Resolución de problemas

De Guifi.net - Wiki Hispano

Revisión del 6 ago 2013 a las 15:46.
Esta es la revisión inicial del hilo.

Sebastian Galeano:

Si te fijas con el torch, mira si en la rb salen los OSPF-hellos cada 10segundos hacia broadcast, después mira en el otro a ver si llegan, hay cierto problema con versiones del AirOS V y dependiendo del modo de funcionamiento se filtra el broadcast/multicast.

Torch en la RB 750G 10.36.523.11 (Nodo Institut de l'Ebre)

OSPFDebug.png

Torch en la RB 750G 10.36.523.70 (Nodo Alcanyiz26)

OSPFDebug1.png
OSPFDebug01.png

Más aportaciones de la gente:

  • Probar con el enlace WDS en ap-wds<->ap-wds. También se puede probar a poner en auto los wdspeers.
  • Probar a que el OSPF se comunique via unicast (nbma) en lugar de brodadcast .

Xavi Caballé: No soy un experto en OSPF, ni mucho menos, pero según tengo entendido, los routers de una misma área intercambian los LSA's. Cuando todos los routers de una misma área tienen las mismas LSA's se crean las rutas dinámicas. Si dos routers no forman parte de la misma área o las LSA's no son las mismas en ambos, puede que las vean pero no pasen a ser rutas activas

Por tanto creo que la clave podría estar en el tema de las áreas, comprobar que todas estén bien definidas como backbone en todas las interficies y redes. También comprobar que ambos routers tengan las mismas LSA's en las tablas; es posible que reciban las LSA's y que por ello aparezcan las rutas, pero si no coinciden las LSA's en los dos routers, las rutas no se activan.

Aportación de Pablo Boronat:

Nosotros tenemos varios nodos funcionando así. Alguno nos está dando problemas con el OSPF. No sabemos por qué ya que hay momentos en los que funciona. Pensamos que es porque hay diferentes versiones en routeros, openwrt y airos, pero no estamos seguros. La mayoría funcionan perfectamente.

En las antenas ubiquiti tienes modo bridge y una 172. Nosotros ponemos una pública 10.  para poder entrar a configurarla por web sin hacer nada más. La 172 la tiene el mikrotik.
En el enrutamiento tienes redes broadcast. Nosotros no ponemos que sean de difusión y nombramos los vecinos NBMA. Eso recomendaban en los  manuales de routeros.
De todas formas, revisa el unsoloclic. La configuración que ofrece intercambia las 172 pero no las pone activas. Parece que estés haciendo lo mismo.

La configuración en este momento (--acacha 05:45, 23 nov 2010 (UTC)) es:

