Martin
I don’t see this complete entry, specifically arp and broadcast:
/ip dhcp-server
add add-arp=yes address-pool=default-dhcp always-broadcast=yes disabled=no
interface=BR-10 lease-time=3d name=default
Martin -
Even with a static IP in the range of 172.16.10.2 - 172.16.10.254 you should be able to ping 172.16.10.1 from either ether2 or ether3.
What does /IP ARP in the Mikrotik show when you have a PC connected to either ether2 or 3 with a properly configured IP address?
What does your static entry on the PC look like? 172.16.10.27, netmask 255.255.255.0 or /24 depending on whether it is linux or windows… Does it have the correct gateway, 172.16.10.1 and what about DNS, did you put in a static DNS entry as well? (like 8.8.8.8 - google public dns server).
If you can’t put a static IP on a computer and connect to ether2 or ether3 and ping the Mikrotik, then you either have a firewall configuration that is blocking you, or else your ethernet ports are configured on the hardware switch as slave ports. (I think ROS actually stops you from doing this nowadays, but make sure that ether2 and ether3 have master port set to none.) See if your filter rules refer to interface ether2 or ether3 - if so then they should be changed to refer to BR-10 instead. Also make sure you didn’t configure any bridge firewall rules that might be breaking things.
the add-arp and always-broadcast configurations shouldn’t normally be required, especially the ARP item, since normal ARP behavior on the IP interface (BR-10) should dynamically discover the MAC addresses of the client devices. You’d only need this if your LAN was doing some type of filtering on broadcast traffic that would prevent ARP from doing its job.
This person is a newbie Zerobyte… And while for the most part your statement is correct there are so many devices out there that don’t play by the rules that adding what I told him can only help, it will not hinder any other p/o the config. Espeically since he seems to have a real issue w/his config, any extra info we can get will be helpful in helping Martin out.
ip dhcp-server network
add address=172.16.10.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=172.16.1.1
Gateway should be 172.16.10.1…
It could also be a hardware issue. Can you set an IP address on a different port, w/o a bridge and connect the Mac for just a short test - to test the Mikrotik…
I did a factory reset, with default config and then with static ip address on port 1 (ether1) or port 2 (ether2) I could ping from mikrotik the macbook.
[admin@MikroTik] > /ip arp print
Flags: X - disabled, I - invalid, H - DHCP, D - dynamic, P - published
ADDRESS MAC-ADDRESS INTERFACE
0 D 192.168.88.4 AC:7F:3E:E6:74:28 ether1-master-local
and see it in the arp table, just it doesnt matter if i put in ether1 or ether2 in both cases it gives ether1-master-local
I have reset again without config and enter the config again with the gateway change, still no dhcp and no static ip that work.
Open the interfaces tab and check each ether port. I would suggest that for the moment that you set ‘master port’ to none on all interfaces…
Also - remember, you can’t have the same ip block on two different interfaces (ports) w/o disabling one of the ip blocks…
Do not setup the bridge until we can get the static ip working, then we’ll go to dhcp, then we’ll setup the bridge and move the ip block and dhcp server to the bridge…
Thom, what i mean is i have put al the above lines for dhcp server in, but i don’t get an ip address from the dhcp server.
If I set my mac to fixed ip 172.16.10.2 then i can ping the mikrotik.
Martin -
A CRS226… Well it would have been helpful to know that earlier… I do not have a CRS handy to work this out with you on…
From what I remember though you have to assign the DHCP server to a port and VLAN (on that port) has to have the port you selected as being able to pass the traffic. In VLAN translation rules you need to set sa-learning=yes.
I don’t remember the rest, if there was anymore, that you need to do to get DHCP running on the CRS.