Gateway connected but rto

1 
vyos@vyos# show
 interfaces {
     ethernet eth0 {
         address dhcp
         hw-id c8:1f:66:d0:35:39
     }
     ethernet eth1 {
         hw-id c8:1f:66:d0:35:3a
     }
     ethernet eth2 {
         hw-id c8:1f:66:d0:35:3b
     }
     ethernet eth3 {
         address 192.168.1.1/24
         hw-id c8:1f:66:d0:35:3c
     }
     ethernet eth4 {
         hw-id 14:02:ec:8a:41:3c
     }
     ethernet eth5 {
         disable-flow-control
         hw-id 14:02:ec:8a:41:3d
     }
     ethernet eth6 {
         hw-id e4:1d:2d:14:f6:20
     }
     ethernet eth7 {
         vif 55 {
             address 10.3.113.205/24
         }
         vif 538 {
             address 100.100.100.11/24
             address 103.163.36.19/31
         }
         vif 2201 {
             address 103.163.36.7/31
         }
     }
     loopback lo {
         address 103.163.36.201/29
     }
 }
 nat {
     source {
         rule 10 {
             outbound-interface {
                 name eth0
             }
             translation {
                 address masquerade
             }
         }
         rule 20 {
             outbound-interface {
                 name eth7.55
             }
             translation {
                 address masquerade
             }
         }
         rule 30 {
             outbound-interface {
                 name eth7.2201
             }
             translation {
                 address masquerade
             }
         }
         rule 40 {
             outbound-interface {
                 name eth7.538
             }
             translation {
                 address masquerade
             }
         }
     }
 }
 protocols {
     static {
         route 0.0.0.0/0 {
             next-hop 103.163.36.18 {
             }
         }
         route 10.1.55.1/32 {
             next-hop 10.3.113.254 {
             }
         }
         route 10.3.0.0/16 {
             next-hop 10.3.113.254 {
             }
         }
         route 10.13.137.106/32 {
             next-hop 10.3.113.1 {
             }
         }
         route 103.163.36.128/26 {
             next-hop 103.163.36.6 {
             }
         }
         route 103.163.36.216/29 {
             next-hop 103.163.36.6 {
             }
         }
     }
 }
 service {
     dns {
     }
     ntp {
         allow-client {
             address 0.0.0.0/0
             address ::/0
         }
         server time1.vyos.net {
         }
         server time2.vyos.net {
         }
         server time3.vyos.net {
         }
     }
     ssh {
         port 22
     }
 }
 system {
     config-management {
         commit-revisions 100
     }
     conntrack {
         modules {
             ftp
             h323
             nfs
             pptp
             sip
             sqlnet
             tftp
         }
     }
     console {
         device ttyS0 {
             speed 115200
         }
     }
     host-name vyos
     login {
         user vyos {
             authentication {
                 encrypted-password $6$QxPS.uk6mfo$9QBSo8u1FkH16gMyAVhus6fU3LOzvLR9Z9.82m3tiHFAxTtIkhaZSWssSgzt4v4dGAL8rhVQxTg0oAG9/q11h/
                 plaintext-password ""
             }
         }
     }
     name-server 8.8.8.8
     syslog {
         global {
             facility all {
                 level info
             }
             facility local7 {
                 level debug
             }
         }
     }
 }
[edit]
vyos@vyos#
[edit]
vyos@vyos# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 103.163.36.19 icmp_seq=1 Destination Host Unreachable
From 103.163.36.19 icmp_seq=2 Destination Host Unreachable
From 103.163.36.19 icmp_seq=3 Destination Host Unreachable
From 103.163.36.19 icmp_seq=4 Destination Host Unreachable
From 103.163.36.19 icmp_seq=5 Destination Host Unreachable
From 103.163.36.19 icmp_seq=6 Destination Host Unreachable
From 103.163.36.19 icmp_seq=7 Destination Host Unreachable
From 103.163.36.19 icmp_seq=8 Destination Host Unreachable
From 103.163.36.19 icmp_seq=9 Destination Host Unreachable
From 103.163.36.19 icmp_seq=10 Destination Host Unreachable
From 103.163.36.19 icmp_seq=11 Destination Host Unreachable
From 103.163.36.19 icmp_seq=12 Destination Host Unreachable
From 103.163.36.19 icmp_seq=13 Destination Host Unreachable
From 103.163.36.19 icmp_seq=14 Destination Host Unreachable
From 103.163.36.19 icmp_seq=15 Destination Host Unreachable
^C
--- 8.8.8.8 ping statistics ---
16 packets transmitted, 0 received, +15 errors, 100% packet loss, time 15377ms
pipe 4
[edit]
vyos@vyos# exit
exit
vyos@vyos:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
       f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure

S>* 0.0.0.0/0 [1/0] via 103.163.36.18, eth7.538, weight 1, 00:11:13
S>* 10.1.55.1/32 [1/0] via 10.3.113.254, eth7.55, weight 1, 00:11:13
S>* 10.3.0.0/16 [1/0] via 10.3.113.254, eth7.55, weight 1, 00:11:13
C>* 10.3.113.0/24 is directly connected, eth7.55, 00:11:13
S>* 10.13.137.106/32 [1/0] via 10.3.113.1, eth7.55, weight 1, 00:11:13
C>* 100.100.100.0/24 is directly connected, eth7.538, 00:11:13
C>* 103.163.36.6/31 is directly connected, eth7.2201, 00:11:13
C>* 103.163.36.18/31 is directly connected, eth7.538, 00:11:13
S>* 103.163.36.128/26 [1/0] via 103.163.36.6, eth7.2201, weight 1, 00:11:13
C>* 103.163.36.200/29 is directly connected, lo, 1d03h57m
S>* 103.163.36.216/29 [1/0] via 103.163.36.6, eth7.2201, weight 1, 00:11:13
C>* 192.168.1.0/24 is directly connected, eth3, 03:10:45
vyos@vyos:~$

help please

MOD Edit: Formatted output to be readable.

2

You’re using NAT Masquerade on eth7.538, but you have 2 IPs configured on that interface. Masquerade will use the Primary address on the interface, which in Linux is the first IP configured on the interface.

You’ll need to figure out if that second address is actually required on the interface. If it is, then you’ll likely want to hardcode the address you want to NAT to.

3 Likes
3

I’m still unfamiliar with this problem
The configuration is on the mikrotik
then I switched to Vyos where there are 3 IPs connected to the internet

vlan 2201 address 103.163.36.7 network 103.163.36.6
vlan 538 address 100.100.100.11/24 network 100.100.100.0
vlan 538 103.163.36.19 network 103.163.18

4

vyos@vyos# ping 10.3.163.36.18
ping: 10.3.163.36.18: System error
[edit]
vyos@vyos# ping 103.163.36.18
PING 103.163.36.18 (103.163.36.18) 56(84) bytes of data.
From 103.163.36.19 icmp_seq=1 Destination Host Unreachable
From 103.163.36.19 icmp_seq=2 Destination Host Unreachable
From 103.163.36.19 icmp_seq=3 Destination Host Unreachable
^C
— 103.163.36.18 ping statistics —
6 packets transmitted, 0 received, +3 errors, 100% packet loss, time 5153ms
pipe 3
[edit]
vyos@vyos#

5

anyone can help
please

6

Maybe it’s the netmask of /31? Can you try a netmask of e.g. /30 so that you have:

Network: 103.163.36.16/30
HostMin: 103.163.36.17
HostMax: 103.163.36.18
Broadcast: 103.163.36.19
Hosts/Net: 2

Change you IP addresses e.g. as follows:

VyOS Router VIF 538: 103.163.36.17/30
Your Gateway Router: 103.163.36.18/30

And then try to ping your gateway router from the VyOS router.

vyos@vyos# ping 103.163.36.18

7

vyos@vyos:~$ show interface
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address MAC VRF MTU S/L Description

eth0 - c8:1f:66:d0:35:39 default 1500 u/D
eth1 - c8:1f:66:d0:35:3a default 1500 u/D
eth2 - c8:1f:66:d0:35:3b default 1500 u/D
eth3 192.168.1.1/24 c8:1f:66:d0:35:3c default 1500 u/u
eth4 - 14:02:ec:8a:41:3c default 1500 u/D
eth5 - 14:02:ec:8a:41:3d default 1500 u/D
eth6 - e4:1d:2d:14:f6:20 default 1500 u/D
eth7 - e4:1d:2d:14:f6:21 default 1500 u/u
eth7.55 10.3.113.205/24 e4:1d:2d:14:f6:21 default 1500 u/u
eth7.538 100.100.100.11/24 e4:1d:2d:14:f6:21 default 1500 u/u
103.163.36.19/30
eth7.2201 103.163.36.7/31 e4:1d:2d:14:f6:21 default 1500 u/u
lo 127.0.0.1/8 00:00:00:00:00:00 default 65536 u/u
103.163.36.201/29
::1/128
vyos@vyos:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
f - OpenFabric,
> - selected route, * - FIB route, q - queued, r - rejected, b - backup
t - trapped, o - offload failure

S>* 0.0.0.0/0 [1/0] via 103.163.36.18, eth7.538, weight 1, 00:04:47
S>* 10.1.55.1/32 [1/0] via 10.3.113.254, eth7.55, weight 1, 00:12:49
S>* 10.3.0.0/16 [1/0] via 10.3.113.254, eth7.55, weight 1, 00:12:49
C>* 10.3.113.0/24 is directly connected, eth7.55, 00:12:49
S>* 10.13.137.106/32 [1/0] via 10.3.113.1, eth7.55, weight 1, 00:12:49
C>* 100.100.100.0/24 is directly connected, eth7.538, 00:12:49
C>* 103.163.36.6/31 is directly connected, eth7.2201, 00:12:49
C>* 103.163.36.16/30 is directly connected, eth7.538, 00:04:47
S>* 103.163.36.128/26 [1/0] via 103.163.36.6, eth7.2201, weight 1, 00:12:49
C>* 103.163.36.200/29 is directly connected, lo, 2d00h11m
S>* 103.163.36.216/29 [1/0] via 103.163.36.6, eth7.2201, weight 1, 00:12:49
C>* 192.168.1.0/24 is directly connected, eth3, 00:12:42
vyos@vyos:~$
vyos@vyos:~$
vyos@vyos:~$ ping 103.163.36.18
PING 103.163.36.18 (103.163.36.18) 56(84) bytes of data.
From 103.163.36.19 icmp_seq=1 Destination Host Unreachable
From 103.163.36.19 icmp_seq=2 Destination Host Unreachable
^C
— 103.163.36.18 ping statistics —
5 packets transmitted, 0 received, +2 errors, 100% packet loss, time 4107ms
pipe 2
vyos@vyos:~$

8

how and where the configure i have to change

9

I’m still new and very beginner on this system :sob: :sob:

10

So you try pinging to 103.163.36.18:

And route to such network, according to routing table, is:

C>* 103.163.36.16/30 is directly connected, eth7.538, 00:04:47

Are you sure this host is reachable through interface eth7.538?

11

vyos@vyos# show
interfaces {
ethernet eth1 {
hw-id c8:1f:66:d0:35:3a
}
ethernet eth2 {
hw-id c8:1f:66:d0:35:3b
}
ethernet eth3 {
address 192.168.1.1/24
hw-id c8:1f:66:d0:35:3c
}
ethernet eth4 {
hw-id 14:02:ec:8a:41:3c
}
ethernet eth5 {
disable-flow-control
hw-id 14:02:ec:8a:41:3d
}
ethernet eth6 {
hw-id e4:1d:2d:14:f6:20
hw-id e4:1d:2d:14:f6:20
}
ethernet eth7 {
disable-flow-control
vif 538 {
ethernet eth3 {
address 192.168.1.1/24
hw-id c8:1f:66:d0:35:3c
}
ethernet eth4 {
hw-id 14:02:ec:8a:41:3c
}
ethernet eth5 {
disable-flow-control
hw-id 14:02:ec:8a:41:3d
}
ethernet eth6 {
hw-id e4:1d:2d:14:f6:20
}
ethernet eth7 {
disable-flow-control
vif 538 {
address 103.163.36.19/31
}
}
}
protocols {
static {
}
}
service {
dns {
}
ntp {
allow-client {
address 0.0.0.0/0
address ::/0
}
server time1.vyos.net {
}
server time2.vyos.net {
}
server time3.vyos.net {
}
}
ssh {
port 22
}
}
system {
config-management {
commit-revisions 100
}
conntrack {
modules {
ftp
h323
nfs
pptp
sip
sqlnet
tftp
}
}
console {
device ttyS0 {
speed 115200
}
}
host-name vyos
login {
user vyos {
authentication {
encrypted-password $6$QxPS.uk6mfo$9QBSo8u1FkH16gMyAVhus6fU3LOzvLR9Z9.82m3tiHFAxTtIkhaZSWssSgzt4v4dGAL8rhVQxTg0oAG9/q11h/
plaintext-password “”
}
}
}
name-server 8.8.8.8
syslog {
global {
facility all {
level info
}
facility local7 {
level debug
}
}
}
}
[edit]
vyos@vyos# ping 103.163.36.18
PING 103.163.36.18 (103.163.36.18) 56(84) bytes of data.
From 103.163.36.19 icmp_seq=1 Destination Host Unreachable
From 103.163.36.19 icmp_seq=2 Destination Host Unreachable
From 103.163.36.19 icmp_seq=3 Destination Host Unreachable
^C
— 103.163.36.18 ping statistics —
5 packets transmitted, 0 received, +3 errors, 100% packet loss, time 4110ms
pipe 4
[edit]
vyos@vyos#

12

I deleted all the interface config that I was using
and I re-entered only vlan 538 with the address 103.163.36.19
then I tried pinging 103.163.36.18

There’s no config yet enything
just the interface

vyos@vyos# ping 103.163.36.18
PING 103.163.36.18 (103.163.36.18) 56(84) bytes of data.
From 103.163.36.19 icmp_seq=1 Destination Host Unreachable
From 103.163.36.19 icmp_seq=2 Destination Host Unreachable
From 103.163.36.19 icmp_seq=3 Destination Host Unreachable
^C
— 103.163.36.18 ping statistics —
5 packets transmitted, 0 received, +3 errors, 100% packet loss, time 4110ms
pipe 4
[edit]
vyos@vyos#

13

Try arping.

sudo arping -I eth7.538 103.163.36.18
14

What’s for
I don’t know arping

And why mas sudo
Vyos is using config and set to configure

15

vyos@vyos:~$ sudo -l arping eth7.538 103.163.36.18
/usr/bin/arping eth7.538 103.163.36.18
vyos@vyos:~$ sudo arping -l eth7.538 103.163.36.18
arping: invalid option – ‘l’

Usage:
arping [options]

Options:
-f quit on first reply
-q be quiet
-b keep on broadcasting, do not unicast
-D duplicate address detection mode
-U unsolicited ARP mode, update your neighbours
-A ARP answer mode, update your neighbours
-V print version and exit
-c how many packets to send
-w how long to wait for a reply
-i set interval between packets (default: 1 second)
-I which ethernet device to use
-s source ip address
dns name or ip address

For more details see arping(8).
vyos@vyos:~$

16

In the Mikrotik there is an IP menu
and in the IP menu there is an address
In the address menu there is an address column
which can be filled with 103.163.36.19 without a subnet
then below there is a network column that can be filled in directly with 103.163.36.18
Below that there is an interface column which I directed directly to VLAN 538

If it’s in Vyos, where is it located?
and how it is implemented

On Mikrotik, it’s easy, just click enter IP address + network
Select the VLAN interface, click OK

then when you ping 103.163.36.18 it replays

how to use that on vyos

17

Not ‘l’ but capital ‘i’.

sudo arping -I eth7.538 103.163.36.18
18

vyos@vyos:~$ sudo arping -I eth7.538 103.163.36.18
ARPING 103.163.36.18 from 103.163.36.19 eth7.538

19

This means that the address should be 103.163.36.19/31

20

yup i config like this