Community discussions

MikroTik App
 
User avatar
macsrwe
Forum Guru
Forum Guru
Topic Author
Posts: 1007
Joined: Mon Apr 02, 2007 5:43 am
Location: Arizona, USA
Contact:

Zombie Modem

Thu May 28, 2020 7:56 am

I have a wireless network serving an outdoor location, configured as a ring. There are two gateways (DSL), at opposite (geographical) ends of the ring. OSPF is set up in simple fashion to deliver traffic to the closest gateway, and to reroute all traffic to the working gateway if a gateway or intervening link goes down. This configuration has been working acceptably for many years.

Recently, we encountered a situation where one gateway (phone company) feed failed, but the accompanying modem stayed up... showing a "disconnected" state on its status page, but still delivering a DHCP address to our MikroTik equipment. Since the modem's own address was up and responding, OSPF considered the connection up, and kept shipping all the traffic from that side of the ring into the broken gateway, timing out on everything, but never switching the routing to the working gateway.

I ended up temporarily manually disabling the interface on that side to trigger OSPF, but only after a significant delay of days before I realized something was wrong (the client didn't report anything).

Other than scripting, which is inelegant, time-consuming, and error-prone, is there some more simple configuration additive I can apply that would inform OSPF that despite having single-hop connectivity to the modem, the gateway service itself is actually dead?
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2983
Joined: Mon Apr 08, 2019 1:16 am

Re: Zombie Modem

Thu May 28, 2020 10:50 am

"recursive route" is the magic word. https://wiki.mikrotik.com/wiki/Manual:U ... attributes

Exemples of recursive route can be found in the forum: viewtopic.php?f=23&t=157048&p=788311
 
User avatar
macsrwe
Forum Guru
Forum Guru
Topic Author
Posts: 1007
Joined: Mon Apr 02, 2007 5:43 am
Location: Arizona, USA
Contact:

Re: Zombie Modem

Fri May 29, 2020 2:40 am

Ugh. Coincidentally, I tried reading this writeup several weeks ago just for continuing education purposes, got total brain cramp from it, and gave up.

It looks like it was written to control two gateways into the same edge router, where routing marks are already in play to load-balance traffic. In my case, we have two edge routers with one gateway each, at opposite ends of a ring network, and if we ever have to load-balance (we haven't so far) we would just diddle OSPF link distances. One edge router can't just trivially route some traffic out the second gateway, it has to send it clear across the network (a three-tower hop) to get there, and the other towers would have to cooperate instead of just blindly returning that traffic to the "nearest" gateway and creating a ping-pong loop.

It appears to me that to make this work as described, I would have to introduce mangling and policy-based routing (if only for those two remote exemplar addresses) on every tower in the network, and then (I think) manually force that traffic out the correct link for the "right" gateway, otherwise, OSPF would just give me ping-pong traffic. I don't know enough about the interaction between OSPF and policy-based routing to know if OSPF would "do the right thing" on the non-gateway towers without this, or do the right thing if the ring developed a broken link somewhere... both of which it does quite adequately right now, so I'd like not to mess it up to solve this one rare problem.
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2983
Joined: Mon Apr 08, 2019 1:16 am

Re: Zombie Modem

Fri May 29, 2020 3:04 am

I didn't want to point to the mangle rules and the load balancing.
It 's all about detecting , better than pinging the gateway/modem, if the route is usuable for Internet traffic , by pinging far away well known hosts via a route with "scope=10, target scope=10"

viewtopic.php?f=2&t=156348#p770582

I know by that route check (on 8.8.8.8 and 8.8.4.4) if my two gateways 192.168.90.1 and 192.168.95.1 have an operational connection to internet or not.
If not, they become unreachable (something that could be propagated through OSPF I assume)
Klembord-2.jpg
In your case, 1 tested route per gateway at opposite (geographical) ends of the ring.
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: clambert, loloski and 11 guests