RouterOS v7 Beta 3 - PPPOE WAN Intermittently Not Passing Traffic

RouterOS RouterOS beta
1

Hello All,

I upgraded my Cloud Core 1016 from v6.45.7 to v7 Beta 3 and my PPPOE WAN started acting up. Oddly enough I can ping out, resolve DNS, but browsing is intermittent from client computers (whether on VLAN or not). Remote management of Mikrotik works fine and Remote Desktop or TeamViewer to a computer behind the Mikrotik works fine. Watching the interface Status while trying to pass traffic, I can see it is at 0 kbps a majority of the time (both ether11 and pppoe-out). The routes look to be broken or at least not reporting right in the Route List.

I tried defaulting the config and rebuilding thinking syntax or something changed causing my issues. Still encountered the same behavior.

Adjusted firewall rules, no change.

Upon downgrading back to 6.45.7 everything works again immediately after the reboot.


Hopefully the attachments help. I am willing to try and supply any additional information / testing needed to help as well. Any help is greatly appreciated.

Regards,
Eric
export_config.txt (5.35 KB)
CCR1016_ROSv7_RoutesList.jpg
CCR1016_ROSv7_IP_Int_Routes.jpg
CCR1016_ROSv7_Log.jpg
CCR1016_ROSv7_NextHops.jpg
CCR1016_ROSv7_Resources.jpg

2

Encountered something similar, I’ve sent an email describing what I could, I’m no network guru.
Easy test is to try to open this forum and u’ll see it gets stuck at the SSL part (other sites behave the same), I don’t know how to debug this so I’ve sent two packet captures, but no reply yet.
But, if you add this in the firewall

/ip firewall mangle
add action=change-mss chain=forward new-mss=clamp-to-pmtu passthrough=yes \
out-interface=pppoe-client1 protocol=tcp tcp-flags=syn

It works. I’ve written in the mail too that maybe some bits from 6.39 and 6.39.2 are left out or something because that’s the time these rules weren’t needed anymore (even though they were added dynamically before that, as I recall)
That’s why i think it has something to do with MSS.

3

Znevna, Thank you for the fix. It worked like a charm! I upgraded back to v7 Beta 3, tested, applied the fix, and tested again. I think I need to read up on PPPOE and ISP usage a bit more, as I do not have a really good understanding of it. I know its a tunnel of sorts.

Thanks again for the help. Once I have a bit more knowledge on PPPOE I will try and debug it.

4

Welcome, I’m staying away of v7 for the moment because of this, I don’t know what else might not work as expected.
After 6.39 the “change-tcp-mss=yes” from the profile assigned to that ppp interface was supposed to take care internally of this but somehow it doesn’t work right atm.
6.39:
!) ppp - implemented internal algorithm for “change-mss”, no mangle rules necessary;
6.39.2:
*) ppp - fixed “change-mss” functionality (introduced in 6.39);
6.41:
*) ppp - fixed “change-mss” functionality when MSS option is missing on forwrded packets;
6.41.1:
*) ppp - fixed change-mss functionality in some specific traffic (introduced in v6.41);

Waiting for the beta with this fixed.
Cheers.