Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

hEX - Unable to ping outside of backup internet connection  [SOLVED]

Locked
 
McAnix
just joined
Topic Author
Posts: 8
Joined: Wed Jul 25, 2018 9:22 am

hEX - Unable to ping outside of backup internet connection

Wed Jul 25, 2018 9:48 am

I have a hEX RB750GR3 router with the following setup:

ether1-fibre -> fibre router (CISCO) - Intended as primary internet
ether2-lte -> LTE router (Huawei B618) - Intended as backup internet
ether3-master -> POE switch - For SIP phones and Wifi POE - Intended to be master-port
ether4 -> Gigabit switch - For PCs


ADDRESSES
Code: Select all
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE                                
 0   ;;; defconf
     192.168.88.1/24    192.168.88.0    bridge1                                  
 1 X 192.168.55.1/24    192.168.55.0    *1                                       
 2   192.168.8.2/24     192.168.8.0     ether2-lte                               
 3 D 10.0.0.3/24        10.0.0.0        ether1-fibre

ROUTES:
Code: Select all
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  ;;; Default Route
        0.0.0.0/0                          ether1-fibre              1
 1   S  0.0.0.0/0                          ether2-lte                2
 2 ADC  10.0.0.0/24        10.0.0.3        ether1-fibre              0
 3 ADC  192.168.8.0/24     192.168.8.2     ether2-lte                0
 4 ADC  192.168.88.0/24    192.168.88.1    bridge1                   0

NAT:
Code: Select all
Flags: X - disabled, I - invalid, D - dynamic 
 0    chain=srcnat action=masquerade out-interface=ether1-fibre log=no 
      log-prefix="" 

 1    chain=srcnat action=masquerade out-interface=ether2-lte log=no 
      log-prefix=""

INTERFACES:
Code: Select all
Flags: D - dynamic, X - disabled, R - running, S - slave 
 #     NAME                                TYPE       ACTUAL-MTU L2MTU  MAX-L2MTU
 0  R  ether1-fibre                        ether            1500  1596       2026
 1  R  ether2-lte                          ether            1500  1598       2026
 2  RS ether3-master                       ether            1500  1598       2026
 3  RS ether4                              ether            1500  1598       2026
 4     ether5                              ether            1500  1598       2026
 5  R  ;;; created from master port
       bridge1                             bridge           1500  1598

PROBLEM:
The primary internet works fine and I have gateway-check="ping", however when attempting to fail over to the backup internet the routing breaks.


DIAGNOSIS:
  • I can ping the LTE router (192.168.8.1) from the Mikrotik and my internal network
  • I can ping the outside network from the LTE router so the internet connection is working (via the browser interface)
  • I see connection probes coming through the LTE router from the internet to the Mikrotik firewall
  • I cannot ping outside network from the Mikrotik when specifying the ether2-lte interface. It returns "timeout" then intermittently "192.168.8.2 host unreachable"
  • If I adjust the distance on the ether1-fibre route so the ether2-lte becomes active then nothing works

SUMMARY:
This should be working and I don't understand why it's not. I suspect it may be due to me importing the config from a hEX LITE router which caused some issues with the master-port and switching ports.

If there is any other information I can provide please ask :)
Top
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 2098
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Krugersdorp (Home town of Brad Binder)
Contact:
Contact CZFan

Re: hEX - Unable to ping outside of backup internet connection  [SOLVED]

Thu Jul 26, 2018 12:44 am

The first thing you should correct is your default routes should not point to interface, but to IP of gateway
Top
 
McAnix
just joined
Topic Author
Posts: 8
Joined: Wed Jul 25, 2018 9:22 am

Re: hEX - Unable to ping outside of backup internet connection

Fri Jul 27, 2018 10:39 am

Thanks for the advice CZFan.

I don't think it relates to my issues though.
Top
 
User avatar
skylark
Member Candidate
Member Candidate
Posts: 144
Joined: Wed Feb 10, 2016 3:55 pm

Re: hEX - Unable to ping outside of backup internet connection

Fri Jul 27, 2018 3:10 pm

I don't think it relates to my issues though.
Routes with interface name as the value of gateway are not used for nexthop lookup!
Top
 
McAnix
just joined
Topic Author
Posts: 8
Joined: Wed Jul 25, 2018 9:22 am

Re: hEX - Unable to ping outside of backup internet connection

Thu Aug 02, 2018 4:11 pm

I understand and will sort out the routes. The issues exist even when I plug the LTE router into ether-fibre to be the first hop.

There is something going on between the Mikrotik and the Huawei router.
Top
 
User avatar
bramwittendorp
Member Candidate
Member Candidate
Posts: 101
Joined: Thu Jun 16, 2016 3:48 pm
Location: The Netherlands
Contact:
Contact bramwittendorp

Re: hEX - Unable to ping outside of backup internet connection

Thu Aug 02, 2018 8:44 pm

Can you post your firewall config as well? You can anonimize it, but maybe there's something in the firewall that's missing the correct interface?
Top
 
McAnix
just joined
Topic Author
Posts: 8
Joined: Wed Jul 25, 2018 9:22 am

Re: hEX - Unable to ping outside of backup internet connection

Tue Aug 07, 2018 10:27 am

So there was a red-herring in the fact that the mikrotik could not ping through the interface. After fixing my IP address and setting the interface through the nexthop IP everything worked.

Thanks guys...
Top
Locked

Who is online

Users browsing this forum: GoogleOther [Bot] and 50 guests
  4. RouterOS
  5. Beginner Basics