my first back haul

I am new to mikrotik and router os and am working on setting up a ptp back haul with a level 3 411 board and a level 4 411ah board. Both have sr5 cards.

I have been able to get the units to link by creating a bridge then adding the eth1 and wlan1 to the bridge. (one unit is set as bridge, 411ah, and one as station, 411.) I can get my computer to grab dhcp ip address info passed on by my upstream router across the link but I can’t surf or ping out. I suspect I have a route issue but am not sure what to set up.

Can someone give me some advice on this next step. (How to setup a route if that is my issue. )I’ve been through as many online tutorials and links as I can in one night so i’m turning for help here.

Many thanks in advance.

So i’ve setup a bridge, added eth1 and wlan1 to the bridge. I set the 411ah as bridge and the 411 as station. I have turned on wds on each unit. they link and pass ipconfiguration info but I can’t pass traffic or ping out. I have no routes defined.

Any input?

You probably need a default route and masquerade. I don’t have a 411, so if the interface name is not ether1, change to match yours. And change the x’s to your ISP gateway address.

/ip route
add gateway=xx.xx.xx.xx

/ip firewall nat
add chain=srcnat action=maquerade out-interface=ether1

Set the 411 to station-wds.

Did you select “dynamic” wds on both sides? You don’t need routes to pass traffic as you are now set up as a bridge.

You will need a management IP address and default route on each RouterBoard pointing back to the gateway but that will not affect the bridge which should be passing traffic.

Tom

The gateway will help his management IPs to be reached but he doesn’t need the “/ip firewall nat” since he is bridging and not routing his traffic.

Tom

I think you would need the nat if the ap side is connected to the internet (public ip), wouldn’t you?

ADD: Presumed bridge only on CPE end. Maybe “assumed” is a better word? :smiley:

AP is connected to a dumb switch. Switch feeds out the bh. Far end of the bh is attached to gw. GW sends out private ip addresses. This way all radios point to a private gw. In this way if we change providers and lose our ip pool I don’t have to touch each radio the change the gw. The ‘private gw’ has hard coded settings in it from an upstream gw that has all the public info in it. Up here providers and bandwidth costs vary so much that we wanted to build in the flexibility to be able to change providers without changing ips on our radio network. (We don’t own an ip bank)

I think I last saw the gw setup in the webbox login for the radio. I’m still learning the layout of the gui.

Can someone tell me where I might find the spot to specify the gateway it in winbox?

So here is what i’ve done.

I put in the gateway in the webadmin gui under routes. I left the destination field as 0.0.0.0/0 as I assume this is to forward all packets out to the internet basically. I did this in at the lvl3 411 back haul. This is connected to the internet.

The back haul at the far end, lvl 4 411ah is supposed to connect to the internet through the above unit. I was just out there and the link is up and strong but no traffic.

When I come back to the office I found that I could not access the far end through dude. At this point I can only see as far as the lvl3 local bh. I can’t find anyway to remotely get into the far end even though it is linked. (It does not ping and on the lvl3 I can’t see any association/registration etc)

I assume I should also put in the gateway information into the webadmin gui at the far end as I did above?

So in summary: The lvl3 is at the local end and connected to the internet and has the gw information in it. the lvl4 at the far end does not have the gw info in it and would be receiving the internet from the cpe.

Have I only missed putting the gw into the ap end?

I use a default route for the OS in all my boxes. The client end should have the same 0.0.0.0/0 route with the ip of the wan (internet) router interface as the gateway.

Ok, so I am going to set both ends to have the gw specified in the webadmin gui under routes and leave destination at 0.0.0.0/0 at both ends.

Wish I had another guy in the office today to help but on a nice sunny day after all the rain I’m the whole show. :slight_smile:

I’ll post back.

I hope that was clear. The client default route should be the localnet interface (wlan) ip of the internet-side router. In other words, if the wlan network interface is 192.168.0.1/24 on the ap side and the client is 192.168.0.2/24 on the station side, then the default route in the client should be 192.168.0.1

ok so the gw is, let’s say, 192.168.1.1, this is connected to client side radio at .2 (This is the radio on the internet side). .2 connects via bridge1 to the ap at .3.

Now I am trying to work out my routes.

In the client radio (internet side, .2)
I put under ip/routes in winbox i created a route with destination 0.0.0.0 and gw 192.168.1.1. What gateway interface should I choose. (bridge1, eth1 or wlan1? I’m currently set to bridge1) Under ip/address in winbox i put in the ip address of the radio as 192.168.1.2/24 and selected bridge1 (I could also choose eth1 or wlan1)

In the ap radio
I have not setup an routes. Can someone please advise?
under ip/addresses i put .3 and selected bridge1.

Should the ap point to .2 as the gw and not .1 in this case or will the routerOS be able to look a few hops down to find the gw connected to the .2 client radio?

Or If I set the ap to have a gw of the client radio at the internet side, .2, then all traffic from other clients will forward to the client radio at .2 which is connected to the internet and out to the main gw at .1 right? (Unless the routeros can see that extra ‘hop’ to the gw

With the current setup I can see by logging into winbox at the local, .2, end through dude that wlan1 is registered to the ap at .3. I cannot, however, winbox into the far end at .3. .3 also does not respond to ping requests. I also cannot telnet in via ip or mac address through the built in telnet dude tools.

I feel like I am almost there. Thanks in advance for any input.

I responded to your other post, but I don’t think I understood. What ip/netmask is assigned to the ap (internet) side radio?

The internet side radio is the client not the ap. Is this where I am going wrong? The internet side radio is 192.168.1.2/24. Again it is the lvl3 client side radio that is connected to the 192.168.1.1 gateway to the internet and not the ap , .3, radio.

Do I have to swap the ap and client radios? IE put the ap at the internet side for this setup to work? (My hope was to have the far end ap also register other clients to function as an ap and as a bh bridge. I can also just purchase another radio to put at the remote site if I have to but it is a solar site so…

I always set my internet side radio as the ap and the client side as the station. But I don’t see any reason it would not work the other way. For me, it would allow only one ap. Not good. I recommend putting the ap on the internet end and the station on the client end. You can add more aps (edit: stations) later that way. Just a thought…

If you keep your current setup:
On your ap side radio (192.168.1.1), you need to set the default gateway in “/ip route” as 192.168.1.2. On the station side, set the gateway to the internet (public) gateway.

ADD: By ap side, I mean the “mode=ap-bridge” setting in “/interface wireless”, not the actual function.

hmmm. ok. My thought had been to connect the ap to a router in the solar closet and from there attach other aps so I wasn’t only able to have ‘just one’. However even if that did work I have been counseled that if I make my bh also and ap I will quickly suffer performance losses.

In other words the client on the internet side would feed up to the ap. this ap would also have other clients registered with it. (perhaps bond or load balance with another isp also pumped up from another client side down the road) This ap would run into a switch that connected to other aps at this solar facility.

What it sounds like to me is that I should put the ap at the internet side and the client at the remote site. Then purchase another ap to connect to the client via switch etc to make the network happen.

back to the current setup.

(the ap is actually .3 not .1). So you are saying I should set the gateway address in the ap to the ip address of the internet side client, 192.168.1.2 in this example. I wondered if that was what I would need to do. The station side is already set to the public 192.168.1.1 gw in this example.

your ADD note. To clarify I am going to setup in ip/routes a destination of 192.168.2.1. I’m not quite sure what you mean in the interface wireless unless there is spot in there to specify the ip info and that I should not put the info in at ip/routes?

I do the backhaul three deep now. Here is my normal setup:

internet – ether1 (core router) wlan1 ap-bridge – wlan1 station (remote router) wlan2 ap-bridge – wlan1 station (CPE) ether1 – Customer computer

I can add more remote routers to the core router, and more CPEs to each remote router.

Yeah, that was my original deployment thought. I just thought I could save one ap by making one do double duty. Trying to save battery power. Sounds like I’ll save myself some grief though if I just buy another radio. It’s not the cost in $ but the cost in power I’m paying attention to.

At any rate I’m going to go play with your suggestions for a bit.

Many thanks. I’ll post back.

You can put CPE /hotspot access point radios in the core router and the remote router units. The end CPE unit can be a hotspot access point if you change the ether1 to wlan2 and install a hotspot service there.

I understand about the $$. I just dumped a few of those $$s on two 135 watt panels and a MPPT charger to replace a smaller, but outgrown, 85w panel and standard charger.