Community discussions

MUM Europe 2020
 
popcorrin
Member Candidate
Member Candidate
Topic Author
Posts: 189
Joined: Wed Mar 11, 2009 12:55 am

Policy based routing issue with 2 gateways?

Sun Mar 21, 2010 7:54 pm

I have 2 dsl connections going into an RB450. I am using routing marks so that roughly half of the internal ips go out one gateway and the other half go out the other gateway. The issue I run into is that when I try to switch an ip or a subnet to go out the other gateway by changing the routing mark for those packets, that subnet or ip loses connectivity for awhile.

I found that if I put a static dns on a computer, then this does not happen.
Looking for advice to try and pinpoint what is going on.

Thanks
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8326
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Policy based routing issue with 2 gateways?

Mon Mar 22, 2010 1:51 am

what do you mean by 'put a static dns'?

if you have established NATted connections via one gateway, if you change the gateway, NAT address is still the same, so you need to kill all those connections so that they were re-established. otherwise they will just timeout
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
popcorrin
Member Candidate
Member Candidate
Topic Author
Posts: 189
Joined: Wed Mar 11, 2009 12:55 am

Re: Policy based routing issue with 2 gateways?

Mon Mar 22, 2010 3:37 pm

what do you mean by 'put a static dns'?
On a windows pc you can select 'obtain a dns server address automatically' or you can select 'use the following dns server address'. When I input the dns server address then I don't have issues.

if you have established NATted connections via one gateway, if you change the gateway, NAT address is still the same, so you need to kill all those connections so that they were re-established. otherwise they will just timeout
I understand that the established connections will timeout. Even new ones I try to make don't work though either.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8326
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Policy based routing issue with 2 gateways?

Mon Mar 22, 2010 9:33 pm

what do you mean by 'put a static dns'?
On a windows pc you can select 'obtain a dns server address automatically' or you can select 'use the following dns server address'. When I input the dns server address then I don't have issues.
so, you put manually the same address as obtained automatically?..
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
popcorrin
Member Candidate
Member Candidate
Topic Author
Posts: 189
Joined: Wed Mar 11, 2009 12:55 am

Re: Policy based routing issue with 2 gateways?

Mon Mar 22, 2010 11:54 pm

what do you mean by 'put a static dns'?
On a windows pc you can select 'obtain a dns server address automatically' or you can select 'use the following dns server address'. When I input the dns server address then I don't have issues.
so, you put manually the same address as obtained automatically?..

Yes, just for the dns server.
 
popcorrin
Member Candidate
Member Candidate
Topic Author
Posts: 189
Joined: Wed Mar 11, 2009 12:55 am

Re: Policy based routing issue with 2 gateways?

Sat Mar 27, 2010 8:43 am

any ideas?
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1065
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Policy based routing issue with 2 gateways?

Sat Mar 27, 2010 1:39 pm

Are the two ADSL lines from the same ISP?
My guess is that, when you change the DNS in a PC, you actually flush the
dns table of the PC, it will be the same as if you right-click on the network
connection icon and choose "repair". So I think it is not a DNS issue, most likely
the Windows needs to reestablish connections.
-Toni-
Don't crash the ambulance, whatever you do
 
popcorrin
Member Candidate
Member Candidate
Topic Author
Posts: 189
Joined: Wed Mar 11, 2009 12:55 am

Re: Policy based routing issue with 2 gateways?

Sat Mar 27, 2010 9:31 pm

Are the two ADSL lines from the same ISP?
My guess is that, when you change the DNS in a PC, you actually flush the
dns table of the PC, it will be the same as if you right-click on the network
connection icon and choose "repair". So I think it is not a DNS issue, most likely
the Windows needs to reestablish connections.
The 2 ADSL lines are from the same ISP.
But I am not changing the DNS on the PC to static after I lose connectivity. It's set to a static address prior to switching gateways and it doesn't lose connectivity no matter how many times I switch gateways.

I am wondering if you are on the right track though. I might test with a cable connection I have access to, to see if that behaves differently.
 
popcorrin
Member Candidate
Member Candidate
Topic Author
Posts: 189
Joined: Wed Mar 11, 2009 12:55 am

Re: Policy based routing issue with 2 gateways?

