The issue described in http://forum.mikrotik.com/t/bgp-sessions-close-when-another-session-to-the-same-ip-closes/175478/1 has become much worse in 7.16
(BGP sessions close when another session closes)
In previous versions it appeared to affect only BGP sessions with the same local IP, now it sometimes affects ALL sessions…
When a peer on L2TP/IPsec disconnects because their public IP has changed and they re-establish the L2TP/IPsec session, I have observed several times that all BGP sessions (15 total) go to Idle state and have to re-connect.
Nobody else noticed that?
On my CCR2116-12G-4S+ all 3 BGP session (2 IPv4 and 1 IPv6) still up from when I install 7.16 (upgraded from 7.15.3) 8 days ago,
despite the fact some IPsec session keep disconnecting when they are not used.
Does that also result in a BGP disconnect? In case BGP is running with 180s hold time it may be that the BGP session survives during the restart of a tunnel.
In my case the downtime is too long for that (it is caused by scheduled restart of a 5G gateway to cover the daily change of IP by the mobile provider), the connection closes, and all others go to “Idle” state. That is only visible when you add a logging entry like this:
/system logging
add topics=bgp,debug,!packet,!timer
Done, when something is come up I let you know.
SYSTEM: log rule added by winbox-3.41/tcp-msg(winbox):rex@222.173.190.239/terminal (*2D = /system logging add topics=bgp,debug,!packet,!timer)
???
TEST: Fastweb IPv6-1 {l_addr: 2a03:dead:beef::1, r_addr: 2001:beef::dead} Starter {openOk: false} Unsupported capability received, code: 128
???
128: Prestandard Route Refresh (deprecated)
Apparently enabling bgp logging dropped my IPv6 BGP session…
No, that is a bug. It is not related to the logging, it is just that you now see what is happening.
Ever since using v7 connected to v6 I have seen those issues…
PPPoE is not adding a default gateway?
You are right, I hadn’t noticed because this is a service line, not in production, (otherwise I wouldn’t have installed the 7.16 that just came out…).
Apparently the session breaks if an IP changes or is added to any virtual interface.
HI,
I was also hoping to resolve the problem with the Wifi:
SA Query timeout…
I keep having disconnections
Is the only solution to downgrade to 7.14.3?
Thanks
How many AP’s do you have?
I have only hap AX3. I don’t use Capsman
Can you export wireless config here?
This is my export:
/interface wifi channel
add band=5ghz-ax disabled=no frequency=5660,5700,5680 name=5Ghz-Andrea \
skip-dfs-channels=10min-cac width=20/40/80mhz
add disabled=no frequency=2412,2437,2472 name=2Ghz-Default width=20mhz
add disabled=no frequency=5180,5260,5500 name=5Ghz-Default width=20/40/80mhz
/interface wifi configuration
add channel.frequency=5540,5500,5260 .width=20/40/80mhz disabled=no mode=ap \
name=5G-Andrea security.authentication-types=wpa2-psk,wpa3-psk ssid=\
Wifi-Andrea
add channel.frequency=2462,2437 .width=20/40mhz disabled=no mode=ap name=\
2G-Andrea security.authentication-types=wpa2-psk,wpa3-psk ssid=\
Wifi-Andrea
add channel.skip-dfs-channels=10min-cac .width=20/40/80mhz disabled=no mode=\
ap name=5Ghz security.authentication-types=wpa2-psk,wpa3-psk ssid=\
Wifi-Andrea
add channel.band=2ghz-ax .frequency=2426-2448,2401-2423,2451-2473 .width=\
20/40mhz-Ce disabled=no mode=ap name=2.4Ghz \
security.authentication-types=wpa2-psk,wpa3-psk ssid=Wifi-Andrea
/interface wifi
set [ find default-name=wifi1 ] configuration=5Ghz configuration.mode=ap \
disabled=no name=wifi1-5Ghz
set [ find default-name=wifi2 ] channel.frequency=\
2426-2448,2401-2423,2451-2473 configuration=2.4Ghz configuration.mode=ap \
disabled=no name=wifi2-2.4Ghz
/interface wifi datapath
add bridge=bridge_LAN disabled=no name=private-LAN
add bridge=bridge_LAN client-isolation=no comment=IoT disabled=no name=\
vlan80-IoT vlan-id=80
/interface wifi security
add authentication-types=wpa2-psk,wpa3-psk disable-pmkid=no disabled=no name=\
IoT wps=disable
add authentication-types=wpa2-psk,wpa3-psk disabled=no name=Home wps=disable
/interface wifi configuration
add datapath=vlan80-IoT disabled=no hide-ssid=yes mode=ap name=IoT security=\
IoT ssid=IoT
/interface wifi
add channel.frequency=2412,2432,2472 configuration=IoT configuration.mode=ap \
disabled=no mac-address=4A:A9:8A:BC:A6:91 master-interface=wifi2-2.4Ghz \
name=wifi-IoT-2Ghz
add configuration=IoT configuration.mode=ap disabled=no mac-address=\
4A:A9:8A:BC:A6:90 master-interface=wifi1-5Ghz name=wifi-IoT-5Ghz
/interface wifi cap
set caps-man-addresses=127.0.0.1 certificate=request discovery-interfaces=all
/interface wifi capsman
set package-path="" require-peer-certificate=no upgrade-policy=none
Even with a fixed router-id set?
