[Mikrotik] basic routing

Josh Luthman josh at imaginenetworksllc.com
Wed Jun 6 13:41:53 CDT 2012


Can you ping the next hop out?  That is the next router beyond the Cisco?

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373


On Wed, Jun 6, 2012 at 2:37 PM, Ty Featherling <tyfeatherling at gmail.com> wrote:
> Damnit. Yes I had icmp echo blocked inbound to that network. Removed that
> and I am able to ping IN to 207.235.23.1. Still unabled to ping OUT from
> the RB or my PC behind it to the outside world. I CAN ping out to any IP on
> or attached to that Cisco though, just not beyond to the internet.
>
> -Ty
>
> On Wed, Jun 6, 2012 at 1:30 PM, Josh Luthman <josh at imaginenetworksllc.com>wrote:
>
>> That address is on the Cisco you're saying?  Firewall on there sounds
>> like your issue.
>>
>> Josh Luthman
>> Office: 937-552-2340
>> Direct: 937-552-2343
>> 1100 Wayne St
>> Suite 1337
>> Troy, OH 45373
>>
>>
>> On Wed, Jun 6, 2012 at 2:23 PM, Ty Featherling <tyfeatherling at gmail.com>
>> wrote:
>> > This may be telling - I just tried to ping 207.235.23.1 from my phone
>> using
>> > 3g. The first two pings failed with "207.235.23.1 filtered by
>> > 207.114.255.186." That IP is my Edge router's internet upstream facing
>> > address.
>> >
>> > -Ty
>> >
>> > On Wed, Jun 6, 2012 at 1:20 PM, Ty Featherling <tyfeatherling at gmail.com
>> >wrote:
>> >
>> >> Yes it can. It can ping 207.235.23.1 as well so it's route works.
>> >>
>> >> -Ty
>> >>
>> >>
>> >> On Wed, Jun 6, 2012 at 11:33 AM, Meftah Tayeb <tayeb.meftah at gmail.com
>> >wrote:
>> >>
>> >>> what edge router is that ?
>> >>>
>> >>> ----- Original Message ----- From: "Josh Luthman" <
>> >>> josh at imaginenetworksllc.com>
>> >>> To: "Mikrotik discussions" <mikrotik at mail.butchevans.com>
>> >>> Sent: Wednesday, June 06, 2012 9:17 PM
>> >>> Subject: Re: [Mikrotik] basic routing
>> >>>
>> >>>
>> >>>
>> >>> Is this a /30 ?
>> >>>
>> >>> gig0/1 - 10.100.0.1
>> >>>
>> >>> Can the Cisco ping 207.235.23.1 ?
>> >>>
>> >>> Josh Luthman
>> >>> Office: 937-552-2340
>> >>> Direct: 937-552-2343
>> >>> 1100 Wayne St
>> >>> Suite 1337
>> >>> Troy, OH 45373
>> >>>
>> >>>
>> >>> On Wed, Jun 6, 2012 at 2:12 PM, Ty Featherling <
>> tyfeatherling at gmail.com>
>> >>> wrote:
>> >>>
>> >>>> Here's the config:
>> >>>>
>> >>>> Routerboard
>> >>>> ether1 - 10.100.0.2/30
>> >>>>
>> >>>> ether2 - 10.100.1.1/24
>> >>>> ether2 - 207.235.23.1/26 (public)
>> >>>>
>> >>>> ip route 0.0.0.0/0 10.100.0.1
>> >>>>
>> >>>> Edge Cisco
>> >>>> gig0/1 - 10.100.0.1
>> >>>>
>> >>>> ip route 207.235.23.0 255.255.255.182 10.100.0.2
>> >>>>
>> >>>>
>> >>>> Now I have 2 CAP320 APs that are setup in a similar way. They have a
>> >>>> 10.0.12.x address on their ethernet side and a 209.163.162.x/26 on the
>> >>>> wireless side and acting as gateway for the customers. The default
>> route
>> >>>> on
>> >>>> the AP pointing to the Edge router at 10.0.12.1 and a return route at
>> the
>> >>>> Edge pointing all 209.163.162.x/26 traffic to 10.0.12.x and no
>> issues. I
>> >>>> say this to point out that I don't believe the upstream's config is
>> the
>> >>>> problem.
>> >>>>
>> >>>> -Ty
>> >>>>
>> >>>>
>> >>>> On Wed, Jun 6, 2012 at 12:09 PM, Scott Reed <sreed at nwwnet.net> wrote:
>> >>>>
>> >>>>  Does your public range include the address your upstream expects to
>> see?
>> >>>>> If so, you need to either get your upstream to give you a /29 or /30
>> to
