Community discussions

MikroTik App
 
Rhy2
just joined
Topic Author
Posts: 5
Joined: Sun Aug 14, 2022 5:36 pm

PING PROBLEM ON ROS 7.9

Mon May 15, 2023 3:34 pm

Hello,

I had to upgrade to version 7.9 and above. After I upgraded to 7.9, I started to be unable to ping the PPPoE clients that I was routing with mangle rule in my multi-iss working structure. When I downgrade to 7.1 everything works fine. I am sharing an example script below, looking forward to your help

# may/15/2023 15:25:45 by RouterOS 7.9
#
# model = RB951G-2HnD

/interface ethernet
set [ find default-name=ether1 ] name=ether1-LINK1
set [ find default-name=ether2 ] name=ether2-LINK2

/ppp profile
set *0 local-address=100.64.0.1
add change-tcp-mss=yes name=LINK1
add change-tcp-mss=yes name=LINK2

/interface pppoe-client
add disabled=no interface=ether1-LINK1 name=LINK1 profile=LINK1 user=\
    test1
add interface=ether2-LINK2 name=LINK2 profile=LINK2 user=test2

/routing table
add disabled=no fib name=To_LINK1
add disabled=no fib name=To_LINK2


/ip firewall address-list
add address=100.64.0.254 list=USER_LINK1
add address=100.64.10.1 list=USER_LINK1
add address=100.64.10.253 list=USER_LINK1
add address=100.64.10.4 list=USER_LINK1
add address=100.64.10.5 list=USER_LINK1
add address=100.64.10.6 list=USER_LINK1
add address=100.64.10.8 list=USER_LINK1
add address=100.64.10.9 list=USER_LINK1
add address=100.64.10.11 list=USER_LINK1
add address=100.64.10.10 list=USER_LINK1
add address=100.64.10.14 list=USER_LINK1
add address=100.64.10.15 list=USER_LINK1
add address=100.64.10.16 list=USER_LINK1
add address=100.64.10.13 list=USER_LINK1
add address=100.64.10.12 list=USER_LINK1
add address=100.64.10.2 list=USER_LINK1

/ip firewall mangle

add action=mark-routing chain=prerouting comment="LINK1 ROUTE" \
    new-routing-mark=To_LINK1 passthrough=yes src-address-list=USER_LINK1
add action=mark-routing chain=prerouting comment="LINK2 ROUTE" \
    new-routing-mark=To_LINK2 passthrough=yes src-address-list=USER_LINK2

/ip firewall nat
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    4640540858421421412412 protocol=tcp src-address=100.64.10.2 to-addresses=\
    xx.x9.x0.x4 to-ports=11001-12001
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    4640540858421421412412 protocol=udp src-address=100.64.10.2 to-addresses=\
    xx.x9.x0.x4 to-ports=11001-12001
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    1211924659021421412412 protocol=tcp src-address=100.64.10.12 to-addresses=\
    xx.x9.x0.x4 to-ports=21011-22011
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    1211924659021421412412 protocol=udp src-address=100.64.10.12 to-addresses=\
    xx.x9.x0.x4 to-ports=21011-22011
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    3987789760421421412412 protocol=tcp src-address=100.64.10.13 to-addresses=\
    xx.x9.x0.x4 to-ports=22012-23012
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    3987789760421421412412 protocol=udp src-address=100.64.10.13 to-addresses=\
    xx.x9.x0.x4 to-ports=22012-23012
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    3915763374821421412412 protocol=tcp src-address=100.64.10.16 to-addresses=\
    xx.x9.x0.x4 to-ports=18008-19008
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    3915763374821421412412 protocol=udp src-address=100.64.10.16 to-addresses=\
    xx.x9.x0.x4 to-ports=18008-19008
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    3829094717021421412412 protocol=tcp src-address=100.64.10.15 to-addresses=\
    xx.x9.x0.x4 to-ports=15005-16005
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    3829094717021421412412 protocol=udp src-address=100.64.10.15 to-addresses=\
    xx.x9.x0.x4 to-ports=15005-16005
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    2051807836021421412412 protocol=tcp src-address=100.64.10.14 to-addresses=\
    xx.x9.x0.x4 to-ports=23013-24013
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    2051807836021421412412 protocol=udp src-address=100.64.10.14 to-addresses=\
    xx.x9.x0.x4 to-ports=23013-24013
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    4247815779421421412412 protocol=tcp src-address=100.64.10.10 to-addresses=\
    xx.x9.x0.x4 to-ports=20010-21010
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    4247815779421421412412 protocol=udp src-address=100.64.10.10 to-addresses=\
    xx.x9.x0.x4 to-ports=20010-21010
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    4923429818021421412412 protocol=tcp src-address=100.64.10.11 to-addresses=\
    xx.x9.x0.x4 to-ports=19009-20009
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    4923429818021421412412 protocol=udp src-address=100.64.10.11 to-addresses=\
    xx.x9.x0.x4 to-ports=19009-20009
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    2969843148421421412412 protocol=tcp src-address=100.64.10.9 to-addresses=\
    xx.x9.x0.x4 to-ports=18008-19008
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    2969843148421421412412 protocol=udp src-address=100.64.10.9 to-addresses=\
    xx.x9.x0.x4 to-ports=18008-19008
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    2748734698821421412412 protocol=tcp src-address=100.64.10.8 to-addresses=\
    xx.x9.x0.x4 to-ports=16006-17006
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    2748734698821421412412 protocol=udp src-address=100.64.10.8 to-addresses=\
    xx.x9.x0.x4 to-ports=16006-17006
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    3973358321421421412412 protocol=tcp src-address=100.64.10.6 to-addresses=\
    xx.x9.x0.x4 to-ports=14004-15004
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    3973358321421421412412 protocol=udp src-address=100.64.10.6 to-addresses=\
    xx.x9.x0.x4 to-ports=14004-15004
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    2251719731821421412412 protocol=tcp src-address=100.64.10.4 to-addresses=\
    xx.x9.x0.x4 to-ports=13003-14003
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    2251719731821421412412 protocol=udp src-address=100.64.10.4 to-addresses=\
    xx.x9.x0.x4 to-ports=13003-14003
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    4213951951021421412412 protocol=tcp src-address=100.64.10.1 to-addresses=\
    xx.x9.x0.x4 to-ports=10000-11000
add action=src-nat chain=srcnat dst-port=0-65535 log-prefix=\
    4213951951021421412412 protocol=udp src-address=100.64.10.1 to-addresses=\
    xx.x9.x0.x4 to-ports=10000-11000
	
add action=masquerade chain=srcnat src-address-list=USER_LINK1
add action=masquerade chain=srcnat src-address-list=USER_LINK2


/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=LINK1 routing-table=To_LINK1
add disabled=no dst-address=0.0.0.0/0 gateway=LINK1
add disabled=no dst-address=0.0.0.0/0 gateway=LINK2 routing-table=To_LINK2
 
Rhy2
just joined
Topic Author
Posts: 5
Joined: Sun Aug 14, 2022 5:36 pm

Re: PING PROBLEM ON ROS 7.9  [SOLVED]

Tue May 16, 2023 1:20 am

I solved the problem with the following rule.
/ip firewall mangle
add action=accept chain=prerouting dst-address=100.64.0.0/16

Who is online

Users browsing this forum: Google [Bot] and 78 guests