Top 10 RouterOS Configuration Mistakes (Part 2)

We continue our countdown of the Top 10 RouterOS config mistakes.

This week we continue our list by looking at the mistakes ranked number 8 and 7:

 

8-DNS Issues

The problem: If you have no firewall, anyone can use your DNS server. There might not be a problem with this; however, it depends on how it gets used.

Hackers sometimes use spoofed IP’s to request information from your DNS server which uses most of your downstream traffic, CPU and memory. Requests use less traffic than replies.

 

conifg-mistakes-8


7-Firewall inefficiency

The problem: Having too many rules can also make your MikroTik device slow and unresponsive, as each packet would have to travel through the entire rule-set checking if there is a match in each rule-set.

The solution: Packets also travel from your first rule down the list checking for matches in your ruleset, by moving one rule in front of another your device can be more efficient as it would not have to go through the entire ruleset.

config-mistakes-7

Click here to take a look at our Top 10 and 9 RouterOS config mistakes

Submit a Comment

Your email address will not be published. Required fields are marked *

in dictum dapibus eget ipsum libero quis,