|
Nystral posted:Does anyone have a number I can use to contact Roc-noc? they haven't responded to my query via the form yet. https://plus.google.com/117042725772999996270/about
|
# ¿ Jul 13, 2012 19:02 |
|
|
# ¿ Apr 19, 2024 17:07 |
|
EoIP +42. From the manual:http://wiki.mikrotik.com/wiki/Manual:Interface/EoIP#Notes posted:Note: EoIP tunnel adds at least 42 byte overhead (8byte GRE + 14 byte Ethernet + 20 byte IP) Seems like a bug, will confirm later next week.
|
# ¿ Jul 13, 2012 20:56 |
|
It has some type of setup wizard that should get you up and running right away. From there you can tweak it if you desire.
|
# ¿ Jul 31, 2012 21:16 |
|
thebigcow posted:Finally got around to plugging my R751G-2HnD. Is 47 out of 60 MiB normal memory usage when only one computer is running a few torrents?
|
# ¿ Aug 7, 2012 13:16 |
|
I've upgraded many many routerboards from 4.x to 5.x. Once, one had to be manually power cycled, then it came up fine. It wouldn't hurt to go to 4.17 first, and ensure the firmware (/system routerboard print; /system routerboard upgrade) is up to date as well.
|
# ¿ Aug 13, 2012 15:14 |
|
There's probably a few ways to get the software uploaded. I always just ftp upload the new package, reboot, '/system routerboard upgrade', reboot.
|
# ¿ Aug 13, 2012 19:07 |
|
Odd. Bad download/md5? If FTP upload was binary mode used? Like Dave, I've never had an upgrade issue that couldn't be fixed by a power cycle.
|
# ¿ Aug 13, 2012 21:13 |
|
Can you confirm that the serial console and settings work properly on another device? 115k is the default for Mikrotik, 9600 for pretty much any other router (Cisco, Juniper, etc). You could try this procedure: http://wiki.mikrotik.com/wiki/Manual:Netinstall
|
# ¿ Aug 15, 2012 18:21 |
|
http://www.balticnetworks.com/mikrotik-rackmount-adapter-for-routerboard-rb-750-series-triple.html
|
# ¿ Aug 17, 2012 19:56 |
|
Nystral posted:Tom is a great guy and incredably responsive. Virtual AP is pretty much the same, bridge your virtual interface to whatever bridge interface. Not posting any sample code for this, it's pretty pointy-clicky if you're using winbox. If you do need VLANs it's kind of annoying to configure trunk ports - to have multiple VLANs interfaces created- one for each vlan+physical interface combo. I seem to have this example documented already: code:
falz fucked around with this message at 22:13 on Aug 28, 2012 |
# ¿ Aug 28, 2012 21:51 |
|
I think RB1200 does as well, both for AES-128 only(?) I think. Documentation and confirmation seems to be hard to come by. If you need cheap crap to fit your needs, there's some embeded Cyrix (I think) x86 CPU that has built in crypto. Not remembering its exact name/model/etc though. Edit: v just suggesting if he has no budget which is my assumption since he's looking at Mikrotik. falz fucked around with this message at 18:12 on Oct 4, 2012 |
# ¿ Oct 4, 2012 17:36 |
|
Also, you should look at Juniper's SA SSLVN appliances. They're the best VPN devices I've experienced and have given the best user experience since you can do all sorts of fancy stuff and don't have to launch a traditional VPN client if you don't want to. Licensing can get expensive but it should be per concurrent user.
|
# ¿ Oct 4, 2012 18:16 |
|
We used a few and switched to more directional Mikrotik antennas. They're fine for a shorter point to point link (we could get 70mbps fdx on a ~1km link) Depending on what you're looking for, look at Ubiquiti instead. What are you trying to do?
|
# ¿ Oct 7, 2012 14:14 |
|
Yea they'll be more than fine as long as you have line of sight.
|
# ¿ Oct 7, 2012 17:07 |
|
Your choices are whatever is unlicensed in your country, 5ghz is your best choice though. I'd just do: * Qty 2 Nanobridge M5 22dBi * Qty 2 Lightning Surge Protection * Optionally Qty 2 RF Armor Set it to WDS bridge mode, MTU to 2024, you'll have a layer2 bridge that you can trunk over between buildings. You can adjust freq from 10-40mhz to get different speeds. Should cost you a few hundred $. Or get Ubiquiti Airfiber if you can find it, should be much easier to come by this spring. $3k gets you a 24ghz ~750mbps FDX link. MTU currently limited to 1500 but will be fixed in a firmware update at some point in the near future.
|
# ¿ Oct 9, 2012 15:41 |
|
Check out tessco.com, although their stuff is over priced. Others that are more reasonable that have less selection of antenna mounts: balticnetworks.com, streakwave.com, skywalker.com, doubleradius.com, wlanparts.com.
|
# ¿ Oct 12, 2012 21:45 |
|
Curious what you'd do with 2000 (or whatever a pallet is) cheap-rear end routers?
|
# ¿ Nov 28, 2012 01:02 |
|
What model? Some batches of R751's would flake out, but it could be fixed by powering it up with a higher voltage power supply (24vdc?) then back to the 12vdc that it came with. Somehow this was a permanent fix.
|
# ¿ Feb 10, 2013 18:14 |
|
MikroTik has a splash setup page for new/home users. For provisioning many, you can just paste a stock text config with a few variables changed.
|
# ¿ Feb 13, 2013 00:35 |
|
I haven't really used the web interface that much, but I think it may show it there. Otherwise it does in winbox.exe (which runs nicely under WINE if you're not a windows user). As for VPN performance, it depends on model and the type of encryption used. I haven't heard of any major issues, some of the upper models (rb1x00) have crypto offload.
|
# ¿ Feb 13, 2013 04:21 |
|
Actual VLANs and tagging are a pain in the butt in RouterOS. To keep things locally only you could just use different bridges and interfaces. To do tagging you have to mess with bridges, vlan interfaces, physical interfaces. to simply create vlan101 and 102 and tag on interfaces ether4 and ether5:code:
Oh and if you wanted these vlans to to l3: code:
|
# ¿ Apr 25, 2013 03:07 |
|
You could enable more logging topics on the tik, but really it sounds like troubleshooting step by step- ping gw, ping routed IP, ping hostname, telnet to a TCP port, etc.
|
# ¿ Apr 29, 2013 00:10 |
|
Sounds like an MTU issue. You need yo ensure path MTU discovery works end to end (basically don't block ICMP). You could manually mangle packets in routeros to do that too but blegh.
|
# ¿ Aug 14, 2013 18:50 |
|
They support several different types of VPNs. Are you talking point to point between sites or client VPNs for you to occasionally connect to a site?
|
# ¿ Sep 13, 2013 14:12 |
|
Sure you can do GRE or IPIP tunnels and encrypt with IPSec for the site to site links. That would allow you to run IGP (ospf) to allow traffic to other sites to follow other tunnels if you want to. However, depending on the # of sites you'll run in to scalability issues. 3 sites = 3 VPN tunnels on each router (9 configs), 4 = 16 configs, etc. I don't think RouterOS has any cisco-style DMVPN that I believe deals with that situation. Hub and spoke would be better if you had a logically central site, possibly a data center, where you could have a VPN to redundant routers at that location so each spoke site would only require two tunnels to a well connected/well peered up ISP. For client VPN you can take your pick - OpenVPN, PPTP, IPSec client. Also you should get some real point to point layer 2 connection if you want VOIP to work properly between sites. Trusting random DSL or cablemodem connections over the internet probably won't turn out so well. My $.02.
|
# ¿ Sep 13, 2013 14:54 |
|
RouterOS runs on x86 too. A few of the rb1xxx's have crypto offload as well.
|
# ¿ Sep 14, 2013 13:14 |
|
SIP natively has NAT issues. Does their SIP device support a STUN server? That would allow it to determine its public IP to put in the SIP header instead of its actual rfc1918 private IP. The sonicwall could've been doing some fuckery to rewrite the header with appropriate public IP.
|
# ¿ Sep 16, 2013 15:28 |
|
You may want to check to see if your SIP device supports STUN/Nat server entry anyway so you don't have to mess with the router's config to make it work (other than the NAT entry inbound)
|
# ¿ Sep 16, 2013 19:54 |
|
All of their routers run the same software and have the same features. There are some differences in license levels though.
|
# ¿ Oct 1, 2013 02:53 |
|
Upgrade to the latest 6 (6.4) before downgrading to see if it works there.
|
# ¿ Oct 1, 2013 22:02 |
|
IP-> DNS-> allow remote requests
|
# ¿ Oct 17, 2013 03:34 |
|
I was going to say the same thing, then realized that 'cheap copper gig ports' is the reason for tikswitch.
|
# ¿ Jan 15, 2014 01:28 |
|
jeeves posted:This is the reason my job (a local ISP branching out into heavy wireless infrastructure work) wants to use Mikrotik-- cheap gigabit switch that can maybe do router things. Basically they're trying to stop relying on Procurve 2980s and such. Prices are ebay-style.
|
# ¿ Jan 16, 2014 00:14 |
|
Or WINE, works fine there.
|
# ¿ Mar 21, 2014 16:35 |
|
is spanning-tree enabled on the bridge?
|
# ¿ May 20, 2014 00:59 |
|
add devices, if they're routeros add auth and it can see their interface. if not add the SNMP info and they can see their interface traffic. draw lines between things and specify which interface that line is associated with and it will display traffic on the link every few seconds. That's about all Ive ever used it for, works fine for that.
|
# ¿ May 20, 2014 16:00 |
|
Change your remote site wireless link to a routed /30. Won't fix your bug but that traffic and broadcast traffic will no linger be making GBS threads up the airwaves.
|
# ¿ May 23, 2014 00:07 |
|
I would guess some HP or Dell Powerconnect (non-force10) switch would be least expensive.
|
# ¿ Jun 13, 2014 15:18 |
|
I read RouterOS changelogs almost exclusively to see hilarious bugs that exist on the CCR boxes. Oh, and I guess on all boxes.
|
# ¿ Jun 19, 2014 21:56 |
|
|
# ¿ Apr 19, 2024 17:07 |
|
They were too busy designing moustache t-shirts to QA on their CCRs.
|
# ¿ Jul 18, 2014 23:06 |