>> >>>>> use for connectivity or you are going to have to change how much of
>> the
>> >>>>> block you send to the AP.
>> >>>>> Does your upstream know that the subnet on your inside router should
>> be
>> >>>>> routed to your border router? If not, they need to add a route.
>> >>>>>
>> >>>>>
>> >>>>> On 6/6/2012 12:50 PM, Ty Featherling wrote:
>> >>>>>
>> >>>>>  I am trying to route my first tower with mikrotik. I have a private
>> /30
>> >>>>>> setup between my edge router and ether1 of the RB. I have a private
>> /24
>> >>>>>> setup for an ap and it's cpe on ether2. I have a subnet of public
>> >>>>>> addresses
>> >>>>>> to use for clients of this AP and the gateway for those is set as an
>> >>>>>> address on ether2 as well. Default route is the gateway for ether1
>> >>>>>> which
>> >>>>>> is
>> >>>>>> our edge router. There is a route on the edge router routing that
>> >>>>>> subnet
>> >>>>>> of
>> >>>>>> publics back to the ether1 address of the RB. This all sounds right
>> to
>> >>>>>> me.
>> >>>>>>
>> >>>>>> This is being setup on my bench right now so I configured it as
>> above
>> >>>>>> then
>> >>>>>> plugged my laptop into ether2 and gave myself a static public
>> address
>> >>>>>> within the range assigned to the RB. I can ping my gateway and all
>> >>>>>> other
>> >>>>>> ips assigned to the RB and ips on my network beyond the RB. I can
>> ping
>> >>>>>> the
>> >>>>>> RB from the outside both on it's ether1 address and the public
>> gateway
>> >>>>>> assigned to ether2.
>> >>>>>>
>> >>>>>> I cannot reach the internet from my laptop. I have a static DNS
>> address
>> >>>>>> configured. I can ping the DNS server, but I get no internet
>> response.
>> >>>>>> Pings to google.com cannot find host. What am I missing?
>> >>>>>>
>> >>>>>> I'm going to lunch to clear my head. Any help appreciated.
>> >>>>>>
>> >>>>>> -Ty
>> >>>>>> -------------- next part --------------
>> >>>>>> An HTML attachment was scrubbed...
>> >>>>>> URL:<http://www.butchevans.****com/pipermail/mikrotik/**
>> >>>>>> attachments/20120606/5b63e0cb/****attachment.html<http://www.**
>> >>>>>> butchevans.com/pipermail/**mikrotik/attachments/20120606/**
>> >>>>>> 5b63e0cb/attachment.html<
>> http://www.butchevans.com/pipermail/mikrotik/attachments/20120606/5b63e0cb/attachment.html
>> >
>> >>>>>> >
>> >>>>>> >
>> >>>>>> ______________________________****_________________
>> >>>>>> Mikrotik mailing list
>> >>>>>> Mikrotik at mail.butchevans.com
>> >>>>>> http://www.butchevans.com/****mailman/listinfo/mikrotik<
>> http://www.butchevans.com/**mailman/listinfo/mikrotik>
>> >>>>>> <http**://www.butchevans.com/mailman/**listinfo/mikrotik<
>> http://www.butchevans.com/mailman/listinfo/mikrotik>
>> >>>>>> >
>> >>>>>>
>> >>>>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>> >>>>>> RouterOS
>> >>>>>>
>> >>>>>>
>> >>>>>> -----
>> >>>>>> No virus found in this message.
>> >>>>>> Checked by AVG - www.avg.com
>> >>>>>> Version: 2012.0.2178 / Virus Database: 2433/5051 - Release Date:
>> >>>>>> 06/06/12
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>>  --
>> >>>>> Scott Reed
>> >>>>> Owner
>> >>>>> NewWays Networking, LLC
>> >>>>> Wireless Networking
>> >>>>> Network Design, Installation and Administration
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> Mikrotik Advanced Certified
>> >>>>>
>> >>>>> www.nwwnet.net
>> >>>>> (765) 855-1060
>> >>>>> (765) 439-4253
>> >>>>> (855) 231-6239
