Community discussions

MikroTik App
 
danriis
just joined
Topic Author
Posts: 11
Joined: Wed May 29, 2019 1:52 am

Network loop?

Thu Jun 18, 2020 2:02 am

Hi all,
I have suddenly started getting multiple alerts in the log that look like this:
ether7: bridge port received packet with own address as source address (74:4d:28:01:2f:3a), probably loop
I also get it on ether5 sometimes but mostly ether7.
It seems to indicate that the MAC that represents the bridged ports on the router is sending itself data which seems odd to me.
Along with this issue now suddenly DNS requests are taking a long time, like 5 seconds delay while resolving host every time I go to a new web page.
Also want to add that in the properties for 'bridge1', (my combined bridged interfaces on the router) there is a 'Status' tab and that tab shows 'Root Port' to be a different mikrotik switch on the network. That switch is not supposed to be anything special just one of several switches that connects various clients and then connects back to the router/switch, that seems odd to me as well but I'm not familiar with STP.

My network is pretty simple, RouterBoard RB1100AHx4 running v6.44.3 is taking in our Internet and distributing through the integrated (bridged) switch ports to various small switches and some Unifi access points.
The overall design is a simple star with the router/switch at the center and we don't have any redundant paths built in, at least not on purpose.
Hoping someone can help, it's weird this just started happening with no changes on the network that I'm aware of but of course some user could have added something without telling me since this is a place where people live, not just a work place. If you need more info just ask and I'll post whatever you need.
This is for a non-profit who pays me very little to help them due to their very limited finances.
 
User avatar
mutluit
Forum Veteran
Forum Veteran
Posts: 714
Joined: Wed Mar 25, 2020 4:04 am

Re: Network loop?

Fri Jun 19, 2020 2:32 am

You should post your config for analysis, ie in CLI:
/export hide-sensitive file=export-hs
and then see in /Files for the file...
 
tippenring
Member Candidate
Member Candidate
Posts: 243
Joined: Thu Oct 02, 2014 8:54 pm
Location: St Louis MO
Contact:

Re: Network loop?

Fri Jun 19, 2020 5:57 pm

If you don't have any VLANs, then the router is probably not lying to you. You probably have a switch loop somewhere. Your DNS symptom is probably just one of several symptoms you may not have identified yet.

The root bridge *probably* doesn't matter in your configuration if you don't have redundant intentional layer 2 paths anywhere. What you probably have is a switch where STP isn't running that has 2 ports looped, a non-STP switch connected to another non-STP switch, or, as I had a few weeks ago, someone found a wifi client bridge that was configured to connect to the wifi, and plugged it into the LAN. The wifi client bridge dropped BPDUs, so STP failed to detect the loop. The users definitely noticed however.

It can be difficult to find a switch loop. You might try unplugging one downstream switch at a time until the trouble clears. You might monitor the MAC address tables on the switches for MAC addresses moving to a different port seemingly randomly. You might enable STP on switches that support it.

Good luck.
 
danriis
just joined
Topic Author
Posts: 11
Joined: Wed May 29, 2019 1:52 am

Re: Network loop?

Wed Jun 24, 2020 4:13 am

Thank you, I exported the config but got a .rsc file and I'm not sure how to turn that into a text file, any pointers?
 
mkx
Forum Guru
Forum Guru
Posts: 4317
Joined: Thu Mar 03, 2016 10:23 pm

Re: Network loop?

Wed Jun 24, 2020 8:32 am

.rsc file is text file, just different extension. Try to open it in any simple text editor ...
BR,
Metod
 
danriis
just joined
Topic Author
Posts: 11
Joined: Wed May 29, 2019 1:52 am

Re: Network loop?

Sun Jun 28, 2020 2:15 am

Thanks, see below for the config.
This has been the same for months but the problem with potential loop and the DNS delays came just recently. Does it look ok?


