Rebooted both the router and the switch, no joy, issue persists. -- Christopher Tyler Senior Network Engineer MTCRE/MTCNA/MTCTCE/MTCWE
Total Highspeed Internet Solutions 1091 W. Kathryn Street Nixa, MO 65714 (417) 851-1107 x. 9002 www.totalhighspeed.com This institution is an equal opportunity provider and employer. Esta institución es un proveedor de servicios con igualdad de oportunidades. ----- Original Message ----- > From: "Adam Moffett" <dmmoff...@gmail.com> > To: "AnimalFarm Microwave Users Group" <af@af.afmug.com> > Sent: Wednesday, May 4, 2022 2:50:13 PM > Subject: Re: [AFMUG] Weird IP issue > If this is a Mikrotik switch, reboot it before you waste a lot of time. > > I've seen weird stuff too many times. I had a CRS317 the other day where we > got 98% packet loss to one specific host. Watching the switch hosts table it > seemed like it kept changing it's mind as to which interface that MAC address > was on. Reboot cleared it right up. > > -Adam > > > -----Original Message----- > From: AF <af-boun...@af.afmug.com> On Behalf Of Larry Smith > Sent: Wednesday, May 04, 2022 12:50 PM > To: AnimalFarm Microwave Users Group <af@af.afmug.com> > Subject: Re: [AFMUG] Weird IP issue > > > To verify that, drop the firewall and then test again. > If its firewall related it will start working. > > -- > Larry Smith > lesm...@ecsis.net > > On Wed May 4 2022 11:18, Christopher Tyler wrote: >> Very minimal, really just basic input rules, nothing that would block >> the IP addresses from getting through. No NAT or Mangle rules on this router. >> >> /ip firewall filter >> add action=accept chain=input comment="ACCEPT ESTABLISHED/RELATED" \ >> connection-state=established,related >> add action=accept chain=input comment="ACCEPT OSPF" protocol=ospf add >> action=accept chain=input comment="ACCEPT ICMP (ping)" protocol=icmp >> add action=accept chain=input comment="ACCEPT SNMP" dst-port=160-161 >> protocol=\ udp add action=accept chain=input comment="ACCEPT DHCP" >> dst-port=67 protocol=udp add action=accept chain=input comment="Allow >> MTIK Bandwidth Test" dst-port=\ 2000-3000 protocol=tcp add >> action=accept chain=input comment="Allow MTIK Bandwidth Test" >> dst-port=\ 2000-3000 protocol=udp >> add action=accept chain=input dst-port=5678 protocol=tcp add >> action=accept chain=input comment="ACCEPT THIS Mgmt" src-address-list=\ >> THIS_ADMIN >> add action=accept chain=output comment="ACCEPT ALL OUTBOUND" >> add action=drop chain=input comment="DROP ALL OTHER INPUT" >> >> >> -- >> Christopher Tyler >> Senior Network Engineer >> MTCRE/MTCNA/MTCTCE/MTCWE >> >> Total Highspeed Internet Solutions >> 1091 W. Kathryn Street >> Nixa, MO 65714 >> (417) 851-1107 x. 9002 >> www.totalhighspeed.com >> >> This institution is an equal opportunity provider and employer. >> Esta institución es un proveedor de servicios con igualdad de >> oportunidades. >> >> ----- Original Message ----- >> >> > From: "Josh Luthman" <j...@imaginenetworksllc.com> >> > To: "AnimalFarm Microwave Users Group" <af@af.afmug.com> >> > Sent: Wednesday, May 4, 2022 11:12:55 AM >> > Subject: Re: [AFMUG] Weird IP issue >> > >> > Firewall filter rules? >> > >> > Double check the gateway and subnet on the server. >> > >> > On Wed, May 4, 2022 at 11:17 AM Christopher Tyler < [ >> > mailto:ch...@totalhighspeed.net | ch...@totalhighspeed.net ] > wrote: >> > >> > >> > We have one of the new Mikrotik CCR2216-1G-12XS-2XQ routers running >> > RouterOS 7.2.1 with a Mikrotik switch (running 6.44.3) hanging off of it. >> > I have two servers on that switch both in the the same public IP >> > block. I can ping both servers from the router, and they can ping >> > each other. One server is globally reachable and the other is not >> > reachable other than from the router or switch itself. I plugged in >> > my laptop and assigned it an IP in that same range and cannot reach >> > it extrenally either. The router is using OSPF and I can see the >> > route for that IP block from both sides of the router, but >> > traceroutes/pings to anything other than the server that is working >> > stop at the router. No vlans or special configuration between the >> > router and the switch, just basic IP, all ports on the switch are >> > bridged. Forwarded ports (dstnat) don't appear to work from the router >> > either. >> > >> > I'm stumped, so I figured I would ask if anyone else has seen >> > anything like this and have a solution, or am I looking at a >> > possible RouterOS 7 issue? >> > >> > -- >> > Christopher Tyler >> > Senior Network Engineer >> > MTCRE/MTCNA/MTCTCE/MTCWE >> > >> > Total Highspeed Internet Solutions >> > 1091 W. Kathryn Street >> > Nixa, MO 65714 >> > (417) 851-1107 x. 9002 >> > [ http://www.totalhighspeed.com/ | www.totalhighspeed.com ] >> > >> > This institution is an equal opportunity provider and employer. >> > Esta institución es un proveedor de servicios con igualdad de >> > oportunidades. >> > >> > -- >> > AF mailing list >> > [ mailto:AF@af.afmug.com | AF@af.afmug.com ] [ >> > http://af.afmug.com/mailman/listinfo/af_af.afmug.com | >> > http://af.afmug.com/mailman/listinfo/af_af.afmug.com ] >> > >> > -- >> > AF mailing list >> > AF@af.afmug.com >> > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