Sat Mar 27, 2010 9:36 pm

it will be the same as if you right-click on the network
connection icon and choose "repair".
I left the dns address to be assigned automatically and tried the "repair" option and it did not fix the connectivity issue so maybe this is not the issue?
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1065
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Policy based routing issue with 2 gateways?

Sat Mar 27, 2010 10:13 pm

Are the two pppoe-client configured with the same MTU and MRU?
I think they are, but just to be sure.
You can try to set a kind of "transparent dns cache" by adding the following to the router:

/ip firewall nat
add chain=dstnat action=redirect to-ports=53 protocol=udp dst-port=53

you should also let Router to accept requests of DNS:

/ip dns
set allow-remote-requests=yes
-Toni-
Don't crash the ambulance, whatever you do
 
popcorrin
Member Candidate
Member Candidate
Topic Author
Posts: 189
Joined: Wed Mar 11, 2009 12:55 am

Re: Policy based routing issue with 2 gateways?

Sat Mar 27, 2010 10:41 pm

MTU and MRU are the same.

I tried the redirect rule and I wasn't successful.

I had the remote-requests set to yes already.





By the way, I really appreciate the suggestions. Thank you.
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1065
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Policy based routing issue with 2 gateways?

Sun Mar 28, 2010 12:39 pm

Have you tried to ping www.google.com from the PC at the moment when it has no internet
and then another ping when it is connected? This is to see if they are resolving diferently,
although there is not much chance since they are using the same ISP.
The DNS you are using is from ISP? if that is the case have you tried a public DNS?
One last thing, in the mangle it would be better if you mark connections first, and based on that
mark then mark the routing. But you should be carefull not to mark the traffic of the router itself.
It could be a chance that with mark-routing, probably you are redirecting IP of WAN2 to gateway
of WAN1.

This is my guess
-Toni-
Don't crash the ambulance, whatever you do
 
popcorrin
Member Candidate
Member Candidate
Topic Author
Posts: 189
Joined: Wed Mar 11, 2009 12:55 am

Re: Policy based routing issue with 2 gateways?

Mon Mar 29, 2010 8:43 pm

When I try pinging www.google.com after I lose connectivity it says it can't find host.

Yes I am using the dns from my provider. I thought about switching to a public dns but I didn't know a good one that I could use and I worried that if I chose a public one, would it always be available, do they ever change?

I am not exactly sure what you mean about marking connections and then marking your routing. Could you explain that further?

Thanks
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1065
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Policy based routing issue with 2 gateways?

Tue Mar 30, 2010 12:27 am

If you want 192.168.1.0/24 to go through one gateway:

/ip firewall mangle
add chain=prerouting src-address=192.168.1.0/24 action=mark-conncetion new-connection-mark=subnet1
add chain=prerouting connection-mark=subnet1 action=mar-routing new-routing-mark=subnet1
/ip route
add dst-address=0.0.0.0/0 gateway=(IP of WAN1) routing-mark=subnet1

The fact that you can't ping www.google.com shows that it can not find the gateway to internet.
You should test by ping every step, or execute a tracert and see where it stops. I can not figure out
why it connects when you change the dns! As public dns you can choose those of google which are
8.8.8.8 and 8.8.4.4, or whatever you think is appropriate for you
-Toni-
Don't crash the ambulance, whatever you do
 
popcorrin
Member Candidate
Member Candidate
Topic Author
Posts: 189
Joined: Wed Mar 11, 2009 12:55 am

Re: Policy based routing issue with 2 gateways?

Tue Mar 30, 2010 4:36 am

The fact that you can't ping http://www.google.com shows that it can not find the gateway to internet.
I figured the reason it could not ping www.google.com is because it can't resolve the ip address?
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1065
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: Policy based routing issue with 2 gateways?

Tue Mar 30, 2010 12:45 pm

The fact that you can't ping http://www.google.com shows that it can not find the gateway to internet.
I figured the reason it could not ping http://www.google.com is because it can't resolve the ip address?
Yes, you are right
-Toni-
Don't crash the ambulance, whatever you do

Who is online

Users browsing this forum: Google [Bot], jcariv, madkaefer and 69 guests