MAC & IP forwarding behaviour

peretuset · June 12, 2023, 8:24pm

Hello MikroTik forum,

Today I have noticed a strange behaviour with forwarding of IP packets while using RouterOS v7.10rc5.

I have a CCR2004 router connected to a L3 switch through two point-to-point connections using SFP+ interfaces. Each connection between the switch and the router has a /30 network address (i.e., 10.0.1.0/30 and 10.0.2.0/30, respectively). In addition, each side has two loopback interfaces: the router has 1.1.1.1/32 and 3.3.3.3/32, whereas the switch has 2.2.2.2/32 and 4.4.4.4/32. Also, both devices have routes towards the loopbacks through the directly connected networks. Everything works fine except from one important aspect.

To set IP addresses on the ports, the switch is running the “no switchport” command on each interface. When running such command I observe that all the physical interfaces of the switch share the same MAC address (D8:5B:22:02:46:93). In particular, eth-0-17 and eth-0-18 interfaces on the switch are configured as “no switchport” with IP 10.0.1.2 and IP 10.0.2.2, respectively, and share the same MAC address D8:5B:22:02:46:93.

Now, when I look at the ARP table and routing table of the CCR2004 router I see the following:

[admin@MikroTik] > ip arp/print
Flags: D, P - PUBLISHED; C - COMPLETE
Columns: ADDRESS, MAC-ADDRESS, INTERFACE
#    ADDRESS          MAC-ADDRESS        INTERFACE
0 DC 10.0.1.2         D8:5B:22:02:46:93  sfp-sfpplus7
1 DC 10.0.2.2         D8:5B:22:02:46:93  sfp-sfpplus8

[admin@MikroTik] > ip route/print
Flags: D - DYNAMIC; A - ACTIVE; c, s, y - BGP-MPLS-VPN
Columns: DST-ADDRESS, GATEWAY, DISTANCE
#     DST-ADDRESS       GATEWAY        DISTANCE
  DAc 1.1.1.1/32        loopback0             0
0  As 2.2.2.2/32        10.0.1.2              1
  DAc 3.3.3.3/32        loopback0             0
1  As 4.4.4.4/32        10.0.2.2              1
  DAc 10.0.1.0/30       sfp-sfpplus7          0
  DAc 10.0.2.0/30       sfp-sfpplus8          0

As far as I can tell, the router knows how to send packets to 2.2.2.2 and 4.4.4.4 through the respective gateways and interfaces (i.e., 2.2.2.2 via 10.0.1.2, which translates to 10.0.1.0/30 and interface sfp-sfpplus7, and 4.4.4.4 via 10.0.2.2, which translates to 10.0.2.0 and interface sfp-sfpplus8). However, when I run traffic to both IP destinations the router it will forward all packets through interface sfp-sfpplus7 since the MAC address is resolved to D8:5B:22:02:46:93, which has been learned from sfp-sfpplus7 first.

What am I missing here? Shouldn’t the router send the packets to 10.0.2.0/30 using the sfp-sfpplus8 interface even though it is learning that the D8:5B:22:02:46:93 MAC address is also available through sfp-sfpplus7?

Thanks!

Pere

wiseroute · June 13, 2023, 6:06am

hello pere

What am I missing here? Shouldn’t the router send the packets to 10.0.2.0/30 using the sfp-sfpplus8 interface even though it is learning that the D8:5B:22:02:46:93 MAC address is also available through sfp-sfpplus7?

well sometimes resolving a layer 2 problem much harder then those in routing.

we don’t have any idea what address is sfp8?

and, it’s not a common link between back to back devices using 2 interfaces other than lacp/bonding/aggregate whatever they called it. and added to the complexity was those 2 loopback routes.

loops are very common in layer 2 even in layer 3.

in your lab, m/r/stp might be playing its function?
or interface order/index on the kernel?

just a thought