Hello,
Looking for some technical help. I upgraded my CRS125-24G-1S from 6.32.2 to 6.33.3, but now I can’t seem to route between some internal subnets.
As an example, from the CLI on the router, we have the following IP addresses on the router:
Router> ip address print detail
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; Routed /30
address=192.171.61.117/30 network=192.171.61.116 interface=br-vlan20 actual-interface=br-vlan20
1 ;;; NAT Subnet
address=192.168.1.1/24 network=192.168.1.0 interface=br-vlan10 actual-interface=br-vlan10
2 ;;; Mgmt Subnet
address=192.168.2.1/30 network=192.168.2.0 interface=gi2 actual-interface=gi2
3 D address=69.165.165.24/32 network=206.248.155.132 interface=ISP actual-interface=ISP
The routes are all present and show as connected:
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 206.248.155.132 1
1 ADC 192.168.1.0/24 192.168.1.1 br-vlan10 0
2 ADC 192.168.2.0/30 192.168.2.1 gi2 0
3 ADC 192.171.61.116/30 192.171.61.117 br-vlan20 0
4 ADC 206.248.155.132/32 69.165.165.24 ISP 0
The following hosts are alive, well and reachable from the router:
Router> ping count=3 192.168.1.3
SEQ HOST SIZE TTL TIME STATUS
0 192.168.1.3 56 64 0ms
1 192.168.1.3 56 64 0ms
2 192.168.1.3 56 64 0ms
sent=3 received=3 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=0ms
Router> ping count=3 192.168.2.2
SEQ HOST SIZE TTL TIME STATUS
0 192.168.2.2 56 64 0ms
1 192.168.2.2 56 64 0ms
2 192.168.2.2 56 64 0ms
sent=3 received=3 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=0ms
Router> ping count=3 192.171.61.118
SEQ HOST SIZE TTL TIME STATUS
0 192.171.61.118 56 64 0ms
1 192.171.61.118 56 64 0ms
2 192.171.61.118 56 64 0ms
sent=3 received=3 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=0ms
So lets just pick a few source addresses on the router and try to reach some of these hosts from different interfaces on the router:
Reachability using 192.168.1.1 as the source
Router> ping count=3 src-address=192.168.1.1 192.171.61.118
SEQ HOST SIZE TTL TIME STATUS
0 192.171.61.118 timeout
1 192.171.61.118 timeout
2 192.171.61.118 timeout
sent=3 received=0 packet-loss=100%
Router> ping count=3 src-address=192.168.1.1 192.168.2.2
SEQ HOST SIZE TTL TIME STATUS
0 192.168.2.2 56 64 0ms
1 192.168.2.2 56 64 0ms
2 192.168.2.2 56 64 0ms
sent=3 received=3 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=0ms
Router> ping count=3 src-address=192.168.1.1 206.248.155.132
SEQ HOST SIZE TTL TIME STATUS
0 206.248.155.132 56 64 11ms
1 206.248.155.132 56 64 11ms
2 206.248.155.132 56 64 11ms
sent=3 received=3 packet-loss=0% min-rtt=11ms avg-rtt=11ms max-rtt=11ms
Reachability using 192.168.2.1 as the source
Router> ping count=3 src-address=192.168.2.1 192.171.61.118
SEQ HOST SIZE TTL TIME STATUS
0 192.171.61.118 timeout
1 192.171.61.118 timeout
2 192.171.61.118 timeout
sent=3 received=0 packet-loss=100%
Router> ping count=3 src-address=192.168.2.1 192.168.1.1
SEQ HOST SIZE TTL TIME STATUS
0 192.168.1.1 56 64 0ms
1 192.168.1.1 56 64 0ms
2 192.168.1.1 56 64 0ms
sent=3 received=3 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=0ms
Note: 206.248.155.132 is not expected to be reachable from 192.168.2.0/30
Reachability using 192.171.61.117 as the source
Router> ping count=3 src-address=192.171.61.117 192.168.1.3
SEQ HOST SIZE TTL TIME STATUS
0 192.168.1.3 timeout
1 192.168.1.3 timeout
2 192.168.1.3 timeout
sent=3 received=0 packet-loss=100%
Router> ping count=3 src-address=192.171.61.117 192.168.2.2
SEQ HOST SIZE TTL TIME STATUS
0 192.168.2.2 timeout
1 192.168.2.2 timeout
2 192.168.2.2 timeout
sent=3 received=0 packet-loss=100%
Router> ping count=3 src-address=192.171.61.117 206.248.155.132
SEQ HOST SIZE TTL TIME STATUS
0 206.248.155.132 56 64 11ms
1 206.248.155.132 56 64 11ms
2 206.248.155.132 56 64 10ms
sent=3 received=3 packet-loss=0% min-rtt=10ms avg-rtt=10ms max-rtt=11ms
So the question then is why can’t hosts/interfaces on the directly connected subnet 192.168.2.0/30 and 192.168.1.0/24 reach hosts/interfaces on the directly connected subnet 192.171.61.116/30? This worked just fine before the upgrade, that is the only thing that has changed (and yes, if I revert to 6.32.2, it works again!)
Many thanks for any suggestions!