Community discussions

MikroTik App
 
Lotar
just joined
Topic Author
Posts: 14
Joined: Fri Jun 15, 2012 2:10 pm

Dual WAN router, ping problem.

Fri Jun 15, 2012 4:00 pm

Hi.

I just finished setting up a routerboard (450g) to act as a internet router with 2 GW and fail-over following the Improved netwach script.

First gw has a static IP (cable connected from media converter directly). The second one is a ADSL line connected to a modem/wifi router witch in turn gives me a local IP (192.168.1.2). Fail over work's great, internet work's fine. But... i can only ping internet IPs from my local network on the first GW.

If i plug my laptop directly in the adsl modem/router, pinging works fine, so no problem there. I think the problem is between the mikrotik and the adsl modem. (on the adsl modem i put mikrotik's ip in DMZ)

my setup is:

internet - GW1 (85.23.x.x) - Mikrotik port 1
internet - GW2 (ADSL with dynamic ip allocation 100.23.x.x) -adsl router internal GW (192.168.1.1) - Mikrotik port 2 (192.168.1.2)

Lan - 192.168.10.1 - Mikrotik port 3

When the internet is on the back-up line (adsl) i can't ping anything outside the network.

Any ideas ??
 
CelticComms
Forum Guru
Forum Guru
Posts: 1766
Joined: Wed May 02, 2012 5:48 am

Re: Dual WAN router, ping problem.

Sat Jun 16, 2012 12:20 am

Look at the routing table and do a trace route to 8.8.8.8 in both conditions - see how far the trace is getting and how the routing table looks when in the "failover" condition.
Interlynx | Networking and Information Security Consultants & Trainers | Email: routerlynx@gmail.com
BGP | EIGRP | OSPF | MPLS | Firewall | VPN | IPsec | Multicast | QOS | IPv4/6 | STP | VLAN | PON | AE | M2M | and more!

 
Lotar
just joined
Topic Author
Posts: 14
Joined: Fri Jun 15, 2012 2:10 pm

Re: Dual WAN router, ping problem.

Mon Jun 18, 2012 11:12 am

ok, i did the setup again and now the ping work's in link fail-over mode (adsl line)
Now i have a new ping related problem.

When both connections are up, i can ping/traceroute any ip on the main link but if i select the interface to be the second one (adsl) with the first one connected, i can't ping/trace anything. I want to monitor an external host on the second link only, to know when the back-up line is down (and i have no fail-over).

my setup is:

/ip routes
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S ;;; Default Route
0.0.0.0/0 81.181.x.x 1
1 S 0.0.0.0/0 192.168.1.1 2
2 A S ;;; ping facebook on gateway 1
69.171.229.11/32 ether1-gateway 1
3 ADC 81.181.x.x/24 81.181.x.x ether1-gateway 0
4 A S ;;; ping wiki.ro on gateway 2
91.198.174.225/32 ether2-gateway2 1
5 ADC 192.168.1.0/24 192.168.1.2 ether2-gateway2 0
6 ADC 192.168.13.0/24 192.168.13.1 ether3-master-l... 0

fail over scripts:

script 1:
:local i 0; {:do {:set i ($i + 1)} while (($i < 5) && ([/ping 69.171.229.11 interval=3 count=1]=0))};
:if ($i=5 && [/ip route get [find comment="Default Route"] distance]=1) do={:log info "PRIMAYR LINK DOWN"; /ip route set [find comment="Default Route"] distance=3
:delay 15s
/tool e-mail send to="alerts@xxxx.ro" subject=([/system identity get name] . \
" net is down") from=tehnic@xxxx.ro body=([/system identity get name] . "-" . [/system clock get time] . \
" call the man")
:log info "mail sent"
}

script 2:
:local i 0; {:do {:set i ($i + 1)} while (($i < 5) && ([/ping 69.171.229.11 interval=3 count=1]=1))};
:if ($i=5 && [/ip route get [find comment="Default Route"] distance]=3) do={:log info "PRIMARY LINK UP";
/ip route set [find comment="Default Route"] distance=1;
/tool e-mail send to="alerts@xxxx.ro" subject=([/system identity get name] . \
" net is UP") from=tehnic@xxxx.ro body=([/system identity get name] . "-" . [/system clock get time] . \
" main link is up")
:log info "mail sent"
}

to check my back-up link while the main one is up i do this:

script 3:

:local i 0; {:do {:set i ($i + 1)} while (($i < 5) && ([/ping 91.198.174.225 interval=3 count=1]=0))};
:if ($i=5) do={:log info "ADSL LINK DOWN";
/tool e-mail send to="alerts@xxxx.ro" subject=([/system identity get name] . \
" adsl is down") from=tehnic@xxxx.ro body=([/system identity get name] . "-" . [/system clock get time] . \
" adsl")
:log info "mail sent"
}


script 4:

:local i 0; {:do {:set i ($i + 1)} while (($i < 5) && ([/ping 91.198.174.225 interval=3 count=1]=1))};
:if ($i=5) do={:log info "ADSL LINK UP";
/tool e-mail send to="alerts@xxxx.ro" subject=([/system identity get name] . \
" ADSL LINK UP") from=tehnic@xxxx.ro body=([/system identity get name] . "-" . [/system clock get time] . \
" ADSL LINK UP")
:log info "mail sent"
}


script 1 and 2 are scheduled to run every 10s and 3 and 4 every 1m.

1and 2 work fine. 3 and 4 don't work. When 3 run's it reports link down even if link is up.
 
dtoffo
Trainer
Trainer
Posts: 98
Joined: Tue May 17, 2011 9:19 am

Re: Dual WAN router, ping problem.

Tue Jun 19, 2012 7:39 pm

to be sure to ping using a specific gateway, I usually create a routing table (say "routing1") with that gateway only and force ping to use it passing the parameter routing-table
example:
:ping address=8.8.8.8 routing-table=routing1
in winbox you can find the parameter in advanced

from the netwatch-like scripts I made my own using routing marks as base and without touching routes and routing rules.
In my tests if I disable rules I have the problem that next check will not use the path I expect.

Who is online

Users browsing this forum: Baidu [Spider] and 101 guests