Ahoj,
na sítí se nám projevuje takový problém. Po restartu rádia mezi dvěma routery se na routeru neobnoví dynamické routy v routovací tabulce.
zapojení je RB3011 - PowerBeam 5AC - PowerBeam 5AC - PowerBOX.
Nastaveni OSPF
- area backbone, v arei je cca 9 routeru, router-id jsou jedinečná
- nbma
- redistribute connected as type 1
- redistribute static as type 1
- redistribute other OSPF as type 1
Verze ROS jsem zkoušel různé.
Celé to vypadá, že se po obnovení linky routery spojí, domluví si DR, BDR dokonce nějaká další data tam protečou, ale v ospf/routes není nic...
Nenapadá vás, kde může být zakopaný pes?
Dík, Roman
Nefunkční OSPF
Nevím, co přesně si pod tím mám představit, ale věřím, že jo. Radio je v bridge...
0 x
-
MSfanousek
- Příspěvky: 4
- Registrován: 5 years ago
Nemáš tu moc informací, ale pravděpodobně máš plnej log hlášení o špatným MTU, uprav si ho na tom bridge na 1500.
0 x
zrovna se to stalo... takhle vypadá log v době, kdy se to pokouší syncnout...
btw: opraví to zakázaní a povolení OSPF instance...
btw: opraví to zakázaní a povolení OSPF instance...
- Přílohy
-
- ospf.png (55.63 KiB) Zobrazeno 641 x
0 x
Změnil jsem nastavení timeoutu (hello na 5s, death na 20s a poll na 30s) a priority u v ospf/network a vypada to, že to pomohlo...
Původně oba routery měly sice jiné router-id, ale stejnou prioritu (1)
Ale pořád nechápu, proč by to mělo něco ovlivnit...
Každopádně teď se ospf chytá spolehlivě. Snad toto nastavení nebude mít jiné negativní side effects...
Původně oba routery měly sice jiné router-id, ale stejnou prioritu (1)
Ale pořád nechápu, proč by to mělo něco ovlivnit...
Každopádně teď se ospf chytá spolehlivě. Snad toto nastavení nebude mít jiné negativní side effects...
0 x
Udelej export a dej ho sem. Nedelal sis nahodou novou instanci OSPF (defaultni neni pouzita)?
Jinak melo by ti pomoct:
pripadne
Jinak melo by ti pomoct:
Kód: Vybrat vše
/routing ospf instance set XY use-dn=yespripadne
Kód: Vybrat vše
/routing ospf instance set XY use-dn=no
0 x
Jinak vidim, ze novy verze ros uz umi menit i pres winbox. Driv byla nutnost udelat pres terminal.
0 x
A mas to pouze proti mikrotiku a nebo je tam i neco jinyho? Podivej se hlavne, jestli mas use-dn vsude stejne.
0 x
router 1
router 2
Kód: Vybrat vše
# jun/12/2018 20:12:04 by RouterOS 6.42.3
# software id = QIGW-YAW6
#
# model = RouterBOARD 3011UiAS
# serial number = 780E0615269B
/interface bridge
add comment=defconf fast-forward=no name=bridge
add fast-forward=no name=loopback
/interface ethernet
set [ find default-name=ether1 ] comment=xxx name=ether1_TO-Mojmirovcu
set [ find default-name=ether2 ] comment=V_zahradach-xxxname=\
ether2_V_zahradach-xxx
set [ find default-name=ether3 ] comment=Zahradnictvi_komin name=\
ether3_Zahradnictvi_komin
set [ find default-name=ether4 ] comment=AP1 name=ether4_AP1
set [ find default-name=ether5 ] comment=ether5 name=\
ether5_TO-xxx_za_podjezdem
set [ find default-name=ether6 ] comment=SW_pater name=ether6_SW-Pater \
rx-flow-control=auto tx-flow-control=auto
set [ find default-name=ether7 ] comment=lancont name=ether7_lancontroler
set [ find default-name=ether8 ] comment=Kamery_cerpadlarna name=\
ether8_Kamery_cerpadlarna
set [ find default-name=ether9 ] comment=xxx_SiKi name=\
ether9_TO-xxx_SiKi speed=1Gbps
set [ find default-name=ether10 ] name=ether10_TO-Vaclavska poe-out=off
set [ find default-name=sfp1 ] name=sfp1_TO-Mojmirovcu rx-flow-control=auto \
tx-flow-control=auto
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=Vodarna
/ip pool
add name=dhcp_pool1 ranges=10.10.11.130-10.10.11.142
/ip dhcp-server
add address-pool=dhcp_pool1 authoritative=after-2sec-delay disabled=no \
interface=bridge name=dhcp1
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 \
redistribute-other-ospf=as-type-1 redistribute-static=as-type-1 \
router-id=10.155.255.4
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/system logging action
