|
Boner Wad posted:I have an older n version of Time Capsule. I was testing on the 2.4 GHz radio of the Time Capsule. That's why I was confused why the Mikrotik has poo poo through put compared to the TC. http://wiki.mikrotik.com/wiki/MUM_2015_CZ The .ac products were announced at a MUM, click the new products presentation link on that page. They'll be out when they're out and not a day sooner.
|
#
?
Aug 3, 2015 04:39
|
|
|
|
| # ? Apr 27, 2024 06:04 |
|
|
Running into a couple of things that cursory googlefu is failing me on, or perhaps i'm not wrapping my head around the information right. NAT64 - I don't see anything specifically mentioning this on the wiki, is it a function that's there, but might be labeled as something else? DHCPv6 - For the life of me, I can't manage to get a host to pull in a DHCPv6 address, but I've been hearing that the Mikrotik implementation is half baked, I'm not sure exactly what I'm missing here. I definitely want to be able to see what leases are handed out. IPv6 Hostnames - When DHCP hands out addresses, it's able to get a reflection of what the hostname that currently has the IP address, any word on that here?
|
|
#
?
Aug 3, 2015 13:52
|
|
|
Atreus posted:Running into a couple of things that cursory googlefu is failing me on, or perhaps i'm not wrapping my head around the information right. No. And what service are you only that is only giving one address? Not sure but post your config and maybe we'll spot something. That doesn't work for ipv4 either.
|
|
#
?
Aug 3, 2015 18:23
|
|
|
redeyes posted:As for what I am doing, just hooking 2 houses together with a point to point bridge. Fastest speeds possible without spending a bunch. I have 50mb/10mb Comcast going into one end of the bridge.. to be determined by which location can actually get service. I will transfer files and stream videos so more is better but 40MB/s real time speed is just fine by me, so my problem is solved. Welcome to highspeed wireless networking: 
|
|
#
?
Aug 3, 2015 19:39
|
|
|
Has anyone else tried to do something similar to this? Basically I'd like to add a host name address to an access control list instead of using an IP address for the fear of the IP address changing. I have some routers configured so that the only connection that can be made over the Internet to said router is via winbox. I have a firewall rule, ACL, etc. configured so that only a specific source IP address can be allowed to remote in via winbox. I have to replace a cable modem soon that may result in the specific source IP address changing to something else. This means I wouldn't be able to remote into the routers until I get onto the LAN side, winbox in and update the address in the ACL. I'm basically just trying to find a way to use a host name instead of an IP address (perhaps one from IP -> Cloud?)
|
|
#
?
Aug 4, 2015 01:51
|
|
|
PUBLIC TOILET posted:Has anyone else tried to do something similar to this? Basically I'd like to add a host name address to an access control list instead of using an IP address for the fear of the IP address changing. I have some routers configured so that the only connection that can be made over the Internet to said router is via winbox. I have a firewall rule, ACL, etc. configured so that only a specific source IP address can be allowed to remote in via winbox. I have to replace a cable modem soon that may result in the specific source IP address changing to something else. This means I wouldn't be able to remote into the routers until I get onto the LAN side, winbox in and update the address in the ACL. I'm basically just trying to find a way to use a host name instead of an IP address (perhaps one from IP -> Cloud?) I had to do something similar for some VPNs on dynamic hosts and it involved writing scripts that run every 10 minutes or so to check the hostname versus the current IP address (using dyndns or another service to keep the hostname at each site updated). If the IP changed it would then change the entry in the settings for the vpn connection. It's been working for a year or so but it took me a couple of nights to write the scripts since I wasn't that familiar with mikrotik. It's a little frustrating that there's a lot of spots in RouterOS that will only take IP addresses, but I guess making you resolve them manually with a script at least lets you customize how often they update.
|
|
#
?
Aug 4, 2015 03:39
|
|
|
Latvia posted:What's new in 6.31 (2015-Aug-14 15:42): Happy day.
|
|
#
?
Aug 14, 2015 22:03
|
|
|
drk posted:Happy day. Our little Latvian router maker is growing up 
|
|
#
?
