I have CCR1009-7G-1C:
Version 6.41.2
Current Firmware 6.41.2
Last few monthes I have a trouble - router became unavailable from lan and wan (every 2 5 days). I can’t connect to router in case of trouble and make supout.rif (router even no pinging from lan).
Before last reboot, I configed to send all log to external log server. Before reboot router (watchdog pinging lan ip and reboot when it’s unavailable) a find few messages:
“ipsec sendfromto failed: No buffer space available”
I have about 20 active openvpn and l2tp+ipsec connections and nothing special (no bgp/ospf, no mpls)
May be buffer it’s not a reason, but I don’t find another error messages in logs. How to fix this trouble?
I would say, before it can be fixed it first has to be diagnosed.
Maybe you can watch system->resources and see if the free memory has a tendency to drop to zero.
You could also use tools->graphing and graph the resources then watch the memory graph.
(I would advise not to store it on disk to save flash writes, except for a debug session and then later remove it)
Maybe you can find a relation between activity you do and the occurance of the problem.
But I should say I never saw this problem on two CCR1009 I manage and that have quite some activity.
I get info from Zabbix (get by snmp):
RAM: Before reboot it was used 270 MB, after 202. (from 933)
Disk: Used around 47 MB (from 128) and just little changes after reboot.
I try to find the relation, but I can’t. I see many reconnections of l2tp and ovpn clients (many of them work on 3g), but it’s typical and router can work 5 days with no problems…
I know, that it’s difficult to troubleshoot … I have 6 default route with different distances and routing marks (i have 2 ISP on this router and few on another routers). I understand that i can lost default route, but when the problem begin I can’t ping local adress from lan (I have 192.168.2.1/24 on bridge). It begin from lost of packets and after 5-10 minutes totally lost from wan and lan (but watchdog work).
Ok that is a situation similar to what I have on one of my two routers and it runs absolutely stable.
Of course the routes have a gateway specified, not only an interface name.
However, it appears that “no buffer space” is different from running out of memory. Would be difficult to imagine anyway on a CCR.
bulero77 - please don’t take the topic away from the original poster and use search to answer your questions.
Few monthes ago, before upgrade the router, I used 951G with same config and without any problems, but we upgraded it in cause of perfomance.
All my routes (about 60 prefixes) have just interface like gateway. Can it be the reason? When I found a message about buffer space yesterday, I found few post, when disabling ip route cache was a decision of similar problem and I disabled it. Now uptime 1d 09:04:59. Waiting …
Check in IP->ARP if your ARP table has only local addresses and the address(es) of gateways.
When it contains all internet addresses you have visited, all with the same MAC address, you have found a problem.
You need to fix that by putting the gateway address in your default route.
I found the reason, but i don’t understand how to fix it.
[admin@MikroTik] > /ip route cache print
cache-size: 131054
max-cache-size: 131072
When cache-size = max-cache-size router stop working - loses about 70%.
Sometimes I connected to it and saw:
[admin@MikroTik] > /ip route cache print
cache-size: 131087
max-cache-size: 131072
About 5 minutes it works with a huge loses, and after watchdog reboot I saw:
[admin@MikroTik] > /ip route cache print
cache-size: 85
max-cache-size: 131072
A collected data by zabbix - cache-size increase on 20k every 24 hours.
I also have about 20 static routes. Now I changing static routes to ospf.
That’s what I thought. I’m pretty sure your gateway=pppoe-MTS is the problem. The router has to ARP for every destination IP, and also adds the entry to the route cache. Gateway should be an IP address.