set 3 remote=10.155.19.100 src-address=10.155.25.1
/interface bridge port
add bridge=bridge interface=ether2_V_zahradach-xxx
add bridge=bridge interface=ether3_Zahradnictvi_komin
add bridge=bridge interface=ether4_AP1
add bridge=bridge interface=ether6_SW-Pater
add bridge=bridge interface=ether7_lancontroler
add bridge=bridge interface=ether8_Kamery_cerpadlarna
/ip address
add address=10.10.11.129/28 interface=bridge network=10.10.11.128
add address=10.155.25.1/24 interface=bridge network=10.155.25.0
add address=192.168.25.1/24 interface=bridge network=192.168.25.0
add address=172.16.64.46/29 interface=ether1_TO-Mojmirovcu network=\
172.16.64.40
add address=10.155.30.1/24 interface=bridge network=10.155.30.0
add address=172.16.64.54/29 interface=ether10_TO-Vaclavska network=\
172.16.64.48
add address=172.16.64.57/29 interface=ether5_TO-xxx_za_podjezdem network=\
172.16.64.56
add address=10.155.255.4 interface=loopback network=10.155.255.4
add address=1.2.3.177/30 interface=bridge network=1.2.3.176
add address=172.16.64.73/29 interface=ether9_TO-xxx_SiKi network=\
172.16.64.72
add address=1.2.3.185/30 interface=bridge network=1.2.3.184
/ip dhcp-server network
add address=10.10.11.128/28 dns-server=10.155.19.126,10.155.19.125 gateway=\
10.10.11.129
/ip dns
set servers=10.155.19.125,10.155.19.126
/ip dns static
add address=192.168.88.1 name=router
/ip firewall address-list
add address=10.0.0.0/8 comment=privete_IP list=local_ip
add address=192.168.0.0/16 comment=privete_IP list=local_ip
add address=8.8.8.8 comment="google DNS" list=local_ip
add address=172.16.0.0/16 comment=privete_IP list=local_ip
add address=1.2.3.0/22 comment=xxx_RIPE_IP list=local_ip
add address=1.2.3.225 comment=xxx_home list=Trusted_IP
add address=172.16.1.0/24 comment=VPN list=Trusted_IP
add address=1.2.3.0/28 comment=Local_Server list=Trusted_IP
add address=172.16.64.0/22 comment=spojovacky list=Trusted_IP
add address=172.16.68.0/22 comment=spojovacky_radia list=Trusted_IP
add address=172.16.64.58 comment=P2P_Vodarna-xxx.za.podjezdem list=\
AL_ipBezShaperu
add address=172.16.64.61 comment=p2p_xxx-vodarna list=AL_ipBezShaperu
add address=172.16.64.62 comment=P2P_xxx.za.podjedem-Vodarna list=\
AL_ipBezShaperu
add address=172.16.64.74 comment=P2P_Vodarna-xxx.siki list=\
AL_ipBezShaperu
add address=172.16.64.77 comment=p2p_xxx.siki-vodarna list=\
AL_ipBezShaperu
add address=172.16.64.78 comment=P2P_xxx.siki-Vodarna list=\
AL_ipBezShaperu
add address=192.168.25.82 comment=sed-lancontroler list=AL_ipBezShaperu
add address=192.168.25.241 comment=vodarna_lancontroler list=AL_ipBezShaperu
add address=192.168.25.233 comment=vodarna-cerpadlo_lancontroler list=\
AL_ipBezShaperu
add address=192.168.25.205 comment=Axmana_Lancontroler list=AL_ipBezShaperu
add address=192.168.25.19 comment=zahradnictvi_lancontroler list=\
AL_ipBezShaperu
/ip firewall filter
add action=accept chain=input comment="accept established,related,untracked" \
connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="accept ICMP" protocol=icmp
add action=accept chain=input comment="accept WinBox" dst-port=8291 protocol=\
tcp src-address-list=Trusted_IP
add action=accept chain=input comment="accept API" dst-port=8728 protocol=tcp \
src-address-list=Trusted_IP
add action=accept chain=input comment="accept API_SSL" dst-port=8729 \
protocol=tcp src-address-list=Trusted_IP
add action=accept chain=input comment="accept SSH" dst-port=22 protocol=tcp \
src-address-list=Trusted_IP
add action=accept chain=input comment="accept SNMP" dst-port=161 protocol=udp \
src-address-list=Trusted_IP
add action=accept chain=input comment="accept OSPF" protocol=ospf \
src-address-list=Trusted_IP
add action=drop chain=input comment="defconf: drop all coming "
add action=accept chain=forward comment="accept in ipsec policy" disabled=yes \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="accept out ipsec policy" disabled=\
yes ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment=fasttrack \
connection-state=established,related disabled=yes
add action=drop chain=forward comment="ip bez shaperu" dst-address-list=\
!local_ip src-address-list=AL_ipBezShaperu
/ip firewall mangle
add action=mark-packet chain=forward comment=Pingatko new-packet-mark=\
PM_se_up passthrough=no src-address=1.2.3.8
add action=mark-packet chain=forward comment=Pingatko dst-address=\
1.2.3.8 new-packet-mark=PM_se_down passthrough=no
add action=jump chain=forward jump-target=10.155.25.0/24 src-address=\
10.155.25.0/24
add action=jump chain=forward dst-address=10.155.25.0/24 jump-target=\
10.155.25.0/24
add action=add-src-to-address-list address-list=AL_ipBezShaperu \
address-list-timeout=none-dynamic chain=forward comment=ip_bezshaperu \
src-address=10.155.25.0/24
add action=jump chain=forward jump-target=10.155.30.0/24 src-address=\
10.155.30.0/24
add action=jump chain=forward dst-address=10.155.30.0/24 jump-target=\
10.155.30.0/24
add action=add-src-to-address-list address-list=AL_ipBezShaperu \
address-list-timeout=none-dynamic chain=forward comment=ip_bezshaperu \
src-address=10.155.30.0/24
add action=jump chain=forward jump-target=1.2.3.176/30 src-address=\
1.2.3.176/30
add action=jump chain=forward dst-address=1.2.3.176/30 jump-target=\
1.2.3.176/30
add action=add-src-to-address-list address-list=AL_ipBezShaperu \
address-list-timeout=none-dynamic chain=forward comment=ip_bezshaperu \
src-address=1.2.3.176/30
add action=jump chain=forward jump-target=1.2.3.184/30 src-address=\
1.2.3.184/30
add action=jump chain=forward dst-address=1.2.3.184/30 jump-target=\
1.2.3.184/30
add action=add-src-to-address-list address-list=AL_ipBezShaperu \
address-list-timeout=none-dynamic chain=forward comment=ip_bezshaperu \
src-address=1.2.3.184/30
add action=add-src-to-address-list address-list=AL_ipBezShaperu \
address-list-timeout=none-dynamic chain=forward comment=ip_bezshaperu \
src-address=192.168.0.0/16
add action=add-src-to-address-list address-list=AL_ipBezShaperu \
address-list-timeout=none-dynamic chain=forward comment=ip_bezshaperu \
src-address=10.10.11.128/28
add action=return chain=172.16.64.56/29
add action=return chain=172.16.64.72/29
add action=return chain=10.155.25.0/24
add action=return chain=192.168.25.0/24
add action=return chain=10.155.30.0/24
add action=return chain=1.2.3.176/30
add action=return chain=1.2.3.184/30
/ip firewall nat
add action=dst-nat chain=dstnat comment="Presmeruje IP bez shaperu" \
dst-address-list=!local_ip dst-port=80 protocol=tcp src-address-list=\
AL_ipBezShaperu to-addresses=1.2.3.8 to-ports=82
add action=dst-nat chain=dstnat disabled=yes dst-address=192.168.25.11 \
to-addresses=192.168.0.1
add action=src-nat chain=srcnat disabled=yes dst-address=192.168.0.1 \
to-addresses=192.168.0.2
add action=src-nat chain=srcnat comment=NAT_p2p-mojmirovcu dst-address=\
172.16.64.40/29 to-addresses=172.16.64.46
add action=src-nat chain=srcnat comment=NAT_p2p-vaclavska dst-address=\
172.16.64.48/29 to-addresses=172.16.64.54
add action=src-nat chain=srcnat comment=NAT_p2p-siki disabled=yes \
dst-address=172.16.64.72/29 to-addresses=172.16.64.73
/ip route
add disabled=yes distance=1 gateway=172.16.64.41
add comment=xxx_DHCP disabled=yes distance=1 dst-address=10.10.11.160/28 \
gateway=172.16.64.62
add disabled=yes distance=1 dst-address=10.10.11.176/28 gateway=172.16.64.78
add comment=xxx disabled=yes distance=1 dst-address=10.155.28.0/24 \
gateway=172.16.64.62
add disabled=yes distance=1 dst-address=10.155.29.0/24 gateway=172.16.64.78
add comment=xxx_MGM disabled=yes distance=1 dst-address=192.168.28.0/24 \
gateway=172.16.64.62
add disabled=yes distance=1 dst-address=192.168.29.0/24 gateway=172.16.64.78
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set api-ssl disabled=yes
/routing ospf interface
add cost=100 interface=ether10_TO-Vaclavska network-type=nbma
