|
karoshi posted:For the other side I'll assume a default route. Add a static route on R-A pointing to R-B with a "distance" higher than 1 (the default distance for static routes) and vice versa. Again, you got yourself a nice routing loop if both upstreams are cut. I certainly know how OSPF, etc works, so I know what you're talking about. However, we implemented the Mikrotiks for the customer tonight and all but one failover scenario worked correctly. (Mind you, we have IPSec VPNs and whatnot also involved which makes this setup pretty rad because the IPSec failover is nearly instantaneous in our testing) OK, so current failing "failover" scenario: * Router A is master * Connections to LAN on are cut on Router A * Router B picks up as master for LAN's gateway * Router B has an extra link going back to Router A with OSPF going over it and all the VPNs * You can still contact all INTERNAL networks (local and over VPNs) that were advertised by OSPF. However, you can't access the internet because Router B isn't the master of the uplink so its default route is failing Thoughts? How can I get OSPF to tell the other router that it has access to the internet and inject a default route into its table telling it to go over the link between the routers? I'm very tired right now and haven't put a lot of thought into this scenario, but outside of scripting or possibly trying to add a second default route with a higher distance... I'm stumped We have equipment to test this tomorrow so hopefully we can come up with a solid and reliable solution.
|
# ? Feb 18, 2011 06:52 |
|
|
# ? May 15, 2024 03:37 |
|
feld posted:I certainly know how OSPF, etc works, so I know what you're talking about. However, we implemented the Mikrotiks for the customer tonight and all but one failover scenario worked correctly. (Mind you, we have IPSec VPNs and whatnot also involved which makes this setup pretty rad because the IPSec failover is nearly instantaneous in our testing) feld posted:
I'm a bit confused on why R-B doesn't have a default route active all the time. VRRP is removing the routes towards an active up/up interface when not master? Do you have static IP adresses on the physical ethernets in addition to the virtual router IP? But yeah, redistribute the default route into ospf, dont't give a gently caress. That's what routing protocols are for, not giving a gently caress.
|
# ? Feb 18, 2011 20:05 |
|
Turns out it just won't work with the Mikrotik VRRP solution. Full failover or bust. The way the VRRP works on there it will cause conflicts because both think they own the addresses when the link is cut. Note, this might not be the same conclusion for people who aren't doing a bridged interface for two links to from each Mikrotik to two switches as the interface would actually go down. Bridged interfaces don't really go down.
|
# ? Feb 18, 2011 20:06 |
|
Bumping for my new guide on how to setup a mikrotik to act like a home router with NAT-ing, port forwards and dhcp. I used Winbox for the examples to make this as easy as possible. This guide will change your life. I haven't tackled queueing in there because it's loving black magic but I'll try and get some guidelines cobbled together soonish.
|
# ? Feb 28, 2011 21:30 |
|
CuddleChunks posted:Bumping for my new guide on how to setup a mikrotik to act like a home router with NAT-ing, port forwards and dhcp. I used Winbox for the examples to make this as easy as possible. This guide will change your life. Also, this looks well done, but I can't help but hate you for it at the same time.
|
# ? Feb 28, 2011 23:12 |
|
CuddleChunks posted:Bumping for my new guide on how to setup a mikrotik to act like a home router with NAT-ing, port forwards and dhcp. I used Winbox for the examples to make this as easy as possible. This guide will change your life. I printed this out for my cabinet of files I may need. Also the ponies make me smile.
|
# ? Mar 1, 2011 00:34 |
|
That guide is awesome. Might prompt me into getting an RB750 to cut my teeth on.
|
# ? Mar 1, 2011 01:53 |
|
ClosedBSD posted:Would this work with the RB750 series? Yes, it will work just fine for the RB750. The major difference between the units is that the RB433 has a miniPCI slot with a wifi card in it and the RB750 doesn't have any such thing. Oh and the serial interface on the front of the RB433. Still, you see one more tab in my screenshots than you would on the RB750. I just didn't feel like editing shots of my home router or resetting it to defaults to build the walkthrough. As for the walkthrough itself, yes, I understand. I'm still laughing everytime I look at it. Just wait till I get around to doing queue trees and whatnot. Enotnert: thank you for the kind words. What's funny is that with about a dozen lines of the command line crap you can get all the same results, but for me I use Winbox all the time so I can visualize what the hell is going on. The command line is there but my CLI-fu is weak, especially when it comes to sorting and searching the results it generates. Caged: The RB750 is cheap as hell and immediately gives you 5 sexy 100Mbps ports. 1 gets used for a WAN and the other 4 for whatever you want. The 750G has gigabit ports which is a nice reason to pay the extra money. That's the one I got and love it to death.
|
# ? Mar 1, 2011 02:22 |
|
CuddleChunks posted:Enotnert: thank you for the kind words. What's funny is that with about a dozen lines of the command line crap you can get all the same results, but for me I use Winbox all the time so I can visualize what the hell is going on. The command line is there but my CLI-fu is weak, especially when it comes to sorting and searching the results it generates. Yeah, I mentioned that I have a buddy that got me into mikrotiks cause he works at a WISP thats mostly backended with mikrotik and point to points are handled by a mix of ubiquities and canopies. I sent that to him, and he said it had his boss (the owner) lolling like a motherfucker, but it's also good to show me some of the poo poo I keep loving up when I get drunk and gently caress around with the router. I should take some screen shots of the poo poo he littered around my router when he was teaching me how to do some junk on it. I was looking to forward ports one day, and opened where to do it with a load of entries labeled "get that port forward I sencha?" and "btw, I am vpn'd and checkin yer home security cameras"
|
# ? Mar 1, 2011 03:50 |
|
I'm thinking about buying the RB750G as the core router for a 150 person LAN party. It's going to replace a crappy P4 pfSense box. Somebody convince me that this is a bad idea.
|
# ? Mar 1, 2011 10:35 |
|
TOMSOVERBAGHDAD posted:I'm thinking about buying the RB750G as the core router for a 150 person LAN party. It's going to replace a crappy P4 pfSense box. I haven't tested it to 150 people, but I had one running in a test for our cloning system at work (just wanted to stress test it) over a bank of 115 computers. Seemed to work just jim dandy.
|
# ? Mar 1, 2011 14:39 |
|
Yeah the NAT table on the 750G is 32k entries. Unless everyone at the LAN party is going to be torrenting, I don't see any problems with that.
|
# ? Mar 1, 2011 16:23 |
CuddleChunks posted:Bumping for my new guide on how to setup a mikrotik to act like a home router with NAT-ing, port forwards and dhcp. I used Winbox for the examples to make this as easy as possible. This guide will change your life. This is gold. I think I have a VP convinced to present this in a video conference as our new documentation standard.
|
|
# ? Mar 1, 2011 16:50 |
|
yarrmatey posted:This is gold. I think I have a VP convinced to present this in a video conference as our new documentation standard. Hahahah holy poo poo. My dumb little guide is going places. I suppose I should sign my work.
|
# ? Mar 1, 2011 18:29 |
|
CuddleChunks posted:Hahahah holy poo poo. My dumb little guide is going places. I suppose I should sign my work. My buddy said it's now "required reading" for all new employees at the WISP he works at. Also, I read it 2-3 times today just cause the ponies crack my poo poo up.
|
# ? Mar 2, 2011 00:28 |
|
Does the 750G do multi-WAN worth a drat? Ideally I'd like source port based routing, along with NAT IP based routing. e.g Traffic on port 550 goes out WAN2, and anyone in the .200-.225 range also uses WAN2, but all other IPs, and all other ports use WAN1?
|
# ? Mar 3, 2011 00:12 |
|
Methylethylaldehyde posted:Does the 750G do multi-WAN worth a drat? Ideally I'd like source port based routing, along with NAT IP based routing. e.g Traffic on port 550 goes out WAN2, and anyone in the .200-.225 range also uses WAN2, but all other IPs, and all other ports use WAN1? Easy as poo poo. Packet marks, filter rules, zippity zap you be routing out your wan interfaces like a pro. This is the guide: http://www.mikrotik.com/testdocs/ros/2.9/ip/route.php Policy-based routing is the section to read.
|
# ? Mar 3, 2011 05:23 |
|
Looks like the microtik mum is coming up on the 10th. Fingers crossed for a more consumerish 750g wireless model.
|
# ? Mar 8, 2011 23:41 |
|
I've heard of MikroTik before but never really looked into it. If I wanted ADSL2+ connectivity I'd need a separate modem right?
|
# ? Mar 9, 2011 04:33 |
|
ruro posted:I've heard of MikroTik before but never really looked into it. If I wanted ADSL2+ connectivity I'd need a separate modem right? Correct.