# jan/09/1970 16:52:28 by RouterOS 4.10
# software id = PBAS-D69F
# 
/interface ethernet
set 0 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
    "" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:5F:B7:0A \
    master-port=none mtu=1500 name=ether1 speed=100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
    "" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:5F:B7:0B \
    master-port=ether1 mtu=1500 name=ether2 speed=100Mbps
set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
    "" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:5F:B7:0C \
    master-port=ether1 mtu=1500 name=ether3 speed=100Mbps
set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
    "" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:5F:B7:0D \
    master-port=ether1 mtu=1500 name=ether4 speed=100Mbps
set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
    "" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:5F:B7:0E \
    master-port=none mtu=1500 name=ether5 speed=100Mbps
/interface ethernet switch
set switch1 mirror-source=none mirror-target=none name=switch1
/ip hotspot profile
set default dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot \
    http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap \
    name=default rate-limit="" smtp-server=0.0.0.0 split-user-domain=no \
    use-radius=no
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=\
    1 status-autorefresh=1m transparent-proxy=no
/ip ipsec proposal
set default auth-algorithms=sha1 comment="" disabled=no enc-algorithms=3des \
    lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ppp profile
set default change-tcp-mss=yes comment="" name=default only-one=default \
    use-compression=default use-encryption=default use-vj-compression=default
set default-encryption change-tcp-mss=yes comment="" name=default-encryption \
    only-one=default use-compression=default use-encryption=yes \
    use-vj-compression=default
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \
    sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \
    red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\
    5
set default-small kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes comment="" disabled=no \
    ignore-as-path-len=no name=default out-filter=ospf-out \
    redistribute-connected=yes redistribute-ospf=yes redistribute-other-bgp=\
    yes redistribute-rip=yes redistribute-static=yes router-id=10.36.253.170 \
    routing-table=""
/routing ospf instance
set default comment="" disabled=no distribute-default=never in-filter=ospf-in \
    metric-bgp=auto metric-connected=20 metric-default=1 metric-other-ospf=\
    auto metric-rip=20 metric-static=20 name=default out-filter=ospf-out \
    redistribute-bgp=as-type-1 redistribute-connected=no \
    redistribute-other-ospf=no redistribute-rip=no redistribute-static=no \
    router-id=10.36.253.170
/routing ospf area
set backbone area-id=0.0.0.0 comment="" disabled=no instance=default name=\
    backbone type=default
/snmp
set contact=guifi@guifi.net enabled=yes engine-boots=0 engine-id="" location=\
    TortosaAlcanyiz26_T2 time-window=15 trap-sink=0.0.0.0 trap-version=1
/snmp community
set public address=0.0.0.0/0 authentication-password="" \
    authentication-protocol=MD5 encryption-password="" encryption-protocol=\
    DES name=public read-access=yes security=none write-access=no
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk disk-file-count=2 disk-file-name=log disk-lines-per-file=100 \
    disk-stop-on-full=no name=disk target=disk
set echo name=echo remember=yes target=echo
set remote bsd-syslog=no name=remote remote=0.0.0.0:514 src-address=0.0.0.0 \
    syslog-facility=daemon syslog-severity=auto target=remote
/system routerboard settings
set boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=\
    680MHz force-backup-booter=no silent-boot=no
set boot-device=nand-if-fail-then-ethernet boot-protocol=bootp cpu-frequency=\
    680MHz force-backup-booter=no silent-boot=no
/user group
add comment="" name=read policy="local,telnet,ssh,reboot,read,test,winbox,pass\
    word,web,sniff,sensitive,!ftp,!write,!policy"
add comment="" name=write policy="local,telnet,ssh,reboot,read,write,test,winb\
    ox,password,web,sniff,sensitive,!ftp,!policy"
add comment="" name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy\
    ,test,winbox,password,web,sniff,sensitive"
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
    no
/interface ethernet switch port
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
    default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
    default enabled=no keepalive-timeout=60 mac-address=FE:6D:33:72:19:75 \
    max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
    enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.168.88.1/24 broadcast=192.168.88.255 comment=\
    "default configuration" disabled=no interface=ether1 network=192.168.88.0
add address=10.36.253.170/29 broadcast=10.36.253.175 comment="" disabled=no \
    interface=ether1 network=10.36.253.168
add address=172.16.135.20/29 broadcast=172.16.135.23 comment="" disabled=no \
    interface=ether3 network=172.16.135.16
/ip dhcp-server config
set store-leases-disk=5m
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
    max-udp-packet-size=512 servers=192.168.111.1
 /ip dns static
add address=192.168.88.1 comment="" disabled=no name=router ttl=1d
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
    tcp-close-wait-timeout=10s tcp-established-timeout=1d \
    tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
    tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
    tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=accept chain=input comment="default configuration" disabled=no \
    protocol=icmp
add action=accept chain=input comment="default configuration" disabled=no \