add cost=20 interface=ether1_TO-Mojmirovcu network-type=nbma
add dead-interval=20s hello-interval=5s interface=\
ether5_TO-xxx_za_podjezdem network-type=nbma priority=2
add dead-interval=20s hello-interval=5s interface=ether9_TO-xxx_SiKi \
network-type=nbma priority=2
/routing ospf nbma-neighbor
add address=172.16.64.49 comment=TO-Vaclavska priority=1
add address=172.16.64.41 comment=TO-Mojmirovcu priority=1
add address=172.16.64.62 comment=TO-xxx_za_podjezdem poll-interval=30s
add address=172.16.64.78 comment=TO-xxx_SiKi poll-interval=30s
/routing ospf network
add area=backbone comment=TO-Vaclavska network=172.16.64.48/29
add area=backbone comment=TO-Mojmirovcu network=172.16.64.40/29
add area=backbone comment=TO-xxx_za_podjezdem network=172.16.64.56/29
add area=backbone comment=TO-xxx_siki network=172.16.64.72/29
/snmp
set contact=info@xxx.cz enabled=yes location=vodarna
/system clock
set time-zone-name=Europe/Prague
/system identity
set name=Vodarna
/system logging
add action=remote topics=critical
add action=remote topics=error
add action=remote topics=info,!account
add action=remote topics=warning
add prefix=_OSPF_ topics=ospf,!debug
add action=remote prefix=_OSPF_ topics=ospf,!debug
/system ntp client
set enabled=yes primary-ntp=1.2.3.8 server-dns-names=1.2.3.4
/system routerboard settings
set silent-boot=no
router 2
Kód: Vybrat vše
# jun/12/2018 19:48:33 by RouterOS 6.42.3
# software id = FTVJ-UBYA
#
# model = RouterBOARD 750P r2
# serial number = 67D507031E2A
/interface bridge
add fast-forward=no name=bridge1
add fast-forward=no name=loopback
/interface ethernet
set [ find default-name=ether1 ] name=ether1-BYT
set [ find default-name=ether4 ] name=ether4-AP1 poe-out=forced-on \
power-cycle-ping-address=192.168.29.3 power-cycle-ping-enabled=yes \
power-cycle-ping-timeout=10m
set [ find default-name=ether5 ] name=ether5-TO-vodarna poe-out=forced-on \
power-cycle-ping-address=172.16.64.73 power-cycle-ping-enabled=yes \
power-cycle-ping-timeout=10m
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=xxx-siki
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp_pool1 ranges=10.10.11.178-10.10.11.190
/ip dhcp-server
add address-pool=dhcp_pool1 authoritative=after-2sec-delay disabled=no \
interface=bridge1 name=dhcp1
/queue tree
add name=lan_xxx.siki_up parent=global queue=ethernet-default
add name=lan_xxx.siki_down parent=global queue=ethernet-default
add limit-at=1127k max-limit=33M name=xxx.marek.4491_up packet-mark=\
PM_10.155.29.12_up parent=lan_xxx.xxx_up queue=wireless-default
add limit-at=1127k max-limit=33M name=xxx.marek.4491_down packet-mark=\
PM_10.155.29.12_down parent=lan_xxx.siki_down queue=wireless-default
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 \
redistribute-other-ospf=as-type-1 redistribute-static=as-type-1 \
router-id=10.155.255.7
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/system logging action
set 3 remote=10.155.19.100 src-address=10.155.29.1
/interface bridge port
add bridge=bridge1 hw=no interface=ether1-BYT
add bridge=bridge1 hw=no interface=ether2
add bridge=bridge1 hw=no interface=ether3
add bridge=bridge1 hw=no interface=ether4-AP1
/ip address
add address=172.16.64.78/29 interface=ether5-TO-vodarna network=172.16.64.72
add address=192.168.29.1/24 interface=bridge1 network=192.168.29.0
add address=10.155.29.1/24 interface=bridge1 network=10.155.29.0
add address=10.10.11.177/28 interface=bridge1 network=10.10.11.176
add address=10.155.255.7 interface=loopback network=10.155.255.7
/ip dhcp-server network
add address=10.10.11.176/28 dns-server=10.155.19.126,10.155.19.125 gateway=\
10.10.11.177
/ip dns
set servers=10.155.19.126,10.155.19.125
/ip firewall address-list
add address=10.0.0.0/8 comment=privete_IP list=local_ip
add address=192.168.0.0/16 comment=privete_IP list=local_ip
add address=8.8.8.8 comment="google DNS" list=local_ip
add address=172.16.0.0/16 comment=privete_IP list=local_ip
