Re: [Mikrotik] Testing attachments...
On Sat, 12 Jan 2008, Butch Evans wrote: I am gonna be testing how attachments are handled...they will all be very small, but if you see a few of them, you can ignore them. ;-) Now for one more test...A slightly larger test. -- Butch Evans Network Engineering and Security Consulting 573-276-2879 http://www.butchevans.com/ My calendar: http://tinyurl.com/y24ad6 Training Partners: http://tinyurl.com/smfkf Mikrotik Certified Consultant http://www.mikrotik.com/consultants.html -- next part -- A non-text attachment was scrubbed... Name: TheShed.wmv Type: video/x-ms-wmv Size: 2539304 bytes Desc: Url : http://www.butchevans.com/pipermail/mikrotik/attachments/20080112/9df4d411/attachment.wmv
[Mikrotik] Equipment liquidation
On Mon, 7 Jan 2008, Butch Evans wrote: I still have some of this spare gear left. Here is the current list: QTY Description Retail Price 10 RB153/2 WLM54AG/Indoor Case/antenna $245.00 $183.75 2 RB153/1WLM54AG/WLM54G/Case/antenna $239.00 $179.25 1 RB153/1WLM54AG/Case/antenna $186.00 $139.50 1 RB153/2 CM9/Case/Antenna$251.00 $188.25 2 NL-2511 MP Plus minipci $54.95 $45.00 1 WLM54AG 2.4GHzb/g (brand new)$41.00 $38.00 5 NL-2511CD Plus EXT2 Mercury - pcmcia $79.00 $60.00 The RB153 should still be under warranty, but I am checking to see for certain. The Routerboard cases are in pretty good shape (some of them are absolutely brand new). Most of this gear has not been used much at all. Prices are each. I will sell these at a small discount if you buy a large qty. The retail price is an average of 3 vendors where I could find prices for the specific gear. I am not selling power supplies for the routerboards. (Shipping is not included) -- Butch Evans Network Engineering and Security Consulting 573-276-2879 http://www.butchevans.com/ My calendar: http://tinyurl.com/y24ad6 Training Partners: http://tinyurl.com/smfkf Mikrotik Certified Consultant http://www.mikrotik.com/consultants.html
Re: [Mikrotik] [MikroTik] IPSec Configuration Problems
On Fri, 18 Jan 2008, Gene Spiker wrote: Other versions of IPSec on other systems that work off a menu such as winbox also build the interface and route. Mikrotik uses a POLICY to route the traffic...there is not a route (at least not one visible under /ip route) for IPSEC traffic. In version 2.9 of Mikrotik I manually built a route for the remote subnet pointing to the Mikrotik IP address of the Mikrotik LAN. This did not work. Because it's not necessary. What you need to do is add configurations as follows (this is not exact, but a GUIDE): under /ip ipsec policy, you define the following 4 values as appropriate: src-address = the lan network address on the MT side dst-address = the lan network address on the IPCOP side sa-src-address = the PUBLIC IP on the MT side sa-dst-address = the PUBLIC IP on the IPCOP side The remainder of the ipsec config is likely to be correct, since you can communicate across the tunnel. under /ip firewall nat, you should run these commands: /ip firewall nat print /ip firewall nat add src-address=MTLAN dst-address=IPCOPLAN action=accept \ place-before=0 of course, the MTLAN is the network address for the private subnet on the MT side and IPCOPLAN is the IPCOP side. WHat this does, is cause traffic destined for the remote side of the tunnel to NOT be natted (assuming you are natting on the public side). This is necessary because the NAT happens before the IPSEC part of the kernel, meaning that if the traffic is being natted, the IPSEC does not see traffic that matches the policy and, therefore, does not send it across the tunnel. There is no need for routes or setting of proxy-arp. MT does not add any IP addresses or visible interfaces for IPSEC tunnels. After you set this up, you should be able to ping from one private lan to the other. You should see (under /ip ipsec installed-sa) 2 tunnels - one in and one out. The documentation says this, but (unlike most other parts of MT's documentation) I think this part is not very clear. -- Butch Evans Network Engineering and Security Consulting 573-276-2879 http://www.butchevans.com/ My calendar: http://tinyurl.com/y24ad6 Training Partners: http://tinyurl.com/smfkf Mikrotik Certified Consultant http://www.mikrotik.com/consultants.html
Re: [Mikrotik] 802.11n
On Thu, 28 Feb 2008, ccrum wrote: Does anyone know...does MT support the N mini-pci cards? I have a client who wants an all N indoor installation for his private network. Would love to stick with MT if possible. At the MUM in Florida, some of the MT guys were playing with an 802.11N card. The support is not really production ready, though. My understanding from them is that this is something they are working on, but have not, yet, completed. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] No network protocols running...
On Fri, 29 Feb 2008, Mark McElvy wrote: I am setting up a new AP. RB-333 running 900 Mhz. I want it setup like my 2.4's with PPPoE. I have duplicated the setup with the only difference I can see 2.4's are ROS 2.9.46 and the new one is 3.3. can anyone indicate what the error means? It occurs during PPPoE login. I get an authentication and a immediate disconnect. This USUALLY means there is a problem obtaining an IP address. Check to make sure that you have both local and remote IP space being assigned (local can be just a single IP in the profile). If you're not certain, post the results of the following (hide the passwords): /ppp profile print /ip pool print /ppp secret print If you're using radius, then you may want to post (as well): /radius print detail -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] Alltel Cellular / Data Access Cards
information and a gateway is added so that traffic uses this radio). 2. Radio 2 begins searching for the best AP and will be configured with IP information ONLY if the current signal level on Radio 1 is below a certain (definable) threshold. 3. If Radio 2 is now the current connection, then Radio 1 begins the search for a new AP. and the cycle is repeated ad infinitum. Basically, we walk the network with 2 CPE devices. We can, also, set the AP in the car so that it is not going to interfere with the current radio's frequency, though this will cause problems with calls if we aren't careful. In order to detect call status, I use a script that watches packet rate on the interface. If it is below a certain number, I will assume that there is no call currently connected, and it is safe to move the car mounted AP to a new channel if it is interfering with the current connection. As you can see, it is doable, but it is VERY involved. I don't want to make this a sales pitch, but I will say this much... 1. Each install is VERY HIGHLY CUSTOMIZED, and, therefore, has to be built according to the needs of the specific network 2. Cost may seem high, but MUCH of this can be paid for with grants (homeland security has MILLIONS of dollars to build these types of systems out) The first one of these that I built was WAY underbid. I only charged about $3k for that one. The most expensive was about $18k, but involved almost 2 weeks onsite. The average cost (my part) is about $5k-7k. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] Weird Ping Results
On Tue, 1 Apr 2008, Casey Mills wrote: Why do I get this? [EMAIL PROTECTED] /ping 192.168.55.10 19:02:16:08:55:10 ping timeout 19:02:16:08:55:10 ping timeout 19:02:16:08:55:10 ping timeout 19:02:16:08:55:10 ping timeout 19:02:16:08:55:10 ping timeout It took me a while to see it, but for whatever reason the ip I supply is being converted to a MAC address. Do you have a static ARP entry for this IP? If you are seeing this for ANY IP, then I'm not sure...I'd check for static ARP entries, though. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] Weird Ping Results
On Tue, 1 Apr 2008, Kerry Penland wrote: It looks to me like maybe IPv6? It's not the same format as an IPv6 Address. That is a MAC address. MAC = 48 bits = 12 HEX digits IPv6 = 128 bits = 32 HEX digits (without the shortcut of course) [EMAIL PROTECTED] /ping 192.168.55.10 19:02:16:08:55:10 ping timeout -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] Weird Ping Results
On Tue, 1 Apr 2008, Butch Evans wrote: I thought I'd expand on this just a little... On Tue, 1 Apr 2008, Kerry Penland wrote: It looks to me like maybe IPv6? It's not the same format as an IPv6 Address. That is a MAC address. MAC = 48 bits = 12 HEX digits This is usually written as: XX:XX:XX:XX:XX:XX: or XX-XX-XX-XX-XX-XX OR ..XXXx IPv6 = 128 bits = 32 HEX digits (without the shortcut of course) These look like this: ::::::: If a series of bits are all 0, then you can shortcut the IPv6 address by replacing them with ::. For example: FE21::::::: could be written as: FE21::::: It should be noted that you can replace only ONE set of contiguous 0s in an address, as replacing more than one set of 0s would be ambiguous. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] Alltel Cellular / Data Access Cards
On Tue, 1 Apr 2008, Carl A jeptha wrote: do you some sort of presentation that can be used to visit municipalities in our county with the intention of showing the need for them. I wish I did. Unfortunately, the way this works for a city that doesn't know they need it is to approach a few folks that would be using it. For instance, discuss the possibilities with a few patrolmen. Clip some articles from magazines or websites that discuss the muni wireless opportunities. But, here is one story of how I, along with a local WISP, approached this. Since I am under an NDA with this city for another 8 months, I can't discuss the specifics of this deployment. The WISP called me after the Florida MUM to discuss how to obtain the homeland security dollars. Truth be told, I still don't know, but I DO know you can visit this site to get started: http://www.dhs.gov/xgovt/grants/ also, try: http://www.fema.gov/government/grant/index.shtm FEMA is the one that oversees or manages the DHS grants. Either way, we discussed the possibilities and here is the short list of benefits to the city: * Police car tracking - GPS, video and more available * Network access for the police (or other departments) from their vehicles - this allows them to do their own search of state database directly as well as the ability to file reports right from the car. * Internet access - not a need feature, but certainly a cool feature - * VoIP - By adding a one time cost in the vehicle, we can provide telephony in the car and the phone line is at the PD (or other office) - THIS CAN BE A HUGE SAVINGS * Access for PDA, which can be very useful for both Police and other departments * Ambulance service can deliver information direct to the hospital while en route to the ER - obvious benefits There are, of course, other possibilities, but this is just a few. The WISP and I put together this list and he took it to a couple of the town council members and they were interested. He, then, was sheduled to present the idea to the council as a whole and the council got one of the city employees to take care of locating and obtaining the grants. The city did all of that work. What the DHS paid for was: * 7 towers to extend the coverage of the existing network * AP gear for the towers * All the CPE (vehicle) gear - radios - cameras, including the dvr - phones (802.11 wireless voip phones) * dvr gear for the police station * Installation and engineering costs to the city * VPN Concentrator (Mikrotik Router) at the Police Station The WISP provided internet access services as well as local transport services for the network. Also, the WISP contracted to maintain the system. He didn't get paid for the maintenance, but exchanged the rights to use the APs as a secondary user, so was able to extend his network reach in the city. DHS grants do not cover the cost of the services. If I am recalling correctly, we had to hide the labor costs in the equipment cost as well. This should give you some ideas. The main thing is to get someone on the inside interested and they will do your preaching for you. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] Looks like Butch's idea made it semi mainstream
On Wed, 16 Apr 2008, Casey Mills wrote: http://www.i-hacked.com/index.php... That is kinda cool. I do this with a MT router (of course)...the config is MUCH less convoluted, however 1. Get a MT router with 2 wireless interfaces 2. Config is as follows (for 2.9.x): Assuming wlan1 is to be the predator interface and wlan2 is your connection: /interface wireless connect-list add interface=wlan1 connect=yes /interface wireless security-profiles add authentication-types=wpa2-psk group-ciphers=tkip \ mode=dynamic-keys name=secureprofile \ wpa2-pre-shared-key=wpakeyforme /interface wireless set wlan1 mode=station set wlan2 mode=ap-bridge ssid=SSIDFORMETOUSE \ default-authenticate=yes default-forward=no profile=secureprofile 3. Add dhcp-client to wlan1: /ip dhcp-client add add-default-route=yes disabled=no \ interface=wlan1 use-peer-dns=yes 4. Set up IP addresses/dhcp on the wlan2 interface 5. Create a NAT rule that masquerades all traffic out the wlan1 interface: /ip firewall nat add out-interface=wlan1 action=masquerade chain=srcnat That's about it...unless I forgot something. ;-) -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] RB OS v 3.7
On Wed, 30 Apr 2008, Eric Sooter wrote: I thought that pseudobridge had better performance in p-t-multipoint. On the Mikrotik forum, I noticed alot of complaining about WDS performance dropping when you get over 5 or 6 WDS sessions on an AP. Is this true? Let's say that you have an AP with 10 client devices connected. If these 10 are all running with station-wds, then you will have some performance hit for that. If you only need station-wds on 2 of them, then you will not suffer noticably. Alternatively, you can run all 10 with pseudobridge and performance will not suffer. HOWEVER, because of the way 802.11 functions, you will have other issues. Let me give a specific scenario. You have a customer that needs the public IP on their own gear (so they can control the port forwarding or whatever). You can build that customer's radio connection in one of 3 ways (more, actually, but for this example, we'll just discuss the 3 main ways). 1. You can assign an IP to the radio card on their MT radio and route their subnet via that IP. This will cost nothing in terms of performance of the AP, and the customer's IP will be 100% reachable. 2. You can set the MT radio in station-wds mode and assign their public IP on their equipment (the gateway IP would be on your AP). This will only cause a performance hit if you have to do this for more than about 7-10 customers. This performance hit will not be dramatic, even with 10-15 customers, unless the AP is already pretty loaded. 3. You can use pseudobridge. Like #2, you would assign the customer's public IP to their equipment and their gateway IP would be assigned to your AP. When the customer generates traffic toward the Internet, your AP would find their MAC address to be that of the radio card on their MT running pseudobridge. All traffic generated by the customer would be properly delivered. However, if the customer's equipment has not sent any packets for a bit, then you will have a problem because when the AP (which considers their IP to be available local) cannot determine their MAC address with an ARP broadcast. SO..the customer can send traffic to the internet with no problems, but if a connection is initiated from the internet side, and their device has been quiet for some time, that connection will fail. This is due to the reality of how 802.11 was defined and the way that pseudobridge fools the network into thinking the end user IP actually exists on the wireless network. I can't cover this in enough detail to make it clear WHY this is true, because I'm short on time, but if there is enough interest, I can try to provide some information later. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] RB OS v 3.7
On Wed, 30 Apr 2008, Keith Barber wrote: I have an AP (RB600) with about 40 clients and 3 full wds links at the moment. We are looking at providing the customer with their IP on their own equipment. Station-wds was looking like the answer. If all 40 of those clients were in station-wds, meaning there are now 43 wds links on the AP, is the AP going to choke? The AP would not like 43 station-wds clients. However, that is not needed. Let me explain a bit. To run wds, you need to set up the AP for WDS. Then, you set ONLY those clients that need WDS as station-wds. Other clients can be running as normal clients (station mode if you are running MT clients). In this scenario, the AP will not have a problem. FWIW, you can run pseudobridge clients (trango, MT and others) on the same network that you run station-wds clients on. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] RB OS v 3.7
On Wed, 30 Apr 2008, Keith Barber wrote: Right, which we'll have a fair split of customer's that don't have publics running in plain station mode. But in some of the business districts about 90% of those clients are going to be putting the public IP into their equipment, with the ap as the gateway, so we don't have to do any NATing above their router. For most of them, it may work without issues to use pseudobridge in MT (or any other ethernet bridge gear), but if there will be a lot of INBOUND connections, then you may see trouble due to the realities of how 802.11 works. If they just need the public IP on their gear so that they can establish OUTBOUND connections (for corporate VPN or whatever), then they should work just fine with pseudobridge. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] VPN Questions
On Mon, 5 May 2008, Mike Hammett wrote: Perfect Forward Secrecy they have yes and no. Mikrotik does not support PFS. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] VOIP server seeing internal address ?
On Tue, 6 May 2008, Rick Smith wrote: When the phone server gets the connection from the remote IP, it sees 192.168.15.1 as the incoming IP, and it can't talk to the remote phone because the phone server's expecting the public IP (according to the dealer on-site) This should be correct. No matter what I do, I can't get the public IP to appear on the internal network as the source address. I'm pretty sure that's the way NAT is SUPPOSED to work - but of course they're telling me that Altigen works just fine with every other router in the world and they've never had this problem with sonicwall or ciscos I'd bet you have a rule in src-nat that is affecting this traffic. Just my guess, but I bet you have a rule that looks similar to: /ip firewall nat add chain=srcnat action=masquerade If you export all rules in nat and post them (or private email if you prefer), we can offer further input. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] VPN Questions
On Wed, 7 May 2008, Mike Hammett wrote: What would ISAKMP SA Lifetime match up to? Kevin said lifetime on policy, but I don't see any lifetime fields on policy. Lifetimes are on Proposal and Peer. I believe the ISAKMP SA Lifetime matches the value on the Peer. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
[Mikrotik] ADV: ISPCON and MUM Annoucmentment
*Mikrotik Router.COM *would like to announce that we will be *GIVING AWAY* not one, but *TWO*, Link Technologies, Inc. *PowerRouter 732* *Mikrotik Powered Routers*! This is NEXT WEEK, May 13^th though May 16 in Chicago, IL. We will be doing one drawing Thursday after the end of ISPCON, and ANOTHER drawing at the end of MUM on Friday. Winners will be posted on our Website at http://www.mikrotikrouter.com as well as be contacted via phone. We will even provide FREE SHIPPING to the continental US for the winners! We will also have several other prizes during both the ISPCON and MUM events. Prizes include, T-Shirt's and RouterBoards! Visit us at Booth 402A, at ISPCON, or visit our booth at MUM. For more information about both of these events, visit http://www.ispcon.com and/or http://www.mikrotik.com.
Re: [Mikrotik] Low Cost Wireless Repeater
On Sat, 10 May 2008, Aaron, Network Administrator, Great Lakes Internet wrote: I need to extend the range of a mikrotik AP. I already have the max gain card and antenna I can use but I still have having some problems with low power laptop cards. I looked at the Buffalo, Linksys, and D-Link offerings but I have no experience with how well they work. I am willing to build something if necessary but I would like to stay under $200 if possible. You could use an RB433 with your choice of radio cards. Not sure if these are available, yet, but if so, that would be my recommendation. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
[Mikrotik] Leaving for MUM and ISPCON...
