Timeout with Check-for-updates [SOLVED]
Posted: Thu May 02, 2024 11:00 pm
Hi all,
I have a network with a few mikrotik-routers, an get a funny but annoying result.
As I said:
But:
So DNS seems to work.
And:
Connection via ping seems to work.
Its a router which is giving Internet to some devices next to my desktop, and is giving ports for experimental and new devices (EinrichtA EinrichtB). The most happens on the VLAN101, but the network will be rebuild with VLAN1000. But that is far future. I have vLAN201 for devices with their own IP and DHCP-Server on startup like new mikrotik-devices, and on the MainRouter are routes for them. It should help to get them started without changing the IP of my PC.
So this router works mostly like a switch, the configuration is very simple, the VLAN is configurated in the switch-chip for hardware-offload to get the speed of the switch-chip:
So I think it is a very simple configuration of this router.
The router is beyond another router in this room, and that router, nearer to the uplink to internet, is able to do:
(It's a RB3011UiAS - with LCD, that was nice, I liked them very much. I have CRS226-24G-2s+ working just because of the LCD. They are stupid to configurate in the switch-chip, but they are nice to see because of the LCD) I updated my RB3011 a few minutes ago from 7.11.? to 7.12.1, so all is working for him.
My question is: I can ping the update-server, can get the IP for the Name, but can't update with this router. The next router does with same ROS (7.12.1)! What is wrong, is misconfigurated? I can't see it.
Thanks for any help, I'm happy to have any tips on how to solve this - or where shoud I search for a solution.
I have a network with a few mikrotik-routers, an get a funny but annoying result.
As I said:
Code: Select all
/system package update check-for-updates
channel: stable
installed-version: 7.12.1
status: ERROR: connection timed outCode: Select all
ip/dns/cache/print
Columns: NAME, TYPE, DATA, TTL
# NAME TYPE DATA TTL
0 mikrotik.com NS mimas.mt.lv. 1d17h57m22s
1 mikrotik.com NS moon.mt.lv. 1d17h57m22s
2 cloud2.mikrotik.com A 159.148.172.251 1m8s
3 cloud2.mikrotik.com A 159.148.147.201 1m8s
4 upgrade.mikrotik.com CNAME global-balancer-e.mikrotik.com. 46m25s
5 global-balancer-e.mikrotik.com A 159.148.147.251 46m25s
6 moon.mt.lv A 159.148.147.194 16m24s And:
Code: Select all
ping upgrade.mikrotik.com
SEQ HOST SIZE TTL TIME STATUS
0 159.148.147.251 56 47 47ms694us
1 159.148.147.251 56 48 43ms393us
2 159.148.147.251 56 48 40ms829us
3 159.148.147.251 56 48 45ms389us
4 159.148.147.251 56 48 54ms838us
5 159.148.147.251 56 48 45ms269us
6 159.148.147.251 56 48 41ms532us
7 159.148.147.251 56 48 41ms633us
sent=8 received=8 packet-loss=0% min-rtt=40ms829us avg-rtt=45ms72us max-rtt=54ms838us Its a router which is giving Internet to some devices next to my desktop, and is giving ports for experimental and new devices (EinrichtA EinrichtB). The most happens on the VLAN101, but the network will be rebuild with VLAN1000. But that is far future. I have vLAN201 for devices with their own IP and DHCP-Server on startup like new mikrotik-devices, and on the MainRouter are routes for them. It should help to get them started without changing the IP of my PC.
So this router works mostly like a switch, the configuration is very simple, the VLAN is configurated in the switch-chip for hardware-offload to get the speed of the switch-chip:
Code: Select all
# 2024-05-02 20:55:50 by RouterOS 7.12.1
# software id = 8R00-K414
#
# model = CRS112-8P-4S
# serial number =
/interface bridge
add admin-mac=48:A9:8A:??:??:?? auto-mac=no comment=\
"VLAN-Tagging in SwitchChip" name=bridgeLocal protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] name=E1_EinrichtA_VLAN201
set [ find default-name=ether2 ] name=E2_EinrichtB_VLAN101 tx-flow-control=\
auto
set [ find default-name=ether3 ] name=E3_EinrichtA_VLAN101 poe-voltage=low
set [ find default-name=ether4 ] name=E4_EinrichtB_VLAN101
set [ find default-name=ether5 ] name=E5_EinrichtA_Trunk
set [ find default-name=ether6 ] name=E6_EinrichtB_Trunk
set [ find default-name=ether7 ] name=E7_EinrichtA_TrunkBond
set [ find default-name=ether8 ] name=E8_EinrichtB_TrunkBond
set [ find default-name=sfp9 ] name=sfp9_DockLaptop_VL101
set [ find default-name=sfp10 ] name=sfp10_Telefon_VL101
set [ find default-name=sfp11 ] auto-negotiation=no name=sfp11_Uplink
set [ find default-name=sfp12 ] auto-negotiation=no name=\
