RB450 and cable access

jakkwb · August 10, 2012, 9:08am

Hello, I have the cable modem attached to this via DHCP client. The port has the IP, the routes have been put in. However, I am not getting any TX from the cable modem, only RX. I know its something simple I am missing…

Thank you.

cbrown · August 10, 2012, 11:01am

Please post /export compact

jakkwb · August 10, 2012, 3:23pm

/interface ethernet
set 0 name=Office-network
set 1 name=PTP-to-H
set 2 disabled=yes name=PTP-to-E
set 3 disabled=yes name=PTP-to-A
set 4 name=Ent5-Suddenlink-1
/interface ethernet switch
set 0 switch-all-ports=no
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m
/ip pool
add name=H-IP-pool ranges=10.92.92.14-10.92.92.254
add name=E-IP-pool ranges=172.16.16.10-172.16.16.254
add name=Office-pool ranges=102.168.68.20-192.168.68.2
/ip dhcp-server
add add-arp=yes address-pool=Office-pool always-broadcast=yes disabled=no
interface=Office-network name=Office-pool
/ip address
add address=192.168.68.0/32 interface=Office-network network=255.255.255.0
/ip dhcp-client
add default-route-distance=0 disabled=no interface=Ent5-Suddenlink-1
/ip dhcp-server network
add address=192.168.68.0/24 dns-server=208.180.42.100,208.180.42.68 gateway=
192.168.68.1 netmask=24
/ip dns
set allow-remote-requests=yes cache-size=10240KiB servers=
208.180.42.100,208.180.42.68
/ip dns static
add address=12.165.234.132 disabled=yes name=tiamat.westweb1.net
add address=66.76.133.251 name=test.westweb1.net
/ip firewall filter
add action=drop chain=forward comment=“Drop invalid connections”
connection-state=invalid
add chain=input comment=“Allow established connections” connection-state=
established in-interface=Ent5-Suddenlink-1 protocol=tcp
add action=drop chain=input comment=“Drop invalid connections”
connection-state=invalid
add chain=input comment=“Allow related connections” connection-state=related
in-interface=Ent5-Suddenlink-1
add chain=input comment=“Allow established connections” connection-state=
established src-address=192.168.68.0/24
add chain=forward comment=“Allow related connections” connection-state=related
/ip firewall nat
add action=masquerade chain=srcnat out-interface=Ent5-Suddenlink-1 src-address=
192.168.68.0/24
/ip neighbor discovery
set PTP-to-E disabled=no
set PTP-to-A disabled=no
/ip route
add distance=1 gateway=Ent5-Suddenlink-1
/system clock
set time-zone-name=CST6CDT
/tool e-mail
set starttls=no

cbrown · August 10, 2012, 3:31pm

You masquerade rule is for 192.168.68.0/24 and your pool is **102.**168.68.20-192.168.68.2. You can remove the src address.

You ip address is also wrong. It should be

/ip address
add address 192.168.68.1/24 interface=Office-network network=192.168.68.0

jakkwb · August 10, 2012, 3:39pm

Awesome! Thanks a million!

It was late and I was tired/frustrated. I knew it was a type or something simple.

Thanks again.

jakkwb · August 13, 2012, 6:11am

OK, so now I am taking the same setup from above and trying to load balance 2 cable WANs (they are both the same, 10MB by 2MB) using this method:

http://aacable.wordpress.com/2011/06/04/mikrotik-4-wan-load-balance-pcc-complete-script-by-zaib/

Both of the cable modems are handing out IPs in the same subnet with same gateway. So, I read that you can connect a router (cheap wireless router) to either of the WAN ports to make it work.

I cannot get it to go. Is there anything I need to do to the wireless router config to make this work?

It appears to be passing data only on one of the two WAN ports. But even still, web pages are painfully slow if they load at all.

If there is a different/better way to do this, I am open to try it.

Any advice would help much.

jakkwb · August 13, 2012, 8:43pm

If it would help for me to post my config, please let me know.

cbrown · August 13, 2012, 9:08pm

Do you always get the same gateway from your provider?

jakkwb · August 13, 2012, 9:40pm

yes. Right now it is dynamically assigned on both cable modems. I have 5 static IPs with the package (not using yet), but they also have the same gateway IP (for both modems).

jakkwb · August 17, 2012, 1:11am

Can someone please direct me to an example where this will work? I need load balancing for two WANs that are in the same subnet and have the same gateway.