    in-interface=ether1
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip neighbor discovery
set ether1 discover=no
set ether2 discover=yes
set ether3 discover=yes
set ether4 discover=yes 
set ether5 discover=yes
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
    cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\
    600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \
    parent-proxy-port=0 port=8080 serialize-connections=no src-address=\
    0.0.0.0
/ip route
add comment="" disabled=no distance=110 dst-address=10.36.253.0/27 gateway=\
    172.16.135.17 scope=20 target-scope=10
add comment="" disabled=yes distance=1 dst-address=10.36.253.0/27 gateway=\
    172.16.135.17 scope=30 target-scope=10
/ip service
set telnet address=0.0.0.0/0 disabled=no port=23
set ftp address=0.0.0.0/0 disabled=no port=21
set www address=0.0.0.0/0 disabled=no port=80
set ssh address=0.0.0.0/0 disabled=no port=22
set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
set api address=0.0.0.0/0 disabled=yes port=8728
set winbox address=0.0.0.0/0 disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no \
    inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/mpls
set dynamic-label-range=16-1048575 propagate-ttl=yes
/mpls interface
add comment="" disabled=no interface=all mpls-mtu=1508
/mpls ldp
set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no \
    lsr-id=0.0.0.0 path-vector-limit=255 transport-address=0.0.0.0 \
    use-explicit-null=no
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/queue interface
set ether1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
set ether4 queue=ethernet-default
set ether5 queue=ethernet-default
/radius incoming
set accept=no port=3799
/routing bfd interface
set all comment="" disabled=no interface=all interval=0.2sec min-rx=0.2sec \
    multiplier=5
/routing bgp network
add comment="" disabled=yes network=10.36.253.168/29 synchronize=yes
add comment="" disabled=yes network=172.16.135.16/29 synchronize=yes
/routing bgp peer
add address-families=ip as-override=no comment="" default-originate=never \
    disabled=yes hold-time=3m in-filter=ospf-in instance=default multihop=no \
    name=TortosaINSEbreRd2 nexthop-choice=default out-filter=ospf-out \
    passive=no remote-address=172.16.135.17 remote-as=65531 \
    remove-private-as=no route-reflect=no tcp-md5-key="" ttl=1 use-bfd=no
/routing filter
add action=accept chain=ospf-out comment="" disabled=no invert-match=no \
    prefix=10.0.0.0/8 prefix-length=8-32
add action=discard chain=ospf-out comment="" disabled=no invert-match=no
add action=accept chain=ospf-in comment="" disabled=no invert-match=no \
    prefix=10.0.0.0/8 prefix-length=8-32
add action=reject chain=ospf-in comment="" disabled=no invert-match=no
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \
    gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
    0.0.0.0 timeout=1m ttl=50
/routing ospf interface
add authentication=none authentication-key="" authentication-key-id=1 \
    comment="" cost=10 dead-interval=40s disabled=no hello-interval=10s \
    instance-id=0 interface=ether1 network-type=broadcast passive=no \
    priority=1 retransmit-interval=5s transmit-delay=1s use-bfd=no
add authentication=none authentication-key="" authentication-key-id=1 \
    comment="" cost=10 dead-interval=40s disabled=no hello-interval=10s \
    instance-id=0 interface=ether2 network-type=broadcast passive=no \
    priority=1 retransmit-interval=5s transmit-delay=1s use-bfd=no
add authentication=none authentication-key="" authentication-key-id=1 \
    comment="" cost=10 dead-interval=40s disabled=no hello-interval=10s \
    instance-id=0 interface=ether3 network-type=broadcast passive=no \
    priority=1 retransmit-interval=5s transmit-delay=1s use-bfd=no
add authentication=none authentication-key="" authentication-key-id=1 \
    comment="" cost=10 dead-interval=40s disabled=no hello-interval=10s \
    instance-id=0 interface=ether4 network-type=broadcast passive=no \
    priority=1 retransmit-interval=5s transmit-delay=1s use-bfd=no
/routing ospf network
add area=backbone comment="" disabled=no network=10.36.253.168/29
add area=backbone comment="" disabled=no network=172.16.135.16/29
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
    metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
    redistribute-connected=no redistribute-ospf=no redistribute-static=no \
    routing-table=main timeout-timer=3m update-timer=30s
/store
add comment="" disabled=no disk=system name=web-proxy1 type=web-proxy
/system clock
set time-zone-name=manual
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\
    "jan/01/1970 00:00:00" time-zone=+00:00
/system console
add disabled=no term=vt102
/system health
set
/system identity
set name=TortosaAlcanyiz26_T2
/system logging
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=no mode=broadcast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\
    0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\
    none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=no enabled=yes max-sessions=100
/tool e-mail
set from=<> password="" server=0.0.0.0:25 username=""
/tool graphing
set page-refresh=300 store-every=5min
/tool mac-server
add disabled=no interface=ether2
add disabled=no interface=ether3
add disabled=no interface=ether4
add disabled=no interface=ether5
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret=""
/tool sniffer
set file-limit=10 file-name="" filter-address1=0.0.0.0/0:0-65535 \
     filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only filter-stream=\
    yes interface=all memory-limit=10 memory-scroll=no only-headers=no \
    streaming-enabled=no streaming-server=0.0.0.0
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no

    muevo comentarios a página de discusión16:46 6 ago 2013
    Herramientas personales