Community discussions

MUM Europe 2020
just joined
Topic Author
Posts: 20
Joined: Fri Mar 28, 2014 2:15 am

NAT killing OSPF

Mon Jan 16, 2017 11:08 pm

/interface bridge add name=loopback
/interface bridge settings set use-ip-firewall=yes
/ip address
 add address= interface=loopback
 add address= interface=ether1-gateway
 add address= interface=ether2-south_tower
 add address= interface=ether3-north_AP
/ip route add gateway=
Basic OSPF setup.
/routing ospf interface
 add network-type=broadcast passive=yes
 add authentication=md5 authentication-key=myOSPFkey interface=ether1-gateway network-type=broadcast priority=0
 add authentication=md5 authentication-key=myOSPFkey interface=ether2-south_tower network-type=broadcast priority=0
I got OSPF working. I then added a NAT rule to the configuration.
/ip firewall address-list
 add list=my_network address=
 add list=my_network address=
/ip firewall nat
 add action=src-nat chain=srcnat dst-address-list=!my_network src-address= to-addresses=
After adding my nat statement my OSPF neighbor is lost. I have tried adding protocol=!ospf dst-address-type=unicast out-interface=ether1-gateway to my nat statement. I have also added and to the my_network address list. I have tried several router OS versions and different routerboard models.

My conclusion is the nat statement is matching the osfp traffic.
Member Candidate
Member Candidate
Posts: 298
Joined: Sat Jul 20, 2013 2:40 pm

Re: NAT killing OSPF

Mon Jan 16, 2017 11:40 pm

Are you sure it's only /23?
You could add the following rule before nat:
add chain=srcnat protocol=ospf action=accept

Who is online

Users browsing this forum: No registered users and 16 guests