Community discussions

 
TheRockGer
just joined
Topic Author
Posts: 3
Joined: Sat Jun 15, 2019 10:49 pm

Double package Issue with HyperV

Sat Jun 15, 2019 11:19 pm

Hi,
i am currently setting up a wireless network for a custumer of mine and i am facing a strange behaviour.
The network consists of the following physical topology:
Internet <--> Modem <--> TuxFirewall <--> MT CRS328 <--> MT RB4011

The CRS328 should receive and tag all incomming pakets with the correspronding VLAN tags and forward all to neccessary (to be routed) to the RB4011. The TUXFirewall is the router which knows all networks and therefore defautl Gateway.
I have a HyperV-Host with Windows Server 2019 connected to the CRS328 via a direct attached SFP-cable. A virtual switch is created which does VLAN tagging for the guests. All guests are currently in VLAN10.

The RB4011 has the following config (striped for the neccessary):

Code: Select all

# jan/03/1970 05:10:08 by RouterOS 6.44.3
# model = RB4011iGS+
/interface bridge
add name=global_bridge priority=0x900 vlan-filtering=yes
/interface vlan
add interface=global_bridge name=DMZ vlan-id=10
add interface=global_bridge name=Guest vlan-id=15
add interface=global_bridge name=ThinClients vlan-id=25
add interface=global_bridge name=inside vlan-id=20
/interface ethernet switch port
set 0 default-vlan-id=0
set 1 default-vlan-id=0
set 2 default-vlan-id=0
set 3 default-vlan-id=0
set 4 default-vlan-id=0
set 5 default-vlan-id=0
set 6 default-vlan-id=0
set 7 default-vlan-id=0
set 8 default-vlan-id=0
set 9 default-vlan-id=0
set 10 default-vlan-id=0
set 11 default-vlan-id=0
/ip pool
add name=Guet ranges=10.0.15.1-10.0.15.250
add name=ThinClients ranges=10.0.25.1-10.0.25.250
add name=inside ranges=10.0.20.1-10.0.20.250
/ip dhcp-server
add add-arp=yes address-pool=Guet disabled=no interface=Guest name=Guest \
src-address=10.0.15.254
add add-arp=yes address-pool=inside disabled=no interface=inside name=inside \
src-address=10.0.20.254
add add-arp=yes address-pool=ThinClients disabled=no interface=ThinClients \
name=ThinClients src-address=10.0.25.254
/interface bridge port
add bridge=global_bridge interface=sfp-sfpplus1
/interface bridge vlan
add bridge=global_bridge tagged=global_bridge,sfp-sfpplus1 vlan-ids=10
add bridge=global_bridge tagged=global_bridge,sfp-sfpplus1 vlan-ids=15
add bridge=global_bridge tagged=global_bridge,sfp-sfpplus1 vlan-ids=20
add bridge=global_bridge tagged=global_bridge,sfp-sfpplus1 vlan-ids=25
/ip address
add address=192.168.100.253/24 interface=DMZ network=192.168.100.0
add address=10.0.15.254/24 interface=Guest network=10.0.15.0
add address=10.0.25.254/24 interface=ThinClients network=10.0.25.0
add address=10.0.20.254/24 interface=inside network=10.0.20.0
/ip dhcp-server network
add address=10.0.15.0/24 dns-server=1.1.1.1 gateway=10.0.15.254
add address=10.0.20.0/24 dns-server=192.168.100.2 gateway=10.0.20.254
add address=10.0.25.0/24 dns-server=192.168.100.2 gateway=10.0.25.254
/ip dns
set allow-remote-requests=yes servers=192.168.100.2
/ip route
add distance=1 gateway=192.168.100.10
The CRS328 has the following configuration:

Code: Select all

# feb/10/1970 10:48:16 by RouterOS 6.44.3
# model = CRS328-24P-4S+
/interface bridge
add ingress-filtering=yes name=bridge priority=0x1000 vlan-filtering=yes
/interface vlan
add interface=bridge name=mgmt vlan-id=25
/interface bridge port
add bridge=bridge interface=sfp-sfpplus2
add bridge=bridge interface=sfp-sfpplus4
add bridge=bridge interface=ether1 pvid=10
add bridge=bridge interface=ether2 pvid=15
add bridge=bridge interface=ether3 pvid=20
add bridge=bridge interface=ether4 pvid=25
/interface bridge vlan
add bridge=bridge tagged=sfp-sfpplus2,sfp-sfpplus4 untagged=ether1,ether14,ether13,ether15,ether16 vlan-ids=10
add bridge=bridge tagged=sfp-sfpplus2,sfp-sfpplus4vlan-ids=15
add bridge=bridge tagged=sfp-sfpplus2,sfp-sfpplus4untagged=ether9,ether10,ether11,ether12,ether13,ether14,ether15,ether16 vlan-ids=20
add bridge=bridge tagged=sfp-sfpplus2,sfp-sfpplus4,bridge vlan-ids=25
/ip address
add address=10.0.25.253/24 interface=mgmt network=10.0.25.0
/ip dns
set servers=192.168.100.2
/ip route
add distance=1 gateway=10.0.25.254
/system routerboard settings
set boot-os=router-os
So far nothing complicated. Here comes the funny thing: when i try to ping from the CRS328 the TUXGuard (192.168.100.10) all ICMP pakets are answered in the expected way. But if i ping the HyperV-Host (192.168.100.250) the answers look the following:

Code: Select all

[admin@H42SW2] ping 192.168.100.250
SEQ HOST SIZE TTL TIME STATUS
0 192.168.100.250 timeout
1 192.168.100.250 56 127 0ms
1 192.168.100.250 56 127 0ms
2 192.168.100.250 56 127 0ms
2 192.168.100.250 56 127 1ms
3 192.168.100.250 56 127 0ms
3 192.168.100.250 56 127 0ms
4 192.168.100.250 56 127 0ms
4 192.168.100.250 56 127 0ms
5 192.168.100.250 timeout
6 192.168.100.250 56 127 0ms
6 192.168.100.250 56 127 0ms
7 192.168.100.250 56 127 0ms
7 192.168.100.250 56 127 0ms
8 192.168.100.250 56 127 0ms
8 192.168.100.250 56 127 0ms
9 192.168.100.250 56 127 0ms
9 192.168.100.250 56 127 0ms
10 192.168.100.250 56 127 0ms
10 192.168.100.250 56 127 0ms
sent=11 received=18 packet-loss=-63% min-rtt=0ms avg-rtt=0ms max-rtt=1ms
All packets are answered double, while some seems to be dropped. The scheme is alwys exactly like this (positions of the dropped pakets are always the same in the sequence)

When looking with wireshark on directly on the Interface on the HyperV-Host, i can see, that the echo request are delivered twice and therefore the echo reply exists twice.
I am running out of ideas, what could be wrong in the setup and whether it is on the mikrotik side or within the HyperV-Host which is managed by another company.

If any information is missing pleas let me know.

I appreachiate every idea!
Thanks, Jan

Who is online

Users browsing this forum: No registered users and 5 guests