from:"Shayne Lebrun"

[Mikrotik] MPLS TE tunnels

2018-05-19 Thread Shayne Lebrun

Say you've got two links between point A and point B.  You set up each link
with a traffic engineering bandwidth of 100 mb/s, which is correct, set up
your traffic engineering interfaces, MPLS, and some VPLS tunnels.

 

You then attempt to move 300 mb/s of traffic from point a to point b.  What
happens? 

a)  100 mb/s of traffic is simply dropped

b)  Each link is oversubscribed proportionately, leading to latency and
possibly packet loss

c)   Something entire different?

 

The reason I ask is that there can be challenges to defining bandwidth
availability on some kinds of links; wireless links that experience things
like rain fade or transient drops in modulation due to environmental effects
or temporary interference, rates with adaptive asymmetrical bandwidth
allocation, and so on.

-- next part --
An HTML attachment was scrubbed...
URL: 

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] ospf init bit

2016-07-21 Thread Shayne Lebrun

Oh, agreed: if it works, it works.  If it doesn't work, and it's not
something obvious like the wireless link having bad CCQs or tons of packet
loss, try NBMA.  It's only a few more steps to set up.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Scott Lambert
Sent: Thursday, July 21, 2016 3:14 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] ospf init bit

On Thu, Jul 21, 2016 at 01:38:37PM -0500, Terri Kelley wrote:
> Yup ubiquiti. Thought NBMA was more for wire
 
NBMA is for links where broadcast packets may not get through.  

I run OSPF in point-to-point mode over my UBNT links.  I don't filter
multicast on the UBNT devices and I enable WDS mode.

I haven't had much trouble with OSPF via UBNT since airOS 5.3.  Before that,
there were lots of issues and NBMA / point-to-point were the only solutions.
Point-to-point is less work to configure, so I just use that.  There are two
devices in a point to point configuration so I figure it feels correct to
put OSPF into that mode anyway.

 
> -Original Message-
> From: Shayne Lebrun <sleb...@corebroadband.ca>
> To: 'Mikrotik discussions' <mikrotik@mail.butchevans.com>
> Sent: Thu, 21 Jul 2016 1:35 PM
> Subject: Re: [Mikrotik] ospf init bit
> 
> What sort of wireless link is it between the two radios?  I'm going to go
out on a limb and guess Ubiquiti?
> 
> In any event, try NBMA.
> 
> -Original Message-
> From: mikrotik-boun...@mail.butchevans.com 
> [mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Terri 
> Kelley
> Sent: Thursday, July 21, 2016 12:37 PM
> To: mikrotik@mail.butchevans.com
> Subject: [Mikrotik] ospf init bit
>
> Having an issue on a link between two 750s where I???m getting on the
> 750Gr2 end; Database Description packet has init bit set in middle of 
> an exchange messages all the time. This link will get to the point it 
> doesn???t pass traffic anymore and about the only way to get it to run 
> again is do a hard reboot. The other end is a 750GL. Between the two 
> are UBNT Titaniums in bridge mode. Everything is been changed out at 
> both ends except the 750GL.
>
> OSPF is set for point to point since it is basically wireless between 
> the two 750s. The same setup exists for another link off the Gr2 and I 
> do not get that message for that neighbor nor do I get it through the 
> Mimosa bridge off that router. Running v6.35 on all of them.
>
> Any clues what the cause of this is?
> 
> 
> --
> Terri Kelley
> Network Engineer
> 254-697-6710
> Farm to Market Broadband
> -- next part -- An HTML attachment was 
> scrubbed...
> URL: 
> <http://mail.butchevans.com/pipermail/mikrotik/attachments/20160721/41
> 7e7013/attachment.html> 
> ___
> Mikrotik mailing list
> Mikrotik@mail.butchevans.com
> http://mail.butchevans.com/mailman/listinfo/mikrotik
> 
> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
> RouterOS
> 
> ___
> Mikrotik mailing list
> Mikrotik@mail.butchevans.com
> http://mail.butchevans.com/mailman/listinfo/mikrotik
> 
> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
> RouterOS
> -- next part -- An HTML attachment was 
> scrubbed...
> URL: 
> <http://mail.butchevans.com/pipermail/mikrotik/attachments/20160721/e5
> 1b86d8/attachment.html> 
> ___
> Mikrotik mailing list
> Mikrotik@mail.butchevans.com
> http://mail.butchevans.com/mailman/listinfo/mikrotik
> 
> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
> RouterOS

-- 
Scott LambertKC5MLE   Unix SysAdmin
lamb...@lambertfam.org
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] ospf init bit

2016-07-21 Thread Shayne Lebrun

UBNT and OSPF is a known issue.  Something about how they sometimes don't deal 
with multicast properly.  NBMA eliminates that, as it doesn't use multicast.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com 
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Terri Kelley
Sent: Thursday, July 21, 2016 2:39 PM
To: 'Mikrotik discussions'
Subject: Re: [Mikrotik] ospf init bit

Yup ubiquiti. Thought NBMA was more for wire

Terri Kelley
Network Engineer
254.697.6710
Farm to Market Broadband

-Original Message-
From: Shayne Lebrun <sleb...@corebroadband.ca>
To: 'Mikrotik discussions' <mikrotik@mail.butchevans.com>
Sent: Thu, 21 Jul 2016 1:35 PM
Subject: Re: [Mikrotik] ospf init bit

What sort of wireless link is it between the two radios?  I'm going to go out 
on a limb and guess Ubiquiti?

In any event, try NBMA.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com 
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Terri Kelley
Sent: Thursday, July 21, 2016 12:37 PM
To: mikrotik@mail.butchevans.com
Subject: [Mikrotik] ospf init bit

Having an issue on a link between two 750s where I’m getting on the 750Gr2 end; 
Database Description packet has init bit set in middle of an exchange messages 
all the time. This link will get to the point it doesn’t pass traffic anymore 
and about the only way to get it to run again is do a hard reboot. The other 
end is a 750GL. Between the two are UBNT Titaniums in bridge mode. Everything 
is been changed out at both ends except the 750GL.
OSPF is set for point to point since it is basically wireless between the two 
750s. The same setup exists for another link off the Gr2 and I do not get that 
message for that neighbor nor do I get it through the Mimosa bridge off that 
router. Running v6.35 on all of them.

Any clues what the cause of this is?

--
Terri Kelley
Network Engineer
254-697-6710
Farm to Market Broadband
-- next part --
An HTML attachment was scrubbed...
URL: 
<http://mail.butchevans.com/pipermail/mikrotik/attachments/20160721/417e7013/attachment.html>
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
-- next part --
An HTML attachment was scrubbed...
URL: 
<http://mail.butchevans.com/pipermail/mikrotik/attachments/20160721/e51b86d8/attachment.html>
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] ospf init bit

2016-07-21 Thread Shayne Lebrun

What sort of wireless link is it between the two radios?  I'm going to go out 
on a limb and guess Ubiquiti?

In any event, try NBMA.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com 
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Terri Kelley
Sent: Thursday, July 21, 2016 12:37 PM
To: mikrotik@mail.butchevans.com
Subject: [Mikrotik] ospf init bit

Having an issue on a link between two 750s where I’m getting on the 750Gr2 end; 
Database Description packet has init bit set in middle of an exchange messages 
all the time. This link will get to the point it doesn’t pass traffic anymore 
and about the only way to get it to run again is do a hard reboot. The other 
end is a 750GL. Between the two are UBNT Titaniums in bridge mode. Everything 
is been changed out at both ends except the 750GL.
OSPF is set for point to point since it is basically wireless between the two 
750s. The same setup exists for another link off the Gr2 and I do not get that 
message for that neighbor nor do I get it through the Mimosa bridge off that 
router. Running v6.35 on all of them.

Any clues what the cause of this is?

--
Terri Kelley
Network Engineer
254-697-6710
Farm to Market Broadband
-- next part --
An HTML attachment was scrubbed...
URL: 

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Using switch port as VLAN access port on an RB750G?

2016-04-21 Thread Shayne Lebrun

If you're not doing any firewalling or anything, and it sounds like you're not, 
make sure FastPath is turned on, your 750 is reasonably up to date with both 
RouterOS software and routerboard firmware, and you probably are indeed going 
to get wire speed, or close enough for jazz.

Test it and see.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com 
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Benoit Panizzon
Sent: Thursday, April 21, 2016 5:47 AM
To: Mikrotik discussions
Subject: [Mikrotik] Using switch port as VLAN access port on an RB750G?

Dear Community

I have a Mikrotik RB750G between two switches which I abuse as a 'fill in' 
switch from which I need to access one specific vlan in access mode (untagged 
on the wire) through one port.

'Switch all Ports' is on on the Mikrotik.

The two Switches are connected to ether1 and ether5

ether 2 to 5 are slaves of ether1

Both switches send untagged packets and tagged packets between their interfaces 
via mikrotik ether1 <=> ether5

This works fine and transparently. The mikrotik is not touching the vlan 
headers in transit and I get the untagged packets on the mikrotik. If I create 
a vlan interface with a specific ID, I get the tagged packets on that interface.

My Goal is to use ether3 on the Mikrotik als 'Access' Port for vlan 5.

When I do the following:

Remove the master 'ether1' from ether3.
Create vlan Interface 'vlan5' with master 'ether1'
Create a bridge 'br-vlan5' with Members 'vlan5 and ether3'

I can use ether3 as access port. A client on the wire of ether3 is isolated in 
vlan 5 of my network.

But that goes through the Mikrotik CPU and can probably not reach wire speed.

So I did the following:

Have ether2 to 5 as slaves of ether1.

On the switch 'ports' config of ether3:
=> vlan mode => secure
=> vlan header => always strip
=> default vlan id => 5

On the switch 'vlan' config of ether3:
=> Vlan id 5, Port ether3

As I understand the Wiki, this should only send packets with vlan ID 5 out of 
ether3 and strip the header, so they leave the wire untagged.

Untagged incomming packets should get tagged with ID 5.

I did play around a bit with vlan mode, or adding all three involved ports on 
the switch 'vlan' settings.

Unfortunately none of my experiments worked. Untagged 'ingress' packets seem 
not to get tagged.
Untagged packets who travel from ether1 to ether5 also leave ether3 untagged 
(like IPv6 RA) and don't get filtered out.

Any idea how I can use the switch features to create a wire speed access port 
in a specific vlan?

-Benoît Panizzon-
-- 
I m p r o W a r e   A G-Leiter Commerce Kunden
__

Zurlindenstrasse 29 Tel  +41 61 826 93 00
CH-4133 PrattelnFax  +41 61 826 93 01
Schweiz Web  http://www.imp.ch
__
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

[Mikrotik] SNMP read from Mikrotik

2015-05-04 Thread Shayne Lebrun

Is there a way to have a script on a Mikrotik router perform an SNMP read
against a remote device?

-- next part --
An HTML attachment was scrubbed...
URL: 
http://mail.butchevans.com/pipermail/mikrotik/attachments/20150504/d44a98d4/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] SNMP read from Mikrotik

2015-05-04 Thread Shayne Lebrun

Neither of those things would help a script, running on the mikrotik, do an
SNMP read. They'd certainly help a device upstream of the mikrotik talk to
something downstream, assuming there was a firewall in the way.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Josh Luthman
Sent: Monday, May 4, 2015 2:07 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] SNMP read from Mikrotik

Or tunnel it through


Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

On Mon, May 4, 2015 at 1:58 PM, D. Ryan Spott rsp...@irongoat.net wrote:

 I would just do a port forward through the mikrotik to the device 
 behind it.

 ryan


 On 5/4/15 10:57 AM, Shayne Lebrun wrote:

 Is there a way to have a script on a Mikrotik router perform an SNMP 
 read against a remote device?

 -- next part -- An HTML attachment was 
 scrubbed...
 URL: 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20150504/d4
 4a98d4/attachment.html
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS


 --
 D. Ryan Spott | Iron Goat Networks, llc broadband | telco | colo | 
 community PO Box 1232 / 603 W. Stevens Sultan, WA 98284
 360-799-0552 | gtalk: rsp...@irongoat.net

 -- next part -- An HTML attachment was 
 scrubbed...
 URL: 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20150504/a2e
 885f6/attachment.html
 

 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS

-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20150504/93404dba
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] SNMP read from Mikrotik

2015-05-04 Thread Shayne Lebrun

I'm thinking more max bandwidth on an MPLS traffic engineering tunnel, but
exactly.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Wayne Hancock
Sent: Monday, May 4, 2015 4:00 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] SNMP read from Mikrotik

I'd love this type of functionality, you could have OSPF costs adjust based
on the speed of an upstream wireless link, etc.. 

I don't know that there is any way to make that kind of data available to a
script running on a MikroTik.  

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Shayne Lebrun
Sent: Monday, May 04, 2015 1:54 PM
To: 'Mikrotik discussions'
Subject: Re: [Mikrotik] SNMP read from Mikrotik

Neither of those things would help a script, running on the mikrotik, do an
SNMP read. They'd certainly help a device upstream of the mikrotik talk to
something downstream, assuming there was a firewall in the way.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Josh Luthman
Sent: Monday, May 4, 2015 2:07 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] SNMP read from Mikrotik

Or tunnel it through


Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

On Mon, May 4, 2015 at 1:58 PM, D. Ryan Spott rsp...@irongoat.net wrote:

 I would just do a port forward through the mikrotik to the device 
 behind it.

 ryan


 On 5/4/15 10:57 AM, Shayne Lebrun wrote:

 Is there a way to have a script on a Mikrotik router perform an SNMP 
 read against a remote device?

 -- next part -- An HTML attachment was 
 scrubbed...
 URL: 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20150504/d4
 4a98d4/attachment.html
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS


 --
 D. Ryan Spott | Iron Goat Networks, llc broadband | telco | colo | 
 community PO Box 1232 / 603 W. Stevens Sultan, WA 98284
 360-799-0552 | gtalk: rsp...@irongoat.net

 -- next part -- An HTML attachment was 
 scrubbed...
 URL: 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20150504/a2e
 885f6/attachment.html
 

 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS

-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20150504/93404dba
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Split-horizon on CRS125

2015-02-12 Thread Shayne Lebrun

Any old number you want.  They're completely arbitrary.  But, any port in a 
bridge with the same horizon, traffic won't go from one to the other.

So yeah, if you wanted two separate partitions, some would have horizon 1, some 
would have horizon 2.  If you have, say, a VPLS tunnel as part of the bridge, 
you put it on a different horizon, so traffic from it can go to all the other 
ports, and traffic from any port can go to it, but traffic can't go from port 
to port.