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>> ______________________________****_________________
>> >>>>> Mikrotik mailing list
>> >>>>> Mikrotik at mail.butchevans.com
>> >>>>> http://www.butchevans.com/****mailman/listinfo/mikrotik<
>> http://www.butchevans.com/**mailman/listinfo/mikrotik>
>> >>>>> <http**://www.butchevans.com/mailman/**listinfo/mikrotik<
>> http://www.butchevans.com/mailman/listinfo/mikrotik>
>> >>>>> >
>> >>>>>
>> >>>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>> >>>>> RouterOS
>> >>>>>
>> >>>>>  -------------- next part --------------
>> >>>> An HTML attachment was scrubbed...
>> >>>> URL: <http://www.butchevans.com/**pipermail/mikrotik/**
>> >>>> attachments/20120606/10415862/**attachment.html<
>> http://www.butchevans.com/pipermail/mikrotik/attachments/20120606/10415862/attachment.html
>> >
>> >>>> >
>> >>>> ______________________________**_________________
>> >>>> Mikrotik mailing list
>> >>>> Mikrotik at mail.butchevans.com
>> >>>> http://www.butchevans.com/**mailman/listinfo/mikrotik<
>> http://www.butchevans.com/mailman/listinfo/mikrotik>
>> >>>>
>> >>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>> >>>> RouterOS
>> >>>>
>> >>> ______________________________**_________________
>> >>> Mikrotik mailing list
>> >>> Mikrotik at mail.butchevans.com
>> >>> http://www.butchevans.com/**mailman/listinfo/mikrotik<
>> http://www.butchevans.com/mailman/listinfo/mikrotik>
>> >>>
>> >>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>> >>> RouterOS
>> >>>
>> >>>
>> >>> __________ Information from ESET NOD32 Antivirus, version of virus
>> >>> signature database 6830 (20120126) __________
>> >>>
>> >>> The message was checked by ESET NOD32 Antivirus.
>> >>>
>> >>> http://www.eset.com
>> >>>
>> >>>
>> >>>
>> >>>
>> >>> __________ Information from ESET NOD32 Antivirus, version of virus
>> >>> signature database 6830 (20120126) __________
>> >>>
>> >>> The message was checked by ESET NOD32 Antivirus.
>> >>>
>> >>> http://www.eset.com
>> >>>
>> >>>
>> >>>
>> >>>
>> >>> ______________________________**_________________
>> >>> Mikrotik mailing list
>> >>> Mikrotik at mail.butchevans.com
>> >>> http://www.butchevans.com/**mailman/listinfo/mikrotik<
>> http://www.butchevans.com/mailman/listinfo/mikrotik>
>> >>>
>> >>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>> >>> RouterOS
>> >>>
>> >>
>> >>
>> > -------------- next part --------------
>> > An HTML attachment was scrubbed...
>> > URL: <
>> http://www.butchevans.com/pipermail/mikrotik/attachments/20120606/c51a4dc5/attachment.html
>> >
>> > _______________________________________________
>> > Mikrotik mailing list
>> > Mikrotik at mail.butchevans.com
>> > http://www.butchevans.com/mailman/listinfo/mikrotik
>> >
>> > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>> RouterOS
>> _______________________________________________
>> Mikrotik mailing list
>> Mikrotik at mail.butchevans.com
>> http://www.butchevans.com/mailman/listinfo/mikrotik
>>
>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>> RouterOS
>>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://www.butchevans.com/pipermail/mikrotik/attachments/20120606/a86770ad/attachment.html>
> _______________________________________________
> Mikrotik mailing list
> Mikrotik at mail.butchevans.com
> http://www.butchevans.com/mailman/listinfo/mikrotik
>
> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS


More information about the Mikrotik mailing list