sfp12_Spielrouter_VL101
/interface vlan
add interface=bridgeLocal name=vlan101 vlan-id=101
add interface=bridgeLocal name=vlan1000 vlan-id=1000
/interface bonding
add mode=802.3ad name=Bond_E7-E8 slaves=\
E7_EinrichtA_TrunkBond,E8_EinrichtB_TrunkBond
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/port
set 0 name=serial0
/interface bridge port
add bridge=bridgeLocal ingress-filtering=no interface=E1_EinrichtA_VLAN201
add bridge=bridgeLocal ingress-filtering=no interface=E2_EinrichtB_VLAN101
add bridge=bridgeLocal ingress-filtering=no interface=E3_EinrichtA_VLAN101
add bridge=bridgeLocal ingress-filtering=no interface=E4_EinrichtB_VLAN101
add bridge=bridgeLocal ingress-filtering=no interface=E5_EinrichtA_Trunk
add bridge=bridgeLocal ingress-filtering=no interface=E6_EinrichtB_Trunk
add bridge=bridgeLocal ingress-filtering=no interface=sfp9_DockLaptop_VL101
add bridge=bridgeLocal ingress-filtering=no interface=sfp10_Telefon_VL101
add bridge=bridgeLocal ingress-filtering=no interface=sfp12_Spielrouter_VL101
add bridge=bridgeLocal ingress-filtering=no interface=sfp11_Uplink
add bridge=bridgeLocal ingress-filtering=no interface=Bond_E7-E8
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface ethernet switch
set drop-if-invalid-or-src-port-not-member-of-vlan-on-ports="E5_EinrichtA_Trunk,E6_EinrichtB_Trunk,E7_EinrichtA_TrunkBond,E8_EinrichtB_TrunkBond,sfp11_Uplink,switch1-cpu" drop-if-no-vlan-assignment-on-ports="E1_EinrichtA_VLAN201,E2_EinrichtB_VLAN101,E3_EinrichtA_VLAN101,E4_EinrichtB_VLAN101,sfp9_DockLaptop_VL101,sfp10_Telefon_VL101,sfp12_Spielrouter_VL101" forward-unknown-vlan=no
/interface ethernet switch acl
add action=drop comment="DHCP-Server auf Port B_1 verhindern" dst-ports=E2_EinrichtB_VLAN101 ip-protocol=udp mac-protocol=ip src-l3-port=68 table=egress
add action=drop dst-l3-port=67 ip-protocol=udp mac-protocol=ip src-ports=\
E2_EinrichtB_VLAN101 table=egress
/interface ethernet switch egress-vlan-tag
add tagged-ports="switch1-cpu,E5_EinrichtA_Trunk,E6_EinrichtB_Trunk,E7_EinrichtA_TrunkBond,E8_EinrichtB_TrunkBond,sfp11_Uplink" vlan-id=101
add tagged-ports="switch1-cpu,E5_EinrichtA_Trunk,E6_EinrichtB_Trunk,E7_EinrichtA_TrunkBond,E8_EinrichtB_TrunkBond,sfp11_Uplink" vlan-id=201
add tagged-ports="switch1-cpu,E5_EinrichtA_Trunk,E6_EinrichtB_Trunk,E7_EinrichtA_TrunkBond,E8_EinrichtB_TrunkBond,sfp11_Uplink" vlan-id=1000
/interface ethernet switch ingress-vlan-translation
add new-customer-vid=101 ports="E2_EinrichtB_VLAN101,E3_EinrichtA_VLAN101,E4_EinrichtB_VLAN101,sfp9_DockLaptop_VL101,sfp10_Telefon_VL101,sfp12_Spielrouter_VL101"
add new-customer-vid=201 ports=E1_EinrichtA_VLAN201
add customer-vid=0 customer-vlan-format=untagged-or-tagged disabled=yes new-customer-vid=101 ports=switch1-cpu
/interface ethernet switch vlan
add ports="switch1-cpu,E2_EinrichtB_VLAN101,E3_EinrichtA_VLAN101,E4_EinrichtB_VLAN101,E5_EinrichtA_Trunk,E6_EinrichtB_Trunk,E7_EinrichtA_TrunkBond,E8_EinrichtB_TrunkBond,sfp10_Telefon_VL101,sfp9_DockLaptop_VL101,sfp12_Spielrouter_VL101,sfp11_Uplink" vlan-id=101
add ports="switch1-cpu,E1_EinrichtA_VLAN201,E5_EinrichtA_Trunk,E6_EinrichtB_Trunk,E7_EinrichtA_TrunkBond,E8_EinrichtB_TrunkBond,sfp11_Uplink" vlan-id=201
add ports="switch1-cpu,E5_EinrichtA_Trunk,E6_EinrichtB_Trunk,E7_EinrichtA_TrunkBond,E8_EinrichtB_TrunkBond,sfp11_Uplink" vlan-id=1000
/interface ovpn-server server
set auth=sha1,md5
/ip address
add address=192.168.8.78/22 interface=vlan101 network=192.168.8.0
/ip dhcp-client
add interface=vlan1000
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=192.168.10.16 routing-table=main suppress-hw-offload=no
/routing bfd configuration
add disabled=no interfaces=all min-rx=200ms min-tx=200ms multiplier=5
/system clock
set time-zone-name=Europe/Berlin
/system identity
set name=SwitchTestplatz
/system note
set show-at-login=no
The router is beyond another router in this room, and that router, nearer to the uplink to internet, is able to do:
Code: Select all
/system package update check-for-updates
channel: stable
installed-version: 7.12.1
latest-version: 7.14.3
status: New version is available
My question is: I can ping the update-server, can get the IP for the Name, but can't update with this router. The next router does with same ROS (7.12.1)! What is wrong, is misconfigurated? I can't see it.
Thanks for any help, I'm happy to have any tips on how to solve this - or where shoud I search for a solution.