|
This may be a good place to start: http://wiki.mikrotik.com/wiki/Traffic_Priortization,_RouterOS_QoS_Implemetation Basically the best way to find Mikrotik help is to look for someone who was nice enough to post a config of something they used themselves and got working, and the modify it to your own needs.
|
#
?
Jun 4, 2014 21:33
|
|
|
|
| # ? May 19, 2024 11:15 |
|
|
Cool, thanks for the link. Seems as good a starting point as any.
|
|
#
?
Jun 4, 2014 21:47
|
|
|
What is the cheapest LACP-capable gigabit switch you guys are aware of? The RB260GS with SwOS doesn't seem to do it, but I don't care if it is a mikrotik device or not.
|
|
#
?
Jun 13, 2014 14:58
|
|
Associate Christ
|
I would guess some HP or Dell Powerconnect (non-force10) switch would be least expensive.
|
|
#
?
Jun 13, 2014 15:18
|
|
|
Kaluza-Klein posted:What is the cheapest LACP-capable gigabit switch you guys are aware of? How many ports? The 8-port Netgear GS108T is under $100, and it's worked well for me.
|
|
#
?
Jun 13, 2014 15:34
|
|
|
So I'm going to end up getting Gigabit fiber to my house in the next 6 months, and now I need to get a router that can handle it. I have a little RB493G, and my 200 mbit service pegs the CPU at 99% when speedtesting, and my config only consists of a bridge to wifi works, dstnat for generic NAT, packet tagging for some internal routing witchery, and DNS/dhcp. What model router would you fine folks suggest that would allow me to setup QoS at 1 gbit/sec throughput?
|
|
#
?
Jun 13, 2014 20:41
|
|
|
http://routerboard.com/RB1100AHx2 Assuming you want a Routerboard something in that range or bigger. Lots of small, low power routers are not at all suited to the internet speeds that are becoming available for home users.
|
|
#
?
Jun 13, 2014 21:22
|
|
|
Wohoo, disabled tagging and CPU dropped from 99% to ~76ish. I might end up getting that one, but I'm not sure how badly QoS mangles the CPU. I may need to get the cloud core router, which is just silly powerful, but also stupid expensive.
|
|
#
?
Jun 14, 2014 08:38
|
|
|
thebigcow posted:http://routerboard.com/RB1100AHx2 Assuming you want a Routerboard something in that range or bigger. Lots of small, low power routers are not at all suited to the internet speeds that are becoming available for home users. You might as well just spend the extra $75 and get a CCR1009 if you want to be future-proof. That thing will easily push full-duplex gigabit speeds with a full set of firewall rules and QoS.
|
|
#
?
Jun 14, 2014 15:37
|
|
|
SamDabbers posted:How many ports? The 8-port Netgear GS108T is under $100, and it's worked well for me. falz posted:I would guess some HP or Dell Powerconnect (non-force10) switch would be least expensive. I should have said lots of ports is not important. In that case, a RB750GL might be the cheapest option...
|
|
#
?
Jun 14, 2014 15:47
|
|
|
Kaluza-Klein posted:I should have said lots of ports is not important. In that case, a RB750GL might be the cheapest option... It might be the cheapest, but LACP bonding on a RB750GL would force the traffic to be software bridged, rather than handled by the switch chip. A purpose-built managed switch would do it all on the switch chip at line rate.
|
|
#
?
Jun 14, 2014 16:45
|
|
|
The_Franz posted:You might as well just spend the extra $75 and get a CCR1009 if you want to be future-proof. That thing will easily push full-duplex gigabit speeds with a full set of firewall rules and QoS. I just dropped the cash for a CCR1009-8G-1S-1S+. Now I get to go hunting for a good set of QoS scripts on the forums. Anyone know of a decent guide for this kind of thing someplace?
|
|
#
?
Jun 17, 2014 19:03
|
|
|
How good are the CCR series? Reading that thread on their forums it looks like a horror show but maybe that's just a few weirdos.
|
|
#
?
Jun 19, 2014 16:39
|
|
|
thebigcow posted:How good are the CCR series? Reading that thread on their forums it looks like a horror show but maybe that's just a few weirdos. Brand new CPU architecture, brand new features, traditional Latvian Engineering. It doesn't help that it's brand new. I figure most of the really egregious poo poo will be fixed by RouterOS 7.X Apparently the MiPSbe architecture did the same thing years ago when it came out. My CCR should be arriving today, I'll take some unboxing pictures and some interface screenshots.
|
|
#
?
Jun 19, 2014 19:22
|
|
|
I read RouterOS changelogs almost exclusively to see hilarious bugs that exist on the CCR boxes. Oh, and I guess on all boxes.
|
|
#
?
