Hi all.
I need a simple loop on hap ac lite)
I connect 4 port with 5 port by the patch cord))
The idea is to do second traffic processing for some case.
I turn off loop protection on interfaces and stp too (when I make bridges later)
But there aren’t input/forward traffic on the loop interface when I send pings from other one.
Sniffer shows rx packets on the 5 port, but there is all.
No one fw log trap (dst-nat/filter/mangle/raw) does not show any packet on ether5 execpt outgoing packets on ether4_.
/interface ethernet
set [ find default-name=ether4 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full arp=disabled loop-protect=off name=ether4_
set [ find default-name=ether5 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full arp=disabled loop-protect=off poe-out=off
/ip address
add address=192.168.0.102/24 comment="Beeline(sotovij)" interface=ether5 network=192.168.0.0
add address=192.168.1.102/24 interface=ether4_ network=192.168.1.0
/ip firewall filter
add action=log chain=input in-interface=ether5 log-prefix=pings
add action=log chain=forward in-interface=ether5 log-prefix=pings
add action=log chain=output dst-address=8.8.8.1 log-prefix="pings outs"
/ip firewall nat
add action=log chain=dstnat in-interface=ether5
/ip firewall raw
add action=log chain=prerouting in-interface=ether5
/ip firewall mangle
add action=log chain=prerouting in-interface=ether5
add action=log chain=input in-interface=ether5
add action=log chain=forward in-interface=ether5
/ip route
add distance=1 dst-address=8.8.8.1/32 gateway=192.168.1.1%ether4_
/ip route rule
add action=lookup-only-in-table dst-address=8.8.8.1/32 table=main
add action=lookup-only-in-table interface=ether4_ table=main
When I ping 8.8.8.1 - I see only that:
[admin@MikroTik] /tool sniffer packet> pr d
0 time=0.716 num=2 direction=tx src-mac=XX:XX:XX:XX:XX:XX dst-mac=XX:XX:XX:XX:XX:XX interface=ether4_
src-address=192.168.1.102 dst-address=8.8.8.1 protocol=ip ip-protocol=icmp size=70 cpu=0 fp=no ip-packet-size=56
ip-header-size=20 dscp=0 identification=13131 fragment-offset=0 ttl=255
1 time=0.717 num=1 direction=rx src-mac=XX:XX:XX:XX:XX:XX dst-mac=XX:XX:XX:XX:XX:XX interface=ether5
src-address=192.168.1.102 dst-address=8.8.8.1 protocol=ip ip-protocol=icmp size=70 cpu=0 fp=no ip-packet-size=56
ip-header-size=20 dscp=0 identification=13131 fragment-offset=0 ttl=255
I try to make bridges and to do mac src-nat, but no success
And I do correction route gateway to b4
/interface bridge
add arp=disabled fast-forward=no name=b4 protocol-mode=none
add arp=disabled fast-forward=no name=b5 protocol-mode=none
/interface bridge filter
add action=log chain=input in-interface=ether5 log-prefix=iin
add action=log chain=forward in-interface=ether5 log-prefix=iin
/interface bridge nat
add action=src-nat chain=srcnat out-bridge=b4 out-interface=ether4_ to-src-mac-address=EE:EE:EE:00:00:00
add action=log chain=dstnat in-interface=ether5 log-prefix=macin
/interface bridge port
add bridge=b4 broadcast-flood=no hw=no interface=ether4_ learn=no unknown-multicast-flood=no unknown-unicast-flood=no
add bridge=b5 broadcast-flood=no hw=no interface=ether5 learn=no unknown-multicast-flood=no unknown-unicast-flood=no
only that is in log (I srcnated output too to 8.8.8.2):
09:38:55 firewall,info macin dstnat: in:ether5 out:(unknown 0), src-mac ee:ee:ee:00:00:00, dst-mac 6c:3b:6b:75:9d:30, et
h-proto 0800, ICMP (type 8, code 0), 8.8.8.2->8.8.8.3, len 56
any suggestions are welcome please