Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
I love Mikrotik. Just fucking love them. I also love my residential fiber service. Small company. Synchronous 125M service. No caps. Bandwidth is always there.
BUT... They use PPPOE (seriously guys?), and the IP changes on *every single re-connect*. Also: no IPv6 support. I know. I don't need it. But I want it.
Enter DNSMadeEasy's DDNS, Hurricane Electric's 6to4 tunnel service, and my Routerboard AH100x4. I wrote a script that runs on the router whenever my IP changes. It updates my DDNS record, updates my 6to4 tunnel IP using HE's API, and updates my local 6to4 interface's IP.
It just works. My public IPv4 may change, but the /48 IPv6 networks on my LAN side stay fully routeable.4 -
why... WHY do I always attract all sorts of weird problems...
I feel like it makes me look incompetent :/
Like this side-gig. I had a client who brought us essentially half a rack (20 blade servers, 7 units of network equipment) and asked us to spin it up. No passwords, no topology - nothing. It was my first such "project".
So I'm setting it all up, using chatgpt and notions of vlan theory from college years ago. I managed to make smth work. Went away for the rest of the day. Hours later I come back -- no longer can connect to ovpn running on a MikroTik router. wtf... connect to office router's vpn, winbox via mac to the router to see wtf. Everything seems alright, except when I try to `/ip route print` it just hangs there. Tried a few times. -- same result. As if routes just got borked while noone was touching it. Found someone who's working with networks wtf, he said he's NEVER seen this happening. A router reboot sorted this out. That's weird problem #1.
I finished reverse-engineering and re-setting up the networking, sketched a topology with patching scheme and asked colleagues to take it all to the DC. They did it, connected it all up. 5 nodes aren't accessible via network. So I connect remotely to the router's openvpn and try to see what's up. Indeed, some servers are reachable, others aren't; even though MT switch (router's downlink) sees those servers plugged in with link up, servers don't see the link. I noticed some ports aren't trunking some VLANs. I started adding those ports when the winbox connection dropped out of the blue. 5-4-3-2-1-reconnecting... it reconnected. Yayy!! But wait, where is everything...? All interfaces -- gone (physical ones too). All IPs -- gone. All routes -- gone. Everything's gone. Half a minute later I'm disconnected again. The switch IP is no longer pingable. Servers plugged into it aren't reachable either. That's weird problem #2.
Then I figured I might try to see whether I can see anything from the router level. Try to ssh to it -- attempt was dropped, as if 22/tcp was closed. wtf? It was working in the office. winbox into it -- yayy, that works. Try to open a terminal via winbox -- a dialog pops up "Terminal <1> - not permitted (9)". wtf..? I Google this error up, it says that user is a member of group that does not have telnet and ssh permission. Indeed, I loog into groups -- the group 'admin' does not have them. Try to add them -- also not permitted. And I'm the 'admin' user, a single user in the router after a factory reset. How the hell else do I change permissions if even admin is flipped a finger.
That's weird problem #3
And now I look like an incompetent prick with two left hands who is only breaking shit.
And it's been like that my whole career
Why... How... ffs, that's getting annoying. Maybe I should downgrade myself to a QA. Problems find me themselves, I don't even have to look for them2 -
So just a normal rant here. .. it was one of those moments you find in yourself in sometimes. You get so caught up in thinking you know everything that you can't implement occams razor into your everyday work routine anymore. You've worked with so many complex workarounds that when you are faced with a simple problem with a simple answer you can't see the blinking neon light shouting at you anymore , and you can't here the bells sound anymore. ..
My rant is about Me vs the infamous mikrotik router. Something I had to set up. Something I had to login to setup. Something I've done so many times before but this time , my inflated ego and overbearing sense of grandeur just could not figure out.
Class how do we login into a router? Well find your gateway and type that sucker into a browser and you will be on your way ... well that's the answer right there. But since I thought that my router was connected to three dummy switches that it would affect anything or the paranoia I had that my isp somehow disabled any connections to the router at all or that I and to open a new port to connect to it or use winbox to connect to it using only the mac address or ssh into it ..would work ...I didn't try using the tried and tested way of doing it.
I wanted it to be an adventure. I wanted it to be a problem to solve so I shoved the ordinary answer out of the way and used other methods to try and connect to it...
All I had to do was used Nmap to scan the gateway for open ports and realise to view it in the Browser on port 8080 instead and finish my journey ...
I was looking for a dragon to slay , a maze to conquer, glory at the end of my mission ... when all I felt was a sheer sense of idiocy.
--Rant Completed-- -
imagine a big network with mikrotik routers around. each user must login to the hotspot to access the internet (login page is always the same ip)
i am connected to one of those routers using winbox but i dont see any of those user/pass in the hotspot section of this router. and this router is the only router winbox has detected.
so... what am i doing wrong? where are the use/pass stored if they are not in this router?
Top Tags
Weekly Rant
View