Securing RouterOS written guide is now Live!

This is probably one of the most important (and overlooked) aspects of using an internet capable router. Security of your device is paramount an you should always do everything you can to protect it. I’ve got both a written and video tutorial to show try and help you achieve a solid security solution so you can be safe in the knowledge that your router is unreachable from unauthorised sources.

MikroTik Bandwidth Test Removed!

MikroTik have recently removed this excellent little tool from their website. Whilst it is not known in the MikroTik community as being a “good” speed testing tool, it certainly has helped me out a few times testing bandwidth to one of a few co-hosted RouterOS devices and getting a good reading on the ISP delivered speeds.

This is in part to MikroTik now pushing the Traffic Generator as the new testing tool and whilst I really do hope they don’t drop the BTest server capability in future versions, I do ultimately see it coming.

So, whilst the tool has been removed from the website and it’s not even being kept in the archives, I did manage to rescue a copy from my laptop and am happily hosting on my site should there ever be a need for it.

You can download a copy of the last version of the tester from within my website here.

 

CHR completed! But not how I hoped it would be

My long ongoing build of a 1U ESXi server to run CHR on has come to an end, a frustrating end that meant I simply couldn’t live with the noise it was kicking out because of the 40mm fans and constantly comparing it to my massively overpowered i7 mATX fileserver.

As a fairly large change to the home setup I decided to pull apart about 3 of my home servers and rebuild the main storage into the spare N54L and then rebuild the “Node” into an ESXi server to host the CHR. Quad port NIC in the Node and a quick install onto the Crucial M4 128GB and it was up and running, installed the CHR and it’s moving along really well and actually turning about double the traffic capability of what the “older” Xeon was doing!

So a really big shuffle around but now I feel like I’m actually starting to do my i7 some justice and not just using it for a ridiculously overpowered power hungry file server.

Whilst doing the work I had the dog in the cave with me (not that she was much help)

More CHR router updates

My iDrac kit has arrived and a lot faster than I thought it would. I’ve got it installed and I’m ready to battle with it and try to learn how to get into it and access the iDrac interface.

Now to get it powered up and updated to latest firmware. Also I’ve been looking at OS for routers and OPNSense has come onto my radar, I may be tempted to spin up one of each on ESXi so I can switch between the two.

CHR build pushes forwards again

The RB3011 is starting to aggravate with it’s high CPU usage under VPN and the ports flapping, a major network change around is due I think and I’m hoping the CHR is going to be the start of it.

iDrac express and enterprise have been ordered to try and rein in some of the fan noise further.

Today I’ve managed to get the CPU re-pasted as the old stuff was just genuinely crusty and also manage to strip out a load of not needed bulk in the case.

Before:

After:

The CHR is fully installed an so far I’ve managed to push a very strong 7Gb through it internally testing so I’m relatively confident it will handle my 100/50 connection even when I do start using VPN.

What’s happening? 04/03/2018

I’ve pumped out a fair amount of tutorials recently and then had a bit of a hard stop. The work is carrying on in the background. I have loads of plans for more tutorials primarily based on MikroTik but there will be some Ubiquiti elements thrown in.

Project home router is at an odd point, I’ve re-ignited it but not done any further work to it. I’m currently waiting for a full iDrac setup to come through from China to see if I can quiet it off and I’m also waiting for the opportunity to re-paste the CPU to make sure I’m getting the best possible thermal setup out of it. I’m still undecided what to do with it, I have a quad port NIC but reality is I wish it was an SFP card and I can’t run both. Either way it can’t be any worse (apart from noise) than the RB3011 which is dropping ports and getting a lot of hard CPU usage under load.

I’ve also had to reinstall my trusty laptop, Ubuntu was aggravating me and some apps just weren’t what I wanted so have reinstalled to Windows 10 and have spent a few days getting it set up exactly how I want it. Some new editions to my Windows portfolio include Notepad++ which I’d never used until now but is absolutely awesome especially when combined with a user defined RouterOS language and the biggest surprise was the Bash on Windows functionality that W10 offers, simply it’s brilliant and now I genuinely have no drawbacks to moving back to Windows. I may drop a few posts about that in the future as simple stuff like SSH tunnelling is now so much easier from the Windows desktop.

As time has been short I’ve not managed to put a lot up to YouTube however have had a couple of gaming sessions which I’ve streamed to Twitch. I’ve been playing with some frames and scrolling text and I think I’m about there with those now. I’ve also ony just discovered StreamLabs which I have set up but am still waiting to sit down and learn intimately and get it set up to the standards I want.

Having a great time with my tech at the moment, I never seem to have enough time to do what I want and I’m eagerly waiting the launch of the new Ryzen+ or Ryzen2 kit in a couple weeks time as I’m definitely upgrading. 4Ghz seems to be the way to go!

 

UPnP Tutorial Now Completed

UPnP is helpful in certain situations where you need a device to poke holes in your firewall for particular services, the most common usage of UPnP in MikroTik is for online gamers who want to achieve an open NAT type for their XBOX One’s, PS4’s and other applicable gaming consoles. Some CCTV systems do offer usage of UPnP for remote viewing. UPnP is seen as a bit of a security flaw because it allows devices to poke their own holes, if a device becomes compromised it could open your network up to a lot of nasty stuff from the web, you should only really use it as a temporary measure whilst you employ a good port forwarding structure or where port forwarding is not possible.

Both written and video tutorials are now written for adding UPnP to your router using MikroTik RouterOS. UPnP is a nice easy one to do but should only be used if you absolutely can’t forward the relevant ports.

Written tutorial can be found here

Video can be found here