Mikrotik- a subnet route is ignored

Question

I have the following schema:

Site1 (Mikrotik)

Static WAN IP - 192.168.28.11/28
dynamic connected route - 192.168.28.0/28 --> 192.168.28.1 (route1 for short)
static connected route - 192.168.28.240/28 --> 192.168.28.1 (route2)

Site2 (cheap simple router)

Static WAN IP - 192.168.28.253/28
Gate - 192.168.28.254

If I start ping/traceroute from Site1 to Site2 all packets pass via the 192.168.28.1 gateway (route2), but for a period of time. After that - route 2 is ignored and the router tries to send the packets via route1. If I disable route2, wait some time (5 minutes) and enable it again - the communication restores via route 2 (again for a short period). And so on...

What could be the reason for that ? These are totally different subnets and route 2 should be always preferred.

EDIT

/ip address export
add address=192.168.1.1/24 interface=ether2 network=192.168.1.0
add address=192.168.28.11/28 interface=ether1-gateway network=192.168.28.0
add address=192.168.2.1/24 interface=ether3 network=192.168.2.0

/ip route export
add distance=1 dst-address=192.168.10.0/24 gateway=ether1-gateway
add distance=1 dst-address=192.168.20.0/24 gateway=192.168.28.1
add distance=1 dst-address=192.168.24.0/24 gateway=192.168.28.1
add distance=1 dst-address=192.168.28.240/28 gateway=192.168.28.1
add distance=1 dst-address=192.168.72.0/24 gateway=192.168.28.1

/route print detail

 0 ADS  dst-address=0.0.0.0/0 gateway=XXX.XXX.XXX.XXX 
        gateway-status=XXX.XXX.XXX.XXX reachable via  pppoe distance=1 
        scope=30 target-scope=10 

 2 ADC  dst-address=192.168.1.0/24 pref-src=192.168.1.1 gateway=ether2 
        gateway-status=ether2 reachable distance=0 scope=10 

 3  DC  dst-address=192.168.2.0/24 pref-src=192.168.2.1 gateway=ether3 
        gateway-status=ether3 unreachable distance=255 scope=10 

 5 A S  dst-address=192.168.10.0/24 gateway=ether1-gateway 
        gateway-status=ether1-gateway reachable distance=1 scope=30 
        target-scope=10 

15 A S  dst-address=192.168.20.0/24 gateway=192.168.28.1 
        gateway-status=192.168.28.1 reachable via  ether1-gateway distance=1 
        scope=30 target-scope=10 

16 A S  dst-address=192.168.24.0/24 gateway=192.168.28.1 
        gateway-status=192.168.28.1 reachable via  ether1-gateway distance=1 
        scope=30 target-scope=10 

17 ADC  dst-address=192.168.28.0/28 pref-src=192.168.28.11 
        gateway=ether1-gateway gateway-status=ether1-gateway reachable 
        distance=0 scope=10 

18 A S  dst-address=192.168.28.240/28 gateway=192.168.28.1 
        gateway-status=192.168.28.1 reachable via  ether1-gateway distance=1 
        scope=30 target-scope=10 

23 A S  dst-address=192.168.72.0/24 gateway=192.168.28.1 
        gateway-status=192.168.28.1 reachable via  ether1-gateway distance=1 
        scope=30 target-scope=10 

24 ADC  dst-address=XXX.XXX.XXX.XXX/32 pref-src=XXX.XXX.XXX.XXX gateway=pppoe 
        gateway-status=pppoe reachable distance=0 scope=10

traceroute

Working
- Site1 --> Site2 (http://tinypic.com/view.php?pic=2vkb6u0&s=8)
- Site2 --> Site1 (http://tinypic.com/view.php?pic=dclsm&s=8)
Not working
- Site1 --> Site2 (tinypic(.)com/view.php?pic=2cz4whk&s=8) (please, remove the brackets arround the ".")

I dont have access to Site2 when the connection breaks, so I run a traceroute.

PS. Excuse me for the image hosting site and the third link, but I don't have enough repo to attach images and type more than 2 links.

Please post the results of `/ip address export` and `/ip route export`. Also please post the results of `/ip route print detail` both when it is working properly and when it is not. — Cha0s, Jan 24 '15 at 15:30
Question updated with the `/ip route export`. The results are identical in both situations - when work and when it doesnt. — user266784, Jan 24 '15 at 16:02
Thanks for the updates. Where is the IP `192.168.28.1` configured on? And where is IP `192.168.1.254` configured on? You mention that you use both those IPs as gateways (on each site respectively) but none of those IPs are configured on your routers (according to your postings). — Cha0s, Jan 24 '15 at 16:03
These are addresses of my ISP. Gateway `192.168.28.254` is configured on the `Site2` and `28.1` is at `Site1`. Btw, where should I configure a gateway in my mikrotik ? — user266784, Jan 24 '15 at 16:08
So there are other routers involved. Can you post a traceroute from both directions when it works and when it doesn't? From what you describe it may be a problem on your ISP's routers or something unrelated to Mikrotik's configuration. At first glance Mikrotik's config looks ok. You can add new routes (gateway) in `/ip route` (or from winbox `IP > Routes`) — Cha0s, Jan 24 '15 at 16:59

score 1 · Answer 1 · answered Feb 01 '15 at 07:00

After days of debugging and trying different solutions, I decided that this is an issue, caused by my ISP.

Anyway, the solution was to harddefine an ARP in the routerboard to Site2 WAN IP with the mac address of the Site1 gateway. Ie ARP 192.168.28.253 --> mac address of 192.168.28.1.

Mikrotik- a subnet route is ignored

1 Answers1