Mikrotik Routers (RouterBoard & RouterOS)

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Networks and Broadband

Bump Topic Add Reply RSS Feed

176 Pages « < 64 65 66 67 68 > » Bottom

Outline · [ Standard ] · Linear+

Enterprise Networking Mikrotik Routers (RouterBoard & RouterOS), User and owner discussion group

views

soonwai	Feb 15 2017, 02:51 PM Show posts by this member only \| Post #1301
 All Stars 11,459 posts Joined: Oct 2007 From: KL	I've been spending much time trying to wrap my head around VLANs and I still don't fully grasp everything yet. Anyway I've got BTU <--> RB2011#1 <--vlan trunk--> RB2001#2 --> HyppTV. RB2011#1 = Router and AP RB2011#2 = Switch and AP 1. Up to now, I've been trunking HyppTV (vlan600) and LAN traffic (vlan1) from one RB to the other. I'm using VLANs and bridges. OK, this works. 2. Last night, I configured RB2001#2 to use the switch chip for the vlans instead of bridges. This works too but I had to put my LAN onto vlan50. Couldn't get it to work with vlan1. So now I'm trunking vlan600 and vlan50. This works too. 3. Next I want to use the switch chip on the main router RB2011#1 to handle the vlans. Stuck on this at the moment. I'm so stuck I don't even know what questions to ask yet so I'll just leave this here for now. This post has been edited by soonwai: Feb 16 2017, 01:13 AM
Card PM	Report Top Like Quote Reply

rioven	Feb 15 2017, 08:21 PM Show posts by this member only \| IPv6 \| Post #1302
Enthusiast Senior Member 975 posts Joined: Sep 2004 From: Setapak	okay its time to experiment this is my config (switch vlan for hypptv) at the switch vlan, u may copy vlan 600 setting. at the switch port, copy setting for ether1, ether2 and cpu1. for trunk port (lets say ether5), vlan-mode=secure vlan-header=add if missing. I still out of idea for vlan-id=1. My logical thinking is add vlan1 in the "interface vlan" for trunk port (let say ether5) and put "switch vlan" rules vlan-id=1 ports ether2,ether5,cpu1. p/s: this is my best guess answer
Card PM	Report Top Like Quote Reply

soonwai	Feb 16 2017, 01:52 AM Show posts by this member only \| Post #1303
 All Stars 11,459 posts Joined: Oct 2007 From: KL	I'm still working on RB2011#2, the vlan switching works but having probs getting wlan working. Hopefully someone can help. Everything is working using the switch chip. <---vlan600/vlan50 trunk (ether1)---> RB2011#2 <--> (ether2 PC) (ether5 Hypptv) Below is my config: » Click to show Spoiler - click again to hide... « CODE # feb/16/2017 01:20:28 by RouterOS 6.38.1 # software id = 70Q0-I0GC # vlan600=HyppTV, vlan50=LAN traffic /interface ethernet set [ find default-name=ether2 ] master-port=ether1 set [ find default-name=ether5 ] master-port=ether1 /interface ethernet switch port # ether1 trunk port set 1 vlan-header=add-if-missing vlan-mode=secure # ether2 access port set 2 default-vlan-id=50 vlan-header=always-strip vlan-mode=secure # ether5 for HyppTV set 5 default-vlan-id=600 vlan-header=always-strip vlan-mode=secure # switch1-cpu set 11 default-vlan-id=50 vlan-mode=secure /interface ethernet switch vlan add independent-learning=no ports=ether1,ether5 switch=switch1 vlan-id=600 add independent-learning=no ports=ether1,ether2,switch1-cpu switch=switch1 vlan-id=50 /ip dhcp-client add default-route-distance=0 dhcp-options=hostname,clientid disabled=no interface=ether1 /interface wireless set [ find default-name=wlan1 ] band=2ghz-onlyn channel-width=20/40mhz-Ce country=malaysia disabled=no distance=indoors frequency=auto frequency-mode=regulatory-domain max-station-count=100 mode=ap-bridge ssid=mtk wireless-protocol=802.11 wps-mode=disabled I'm trying to figure out how to setup wlan1 which is also on vlan50. 1. I've tried following this: http://www.breekeenbeen.nl/2014/12/11/mikr...thout-bridging/ There's a section in it that explains how to add wlan1 but it doesn't work. wlan1 does not see my dhcp server on vlan50. It's for the CRS but concepts should be the same right? Anyway I tried it and this is the additional code. CODE /interface vlan add name=vlan50 interface=ether1 vlan-id=50 /interface bridge add name=bridge-vlan50 /interface bridge port add bridge=bridge-vlan50 interface=vlan50 /interface bridge port add bridge=bridge-vlan50 interface=wlan1 I also tried creating the vlan50 on the bridge, didn't work. 2. Next I undid the above and tried to bridge ether1 and wlan1. CODE /interface bridge add name=bridge1 /interface bridge port add bridge=bridge1 interface=wlan1 add bridge=bridge1 interface=ether1 This lagi worse. As soon as I add ether1 to the bridge. All traffic stops. HyppTV stops, PC no more internet. Any ideas? This post has been edited by soonwai: Feb 16 2017, 01:55 AM
Card PM	Report Top Like Quote Reply

rioven	Feb 16 2017, 02:42 AM Show posts by this member only \| IPv6 \| Post #1304
Enthusiast Senior Member 975 posts Joined: Sep 2004 From: Setapak	Might not best solutions, but it may work (this is at wlan1 setting, wireless tab) change "vlan mode=use tag, vlan-id=50" /ip dhcp-client add default-route-distance=0 dhcp-options=hostname,clientid disabled=no interface=ether1<--not sure will grab ip from ether1, if change to vlan50..maybe /interface bridge add name=bridge1 /interface bridge port add bridge=bridge1 interface=wlan1 add bridge=bridge1 interface=ether1 # switch1-cpu set 11 default-vlan-id=50 vlan-mode=secure<--this config, im not that sure, i maybe change vlan-mode=check and remove default-vlan-id edit: change to better answer, twice This post has been edited by rioven: Feb 16 2017, 04:10 AM
Card PM	Report Top Like Quote Reply

soonwai	Feb 17 2017, 05:57 PM Show posts by this member only \| Post #1305
 All Stars 11,459 posts Joined: Oct 2007 From: KL	rioven Thanks for the suggestion. Haven't had time to try it yet. Probably do so tonight. I have another question. My simple switched vlan config is already working for vlan 50 (LAN traffic) and vlan 600 (HyppTV). Working config is below. Just ether1, 2 & 5, switched vlans 50 & 600, no wlans or bridges yet. CODE /interface ethernet set [ find default-name=ether2 ] master-port=ether1 set [ find default-name=ether5 ] master-port=ether1 set [ find default-name=sfp1 ] disabled=yes /interface ethernet switch vlan # vlan 50 LAN # vlan 600 IPTV add independent-learning=no ports=ether1,ether5 switch=switch1 vlan-id=600 add independent-learning=no ports=ether1,ether2,switch1-cpu switch=switch1 vlan-id=50 /interface ethernet switch port #ether1 vlan 50 600 Trunk Port set 1 vlan-header=add-if-missing vlan-mode=secure #ether2 vlan 50 Access Port set 2 default-vlan-id=50 vlan-header=always-strip vlan-mode=secure #ether5 vlan 600 Access Port set 5 default-vlan-id=600 vlan-header=always-strip vlan-mode=secure #eswitch1-cpu vlan 50 set 11 default-vlan-id=50 vlan-mode=secure ether1 is the trunk port for vlan 50 and vlan 600 ether2 is the access port for vlan 50 (My Mac is here) ether5 is the access port for vlan 600 (The IPTV set-top box) vlan 50 is my LAN traffic and vlan 600 is IPTV. Both vlans are coming from another RB. So later I want to add wlan1. I thought I'd start by creating a bridge. After that I added ether1 to the bridge. CODE /interface bridge add name=bridge1 /interface bridge port add bridge=bridge1 interface=ether1 As soon as I add ether1 as a port, everything stops working ie: all traffic for ether1, 2 & 5 stops. My question is why does all traffic stop when I add ether1 as a port to that bridge? What am I doing wrong? This post has been edited by soonwai*: Feb 17 2017, 06:00 PM
Card PM	Report Top Like Quote Reply

rioven	Feb 18 2017, 05:46 PM Show posts by this member only \| IPv6 \| Post #1306
Enthusiast Senior Member 975 posts Joined: Sep 2004 From: Setapak	I'm still out of idea why the traffic stops when bridge wlan and ether1 (so im leave this part until i got better idea..sorry). anyway let me know if any progress of wlan, did use tag solve the problem or not
Card PM	Report Top Like Quote Reply

soonwai	Feb 19 2017, 07:18 PM Show posts by this member only \| IPv6 \| Post #1307
 All Stars 11,459 posts Joined: Oct 2007 From: KL	If anyone feels bored with their Routerboards, check out: https://lede-project.org Custom firmware for Mikrotik RBs based on OpenWRT. Also available for other router makes. This post has been edited by soonwai: Feb 19 2017, 08:29 PM
Card PM	Report Top Like Quote Reply

soonwai	Feb 20 2017, 01:13 AM Show posts by this member only \| Post #1308
 All Stars 11,459 posts Joined: Oct 2007 From: KL	QUOTE(rioven @ Feb 18 2017, 05:46 PM) I'm still out of idea why the traffic stops when bridge wlan and ether1 (so im leave this part until i got better idea..sorry). anyway let me know if any progress of wlan, did use tag solve the problem or not Hi rioven, the problem with the bridge traffic stopping seems to be due to STP changes in 6.38. I'm using 6.38.1. Quite a few posts on the Mikrotik forums about it. I think 6.39RC solves it but I haven't tried yet. QUOTE(rioven @ Feb 16 2017, 02:42 AM) Might not best solutions, but it may work (this is at wlan1 setting, wireless tab) change "vlan mode=use tag, vlan-id=50" I have to keep wlan1 untagged. If I tag it as 50, it doesn't work. If No Tag then it works. wlan1 is a port in bridge-vlan50. QUOTE /ip dhcp-client add default-route-distance=0 dhcp-options=hostname,clientid disabled=no interface=ether1<--not sure will grab ip from ether1, if change to vlan50..maybe I removed this. I don't need an IP address on the RB#2 anyway. Before I removed it, I did some testing, the DHCP client works only on ether1 and not on bridge-vlan50 nor on vlan50. QUOTE /interface bridge add name=bridge1 /interface bridge port add bridge=bridge1 interface=wlan1 add bridge=bridge1 interface=ether1 # switch1-cpu set 11 default-vlan-id=50 vlan-mode=secure<--this config, im not that sure, i maybe change vlan-mode=check and remove default-vlan-id edit: change to better answer, twice Haven't tested the switch1-cpu but current config switch1-cpu is working so I just leave it be for now.
Card PM	Report Top Like Quote Reply

rioven	Feb 20 2017, 02:35 AM Show posts by this member only \| IPv6 \| Post #1309
Enthusiast Senior Member 975 posts Joined: Sep 2004 From: Setapak	QUOTE(soonwai @ Feb 20 2017, 01:13 AM) Hi rioven, the problem with the bridge traffic stopping seems to be due to STP changes in 6.38. I'm using 6.38.1. Quite a few posts on the Mikrotik forums about it. I think 6.39RC solves it but I haven't tried yet. I have to keep wlan1 untagged. If I tag it as 50, it doesn't work. If No Tag then it works. wlan1 is a port in bridge-vlan50. I removed this. I don't need an IP address on the RB#2 anyway. Before I removed it, I did some testing, the DHCP client works only on ether1 and not on bridge-vlan50 nor on vlan50. Haven't tested the switch1-cpu but current config switch1-cpu is working so I just leave it be for now. Im still using an older bugfix package (6.36.4 since i got old wifi laptop, any newer will make old wifi laptop stop working/connect). I read about the newer STP changes, just realize the cause of the problem that bad Since you already bridge-vlan50, wlan1 doesnt need to be tag (is a choice, either bridge or use tag). The rest, well..is working now, just leave it
Card PM	Report Top Like Quote Reply

soonwai	Feb 20 2017, 05:03 PM Show posts by this member only \| IPv6 \| Post #1310
 All Stars 11,459 posts Joined: Oct 2007 From: KL	QUOTE(rioven @ Feb 20 2017, 02:35 AM) Im still using an older bugfix package (6.36.4 since i got old wifi laptop, any newer will make old wifi laptop stop working/connect). I read about the newer STP changes, just realize the cause of the problem that bad Since you already bridge-vlan50, wlan1 doesnt need to be tag (is a choice, either bridge or use tag). The rest, well..is working now, just leave it Just got a reply from Mikrotik support, they suggest trying 6.39RC. Maybe I'll give that a try tonight. 6.38(.1) seems to be causing a lot of problems not just for me but other people as well. This post has been edited by soonwai: Feb 20 2017, 06:30 PM
Card PM	Report Top Like Quote Reply

soonwai	Feb 21 2017, 09:46 PM Show posts by this member only \| Post #1311
 All Stars 11,459 posts Joined: Oct 2007 From: KL	I just got this idea but don't have a DIR-615 to test. If I trunk vlan600 from my Mikrotik down to the TV room into a stock UniFi DIR-615 and connect that to the STB, do you think this will work? If it does then people who wants to do trunking can reuse their stock UniFi routers. Save some money. --- A while back, I shared in this thread a Dynamic DNS script for Namecheap. It's now got a new home in the wiki. Dynamic DNS Update Script for Namecheap It already notifies via email when the IP changes. Currently working on adding Twitter and IM notifications to it. Here's a test using Telegram. Twitter is WIP. Question, are there any other IM services that has an easy to setup and use API? Telegram is quite easy. I haven't check the others. This post has been edited by soonwai: Feb 21 2017, 11:11 PM
Card PM	Report Top Like Quote Reply

aneip	Feb 22 2017, 10:43 AM Show posts by this member only \| Post #1312
Look at all my stars!! Senior Member 2,466 posts Joined: Nov 2004	QUOTE(soonwai @ Feb 21 2017, 09:46 PM) I just got this idea but don't have a DIR-615 to test. If I trunk vlan600 from my Mikrotik down to the TV room into a stock UniFi DIR-615 and connect that to the STB, do you think this will work? Should works for IPTV.. for internet connection need more info.. What vlan you want to use for internet? Do you want to use double natting?
Card PM	Report Top Like Quote Reply

soonwai	Feb 22 2017, 12:05 PM Show posts by this member only \| Post #1313
 All Stars 11,459 posts Joined: Oct 2007 From: KL	QUOTE(aneip @ Feb 22 2017, 10:43 AM) Should works for IPTV.. for internet connection need more info.. What vlan you want to use for internet? Do you want to use double natting? My current config is trunking vlan50 (LAN traffic) & vlan600 to my RB2011#2 downstairs. It's just acting as a switch as the moment. vlan500 stops at the main router upstairs, also RB2011. Just wondering if there's a way to utilise all those DIR-615s that people have lying around. Maybe if I change my vlan50 to vlan500. On DIR-615, set static IP? Disable NAT, if possible? vlan ids are hardcoded? Have to find a DIR-615 to try out. This post has been edited by soonwai: Feb 22 2017, 05:59 PM
Card PM	Report Top Like Quote Reply

soonwai	Feb 25 2017, 01:55 AM Show posts by this member only \| Post #1314
 All Stars 11,459 posts Joined: Oct 2007 From: KL	QUOTE(soonwai @ Feb 20 2017, 01:13 AM) Hi rioven, the problem with the bridge traffic stopping seems to be due to STP changes in 6.38. I'm using 6.38.1. Quite a few posts on the Mikrotik forums about it. I think 6.39RC solves it but I haven't tried yet. QUOTE(soonwai @ Feb 20 2017, 05:03 PM) Just got a reply from Mikrotik support, they suggest trying 6.39RC. Maybe I'll give that a try tonight. 6.38(.1) seems to be causing a lot of problems not just for me but other people as well. Hi soonwai, seems to be a prob with ROS. All the way up to 6.39rc33. Reply from support: CODE We found the problem. RSTP currently does not work together with VLAN configurations on small 5 port Atheros switch chips. You will have to either disable RSTP or reconfigure VLANs with bridges if RSTP is necessary. Oh dear, talking to myself again... This post has been edited by soonwai: Feb 25 2017, 01:56 AM
Card PM	Report Top Like Quote Reply

skywardsword	Feb 25 2017, 07:28 AM Show posts by this member only \| Post #1315
On my way Junior Member 680 posts Joined: Sep 2010	QUOTE(soonwai @ Feb 25 2017, 01:55 AM) Hi soonwai, seems to be a prob with ROS. All the way up to 6.39rc33. Reply from support: CODE We found the problem. RSTP currently does not work together with VLAN configurations on small 5 port Atheros switch chips. You will have to either disable RSTP or reconfigure VLANs with bridges if RSTP is necessary. Oh dear, talking to myself again... No worries we are reading u. Just not yet reply since I don't have mikrotik yet. Waiting for rb2011 with ac.
Card PM	Report Top Like Quote Reply

jio	Feb 25 2017, 10:26 AM Show posts by this member only \| Post #1316
Casual Junior Member 383 posts Joined: May 2005	I don't even bother trying to use mikrotik RBs for switching purpose since the last time I tried it on a RB2011UAS-RM back in 2013. Not only there are limitations that prevented my intended configuration, the routing performance is also really bad (less than 500mbit throughput on anything that has to pass through the CPU). If you want a mikrotik for switch functionality, use CRS instead. On RBs, more often than not you will have to rely on bridging as the not all the switch functionality is there unlike a managed switch.
Card PM	Report Top Like Quote Reply

soonwai	Feb 25 2017, 08:05 PM Show posts by this member only \| Post #1317
 All Stars 11,459 posts Joined: Oct 2007 From: KL	QUOTE(skywardsword @ Feb 25 2017, 07:28 AM) No worries we are reading u. Just not yet reply since I don't have mikrotik yet. Waiting for rb2011 with ac. I don't think Mikrotik is going to go down that path. I mean an integrated solution. They seem to be marketing the hAP AC, for example, more as an AP. They've released 2 really good routers, the RB3011 and the RB750Gr3 (hEX). For me, when the need arises, I'll probably go with a hEX paired with a hAP AC.
Card PM	Report Top Like Quote Reply

soonwai	Feb 26 2017, 07:24 PM Show posts by this member only \| Post #1318
 All Stars 11,459 posts Joined: Oct 2007 From: KL	Hi all, I have another script to share. It's for those who needs a certain IP range when dialing into Unifi. Instead of sitting and rebooting the router or disabling and enabling the pppoe client, all you have to do is run this script. Only 3 variables to set, if, targetip and pppoedelay. if: name of your pppoe-client interface targetip: 175.0.0.0/8 or 65.50.0.0/16 pppoedelay: Delay enough so that TM will give a new IP instead of the previous one. You can play around with this. CODE :global if "pppoe-out1" :global targetip 210.0.0.0/8 :global currentip [/ip address get [/ip address find interface=$if ] address] :set currentip ([[:parse ":return $currentip"]]) :global ip $currentip :global pppoedelay 10s :put "Current IP: $currentip\r\nTarget: $targetip\r\n" :while (!($currentip in $targetip)) do={ put "$currentip is not in $targetip. Getting new IP. $pppoedelay delay" /interface disable $if :delay $pppoedelay /interface enable $if :do {delay 1s; put "waiting for pppoe-server"} while=( [/interface get unifi running]=false) :set currentip [/ip address get [/ip address find interface=$if ] address] :set currentip ([[:parse ":return $currentip"]]) :set ip $currentip } :put "Target obtained: $currentip" Best to run from the CLI so you can see the output. Example: CODE [admin@RB2011UAS] /system script> run pppoe-ip-cidr Current IP: 175.144.175.247/32 Target: 210.0.0.0/8 175.144.175.247/32 is not in 210.0.0.0/8. Getting new IP. 00:00:10 delay waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server 175.144.175.247/32 is not in 210.0.0.0/8. Getting new IP. 00:00:10 delay waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server 175.136.3.130/32 is not in 210.0.0.0/8. Getting new IP. 00:00:10 delay waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server 175.136.3.130/32 is not in 210.0.0.0/8. Getting new IP. 00:00:10 delay waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server 118.101.248.194/32 is not in 210.0.0.0/8. Getting new IP. 00:00:10 delay waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server 175.144.175.247/32 is not in 210.0.0.0/8. Getting new IP. 00:00:10 delay waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server 118.100.151.60/32 is not in 210.0.0.0/8. Getting new IP. 00:00:10 delay waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server waiting for pppoe-server Target obtained: 210.187.203.102/32 [admin@RB2011UAS] /system script>
Card PM	Report Top Like Quote Reply

knuxed	Feb 28 2017, 12:29 PM Show posts by this member only \| Post #1319
Regular Senior Member 1,885 posts Joined: Jan 2003 From: Bangsar,Kuala Lumpur	Guys,for those who want to block connections from untrusted sources such as botnets and all,you guys could follow the instructions laid out by a forummer in the Mikrotik forums Have been using it and it works really well This post has been edited by knuxed: Feb 28 2017, 12:29 PM
Card PM	Report Top Like Quote Reply

soonwai	Feb 28 2017, 01:12 PM Show posts by this member only \| Post #1320
 All Stars 11,459 posts Joined: Oct 2007 From: KL	After many months of procrastinating, I finally setup load balancing for my house. Got tired of waiting for my Unifi 30 - 50 upgrade so upgrade it myself. It's something like this: UniFi30#1 ------ RB2011(my router) ------ hAP Lite ---{wifi}--- Asus RT-N2D1(Neighbour) ------ UniFi30#2 Guides that I used: Mikrotik Dual WAN PCC Load Balancing Mikrotik Wiki: PCC • Would be better if I had a cable to the Asus. • I have access to the Asus so I put in a route to my network. No double NAT. • Bad: 2.4Ghz is now busier than ever. Affecting my phones wifi. • FastTrack seems to be causing problems, maybe. Currently off. Working OK but RB2011 at 80% when routing full 60mbps. Time to buy RB750Gr3! Results I think OK lah. This post has been edited by soonwai: Mar 2 2017, 10:57 PM G K Lai liked this post
Card PM	Report Top Like Quote Reply

« Next Oldest · Networks and Broadband · Next Newest »

176 Pages « < 64 65 66 67 68 > » Top

Add Reply Options

Change to:

0.0246sec

0.34

6 queries

GZIP Disabled
Time is now: 21st December 2025 - 09:51 AM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.