We are having an issue with the bridge traffic on a CCR router running 6.34.6 pausing randomly for about a minute. It might be 12 hours between when this happens. The bridge traffic is NAT’d to 3 upstream providers using mangle and everything works great till this happen. After a minute of no data passing, it seems to just pick up where it left off. There are no errors in the logs, and we have exhausted all ideas on how to track down. Because it is so random when it occurs it makes it even harder. We have even tried the current firmware of 6.36.3 to no avail. Is there anyway to get more log messages or something that could point us in the direction of what is causing this to occur. It can occur any time of the day and any traffic load. Any help would be much appreciated.
We turned on debug and logged messages to a remote server and found what is happening, now need help what is causing it and how to stop it from dropping traffic
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug,calc Begin calculation
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug,calc End calculation
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug Begin redistribution
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug Accept withdraw 0.0.0.0/0
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug Accept withdraw 0.0.0.0/0
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug Accept withdraw 0.0.0.0/0
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug Accept withdraw 0.0.0.0/0
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug Commit prefix 0.0.0.0/0
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug Commit prefix 0.0.0.0/0
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug Commit prefix 0.0.0.0/0
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug Commit prefix 0.0.0.0/0
Sep 15 11:19:05 xxx.xxx.xxx.xxx route,debug End redistribution
Firstly, please log a ticket with support@mikrotik.com
Are you running a dynamic routing protocol on the bridge ?
We aren’t using any routing protocols. Only static routes for our 3 uplinks, and the system does create a couple of dynamic routes for our non-routable address on the bridge. The debug just shows some select route sections followed by where it adds or subtract routes, no info as to what is triggering the quick route changes. All the static routes we set up, we do have check ping enabled.
I think we have found the solution. The firewall scripts that are floating around are too restrictive on the ICMP chains which can cause pings to be dropped which normally wouldn’t be a problem until you enable check ping on the gateways for the routes when setting up load balancing. I will know by tomorrow morning.
makes sense. I’ve stopped using gateway checks because of issues like this.
Even worse is the watchdog timeout.
That was definitely the ticket, it has been nice and stable since. @IntrusDave what to you use for load balancing to knock out routes that are down.