AKSN74 wrote:
小烏龜後面最好接Router...(恕刪)
6.3大修正....
Script更新了不少 XD
What's new in 6.30 (2015-Jul-08 09:07):
*) wireless - added WMM power save suport for mobile devices;
*) firewall - sip helper improved, large packets no longer dropped;
*) fixed encryption 'out of order' problem on SMP systems;
*) email - fix sending multiple consecutive emails;
*) fixed router lockup on leap seconds with installed ntp package;
*) ccr - made hardware watchdog work again (was broken since v6.26);
*) console - allow users with 'policy' policy to change script owner;
*) icmp - use receive interface address when responding with icmp errors;
*) ipsec - fail ph2 negitioation when initiator proposed key length
does not match proposal configuration;
*) timezone - updated timezone information to 2015e release;
*) ssh - added option '/ip ssh stong-crypto'
*) wireless - improve ac radio coexistence with other wireless clients, optimized
transmit times to not interfere with other devices;
*) console - values of $".id", $".nextid" and $".dead" are avaliable for
use in 'print where' expressions;
*) console - ':execute' command now accepts script source in "{}" braces,
like '/system scripts add source=' does;
*) console - ':execute' command now returns internal number of running job,
that can be used to check and stop execution. For example:
:local j [:execute {/interface print follow where [:log info "$name"]}]
:delay 10s
:do { /system script job remove $j } on-error={}
*) console - firewall 'print' commands now show all entries including
dynamic, 'all' argument now has no effect;
*) ipsec - increase replay window to 128;
*) fixed file transfer on devices with large RAM memory;
*) pptp - fixed "encryption got out of sync" problem;
*) ppp - disable vj tcp header compression;
*) api - reduce api tcp connection keepalive delay to 30 seconds,
will timeout idle connections in about 5 minutes;
*) pptp & l2tp & sstp client: support the case were server issues its tunnel
ip address the same as its public one;
*) removed wireless package from routeros bundle package,
new wireless-fp is left in place and wireless-cm2 added as option;
*) pptp & l2tp client: when adding default route, add special exception route for
a tunnel itself (no need to add it manually anymore);
*) improved connection list: added connection packet/byte counters,
added separate counters for fasttrack, added current rate display,
added flag wheather connection is fasttracked/srcnated/dstnated,
removed 2048 connection entry limit;
*) tunnels - eoip, eoipv6, gre,gre6, ipip, ipipv6, 6to4 tunnels
have new property - ipsec-secret - for easy setup of ipsec
encryption and authentication;
*) firewall - added ipsec-policy matcher to check wheather packet
was/will be ipsec processed or not;
*) possibility to disable route cache - improves DDOS attack
handling performance up to 2x (note that ipv4 fastpath depends on route cache);
*) fasttrack - added dummy firewall rule in filter and mangle tables
to show packets/bytes that get processed in fasttrack and bypass firewall;
*) fastpath - vlan interfaces support fastpath;
*) fastpath - partial support for bonding interfaces (rx only);
*) fastpath - vrrp interfaces support fastpath;
*) fixed memory leak on CCR devices (introduced in 6.28);
*) lte - improved modem identification to better support multiple identical modems;
*) snmp - fix system scripts table;
zfnakj wrote:
6.3大修正......(恕刪)
重點還是這個
*) improved connection list: added connection packet/byte counters,
added separate counters for fasttrack, added current rate display,
added flag wheather connection is fasttracked/srcnated/dstnated,
removed 2048 connection entry limit;
剛剛看了一下 確實可以顯示每一個連線的封包量跟傳輸流量了
這算是不小的改進
而且VLAN現在也可以支援FastPath了
william5629 wrote:
謝謝回覆
沒讓HP1910放在main的位置,是怕負擔太大,全棟約7x個devices加上2-3台NAS
加上爬文候好像都建議小烏龜後方要接router...(恕刪)
小弟的意思是, 在你的架構上有提到以 CCR Router 上建立 LACP, 但如果你 google 一下, 有相當多的人詢問如何在 RouterBoard 上建立 LACP, 實際上成功的案例真的非常少, 反之在 HP Switch 上面就容易設定的多了.
另外出 Internet 一般再快可能也只是 100Mbps-300Mbps, 那麼在 Router 這部份就不需要再和 core (main) switch 之間做 LACP Port Trunking 了, 畢竟沒有那麼大的頻寬需求.
FB: Pctine
內文搜尋
從 APP 打開
X