|
Q3 came and went, no home AC Tik's. Sad.
|
#
?
Oct 8, 2015 14:22
|
|
|
|
| # ? May 22, 2024 18:26 |
|
|
"soon" I stumbled on these and have them on every RB2011's blue led. Now the green activity lights are the obnoxious ones.
|
|
#
?
Oct 8, 2015 15:56
|
|
|
I have a RB751 that I've been using in my apartment, and I think I'd like something a little more robust. I was looking at the RB850Gx2, but I'm vaguely put off by the PowerPC chip, and there are/were some packet size issues. My other contender is an RB493G, which is what I set up at my parent's house some time ago. It's a model that's been around for a few years, but it's certainly more robust. Edit: I'd be buying a new unit either way, the original 493 is staying at my parents - it covers their house and workshop really well. I have a Ubiquiti wifi bit to handle that, so I wouldn't need to add cards to the 493. Any strong thoughts about either? Alarbus fucked around with this message at 04:08 on Oct 10, 2015 |
|
#
?
Oct 10, 2015 03:54
|
|
|
I have a couple devices on my network that must use specific dns servers different than the default ones from my router and I don't want to set them statically on the client. Should be simple, yes? I added the two dhcp-server options:code: So my question is, what is the proper way to give a static DHCP lease different DNS servers? Edit: I tried to do this:  But it still doesn't give me two DNS servers: pre:Ethernet adapter Ethernet: Connection-specific DNS Suffix . : [redacted] Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet Physical Address. . . . . . . . . : [redacted] DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 10.42.23.100(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : October 10, 2015 2:40:38 PM Lease Expires . . . . . . . . . . : October 13, 2015 2:40:37 PM Default Gateway . . . . . . . . . : 10.42.23.1 DHCP Server . . . . . . . . . . . : 10.42.23.1 DNS Servers . . . . . . . . . . . : 208.122.23.23 NetBIOS over Tcpip. . . . . . . . : Enabled kiwid fucked around with this message at 19:43 on Oct 10, 2015 |
|
#
?
Oct 10, 2015 19:38
|
|
|
You need to specify both nameservers in one option definition, i.e code:
|
|
#
?
Oct 10, 2015 22:41
|
|
|
theperminator posted:You need to specify both nameservers in one option definition, i.e Great, thank you. It works.
|
|
#
?
Oct 10, 2015 23:47
|
|
|
What's the best way to go about linking two RB2011s through ethernet, so everything (wired and wireless) gets treated like they're on the same network? I had thought just plugging the two into each other would have worked (like two switches would) but I seem to have been mistaken.
|
|
#
?
Nov 8, 2015 23:14
|
|
|
xlevus posted:What's the best way to go about linking two RB2011s through ethernet, so everything (wired and wireless) gets treated like they're on the same network? If they're both brand new with the default configuration, one of them will be fine, but the other one you'll need to make a bit dumber to have it act as a switch connected to the first. On the one you designate as the "dumb" one, off the top of my head, you should just need to disable the DHCP server and change the IP address to 192.186.88.2 (it was probably 192.168.88.1 before) and that should really be all you need to do. Connect ethernet2 on one of them to ethernet2 on the other, see how you go. Ethernet1 might be designated as a gateway port or something, but see what happens.
|
|
#
?
Nov 9, 2015 02:59
|
|
|
I think only half of the ports on the RB2011s are on a switch chip, so you can only switch half of the ports. You need to wipe the config and then do: /interface ethernet set ether2 master-port=2 set ether2 master-port=3 set ether2 master-port=4 This will slave all of the 2-4 ports to ether1. In general it makes all 4 ports into one switch.
|
|
#
?
Nov 9, 2015 05:32
|
|
|
The gigabit ports and the fast ethernet ports are each on their own switch chip.
|
|
#
?
