I am new to Mikrotik and have been attempting to setup a transparent bridge between 3 Mikrotik outdoor wireless units. My goal is to transparently extend our internal building network out to some outdoor test sites. Node 1 is an Omnitik, node 2 is a SXT and node 3 is a Groove 52. The Omnitik is configured as an AP Bridge and the other 2 nodes are stations. I followed the instructions at: http://www.manitonetworks.com/mikrotik-mpls-with-vpls/ and http://wiki.mikrotik.com/wiki/Transparently_Bridge_two_Networks_using_MPLS. I think the MPLS and VPLS parts are working porperly.
I have computers hooked up to the ethernet interfaces of each unit at 192.168.88.6#, the wireless interfaces of each node are at 192.168.100.# and the bridge interfaces are at 192.168.88.# of each node where the pound sign is the respective node number. From any of the connected computers, I can ping any of the bridged Mikrotik interfaces, but I can not ping the computers. I successfully do bandwidth tests between the nodes, which is why I don’t think it is a MPLS/VPLS issue.
I cannot ping from any of the Mikrotik nodes to the computer locally connected to the node. I have disabled Windows firewall on all the computers to ensure that it is not a computer firewall issue. I removed the DHCP servers & clients in the Mikrotik config. I also removed the NAT rule and replaced all the filter rules on each unit with an accept rule for forward, input and output chains. I thought it might be an ARP issue, so I changed the bridge interface on each unit from ARP: enbable to ARP: proxy-arp. As a gut check, I reset the configuration of two of the nodes to the default configuration and tried to ping my local computers, but it still timed out.
I feel like I’m pretty close to what I want, but am just missing something due to my lack of experience with Mikrotik. Below is the configuration for node 2 for convenience. I have attached all 3 nodes compact exports.
# jan/02/1970 00:09:29 by RouterOS 6.33.1
# software id = GS0R-N1GF
#
/interface bridge
add comment="MPLS Loopback" name="MPLS Loopback"
add comment="Site 2" name="VPLS Site 2 Bridge"
/interface wireless
set [ find default-name=wlan1 ] band=5ghz-onlyn channel-width=20/40mhz-Ce \
country="united states" disabled=no frequency=5200 name=wlan1-gateway \
radio-name=SXT ssid=CPPAR
/interface ethernet
set [ find default-name=ether1 ] name=ether1-local
/interface vpls
add comment="Site 2 VPLS" disabled=no l2mtu=1500 mac-address=\
E4:8D:8C:8E:8C:CB name="Site 2 VPLS" remote-peer=192.168.100.1 vpls-id=\
90:0
/ip neighbor discovery
set wlan1-gateway discover=no
set "MPLS Loopback" comment="MPLS Loopback"
set "Site 2 VPLS" comment="Site 2 VPLS"
set "VPLS Site 2 Bridge" comment="Site 2"
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/routing ospf instance
set [ find default=yes ] router-id=192.168.100.2
/interface bridge port
add bridge="VPLS Site 2 Bridge" interface=ether1-local
add bridge="VPLS Site 2 Bridge" interface="Site 2 VPLS"
/ip address
add address=192.168.88.2/24 comment="default configuration" interface=\
"VPLS Site 2 Bridge" network=192.168.88.0
add address=192.168.100.2/24 interface=wlan1-gateway network=192.168.100.0
/ip dhcp-server network
add address=192.168.88.0/24 comment="default configuration" gateway=\
192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add chain=input comment="default configuration" connection-state=\
established,related
add chain=forward comment="default configuration" connection-state=\
established,related
add chain=output
/mpls interface
set [ find default=yes ] interface=wlan1-gateway
/mpls ldp
set enabled=yes lsr-id=192.168.100.2 transport-address=192.168.100.2
/mpls ldp interface
add interface=wlan1-gateway
/mpls ldp neighbor
add transport=192.168.100.1
add transport=192.168.100.3
/routing ospf network
add area=backbone network=192.168.100.0/24
add area=backbone network=192.168.100.2/32
/system leds
set 0 interface=wlan1-gateway
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=ether1-local
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether1-local