2116 cores are Cortex-A72 vs A57 for the CCR2004 so that's another +25%.
I have exactly the same issue after around 3 hours of uptime.CCR2116 with ISP SFP ALCATELLUCENT firmware V7.37beta. Got PSU 1 & 2 fail after some's day's. The fan go up and down and the healt status was wrong. Look like the SFP was not supported and cause this issue. I already tested with all v7 release, beta and stable. The longuor working release was the v7.37beta. The issue started 24h after power outage. I did the reboot and work fine for more 26H. Now I did reboot and upgrade to v7.40beta to see if I still have the same issue. I open ticket (SUP-82215) for more analyses.
CAKE type was always meant only for interface queue, it had no effect when used in simple queue.
Precisely this is why we need write down 100 times to pressure should be high enough on Mikrotik...Remember this is just one beta version. MT do read this forum and they see user reaction to what they do. So no need 100 post about the same.
I wrote one with atached supout.riff, but the max they pointet that I set wrong bucket size (it was a mistake in my set up commands), but the problems remained with default bucket sizes too, what I notified via e-mail too...100 email to support@mikrotik.com would be better.
Agreed, I would try the latest beta version if it wasn't for this unnecessary restriction being applied (with an invalid reason). I hope the restriction on CAKE is removed/reverted, at the very least. If they really want to have a better CAKE integration then they should engage for discussion and assistance. This restriction is both unnecessary and feels like a lazy decision.Give us CAKE back please this is the most senseless decision and is holding me back from upgrading to latest beta.
Otherwise please give us valid reason for relegating it to interface only, because the reason normis provided has been invalidated by several users now. This bizzare change is being questioned by everyone who was using cake, please provide a proper explanation to your concerned community of beta testers so we can also understand why this happened in the first place!!
Providing your ISP supports baby jumbo frame; you need to first set the eth port to MTU 1508; then PPP will use MTU 1500 :)Hi guys, I need help. Is there any chance how to override default MTU for PPPoE introduced in Release 7.2rc1?
*) pppoe - use default MTU of 1492;
I need higher (1500) but it is always changed to 1492 automatically. Previous versions were fine.
Thank you for any advice.
<br>Providing your ISP supports baby jumbo frame; you need to first set the eth port to MTU 1508; then PPP will use MTU 1500 :)Hi guys, I need help. Is there any chance how to override default MTU for PPPoE introduced in Release 7.2rc1?
*) pppoe - use default MTU of 1492;
I need higher (1500) but it is always changed to 1492 automatically. Previous versions were fine.
Thank you for any advice.
> queue/interface/set pppoe-out1 queue=cake-512k
failure: non rate limit queues are useless on this interface
Soon you will find certain forum gurus reply to your post that why you don't need PPP Accounting of sending IPv6 PD in radius accounting packet and justify mikrotik for it's non implementation.Please Solve issue of PPP Accounting of not sending IPv6 PD in radius accounting packet.............. Because of this we are unable to implement IPv6 in our network
We do need this, but it is not a bug - it is instead a feature that they have not implemented yet. It is an important feature, but I can understand why they are prioritizing it below fixing things that were working in ROS 6.Soon you will find certain forum gurus reply to your post that why you don't need PPP Accounting of sending IPv6 PD in radius accounting packet and justify mikrotik for it's non implementation.