- Public - talk.mikrotik.com.au

Help debugging a OSPF issue
by Alex Samad - Yieldbroker 24 Sep '15

24 Sep '15

Hi I am seeing what I believe to be a rather unstable OSPF setup. I have 1 cisco ASA 5520 (stacked) - DCFW1 4 ccr1036 - alcrtr1 alcrtr2 gsrtr1 gsrtr2 5 ROS VM's - prodrtr uatrtr testrtr simrtr wwwrtr They share a VLAN - MAN 10.31.19.0/24 - also area 0 I just happened to be doing a debug OSPF on my cisco when I think something happened. Reason I say I think, is I have placed static routes with weigthing of 250 to be used when the OSPF routes disappear. Looking at what happened on testrtr1, I am trying to find out why the sudden change, I have grabbed all the logs for around that time frame. My OSPF debugging knowledge is not that good. testrtr1 - 10.32.255.9/10.31.19.133 sep/24 08:17:13 route,ospf,info OSPFv2 neighbor 10.31.19.1: state change from 2-Way to Init sep/24 08:17:17 route,ospf,info OSPFv2 neighbor 10.33.255.2: state change from 2-Way to Init sep/24 08:17:17 route,ospf,info OSPFv2 neighbor 10.32.255.12: state change from 2-Way to Init sep/24 08:17:18 route,ospf,info OSPFv2 neighbor 10.33.255.1: state change from 2-Way to Init sep/24 08:17:19 route,ospf,info OSPFv2 neighbor 10.34.255.2: state change from Full to Init gsrtr1 10.34.255.2/10.31.19.3 sep/24 08:17:10 route,ospf,info OSPFv2 neighbor 10.32.255.9: state change from Full to Down sep/24 08:17:11 route,ospf,info Ignoring Link State Acknowledgment packet: wrong peer state sep/24 08:17:11 route,ospf,info state=Down sep/24 08:17:13 route,ospf,info Ignoring Link State Acknowledgment packet: wrong peer state sep/24 08:17:13 route,ospf,info state=Down sep/24 08:17:19 route,ospf,info Discarding packet: no neighbor with this source address sep/24 08:17:19 route,ospf,info RouterId=10.32.255.9 sep/24 08:17:19 route,ospf,info source=10.31.19.133 sep/24 08:17:24 route,ospf,info Discarding packet: no neighbor with this source address sep/24 08:17:24 route,ospf,info RouterId=10.32.255.9 sep/24 08:17:24 route,ospf,info source=10.31.19.133 sep/24 08:26:01 route,ospf,info Invalid sequence number sep/24 08:26:01 route,ospf,info mine=460801 sep/24 08:26:01 route,ospf,info received=460800 sep/24 08:26:01 route,ospf,info Discarding packet: MD5 authentication failed sep/24 08:26:01 route,ospf,info source=10.31.17.3 gsrtr2 10.34.255.2/10.31.19.3 NOTHING alcrtr1 10.33.255.1/10.31.19.66 sep/24 08:17:11 route,ospf,info OSPFv2 neighbor 10.32.255.9: state change from 2-Way to Down alcrtr2 10.33.255.2/10.31.19.67 sep/24 08:17:11 route,ospf,info OSPFv2 neighbor 10.32.255.9: state change from 2-Way to Down prodrtr 10.32.255.12/10.31.19.131 sep/24 08:17:11 route,ospf,info OSPFv2 neighbor 10.32.255.9: state change from 2-Way to Down simrtr1 10.32.255.11/10.31.19.130 nothing uatrtr1 10.32.255.10/10.31.19.129 nothing I have added in the logs from the mikrotik boxes and from the cisco Don't think there is anything special, I am using MD5 auth >From gsrtr1 /routing ospf> neighbor print where interface =MAN 0 instance=default router-id=10.32.255.13 address=10.31.19.132 interface=MAN priority=5 dr-address=10.31.19.3 backup-dr-address=10.31.19.66 state="Full" state-changes=4 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=41m50s 1 instance=default router-id=10.34.255.3 address=10.31.19.4 interface=MAN priority=100 dr-address=10.31.19.3 backup-dr-address=10.31.19.66 state="Full" state-changes=4 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=1h33m57s 2 instance=default router-id=10.32.255.9 address=10.31.19.133 interface=MAN priority=5 dr-address=10.31.19.3 backup-dr-address=10.31.19.66 state="Full" state-changes=4 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=2h39m31s 3 instance=default router-id=10.31.19.1 address=10.31.19.1 interface=MAN priority=1 dr-address=10.31.19.3 backup-dr-address=10.31.19.66 state="Full" state-changes=34 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=3h3m18s 4 instance=default router-id=10.32.255.12 address=10.31.19.131 interface=MAN priority=5 dr-address=10.31.19.3 backup-dr-address=10.31.19.66 state="Full" state-changes=12 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=3h3m18s 5 instance=default router-id=10.32.255.11 address=10.31.19.130 interface=MAN priority=5 dr-address=10.31.19.3 backup-dr-address=10.31.19.66 state="Full" state-changes=14 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=3h56m15s 6 instance=default router-id=10.33.255.1 address=10.31.19.66 interface=MAN priority=150 dr-address=10.31.19.3 backup-dr-address=10.31.19.66 state="Full" state-changes=33 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=3h3m18s 7 instance=default router-id=10.32.255.10 address=10.31.19.129 interface=MAN priority=5 dr-address=10.31.19.3 backup-dr-address=10.31.19.66 state="Full" state-changes=48 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=3h7m43s 8 instance=default router-id=10.33.255.2 address=10.31.19.67 interface=MAN priority=100 dr-address=10.31.19.3 backup-dr-address=10.31.19.66 state="Full" state-changes=42 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=3h3m18s I have checked the Switch ports and I am not seeing any error counts. Thanks Alex

1 0

virtual APs - how many?
by Karl Auer 19 Sep '15

19 Sep '15

We have an application where we want to provide several people with wifi access, but we don't want them all on the same SSID or using the same PSK. I looked at the hotspot stuff, but as far as I can tell it runs without a PSK. No good for us, so I didn't look any deeper. Virtual APs look good though. I can add and remove them easily, they can use WPA, they can each have their own subnet, they can each have their own SSID and PSK. Does anyone have an idea how many virtual APs can be set up on (say) an RB951G-2HnD? I've set up ten and they don't seem to have used any resources at all. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer(a)nullarbor.com.au) work +61 2 64957435 http://www.nullarbor.com.au mobile +61 428 957160 GPG fingerprint: 9DCA 0903 BCBD 0647 BCCC 2FA7 A35C 57A1 ACF9 00BB Old fingerprint: 231A B066 CF91 1216 4F0F F2AC CE25 B8AA 46DC CC4F

5 11

mAP-2n POE to mAP-2n when powered from USB?
by Damien Gardner Jnr 16 Sep '15

16 Sep '15

Hi Folks, Getting ready for a camping trip this weekend, and I'm not sure if I'm losing my mind, or just being forgetful, but I can't seem to get one mAP-2n to power the other over PoE, when it is powered from USB? Works fine when I power the first one from 12V DC, but not when I power it from USB. Is that standard? I'm *SURE* the last time I used this little setup (Granted, it was back in April), that I was powering it all from USB.. The PoE out light comes up on the first device when powered from USB, but the second one never powers on. The second ONLY powers on when I power the first from DC. If that's the way it has to be, that's cool, I'll just shove them under the seat of the bike, hard wired into the battery, rather than in my tank bag powered from 20Ah LiPo like I was planning ;) -- Damien Gardner Jnr VK2TDG. Dip EE. GradIEAust rendrag(a)rendrag.net - http://www.rendrag.net/ -- We rode on the winds of the rising storm, We ran to the sounds of thunder. We danced among the lightning bolts, and tore the world asunder

