Page 1 of 1
Mikrotik Router and deleting Connections automatically
Posted: Mon Nov 17, 2008 4:36 pm
by shaunw
It has under IP|Firewall a CONNECTIONS list, showing source destination and ports. Sometimes my SIP/IAX device's don't register untill I delete the connection. The connection to delete is TCP 5060 or IAX UDP 4569 . I'm using ADSL with pppoe dial out through the ADSL modem.
Is there are any timer I can change to prevent this happening or other way? Is there a script I can run? How?
I have changed the following: Firewall|Connections|Tracking:TCP Established Timeout:1d 00:00:00 to 06:00:00 . Will this solve the problem?
Re: Mikrotik Router and deleting Connections automatically
Posted: Mon Nov 17, 2008 11:41 pm
by dsdee
You don't state what version of ROS you are using.
I have this same problem with my SIP connections when one of my gateways fails and I need to move the connected SIP connections over to the other interface.
You can use the
/ip firewall connection remove ...
command to remove an existing connection.
However, this command is broken in v 3.15 and 3.16. Already documented in the forum:
http://forum.mikrotik.com/viewtopic.php?f=2&t=27781
Mikrotik acknowledged the problem in a support ticket that I filed, so, hopefully it will be fixed in the next release.
Re: Mikrotik Router and deleting Connections automatically
Posted: Wed Nov 19, 2008 6:15 pm
by brainy
Hi,
we have exactly the same problem on several ROS boxes (2.9.51 and 3.14/3.16) ... i temporarly solved it with setting "UDP Timeout" to 3 seconds so it does delete it really fast.
But i would see that only as a dirty workaround and Mikrotik has to fix this issue.
Best regards,
Joerg
Re: Mikrotik Router and deleting Connections automatically
Posted: Wed Nov 19, 2008 7:36 pm
by changeip
yeah something is wrong with enumerating connections, probably because they are moving so fast.
/ip firewall connection> print count-only
2049
whereas winbox will show you about 5x as many. It's also interesting that on 4 different routers the answer is 2049.
:put [:len [/ip firewall conn find ] ]
This gives a ranging value around the above number, but still totally inaccurate. This is my guess as to why you can't remove connections reliably because they are moving targets.
Sam
Re: Mikrotik Router and deleting Connections automatically
Posted: Wed Nov 19, 2008 7:45 pm
by dsdee
on v3.16 on a RB493 here.
Those two counting methods are both working for me, and consistent with what i see in Winbox, too. So, I'm not sure that's it
(heck, i'm not sure the /ip firewall connection remove --> 'action failed 6' problem is true across the board for v3.16 on all platforms, or not).