I am experiencing this problem with FIOS for almost 2 weeks and trying to do my own investigation.
Internet connection is dropped at some point, ONT is on, verizon sees it, but the router cannot get the IP no matter what I do until I powercycle ONT (optical network terminal from Verizon). Rebooting the router has no effect. ONLY when I reboot ONT, the router gets the ip within 2 minutes. After that it works fine untill it happens again. For 2week period the longest it worked amost 5 days and the shortest 4 hrs.
Verizon replaced ONT on thursday, and today at 9 am it happened again. I reset the ont and it works.
Where can I check on mikrotik to exclude the possibility that it is my causing this problem.
You probably have to tell the router to apply the new gatewayIP in a manually created route.
For some reason the router isnt able to do so is my guess.
Thanks for your reply.
The question is what happened and why it cannot get it. It was working just fine always. Is there places I can check in the router to see if any settings may be wrong?
Copy it here line by line just use fake number vice your actual WANIP or WANIP gateway numbers.
Dont need to see any of the created LAN routes, just the ones associated with the WAN.
Well mine doesnt acquire connectivity even on a reboot I have to take the gatewayIP the router sees and manually insert into the route…
I put the following script in for IP DHCP client and set default route distance to 255
:if ($bound=1) do={
:local iface $interface
:local gw [ /ip dhcp-client get [ find interface=$“iface” ] gateway ]
/ip route set [ find comment=“Primary” gateway!=$gw ] gateway=$gw
}
The key here is I put a comment line on my manually entered route and in my case the comment is Primary,
so that the script knows where to look!
The problem continues! Spoke with them, and they keep bringing up the fact that I am not using their router, so I said SURE, send it over! and I bet, the prolem will carry on with that router in the chanin hosting the connection!
By the way, how do I make their router transparent? so that I still have my rb3011 “in charge”?
I figure set DMZ on one of the ports and disable firewall? Will the MT still transmit to the cloud the correct WAN ip?
Thanks
In the meantime, I hope my digitalloggers power-switch will help me rebooting the ONT automatically
DMZ is still a NAT, so in Mikrotik syntax, it says /ip firewall nat add chain=dstnat in-interface=WAN action=dst-nat to-addresses=ip.address.on.lan. In the opposite direction, it src-nats whatever comes from the LAN to the WAN (public) IP. So if your 3011 will be the only device on the Verizon router’s LAN, there should be no issue except if the Verizon router doesn’t keep source ports unchanged.
Double NAT is not as bad as it is often portrayed, so traffic to/from your actual LAN (behind the 3011) will not suffer from that, you just may have to modify the NAT rules on the 3011 to reflect the fact that its WAN IP will be different (or you may not if you use action=masquerade in srcnat chain and in-interface in dstnat chain). So the only issue may be that if you have an IPsec connection between the 3011 and some other router at a public address, the IPsec transport packets would get UDP-encapsulated to handle the NAT, i.e. the amount of overhead per byte of the payload would grow a bit. If the Verizon box can handle NAT of ESP, even this can be overcome.
