Page 1 of 1

Routing between Mikrotik GW's

Posted: Thu Jan 28, 2016 12:28 am
by koolandrew
Could someone take a look at this config, as i cannot figure out why i am having so much trouble.

I am trying to connect two Mikrotik routers, CCR-1009. The first one is public facing, and we have set up a public Lan using a bridge on ports 2-8.

We have plugged in the second Mikrotik eth1 to eth8 on the bridge on the first router.

Router 1 setup

1 ;;; WAN
xx.yy.176.90/30 xx.yy.176.88 ether1-gateway
2 ;;; LAN PUBLIC NETWORK
xx.abc.81.33/28 xx.abc.81.32 bridge-public lan

# INTERFACE BRIDGE PRIORITY PATH-COST HORIZON
0 ether2 bridge-local 0x80 10 none
1 ether3 bridge-public lan 0x80 10 none
2 I ether4 bridge-public lan 0x80 10 none
3 I ether5 bridge-public lan 0x80 10 none
4 I ether6 bridge-public lan 0x80 10 none
5 I ether7 bridge-public lan 0x80 10 none
6 ether8 bridge-public lan 0x80 10 none

Router 2 Setup

# ADDRESS NETWORK INTERFACE
0 ;;; Lan Data Network
10.10.10.1/24 10.10.10.0 Lan Data Network
1 xx.abc.81.39/29 xx.abc.81.32 ether1

# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 S 0.0.0.0/0 xx.abc.81.33 10
1 ADC 10.10.10.0/24 10.10.10.1 Lan Data Network 0
2 ADC xx.abc.81.32/29 xx.abc.81.39 ether1 0

Here are the results

When i first configured it, the gw was reachable for about 15 seconds, and then it was unreachable.

ip route nexthop print
0 address=38.110.81.33 gw-state=reachable forwarding-nexthop="" interface=""
scope=10 check-gateway=icmp gw-check-ok=no

What am i doing wrong?

Re: Routing between Mikrotik GW's

Posted: Thu Jan 28, 2016 7:29 am
by alxnegrila
1. You have shown us your public ip on nexthop
2. Try to use same netmask on both routers, now you have 28 and 29 subnets.

Re: Routing between Mikrotik GW's

Posted: Fri Jan 29, 2016 7:29 am
by koolandrew
ooops, your right i did.

Nevertheless, i have tried using the same netmask, and nothing changes. I cannot figure out what i am doing wrong, it is driving me nuts.

Re: Routing between Mikrotik GW's

Posted: Mon Feb 01, 2016 11:51 pm
by Revelation
What exactly is the problem you are having?

You need to re-post your configs. There is a huge difference between a /28 and a /29 in your case.

Change your public IPs to private IPs. Quit copying and pasting configs from Winbox and type out the information, it's coming across hard to read.

Where is the x.x.81.33 address exactly assigned on Router 1? Can Router 1 ping that address?

When you assign the address of x.x.81.39 to Router 2, can Router 2 ping the x.x.x.39 address?

Have you double-checked the cable running between Router1:ether8 <-> ether1::Router2?

What firewall rules are in place on Router1 and on Router2?

Do you have src-nat on Router2?

Re: Routing between Mikrotik GW's

Posted: Tue Feb 02, 2016 12:09 am
by ZeroByte
ooops, your right i did.

Nevertheless, i have tried using the same netmask, and nothing changes. I cannot figure out what i am doing wrong, it is driving me nuts.
So you want router2 to have a public IP from the same WAN as router 1?

Create a second bridge in router1, named WAN or something like that.
Connect ether1 to the WAN bridge in the "ports" menu.
Move the WAN IP address off of ether1 and onto the WAN bridge.
Update all of your firewall rules, nat rules, mangle rules, etc - anything that refers to ether1 must be updated to refer to WAN instead.

After that, it's easy - just remove ether8 from the LAN bridge and connect it to the WAN bridge instead.

Re: Routing between Mikrotik GW's

Posted: Tue Feb 02, 2016 6:53 pm
by koolandrew
It turns out that i was doing everything correctly, but there were some dynamic entries in the arp table on router 2, for ether 1 that shouldnt be there.

There were three dynamic entries, and once i deleted them only two came back, and then when i added the gw again, for the 15th time, the arp entries disappeared, and the connection was good.

This appears to be a Mikrotik bug, but i doubt i can replicate this, or want to, as i wasted untold hours trying to solve this issue.

Re: Routing between Mikrotik GW's

Posted: Tue Feb 02, 2016 10:24 pm
by Revelation
Glad you got it sorted.