Community discussions

MikroTik App
 
HaPe
Member Candidate
Member Candidate
Topic Author
Posts: 239
Joined: Fri Feb 10, 2012 10:24 pm
Location: Poland

Subnet mask and swos

Sat Jun 14, 2014 10:53 pm

Hi,
which subnet mask does swos use(/8, /24, /16 ...)?
 
dimnik
just joined
Posts: 1
Joined: Tue Feb 17, 2015 4:17 pm

Re: Subnet mask and swos

Tue Feb 17, 2015 4:19 pm

http://wiki.mikrotik.com/wiki/SwOS#System_Tab
"Note: SwOS uses a simple algorithm to ensure TCP/IP communication - it just replies to the same IP and MAC address packet came from. This way there is no need for Default Gateway on the device itself."
 
User avatar
Hotz1
Member
Member
Posts: 393
Joined: Tue Oct 09, 2007 6:55 am

Re: Subnet mask and swos

Mon Mar 23, 2015 9:28 pm

http://wiki.mikrotik.com/wiki/SwOS#System_Tab
"Note: SwOS uses a simple algorithm to ensure TCP/IP communication - it just replies to the same IP and MAC address packet came from. This way there is no need for Default Gateway on the device itself."
Oh, there is definitely a need for them; it's just that it works in a lot of places without them.
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4047
Joined: Wed May 11, 2011 6:08 pm

Re: Subnet mask and swos

Mon Mar 23, 2015 10:48 pm

Oh, there is definitely a need for them; it's just that it works in a lot of places without them.
:lol: :lol:

What a hilarious response! So true, too. :)
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 2989
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Subnet mask and swos

Fri May 08, 2015 12:51 am

http://wiki.mikrotik.com/wiki/SwOS#System_Tab
"Note: SwOS uses a simple algorithm to ensure TCP/IP communication - it just replies to the same IP and MAC address packet came from. This way there is no need for Default Gateway on the device itself."
no need???

no way to manage it remotely using vlans and accessing from a remote VPN
 
User avatar
Hotz1
Member
Member
Posts: 393
Joined: Tue Oct 09, 2007 6:55 am

Re: Subnet mask and swos

Wed Jun 10, 2015 3:40 pm

http://wiki.mikrotik.com/wiki/SwOS#System_Tab
"Note: SwOS uses a simple algorithm to ensure TCP/IP communication - it just replies to the same IP and MAC address packet came from. This way there is no need for Default Gateway on the device itself."
no need??? no way to manage it remotely using vlans and accessing from a remote VPN
What they're saying is that it replies via Layer 2. A device connected to the switch hands the switch a packet. When the switch builds its reply, it still sets the Dst IP to the Src IP of the original message, but then it sets the Dst MAC to the original Src MAC, regardless of the Dst IP. That means replies always get handed back to the same neighbor that forwarded the original packet. So, as long as the switch is on a network managed by a router, you can reach it in any way the router supports--including VLANs, PPTP, etc.

The switch does answer to its own IP on whatever VLAN you use to reach it, so it doesn't truly support the "management vlan" concept; but as long as your router assigns the management address space to the appropriate VLAN, it will work as though it did. (But if you force its address onto a different VLAN, it will still reply.)

* If you mean the switch should be able to establish its own tunnel to the NOC, you're going to need a more expensive ($$$$) switch.
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 2989
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Subnet mask and swos

Wed Jun 10, 2015 3:59 pm

http://wiki.mikrotik.com/wiki/SwOS#System_Tab
"Note: SwOS uses a simple algorithm to ensure TCP/IP communication - it just replies to the same IP and MAC address packet came from. This way there is no need for Default Gateway on the device itself."
no need??? no way to manage it remotely using vlans and accessing from a remote VPN
What they're saying is that it replies via Layer 2. A device connected to the switch hands the switch a packet. When the switch builds its reply, it still sets the Dst IP to the Src IP of the original message, but then it sets the Dst MAC to the original Src MAC, regardless of the Dst IP. That means replies always get handed back to the same neighbor that forwarded the original packet. So, as long as the switch is on a network managed by a router, you can reach it in any way the router supports--including VLANs, PPTP, etc.

The switch does answer to its own IP on whatever VLAN you use to reach it, so it doesn't truly support the "management vlan" concept; but as long as your router assigns the management address space to the appropriate VLAN, it will work as though it did. (But if you force its address onto a different VLAN, it will still reply.)

* If you mean the switch should be able to establish its own tunnel to the NOC, you're going to need a more expensive ($$$$) switch.

thanks for your reply

i only want the sw os to have a default gateway only that.

because with the actual functionality i cannot manage it from a different subnet, the only way i found to manage it from a different subnet was using local router as a web proxy
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2978
Joined: Mon Apr 08, 2019 1:16 am

Re: Subnet mask and swos

Thu Jan 28, 2021 2:20 pm

There should be no need for the web proxy. The SwOS will answer with the original src IP as dst IP, and the MAC address of the router (the src MAC address in the received request) . The router will forward according its routing tables.
 
User avatar
k6ccc
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)
Contact:

Re: Subnet mask and swos

Sun Jan 31, 2021 8:26 pm

I have not found a situation where I could not access any of my switches. At the very least, the computer is on a different VLAN than the switch is listening on, so traffic is going through a router or two to get there and it always finds its way back. This computer has an IP on my .101 LAN. Although it is plugged directly into my family room switch, the switch IP is on my .201 LAN, and the switch is set to only accept traffic on the 201 VLAN. So to get to the switch from this PC is as follows: PC on .101 VLAN > [through switch 1 and switch 2] > router 1 > router 2 [through switch 2] > Switch 1

C:\windows\system32>tracert 192.168.201.1
Tracing route to 192.168.201.1 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 192.168.101.251 (Router 1)
2 <1 ms <1 ms <1 ms 192.168.211.252 (Router 2)
3 <1 ms <1 ms <1 ms 192.168.201.1 (Switch 1)
Trace complete.


I often get to the switches from remote locations via the internet (yes, there is some serious firewalling in the routers on that).
Never failed.
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2978
Joined: Mon Apr 08, 2019 1:16 am

Re: Subnet mask and swos

Sun Jan 31, 2021 10:25 pm

The only thing with this "answer with src IP and src MAC as destination" mechanism is that the switch cannot initiate a connection to something outside the own subnet, as it does not have a clue on the gateway to use. But I see no process that initiates a connection from the switch (like SNMP trigger, syslog send, SNTP request, DNS request....).

If the return-path is correct in the router/gateway, there should be no problem to answer, respond to, or maintain a remotely initiated connection.
 
User avatar
k6ccc
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)
Contact:

Re: Subnet mask and swos

Sun Jan 31, 2021 11:17 pm

The only thing with this "answer with src IP and src MAC as destination" mechanism is that the switch cannot initiate a connection to something outside the own subnet, as it does not have a clue on the gateway to use. But I see no process that initiates a connection from the switch (like SNMP trigger, syslog send, SNTP request, DNS request....).

Check for System Upgrade - and that, for me always works...
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2978
Joined: Mon Apr 08, 2019 1:16 am

Re: Subnet mask and swos

Mon Feb 01, 2021 1:24 am

I admit the "upgrade" check puzzled me too. (Maybe the switch had router discovery methods ?)

But as you stated it , I started having a little check.

There is no IP session originating from the switch at my edge gateway/firewall. (There should have been an open NAT session)

So where does it come from ? There is traffic from my PC. So let's check the browser page. (Chrome has the developers tools built in).
And the browser is checking upgrade.microsoft .com to fill in this page. The switch is not initiating a request.
..

Klembord-1.jpg
You do not have the required permissions to view the files attached to this post.
Last edited by bpwl on Mon Feb 01, 2021 12:07 pm, edited 1 time in total.
 
User avatar
k6ccc
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)
Contact:

Re: Subnet mask and swos

Mon Feb 01, 2021 4:33 am

There is traffic from my PC. So let's check the browser page. (Chrome has the developers tools built in).
And the browser is checking upgrade.microsoft .com to fill in this page. The switch is not initiating a request.
Ain't that interesting...

Who is online

Users browsing this forum: No registered users and 15 guests