/interface bridge add name=mybridge
/interface bridge port add bridge=mybridge interface=ether1 horizon=1 
/interface bridge port add bridge=mybridge interface=ether2 horizon=1 
/interface bridge port add bridge=mybridge interface=ether3 horizon=1 
/interface bridge port add bridge=mybridge interface=ether4 horizon=1
/interface bridge port add bridge=mybridge interface=ether5 horizon=1
/interface bridge port add bridge=mybridge interface=my-vpls-tunnel horizon=2

-Original Message-
From: mikrotik-boun...@mail.butchevans.com 
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Martín Ruiz
Sent: Thursday, February 12, 2015 5:25 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] Split-horizon on CRS125

And what if you want to make 2 groups? X could be 2?3? Why 1?! 

Martín Ruiz
Director técnico
902 909 858 - 669379521
www.ibersystems.es

 El 12/02/2015, a las 22:59, Shayne Lebrun sleb...@corebroadband.ca 
 escribió:
 
 Pretty simple, really:
 
 /interface bridge add name=mybridge
 /interface bridge port add bridge=mybridge interface=ether1 horizon=1 
 /interface bridge port add bridge=mybridge interface=ether2 horizon=1 
 /interface bridge port add bridge=mybridge interface=ether3 horizon=1 
 /interface bridge port add bridge=mybridge interface=ether4 horizon=1 
 /interface bridge port add bridge=mybridge interface=ether5 horizon=1
 
 Traffic from any port with horizon 'x' won't go back to any other port 
 on that bridge with horizon 'x'.
 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com
 [mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Ty 
 Featherling
 Sent: Thursday, February 12, 2015 4:47 PM
 To: Mikrotik discussions
 Subject: [Mikrotik] Split-horizon on CRS125
 
 Does anyone have a sample config that shows split-horizon setup? I 
 would like port-isolation on my CRS125s. If it matters I have all 
 ports in a bridge save for the upstream port. Doing some simple routing.
 
 -Ty
 -- next part -- An HTML attachment was 
 scrubbed...
 URL:
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20150212/ec
 4d41de
 /attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Split-horizon on CRS125

2015-02-12 Thread Shayne Lebrun

Pretty simple, really:

/interface bridge add name=mybridge
/interface bridge port add bridge=mybridge interface=ether1 horizon=1
/interface bridge port add bridge=mybridge interface=ether2 horizon=1
/interface bridge port add bridge=mybridge interface=ether3 horizon=1
/interface bridge port add bridge=mybridge interface=ether4 horizon=1
/interface bridge port add bridge=mybridge interface=ether5 horizon=1

Traffic from any port with horizon 'x' won't go back to any other port on
that bridge with horizon 'x'.
-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Ty Featherling
Sent: Thursday, February 12, 2015 4:47 PM
To: Mikrotik discussions
Subject: [Mikrotik] Split-horizon on CRS125

Does anyone have a sample config that shows split-horizon setup? I would
like port-isolation on my CRS125s. If it matters I have all ports in a
bridge save for the upstream port. Doing some simple routing.

-Ty
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20150212/ec4d41de
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Extreme IP video...

2015-02-11 Thread Shayne Lebrun

400 meters by 400 meters, you might be better just running fiber if at all 
possible.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com 
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Martin Ruiz 
Ibersystems
Sent: Tuesday, February 10, 2015 2:55 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] Extreme IP video...

With this design I will have mini backhauls of 60 Mbps..

The fact is that I'm looking that there is no direct view.. then I think I'll 
need a repeater/s and I will need a point to create a repeater.. If it's 
something like that, I will need a 24 GHz that is free band for video I think.



thanks,



* Martín Ruiz*

 *Ibersystems Solutions, SL*
http://www.ibersystems.es




2015-02-10 20:49 GMT+01:00 Josh Luthman j...@imaginenetworksllc.com:

 I'd definitely go with licensed or 24 GHz if you're trying to backhaul 
 that much.  That much 5 GHz will be difficult to reliably carry.


 Josh Luthman
 Office: 937-552-2340
 Direct: 937-552-2343
 1100 Wayne St
 Suite 1337
 Troy, OH 45373

 On Tue, Feb 10, 2015 at 2:46 PM, Martin Ruiz Ibersystems  
 martinr...@ibersystems.es wrote:

  Hello,
 
 
  A customer wants to install  34x 4K IP cameras in a big Marina.
  I supose direct view with the control center. In total there are 14
 points
  to link to ControlCenter with 2, 3 or 4 cameras on each.
 
  Each camera has 12 Mbps TCP trafic.
 
  34 cams x 12 Mbps: 408 Mbps TCP at 5GHz.
 
 
  Anyone have this amount of traffic all the day in a small place? 450 
  x
 350
  meters aprox.
 
  We can use all 5GHz spectrum.
 
  In red the 8 groups of up to 60Mbps traffic each (5 cameras)
 
  [image: Imágenes integradas 1]
 
 
 
  thanks,
  * Martín Ruiz*
 
   *Ibersystems Solutions, SL*
 
  http://www.ibersystems.es
  -- next part -- An HTML attachment was 
  scrubbed...
  URL: 
 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20150210/f6f
 fc868/attachment.html
  
  -- next part -- A non-text attachment was 
  scrubbed...
  Name: image.png
  Type: image/png
  Size: 762090 bytes
  Desc: not available
  URL: 
 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20150210/f6f
 fc868/attachment.png
  
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://mail.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
  RouterOS
 -- next part -- An HTML attachment was 
 scrubbed...
 URL: 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20150210/505
 36b8b/attachment.html
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS
-- next part --
An HTML attachment was scrubbed...
URL: 
http://mail.butchevans.com/pipermail/mikrotik/attachments/20150210/ad53ee0e/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] New Online Training

2015-02-04 Thread Shayne Lebrun

I would be.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Butch Evans
Sent: Wednesday, February 4, 2015 1:30 AM
To: mikrotik@mail.butchevans.com
Subject: Re: [Mikrotik] New Online Training

On 01/29/2015 11:16 AM, Roy, Jerry wrote:
 Agreed!

 IPv6 is now a must!

I will see about getting an IPv6 training organized for online.  Besides the
2 that have spoken up, who else has interest in this?


-- 
Butch Evans
702-537-0979
Network Support and Engineering
http://store.wispgear.net/
http://www.butchevans.com/
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] AP/Station on Point2Point Backhauls

2014-10-03 Thread Shayne Lebrun

It really depends on what kind of equipment.

If you're doing any kind of sync between them, keep your masters and slaves
separate; a tower with multiple PTP links should be transmitting or
receiving, period.

If they're unsynced, it really doesn't matter.  In that case, keep your
masters on the side most accessable to you if the link fails, so you can log
in and try things to fix it.




-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Gary Phillips
Sent: Thursday, October 2, 2014 6:22 PM
To: mikrotik@mail.butchevans.com
Subject: [Mikrotik] AP/Station on Point2Point Backhauls

When you are setting up Point2Point Links for your Backhaul Does it matter
which side is The AP side and which is the Station side?  Should the
backhauls Which are in a big circle all go from station to AP all around the
circle or should they go station to AP up one side of the circle and station
to AP up the other side so the tower at the far end has 2 backhaul links
that are both AP?

 

STE Wireless Inc

Gary Phillips

402-534-2502

 

-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20141002/6889ab53
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Peer-to-Peer Filtering

2014-09-28 Thread Shayne Lebrun

Well, the problem you'll get there is that bittorrent has lots of legitimate
uses.  So yeah, if your customer is playing WoW or various other games that
torrent their patches, for example, it might catch them.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of RickG
Sent: Saturday, September 27, 2014 9:56 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] Peer-to-Peer Filtering

I think I should clarify my question: My concern is with false-positives.
It's catching more than I expect however I wouldn't be surprised if it's
missing a lot of PTP too as I'm sure they wanted to prevent identifying
false-positives.

On Sat, Sep 27, 2014 at 5:27 PM, Shayne Lebrun sleb...@corebroadband.ca
wrote:

 Not very.  It's too easy to encrypt PTP traffic, difficult to catch, 
 without spending a hell of a lot of time on it.

 You pretty much need deep packet inspection and regular signature 
 updates and all that other stuff.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com
 [mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of RickG
 Sent: Friday, September 26, 2014 11:57 PM
 To: Mikrotik discussions
 Subject: [Mikrotik] Peer-to-Peer Filtering

 OK, how accurate is ROS on catching PTP with it's firewall filtering? 
 I use it to help cut back on PTP usage but moreover use it to let 
 customers know if it's being run on their network. However, I've 
 noticed my DNS server shows up int he address list and I know it's clean.
WTH???
 -- next part -- An HTML attachment was 
 scrubbed...
 URL:
 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20140926/57b
 bd13c
 /attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS

 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS




--
-RickG KyWiFi
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140927/ae88ac38
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Peer-to-Peer Filtering

2014-09-27 Thread Shayne Lebrun

Not very.  It's too easy to encrypt PTP traffic, difficult to catch, without
spending a hell of a lot of time on it.

You pretty much need deep packet inspection and regular signature updates
and all that other stuff.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of RickG
Sent: Friday, September 26, 2014 11:57 PM
To: Mikrotik discussions
Subject: [Mikrotik] Peer-to-Peer Filtering

OK, how accurate is ROS on catching PTP with it's firewall filtering? I use
it to help cut back on PTP usage but moreover use it to let customers know
if it's being run on their network. However, I've noticed my DNS server
shows up int he address list and I know it's clean. WTH???
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140926/57bbd13c
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] H323 invalid

2014-08-08 Thread Shayne Lebrun

I can't answer your exact question, but try triggering on something else,
like DSCP value.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Grand Avenue
Broadband
Sent: Friday, August 8, 2014 11:01 AM
To: Mikrotik discussions
Subject: [Mikrotik] H323 invalid

Trying to devise some QOS improvements for a deaf subscriber with a Sorenson
videophone.  

Wanted to make some mangle rules trigger off the detection of an H323
connection.  None of them trigger.  Discovered that H323 helper in /ip
firewall service-ports is marked invalid (red).  You can disable it, enable
it, or make the port something other than 1720, but nothing makes it valid.
H323 doesn't appear in /ip services, and there's no way to add anything
there.

The only time I've seen this sort of behavior is when the package for a
specific feature isn't present.  The old brown wiki talks about needing the
telephony package for H323, but that package doesn't seem to exist anymore
and the new wiki still discusses H323, so it must have been folded into
something else.

How do I get this out of the invalid state?

-- 
  Grand Avenue Broadband -- Wireless Internet Service
 Circle City to Wickenburg and surrounding areas
  http://grandavebb.com

-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140808/a824ae72
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

[Mikrotik] VPLS help required

2014-07-21 Thread Shayne Lebrun

Can somebody who's well-versed in mikrotik MPLS/VPLS hit me up offlist with
their rates for some consulting?

 

Thanks!

-- next part --
An HTML attachment was scrubbed...
URL: 
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140721/7c107051/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Throughput Problem on Mikrotik RB951

2014-07-14 Thread Shayne Lebrun

We've seen similar things; MT at customer's to MT at network edge = fast,
customer speed test = not as fast.  Variety of radios and frequencies, too. 

Variety of MTs; 493ah, 750, 2011.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Paul McCall
Sent: Thursday, July 10, 2014 2:54 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] Throughput Problem on Mikrotik RB951

In this case, all the computers we are testing with are wired

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Scott Reed
Sent: Thursday, July 10, 2014 6:27 AM
To: Mikrotik discussions
Subject: Re: [Mikrotik] Throughput Problem on Mikrotik RB951

This one may be something for the OP to look at.
If the customer is connected wireless on b at 11Mbps, 3-5M is about all they
will get on a speed test.
If the customer is connected faster, then maybe it is something else.

On 7/9/2014 6:38 PM, Scott Lambert wrote:
 I use a RB951Ui-2HnD wirelessly at my house.  It is in my basement, 
 connected via 100Mbps ethernet to the CCR1036 at the base of my tower 
 which then crosses an AirFiber 24 link to the office.  I can move as 
 many bits per second as the wireless between my 4 year-old MacBook Pro 
 and the 951 can handle.  My downloads are usually between 10 and
 30 M bits per second.  It tends to depend on the site from which I am 
 downloading.

 On Wed, Jul 09, 2014 at 03:47:31PM +, Justin Marshall wrote:
 Having an issue with a few customers behind RB951 Mikrotiks. All of 
 these customers are on bridged Canopy 100's.

 Running a test from the Mikrotik (tools/bandwidth test) to a Mikrotik 
 we have setup at our office I'm seeing 8-10.2Mbps down.  However when 
 the customer runs a speedtest (regardless of which speedtest server) 
 they usually max out around 3Mbps down.

 I presume you run the MikroTik test, the customer runs the speedtest, 
 you run the MikroTik test, ..., in rapid succession and the results 
 follow the device all the time?

 Usually max out around 3Mbps?  Do they *ever* max out above 3Mbps?

 What are the exact options you are using to test with from the mikrotik?
 Have you tested with TCP as well as UDP and gotten the same speeds?

 Put this on the PC and test with it:

 http://www.mikrotik.com/download/btest.exe

 It is not working under Wine on my Mac at the moment.  I've not 
 actually used it before.  It seems to be less feature rich than the 
 RouterOS built-in test.  Winbox works like a treat under Wine.

 Using it should allow you to determine if the test methodology is 
 making a difference in speed or if it is the device which is running 
 the speed test, if it actually works.  Also you can test between the 
 PC and the on-site 951 as a control.

 Do large file downloads get the same rates as the speedtests?

 One customer in particular was really helpful on trying to narrow 
 down what could be causing this.  He tried 3 different computers 
 (both wired and wireless), 2 different cables between the computers 
 and the RB951, and different ports on the RB951.  He also gave me 
 teamviewer access to one of these (wired to the RB951) to try a few 
 different things.

 So far I tried:

 Upgraded to 6.15 firmware, did the /system routerboard upgrade.

 I've removed all traffic shaping rules that could possibly be 
 effecting their speed.

 Tried using a src-nat rule in lieu of masquerade.

 Also tried 2 different browsers to make sure it wasn't just a browser 
 issue on the computer I had teamviewer access to.

 Has anyone else experienced this, or have any other suggestions to 
 try?
 Where do you rate limit your customers, if you do?

 What do you use to rate limit your customers?

 If you hook a laptop directly behind the bridged Canopy 100, with the 
 same IP as the 951 had, what speed does the laptop get?

 We don't have much Canopy gear; and I don't admin it.  Ours is 
 ancient, 900MHz, and only does 3Mbps down / 1Mbps up total.  I presume 
 yours is actually able to move the 10Mbps down.

 Are you tracking the throughput of your Canopy APs so that you know 
 they have the headroom available while testing?  Can you watch the,
 1-3 second average, throughput on the SM and AP while the tests are
running?
 And make sure there is no traffic to the tested SM before you run the 
 tests?

 What does a /tool traceroute 64.250.34.225 look like?  In RouterOS 
 6.recent you should be able to let it run for about 90 - 120 seconds 
 to get a good sampling.

 Download WinMTR on the PC and run it for a similar period.