Thank you.

jakkwb · August 18, 2012, 6:27am

OK, I am posting an export compact of my config. Perhaps someone can tell me what I am doing wrong:

/interface ethernet
set 0 name=Office-network
set 1 name=PTP-to-H
set 2 disabled=yes name=PTP-to-E
set 3 name=Int4-Suddenlink-2
set 4 name=Int5-Suddenlink-1
/interface ethernet switch
set 0 switch-all-ports=no
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m
/ip pool
add name=H-IP-pool ranges=10.90.90.14-10.90.90.254
add name=E-IP-pool ranges=172.16.16.10-172.16.16.254
add name=Office-pool ranges=192.168.68.2-192.168.68.20
/ip dhcp-server
add add-arp=yes address-pool=Office-pool always-broadcast=yes disabled=no interface=
Office-network name=Office-pool
add add-arp=yes address-pool=H-IP-pool always-broadcast=yes disabled=no
interface=PTP-to-H name=Wireless-network
/ip address
add address=192.168.68.1/24 interface=Office-network
add address=10.90.90.1/23 interface=PTP-to-H
add address=66.76.133.250/32 disabled=yes interface=Int5-Suddenlink-1 network=
66.76.133.0
/ip dhcp-client
add default-route-distance=0 disabled=no interface=Int5-Suddenlink-1
add default-route-distance=0 disabled=no interface=Int4-Suddenlink-2
/ip dhcp-server lease
/ip dhcp-server network
add address=10.90.90.0/23 dns-server=208.180.42.100,208.180.42.68 gateway=10.90.90.1
add address=192.168.68.0/24 dns-server=208.180.42.100,208.180.42.68 gateway=
192.168.68.1 netmask=24
/ip dns
set allow-remote-requests=yes cache-size=10240KiB max-udp-packet-size=512 servers=
208.180.42.68,208.180.42.100
/ip dns static
add address=208.180.42.68 name=rdns01.suddenlink.net
add address=208.180.42.100 name=rdns02.suddenlink.net
add address=192.168.68.1 name=test.w.net
/ip firewall filter
add action=drop chain=forward comment=“Drop invalid connections” connection-state=
invalid
add chain=input comment=“Allow established connections” connection-state=established
in-interface=Int5-Suddenlink-1 protocol=tcp
add chain=input disabled=yes in-interface=Int4-Suddenlink-2 protocol=tcp
add action=drop chain=input comment=“Drop invalid connections” connection-state=
invalid
add chain=input comment=“Allow related connections” connection-state=related
in-interface=Int5-Suddenlink-1
add chain=input disabled=yes in-interface=Int4-Suddenlink-2
add chain=input comment=“Allow established connections” connection-state=established
src-address=192.168.68.0/24
add chain=input src-address=10.90.90.0/23
add chain=forward comment=“Allow related connections” connection-state=related
/ip firewall mangle
add action=mark-connection chain=input in-interface=Int5-Suddenlink-1
new-connection-mark=WAN1_conn passthrough=no
add action=mark-connection chain=input in-interface=Int4-Suddenlink-2
new-connection-mark=WAN2_conn passthrough=no
add action=mark-routing chain=output connection-mark=WAN1_conn new-routing-mark=
to_WAN1 passthrough=no
add action=mark-routing chain=output connection-mark=WAN2_conn new-routing-mark=
to_WAN2 passthrough=no
add chain=prerouting dst-address=74.193.252.0/22 in-interface=Office-network
add chain=prerouting dst-address=192.168.1.0/24 in-interface=Office-network
add action=mark-connection chain=prerouting dst-address-type=!local fragment=no
in-interface=!Office-network new-connection-mark=WAN1_conn
per-connection-classifier=both-addresses-and-ports:4/0
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=
!Office-network new-connection-mark=WAN2_conn per-connection-classifier=
both-addresses-and-ports:4/1
add action=mark-routing chain=prerouting connection-mark=WAN1_conn in-interface=
Office-network new-routing-mark=to_WAN1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=WAN2_conn in-interface=
Office-network new-routing-mark=to_WAN2 passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat out-interface=Int5-Suddenlink-1
add action=masquerade chain=srcnat out-interface=Int4-Suddenlink-2
/ip neighbor discovery
set PTP-to-E disabled=no
/ip route
add check-gateway=ping distance=1 gateway=Int5-Suddenlink-1 routing-mark=to_WAN1
add check-gateway=ping distance=1 gateway=Int4-Suddenlink-2 routing-mark=to_WAN2
add check-gateway=ping distance=1 gateway=Int5-Suddenlink-1
add check-gateway=ping distance=2 gateway=Int4-Suddenlink-2
add comment=“Leave this” distance=1 dst-address=172.16.16.0/24 gateway=10.90.90.9
/system clock
set time-zone-name=CST6CDT
/tool e-mail
set starttls=no
[admin@MikroTik] >

jakkwb · August 20, 2012, 4:05pm

These two lines have zero on all counters:

add chain=prerouting dst-address=74.193.252.0/22 in-interface=Office-network
add chain=prerouting dst-address=192.168.1.0/24 in-interface=Office-network

Any advice?

cbrown · August 20, 2012, 7:15pm

For your routes you will need to set your gateway to use a specific wan. For example if your gateway is 1.1.1.1 on ether2 your gateway would be 1.1.1.1%ether2

You will need to do this for each route for your load balancing.