Nov 9, 2015 17:45
|
|
|
RouterOS v6.33 finally released. What's new in 6.33 (2015-Nov-06 12:49): *) dns - initial fix for situation when dynamic dns servers could disappear; *) winbox - dropped support for winbox v3.0beta and v3.0rc (use winbox v3.0); *) dhcpv6 - various improvement and fixes for dhcp-pd client and ippool6; *) defconf - fixed rare situation where configuration was only partially loaded; *) net - fix possible never ending loop when bad CDP discovery packet is received; *) log - make default disk file name to reside in flash dir if it exists; *) romon - change port list to be not ordered in export; *) capsman - limit number of simultaneous DTLS handshakes; *) capsman - fixed memory leak on CAP joining CAPsMAN when ssld is used; *) winbox - added allow-fast-path to eoip, gre & ipip; *) winbox - do not show power-cycle properties on non poe ports; *) l2tp: implemented PPPoE over L2TP in LNS mode, RFC3817; *) webfig - some of the setting were shifted to the right; *) packages - allow to reinstall from bundle to separate packages & vice versa; *) packages - prefer out of bundle packages when both of them are installed; *) packages - fix a problem of upgrading bundle package to non bundled ones; *) ipsec - force flow cache validation once in 1h; *) winbox - make sure that all setting names get shown in full; *) winbox - added poe power-cycle-ping settings to ethernet interfaces; *) ppp - handle properly case were ppp client is given same address for local & remote end; *) winbox - added vlan-mode & vlan-id to virtual-ap interface; *) winbox - added timeout column to ipv6 address lists; *) winbox - show SFP Tx/Rx Power properly; *) winbox - added min-links to bonding interface; *) winbox - do not show health menu on RB951Ui-2HnD; *) winbox - added support for Login-Timeout & MAC-Auth-Mode in hotspot; *) cerm - added option to disable crl download in '/certificate settings'; *) winbox - make user ssh key import work again; *) webfig - make "Copy to Access List" work in CAPsMAN Registration Table; *) userman - fix report generation problem which could result in some users being skipped from it; *) winbox - fix to allow cpu-port as mirror-target *) proxy - error.html parsing enhancement to improve performance *) CCR1072 - improve ether1 performance under heavy load *) routerboard - indicate RouterBOOT type in /system routerboard print; *) mpls - properly use mpls mtu for routes; *) cerm - fix key description for signed certificates; *) trafflow - report flow addresses in v1 and v5 without NAT awareness; *) hotspot - add mac-auth-mode setting for mac-as-passwd option; *) hotspot - add login-timeout setting to force login for unauth hosts; *) auto-upgrade - fixed auto upgrade for smipsbe; *) dns - do not create duplicate entries for same dynamic dns server addresses; *) ipsec - fix set on multiple policies which could result in adding non existent dynamic policies to the list; *) email - allow server to be specified as fqdn which is resolved on each send; *) fastpath - eoip,gre,ipip tunnels support fastpath (new per tunnel setting "allow-fast-path"); *) ppp, pptp, l2tp, pppoe - fix ppp compression related crashes; *) cerm - also accept downloaded CRLs in PEM format; *) userman - added 'history clear' to allow flushing undo history, which may take up significant amount of memory for huge databases with hundreds of users; *) health - fix voltage for CRS109, CRS112 and CRS210 if powered from external adapter; *) userman - added phone number support to signup form; *) ip pool6 - try to acquire the same prefix if info matches recently freed; *) ipsec - fix transport mode ph2 ID ports when policy selects specific ip protocol on initiator; *) ipsec - use local-address for phase 1 matching and initiation; *) route - fixed crash on removing route that was aggregated; *) ipsec - fix replay window, was accidentally disabled since version 6.30; *) ssh - allow host key import/export; *) ssh - use 2048bit RSA host key when strong-crypto enabled; *) ssh - support RSA keys for user authentication; *) wlan - improved WMM-PowerSave support in wireless-cm2 package; *) pptp & l2tp - fixed problem where android client could not connect if both dns names were not provided (was broken since v6.30); *) auto-upgrade - added ability to select which versions to select when upgrading; *) quickset - fixed HomeAP mode; *) lte - improved modem identification to better support multiple identical modems; *) snmp - fix system scripts table; *) tunnels - eoip,eoipv6,gre,gre6,ipip,ipipv6,6to4 tunnels now support dns name as remote address; *) fastpath - active mac-winbox or mac-telnet session no longer suspends fastpath; *) fastpath - added per interface fastpath counters; *) fastpath - added trafflow support in basic ipv4 and fasttrack ipv4 fastpath; *) ppp - added on-up & on-down scripts to ppp profile; *) winbox - allow to specify dns name in all the tunnels; *) pppoe - added support for MTU > 1492 on PPPoE; *) cerm - fix scep server certificate-reply degenerate PKCS#7 signed-data content; *) ppp-client - added default channels for Alcatel OneTouch L100V; *) defconf - fix for boards that had bridge with only wlan ports; *) ovpn: support OpenWRT ovpn clients (or any other with enable-small option enabled); *) cerm - use certificate file name for imported cert name; *) fetch - fixed error message when error code 200 was received; *) cerm - rebuild crl for local ca if crl file does not exist; *) winbox - make directed broadcasts work for neighbor discovery; *) upnp: automatically adjust mappings to new external ip change; *) ppp - added ppp interface to upnp internals/externals if requested; *) ppp - when adding ipv6 default route use user provided distance; *) userman - allow to correctly enable CoA on router; *) cerm - show crl nextupdate time; *) ppp - added CoA support to PPPoE, PPTP & L2TP (Mikrotik-Recv-Limit, Mikrotik-Xmit-Limit, Mikrotik-Rate-Limit, Ascend-Data-Rate, Ascend-XMit-Rate, Session-Timeout); *) ppp - added new option under "ppp aaa" - "use-circuit-id-in-nas-port-id"; *) userman - refresh active sessions/users view dynamically; *) package - added version tag and show everywhere alongside of version number; *) wlan - improved 802.11 protocol single connection TCP performance for ac chipset with cm2 package.
|
|
#
?
Nov 9, 2015 19:32
|
|
|
The amount of bugs they have is incredible. I will presume there are still that list *100.
|
|
#
?
Nov 9, 2015 19:48
|
|
|
Latvians posted:*) winbox - dropped support for winbox v3.0beta and v3.0rc (use winbox v3.0); Looks like Winbox 3.0 is finally out then.
|
|
#
?
Nov 9, 2015 20:04
|
|
|
So, I'm 90% of the way there. I've got:
But:
I'm guessing this is this a routing issue?
|
|
#
?
Nov 9, 2015 22:49
|
|
|
xlevus - what is your goal? what's the end target for hooking these two devices together? As jeeves said, the best way to do this (assuming you are adding the second RB2011 on as a dumb device) is to wipe its config and build only the things you need into the configuration. Unplug the second RB2011 (Bob) from the first RB2011 (Alice) and log in with Winbox. Click System -> Reset Configuration and choose to reset. Check "No default configuration" and then apply that. Wait for it to reboot and now you have an empty config on Bob. Log into Bob (username admin / blank password). Click on Bridge and click the + to add a new bridge. Just click OK and accept the defaults. Click the Ports tab and then go through and add all the interfaces to your new bridge1 interface. Click IP -> Addresses. Add a new address: - Address: 192.168.88.2/24 - Interface: bridge1 Click on WLAN and set up the wireless interface as you want. I wouldn't recommend doing that unless you plan on having these two devices separated by several rooms. Plug ether1 from Bob into any of the ethernet ports on Alice. There you go, you should be able to renew your IP address on your computer and talk out through the connection to the world with no packet loss or any further weirdness. I'd click on System -> Identity and change the name of Alice and Bob so it's clear which one you're using. Good luck!
|
|
#
?
Nov 10, 2015 03:37
|
|
|
Always blank out a router by telling it to reset configuration but with no defaults before using it. Mikrotik's default config has a bunch of lame crap in it. However you'll need to know how to serial port / MAC address via winbox into it on its blank slate. Also, while you're learning router OS, you should do an /export with the lame defaults they have, to get a handle of what they're doing for when you make your own fresh config. If you wanted to make one be your main router and make your second be a switch off of it, then you probably didn't need two of the same model. The routing would be done on the more powerful device, and the switched component can be done on a lower end switch model (RB750 set to switch mode via slaving) or something. I wouldn't recommend their pure switch models with the switch OS-- RB260GS or such. they have a lovely crippled web interface that doesn't use RouterOS and they're only like 20bux cheaper than a RB750. The only other bad thing with Mikrotik is that you can't slave a WLAN / wifi interface. I tried that since a wifi mikrotik is in a more central location than my more powerful router device, but you can't slave a wifi/wlan interface to a master port.
|
|
#
?
Nov 10, 2015 06:38
|
|
|
Basically, I live in a duplex apartment and not only is the WAN port on one corner/floor of the house, and my office on the other, there's a foot of concrete, insulation and foil membrane between the two. It's like living in two Faraday cages. So I've picked up a second RB2011 as the first one did the job well, with the exception of the WiFi signal. I've pretty much done what you've advised, built the configuration from the ground up on both devices. Bridges, WAN, DHCP server, NAT. The bare essentials with no default crap in there. And Ignoring the two caveats mentioned earlier, it works exactly as I'd expect. Export: https://gist.github.com/xlevus/26be54cc138892e71ec6
|
|
#
?
Nov 10, 2015 10:07
|
|
|
Is it working or are you still seeing the massive packet loss? The config looks a little odd to me so here are two configs, one for the master router and one for the slave. Make sure your firmware is at 6.23 or higher before running this. 6.30.4 is where I last stopped fiddling with MikroTiks so that one should work well. If you have something newer it should be okay though the syntax for the programming language may have changed. Note that both master and slave scripts are here. Look for the =================== separator. Clear that out, it won't work with the mikrotik programming language. http://pastebin.com/hyxr5KmJ Be sure and wipe the config on the device and remove the default config. That should hopefully give you a clean slate to work with. Hope this helps.
|
|
#
?
Nov 12, 2015 06:47
|
|
|
Yeah, the number one thing I recommend to anyone learning to use Mikrotik is to learn to clear all configs/settings on devices and set them to a blank slate before putting any new code on. With a completely blank slate you can basically drop any config onto a router that has been exported from another and it will copy all settings in its entirety-- except for user passwords. This is done via first /system reset-configuration no-defaults=yes skip-backup=yes Note: anytime there is any command with /or something in front, you can find it on the Winbox/http GUI as "System" in the side bar. So /system reset-config is "System -> Reset-config" on the GUI. /ip routes would be "IP" -> "Routes" windows/menus. Then, learn how to console into the device using either a straight console port (if your device has one) or using Winbox to detect the Mikrotik device as a MAC-address neighbor. You need to do this because the router is in a blank slate and thus is pretty much cut off from the world except via terminal console/mac address neighbor connections. The MAC-thing can be tricky, as I think things that don't have a switch chip (Cloud Core Routers) don't work with the MAC address connect. For CCR modes I usually give a dummy IP of like 10.0.0.1/24 via the LCD on the device, then connect in with that IP, then delete that IP when done. Plus if MAC-address 'console' connecting is pretty buggy at times, and can drop you for a lot of reasons randomly. So I only do like 25 lines at a time when copying in configs that way. I've made pretty good easy-to-ready templates for devices I use for my coworkers to hopefully learn (they never do, that is why they have me), so if you have any questions with CuddleChunk's config let me know. jeeves fucked around with this message at 07:52 on Nov 12, 2015 |
|
#
?
Nov 12, 2015 07:50
|
|
|
jeeves posted:I've made pretty good easy-to-ready templates for devices I use for my coworkers to hopefully learn (they never do, that is why they have me), so if you have any questions with CuddleChunk's config let me know. For my last job I built a little web interface that allows you to enter a username and password, ssid and wpa key and then it spits out the script. It lets you choose what platform you're using so it can spit out the right config for an rb951 or rb2011 or just generic bridge mode. It was pretty handy, it let us take down customer info and setup a router in a couple minutes. I love that about mikrotiks.
|
|
#
?
Nov 13, 2015 04:17
|
|
|
RB3011 is up on the products page. The design is similar to the 2011 but each switch chip has a 2 gbps link to the cpu.
|
|
#
?
Nov 24, 2015 19:17
|
|
|
thebigcow posted:RB3011 is up on the products page. The design is similar to the 2011 but each switch chip has a 2 gbps link to the cpu. I just bought the rb2011uias-2hnd-in, would it be worth it to return it and get the RB3011 version?
|
|
#
?
Nov 24, 2015 23:05
|
|
|
EcoBlue posted:I just bought the rb2011uias-2hnd-in, would it be worth it to return it and get the RB3011 version? I have serious doubts that we'll be seeing a non-rackmount 3011 with Wifi this year, but I'd like to be proven wrong.
|
|
#
?
Nov 25, 2015 02:44
|
|
|
You wouldn't happen to still have this file around would you? Only just been able to get back on this task.
|
|
#
?
Nov 25, 2015 23:04
|
|
|
xlevus posted:You wouldn't happen to still have this file around would you? Only just been able to get back on this task. Nope. I'll see what I can do to rebuild it.
|
|
#
?
Nov 27, 2015 21:44
|
|
|
CuddleChunks posted:Nope. I'll see what I can do to rebuild it. All I needed to do it seems was set up a DHCP Relay on the upstairs device and it all works with no issues. Got some other weird poo poo happening too, but it's probably mostly psychosomatic. Although, I think I do need to configure WDS, and I can't seem to get DHCP leases to use the local dns cache, instead of 8.8.8.8/8.8.4.4 Horse Clocks fucked around with this message at 21:05 on Nov 30, 2015 |
|
#
?
Nov 30, 2015 20:51
|
|
|
Having to run a DHCP relay would suggest that you're split across two broadcast domains for some reason. That might cause you problems in the future (service discovery, AirPlay etc.).
|
|
#
?
Nov 30, 2015 21:09
|
|
|
Our company has been getting by using CRS125 units as basic routers for a while (we have like 80 of them deployed now, but thankfully only half are being used as routers instead of switched VLAN endpoints), but it looks like CPU usage is finally starting to be an issue at places with high traffic. My CFO I think got spoiled by the price point (~$160) of the magical 24-port gig switches that can be band-aided into being a router too, but is balking at what we need to be using in some places, something like the ~$400 CCR1009. I am hoping the new RB3001 that is coming out will fill our need. It is 2x core 1.4GHz, whereas the CCR1009 is 9x core 1.2GHz-- both seem better than the 600Mhz CRS125, which is seems about the same CPU as the RB750 models. I think the CCR1009 is a bit of overkill for our basic routing without any real layer 7 stuff used, so maybe the RB3001 will be a nice way to fill the niche of "we just need something more powerful than an RB750/CRS125!" Does anyone know what the whole "10 Gig ports on two separate switch chips" means exactly with the RB2001/RB3001 series? Does it just mean I can't slave ether6-ether10 to ether1? We wouldn't be needing to do that with pure routing that we'd be doing. jeeves fucked around with this message at 00:45 on Dec 1, 2015 |
|
#
?
Dec 1, 2015 00:43
|
|
|
The 2011 and 3011 have two switch chips, the first gets ports 1-5, the second 6-10. Each switch chip has a single link to the CPU, traffic going from ports 1-5 to 6-10 has to be processed by the CPU. On the 2011 the first group is a gigabit switch chip with a single gigabit link to the CPU, the second group is 10/100 with a single 100mbit link to the CPU. On the 3011 both groups are gigabit, and each switch chip has a 2 gigabit link to the CPU unless you use the SFP cage. The 2011 has the same processor as the CRS units. The 3011 is some newer, vastly more powerful ARM processor but will probably come with the usual new architecture headaches.
|
|
#
?
Dec 1, 2015 04:35
|
|
|
Yeah, I wish that my CFO would just realize they've gotten really spoiled off of thinking the $160 CRS units are miracle 24 port awesome routers when they are not really.
|
|
#
?
Dec 1, 2015 08:59
|
|
|
They have benchmarks up. Assuming they didn't change the test the 3011 is several times faster than the 2011. http://routerboard.com/RB2011UiAS-RM http://routerboard.com/RB3011UiAS-RM
|
|
#
?
Dec 1, 2015 21:49
|
|
|
Why do these take such a huge performance hit with IP filter rules?
|
|
#
?
Dec 1, 2015 23:08
|
|
|
Prescription Combs posted:Why do these take such a huge performance hit with IP filter rules? No firewall means no work to do in software.
|
|
#
?
Dec 2, 2015 03:02
|
|
|
Even with no firewall rules, you need CPU to deal with anything that has to do with routing versus switching. It is the problem I have been having with my work relying so much on CRS125 units-- they are meant to be switches, but can do basic routing. But when you start putting 100Mbps+ through it, it starts choking. I can only imagine once you start putting a bunch of layer7 rules on top of it how much it would choke more.
|
|
#
?
Dec 2, 2015 19:00
|
|
|
Wonder what the cost difference is between the IPQ8064(ARM) and equivalent Cavium Octeon(MIPS) chips is. Seems like it would have made much more sense to go with the Cavium since most of their code is already written for MIPS.  The Caviums handle firewall rules incredibly well. I know the ZyXel ZyWall's and Cisco ASA 5506-X/5508-X/5516-X use them and for what they are they are incredibly quick.
|
|
#
?
Dec 3, 2015 01:14
|
|
|
Is there something going on with the latest update release? I am completely unable to update any settings on a brand new RB941-2nD. Winbox happly loatds the interface but applying any update loses connection and then all settings are not saved. Making me mad.
|
|
#
?
Dec 3, 2015 02:54
|
|
|
I'm looking for a new gigabit/wireless router for home use - is this the go-to model for what I need? http://routerboard.com/RB951G-2HnD Anyone else have one of these? What do you think?
|
|
#
?
Dec 3, 2015 18:10
|
|
|
Phayray posted:I'm looking for a new gigabit/wireless router for home use - is this the go-to model for what I need? http://routerboard.com/RB951G-2HnD I've got two of them set up, and they do pretty well and have good signal. I've had problems with the new haplites signal dropping where it wasn't strong enough, but these were fine. That is entirely anecdotal though. Apparently, there are supposed to be new versions of them capable of doing AC on the horizon, that they pushed out, so if you don't need it right away, it may be worth waiting. From a router standpoint, I've saturated the processor using qos, ipsec tunnels, and firewall rules. Should be able to do up to 100mb if you don't overdo it.
|
|
#
?
Dec 3, 2015 18:25
|
|
|
Atreus posted:I've got two of them set up, and they do pretty well and have good signal. I've had problems with the new haplites signal dropping where it wasn't strong enough, but these were fine. That is entirely anecdotal though. Apparently, there are supposed to be new versions of them capable of doing AC on the horizon, that they pushed out, so if you don't need it right away, it may be worth waiting. What's AC? This will be a really basic home setup, standard rules with a few forwarded ports. I'm in a small apartment on a 75/25 Mb connection so I doubt the range will be an issue, though I definitely want the wired gigabit ports.
|
|
#
?
Dec 3, 2015 19:40
|
|
|
|
| # ? May 22, 2024 18:26 |
|
|
Phayray posted:What's AC?
|
|
#
?
Dec 3, 2015 19:51
|
|