|
I've been screwing around in Winbox for the last three hours juggling three different PPTP clients with my 750G, partying it up on thursday night as usual. It's a rock solid router and I'm trying to convince my boss to start deploying these to clients. NOTinuyasha fucked around with this message at 20:09 on Feb 11, 2011 |
#
¿
Feb 11, 2011 01:02
|
|
|
|
| # ¿ Apr 28, 2024 01:16 |
|
|
CuddleChunks posted:Winbox *does* have a learning curve but I've found that the documentation on their wiki has been very helpful, but I have the distinct advantage of working with these every single day at work. Most official documentation only covers shell configuration. It gets worse if you run a pre-release like v5. You really need background in networking to figure it all out. Basic things come preconfigured (upnp is not one of those things, if I recall).
|
|
#
¿
Feb 15, 2011 00:29
|
|
|
CuddleChunks posted:Would it be helpful to put together some screenshots of common tasks or something? How about a walkthrough on setting up a basic NAT-ed home network with some ports forwarded? Thispony is most interested in queue trees, the official documentation is awful and I've never gotten it to work right. I'd be delighted to see some example configurations... I can see a raw beginners guide that translates common functions like 'port forwarding' into NAT/firewall entries in Winbox as useful for the thread since that sort of thing looks terribly overwhelming compared to home router UIs.
|
|
#
¿
Feb 15, 2011 01:06
|
|
|
CuddleChunks posted:
The OP of the MikroTik thread, scared of a little QoS? Also, I know at least one guy going for a MTCNA seminar in Lithuania. Too bad they don't really have them here in the USA.
|
|
#
¿
Mar 21, 2011 22:26
|
|
I'll see what I can do. I have ham-handedly helped with putting together some queueing systems and one of my coworkers is working with our other admins on learning some new hotness for queueing that will probably make all of my info obsolete.
|
Weird Uncle Dave posted:1W output power sounds probably-illegal (at least in the US) with just about any antenna people would use in the real world. I don't think MikroTik hardware is sold with any of the regulatory stuff in the US so does it really matter anyway?
|
|
#
¿
May 10, 2011 16:56
|
|
|
mono posted:I'm delving into the MikroTik world and I'm having a hell of a time with port forwarding. I followed the Anypony guide and although the forwarding works fine (I started with 80 and 443 to an SBS 2011 box and I can access it from the outside no problem) it kills any outgoing traffic to 80 and 443 from inside the network. I'm wondering if I screwed something up elsewhere in Winbox, or if I'm missing something. I'm running 5.5 on an RB750G (it had the same behavior before upgrading it to 5.5). Any help is appreciated. the rule either needs to filter traffic by destination address or in. interface
|
|
#
¿
Jun 28, 2011 03:22
|
|
|
krackpot posted:Does anyone have QOS setup? Just wondering if there are any good setups to throttle down torrent/newsgroup traffic and prioritize web/gaming etc? the way to do it is specify mangle rules to mark the packets, and then create a queue tree to limit and distribute bandwidth based on that marking. layer7 tagging works too, but at a higher cpu cost, and certain services may be untaggable. queue trees will do exactly what you tell them, so it's easy to create (subtly) broken setups if you aren't familiar with HTB. edit: the *only* way to do it NOTinuyasha fucked around with this message at 05:37 on Jul 11, 2011 |
|
#
¿
Jul 11, 2011 05:34
|
|
|
It's probably unrelated to the Mikrotik but it would be helpful if you could post both the client/server config files and the log from both ends.
|
|
#
¿
Sep 3, 2011 21:15
|
|
|
code:I don't really understand MikroTik's whole issue with loopback.
|
|
#
¿
Jan 6, 2012 18:37
|
|
|
mindphlux posted:so If you're looking for some sort of point-to-point bridge between routers you might want to consider EoIP, that's much cleaner. OpenVPN TAP adpaters are the coolest way to manage any client/server VPN (and that sounds more in-line with what you want), but MikroTik's implementation is total crap. All of that requires setup from the ground-up and a very specific set of requirements, it's probably not what you're looking for.
|
|
#
¿
Jan 10, 2012 20:20
|
|
|
The RB751G is now available - same as the RB751U, but with gigabit ethernet. http://routerboard.com/RB751G-2HnD
|
|
#
¿
Jan 20, 2012 17:32
|
|
|
The incoming queue tree isn't functional, unless you didn't intend to use it in the first place? You don't have any connection tracking set up, so... I don't think this rule will work as intended either: code:MikroTik QoS is still alien to me so I could very well be wrong about all that.
