That's been driving me nuts too... I just started pointing SNMP to an IP on a specific interface instead of the loopback IP (like the IP address on ether1 in George's example), and that's mostly worked, but it's not ideal.
On Thu, Oct 19, 2017 at 4:08 PM, Nate Burke <[email protected]> wrote: > I haven't tried this method yet, I'll have to test it out. What I do is > just set a Static 0.0.0.0/0 route with the gateway on each Backhaul with > a different routing mark. > > firewall/mangle > mark Connection, chain Input, UDP port 161, set In Interface of Backhaul > Mark Routing, Chain Output, Check Connection mark from above. > > 2 rules for Each backhaul link Since it's only looking at Input 161, no > extra CPU overhead. > > > > On 10/19/2017 3:13 PM, Mike Hammett wrote: > > SRC NAT the SNMP port to the loopback IP. > > > > ----- > Mike Hammett > Intelligent Computing Solutions <http://www.ics-il.com/> > <https://www.facebook.com/ICSIL> > <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> > <https://www.linkedin.com/company/intelligent-computing-solutions> > <https://twitter.com/ICSIL> > Midwest Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > ------------------------------ > *From: *"George Skorup" <[email protected]> > <[email protected]> > *To: *"Animal Farm" <[email protected]> <[email protected]> > *Sent: *Thursday, October 19, 2017 3:12:12 PM > *Subject: *[AFMUG] Stupid MikroTik SNMP > > I know Nate has mentioned this before. Wondering if there's a solution. > This has been driving me nuts for years. > > A large/complicated OSPF design may have some asymmetric paths between A > and Z. But the problem comes down to asymmetry at the router you're > trying to poll. > For example, SNMP polling a router to its loopback IP, requests come in > on say ether1, but the replies go out ether2 = SNMP timeout. In and out > same interface works fine. > Everything else to the router works fine, like WWW, telnet, winbox, etc. > but obviously those are TCP, so this has me wondering if it's a UDP > thing or just SNMP...? > > >