I am leaving for Chicago tomorrow (Monday) to be at the ISPCON and MUM...if you are going, let me know and I'd like to meet up with some of you...see ya there (or not). -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
[Mikrotik] Announcements from Butch Evans Consulting
I wanted to touch base with my customers to let you know about some new things on the horizon as well as announce a very special price on some upcoming training, but you'll have to read to the end of this announcement to see the special price. ;-) I currently have 4 scheduled trainings slated. All registration links and further information on the classes can be found at my website at http://www.butchevans.com/ Currently scheduled courses: ImageStream ICNO Training June 9-13, 2008 Location: Denver, CO Standard MikroTik RouterOS Certification Training July 8-11, 2008 Location: St. Louis, MO Security Focused Network Design using Mikrotik RouterOS July 21-23, 2008 Location St. Louis, MO ImageStream ICNA Training October 6-10, 2008 Location: Denver, CO My new partnership with ImageStream is going to be a good partnership. It will give ImageStream an opportunity to produce training classes at regular intervals and it will give me further opportunity to become more familiar with this tremendous product. I first began using ImageStream in about 2004 and their offering was simply amazing then. If you are not familiar with what they have to offer, you can see more about them and their product line at http://www.imagestream.com/. I have, now, completed the third session of my (wisp-training) Security Focused Network Design using Mikrotik RouterOS class. It just keeps getting better all the time, if I DO say so myself. But, you don't have to take my word for it. Below, you will find a few quotes from folks who have attended a previous training. These are taken from the surveys that we ask students from both classes to fill in. Daniel Laframboise of Centre de secretariat plus had this to say: This training is a MUST for anyone using or planning to use Mikrotik. Butch's knowledge, understanding and experience with Mikrotik makes the training worth the 7 hours of plane I made to get to the training. Every second of this training was important and to the point, no time is lost. To me, this training was worth each and every penny and help me avoid costly mistakes. Thanks for this high quality training Jimmy Murphy of Texas Communications said: Butch has a great understanding of Networking and the Mikrotik OS, he is able to take this knowledge and convey it so that it is easily understood. Randy Evans (no relation) of Geeks On Patrol said: I learned more from this class than I have from any other techincal class I've ever attended. OK...for those that are reading this before Monday morning, you deserve something special for working over the holiday. This offer is good ONLY UNTIL Monday, May 26, 2008 at midnight. (If you don't read this until Tuesday morning, I'm sorry, but this particular offer will have expired.) If you'd like to attend EITHER of the MikroTik Training classes and are willing to purchase your seats now, read on. The Standard Course is regularly priced at $950 and current early bird registration is $750. If you purchase prior to midnight on Monday May 26, I will give an additional $75 off the price. This makes your price just $675! The Security course is normally $1050 discounted for early bird at $900. You can take an additional $75 by purchasing this weekend, making the price just $825! I have NEVER sold seats at this price and I may never do it again. Remember payment must be completed prior to Midnight, May 26. If you want to take advantage of this offer, you MUST CALL OR EMAIL me. I can be reached at 573-276-2879 (leave a message if I don't answer) OR send an email to [EMAIL PROTECTED] to let me know. This offer applies only to the MikroTik training courses scheduled for this July. Please don't ask me to extend this offer, because it absolutely ends this Monday. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
[Mikrotik] Test
you can safely ignore this test -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] RouterBoard Ethernet Performance
On Tue, 27 May 2008, Randy Cosby wrote: I believe that only works on the routerboard 150. Correct me if I'm wrong (again). I think the ethernet chip on the 190 supports this as well. I don't know about the 400 series, though. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] PPTP in 3.x
On Tue, 3 Jun 2008, Mike Hammett wrote: Brain fart... I've done this many a time and it was staring me in the face... proxy-arp. Make sure Proxy-ARP is set for the interface you're PPTPing into. ;-) Alternatively, just use an IP in a different range than the LAN for the tunnel. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] IPSec
On Fri, 6 Jun 2008, Mike Hammett wrote: I'm trying to setup a 3.10 IPSec tunnel between two Mikrotiks. First off, the manual isn't correct. I do exactly what they say and I get an error. As it turns out, you're also required to choose an AH In\Out Algorithm. It also doesn't explain things well, like ah-spi. First, why are you creating a manual-sa? This is usually not necessary and it is easier to not do this manually. Second question: Are you masquerading traffic on the LAN of either side of this tunnel? If so, you have to make an exception for the IPSEC policy traffic. The traffic flow diagram is very clear in this regard. Use the example titled IPsec Between two Masquerading MikroTik Routers, as it does not require a manual key. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] Mikrotik Backhauls and wireless bridging
On Fri, 13 Jun 2008, Aaron, Network Administrator, Great Lakes Internet, Inc. wrote: I have two questions. First, for those of you using routerboards as backhauls, how have you been setting up the link. I have been setting up a wds link between the two units then setting up a bridge between the wireless and wired interfaces. This seems to work fairly well and I get about 10-12 mbps full duplex of actual throughput. Are there any other setups that could improve the throughput? I¹ve tried nstreme but have ended up turning if off as it seems to lower the throughput in certain circumstances (these Processing power is not likely to be the issue with 333. One thing that is an advantage with nstreme in version 3.x is the ability to turn of CSMA. If you are in a noisy environment, that is a BIG advantage. As for throughput increase, turning off connection tracking will yield about a 5-10% increase in throughput when you are bridging (or even simply routing). You can do this with either nstreme or WDS. handle nstreme) Or has anybody setup a link using multiple cards? I've set up many cards using the nstreme-dual function. For the most part, they work very well. When they don't work well, there were problems with the link in the first place. Second, does routeros still not allow bridging two wireless cards on the same board? I have setup wired-wireless bridges but I would like to setup a wireless-wireless bridge so I don¹t have to have the board function as a router. I believe this was a limitation in 2.9 but I don¹t know if it is still a limitation in 3.x. The reason I don¹t want to setup the rb as a router is because we do all our bandwidth limiting based on MAC at the NOC, so I need transparent bridges. You can bridge wireless-wireless. If you need more detail, let me know. FWIW, the bridging this way (wireless to wireless) worked in 2.9 series, too, but may have required special handling, depending on what you were doing. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] [MikroTik] Routing Issue
On Fri, 27 Jun 2008, Chris Gotstein wrote: Clint Wooton gave me a hand and we got it working, probably just before you tried pinging it. What did it turn out to be? -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *Mikrotik Certified Consultant *Wired or Wireless Networks*
Re: [Mikrotik] routerOS 3.11 and connection tracking
On Tue, 22 Jul 2008, Terri Kelley wrote: I installed an RB333 as a bridged AP yesterday, ap-bridge with wlan and ether ports. This is the way all my APs are set up. For some reason connection tracking is not working correctly. The only thing I see are broadcasts and my connection to the AP via winbox. Times are either 2 min or 30s ie tcp established 2 mins just like the other APs so I don't think that is the issue. But I cannot find what the deal is, it looks the same as the others in config. This RB333 replaced a wrap board I had there. Used the backup of the wrap to make the config for the RB333 (with some adjustments of course). I am probably missing something small here, anyone have a clue why tracking is not working on this board? This is my first one on 3.11. If you are in bridged mode, you don't even need the connection tracking turned on. The only benefit would be the ability to see what is passing through the device and there are other methods to see this information. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] Routing problem
On Thu, 11 Sep 2008, Josh Luthman wrote: I believe your attachment was stripped off. Can you share the URL to a website? Rapidshare, megaupload, etc. All attachments are automatically stripped. The link is below. :-) -- next part -- An embedded and charset-unspecified text was scrubbed... Name: ipsec.txt Url: http://www.butchevans.com/pipermail/mikrotik/attachments/20080911/fc17de11/attachment.txt What needs to happen is this: / ip ipsec policy add src-address=PRIVATELAN dst-address=REMOTE_SLASH32 \ action=encrypt level=require ipsec-protocols=esp tunnel=yes \ sa-src-address=116.xx.xx.150 sa-dst-address=17.xx.xx.52 proposal=GT Mikrotik manual-sa=none dont-fragment=clear disabled=no Replace PRIVATELAN with the LAN address or network that the remote /32 needs to talk to. REMOTE_SLASH32 is, of course, the /32 address that needs to talk over the vpn. Also, ensure that you have the exception in your NAT rules (/ip firewall nat) for src-nat for this specific source and destination. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] Mikrotik Vulnerability
On Thu, 11 Sep 2008, Robert Andrews wrote: There is a published hack on all versions of Mikrotik published. It's an SNMP hack. Hopefully there is a release out to address this soon, until then (post 3.13) SNMP should not be shown to the outside world. Strictly speaking, SNMP Write is not a hack. It's a feature added to Mikrotik. It was added without documenting that it was added, so that's a BAD thing on MT's part, IMHO. However, there are 2 things you can do to protect yourself. First, either disable SNMP altogether OR set the community string to something that is NOT a dictionary word. This is just good sense. Secondly, limit access to SNMP from outside your network. Spoofing the source address on a packet is trivial, so don't just limit by IP. Something like this on the border will help: /ip firewall filter add chain=forward protocol=udp dst-port=161 in-interface=PUBLIC \ action=drop You can find the details on the currently supported features here: http://wiki.mikrotik.com/wiki/SNMP_Write It is important to understand that if SNMP is enabled at all on your router, SNMP WRITE IS ON. This part is a bug, both because it is undocumented and there is no configuration to disable SNMP write. According to Mikrotik, this is/will be fixed in 3.14. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] route problem
On Wed, 17 Sep 2008, Ronnie Low wrote: This does clear things up a bit. I am getting the traffic across the tunnel from now, from 192.168.56.0/24 to 192.168.56.0/24. I just have to figure out to get the https traffic going to 170.xx.xx.3 out the 192.168.49.230 gateway. I guess it must be a firewall rule, since I'm getting icmp traffic there, just not https. Thanks for all your assistance. Your examples and explanation helped a lot. Glad it was helpful. I will be happy to assist directly if you can't get it going (not free, of course). If you can get the ICMP and not the https, you may be having MTU issues, too. Is there a pppoe or pptp link in the mix somewhere? -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *Mikrotik Certified Consultant *Professional Technical Trainer*
[Mikrotik] New blog entry...
I have posted a new blog entry that I think may be VERY useful to many of you. It is titled, Mobile IP? Some thoughts on how to make it happen with Mikrotik RouterOS. This post is a bit more detail on the talk I've presented at MUM a while back. There are lots of other articles on the site since I last announced a post, too. The idea of MIP is one that I get asked about a lot, so I thought I'd let you all know the article is up for your perusal. :-) -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] Laptop - Printer Issue
On Wed, 24 Sep 2008, Mike Hammett wrote: I can't reconfirm that now because the printer is off, but it was showing up in the MT's arp table yesterday. It had the same MAC address as the wireless CPE over there. Having the same MAC as the cpe means the cpe is not a true bridge. If you want a bridge, you have to have a true bridge. Use WDS or other bridging technology besides a pseudo bridge and it will work. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] Survey results so far
On Sat, 27 Sep 2008, Josh Luthman wrote: Maybe Fedora + VMWare for Windows? =) I would consider it, but it requires a Windows server platform. as little as I like Windows in general, I REALLY don't like Windows Server. To me, Windows Server is a little like a color called White Black. ;-) -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] Script help -- First Problem
On Thu, 2 Oct 2008, Randall Roberts wrote: I was under the impression that STP wasn't very reliable. (I haven't tried it in years...) It's not unreliable...just harder to engineer traffic than, for example, OSPF. I've always seen the STP button in Bridge setup. Didn't know about what to put for the settings, I'm going back to lab and try with the defaults. The defaults will work just fine for most applications. STP will use a least number of hops approach by default. If the hop count is equal, then it will at random pick one. One other question- Is there a problem with turning this on all of the wireless bridged links? Will it then allow more of a 'mesh' with the different towers if say, A has link to B and to C, and B has a link to C? If A-B fails, B will get it from A-C-B? If I understand your question, then the answer is no, there's no problem with this. In fact, it is advisable to turn it on for all of them. If you are running a mesh, then you may want to look into MME, which is documented (poorly, IMO) here: http://wiki.mikrotik.com/wiki/MME_wireless_routing_protocol In your shoes, I'd go with STP, as it is simple, low overhead and reliable. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *http://www.wisp-forums.com/*http://www.wisp-wiki.com/ *Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] Wake on LAN Script?
On Wed, 15 Oct 2008, Eric Holtzclaw wrote:
Is it possible to get the MT OS to: Have a user start a external
port 80 request that will start a ping session to enabled a Wake on
LAN for a server in side of the network?
Ok...here's a quickie..only barely tested. You should probably use
more variables where I have constants. You need to create a
firewall rule in the input chain on a port that is NOT used for
anything else:
/ip firewall filter add chain=input protocol=tcp dst-port=8473 \
action=passthrough comment=PINGWOL
Be sure the above rule is not going to be dropped (put it at or near
the top of the chain).
Then use a script similar to the following(some lines wrapped in my
email program):
:local packet [/ip firewall filter get [find comment=PINGWOL]
packets]
:if ( $packet 0) do={
/ip firewall filter reset-counters [/ip firewall filter find
comment=PINGWOL]
/ping 10.10.10.10 count=5
:log error Pinging the WOL device
} else={
:log error No packets, yet
}
--
*Butch Evans*Professional Network Consultation *
*Network Engineering*MikroTik RouterOS *
*573-276-2879 *ImageStream *
*http://www.butchevans.com/ *StarOS and MORE *
*http://blog.butchevans.com/*Wired or wireless Networks*
*http://www.wisp-forums.com/*http://www.wisp-wiki.com/
*Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] Mikrotik Digest, Vol 10, Issue 13
On Mon, 20 Oct 2008, Randall Roberts wrote: For the time being, the network I'm dealing with here has to be bridged. Also, I don't believe OSPF would help with the links A-B, A-C, B-C. You are correct. I should have clarified that in my reply. More offlist. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *http://www.wisp-forums.com/*http://www.wisp-wiki.com/ *Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] [Tranzeo] New Update - Tranzeo/Mtik disconnect issue Oct 10th, 2008
On Wed, 22 Oct 2008, Josh Luthman wrote: That letter makes me sick. I still stand by Tranzeo on this issue as I believe they did the right thing. The truth of the matter is that it doesn't matter who, exactly, was at fault. It is clear from some of my customers that the problem is not just a Tranzeo issue. This is a problem that has an impact on pure Mikrotik networks as well. I have a couple of customers who are testing now with this new firmware and I will report their results as soon as we have a few more days to evaluate. I can say that it looks promising, however, both with Tranzeo AND other CPE, including Mikrotik. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *http://www.wisp-forums.com/*http://www.wisp-wiki.com/ *Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] nstreme dual
On Thu, 23 Oct 2008, Aaron, Network Administrator, Great Lakes Internet wrote: Is there enough separation between the two polarities to run both on the same frequency? Vertical and horizontal polarization are separated by 25dB, however running them both on the same channel would not be a good plan, IMO. This is especially true if you use a dual polarity antenna OR if you have both radios in the same routerboard. For that matter, if both are in the same enclosure. I'm looking to replace a 10mbps orthogon with a higher capacity link without having to pay to price for a license upgrade on the orthogon. I'd like to not use any more of the band than I am already using. One option that you might consider is using narrow (10Mhz) channels. You would need to separate these a little, but you'd be using the same amount of bandwidth, or perhaps a little less. I just put together an updated OSPF FDX article on my blog. http://tinyurl.com/6zkdrp -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *http://www.wisp-forums.com/*http://www.wisp-wiki.com/ *Mikrotik Certified Consultant *Professional Technical Trainer*
Re: [Mikrotik] nstreme dual
On Thu, 23 Oct 2008, Randy Cosby wrote: Any ideas on how to make something like this work without Nstreme2, and without routing? Ie: I want to bridge from point a to point B, with two radios on each side being used in a full-duplex (or pseudo-full-duplex) mode. Seems nstreme2 would do this, but would not have the failover advantages. WDS or some sort of mesh? There is a way to bridge this configuration. It is more than I can easily do to explain the process here, but I'll try to get an article written that covers that, too. For what it's worth, when I cover this in my online training, I do usually go over the process to bridge this type of link. I know that sounds like a sales pitch (and I guess it is in a way), but it is not easily done without pictures as the text to explain it would be pretty confusing. -- *Butch Evans*Professional Network Consultation * *Network Engineering*MikroTik RouterOS * *573-276-2879 *ImageStream * *http://www.butchevans.com/ *StarOS and MORE * *http://blog.butchevans.com/*Wired or wireless Networks* *http://www.wisp-forums.com/*http://www.wisp-wiki.com/ *Mikrotik Certified Consultant *Professional Technical Trainer*
[Mikrotik] The VPN thread and today's workload...
Over the past week and a half (first one was last Monday), I have had 5 calls related to VPNs. With only one exception, the people who called all said something to the effect of I've been working on this for XX days/weeks and finally decided to call. With only one exception, I finished the configuration for them in less than an hour. Their cost to pay me to fix it was less than the week (or whatever timeframe) they spent fighting the issue. Now, I'm only posting this because I saw this thread come up and found it interesting that it is the same subject that I've had to deal with all week. Either way, I am glad it is now solved. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks *
Re: [Mikrotik] ROS 3.14 and firmware 2.17
On Thu, 30 Oct 2008, Josh Luthman wrote: Dude on RouterOS since v3? Not 3.15? I thought the storage feature enabled that, among other things. This is correct. But, it was only X86 until now due to the lack of storage capability in Routerboards. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks *
Re: [Mikrotik] Training Reminder
On Tue, 4 Nov 2008, Brian Bearce wrote: Will these sessions be recorded for review or purchase. They will be recorded. I don't, yet, know how much, or even if, I will sell them for. The choice to sell a recording such as this is really not very straight forward. You'd think they are less value, because they are not live. To me, however, they are of more value, because if someone purchases one, they are not likely to attend the live training. It's sort of a catch-22 for me. Either way, I don't know if they will be made available and if they are, I don't know what I will sell them for. Being that today is election day, I feel a political answer is not so unusual. ;-) -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks *
Re: [Mikrotik] Ethernet port ordering
On Fri, 7 Nov 2008, Craig Baird wrote: I've got something weird going on. I just configured an RB532 with the RB564 daugterboard. Here's what I'm seeing: This is very confusing when trying to figure out which port to physically plug various cables into. I've tried resetting the config, but it didn't change anything. Any suggestions on what I can do to get the port ordering straightened back out? This is a common issue. The only fix is to rename the interfaces. It is a problem that I know MT has been told about, but they did not, could not or would not (take your pick) change the behaviour. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks *
[Mikrotik] Testing again
List-Owner: [EMAIL PROTECTED] I bet you'll all be glad when I quit testing. :-) -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Testing again
List-Owner: [EMAIL PROTECTED] On Mon, 24 Nov 2008, Butch Evans wrote: List-Owner: [EMAIL PROTECTED] I bet you'll all be glad when I quit testing. :-) One more attempt -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] RB532 AP Issues
On Tue, 25 Nov 2008, Chris Gotstein wrote: Yes, forwarding is on for all customers. I'd start by turning this off. Forwarding is not needed to allow customers to use the AP. Forwarding is the communications between the clients of the same AP. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] RB532 AP Issues
On Tue, 25 Nov 2008, Chris Gotstein wrote: I'm using the access-list feature. Is there an easy way to turn it off for all the clients besides going through each one? In Winbox? No. In the command line...Yes. Assuming you do not need forwarding for any clients: /interface wireless set [find] default-forwarding=no /interface wireless access list set [find] forwarding=no -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] RB532 AP Issues
On Wed, 26 Nov 2008, Josh Luthman wrote: What Butch told me and we put on my 532s was just 3.16 - we did not use the wireless-test package. According to a post on the forums (I can't recall the thread), the wireless drivers were updated in 3.15 standard wireless package. The wireless-test package (3.15+) includes some updates specifically to the NStreme protocol. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Routerboard Recommendations.
On Tue, 2 Dec 2008, Scottie Arnett wrote: Some background, we are mainly a Canopy Wisp. I am feeding 3 towers with backhauls from our main tower(NOC) that the backbone enters into. I am using a PC 'tik' box as a main router at our NOC before the traffic enters our upstream router, and using it to do several different things including bandwidth shaping, traffic prioritization, firewalls, etc... it is our only 'tik' at the moment. I am wanting to put some routerboards at each of the three other tower locations to cut down on the garbage coming across the backhauls and everywhere else on it's way back to the NOC. These towers have anywhere between 30 - 60 customers on them. What I would like to do at each tower is move some of the bandwidth shaping, traffic prioritization, firewalls, etc... to each tower. I doubt that each tower will ever have more than 120 customers, but would like to plan for the future in case we add 900Mhz AP's. Some questions are in order to clarify your design goals. Are your 3 towers currently routed? In other words, is tower 1 on a different subnet than tower 2 and 3? If so, then the process will be much simpler and more straightforward. If not, then there is some work to be done in getting it set up that way. Based on your goal of moving traffic shaping and prioritization over to this new tower router configuration, I'd suggest the RB433AH routerboard. This board is a 680MHz router with 3 ethernet ports and 3 minipci slots (for your other future upgrade mentioned below). It's a pretty inexpensive device at about $150 plus case (indoor is $23 and outdoor $73). The RB493AH is the same CPU but has 9 Ethernet ports and 3 minipci slots. RB493AH is $169 plus about $30 for an indoor case. Outdoor case is gonna run about $70 plus, depending on the configuration. Either of these boards will do what you want with room to spare. FWIW, all ethernet ports on these are 10/100. If you want/need gigE, then RB600 or RB1000 is needed. Can you guys give me a routerboard suggestion to do this for the towers. We are mostly Canopy 900 Mhz, so no more than 4 Mbps aggregate can move through each of these towers at the moment, but could go to 8 Mbps. I would like the ability to add some 2.4 or 5.7 cards to these later on for LOS customers, so please include suggestions with the ability to add these cards later. The RB400 series and RB600 have minipci slots that would facilitate the radio cards. RB1000 does not. Hit me offlist if you're interested in a firm quote on the parts or if you are in need of assistance with the transition. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Routerboard Recommendations.
On Wed, 3 Dec 2008, Josh Luthman wrote: I looked and looked but I can't find the link I found to that Mini PCI. I found one. It would be a special order part, and pricing is $64 per piece. You can view the part here: http://www.wispgear.net/minipci-flex-extender-p-40.html NOTE: My catalog site is NOT ready for sales. If you wish to order one or more, please give me a call at 573-276-2879. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Eoip Tunnels Vlans
On Fri, 5 Dec 2008, Keith Barber wrote: Except for this one client. Who's connected to the ap that is the only one doing the vlan tagged setup. They weren't having any real problems surfing, but they couldn't do remote desktop. Did some searching on google, most said it's MTU related. I would agree. It is almost certainly MTU. Ethernet has 1500 byte MTU, so does EoIP. EoIP has a small overhead (I think it's 4 bytes) and VLAN carries a 2 byte overhead. These 6 bytes are likely to be your problem. Now with all that jibberish, is there anything particularly bad with have EoIP tunnels within a vlan? Another thought, is Mikrotik smart enough to strip the EoiP/Vlan tags in the right order, so they don't interfere with one another? The tagging is handled correctly. Well, it's removed in the same order it is added, assuming everything is correctly set up. The only problem with EoIPoVLAN is going to be MTU. Your best bet is to experiment with Mangle at some router that is either before or after the EoIP tunnel. In mangle, you can set tcp mss, which will help you automatically set up the maximum packet size to fit inside the tunnel with vlan. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
[Mikrotik] OT: WM6.1 Calendar program...
So, I got this new phone. It has WM6.1 running. The calendar program on that phone is the WORST program I believe I've ever seen. I am interested in getting a decent program to use as a calendar on my phone. Anyone have any good suggestions? -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] howto different d/l con and browsing con?
On Wed, 2008-12-10 at 20:25 -0500, Josh Luthman wrote: It could just be me but I find your question very difficult to understand. Rest assured, it's not just you. ;-) -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] T3 interface cards
On Mon, 2008-12-15 at 17:52 -0500, Kerry Penland wrote: Is anybody using a T3 interface card with mikrotik? I'm looking at replacing our cisco and I need an interface similar to the Sangoma A301. Any recommendations? As much as I like Mikrotik for a lot of things, my best advice is this: Don't mix Mikrotik and ANY TDM ports. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] vlan question from a colleague
On Mon, 2008-12-15 at 15:59 -0700, Randy Cosby wrote: Riddle me this: Let's say I've got a 4 port Mikrotik RouterOS device ports e1, e2, e3 and e4 --- I have incoming tagged and untagged traffic on port e1 (VLAN 1 untagged, VLAN 2 and VLAN 3 tagged) Ok..so you will have tagged traffic for VLAN2 and VLAN3, but traffic without a tag should be sent on VLAN1 on another port? Traffic going TO VLAN1 and OUT ether1 should be tagged or not? - I want to bridge ethernet-level traffic such that on port e2, VLAN 2 traffic goes out untagged (and inbound untagged traffic goes to VLAN 2) SO, anything leaving on e2, should not be tagged, but will be bridged to VLAN2? and there is NO tagged traffic - on port e3, VLAN 3 traffic is untagged in and out (no tagged traffic at all) If it is untagged, where does it need to enter/leave the router? - and finally, port e4 does VLAN 1 traffic in/out untagged, no other traffic -- CAN this be done? SO...ether4 is bridged to ether1 and will pass traffic entering on ether1 (which will not be tagged, but will be from VLAN1)? Basically e2, e3, and e4 are single-vlan only untagged ports on VLANs 2, 3, and 1 respectively, while e1 is a trunk with VLANs 2 3 tagged, but VLAN 1 untagged I'm a little confused on a couple of points (asked for clarification above). If I DO understand what I think you are asking, then it should be possible (at least part of it). Anyone done anything like this? The challenge is that we need to do this bridged, not routed - kinda like using a switch. I did some CRAZY vlan work for Centurytel about 2 years ago. Your scenario sounds like a breeze compared to what THEY wanted! I'm not sure I can create a configuration like this for free, but if you can clarify, I can perhaps assist a little... -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Mikrotik MPLS issue
On Fri, 2008-12-19 at 08:38 -0600, Mike Hammett wrote: Well, in the diagram, it's just a test network setup so that I get everything working in a controlled environment, then can replicate elsewhere. Ok..no problem there. It's more universal than EoIP. So is PPtP. (see below) A learning experience for when I need MPLS in the future. By the time you need it it will no longer be the buzzword it is today. A marketing feature. If a customer sees that Global Crossing, ATT, etc. provide their connectivity over an MPLS network, it certainly bodes well for me if I can say the same, even if it means nothing to your average user. Better than trying to duplicate sillyness, ask the customer what they really NEED and fulfill that need. MPLS is not a need for any customer I've dealt with so far (and some of those are quite large). It passes packets that are a full 1500 bytes. So does the MLPPP package added to recent versions of Mikrotik. Not to mention that MLPPP is MUCH more usable and deployable than MPLS, which is not a complete package in MT. If you'd like to learn about MPLS, I can teach it, but it's about a 4 day course. Then, when we're done, you'd realize that what I stated the first day is true...It is highly likely that you don't need MPLS. But I can understand the need for a learning experience...I just don't have the time to waste, so I am somewhat envious. :-) -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] spectrum analyzer
On Mon, 2009-01-12 at 09:29 -0600, Terri Kelley wrote: I used the one of the first Wi-Spy 2.4 units. It is like a spectrum analyzer using the laptop software and actually didn't do bad. I just needed more functionality and rather than spend the money on the more expensive Wi-Spy I decided to go a bit more in price and got the Spectran. So the Wi-Spy doesn't care what is emitting the signal(s), it shows it. You can find it here and see the screen shots: http://www.metageek.net/ While I haven't used these, I am a reseller for this product. I have them available for $379 for the Wi-Spy 2.4x with RP-SMA Chanalyzer 3.0. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Finding MAC Address and Blocking
On Wed, 2009-01-14 at 10:32 -0600, Brian Bearce wrote: Does anyone know of a way to find a hackers MAC address and block all traffic via the MikroTik. I am running version 2.9.43 If you know their current IP: /ip arp print from=[find address=CURR.ENT.IP.ADDRESS] That will give you their MAC. From there, you can either add them to the access-list on the AP or add a firewall rule that drops all traffic from their MAC address. As was stated before, they are likely to just change their MAC address if you do that, but it's one approach. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Finding MAC Address and Blocking
On Wed, 2009-01-14 at 13:14 -0600, Brian Bearce wrote: Does it make a difference if these are private IP's 192.168.*.*? These are NATed via another router. Private IP/public IP is not relevant. What IS relevant (as others have stated) is that you run the arp test on the router that is directly connected to the customer/perp. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Ubiquiti Bullet2
On Thu, 2009-01-15 at 11:59 -0500, Rick Smith wrote: Anyone used the bullets yet ? Are they really going to be that good ? What is that good? I mean, at under $40 for an AP, you can't expect a LOT. :-) Either way, you can't find them at the moment. Ubiquiti has had a delay of some sort getting them out the door. They were expected over a month ago, IIRC. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
[Mikrotik] LIVE training event announcement/reminder.
I am sending out this reminder to let you know about the upcoming (next week) LIVE online Mikrotik Training class. This is our Mikrotik Standard training course adapted for use online. The online course is not exactly the same as our live training, however, it is similar in many ways. The content of the course is mostly the same, however, the labs are rewritten to accomodate an online environment. This is a 4 day training and is a detailed look at most of the features in RouterOS. Because the training is online, there is no need to make travel arrangements. Online training offers you the ability to have multiple employees trained for the price of one. Online training offers you the ability to learn from the comfort of your own office space. The training we are offering is of the highest quality and should not be confused with other training offers currently in the marketplace. We offer: * The most mature (over 4 years in development) training material * An expert in networking as trainer (not just Mikrotik) * An experienced trainer (I've been teaching in one form or another since 1998) * An experienced ISP with the expertise to adapt materials to the WISP network You don't have to spend HUNDREDS of dollars more in order to get quality training. You don't have to spend MONTHS learning this material. If you've ever considered attending a live training, but have been waiting for one to be near you, then this is your chance to see what it's all about. Registration and course content information is available here: http://www.butchevans.com/catalog/mikrotik-routeros-standard-training-class-online-p-37.html Seating is very limited, so act now. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] LIVE training event announcement/reminder.
On Tue, 2009-01-20 at 16:51 +, Keith Barber wrote: What day is the training? Are there any seats still open? This training starts Monday, Jan 26 and runs through Thursday, Jan 29. There are still seats available. http://www.butchevans.com/catalog/mikrotik-routeros-standard-training-class-online-p-37.html -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Poor Performance with RB532 AP
On Thu, 2009-01-22 at 20:41 -0600, Chris Gotstein wrote: What kind of antenna are you using? I was also thinking about moving to sectors and having 3 wireless cards in 1 box. Any worries about cross-talk doing that? With 802.11B, and the XR2 cards, you should be able to get away with this. Use a 24v power supply, though, if it is POE. 18V is ok if you use power header. I like the pac-wireless antennas. There is an available Pac antenna that looks like an omni (physically), but is actually 3 sectors (120*). -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Poor Performance with RB532 AP
On Thu, 2009-01-22 at 22:11 -0600, Chris Gotstein wrote: Well now i'm losing almost all my clients. Something is failing, not sure if it's the radio or antenna at this point. If the problem gets worse as temps climb up near and above freezing, then I'd seriously consider water in the connectors as a possible cause. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Poor Performance with RB532 AP
On Fri, 2009-01-23 at 14:10 -0500, Steve Barnes wrote: Josh, What kind of distance can you get with a good line of site on 5.8 and a 19dbi panel? Line of sight is certainly a requirement for 5.8GHz, sort of. By that, I mean, it depends on exactly what the obstacle is. For a small cell site, you can usually get away with some obstacles if it is in town, because you'll get some reflections, which can be useful to 802.11a to some extent. Trees/foliage create a different scenario. They are BAD, but not much worse (a little worse) than 2.4GHz. Either way, LOS is much better. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Multiple hotspots on one MT router
On Tue, 2009-02-17 at 08:00 -0600, Mark McElvy wrote: We have a special event coming to town and I want to provide Hotspot access for them. I already have a hotspot setup for users around town. I want to setup a second hotspot with custom pages for the event users. Can I have separate HTML? Yes. Just use a different directory for the second hotspot. It has to be running on a different interface. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] OT: Uptime
On Tue, 2009-03-03 at 09:44 -0600, Mike Delp wrote: The primary reason was the Geode Processor used in the RB230 is not ROHS compliant, so production had to be switched to other processors. I do know that the processor used had the supply dry up after it was discontinued. I spoke to John Tully shortly before this occurred and he had already planned to discontinue the 200 series. The problem with the cheaper boards is that the power supply is MUCH lower grade components. This, to me, is one of the reasons that the other boards are not as stable. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
[Mikrotik] Training Question (announcement, too)
Just a note: There is a training course scheduled for March 17-20, 2009. I am considering offering a one day training course covering firewalls in Mikrotik RouterOS. The course would run about $300 per person and would be online. I am curious to see who, if any, would be interested in a course like this. The course would be a complete coverage of firewall application and theory. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] My first time based filter rule
On Wed, 2009-03-04 at 17:37 -0500, Josh Luthman wrote: What I am trying to accomplish is to allow traffic from this IP between 8am and 5:30PM but drop it if not in those hours. Is this the most efficient way of doing this? It should do what you want. Make certain that you have a working NTP server and that this router is properly configured to use it. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Need advice- Passing Public IP through Hotspot
On Thu, 2009-03-19 at 18:39 -0400, Ralph wrote: This is all working fine, however I now need to add another hotspot feeding from the tower on another downlink to another campground where I have a Tropos Mesh already running. I need a different portal/hotspot there that the other one because the place had a different owner and I don't want his users to see the prices the other location gets. If that weren't the case I could just have it all on the original MT PC. There are a couple of options here, but it isn't clear how the network is configured. From the headend (where the MT PC is located), do you have one link to the first campground and then a link from the first campground to the second? If so, then this makes the task a little more difficult, but not impossible. You can use VLANs and set each campground on their own interface in the MT, each of which can run their own hotspot. If you have 2 unique links from the headend, one to each campground, you can just run hotspot on a different physical interface (one for each link). So here's what I want to do: 1. Figure out how to pass one of my public IP addresses THROUGH the MT PC Hotspot, then pick it off at the tower and send it down to the 2nd campsite. A Routerboard there will have its own IP and should work great. This doesn't really make sense. If I am understanding correctly how your network is configured, you have a range of public IP addresses assigned to the internet side of your MT. If this is the case, the only way to make it pass through the router is using a dst-nat rule to nat it to a private IP inside the network. I'm not sure if that is what you are trying to do or not. 2. Run 2 hotspots on the main MT PC and figure out how to separate them at the remote tower, feeding them to their proper campground. This can be accomplished per my advice above. Any ideas? I am probably going to need something close to step-by-step. Not sure I can do this, but I'd be happy to assist. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Changing MTU size
On Thu, 2009-03-19 at 17:39 -0400, Josh Luthman wrote: In my experince this is caused by half duplex equipment (which was already checked and replaced with switches I have used often). The issue still remiands, however. It is typical that a duplex mismatch will cause this type of issue. It is not always the case, however. If there is a wireless link in the path, then there is a half duplex link, but maybe no duplex mismatch. It was suggested to me to change the MTU for qos reasons. Is this a likely solution? If so how will it help if I do this at the customer's router? How would I put this into the firewall? Well, when a wireless link is involved, the benefit to changing MTU is somewhat cloudy and often not the right approach. Changing the MTU on a wireless link (I'm assuming it is wireless) will have a couple of significant impacts that you need to be aware of before you attempt this. If you have traffic coming into the router on (for example) ether1 and leaving on wlan1, you must recognize that the MTU for both of those networks will be different. This is not a huge issue, but for every packet that comes into the router on ether1 that is larger than the MTU on wlan1, it will have to be segmented to be delivered. Again not a big issue, but it will impact CPU on both ends of the wireless link. This effect will cause a higher packet rate on the wireless network, which may or may not be desirable. Additionally, if the AP on this wireless link is a PtMP network, then all devices connected to the AP must change their MTU as well (because the AP will need to be changed, too). The reason MTU changes MAY help out depends on the wireless link. If the link, or more specifically the wireless network, is seeing a significant number of retransmissions (anything over about 3-5%), then changing the MTU has a chance of helping. Keep in mind the higher packet rate mentioned earlier, because that will have a potentially severe negative impact on the network behavior. Either way, the theory is that if I am retransmitting every 1 of 10 packets, if I make the MTU smaller, then I am retransmitting a much smaller volume of data. In other words, if MTU=1500 and I retransmit 1/10 packets, then I am retransmitting 1500/150k bytes. If the MTU is 1000 with the same 1/10, I am retransmitting 1000/100k bytes. Same ratio, but fewer bytes being retransmitted. That's the theory anyway. My experience is that MTU changes usually have either no impact at all or a negative impact. To change the MTU, you would do something like: /interface wireless set wlan1 mtu=1000 mru=1000 Note that MRU is a similar parameter, but will tell the interface what size packet it can receive. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] v4 Upgrade
