MikroTik

I have reviewed several previous forum posts so as not to cover old ground.

((internet))
|
|
|
Cisco router 10.254.254.21 Loopback
|
|
|
|
Mikrotik Router 10.254.254.24 Loopback

Can ping any port on Mikrotik from Cisco Router.

Can ping cisco router from connected ethernet, but not from loopback

problem is no internet on other side of mikrotik router.

Both have area ID of 0

Mikrotik OSPF Print

name="default" router-id=10.254.254.24 distribute-default=never
redistribute-connected=as-type-2 redistribute-static=as-type-2
redistribute-rip=no redistribute-bgp=no redistribute-other-ospf=no
metric-default=20 metric-connected=20 metric-static=20 metric-rip=20
metric-bgp=auto metric-other-ospf=auto in-filter=ospf-in
out-filter=ospf-out

Cisco Router
router-id 10.254.254.21
redistribute bgp 65001 metric 100 subnets
network 10.16.10.0 0.0.1.255 area 0.0.0.0
network 10.18.10.0 0.0.1.255 area 0.0.0.0
network 10.20.10.0 0.0.1.255 area 0.0.0.0
network 10.20.30.0 0.0.1.255 area 0.0.0.0
network 10.22.10.0 0.0.1.255 area 0.0.0.0
network 10.254.10.0 0.0.0.3 area 0.0.0.0
network 10.254.254.21 0.0.0.0 area 0.0.0.0

what more info do you need?

At least you need som config to the Interface pointing to mikrotik.

how about Security? if you drop the Complete config, its more easy to say.

as a start, you need Your "link net" between the two routers, and the loopback configured in Networks. also you need to setup the Interface Connected to cisco.

also, read http://wiki.mikrotik.com/wiki/Manual:OS ... g_protocol

Issue a 'debug ip ospf adj' on the cisco router amd it should clue you in on what you're missing.

MTU mismatch is a commonly overlooked problem as well as instance mismatch (cisco is zero by default)

Thank you. Instance ID is set to 0 on both sides. Though now that I think about it MTU probably does not match. You probably just fixed my problem. Thank you.

I think I understand what is going on.

The Cisco Router is doing Vlan trunking through a switch and the Mtik router is on other side of the switch going to a port where the vlan is trunked.


That alters the MTU somewhat yes? I forgot I disconnected the Mtik at the office so I wasn't able to do the debug yet.

Vlan trunking does affect the L2 mtu in the mikrotik world (decrements by 4 bytes) but its the Layer 3 IP mtu that has to match for OSPF to form an adjacency. Typically 1500 is a safe bet for IP mtu on ethernet based networks

If you are having problems forming adjacency also check:

That OSPF traffic (protocol 89) is not blocked - should be able to see traffic from Cisco using Torch on RouterOS.

That netmasks match - mismatched netmasks sometimes allow pings to succeed but adjacency will fail.

That the Hello and Dead intervals have not been inadvertently changed - should default to 10s / 40s on Ethernet on both Cisco and RouterOS.

The RouterOS log often shows reasons for adjacency failures.

Okay, so I came back and did some more work on this and as it turns out...I don't have a problem.

Full Adjacency has been established between my field router and the core network cisco router.

I can access all company services from an inside port of my router HOWEVER still cannot get to the internet.

I emailed the contractor that deals with the core routers and he said that he is having difficulty getting ospf to redistribute properly into the bgp that AT&T requires for their MPLS circuits.


He said just to make a static route from my router into his....did that.......nothing changed.

Why would he think that would work?

If you have adjacency established then the answer to why there is no internet access is probably to be found in the routing table. Is OSPF inserting a default (internet) route? If not suspect the Cisco OSPF config. If you have a default (internet) route then check - does the outside world have a return path to you? Hard to be specific without the gory details.

Cisco is always in the wrong. I suspect them. Default route NOT being injected from Mikrotik.

The active dynamic OSPF entries appear in the RouterOS routing table with the ADo flag. You can see the LSAs behind those routes in the OSPF LSA tab.