My topology is:
Code: Select all
LAN (192.168.1.0/24) --> Mikrotik [ 192.168.1.111 ->> 192.168.88.0/24 ] --> 88.0 subnet hosts
If I now contact a host via `ssh` via the normal static route, the connection hangs after approximately 30s (this is reproducible every time +/- approx. 3s):
Code: Select all
❯ ssh admin@192.168.88.12 'for i in $(seq 1 100); do printf "%d.." $i; sleep 1; done'
admin@192.168.88.12's password:
1..2..3..4..5..6..7..8..9..10..11..12..13..14..15..16..17..18..19..20..21..22..23..24..25..26..27..Timeout, server 192.168.88.12 not responding.
Code: Select all
❯ ssh -p32022 admin@192.168.1.111 'for i in $(seq 1 100); do printf "%d.." $i; sleep 1; done'
admin@192.168.1.111's password:
1..2..3..4..5..6..7..8..9..10..11..12..13..14..15..16..17..18..19..20..21..22..23..24..25..26..27..28..29..30..31..32..33..34..35..36..37..38..39..40..41..42..43..44..45..46..47..48..49..50..51..52..53..54..55..56..57..58..59..60..61..62..63..64..65..66..67..68..69..70..71..72..73..74..75..76..77..78..79..80..81..82..83..84..85..86..87..88..89..90..91..92..93..94..95..96..97..98..99..100..%
Any idea? Is there some kind of default DDoS protection or timeout in play, which I have to explicitly reconfigure?
EDIT After a complete reset (i.e. also without default firewall rules), I can reproduce the behaviour after defining a bridge with all ports for the 88-subnet and adding the routes. I can normally ssh into hosts on the subnet, and even ssh back, but after about 30s the connection invariably hangs.
TIA