 Show us the results from both if nothing jumps out at you.  Copy and 
 paste the text, don't give us screenshots.  I am not firing up a GUI 
 mail client  I'm a grumpy old fart. :-)

 The MTR results may indicate where, if anywhere, there is a bottleneck 
 or packet loss.

 Re-run WinMTR and do a speedtest at the same time.  We'll expect it to

Re: [Mikrotik] SMs install with wrong gateways - need to NAT to get to get to them

2014-04-28 Thread Shayne Lebrun

On your Mikrotik, go IP-Web Proxy.  Enable it.

In your browser, set the mikrotik's IP as the web proxy.

Then, talk to each SM in turn, and correct the IP settings.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Paul McCall
Sent: Friday, April 25, 2014 7:19 PM
To: Mikrotik discussions
Subject: [Mikrotik] SMs install with wrong gateways - need to NAT to get to
get to them

One of our techs programmed 20 SMs to do a massive swap out, which we did
some of  today.  After they got swapped out, he realized his mistake.
Customers are all working OK, but I cant get to the radios.  These are
Cambium ePMPs that have no other way to get to them. I can ping them through
the tower router where the APs are, thank God !

So, I need to, one at a time, NAT to get to each radio.  I am just not
positive of what the setup would be.

We have a WAN interface with an OSPF subnet IP on it, then a LAN_Bridge as
we call it, that has the APs.  I have tried a couple things that didn't
work, so am needing some more direct help.. OK, I am asking if someone can
write the CLI so that I get it.

The Public IP for the subnet on the LAN_Bridge is xxx.yyy.215.193/27  and
the radio subnet on the LAN_Bridge is 10.10.215.193.   The first radio I
need to NAT to would be 10.10.215.200.  I am not sure whether I NAT to
another IP in the Public IP subnet (I'll hang an extra IP there from that
subnet if so) OR whether it gets NAT'd to another IP on the WAN subnet (it's
a /29 so I have some to play with).

I appreciate the help on this.

Thanks

Paul McCall, Pres.
PDMNet / Florida Broadband
658 Old Dixie Highway
Vero Beach, FL 32962
772-564-6800 office
772-473-0352 cell
www.pdmnet.comhttp://www.pdmnet.com/
pa...@pdmnet.netmailto:pa...@pdmnet.net

-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140425/d98ac146
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Ethernet port auto-negotiate versus manual

2014-03-24 Thread Shayne Lebrun

Auto where it works, hardcode where it doesn't.  Just remember hardcoding
has to happen on both sides, or no sides.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Terri Kelley
Sent: Monday, March 24, 2014 11:30 AM
To: Mikrotik discussions
Subject: Re: [Mikrotik] Ethernet port auto-negotiate versus manual

In most cases, auto. Cases where I have had issues have been marginal rj45,
cheap cat5 surge protection or a good one was going out.

Terri Kelley
Network Engineer
254.697.6710
Farm to Market Broadband

-Original Message-
From: Micah Miller mi...@nbson.com
To: Mikrotik discussions mikrotik@mail.butchevans.com
Sent: Mon, 24 Mar 2014 10:12 AM
Subject: Re: [Mikrotik] Ethernet port auto-negotiate versus manual

We leave auto-negotiate on unless we are connecting a mikrotik to a ubnt
device.  We will then set them 100/full, both devices.

On Sat, Mar 22, 2014 at 9:35 PM, RickG rgunder...@gmail.com wrote:
 I've recently had some speed issues on my network that appear to be 
 the result of several things. Of course, that leads to old game of 
 trail  error until you find the problem. One of those items is port 
 flapping and whether or not to auto-neg or manual set the port speeds. 
 I've traditionally left auto-neg on. What is everyone doing out there?

 --
 -RickG KyWiFi
 -- next part -- An HTML attachment was 
 scrubbed...
 URL: 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20140322/e6
 1dafbc/attachment.html 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS

--
Micah Miller
Network/Server Administrator
Network Business Systems, Inc.
Phone: 309-944-8823
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140324/8c5f8ca5
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Deleting lots of IPs from address-list

2014-02-27 Thread Shayne Lebrun

Completely ignoring your actual issue, which others have attempted to answer
(try exporting the list, opening as a text file, bulk adding a remove
command to the front, uploading back to the mikrotik, and running?) why not
just drop incoming connections?  Why store them in an address list?

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Josh Luthman
Sent: Thursday, February 27, 2014 11:07 AM
To: Mikrotik discussions
Subject: Re: [Mikrotik] Deleting lots of IPs from address-list

It's x86.  It's anyone attempting to reach my (non authoritative, caching)
DNS server from the outside world.

I don't see how you can do a count on address-list ?  How are you doing
that?

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

On Thu, Feb 27, 2014 at 11:02 AM, Martin Ruiz Ibersystems 
martinr...@ibersystems.es wrote:

 WTF!?

 why those number of addresses?
 The routerboard will die with this action.

 When we created 20 or 30 thousand users in a hotspot, we noticed that 
 its not possible to create more than 600 users with a copy paste... 
 then, I think it will be something like that. You can create a script 
 with a counter... up to 600 or 500 and run this script each 30 
 seconds, for example in the scheduler.

  * Martín Ruiz*

  *Ibersystems Solutions, SL*

 Dpto. Redes Inalámbricas

 Tel.  902 909 858 / 93 184 52 13 / 669 37 95 21
 Web: http://www.ibersystems.es
 Facebook: http://www.facebook.com/Ibersystems
 Twitter: http://www.twitter.com/Ibersystems
 martinr...@ibersystems.es

 La información incluida en este email es *CONFIDENCIAL*, siendo para 
 uso exclusivo del destinatario arriba mencionado. Si Ud lee este 
 mensaje y no es el destinatario indicado, le informamos que está 
 totalmente prohibida cualquier utilización, divulgación, distribución 
 y/o reproducción de esta comunicación, total o parcial, sin 
 autorización expresa en virtud de la legislación vigente. Si ha 
 recibido este mensaje por error, le rogamos nos lo notifique 
 inmediatamente por esta vía y proceda a su eliminación junto con sus
ficheros anexos sin leerlo ni grabarlo.

 En virtud de lo establecido en la Ley 15/1999, y la LSSICE 34/2002, le 
 informamos que sus datos forman parte de un fichero automatizado 
 titularidad de *IBERSYSTEMS SOLUTIONS, S.L.* La información registrada 
 se utilizará para informarle por cualquier medio electrónico de 
 nuestras novedades comerciales. Puede ejercer los derechos de acceso, 
 rectificación, cancelación y oposición en: *C/ CAMÍ RAL DE LA MERCÈ, 
 501 - 08302 MATARÓ
 (BARCELONA).*

 En cumplimiento de la Ley 34/2002 del 11 de julio, de Servicios de la 
 Sociedad de la Información y de Comercio Electrónico, le informamos 
 que puede revocar en cualquier momento, de forma sencilla y gratuita, 
 el consentimiento para la recepción de correo electrónico enviando un 
 e-mail con su solicitud a:*i...@ibersystems.es i...@ibersystems.es*

 2014-02-27 16:53 GMT+01:00 Josh Luthman j...@imaginenetworksllc.com:

  About 3.2 million addresses.  I didn't set an expiration...

  Didn't try an export, but how would that help?  I can't delete them 
  all
 to
  import the ones I want if that's what you're shooting for.

  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373

  On Thu, Feb 27, 2014 at 10:46 AM, Gerard Dupont III 
  ger...@shelbybb.com
  wrote:

   How many entries are we talking here?

   Might be able to use the API, but I suspect it will have same 
   issue as cli..

   Can you do a '/ip firewall address-list export file=something' or 
   does
  that
   crash also?

   Gerard

   On Thu, Feb 27, 2014 at 10:36 AM, Josh Luthman
   j...@imaginenetworksllc.comwrote:

Does anyone know a way to do this besides rebooting?  I'm on v5.

Using SSH and this it crashes:
/ip firewall address-list remove [/ip firewall address-list find 
list=list-name]

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
-- next part -- An HTML attachment was 
scrubbed...
URL: 

 http://mail.butchevans.com/pipermail/mikrotik/attachments/20140227/12f
 66ae3/attachment.html

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to 
Mikrotik RouterOS

   -- next part -- An HTML attachment was 
   scrubbed...
   URL: 

 http://mail.butchevans.com/pipermail/mikrotik/attachments/20140227/96c
 37091/attachment.html

   ___
   Mikrotik mailing list
   Mikrotik@mail.butchevans.com

Re: [Mikrotik] Deleting lots of IPs from address-list

2014-02-27 Thread Shayne Lebrun

The rest of the battle being 25% red lasers, and 25% blue lasers.

Fair enough.  I thought maybe you were also using those IPs to block
ssh/ftp/other services, or something like that.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Josh Luthman
Sent: Thursday, February 27, 2014 8:19 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] Deleting lots of IPs from address-list

And knowing is half the battle!

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Feb 27, 2014 8:16 PM, Grand Avenue Broadband
grandav...@grandavebb.com
wrote:

 Well, now you know: somewhere between Oh, the humanity and Et tu, 
 Brute.

 On Feb 27, 2014, at 2:56 PM, Josh Luthman 
 j...@imaginenetworksllc.com
 wrote:

  Wanted to see the scale of it.

  why not
  just drop incoming connections?  Why store them in an address list?

  About 3.2 million addresses.  I didn't set an expiration...
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS

-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20140227/d389dd9e
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Thank you to Butch and I will pass along a helpful hint.

2014-01-19 Thread Shayne Lebrun

/system reset-config no-defaults=yes
Or /system reset-config use-defaults=no

I forget which version of the command is the current one.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Paul McCall
Sent: Saturday, January 18, 2014 8:19 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] Thank you to Butch and I will pass along a helpful
hint.

Yes, after the /sys reset, we have to then remove the default config it
places on the router.

However, I tried what I described twice.  With the MAC server set to all
interfaces, and the FW rules all disabled, it still wouldn't to MAC access
on port 1.

So, I resorted to having to do the /sys reset, so that I had the opportunity
to do the Remove of the config completely after the reboot / initial login.

Paul

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Scott Reed
Sent: Saturday, January 18, 2014 2:08 PM
To: Mikrotik discussions
Subject: Re: [Mikrotik] Thank you to Butch and I will pass along a helpful
hint.

The first thing we do with RB751 is a System-Reset.  Then do what we want
with them.
Normally just deleting the firewall rules will get full access on port 1.  I
don't know what your third thing may be.

On 1/18/2014 12:25 PM, Paul McCall wrote:
 We just recently started using a lot of the RB751  High powered WiFi units
for our residential clients.  The sales guy sold an upgrade of one of these
to a remote customer (over an hour away) and we just shipped him one,
knowing that we could config it remotely.

 After jerking around for a while over the phone, we could see the LAN
connection on the wireless radio come and go as he unplugged the unit, but
we still couldn't see it by MAC to telnet in to program it, etc.

 Turns out the default config on the residential router totally blocks
access to Port 1 by1) not having that port in the MAC server list, by
having a FW rule, and by something else (*which I am not sure what that is).

 Fixing those things above, I still had to remove the default config from
the router (after a fresh /sys reset) and then all is find.

 I am kinda curious what third setting would need to have been adjusted 
 to make MAC remote access available on Port 1

 H...

 Paul

 Paul McCall, Pres.
 PDMNet / Florida Broadband
 658 Old Dixie Highway
 Vero Beach, FL 32962
 772-564-6800 office
 772-473-0352 cell
 www.pdmnet.comhttp://www.pdmnet.com/
 pa...@pdmnet.netmailto:pa...@pdmnet.net

 -- next part -- An HTML attachment was 
 scrubbed...
 URL: 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20140118/af
 b994ca/attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS

 -
 No virus found in this message.
 Checked by AVG - www.avg.com
 Version: 2014.0.4259 / Virus Database: 3681/7013 - Release Date: 
 01/18/14

--
Scott Reed
Owner
NewWays Networking, LLC
Wireless Networking
Network Design, Installation and Administration Mikrotik Advanced Certified
www.nwwnet.net
(765) 855-1060  (765) 439-4253  Toll-free (855) 231-6239

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] RB2011UAS-2HnD througput

2013-03-19 Thread Shayne Lebrun

What happens if you leave the cisco in bridge mode, connect a computer
directly to it, and run your speed tests?  The email says you've tested the
cisco in L3 mode, and the cisco in L2 mode with a Mikrotik.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Judd Howie
Sent: Tuesday, March 19, 2013 10:24
To: Mikrotik discussions
Subject: [Mikrotik] RB2011UAS-2HnD througput

I have recently purchased a RB2011UAS-2HnD (great little unit) to replace a
RB433UAH that's a couple of years old.

My primary reason for replacing the 433 was that when I turned on web proxy
(usb store onboard), my download speeds dropped drastically and CPU use shot
through the roof.
The environment is a small home office with approximately 15 devices. The
routerboard sits behind a Cisco DPS3925 cable gateway in bridged mode. (
http://www.cisco.com/web/consumer/support/modem_DPC3925.html)

When speed testing from behind the 433 and Cisco in bridged mode speeds
maxed at about 35Mb (pings fine at 6ms). If I took the MK out of the
equation and turned off bridged mode on the Cisco and tested again using it
as the router, speeds came back to where they should be (110Mb). This is all
in the exact same environment, only difference is MK/no MK.
I thought the new router would fix this but sadly I am seeing the exact same
behaviour now. Hence my mail to the list.
Would greatly appreciate any thoughts on what might be the cause?

Both the 433 and the new RB2011 have near the exact same config. We are
talking about a lightly utilised connection. DNS and DHCP is on, a couple of
wireless clients, web proxy off,  connection tracking off, 5 or so simple
queues, regular set of simple firewall rules, one bridge and a couple of PPP
client connections. Basically, as far as router config is concerned it's
doing about 5% of what it's capable of...sadly though it seems to not be
able to deliver anywhere need the speeds I see from the crappy little CPE
Cisco provided by my ISP.

I have several RB1100 and RB1200's in the wild all running fine and
delivering speeds as expected. I don't want to have to set one up home to
ensure I can see speeds I'm capable off but that may be my next option
unless the brains trust on the list can point me in the direction of a
solution?

Thanks in advance.

J
-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20130320/2251a74d
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Automatic config backup

2013-02-06 Thread Shayne Lebrun

If you're using more recent versions of ROS, 5.14 or something and higher,
use '/export compact file=blahblah.rsc' to get only what you actually need
to apply to a new router.

We use something like:
/system scheduler add name=backup on-event=/export compact
file=systembackup start-date=jan/01/1970 start-time=04:00:00 interval=24h
comment= disabled=no

/ip tftp add req-filename=systembackup.cfg real-filename=systembackup.rsc
allow=yes read-only=yes ip-addresses=xx.xx.xx.xx

Then on a server somewhere, a cron script at 4 am; given a file with a csv
of name and address, download file, rename to router name and date, save.
Delete anything older than however long you want to keep.  My backup folder
has 1343 files in it ATM, about 11 megs.