In your config you have
/interface wifi configuration
add channel.skip-dfs-channels=10min-cac .width=20/40/80mhz disabled=no mode=
ap name=5Ghz security.authentication-types=wpa2-psk,wpa3-psk ssid=
Wifi-Andrea
and then you have
/interface wifi
set [ find default-name=wifi1 ] configuration=5Ghz configuration.mode=ap
disabled=no name=wifi1-5Ghz
You are missing the frequencies in the /interface wifi configuration
I bet that the cause is wpa3
Hi,
now channels are specified
/interface wifi channel
add band=5ghz-ax disabled=no frequency=5660,5700,5680 name=5Ghz-Andrea \
skip-dfs-channels=10min-cac width=20/40/80mhz
add disabled=no frequency=2412,2437,2472 name=2Ghz-Default width=20mhz
add disabled=no frequency=5180,5260,5500 name=5Ghz-Default width=20/40/80mhz
/interface wifi configuration
add channel.frequency=5540,5500,5260 .width=20/40/80mhz disabled=no mode=ap \
name=5G-Andrea security.authentication-types=wpa2-psk,wpa3-psk ssid=\
Wifi-Andrea
add channel.frequency=2462,2437 .width=20/40mhz disabled=no mode=ap name=\
2G-Andrea security.authentication-types=wpa2-psk,wpa3-psk ssid=\
Wifi-Andrea
add channel=5Ghz-Andrea channel.skip-dfs-channels=10min-cac .width=\
20/40/80mhz disabled=no mode=ap name=5Ghz security.authentication-types=\
wpa2-psk,wpa3-psk ssid=Wifi-Andrea
add channel.band=2ghz-ax .frequency=2426-2448,2401-2423,2451-2473 .width=\
20/40mhz-Ce disabled=no mode=ap name=2.4Ghz \
security.authentication-types=wpa2-psk,wpa3-psk ssid=Wifi-Andrea
/interface wifi
set [ find default-name=wifi1 ] configuration=5Ghz configuration.mode=ap \
disabled=no name=wifi1-5Ghz
set [ find default-name=wifi2 ] channel.frequency=\
2426-2448,2401-2423,2451-2473 configuration=2.4Ghz configuration.mode=ap \
disabled=no name=wifi2-2.4Ghz
/interface wifi datapath
add bridge=bridge_LAN disabled=no name=private-LAN
add bridge=bridge_LAN client-isolation=no comment=IoT disabled=no name=\
vlan80-IoT vlan-id=80
/interface wifi security
add authentication-types=wpa2-psk,wpa3-psk disable-pmkid=no disabled=no name=\
IoT wps=disable
add authentication-types=wpa2-psk,wpa3-psk disabled=no name=Home wps=disable
/interface wifi configuration
add datapath=vlan80-IoT disabled=no hide-ssid=yes mode=ap name=IoT security=\
IoT ssid=IoT
/interface wifi
add channel.frequency=2412,2432,2472 configuration=IoT configuration.mode=ap \
disabled=no mac-address=4A:A9:8A:BC:A6:91 master-interface=wifi2-2.4Ghz \
name=wifi-IoT-2Ghz
add configuration=IoT configuration.mode=ap disabled=no mac-address=\
4A:A9:8A:BC:A6:90 master-interface=wifi1-5Ghz name=wifi-IoT-5Ghz
Thanks you
apparently i can now post replies / bug reports as a new forum user in this thread …so here it goes:
CRS354-48G-4S+2Q+ switches - upgraded 2 of them to 7.16 - they started ok but rapidly went nuts with a ton of random junk MAC addresses “learned”… and they do this slowly until they crash and reboot because of out of memory
CRS112-8P-4S switches - 2 of them upgraded, they both “learn” random junk in the MAC table…
RBSXTsq5nD (in wireless bridge mode) - same thing on the fiber end, i did not dare to upgrade the remote end - in case of problems on that one i need to cross a river and the nearest bridge is about 8 kilometers away
CRS326-24G-2S+ switches - upgraded a few of them to v7.16 - no MAC problems there… probably because they use the ARM build of RouterOS.
Our affected devices seem to all be MIPSBE ones.
i have downgraded the affected CRS354-48G-4S+2Q+ switches (mipsbe) back to 7.15.3 .. they work OK again now.
Also downgraded the two CRS112-8P-4S switches (mipsbe) from 7.16 to 7.15.3 - they work OK now too
RBSXTsq5nD (mipsbe) - upgraded to 7.17beta2 - that seems to have fixed the MAC problem too… but i do not dare to put beta builds on the switches.
more details in the forum thread: http://forum.mikrotik.com/t/routeros-v7-16-on-crs354-48g-4s-2q-and-other-models-slow-predictable-crash-oom/179117/1
(i have started that thread before i could post replies on this thread - new forum users apparently are (were?) not allowed to post problem reports here)
SA Query timeout issue is still there unfortunately. I had my Zoom video meeting disconnected multiple times after the upgrade to 7.16.
I use hAP ax3 with WPA3 disabled (that kind of helped at 7.15.3) and the laptop with AX203 card running the latest drivers.
Interestingly my old hAP ac2 with wifi-qcom-ac worked fine with WPA3 enabled at 7.15.3…
hAP ax3 and hAP ac2 have the same configuration and I am a bit tired of swapping the devices when I need stable Wi-Fi connection.
Then, in this case, I bet that the issue is using AX. Have you tried to force AC band on your hAP AX3?