TIL #5 - Fixing Mikrotik VPN

2023-08-12

mikrotik , TIL

Misbehaving interface list

In a previous post I lamented on the fact that my WireGuard VPN sometimes stops working for some misterious reason.

In the coming weeks I did not have any issues with it and honestly already forgot about it but after an upgrade to 7.10.2 the problem raised its ugly head again.

Investigation is in order!

Troubleshooting is always a fun thing to do, until it’s not. This time it was fun because I decided to read the documentation. Turns out there is a function in the MikroTik routers called Detect Internet. This is enabled by default and can be queried with the command

/interface/detect-internet/print

It’s categorizing monitored interfaces into interface lists. Bingo. Also it does this check every minute. Unacceptable!

I turned off the settings and rebooted, just to be sure.

/interface/detect-internet/set internet-interface-list=WAN lan-interface-list=LAN wan-interface-list=WAN

And lo and behold, the problem is gone.

But why?

I can see some merit in detecting the actual state of your internet connectivity but I can’t really imagine why it was implemented in this way. The only drawback of turning this functionality off is that I cannot see in the MikroTik app (highly recommended by the way if you want to play around with the router settings on your phone or tablet, it gives you access to every setting available on the router).

Nevertheless, all is well, my VPN will work after a reboot now. Until I screw up in some other way with the settings of course…