You are here

AirRouters to MikroTik hAP Tunnel Failures

21 posts / 0 new
Last post
KD1HA
KD1HA's picture
AirRouters to MikroTik hAP Tunnel Failures


I’m having tunnel issues with 3 of my AirRouters out in the field using various builds from 3.19.3.0 to the most recent 1000. I’m using the MikroTik hAP ac lite. It drops in and out but usually shows connected on the tunnel page but may not show up on the status page. Most often I cannot connect to the nodes even when the LQ/NLQ is at 100%.
I have downloaded my support file from the hAP but I’m attempting the get the support files for the remote AirRouters but it’s like trying to catch the Cuckoo bird exiting the clock!  I will download one when I can catch it!
Is this an issue with anyone else?
Thank you in advance,
Denis     
 

Support File Attachment: 
K6CCC
K6CCC's picture
Mine is working fine
For what it's worth, I am running a tunnel from a Rocket M5 (client end) to a hAP (server end) without any issues at all.  The tunnel has been there for several months on a collection of firmware versions from 3.19.3.0 up to Nightly build 1000 - sometimes the same version on both ends and often different versions.  Both ends are getting internet from Spectrum cable.
 
KE2N
KE2N's picture
airRouter
I think other people have noted that the airRouter probably does not have enough memory to handle the upgrade to 3.19.  After seeing mine struggle on the first upgrade to 3.19, I backed it down to 3.18.9 and it (and 2 others) have been fine ever since. 

The hAP has more memory and should be OK with 3.19+,  I am running one with a tunnel now and no problems with 3.19 - but limited experience/loading up to this point.

 
KD1HA
KD1HA's picture
Did you have to TFTP it back?
Did you have to TFTP it back? I know there was a problem going back using updates for some versions. Missed that about the memory issue somehow.

Thank you all for your comments.    
KE2N
KE2N's picture
looking back

Looking back, the particular problem I had was that - above a certain workload - the response to the GUI would get so slow as to be almost unusable.  It seems that the other functions were working but hard to see ... anyway this is the original string of comments on the issue (which may or may not be what you are seeing)  

https://www.arednmesh.org/content/airrouter-slow-update-page
 

AA7AU
AA7AU's picture
3.19.3.0 works well in my AR

Just grabbed my AirRouter and put it on line thru a ~750mile (as the crow meshes) tunnel to check on a remote site and all continues to work well with my AR running the 3.19.3.0 release. I have a number of tunnel clients defined in it, but only run one at a time when I do (occasionally), and then *never* connecting one mesh island to another (so not much traffic passes thru it).

Offered as just another current AR data point. (I love that AR almost as much as my Mikrotik AREDN-Swiss-Army-Knife node.

HTH,
- Don - AA7AU

edited to add: with both MeshChat and Tunnel Server/Client installed and active, this is my current: flash = 436 KB; /tmp = 14112 KB; memory = 3820 KB -- also: connected into Las Vegas area I had: OLSR Entries: Total = 126; Nodes = 40

NB: While this can be a contentious issue, please also note that our [informal, non-chartered] LVmesh group actively discourages any use of "tunnels" except in the case of 1) emergencies; 2) limited appropriate community-support events; and/or 3) proper control operator functions limited to a temporary single end-point connection.

k1ky
k1ky's picture
Check out reported Tunnel Issue #365 on GitHub
Check out my reported issue #365 on GitHub and see if what you are experiencing is similar to what I have reported.  Seems to be an issue of the Tunnel Server hanging on and not releasing the "incoming connection" so that it can reconnect after a disruption in the connection path for whatever reason, be it a client reboot, service interruption, flaky internet path and the like.  The Tunnel Server page shows blue could, but there are no entries nor even previous connection entries for the failed incoming tunnel node connection.
AA7AU
AA7AU's picture
Connection verification watchdog?

Sounds like a good thing to have (connection verification watchdog) "that can monitor the status of tunnel connections and reset the connection if trouble is detected on the server end". I haven't encountered the issue as I have my tunnels enabled in general for only a short time and/or have not had the type of connection disruption you write about. Guess if we ever had to rely upon a tunnel in an EmComm situation, especially more than short-term, this could be very troublesome indeed.

Diamonds are forever, tunnels not so much? Mr Scott: charge up the dilithium crystals ... we need more RF.

Good luck,
- Don - AA7AU

KF4HJW
Tunnel from hAP lite
I tried to tunnel in to a node that had already been set up and working and never got connected. I finally tried the 150 and connection was completed perhaps the hAP could this be related to this issue?
 
KD1HA
KD1HA's picture
Thank you all again. It does

Thank you all again. It does describe as Tom's issue at times some of the other descriptions as well. I am testing one of the AirRouters now back to 3.19.3.0 and if that's a bust I will move down to 3.18.x.x
I agree about the use of tunnels but we back here in the Northeast are fighting hills valleys and most of all trees lots of trees many as tall as your LV buildings.

Update: We are moving down to 3.18.9.0...

Thank you!!
  

AE6XE
AE6XE's picture
I'm going to be looking at
I'm going to be looking at this over the next few days.  I am currently at QTH-2 outside Kansas City, MO where my neighbors are all cows and an hAP-ac-lite tunneling back to QTH-1 in Mission Viejo, CA also with an hAP-ac-lite where my neighbors are all people :) .    I'll find out if I can reproduce any issues on the tunnel...

Joe AE6XE
KD1HA
KD1HA's picture
Thanks Joe,

Thanks Joe,

We backed it down to 3.18.9.0 and it seems to be working very well now. I have to get to 2 others but if you want me to hold off I will wait for your findings.