|
# ? Mar 9, 2011 06:29 |
|
If someone were in the market to purchase a MikroTik for home use, what would be the ideal solution that provides Gigabit switching and wireless connectivity?
|
# ? Mar 20, 2011 17:19 |
|
I just got a new router but I'm looking at this one here: the 750G. It's $69.95, and the license for the OS is $45 so ~$115 before shipping.
|
# ? Mar 21, 2011 00:42 |
|
Oddhair posted:I just got a new router but I'm looking at this one here: the 750G. It comes with a level 4 license out of the box at the $70 price point. No extra purchases needed. For the person wanting a Mikrotik-based router and wifi AP there isn't a single product that combines the gigabit ports and wifi yet. Happily, there are rumblings that within a month they should have exactly that available for purchase. It would be worth waiting if you wanted to combine all of those features in a single mikrotik platform.
|
# ? Mar 21, 2011 03:56 |
|
Oops, I thought that had wireless for some reason. I still want one.
|
# ? Mar 21, 2011 16:42 |
|
Any thoughts on the RB250GS? I've been looking for some cheap managed gigabit switches for my home network and these are priced almost the same as the unmanaged D-Links I usually buy. I'm pretty much looking for VLAN support, preferably also with SNMP stats available per-port, anything else on top of that is a bonus.
|
# ? Mar 21, 2011 16:44 |
|
I'm happy to see others getting some use out of MikroTik as well. We use them exclusively at work (small business fulfilling government contracts) and they've saved us tons of cash over similar equipped Cisco offerings. We use the RB1000/RB1100 for our core network and RB532A/RB600A/RB433 for our outdoor wireless installations. They are stable, reliable and super easy to admin/deploy with WinBox. The queueing/mangle options really allow us to do some tricky things with our packets on the network. The only thing I don't like about MikroTik is their monitoring platform The Dude, but that's mostly because I'm a Nagios architect. I had to write some custom plugins to monitor our MikroTix gear over SNMP in Nagios, but for people who would want an easy (but ugly) monitoring tool would probably get a lot of use out of The Dude.
|
# ? Mar 21, 2011 17:23 |
|
How have I not seen this thread before now? I also work for a mom-and-pop ISP that uses Mikrotik for a lot of wireless stuff, both point-to-point backhaul and some AP-type stuff (though we're phasing some of that out in favor of Ubiquiti AirMax gear). My network is pretty small (peak times are around 70-80Mbps, 1100 or so residential users), but a decent-sized PC runs the whole thing, including a couple BGP feeds, and never breaks a sweat. On the other end, we have dozens of RB750s out there; a $40 router that can do just about anything you could want - how could you not love it? Most of ours are little DHCP servers, but we also give them to customers for things like failover and load-balancing. If there were a decent backup/restore system for RouterOS, instead of all your backups being chock-full of device-specific MAC addresses to the point that you just have to copy-and-paste five lines at a time and cross your fingers, it'd be the best thing ever. Edit: OP, you might want to put in how to remove an existing configuration from the terminal (/system reset-configuration), in case someone inherits a box whose config is unknown and they want to wipe it, but don't get the "I've just been reset" popup in the first screen of your magical walkthrough. Weird Uncle Dave fucked around with this message at 20:35 on Mar 21, 2011 |
# ? Mar 21, 2011 20:24 |
|
Weird Uncle Dave posted:Edit: OP, you might want to put in how to remove an existing configuration from the terminal (/system reset-configuration), in case someone inherits a box whose config is unknown and they want to wipe it, but don't get the "I've just been reset" popup in the first screen of your magical walkthrough.
|
# ? Mar 21, 2011 22:06 |
|
CuddleChunks posted:I'll see what I can do. I have ham-handedly helped with putting together some queueing systems and one of my coworkers is working with our other admins on learning some new hotness for queueing that will probably make all of my info obsolete. The OP of the MikroTik thread, scared of a little QoS? Also, I know at least one guy going for a MTCNA seminar in Lithuania. Too bad they don't really have them here in the USA.
|
# ? Mar 21, 2011 22:26 |
|
I have two RB133s. Can anyone recommend a firmware version that has fully working WPA? I'm on 4.11 now and I some of my devices can't connect with WPA turned on. It boggles the mind how a company like Mikrotik can release version after version of software and not fix a bug in one of the most important parts. I have been all over the Mikrotik forums and they acknowledge the bug and supposedly fixed it, but it seems to have come back... Is anyone else having this problem? IIRC, when WPA is active, something becomes wrong with the DHCP offers and they get rejected by some devices.
