Default gateway from a different subnet marked unreachable

RouterOS General
1

Hello!

I have MikroTik RB951G-2HnD with RouterOS v6.17.

My ISP issues public IPs via DHCP on Ethernet.

The problem is that the default gateway (DG) the ISP gives me is on the different subnet than the interface IP and RouterOS marks the DG as unreachable.

In fact, the DG is directly reachable via the WAN interface (I suspect, the ISP uses an ARP proxy for that).

That is, the ISP gives me:

  • IP 94.x.x.x
  • subnet mask 255.255.255.255 (DHCP option 1)
  • DG 109.x.x.x (option 3)
  • classless route 109.x.x.0/24:94.x.x.x (option 121)

I use add-default-route=special-classless setting for DHCP client in RouterOS. DHCP client adds the DG and it's pingable, but the route is inactive.

The classless route to 109.x.x.0/24 is also added and must act as a route to the DG, but this doesn't happen. The manual states:

Routes with interface name as the value of gateway are not used for nexthop lookup. If route has both interface nexthops and active IP address nexthops, then interface nexthops are ignored.

Previously I was using a FreeBSD PC as a router and it worked normally in such configuration.

I've found a manual workaround:

/ip address add address=94.x.x.x network=109.x.x.x interface=wan

After that I have 2 copies of the IP on the WAN interface, one dynamic and one static. A connected route to 109.x.x.x appears, the DG then becomes reachable and everything works good.

But if the ISP change the DG, I will have to reconfigure.

Any ideas how to fix the problem in a more robust way?

Thanks in advance.

Details of my config:

/interface print
Flags: D - dynamic, X - disabled, R - running, S - slave

NAME TYPE MTU L2MTU MAX-L2MTU

0 RS lan0 ether 1500 1598 4074
1 RS lan1 ether 1500 1598 4074
2 RS lan2 ether 1500 1598 4074
3 S lan3 ether 1500 1598 4074
4 R wan ether 1500 1598 4074
5 RS wlan1 wlan 1500 2290
6 R bridge-local bridge 1500 1598

/ip dhcp-client print detail
Flags: X - disabled, I - invalid
0 interface=wan add-default-route=special-classless default-route-distance=0
use-peer-dns=yes use-peer-ntp=yes dhcp-options=hostname,clientid
status=bound address=94.x.x.x/32 gateway=109.x.x.x
dhcp-server=109.x.x.x primary-dns=192.168.12.1
secondary-dns=192.168.13.1 expires-after=57m25s
/ip address print detail
Flags: X - disabled, I - invalid, D - dynamic
0 address=192.168.0.55/24 network=192.168.0.0 interface=wlan1
actual-interface=bridge-local

1 address=192.168.0.1/24 network=192.168.0.0 interface=lan0
actual-interface=bridge-local

2 D address=94.x.x.x/32 network=94.x.x.x interface=wan
actual-interface=wan

/ip route print detail
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
0 DS dst-address=0.0.0.0/0 gateway=109.x.x.x
gateway-status=109.x.x.x unreachable distance=0 scope=30
target-scope=10 vrf-interface=wan

1 ADC dst-address=94.x.x.x/32 pref-src=94.x.x.x gateway=wan
gateway-status=wan reachable distance=0 scope=10

2 ADS dst-address=109.x.x.0/24 gateway=wan gateway-status=wan reachable
distance=0 scope=30 target-scope=10

3 ADC dst-address=192.168.0.0/24 pref-src=192.168.0.1 gateway=bridge-local
gateway-status=bridge-local reachable distance=0 scope=10