Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
ForumsLAN (ethernet/Wifi/routers/Bluetooth)Mikrotik with Bridged Spark VDSL - traceroute missing first two hops


132 posts

Master Geek
+1 received by user: 2


Topic # 239500 20-Jul-2018 21:38
Send private message quote this post

I've got a newly configured Mikrotik (10.0.0.2/24) router connecting to a Spark VDSL connection which has been bridged. I have a wired connection to the MT and can access the internet. But I notice when I run a traceroute from the laptop it misses the first two hops as per below.

 

 

 

Tracing route to www.trademe.co.nz [202.162.73.2]
over a maximum of 30 hops:

 

1 <1 ms <1 ms <1 ms 10.0.0.2
2 * * * Request timed out.
3 * * * Request timed out.
4 9 ms 9 ms 10 ms 122.56.116.9
5 10 ms 10 ms 10 ms 122.56.127.210
6 12 ms 11 ms 12 ms 122.56.118.38
7 12 ms 12 ms 19 ms 203.57.145.135
8 11 ms 11 ms 12 ms 202.162.73.2

 

Trace complete.

 

 

 

Do I have something misconfigured?

 

I have some funky stuff happening on Wifi (Unifi AP and clients have correct IP info but can't access web) but wonder if its related to this routing issue. 

 

Routing table is default and shows directly connected networks:

 

# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 pppoe-out1 1
1 ADC 10.0.0.0/24 10.0.0.2 bridge 0
2 ADC 125.239.206.1/32 xxx.xxx.143.212 pppoe-out1 0

 

Looks like it's going to be another late night...

 

 

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3
27065 posts

Uber Geek
+1 received by user: 6509

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 2059678 20-Jul-2018 21:48
2 people support this post
Send private message quote this post

?

 

There is nothing wrong there. Not all BNG equipment or hops on the Internet will always give a response to ICMP. 

 

I've also removed your public IP from your post before you get hacked..

 

 

 

 

 

 



132 posts

Master Geek
+1 received by user: 2


  Reply # 2059687 20-Jul-2018 22:07
Send private message quote this post

Thanks for that. I'm very confused with what is happening on the wifi network. 

 

I'm happily working on Wifi with my Windows 10 laptop connected to a Unifi AP. Everything works. I'm writing this post from it right now.

 

However the Apple Devices and MiBox connected to the same wireless network are not working. Well not really working. I've noticed I can bring up Google in Safari and search to the hearts content. Googles MyIp reports my public IP address (I won't repeat it again, thanks by the way) so I'm sure it is using the Wifi. But if I browse to say GZ the page tries to load but never does. Same result for pretty much every web site I try to visit. 

 

I've factory reset the Unifi AP and re-adopted it. Earlier this evening I changed my IP subnet to new a range but changed the network settings in the Unifi controller and had no trouble having the AP adopted and provisioned. Wireless clients are getting an IP on the correct subnet and I can see the MT leasing IP addresses.

 

The symptoms make no sense to me. Hopefully I've explained it relatively clearly.

 

Depending on feedback I may remove the MT from the equation and run my internet from the hg659 again and see what happens. The two major changes tonight were a change of IP subnet and installation of MT bridged to the hg659.

 

 

 

 

 

 

6313 posts

Uber Geek
+1 received by user: 294

Trusted
Subscriber

  Reply # 2059697 20-Jul-2018 22:32
Send private message quote this post

What dns records do the clients get and if it's the MT have you set the forwarders in the dns setup

Cyril



132 posts

Master Geek
+1 received by user: 2


  Reply # 2059700 20-Jul-2018 22:39
Send private message quote this post

Windows is picking up the following DNS servers:

 

10.0.0.2
122.56.237.1
210.55.111.1

 

 

 

On the MT under DNS there are two dynamic servers (being the last two in the list above). 

 

Do I need to setup forwarding somewhere? I've had a look around and haven't found anything specific.

6313 posts

Uber Geek
+1 received by user: 294

Trusted
Subscriber

  Reply # 2059702 20-Jul-2018 22:44
Send private message quote this post

Hi so just clarify, windows devices are fine, it's just an osx and Android based devices with issues, and can you confirm they have sensible subnets, gateways and dns.

Cyril



132 posts

Master Geek
+1 received by user: 2


  Reply # 2059705 20-Jul-2018 22:48
Send private message quote this post

Yes that is correct. Windows laptop is working fine. Android TV and iOS devices are not. The iOS devices are connecting to same SSID (there is only one plus a guest SSID) and have a valid IP, netmask, gateway and DNS settings the same as the Windows machine. 

 

 

1619 posts

Uber Geek
+1 received by user: 416


  Reply # 2059723 20-Jul-2018 23:55
Send private message quote this post

IPv6



132 posts

Master Geek
+1 received by user: 2


  Reply # 2059726 21-Jul-2018 00:22
Send private message quote this post

IPv6 - I'm not sure I follow sorry. I'm only using IPv4 on the network. 