-Original Message-
From: mikrotik-boun...@mail.butchevans.com
[mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Eric Muehleisen
Sent: Wednesday, February 6, 2013 16:12
To: Mikrotik discussions
Subject: Re: [Mikrotik] Automatic config backup

These backups and restores are using the same hardware. It's looking like
the /export is the better, more reliable method.

On Wed, Feb 6, 2013 at 3:05 PM, Josh Luthman
j...@imaginenetworksllc.comwrote:

 The binary backup is super picky.  I've had minimal success with it, 
 though I do use it (but I primarily depend on text backup - /export).

 You'll NEED to have the same number of ports to begin with.  There are 
 additional hassles but I can't remember them it has been so long.

 Josh Luthman
 Office: 937-552-2340
 Direct: 937-552-2343
 1100 Wayne St
 Suite 1337
 Troy, OH 45373


 On Wed, Feb 6, 2013 at 4:03 PM, Eric Muehleisen ericm...@gmail.com
 wrote:

  I currently do MT backups using the scheduler to do a system backup 
  save name then a FTP fetch. This all works correctly but the file 
  fails when
 I
  try to upload the config and restore to a new router. Does the 
  backup
 file
  become corrupt during this process?
  -- next part -- An HTML attachment was 
  scrubbed...
  URL: 
 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20130206/49d
 8b59b/attachment.html
  
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://mail.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
  RouterOS
 
 -- next part -- An HTML attachment was 
 scrubbed...
 URL: 
 http://mail.butchevans.com/pipermail/mikrotik/attachments/20130206/6f6
 87358/attachment.html
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://mail.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik 
 RouterOS

-- next part --
An HTML attachment was scrubbed...
URL:
http://mail.butchevans.com/pipermail/mikrotik/attachments/20130206/cbdd8bf0
/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://mail.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Open Access Networks

2012-07-19 Thread Shayne Lebrun

Layer 2 connections, one vlan/AP/ISP.  Use whatever client isolation your
APs offer.  Have the client equipment act as an access port, tagging the
customer's traffic as appropriate.

That way, each ISP can do their own provisioning (dhcp, PPPoE, static
assignments, whatever), any given VLAN can terminate wherever, or terminate
in multiple spots with PVST or whatever, and life is good.  A bit more setup
on the initial setup for any given tower, and lots of setup when a new ISP
decides to join, but that's what setup fees are for.

You can also do things like site-site vlans for customers with multiple
sites on the network, and so on.

If Mikrotik ever gets around to doing LAC/LNS functionality, now

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Troy Settle
 Sent: July-19-12 1:11 PM
 To: mikrotik@mail.butchevans.com
 Subject: [Mikrotik] Open Access Networks
 
 Does anyone on this list operate an open access network?  If so, what
 mechanism are you using to ensure that each customer is getting to the
right ISP?
 
 
 
 Right now, we have a VLAN per customer, which is not fun to work with and
not
 very extendable.
 
 
 
 One thought I have, is to do a VAP per ISP, then use MPLS/VPLS to bridge
every
 AP (about 60) back to a core router.  Each ISP would have their own bridge
to
 get up to Layer 3.
 
 
 
 I could also skip the VAP part of that, and simply have each ISP register
their
 client's MAC addresses so that we can use the proper DHCP pool.  The
downside
 to this, is when a customer changes their router, they'll have to contact
their ISP
 for assistance.
 
 
 
 My network is about to triple in size, and I really need to find a
new/better
 solution.
 
 
 
 Any thoughts? Thanks!
 
 
 
 --
 
   Troy Settle, Network Administrator
 
   The Wired Road Authority
 
   1117 E. Stuart Dr.
 
   Galax, VA 24333
 
   (276) 238-0049 (office)
 
   (276) 237-3890 (cell)
 
   tset...@thewiredroad.net
 
 
 
 -- next part --
 An HTML attachment was scrubbed...
 URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20120719/d72b
 4f3e/attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Strange FTP problem

2012-05-02 Thread Shayne Lebrun

We have fairly complicated 'standard' setups; vlans, eoip tunnels, IPs and
routing settings, access, SNMP, NTP and so on.  We template the standard
setup; when a new router is going in, all of the various services are
provisioned in a database, the template is filled in automagically with that
data and spits out a copy-paste config script.  Part of the template is a
nightly export compact and TFTP access rules to our backup server, which
hits up all the routers listed in Icinga and backs them up nightly.
Generally, if a router needs replacing, we go back to the template rather
than the backups, but there's always that one extra tunnel, that one special
setting to accommodate that one guy, and so on.  With the compact script,
even if you can't just copy/paste, it's at least plainly visible what
commands need to be run.

Sure, I could do it from memory or from scratch, and that's fine for run of
the mill stuff, but 'our procedures are usually good enough' is an inferior
response to 'customers are down.'

That all said, this is another one of those problems that has been solved
for years, but people are doomed to repeat, badly.  Cisco has this nailed;
you don't have configurations, you have configuration scripts that are run
at start up, working config is different than the saved config, you can have
multiple configs, and blah blah blah.

And yes, absolutely agree with Scott.  Bus syndrome, continuity of business,
and so on.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Scott Reed
 Sent: May-02-12 8:49 AM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] Strange FTP problem
 
 I normally agree with Butch, but I can't on this one.
 Maybe for a small organization, this works, but even there I think there
are
 significant risks with this approach.
 Suppose, since it is tornado season, that you are the one that normally
sets up
 new routers for your organization.  A tornado rips through your territory.
 Unfortunately, you are at home when the tornado destroys your house and
 sends you to the hospital.  The good folks of WISPA show up the next day
to get
 the 2 destroyed towers back in operation so your network can support the
 clean-up efforts.  How will they know how things are to be setup?
 Second scenario is similar, but for a larger organization.  The one in
the know
 is out of contact for a couple of days, whether work or pleasure.  A site
goes
 down and someone that normally doesn't do the setups is called on to get
the
 site up.
 In both cases I see three things are are a requirement:
  1) Disaster Recovery Plan - what needs to be done to get back in
operation.
 Should be written so a 3rd party can do it.
  2) As-built documentation - how is every piece of equipment to be
configured.
  3) Backups for all (critical) equipment - so that it is easy to
implement the
 recovery plan.
 These are the very things I am working now that we have added a part-time
 person so I have more time to get it done.  I see these 3 things becoming
more
 and more critical as we grow.
 
 On 5/2/2012 2:29 AM, Butch Evans wrote:
  On Wed, 2012-05-02 at 00:48 -0400, Josh Luthman wrote:
  You take it out of the box, configure it from memory and put into
place?
  All I typically need is the IP addresses, ssids and firewall, so yes.
  Then again, it depends on what the device is DOING on the network.
  Core routers are easy.  PPPoE servers are easy.  Even APs are pretty
  quick, IF I know the ssid.  These things can be magical and are
  capable of SO many things, but MOST networks use only a small portion
  of that capability on each given router.
 
 
 --
 Scott Reed
 Owner
 NewWays Networking, LLC
 Wireless Networking
 Network Design, Installation and Administration
 
 
 
 Mikrotik Advanced Certified
 
 www.nwwnet.net
 (765) 855-1060
 (765) 439-4253
 (855) 231-6239
 
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] How to test a load balancer

2012-04-23 Thread Shayne Lebrun

Put a test mikrotik box on either end, and fire up bandwidth tester with 1
TCP connections?

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Martin Ruiz Ibersystems
 Sent: April-23-12 12:09 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] How to test a load balancer

 Yes Josh,

 but:

 we have 4 test lines.
 I want that:
 If ISP1 fails, all the connections will move to the other 3 lines.. 1/3  -
  1/3 and 1/3
 Then, we have to plug/unplug router lines and see the routes enabling and
 disabling automatically.. it's not easy to control all like you say. We
need a large
 and automatic test.

 I need a monkey with 20 or 25 firefox windows clicking F5.. all the day
x

 thanks,
  * Martín Ruiz*
 * *
  *Ibersystems Solutions, SL*
 * *
 Dpto. Redes Inalámbricas

 Tel.  902 909 858
93 184 52 13
669 37 95 21

 Fax 93 758 63 01

 http://www.ibersystems.es
 martinr...@ibersystems.es

 *Este mensaje puede contener información confidencial y/o privilegiada. Si
 usted no es el destinatario o una persona expresamente autorizada para
recibir
 este envío no debe utilizar, copiar, reenviar, distribuir, o en general
disponer de
 ninguna forma de la información incluida. Si hubiera recibido este mensaje
por
 error, sírvase informar al emisor mediante una respuesta inmediata y
bórrelo,
 por favor. Muchas gracias.* ***Antes de imprimir este e-mail, piensa en si
es
 realmente necesario: El Medio Ambiente es responsabilidad de todos*

 El 23 de abril de 2012 17:57, Josh Luthman
 j...@imaginenetworksllc.comescribió:

  Like PCC?  Just see if both interfaces are carrying traffic.  Firewall
  will show you what connections are tagged for which interface.

  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373

  On Mon, Apr 23, 2012 at 11:52 AM, Martin Ruiz Ibersystems
  martinr...@ibersystems.es wrote:
   Hello all,

   we are configuring a N lines load balancer based in the
   configuration
  did
   by Pavel (AKA Chupaka) in the mikrotik wiki. We have the config
   almost done.. but we need to test the balancings.

   Anyone knows a program to test this? We only need to run a program
   in a windows machine with a list of websites or videos to downoad
   and make
  many
   conections at the same time. With this runnung during aprox 1 hour,
   we
  will
   see if it works or not.

   thanks,
   * Martín Ruiz*
   * *
*
   *
   *
   *

   http://www.ibersystems.es
   martinr...@ibersystems.es
   -- next part -- An HTML attachment was
   scrubbed...
   URL: 

 http://www.butchevans.com/pipermail/mikrotik/attachments/20120423/8811
  42ab/attachment.html

   ___
   Mikrotik mailing list
   Mikrotik@mail.butchevans.com
   http://www.butchevans.com/mailman/listinfo/mikrotik

   Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS

 -- next part --
 An HTML attachment was scrubbed...
 URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20120423/3d56
 c452/attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Reduced detail export?

2012-04-05 Thread Shayne Lebrun

Just add the word 'compact' to your export command.  It's sweet like sugar.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Bill Prince
 Sent: April-05-12 3:57 PM
 To: Mikrotik discussions
 Subject: [Mikrotik] Reduced detail export?
 
 
 Did someone mention that ROS 5.x has a reduced fat export that takes out
all
 the default configuration stuff, or something like that?
 
 Does it actually work?  How do you implement it?
 
 
 --
 bp
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Reduced detail export?

2012-04-05 Thread Shayne Lebrun

Well, it was added in 5.12.  Seriously.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Bill Prince
 Sent: April-05-12 4:08 PM
 To: mikrotik@mail.butchevans.com
 Subject: Re: [Mikrotik] Reduced detail export?
 
 No Sprechen sie compact.  Does not like that argument.  This is on ROS
5.11:
 
 [admin@Test Router]  export compact
 expected end of command (line 1 column 8)
 
 
 bp
 
 
 On 4/5/2012 1:00 PM, Randy Cosby wrote:
  export compact
 
  ymmv
 
 
 
  On 4/5/2012 1:57 PM, Bill Prince wrote:
 
  Did someone mention that ROS 5.x has a reduced fat export that
  takes out all the default configuration stuff, or something like that?
 
  Does it actually work?  How do you implement it?
 
 
 
 -- next part --
 An HTML attachment was scrubbed...
 URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20120405/f9fc5
 5d4/attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

[Mikrotik] EoIP tunnel stops EoIPing

2012-03-21 Thread Shayne Lebrun

Two routers, can ping each other no problem.  Router one has a VLAN
interface bridged to an EoIP tunnel.  Router two has an EoIP tunnel bridged
to a vlan interface.  Tagged packets come into router one, leave router two,
and vice versa.

 

Lately, we'll see a situation where traffic does not pass.  Log into the
routers, open bridge-hosts, filter for the vlan ID, see macs, and suddenly,
traffic starts flowing again.  We've seen a tunnel be in this state for
days, but open the routers in winbox, look at the bridge tables, and bam.

 

A mix of 3.x and 4.x.  Anybody seen anything like this?  Any suggestions
other than 'upgrade?'

-- next part --
An HTML attachment was scrubbed...
URL: 
http://www.butchevans.com/pipermail/mikrotik/attachments/20120321/938bef1e/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Mikrotik Windows File server

2012-01-25 Thread Shayne Lebrun

Mikrotik is the swiss army knife of routers, no?  Well, now it has basic NAS
functionality.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Jacob Heider
 Sent: January-25-12 2:15 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] Mikrotik Windows File server
 
 So you can have a network drive for file sharing on your network.
 Without a server. I'm as mystified as you, Josh. Seems like a waste of dev
time,
 and a waste of router resources.
 
  Josh Luthman mailto:j...@imaginenetworksllc.com
  January 25, 2012 2:11 PM
  But what does Samba have to do with that? Extra storage with ext3 is
  one thing, that makes sense (though that's always been around). The
  addition of Samba is what I'm inquiring about.
 
  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373
 
 
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS
 
  Josh Luthman mailto:j...@imaginenetworksllc.com
  January 25, 2012 1:50 PM
  5.12
 
  *) implemented simple SMB (windows file sharing) server;
 
  Anyone actually plan on using this? How or why?
 
  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS
 
 -- next part --
 An HTML attachment was scrubbed...
 URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20120125/4ece
 d6f9/attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] System Administrator Position

2012-01-18 Thread Shayne Lebrun

But it specifically says not to call MVN or it's employees.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Butch Evans
 Sent: January-18-12 3:49 AM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] System Administrator Position
 
 On Wed, 2012-01-18 at 08:44 +, Antonio G. Sánchez Funes wrote:
 Do you know if they will sponsor a foreign worker?
 
 I don't know.  You should be able to find their phone number and a contact
 email at http://www.mvn.net
 
 --
 *
 ***
 * Butch Evans* Professional Network Consultation   *
 * http://www.butchevans.com/ * Network Engineering *
 * http://store.wispgear.net/ * Wired or Wireless Networks  *
 * http://blog.butchevans.com/ * ImageStream, Mikrotik and MORE!*
 *  NOTE THE NEW PHONE NUMBER: 702-537-0979 *
 *
 ***
 
 
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] System Administrator Position

2012-01-18 Thread Shayne Lebrun

Exactly.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Casey Mills
 Sent: January-18-12 9:07 AM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] System Administrator Position
 
 By calling, this would obviously mean you can not follow instructions and
would
 immediately eliminate you from the candidate pool.
 
 Casey
 
 
 
 On Wed, Jan 18, 2012 at 8:59 AM, Shayne Lebrun sleb...@corebroadband.ca
 wrote:
  But it specifically says not to call MVN or it's employees.
 
