mikrotik lcd touch screen made in china

2023-01-03 12:32:11

RouterBOARD 2011U and CCR series devices are equipped with a resistive touchscreen, for quick access to device stats and simple configuration options. Touchscreen requires pressure against the surface to register a touch, therefore light swipes and quick/short taps might not get registered (as opposed to a capacitive touchscreen commonly found on phones). If you find trouble operating the screen with your finger, you can also try a stylus, or opposite end of a pen.

Before the LCD touchscreen can be used, it needs to be calibrated at least once. After the first successful calibration, data is stored on the router. If no calibration values are present, calibration process will start automatically.

Take-screenshot function allows to create BMP image of currently displayed LCD screen and saves it in File List with specified name. Screenshots without file name are not saved, screenshots with an existing file name are overwritten.

Interfaces menu provide configuration for interface display timing in Stat Slideshow. Up to 10 additional (non-physical) interfaces can be added to the LCD.

Maximum interface speed that is used to determine bandwidth usage in All interface graphs and Interfaces screens. "auto" value can be set only for physical interfaces.

A Page is an screen that can contain up to 12 interface bar graphs. Sub-menu allows to configure which interfaces are shown in a page. Up to 5 pages can be added to all interface graph screen and up to 12 interfaces per page. To add an interface to a page, it first must be added under /lcd interfaces sub-menu.

PIN code number allows to protect sensitive menus on the LCD screen. The PIN number will be asked if Read-Only mode is disabled and you add an IP address, reset or reboot the router. Default PIN is 1234

Since v6.0, LCD has a menu structure. Menu screens consist of buttons that are used to navigate the menus. A scrollbar is shown on the right side of the screen if it does not fit on the actual display. The screen can be dragged up or down to access more options if they are available. At the top of each menu screen is a "Back" button that jumps to the previous screen.

If the router has default configuration - user named "admin" with no password, then a warning on LCD will appear. This screen shows IP"s assigned to the interfaces which could be used to connect to the router.

Interfaces menu displays all the Ethernet and Wireless interfaces. Bandwidth usage is shown similar to the All interface graph screen. From the Interfaces screen you can choose a specific interface to look at.

If a tap lands into the top right corner of the screen (square box 1/4 of the screen height), info time interval is changed: Min -> Hour -> Daily -> Weekly -> Min...

All interface graph screen shows the RX/TX bandwidth usage about all interfaces. The max values are calculated like this - for Ethernet interfaces it"s the negotiated rate or set speed. For wireless interfaces it"s calculated from used band, channel-width and chain count using the theoretical values. The goal of this screen is to see how values are related to each other for a single interface.

Stat Slideshow screen is similar to the "Stats" screen, but the interfaces are switched after they timeout. Settings for slideshow are stored in RouterOS submenu /lcd interface

These screens are only available when Read-Only mode is disabled. To access any of the screens, the Pin number must be entered. If the Pin authentication is successful, the user must confirm the desired action by pressing the "Yes" button, or cancel by pressing - "No".

mikrotik lcd touch screen made in china

I"ve just bought my first MikroTik routerboard (RB2011UAS-2HnD-IN) and I have to say I"m really disappointed. It"s working, it"s working quite well, but... the routerboard doesn"t fit into it"s casing. How can this happen?

Josh: AFAIK In one of these links to czech forum is an email from our distributor, that this is a defective series and Mikrotik will change these messed up routerboards for new ones - but we would have to wait for month or two (damn).

mikrotik lcd touch screen made in china

Cloud Core Router 1036 with Tilera 1.2Ghz 36-core CPU, 4GB RAM (2x2GB), 4xSFP, 12xGbit Ethernet, RouterOS L6, 1U rackmount case with touchscreen LCD, power supply

Cloud Core Router 1016 with Tilera 1.2Ghz 16-core CPU, 2GB RAM (2x1GB), 12xGbit Ethernet, RouterOS L6, 1U rackmount case with touchscreen LCD, power supply

Our tests show that Cloud Core Router series can push wire speed throughput via all ports (up to 16Gbps full duplex on CCR1036-12G-4S, up to 12Gbps on CCR1016-12G), making it the fastest MikroTik product ever made. Pre-production batches for evaluation will arrive from the factory in ~two weeks.

Yesterday I received the CCRs, as you can see from my previous post. I was very happy and couldn"t wait this night to install it. At this very moment, I"m sitting at our NOC. We just replaced our Core Mikrotik router with one CCR. The old router is quad core xeon Portwell server (Power Router 2200).

