Community discussions

MikroTik App
 
User avatar
domodial
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Mon Aug 24, 2020 7:27 pm

ARP block Internet windows machines

Sun Jan 23, 2022 6:27 pm

Hello,
For several days, I have had a strange manifestation.
2 windows machines (the only ones) are completely blocked (but the internal ping work).
I thought of a network card pb but after 3 days I understood that the ARP table posed the problem.
When I say pose the problem, I am not incriminating ARP, but it turns out that when I delete the ARP entries corresponding to my 2 windows machines, the internet is functional.
The IP and mac address with two machines are OK in ARP

My DNS is with the router ip + 1.1.1.1 And the DHCP is managed by the router too.
My setup is very simple.
However, both windows machines have this reaction.
I also find that on Debian, if I ping 1.1.1.1 it's OK.

But if I ping google.com then it doesn't work.
I have a big problem, and I humbly ask for your help.

Regards
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2984
Joined: Mon Apr 08, 2019 1:16 am

Re: ARP block Internet windows machines

Sun Jan 23, 2022 7:21 pm

Some mysteries here
when I delete the ARP entries corresponding to my 2 windows machines, the internet is functional.
The IP and mac address with two machines are OK in ARP
What happens when you delete the ARP entries. Do they come back, and are then OK?
"Internet is functional" means what ? You can find and browse websites like www.google.com ?
After the ARP addresses are back ... the internet is still functional ????
However, both windows machines have this reaction.
I also find that on Debian, if I ping 1.1.1.1 it's OK.
What is "this" reaction ?
Debian on the same machine as Windows ?
My DNS is with the router ip + 1.1.1.1
Where did you set the DNS entries? In the MT router? Giving the router IP as DNS server in the DNS setting of the router makes just a loop.
DNS server entered in the IP/DNS of the router should be the ISP DNS router address (mostly you get it automatically with DHCP from the ISP). You can add 1.1.1.1, 8.8.8.8, etc to the static servers. That is what the router uses for its own and for the DNS service for the clients.
The DNS address distributed by the DHCP of the router (set in the DHCP setup) should then mention the router IP as DNS server. (That is what the clients use as DNS.)


To test DNS on a Windows computer , use "nslookup" in the CMD box. viewtopic.php?t=181869&hilit=nslookup#p903466
 
User avatar
domodial
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Mon Aug 24, 2020 7:27 pm

Re: ARP block Internet windows machines

Sun Jan 23, 2022 7:35 pm

- they come back, and once out of 2 it's okay or not.
- yes i can use internet and join google.com
- after the return of ARP yes internet is functional but impossible to ping google.com on debian, while it is possible with 1.1.1.1 but with a reflection (10 sec), after a while then the ping is ok and quickly.
- no, debian is on a single machine. DNS settings are in MK > DNS 192.168.2.1 and 1.1.1.1
- indeed, I do not indicate the ISP's DNS servers anywhere.
- when I remove ARP on windows machines, then I can type planet commands and everything works. But not with Debian (no google.com but ping via IP is ok)
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2984
Joined: Mon Apr 08, 2019 1:16 am

Re: ARP block Internet windows machines

Sun Jan 23, 2022 9:04 pm

Remove 192.168.2.1 from IP -> DNS. DNS will not use the second (1.1.1.1) DNS server if the first is responding (but does not know the google.com address)
If you want a second DNS server you can use 8.8.8.8.
 
User avatar
domodial
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Mon Aug 24, 2020 7:27 pm

Re: ARP block Internet windows machines

Mon Jan 24, 2022 5:25 pm

Many thanks Sir !
Work fine now !

Regards
 
User avatar
domodial
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Mon Aug 24, 2020 7:27 pm

Re: ARP block Internet windows machines

Tue Jan 25, 2022 10:57 am

Sorry, it was a false alarm, it starts again.
I still have to delete the 2 machines in question in the ARP table so that they come back to life.
However, I have no duplicate IP and the 2 machines have the correct mac address.

But what happens?
Last edited by domodial on Tue Jan 25, 2022 11:08 am, edited 1 time in total.
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2984
Joined: Mon Apr 08, 2019 1:16 am

Re: ARP block Internet windows machines

Tue Jan 25, 2022 11:07 am

Test your DNS with NSLOOKUP, when it works, and when it stops.
I suspect a DNS problem.

viewtopic.php?t=181869&hilit=nslookup#p903466
 
User avatar
domodial
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Mon Aug 24, 2020 7:27 pm

Re: ARP block Internet windows machines

Tue Jan 25, 2022 11:10 am

C:\Users\BBW>nslookup
Default server : dns.google
Address: 8.8.8.8
 
User avatar
domodial
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Mon Aug 24, 2020 7:27 pm

Re: ARP block Internet windows machines

Tue Jan 25, 2022 11:29 am

C:\Users\Bernard>nslookup
Serveur par dÚfaut : router.lan
Address: 192.168.2.1

> google.com
Serveur : router.lan
Address: 192.168.2.1

Réponse ne faisant pas autorité :
Nom : google.com
Addresses: 2a00:1450:4007:809::200e
142.250.74.238
 
User avatar
domodial
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Mon Aug 24, 2020 7:27 pm

Re: ARP block Internet windows machines

Tue Jan 25, 2022 11:46 am

Test your DNS with NSLOOKUP, when it works, and when it stops.
I suspect a DNS problem.

viewtopic.php?t=181869&hilit=nslookup#p903466
router.lan did not have the correct IP and dnslookup gave nothing. (see first message)
Now I have rebooted the machines several times and it works.

Thanks again sir.
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: ARP block Internet windows machines

Tue Jan 25, 2022 11:50 am

I think we have to see your configuration...
/export hide-sensitive=yes
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2984
Joined: Mon Apr 08, 2019 1:16 am

Re: ARP block Internet windows machines

Tue Jan 25, 2022 11:53 am

This DNS is OK now. When it stops working, try NSLOOKUP again.

Still don't see how ARP etries in the router can influence your network, if they are correct, and it works after removing them when they come back.
What changed? Switch host table renewed by this action?

CHECK:
Bridge ARP on "enabled" ?
Bridge Port Learn on "auto" ?
TEST:
Set Bridge STP protocol mode on "none" (default is RSTP) to exclude STP port blocking.
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2984
Joined: Mon Apr 08, 2019 1:16 am

Re: ARP block Internet windows machines

Tue Jan 25, 2022 11:58 am

router.lan did not have the correct IP and dnslookup gave nothing. (see first message)

Google (8.8.8.8 ) will never resolve "router.lan". "router.lan" is a local thing, only resolved by 192.168.2.1 your local router.
You probably distribute 8.8.8.8 as DNS server with DHCP setup. I would send 192.168.2.1 as first and eventually 8.8.8.8 as backup.

DNS at the router is 1.1.1.1 and 8.8.8.8 (IP -> DNS)
DNS at the client (e.g. set with DHCP) is 192.168.2.1 (and 8.8.8.8 if you want a second DHCP server for the client)
 
User avatar
domodial
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Mon Aug 24, 2020 7:27 pm

Re: ARP block Internet windows machines

Tue Jan 25, 2022 12:15 pm

This DNS is OK now. When it stops working, try NSLOOKUP again.

Still don't see how ARP etries in the router can influence your network, if they are correct, and it works after removing them when they come back.
What changed? Switch host table renewed by this action?

CHECK:
Bridge ARP on "enabled" ?
Bridge Port Learn on "auto" ?
TEST:
Set Bridge STP protocol mode on "none" (default is RSTP) to exclude STP port blocking.
All Ok, but I don't see Bridge Port Learn on "auto"
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2984
Joined: Mon Apr 08, 2019 1:16 am

Re: ARP block Internet windows machines

Tue Jan 25, 2022 2:13 pm

Klembord-2.jpg
You do not have the required permissions to view the files attached to this post.
 
User avatar
domodial
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Mon Aug 24, 2020 7:27 pm

Re: ARP block Internet windows machines

Tue Jan 25, 2022 5:24 pm

Thank you, he was already Auto. :wink:

Who is online

Users browsing this forum: Amazon [Bot], CGGXANNX, mantouboji and 61 guests