Ether1 stops working

eddyw · October 18, 2017, 3:50pm

I have what is probably a stupid issue. We are trying to create a default custom config for our customers.

I take a new Mikrotik Router (hEX Lite or hEX Poe Lite) and connect it to our test connection. The router works fine. Pulls an IP and I can connect to the Internet without issue.

I go to SYSTEM => RESET CONFIGURATION. Select “No Default Configuration” and click Reset Configuration.
I then paste in our custom config which is listed below. (Obviously names and IPs have been changed to protect the ignorant.) Ether1 gets an IP from the DHCP server on our CCR1036. After a couple of minutes ether1 shows no link and cannot get an IP. Rebooting the hEX does not help. I can reconfigure the DHCP client to another interface, move the cable and get an IP. I reset the configuration again and do NOT select anything so that it will have the default config. Ether1 still does not work. It still shows no link and cannot get an IP. I verify that Ether1 has a DHCP client and that it is not slaved to another port or any weirdness like that. I have three Mikrotik routers on my bench with this same issue and a few at customer sites where I reconfigured them to use a different port. Any suggestions would be appreciated.

/snmp community
set [ find default=yes ] addresses=10.10.10.153/32 name=************
/ip address
add address=192.168.1.1/24 interface=ether2 network=192.168.1.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes servers=10.10.10.151
/ip firewall address-list
add address=10.20.20.0/24 list=Support
add address=10.10.10.0/24 list=Support
/ip firewall filter
add action=fasttrack-connection chain=forward
add action=accept chain=input comment="Full access to SUPPORT address list" src-address-list=Support
add action=accept chain=input comment="Accept DNS - UDP" in-interface=!ether1 port=53 protocol=udp
add action=accept chain=input comment="Accept DNS - TCP" in-interface=!ether1 port=53 protocol=tcp
add action=accept chain=input comment="Accept to established connections" connection-state=established
add action=accept chain=input comment="Accept to related connections" connection-state=related
add action=accept chain=input comment="SNMP" dst-port=161 in-interface=ether1 protocol=udp src-address=10.10.10.153
add action=accept chain=input in-interface=ether1 protocol=icmp src-address-list=Support
add action=drop chain=input comment="Default Drop All To Input"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
/ip smb
set allow-guests=no
/ip smb shares
set [ find default=yes ] directory=/pub
/system clock
set time-zone-name=America/Chicago
/system ntp client
set enabled=yes server-dns-names=pool.ntp.org,time.nist.gov

cdiedrich · October 22, 2017, 5:32pm

I had this issue (no link - looking like a fried interface) with a couple of hAP lites (I know, completely different platform, but still the same symptom) a few months ago.
I did’t really figure why it happened but a NetInstall with my config applied directly during the Install process did help, they’re still running.

Hope that helps you too,
-Chris

eddyw · October 24, 2017, 6:43pm

Chris,
Thanks for the reply.

I have successfully used Netinstall once. That was several months ago. Today I have tried several times with no luck. I set an IP on the laptop and put an IP in “Net booting” on the Mikrotik. (192.168.1.22 - Laptop 192.168.1.20 Mikrotik 255.255.255.0 Mask) I also checked “Boot Server enabled”. I plugged the ethernet cable from the laptop to ether1 on the Mikrotik. The Mikrotik never showed up in Netinstall. I tried watching with Wireshark and I see a lot of “DHCP Discover” from the Mikrotik, but the laptop never responds, so I assume I have set something set up wrong. The instructions for Netinstall look pretty basic so I don’t know where I messed up.

cdiedrich · October 24, 2017, 6:46pm

What helps me in such (rare) situations:
Making sure the machine running netInstall has a static IP address assigned on that particular interface
Putting a dumb switch between device and the machine running NetInstall
Disable Windoze Firewall

Good luck
-Chris

eddyw · November 14, 2017, 2:27pm

Still cannot get three of these routers to work, I have found that the MAC addresses on these are very close together. xx:xx:xx:xx:xy:yy (y represents the differences)
I think I got a bad run. Just gonna call them bad and move on.