I try to understand RouterOS and i play around for a while with a vm in virtualbox. At this moment i try bridges. My goal is to bring two interface in one network together. For example PC1(IP:192.168.1.10) on ether1 can talk with PC2(192.168.1.20) on ether2. The bridge which i've configured with this two ports (ether1 and ether2) has the IP 192.168.1.1
Now i try to ping from PC1(192.168.1.10) the PC2(192.168.1.20) but i fail.
My question is now, is my understanding of bridges right and how i bring it to work?
Following you find my RouterOS-Config
jul/20/2013 13:42:49 by RouterOS 6.1
/interface bridge
add arp=reply-only name=bridge1
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
/ip address
add address=192.168.3.1/24 interface=ether3 network=192.168.3.0
add address=192.168.4.1/24 interface=ether4 network=192.168.4.0
add address=192.168.1.1/24 interface=bridge1 network=192.168.1.0
/ip arp
add address=192.168.1.20 interface=bridge1 mac-address=08:00:27:94:10:A3
add address=192.168.3.30 interface=ether3 mac-address=08:00:27:2D:53:38
add address=192.168.1.10 interface=bridge1 mac-address=08:00:27:32:C7:A2PS: Excuse my bad english. My german is better but there is no german forum for RouterOS.
On my first try I have configured the bridge the way you’ve written but the ping is also failed.
By my understanding this setting will only create the arp-entries dynamicly.
I’ve created the Entries manually for better security because by this way I have the control which mac can recieve packets.
Is the bridge for my goal the right way to configure on RouterOS a single network on more than one interface or is there another option (without VLAN)?
on one host each ethernet interface represents one Ethernet subnet. Each subnet should have separate IP network assigned to it as broadcast packets are sent over in one ethernet subnet. If you want to expand ethernet subnet and as the result connects more hosts to it you can use switches, hubs or use a bridge that basically is switch software implementation.
In your case you have done everything correctly by adding bridge and ports to it. As the result hosts on ethernet networks that where on ports added to bridge now are on same broadcast area (ethernet network)
Please note that all of this is OSI layer2. ARP is somewhere between Layer2 and Layer3.
Ok, but in this case I dont understand why it not work.
A Ping from 192.168.1.10 to the Bridge-Default-Gateway 192.168.1.1 gets an answer but a ping from the other pc2 192.168.1.20 to the same Gateway will fail. Both pc’s have a Default-Gateway 192.168.1.1 configured. A Bridge with arp=enabled adds dynamicly the right mac’s of both Hosts to the arp-table.
Can be the virtualization the reason?
Without the Bridge and with two Networks (pc1 in 192.168.1.0 and pc2 in 192.168.2.0) it works fine.
Both firewalls on PC's and RB are deaktivated. So i think that this can not be the problem.
Otherwise the Ping will also get no answer from the PC to the Default-Gateway or reverse.
Hint: I configured the RB only like i posted in my first post in this thread.
That means no firewall, all hosts have static arp-entries (all mac are right) and the test-lab includes a x86-VM-RouterOS 6 with 2 XP (SP2)-VM Clients (without local Firewall) and static Network-Configuration.
It's also funny that the first booted XP-Client can ping the Default-Geateway but not the second. So if pc1 the first, the pc can ping the gateway and pc2 can not. however pc2 ist the first ready booted, this pc2 can ping the gateway and pc1 can not.
I'm a little bit confused about the behavior.
Following i add the arp and route output. The layer 2 communication seems to work because the arp entries of both clients will be added dynamicly.
/ip route print
jul/25/2013 9:57: 5 by RouterOS 6.1
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
check settings for other interface in your VM. Check if IP addresses do not have some typo in the network mask, broadcast address etc. Check VM network settings for other interface, maybe interface settings are somehow different.
Interface: 192.168.1.10 — 0x10003
Internet Address Physical Address Type
192.168.1.1 08-00-27-a7-ac-6a dynamic
192.168.1.20 00-00-00-00-00-00 invalidPC2>ping 192.168.1.1
Pinging 192.168.1.1 with 32 bytes of data:
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
PC2>arp -a
Interface: 192.168.1.20 — 0x10003
Internet Address Physical Address Type
192.168.1.1 08-00-27-a7-ac-6a dynamic
192.168.1.10 08-00-27-32-c7-a2 dynamicThe arp-entry of pc2 on the pc1 is invald. Does anybody knows why?
As you can see in my other post is that the arp-table on the RouterOS is correctly.
As i said, the communication between pc1 and pc2 is possible with the configuration without bridges and 2 networks on the same lab-conditions.
but there is no german forum for RouterOS.
For me it seems to be correctly.