Hey friends, I need a help here. My network is setup for a transparent bridging with just 2 NICs ether1 and ether2 bridged to int bridge1.
I added a 3rd NIC int ether3 and setup a dhcp server so that my staff could connect to it and thus eliminate the office router. After the configuration, i discovered that the setup is only valid when I point to bridge1 as the dhcp interface. With this, the clients get IP leases, but are not able to browse. It is not even possible to ping the dhcp server default address 192.168.2.1
What have I done wrong? Is it not possible to get dhcp work under this my network senerio? Is there a better way to do it?
Please help ASAP.
Thanks
Austin
It sounds like two things are wrong. Have you put NIC 3 into the Bridge? Have you defined the default gateway address in the DHCP server?
I assume the MT router is then connected to an ADSL router or some other Internet connection device?
It might help to tell us all the addresses you’re using. Even if you think you’ve got things configured correctly, sometimes just writing the config down will help you and us to see what’s wrong.
Regards
Chris Macneill
Hey chris,
Thanks for your response. Here is what i got configured here.
int ether1 has 80.88.x.x/25. Int ether1 and ether2 are bridged to int bridge1.
int ether3 is added to the bridge port and IP address 192.168.2.0/24 is added to that int.
But when add ether3 as the dhcp server, it fails - invalid, but it is accepted when I added the bridge as the interface.
The pc connected to int ether3 gets dhcp lease - 192.168.2.254 and the default GW is 192.168.2.1, but it does not browse. Furthermore, i am unable to ping the default GW.
Please help me out - how best can I get it done.
Thanks
Austin
You don’t mention the address of ether2, so your setup isn’t entirely clear.
However, from what you have provided let’s make sure it isn’t an error in your notation.
-
192.168.2.0/24 is a network address not a host/interface address, either you meant to write 192.168.2.1/24 as ether3’s address or this is what you need to configure. For some strange reason MikroTik allow you to allocate the first address in a subnet as an interface address. Most other devices will give an error if you try to allocate an address of this type, try it on a Windows XP PC and see what happens. I’ve never read the RFCs to see if this is actually prohibitted, but by convention these are never allocated as host/interface addresses as these were reserved for broadcast. These days pretty much everyone uses all 1s broadcast addresses, e.g. 192.168.2.255/24, but the facility is still there to use all 0s, e.g. 192.168.2.0/24 as the broadcast address.
-
Correct me if I’m wrong, but I always thought that a bridge can only have interfaces with IP addresses in the same subnet, e.g. 80.88.x.x/25 isn’t the same subnet as 192.168.2.x, so you need to route or NAT this, not bridge it.
The solution really depends on what you’re trying to achieve. If you truely want a transparent bridge, then all addresses need to be in the range 80.88.x.x/25, this only gives you a total of 123 usable addresses if you have to allocate 3 for the router ethernet interfaces (2 more are lost as network and broadcast addresses). Potentially others are lost too depending on your connection method to the Internet.
If you need more than 123 addresses then your only other option is to use NAT.
If you setup ether3 on its own with IP address 192.168.2.1/24 rather than on the bridge, add a default route to the MT router of your ISP’s gateway and give users on ether3 a default route of 192.168.2.1, it should all work.
You also need to add a Firewall rule to provide translation of the private IP addresses to public:-
/ip firewall nat add chain=srcnat action=masquerade out-interface=ether1
I assume ether1 is your public interface.
Regards
Chris Macneill