Hello,
I am having few problem with routing and I am unaware to solve this issue. There was no problem with the same configuration. I tried restoring backups too.
Problem : One of our server with public IP was down server times that led me to this. I have checked this with other system but same problem and found to be problem in routing, I guess. There is certain interval that our server is not accessible from public network (from internal, there is no any problem), and it comes up automatically. Also If I restart network service it works. Then I tried tracing then it stopped @ our Mikrotik router. I ping our router and gateway, there is no problem in getting reply. But then I ping our ISP DNS and google DNS as well, then I get icmp reply like:
“From [A IP] icmp_seq=11 Redirect HostFrom [A IP: icmp_seq=11 Redirect Host (new nexthop: B IP)”
Model : CRS125-24G-1S-2HnD
Version: 6.32.4
Server: CentOS 7
A IP : Mikrotik IP
B IP : Gateway IP
I am sure of routing problem but as I am not experienced with this routing… need help !
Thanks
It sounds like your network looks something like this:
figure1.png
… where the black arrows represent what the default GW is set to be.
If my drawing is correct, then the problem is that your server is trying to use the wrong device as the default gateway, and the Mikrotik is telling the server to use the Internet router instead. Probably the Mikrotik is doing some NAT on the traffic that’s being “bounced” off of the Mikrotik from the server, and whenever the server decides to use the ICMP-redirected route, the NAT gets broken or something like that -
It’s hard to say for sure exactly what’s going on in your case without more details, but in general, the diagram shows a bad configuration. The host’s default GW should be the Internet router, not the Mikrotik. If you’re trying to access the server without any NAT, then create a static route in the host that points to the LAN’s IP range, and uses the Mikrotik’s IP as the gateway, but leave the default GW set to be the Internet router.
Here’s what the diagram would look like with the host configured as I suggested:
figure2.png
i’ve seen this happen with a hotspot and you have a gateway behind it as i’ve seen it happen with my ISP. They verify by mac and perform NAT filtering to prevent any device behind a NAT or unauthorised from connecting to internet.
Sorry to bump an old thread, but i am also in the same situation. Can you please post the solution again as it is not available anymore.