Difference between revisions of "MikroTik-Fail"
Line 31: | Line 31: | ||
This means config backups are basically worthless unless you can input them manually and see what breaks. There's no revision testing on it either by MT. | This means config backups are basically worthless unless you can input them manually and see what breaks. There's no revision testing on it either by MT. | ||
+ | |||
+ | = 4 byte ASN = | ||
+ | |||
+ | Per [https://mailman.nanog.org/pipermail/nanog/2022-August/220138.html this message] on NANOG, they can't do 4 byte ASN's |
Revision as of 12:01, 11 August 2022
This is a list of basic failures that I've found MikroTik Routers to have. This is by no means exhaustive.
Contents
IS-IS Support
Mikrotik doesn't support and will not support ISIS.
The stated reason is it's not a "coooool protocol" like OSPF.
No ability to show bridge table
In a bridge wireless network where CPE are bridging the LAN port to Wireless, then to the AP, and out the AP Ethernet port, one cannot find the MAC address of the CPE radio and what MAC's it's bridging to the AP. There has to be a table of this internally in the AP, but it is not exposed. This makes locating a misbehaving MAC address complex as you have to look at each CPE device's MAC table.
Alvarion/Cisco/Symbol/Karlnet/Canopy has had this since like 1995.
VRF table ignored for local responses
In a VRF, where you have a traceroute going through it, MT will source it's ICMP TTL packets using an IP from the main routing table. This means anyone tracrouting to the VRF will be able to see IP it's going over, or if it's a private IP that the main table has, it will likely just show "* * *" as the IP will be unreachable.
This is a known issue.
https://old.reddit.com/r/mikrotik/comments/5ixk1u/intermediate_hop_dont_show_in_traceroutes_when/
RFC3021 /31 links
Mikrotik doesn't support this. This is an over 20 year old RFC. Come on.
https://forum.mikrotik.com/viewtopic.php?p=163163
/export changes at random across different firmware
/export is not idempotent between OS upgrades on the same hardware.
This means config backups are basically worthless unless you can input them manually and see what breaks. There's no revision testing on it either by MT.
4 byte ASN
Per this message on NANOG, they can't do 4 byte ASN's