|
|
#
¿
Feb 24, 2012 06:23
|
|
|
Weiz posted:Yeah, its kind of a joke how people are waiting more than 1 year for fixes on real problems but they manage to find the time to add a SMB server to a router. The developers declined to add record types to the DNS server because "it's just a router" 
|
|
#
¿
Apr 8, 2012 01:25
|
|
|
Actually trying to prioritize specific types of traffic really isn't gonna work very well. If you do any sort of QoS at all, I'd just use a queue to ensure fairness between connected devices:code:code:code:
|
|
#
¿
Jun 19, 2012 15:29
|
|
|
You can sign up for Hurricane Electric's IPv6 tunnel service and push all DNS requests over that? That seems like a sane response to me. It's free and they probably have a tunnel server local enough that there's no impact on performance.
|
|
#
¿
Aug 20, 2012 04:23
|
|
|
It shouldn't matter if he's using the the RouterOS DNS server for his LAN, which is the default configuration. Though according to this thread, the built-in DNS server is totally busted and worth avoiding so there's no way to win.
|
|
#
¿
Aug 20, 2012 18:21
|
|
|
Got an SSL-related error too, not using a MikroTik router right now.
|
|
#
¿
Sep 12, 2012 11:01
|
|
|
NAT isn't supposed to be a firewall 
|
|
#
¿
Sep 25, 2012 01:24
|
|
|
If you're building something that thirty users will be relying on at a time, you shouldn't be looking at embedded crap.
|
|
#
¿
Oct 4, 2012 17:56
|
|
|
I don't have any problems with TWC and my 750GL. I'm using the Motorola SBG6580 modem that they gave me. You might want to try adding a switch between the modem and the MikroTik, that fixed connection issues with my co-worker's RB951G.
|
|
#
¿
Jul 4, 2013 17:23
|
|
|
That kind of sounds like an MTU issue. Try setting an MSS clamp to 1300 or something for outbound syn packets over the PPTP interface, like:code:
|
|
#
¿
Aug 5, 2013 22:40
|
|
|
If you want good performance you probably want ipip if possible, I've used that for months at a time and didn't have any problems. My 750GL can pull 30Mbps through it. That's not really a VPN but it might do what you want. I've tried the OpenVPN client too and I can confirm it's garbage, the connection randomly reset every 4-24 hours for no reason, the statistics don't work, and the speed is poo poo. Options for enabling udp and disabling the cipher would've helped but MikroTik hates it's users too much to add any of that.
|
|
#
¿
Aug 6, 2013 00:27
|
|
|
Oh poo poo. I have the ssh service disabled, but only to get rid of the log noise generated by bad logins. Isn't it enabled by default? That's gonna gently caress up a lot of people. Edit: Looks like you can only use that exploit to crash sshd, not gain access. So it's not really that big of a deal. NOTinuyasha fucked around with this message at 15:54 on Sep 3, 2013 |
|
#
¿
Sep 3, 2013 15:50
|
|
|
thebigcow posted:Updated the AP in the office to 6.17, now it can't talk to other IPv6 networks despite nothing else changing. I should know better than touching things on read only Friday. You violated rule number one of using RouterOS products: if it's working fine, don't upgrade. Don't upgrade ever unless you have a reason to. They break about as much in upgrades as they manage to fix.
|
|
#
¿
Jul 19, 2014 23:54
|
|
|
CrazyLittle posted:Cut MikroTik some slack. code:
|
|
#
¿
Aug 16, 2014 05:06
|
|
|
I am not a book posted:I'm about to pull the trigger on a 750GL. I absolutely need wifi though, is there a suggested AP besides an Apple product? If it's a home setup, buy a used Linksys E2000 (or E3000 if you need simultaneous dual band) off Amazon, it's the gold standard 802.11n router that the WRT54G(L) was to 802.11g. It's ancient but there's been no advancement besides 802.11ac, which (for a decent one) currently comes at a premium that's difficult to justify, especially if you don't have any devices that actually support it.
|
|
#
¿
Aug 26, 2014 19:46
|
|
|
NOTinuyasha posted:You violated rule number one of using RouterOS products: if it's working fine, don't upgrade. Don't upgrade ever unless you have a reason to. They break about as much in upgrades as they manage to fix.