Well, this is not acceptable.... Without router reboot or anything similar, the system name has reset to default (which is something I can live with). But, ALL users and their passwords have disappeared! The default admin/no_password user was present instead!!!! Very serious security problem, though. I set again the same users and disable the admin user. I hope so that this will not happen again. Since I"m using MikroTik (and it is really a long time ago) I never experienced something like this.

Would it be possible for Mikrotik to provide a sample config, that could be run by end-users to evaluate what we are using now. I would be interested in purchasing 4 of the CloudCoreRouters is I knew they would be faster then what we use now.

Thanks Mikrotik, I got my first two on Monday and am starting to play. Do you have ETA for full release of V6? Would like to go full release before going into further testing on live network

Yesterday, I received brand new CCR for testing from friend of mine. So, after loading backup (I mean configuring it to work as previous mikrotik router) I just plugged it into company"s backbone. And it happened again, as previous x86 machine, mighty CCR wasn"t been able to handle 800 pppoe sessions and simple queues, somehow clients has internet working but I"m not able to see any interfaces in winbox and telnet interface. Addresses and queues are assigned to unknown

Its been more than 3 days I have sent a supout file from one of the latest RC7 pre builds for the "fake reboot" bug for CCR to Mikrotik support to be able to spot the bug.

Same here. It is stuck on loading kernel screen. But everything appears to be working, its not actually stuck loading the kernel. Trying the /lcd menu it says the LCD is not connected.

Configuration reset is needed to start LCD working again. Few previous v6.0rc7 builds had LCD problems and simple upgrade to the latest build cannot fix it.

I reset the config with /system reset-configuration and no joy. I installed the build from 12:22:49 today and the LCD shows "starting services" instead of "loading kernel". Still getting "lcd is not connected" when trying to enable it from the CLI.

I really would like a few sets of Mikrotik supplied configs. Maybe a light one with 25 queues/25 mange rules/25 firewall rules, and have a medium 100 of each and a stressful config with a 1000 of each. This way it would be easy to compare apples to apples. Load the desired Mikrotik config, run traffic generator through the unit being tested using RBs on either side, and then we"d have a good set of performance metrics to compare. Until then it just seems like guess work on how these CCR units will compare to current x86 units many of us use.

FYI, the latest build for today fixed the LCD not being connected after I reenabled it. I also haven"t installed a build since the 16th. It could have been fixed somewhere in between.

mikrotik lcd touch screen made in china

The images released were probably just prototype. I can"t see MT negating a feature like the USB from it"s mid level tier lineup. LCD I wouldn"t blame them from dropping, they"re a waste of resource at best.

LCDs are this tiny "premium" touch that makes device look better than it actually is xD I love them. It"s not like they"re super useful but they just feel nice. It"s not common to see LCD screens in this kind of hardware. F5 puts similar LCDs in their newer appliances that are waaaaay more expensive than mtk.

Oh boy, it does look ugly with those rack-mount ears attached. Luckily I can close rack"s door. I wonder if LCD would suffice to maintain minimum level of sexapeal ...

Hmmm Wonder why they did away with the USB and LCD ? USB is great since the facelifted 2011 for those hard to reach places to reach to just write backup config to.LCD is awesome when you use the thing as a type of "managed" fiber converter as you get stats flowing through ISP offloads without needing to log into a machine somewhere and get SNMP stats from it.Could possible be heat or space related ?

Looks good, never used the USB (this unit does have 512mb on board) and the while the LCD is cool, never really used it accept for show. Might use this for a new 1GB fiber service coming into the area.

when i compare mikrotik routers for QoS implementation (firewall filter+mangle + queue-tree/simple-queue ) i have found the most real world representation of performance is the published test Routing 25 ip filter rules with 512 byte size packet i use that test as a guide line to compare devices

As a consultant I have almost none client using mikrotik as a "Pure" router without mangle an queues, because that i prefer to practically ignore the high numbers of other tests, i only keep it in mind to understand architectural limits of the router

i think tilera cpu have been a very good stage of mikrotik devices, but have been clear that the better way to scale performance is to get lest amount of more powerful cores than many more light cores (ccr1072 owners do not let me lie)

Long story short - MikroTik switches don"t support VEPA and I use VEPA. And datacenter switches that support VEPA cost more than MikroTik router that can handle 10G lol. And I want to have stateful firewall. Afaik there are no switches with stateful ACLs. Or at least they"re beyond my reach.

