Pages

15/12/2021

Mikrotik RouterOS - "received unsupported protocol 0x2145"

I've recently been playing with L2TP tunnels between Cisco and Mikrotik gear in an LAC/LNS type configuration. The L2TP tunnel was coming up but any traffic across the tunnel would fail. Enabling l2tp logging on the Mikrotik router revealed the error "received unsupported protocol 0x2145"

Google didn't give any direct solutions but did give a few clues suggesting it might be related to "Protocol Field Compression" (PFC),  and reading RFC 1661 yielded a bit more information on how it should work.

Fortunatly I was able to find a fix.

 
https://humornama.com/wp-content/uploads/2020/08/Leonardo-DiCaprio-laughing-meme-template-of-Django-Unchained-1024x1024.jpg
A Mikrotik bug? Never!


Preface

I experienced this issue with RouterOS version 6.48.6 on an RB4011 and IOS version 15.3(3)XB12 on a Cisco 3825. I've not checked other versions to see if the issue is present, or indeed if the fix works.

Troubleshooting

Armed with the information I found on a mailing list and the RFC I had a rough idea that I needed to look at PFC, so I ran some packet captures whilst bringing up the L2TP tunnel.
 
PPP Encapsulated ping


 
 Looking at the PPP encapsulated ICMP ping from the Cisco router, we can see it's sent the single byte '21' for the protocol field. Note the byte next to it is '45'

If we look at the PPP LCP rejection response from the Mikrotik, we can see it's rejecting the unknown protocol field 0x2145, suggesting its attempting to read 2 bytes instead of 1.


PPP LCP Reject message
 
So at this stage I'm pretty confident I've identified the issue, but how can I fix it?
 

The fix(es)

Unfortunately I wasn't able to find any information on getting the Mikrotik (RouterOS v6) to work with a compressed protocol field and there's no relevant settings in the L2TP or PPP sections. Upgrading the Mikrotik to RouterOS v7 resolves the issue, however it only came out recently so some caution should be used before using it in production...
 
After much googling, with the usual frustration of dead links and 404s from the Cisco website, I finally found a relevant document ACFC and PFC Handling During PPP Negotiation - it doesn't entirely match my setup with a GroupAsync interface, but I thought I'd try it. With a little trial and error I found the required command that disables the Protocol Field Compression and gets things working:

interface Group-Async0
  ppp pfc local forbid


 
With the required command entered I restarted the L2TP tunnel and I could succesfully ping across the tunnel - success! I thought I'd take another packet capture to be sure, and it confirmed that 2 byte protocol fields were being sent: