Page 1 of 1

Router losing packets

Posted: Sun Jun 14, 2020 11:18 am
by aldaris
Hello,

I just got my new MikroTik RouterBOARD RBD52G-5HacD2HnD-TC, hAP ac2 and I am having some troubles with it losing some packets. When I ping 8.8.8.8, I got like 3% of packets lost.
Packets lost are not random. There is a gap fo about 10 seconds when 3-4 requests are lost. Ping from router itself to the same IP is going fine with no packet lost. Ping from the pc to router works well too. I tried to connect pc to another LAN port - packets lost. I tried ping from laptop on WLAN - packets lost.
So therefore I assume cable is fine. WAN part is fine too. So there must be something wrong with router itself. Currently I have default configuration with firewall and WAN IP address set up.
I also tried latest stable RouterOS version, and I am currently running LTS version
[admin@MikroTik] > /export hide-sensitive compact
# jun/14/2020 10:10:27 by RouterOS 6.45.9
# software id = J43T-I3XV
#
# model = RBD52G-5HacD2HnD
# serial number = B4A00C7CB586
/interface bridge
add admin-mac=48:8F:5A:4D:B3:E7 auto-mac=no comment=defconf name=bridge
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX disabled=no distance=indoors frequency=auto installation=indoor mode=ap-bridge ssid=\
    MikroTik-4DB3EB wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-XXXX disabled=no distance=indoors frequency=auto installation=indoor mode=ap-bridge \
    ssid=MikroTik-4DB3EC wireless-protocol=802.11
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
/user group
set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,tikapp,!dude
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=ether2 network=192.168.88.0
add address=xxx.xxx.xxx.142/30 interface=ether1 network=xxx.xxx.xxx.140
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=xxx.xxx.xxx.20,xxx.xxx.xxx.100
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
add action=accept chain=input protocol=icmp
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
add action=drop chain=input in-interface-list=!LAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
/ip route
add distance=1 gateway=xxx.xxx.xxx.141
/system clock
set time-zone-name=Europe/Prague
/system package update
set channel=long-term
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
Any ideas what could possibly be wrong?

Thank you