Just realised that it's single chain 5Ghz. :-( plus 100mbit ethernet - double :-(

Just set up a Wireless Transparent Bridge using the guide in Mikrotik's Wiki.

http://wiki.mikrotik.com/wiki/Transparentl...ge_two_Networks

It's for connecting the HyppTV STB to the router. Homeplugs didn't work. Still testing. So far works pretty well.

Used 2 x RB951Ui-2HnD. About 40ft and 1 floor apart. Reduced power to keep TX/RX around -65 dBm. Tried 802.11, nstreme and NV2, all works.

Currently testing on 802.11. In what situations does one use nstreme or NV2? or for what I'm doing above, what's the best mode?

I registered already but not 100% sure going yet.

Wonder what they give free. Maybe hAP Lite or mAp Lite?

This post has been edited by soonwai: Jan 14 2016, 05:30 PM

If I do go, will probably change it to a paid one. Wouldn't mind the ROS license. Can use it for the Atom 330 sitting in my drawer for the past 4 yrs.

I have no idea what a dedi is.

No plan yet, just experiment with it, I guess.

Btw, MUM Istanbul 2014 door gift was an RB951G-2HnD. Nice.

http://blog.f1mikrotik.com

This post has been edited by soonwai: Jan 14 2016, 07:17 PM

Yum yum. hAP-AC RB962UiGS-5HacT2HnT

http://routerboard.co.id/artikel_lihat.php?id=164

Quoting myself here but it's actually working quite well. Pretty much flawless HyppTV over wifi. A bit expensive though.

No, it won't. For the bridge above, it's RB to RB so all 3 works. I think nstreme & nv2 was developed for better p2p links which is essentially what I'm doing but only 40ft apart. LOL.

This post has been edited by soonwai: Jan 16 2016, 02:08 PM

For those with RB951Ui-2HnD (and other RBs as well) and ROS 6.33.5.

Resetting your router to defaults (/system reset-configuration) will result in an unconfigured router (no IP address, no WLAN, nothing). It seems that the "default-configuration" script fails to run or complete even though the "RouterOS Default Configuration" popup displays.

http://forum.mikrotik.com/viewtopic.php?p=516366

Fortunately the router is still accessible via MAC & Winbox.

I think this is quite a bad bug for newbies. Since many step-by-step guides request a reset to defaults before following the guide. Unless the user knows about Winbox & MAC, to them it's basically a bricked router.

This post has been edited by soonwai: Jan 21 2016, 01:22 AM

This might be useful for Android users.
Tik App, MikroTik android utility ALPHA test here:
http://forum.mikrotik.com/viewtopic.php?f=21&t=98407

For iPhone and Mac also got. 3rd party and not free.

Tiktool IOS App. USD14.99. Works on iPad too.
https://itunes.apple.com/us/app/tiktool-mob...d434839992?mt=8

TikTool HD for iPad. USD14.99
https://itunes.apple.com/us/app/tiktool-hd-...d545508425?mt=8

Tiktool for Mac. Free but sucks. Winbox is so much better.
https://itunes.apple.com/us/app/tiktool-nat...852903593?mt=12

Setting up a Mikrotik router for UniFi is now a lot easier with Quick Set. So here's a little step-by-step.

Mikrotik UniFi Setup Guide

Connect to the router
First, connect to the router using either a web browser or winbox.exe (http://www.mikrotik.com/download)
*winbox is a Windows app to configure your Mikrotik router.
**The screenshots here are from winbox. Web browser looks similar. You'll figure it out.
***This assumes a router with default configuration. This is very important. It it's not, you can reset the router to defaults before starting.
****Do not reset to defaults if your RouterOS is version 6.33.5. http://forum.mikrotik.com/viewtopic.php?p=516366

(Imagine a screenshot of your browser's address bar or the winbox login screen)
Connect to the router
Default IP address: 192.168.88.1
Username: admin
Password: (no password) <-- I mean there's no password defined and not that the password is (no password).


Quick Set
1) Click on Quick Set


Set as Home AP and enter UniFi username & password
1) Select Home AP
2) Select PPPoE
3) Enter UniFi username and password
4) OK
*Once everything is working, come back here to set your wifi to a cooler name and give it a password.


VLAN
1) Click Interfaces
2) Click VLAN
3) Create a new VLAN
4) Give it a name e.g.: vlan500 (I like daytona500)
5) Set VLAN ID: 500
6) Ensure Interface is: ether1-gateway
7) OK


PPPoE
1) Click PPP
2) Double-click pppoe-out1
3) Set Interfaces to vlan500 (or the name you gave it in VLAN Step 4)
4) OK

That's it.

Internet should be be working now.

Next we'll setup HyppTV.
For HyppTV we'll be using Ethernet Port 5. So plug your HyppTV Set Top Box (STB) into this port.


Ethernet Port 5
1) Click Interfaces
2) Double click ether5-slave-local
3) Change Master Port to: none
4) OK


VLAN
1) Click Interfaces
2) Click VLAN
3) Create a new VLAN
4) Give it a name e.g.: vlan600iptv
5) Set VLAN ID: 600
6) Ensure Interface is: ether1-gateway
7) OK

Bridge
1) Click Bridge
2) Create a new Bridge
3) Give it a name e.g.: unifi.iptv
4) OK

Ports
1) Click Bridge
2) Click Ports
3) Add a port
4) Set Interface to: ether5-slave-local
5) Set Bridge to: unifi.iptv (that's the bridge that you just created above)
6) Add another port
7) Set Interface to: vlan600iptv
8) Set Bridge to: unifi.iptv
9) OK

And that's it. Remember that to plug your HyppTV Set Top Box (STB) into port 5. Switch on your HyppTV STB and enjoy.

This post has been edited by soonwai: Jan 28 2016, 01:55 AM

Thanks, what can I say? I've never had so much fun with a router. And most, if not all, of the guides out there for UniFi were written before Quick Set. Don't get me wrong though, doing everything by hand is also good. Forces you to learn about the router but few will appreciate that. They'd probably just dump the Mikrotik and buy an Asus.

I recommend Mikrotik to my friends & relatives and most of them are using it now. I estimate at least 10 already. The biggest installation consist of 5 routers (1 router/AP + 2 WDS Repeaters & 2 more for a HyppTV WiFi Bridge). LOL, took me a week of trial & error but it was fun.

And you, Khalid21, thanks to you too. If you remember, you recommended gemfive to me for the DLink DAP-1665. You saved me RM80-90.

This post has been edited by soonwai: Jan 18 2016, 09:18 PM

Yes, klseet, that's where I first got started with Mikrotik.

Thanks for the tip. This weekend project to try and use the switch for VLAN.

Sorry, missed your post. Thanks for the info. I guess I should use nstreme for a wifi bridge meant for video streaming (HyppTV) to keep latencies down. But my amateur PtP link is only 45 ft so probably won't make any difference. Now to keep the damn cat out of the first Fresnel zone.

Sure no problem, just for you, at last you can watch HyppTV. :-) Must find some time first.

For the Internet part is easy, exactly the same but VLAN is 621. Also Maxis usually (always?) use ether2 on the BTU. The Astro IPTV part, I dunno lah. Dun have Astro here to play with.

One more, ohana.com.my is VLAN 624.

This post has been edited by soonwai: Jan 21 2016, 01:38 AM

Updated my UniFi guide to include HyppTV setup.
https://forum.lowyat.net/index.php?showtopi...post&p=78327719

If you guys ever need a backup GSM link to your router. This is the cheapest I can find.

Digi Best Prepaid with Super Long Life (SLL) and IDD Internet Club (IDDIC)
For less than RM50, this gives you SLL 365 days validity and IDDIC 64kbps data for a year. Data Quota is 1GB a month.
More details here: https://forum.lowyat.net/topic/3803865

Now, it's only 64kbps so it's more for configuration than as a backup data link. Actually 64kbps is still fast enough for text based basic stuff.

This post has been edited by soonwai: Jan 28 2016, 04:09 PM

I've been messing with my firewall so most rules are off the moment. Today I realised that I have about 1000/sec inbound UDP connections from the internet to port 53 (DNS) of my router. Any ideas what that is? It chews up 8-10mbps of my ingoing/outgoing bandwidth.

DDOS? Though not very effective since router is still ok.

Anyway port 53 filters are back up.


This is about 1 min after I enabled the filters.

Update: Looks like a DNS amplification attack. Just had my port 53 opened for a few hours and they found it.

This post has been edited by soonwai: Jan 28 2016, 06:19 PM

Thank rioven. I'm using the set of firewall rules from klseet's Mikrotik guide (2-3 years ago) which I think already has what you mentioned above. Seems to work well. I'm quite the newbie to firewalls so I don't pretend to understand what some of the rules are for but hey, if they work, that's good enough for me.

Maybe you can write a guide to firewalls or post a sample set of rules for newbies.

Mikrotik's current default config of dropping everything to the Input chain seems to be a good approach too. Then one can just open up what's necessary eg: port 80 webfig, 22 ssh or 8291 winbox, etc...

Thanks asellus. Just googled NTP amplification. Very interesting all these methods of attacks.