I noticed that Mikrotik has added RPKI into their very much beta v7 branch. I would like to ask those of you that know RPKI well to check it out and offer Mikrotik feedback on what they’ve done right\wrong\broken.
Thanks.
Promising development, indeed
- MT RPKI Forum Topic:
https://forum.mikrotik.com/viewtopic.php?f=2&t=81340&sid=85bf0ab2fec75b418a070485e5a68741
- Changelog: https://mikrotik.com/download/changelogs/development-release-tree,
https://forum.mikrotik.com/viewtopic.php?t=161980&p=797998
- Help page: https://help.mikrotik.com/docs/display/ROS/v7+Routing+Protocol+Status
Dear all,
I noticed that Mikrotik has added RPKI into their very much beta v7
branch. I would like to ask those of you that know RPKI well to check
it out and offer Mikrotik feedback on what they've done
right\wrong\broken.
Our hero Massimiliano Stucchi in Switzerland started doing the legwork.
He is is sharing the test results here:
http://as58280.net/en/articles/RPKI-on-Mikrotik
Enjoy!
Kind regards,
Job
Thanks!
It’s nice to see something mostly work on the first try.
Mostly.
I'm only living without IPv6 for the moment, which is painful... 
Ciao!
Mostly.
I'm only living without IPv6 for the moment, which is painful...
OMG!!! Max, I'm so sorry to hear that 
Fyi, your signature is bad on that email.
How is IPv6 coming on Mikrotik? It's a no-go at least for my deployment on
6.4 code. Not sure I want to run beta in a quasi-production network.
Thanks,
- --
Bryan Fields
727-409-1194 - Voice
http://bryanfields.net
Did you face any issues with IPv6 on 6.4, I personally have participated in deployment projects on Mikrotik for many large networks.
And it worked well in the end.
The problem I ran into was having it support SLAAC for assignment of IP
addresses for management to a management vlan. We have a number of them setup
as bridges, and use ipv4 for management now, but can't seem to make them
configure IPv6.
I've run into several issues with them doing bridging as well. Perhaps the
worst is there's still no way to associate a MAC with a bridge MAC. This
means we can isolate problem MAC's on an AP level, but then have to dig into
the FDB of each individual node on that AP.
These aren't ideal, but at the price point, we put up with the issues.
https://forum.mikrotik.com/viewtopic.php?t=42268
It also doesn't support ospfv3 prefixes with the LA-bit set:
https://forum.mikrotik.com/viewtopic.php?t=51124#p319794
I.e. if you originate an ipv6 loopback address from another vendor, the Mikrotik will silently drop the prefix on the floor.
Note the dates on these posts: 2010 and 2011.
Nick
Thanks, and great to see.
Shame IPv6 keeps being sent to the naughty corner, but well :-).
Mark.
In my home, basic IPv6 + SLAAC is working fine on Mikrotik, on 6.47.
I have a mate who adds DHCP-PD on his, and he's happy too.
Beyond that, I can't tell you much. It's a home CPE :-).
Mark.
This link will take you to their “suggest a feature” section.
https://help.mikrotik.com/servicedesk/customer/portal/1/create/6