add address=172.16.1.0/24 comment=VPN list=Trusted_IP
add address=172.16.64.0/22 comment=Spojovacky list=Trusted_IP
add address=172.16.68.0/22 comment=Spojojavcky list=Trusted_IP
add address=192.168.29.3 comment=siki-ap1 list=AL_ipBezShaperu
/ip firewall filter
add action=accept chain=input comment="accept established,related,untracked" \
connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="accept ICMP" protocol=icmp
add action=accept chain=input comment="accept WinBox" dst-port=8291 protocol=\
tcp src-address-list=Trusted_IP
add action=accept chain=input comment="accept API" dst-port=8728 protocol=tcp \
src-address-list=Trusted_IP
add action=accept chain=input comment="accept API_SSL" dst-port=8729 \
protocol=tcp src-address-list=Trusted_IP
add action=accept chain=input comment="accept SSH" dst-port=22 protocol=tcp \
src-address-list=Trusted_IP
add action=accept chain=input comment="accept SNMP" dst-port=161 protocol=udp \
src-address-list=Trusted_IP
add action=accept chain=input comment="accept OSPF" protocol=ospf \
src-address-list=Trusted_IP
add action=drop chain=input comment="defconf: drop all coming "
add action=accept chain=forward comment="accept in ipsec policy" disabled=yes \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="accept out ipsec policy" disabled=\
yes ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment=fasttrack \
connection-state=established,related disabled=yes
add action=drop chain=forward comment="ip bez shaperu" dst-address-list=\
!local_ip src-address-list=AL_ipBezShaperu
/ip firewall mangle
add action=jump chain=forward jump-target=10.155.29.0/24 src-address=\
10.155.29.0/24
add action=jump chain=forward dst-address=10.155.29.0/24 jump-target=\
10.155.29.0/24
add action=add-src-to-address-list address-list=AL_ipBezShaperu \
address-list-timeout=none-dynamic chain=forward comment=ip_bezshaperu \
src-address=10.155.29.0/24
add action=mark-packet chain=10.155.29.0/24 comment=sikora.marek \
new-packet-mark=PM_10.155.29.12_up passthrough=no src-address=\
10.155.29.12
add action=mark-packet chain=10.155.29.0/24 comment=sikora.marek dst-address=\
10.155.29.12 new-packet-mark=PM_10.155.29.12_down passthrough=no
add action=return chain=192.168.29.0/24
add action=return chain=10.155.29.0/24
/ip firewall nat
add action=dst-nat chain=dstnat comment="Presmeruje IP bez shaperu" \
dst-address-list=!local_ip dst-port=80 protocol=tcp src-address-list=\
AL_ipBezShaperu to-addresses=1.2.3.8 to-ports=82
/ip route
add distance=220 gateway=172.16.64.73
/routing ospf interface
add dead-interval=20s hello-interval=5s interface=ether5-TO-vodarna \
network-type=nbma
/routing ospf nbma-neighbor
add address=172.16.64.73 comment=TO-Vodarna poll-interval=30s
/routing ospf network
add area=backbone comment=TO_Vodarna network=172.16.64.72/29
/snmp
set contact=info@xxx.cz enabled=yes location=SiKi
/system clock
set time-zone-name=Europe/Prague
/system identity
set name=xxx-siki
/system logging
add action=remote topics=critical
add action=remote topics=error
add action=remote topics=info,!account
add topics=warning
add disabled=yes topics=ospf
add action=remote disabled=yes topics=ospf
add action=echo disabled=yes topics=ospf
/system ntp client
set enabled=yes primary-ntp=1.2.3.4
/system routerboard settings
set silent-boot=no
/system watchdog
set no-ping-delay=10m watchdog-timer=no
0 x
/routing ospf instance get default use-dn vrací všude prázdný výsledek, takže pokud to mk neinterpretuje v každé verzi jinak, tak je to všude stejné...
0 x
rseb píše:/routing ospf instance get default use-dn vrací všude prázdný výsledek, takže pokud to mk neinterpretuje v každé verzi jinak, tak je to všude stejné...
a tohle zkousis jak? Pokud se chces podivat co tam je tak to musis udelat takto:
Kód: Vybrat vše
:put [routing ospf instance get default use-dn ]
0 x
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 6 hostů