Mikrotik Routers (RouterBoard & RouterOS)

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Networks and Broadband

Bump Topic Add Reply RSS Feed

176 Pages « < 127 128 129 130 131 > » Bottom

Outline · [ Standard ] · Linear+

Enterprise Networking Mikrotik Routers (RouterBoard & RouterOS), User and owner discussion group

views

ahlong	May 13 2022, 10:13 AM Show posts by this member only \| Post #2561
not a debt collector Junior Member 612 posts Joined: Apr 2005 From: http://127.0.0.1:80/announce	» Click to show Spoiler - click again to hide... « QUOTE(Anime4000 @ May 12 2022, 06:52 PM) I have successfully adding 2nd IPv6 Subnet, since our ISP refuse to give atleast /60, we do NAT6 in second subnet This what I do IPv6 ➡ Pool IPv6 ➡ Address ➡ ➕ IPv6 ➡ Firewall ➡ NAT ➡ ➕ CODE [General] Chain: srcnat Src. Address: 2000::/64 Out. Interface List: WAN [Advanced] IPsec Policy: out : none [Action] Action: masquerade Only works in ROS7+ Windows and browser refuse to using fc00::/7 ULA Space, we had to break IANA IPv6 Assignment because of our ISP mistake, just break it IPv6 NAT will break P2P, good firewall layer to protect IoT, VPN Users, etc... I just found out that, when Metric/Distance same Value, Windows will choose lowest IP Address Number, my plan to use funny address like 2000:dead:cafe:b00b::/64, I choose 2000::/64 because is the lowest value valid More details I put on my blog here: https://www.hitoha.moe/second-ipv6-subnet-v...os-7-using-nat/ Thank you for sharing ya This post has been edited by ahlong: May 13 2022, 10:15 AM
Card PM	Report Top Like Quote Reply

benson208	May 16 2022, 02:22 PM Show posts by this member only \| IPv6 \| Post #2562
New Member Newbie 12 posts Joined: Feb 2009	QUOTE(Anime4000 @ May 12 2022, 06:52 PM) I have successfully adding 2nd IPv6 Subnet, since our ISP refuse to give atleast /60, we do NAT6 in second subnet This what I do IPv6 ➡ Pool IPv6 ➡ Address ➡ ➕ IPv6 ➡ Firewall ➡ NAT ➡ ➕ CODE [General] Chain: srcnat Src. Address: 2000::/64 Out. Interface List: WAN [Advanced] IPsec Policy: out : none [Action] Action: masquerade Only works in ROS7+ Windows and browser refuse to using fc00::/7 ULA Space, we had to break IANA IPv6 Assignment because of our ISP mistake, just break it IPv6 NAT will break P2P, good firewall layer to protect IoT, VPN Users, etc... I just found out that, when Metric/Distance same Value, Windows will choose lowest IP Address Number, my plan to use funny address like 2000:dead:cafe:b00b::/64, I choose 2000::/64 because is the lowest value valid More details I put on my blog here: https://www.hitoha.moe/second-ipv6-subnet-v...os-7-using-nat/ Thank for sharing. Hi sifu. I look at your website u already buy new mikrotik rb5009 and direct replace the onu with gpon onu sfp. Can u teach me how to making fibre direct connect to mikrotik. Can u share at your blog?
Card PM	Report Top Like Quote Reply

Anime4000	May 16 2022, 03:21 PM Show posts by this member only \| IPv6 \| Post #2563
Look at all my stars!! Senior Member 2,400 posts Joined: Jul 2009 From: /dev/null	Thanks everyone, ROS7 made possible to do IPv6 NAT, To Malaysia ISP: You have failed to give us at least /60 subnet, we going to use IANA reserve IPv6 address, because of this mess, ISP at fault... QUOTE(benson208 @ May 16 2022, 02:22 PM) Thank for sharing. Hi sifu. I look at your website u already buy new mikrotik rb5009 and direct replace the onu with gpon onu sfp. Can u teach me how to making fibre direct connect to mikrotik. Can u share at your blog? Oh yea, I haven't make proper guide to replace SFU (Switch Fabric Unit) ONU with GPON ONU SFP, EDIT: I have made full guide that apply with TM-Unifi, TM-Maxis, Allo and TIME https://www.hitoha.moe/odi-dfp-34x-2c2-gpon-onu-sfp/ This post has been edited by Anime4000: May 16 2022, 05:27 PM OlgaC4, hasmidzul_jojo, and 4 others liked this post
Card PM	Report Top Like Quote Reply

