Enterprise Networking Mikrotik Routers (RouterBoard & RouterOS), User and owner discussion group
|
|
 Feb 17 2025, 06:04 PM
Show posts by this member only | IPv6 | Post
#3281
|
 
Senior Member
1,207 posts Joined: Aug 2018 
|
QUOTE(go626201 @ Feb 17 2025, 05:55 PM) Ya,it almost 99% okay already. I am not familiar with how smokeping calculate the average. Wait for a week and see if the graph correct itself?But i not sure why the idle latency still higher than before FSU.   I suspect it just trend higher because you keep testing upload. What idle latency did you get from ping plotter / speedtest if you stop testing your upload? |
|
|
|
|
|
Feb 17 2025, 06:08 PM
Show posts by this member only | IPv6 | Post
#3282
|
|
Senior Member
1,882 posts Joined: Sep 2017
|
QUOTE(kwss @ Feb 17 2025, 06:04 PM) I am not familiar with how smokeping calculate the average. Wait for a week and see if the graph correct itself? Maybe it is the RPi issue,since i restart the RPi a few time in past weeks trying to renew the ipv6 address(when ipv6 not working at the time)I suspect it just trend higher because you keep testing upload. What idle latency did you get from ping plotter / speedtest if you stop testing your upload?  |
|
|
Feb 19 2025, 01:59 PM
Show posts by this member only | IPv6 | Post
#3283
|
Junior Member
610 posts Joined: Apr 2005 From: http://127.0.0.1:80/announce  
|
Guys, just want to clarify:
what is the diff between RB5009 (rm10xx) and RB5009 (new version - rm14xx) eh? from sublime shopee. thank you |
|
|
Feb 19 2025, 02:36 PM
|
|
Junior Member
364 posts Joined: May 2019
|
QUOTE(ahlong @ Feb 19 2025, 01:59 PM) Guys, just want to clarify: Poe on all portswhat is the diff between RB5009 (rm10xx) and RB5009 (new version - rm14xx) eh? from sublime shopee. thank you |
|
|
Feb 19 2025, 02:42 PM
Show posts by this member only | IPv6 | Post
#3285
|
|
Junior Member
610 posts Joined: Apr 2005 From: http://127.0.0.1:80/announce
|
QUOTE(ChenKaiWen @ Feb 19 2025, 02:36 PM) Poe on all ports only that eh? thank you ChenKaiWen |
|
|
Feb 19 2025, 10:22 PM
Show posts by this member only | IPv6 | Post
#3286
|
|
Junior Member
364 posts Joined: May 2019
|
QUOTE(ahlong @ Feb 19 2025, 02:42 PM) only that eh? thank you ChenKaiWen As far as I know, yes.https://youtu.be/3NaomsfbE34 This post has been edited by ChenKaiWen: Feb 19 2025, 10:23 PM MX510 liked this post
|
|
|
|
|
|
Feb 20 2025, 08:59 PM
|
|
Senior Member
1,207 posts Joined: Aug 2018
|
People, I got TM VoIP working on Android phone again. This is despite they closed the loophole by simply disabling VLAN 400 from being forwarded to LAN 1. The technique is simple, and works even better than last time because we no longer need to dstnat to the Android phone. The reason is because it was double NAT. Once on the Mikrotik, the second time on the ONU. Yes, the ONU actually perform NAT on the VoIP VLAN. First add 2 static route in the ONU. Assuming: 192.168.88.0/24 = Your daily usage network 192.168.1.1 = ONU IP Address 192.168.1.10 = Router IP Address If your setup is different, adjust accordingly. Here is the screenshot of the ONU static routing  After you are done, add a static route to your router. It will work on any router this time since no NAT is required.  Android phone configuration unchanged. Just make call. it is even better now. If you can VPN home, you can make call via TM number. Previously this cannot be done due to the need for dstnat. hasmidzul_jojo, cyberic, and 2 others liked this post
|
|
|
Feb 26 2025, 08:44 AM
|
|
Junior Member
610 posts Joined: Apr 2005 From: http://127.0.0.1:80/announce
|
Almost brick the hapac2 after upgrading to ROS7.18 - not enough space
Netinstall and everything back to normal. No fancy other package(s) installed previously. just wifi and ros. Carefull to those still use ancient models |
|
|
Mar 5 2025, 02:52 PM
|
Senior Member
1,473 posts Joined: Oct 2006 From: Jupiter
|
QUOTE(ahlong @ Feb 26 2025, 08:44 AM) Almost brick the hapac2 after upgrading to ROS7.18 - not enough space Netinstall and everything back to normal. No fancy other package(s) installed previously. just wifi and ros. Carefull to those still use ancient models  i have that model and im going to update its firmware soon haha, then use it somewhere elsegood to know just got myself RB5009 |
|
|
Mar 5 2025, 10:14 PM
|
|
Senior Member
1,882 posts Joined: Sep 2017
|
Not sure why i keep getting the same unifi ipv6 prefix after a abnormal power off...
And it causing me unable to use the ipv6... |
|
|
Mar 6 2025, 11:59 AM
Show posts by this member only | IPv6 | Post
#3291
|
Senior Member
2,466 posts Joined: Nov 2004
|
QUOTE(kwss @ Feb 20 2025, 08:59 PM) People, I got TM VoIP working on Android phone again. Can share what software you use? I try a few but got forbiden error from tm. I plan to use in 3cx but wanna test simple 1st.This is despite they closed the loophole by simply disabling VLAN 400 from being forwarded to LAN 1. The technique is simple, and works even better than last time because we no longer need to dstnat to the Android phone. The reason is because it was double NAT. Once on the Mikrotik, the second time on the ONU. Yes, the ONU actually perform NAT on the VoIP VLAN. First add 2 static route in the ONU. Assuming: 192.168.88.0/24 = Your daily usage network 192.168.1.1 = ONU IP Address 192.168.1.10 = Router IP Address If your setup is different, adjust accordingly. Here is the screenshot of the ONU static routing After you are done, add a static route to your router. It will work on any router this time since no NAT is required. Android phone configuration unchanged. Just make call. it is even better now. If you can VPN home, you can make call via TM number. Previously this cannot be done due to the need for dstnat. As for "ONU actually perform NAT on the VoIP VLAN" any setting need to change on UNO side for this? |
|
|
Mar 6 2025, 10:03 PM
|
|
Senior Member
1,207 posts Joined: Aug 2018
|
QUOTE(aneip @ Mar 6 2025, 11:59 AM) Can share what software you use? I try a few but got forbiden error from tm. I plan to use in 3cx but wanna test simple 1st. Hi, I am using the Android default Phone app for this. Just tested and it is still working.As for "ONU actually perform NAT on the VoIP VLAN" any setting need to change on UNO side for this? The whole ONU NAT for VLAN 400 is the default, at least for me using ZTE F620. The ONU VoIP stack works like this: 1. VLAN 400 comes into the ONU 2. ONU will pipe the VLAN to CPU and run a DHCP client on it. This process also perform NAT on it. 3. Instead of adding a default route, it will act like a separate VRF. So TM will have all their VLAN starts with 10.x.x.x and they all works because of this. 4. The VoIP subsystem will then attach to this "VRF". That's why in the ONU, you can use Ping or Traceroute tool and it will ask you to select which "VRF" to use. As long as you add the static route correctly, with the IP address and subnet as I stated, not larger, not smaller, it should work. Try to ping the IP address to make sure you get a reply. If you don't get a reply, your static route setup is wrong. If it didn't work, can you do a packet capture to make sure TM call server actually reply to your SIP packet? The configuration for SIP server: Primary Outbound Proxy Server: 10.225.15.220 Secondary Outbound Proxy Server: 10.225.17.220 Both port 5060. enduser and hasmidzul_jojo liked this post
|
|
|
Mar 7 2025, 03:10 PM
|
|
Senior Member
1,207 posts Joined: Aug 2018
|
A follow up explanation of why I do things like that for those who are into networking but don't quite get the whole static route thing.
