Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsSpark New Zealand (including Skinny and BigPipe)Mikrotik cannot redial PPPoE
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 
StNick

88 posts

Master Geek
+1 received by user: 26


  #2216419 13-Apr-2019 12:09
Send private message

MadEngineer: FWIW one of my MikroTiks that use a pppoe connection via chorus ont has a disabled dhcp client sitting there doing nothing with no issue.


Thanks. That rules that out.

I'm trying to think of what I might have done differently to break it.

The Android mikrotik app was updated not so long ago and with it came this "internet Detect" feature. I believe I used the app to turn it on. Could that be the culprit? It's off now after my config reset. Haven't tried turning it on as yet.

A few people have asked for my old config. I've got quite a few static entries and rules I need to remove but I plan on doing that soon. Will post it then.



RunningMan
9189 posts

Uber Geek
+1 received by user: 4842


  #2216424 13-Apr-2019 12:19
Send private message

StNick: [snip]The Android mikrotik app was updated not so long ago and with it came this "internet Detect" feature. I believe I used the app to turn it on. Could that be the culprit? .

 

Could well be. https://wiki.mikrotik.com/wiki/Manual:Detect_internet suggests it checks if an address can obtain an address by DHCP, but isn't clear whether it will drop it's own client on to the interface. Try enabling it, and see if the issue returns

StNick

88 posts

Master Geek
+1 received by user: 26


  #2217415 15-Apr-2019 13:38
Send private message

Here is my router config from right before I reset it.  Sorry for the delay; we have house guests at the moment and I haven't had much time to fiddle.  I also haven't turned on "Detect Internet" as yet as I don't want to drop the connection for an extended period of time whilst we have guests and it's looking increasingly likely that this is the culprit.

 

There's really not much to see here; the only thing I've stripped out is my static DHCP leases and my dst-nat rules.

 


# apr/12/2019 18:58:26 by RouterOS 6.44.2
# software id = ####-####
#
# model = RouterBOARD 3011UiAS
# serial number = ############
/interface bridge
add admin-mac=##:##:##:##:##:## auto-mac=no comment=defconf fast-forward=no \
name=bridge
/interface ethernet
set [ find default-name=ether1 ] mtu=1508 speed=100Mbps
set [ find default-name=ether2 ] name=ether2-master speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
set [ find default-name=ether6 ] name=ether6-master speed=100Mbps
set [ find default-name=ether7 ] speed=100Mbps
set [ find default-name=ether8 ] speed=100Mbps
set [ find default-name=ether9 ] speed=100Mbps
set [ find default-name=ether10 ] speed=100Mbps
set [ find default-name=sfp1 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full disabled=yes
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 max-mtu=1500 name=\
BigPipe password=bigpipe use-peer-dns=yes user=ppp
/interface list
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
add name=WAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip ipsec profile
add dh-group=modp1024 enc-algorithm=3des name=nord
/ip ipsec proposal
set [ find default=yes ] enc-algorithms="aes-256-cbc,aes-256-ctr,aes-256-gcm,c\
amellia-256,aes-128-cbc,aes-128-ctr,aes-128-gcm,camellia-128,3des" \
pfs-group=none
/ip pool
add name=dhcp ranges=192.168.0.10-192.168.0.254
/ip dhcp-server
add address-pool=dhcp authoritative=after-2sec-delay disabled=no interface=\
bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2-master
add bridge=bridge comment=defconf interface=ether6-master
add bridge=bridge comment=defconf hw=no interface=sfp1
add bridge=bridge interface=ether3
add bridge=bridge interface=ether4
add bridge=bridge interface=ether5
add bridge=bridge interface=ether7
add bridge=bridge interface=ether8
add bridge=bridge interface=ether9
add bridge=bridge interface=ether10
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface detect-internet
set detect-interface-list=all
/interface list member
add interface=ether2-master list=discover
add interface=ether3 list=discover
add interface=ether4 list=discover
add interface=ether5 list=discover
add interface=sfp1 list=discover
add interface=ether6-master list=discover
add interface=ether7 list=discover
add interface=ether8 list=discover
add interface=ether9 list=discover
add interface=ether10 list=discover
add interface=bridge list=discover
add interface=BigPipe list=discover
add list=discover
add interface=bridge list=mactel
add interface=bridge list=mac-winbox
add interface=BigPipe list=WAN
/ip address
add address=192.168.0.1/24 comment=defconf interface=ether2-master network=\
192.168.0.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server network
add address=192.168.0.0/24 comment=defconf dns-server=192.168.0.1 gateway=\
192.168.0.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router
/ip firewall address-list
add address=8.8.8.8 list="Google DNS"
add address=8.8.4.4 list="Google DNS"
/ip firewall filter
add action=drop chain=forward comment="Drop Google DNS" disabled=yes \
dst-address-list="Google DNS"
add action=accept chain=input dst-port=8291 protocol=tcp
add action=accept chain=input dst-port=8089 protocol=tcp
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
connection-state=established,related
add action=drop chain=input comment="defconf: drop all from WAN" \
in-interface=BigPipe
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface=BigPipe
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" disabled=yes \
out-interface=ether1
add action=masquerade chain=srcnat comment="defconf: masquerade" \
out-interface=BigPipe
add action=masquerade chain=srcnat dst-address=192.168.0.7 dst-port=80 \
out-interface=bridge protocol=tcp src-address=192.168.0.0/24
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www port=8089
set ssh disabled=yes
/ip ssh
set allow-none-crypto=yes
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=BigPipe type=external
add interface=bridge type=internal
/system clock
set time-zone-name=Pacific/Auckland
/tool graphing interface
add interface=ether1
/tool mac-server
set allowed-interface-list=mactel
/tool mac-server mac-winbox
set allowed-interface-list=mac-winbox



RunningMan
9189 posts

Uber Geek
+1 received by user: 4842


  #2217453 15-Apr-2019 14:32
Send private message

StNick:[snip]
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1

 

 

There's the problem. There is a DHCP client on ether1.

pohutukawa
197 posts

Master Geek
+1 received by user: 9


  #2217455 15-Apr-2019 14:35
Send private message

RunningMan:

StNick:[snip]
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1



There's the problem. There is a DHCP client on ether1.



Plain as day.

However, I have no such client anywhere and the issue was present.

Different situation!





pohutukawa ... turning with the seasons ... 

RunningMan
9189 posts

Uber Geek
+1 received by user: 4842


  #2217459 15-Apr-2019 14:41
Send private message

StNick:[snip]

 

Although my DHCP Client is most definitely disabled, I can't help but wonder if it is still somehow to blame. 

 

 

Seems this isn't quite the case 😉

 
 
 
 

Shop now for Lenovo laptops and other devices (affiliate link).
StNick

88 posts

Master Geek
+1 received by user: 26


  #2217462 15-Apr-2019 15:03
Send private message

RunningMan:

 

StNick:[snip]

 

Although my DHCP Client is most definitely disabled, I can't help but wonder if it is still somehow to blame. 

 

 

Seems this isn't quite the case 😉

 

 

 

 

Don't be so sure!  You almost had me thinking I was going crazy, but I just added a new DHCP client now and disabled it.  See for yourself...  😉

 

 

 

 

 

 

 

 

 

 

So I'm standing by my assertion that it was disabled, but I cannot rule out the possibility that a disabled DHCP client is still misbehaving.

 

 

 

 

RunningMan
9189 posts

Uber Geek
+1 received by user: 4842


  #2217470 15-Apr-2019 15:26
Send private message

But the one in the config posted above isn't disabled. Presumably your one on ether8 is disabled because it's also invalid. As soon as the port is live, it's not disabled.

 

EDIT: My apologies, you're correct. it will have disabled=no if enabled. Default is disabled.

StNick

88 posts

Master Geek
+1 received by user: 26


  #2217475 15-Apr-2019 15:34
Send private message

RunningMan:

 

But the one in the config posted above isn't disabled. Presumably your one on ether8 is disabled because it's also invalid. As soon as the port is live, it's not disabled.

 

EDIT: My apologies, you're correct. it will have disabled=no if enabled. Default is disabled.

 

 

 

 

I would say that this is likely a bug with disabled DHCP clients, if pohutukawa wasn't experiencing the same issue without a DHCP client at all.   I still plan on testing the "Detect Internet" theory, but pohutukawa doesn't have this on either!

RunningMan
9189 posts

Uber Geek
+1 received by user: 4842


  #2217499 15-Apr-2019 15:48
Send private message

As a troubleshooting exercise perhaps add a dummy MAC address to the disabled client and see what happens. If it's the MAC that's being blacklisted, then the PPPoE client should still be OK.

pohutukawa
197 posts

Master Geek
+1 received by user: 9


  #2217501 15-Apr-2019 15:51
Send private message

RunningMan:

As a troubleshooting exercise perhaps add a dummy MAC address to the disabled client and see what happens. If it's the MAC that's being blacklisted, then the PPPoE client should still be OK.



I think somehow it's the connection (ASID maybe) being blocked. I guess this will tell us!





pohutukawa ... turning with the seasons ... 

 
 
 
 

Shop now for Dyson appliances (affiliate link).
RunningMan
9189 posts

Uber Geek
+1 received by user: 4842


  #2217507 15-Apr-2019 16:07
Send private message

@cbrpilot may be able to confirm

1 | 2 | 3 | 4 
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright