Hello. I hope you are well.

I am having a rather strange problem with my PowerBox when configuring the bridge between the ether2, ether3, ether4 and ether5 interfaces.


My Router has the ether2, ether3 and ether4 ports in a bridge with an assigned IP address without problems. The problem occurs when I add the ether5 interface to the bridge. All the devices that depend on ports 2, 3 and 4 can be seen without any problem, but when I add port 5, I don't see the bridge, I don't have access via IP, I don't have a ping to the bridge address or anything.

Since this router only bridges between other nodes, I need to enable the bridge with ether5 in order to eliminate the mikrotik's CPU usage (it's under 80/85%) for routing but I can't do it because doing so loses IP connectivity with the router.

I can only access it via Romon

feb/23/2023 09:12:14 by RouterOS 6.45.9

#
/ip address
add address=10.1.3.4/24 interface=bridge network=10.1.3.0

/interface bridge
add name=bridge
/interface bridge port
add bridge=bridge interface="03 - PtoPto B"
add bridge=bridge interface="02 - PtoPto C"
add bridge=bridge interface="04 - PtoPto S"
add bridge=bridge disabled=yes interface="05 - PtoPto M"

This is only 1/2 of the story.

Ether5 here now is not a port on the bridge as the port is set to disabled.
In that case ether5 needs it’s own IP address in a different subnet.

If you enable the port on the bridge for ether5 , it’s IP address (ether5 IP address) will also be assigned to the bridge, together with the 10.1.3.4/24
If ether5 is not a port (non existing or disabled) on the bridge, it needs it’s own IP address.
ROS will route between bridge and ether5, by default.
Devices in the bridge subnet and in the different ether5 subnet, will not talk to each other if ether5 is bridged, unless they assign the MT router as the gateway (for routing).

Hello

In this moment, ether5 is disabled in the bridge because if I enable ether5 in the bridge, I loose the access and the other router, with 10.1.3.1/24 can’t see the 10.1.3.4 address.

I have ten years with mikrotik but this it’s incredible because is a simple configuration that doesn’t work!

this moment, ether5 is disabled in the bridge because if I enable ether5 in the bridge, I loose the access and the other router, with 10.1.3.1/24 can’t see the 10.1.3.4 address.

Check your routed networks again.

• bridge is 10.1.3.4/24
• other router is 10.1.3.1/24, connected to which ethernet ???
• if other router is on some ethernet both will see each other (same L2 network) if that ethernet is on the bridge and enabled.
• ether5 has no IP address if not connected to the bridge. No IP traffic will pass here when not connected to the bridge, until some IP address is given to ether5

Possible issues …

• adding a port to the bridge can change the MAC address of the bridge. Set a fixed management MAC address on the bridge if this occurs.
• network loop will stop some port to avoid the loop (with STP or RSTP, or loop detection)
• some device with the same IP is on ether5 as on the other ethernet ports
• when ether5 is not a port on the bridge, the bridge and ether5 must be in a different IP subnet
• a port on the bridge takes the “interface list” membership of the bridge. Ether5 on its own will use it’s own “interface list” memberships.
• Those “interface lists” are often used in the Firewall rules (like the LAN and WAN list, WAN members have no incoming access allowed)

bpwl please send me an email, check my profile.

@anav, done