Jun 19, 2014 21:56
|
|
|
falz posted:I read RouterOS changelogs almost exclusively to see hilarious bugs that exist on the CCR boxes. Oh, and I guess on all boxes. Like the most recent "oops your DHCP wasn't working or on or whatever"
|
|
#
?
Jun 19, 2014 22:17
|
|
|
jeeves posted:Like the most recent "oops your DHCP wasn't working or on or whatever" Yeah, there are some hilarious gems to be found in those changelogs. But it looks like from 6.0 to 6.15, they got most of those issues resolved. That and I'm not using this for much more than dstnat, some port forwarding and 1-to-1 NAT forwarding, and not much else. DNS/DHCP is done through my server 2012 box, and if the fancy QoS rules take a few months to end up working right, that's not a huge deal. Being able to actually route gigabit internet is.
|
|
#
?
Jun 19, 2014 23:11
|
|
|
Changelog: * WE MAKE GOOD LCD LIGHTS GO FAST NOW! IS BESTEST UPGRADE! * LCD NOW SHOW PRETTY PRETTY, IS BESTER THAN BEFORE * ETHERNET PORTS DISABLE SOMETIMES. IS SAD I think we've got a few of the CCR's around work and they seem to be doing well. The new RB951's are loads of fun - they have a powered ethernet port so you can use it for POE devices. Here's hoping the auto-sensing power stuff doesn't go buggy. Hahahahah. What's that burny smell?
|
|
#
?
Jun 19, 2014 23:11
|
|
|
Updated the OP with a few notes and changed some out of date sections. Ditched the programming guide I made way back when because it's just plain mortifying now. Happily, the defaults on an RB951 are sensible right out of the box so it needs as much programming as any Linksys or Netgear.
|
|
#
?
Jun 19, 2014 23:27
|
|
|
CuddleChunks posted:Updated the OP with a few notes and changed some out of date sections. Ditched the programming guide I made way back when because it's just plain mortifying now. Happily, the defaults on an RB951 are sensible right out of the box so it needs as much programming as any Linksys or Netgear. But butbutbut ANYPONY can program a Mikrotik! You have no god damned idea how hard that was to explain to a coworker when I was trying to get my RB493G working that first time.
|
|
#
?
Jun 19, 2014 23:46
|
|
|
Methylethylaldehyde posted:But butbutbut ANYPONY can program a Mikrotik! I am so ashamed of that stupid thing because when I made it, this pony poo poo was silly and fairly nice. Then the bronies arrived and oh dear god no, no more anypony programming guide. Hahahah, it was mostly made to irritate my coworkers. They still have a few paper copies hanging around the office. 
|
|
#
?
Jun 20, 2014 02:40
|
|
|
While these days it's pretty cringeworthy, it was a useful starting point to learn how to get a setup similar to the default config but that you actually set up yourself. I posted a couple of months back about replacing some Netgear Prosafe VPN routers for some clients. I deployed the Mikrotiks (RB493, RB750GL (2), RB750) for my client's VPN last month and so far there have been no problems. I had to add an extra to one site where I had intended to keep the original Netgear VPN router because every DynDNS script on almost every consumer router broke when DynDNS redid their security certificate after Heartbleed, and it's not like Netgear is going to update an ancient router's firmware. Luckily, with a RB750 I can just run an update script. My only big issues in the configuration of the VPN setup was that when setting up VPN between dynamic sites you have to have a script to update dyndns (or whatever) if the IP changes, and a script to update the IP addresses in the IPSec sections to match the dns records. Those were easy and are spelled out on a lot of mikrotik sites. Writing scripts wasn't too tough since you can test every line on the terminal. The tricky part was that at two sites the Mikrotiks are behind another router which has them set up as DMZ hosts on its LAN. On those the SA src address has to be the WAN of the mikrotik (despite being a static IP on the LAN of the other router) because the other router will NAT the packet again and change it to the correct address (the actual WAN IP at the site). I hadn't found any information about that particular setup online but I managed to figure it out based on the IPSec logs. The netgears didn't care about receiving packets destined for the "wrong" address (the WAN address), so they worked like normal despite the double nat. It's a little scary, really. Setting up Teamviewer on a PC at the remote site so you can configure both sides of the VPN at the same time turned out to be a huge time saver. Anyway, after the router swaps they're now getting the full bandwidth of their connections instead of the 5 megabit that the netgear would allow through the LAN port.
|
|
#
?