2 2

L3 over QinQ and a Bridge -- too far?
by Terry Sweetser 10 Sep '15

10 Sep '15

Hello Mikrotikians, I've been looking at this one for a while now. I have several hundred QinQ vlans heading into a single bridge group. ipv4 and ipv6 from the bridge interface into the individual links is working well. None of the ipv4 addresses can actually connect to or ping each other. Flags: X - disabled, R - running 0 R name="bridge136" mtu=auto actual-mtu=1500 l2mtu=1992 *arp=proxy-arp* mac-address=D4:CA:6D:01:38:C7 protocol-mode=none priority=0x8000 auto-mac=yes admin-mac=00:00:00:00:00:00 max-message-age=20s forward-delay=15s transmit-hold-count=6 ageing-time=5m Flags: X - disabled, I - inactive, D - dynamic 0 interface=XXXXXX bridge=bridge136 priority=0x80 path-cost=10 edge=auto *point-to-point=yes* external-fdb=auto horizon=1 auto-isolate=no A bridge too far? _So, I'm looking for solution where the IPv* arrives at bridge136 and then goes straight back out the correct port.__ _ -- http://about.me/terry.sweetser

4 11

fan direction in the CCR's
by Alex Samad - Yieldbroker 09 Sep '15

09 Sep '15

Hi Is there any option to buy an front to back airflow CCR's ? Or is there an option in the config to change the direction of the fans ? A

3 10

X86
by Terry Sweetser (SkyMesh) 08 Sep '15

08 Sep '15

Hi Mikrotikians, For those of you running ROS on X86 server hardware -- what's your recommend bare metal server set up? -- http://about.me/terry.sweetser

1 0

Warranty on CCR's
by Alex Samad - Yieldbroker 07 Sep '15

07 Sep '15

Hi I think I have a dead CCR1036, well I have power cycled a few times and it is non responsive, haven't placed a console on it yet. I was going to replace with a new one. But I got to thinking, a) what's the warranty on these, I had presumed 12 months, pretty sure mine is older than 12 months, checked out the web site and couldn't find any details b) how would one go about fixing one of these, is it worth it for the cost, maybe the new ccr1072's maybe? A

3 4

3G/4G on mAP2n or hAP-2nD
by Paul Julian 01 Sep '15

01 Sep '15

Hi guys, just wondering if anybody has used the Routerboard mAP2n with a USB dongle for 3G/4G access ? We are looking at some out of band options for some remote sites and also a way to identify if there has been a power problem on site, so thinking that these things are pretty cheap and we can configure them as an out of band router which plugs into the mains power rather than UPS, that way if we see it drop we know we are running on UPS and if our other gear fails for any reason we can get in remotely using the unit as long as the mains power is working. The other option I am considering is the hAP-2nD which has the advantage of additional ports which I can connect to different devices on site if need be. Both units are the same price. Any thoughts ?? Regards Paul

6 6

BGP Revisited?
by Terry Sweetser (SkyMesh) 27 Aug '15

27 Aug '15

http://routerboard.com/CCR1072-1G-8Splus -- it's out -- will it do a full BGP table? -- http://about.me/terry.sweetser

1 0

vmxnet3 in ROS now
by Alex Samad - Yieldbroker 26 Aug '15

26 Aug '15

Hi Not that new release http://forum.mikrotik.com/viewtopic.php?f=21&t=99531 but the key think I wanted to point out was *) chr - added x86_64 image for use in virtual environments *) chr - added support for VMware SCSI virtual disks *) chr - added support for VMware vmxnet3 network card *) chr - added support for HyperV SCSI disks *) chr - added support for HyperV Ethernet interfaces *) chr - added support for virtio disks Awesome ..... vmxnet3 drivers woo hoo, didn't think they would do this. A

8 23