Community discussions

 
TemporalBeing
just joined
Topic Author
Posts: 3
Joined: Sat Sep 15, 2018 5:59 am

RB450G WLAN not receiving default routes since upgrade to 6.43...

Sat Sep 15, 2018 6:52 am

I've had my RB450G for a number of years, and love it. I rarely have to touch it - in fact, I usually only touch it when I remember to do upgrades. Usually that has not been an issue - I go into webfig and tell it to upgrade, and I'm good to go after a reboot. So I haven't touched the configuration since I originally did it about 5 years ago. It's just worked! (Thanks!)

Unfortunately, last night was the exception - I did the package upgrades - which went from something a couple years out of date (6.24? - it was in the 6 series) to 6.43. It rebooted, and didn't seem to come back up - I pulled the power, restarted (b/c I couldn't find my USB Serial adapter) and it came up - at least my internal network was working fine. I could get between my systems; however, I couldn't get out to the Internet.

After some diagnostics I determined that I could hit the ISP's provided modem from my laptop behind the RB450G, but I couldn't get it to route beyond that.
So configuration:

I've got WLAN (port 1?) set up to go to the ISP's modem where it gets information via DHCP. This seems to be working correctly on the face of things - it gets an IP address (f.e 192.168.1.65) and default routes, etc of the modem address (192.168.1.254).

Ports 2-5 are configured as 192.168.2.17/192.168.2.18/192.168.2.19192.168.2.20. These are all added to bridge1 along with 192.168.3.16, used for other devices.

Beyond this I have a basic firewall configured - only related traffic allowed in, all traffic forwarded out - with NAT enabled so the ISP modem (hopefully) only sees 1 IP address for all the traffic on my network. Everything is presently only IPv4; I may start enabling IPv6...but not ready yet.

I've got an RPi which provides DHCP services plugged directly into Port 2, and the WAP plugged into Port 5. Behind the WAP (which also provides some wired ports) I have my laptop which correctly gets its DHCP address from the RPi, and further can hit the ISP modem's 192.168.1.254 address.

However - the RG450G no longer seems to be doing a default 0.0.0.0 route out to the ISP modem. I can neither access 8.8.8.8 (Google DNS) from my laptop, nor can I do so from within the terminal in the Webfig HTTP interface (ping 8.8.8.8). I'm writing this through another laptop connected to the WAP on the ISP's modem. So the issue is certainly the RB450G not applying some route correctly but I can't figure out what is wrong.

So initially I just did a package upgrade which left me with Firmware 3.24 and Router OS 6.43 where I started running into this issue. I then upgraded the Firmware to 3.41 in case there was some conflict between Router OS and the Firmware, but the issue persists.

I'm open to redoing the configuration entirely - and would prefer to do something via Ansible if I did (getting ready to add a 24 port mikrotik switch and two mikrotik WAPs into the mix). Right now, I just want to get backup and running.

Any advice would be greatly appreciated.
 
sindy
Forum Guru
Forum Guru
Posts: 2514
Joined: Mon Dec 04, 2017 9:19 pm

Re: RB450G WLAN not receiving default routes since upgrade to 6.43...

Sat Sep 15, 2018 1:31 pm

The way you describe it the following comes to my mind:
  • there were some changes in distance settings of routes obtained dynamically, I don't remember whether it was only related to PPPoE or also DHCP
  • if you eventually get a route list in DHCP Option 121, the default behaviour following RFC3442 is that in such case the default gateway IP from the same DHCP response is ignored if present
.

So post the output of the following commands:
/ip dhcp-client export verbose
/ip dhcp-client print detail
/ip route print detail


If any of the addresses in the output are public ones, you may want to obfuscate them - if so, use some distinctive and meaningful patterns like my.public.ip.1, my.isp's.dns.1 etc.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
TemporalBeing
just joined
Topic Author
Posts: 3
Joined: Sat Sep 15, 2018 5:59 am

Re: RB450G WLAN not receiving default routes since upgrade to 6.43...

Sun Sep 16, 2018 4:35 am

Only the ISP modem (192.168.1.254) has a public interface; so not worried there; only obfuscated my user and the serial number.
I think I set it to have a hop (distance) value of 1, but can't remember.

Any how...here's the output:
[me@ops] > ip dhcp-client export verbose
# sep/16/2018 01:26:28 by RouterOS 6.43
# software id = C1AD-7CGK
#
# model = 450G
# serial number = myserial
/ip dhcp-client option
set clientid_duid code=61 name=clientid_duid value="0xff\$(CLIENT_DUID)"
set clientid code=61 name=clientid value="0x01\$(CLIENT_MAC)"
set hostname code=12 name=hostname value="\$(HOSTNAME)"
/ip dhcp-client
add add-default-route=yes default-route-distance=1 dhcp-options=hostname,clientid disabled=no interface=ether1-wlan use-peer-dns=yes use-peer-ntp=yes
[me@ops] > ip dhcp-client print detail
Flags: X - disabled, I - invalid, D - dynamic
0 interface=ether1-wlan add-default-route=yes default-route-distance=1 use-peer-dns=yes use-peer-ntp=yes dhcp-options=hostname,clientid status=bound address=192.168.1.65/24 gateway=192.168.1.254 dhcp-server=192.168.1.254 primary-dns=192.168.1.254
expires-after=14h12m10s
[me@ops] > ip route print detail
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
0 A S dst-address=0.0.0.0/0 gateway=ether1-wlan gateway-status=ether1-wlan reachable check-gateway=ping distance=1 scope=30 target-scope=10

1 DS dst-address=0.0.0.0/0 gateway=192.168.1.254 gateway-status=192.168.1.254 reachable via ether1-wlan distance=1 scope=30 target-scope=10 vrf-interface=ether1-wlan

2 ADC dst-address=192.168.1.0/24 pref-src=192.168.1.65 gateway=ether1-wlan gateway-status=ether1-wlan reachable distance=0 scope=10

3 ADC dst-address=192.168.2.0/24 pref-src=192.168.2.17 gateway=bridge1 gateway-status=bridge1 reachable distance=0 scope=10

4 ADC dst-address=192.168.3.0/24 pref-src=192.168.3.16 gateway=bridge1 gateway-status=bridge1 reachable distance=0 scope=10
[me@ops] >
 
sindy
Forum Guru
Forum Guru
Posts: 2514
Joined: Mon Dec 04, 2017 9:19 pm

Re: RB450G WLAN not receiving default routes since upgrade to 6.43...

Sun Sep 16, 2018 10:20 am

Have you added the topmost default (dst-address=0.0.0.0/0) route manually just now, as a workaround attempt, or has it been there since the previous (working) configuration?

The thing is that this route has an interface name set as gateway, which normally doesn't work with point-to-multipoint interfaces unless both the routers and end devices support it. In particular, the routers have to advertise themselves and eventually send icmp redirections, an the end devices have to understand and use the advertisements and icmp redirections.

So first disable that route - the one next to it, provided dynamically by DHCP, should become active and start working then. If it does, remove the disabled one completely. If it doesn't, change the gateway of the manually added route from ether1-wlan to 192.168.1.254, re-enable it and try again.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
TemporalBeing
just joined
Topic Author
Posts: 3
Joined: Sat Sep 15, 2018 5:59 am

Re: RB450G WLAN not receiving default routes since upgrade to 6.43...

Sun Sep 16, 2018 8:56 pm

sindy - thanks; that did the trick. That route was probably there from when I initially set everything up. Disabling it worked as you expected.

Thanks! :D
 
sindy
Forum Guru
Forum Guru
Posts: 2514
Joined: Mon Dec 04, 2017 9:19 pm

Re: RB450G WLAN not receiving default routes since upgrade to 6.43...

Sun Sep 16, 2018 9:29 pm

Which kind of confirms my suspicion that the use of interface name as gateway also for Ethernet interfaces did work in some older RouterOS versions but has silently stopped to. You are not the only one for whom it apparently worked in the past. I came on board too late to have a Routerboard old enough that I'd dare to run 6.20 or older on it to check.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.

Who is online

Users browsing this forum: jterry801 and 27 guests