Community discussions

MikroTik App
 
exitcomestothis
just joined
Topic Author
Posts: 5
Joined: Sat Apr 17, 2021 6:42 pm
Location: Vancouver, WA

Can't ping IP between os 6 and os 7

Sat Mar 25, 2023 11:01 pm

EDIT: Reposting in the general forum, as this didn't fit the forwarding forum.

I can't ping both ends of a /30 between 2 interfaces, connected by an ethernet cable if one is running os 6 and the other os 7. Neither side can ping the other.

If they both run ros 6, or both run ros 7, this issue is resolved. But if one is 6, and the other is 7, no packets are exchanged.

I've torn my hair out over this for the last couple days, and (feel with my knowledge) that this is an issue due to software and/or a configuration issue I'm overlooking when running ros 7?

From my understanding, this shouldn't be related to viewtopic.php?p=988905&hilit=ros7+ping+to+ros6#p988905

I have also replicated this issue with an RB4011, running ros 7.8 current, with my hAP device running 6.49.7 and have experienced the same result. I've set this configuration up many times, but there has to be something I'm missing in ros 7?

Export from os 7 (Both ends can ping each other)

# mar/24/2023 16:14:30 by RouterOS 7.8
# software id = 01KC-7PT7
#
# model = RB952Ui-5ac2nD
# serial number = B8C80AB7FF5C
/interface bridge
add name=bridge1
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
set [ find default-name=wlan2 ] ssid=MikroTik
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/interface bridge port
add bridge=bridge1 ingress-filtering=no interface=ether2
add bridge=bridge1 ingress-filtering=no interface=ether3
add bridge=bridge1 ingress-filtering=no interface=ether4
add bridge=bridge1 ingress-filtering=no interface=ether5
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface ovpn-server server
set auth=sha1,md5
/ip address
add address=192.168.19.2/30 interface=ether1 network=192.168.19.0
/ip ssh
set forwarding-enabled=remote
/system clock
set time-zone-name=America/Los_Angeles


Export from same mikrotik as above, but running os 6 (Can't ping other side).

# mar/24/2023 16:29:10 by RouterOS 6.49.7
# software id = 01KC-7PT7
#
# model = RB952Ui-5ac2nD
# serial number = B8C80AB7FF5C
/interface bridge
add name=bridge1
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
set [ find default-name=wlan2 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pass\
    word,web,sniff,sensitive,api,romon,dude,tikapp"
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
/ip address
add address=192.168.19.2/30 interface=ether1 network=192.168.19.0
/ip ssh
set forwarding-enabled=remote
/system clock
set time-zone-name=America/Los_Angeles


Lastly, here's the configuration for the other side I'm trying to ping.

# mar/24/2023 22:51:38 by RouterOS 7.3.1
# software id = 37E0-5QQI
#
# model = RB924i-2nD-BT5&BG77
# serial number = E9C70E274077
/interface bridge
add admin-mac=2C:C8:1B:87:79:E6 auto-mac=no comment=defconf name=bridge
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=WPA supplicant-identity=""
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX country="united states" disabled=no distance=indoors frequency=auto installation=indoor mode=station-pseudobridge-clone rx-chains=0 security-profile=WPA ssid=XR2 \
    station-bridge-clone-mac=2C:C8:1B:87:79:E6 tx-chains=0 wireless-protocol=802.11
/iot bluetooth
set bt1 name=bt1 random-static-address=CA:C0:2A:19:23:F4
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/port
set 1 baud-rate=9600
/interface ppp-client
add apn=m2mNB16.com.attz data-channel=2 default-route-distance=2 dial-on-demand=no disabled=no info-channel=2 name=ppp-out1 port=modem
/ppp profile
set *0 use-ipv6=required
/interface bridge port
add bridge=bridge comment=defconf ingress-filtering=no interface=ether2
add bridge=bridge comment=defconf ingress-filtering=no interface=wlan1
add bridge=bridge disabled=yes ingress-filtering=no interface=ether1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set max-neighbor-entries=8192
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=LAN
add comment=defconf interface=ppp-out1 list=WAN
/interface ovpn-server server
set auth=sha1,md5
/iot bluetooth scanners
set bt1 disabled=no
/iot modbus
set disabled=no
/ip address
add address=192.168.19.1/30 interface=ether1 network=192.168.19.0
/ip dhcp-client
add add-default-route=no interface=bridge use-peer-dns=no
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=192.168.88.1
/ip dns
set servers=208.67.220.220
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related hw-offload=yes
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
/ip route
add disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=192.168.1.10 pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
/ipv6 dhcp-client
add add-default-route=yes interface=ppp-out1 pool-name=ipv6 request=prefix
/system clock
set time-zone-name=America/Chicago
/system gps
set channel=1 init-channel=2 init-string="AT+QGPSCFG=\"outport\",\"usbnmea\";+QGPSCFG=\"priority\",0;+QGPS=1" port=modem set-system-time=no
/system identity
set name=KNOT
/system ntp client
set enabled=yes
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN

Who is online

Users browsing this forum: johnson73, mhn6868, sted, TeWe and 96 guests