Community discussions

MikroTik App
  4. RouterOS
  5. General

missing basic router protocols

Post Reply
 
rrameezsalamat
just joined
Topic Author
Posts: 19
Joined: Tue Nov 03, 2015 1:09 pm

missing basic router protocols

Sun May 23, 2021 11:41 am

hi everyone,

i have RB951u2hnd router and i am not using any heavy scenarios. i just made a failover on my mikrotik and it is working perfectly.
my mikrotik router ips are:
wan 1 : 192.168.1.1/24
wan 2 : 192.168.0.1/24
Lan : 192.168.100.1/24

currently wan 2 is disabled to minimize the query.
when i connect my laptop to wan1 router (which is edge router of isp, the ont device) my device got ip from edge router 192.168.1.10.
now, from this laptop, i am unable to access one of my computer which is having a static lease from dhcp of mikrotik 192.168.100.11.
i send ping but failed, actually it does not recognized the ip pool of mikrotik's LAN (192.168.100.1/24)

please advice any solution.
Top
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11593
Joined: Thu Mar 03, 2016 10:23 pm

Re: missing basic router protocols

Sun May 23, 2021 12:50 pm

Mikrotiks that come with default firewall settings (your RB951 included) don't allow conections from WAN directly to LAN IP addresses and that's for good reason (namely security). Even more, for IPv4 whole LAN is hidden behind router's WAN IP address, router performs NAT ... Before allowing connections you described learn some basics and understand consequences of changing default settings (which are pretty sane in ROS).
Top
 
sindy
Forum Guru
Forum Guru
Posts: 10206
Joined: Mon Dec 04, 2017 9:19 pm

Re: missing basic router protocols

Sun May 23, 2021 12:53 pm

I don't think it is a missing protocol on the Mikrotik, I'd say it is a missing route at the ISP router and/or on the laptop.

When your laptop obtains a DHCP lease from the ISP router, not only it gets an IP address 192.168.1.10/24, but it likely also gets an address of a default gateway, which is 192.168.1.1.

Now unless there is a manually configured static route to 192.168.100.0/24 on your laptop, when the laptop sends a packet to 192.168.100.11, it uses that default route, so the packet arrives to the ISP router, not to the Mikrotik. But the ISP router most likely doesn't know that the gateway to 192.168.100.0/24 is whatever.address.the.mikrotik.got.from.it, so it uses its own default route, which goes via its own WAN, so the packet gets sent away via WAN.

The solution differs depending on the capabilities of the ISP router(s) and our ability to change their configuration.

But more important, the devices that get their IP addresses directly from one of the ISP modems are unable to make use of the WAN failover functionality, as their outgoing traffic does not pass through the Mikrotik at all. So if you insist on using the LAN ports of the ISP routers to connect your home devices, and want them to be able to use the failover at the same time, you can disable the DHCP server on the ISP router, manually assign an IP address from 192.168.1.0/24 to the Mikrotik as a secondary one on its bridge, add the wan1 port of the Mikrotik to the bridge, and manually set up a default route via 192.168.1.1 at the Mikrotik. This way, anything you connect either to Mikrotik's own ports or to ports of the ISP modem will get its IP configuration from the Mikrotik. By using a src-nat rule at the Mikrotik you ensure that the ISP router will know where to send the incoming responses from the internet even without a route to 192.168.100.0/24.
Top
 
rrameezsalamat
just joined
Topic Author
Posts: 19
Joined: Tue Nov 03, 2015 1:09 pm

Re: missing basic router protocols

Sun May 23, 2021 1:34 pm

I don't think it is a missing protocol on the Mikrotik, I'd say it is a missing route at the ISP router and/or on the laptop.

When your laptop obtains a DHCP lease from the ISP router, not only it gets an IP address 192.168.1.10/24, but it likely also gets an address of a default gateway, which is 192.168.1.1.

Now unless there is a manually configured static route to 192.168.100.0/24 on your laptop, when the laptop sends a packet to 192.168.100.11, it uses that default route, so the packet arrives to the ISP router, not to the Mikrotik. But the ISP router most likely doesn't know that the gateway to 192.168.100.0/24 is whatever.address.the.mikrotik.got.from.it, so it uses its own default route, which goes via its own WAN, so the packet gets sent away via WAN.

The solution differs depending on the capabilities of the ISP router(s) and our ability to change their configuration.

But more important, the devices that get their IP addresses directly from one of the ISP modems are unable to make use of the WAN failover functionality, as their outgoing traffic does not pass through the Mikrotik at all. So if you insist on using the LAN ports of the ISP routers to connect your home devices, and want them to be able to use the failover at the same time, you can disable the DHCP server on the ISP router, manually assign an IP address from 192.168.1.0/24 to the Mikrotik as a secondary one on its bridge, add the wan1 port of the Mikrotik to the bridge, and manually set up a default route via 192.168.1.1 at the Mikrotik. This way, anything you connect either to Mikrotik's own ports or to ports of the ISP modem will get its IP configuration from the Mikrotik. By using a src-nat rule at the Mikrotik you ensure that the ISP router will know where to send the incoming responses from the internet even without a route to 192.168.100.0/24.
basically all the problem is my wan edge router does not recognize the network 192.168.100.0/24 so he used to send the packet out (from the network to the internet) through default gateway which is 192.168.1.1. all i want is my edge router check inside before sending packet to default gateway. why it is not checking inside while i have put 192.168.1.2 ip to my mikrotik?
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19323
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: missing basic router protocols

Sun May 23, 2021 1:45 pm

Your network is not clear,
Why are you connecting your laptop directly to the ONT, does your laptop have a fiber nic?
What do you mean edge router, how many routers do you have.
Where is the Mikrotik.

Please draw a network diagram.
also
/export hide-sensitive file=anynameyouwish
Top
 
rrameezsalamat
just joined
Topic Author
Posts: 19
Joined: Tue Nov 03, 2015 1:09 pm

Re: missing basic router protocols

Sun May 23, 2021 1:54 pm

Your network is not clear,
Why are you connecting your laptop directly to the ONT, does your laptop have a fiber nic?
What do you mean edge router, how many routers do you have.
Where is the Mikrotik.

Please draw a network diagram.
also
/export hide-sensitive file=anynameyouwish
no my laptop does not have fiber nic , i am not connecting laptop directly with fiber, my ont device (edge router) has 4 lan ports, laptop is connected via this lan port.
edge router is my very first router (the ont device) that is provided by the ISP, it recieves from fiber optic and transmit through RJ45 Lan. just 2 routers i have, 1 huawei and 1 mikrotik.
mikrotik is connected right after edge/Wan/Ont (at ip 192.168.1.2)
Top
 
sindy
Forum Guru
Forum Guru
Posts: 10206
Joined: Mon Dec 04, 2017 9:19 pm

Re: missing basic router protocols

Sun May 23, 2021 2:52 pm

all i want is my edge router check inside before sending packet to default gateway. why it is not checking inside while i have put 192.168.1.2 ip to my mikrotik?
Because dynamic discovery of network topology (aka dynamic routing protocols) is not automatically enabled even on enterprise or ISP routers, let alone consumer-grade ones like your ONT.

And it doesn't work the way you assume, try to send the packet inside and if it fails, go outside. Dynamic routing protocols are used by routers to inform other routers what destination networks they can deliver traffic to, so that the other routers could update their routing tables accordingly.

Plus again, even if you manage to activate some dynamic routing protocol at the ONT and let the Mikrotik use the same dynamic routing protocol to advertise 192.168.100.0/24 to it, if you connect the laptop to the wan subnet of the Mikrotik, that laptop's connections to internet will bypass the Mikrotik, so they will only ever use the ISP to whose ONT the laptop is connected. Only devices having the Mikrotik as their gateway can use the failover you've implemented on the Mikrotik.
Top
 
rrameezsalamat
just joined
Topic Author
Posts: 19
Joined: Tue Nov 03, 2015 1:09 pm

Re: missing basic router protocols

Sun May 23, 2021 3:03 pm

it does not matter if the failover not work on the laptop (connected at wan) obviously i am before the mikrotik so it will not work failover on that laptop. but it must may reach the internal network 192.168.100.0. can you guide me how can i add a static route to the huawei router to reach 192.168.100.0 network instead of using default gateway?
Top
 
sindy
Forum Guru
Forum Guru
Posts: 10206
Joined: Mon Dec 04, 2017 9:19 pm

Re: missing basic router protocols

Sun May 23, 2021 3:11 pm

can you guide me how can i add a static route to the huawei router to reach 192.168.100.0 network instead of using default gateway?
Not unless you give me a link to the user manual of that exact router model.
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19323
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: missing basic router protocols

Sun May 23, 2021 3:15 pm

Conctact your ISP or Huawei, this is not a Mikrotik problem so why bring it here???
Top
 
rrameezsalamat
just joined
Topic Author
Posts: 19
Joined: Tue Nov 03, 2015 1:09 pm

Re: missing basic router protocols

Sun May 23, 2021 5:24 pm

yes this is not the mikrotik problem. i should contact my isp. huawei router is coated with isp's firmware and software.
Top
Post Reply

Who is online

Users browsing this forum: johnson73 and 94 guests
  4. RouterOS
  5. General