[SOLVED] Strange problem, can't ping gateway.

synet2k · August 5, 2016, 6:46pm

Hi,

I was using RB600A. Due to port limitation, I decided to change to replace it with RB2011iLS.

I set public IP to 2xx.1xx.1xx.2/25 to ether1, GW 2xx.1xx.1xx.1 and the rest of the ports are slave switch and bridged. I can ping any other IP within the /25 except .1 which is the router at my ISP. I am using the same configuration as my RB600A and it works on RB600A.

The servers connected to the rest of the ports with the same subnet (/25) can be access from the internet except the IP assigned to my RB2011iLS. Any idea what’s wrong? How and where I should start troubleshooting? Thanks.

IntrusDave · August 5, 2016, 10:51pm

Are you just using the RB2011 as a switch? or are you routing?
Can you export the bridge and ethernet config?

synet2k · August 7, 2016, 4:22am

I'm not routing anything at the moment, I'm just using it as switch.

[MikroTik] > /interface bridge print
Flags: X - disabled, R - running
0 R ;;; defconf
name="bridge" mtu=auto actual-mtu=1500 l2mtu=1598 arp=enabled arp-timeout=auto mac-address=D4:CA:6D:0B:74:65 protocol-mode=rstp priority=0x8000 auto-mac=no admin-mac=D4:CA:6D:0B:74:65 max-message-age=20s forward-delay=15s transmit-hold-count=6
ageing-time=5m

[MikroTik] > /interface ethernet print
Flags: X - disabled, R - running, S - slave

NAME MTU MAC-ADDRESS ARP MASTER-PORT SWITCH

0 RS ether1-master 1500 D4:CA:6D:0B:74:64 enabled none switch1
1 S ether2 1500 D4:CA:6D:0B:74:65 enabled ether1-master switch1
2 S ether3 1500 D4:CA:6D:0B:74:66 enabled ether1-master switch1
3 S ether4 1500 D4:CA:6D:0B:74:67 enabled ether1-master switch1
4 RS ether5-to-switch 1500 D4:CA:6D:0B:74:68 enabled ether1-master switch1
5 RS ether6-117 1500 D4:CA:6D:0B:74:69 enabled none switch2
6 RS ether7-202 1500 D4:CA:6D:0B:74:6A enabled ether6-117 switch2
7 RS ether8 1500 D4:CA:6D:0B:74:6B enabled ether6-117 switch2
8 RS ether9 1500 D4:CA:6D:0B:74:6C enabled ether6-117 switch2
9 S ether10 1500 D4:CA:6D:0B:74:6D enabled ether6-117 switch2
10 X sfp1 1500 D4:CA:6D:0B:74:63 enabled none switch1

BlackVS · August 7, 2016, 4:44am

May be your provider uses MAC locking. In such case you have to call provider and ask unblock new MAC (some providers allow this to do online. Sometime they charge additional costs for this ^). Or change ether1 RB2011 MAC to the equal on RB600A WAN port one.

IntrusDave · August 7, 2016, 5:33am

You need to put ether1 and ether5 into the bridge, then assign the IP address to the bridge, not the port.

BlackVS · August 7, 2016, 6:41am

ether1 and ether6 you mean I think (both master ports).
Because ether5 is already a slave of ether1…

IntrusDave · August 7, 2016, 7:00am

yes. I did mean ether6

synet2k · August 7, 2016, 12:22pm

For your information, and I did assign the IP to the bridge. The rest of the machine within the same subnet can access to RB2011 and vice versa except .1 which is the ISP gateway.

Bridge1=Ether1,Ether6

Swicth1
Ether1=master
Ether2=slave
Ether3=slave
Ether4=slave
Ether5=slave

Swicth2
Ether6=master
Ether7=slave
Ether8=slave
Ether9=slave
Ether10=slave

synet2k · August 7, 2016, 12:38pm

Thank you Sir! You are right! I think the ISP is locking the MAC address, I set the MAC address of my RB600A to the Bridge and it works. Thanks again.

IntrusDave · August 7, 2016, 2:31pm

Happy you are up and running!

pe1chl · August 7, 2016, 3:12pm

It is not certain it is really locking it, when the provider uses Cisco equipment it can take quite long before
it switches to a new MAC address because the ARP lifetime is quite long and the outgoing ARP does not
learn from incoming ARP requests. So it could have been it started working when you left it connected for
a couple of hours.

synet2k · August 8, 2016, 4:14am

The RB2011 is connected to the up link for more than 48hours and still not working. Anyway, I’ve told the ISP to look into this matter, thanks for dropping by.