Screen you just posted is not really reliable load depiction. I faced similar issue many times. What Linux refers to as CPU load doesn"t take into account memory bandwidth utilization, cache utilization, i/o utilization and many other aspects. In that thread where I discussed issues with single TCP tunnel performance - none of cores reached more than 30% of load, yet still bottlenecking occured. /system resource cpu is not reliable source of information about system resource utilization. In fact such source doesn"t exist without enabling full performance counters monitoring that would kill performance even more. Not all utilization of resources is monitored in OS at all.

Regarding the lack of USB, as there are a miniPCI-slot for wifi. Russian site with pictures of the inside: https://weblance.com.ua/389-mikrotik-go ... o-4x4.html

Routers on the stick are less common nowadays due to L3 switches that can do simple routing at wire-speed but mikrotik switches can"t do that and suck at routing in general so if we want to use CRS then router on the stick + directly attached gateway (so technically already 11G) will be probably one of more common scenarios. With more switches and more sticks - I believe 14-15G would be perfectly achievable. Please note that you need QoS and other stuff incompatible with fasttrack mostly for internet traffic which most likely won"t exceed 1G, otherwise if you can afford 1G symmetric ISP, you can afford better router. All internal traffic (between servers and users) can be fasttracked.

Exactly. I"m not angry, upset, or disenfranchised with MikroTik, but I was hoping for a full Switch/Router combo. A do-it-all device. So, a little disappointed.

The USR LED, LCD screen, and honestly even the speaker I couldn"t care less about. Maybe a read-only LCD screen can be nice at times, but I never found the "touch input" aspect of it particularly useful (especially since it isn"t capacitive!), and in previous models reports were that it seemed to cause weird CPU load issues so it was best turned off anyway.

So compared to older models it has quite a bit more oomph when it comes to the actual internals. It is just a shame that there is either no SD card or USB like you said, and also that the switch chips might potentially be duds (though maybe MikroTik can manage to pull out a software miracle there, so I"ll take a wait-and-see approach to that one).

Also internal storage is not blessing. In the age of RB2011 all better devices had 128 NAND and it was 7 years ago. It"s just now that mikrotik decided to skimp on NAND and give us some hilarious 16mb. Especially without sd card, considering that now 8gb sd is smallest crap you can get in every supermarket for pennies (like 2$ or whatever).

no beeper - this one may come as one of the most underrated features if someone doesn"t use scripts. For people using scripts, USR led and beeper are one of more common signalization methods to indicate what"s going on. Whether you monitor machines connectivity on mikrotik using ping and play alert using beeper if something is wrong or use it for indication of any other anomaly - it"s audible alert. Really hard to miss if something really bad is going on. Yeah you could use email, unless condition you want to indicate is problem with internet connectivity. Or you could send SMS with 3G dongle. Oh wait, you can"t because there"s no USB.

no meaningful switch chip - while one could argue that this device has enough performance to run VLANs in software - bridging in mikrotik is far from perfect and there are various anomalies with connection tracking that kick in when you use bridge just for "switching" ports or VLANs. For example NAT may not be performed correctly if the same traffic goes through router twice (to get filtered in-line by lets say some other security appliance for example)

2.4 uses standard R11e card like this one: https://mikrotik.com/product/R11e-2HnD so it has the same connectors for antennas as R11e. 5ghz idk but I believe they"ll be removable as well. Probably with the same connectors. Maybe you can find something here: https://weblance.com.ua/389-mikrotik-go ... o-4x4.html I don"t know russian so I can"t tell. Photos look like there are 4 connectors on PCB to integrated 5ghz radio I guess.

I have one question about WiFi version RB4011(RB4011iGS+5HacQ2HnD-IN). Currently I use hAP ac(RB962UiGS-5HacT2HnT) for my home network. Im remove ISP modem and put optical transciver into mikrotik and setup firewall rules, pppoe, vlan"s, capsman, vpn"s... For Internet I use pppoe on sfp1 interface. For video I use vlan and bridge on SFP and ports which are STB"s connected. For phone(VOIP) I use another vlan and bridge on sfp1 and port on which is VIOP phone.

I think MikroTik didn"t say that RB4011 doesn"t support 1G or anything like that. Though ROS is a bit nasty with 1G modules in 10G ports. It requires disabling autonegotiation and not all devices go along with it well. For example I couldn"t get to work S+RJ10 at 1G rate with my laptop because its NIC doesn"t allow to disable autonegotiation.

Doesn"t it rather say that you cannot use passive SFP+ DAC at all? RB4011 seems to be the only Mikrotik SFP+ device which is incompatible with Mikrotik"s own direct attach cables.

