Just received an email, that of the next version, use-ip-firewall will also have an effect on IPv6 packets.
Hopefully that solves that issues.
Showing posts with label RouterOS. Show all posts
Showing posts with label RouterOS. Show all posts
Wednesday, April 8, 2009
Mikrotik Queues broken AGAIN !! (2/3)
Enlightenment.
I cracked the issue. Finally i found some time to sit down and test, when this is happening, because I only saw it when testing against our own speedtest.net server, but the queues were properly working against other speedtest servers.
So what is different between our network and others ? *PLING* IPv6 !!!!!!
And yes, correctly. Once I disabled IPv6 on my laptop and did the speedtest, the queues will work. Once I enabled IPv6, do the speedtest, the queues won't work.
Basically it means, that Mikrotik is not shaping the whole interface, but only the IPv4 traffic inside it. Should a customer get the brilliant idea to run IPX, Appletalk or whatnot .. well .. or IPv6, like we do, he's got full throttle no limit and the license to bust our network. Fortunatly this only applies to enterprise customers on our layer2 MPLS network right now, but what a bummer.
I cracked the issue. Finally i found some time to sit down and test, when this is happening, because I only saw it when testing against our own speedtest.net server, but the queues were properly working against other speedtest servers.
So what is different between our network and others ? *PLING* IPv6 !!!!!!
And yes, correctly. Once I disabled IPv6 on my laptop and did the speedtest, the queues will work. Once I enabled IPv6, do the speedtest, the queues won't work.
Basically it means, that Mikrotik is not shaping the whole interface, but only the IPv4 traffic inside it. Should a customer get the brilliant idea to run IPX, Appletalk or whatnot .. well .. or IPv6, like we do, he's got full throttle no limit and the license to bust our network. Fortunatly this only applies to enterprise customers on our layer2 MPLS network right now, but what a bummer.
Thursday, March 26, 2009
Mikrotik Queues broken AGAIN !! (1/3)
I discovered, that the queues in RouterOS can be escaped again. The particular setup, where I'm seeing this is a VPLS circuit, bridged to a lan-port. Queuing is established in the manner, as they suggest, by enabling firewalling for bridging and create the queue on the bridge.
So I send them a mail on the 22nd (4 days ago) about that and raised a ticket. Answer today is, they can't reproduce the problem. Guess I've got to figure that one out myself.
So I send them a mail on the 22nd (4 days ago) about that and raised a ticket. Answer today is, they can't reproduce the problem. Guess I've got to figure that one out myself.
Friday, January 16, 2009
MPLS and RouterOS 3.19
With the release of RouterOS 3.19 and the last bugs fixed that affected us in the MPLS code, we've actually completed most of the change in the core network.
The changes to VPLS circuits on the core links has added another 15% bandwidth and cut latency into half or better.
The changes to VPLS circuits on the core links has added another 15% bandwidth and cut latency into half or better.
Friday, January 9, 2009
Mikrotik RouterOS 3.18 release
The long awaited RouterOS 3.18 release came out today.
Part of the features, I was looking for was number one on the changelog list "*) IPv6 address auto-configuration: added recursive DNS server option;", but also various fixes in mpls-test and routing-test.
So, we'll start upgrading the lab-routers and DOH !!!! .. Instead of adding rdns advertisements, RA doesn't work at all. No IPv6 autoconfiguration. Let's see how the tests progress, but this is very bad already.
Part of the features, I was looking for was number one on the changelog list "*) IPv6 address auto-configuration: added recursive DNS server option;", but also various fixes in mpls-test and routing-test.
So, we'll start upgrading the lab-routers and DOH !!!! .. Instead of adding rdns advertisements, RA doesn't work at all. No IPv6 autoconfiguration. Let's see how the tests progress, but this is very bad already.
Tuesday, October 21, 2008
RIPng broken
Well, it looks like RIPng is broken in RouterOS, when using Vlan's on the interfaces. It has the dynamic routes within the RIPng section, but doesn't redistribute them to the kernel-routing space.
Yuk. No IGP for a while until that is fixed. I will look at the OSPFv3 stuff in the next days, but that needs extensive testing on both Quagga and Mikrotik side, before I'll deploy that.
Got a mail back, that they'll fix it in one of of the next versions.
Yuk. No IGP for a while until that is fixed. I will look at the OSPFv3 stuff in the next days, but that needs extensive testing on both Quagga and Mikrotik side, before I'll deploy that.
Got a mail back, that they'll fix it in one of of the next versions.
Friday, October 17, 2008
Mikrotik RouterOS 3.15 release
The release of ROS 3.15 yesterday fixed quite a few bugs, that affected us.
IPv6 and IPv4 address families can now co-exist on the same BGP session (routing-test). That means, if our testing goes well, we'll be announcing IPv6 routes on INEX Vlan#2, too, very soon.
BIOS 2.18 fixes the issue, where 2.17 was killing ether3 on RB600 and ether2 and 3 on RB500 series.
The issue, that one couldn't disable dns resolving on traceroutes was really annoying for diagnostics as well.
They however broke adding static IPv4 routes via WinBox instead :( and my own RB600 router went into a non-recoverable state during upgrade. Something I haven't seen in a very long time. Netinstall and reload of backup fixed that though.
IPv6 and IPv4 address families can now co-exist on the same BGP session (routing-test). That means, if our testing goes well, we'll be announcing IPv6 routes on INEX Vlan#2, too, very soon.
BIOS 2.18 fixes the issue, where 2.17 was killing ether3 on RB600 and ether2 and 3 on RB500 series.
The issue, that one couldn't disable dns resolving on traceroutes was really annoying for diagnostics as well.
They however broke adding static IPv4 routes via WinBox instead :( and my own RB600 router went into a non-recoverable state during upgrade. Something I haven't seen in a very long time. Netinstall and reload of backup fixed that though.
Saturday, October 11, 2008
Ballindereen basestation rebuild
On wednesday evening the omni in our Ballindereen basestation failed, cause yet unknown, but the board did just not respond anymore. Unfortunatly it's been lashing down since then and until today. The roads on the Galway - Roscommon road were flooded this morning.
You'd say, what has that to do with it? Well, this is a 100ft castle tower with a 20ft pole on the roof and the board we need to replace is at the top of the pole (see left, plastic box on top of the pole). It isn't an easy job to do so and the roof is impossible to climb in wet conditions, let alone dangerous.
The majority of the customers were moved to other basestations in the meanwhile.
Some time after midnight today it stopped raining. We used the nice day to basically rip the whole base apart. It's 2 1/2 years old and needed a overhaul. A upgrade was also planned for some time, so that's what we've been at today.
The (not final) result is the picture on the right. Obviously missing the panels for the inter-base links, yet.
Also the boards aren't mounted on the pole anymore, but reside in the box on the wall with coax to the antennas. That way, we'll be able to maintain them in bad weather. This is something we changed about a year ago, but some of the older bases haven't had the rework done yet. Once finished, a battery and trickle charger move into the empty slot and that'll be it then. This base consists of 1 legacy omni, 3 sectors, and 4 point-to-point links, 4 embedded routers in total. And with the upgrades, it'll be fully MPLS capable.
Friday, October 10, 2008
Mikrotik IPv6 BGP
Ok,
it looks as it's working anyhow, but i need to create different instances with different router-id's to have two sessions between two routers. Doesn't matter that they are different address-families. What a pain.
The as-path filters that i filed a bug report in August about are still not fixed and it looks like, that I can't filter on IPv6 prefixes, either.
Looks like I'm going to kick this box to h*** soon and replace it with something decent. Mikrotik might be good at wireless, but in regards to routing, it doesn't look pretty.
it looks as it's working anyhow, but i need to create different instances with different router-id's to have two sessions between two routers. Doesn't matter that they are different address-families. What a pain.
The as-path filters that i filed a bug report in August about are still not fixed and it looks like, that I can't filter on IPv6 prefixes, either.
Looks like I'm going to kick this box to h*** soon and replace it with something decent. Mikrotik might be good at wireless, but in regards to routing, it doesn't look pretty.
Subscribe to:
Posts (Atom)