What's new in 5.11 (2011-Dec-12 11:05):
*) hotspot - fixed https login (broken in v5.9);
*) eoip: swap tunnel id bytes to be compatible with previous versions;
*) eoip,gre: fix setting config
What's new in 5.10 (2011-Dec-09 11:49):
*) snmp - provide extended interface statistics when availabe;
*) dhcpv6 client - use link-scoped multicast address;
*) dhcp client - renew dhcp lease on ethernet link up event;
*) ipv6 gre tunnel added (/interface gre6) supports ip and ipv6 encapsulation;
*) ip gre tunnel supports ipv6 encapsulation;
*) allow setting bigger trafflow cache;
*) improved RB1200 stability when using ether9,ether10;
*) fixed RB1200 stability issues when using crypto hardware acceleration;
What's new in 5.9 (2011-Nov-29 14:32):
*) ssh - fix mempry leak when client uses public key authentication;
*) ppp - added support for new RADIUS attribute MT-Delegated-IPv6-Pool (#22);
*) ntp client - faster initial synchronization;
*) ppp - added support for dhcpv6 pd;
*) wireless - nv2 improvements for 11n cards;
*) hotspot - fixed login page to better handle big load;
*) wireless - change default rate-selection to advanced;
*) snmp - fix simple queue table;
*) webfig - fixed problem were users wihtout sensitive permission could download
senstive files (like backups);
*) webfig - fixed problem were table filters did not work allways as expected;
*) metarouter - fixed problem where local routeros instances did not boot;
*) dhcpv6 - client and server moved to respective /ipv6 dhcp- entry;
*) dhcpv6 server - changed how bindings are defined, users should add
missing static binding information after upgrade;
*) sms - send sms now uses channel from config if it's not specified in the command;
What's new in 5.8 (2011-Nov-01 10:14):ما الجديد في نسخة ميكروتك 5.11
*) snmp - fixed problem where some rows were missed
in a few tables when walking them;
*) ipv6 - added support for router address assignment from ipv6 pools;
*) routerboard - fix RB400/RB700 bootloader upgrade problem
*) radius - respond to CoA & Disconnect requests with the same ip address
it was received to;
*) improved webfig look;
*) webfig - do not allow to show secret passwords if user does not have
sensitive permission;
*) webfig - allow to customize all item names in skins;
*) updated timezone information;
*) lcd - added support for new ax93304 model and nexcom LCDs;
*) ppp - added support for ipv6 pools;
*) ppp - added support for Framed-IPv6-Pool radius attribute;
*) dhcp client - fix high CPU usage when interface is disabled;
*) snmp - trap interface filter, multiple trap targets;
*) dhcp - added server support for IPv6 prefix delegation from /ipv6 pool,
client support is also added;
*) ipsec - support authorization with raw RSA keys;
*) added ipv6 prefix pools;
*) winbox - now copied item in ordered list is added right after it's original;
*) pcq - fixed possible crash;
26 December 2011
تم اصدار النسخة الجديدة من ميكروتك 5.11
29 October 2011
الفرق بين RB750 و RB750G و RB750GL
Router Board 750
1-يحتوي على معالج 400MHz + 32MB RAM 2- MikroTik RouterOS v4, Level4 license
3- تقدر تعمل دمج من خطين ولحد اربع خطوط 4- الجهاز انتاج الشركه يعنى سوفتوير وهاردويراصلي
Router Board 750GL
http://routerboard.com/RB750GL
Router board 433AH
http://routerboard.com/RB433AH
Router Board 450G
http://routerboard.com/RB450G
Router board 493
http://routerboard.com/RB493
1-تلاته فتحات MiniPci لتركيب الكروت 2- RouterOS License Level 5
3- بروتوكولات التوجيهRIP2، OSPF. وBGP4 4- CPU speed 680Mhz + 256MB RAMRouter board 493G
http://routerboard.com/RB493G
تم اصدار النسخة الجديدة من ميكروتك 5.7
What's new in 5.7 (2011-Sep-14 10:54):
ما الجديد في نسخة ميكروتك 5.7
*) ovpn client - fixed crash when user name or password together
were longer than 11 symbols;
*) sstp client - added an option to skip
server address verification from certificate;
*) fixed problem - router crashed sometimes when using USB modem;
*) userman - show overall totals, show user totals if user has more
than one entry;
*) lcd - retrieving '/system lcd page' configuration did not work with
hundreds of interfaces;
*) webfig - added ability to reorder fields in skins;
*) webfig - added ability to add/remove new tabs & separators in skins;
*) webfig - added ability to add any field to special status page;
*) webfig - fixed problem when user sometimes got logged out with message
"internal server error";
*) webfig - logout didn't log user out from router;
*) webfig - added System/Password for changing user's own password;
*) system reset-configuration - if keep-users is specified ssh user keys are
preserved as well;
*) ipsec - new exchange mode (main-l2tp) for l2tp tunnel users to allow
FQDN as a peer ID with preshared key authorization in main mode;
*) ssh - fix possible server crash when connection is interrupted;
*) improved ipv4 forwarding performance on all boards with simple configuration
by up to 30%;
*) add passthrough setting to change-dscp, change-ttl, change-mss,
strip-ipv4-options, change-hop-limit mangle targets;
*) ipsec - fixed problem of RB1200 rebooting when large amount of UDP traffic is
sent through IPsec;
*) sniffer - added more useful packet filtering options, also available as quick
mode command parameters;
What's new in 5.6 (2011-Aug-02 14:45):
*) ipsec - fix a problem which could silently remove a manual policy
from the kernel if the peer configuration has 'generate-policy' set to 'yes'
and if the policy matches with the traffic selector of a SA being removed
on the responder side, also fix a problem that some generated policies
may stay in kernel after relevant SA was removed;
*) profiler - correctly show idle task on RB1200;
*) webfig - fix dual nstreme interface setting lists;
*) webfig - fix Wireless Access/Connect List editing;
*) webfig - fix bitrate presentation in simple queues (show 1.5M as 1500k);
*) fixed micro-sd access on RB400 not to stop everything else;
*) sstp - when server certificate verification is enabled for sstp client,
it will additionally compare IP addresses found in certificate's
subjectAltName and subject CN to the real address, DNS names are ignored;
*) tftp - optional block counter roll-over support;
*) hotspot - fixed possible crash in case of multiple Radius CoA requests;
*) userman - speedup user deletion with big log size,
note that first userman startup after this update
may take few minutes if the log size is in hundreds of MB;
*) mpls - added support for enabling/disabling control word usage for
BGP based VPLS tunnels (both - Cisco and RFC 4761 based);
*) mpls - added support for auto-discovery of VPLS NLRI encoding method
for Cisco BGP based VPLS tunnels;
*) winbox - sometimes after disconnecting, winbox could not connect back;
*) gre,ipip tunnels - new dscp parameter (0..63 or inherit);
*) ping - new dscp parameter;
What's new in 5.6:
*) bgp - allow parallel operation of RFC4761 "l2vpn" and
draft-ietf-l2vpn-signaling "l2vpn-cisco" BGP VPLS variants inside
single peering session.
*) console - ":resolve" command now returns IPv6 address for domain names
that have only IPv6 address records;
*) snmp - provide ups alarms for bad or low battery or for ups overload;
*) route - fixed SNMP getnext queries, were failing to find next
prefix in the OID order;
What's new in 5.5 (2011-Jun-20 14:43):
*) console - resolved problem that appeared in version 5.4. it caused
'sup-output' command to crash console on systems with many ethernet
interfaces or very long interface names.
*) serial console - do not automatically send login prompt to attached
usb modem if no other serial port exists;
*) winbox - fixed scrolling in terminal window;
*) webfig - encrypt whole session even in non https mode;
*) do not show contents of skin files to users without
'sensitive' permission;
What's new in 5.4 (2011-May-27 13:18):
*) webfig - do not try to open many windows
if first open was blocked by browser;
*) RB4xx ether1 port flapping fixed;
What's new in 5.3 (2011-Apr-29 15:05):
*) snmp - fix table get next with partial row keys;
*) snmp - respond from correct source address when multiple exist;
*) snmp - fix possible interface disappearing when walking ipNetToMediaTable;
*) snmp - fix possible memory leak;
*) ipsec - flush SAs and inform peer when rebooting or shutting down;
*) openvpn - fixed crash;
*) implemented terminal in WebFig;
*) implemented Skin mode in WebFig;
*) added support for more Broadcom Tigon3 based ethernet cards;
*) winbox - fixed byte to KiB, MiB and GiB conversion
(digit after decimal point could be a bit off);
*) console - align numbers right in tabular print output;
*) fixed RB450G, RB750G switch chip slow ethernet problem;
*) fix vlan disable not taking effect;
*) userman - fix Authorize.Net payment bypass;
*) userman - added profile option to overwrite shared users option
in user settings when profile is activated;
*) userman - fix db backup if it's size exceeds 2G;
*) wireless - merged ht-extension-channels in to channel-width;
What's new in 5.2 (2011-Apr-21 09:36):
*) fixed webfig;
*) console - fixed problem with supout file generation and export that
appeared in version 5.1, it was causing console to enter busy loop
on some boards;
*) ssh client - added source address and remote command options;
*) user manager - added /tool usermanager profile;
What's new in 5.1 (2011-Apr-08 12:55):
*) ipsec - fix SA lifetime display when timezone offset does not equal 0;
*) ipsec - now default DPD interval is 2 min for new configurations;
*) webfig - make bandwidth-test work;
*) fixed problem - wireless package got disabled after upgrading from v4;
*) sstp - fix problems on multicore systems;
10 April 2011
MPLS over PPPoE
Overview
This example shows how to set up MPLS network over PPPoE interfaces.Example network
As you ca see from illustration above, router R2 is pppoe server and routers R3 and R4 are pppoe clients. Our goal is to run MPLS on this network.
When running MPLS over PPPoE or other tunnels you have to deal with MTU issues. Tunnels add more overhead (in our case PPPoE adds 8 more bytes). To be able to forward 1500 byte IP packet without fragmentation we will need interface that supports
- 1500 (IP frame)
- + 8 (PPPoE header)
- + 4 (MPLS header)
- = 1512bytes
Lets say that R2 is RB433 and pppoe clients are connected to ether2. From the table you can see that max supported l2MTU for this interface is 1522.
It means that router will be able to forward packets without fragmentations.
Note: Since v5.0 is added proper support for MPLS over PPP. Now by default MPLS is disabled, to enable it go to
/ppp profile menu and set use-mpls=yesConfiguration
R1
/system identity set name=R1 # add loopback interface /interface bridge add name=loopback /ip address add address=10.255.255.1/32 interface=loopback add address=172.16.0.1/30 interface=ether1 #set up ospf /routing ospf instance set default redistribute-connected=as-type-1 /routing ospf network add network=172.16.0.0/30 area=backbone # set up MPLS/LDP /mpls interface set 0 mpls-mtu=1512 /mpls ldp set enabled=yes lsr-id=10.255.255.1 transport-address=10.255.255.1 /mpls ldp interface add interface=ether1
R2
Note that we have to add static interface for each PPPoE clients, because later on these interfaces will be added to LDP configuration./system identity set name=R2 # add loopback interface /interface bridge add name=loopback /ip address add address=10.255.255.2/32 interface=loopback add address=172.16.0.2/30 interface=ether1 # set up pppoe /interface pppoe-server server add interface=ether2 service-name=mpls max-mru=1500 max-mtu=1500 /ppp secret add name=mplsR3 service=pppoe remote-address=192.168.0.2 local-address=192.168.0.1 add name=mplsR4 service=pppoe remote-address=192.168.0.3 local-address=192.168.0.1 /interface pppoe-server add name="mplsR3" user="mplsR3" service="mpls" add name="mplsR4" user="mplsR4" service="mpls" #set up ospf /routing ospf instance set default redistribute-connected=as-type-1 /routing ospf network add network=172.16.0.0/30 area=backbone add network=192.168.0.2/32 area=backbone add network=192.168.0.3/32 area=backbone # set up MPLS/LDP /mpls interface set 0 mpls-mtu=1512 /mpls ldp set enabled=yes lsr-id=10.255.255.2 transport-address=10.255.255.2 /mpls ldp interface add interface=ether1 add interface=mplsR3 add interface=mplsR4
R3
/system identity set name=R3 # add loopback interface /interface bridge add name=loopback /ip address add address=10.255.255.3/32 interface=loopback # set up pppoe /interface pppoe-client add name="mplsR3" max-mtu=1500max-mru=1500 interface=ether2 user="mplsR3" service-name=mpls #set up ospf /routing ospf instance set default redistribute-connected=as-type-1 /routing ospf network add network=192.168.0.1/32 area=backbone # set up MPLS/LDP /mpls interface set 0 mpls-mtu=1512 /mpls ldp set enabled=yes lsr-id=10.255.255.3 transport-address=10.255.255.3 /mpls ldp interface add interface=mplsR3
R4
/system identity set name=R4 # add loopback interface /interface bridge add name=loopback /ip address add address=10.255.255.4/32 interface=loopback # set up pppoe /interface pppoe-client add name="mplsR4" max-mtu=1500 max-mru=1500 interface=ether2 user="mplsR4" service-name=mpls #set up ospf /routing ospf instance set default redistribute-connected=as-type-1 /routing ospf network add network=192.168.0.1/32 area=backbone # set up MPLS/LDP /mpls interface set 0 mpls-mtu=1512 /mpls ldp set enabled=yes lsr-id=10.255.255.4 transport-address=10.255.255.4 /mpls ldp interface add interface=mplsR4
Testing
At first make sure pppoe clients are connected successfully[admin@R2] /ppp active> print Flags: R - radius # NAME SERVICE CALLER-ID ADDRESS UPTIME ENCODING 0 mplsR3 pppoe 00:0C:42:21:F1:EA 192.168.0.2 46m 1 mplsR4 pppoe 00:0C:42:21:F1:ED 192.168.0.3 46m55sCheck if OSPF is running properly
[admin@R2] /routing ospf neighbor> print 0 router-id=10.255.255.1 address=172.16.0.1 interface=wlan1 priority=1 dr-address=172.16.0.2 backup-dr-address=172.16.0.1 state="Full" state-changes=5 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=5m19s 1 router-id=10.255.255.3 address=192.168.0.2 interface=mplsR3 priority=1 dr-address=0.0.0.0 backup-dr-address=0.0.0.0 state="Full" state-changes=4 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=49m33s 2 router-id=10.255.255.4 address=192.168.0.3 interface=mplsR4 priority=1 dr-address=0.0.0.0 backup-dr-address=0.0.0.0 state="Full" state-changes=4 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=50m31sEnsure LDP is running
[admin@R2] /mpls ldp neighbor> print Flags: X - disabled, D - dynamic, O - operational, T - sending-targeted-hello, V - vpls # TRANSPORT LOCAL-TRANSPORT PEER SEN 0 DO 10.255.255.3 10.255.255.2 10.255.255.3:0 no 1 DO 10.255.255.4 10.255.255.2 10.255.255.4:0 no 2 DO 10.255.255.1 10.255.255.2 10.255.255.1:0 no
[admin@R2] /mpls forwarding-table> print Flags: L - ldp, V - vpls, T - traffic-eng # IN-LABEL OUT-LABELS DESTINATION I NEXTHOP 0 expl-null 1 L 20 192.168.0.1/32 m 192.168.0.3 2 L 21 10.255.255.4/32 m 192.168.0.3 3 L 22 10.255.255.3/32 m 192.168.0.2 4 L 23 10.255.255.1/32 w 172.16.0.1 5 L 24 192.168.88.0/24 w 172.16.0.1Now we can check if packet switching is working as expected
[admin@R4] /mpls ldp neighbor> /tool traceroute 10.255.255.1 src-address=10.255.255.4
ADDRESS STATUS
1 192.168.0.1 13ms 19ms 143ms
mpls-label=23
2 10.255.255.1 38ms 15ms 14msVPLS over PPPoE
Overview
This example extends previous setup by connecting two local networks using VPLS tunnelExample network
Subscribe to:
Posts (Atom)