Same story, I disabled OSPF on both devices (but both are still on the 10.0.4.0
network) put this route in the riverstone:
ip add route yyy.yyy.yyyy.0/24 gateway 10.0.4.3
and this in the mikrotik:
ip route add dst-address=0.0.0.0/0 gateway=10.0.4.1 (pretty sure, I
did it from WinBox)
Again, I can ping out to all local resources off the riverstone, but I time out
when trying to get outside, but I can ping into those publics from an external
network.
MacBook-Pro:~ pgerst$ traceroute 4.2.2.1
traceroute to 4.2.2.1 (4.2.2.1), 64 hops max, 52 byte packets
1 yyy.yyy.yyy.1 (yyy.yyy.yyy.1) 0.673 ms 0.132 ms 0.165 ms
2 10.0.4.1 (10.0.4.1) 0.406 ms 0.365 ms 0.358 ms
3 * * *
-Paul
On Feb 11, 2010, at 3:57 AM, Bret Clark wrote:
> Paul Gerstenberger wrote:
>> There are a number of blackhole routes and ACL lines for unallocated IPs,
>> that's why it's so long. Probably overkill.
>>
>> I'm not running NAT on the mikrotik, but I'm planning doing so with some of
>> these IPs.
>>
>> [ad...@mikrotik] > /routing ospf export
>> # feb/11/2010 05:34:32 by RouterOS 4.5
>> # software id = QQQQ-QQQQ
>> #
>> /routing ospf instance
>> set default comment="" disabled=no distribute-default=never
>> in-filter=ospf-in metric-bgp=20 \
>> metric-connected=20 metric-default=1 metric-other-ospf=auto metric-rip=20
>> metric-static=20 \
>> name=default out-filter=ospf-out redistribute-bgp=no
>> redistribute-connected=as-type-1 \
>> redistribute-other-ospf=no redistribute-rip=no redistribute-static=no
>> router-id=10.0.4.3
>> /routing ospf area
>> set backbone area-id=0.0.0.0 comment="" disabled=no instance=default
>> name=backbone type=default
>> /routing ospf interface
>> add authentication=none authentication-key="" authentication-key-id=1
>> comment="" cost=10 \
>> dead-interval=40s disabled=no hello-interval=10s instance-id=0
>> interface=ether1-gateway \
>> network-type=broadcast passive=no priority=1 retransmit-interval=5s
>> transmit-delay=1s \
>> use-bfd=no
>> /routing ospf network
>> add area=backbone comment="" disabled=no network=10.0.4.0/27
>>
>>
>>
>> Here are the relevant routes:
>>
>> RS-1# ip show routes
>>
>> Destination Gateway Owner Netif
>> ----------- ------- ----- -----
>> default ZZZ.ZZZ.ZZZ.25 Static HREC-EIA
>> 10.0.4.0/27 directly connected - WISP-201
>> YYY.YYY.YYY.0/24 10.0.4.3 OSPF_ASE WISP-201
>> XXX.XXX.XXX.24/30 directly connected - HREC-EIA
>>
>> [ad...@mikrotik] > ip route print
>>
>> Flags: X - disabled, A - active, D - dynamic,
>> C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
>> B - blackhole, U - unreachable, P - prohibit
>>
>> # DST-ADDRESS PREF-SRC GATEWAY DISTANCE
>> 0 ADo 0.0.0.0/0 - 10.0.4.1 110
>> 2 ADC 10.0.4.0/27 10.0.4.3 ether1-gateway 0
>> 30 ADC yyy.yyy.yyy.0/24 zzz.zzz.zzz.1 ether2-local 0
>> 44 ADo xxx.xxx.xxx.24/30 - 10.0.4.1 110
>>
>> -Paul
>>
> Strange...everything looks right to me. Routing tables are as I would
> expect. You don't happen to have any ACL's being applied to the
> interface that the Mikrotik is attached too? What happen if you
> eliminate using OSPF for now and just setup the configuration using
> static routes? Does it work then?
>
>
> --------------------------------------------------------------------------------
> WISPA Wants You! Join today!
> http://signup.wispa.org/
> --------------------------------------------------------------------------------
>
> WISPA Wireless List: [email protected]
>
> Subscribe/Unsubscribe:
> http://lists.wispa.org/mailman/listinfo/wireless
>
> Archives: http://lists.wispa.org/pipermail/wireless/
--------------------------------------------------------------------------------
WISPA Wants You! Join today!
http://signup.wispa.org/
--------------------------------------------------------------------------------
WISPA Wireless List: [email protected]
Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless
Archives: http://lists.wispa.org/pipermail/wireless/
