RB450G + vLan + Dhcp = HELP

2fast4youbr · May 5, 2013, 2:26pm

Hi guys, I am new to Mikrotik world…

I just made my rb450 work and share the internet just fine.

I want know to create some vLans and connect my switch to the mikrotik via trunk port and make the vLans work, each one will have its onw dhcp server with different ip ranges.

I’ve found a couple of tutorial in the internet, but even I am doing exactly as its described, my vLan wont work. The switch part is fine, I have some knowledgement about computers, netwroking, etc… so I think the problmen is on the setup of my mikrotik.

Here is the topology of my network (I have a RB450G - 3.02 / 6.0rc13 - Switch Linksys SRW224G4)

As I said, even following all tutorials that I could find in the internet, this is not working as expected.

If you know a good tutorial, please, share the link, I will appreciate.

Here is the /export of my setup.

How can I check if the problem is in the Mikrotik or in the switch ?[/b] maybe the mikrotik is working and the switch is causing all of this ?

Any port that I’ve setup as vLan10 is getting IP from dhcp server, when should be…

thanks.
/interface ethernet
set 0 name=eth1-Link1
set 1 name=eth2-Link2
set 2 name=eth3-Local-M
set 3 master-port=eth3-Local-M name=eth4-Local-S1
set 4 master-port=eth3-Local-M name=eth5-Local-S2
/ip neighbor discovery
set eth1-Link1 discover=no
set eth2-Link2 discover=no
/interface vlan
add interface=eth3-Local-M l2mtu=1516 name=vlan10-ADM vlan-id=10
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m
/ip pool
add name=Pool-Root ranges=192.168.88.2-192.168.88.10
add name=Pool-ADM ranges=192.168.10.10-192.168.10.50
/ip dhcp-server
add address-pool=Pool-Root disabled=no interface=eth3-Local-M lease-time=1w3d name=Dhcp-Root
add address-pool=Pool-ADM disabled=no interface=vlan10-ADM lease-time=2d name=Dhcp-ADM
/port
set 0 name=serial0
/ip address
add address=192.168.88.1/24 comment=Default interface=eth3-Local-M network=192.168.88.0
add address=192.168.10.1/24 comment=vLan-ADM interface=vlan10-ADM network=192.168.10.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=eth1-Link1
/ip dhcp-server lease
add address=192.168.88.2 client-id=1:f4:ac:c1:29:82:67 mac-address=F4:AC:C1:29:82:67 server=Dhcp-Root
/ip dhcp-server network
add address=192.168.10.0/24 comment=ADM dns-server=192.168.10.1,8.8.8.8,8.8.4.4 gateway=192.168.10.1
add address=192.168.88.0/24 comment=“Root network .88” dns-server=192.168.88.1 gateway=192.168.88.1 netmask=24
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=Root
add address=192.168.10.1 name=ADM
/ip firewall nat
add action=masquerade chain=srcnat out-interface=eth1-Link1
add action=masquerade chain=srcnat src-address=192.168.10.0/24
/tool mac-server
add disabled=no interface=eth3-Local-M
add disabled=no interface=eth4-Local-S1
add disabled=no interface=eth5-Local-S2
add disabled=no interface=vlan10-ADM
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=eth3-Local-M
add interface=eth4-Local-S1
add interface=eth5-Local-S2
add interface=vlan10-ADM
/tool sniffer
set filter-direction=any filter-interface=eth3-Local-M
[admin@MikroTik] >

CelticComms · May 6, 2013, 1:11pm

The VLAN config for VLAN 10 seemed about right. You do not need this:

add action=masquerade chain=srcnat src-address=192.168.10.0/24

You can use Torch on the VLAN 10 interface to see if you are getting any traffic from the switch on that VLAN.

2fast4youbr · May 6, 2013, 1:26pm

Thanks Celtic.

How can I “Tourch” the vlan to track the requests ?

After few changes, I made for my notebook appear in the lease table, but after 30sec it desapears, in the log I get the error “offering lease without success”

cheers

SurferTim · May 6, 2013, 1:34pm

Do you have two dhcp servers on the same physical interface? Last I checked, one will work, and the other will have problems. Or am I wrong?

CelticComms · May 6, 2013, 1:41pm

You might also want to try ROS v5 to rule out some v6 oddity…

2fast4youbr · May 6, 2013, 2:30pm

Surfer, I saw few examples on the net that we can have more then one dhcp server, as I creating one for each vLan, wouldn´t be a problem.

Celtic, why the ROS 5 , did you see something pointing to this ? downgrade would be something that I want to do it as the last option.

cheers

CelticComms · May 6, 2013, 3:20pm

The main problem with running 6 is that most production systems are not running it since it isn’t even a full release yet - so it is harder to isolate your problem.

2fast4youbr · May 6, 2013, 4:37pm

Good point…Do you have a good tutorial to downgrade ?

I will try few things on the switch side first, just found some articles where say that this delay to get the IP could be some wrong configuration… found another one saying that some Macs (OsX) have some problems with Spanning-Tree causing this problem too… I have a old pc notebook, I will try to isolate the problems.

thanks for the help.