  -Original Message-
  From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
  boun...@mail.butchevans.com] On Behalf Of Butch Evans
  Sent: January-18-12 3:49 AM
  To: Mikrotik discussions
  Subject: Re: [Mikrotik] System Administrator Position
 
  On Wed, 2012-01-18 at 08:44 +, Antonio G. Sánchez Funes wrote:
  Do you know if they will sponsor a foreign worker?
 
  I don't know.  You should be able to find their phone number and a
  contact email at http://www.mvn.net
 
  --
 
 *
  ***
  * Butch Evans                * Professional Network Consultation   *
  * http://www.butchevans.com/ * Network Engineering                 *
  * http://store.wispgear.net/ * Wired or Wireless Networks          *
  * http://blog.butchevans.com/ * ImageStream, Mikrotik and MORE!    *
  *          NOTE THE NEW PHONE NUMBER: 702-537-0979                 *
 
 *
  ***
 
 
 
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS
 
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] APC ups and mikrotik

2011-09-12 Thread Shayne Lebrun

Not without some details about what you've tried already.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of john
 Sent: September-12-11 9:30 AM
 To: Mikrotik discussions
 Subject: [Mikrotik] APC ups and mikrotik
 
 We are trying to get a mikrotik connected to an APC UPS but I'm having no
luck.
 I connect it to a router-board and it just doesn't communicate.  Any
ideas?
 
 John Babineaux
 Network Admin
 Radio Communications Service
 Crowley, Louisiana
 
 
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] rb493ah and TCP speed test

2011-08-22 Thread Shayne Lebrun

Take a pair of 493AHs, stick an Ethernet cord between them, and run a test.
That should get you your answer.


 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Josh Luthman
 Sent: August-22-11 3:36 AM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] rb493ah and TCP speed test
 
 Not trying to figure out the link capacity at this point, I would like to
see if all
 493ah can only generate 30 megs of traffic or if there is something I am
doing
 wrong.
 On Aug 22, 2011 3:24 AM, Robert Andrews rob...@avantwireless.com
 wrote:
 -- next part --
 An HTML attachment was scrubbed...
 URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20110822/994f
 3b3f/attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] RB750G - Traffic stops to other slave ports...

2011-07-18 Thread Shayne Lebrun

If you have a list of static IPs that you've assigned, check what dhcp
leases have been handed out on the Mikrotik.

If the static IPs are all in a group, don't hand that group out via DHCP.

Set up a new /24 subnet, change your DHCP pool, and set up a second NAT.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Don Gould
 Sent: July-18-11 5:46 PM
 To: mikrotik@mail.butchevans.com
 Subject: Re: [Mikrotik] RB750G - Traffic stops to other slave ports...
 
 
 
 On 19/07/2011 1:34 a.m., john wrote:
  I have seen too many Mikrotiks plugged into a sock before. But
  normally it just reboots them randomly. I would suspect that make a
  virus could use up all the NAT ports/connections. Ip conflict
  definitely fits the bill though.
 
 
 Ok, over night it's occurred to me that I have done a very dumb thing...
   I confess I'm in a bit over my head here and am making mistakes that I'm
sure a
 bunch of you will just laugh at, but we get that :)
 
 I've assigned port 2 192.168.1.1 and set up dhcp server
 192.168.1.2-192.168.1.254
 
 However, I also have some static devices dotted in the network (yes, yes,
yes... I
 know, I should have put the static devices in one pool and started the
dhcp pool
 in a higher range).
 
 Working with MS boxes, if you do something dumb like this, the machine
just
 pops up and tell you.  But it's occurred to me that my wifi aps (of which
I have a
 bunch strung in the network) won't pop up and tell you on their screen, as
they
 don't have screens!
 
 So my questions...
 
 1. How do I monitor/check for this?  In my linux boxes I'd just check all
the
 obvious logs, but I don't know where the logs are on these Mkt boxes.
 
 2.  Is what I'm describing a typical/predictable behaviour of these mtk
units?
 
 (...and yes, of course I will go sort my config a bit better and see if
the problem
 goes away.  I'm just trying to better understand how I fault find these
things.)
 
  I would have to see the con-fig file to really see if you have
  anything 'wrong'. what is the 'offending devices?'
 
 I'm happy to publish the config if that would help and you're interested
to look...
 but how?
 
 Obviously I don't want to publish my back up file because it's got my
passwords
 in it.
 
 Do I just export bits?  If so, which bits and with what comments (sorry,
dumb
 newbi questions I know, bit to adicted to winbox and not enough cli
 yet!)
 
 Thanks again for the help
 
 D
 
 --
 Don Gould
 31 Acheson Ave
 Mairehau
 Christchurch, New Zealand
 Ph: + 64 3 348 7235
 Mobile: + 64 21 114 0699
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] OSPF not getting neighbors

2011-07-11 Thread Shayne Lebrun

If you don't want to define them manually, you could always try
'redistribute connected routes as type 1'.  But yeah, I've never tried with
0.0.0.0/0, and I'd think that would be a problem, meself.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Josh Luthman
 Sent: July-11-11 1:48 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] OSPF not getting neighbors

 Note the *OSPF* config is the same on each router, short of routerIDs.

 Are you suggesting I specify every network specifically or just one or two
big
 chunks (as in 74.218.0.0/16 and 10.0.0.0/8 or each individual /29)?

 The interfaces are all dynamic.  It does include the bridges, loopback,
etc on
 each of the routers.

 Josh Luthman
 Office: 937-552-2340
 Direct: 937-552-2343
 1100 Wayne St
 Suite 1337
 Troy, OH 45373

 On Mon, Jul 11, 2011 at 1:42 PM, Jacob Heider jhhei...@gmail.com wrote:

  Hm. Have you tried specifying the literal networks you're one, rather
  than everything? The docs suggest that what you're doing should work,
  but I'd try it the other way. And you have the interfaces added in /rout
osp int,
 right?
  Try the bridges and ethernets, or one or the other. I'm guessing it
  has to be the interface with the IP.

  On 2011-07-11 1:19 PM, Josh Luthman wrote:

  Sort of, just using broad spectrum shotgunning.

  /routing ospf network
  add area=backbone comment= disabled=no network=0.0.0.0/0

  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373

  On Mon, Jul 11, 2011 at 1:17 PM, Jacob Heiderjhhei...@gmail.com
wrote:

   And you've added the networks those IPs come in on under /rout ospf
net ?

  On 2011-07-11 1:15 PM, Josh Luthman wrote:

   I've septuple checked to make sure the timing was all the same.

  echo: route,ospf,debug Received packet from an unknown network:
  source=

  where source is all three of the OSPF neighbors, one per log echo.

  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373

  On Mon, Jul 11, 2011 at 1:11 PM, Jacob Heiderjhhei...@gmail.com
  wrote:

   /sys log add topics=ospf action=echo

  You should see what's going on. I've had it fail due to timer
  mismatches.

  On 2011-07-11 1:08 PM, Josh Luthman wrote:

   I have three sites (not really towers) that I want to all talk
OSPF.

  Looking at it from left to right I have

  The office with two play RBs in a switch.  Switch leads to
backhauls.
   The
  backhaul goes into the middle site.

  On the middle site I have an rb493ah (running OSPF) with the
  previously mentioned backhaul and another backhaul feeding the
  far right site in ether8/9.  ether8/9 are in bridge1.

  The latter backhaul feeds another tower with an rb493 running OSPF.

  The two play RBs and the far right tower see each other in OSPF
  neighbors, they should routes and such.  All seems good except
  for the middle site not being invited to the OSPF party.  I did
  confirm with an rb493ah in the office OSPF will work on a
  software bridge (though I only put one ethernet port in bridge1).

  Anyone know what I'm doing wrong?

  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373
  -- next part -- An HTML attachment was
  scrubbed...
  URL:http://www.butchevans.**com/pipermail/mikrotik/**

 attachments/20110711/9fab1e7f/**attachment.htmlhttp://**www.
  http://www.
  **

 butchevans.com/pipermail/mikrotik/attachments/20110711/h
  ttp://butchevans.com/pipermail/**mikrotik/attachments/20110711/**

  9fab1e7f/attachment.htmlhttp:**//www.butchevans.com/**
  pipermail/mikrotik/**attachments/20110711/9fab1e7f/**attachment.h
  tmlhttp://www.butchevans.com/pipermail/mikrotik/attachments/2011
  0711/9fab1e7f/attachment.html

  __**_
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/**mailman/listinfo/mikrotikhttp://
  www.butchevans.com/mailman/listinfo/mikrotik
  http**://www.butchevans.com/mailman/listinfo/mikrotikhttp:/
  /www.butchevans.com/**mailman/listinfo/mikrotik

  http**://www.butchevans.com/**mailman/**listinfo/mikrotikhttp:/
  /www.butchevans.com/mailman/**listinfo/mikrotik
  ht**tp://www.butchevans.com/**mailman/listinfo/mikrotikhttp://w
  ww.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to
  Mikrotik RouterOS

   __**_

   Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/**mailman/listinfo/mikrotikhttp://w
  ww.butchevans.com/mailman/listinfo/mikrotik
  http**://www.butchevans.com/mailman/listinfo/mikrotikhttp://
  www.butchevans.com/**mailman/listinfo/mikrotik

Re: [Mikrotik] OSPF multiple ABRs between an area and backbone?

2011-06-30 Thread Shayne Lebrun

Awesome.  Thanks!

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of can...@believewireless.net
 Sent: June-30-11 10:22 AM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] OSPF multiple ABRs between an area and backbone?

 Yes, this is fine and how we do it.  You just have to have your weights
set
 correctly so that traffic flows the way you want.
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Radius MAC Authentication with both DHCP and static IPs

2011-03-16 Thread Shayne Lebrun

If the computer isn't actively looking for settings to be assigned to it,
like through a DHCP request, you cannot assign it settings.

The router isn't going to create a radius request for every packet that
comes in with a given mac address.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Jim Rice
 Sent: March-16-11 4:23 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] Radius MAC Authentication with both DHCP and
static IPs
 
 Thanks Butch,
 
 
 
  1. Configure dynamic clients in radius to get a radius reply that
  includes the ip-pool attribute
 
 I could not find an ip-pool attribute in the radius dictionary.
 Is this something I will need to add as a custom attribute to radius, and
if so, will
 the MikroTik act upon it?
 
  2. Configure clients with static IP addresses to get the
  framed-ip-address attribute (I think that's the right
  one)
 
 We can supply this if an Access-Request is generated.
 I will test this with the Wireless setup.
 
  3. Configure a default unknown client pool to get the ip-pool
  attribute pointing to a pool of IPs that is NOT your normal access
  range
 
 Yes, we will want to redirect any other access attempts to a splash page.
 Customers will be connecting new devices to their networks, and there may
be
 some potential new customers that find us.
 
  All 3 of the above can include a rate-limit attribute of whatever is
  appropriate for the customer.  You would have to configure the
  static clients to get an IP from the DHCP server, but you will
  always be providing them with the SAME IP (static lease) via the
  framed-ip-address attribute.  (...)
 
 This sounds like we HAVE to use DHCP in order to generate the request for
the
 static devices?  Or is this a choice?
 
 Thanks,
 
 Jim
 
 PS: We are implementing your QoS script in order to prioritize some of the
 traffic (VoIP, Streaming, etc.)  But that discussion I will take offline.
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Radius MAC Authentication with both DHCP and static IPs

2011-03-15 Thread Shayne Lebrun

You shouldn't have anybody set 'statically'; everybody should be DHCP, and
some people will have reserved addresses that they always get.  Not what
you're asking, I know. :-)

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Jim Rice
 Sent: March-14-11 5:38 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] Radius MAC Authentication with both DHCP and
static IPs

 Sorry, I should have been more specific ...

 We are doing MAC authentication from a MySQL database, not local.
 The DHCP request triggers the Radius Access-Request, and receives the
Access-
 Accept reply.  For Static IPs, there is nothing to trigger the Radius
request.  So
 for those, I have to default to Accept them.
 (Unacceptable.)

 I do not know if this is version dependent or not.
 But devices configured with static IPs do not generate a Radius request
when
 connecting.

 I want to configure Radius to provide the DHCP Group and Rate-Limit
attributes,
 perhaps others as well, based on Username (MAC).

 Thanks,

 Jim

 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Duplex mismatches

2010-11-04 Thread Shayne Lebrun

When you try a second device, is it using the same Ethernet cable?

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Terry Trumbo
 Sent: November-04-10 11:28 AM
 To: mikrotik@mail.butchevans.com
 Subject: [Mikrotik] Duplex mismatches
 
 Having problems with a 433 board with duplex mismatch.  My switch is set
to
 auto and the Mikrotik is set to auto and it will run just 100 half. Hard
code both
 devices to 100 full still run 100 half. Try another device in the same
port on the
 switch and it does 100 full no problem. He switch is a Netgear GS108T. Any
ideas?
 
 
 
 Terry Trumbo
 
 Pronetwork Solutions,LLC
 
 http://www.pronetworksols.com
 
 Phone 270-734-9049
 
 Cell   270-360-1024
 
 Fax 270-360-1058
 
 
 
 -- next part --
 An HTML attachment was scrubbed...
 URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20101104/55d6
 8f04/attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] MT strikes again - OSPF says full, but no routes

2010-06-23 Thread Shayne Lebrun

Is the link between the two routers flapping or having difficulties?  OSPF,
especially Mikrotik's, hates that.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Jayson Baker
 Sent: Wednesday, June 23, 2010 12:40 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] MT strikes again - OSPF says full, but no routes

 Emailing MT will do zero good.  They'll just say, upgrade to
 4.whatever-todays-latest-is  I know, we've tried.
 OSPF logging... did that, looking, I really don't see anything that looks
 bad or wrong or out of place.

 It, again, just died.  Even using NBMA.

 So I guess we pull a middle of the day upgrade to
 4.whatever-the-latest-is-today and hope for the best.
 Sucks to have to take a few hundred customers down to do that though.
 We're
 getting around it with static routes now.

 On Wed, Jun 23, 2010 at 10:34 AM, Bill Prince 
 part...@skylinebroadbandservice.com wrote:

  There is always a reason.   Just not always an obvious one.

  bp

  On 6/23/2010 8:24 AM, Jayson Baker wrote:

  then it died again for no reason

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS

 -- next part --
 An HTML attachment was scrubbed...
 URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20100623/a321855
 2/attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Daktronics LED Sign setup

2010-06-11 Thread Shayne Lebrun

Does the sign have a gateway address defined?

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Eric Muehleisen
 Sent: Friday, June 11, 2010 10:00 AM
 To: Mikrotik discussions
 Subject: [Mikrotik] Daktronics LED Sign setup

 I have a unique setup that involves a MT router, NS2's and a Daktronics
 LED sign. The sign has a programmed IP address (172.16.192.25) from the
 factory and cannot be changed. This is making things difficult for me to
 setup remote access.

