DHCP server on slave interface

gkrellm · August 11, 2017, 8:45pm

Hi,

I noticed an error “cannot run DHCP server on slave interface”.

[admin@Router] /ip dhcp-server> print
Flags: D - dynamic, X - disabled, I - invalid 
 #    NAME                                       INTERFACE                                       RELAY           ADDRESS-POOL                                       LEASE-TIME ADD-ARP
 0    dhcp1                                      vlan101                                                          dhcp_pool9                                         10m       
 1  I ;;; DHCP server can not run on slave interface!
      dhcp2                                      vlan102                                                          dhcp_pool10                                        10m       
 2    dhcp3                                      bridge-vlan103                                                  dhcp_pool11                                        10m       
 3    dhcp4                                      bridge-trunk                                                    dhcp_pool12                                        10m

In my case, DHCP server should run on VLAN interface, which is part of a bridge “trunk”.

It seems that similar VLAN interfaces appear differently:

[admin@Router] /interface> print
Flags: D - dynamic, X - disabled, R - running, S - slave 
 #     NAME                                TYPE       ACTUAL-MTU L2MTU  MAX-L2MTU MAC-ADDRESS      
..
..
18  R  vlan101                              vlan             1500  1594            E4:8D:8C:0C:A9:4E
19  RS vlan102                              vlan             1500  1594            E4:8D:8C:0C:A9:4E
20  RS vlan103                             vlan             1500  1594            E4:8D:8C:0C:A9:4E

All VLAN (101, 102 and 103) are configured on bridge “bridge-trunk”:

[admin@Router] /interface vlan> print
Flags: X - disabled, R - running, S - slave 
 #    NAME                                                                     MTU ARP             VLAN-ID INTERFACE                                                                  
 0 R  vlan101                                                                  1500 enabled              101 bridge-trunk                                                               
 1 R  vlan102                                                                  1500 enabled              102 bridge-trunk                                                               
 2 R  vlan103                                                                 1500 enabled             103 bridge-trunk

[admin@Router] /interface bridge port> print
Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload 
 #     INTERFACE                                                   BRIDGE                                                   HW  PVID PRIORITY  PATH-COST INTERNAL-PATH-COST    HORIZON
 0     ether1                                                      WAN                                               no     1     0x80         10                 10       none
 1     ether3                                                      bridge-vlan103                                           no     1     0x80         10                 10       none
 2     vlan103                                                     bridge-vlan103                                           no     1     0x80         10                 10       none
 3     ether4                                                      bridge-trunk                                             no     1     0x80         10                 10       none
 4     ether5                                                      bridge-trunk                                             no     1     0x80         10                 10       none
 5     ether9                                                      bridge-vlan101                                           no     1     0x80         10                 10       none
 6     vlan101                                                      bridge-vlan101                                           no     1     0x80         10                 10       none
..
..

I don’t understand why vlan102 is “slave” and vlan101 not.
I am using 6.41rc11 on RB2011iLS, but I got same behavior on latest stable (6.38.7)

AlainCasault · August 11, 2017, 8:58pm

Hello

You cannot put an ip address on a slave port.

Secondly, your vlan interface has to be bound to a bridge (such as bridge-blan102) to show as slaved.

Regards

Sent from Tapatalk

AlainCasault · August 11, 2017, 9:41pm

Edit: not can you put a dhcp server.

Sent from Tapatalk

gkrellm · August 14, 2017, 10:40am

OK, I don’t understand why vlan101 is not appearing as “slave” interface, as I wrote.

AlainCasault · August 14, 2017, 10:43am

Ya, my mistake. I didn’t see that vlan101 is a bridge port. That is strange.

Sent from Tapatalk

pukkita · August 14, 2017, 11:13am

Post an unedited (but from passwords) export.

gkrellm · August 19, 2017, 12:53pm

# aug/19/2017 14:47:03 by RouterOS 6.41rc11
# software id = CEUV-J1Y2
#
# model = 2011iLS
# serial number = 608205835ECB
/interface bridge
add fast-forward=no igmp-snooping=no name=bridge-trunk protocol-mode=none
add fast-forward=no igmp-snooping=no name=bridge-vlan102 protocol-mode=none
add fast-forward=no igmp-snooping=no name=bridge-vlan103 protocol-mode=none
add fast-forward=no igmp-snooping=no name=bridge-wan protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] comment=ADSL
set [ find default-name=ether3 ] comment="my pc"
set [ find default-name=ether4 ] comment=switch1
set [ find default-name=ether5 ] comment=switch2
set [ find default-name=ether9 ] comment=ciscotest
/interface vlan
add interface=bridge-trunk name=vlan101 vlan-id=101
add interface=bridge-trunk name=vlan102 vlan-id=102
add interface=bridge-trunk name=vlan103 vlan-id=103
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool9 ranges=192.168.101.2-192.168.101.254
add name=dhcp_pool10 ranges=192.168.102.2-192.168.102.254
add name=dhcp_pool11 ranges=192.168.103.2-192.168.103.253
add name=dhcp_pool12 ranges=10.0.0.2-10.0.0.254
/ip dhcp-server
add address-pool=dhcp_pool9 authoritative=after-2sec-delay disabled=no interface=vlan101 name=dhcp1
add address-pool=dhcp_pool10 authoritative=after-2sec-delay disabled=no interface=bridge-vlan102 name=dhcp2
add address-pool=dhcp_pool11 authoritative=after-2sec-delay disabled=no interface=bridge-vlan103 name=dhcp3
add address-pool=dhcp_pool12 authoritative=after-2sec-delay disabled=no interface=bridge-trunk name=dhcp4
/interface bridge port
add bridge=bridge-wan hw=no interface=ether1
add bridge=bridge-vlan103 hw=no interface=ether3
add bridge=bridge-vlan103 hw=no interface=vlan103
add bridge=bridge-trunk hw=no interface=ether4
add bridge=bridge-trunk hw=no interface=ether5
add bridge=bridge-vlan103 hw=no interface=ether9
add bridge=bridge-vlan102 hw=no interface=vlan102
/ip address
add address=192.168.0.2/24 interface=bridge-wan network=192.168.0.0
add address=172.16.69.1/24 interface=bridge-trunk network=172.16.69.0
add address=192.168.31.1/24 interface=bridge-vlan102 network=192.168.31.0
add address=192.168.17.1/24 interface=vlan101 network=192.168.17.0
add address=192.168.106.1/24 interface=vlan103 network=192.168.106.0
/ip dhcp-server network
add address=10.0.0.0/24 dhcp-option=unifi gateway=172.16.69.1
add address=192.168.101.0/24 gateway=192.168.101.1
add address=192.168.102.0/24 gateway=192.168.102.1
add address=192.168.103.0/24 gateway=192.168.103.1
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip route
add distance=1 gateway=192.168.0.1
/system clock
set time-zone-name=Europe/Rome
/system identity
set name=Router
/system ntp client
set enabled=yes primary-ntp=193.204.114.232 secondary-ntp=193.204.114.233
#error exporting /system routerboard mode-button

pukkita · August 19, 2017, 6:32pm

In my case, DHCP server should run on VLAN interface, which is part of a bridge “trunk”.

Not quite… vlan is “hanging” from bridge-trunk. The only interfaces which are part of bridge-trunk, i.e. are bridge ports, are ether4 and ether5.

I don’t understand why vlan102 is “slave” and vlan101 not.

Because vlan101 is not part of any bridge… while vlan102 is, although there aren’t any other interfaces in that bridge.

What’s the point of bridge-vlan102? No other ports but vlan102 on it… I’d remove that bridge, and run DHCP server directly on vlan102.