And the LCD. I have lots of Mikrotik"s with LCD"s, you use them never. Do you want to pay a 10$ (or whatever the cost is) premium for that? Generally the answer would be no for most people.

Then speaking of the wireless version, it"s the first Mikrotik 4 chain device and has external antennas again so I"m really curious how it will perform.

If MikroTik would make now RB2100AHx4 or whatever could be name for RB1100 successor without bypass ports it"d result in similar butthurt because it just wouldn"t be the same device. Or RB951 successor without switch chip. It"s something defining this platform. MikroTik dropped half of features defining what RB2011 and RB3011 are and called it RB4011 just because. The only thing that RB4011 has in common with 3011 and 2011 is number and type of ports. THE END. It doesn"t have any other feature that 2011 and 3011 used to have. NOTHING, zero nada, null. No, wait it has console port. So it has 1 feature that others used to have. Bravo, truly spectacular. If MikroTik can"t think of name for new series of devices then I can give pro tip: https://www.random.org/strings/

I think it will be a good seller, especially in parts of the world with 1gbit Fibre at home is available, I think most people in the thread so far have a specific use in mind and so for them the feature set may not match their use case, but that"s the same with most of the mikrotik range right? You only have to look at the table to switch chips and products to realise how much each range or device differs from each other, not to mention all the different CPU architectures - part of their sucess and weakness you could argue.

It will be interesting to see what people think once they start shipping, especially the wifi performance with the 4 chain radio - but still no wave2 I think - based on my experience with the hAP AC² (first mikrotik device I bought) you might see some issues with the initial firmware and performance...

I think that you can do vlan"s on SFP interface, as it is directly connected to CPU, not really sure about GE ports, but according to Realtek switch chip documentation in MikroTik wiki, it does not support vlans.

I believe the configuration you have above will work just fine. All traffic will go through the CPU, which is the same as it is doing right judging from your screenshots.

I am addressing those that want a high-performance switch and feel limited by the architecture of MikroTik routers with one or more 5-port switch chips.

They are not suited for it. Get a switch. IMHO not from MikroTik, their switches lack a lot of commonly available features or they are in first development.

Reason behind it, is that MikroTik lacks RTSP helper and udpxy so feeding STB"s over NAT is very tricky (IGMP proxy works, but some content comes over RTSP streams), much easier would be just to feed ISP Multicast vlan directly as Layer2.

I"m using 10Gtek DACs which were even cheaper than MikroTik ones and work perfectly fine so I wouldn"t judge by price. It"s just generic chinese module that can be reprogrammed to present itself as Cisco, Mellanox, Intel, whatever. You can buy SFP programmater for like 300$ and reprogram any generic module to whatever brand you want to bypass brand checking. That"s basically how "compatible" modules are made.

I"ve had no issues with fs.com 10G DACs between Mikrotik, Netgear and Linksys gear. The stuff is all from China but they seem to have their logistics nailed down pretty well which is how they can offer such good pricing. I know a lot of other people in the industry also use FS so it"s not like they"re a noname company.

Cheapest MikroTik with two 10G interfaces is CCR1032. But personally I"d still use them as 20G LACP to switch and connect WAN to such switch on some gateway VLAN, rather than connecting WAN directly to one 10G port. Unless you have 10G internet from ISP using sfp+ as pure WAN interface is monumental waste of throughput

This is a signature feature of MikroTik equipment. Despite remarks about this running for several years, nobody in development bothers to decrease the current through the blue led.

Nothing scientific in my experience above. A little concerning about the crash, but I experienced similar random problems when setting up the RB450Gx4. The RB450Gx4 was completely stable after it was successfully configured and I expect the same for the RB4011. The RB4011 is significantly warmer to the touch than the RB450Gx4, however, the internal temp is about 6C higher. Not bad considering its literally double the clock speed. The warmer case temp is likely due to it acting as a giant heat sink.

S-3553LC20D should be compatible (based on https://wiki.mikrotik.com/wiki/MikroTik ... lity_table) but i get constant link up/down on latest OS+FW (6.44beta20)

- I really don"t get the design - the rack mount ears are not the best. I suspect the rack ears cost as much or more to simply manufacture as a full rack mount chassis like the 3011. Then you could add back the LCD and USB, and penny buzzer.