On a high level, what we are doing is leak a very specific route from the VoIP VRF, to the global VRF of the ONU. Then we perform the forwarding between global VRF of the ONU and global VRF of the router. The exact route we are leaking is 10.225.0.0/16. I derive this from the IP address of the call server. Most of the vendor call it global VRF. Mikrotik call it main VRF. They are the same. You can refer to this website for the explanation since they have a static route example which I am using: https://networklessons.com/cisco/ccie-routi...e-route-leaking. You need to subscribe to read the whole thing but I feel reading the free section is already enough. If you are doing MPLS and BGP you probably already know the rest and don't need to subscribe. |
|
|
|
|
|
Mar 8 2025, 05:28 PM
|
All Stars
11,455 posts Joined: Oct 2007 From: KL
|
QUOTE(soonwai @ Sep 21 2024, 03:33 PM) From Mikrotik forum and working for me too. Hmm, this prob still happening after 6 mths with my Mac mini M1. Didn't test any other device.encryption=ccmp,gcmp,ccmp-256,gcmp-256 to encryption=ccmp,gcmp Now working with FT enabled. RB5009 managing ax2 & ax3. All on 7.18. Mac mini M1 on macOS 15.3.1 This post has been edited by soonwai: Mar 8 2025, 05:29 PM |
|
|
May 2 2025, 05:02 PM
Show posts by this member only | IPv6 | Post
#3295
|
|
All Stars
11,455 posts Joined: Oct 2007 From: KL
|
mhwee asked about VLAN config for VLAN400 in pm. I set mine long time ago so might not be the 100% correct way to do it. Better I post here for contributions from others. Mine was done mostly by googling & trial & error until it worked.  His config is sfp01 to Unifi, ether1 to LAN and ether8 to VOIP.  If using bridge for the vlans. It'll be something like this. CODE /interface vlan add interface=sfp01 name=vlan400 vlan-id=400 add interface=sfp01 name=vlan500 vlan-id=500 /interface bridge add name=bridge1 add name=bridge400 /interface bridge port add bridge=bridge400 ingress-filtering=no interface=vlan400 add bridge=bridge400 ingress-filtering=no interface=ether8 Something like that. Can also use bridge vlan for this. CODE /interface bridge vlan add bridge=bridge1 tagged=ether3-trunk1,bridge1 untagged=ether1,ether4,ether5,ether6,ether7,ether8,sfp-sfpplus1 vlan-ids=50 add bridge=bridge1 tagged=ether2-wan1,ether3-trunk1,bridge1 vlan-ids=600 add bridge=bridge1 tagged=ether2-wan1,bridge1 vlan-ids=500 where: VLAN50 is local LAN traffic ether2-wan1 is to unifi modem ether3-trunk1 is a trunk for VLAN50 & VLAN600 to another part of the house. This post has been edited by soonwai: May 2 2025, 05:03 PM ahlong liked this post
|
|
|
May 2 2025, 07:04 PM
|
Junior Member
241 posts Joined: Sep 2005 From: Johor
|
soonwai https://youtu.be/H6cIZ9JY7HI    In order to be able to manage GPON stick at a difference network range of 192.168.1.0 from my own 192.168.88.0, i add addresses and nat as if access from 192.168.1.88/24. This GPON ip is 192.168.1.1   I have managed to get internet on, but still struggle to figure out on how to make phone work with my separate ATA gateway. playing around with VLAN400 settings *EDIT. It works for both internet and voip already, as in below This post has been edited by mhwee: May 3 2025, 11:04 PM ahlong liked this post
|
|
|
May 2 2025, 09:28 PM
|
|
Junior Member
241 posts Joined: Sep 2005 From: Johor
|
I have made voip working.
https://youtube.com/shorts/c94a_dFTuhk It is only the voip setting i put it wrongly previously.  @soonwai I leave ingress-filtering=yes as default. it is still work like untag vlan. Thanks anyway. With this, i can totally replace Skyworth GN630V with RB5009+GPON stick+ATA The max download speed is the same This post has been edited by mhwee: May 3 2025, 04:34 PM |
|
|
May 3 2025, 03:03 AM
Show posts by this member only | IPv6 | Post
#3298
|
Senior Member
2,399 posts Joined: Jul 2009 From: /dev/null
|
QUOTE(mhwee @ May 2 2025, 07:04 PM) I have managed to get internet on, but still struggle to figure out on how to make phone work with my separate ATA gateway. playing around with VLAN400 settings in our TM Control Panel, can tell apart from obvious ONU and Nijika as real ONU, see you using older revision V06 I presume? This post has been edited by Anime4000: May 3 2025, 03:04 AM |
|
|
May 21 2025, 09:51 PM
Show posts by this member only | IPv6 | Post
#3299
|
|
All Stars
11,455 posts Joined: Oct 2007 From: KL
|
The Mikrotik AI bot actually not bad. No need for setup guides already.
I use this prompt. "Can you help me with a script to setup my internet connection? My ISP gave me the following info: Internet is using vlan 500. IPTV is using vlan 600. Connection is pppoe with username and password for authentication. WAN ip is dynamic. Router is acting as the gateway and firewall. I'd also like a basic set of firewall rules. My mikrotik router has 5 ethernet ports and the ISP modem is connected to ethernet port 5 and the TV is connected to port 3. The remaining ports are connected to my LAN. Please use bridge vlan filtering." The generated script seems to be OK at a glance. If "Please use bridge vlan filtering." is left out, it will use the alternative way of vlan & bridges. » Click to show Spoiler - click again to hide... « |
|
|
May 30 2025, 09:35 PM
Show posts by this member only | IPv6 | Post
#3300
|
|
Junior Member
813 posts Joined: Jul 2008 From: Kota Kinabalu <-> Kuala Lumpur
|
HEX S 2025 model
|
| Change to: |  0.0239sec
 0.46
 6 queries
 GZIP Disabled
Time is now: 2nd December 2025 - 04:40 AM |
Quote