benson208	May 16 2022, 10:36 PM Show posts by this member only \| IPv6 \| Post #2564
New Member Newbie 12 posts Joined: Feb 2009	QUOTE(Anime4000 @ May 16 2022, 03:21 PM) Thanks everyone, ROS7 made possible to do IPv6 NAT, To Malaysia ISP: You have failed to give us at least /60 subnet, we going to use IANA reserve IPv6 address, because of this mess, ISP at fault... Oh yea, I haven't make proper guide to replace SFU (Switch Fabric Unit) ONU with GPON ONU SFP, EDIT: I have made full guide that apply with TM-Unifi, TM-Maxis, Allo and TIME https://www.hitoha.moe/odi-dfp-34x-2c2-gpon-onu-sfp/ Thank for sharing the guide sifu
Card PM	Report Top Like Quote Reply

haturaya	May 17 2022, 07:02 AM Show posts by this member only \| IPv6 \| Post #2565
Look at all my stars!! Elite 2,558 posts Joined: Jan 2003	QUOTE(Anime4000 @ May 16 2022, 03:21 PM) Thanks everyone, ROS7 made possible to do IPv6 NAT, To Malaysia ISP: You have failed to give us at least /60 subnet, we going to use IANA reserve IPv6 address, because of this mess, ISP at fault... Oh yea, I haven't make proper guide to replace SFU (Switch Fabric Unit) ONU with GPON ONU SFP, EDIT: I have made full guide that apply with TM-Unifi, TM-Maxis, Allo and TIME https://www.hitoha.moe/odi-dfp-34x-2c2-gpon-onu-sfp/ Awesome
Card PM	Report Top Like Quote Reply

jusbella	May 17 2022, 12:34 PM Show posts by this member only \| Post #2566
Look at all my stars!! Senior Member 3,038 posts Joined: Dec 2011	Hi bro, thanks for the great information. Just to enquiry, what if we cannot access the modem ONU? Something like Alcatel ONU which don have webgui? QUOTE(Anime4000 @ May 16 2022, 03:21 PM) Thanks everyone, ROS7 made possible to do IPv6 NAT, To Malaysia ISP: You have failed to give us at least /60 subnet, we going to use IANA reserve IPv6 address, because of this mess, ISP at fault... Oh yea, I haven't make proper guide to replace SFU (Switch Fabric Unit) ONU with GPON ONU SFP, EDIT: I have made full guide that apply with TM-Unifi, TM-Maxis, Allo and TIME https://www.hitoha.moe/odi-dfp-34x-2c2-gpon-onu-sfp/
Card PM	Report Top Like Quote Reply

hasmidzul_jojo	May 17 2022, 12:43 PM Show posts by this member only \| IPv6 \| Post #2567
Getting Started Junior Member 203 posts Joined: Feb 2008	QUOTE(Anime4000 @ May 16 2022, 03:21 PM) To Malaysia ISP: You have failed to give us at least /60 subnet, we going to use IANA reserve IPv6 address, because of this mess, ISP at fault...
Card PM	Report Top Like Quote Reply

Anime4000	May 17 2022, 02:59 PM Show posts by this member only \| IPv6 \| Post #2568
Look at all my stars!! Senior Member 2,400 posts Joined: Jul 2009 From: /dev/null	QUOTE(hasmidzul_jojo @ May 17 2022, 12:43 PM) haha, just blame ISP for this, even Hurricane Electric can give /48 QUOTE(benson208 @ May 16 2022, 10:36 PM) Thank for sharing the guide sifu QUOTE(haturaya @ May 17 2022, 07:02 AM) Awesome Thank You QUOTE(jusbella @ May 17 2022, 12:34 PM) Hi bro, thanks for the great information. Just to enquiry, what if we cannot access the modem ONU? Something like Alcatel ONU which don have webgui? You can use HG8240H5 info in my guide example, you just need create a random HWTC serial number and PLOAM Password... if you can't obtain PLOAM Password, sacrifice must be made: 1. Off Alcatel ONU 2. Call TM say ONU is dead 3. On Alcatel ONU for internet 4. When TM technician arrive, take a piece a paper, jam into UPC connector making it cannot connect 5. TM technician replace new ONU, ask him your PLOAM Password 6. profit if you using TIME, PPPoE Password is your PLOAM Password, simple If you using 1Gbps, you can get 1.3Gbps or more when using SFP! lwk523 done that! he using Intel Wi-Fi 6 AX200 160MHz 2x2 MIMO @ 2440Mbps since laptop is ultrabook has no Ethernet Mikrotik Router & Switch support 2.5Gb HiSGMII (ROS 7.3+) 1. CCR2004-1G-12S+2XS 2. CRS305-1G-4S+IN This post has been edited by Anime4000: May 17 2022, 03:07 PM lwk523 and jusbella liked this post
Card PM	Report Top Like Quote Reply