For MikroTik devices with SFP+ interface that support both 10G and 1G link rate following settings are needed to be set on both linked devices for required interfaces. These settings only relate when optical SFP transceivers are used. In order to get them working in 1G link rate, use the following configuration:

I don"t seem to find something with those specs from Mikrotik and I"m not sure if some third party interface like the Flexoptix 1G SFP Wideband BiDi LX LC Simplex will be supported. Has anybody any recommendations on this? People in this thread seem to already have problems with the SFP module.

No wonder - it"s beefy yet passive. CCR1009-PC can give you actual burns if you touch heatsink while it"s powered on. Even if idling (there"s actually not that huge difference in thermals between idle and stress)

This SFP mess is really annoying! Why can"t it just work? If I connect cheap TP-Link switch to Cisco, auto negotiation on SFP works. Same with even cheaper Realtek cards, various Dell servers and other equipment. But no, for Mikrotik, you have to manually set the speeds on both ends.

Where"s the problem? Some hardware issue on used chipset/cpu on Mikrotik side? Bad implementation? Incompatibility of some SFPs? Or just laziness to do it right?

And "Just disable auto negotiation and set rate manually" is NOT the solution. What if you can"t set other side of the link? Often any administrative change of parameters of upstream link costs extra money. This needs to be either fixed or have warning written on all Mikrotik product pages that SFP port doesn"t support auto negotiation. It"s 2018 and you expect these things to just work. If there was a list of verified SFPs that do work, that would be fine. But so far it seems auto negotiation on SFP port just doesn"t work, no matter what SFP or DAC you use.

Where"s the problem? Some hardware issue on used chipset/cpu on Mikrotik side? Bad implementation? Incompatibility of some SFPs? Or just laziness to do it right?

Personally I am replacing a rb2011uias-2hnd-in, I never used LCD, USB or speaker, so this is not a big deal for me with the cpu power available. The upgrade on the wireless side is much more a thing for me.

3. The case is close to full-metal design (I know the bottom half case is plastic), the CPU is directly using thermal pad to touch metal case to cooling. The CPU temperature is not over 45C since started using.

In my configuration disabling autonegotiation is not availible option because Im replace ISP Iskratel Innbox V60-U modem with mikrotik and put fibre and SFP module direct on mikrotik, that I don"t need 2 devices, can send IPTV&VOIP&INTERNET on same UTP cable(Instead runing each cable for each device) and in this case I don"t have access to ISP side to disable autonegotiation.

So yes, main board is flipped over (or the CPU is only on top side, connectors, leds, etc. are on bottom side) so the CPU can touch a metal top cover which work as heat sink for CPU.

Fun fact... According to https://wiki.mikrotik.com/wiki/MikroTik ... lity_table S+DA0001/S+DA0003 aren"t supported but... Just tested S+DA0001 (SFP+DAC1M) with a Zyxel XGS 2210 the other side and using autoneg off, 10g fdx, and it seems to work (link up, data flow ok)

iirc MikroTik said that some kind of error correction that is technically required for passive DACs is not supported on 4011 but I guess if you don"t have much of em noise in your environment and cable is short (like MikroTik ones) then probably it"s not big deal thus "usually" it will work. In average environment.

mikrotik lcd touch screen made in china

And Chinese is less arrogant，they fix issues before you even realize, unlike the noble European Mikrotik leaves major unusable issues in their switch, after 1 and half years still no fix no nothing.

mikrotik lcd touch screen made in china

MikroTik is planning to develop and build a controller app for MikroTik Devices. Currently we are researching possibilities and options, what should be there and how it could be done and implemented. At the moment we do not want to stick to a specific implementation or standard, but build our own that will help to manage, develop and deploy different scale networks running MikroTik devices.

This is fantastic Idea, whoever what you guys think about something like what Unifi or Meraki do, a nice controller that can be hosted, and adopt all Mikrotik device with potentially dude integrated to it for nice network diagram and more... would be killing feature for us deploy and managed Mikrotik

but what is the Mikrotik plan for the controller: are you going to develop something like Meraki or Unifi, if yes, then that"s a fantastic news, but if that a simple mobile app or similar then please even don"t try.

I see, are you going to developing something like Meraki or Unifi as a controller? is Mikrotik planing to have some king of NGFW feature in future produce?

@sergejs wrote: MikroTik is planning to develop and build a controller app for MikroTik Devices. Currently we are researching possibilities and options, what should be there and how it could be done and implemented. At the moment we do not want to stick to a specific implementation or standard, but build our own that will help to manage, develop and deploy different scale networks running MikroTik devices. Any suggestions about features and options are very welcome.