# jun/22/2020 12:00:39 by RouterOS 6.44.3
# software id = CKED-AUWZ
#
# model = RB1100x4
# serial number = 91D80AE30458
/interface bridge
add fast-forward=no name=bridge1
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=ether2 ] speed=100Mbps
set [ find default-name=ether3 ] name=ether3_Classrooms speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] name=ether5_GuestHouse speed=100Mbps
set [ find default-name=ether6 ] speed=100Mbps
set [ find default-name=ether7 ] speed=100Mbps
set [ find default-name=ether8 ] name=ether8_Solplex speed=100Mbps
set [ find default-name=ether9 ] speed=100Mbps
set [ find default-name=ether10 ] name=ether10_OutdoorKitchen speed=100Mbps
set [ find default-name=ether11 ] name=ether11_Nursery speed=100Mbps
set [ find default-name=ether12 ] speed=100Mbps
set [ find default-name=ether13 ] name=ether13WAN speed=100Mbps
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=10.0.0.2-10.0.0.245
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge1 name=dhcp1
/queue type
set 5 pcq-rate=10M
set 6 pcq-rate=10M
/queue simple
add max-limit=12M/30M name=LimitAll queue=\
pcq-upload-default/pcq-download-default target=10.0.0.0/24
/system logging action
set 0 memory-lines=2000
set 1 disk-file-count=10
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3_Classrooms
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5_GuestHouse
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether8_Solplex
add bridge=bridge1 interface=ether9
add bridge=bridge1 interface=ether10_OutdoorKitchen
add bridge=bridge1 interface=ether11_Nursery
add bridge=bridge1 interface=ether12
/ip address
add address=192.168.88.1/24 comment=defconf interface=ether1 network=\
192.168.88.0
add address=10.0.0.1/24 interface=bridge1 network=10.0.0.0
add address=208.85.239.110/30 interface=ether13WAN network=208.85.239.108
/ip dhcp-server network
add address=10.0.0.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.0.0.1
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=drop chain=input comment="DROP SSH from WAN requests" dst-port=22 \
in-interface=ether13WAN protocol=tcp
add action=drop chain=input comment="DROP webconfig from WAN requests" \
dst-port=8081 in-interface=ether13WAN protocol=tcp
add action=drop chain=input comment="DROP Winbox from WAN requests" dst-port=\
8291 in-interface=ether13WAN protocol=tcp
add action=jump chain=forward comment="Prevent UDP flooding attack" \
connection-state=new jump-target=detect-ddos
add action=return chain=detect-ddos comment="Prevent UDP flooding attack" \
dst-limit=32,32,src-and-dst-addresses/10s
add action=add-dst-to-address-list address-list=ddosed address-list-timeout=\
10m chain=detect-ddos comment="Prevent UDP flooding attack"
add action=add-src-to-address-list address-list=ddoser address-list-timeout=\
10m chain=detect-ddos comment="Prevent UDP flooding attack"
add action=drop chain=forward comment="Prevent UDP flooding attack" \
connection-state=new dst-address-list=ddosed src-address-list=ddoser
add action=drop chain=input comment="Prevent outside DHCP requests" dst-port=\
53 protocol=udp
add action=drop chain=input comment="Prevent outside DHCP requests" dst-port=\
53 protocol=tcp
/ip firewall nat
add action=masquerade chain=srcnat
/ip route
add distance=1 gateway=208.85.239.109
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=10.0.0.0/24 port=8081
set ssh address=10.0.0.0/24
set api disabled=yes
set winbox address=10.0.0.0/24
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/system clock
set time-zone-name=America/Los_Angeles
/system identity
set name=MikroTikLV
/system logging
set 0 action=disk topics=info,!dhcp
set 1 action=disk
set 2 action=disk
set 3 action=disk
/tool bandwidth-server
set authenticate=no enabled=no
/tool graphing interface
add
/tool graphing resource
add
/tool netwatch
add down-script=":log info \"Internet Down\"" host=208.85.239.109 interval=5s \
up-script=":log info \"Internet Up\""
add disabled=yes down-script=":log info \"Cabin 11 Down\"" host=10.0.0.243 \
interval=10s up-script=":log info \"Cabin 11 Up\""
add disabled=yes down-script=":log info \"Chris Down\"" host=10.0.0.16 \
interval=10s up-script=":log info \"Chris Up\""
add disabled=yes down-script=":log info \"Gentech Down\"" host=10.0.0.17 \
interval=10s up-script=":log info \"Gentech Up\""
add disabled=yes down-script=":log info \"LargeDorm upstairs Down\"" host=\
10.0.0.20 interval=10s up-script=":log info \"LargeDorm upstairs Up\""
add disabled=yes down-script=":log info \"Lodge Down\"" host=10.0.0.244 \
interval=10s up-script=":log info \"Lodge Up\""
add disabled=yes down-script=":log info \"Office Down\"" host=10.0.0.8 \
interval=10s up-script=":log info \"Office Up\""
add disabled=yes down-script=":log info \"Solplex NW Down\"" host=10.0.0.237 \
interval=10s up-script=":log info \"Solplex-NW Up\""
add disabled=yes down-script=":log info \"Solplex-SE Down\"" host=10.0.0.242 \
interval=10s up-script=":log info \"Solplex-SE Up\""
add down-script=":log info \"ping not reaching 8.8.8.8\"" host=8.8.8.8 \
interval=5s up-script=":log info \"ping reaching 8.8.8.8\""
add disabled=yes down-script=":log info \"ODK Down\"" host=10.0.0.245 \
interval=10s up-script=":log info \"ODK Up\""
add disabled=yes down-script=":log info \"LargeDorm wireless Down\"" host=\
10.0.0.18 interval=10s up-script=":log info \"LargeDorm wireless Up\""
add disabled=yes down-script=":log info \"DaShop Down\"" host=10.0.0.14 \
interval=10s up-script=":log info \"DaShop Up\""
add disabled=yes down-script=":log info \"Old Chris' hut Down\"" host=\
10.0.0.23 interval=10s up-script=":log info \"Old Chris' hut Up\""

Who is online

Users browsing this forum: Baidu [Spider], Google [Bot], prozak and 77 guests