Mikrotik with Bridged Spark VDSL - traceroute missing first two hops

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Mikrotik with Bridged Spark VDSL - traceroute missing first two hops

sfrasernz

227 posts

Master Geek

#239500 20-Jul-2018 21:38

I've got a newly configured Mikrotik (10.0.0.2/24) router connecting to a Spark VDSL connection which has been bridged. I have a wired connection to the MT and can access the internet. But I notice when I run a traceroute from the laptop it misses the first two hops as per below.

Tracing route to www.trademe.co.nz [202.162.73.2]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 10.0.0.2
2 * * * Request timed out.
3 * * * Request timed out.
4 9 ms 9 ms 10 ms 122.56.116.9
5 10 ms 10 ms 10 ms 122.56.127.210
6 12 ms 11 ms 12 ms 122.56.118.38
7 12 ms 12 ms 19 ms 203.57.145.135
8 11 ms 11 ms 12 ms 202.162.73.2

Trace complete.

Do I have something misconfigured?

I have some funky stuff happening on Wifi (Unifi AP and clients have correct IP info but can't access web) but wonder if its related to this routing issue.

Routing table is default and shows directly connected networks:

# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 pppoe-out1 1
1 ADC 10.0.0.0/24 10.0.0.2 bridge 0
2 ADC 125.239.206.1/32 xxx.xxx.143.212 pppoe-out1 0

Looks like it's going to be another late night...

1 | 2 | 3

30853 posts

Uber Geek

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#2059678 20-Jul-2018 21:48

There is nothing wrong there. Not all BNG equipment or hops on the Internet will always give a response to ICMP.

I've also removed your public IP from your post before you get hacked..

sfrasernz

227 posts

Master Geek

#2059687 20-Jul-2018 22:07

Thanks for that. I'm very confused with what is happening on the wifi network.

I'm happily working on Wifi with my Windows 10 laptop connected to a Unifi AP. Everything works. I'm writing this post from it right now.

However the Apple Devices and MiBox connected to the same wireless network are not working. Well not really working. I've noticed I can bring up Google in Safari and search to the hearts content. Googles MyIp reports my public IP address (I won't repeat it again, thanks by the way) so I'm sure it is using the Wifi. But if I browse to say GZ the page tries to load but never does. Same result for pretty much every web site I try to visit.

I've factory reset the Unifi AP and re-adopted it. Earlier this evening I changed my IP subnet to new a range but changed the network settings in the Unifi controller and had no trouble having the AP adopted and provisioned. Wireless clients are getting an IP on the correct subnet and I can see the MT leasing IP addresses.

The symptoms make no sense to me. Hopefully I've explained it relatively clearly.

Depending on feedback I may remove the MT from the equation and run my internet from the hg659 again and see what happens. The two major changes tonight were a change of IP subnet and installation of MT bridged to the hg659.

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2059697 20-Jul-2018 22:32

What dns records do the clients get and if it's the MT have you set the forwarders in the dns setup

Cyril

sfrasernz

227 posts

Master Geek

#2059700 20-Jul-2018 22:39

Windows is picking up the following DNS servers:

10.0.0.2
122.56.237.1
210.55.111.1

On the MT under DNS there are two dynamic servers (being the last two in the list above).

Do I need to setup forwarding somewhere? I've had a look around and haven't found anything specific.

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2059702 20-Jul-2018 22:44

Hi so just clarify, windows devices are fine, it's just an osx and Android based devices with issues, and can you confirm they have sensible subnets, gateways and dns.

Cyril

sfrasernz

227 posts

Master Geek

#2059705 20-Jul-2018 22:48

Yes that is correct. Windows laptop is working fine. Android TV and iOS devices are not. The iOS devices are connecting to same SSID (there is only one plus a guest SSID) and have a valid IP, netmask, gateway and DNS settings the same as the Windows machine.

MadEngineer

4271 posts

Uber Geek

Trusted

#2059723 20-Jul-2018 23:55

IPv6

You're not on Atlantis anymore, Duncan Idaho.

Equinox IT

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.

sfrasernz

227 posts

Master Geek

#2059726 21-Jul-2018 00:22

IPv6 - I'm not sure I follow sorry. I'm only using IPv4 on the network.

I know this all sounds crazy. If I wasn't sitting here losing my hair I wouldn't believe me either.

I've have another Windows machine with Wifi and its exhibiting same symptoms as the other devices. So I've got one Windows machine working perfectly on wifi and another 4 devices (Windows, iPhone and Mibox) that don't.

On the non-working Windows box I can access Google and even YouTube. Like the other devices I'm unable to browse other websites but can successfully ping them. Telnet will open a connection on port 80 to any website.

I'm going to revert to how everything was before I started and will report back.

sfrasernz

227 posts

Master Geek

#2059727 21-Jul-2018 00:35

Well...I removed the MT and used the HG659 as my router and connected the AP to the HG659 and everything is working as it should. Whatever is going on it appears related to the MT. About to put the MT back into service...

sfrasernz

227 posts

Master Geek

#2059728 21-Jul-2018 00:55

Well at least its consistent. Iv'e bridged the HG659 back to the MT and updated the Unifi AP with it's new subnet and the crazy symptoms return. Calling it a night but I'd really appreciate any input. Happy to try anything at this stage!

Spyware

3761 posts

Uber Geek

Lifetime subscriber

#2059754 21-Jul-2018 08:01

MTU

sfrasernz

227 posts

Master Geek

#2059759 21-Jul-2018 08:20

Not really sure what I'm doing but had a go at reducing MTU on ether1 (h659 is connected here) and reduced to 1492 and issue persists. Do I need to be looking at MTU on AP and/or hg659 as well?

# NAME TYPE ACTUAL-MTU L2MTU MAX-L2MTU MAC-ADDRESS
0 R ether1 ether 1492 1596 2026 B8:69:F4:01:CE:50
1 S ether2 ether 1500 1596 2026 B8:69:F4:01:CE:51
2 RS ether3 ether 1500 1596 2026 B8:69:F4:01:CE:52
3 S ether4 ether 1500 1596 2026 B8:69:F4:01:CE:53
4 RS ether5 ether 1500 1596 2026 B8:69:F4:01:CE:54
5 S sfp1 ether 1500 1596 2026 B8:69:F4:01:CE:55
6 R ;;; defconf
bridge bridge 1500 1596 B8:69:F4:01:CE:51
7 R pppoe-out1 pppoe-out 1472

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2059807 21-Jul-2018 10:25

Hi, so if we just back the bus up a bit, put the 659 back into normal nat mode, make sure its lan is not the same as the MT lan, then connect interface 1 of the MT to that, remove the pppoe and set it as a static in the 659's network, yes we will double nat for now. make sure the firewall rules point back to port1 rather than the pppoe and a default route to the 659 exists, how does that go.

Maybe also post the current firewall rules export same for routes, and maybe addresses.

Cyril

sbiddle

30853 posts

Uber Geek

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#2059815 21-Jul-2018 10:34

sfrasernz:

Not really sure what I'm doing but had a go at reducing MTU on ether1 (h659 is connected here) and reduced to 1492 and issue persists. Do I need to be looking at MTU on AP and/or hg659 as well?

# NAME TYPE ACTUAL-MTU L2MTU MAX-L2MTU MAC-ADDRESS
0 R ether1 ether 1492 1596 2026 B8:69:F4:01:CE:50
1 S ether2 ether 1500 1596 2026 B8:69:F4:01:CE:51
2 RS ether3 ether 1500 1596 2026 B8:69:F4:01:CE:52
3 S ether4 ether 1500 1596 2026 B8:69:F4:01:CE:53
4 RS ether5 ether 1500 1596 2026 B8:69:F4:01:CE:54
5 S sfp1 ether 1500 1596 2026 B8:69:F4:01:CE:55
6 R ;;; defconf
bridge bridge 1500 1596 B8:69:F4:01:CE:51
7 R pppoe-out1 pppoe-out 1472

Changing the MTU on ether1 won't do anything as ether1 isn't actually used for anything. The problem is probably MTU related, and I have no idea how you have a PPPoE MTU is 1472, but you obviously have things configured incorrectly.

RouterOS isn't easy to use. Even if you have networking skills it'll take a good few months to learn.

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2059822 21-Jul-2018 10:49

Just as an example, my MT here at home on Spark UFB has a MTU of 1480 on the pppoe interface, this was set by the MT which is infact a routeros default for pppoe.

Cyril

1 | 2 | 3