 Here is the network topology.
 Internet--Customer Premise--Redmax SU--Mikrotik RB750--NS2 AP
 (WDS)--NS2 (Station WDS)--Daktronics LED Sign.

 The sign's IP address is now pingable from the MT router but my dst-nat
 port forward rule doesn't seem to be working. I see the packets counting
 in the firewall, but fails to connect. I should also mention that I'm
 running Hotspot on the MT router. This sign is connected to the Hotspot
 interface. I have added it's MAC to the IP binding table.

 Hotspot interface IP is 10.5.50.0/24 and I've added the IP
 172.16.192.0/24 to the Hotspot interface as well. I have a masquerade
 rule setup for the sign's IP subnet but don't see any packet counts.
 Should I be seeing this?

 Attached is the MT configuration.

 -- next part --
 An embedded and charset-unspecified text was scrubbed...
 Name: config.rsc
 URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20100611/f760a07
 f/attachment.pl
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Monitoring OSPF

2010-06-10 Thread Shayne Lebrun

A man can dream, can't he?

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Josh Luthman
 Sent: Thursday, June 10, 2010 3:25 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] Monitoring OSPF

 Mikrotik,implement,standard = 0

 Josh Luthman
 Office: 937-552-2340
 Direct: 937-552-2343
 1100 Wayne St
 Suite 1337
 Troy, OH 45373

 Success is not final, failure is not fatal: it is the courage to
 continue that counts.
 --- Winston Churchill

 On Thu, Jun 10, 2010 at 3:17 PM, Shayne Lebrun sleb...@corebroadband.ca
 wrote:
  It'd be nice if Mikrotik implemented the standard MIB-2 OSPF tree.

  -Original Message-
  From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
  boun...@mail.butchevans.com] On Behalf Of Jeromie Reeves
  Sent: Thursday, June 10, 2010 3:01 PM
  To: Mikrotik discussions
  Subject: Re: [Mikrotik] Monitoring OSPF

  Yes you can have syslog email you, sms you, and much more, all based
  on a pretty comprehensive trigger based setup. When a message comes in
  to passes the filter stack, where it gets logged to the matching log
  file, and can trigger anything else a person can ask for (well ok,
  almost anything you ask for)

  On Thu, Jun 10, 2010 at 9:31 AM, james jamess...@webafrica.org.za
 wrote:
   Thanks guys

   I have not really used syslog before. I have written some scripts on
 the
   mikrotik that can check ospf and and log an info message like OSPF
 DOWN
  on
   X interface.

   Can syslog check for OSPF DOWN and theb send an email with OSPF
 DOWN
  on X
   interface as it's subject?

   -Original Message-
   From: mikrotik-boun...@mail.butchevans.com
   [mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Jeromie
  Reeves
   Sent: 10 June 2010 05:38 PM
   To: Mikrotik discussions
   Subject: Re: [Mikrotik] Monitoring OSPF

   That is what I do via syslog. Shove everything to syslog, then
   configure it to push everything out date based log files hotspot,
   ospf, bgp, wireless etc, then script up monitors for those (syslog
 can
   do some triggering too)

   On Thu, Jun 10, 2010 at 7:03 AM, Andrew Cox
 and...@accessplus.com.au
   wrote:
   Couple of suggestions:

   1) log only ospf info (either just to a 500-1000 line log or to a
 text
   file)
   then scrape the file or log every x minutes checking for the ospf
 drop
   message.
   2) script something that does much the same as above, only checks
 for
  the
   routes that are down and should be up or up and should be down and
 if
   reaching certain conditions, reboot.

   I've done a couple of scripts that scrape different text files and
 such
  so
   if you get stuck feel free to reply here and cc me in if you need a
  hand

   Regards,
   Andrew

   On 10/06/2010 9:22 PM, james wrote:

   Hi Guys

   I'm sure many of you use OSPF on your networks. I have about 50
  routers
   and
   about once a week OSPF will drop on a random link. Traffic gets
  rerouted
   but
   sometimes over a link that cannot handle the added load.

   I have configured NBMA neighbours and it works well but I want to
 get
   notified of OSPF dropping so that I can reboot the board asap to
  restore
   OSPF.

   How do I monitor this? I am proficient in scripting so if you have
 any
   ideas
   then I'm sure I can write a script or two

   Thanks

   James

   ___
   Mikrotik mailing list
   Mikrotik@mail.butchevans.com
   http://www.butchevans.com/mailman/listinfo/mikrotik

   Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
   RouterOS

   --
   Kind Regards,
   Andrew Cox
   AccessPlus
   Head Network Administrator
   Ph: 1300 739 822 (7am - 12 midnight AEST)

   ___
   Mikrotik mailing list
   Mikrotik@mail.butchevans.com
   http://www.butchevans.com/mailman/listinfo/mikrotik

   Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
   RouterOS

   ___
   Mikrotik mailing list
   Mikrotik@mail.butchevans.com
   http://www.butchevans.com/mailman/listinfo/mikrotik

   Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS

   ___
   Mikrotik mailing list
   Mikrotik@mail.butchevans.com
   http://www.butchevans.com/mailman/listinfo/mikrotik

   Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http

Re: [Mikrotik] Monitoring OSPF

2010-06-10 Thread Shayne Lebrun

It'd be nice if Mikrotik implemented the standard MIB-2 OSPF tree.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Jeromie Reeves
 Sent: Thursday, June 10, 2010 3:01 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] Monitoring OSPF

 Yes you can have syslog email you, sms you, and much more, all based
 on a pretty comprehensive trigger based setup. When a message comes in
 to passes the filter stack, where it gets logged to the matching log
 file, and can trigger anything else a person can ask for (well ok,
 almost anything you ask for)

 On Thu, Jun 10, 2010 at 9:31 AM, james jamess...@webafrica.org.za wrote:
  Thanks guys

  I have not really used syslog before. I have written some scripts on the
  mikrotik that can check ospf and and log an info message like OSPF DOWN
 on
  X interface.

  Can syslog check for OSPF DOWN and theb send an email with OSPF DOWN
 on X
  interface as it's subject?

  -Original Message-
  From: mikrotik-boun...@mail.butchevans.com
  [mailto:mikrotik-boun...@mail.butchevans.com] On Behalf Of Jeromie
 Reeves
  Sent: 10 June 2010 05:38 PM
  To: Mikrotik discussions
  Subject: Re: [Mikrotik] Monitoring OSPF

  That is what I do via syslog. Shove everything to syslog, then
  configure it to push everything out date based log files hotspot,
  ospf, bgp, wireless etc, then script up monitors for those (syslog can
  do some triggering too)

  On Thu, Jun 10, 2010 at 7:03 AM, Andrew Cox and...@accessplus.com.au
  wrote:
  Couple of suggestions:

  1) log only ospf info (either just to a 500-1000 line log or to a text
  file)
  then scrape the file or log every x minutes checking for the ospf drop
  message.
  2) script something that does much the same as above, only checks for
 the
  routes that are down and should be up or up and should be down and if
  reaching certain conditions, reboot.

  I've done a couple of scripts that scrape different text files and such
 so
  if you get stuck feel free to reply here and cc me in if you need a
 hand

  Regards,
  Andrew

  On 10/06/2010 9:22 PM, james wrote:

  Hi Guys

  I'm sure many of you use OSPF on your networks. I have about 50
 routers
  and
  about once a week OSPF will drop on a random link. Traffic gets
 rerouted
  but
  sometimes over a link that cannot handle the added load.

  I have configured NBMA neighbours and it works well but I want to get
  notified of OSPF dropping so that I can reboot the board asap to
 restore
  OSPF.

  How do I monitor this? I am proficient in scripting so if you have any
  ideas
  then I'm sure I can write a script or two

  Thanks

  James

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS

  --
  Kind Regards,
  Andrew Cox
  AccessPlus
  Head Network Administrator
  Ph: 1300 739 822 (7am - 12 midnight AEST)

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] XBox

2010-06-02 Thread Shayne Lebrun

That's why we want the LAC/LNS functionality. :-)

PPPoE client connects to the LAC at the tower.  The LAC at the tower then
opens a L2TP tunnel back to a central LNS (note that there can be more than
one LNS, and the LAC can decide which one to connect to either via something
like round-robin, or by the authentication domain; u...@example.com might
connect to LNS1, u...@example.org might connect to LNS2).  This L2TP tunnel,
of course, would follow your routed network.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Carl Jeptha
 Sent: Wednesday, June 02, 2010 7:27 AM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] XBox
 
 we use the 10.0.0.0/8  network (dreams of being very big back in 1998),
 every microcell has a /24 (10.0.1.0 , etc).
 
 We don't know if we can use PPPoE on a routed network as all the docs I
 have read talk about bridging, I would prefer routing. I have chased my
 tail a few times on a bridged network.
 
 You have a Good Day now,
 
 
 Carl A Jeptha
 http://www.airnet.ca
 Office Phone: 1-877-534-0021 ext 206
 Office Hours: 9:00am - 5:00pm
 skype cajeptha
 
 
 On 01/06/2010 10:31 AM, RickG wrote:
  I like the idea of PPPoE and bridging to the CPE. Do you route or
  bridge to multiple towers?
 
  On Tue, Jun 1, 2010 at 7:44 AM, Carl Jepthawispli...@airnet.ca  wrote:
 
  I am at present using the same setup plus one more nat like this:
  public - private
  AP sub netted to cpe
  cpe natted
  router natted
  xbox
 
  we are going to change to PPPoE and bridge to the CPE, needing more
 control
  on the clients bandwidth usage.
 
  And My Rock Band and Guitar Hero works just fine, been to busy to play
  lately though, something wrong with that - going to fix it. 8-)
 
  You have a Good Day now,
 
 
  Carl A Jeptha
  http://www.airnet.ca
  Office Phone: 1-877-534-0021 ext 206
  Office Hours: 9:00am - 5:00pm
  skype cajeptha
 
 
  On 01/06/2010 3:18 AM, RickG wrote:
 
  Good info. I'm the same set up. Just not totally warmfuzzy that
 my
  subs are getting a 100% XBox live experience so looking for anything I
  might have missed. I've got the ports forwarded and upnp enabled. I
  guess time will tell. Thanks!
 
  On Tue, Jun 1, 2010 at 2:02 AM, Josh Luthman
  j...@imaginenetworksllc.comwrote:
 
 
  I see.  In my case, no - one public for many private.  Behind that is
  a CPE that NATs again.  Once again if they have a wireless router.
  Xbox users I know of do not have a wireless router.
 
  On 6/1/10, Andrew Coxand...@accessplus.com.auwrote:
 
 
 He means having a range of external IP's that are on the outside,
 but
  all forwarded/natted to private addresses on the inside of a
 network.
  I believe this also known as Symetric NAT from memory.
 
  - Andrew
 
  On 6/1/2010 2:48 PM, Josh Luthman wrote:
 
 
  Can you give me a couple examples?  I'm still not getting you...
 
  On 6/1/10, RickGrgunder...@gmail.com  wrote:
 
 
  Sorry, S/B 1 to 1 NAT. Meaning matching a public (real) IP to a
  private
  IP.
 
  On Mon, May 31, 2010 at 11:11 PM, Josh Luthman
  j...@imaginenetworksllc.com  wrote:
 
 
  What do you mean by 1-1 NAT?
 
  On 5/31/10, RickGrgunder...@gmail.com  wrote:
 
 
  Are you using 1-1 NAT?
 
  On Mon, May 31, 2010 at 4:20 PM, Josh Luthman
  j...@imaginenetworksllc.com  wrote:
 
 
  Not sure what else there is to say.
 
  Make sure your CPEs have upnp and 4.6 (whatever the old thread
  mentioned said) and that was the end of it for me.
 
  Like I said I have triple NAT.  I am using MT CPEs and was
 using a
  MT
  core router.  It is ImageStream now.
 
  On 5/31/10, Hilton J Ralphshil...@think.co.za  wrote:
 
 
  Come on Josh, Rick is asking you for help.
 
  --
  Regards
  Hilton J Ralphs
  Think Technologies
 
  -Original Message-
  From: Josh Luthman
  I don't get any phone calls about it.
 
  On Mon, May 31, 2010 at 1:57 PM, RickGrgunder...@gmail.com
wrote:
 
 
  Its strange because I hear XBox works fine on my network (it
 does
  for
  me). But, every once in a while, I get a complaint that it
  doesnt.
  What did you do to make sure it works on your network?
 
 
 
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to
  Mikrotik
  RouterOS
 
 
 
  --
  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373
 
  Success is not final, failure is not fatal: it is the courage
 to
  continue that counts.
  --- Winston Churchill
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to
 Mikrotik
  RouterOS
 
 
 
  ___
  Mikrotik

Re: [Mikrotik] XBox

2010-06-02 Thread Shayne Lebrun

Again, the missing LAC/LNS functionality.  You can fake it, to some extent,
in Mikrotik with EoIP to allow a routed network, and a central PPPoE server.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of RickG
 Sent: Wednesday, June 02, 2010 12:02 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] XBox

 Same here. I echo the question.

 On Wed, Jun 2, 2010 at 7:27 AM, Carl Jeptha wispli...@airnet.ca wrote:
  we use the 10.0.0.0/8  network (dreams of being very big back in 1998),
  every microcell has a /24 (10.0.1.0 , etc).

  We don't know if we can use PPPoE on a routed network as all the docs I
 have
  read talk about bridging, I would prefer routing. I have chased my tail
 a
  few times on a bridged network.

  You have a Good Day now,

  Carl A Jeptha
  http://www.airnet.ca
  Office Phone: 1-877-534-0021 ext 206
  Office Hours: 9:00am - 5:00pm
  skype cajeptha

  On 01/06/2010 10:31 AM, RickG wrote:

  I like the idea of PPPoE and bridging to the CPE. Do you route or
  bridge to multiple towers?

  On Tue, Jun 1, 2010 at 7:44 AM, Carl Jepthawispli...@airnet.ca
  wrote:

  I am at present using the same setup plus one more nat like this:
  public - private
  AP sub netted to cpe
  cpe natted
  router natted
  xbox

  we are going to change to PPPoE and bridge to the CPE, needing more
  control
  on the clients bandwidth usage.

  And My Rock Band and Guitar Hero works just fine, been to busy to play
  lately though, something wrong with that - going to fix it. 8-)

  You have a Good Day now,

  Carl A Jeptha
  http://www.airnet.ca
  Office Phone: 1-877-534-0021 ext 206
  Office Hours: 9:00am - 5:00pm
  skype cajeptha

  On 01/06/2010 3:18 AM, RickG wrote:

  Good info. I'm the same set up. Just not totally warm    fuzzy that
 my
  subs are getting a 100% XBox live experience so looking for anything
 I
  might have missed. I've got the ports forwarded and upnp enabled. I
  guess time will tell. Thanks!

  On Tue, Jun 1, 2010 at 2:02 AM, Josh Luthman
  j...@imaginenetworksllc.com    wrote:

  I see.  In my case, no - one public for many private.  Behind that
 is
  a CPE that NATs again.  Once again if they have a wireless router.
  Xbox users I know of do not have a wireless router.