Aug 14, 2015 23:14
|
|
|
TWC rolled out MAXX to my neighborhood, I got the 300/20 plan but my old TomatoUSB E4200 maxes out at ~180-200Mbit WAN/LAN routing (w/ BCM_NAT or stock w/ CTF). I haven't used a MikroTik since my RB750G died but after buying and returning some dissapointing routers (Netgear R7000, Linksys EA6500, Airport Extreme) I gave in and bought a RB750Gr2 ('hEX'): ...and it's the best performer, by a large margin, for less than half the price. I'd like to run benchmarks and see what the actual routing/NAT performance limit is it but I don't have the hardware to test that kind of throughput. I'm still using TomatoUSB as a DHCP/DNS/VPN/etc server, there's a lot of features our Latvian friends neglected, but the hEX is worth it just as a gateway. As for 802.11ac, the five year old E4200 held it's ground and everything I care about is wired anyway, too many neighbors on 5GHz, including three with 80MHz 802.11ac. And I expect it to get worse because TWC is leasing MAXX customers simultaneous dual band Arris modem/routers now. Maybe I need to step up my game and setup some bridges with superchannel.
|
|
#
?
Aug 15, 2015 07:31
|
|
|
Any trip reports with 6.31, anecdotal or otherwise?
|
|
#
?
Aug 19, 2015 15:59
|
|
|
Tapedump posted:Any trip reports with 6.31, anecdotal or otherwise? I haven't updated anything since 6.29 because they removed the old wireless package and I don't have time to test the new one right now. The official thread should have all the regressions listed by now.
|
|
#
?
Aug 19, 2015 17:04
|
|
|
The old wireless package is on the machine and enabled by default if you are upgrading from a prior firmware. You have to go into /sys packages and switch it over from wireless-fp to wireless-cm to get the new stuff. Or don't. Both seem to work well at this point. We've been using 6.30.2 on a ton of RB951's and it seems to work pretty well. Nothing major to report. I don't think the WMM powersaving stuff is actually working correctly yet but that's just my impression from other folks who reported problems related to that. I don't have a wifi mikrotik at home to test with anymore so dunno if it's gotten better or stayed the same. We enable the setting and are switched to the new wireless package but like all of Latvian engineering: 
|
|
#
?
Aug 19, 2015 20:39
|
|
|
So my adventures with the new RB750Gr2/hEX didn't go so well. First, the speed I received, almost exactly ~343Mbit down, suspiciously close to DOCSIS 3.0 8-channel max downstream (though I'm getting 16x4, but there's more to it than that). My bet is TWC found a creative way to cap the speed at this tier. Which resulted in a really awful case of bufferbloat. That's an issue with my modem that didn't appear until it met a router that could saturate it. RouterOS software queues performed ~130Mbit at best. But it didn't really matter because it rarely got saturated. So I just set it up as a plain gateway. ...but then I started having all sorts of issues, in particular TCP connections dropping for no apparent reason. An iperf3 udp test complained loudly about packets arriving out of order (regardless of the quantity of traffic). I messed around with it (and disabled fasttrack) but couldn't solve the problem. Then I'd get random bouts of extremely high latency that could only be resolved by rebooting my modem every day or so. I've had an Arris/Motorola SB6183 for a while, had no prior problems... So I figured I'd downgrade, maybe an older version wouldn't suffer from these issues. 5.26 looked like a good place to start. It's even compatible with the brand new hEX routers according to MikroTik!  Except not at all  . It bricked immediately and I had to waste hours trying to restore it with Netinstall. I tried 5.26, 6.31, neither worked, only 6.32rc3 brought it back for some reason. There's no real documentation and not much on the forums. The full user guide is missing and the quick start guide was just copy pasted from another device. The reset instructions are poorly worded and refer to one LED when there's actually two...Bonus points it didn't have any obvious problems with my Wii U but Splatoon just refused to connect through it. Reminded me of my PS3 refusing to deal with my old 750G for no reason either years ago. So I'm starting to think RouterOS just doesn't like me. I was gonna ship it to the first goon who'd paypal me the cost of a flat rate box but I have some other ideas. It's just destined to serve another purpose I think.
|
|
#
?
Aug 23, 2015 18:53
|
|
|
I Installed the RP951G-2HnD as my main gateway/router/firewall about 3 weeks ago. I am running a full Mikrotik network now, so the RP951G as the main router/gateway, a couple RB941's (hAP lites) as wireless G/N units, and 2 RBSXT G-HPacD connecting my house to the main internet connection 600 ft away at my parents house. All running 6.30.2. So far I have not had to reboot anything at all, all is perfectly stable. Even enabled IPv6 on the 951G which wasn't too hard. So far I am loving loving the power and stability of these units. The price is outstanding for reliability and customization.
|
|
#
?