Jun 20, 2014 06:20
|
|
|
CuddleChunks posted:I am so ashamed of that stupid thing because when I made it, this pony poo poo was silly and fairly nice. Then the bronies arrived and oh dear god no, no more anypony programming guide. Hahahah, it was mostly made to irritate my coworkers. They still have a few paper copies hanging around the office. So initial trip report on the CCR1009, well built, has an actual power supply in the back (redundant even!). The on screen display is shockingly useful for doing the initial interface addressing, and to reset the config when you gently caress up the password because Logitech decided that cheaping out on a keyboard is a great idea. 200mbit/sec speed test went from 76-99% on my little RB493G to ~6% total load on the new CCR. Once the fiber shows up, I'm gonna have some fun just chewing on things. Just for shits and giggles, I think I'll set up the SPF+ port on it and see how it likes routing 10GbE iperf traffic.
|
|
#
?
Jun 20, 2014 10:49
|
|
|
Methylethylaldehyde posted:So initial trip report on the CCR1009, well built, has an actual power supply in the back (redundant even!). The on screen display is shockingly useful for doing the initial interface addressing, and to reset the config when you gently caress up the password because Logitech decided that cheaping out on a keyboard is a great idea. In any sort of production environment, be sure to set the LCD's PIN. I learned that you can reset the entire config from the LCD the hard way when one of my field techs was playing around with the unit as he was installing it at a wireless site.
|
|
#
?
Jun 20, 2014 15:55
|
|
|
It also shows the wpa key on 2011 and CRS models with wireless.
|
|
#
?
Jun 20, 2014 19:43
|
|
|
thebigcow posted:It also shows the wpa key on 2011 and CRS models with wireless. Ha. Just ha. Besides laffo stuff like that, and the VLAN insanity before they finally clamped down their lovely VLAN code into something workable post 6.12-- I've been enjoying learning the Mikrotik stuff.
|
|
#
?
Jun 20, 2014 23:06
|
|
|
Rexxed posted:While these days it's pretty cringeworthy, it was a useful starting point to learn how to get a setup similar to the default config but that you actually set up yourself. At work I'm maintaining our router programming script so when customers come in we can have a shiny new RB951 programmed and out the door for them in just a few minutes. It's a real joy to type in a couple settings (their user/pass for PPPoE, desired SSID and WPA key) and dump that into the terminal. There you go, all done. Hell, it takes longer to print out the labels for the outside of the case than it does to program. Methylethylaldehyde posted:Just for shits and giggles, I think I'll set up the SPF+ port on it and see how it likes routing 10GbE iperf traffic.  Glad to hear it's working well for you.
|
|
#
?
Jun 26, 2014 02:23
|
|
|
I got a rack mount RB2011 for a new project and while its spiffy it's a shame that it still uses a wall transformer for power and has the serial port in the back. I know it's due to the PCB layout but  At least it doesn't have the power connector from the original batch of 2011 boards.The new release of RouterOS includes a "Cloud" feature that has free DDNS and a lovely time server if you check the boxes. CAPsMAN is now included but I don't have a use for it so I haven't played with it at all.
|
|
#
?
Jun 26, 2014 21:10
|
|
|
I'm finally sick of my POS netgear, and I'm looking to upgrade for my home. Would either the RB750 or the RB2011iL-IN be reasonable choices for a home network? I'm not doing anything crazy, mainly Netflix by my wife and some steam downloading by me.
|
|
#
?
Jun 28, 2014 14:46
|
|
|
I am not a book posted:I'm finally sick of my POS netgear, and I'm looking to upgrade for my home. Would either the RB750 or the RB2011iL-IN be reasonable choices for a home network? I'm not doing anything crazy, mainly Netflix by my wife and some steam downloading by me. Sure, the default config for those routers are even setup similar to a consumer boxed router. Just beware that setting up mikrotiks vs. a consumer router is very different. Once they're running they're rock solid, however, and you won't need to alter the default config much to get them working with your setup unless you want to. http://wiki.mikrotik.com/wiki/Manual:Default_Configurations I'd suggest the RB750GL so you have gigabit ethernet ports, and then adding a small 5 or 8 port switch and/or a wireless access point if you need it for more ports and/or wifi. Getting a router with 10/100 ports is probably fine for general internet use but if you ever shuffle big files around your network you'll want a bit more bandwidth (do you do backups to a NAS, etc?)
|
|
#
?
Jun 28, 2014 15:55
|
|
|
How fast is your internet?
|
|
#
?
Jun 28, 2014 16:36
|
|
|
Instead of dicking around with winbox. Get an n66u or n66ac and flash it with tomato. All the benefits with none of the hassle
|
|
#
?
Jun 28, 2014 18:04
|
|
|
Nitr0 posted:Instead of dicking around with winbox. Get an n66u or n66ac and flash it with tomato. All the benefits with none of the hassle +1 I did this, but with a AC68U. No regrets, a lot easier to manage for home stuff.
|
|
#
?