I really don"t think y"all are that far from this, a "modernized Dude" look a lot like a "Mikrotik Devices Controller" – it already has pretty good schema/protocol/storage. Basically I think it"s architecture is pretty good – it"s just the "client" that needs a new look. If it didn"t look like a 1990s windows MFC app, and picked off some off the Dude feature requests, you"d have something sooner than starting from scratch...

- Zero Touch Provisioning (ZTP!). That means I ship an unconfigured Mikrotik device and the device should find the controller (on-premise or on cloud) so we can take control to push the configuration (or access via jump service (?) to the device so we can load the desired configuration via SSH / APIs or even Winbox).

If Mikrotik does this right it with the features above (to start) will be a home run!!!. Fortinet has a similar model to deploy a central controller or alternatively keep local control of the devices like RouterOS does today without a dependence of a central controller.

My number one suggestion and highest priority is to build in strong security from the start, not as an afterthought. MikroTik could show the rest of the network equipment industry how to establish best practices for securely maintaining network devices, and that should be the goal!

Implement a comprehensive system logging facility. This could be optimized for MikroTik devices to leverage enhanced features. The system logging should support TCP logging, as well as optional support for logging via encrypted links (SSH, IPsec or other VPN). It should be feasible for customers to implement redundant syslog servers for resilience as well as protecting logs from being modified by attackers. The logging system should be capable of relaying log records to more advanced enterprise-oriented logging systems (e.g., Elastic Search).

At the moment we do not want to stick to a specific implementation or standard, but build our own that will help to manage, develop and deploy different scale networks running MikroTik devices.

Maybe it would be wiser to drop a bit of vanity and instead of inventing everything from the scratch base this new tool on some established standard such as RESTCONF for example which should not only cut developing time and effort but allow for MikroTik devices management to be easier integrated into an existing enterprise management systems ...

-If it"s a web-based tool, I would appreciate a way of pointing directly to a device by URL using the MAC address or serial number (Example, serial number: "https://mikrotikcontroller.yourisp.com/ ... 34567890AB"). This would make it easier for CRMs and billing platforms to link directly to a device in the controller from an inventory screen without having to involve background API calls.

-Make it very easy to onboard new devices to this controller. Right now it"s a pretty tedious process to prepare new home routers with our custom config. If we could have fresh Mikrotik routers take DHCP specific DHCP options out of the box, or a config from a USB stick, that would make things go pretty smoothly. The "best case scenario" that I can think of would be having a Mikrotik PoE switch running a special DHCP server config, I unbox a bunch of hap ac2 routers, connect he PoE IN/ether1 port to the switch, they somehow show up in the controller, and get our "default" config without any intervention, or at least a few clicks to onboard the entire batch of routers.

They can go the Unifi way and create a standalone platform-independent controller application. The regular user would just install the controller on any non-mikrotik device. But "powerful" ARM mikrotik devices could run the controller inside a docker container on any network-device too. Max. flexibility.

I think, the dude is good enough software and mikrotik just needs to expand its functionality,because maps of the dude and visuality is unique. Plus functionality by scripts and user needs its very important. You folks just make it more flexible plus more already integrated functions like mass password change, configuration download ( for now I made script in services, but it has some limits) and more and more. I dont think, that another system will make something better, when you have this, just make it workable on linux, not just ROS.

I"ve written some Lambda functions and other AWS services to connect Mikrotik devices to a Wireguard VPN, assign an IP, collect Netflow and logs at a central location and store them in S3. Nowhere near finished, and I also plan on taking advantage of the REST API to push out configuration changes.

@mrz keeps describing a push-based mikrotik device manager... Yet, it"s like Mikrotik wants to forget The Dude even exists. I just can"t but think a few "bug fixes" to the dude go a long – pick any of the suggestions here. Since a "new device controller" should "monitor" the controlled_devices, they"d need to re-build basically same things that Dude already does. Even modern IoT things do same as Dude long ago: write time-series data to a sqlite, just with MQTT [which ROS supports now] instead of SNMP. Why throw that away?

The Dude is a extremely powerfull application developed by Mikrotik to manage and monitor network devices running SNMP protocol. For years its development is stopped and mikrotik keep it for it self. This petition is at the same time a tribute and a ultimate request for Mikrotik to release the source code and let the opensource community develop the ultimate NMS System for us all.

Maybe MikroTik really did not ask for the protocol. Which would surprise me anyway, as it is them who have the expertise on the internal workings of their closed-source system, how can we suggest what the protocol would look like.

But of course MikroTik do not need to make that same mistake. A Unifi controller within a separate management VLAN within a company (possibly linked using VPN) is not that much of a security risk, isn"t it?