Here is the Support from the same node that now is running 3.18.9.0 but was downloaded with I believe 960 at the time. Would you like the 3.18.9.0 for comparison?

73,
Moo!!
 

Support File Attachments: 
KD1HA
KD1HA's picture
Update
AirRouter now using 3.18.9.0 is still very sluggish into the MikroTik hAP ac lite. It did start off well but now dead slow!
AE6XE
AE6XE's picture
If possible, turn off Mesh RF
If possible, turn off Mesh RF and  see if this makes a difference, only using dtdlink.    The 32Mb RAM devices are showing some symptoms, but this is over time (years) with every new version of firmware risk of becoming more problematic.  The OpenWrt folks have stopped doing builds to create firmware in their latest code branches:

"19.07 will be the last official build for 4/32 devices. After 19.07, no further images will be built for 4/32 devices, i.e. you have to build your own image with the known space saving measures"

This probably means 4Mb Flash or 32Mb RAM devices may not be built in OpenWRT on their current bleeding edge development.   AREDN doesn't fit in 4Mb Flash devices, so we are 8/32 for most of the Ubiquiti  AirMax models.   Always be sure for any new purchase to get a 16/64 or greater device.   8/64 at minimum, but risk there may not be enough space to install optional packages, like tunnels.  In some cases, there may not be any options, e.g. 3GHz devices are only known to be made by UBNT AirMax line --  8/32 Nano Station/Bridge and 8/64 Rocket.

Joe AE6XE
KD1HA
KD1HA's picture
Joe

Joe
If you mean turn off the RF on hAP ac it shows:
" Configuration not saved" then next line:
"Some settings auto updated to avoid conflicts, please review and save one more time"
I never had that message before and not aware where that setting is in Firmware 1010

If you wanted the AirRouter RF off, version 3.18.9.0 doesn't have the RF feature.
Denis

KD1HA
KD1HA's picture
hAP ac 3.19.3.0

Joe,
I backed the hAP down to 3.19.3.0 and disabled the RF and it still fails to connect to the AirRouter still on 3.18.9.0. It also is showing 100%/100%! One of the AirRouters is at a hospital and is set to be connected to my hAP by a tunnel but I don't have physical access to it because of security issues, hopefully it will not be a problem once connected. I don't remember what version firmware is in it as it has been sitting for over a year or more while we wait for IT to connect it.

Denis

KD1HA
KD1HA's picture
I guess this issue is

I guess this issue is unresolvable at this time so I will use my spare hAP ac at the hospital to tunnel all our nodes in from Providence into our VoIP server. If anyone finds an answer please let us know.

Again thank you all for your input!
Denis 

ki5edt
tunnel host & client cant load

I have a hAP Microtik and a Nano m5 and have the same error on all of them when loading tunnel server or client ..I am doing something wrong see pictures.
thanks K5GZL aka ki5etd
Doug

Image Attachments: 
ki5edt
tunnels
 

Node Status Basic Setup Port Forwarding,
DHCP, and Services
Tunnel
Server
Tunnel
Client
Administration Advanced
Configuration

Help  
Firmware Update
current version: 960-d8f9320
hardware type: mikrotik (rb-952ui-5ac2nd)
Upload Firmware    
Download Firmware - Select Firmware -   Keep Settings

Package Management
Downloading
http://downloads.arednmesh.org/snapshots/trunk/targets/ar71xx/mikrotik/packages/
Packages.gz
Updated list of available packages in /var/opkg-lists/aredn_core
Downloading
http://downloads.arednmesh.org/snapshots/trunk/targets/ar71xx/mikrotik/packages/
Packages.sig
Signature check failed.
Remove wrong Signature file.
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/base/Packages.
gz
Updated list of available packages in /var/opkg-lists/aredn_base
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/base/Packages.
sig
Signature check failed.
Remove wrong Signature file.
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/arednpackages/
Packages.gz
Updated list of available packages in /var/opkg-lists/aredn_arednpackages
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/arednpackages/
Packages.sig
Signature check failed.
Remove wrong Signature file.
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/luci/Packages.
gz
Updated list of available packages in /var/opkg-lists/aredn_luci
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/luci/Packages.
sig
Signature check failed.
Remove wrong Signature file.
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/packages/Packa
ges.gz
Updated list of available packages in /var/opkg-lists/aredn_packages
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/packages/Packa
ges.sig
Signature check failed.
Remove wrong Signature file.
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/routing/Packag
es.gz
Updated list of available packages in /var/opkg-lists/aredn_routing
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/routing/Packag
es.sig
Signature check failed.
Remove wrong Signature file.
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/telephony/Pack
ages.gz
Updated list of available packages in /var/opkg-lists/aredn_telephony
Downloading
http://downloads.arednmesh.org/snapshots/trunk/packages/mips_24kc/telephony/Pack
ages.sig
Signature check failed.
Remove wrong Signature file.

 
w6bi
w6bi's picture
Out of date!
Your nodes are running 960 nightly build.  The packages are only available for the latest nightly build.  Apply the latest nightly build and immediately apply the tunnel (and any other needed) packages.  You should be good then.
ki5edt
tunnels

Thanks W6bi.  I knew it was something simple...Thanks for pointing me in the right direction.
 I have three   5.8 and one  2.4 online  running Asterisk , Mesh chat and some cameras . I just don't have any neighbors in So Texas. So I need a connection.
Doug

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer