Community discussions

MUM Europe 2020
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

Please hlp needed Strange Routing problem, routes not advert

Sun Jan 29, 2006 8:26 pm

Hi,

I have the following simple setup, experiencing strange routing issues, dont know if Im doing something wrong or its a bug on MT boxes.

Router MT1
Wan IP- Public 216.XXX.XXX.XXX (internet)
LAN IP´s ether1: 192.168.127.1/24 , 10.10.0.1/24 , 10.0.0.1/24
- 192.168.127.0/24 Nated users on MT1
- 10.10.0.0/24 "Maintenance" network for AP´s, and customer bridges
- 10.0.0.0/24 Routers interconnection

Router MT2
Wan IP ether1 - 10.0.0.2/24
Lan IP´s ether2 - 10.10.1.0/24 , 192.168.227.1/24
- 192.168.227.0/24 Nated at Router MT1
- 10.10.1.0/24 "Maintenance" network for AP´s, and customer bridges

At MT1 static routes:
0.0.0.0/0 points to default gateway 216.XXX.XXX.XXX in Public
192.168.227.0 points to MT2 in ether1
10.10.1.0 points to MT2 in ether1

At MT2 static routes:
0.0.0.0/0 points to MT1 in ether1

A PC in network 192.168.227.0/24 behind MT2 can reach (ping) any device in networks 192.168.127.0/24 or 10.10.0.0/24 (MT1 networks)

Now the weird issues are; a PC in network 192.168.127.0/24 or the MT1 itself CAN NOT reach devices or PC´s in networks 192.168.227.0/24 or 10.10.1.0/24 behind MT2, .... UNTIL that device by itself request something from MT1 or the internet, after that it looks like MT1 learns the route to that device and does not forget the route even after that device is rebooted.

MT1 is in our main site, and MT2 is in a remote tower to be a repeater, the connection between the two routers is via an Orinoco AP-1000 and a WET11 linksys bridge, no connectivity issues on the link.

Any ideas? Any instructions how to solve this....

Best Regards

Jorge Boardman
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

Anybody please -....

Mon Jan 30, 2006 5:15 pm

Anybody .... please ?
 
cmit
Forum Guru
Forum Guru
Posts: 1552
Joined: Fri May 28, 2004 12:49 pm
Location: Germany

Mon Jan 30, 2006 5:34 pm

Jorge,

have you verified that this really is a routing problem?
As I read it, it could also have to do with ARP.

I don't remember the WET-11 very well (it's long ago that I used some of those) - but doesn't it do something like "MAC cloning", making the usage of several devices "behind" it at least difficult depending on the scenario?

Best regards,
Christian Meis
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

Thks for answering

Mon Jan 30, 2006 5:53 pm

Hi Christian, Thks for answering...

Let me try this setup without the wireless link and see what happens, thks for the advice.

Best

Jorge
 
boardman
Member Candidate
Member Candidate
Topic Author
Posts: 260
Joined: Fri May 28, 2004 11:10 pm
Location: Mexico
Contact:

Tested

Mon Jan 30, 2006 11:35 pm

Hi, I tested this as Christian suggested, (without the wireless link).... results the same....

What am I missing here guys.... please help


Best

Jorge
 
savage
Forum Guru
Forum Guru
Posts: 1220
Joined: Mon Oct 18, 2004 12:07 am
Location: Cape Town, South Africa
Contact:

Tue Jan 31, 2006 4:59 am

Allrighty.

Personally, I would say at the very least, renumber your network, or use some form of BGP. That aside,

Unless you made a typo in your original post, I am seeing a routing error after drawing a little picture for myself... But let's make sure first what you have in these routers.

Let's look at what you said in your original post, break it up, rip it appart, and draw some pictures:

MT1 - Two Interfaces, Ether2 (I presume), which is your WAN, on 216.x.x.x
MT1, Ether1, is networks on 192.168.127/24, 10.10/24, and 10/24. NOTE: THIS IS ONE INTERFACE. Therefore, it is 100% correct, to presume you have SOME sort of HUB/Switch in here, between MT1 and MT2

MT2, Ether1: 10/24
MT2, Ether2: 192.168.227/24, 10.10.1/24

Let's look at routes:
MT1: 0/0 -> 216 (Default route)
MT1: 192.168.227/24 -> 10.0.0.2 (MT2, Ether1)
MT1: 10.10.1/24 -> 10.0.0.2 (MT2, Ether1)

That bit, seems to be correct. MT1 will be able to access MT2 on 10.0.0.2 via Ether1

The routes coming back, is where your problem lies I believe. Because you have 4 different networks on one interface, MT2 as well as MT1 MUST have a local ip address (for ARP) for every network connected to the interface.

Routing from MT2, to 192.168.127.x WILL NOT work, because 192.168.127/24 is directly connected to Ether1 on MT2. You have a couple of solutions here...

1) Renumber your network so that it makes better sense (My preference)
2) Implement VLANs seperating 192.168.127/24, 10.10/24 and 10/24 on MT1, as well as 192.168.227/24 and 10.10.1/24 on MT2, then route across the VLANs instead of the physical interfaces (may be a difficult task based on your layout)
3) Add IP addresses to ether1 on MT2 for 192.168.127/24, 10.10/24, and 10/24 on MT2. As a matter of caution, the same should be done to Ether2 on MT2
4) Add more interfaces to both of your Mikrotiks, have one network on one interface - like normal people do it :)

Basically, cmit is correct, this is ARP. It is however, not solvable as the network implementation currently stands. When MT2 wants to access say, 10.10.0.2... What happens?

The default route, points to ether1 on MT1. MT2 thus, sends the request to MT1. MT1 gets the request on E1, but REFUSES to route (forward the packet from one interface to another - which is what ROUTING is) the packet, as 10.10.0.2 already is on Ether1 of MT1 (Same interface, thus the router CANNOT route the packet). Therefore, a ARP request is fired off, to find the mac address of the IP address. MT2 refuses to accept the MAC address provided by MT1, because MT2's ether1 does not belong to the network. Therefore, you have a routing problem. If you have a SWITCH connecting MT1, MT2, and all the bunch of networks on those two interfaces, you're problems are going to be even worse.

After a while, the route will start to operate, TEMPORARILY, as MT2 eventually picks up the arp requests and adds a arp mapping to it's arp table (And you should be able to verify this if you monitor the IP Arp Cache table). This, naturally, will only work untill the arp expires from the cache on MT2. Don't think about adding static ARP entries, you're only going to create a crapload of additional work for yourself. Also, even *if* it eventually picks up the MAC address and works for a couple of minutes, performance is going to be EXTREMELY sluggish, and your network will eventually be flooded with ICMP Unreachable errors - which, well.. Is not really something we want ;)

Add the IP addresses to MT2's Ether1, you should be sorted. But seriously, this is a very bad example of how to implement a network IHMO. As a rule of thumb for me personally, 1 Interface = 1 IP address. Unless there are VERY good reasons to add more.

Hope it makes sense, and that you can get your problem resolved.

--
Chris
Regards,
Chris

Who is online

Users browsing this forum: Lifz, marizo, MSN [Bot], Schlimmerfinger and 121 guests