Jun 28, 2014 21:30
|
|
|
I am not a book posted:I'm finally sick of my POS netgear, and I'm looking to upgrade for my home. Would either the RB750 or the RB2011iL-IN be reasonable choices for a home network? I'm not doing anything crazy, mainly Netflix by my wife and some steam downloading by me. I replaced an old tomato-firmware router with a 951G-2HnD for a similar use-profile and we've been completely happy with it, fwiw. Price-wise it's about the same (or even cheaper than) a decent consumer router; for a bit more "ok, you aren't a dickhead, figure it out already" in the config process you get a lot more flexibility. From unbox to done was maybe four hours for me, and that includes infant-wrangling time as a new parent plus my own curiosity and propensity to twiddle with things. NB: I gather things were a bit unstable in the RouterOS early 6.x versions; for the moment I'm on the latest 5.x release. As for hardware sizing, idk. My sample set is of size one, but we've had zero perf problems with the 951 and a half-dozen or so connected devices, streaming, hucking large files around for backups, etc. Of course our firewall ruleset is small and we aren't going nuts with vlans or qos rules or any of that either. I'm guessing you already have an AP; the 750GL looks pretty similar to the 951G so it may be a safe bet (and at < $60 msrp, not an expensive bet either). Sorry to be all fanboyish, I just am pleasantly surprised when I spend money on technology and it doesn't give me a huge headache somehow. 
|
|
#
?
Jun 29, 2014 05:56
|
|
|
Oh, and just in case it is useful, this ~40 minute video is a pretty good intro to the sort of home router/AP setup you might be looking at: https://www.youtube.com/watch?v=ulDefmf1ces (It's from ISP Supplies, who I eventually bought my 951 from. Again, small sample size, but they did well by us with a fair price and fast shipping.)
|
|
#
?
Jun 29, 2014 06:04
|
|
|
thebigcow posted:How fast is your internet? I've got a 20Mb connection, but I'm considering dropping to 15. Nitr0 posted:Instead of dicking around with winbox. Get an n66u or n66ac and flash it with tomato. All the benefits with none of the hassle I thought about that, but I'm wary of commmunity-supported code running on my router. I noticed that the OP seems to imply that it's possible to configure without Winbox(I don't have any windows machines) using telnet or a web browser, is that correct? Also, do they have any SOHO wireless AP that's 5ghz? I'm not seeing anything. I am not a book fucked around with this message at 16:24 on Jun 29, 2014 |
|
#
?
Jun 29, 2014 16:20
|
|
|
I am not a book posted:I thought about that, but I'm wary of commmunity-supported code running on my router. I noticed that the OP seems to imply that it's possible to configure without Winbox(I don't have any windows machines) using telnet or a web browser, is that correct? No, they recently announced a routerboard with 5 GHz support only, but they don't have any mixed frequency APs. My solution to this is a RB493G with two mini PCI-Express WLAN cards. EDIT: It's standard mini PCI apparently, 52nM or 52Hn (can't remember which one). xevz fucked around with this message at 12:14 on Jun 30, 2014 |
|
#
?
Jun 29, 2014 22:20
|
|
|
xevz posted:That is correct, Winbox runs perfectly in Wine though. I'll probably end up doing something similar for my old RB493G, adding a 5 Ghz N/AC card and antennas to the 2.4ghz A/B/G card. Edit: When Mikrotik decides to release it, sometime in 2015. Methylethylaldehyde fucked around with this message at 11:35 on Jun 30, 2014 |
|
#
?
Jun 30, 2014 11:12
|
|
|
It is pretty odd that they have so little 5ghz equipment.
|
|
#
?
Jul 1, 2014 04:33
|
|
|
|
| # ? May 19, 2024 11:15 |
|
|
I am not a book posted:I thought about that, but I'm wary of commmunity-supported code running on my router. I noticed that the OP seems to imply that it's possible to configure without Winbox(I don't have any windows machines) using telnet or a web browser, is that correct? You can config via the cli or via webfig; both have worked without issue for me (but I haven't been doing ninja-level stuff either). Winbox does work flawlessly in wine as someone else mentioned, at least as far as I messed with it. They don't seem to have an integrated SOHO router/AP device that's 5ghz; atm it seems like mostly 5ghz is in their dedicated wireless gear (e.g. groove, metal, basebox, etc.). I guess you could take one of the POE-capable wired routers and string a dedicated 5ghz AP off that POE port? (Or a regular non-POE wired router and use an injector, of course.) Given the new http://routerboard.com/RB953GS-5HnT bare board product, I'd imagine something integrated is coming down the pipe.
|
|
#
?
Jul 1, 2014 18:26
|
|