Community discussions

MikroTik App
 
nerdtron
Member Candidate
Member Candidate
Topic Author
Posts: 123
Joined: Sat Nov 30, 2013 7:49 am

changing default route weird behavior (simple question)

Sat Feb 15, 2014 6:46 am

I have been using cisco devices in the past and I haven't faced this problem until I used mikrotik.
Say I have:
LAN: 192.168.1.0/24
WAN1 gateway: 10.10.10.1 (Distance = 1)
WAN2 gateway: 11.11.11.1 (Distance = 2)

I'm not using any policy routing, juts normal default routing. All lan traffic to internet will default to WAN1 gateway. Then if WAN1 fails, or if I manually change the distance to 3, all traffic will flow to WAN2. Working fine so far.
/ip route
add comment=wan1 distance=1 gateway=10.10.10.1 
add comment=wan2 distance=2 gateway=11.11.11.1 
Here's the problem:
When I issue "ping 8.8.8.8 -t", on the lan computer, I receive a reply.
C:\>ping 8.8.8.8 -t

Pinging 8.8.8.8 with 32 bytes of data:

Reply from 8.8.8.8: bytes=32 time=24ms TTL=48
Reply from 8.8.8.8: bytes=32 time=24ms TTL=48
Reply from 8.8.8.8: bytes=32 time=4ms TTL=48
Reply from 8.8.8.8: bytes=32 time=27ms TTL=48
Reply from 8.8.8.8: bytes=32 time=35ms TTL=48
Reply from 8.8.8.8: bytes=32 time=2ms TTL=48

But as soon as I manually change the default route, the reply stops:
C:\>ping 8.8.8.8 -t

Pinging 8.8.8.8 with 32 bytes of data:

Reply from 8.8.8.8: bytes=32 time=24ms TTL=48
Reply from 8.8.8.8: bytes=32 time=24ms TTL=48
Reply from 8.8.8.8: bytes=32 time=4ms TTL=48
Reply from 8.8.8.8: bytes=32 time=27ms TTL=48
Reply from 8.8.8.8: bytes=32 time=35ms TTL=48
Reply from 8.8.8.8: bytes=32 time=2ms TTL=48
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
The solution is to press Ctrl-C and issue the ping command again. This time, reply will be received again.

Question: When I do continuous ping on computers on the LAN using cisco routers and I change the default route on the router, ping will fail temporarily but replies will be received after about 2 failed replies.
When I use mikrotik router and I change the default route, replies will not received until I issue another separate ping command.
Is this really the behavior of mikrotik in handling default routes or is there a solution to make it act like a cisco router?
 
User avatar
rickfrey
Trainer
Trainer
Posts: 610
Joined: Sun Feb 14, 2010 11:41 pm
Location: Van, Texas
Contact:

Re: changing default route weird behavior (simple question)

Sat Feb 15, 2014 7:06 am

I've run into that as well. I have suspected the LAN configuration (i.e. switching or bridging the LAN ports). I haven't noticed a consistent behavior yet. Do you have multiple LAN interfaces and if so, how are they set up? How do you have your NAT configured?
Launch your company forward with professional training!
http://rickfreyconsulting.com/product-c ... raining-2/
 
nerdtron
Member Candidate
Member Candidate
Topic Author
Posts: 123
Joined: Sat Nov 30, 2013 7:49 am

Re: changing default route weird behavior (simple question)

Sat Feb 15, 2014 8:19 am

Just a single LAN IP block on all lan ports, all lan ports are on a single bridge interface.
I declared my lan on an address-list.
/ip firewall address-list
add address=192.168.1.0/24 list=lan-users
Then declared NAT for each interface.
/ip firewall nat
add action=masquerade chain=srcnat out-interface=wan1 src-address-list=lan-users
add action=masquerade chain=srcnat out-interface=wan2 src-address-list=lan-users 
It really puzzles my why I need to issue another ping command to receive replies again. It seems like a new command "refresh" the default route. I need to figure this out because some of our application will continuously wait for replies in these situations.
Last edited by nerdtron on Sun Feb 16, 2014 4:48 pm, edited 1 time in total.
 