|
|
#
¿
Oct 8, 2014 00:31
|
|
|
TWC rolled out MAXX to my neighborhood, I got the 300/20 plan but my old TomatoUSB E4200 maxes out at ~180-200Mbit WAN/LAN routing (w/ BCM_NAT or stock w/ CTF). I haven't used a MikroTik since my RB750G died but after buying and returning some dissapointing routers (Netgear R7000, Linksys EA6500, Airport Extreme) I gave in and bought a RB750Gr2 ('hEX'): ...and it's the best performer, by a large margin, for less than half the price. I'd like to run benchmarks and see what the actual routing/NAT performance limit is it but I don't have the hardware to test that kind of throughput. I'm still using TomatoUSB as a DHCP/DNS/VPN/etc server, there's a lot of features our Latvian friends neglected, but the hEX is worth it just as a gateway. As for 802.11ac, the five year old E4200 held it's ground and everything I care about is wired anyway, too many neighbors on 5GHz, including three with 80MHz 802.11ac. And I expect it to get worse because TWC is leasing MAXX customers simultaneous dual band Arris modem/routers now. Maybe I need to step up my game and setup some bridges with superchannel.
|
|
#
¿
Aug 15, 2015 07:31
|
|
|
So my adventures with the new RB750Gr2/hEX didn't go so well. First, the speed I received, almost exactly ~343Mbit down, suspiciously close to DOCSIS 3.0 8-channel max downstream (though I'm getting 16x4, but there's more to it than that). My bet is TWC found a creative way to cap the speed at this tier. Which resulted in a really awful case of bufferbloat. That's an issue with my modem that didn't appear until it met a router that could saturate it. RouterOS software queues performed ~130Mbit at best. But it didn't really matter because it rarely got saturated. So I just set it up as a plain gateway. ...but then I started having all sorts of issues, in particular TCP connections dropping for no apparent reason. An iperf3 udp test complained loudly about packets arriving out of order (regardless of the quantity of traffic). I messed around with it (and disabled fasttrack) but couldn't solve the problem. Then I'd get random bouts of extremely high latency that could only be resolved by rebooting my modem every day or so. I've had an Arris/Motorola SB6183 for a while, had no prior problems... So I figured I'd downgrade, maybe an older version wouldn't suffer from these issues. 5.26 looked like a good place to start. It's even compatible with the brand new hEX routers according to MikroTik!  Except not at all  . It bricked immediately and I had to waste hours trying to restore it with Netinstall. I tried 5.26, 6.31, neither worked, only 6.32rc3 brought it back for some reason. There's no real documentation and not much on the forums. The full user guide is missing and the quick start guide was just copy pasted from another device. The reset instructions are poorly worded and refer to one LED when there's actually two...Bonus points it didn't have any obvious problems with my Wii U but Splatoon just refused to connect through it. Reminded me of my PS3 refusing to deal with my old 750G for no reason either years ago. So I'm starting to think RouterOS just doesn't like me. I was gonna ship it to the first goon who'd paypal me the cost of a flat rate box but I have some other ideas. It's just destined to serve another purpose I think.
|
|
#
¿
Aug 23, 2015 18:53
|
|
|
thebigcow posted:Did you see what the CPU utilization was at those speeds? The numbers they claim on their website for models with that CPU are pretty out of line with other offerings and I'm assuming the test was misconfigured or just outright cooked. I tried to do a local NAT performance test with iperf3 but all I have is my iMac and a USB 3.0 gigabit ethernet adapter that maxes out at 339Mbit. RouterOS CPU usage was <10%, but it suffered from the same problem with dropped connections and out of order packet delivery.
|
|
#
¿
Aug 26, 2015 12:40
|
|
|
|
| # ¿ Apr 28, 2024 01:16 |
|
|
thebigcow posted:You've done a bit of troubleshooting. If the default config isn't working on brand new equipment you should get it replaced. I have no energy to deal with MikroTik and/or r0c-n0c, but especially MikroTik. There isn't even a listed warranty or return policy. I could send in an email begging for a replacement and probably get one but there's an excellent chance that unit is defective as well. Or as jeeves mentioned this behavior could just be normal for hEX + RouterOS because Latvia. I'll nerd out on it when I feel like nerding out but right now I work from home and this week in particular is especially important and I need my stable internet access back.
|
|
#
¿
Aug 28, 2015 08:16
|
|