On Fri, 2009-03-20 at 13:43 -0400, Casey Mills wrote: Are any of the vendors selling version 4 license upgrades? I have a PC that is upgradable to version 3.x and nlevel 3. I want to be able to v4 on. Pricing? Mikrotik does not sell an upgrade any longer. If you have nlevel3, you may even have trouble finding a vendor selling those licenses. MT has made it hard on vendors to resell that license, because to resell them, you have to purchase them from MT in 100 lots. Since there isn't a lot of call for level3...well, you get the idea. Either way, level 4 is only $45. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Downgrade Software
On Mon, 2009-03-23 at 15:44 -0500, Chris Gotstein wrote: Any harm in downgrading from 3.22 to 3.20? None that I've heard or seen. Any reason you are downgrading? -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
[Mikrotik] Great...now we have to deal with FTTT
http://www.google.com/tisp/ You seen Fiber to the home. Now what about this... -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Great...now we have to deal with FTTT
On Thu, 2009-04-02 at 15:26 -0500, Chris Gotstein wrote: Didn't they do this last year as well? It was last year. I just thought it appropriate this year in light of the stimulus packages and talks of all the fiber projects. :-) -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Great...now we have to deal with FTTT
On Fri, 2009-04-03 at 15:33 -0400, Carl A jeptha wrote: Not really, most times it's because the client has been P**sed off. Don't be a potty mouth! :-) -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Virtual AP Question
On Tue, 2009-04-07 at 13:19 -0400, Keith Barber wrote: An embedded and charset-unspecified text was scrubbed... Keith said: I have a question about Virtual AP's and what they do to a radio. Basically, are the MTs smart enough to balance the load between them effciently? Or if I have a VirtualAP, does it carve a chunk of usable Wireless space out, so that the main AP can't use it? I'm transitioning clients over, and some of the AP's have 50+ clients.. thus maxing the card. If I add the VAp to help move them, does it make those 50+ get worse signal right out of the gate? END QUOTE -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Cisco to Mikrotik IPIP Tunnel Routing
On Thu, 2009-04-09 at 08:58 -0500, Chris Gotstein wrote: Cisco(192.168.255.254) - (tunnel1) - Mikrotik(192.168.255.254) What kind of tunnel is this? -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Virtual AP Question
On Thu, 2009-04-09 at 10:25 -0500, Butch Evans wrote: Keith said: Basically, are the MTs smart enough to balance the load between them effciently? Keith, I'm not sure what you mean by balance the load. There is a little bit of overhead for each virtual AP. The AP will be sending out beacons for both the physical AP AND the virtual AP. Or if I have a VirtualAP, does it carve a chunk of usable Wireless space out, so that the main AP can't use it? There will be packet traffic in the interface queues for both the physical AP and the virtual AP. I'm not sure how this is handled at a low level. That is something that is handled by the Atheros driver code. I'm transitioning clients over, and some of the AP's have 50+ clients.. thus maxing the card. If I add the VAp to help move them, does it make those 50+ get worse signal right out of the gate? SHouldn't be worse signal, however you will see a little more overhead. The process of creating a virtual AP, transition clients, build a new physical AP is my recommended path, however. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Wireless improvement package
On Mon, 2009-04-13 at 11:23 -0400, Josh Luthman wrote: I know there was a wireless-test package that greatly improved nstreme and ptmp capability. It was actually suggested that I move to nstreme now that ptmp works well. Was this wireless-test package included in a release yet? If so when did it begin being included? I'm thinking it was around 3.17 or 18. As I understand it, Mikrotik added some of the improvements into the standard distribution. As you know, their changelog isn't very complete, so a portion of my understanding is simply from experience. If you want to run the test package, you can do that by downloading the wireless-test package separately their website. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
[Mikrotik] RouterOS Archive
On Mon, 2009-04-13 at 15:42 -0400, steve wrote: I heard there were issues that 3.22 wasn't as stable with the new Tranzeo Firmware as 3.20 is, that true anyone. Where can I get 3.20 for Mipsbe (RB411a) They have 3.13 and 3.22 Listed on download site. http://www.butchevans.com/MT_Software/ -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] reset and config script
On Wed, 2009-04-29 at 21:45 -0500, Terri Kelley wrote: with a generic script that they could edit for the changing items such as IP address for the bridge but remove the complete setup on the existing routered cpe. Otherwise they would need to look at the current setup of the existing cpe, remove the unwanted items such as ip addresses on the wlan and ethernet, nat etc., then make the bridge. If you want a full config, then take a look at my blog for a sample (it's a CPE router, but the framework is there and you can use it as a guide). Alternatively, you can do something like: /interface bridge add /interface bridge port add interface=wlan1 bridge=bridge1 add interface=ether1 bridge=bridge1 /ip address set [find interface=wlan1] interface=bridge1 /ip address remove [find interface=ether1] /ip firewall nat remove [find] That should take a standard nat cpe and convert it to bridged config. You may have to change the wlan1 card config and set it up to be station-wds (add the following if so) /interface wireless set wlan1 mode=station-wds wds-mode=dynamic wds-default-bridge=bridge1 Add the above 2 lines between changing the IP and last interface being added to the bridge. This may not work exactly in your configuration, but it's the best I can do without seeing/knowing your configuration. When it runs, the IP address that was assigned to the wlan1 interface will be moved to the bridge, so you can still manage the device without needing to update your network documentation. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] pseudobridge polled devices question
On Mon, 2009-05-04 at 18:33 -0500, David Smith wrote: Sry, arp. Im in the car ;) Static ARP will not fix this. The problem is related to 802.11 (as you have pointed out in your question). IF you run a netwatch script to ping the remote devices from time to time, it may help. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Odd ping statistics
On Thu, 2009-05-07 at 17:37 -0400, Josh Luthman wrote: I left a ping going for about a day. I started it later in the evening last night and just now stopped it (on my home PC). Looks like this... Is this a ping from a windows machine going to the MT or the other way around? It looks like you must have rolled a counter to see the 6/5 counter values. 6 packets transmitted, 5 packets received, 16% packet loss round-trip min/avg/max = 12/36.6/52 ms I tried a ping test and it did 150 responses with 0% loss just after this. Running 3.10 on an rb450 Maybe you should be taking a test instead of pinging all night. :-) /me duck - run -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Connect list
On Mon, 2009-05-11 at 14:47 -0400, Josh Luthman wrote: At this time I have three 120 degree antennas on a tower at 250'. I made three templates for each of the APs. I suppose this means that each template specifies a particular ssid, depending on the location? To make it unified (one template per tower) could I use the connect list? What are the differences I would have to watch out for? How do I get it to use the connect list instead of the ssid specified? You can use the connect list. In fact, that's a good plan, IMNSHO. You could do something like this: /int wir conn add ssid=ssid_number1 connect=yes add ssid=ssid_number2 connect=yes add ssid=ssid_number3 connect=yes add connect=no -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Trango and MT Queues
On Tue, 2009-05-26 at 12:15 -0500, Chris Gotstein wrote: We acquired a WISP last year that is running trango APs and CPEs, and using a home built PC running RouterOS 2.9.x as the main router. They are also running queues on the MT box to control traffic. The trangos have bandwidth settings on the CPE side, both MIR and CIR. Is there a reason to run both queues and CIR/MIR for this system? I don't see a way to disable the CIR/MIR on the trangos, beside just setting it to its max setting. Otherwise i could just get rid of the queues on the MT and just CIR/MIR on the Trango. Any suggestions? The CIR/MIR feature likely to only work when both AP and CPE are Trango. It may work for one direction if you change either AP or CPE to another device. If this feature works well, then I would not worry about using MT for the queues. If it is not working well, then moving to a more complete solution (such as the queues and full qos capability on the MT) would be in order. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Loss of connectivity
On Wed, 2009-05-27 at 14:01 -0500, Scottie Arnett wrote: Lol. I cut slits in the bottom of the drip loop on the one I was having trouble with. A 'crutch' until I get time to run new cable. At one of my partner ISPs a few years ago, we had this issue with an ethernet cable that was about 200' up the tower. When the cable was run, they ended up with about 50' of cable at the bottom. Instead of cutting it short, they left that cable wrapped and on the tower (the last 12 or so feet were run into the box. When they sliced (I think they poked a hole in it) the cable to release the water, they had a jet of water about 10' long. They drained about 2 gallons of water out of the line. At another site, I had a large waveguide that was left on the tower when we purchased it. That one ended up with over 15 gallons of water in it. We had a water jet powerful enough to dig a hole in the ground where it was shooting out. :-) -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Tranzeo - Mikrotik versions
On Mon, 2009-06-08 at 11:21 -0400, Erik Turk wrote: I miss being able to see the Radio Name from the Tranzeos in the Registration List of the Mikrotiks. It means that I have to continue to remember customers MAC addresses. In the Mikrotik AP, do the following (Winbox instructions): WIRELESS-Registration Table * Right-click an entry and select Copy to access-list WIRELESS-Access List * Highlight an entry (created above) * Click the yellow comment icon in the toolbar add the customer name or whatever other information you want displayed You will see this comment under WIRELESS-Registration table This works with ANY client to a MT access point. Be aware that when you add them to the access list, or make changes to the access list entry (such as adding a comment), they will be briefly disconnected. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Tranzeo - Mikrotik versions
On Mon, 2009-06-08 at 16:34 -0400, steve wrote: I think your right. I think it is a Mikrotik special thing. Just not sure why they didn't use the SNMP. Makes interoperability between vendors a lot easier. SNMP would be a nice option. They don't document this, but from what I can tell from packet sniffers, I don't think they get the data for the radio name column vi SNMP. It may be that I just haven't caught the AP doing this. I think they should incorporate something like creating columns in the registration table like radio ID (snmp) and radio type (again, snmp could tell this). Even if the radio type column were Mikrotik radio? (yes/no) it would be beneificial. I've copied this to supp...@mikrotik.com. If you think this is a useful idea, you should let them know. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Tranzeo - Mikrotik versions
On Mon, 2009-06-08 at 16:46 -0700, Damian Wallace wrote: They likely are doing it in the vendor extensions on the packet. That has been my suspicion, but being as it isn't documented... We do both, the packet and SNMP. I'd gladly share our packet format with them if they will share theirs with me. See what you can do Butch, I will forward this on to them and see what happens (see the probability formula below). since I get the feeling that MT has the following procmail filter installed sometimes :- :0 * ^From: *...@tranzeo\.* /dev/null LOL. Seems to me that the probability that a feature addition is indirectly proportional to the number of times I ask for it. If it's something I REALLY want, the inverse factor is increased by at least 1 order of magnitude. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
[Mikrotik] Fwd: Re: Tranzeo - Mikrotik versions
Well, for what it's worth, here is the response from MT: Forwarded Message Hello Butch, Thank you very much for the features suggestion. We will see what we can do to add support for them. Regards, Sergejs -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] 5.8GHz Grids
On Thu, 2009-06-11 at 15:53 -0400, Aaron, Network Administrator, Great Lakes Internet wrote: Do you think this would still be an issue with lower output power. I plan on using cm9's as I have stacks of them laying around. I also intended to lower the power on the cards. I try to keep backhauls in the -60's so I don't overdrive either end of the link. I'd think that lower power will be fine. I can get you a set of radios, power supply, RB411, outdoor antenna enclosure for $139/end. They will work very well for this purpose (only point to point or client/station). -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] 5.8GHz Grids
On Thu, 2009-06-11 at 14:01 -0700, Damian Wallace wrote: Reflection aside, at 300 feet with a CM9 just put a couple of cheap omni's on it and save those grids for when you need then. Did I really just say use an omni on a Backhaul? Shame on me :- That's the Tranzeo approach. --DUCKING-- -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] 5.8GHz Grids
On Thu, 2009-06-11 at 14:30 -0700, Damian Wallace wrote: When in MT land, does as MT does. lol. Not sure I'd admit to doing as MT does...There are days where what MT does is painful. ;-) -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] 5.8GHz Grids
On Thu, 2009-06-11 at 15:19 -0700, D. Ryan Spott wrote: I don't agree with you! This forum topic is deleted and your account banned Whoops! Sorry bout that... got a little 'Tik-ey. Now THAT made me spit coffee all over my monitor. Thanks. lol -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] DHCP and Windows XP
On Fri, 2009-06-12 at 19:48 -0500, Mike Hammett wrote: This laptop used to work fine, now it can't get an IP. Other laptops can. Ideas? Some unuseful information removed 19:45:12 system,info log rule changed by admin 19:45:16 dhcp,debug,packet dhcp1 received discover with id 1455243941 from 0.0.0.0 19:45:16 dhcp,debug,packet chaddr = 00:14:A5:87:C3:B0 19:45:16 dhcp,debug,packet Msg-Type = discover 19:45:16 dhcp,debug,packet Host-Name = Lothson The discover packet from C3:B0 19:45:17 dhcp,debug,packet dhcp1 sending offer with id 1455243941 to 172.16.11.60 19:45:17 dhcp,debug,packet yiaddr = 172.16.11.60 19:45:17 dhcp,debug,packet siaddr = 172.16.11.1 19:45:17 dhcp,debug,packet chaddr = 00:14:A5:87:C3:B0 19:45:17 dhcp,debug,packet Msg-Type = offer Offering 172.16.11.60 to C3:B0 19:45:17 dhcp,debug,packet dhcp1 received request with id 1455243941 from 0.0.0.0 19:45:17 dhcp,debug,packet chaddr = 00:14:A5:87:C3:B0 19:45:17 dhcp,debug,packet Msg-Type = request 19:45:17 dhcp,debug,packet Address-Request = 172.16.11.60 C3:B0 says, give me 172.16.11.60 19:45:17 dhcp,info,debug dhcp1 assigned 172.16.11.60 to 00:14:A5:87:C3:B0 Server thinks all is well. 19:45:17 dhcp,debug,packet dhcp1 sending ack with id 1455243941 to 172.16.11.60 19:45:17 dhcp,debug,packet yiaddr = 172.16.11.60 19:45:17 dhcp,debug,packet siaddr = 172.16.11.1 19:45:17 dhcp,debug,packet chaddr = 00:14:A5:87:C3:B0 19:45:17 dhcp,debug,packet Msg-Type = ack OK, C3:B0, you asked for it...that's acceptable by me. 19:45:17 dhcp,debug,packet dhcp1 received decline with id 1455243941 from 0.0.0.0 19:45:17 dhcp,debug,packet ciaddr = 172.16.11.60 19:45:17 dhcp,debug,packet chaddr = 00:14:A5:87:C3:B0 19:45:17 dhcp,debug,packet Msg-Type = decline C3:B0...Now that I think about it, never mind. I don't like that address after all. 19:45:17 dhcp,info,debug dhcp1 deassigned 172.16.11.60 from 00:14:A5:87:C3:B0 Server: Ok, you don't want it, I'll take it back. This conversation is common. It almost always means that the PC thinks (erroneously, perhaps) that the IP being assigned by DHCP is already in use on the network. I'd bet that if you ran a sniffer on the PC, you'd see an ARP request go out to the network immediately following the DHCP ACK packet with an answer coming back from someone. That's why Windows is declining the IP. NOW, for reasons: 1. There is an 802.11 client bridge in the path somewhere between this PC and the DHCP server. This can often spell problems. 2. There is some device on the network running proxy-arp and is misbehaving. 3. Windows is just being Windows. Always a fun possibility. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] DHCP and Windows XP
On Sat, 2009-06-13 at 01:39 -0500, Mike Hammett wrote: I resolved it... too many proxy-ARPs in the system. Not a bad guess. ;-) -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] BGP Question
On Tue, 2009-06-16 at 08:30 -0500, Randall Roberts wrote: They've asked about implementing BGP for their two connections. I've inquired with my upstream provider, and they said that I would have to implement BGP on my network in order for 'announcements' to pass through. They shouldn't need you to implement it. All they need (realistically) is for your customer's peer to be coming from an IP that they (your upstream) provide to you. They would have no way of knowing where the peer is physically located. If you do not do BGP with them, though, you will have to create static routes (or OSPF) in your network to reach their network IP ranges. Your network must be able to reach all ranges that they want to announce via your connection point with them. How difficult is this to do with MT? Actually, for a simple configuration like this, it is not hard are all. I would suggest that you work with your customer and upstream to get them connected directly, however. It'll be easier if you can stay out of it. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
Re: [Mikrotik] Tx/Rx Rate
On Thu, 2009-06-18 at 09:43 -0500, Chris Gotstein wrote: I've been setting it to auto, does it matter a whole lot 1 way or the other? Are others forcing the preamble? That's the setting that I typically use, too. It'll use long for those that don't support the short (more efficient) preambles. FWIW, the default is to use both. -- * Butch Evans * Professional Network Consultation* * http://www.butchevans.com/* Network Engineering * * http://www.wispa.org/ * WISPA Board Member * * http://blog.butchevans.com/ * Wired or Wireless Networks * ___ Mikrotik mailing list Mikrotik@mail.butchevans.com http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