  On 6/1/10, Andrew Coxand...@accessplus.com.au    wrote:

    He means having a range of external IP's that are on the outside,
  but
  all forwarded/natted to private addresses on the inside of a
 network.
  I believe this also known as Symetric NAT from memory.

  - Andrew

  On 6/1/2010 2:48 PM, Josh Luthman wrote:

  Can you give me a couple examples?  I'm still not getting you...

  On 6/1/10, RickGrgunder...@gmail.com      wrote:

  Sorry, S/B 1 to 1 NAT. Meaning matching a public (real) IP to a
  private
  IP.

  On Mon, May 31, 2010 at 11:11 PM, Josh Luthman
  j...@imaginenetworksllc.com      wrote:

  What do you mean by 1-1 NAT?

  On 5/31/10, RickGrgunder...@gmail.com      wrote:

  Are you using 1-1 NAT?

  On Mon, May 31, 2010 at 4:20 PM, Josh Luthman
  j...@imaginenetworksllc.com      wrote:

  Not sure what else there is to say.

  Make sure your CPEs have upnp and 4.6 (whatever the old thread
  mentioned said) and that was the end of it for me.

  Like I said I have triple NAT.  I am using MT CPEs and was
 using
  a
  MT
  core router.  It is ImageStream now.

  On 5/31/10, Hilton J Ralphshil...@think.co.za      wrote:

  Come on Josh, Rick is asking you for help.

  --
  Regards
  Hilton J Ralphs
  Think Technologies

  -Original Message-
  From: Josh Luthman
  I don't get any phone calls about it.

  On Mon, May 31, 2010 at 1:57 PM, RickGrgunder...@gmail.com
   wrote:

  Its strange because I hear XBox works fine on my network (it
  does
  for
  me). But, every once in a while, I get a complaint that it
  doesnt.
  What did you do to make sure it works on your network?

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to
  Mikrotik
  RouterOS

  --
  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373

  Success is not final, failure is not fatal: it is the courage
 to
  continue that counts.
  --- Winston Churchill
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to
  Mikrotik
  RouterOS

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to
  Mikrotik

Re: [Mikrotik] XBox

2010-06-01 Thread Shayne Lebrun

Yeah, they've stated in the request thread on the Mikrotik forums that
they're aware of the interest and are looking into it.  Pretty vague, but
it's better than nothing.

http://forum.mikrotik.com/viewtopic.php?f=1t=18611

Feel free to add to the request. :-)

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Butch Evans
 Sent: Tuesday, June 01, 2010 1:47 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] XBox
 
 On Tue, 2010-06-01 at 10:58 -0400, Shayne Lebrun wrote:
  And for this, we wait with bated breath for Mikrotik to implement L2TP
 VPDN
  for LAC/LNS setups.
 
 Have you seen any indication from them that this is in the works or even
 on their radar?
 
 --
 
 * Butch Evans   * Professional Network Consultation*
 * http://www.butchevans.com/* Network Engineering  *
 * http://store.wispgear.net/* Wired or Wireless Networks   *
 * http://blog.butchevans.com/   * ImageStream, Mikrotik and MORE!  *
 
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] smtp delay

2010-05-13 Thread Shayne Lebrun

Ah, but many anti-spam solutions do use PTR entries, on the theory that
anybody not using a proper PTR is a) illegitimate, b) a 'dynamic' user that
should be sending mail through their ISP's MTA, or c) so clueless that
they're a huge security risk.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Terri Kelley
 Sent: Wednesday, May 12, 2010 11:06 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] smtp delay

 Well I am not so sure. Our own email server should not require reverse
 lookup for a client logging in and sending email. That is the norm for an
 email server. Where PTR comes into play is when one email server sends an
 email to another server. So that reverse lookup should not happen on the
 initial send from a customer here to our own email server.

 PTR entries are usually only enter for servers, especially email servers
 since that is a spam check. Think of a business. They don't have PTRs for
 every desktop in their enterprise. That would be a nightmare.

 Terri Kelley
 Network Engineer
 254-697-6710 x 1140
 Farm to Market Broadband
 www.farm-market.net

 This email message is intended only for the named recipient(s) above, and
 may contain, together with any attachment(s), confidential information
 that
 is privileged.  If you are not the intended recipient, be advised that you
 have received this email in error and that any use, dissemination,
 forwarding, printing, copying or distribution of this message and any
 attachment(s) is strictly prohibited.

 On May 12, 2010, at 1:23 PM, Butch Evans wrote:

  On Wed, 2010-05-12 at 12:37 -0500, Terri Kelley wrote:
  Really doubt it is my mail server. I have one customer
  complaining that it happens to him when using other smtp
  email servers.

  If you are natting, then DNS may still be the issue.  If you ARE
  natting, then do a reverse lookup on the IP that you are natting to.
  I'd bet that you'll find there is no PTR record for that IP.

  --

  * Butch Evans   * Professional Network Consultation*
  * http://www.butchevans.com/* Network Engineering  *
  * http://store.wispgear.net/* Wired or Wireless Networks   *
  * http://blog.butchevans.com/   * ImageStream, Mikrotik and MORE!  *

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

 -- next part --
 An HTML attachment was scrubbed...
 URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20100512/6360187
 f/attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] smtp delay

2010-05-12 Thread Shayne Lebrun

Just telnet to port 25 on the server in question and perform an SMTP
transaction, command by command.  You'll see exactly where the delay lies.

Chances are, as others have said, it's the remote mail server doing a DNS
lookup on something (your reverse address, a blacklist or spam filter list,
something) and timing out.

It'll go something like this: (my smtp commands are in caps, server
responses all have a 2xx result code)

Likely issues: If you see the delay between typing 'telnet' and getting the
'220' header, there's a network problem of some sort.  If it's after typing
'EHLO' or 'MAIL FROM' it's a DNS problem of some sort.  If it's after 'RCPT
TO' there's something weird going on with the mail server verifying that the
address exists or something.  If it's after the crlf.crlf to end the
message, the server is taking a long time to do some sort of scanning on the
message.


C:\ telnet smtp.example.com 25
220 smtp.example.com ESMTP Postfix
EHLO corebroadband.ca
250-smtp.example.com
250-PIPELINING
250-SIZE 5
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM: sleb...@corebroadband.ca
250 2.1.0 Ok
RCPT TO: sleb...@corebroadband.ca
250 2.1.5 Ok
DATA
354 End data with CRLF.CRLF
test
test
test
this is a test
.
250 2.0.0 Ok: queued as A980D15B759
QUIT
C:\
 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Antonio Sanchez
 Sent: Wednesday, May 12, 2010 1:41 AM
 To: mikrotik@mail.butchevans.com; mikrotik@mail.butchevans.com
 Subject: Re: [Mikrotik] smtp delay
 
 You can do an easy test to see where is the delay.
 
 Synchronice your board with a NTP server, write a simple script that sends
 an email.
 
 Then program a scheduled task to run the script at a known time.
 
 When the message arrives, see the message headers. The SMTP servers should
 be NTP time configured, so in the headers you will have a very aproximated
 information about the times the message spend to arrive.
 
 So finally you have the time you send, the time your server gets the mail,
 the transport times if any and the time you received the mail.
 
 Greetings
 
 Enviado usando Lite eMail de Vodafone.
 
 -Original Message-
 
 From: Terri Kelley net...@farm-market.net
 Sent: Wed, 12 May 2010 02:43:13 +0200
 To: Mikrotik discussions mikrotik@mail.butchevans.com
 Received: 12-May-2010 02:43:38 +0200
 Subject: Re: [Mikrotik] smtp delay
 
 Just thought of something. Have had a customer complain about it and he
 was using other smtp servers, not ours.
 
 Terri Kelley
 Network Engineer
 254-697-6710 x 1140
 Farm to Market Broadband
 www.farm-market.net
 
 
 This email message is intended only for the named recipient(s) above, and
 may contain, together with any attachment(s), confidential information
 that
 is privileged.  If you are not the intended recipient, be advised that you
 have received this email in error and that any use, dissemination,
 forwarding, printing, copying or distribution of this message and any
 attachment(s) is strictly prohibited.
 
 
 
 
 On May 11, 2010, at 7:09 PM, Craig Baird wrote:
 
  I have found on numerous occasions that delays of 30 seconds or so can
 often be attributed to failing DNS lookups.  IOW, if your mail server is
 configured to do a reverse DNS lookup on IPs connecting to it, and if
 those IPs are not properly reversed, you can get delays like this.  Might
 be completely unrelated, but I thought I'd throw it out there.
 
  Craig
 
 
  Quoting Terri Kelley net...@farm-market.net:
 
  Me sending out (and customers) from our clients. I have a bandwidth
 management unit that works in conjunction with our billing server. I am
 beginning to wonder if that is where it is since I don't have QOS running.
 
  Terri Kelley
  Network Engineer
  254-697-6710 x 1140
  Farm to Market Broadband
  www.farm-market.net
 
 
  This email message is intended only for the named recipient(s) above,
 and
  may contain, together with any attachment(s), confidential information
 that
  is privileged.  If you are not the intended recipient, be advised that
 you
  have received this email in error and that any use, dissemination,
  forwarding, printing, copying or distribution of this message and any
  attachment(s) is strictly prohibited.
 
 
 
 
  On May 11, 2010, at 6:38 PM, Josh Luthman wrote:
 
  From you to the server or server out?
 
  On 5/11/10, Terri Kelley net...@farm-market.net wrote:
  Yep, seems just smtp. Slow sometimes, not always. Takes up to 40 secs
  sometime to send an email out. No issue that I can see on the server.
 
  Terri Kelley
  Network Engineer
  254-697-6710 x 1140
  Farm to Market Broadband
  www.farm-market.net
 
 
  This email message is intended only for the named recipient(s) above,
 and
  may contain, together with any attachment(s), confidential
 information that
  is privileged.  If you are not the intended recipient, be advised
 that you
  have

Re: [Mikrotik] IPMAP Equivalent in Mikrotik

2010-05-06 Thread Shayne Lebrun

You also need the 72.90.73.3 IP address assigned on ether3.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Sam Tetherow
 Sent: Thursday, May 06, 2010 12:30 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] IPMAP Equivalent in Mikrotik

 I think you are going to need the corresponding src-nat rule as well:

 /ip firewall nat add chain=srcnat src-address=192.168.3.45 \
 action=src-nat to-address=72.90.73.3

 Josh Luthman wrote:
  I want to forward everything received by 72.90.73.3 on ether3 to an
 internal
  ip (192.168.3.45).

  I think you want dstnat.

  /ip firewall nat
  add chain=dstnat dst-address=72.90.73.3 \
  action=dst-nat to-address=192.168.3.45

  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373

  Success is not final, failure is not fatal: it is the courage to
  continue that counts.
  --- Winston Churchill

  On Thu, May 6, 2010 at 12:02 PM, Richard Hatherill Jr.
  ri...@callrich.com wrote:

  I can do a IPMAP External to internal in Staros and everything works
 great.

  I cannot figure out how to do the exact same thing in Mikrotik.

  I want to forward everything received by 72.90.73.3 on ether3 to an
 internal
  ip (192.168.3.45).

  Can someone give me the setup for this please?

  Also I have a webcam now on my internal network.  192.168.3.45

  I have a website that pulls live video from this webcam.

  Is there a rule I could setup in Mikrotik to simply turn this off and
 on.

  I want to test my bandwidth sometimes and I don't get real numbers if
 there
  are users on the webpage pulling the webcam.

  Thanks for any help.

  Rich Hatherill

  Cnywireless

  r...@cnywireless.com

  -- next part --
  An HTML attachment was scrubbed...
  URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20100506/331dff5
 1/attachment.html
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] model recommendation for WAN failover/load balance/MPLS

2010-04-01 Thread Shayne Lebrun

What he meant was, as far as the router's concerned, the VPN is an
interface, much like an Ethernet port is an interface.  You can apply QoS to
an interface.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Dylan Bouterse
 Sent: Thursday, April 01, 2010 3:37 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] model recommendation for WAN failover/load
 balance/MPLS

 So all traffic in the VPN is prioritized equally? In that case a file
 transfer between locations could effect VOIP. I guess the only other
 option is to have the VOIP outside the VPN if that's even
 feasable...assuming there is no other way to classify the traffic.

 Dylan

 On Apr 1, 2010, at 3:28 PM, Josh Luthman wrote:

  VPN is a new interface.  Just priotize it accordingly.  That's what
  conclusion I came to anyway.

  On 4/1/10, Dylan Bouterse dy...@acmecargo.com wrote:
  Was considering the AH version. The 493 doesn't appear to be much more
 than
  the 433 so 9 ports will probably win. Can you do QOS for traffic if it
 is
  going to traverse the VPN and it still take priority over all other
  protocols? Did that make sense?

  Dylan

  On Apr 1, 2010, at 3:17 PM, Josh Luthman wrote:

  For 10Mbps and the things you listed a 750 or 433 (I'd get AH) should
  work fine.  I like the 400s more then I do the 750, but I haven't used
  the 750 personally.

  Do you need 3 ports or more?

  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373

  Success is not final, failure is not fatal: it is the courage to
  continue that counts.
  --- Winston Churchill

  On Thu, Apr 1, 2010 at 3:14 PM, Dylan Bouterse dy...@acmecargo.com
  wrote:
  Wireless link is 3Mb at each location. Fiber is going to be 5-10Mb.

  Dylan

  On Apr 1, 2010, at 3:09 PM, Josh Luthman wrote:

  How many mbps?

  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373

  Success is not final, failure is not fatal: it is the courage to
  continue that counts.
  --- Winston Churchill

  On Thu, Apr 1, 2010 at 3:05 PM, Dylan Bouterse dy...@acmecargo.com
  wrote:
  Hello list! I kind of expected more traffic on this list but I
 guess
  it's a nice change from the others I'm on (Josh, you'll appreciate
  that).

  I am looking to quote out the following for a customer and I'm not
 sure
  a standard 750 is the right board for the job. Please share your
  thoughts.

  2 locations
  each with 2 WAN connections used for load balance and failover
  MPLS or VPN between locations
  QOS for Shoretel VOIP and possible other queues
  potential of doing web content filtering
  typical stuff like syslog, maybe the ddns script, some snmp queries

  Dylan
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS

  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

  --
  Josh Luthman
  Office: 937-552-2340
  Direct: 937-552-2343
  1100 Wayne St
  Suite 1337
  Troy, OH 45373

  Success is not final, failure is not fatal: it is the courage to
  continue that counts.
  --- Winston Churchill
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik

  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] zenoss

2010-03-25 Thread Shayne Lebrun

Zenoss will have standard interface mibs built in.

That said, we switched from Zenoss to nagios/cacti.  Between the web
interface being unsuitable for things like smartphones, to having no concept
of network dependencies, Zenoss just wasn't there for us quite yet.