At the moment we do not want to stick to a specific implementation or standard, but build our own that will help to manage, develop and deploy different scale networks running MikroTik devices.

there are couple options of ACS that can be use with MikroTik but not the one for SDN, so perhaps MikroTik can develop the SDN software as it should be able to control the routers with the flows planning

This is not limited to network folks. The Atlassian system used by MikroTik for the help system and issue tracker were down due to such an issue (waiting for a fixed version).

I"ve also noticed several people asking for a web UI that can control, manage and provide remote access to Mikrotiks while also providing backups and config diffs and firmware management, RADIUS user management, historical graphs and charts, as well as bulk configuration.

I read through some of this discussion, maybe someone has mentioned this already, but I would like to throw my idea into the hat here: It would be cool to have the ability to "Stack" Switches or Routers with this utility, eg: Keep configuration files between the stack or maybe HA group in sync (Think firewall rules etc). I feel like this would bring a serious edge to Mikrotik hardware in a business environment.

I built an app that can provision multiple devices at once, it can do 24 devices in 10 minutes, it takes longer to unbox and plug in the mikrotiks then it does to provision them all. Provisioning includes setting a base config, updating to a selected version, applying the final configuration, and adding it to the "inventory". There are multiple reboots in the process to verify everything. At first I used a custom net-stack that used neighbor discovery without arp so it could connect to multiple devices with the same default 192.168.88.1 address at the same time. Today, I use multiple containers with the default linux net-stack on its own vlan.

We use Solarwinds NCM which is good as a general all-rounder. But MikroTik could make it enormously better/easier/simpler if it were tailored specifically for MikroTik

At the moment in NCM it"s fairly simple but it isn"t implemented quite as logically laid out as it should be. MikroTik could massively improve the usability and give you a step by step system with drop-down menu"s catered for config sections, not just using RegEx expressions and SSH scripts

I"d expect a MikroTik system to let you simply tell it how something should be in laymans terms, and it"ll automatically handle the config change properly

Nonetheless, I think Mikrotik"s strengths are in the form of innovative and cost effective hardware platforms, a fairly well-designed configuration paradigm, and that the configuration language is a domain-specific language that lends itself to scripting. If there is a desire to sell a management solution, Mikrotik should lean in to those strengths and do most of the work on the router side rather than the controller side.

One big example I can think of: give RouterOS 7 proper configuration transactions. The RouterOS configuration paradigm is already very database-like and, in my opinion, is well-designed compared to some of the big players like Cisco. A huge thing missing for automating Mikrotiks is the lack of native transaction support: the ability to stage a series of changes, commit them in their entirety, and if necessary roll them back. Work spent improving this would make the platform more attractive for all users, no matter whether they manually configure their devices with Winbox/web/CLI or whether they integrate them with an automation tool like Ansible.

Something like the UniFi Controlller is pretty to look at but it ain"t very useful. It"s slow, it"s got so many problems with from adoption, to disconnections, to being unable to handle consecutive (not "too many-", just ·"consecutives") updates, all of which Mikrotik doesn"t have plus accessibility issues for installers (that thing when you come down the white bright rooftop into an air conditioned relatively dark server room and you try to read fonts too thin) which are a staple for this mgmt utils. I"d document better instead. The documentation is written for the CLI, but the CLI isn"t what"s encouraged to use, there"s this myriad of admin UIs but only documentation for the one without any graphics, often with graphics/screenshots/suggestions for the other ones. It"s also in a needlessly technical language most of the time but it"s not technical enough where it matters so there are no ambiguities--there are way too many of those. Sure it"s hard to contemplate all possibilities in computer networking being nearly endless, but it can be done because it"s been done, there"s another vendor who"s managed.

I"m referring to pfSense. If I had to improve Mikrotik"s , I"d take a look at what used to be called The pfSense Book (now just its documentation) for guidance. It does an outstanding job of explaining why things work as they do and even why decisions of the UI were taken in some instances addressing straight on their shortcomings.

Focus on documentation, build-it right in Winbox or one of these great UIs you already have which are as powerful as you know how to make them do things, make documentation offline, not links to a wiki which aren"t helpful when you"re setting up a device--when you need it the most. Finding the default IP management address shouldn"t take half an hour. Things like Mikrotik "Home" or whatever dumb things down way too hard and don"t provide a learning/evolving path to follow. For those of us coming with advanced, already set up networks on platforms a little more straightforward, reaching the level of knowledge necessary to deploy the same infrastructure can be cost-prohibitive in terms of time/downtime. The first time I tried a Mikrotik router, I ended up returning it because it was going to take way too much time to set up. The last time I tried Mikrotik (it"s been like 4 or 5) I couldn"t find how to set up full cone NAT on a dynamic IP interface without first learning pretty high level scripting.

