pppoe-out connection

Cvan · August 21, 2018, 5:31am

Our pppoe-out internet connection has gone down twice now over the past two weeks.
Each time for nearly exactly 60 seconds. What red flags should be raised? What additional logging/actions should be taken?
Talked to the ISP and they said no known network outages during those times…

mkx · August 21, 2018, 5:49am

What exactly is in the log with regard to pppoe behaviour?

Cvan · August 21, 2018, 6:10am

pppoe, ppp, info pppoe-out1:terminating… disconnected
pppoe, ppp, info pppoe-out1:disonnected
pppoe, ppp, info pppoe-out1:connecting
pppoe, ppp, info pppoe-out1:terminating…

etc; exact details in attached image

mkx · August 21, 2018, 6:53am

Weird indeed.

Is ROS version on your RB device current?

Anumrak · August 21, 2018, 12:00pm

Is there a port isolation on access switch? Some bad user can spoof BRAS mac address.

Cvan · August 22, 2018, 1:57am

Port based VLAN isolation setup. My concern is if this is an attack of some sort

ROS version stable 6.42.6

Steveocee · August 22, 2018, 12:51pm

Are you sure it is PPPoE related and not that the carrier link has gone down? What technology are you connecting over?

Cvan · August 23, 2018, 4:11am

Fiber (FTTP)

Not really sure if it is carrier or not. So asking what tools available can I use to unveil such mysteries..?

Anumrak · August 23, 2018, 11:57am

Use torch in tools.

Cvan · August 23, 2018, 11:05pm

Maybe, how can I log to file every time our connection drops out from the carrier/ISP??

We keep losing our L2TP tunnel as well and have to constantly rebuild the tunnel and reset the FW rules..

Anumrak · August 24, 2018, 11:47am

In “log” or use script made by yourself.

https://wiki.mikrotik.com/wiki/Manual%3ASystem/Log

Cvan · August 26, 2018, 6:32am

I am thinking more of a script that will send an email or SMS message to me when specific conditions are met.
Surely there is a way to send an HTTP request from router OS when a log event or fw event is triggered…?

nostromog · August 27, 2018, 3:09pm

One way to force script execution when a connection changes state is to use the on-up / on-down attributes of the /ppp profiles.

So you could have something like:

/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 max-mru=1500 max-mtu=1500 mrru=1614 name=pppoe-out1 password=****** \
    profile=myprovider service-name=********* use-peer-dns=yes user=*********
/ppp profile
add change-tcp-mss=yes name=myprovider on-up=new-ip
/system script
add dont-require-permissions=no name=new-ip owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    source="..."

I have dynamic WAN IP addresses in one MT router, so I’m using it to get the new address and modify some ipsec policies, firewall rules, etc. needing the WAN ip.
You could use it with /tool fetch to send a HTTP(S) request, etc.

Cvan · August 30, 2018, 12:21am

Good answer!, thanks for that.