1zx	May 17 2022, 07:47 PM Show posts by this member only \| IPv6 \| Post #2569
New Member Newbie 20 posts Joined: Feb 2019	All, Anyone knows how to remove active users (that weren't properly disconnected)? From what I've been reading, it's not possible short of a reboot. Thanks in advance!
Card PM	Report Top Like Quote Reply

1zx	May 17 2022, 08:04 PM Show posts by this member only \| IPv6 \| Post #2570
New Member Newbie 20 posts Joined: Feb 2019	QUOTE(machai_world @ May 4 2022, 05:06 PM) mind to share guideline to enable ipv6 address for both public and private? Hope i didn't miss anything, here's a copy from my config with some rules removed and added some comments. CODE /ipv6 dhcp-client add add-default-route=yes interface=Time pool-name="Time IPv6" request=prefix use-peer-dns=no <- Change interface to your PPPoE interface /ipv6 address add from-pool="Time IPv6" interface=bridge-local <- Change to your internal bridge interface name. Pool name from ipv6 dhcp-client /ipv6 nd set [ find default=yes ] advertise-dns=no mtu=1480 /ipv6 firewall address-list add address=::/128 comment="defconf: unspecified address" list=bad_ipv6 add address=::1/128 comment="defconf: lo" list=bad_ipv6 add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6 add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6 add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6 add address=100::/64 comment="defconf: discard only " list=bad_ipv6 add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6 add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6 add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6 add address=::224.0.0.0/100 comment="defconf: other" list=bad_ipv6 add address=::127.0.0.0/104 comment="defconf: other" list=bad_ipv6 add address=::/104 comment="defconf: other" list=bad_ipv6 add address=::255.0.0.0/104 comment="defconf: other" list=bad_ipv6 /ipv6 firewall filter add action=accept chain=forward comment="defconf: accept established,related,untracked" connection-state=established,related add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid log=yes log-prefix=ipv6-drop-invalid add action=accept chain=input comment="defconf: accept ICMPv6" icmp-options=!128:0-255 log-prefix=ipv6-icmp-allow protocol=icmpv6 add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related log=yes log-prefix=ipv6-input-allow add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid add action=accept chain=input comment="defconf: accept UDP traceroute" port=33434-33534 protocol=udp add action=accept chain=input comment="defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=udp src-address=fe80::/10 add action=accept chain=input comment="defconf: accept IKE" disabled=yes dst-port=500,4500 protocol=udp add action=accept chain=input comment="defconf: accept ipsec AH" disabled=yes protocol=ipsec-ah add action=accept chain=input comment="defconf: accept ipsec ESP" disabled=yes protocol=ipsec-esp add action=accept chain=input comment="defconf: accept all that matches ipsec policy" disabled=yes ipsec-policy=in,ipsec add action=drop chain=input comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN log=yes log-prefix=ipv6-input-drop add action=drop chain=forward comment="defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6 add action=drop chain=forward comment="defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6 log=yes log-prefix=ipv6-fwd-drop-baddst add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" hop-limit=equal:1 protocol=icmpv6 add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=icmpv6 add action=accept chain=forward comment="defconf: accept HIP" protocol=139 add action=accept chain=forward comment="defconf: accept IKE" disabled=yes dst-port=500,4500 protocol=udp add action=accept chain=forward comment="defconf: accept ipsec AH" disabled=yes protocol=ipsec-ah add action=accept chain=forward comment="defconf: accept ipsec ESP" disabled=yes protocol=ipsec-esp add action=accept chain=forward comment="ccept all that matches ipsec policy" disabled=yes ipsec-policy=in,ipsec add action=drop chain=forward comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN log=yes log-prefix=ipv6-fwd-drop
Card PM	Report Top Like Quote Reply

amirsubhi	May 17 2022, 09:40 PM Show posts by this member only \| Post #2571
The Power Is IN Your Hand! Senior Member 1,472 posts Joined: Apr 2005 From: SumwHeRe In MaLaYsIa	QUOTE(Anime4000 @ May 16 2022, 03:21 PM) Thanks everyone, ROS7 made possible to do IPv6 NAT, To Malaysia ISP: You have failed to give us at least /60 subnet, we going to use IANA reserve IPv6 address, because of this mess, ISP at fault... Oh yea, I haven't make proper guide to replace SFU (Switch Fabric Unit) ONU with GPON ONU SFP, EDIT: I have made full guide that apply with TM-Unifi, TM-Maxis, Allo and TIME https://www.hitoha.moe/odi-dfp-34x-2c2-gpon-onu-sfp/ If you subscribe Unifi-Biz you can get /56 jusbella liked this post
Card PM	Report Top Like Quote Reply