We are a large 802.11 WISP with a managed BYOD wireless client service. We are in a phase of transitioning heavily to MikroTik products for our backhaul. We are interested in your CAP access points to install in homes and businesses, but your CAPsMAN controller currently has an issue which is fatal to our use case:

That"s worse. You need an extra point of failure ("proxy controller" service) plus the need to rely on 3rd party cloud services (be it MikroTik, the cloud provider they choose, and everyone in between).

A very good idea but only if MikroTik wants to build something similar to Panorama from Palo Alto Networks. Unifi Network Application has shit management of router functions (e.g. USG has maybe 20% of functions from GUI) . Unifi Network App works reasonably well but only with AP . MT please looks on better big vendors , platform form Ubnt not good solution.

what we need DUDE MAIN Controller that MIX all Dude sites and levels info main one Screen. then NOC or support team when click on requested network open the map for this network.

According to my idea "MikroTik controller app for MikroTik Devices is must connected with Cloud DDNS sn.mynetname.net" so any one access any where as they are accessing MikroTik Router. Because in many countries there is typical ISP"s policies so they have blocked VPN or some time users needs to white list their VPN IP"s.

I am also not asking Mikrotik to make THE WORLDS BEST FIREWALL #1. I need just IDS/IPS/DPI functionality that is good enough because I have had some customers whom I have had to migrate away from MIkrotik because they asked for IDS/IPS. And it was a lot of work rengineering their entire network to Fortigate, Ubiquity UDM Pro, Cisco Firepower, etc... Btw. IDS/IPS/DPI on the UDM pro work pretty much exactly like I described. All local on the device except that it reaches for remote databases. Yes, troughput drops for a couple of gigabytes but it is still well above 1G troughput on the UDM pro. Based on my real world testing. On the Ubiquity UDM Pro it is 1 radio button and 1 checkbox to enable IDS/IPS and DPI. You have some more options like selecting threat categories and blacklisting/whitelisting. But those have sane defaults and thus you don"t really have to do anything with them. Yes The UDM has a central controller, on ITSELF. There is no remote computing.

mikrotik lcd touch screen made in china

Founded in Latvia in 1996, MikroTik is an industry leading network equipment manufacturer that is present in many countries around the world today. Since beginning as a wireless ISP systems manufacturer developing routers, MikroTik has continued to expand its brand, creating the RouterOS operating system and RouterBOARD hardware. Known for creating quality components at a low cost, MikroTik provides an excellent solution for securing and monitoring your network. Whether you are searching for a Mikrotik switch, a Mikrotik antenna, Mikrotik license or the newest Cloudcore router, we’ve got the solution for you.

Baltic Networks has been an Authorized MikroTik Partner since 2009. As distributors, we offer a complete line of MikroTik products including custom solutions made for Mikrotik that you won’t find anywhere else . As consultants, our MikroTik Certified Engineers offer a full spectrum of network engineering services with in-depth expertise of RouterOS, designing network infrastructure, troubleshooting, specific setup of VPN, bandwidth shaping and so on. As trainers, we are a Certified MikroTik Training Center offering a full spectrum of MikroTik training programs leading to a full certification as a MikroTik Certified Associate or Engineer.

mikrotik lcd touch screen made in china

The MikroTik RB3011UiAS-RM is a 10-port device and the first from MikroTik to be running an ARM architecture CPU for higher performance than ever before. The RB3011 has ten Gigabit ports divided in two switch groups, an SFP cage and for the first time a Superspeed full size USB 3.0 port, for adding storage or an external 3G/4G modem. The unit comes with a 1U rackmount enclosure, a touchscreen LCD panel, a serial console port and PoE output functionality on the last Ethernet port.

mikrotik lcd touch screen made in china

!) switch - added hardware STP functionality for CRS devices and small Atheros switch chips (http://wiki.mikrotik.com/wiki/Manual:CRS_examples#Spanning_Tree_Protocol);

*) ppp - added CoA support to PPPoE, PPTP & L2TP (Mikrotik-Recv-Limit, Mikrotik-Xmit-Limit, Mikrotik-Rate-Limit, Ascend-Data-Rate, Ascend-XMit-Rate, Session-Timeout);

mikrotik lcd touch screen made in china

You Might Also Be Interested In