Community discussions

MikroTik App
 
connectlife
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 76
Joined: Tue Sep 01, 2020 10:20 pm

Forward not working if the source IP is not in the table (BGP)

Fri Nov 11, 2022 5:31 pm

Hello, I have a strange situation in RouterOS 7 (but also in 6 it happens)

I have 2 Routers:

Router 1 peers with a transit provider, COGENT
Router 2 peers with an IXP

both routers do iBGP with a Reflector sending all learned routes to it. However, the reflector does not send back the R1 / R2 routes ...

This Reflector then does IBGP passing all learned routes from R1 and R2 to another Router (R3, which is the GW of the network)

It happens that if for example I PING from a client towards 1.1.1.1 R3 exits from R1 (Cogent). 1.1.1.1, however, wants to come back to me through the IXP therefore R2. R2 does not know how to reach 1.1.1.1 so the packet does not reach the client .. if in R2 I statically set the 1.1.1.1 route with a GW that manages to reach, the forward also works ..

The problem is only if my package starts from COGENT and wants to return from IXP. If the package from me starts from the IXP and returns from the IXP, no problem ..

All routers are meshed in OSPF and learn the Loopback IP and the IPs of the transit Providers (which I set as Next Hop).

So the question is:

Why doesn't routerOS (R2) let the packet pass through from a source IP that he can't reach? I don't think it's normal behavior ..
 
mlacomb
just joined
Posts: 14
Joined: Wed Aug 17, 2022 10:01 pm

Re: Forward not working if the source IP is not in the table (BGP)

Fri Nov 11, 2022 11:18 pm

This sounds like a next-hop-self issue, to where you're getting a route in the table for a destination you don't know about. Do you have next-hop-self configured amongst the ibgp peers in the R1/R2/R3 AS?
 
connectlife
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 76
Joined: Tue Sep 01, 2020 10:20 pm

Re: Forward not working if the source IP is not in the table (BGP)

Sat Nov 12, 2022 12:54 pm

Hi, it's not a NextHop problem. all routers know about nexthops thanks to OSPF
 
Archous
just joined
Posts: 4
Joined: Thu May 12, 2022 7:13 am

Re: Forward not working if the source IP is not in the table (BGP)

Thu Nov 17, 2022 7:41 am

Are you sure the IX is routing transit packets? Do you actually see the packets ingress to the router via the IX when you ping to Google over Cogent?

Any firewalls enabled that wouldn’t allow asymmetric traffic?

Who is online

Users browsing this forum: No registered users and 2 guests