Community discussions

MUM Europe 2020
 
User avatar
sjwrick
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 77
Joined: Tue Jul 25, 2006 10:12 pm

Hotspot conflicts with static IPs

Fri Jul 03, 2009 11:43 pm

I have an established wireless/wired network using MT 3.1. Multiple static /30 subnets for my customers.

Trying to migrate from our former Hotspot solution to a MT hotspot solution.

Got things working great with the MT hotspot using radius and user-manager with a separate MT router UNATTACHED to my current network.

However as soon as I attach the HS router to the statically routed network (HS is a second router, another router is managing my static IPs) the network starts crashing and devices start becoming unpingable. Traffic slows to a halt/crawl and things just do not function. I have exhausted searches for IP conflicts. The HS box is a RB493/MT 3.25. I have tried different ports on the RB493. All to no avail.

Ideas to check for conflicts?

Interestingly the HS private IP gateway is 10.5.50.1/24. It is not the gateway for any device except the HS customer.
When the network crashes, testing from a PC on a statically routed network, I get a ping response to "ping 192.168.x.2" that says "10.5.50.1 can't find the host 192.168.x.2". This makes sense that 10.5.50.1 can't find something it is not routed to, but why is it asking 10.5.50.1 in the first place since 10.5.50.1 is not routed to by the computer I am on? Why isn't 192.168.x.1 responding?

Rick
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8345
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Hotspot conflicts with static IPs

Wed Jul 08, 2009 12:12 am

it's Universal Client feature: any computer with any network settings may use your hotspot =)

from Docs:
Getting Address
First of all, a client must get an IP address. It may be set on the client statically, or leased from a DHCP server. The DHCP server may provide ways of binding lent IP addresses to clients MAC addresses, if required. The HotSpot system does not care how did a client get an address before he/she gets to the HotSpot login page.

Moreover, HotSpot server may automatically and transparently change any IP address (yes, meaning really any IP address) of a client to a valid unused address from the selected IP pool. This feature gives a possibility to provide a network access (for example, Internet access) to mobile clients that are not willing (or are disallowed, not qualified enough or otherwise unable) to change their networking settings. The users will not notice the translation (i.e., there will not be any changes in the users' config), but the router itself will see completely different (from what is actually set on each client) source IP addresses on packets sent from the clients (even firewall mangle table will 'see' the translated addresses). This technique is called one-to-one NAT, but is also known as "Universal Client" as that is how it was called in the RouterOS version 2.8.

One-to-one NAT accepts any incoming address from a connected network interface and performs a network address translation so that data may be routed through standard IP networks. Clients may use any preconfigured addresses. If the one-to-one NAT feature is set to translate a client's address to a public IP address, then the client may even run a server or any other service that requires a public IP address. This NAT is changing source address of each packet just after it is received by the router (it is like source NAT that is performed earlier, so that even firewall mangle table, which normally 'sees' received packets unaltered, can only 'see' the translated address).

Note also that arp mode must be enabled on the interface you use one-to-one NAT on.
so just set Address Pool of Hotspot to 'none' - should help
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
sjwrick
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 77
Joined: Tue Jul 25, 2006 10:12 pm

Re: Hotspot conflicts with static IPs

Wed Jul 08, 2009 8:34 am

OK - I was looking for "Universal Client" or something similar. Will try out adjusting adress pool and see how it goes and will read up on "one-to-one".

I'm actually more interested in why the network crashes but maybe the MAC address translation via ARP is causing the issue.

Thanks!

Rick
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8345
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Hotspot conflicts with static IPs

Thu Jul 09, 2009 9:30 am

I'm actually more interested in why the network crashes
because ROS tries to catch all requests between all users =) it's Universal Client )))
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.

Who is online

Users browsing this forum: FernandoSuperGG, lehomi, Renfrew and 84 guests