|
# ? Mar 22, 2011 06:28 |
|
I've been thinking about getting one of these for a while now. Would the RB493G be massive overkill compared to any of the other multi-WAN soho routers on the market? And do the wireless g/n cards they sell work well? Also, how much of a ratfucker is it to set of the routes using the GUI configuration tools they give you?
|
# ? Mar 22, 2011 07:36 |
wolrah posted:Any thoughts on the RB250GS? I've been looking for some cheap managed gigabit switches for my home network and these are priced almost the same as the unmanaged D-Links I usually buy. I'm pretty much looking for VLAN support, preferably also with SNMP stats available per-port, anything else on top of that is a bonus. I'm about 30 minutes into evaluating a couple, and as a managed switch, I'm a little disappointed. Rather than the software being based on RouterOS, it is a tiny 38KB image. Management seems to be http and SNMPv1 read only (no https, ssh, or telnet). The strangest thing of all is that they dispense with this quaint notion that IPv4 hosts need to have a netmask and a gateway to go with their IP address, and they basically implement the IP stack as reply-only, and instead of using an arp cache and routes, the switches just respond to the IP and MAC address of the original request. Probably not the device of choice if you have old fashioned notions about being RFC compliant, etc. So, I got all worked up and disappointed about the issues in this device, and then I remembered, it's + . If you are thinking about this vs a catalyst ... run away. If you are thinking about this vs an unmanaged D-Link, go nuts.
|
|
# ? Mar 22, 2011 16:52 |
|
Methylethylaldehyde posted:Also, how much of a ratfucker is it to set of the routes using the GUI configuration tools they give you? Bukakke-san posted:I have two RB133s. yarrmatey - Thanks for the writeup! CuddleChunks fucked around with this message at 18:59 on Mar 22, 2011 |
# ? Mar 22, 2011 18:17 |
|
CuddleChunks posted:It comes with a level 4 license out of the box at the $70 price point. No extra purchases needed. Sounds good, I'll just wait it out then. Do you have any more information on this? I'm interested in the learning experience behind the MikroTiks and it seems like they're fairly dependable.
|
# ? Mar 23, 2011 02:47 |
|
NOTinuyasha posted:The OP of the MikroTik thread, scared of a little QoS? QoS is the main thing that I hate about Mikrotiks. I can deal with the fact that setting up firewall rules is a bit more cumbersome than it needs to be. However, the QoS is atrocious -- they just tacked a GUI on the already terrible Linux QoS. I'm planning on selling mine for some pfsense compatible gear -- pf is a better firewall and does better QoS anyway. Mikrotik can't match empty ACK packets which kills its QoS potential. http://www.benzedrine.cx/ackpri.html
|
# ? Mar 23, 2011 04:33 |
|
feld posted:Mikrotik can't match empty ACK packets which kills its QoS potential. http://wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service I haven't done much queueing at home yet so I'll whip something up based on that guide and let you know how it works. It won't be very scientific but hey, it'll be a good learning exercise all around. COCKMOUTH.GIF posted:Sounds good, I'll just wait it out then. Do you have any more information on this? I'm interested in the learning experience behind the MikroTiks and it seems like they're fairly dependable.
|
# ? Mar 23, 2011 05:53 |
|
If you're like me and enjoy super fast reconvergence with BFD on Cisco, I'd reccomend you pop in to the feature request wiki and vote for BFD with echo mode support. Just edit the article (you'll need to register) and hit the signature button to sign your username and the date. RouterOS already has some great features but oh boy it can be struggle to get new ones in there.
|
# ? Mar 28, 2011 23:26 |
|
I've read through the thread and found it quite rewarding. However I just had one question before I look dumb in front of others trying to shill for this: Is it my-crow-tick or my-craw-tick?
|
# ? Mar 29, 2011 06:55 |
|
Scaramouche posted:my-crow-tick This one.
|
# ? Mar 29, 2011 10:09 |
|
|
# ? May 15, 2024 03:37 |
|
My boss met Normis and a couple other folks from the company at a conference a few years back, and they all pronounced it mick-row-tick.
|
# ? Mar 29, 2011 14:44 |