strange problem - packets going out to WAN2 with src of WAN1

CblP · Fri May 03, 2013 12:02 am

I have two ISPs at home and want everything to go to WAN1 except for a few things.
Here is what I have:

[admin@MikroTik] > ip address print 
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE                              
 0   192.168.1.1/24     192.168.1.0     bridge1                                
 1 D 10.107.6.210/22    10.107.4.0      ether5                                 
 2 D 92.242.79.188/32   92.242.92.245   l2tp-out1                              
 3 D 192.168.180.220/32 192.168.180.52  pptp-out1                              
 4 D 109.184.244.162/32 109.184.128.1   pppoe-out1

pppoe-out1 is my main connection, so, it is a default route
l2tp-out1 is my second WAN, and I only want a few things to go out to it.

Here is how my routing table looks like:

[admin@MikroTik] > ip route print
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADS  0.0.0.0/0                          109.184.128.1             1
 1 ADS  10.0.0.0/8                         10.107.4.1                0
 2 ADC  10.107.4.0/22      10.107.6.210    ether5                    0
 3 A S  69.4.236.0/24                      l2tp-out1                 1
 4 A S  80.75.132.0/24                     l2tp-out1                 1
 5 ADC  92.242.92.245/32   92.242.79.188   l2tp-out1                 0
 6 ADC  109.184.128.1/32   109.184.244.162 pppoe-out1                0
 7 ADC  192.168.1.0/24     192.168.1.1     bridge1                   0

as you may see, I want 69.4.236.0/24 and 80.75.132.0/24 to go out via my secondary ISP which is l2tp. Fine.

traffic is NATed on way out:

[admin@MikroTik] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic 
 0   chain=srcnat action=masquerade out-interface=pppoe-out1 

 1   chain=srcnat action=masquerade out-interface=ether5 

 2   chain=srcnat action=masquerade out-interface=l2tp-out1

Now to the problem:
my SIP device is sending requests from LAN to both 69.4.236.0 and 80.75.132.0 nets, and I see packets going out through l2tp which is fine. However, packets destined to 69.x.x.x have source IP of pppoe connection, and packets going out to 80.x.x.x have correct source IP of l2tp connection! I have verified this multiple times with sniffer.
I admit I might be overlooking something, but damn! I don't see a reason for different behavior on different routing entries.

So, the question is whether any of you guys have any clues on what is going on here?
Any input that can shed some light will be very appreciated.
just in case, I have already played with preferred source and src-nat instead of masquerade,
and these have no impact on the result at all.
I'm using 6rc11 on rb2011.

joshaven · Fri May 03, 2013 5:24 am

Do you have any mangle rules that may be altering anything?

I am a bit confused about some of your wording regarding the source an destination of the traffic that isn't working right. Are you saying the traffic is originating from your ata and going out the pppoe interface rather then the l2tp?

Traffic should always follow the most spicific route so I am not shure how this could happen. I recommend watching the traffic with torch and seeing if you cannot see something that triggers an idea.

CblP · Fri May 03, 2013 8:51 am

let me explain the problem in more details
I have a pppoe connection with IP 109.184.244.162
and an l2tp connection with IP 92.242.79.188

default route is pppoe, but I have rules to send traffic to 2 specific networks through l2tp.
Mikrotik is doing so, BUT, source of the packet is set to 109.184.244.162 when destination is first net (which is incorrect)
and it sets a correct source 92.242.79.188 when sending to the second.
What on earth could be the reason?

mangle is not the case here as I only have rules to change the MSS:

[admin@MikroTik] > ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=forward action=change-mss new-mss=1452 passthrough=yes tcp-flags=syn protocol=tcp in-interface=pppoe-out1 tcp-mss=1453-65535

1 chain=forward action=change-mss new-mss=1452 passthrough=yes tcp-flags=syn protocol=tcp out-interface=pppoe-out1 tcp-mss=1453-65535

2 chain=forward action=change-mss new-mss=1420 passthrough=yes tcp-flags=syn protocol=tcp in-interface=l2tp-out1 tcp-mss=1421-65535

3 chain=forward action=change-mss new-mss=1420 passthrough=yes tcp-flags=syn protocol=tcp out-interface=l2tp-out1 tcp-mss=1421-65535

CblP · Fri May 03, 2013 11:22 am

ok the problem is not happening anymore.
I exported the config, reset the router to defaults and re-applied the same config again.
After a reboot the problem was gone, and so far I am not able to reproduce it.
It appears like reconfig/reboot is the first thing you have to try whenever you have a problem with Mikrotik,
as it already helped me with other troubles in the past.

Should be added to manual or "sticky"-ed on top of the forum I guess.

joshaven · Fri May 03, 2013 2:43 pm

That sure is an odd issue and I'm glad you got it working. I haven't ever had to reset and reapply so that's a good trick to know.

strange problem - packets going out to WAN2 with src of WAN1

strange problem - packets going out to WAN2 with src of WAN1

Re: strange problem - packets going out to WAN2 with src of

Re: strange problem - packets going out to WAN2 with src of

Re: strange problem - packets going out to WAN2 with src of

Re: strange problem - packets going out to WAN2 with src of