RouterOS Upgrade Process

Monday, August 23rd, 2010
The process of upgrading RouterOS is very simple and, yet, is still somewhat confusing for some folks.  I will attempt to detail some of the methods as well as some of the finer nuances here. (more…)

When AND Why Proxy-ARP

Tuesday, June 1st, 2010
In my training classes, I go to great lengths to teach when and why proxy arp is necessary on an interface.  I have seen (and answered) numerous questions on my mailing lists regarding proxy arp and it seems it is time to create an article that I can just point people to.  I will focus this article on Mikrotik RouterOS (as many of my articles are), but it should be noted that proxy arp is not unique to Mikrotik. (more…)

Submit your ideas for new tutorials

Saturday, February 27th, 2010
I would LOVE to hear from those of you who read this blog. Please leave comments for this article expressing your desires for what you'd like to see me include as a tutorial. I can make you no promises that I will be able to write up every idea, but I will try to incorporate some of them. Also, I'd like to hear from you if you've found these tutorials useful. It is often difficult to determine from the traffic logs how useful these tutorials are. If you've found my writings useful, let me know. If you think I should spend my time elsewhere, I'd like to hear that opinion as well. (Well, I really DON'T want to hear it, but you are welcome to tell me if that is your opinion. 🙂 ).

To tag or not to tag…that is the question!

Wednesday, February 24th, 2010
At least it is a question I'm often asked about how the Mikrotik Router treats vlan traffic.  In this article, I will address some of the more common types of configurations and help you to understand exactly where you will, or will not, see a packet that is tagged. (more…)

Point to Point Mikrotik

Sunday, December 13th, 2009
Routed or bridged, there are few back haul radios available that can match the Mikrotik RouterOS software for features, tools, flexibility and cost.  With features and flexibility comes complexity and confusion.  I wanted to help dispel some of that confusion with this article.  You may have lots of choices to make, but most of these choices are relatively simple decisions.  And so, brave reader, proceed... (more…)

How to bridge distant networks using RouterOS and PPtP

Saturday, December 5th, 2009
Mikrotik has recently added MPLS to their already amazing RouterOS product.  MPLS offers some really nice options for bridging networks that exist within a single administrative domain.  But, what can you do if you need to bridge 2 networks that do NOT exist within the same administrative domain?  This article discusses how to create a bridge using another fairly recent upgrade in RouterOS.  Read on... (more…)

QOS Implementation details with RouterOS

Monday, November 23rd, 2009
About 2 months ago, I began experimenting with an approach to QOS that mimics much of the functionality of the NetEqualizer (http://www.netequalizer.com) product line.  As I was experimenting with some various techniques for limiting bandwidth utilization, I realized that the scope of the project I had undertaken was WAY more than I had initially bargained for.  I dedicated more and more time to this project, however, because I was seeing some real results from my tests.  While most of my articles here have been tutorial in nature, this one is a little different.  I have a lot of time invested in my approach to handling QOS on a network and have made this a commercial offering.  I will attempt to describe some of the functionality in this short article. (more…)

Mikrotik’s True Full Duplex Wireless – NStreme Dual

Sunday, April 19th, 2009
There are numerous full duplex options available on the market today when you go looking for wireless devices.  Most of these devices will cost in the multiple thousands of dollars.  With NStreme Dual, Mikrotik's proprietary FDX protocol, you can build a true full duplex link for under $1000.  This article is a tutorial walkthrough on configuring an NStreme Dual link, along with some helpful hints on how to tweak it. (more…)

Spam trojan detection with Mikrotik RouterOS

Sunday, December 14th, 2008
One major issue facing ISPs today is the difficulty in obtaining sufficient IP space for every customer.  For many, it's a matter of cost and for some it is simply a choice to NAT their customers behind their router/firewall.  For the most part, NAT behaves much better today than in days gone by, but there is one issue that is very problematic for those that choose to NAT their customers.  There is a significant proliferation of a new generation of trojans that turns  a user's computer into a menace to the Internet community.  This new generation of trojans (collectively known as "botnets") can cause problems for not only the owner, but for other customers of the ISP that chooses to NAT.  Since a significant number of these botnets are used to send spam all over the internet, we, as service providers, have to find a way to protect our networks from being blacklisted, while still allowing our customers to utilize the internet in a way that does not set too many boundries.  In this article, I will discuss two approaches to setting these limits which have shown to be both effective AND relatively mantenance free. (more…)