Community discussions

MUM Europe 2020

Search found 5 matches

by MariusL
Sat Apr 07, 2018 12:42 am
Forum: Forwarding Protocols
Topic: strange phenomenon ospf and NAT
Replies: 8
Views: 2879

Re: strange phenomenon ospf and NAT

Hi guys, You should double-check your NAT-rules... I use the «destined for not-private-subnet » (!192.168.0.0/16) -approach as matching criteria for my NAT-rule, this NATed my OSPF multicast traffic. The destination broadcast address 224.0.0.5 is used to send Hello packets to all OSPF routers on a n...
by MariusL
Fri Apr 06, 2018 10:58 pm
Forum: Beginner Basics
Topic: When auto updating, Error connection timed out
Replies: 29
Views: 18140

Re: When auto updating, Error connection timed out

The auto-updater accesses download.mikrotik.com using port 80. You'll need a firewall rule allowing your output chain internet access to destination port 80.
by MariusL
Fri Apr 06, 2018 4:31 pm
Forum: Forwarding Protocols
Topic: Firewall rules for LDP (MPLS) [SOLVED]
Replies: 6
Views: 1284

Re: Firewall rules for LDP (MPLS) [SOLVED]

That... is probably it. Of course...
It will select some random high port as source port, and match it as established. I understand now.

Thanks, pe1chl and Anumrak!

- Marius
by MariusL
Fri Apr 06, 2018 4:15 pm
Forum: Forwarding Protocols
Topic: Firewall rules for LDP (MPLS) [SOLVED]
Replies: 6
Views: 1284

Re: Firewall rules for LDP (MPLS) [SOLVED]

Hi Anumrak, I don't quite follow... Du you suggest that i narrow down my firewall rules by selecting an interface? I have other routers conneted to all interfaces of this device, and will want LDP to work for all of them. I have the allow TCP 646 output firewall rule on top of my list, and the count...
by MariusL
Thu Apr 05, 2018 11:45 am
Forum: Forwarding Protocols
Topic: Firewall rules for LDP (MPLS) [SOLVED]
Replies: 6
Views: 1284

Firewall rules for LDP (MPLS) [SOLVED]

Hi guys, According to RFC 5036 section 3.10.1 , LDP uses TCP and UDP port 646 for its communication. I have created 4 firewall rules for this: action=accept chain=input dst-port=646 protocol=tcp action=accept chain=input dst-port=646 protocol=udp action=accept chain=output dst-port=646 protocol=tcp ...