Aug 24, 2015 03:27
|
|
|
NOTinuyasha posted:So my adventures with the new RB750Gr2/hEX didn't go so well. Did you see what the CPU utilization was at those speeds? The numbers they claim on their website for models with that CPU are pretty out of line with other offerings and I'm assuming the test was misconfigured or just outright cooked.
|
|
#
?
Aug 24, 2015 14:54
|
|
|
Tapedump posted:Any trip reports with 6.31, anecdotal or otherwise? No issues so far on my RB951G-2HnD however I just use it for standard routing and wifi.
|
|
#
?
Aug 25, 2015 04:31
|
|
|
thebigcow posted:Did you see what the CPU utilization was at those speeds? The numbers they claim on their website for models with that CPU are pretty out of line with other offerings and I'm assuming the test was misconfigured or just outright cooked. I tried to do a local NAT performance test with iperf3 but all I have is my iMac and a USB 3.0 gigabit ethernet adapter that maxes out at 339Mbit. RouterOS CPU usage was <10%, but it suffered from the same problem with dropped connections and out of order packet delivery.
|
|
#
?
Aug 26, 2015 12:40
|
|
|
NOTinuyasha posted:I tried to do a local NAT performance test with iperf3 but all I have is my iMac and a USB 3.0 gigabit ethernet adapter that maxes out at 339Mbit. RouterOS CPU usage was <10%, but it suffered from the same problem with dropped connections and out of order packet delivery. Has anyone else reported this? You might be banging your head on what is simply a defective unit.
|
|
#
?
Aug 26, 2015 15:05
|
|
|
thebigcow posted:Has anyone else reported this? You might be banging your head on what is simply a defective unit. I definitely had a CCR1009 with a defective switch chip (ether1-ether4). It would drop packets randomly when doing high traffic-- when I moved the test off of the switch chip ports onto non-switch chip ports (ether5-ether8) it was fine. Try that, since I think those units have a switch chip as well. Edit - nope those are not the model I was thinking of. Anything with the RB750 type CPU isn't going to be able to handle a lot of software bridging traffic over a sustained time. They're more suited to honestly small bursts of gigabit traffic and mostly just sustained 100Mb traffic. We have dozens of CRS125 units (basically an RB750 CPU + 20 extra ports) that we tried doing light software bridging on and as soon as the traffic gets high enough the CPU shoots up to 50+ and it starts dropping packets. The moment we replaced the few problem points with CCR1009 units all of the problems went away and the CPU load is barely like 1-2%. Point of the matter is you kind of get what you pay for with Mikrotik's-- a lot of their stuff is meant to run as switches that they tacked on routing capabilities on to. Which is fine until it isn't-- so watch that CPU load. jeeves fucked around with this message at 16:27 on Aug 26, 2015 |
|
#
?
Aug 26, 2015 16:24
|
|
|
hEX is a new product with a different CPU than previous 750 models although I agree with your other points. You've done a bit of troubleshooting. If the default config isn't working on brand new equipment you should get it replaced.
|
|
#
?
Aug 26, 2015 17:35
|
|
|
So it looks like they finally added ipsec policy matching, i.e you can set your firewall rules to allow ports only if the traffic has been encrypted by IPSEC http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Filter quote:ipsec-policy (in | out, ipsec | none; Default: ) theperminator fucked around with this message at 23:21 on Aug 26, 2015 |
|
#
?
Aug 26, 2015 23:18
|
|
|
thebigcow posted:You've done a bit of troubleshooting. If the default config isn't working on brand new equipment you should get it replaced. I have no energy to deal with MikroTik and/or r0c-n0c, but especially MikroTik. There isn't even a listed warranty or return policy. I could send in an email begging for a replacement and probably get one but there's an excellent chance that unit is defective as well. Or as jeeves mentioned this behavior could just be normal for hEX + RouterOS because Latvia. I'll nerd out on it when I feel like nerding out but right now I work from home and this week in particular is especially important and I need my stable internet access back.
|
|
#
?
Aug 28, 2015 08:16
|
|
|
I just purchased a RB2011UiAS-2HnD-IN and it's connected to another MikroTik (RB951g) that's connected to our ISP and works fine. I've used the MikroTik before and know my way around the basics. On the new RB2011 I'm using ether1 to connect to the 951g which is set to default gateway (198.168.88.1) and I'm on the LAN with devices and happily browsing the Interwebs on the 192.168.200.0/24 network. What I don't know about is the configuring of a hotspot on this device. I've read everything I could on MikroTik's wiki (and some forums) and it actually seems like it should be fairly easy to set up. I've created a server profile, a DHCP range, users, etc. WiFi is working, but I'm never challenged to the hotspot login page. I see in the files list the files that should be loading, but I'm just sent straight out to the net when I'm connected to the wireless SSID. The first go at configuring in I was pasting lines from a how-to into the terminal window and I figured I got something quite wrong, so I did a hard reset to put the box back to default settings. I ran the hotspot setup wizard via the Web GUI (v. 6.32) and still no luck. Is there a particular setting that I'm missing to force the browser to default to the designated hotspot ip address for a login challenge html page? Is it a DNS issue? Is it because I'm routing to another MikroTik? Do I need to invoke some other firewall rule? One thing that differed from what screenshots I've seen is that there is a *default hotspot that I didn't create and it can't be deleted. Thanks in advance Goons! 
|
|
#
?
Aug 28, 2015 19:45
|
|
|
NOTinuyasha posted:I have no energy to deal with MikroTik and/or r0c-n0c, but especially MikroTik. There isn't even a listed warranty or return policy. I could send in an email begging for a replacement and probably get one but there's an excellent chance that unit is defective as well. Or as jeeves mentioned this behavior could just be normal for hEX + RouterOS because Latvia. You may have honestly gotten a defective unit, which is annoying. Contact your vendor about this, as Mikrotik doesn't take RMAs directly. If you're lucky they will ship you a replacement, because if you're unlucky they will ship the RMA back to Latvia and you'll get it fixed in 6 months. I mean, you'll get it... but yeah, 6 months. Remember, you get what you pay for with Mikrotiks-- they are cheap but they also are kind of a blank slate since you are saving money on them not having a real RMA infrastructure in the United States and also not really having the best user friendly OS.
|
|
#
?
Aug 28, 2015 20:09
|
|
|
Okay, so I've been looking at doing something with my router, was thinking of sending it back and getting a mikrotik. However, I do happen to have a VM box with ESXi on it, would it be feasible to load the router on there and get a decent AP?
|
|
#
?
Aug 28, 2015 21:54
|
|
|
Gothmog1065 posted:Okay, so I've been looking at doing something with my router, was thinking of sending it back and getting a mikrotik. However, I do happen to have a VM box with ESXi on it, would it be feasible to load the router on there and get a decent AP? A lot of people do this with pfSense. You need at least 2 ports in your ESXi host (one untrust, one trust).
|
|
#
?
Aug 28, 2015 23:02
|
|
|
Djimi posted:The first go at configuring in I was pasting lines from a how-to into the terminal window and I figured I got something quite wrong, so I did a hard reset to put the box back to default settings. I ran the hotspot setup wizard via the Web GUI (v. 6.32) and still no luck. I'm looking at one of our running hotspot devices and we've got things setup like so: - IP gateway for the hotspot users Let's say it's 192.168.5.1/24 - IP pool for dhcp addresses 192.168.5.2-192.168.5.100 - a bridge named Hotspot-Bridge - The main WLAN card set with SSID off and default forwarding off - A virtual AP called Hotspot-WLAN that has default auth ON and default forwarding OFF - It's the sole member of the Hotspot-Bridge - DHCP server handing out IP's in the hotspot-pool attached to the Hotspot-Bridge interface The hotspot config is probably pretty similar to what you get when running through the wizard. Make sure and build the appropriate web pages people are supposed to see when they hit your hotspot and then load them into the Files list on your MikroTik. Make a little folder for them on there. Point the hotspot wizard at that folder during setup so it can deliver the pages to people as part of them joining. I suspect that by turning off the auto-forward in the wireless settings that will start you down the right path.
|
|
#
?
Aug 29, 2015 00:43
|
|
|
Our work runs the ChilliSpot plugin on aging Linksys WRT units with DD-WRT firmware, so I can't help with any hotspot stuff running Mikrotik. ChilliSpot talks to a Radius server on our network that then remembers client machines once they hit accept on our splash page. I have no idea how to translate that over to Mikrotik, and hotspots are not really that big of a deal for us to make a huge priority for us. I think my work would love me to learn how to do that, but f that. So good luck? Let me know if you get it working (and now).
|
|
#
?