I did really appreciate the Python interface; we had some fun replicating
some custom scripts we'd done for Zenoss over to Nagios, and I also liked
how Zenoss uses lat/long as a standard data field. 

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Ryan Spott
 Sent: Thursday, March 25, 2010 1:17 AM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] zenoss
 
 Yeah,
 
 I have been really trying to get my head wrapped around Zenoss with really
 no forward momentum. I _want_ to replace my cacti/nagios implementation
 with
 something that does it all.. but Zenoss is not really... there...
 
 Just a little too complicated I guess.
 
 ryan
 
 On Wed, Mar 24, 2010 at 10:07 PM, Eric Holtzclaw
 eric.holtzc...@ispan.uswrote:
 
  Try cacti
 
  -Original Message-
  From: mikrotik-boun...@mail.butchevans.com [mailto:
  mikrotik-boun...@mail.butchevans.com] On Behalf Of Terri Kelley
  Sent: Wednesday, March 24, 2010 7:19 PM
  To: Mikrotik discussions
  Subject: [Mikrotik] zenoss
 
  Anyone done any work with Zenoss and Mikrotik? I have it running as a
  network Monitor and would like to get mibs set up for bandwidth (speed)
 on
  interfaces, just can't figure out how to do it. I have done memory and
 cpu
  via snmp but nothing else. Tried some support from others but no go
 there.
 
  Suggestions?
 
  Terri Kelley
  Network Engineer
  254-697-6710 x 1140
  Farm to Market Broadband
  www.farm-market.net
 
 
  This email message is intended only for the named recipient(s) above,
 and
  may contain, together with any attachment(s), confidential information
 that
  is privileged.  If you are not the intended recipient, be advised that
 you
  have received this email in error and that any use, dissemination,
  forwarding, printing, copying or distribution of this message and any
  attachment(s) is strictly prohibited.
 
 
 
 
  -- next part --
  An HTML attachment was scrubbed...
  URL: 
 
 http://www.butchevans.com/pipermail/mikrotik/attachments/20100324/5596a313
 /attachment.html
  
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS
 
 
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS
 
 -- next part --
 An HTML attachment was scrubbed...
 URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20100324/b2025fc
 1/attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Replace X86 with Routerboard.

2010-03-08 Thread Shayne Lebrun

You might also consider a pair of 493AH or 450G or something, running VRRP,
if the goal is uptime and continuity of service rather than increasing
performance.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Scottie Arnett
 Sent: Sunday, March 07, 2010 11:18 AM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] Replace X86 with Routerboard.

 Thanks for all the replies and suggestions. I think I will stay with the
 PC and try out the Atoms with a DOM. One of my goals was to cut down on
 electric usage also, and it looks like they will do the trick.

 Scottie

 -- Original Message --
 From: Travis Johnson t...@ida.net
 Reply-To: Mikrotik discussions mikrotik@mail.butchevans.com
 Date:  Sat, 06 Mar 2010 22:02:39 -0700

 I was not saying you needed to spend $1,500 on a good router. I was
 simply suggesting that you spend $400-$500 to get something that will
 last you 3-5 years compared with spending $250 and getting to replace it
 (growth, not as good quality, etc.). It was just a suggestion.

 Even our main edge router is a Mikrotik (not our BGP router, but the
 next in line). It's running on an Intel Core board with two Intel GigE
 ports. It moves 400Mbps+ during the day, and has been up for 166 days as
 of right now. It has 10 queues, and at least 50 firewall rules. CPU is
 never above 12%. Total cost on this box was less than $1,000 and that
 was a year ago.

 (We upgrade this particular router about every year, and move the old
 router into the backup position in the rack. Then if something ever
 dies, we just move two cables and we are back up and running but in
 6+ years of having this setup, we have never had to use the backup).

 Travis
 Microserv

 Scottie Arnett wrote:
  Understood Travis,

  My whole escapade into this has resulted from what happened today. I
 may be on the wrong track...and it maybe would have fried a routerboard
 also. So, here is my story

  The weather here was much warmer than normal today. I was trimming some
 trees and one kicked back and took out the high powered electrical lines
 close to my house(1st JINX of the day). I called the electric company to
 fix what I screwed up. Ok, I live in a remote area, so I need a cell phone
 booster to pick up cell signals(I do not have a land line phone). No
 power, no booster! Above and behold, a transformer blew about 1/2 mile
 from my NOC at about the same time, say 20 minutes after, and 30 miles
 away. I do not get the page.

  2 hours later, the electric company get my power back on and my cell
 goes crazy! I call my partner to go check what is wrong at the NOC. He
 goes to the NOC and everything is up except the X86 doing all the routing.
 Hits power button, gets those most wonderful beeps. Goes on to do the
 regular PC troubleshooting(we are a PC repair shop also, been doing it
 over 20 years) and no good. Fried motherboard.

  So, we did not have a standby, I scramble into my basement which is a
 PC Ancestry museum and find an almost exact replacement. I drive the 30
 miles swap everything into the exact same locations, get a working Tik.

  My customers were down over four hours. That is in part to my under-
 sight. I just want to make sure it does not happen again.

  I will not get into the being able to afford $1500 PC routers, but you
 have multitude more customers than we do, and I am in an area that is
 serviced by a rural co-op that gets tons of funding from uncle
 Sam...should be enough said as far as competition goes.

  Scottie

  -- Original Message --
  From: Travis Johnson t...@ida.net
  Reply-To: Mikrotik discussions mikrotik@mail.butchevans.com
  Date:  Sat, 06 Mar 2010 19:26:19 -0700

  If you spend more than $250, maybe you wouldn't have to have so many
  spares :)

  We've never had a single X86 based MT router fail in the field. Ever.
 I
  have over 50 of them running (some for over 4 years). Yet we just had
 an
  RB333 fail and die (and take out an ethernet port on the switch along
  with it). It had only been in production for 9 months.

  If you spend the money up front, it saves you money in the long run...
  less downtime, less labor, etc.

  Travis
  Microserv

  Scottie Arnett wrote:

  Below: I do some filters with L7. No, it is a full P4. I forgot to
 mention a few things that come to mind. I am using it as DNS server and
 redirecting(via NAT) all DNS activity through the MT to use the MT DNS
 cache. I am not using web proxy. At the moment it has a Prizm card for
 wireless customers(10 total), but I am getting rid of that and going to a
 BulletM2HP. I am needing 1 of the 4 ports for this.

  I know several responded before Josh on this and he other list, so I
 will try to address the others. I would like to keep these below $250. I
 can buy regular x86 much more powerful than this for less money.

Re: [Mikrotik] RouterOS needs VPDN!

2009-11-23 Thread Shayne Lebrun

To put it even more succinctly, this functionality allows you to make your
own network utterly transparent to the end user.  This allows for dead
simple reselling with yourself completely out of the loop, assuming that
your backhauls are good.

A customer of ISP A gets an ISP A IP address, is subject to ISP A's routing,
QoS, and all that stuff, while ISP B's customers get ISP B IP addresses, ISP
B routing, QOS, and what not.  Bill based on ingress/egress at the
interconnect with each ISP.

This can be, for lack of a better term, 'faked' in various ways with
Mikrotik already, but then you lose the ability to do things easily like
tell a given ISP that you're seeing the connect attempt from the customer,
and here's the username/password, or whatever.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Jon Auer
 Sent: Sunday, November 22, 2009 10:59 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] RouterOS needs VPDN!
 
 This is a bit different.
 Instead of using the realm to locally authenticate the user you
 forward the whole PPP session to the remote PPP server (LNS)
 associated with the realm.
 
 To continue on Shayne's example, b...@example.com's traffic (PPP bits
 and all) would get tossed down a L2TP tunnel to 2.2.2.2.
 This means the PPP session for Bob would be established between BOB's
 CPE and 2.2.2.2.
 Your router would just be forwarding bits from Bob to the L2TP tunnel.
 This rocks because your wholesale customer (example.com) can use their
 own IP addresses for the customer.
 
 I chipped in support in a different thread a while back:
 http://forum.mikrotik.com/viewtopic.php?f=1t=26698
 This is really the one feature left that is preventing me from
 becoming a rabid Mikrotik evangelist. :-)
 
 Also see Cisco's explanation of this:
 http://www.cisco.com/en/US/tech/tk801/tk703/technologies_tech_note09186a00
 80094586.shtml
 
 On Sun, Nov 22, 2009 at 4:59 PM, Mike Hammett butch-mikro...@ics-il.net
 wrote:
  Doesn't it already support realms via RADIUS?
 
 
  -
  Mike Hammett
  Intelligent Computing Solutions
  http://www.ics-il.com
 
 
 
  --
  From: Shayne Lebrun sleb...@corebroadband.ca
  Sent: Monday, November 16, 2009 8:04 AM
  To: 'Mikrotik discussions' mikrotik@mail.butchevans.com
  Subject: [Mikrotik] RouterOS needs VPDN!
 
  What I'd love to see in RouterOS is VPDN.  Very handy for reselling
  access.
 
 
 
  Customer initiates PPPoE session.  Local Access Concentrator picks up
 this
  PPPoE session, and examines the realm.  Based on said realm, the
 session
  is
  forwarded along to the appropriate 3rd party's LNS.  Let say,
  @butchevans.com goes to 1.1.1.1 and @example.com goes to 2.2.2.2.
 
 
 
  We can fake this in various ways in RouterOS at the moment, but it
 would
  be
  awfully nice to have proper VPDN that can interop with Cisco and
 Juniper
  kit.
 
 
 
  Show some love in this forum thread:
 
  http://forum.mikrotik.com/viewtopic.php?f=1
  http://forum.mikrotik.com/viewtopic.php?f=1t=18611 t=18611
 
  and vote on the Wiki:
 
  http://wiki.mikrotik.com/wiki/MikroTik_RouterOS/v4/Feature_Requests
 
  and help make some dreams come true.
 
 
 
  -- next part --
  An HTML attachment was scrubbed...
  URL:
 
 http://www.butchevans.com/pipermail/mikrotik/attachments/20091116/510ee42
 c/attachment.html
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS
 
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS
 
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

[Mikrotik] RouterOS needs VPDN!

2009-11-16 Thread Shayne Lebrun

What I'd love to see in RouterOS is VPDN.  Very handy for reselling access.

 

Customer initiates PPPoE session.  Local Access Concentrator picks up this
PPPoE session, and examines the realm.  Based on said realm, the session is
forwarded along to the appropriate 3rd party's LNS.  Let say,
@butchevans.com goes to 1.1.1.1 and @example.com goes to 2.2.2.2.

 

We can fake this in various ways in RouterOS at the moment, but it would be
awfully nice to have proper VPDN that can interop with Cisco and Juniper
kit.

 

Show some love in this forum thread:

http://forum.mikrotik.com/viewtopic.php?f=1
http://forum.mikrotik.com/viewtopic.php?f=1t=18611 t=18611

and vote on the Wiki:

http://wiki.mikrotik.com/wiki/MikroTik_RouterOS/v4/Feature_Requests

and help make some dreams come true.

 

-- next part --
An HTML attachment was scrubbed...
URL: 
http://www.butchevans.com/pipermail/mikrotik/attachments/20091116/510ee42c/attachment.html
___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] 28v over-voltage protection - just say NO

2009-10-28 Thread Shayne Lebrun

Agreed on the 28 volt cutoff (though a RB600 will take lots more; at least
48, possibly all the way up to 56 IIRC) but we've had lots of 493s, 433s and
532s come back quite nicely after the voltage wasn't so over any more.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Randy Cosby
 Sent: Wednesday, October 28, 2009 12:06 PM
 To: Mikrotik discussions
 Subject: [Mikrotik] 28v over-voltage protection - just say NO

 http://forum.mikrotik.com/viewtopic.php?f=3t=36191start=0

 I'm pulling my hair out and wasting all kinds of money on voltage
 regulators to make sure my solar and dc-powered sites don't cause
 mikrotik routerboards to go into over-voltage protection when the
 batteries get charged over 28v.

 I'm begging (and asking for you to join me) Mikrotik to:

 1. Upgrade the over-voltage protection to 30v or higher on 24 volt
 products.
 2. Never EVER make another routerboard that runs has over-voltage
 protection at 28v
 3. Change the over-voltage behavior to cause the device to reboot when
 the voltage drops to acceptable levels, instead of requiring a
 power-cycle to bring it back to life.

 Will you join me on this and let Mikrotik, your distributor, etc. know
 your thoughts on this? This is not a new problem, it has been discussed
 repeatedly on the lists and forums.

 Thanks!

 --
 Randy Cosby
 Vice President
 InfoWest, Inc

 435-674-0165 x 2010

 http://www.infowest.com/

 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik

 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

Re: [Mikrotik] Another poll: How are you controlling access to your routers?

2009-10-27 Thread Shayne Lebrun

If you *do* have any Internet facing IP addresses, install the handy scripts
that are floating around that count the number of connections on ssh, telnet
and FTP, and blacklist the IPs if there are a number of connections in a
short period of time.

Not only does this keep the nice dictionary lists out of your logs, it'll
save you some CPU resources.

 -Original Message-
 From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-
 boun...@mail.butchevans.com] On Behalf Of Terri Kelley
 Sent: Tuesday, October 27, 2009 3:49 PM
 To: Mikrotik discussions
 Subject: Re: [Mikrotik] Another poll: How are you controlling access to
 your routers?
 
 In addition to the firewall rule, change the ssh port to something
 high and unused.
 
 Terri Kelley
 Network Engineer
 254-697-6710
 
 
 
 On Oct 27, 2009, at 2:45 PM, Hilton J Ralphs wrote:
 
  I simply don't enable port 22, well at least from only a
  192.168.0.0/16 range.
 
  If I need to access the router via SSH I just connect via VPN and
  then SSH from there.
 
  --
  Regards
  Hilton
  +2782-572-9619
 
  -Original Message-
  From: Butch Evans
 
  In my classes, I discuss a particular method of controlling access to
  the router that stops the ssh attacks (ftp, too).  My approach is
  quite simple and works well for MOST people.  My question for the
  borg
  is this:  What is your approach to controlling access to the network?
 
  ___
  Mikrotik mailing list
  Mikrotik@mail.butchevans.com
  http://www.butchevans.com/mailman/listinfo/mikrotik
 
  Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
  RouterOS
 
 -- next part --
 An HTML attachment was scrubbed...
 URL:
 http://www.butchevans.com/pipermail/mikrotik/attachments/20091027/742fbb3
 1/attachment.html
 ___
 Mikrotik mailing list
 Mikrotik@mail.butchevans.com
 http://www.butchevans.com/mailman/listinfo/mikrotik
 
 Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
 RouterOS

___
Mikrotik mailing list
Mikrotik@mail.butchevans.com
http://www.butchevans.com/mailman/listinfo/mikrotik

Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS

59 matches

Mail list logo