Anime4000	May 17 2022, 09:44 PM Show posts by this member only \| IPv6 \| Post #2572
Look at all my stars!! Senior Member 2,400 posts Joined: Jul 2009 From: /dev/null	QUOTE(amirsubhi @ May 17 2022, 09:40 PM) If you subscribe Unifi-Biz you can get /56 welp, home user cannot, so, cannot isolate IoT device without NAT6
Card PM	Report Top Like Quote Reply

hasmidzul_jojo	May 18 2022, 06:06 PM Show posts by this member only \| IPv6 \| Post #2573
Getting Started Junior Member 203 posts Joined: Feb 2008	QUOTE(Anime4000 @ May 17 2022, 02:59 PM) haha, just blame ISP for this, even Hurricane Electric can give /48 I second to that.Do you think Malaysian ISP give biz package to home user like us?Never try to ask them tho.. /56 is good enough than what HE provided. Thanks again for sharing your workaround.
Card PM	Report Top Like Quote Reply

mamakap	May 23 2022, 08:22 AM Show posts by this member only \| Post #2574
Casual Junior Member 403 posts Joined: Jan 2005	-- deleted - Found the solution This post has been edited by mamakap: May 23 2022, 11:11 AM
Card PM	Report Top Like Quote Reply

hasmidzul_jojo	May 23 2022, 08:14 PM Show posts by this member only \| IPv6 \| Post #2575
Getting Started Junior Member 203 posts Joined: Feb 2008	Playing around with CAKE diffserv 4 Hap Ac2 v7.2.3 / Unifi 100Mbps Baseline Cake Diffserv 4
Card PM	Report Top Like Quote Reply

OlgaC4	Jun 1 2022, 09:47 AM Show posts by this member only \| IPv6 \| Post #2576
Look at all my stars!! Senior Member 5,296 posts Joined: Nov 2006	Default DHCP lease time is 10.00min Make sure set it more then that eg 23hrs. Mess up my gaming experience. Some how respond is slow with 10min DHCP lease time.
Card PM	Report Top Like Quote Reply

OlgaC4	Jun 2 2022, 12:12 PM Show posts by this member only \| IPv6 \| Post #2577
Look at all my stars!! Senior Member 5,296 posts Joined: Nov 2006	QUOTE(Anime4000 @ May 16 2022, 03:21 PM) Thanks everyone, ROS7 made possible to do IPv6 NAT, To Malaysia ISP: You have failed to give us at least /60 subnet, we going to use IANA reserve IPv6 address, because of this mess, ISP at fault... Oh yea, I haven't make proper guide to replace SFU (Switch Fabric Unit) ONU with GPON ONU SFP, EDIT: I have made full guide that apply with TM-Unifi, TM-Maxis, Allo and TIME https://www.hitoha.moe/odi-dfp-34x-2c2-gpon-onu-sfp/ Will the ping or respond time improve after we replace it? I got a RB 5009. Respond and ping is 2 different thing to my knowledge. This post has been edited by OlgaC4: Jun 2 2022, 12:12 PM
Card PM	Report Top Like Quote Reply

TSeric_tan	Jun 4 2022, 12:58 PM Show posts by this member only \| Post #2578
Getting Started Junior Member 264 posts Joined: Feb 2005	Wah.... I started this thread in 2011..... didn't know it is still running.... Best of all, havent login into this account for the past 2 years jusbella, PRSXFENG, and 1 other liked this post
Card PM	Report Top Like Quote Reply

ahlong	Jun 4 2022, 01:34 PM Show posts by this member only \| IPv6 \| Post #2579
not a debt collector Junior Member 612 posts Joined: Apr 2005 From: http://127.0.0.1:80/announce	QUOTE(eric_tan @ Jun 4 2022, 12:58 PM) Wah.... I started this thread in 2011..... didn't know it is still running.... Best of all, havent login into this account for the past 2 years and thanks to you for the thread! got so much knowledge and sharing infos
Card PM	Report Top Like Quote Reply

mamakap	Jun 4 2022, 09:57 PM Show posts by this member only \| Post #2580
Casual Junior Member 403 posts Joined: Jan 2005	Just curious, does anyone know if my Mikrotik got issue like SFP port not working, can it be repair?
Card PM	Report Top Like Quote Reply

« Next Oldest · Networks and Broadband · Next Newest »

176 Pages « < 127 128 129 130 131 > » Top

Add Reply Options

Change to:

0.1794sec

0.62

6 queries

GZIP Disabled
Time is now: 18th December 2025 - 07:55 PM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.