Aug 29, 2015 01:00
|
|
|
jeeves posted:You may have honestly gotten a defective unit, which is annoying. Contact your vendor about this, as Mikrotik doesn't take RMAs directly. If you're lucky they will ship you a replacement, because if you're unlucky they will ship the RMA back to Latvia and you'll get it fixed in 6 months. I mean, you'll get it... but yeah, 6 months. The prices are so drat cheap for these things.. just buy a new one. I hate to say that but the price is so low that even an hour of troubleshooting at normal computer tech rates would just have bought you a new router.
|
|
#
?
Aug 29, 2015 15:13
|
|
|
redeyes posted:The prices are so drat cheap for these things.. just buy a new one. I hate to say that but the price is so low that even an hour of troubleshooting at normal computer tech rates would just have bought you a new router. The one I RMA'd was one of their $900 CCR1036 units, but this is a viable option for their $60 models 
|
|
#
?
Aug 29, 2015 16:28
|
|
|
jeeves posted:The one I RMA'd was one of their $900 CCR1036 units, but this is a viable option for their $60 models Ouch. Yeah in that case I have no idea what I'd do. Not having a US company handle RMAs is almost a deal breaker.
|
|
#
?
Aug 29, 2015 19:04
|
|
|
redeyes posted:Ouch. Yeah in that case I have no idea what I'd do. Not having a US company handle RMAs is almost a deal breaker. Our Vendor (Baltic Networks) handled the RMA. It was a somewhat easy thing to diagnose (power supply blew) so they then sent it back Lativa once they verifed that RMA condition. The $400 CCR1009 that has a bad switch port I still need to RMA and I am kind of wondering if they are going to verify that it is bad too. But anyways, we mailed the CCR1036 to Baltic in January, and didn't get it back until July. We got it back though!
|
|
#
?
Aug 29, 2015 20:53
|
|
|
jeeves posted:Our Vendor (Baltic Networks) handled the RMA. It was a somewhat easy thing to diagnose (power supply blew) so they then sent it back Lativa once they verifed that RMA condition. The $400 CCR1009 that has a bad switch port I still need to RMA and I am kind of wondering if they are going to verify that it is bad too. But still, that is WAY too long of a RMA process to be able to count on these things in mission critical situations. Kind of a bummer.
|
|
#
?
Aug 31, 2015 15:12
|
|
|
redeyes posted:But still, that is WAY too long of a RMA process to be able to count on these things in mission critical situations. Kind of a bummer. Yes, it is not ideal. It is part of the whole 'you get what you pay for' thing with how cheap Mikrotiks are.
|
|
#
?
Aug 31, 2015 17:35
|
|
|
Ubnt just dropped EdgeOS 1.8 Alpha 1, which implements MPLS! They switched away from Quagga to a proprietary routing engine to do it though. Things are about to get more interesting in the low cost routing arena...
|
|
#
?
Sep 1, 2015 01:39
|
|
|
CuddleChunks posted:I suspect that by turning off the auto-forward in the wireless settings that will start you down the right path.
|
|
#
?
Sep 2, 2015 04:50
|
|
|
Great, we've just had a second $900 CCR1036 crash on us in the last month. Awesome.
|
|
#
?
Sep 2, 2015 05:19
|
|
|
jeeves posted:Great, we've just had a second $900 CCR1036 crash on us in the last month. Awesome. Is it possible the power adapter voltage / amperage has gone wacky? "Supported input voltage 13 V - 30 V" I'm sure you thought of that but its worth a multi-meter check.
|
|
#
?
Sep 2, 2015 16:14
|
|
|
redeyes posted:Is it possible the power adapter voltage / amperage has gone wacky? Two different sites, using the power cord that came with the unit. Thankfully our core sites running these things are still okay. I wonder if it is the firmwire/routerOS though, as both of these are on 6.27 and our core sites with no problems are still on like 6.19.
|
|
#
?
Sep 2, 2015 18:03
|
|
|
|
| # ? Apr 27, 2024 06:04 |
|
|
Fun fact: Mikrotik thinks 6.32's bugfixes should go into 6.30.4 versioning. Latvia!
|
|
#
?
Sep 2, 2015 18:04
|
|