User avatar
rickfrey
Trainer
Trainer
Posts: 610
Joined: Sun Feb 14, 2010 11:41 pm
Location: Van, Texas
Contact:

Re: changing default route weird behavior (simple question)

Sun Feb 16, 2014 5:33 am

When you figure it our, please let us know. I'm sure we are not the only ones that have seen that :-)
Launch your company forward with professional training!
http://rickfreyconsulting.com/product-c ... raining-2/
 
SurferTim
Forum Guru
Forum Guru
Posts: 4637
Joined: Mon Jan 07, 2008 10:31 pm
Location: Miramar Beach, Florida

Re: changing default route weird behavior (simple question)

Sun Feb 16, 2014 5:51 am

Maybe connection tracking?
/ip firewall connection
 
marcusses
just joined
Posts: 4
Joined: Fri Jan 27, 2012 6:56 pm

Re: changing default route weird behavior (simple question)

Sun Feb 16, 2014 8:05 pm

I think that's working as intended.
Prior to start pinging, MT actually establish connection-oriented communication with remote device, 8.8.8.8 in your case, in Transport layer. After handshake, packets start moving. When you manually change default route, you practically break session. Source Address in IP header is no more address of WAN1, its address of WAN2 now. And remote device is "waiting" packets from Source Address of WAN1. I don't know how's Cisco working, but you can do the same with MT.

At least, this is what think it's going on. I didn't put it trought Wireshark, so i can be wrong.
 
nerdtron
Member Candidate
Member Candidate
Topic Author
Posts: 123
Joined: Sat Nov 30, 2013 7:49 am

Re: changing default route weird behavior (simple question)

Mon Feb 17, 2014 3:42 am

Maybe connection tracking?
/ip firewall connection
I tried changing the timeouts to 10 seconds. It marks connections as timeouts but the behavior of continuous ping on the client computer still stops.
Can you elaborate on how to change settings here?
 
nerdtron
Member Candidate
Member Candidate
Topic Author
Posts: 123
Joined: Sat Nov 30, 2013 7:49 am

Re: changing default route weird behavior (simple question)

Mon Feb 17, 2014 3:44 am

I think that's working as intended.
I don't know how's Cisco working, but you can do the same with MT.
Yes I'm trying to find out how to do it in mikrotik. Can you point which settings should I look at?
 
SurferTim
Forum Guru
Forum Guru
Posts: 4637
Joined: Mon Jan 07, 2008 10:31 pm
Location: Miramar Beach, Florida

Re: changing default route weird behavior (simple question)

Mon Feb 17, 2014 4:21 am

ping is icmp protocol.
/ip firewall connection tracking
Default on mine is 10 seconds.
 
nerdtron
Member Candidate
Member Candidate
Topic Author
Posts: 123
Joined: Sat Nov 30, 2013 7:49 am

Re: changing default route weird behavior (simple question)

Mon Feb 17, 2014 4:43 am

Default on mine too is 10 secs.
The problem is, on the mikrotik terminal, ping will still have replies when I change the default route.
On the computer connected on the LAN, changing the default route will stop the ping replies. I need to issue another ping command to have replies.
I'm looking to replicate the behavior of cisco routers as this doesn't happen.
 
thomseddon
just joined
Posts: 1
Joined: Sat May 30, 2015 3:04 am

Re: changing default route weird behavior (simple question)

Sat May 30, 2015 3:14 am

Sorry to bring this one back from the dead but I have observed the exact same behaviour today.

It occurs for icmp, tcp and udp packets - I tried reducing the session timeouts, but if i watch the active conections, or just drops from the table after the session times out however the session is never reestablished and so traffic just stalls.

As previously noted, any newly sessions can be established without an issue, it's just those that originate from before the route change.

FYI, in my case the MikroTik was performing NAT, I can try again without this on Monday.

Who is online

Users browsing this forum: andlil, babhitartani, cedie, CZFan, Google [Bot], Kindis, sindy and 64 guests