Добрый день.
Имеется EdgeRouter 6p, прошивка 1.10.11.
Подключение к провайдеру (Ростелеком) через PPPoE.
PPPoE успешно соединяется, на дашборде все ok, интерфейс "connected", но трафик через интерфейс не проходит. Нет пинга никуда ни с самого роутера ни из сети.
Маршруты получает динамически, NAT настроен.
Настраивал и при помощи визарда и "руками", результат одинаковый.
Пробовал установить прошивки версии 2.х.х, но с ними PPPoE вообще не заводится.
Может где-то есть волшебная галочка?
Логи и конфиг прилагаются.
Заранее спасибо.
Имеется EdgeRouter 6p, прошивка 1.10.11.
Подключение к провайдеру (Ростелеком) через PPPoE.
PPPoE успешно соединяется, на дашборде все ok, интерфейс "connected", но трафик через интерфейс не проходит. Нет пинга никуда ни с самого роутера ни из сети.
Маршруты получает динамически, NAT настроен.
Настраивал и при помощи визарда и "руками", результат одинаковый.
Пробовал установить прошивки версии 2.х.х, но с ними PPPoE вообще не заводится.
Может где-то есть волшебная галочка?
Логи и конфиг прилагаются.
Заранее спасибо.
Connected to bc:62:0e:4d:e8:d0 via interface eth0
using channel 2
Using interface ppp0
Connect: ppp0 <--> eth0
sent [LCP ConfReq id=0x1 <mru 1492> <magic 0x6629918f>]
rcvd [LCP ConfReq id=0x2 <mru 1492> <auth chap MD5> <magic 0x5c8d10e>]
lcp_reqci: returning CONFACK.
sent [LCP ConfAck id=0x2 <mru 1492> <auth chap MD5> <magic 0x5c8d10e>]
rcvd [LCP ConfAck id=0x1 <mru 1492> <magic 0x6629918f>]
sent [LCP EchoReq id=0x0 magic=0x6629918f]
rcvd [CHAP Challenge id=0x1 <676abeb9013f944ab5ef6b75578b6c63>, name = "Huawei"]
sent [CHAP Response id=0x1 <a080e56d4b169a9e7370f41d4043d82>, name = "pppoe-login"]
rcvd [LCP EchoRep id=0x0 magic=0x5c8d10e]
rcvd [CHAP Success id=0x1 "Authentication success,Welcome!"]
CHAP authentication succeeded: Authentication success,Welcome!
CHAP authentication succeeded
peer from calling number bc:62:0e:4d:e8:d0 authorized
sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
rcvd [IPCP ConfReq id=0x1 <addr 10.35.128.1>]
ipcp: returning Configure-ACK
sent [IPCP ConfAck id=0x1 <addr 10.35.128.1>]
rcvd [IPCP ConfNak id=0x1 <addr 29.38.47.56> <ms-dns1 212.14.192.131> <ms-dns3 212.122.1.2>]
sent [IPCP ConfReq id=0x2 <addr 29.38.47.56> <ms-dns1 212.14.192.131> <ms-dns3 212.122.1.2>]
rcvd [IPCP ConfAck id=0x2 <addr 29.38.47.56> <ms-dns1 212.14.192.131> <ms-dns3 212.122.1.2>]
ipcp: up
Script /etc/ppp/ip-pre-up started (pid 4008)
Script /etc/ppp/ip-pre-up finished (pid 4008), status = 0x0
local IP address 29.38.47.56
remote IP address 10.35.128.1
primary DNS address 212.14.192.131
secondary DNS address 212.122.1.2
Script /etc/ppp/ip-up started (pid 4066)
Script /etc/ppp/ip-up finished (pid 4066), status = 0x0
using channel 2
Using interface ppp0
Connect: ppp0 <--> eth0
sent [LCP ConfReq id=0x1 <mru 1492> <magic 0x6629918f>]
rcvd [LCP ConfReq id=0x2 <mru 1492> <auth chap MD5> <magic 0x5c8d10e>]
lcp_reqci: returning CONFACK.
sent [LCP ConfAck id=0x2 <mru 1492> <auth chap MD5> <magic 0x5c8d10e>]
rcvd [LCP ConfAck id=0x1 <mru 1492> <magic 0x6629918f>]
sent [LCP EchoReq id=0x0 magic=0x6629918f]
rcvd [CHAP Challenge id=0x1 <676abeb9013f944ab5ef6b75578b6c63>, name = "Huawei"]
sent [CHAP Response id=0x1 <a080e56d4b169a9e7370f41d4043d82>, name = "pppoe-login"]
rcvd [LCP EchoRep id=0x0 magic=0x5c8d10e]
rcvd [CHAP Success id=0x1 "Authentication success,Welcome!"]
CHAP authentication succeeded: Authentication success,Welcome!
CHAP authentication succeeded
peer from calling number bc:62:0e:4d:e8:d0 authorized
sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
rcvd [IPCP ConfReq id=0x1 <addr 10.35.128.1>]
ipcp: returning Configure-ACK
sent [IPCP ConfAck id=0x1 <addr 10.35.128.1>]
rcvd [IPCP ConfNak id=0x1 <addr 29.38.47.56> <ms-dns1 212.14.192.131> <ms-dns3 212.122.1.2>]
sent [IPCP ConfReq id=0x2 <addr 29.38.47.56> <ms-dns1 212.14.192.131> <ms-dns3 212.122.1.2>]
rcvd [IPCP ConfAck id=0x2 <addr 29.38.47.56> <ms-dns1 212.14.192.131> <ms-dns3 212.122.1.2>]
ipcp: up
Script /etc/ppp/ip-pre-up started (pid 4008)
Script /etc/ppp/ip-pre-up finished (pid 4008), status = 0x0
local IP address 29.38.47.56
remote IP address 10.35.128.1
primary DNS address 212.14.192.131
secondary DNS address 212.122.1.2
Script /etc/ppp/ip-up started (pid 4066)
Script /etc/ppp/ip-up finished (pid 4066), status = 0x0
ubnt@ubnt:~$ show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
- selected route, * - FIB route, p - stale info
IP Route Table for VRF "default"
K *> 0.0.0.0/0 [0/0] via pppoe0
C *> 10.35.128.1/32 is directly connected, pppoe0
C *> 29.38.47.56/32 is directly connected, pppoe0
C *> 127.0.0.0/8 is directly connected, lo
C *> 192.168.1.0/24 is directly connected, eth1
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
- selected route, * - FIB route, p - stale info
IP Route Table for VRF "default"
K *> 0.0.0.0/0 [0/0] via pppoe0
C *> 10.35.128.1/32 is directly connected, pppoe0
C *> 29.38.47.56/32 is directly connected, pppoe0
C *> 127.0.0.0/8 is directly connected, lo
C *> 192.168.1.0/24 is directly connected, eth1
firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to internal"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
name WAN_LOCAL {
default-action drop
description "WAN to router"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
options {
mss-clamp {
mss 1412
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
description "Internet (PPPoE)"
duplex auto
pppoe 0 {
default-route auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
mtu 1492
name-server auto
password ****
user-id pppoe-login
}
speed auto
}
ethernet eth1 {
address 192.168.1.1/24
description Local
duplex auto
speed auto
}
ethernet eth2 {
address 192.168.2.1/24
description "Local 2"
duplex auto
speed auto
}
ethernet eth3 {
duplex auto
speed auto
}
ethernet eth4 {
duplex auto
speed auto
}
ethernet eth5 {
duplex auto
speed auto
}
loopback lo {
}
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name LAN1 {
authoritative enable
subnet 192.168.1.0/24 {
default-router 192.168.1.1
dns-server 192.168.1.1
lease 86400
start 192.168.1.38 {
stop 192.168.1.243
}
}
}
shared-network-name LAN2 {
authoritative enable
subnet 192.168.2.0/24 {
default-router 192.168.2.1
dns-server 192.168.2.1
lease 86400
start 192.168.2.38 {
stop 192.168.2.243
}
}
}
static-arp disable
use-dnsmasq disable
}
dns {
forwarding {
cache-size 150
listen-on eth1
listen-on eth2
}
}
gui {
http-port 80
https-port 443
older-ciphers enable
}
nat {
rule 5010 {
description "masquerade for WAN"
log disable
outbound-interface pppoe0
protocol all
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
}
system {
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password ****
}
level admin
}
}
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
offload {
hwnat disable
ipsec disable
ipv4 {
forwarding disable
gre disable
pppoe disable
vlan disable
}
ipv6 {
forwarding disable
pppoe disable
vlan disable
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to internal"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
name WAN_LOCAL {
default-action drop
description "WAN to router"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
options {
mss-clamp {
mss 1412
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
description "Internet (PPPoE)"
duplex auto
pppoe 0 {
default-route auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
mtu 1492
name-server auto
password ****
user-id pppoe-login
}
speed auto
}
ethernet eth1 {
address 192.168.1.1/24
description Local
duplex auto
speed auto
}
ethernet eth2 {
address 192.168.2.1/24
description "Local 2"
duplex auto
speed auto
}
ethernet eth3 {
duplex auto
speed auto
}
ethernet eth4 {
duplex auto
speed auto
}
ethernet eth5 {
duplex auto
speed auto
}
loopback lo {
}
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name LAN1 {
authoritative enable
subnet 192.168.1.0/24 {
default-router 192.168.1.1
dns-server 192.168.1.1
lease 86400
start 192.168.1.38 {
stop 192.168.1.243
}
}
}
shared-network-name LAN2 {
authoritative enable
subnet 192.168.2.0/24 {
default-router 192.168.2.1
dns-server 192.168.2.1
lease 86400
start 192.168.2.38 {
stop 192.168.2.243
}
}
}
static-arp disable
use-dnsmasq disable
}
dns {
forwarding {
cache-size 150
listen-on eth1
listen-on eth2
}
}
gui {
http-port 80
https-port 443
older-ciphers enable
}
nat {
rule 5010 {
description "masquerade for WAN"
log disable
outbound-interface pppoe0
protocol all
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
}
system {
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password ****
}
level admin
}
}
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
offload {
hwnat disable
ipsec disable
ipv4 {
forwarding disable
gre disable
pppoe disable
vlan disable
}
ipv6 {
forwarding disable
pppoe disable
vlan disable
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
ubnt@ubnt:~$ ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
^C
--- 1.1.1.1 ping statistics ---
59 packets transmitted, 0 received, 100% packet loss, time 58004ms
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
^C
--- 1.1.1.1 ping statistics ---
59 packets transmitted, 0 received, 100% packet loss, time 58004ms