 

I know this all sounds crazy. If I wasn't sitting here losing my hair I wouldn't believe me either.

 

I've have another Windows machine with Wifi and its exhibiting same symptoms as the other devices. So I've got one Windows machine working perfectly on wifi and another 4 devices (Windows, iPhone and Mibox) that don't.

 

On the non-working Windows box I can access Google and even YouTube. Like the other devices I'm unable to browse other websites but can successfully ping them. Telnet will open a connection on port 80 to any website. 

 

I'm going to revert to how everything was before I started and will report back.

 

 



132 posts

Master Geek
+1 received by user: 2


  Reply # 2059727 21-Jul-2018 00:35
Send private message quote this post

Well...I removed the MT and used the HG659 as my router and connected the AP to the HG659 and everything is working as it should. Whatever is going on it appears related to the MT. About to put the MT back into service...

 

 



132 posts

Master Geek
+1 received by user: 2


  Reply # 2059728 21-Jul-2018 00:55
Send private message quote this post

Well at least its consistent. Iv'e bridged the HG659 back to the MT and updated the Unifi AP with it's new subnet and the crazy symptoms return. Calling it a night but I'd really appreciate any input. Happy to try anything at this stage!

2043 posts

Uber Geek
+1 received by user: 337

Lifetime subscriber

  Reply # 2059754 21-Jul-2018 08:01
Send private message quote this post

MTU



132 posts

Master Geek
+1 received by user: 2


  Reply # 2059759 21-Jul-2018 08:20
Send private message quote this post

Not really sure what I'm doing but had a go at reducing MTU on ether1 (h659 is connected here) and reduced to 1492 and issue persists. Do I need to be looking at MTU on AP and/or hg659 as well?

 

 

 

# NAME TYPE ACTUAL-MTU L2MTU MAX-L2MTU MAC-ADDRESS
0 R ether1 ether 1492 1596 2026 B8:69:F4:01:CE:50
1 S ether2 ether 1500 1596 2026 B8:69:F4:01:CE:51
2 RS ether3 ether 1500 1596 2026 B8:69:F4:01:CE:52
3 S ether4 ether 1500 1596 2026 B8:69:F4:01:CE:53
4 RS ether5 ether 1500 1596 2026 B8:69:F4:01:CE:54
5 S sfp1 ether 1500 1596 2026 B8:69:F4:01:CE:55
6 R ;;; defconf
bridge bridge 1500 1596 B8:69:F4:01:CE:51
7 R pppoe-out1 pppoe-out 1472

 

 

 

 

6313 posts

Uber Geek
+1 received by user: 294

Trusted
Subscriber

  Reply # 2059807 21-Jul-2018 10:25
Send private message quote this post

Hi, so if we just back the bus up a bit, put the 659 back into normal nat mode, make sure its lan is not the same as the MT lan, then connect interface 1 of the MT to that, remove the pppoe and set it as a static in the 659's network, yes we will double nat for now. make sure the firewall rules point back to port1 rather than the pppoe and a default route to the 659 exists, how does that go.

 

Maybe also post the current firewall rules export same for routes, and maybe addresses. 

 

 

 

Cyril

27065 posts

Uber Geek
+1 received by user: 6509

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 2059815 21-Jul-2018 10:34
Send private message quote this post

sfrasernz:

 

Not really sure what I'm doing but had a go at reducing MTU on ether1 (h659 is connected here) and reduced to 1492 and issue persists. Do I need to be looking at MTU on AP and/or hg659 as well?

 

 

 

# NAME TYPE ACTUAL-MTU L2MTU MAX-L2MTU MAC-ADDRESS
0 R ether1 ether 1492 1596 2026 B8:69:F4:01:CE:50
1 S ether2 ether 1500 1596 2026 B8:69:F4:01:CE:51
2 RS ether3 ether 1500 1596 2026 B8:69:F4:01:CE:52
3 S ether4 ether 1500 1596 2026 B8:69:F4:01:CE:53
4 RS ether5 ether 1500 1596 2026 B8:69:F4:01:CE:54
5 S sfp1 ether 1500 1596 2026 B8:69:F4:01:CE:55
6 R ;;; defconf
bridge bridge 1500 1596 B8:69:F4:01:CE:51
7 R pppoe-out1 pppoe-out 1472

 

 

 

 

 

 

Changing the MTU on ether1 won't do anything as ether1 isn't actually used for anything. The problem is probably MTU related, and I have no idea how you have a  PPPoE MTU is 1472, but you obviously have things configured incorrectly.

 

RouterOS isn't easy to use. Even if you have networking skills it'll take a good few months to learn.

 

 

6313 posts

Uber Geek
+1 received by user: 294

Trusted
Subscriber

  Reply # 2059822 21-Jul-2018 10:49
Send private message quote this post

Just as an example, my MT here at home on Spark UFB has a MTU of 1480 on the pppoe interface, this was set by the MT which is infact a routeros default for pppoe.

 

Cyril

 1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.