Hi all,

I have a setup with RB2011 interconnecting on ETh10 via PoE a Groove A-52HP. As I wanted to manage my DHCP settings centrally, I decided to setup a DHCP server + relay.

My issue is the following:

I have set-up the server on the 2011 and relay on the A-52HP without problems. Any clients connecting wireless on the A-52HP are getting an IP out of the preset range.
The clients however are not getting to the internet.

When I add Eth10 on the RB2011 to my Bridge, the clients can reach the internet but the DHCP server colors red in WINBOX and DHCP relay does not work anymore.

Any ideas ?


Internet ---- Eth6 RB2011 — Eth10 RB2011 — Groove A-52 HP Eth1

really no one ?

Your setup is not fully clear?
How is your network topology on Layer2/3 basis?
Please share your configs and the goal you are trying to achieve.

Rudios,

thanks for taking the time to respond. I will try to clarify

The RB2011:

Switch1(LAN)
E1 Master
2-5 are slaved to1

Switch2
E6 Master WAN-Gateway to internet
7-8 Slaved to 6
9 connected to CRS125
10 connected to Groove A-52HPN E1

Bridge1 ports E1, 9, 10

On the Groove:
E1 connected to E10 of rb2011

Bridge1: WLAN, E1

So all works fine like this. I can reach the internet from the WLAN and the LAN. My issue is when I try to assign a DHCP server to E9 or 10 on the RB2011, so that I can centrally manage the IP pools through a DHCP-relay on the Groove and on the CRS, it goes to status invalid.

[admin@MikroTik RB2011] /ip dhcp-server> print
Flags: X - disabled, I - invalid

NAME INTERFACE RELAY ADDRESS-POOL LEAS

0 I DHCP-2 ether9-GTW_CRS 10.10.2.200 local2-pool 1d
1 DHCP-1 bridge1 local1-pool 1d
2 I DHCP-3 ether10-GTW_Groove 10.10.3.200 local3-pool 1d

When I remove E9 and/or E10 from bridge1 on the RB2011, my DNS servers jump to active

[admin@MikroTik RB2011] /ip dhcp-server> print
Flags: X - disabled, I - invalid

NAME INTERFACE RELAY ADDRESS-POOL LEASE-TIME ADD-ARP

0 DHCP-2 ether9-GTW_CRS 10.10.2.200 local2-pool 1d
1 DHCP-1 bridge1 local1-pool 1d
2 DHCP-3 ether10-GTW_Groove 10.10.3.200 local3-pool 1d

So how can I achieve to be able to activate the DHCP servers without removing E9 & E10 from my bridge or is there another way how I can route them to my WAN interface without passing through the bridge on the RB2011 ?

Hope this clarifies.

Thanks.

You can add function only to a bridge than contains ethernet, not at ethernet on bridge directly.

I am Natting and masquerading my ethernet 6 (WAN interface)

So if the 2 don’t go together how would you solve this then ?

The devices on LAN (ether1), Groove (ether10) and CRS (ether9) must be transparently visible eachother whit same address space like(192.168.0.0/24)?

If NO,
why you need to relay DHCP?

Simply add 3 DHCP server: one on ether1, one on ether9 and one on ether10,
create 3 rules to masquerade all for ether6 (internet exit?)
and assign 3 different pool, one to each DHCP (192.168.1.0/24 - 192.168.2.0/24 - 192.168.3.0/24)

Ok, part of it I already had.

DHCP server 1 10.10.1.0/24 Pool 1 10.10.1.50-60 setup on Bridge1 and now changed to E1 (getting an invalid here now)
DHCP server 2 10.10.2.0/24 Pool 2 10.10.2.50-60 setup on E9
DHCP server 3 10.10.3.0/24 Pool 3 10.10.3.50-60 setup on E10

Now back to your suggestion to Nat and Masq the 3 interfaces

I currently have:
[admin@MikroTik RB2011] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade out-interface=ether6-WAN

How do I set this up for the 3 interfaces ? When I use the in interface to point to E1, 9 or 10, I get an error saying ingoing interface not possible in output and postrouting chains.

You can not use interface name as input, but a IP interval for source, like 10.10.1.0/24