Community discussions

MUM Europe 2020
 
qwertybum
just joined
Topic Author
Posts: 5
Joined: Wed Aug 17, 2016 5:44 pm

Please check my setup

Wed Oct 19, 2016 4:14 pm

I'm experiencing some issues with my home setup which is mainly intermittent episodes of high latency and then minimal latency, but also my laptop not receiving an IP address from the bridged network. My setup is basically a RB2011UiAS-2HnD-IN powering a SXT Lite5 from the PoE port. There's another SXT Lite5 300m away hooked up to a generic router.
ping 8.8.8.8 -I wlp3s0 -dv
...
From 192.168.88.X: icmp_seq=2 Redirect Host(New nexthop: 192.168.0.1)
From 192.168.88.X: icmp_seq=3 Redirect Host(New nexthop: 192.168.0.1)
From 192.168.88.X icmp_seq=2 Destination Host Unreachable
From 192.168.88.X icmp_seq=3 Destination Host Unreachable
From 192.168.88.X: icmp_seq=4 Redirect Host(New nexthop: 192.168.0.1)
(Note: this is not a paste from the terminal; I'm using my memory hence the "X")

I have also seen this:
ping 8.8.8.8 -I wlp3s0 -dv
...
64 bytes from 8.8.8.8: icmp_seq=454 ttl=60 time=208 ms
64 bytes from 8.8.8.8: icmp_seq=456 ttl=60 time=147 ms
Warning: time of day goes back (-72508us), taking countermeasures.
Warning: time of day goes back (-72438us), taking countermeasures.
64 bytes from 8.8.8.8: icmp_seq=457 ttl=60 time=0.000 ms
64 bytes from 8.8.8.8: icmp_seq=459 ttl=60 time=558 ms
64 bytes from 8.8.8.8: icmp_seq=460 ttl=60 time=184 ms
Here's the configuration of the RB2011:
# oct/19/2016 12:37:41 by RouterOS 6.28
# software id = 2U21-M0L9
#
/interface bridge
add admin-mac=4C:5E:0C:XX:XX:XX auto-mac=no name=bridge-local
/interface ethernet
set [ find default-name=ether1 ] name=ether1-gateway
set [ find default-name=ether2 ] name=ether2-master-local
set [ find default-name=ether3 ] master-port=ether2-master-local name=\
    ether3-slave-local
set [ find default-name=ether4 ] master-port=ether2-master-local name=\
    ether4-slave-local
set [ find default-name=ether5 ] master-port=ether2-master-local name=\
    ether5-slave-local
set [ find default-name=ether6 ] name=ether6-master-local
set [ find default-name=ether7 ] master-port=ether6-master-local name=\
    ether7-slave-local
set [ find default-name=ether8 ] master-port=ether6-master-local name=\
    ether8-slave-local
set [ find default-name=ether9 ] master-port=ether6-master-local name=\
    ether9-slave-local
set [ find default-name=ether10 ] master-port=ether6-master-local name=\
    ether10-slave-local
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=11 band=2ghz-b/g/n country=\
    "united kingdom" disabled=no distance=indoors frequency=auto \
    frequency-mode=regulatory-domain l2mtu=2290 mode=ap-bridge ssid=XXXYYY \
    wireless-protocol=802.11
/ip neighbor discovery
set ether1-gateway discover=no
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
add name=wifi ranges=192.168.87.10-192.168.87.254
add name=mgmt ranges=192.168.0.2-192.168.0.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge-local name=default
add address-pool=mgmt disabled=no interface=ether1-gateway name=mgmt
/port
set 0 name=serial0
/tool user-manager customer
set admin access=\
    own-routers,own-users,own-profiles,own-limits,config-payment-gw
/interface bridge port
add bridge=bridge-local interface=ether2-master-local
add bridge=bridge-local interface=ether6-master-local
add bridge=bridge-local interface=sfp1
add bridge=bridge-local interface=wlan1
/ip address
add address=192.168.88.1/24 comment="default configuration" interface=\
    bridge-local network=192.168.88.0
add address=192.168.87.1/32 disabled=yes interface=ether2-master-local \
    network=255.255.255.0
add address=192.168.1.2/32 interface=ether1-gateway network=255.255.255.0
/ip dhcp-client
add comment="default configuration" dhcp-options=hostname,clientid interface=\
    ether1-gateway
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
    interface=ether10-slave-local
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1
add address=192.168.88.0/24 comment="default configuration" gateway=\
    192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip dns static
add address=192.168.87.1 name=router
/ip firewall filter
add chain=input comment="default configuration" disabled=yes protocol=icmp
add chain=input comment="default configuration" connection-state=\
    established,related disabled=yes
add action=drop chain=input comment="default configuration" disabled=yes \
    in-interface=ether1-gateway
add chain=forward comment="default configuration" connection-state=\
    established,related disabled=yes
add action=drop chain=forward comment="default configuration" \
    connection-state=invalid disabled=yes
add action=drop chain=forward comment="default configuration" \
    connection-nat-state=!dstnat connection-state=new disabled=yes \
    in-interface=ether1-gateway
add chain=output disabled=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" \
    out-interface=ether1-gateway
/romon port
add disabled=no
/system clock
set time-zone-name=Europe/London
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set bridge-local disabled=yes display-time=5s
set wlan1 disabled=yes display-time=5s
set sfp1 disabled=yes display-time=5s
set ether1-gateway disabled=yes display-time=5s
set ether2-master-local disabled=yes display-time=5s
set ether3-slave-local disabled=yes display-time=5s
set ether4-slave-local disabled=yes display-time=5s
set ether5-slave-local disabled=yes display-time=5s
set ether6-master-local disabled=yes display-time=5s
set ether7-slave-local disabled=yes display-time=5s
set ether8-slave-local disabled=yes display-time=5s
set ether9-slave-local disabled=yes display-time=5s
set ether10-slave-local disabled=yes display-time=5s
/system ntp client
set enabled=yes primary-ntp=109.74.206.120 secondary-ntp=85.119.80.232
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=ether2-master-local
add interface=ether3-slave-local
add interface=ether4-slave-local
add interface=ether5-slave-local
add interface=ether6-master-local
add interface=ether7-slave-local
add interface=ether8-slave-local
add interface=ether9-slave-local
add interface=ether10-slave-local
add interface=sfp1
add interface=wlan1
add interface=bridge-local
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether2-master-local
add interface=ether3-slave-local
add interface=ether4-slave-local
add interface=ether5-slave-local
add interface=ether6-master-local
add interface=ether7-slave-local
add interface=ether8-slave-local
add interface=ether9-slave-local
add interface=ether10-slave-local
add interface=sfp1
add interface=wlan1
add interface=bridge-local
/tool user-manager database
set db-path=user-manager
Can anyone diagnose the problem?
 
qwertybum
just joined
Topic Author
Posts: 5
Joined: Wed Aug 17, 2016 5:44 pm

Re: Please check my setup

Thu Oct 20, 2016 4:42 pm

Short attention span much anyone?
 
User avatar
nickshore
Member
Member
Posts: 473
Joined: Thu Mar 03, 2005 4:14 pm
Location: Suffolk, UK.
Contact:

Re: Please check my setup

Thu Oct 20, 2016 4:47 pm

You need to work on the problem, by breaking it down into separate parts.

eg you mention a PtP link using SXTs, is this reliable can you ping end to end, what are the settings on it etc

Then once you have proved the wireless link is ok, can you then ping from the RB across to the other router ?

Then look at the signal from the laptop to the 2011, does that work reliably ?

Also if the other router is just providing a DSL connection why not put it in bridge mode and use a pppoe client on the 2011.

It may help to provide a diagram, what is very clear to you may not be clear to someone else...

Nick
Nick Shore MTCNA MTCWE MTCRE MTCINE MTCTCE
LinITX.com - MultiThread Consultants
Get your MikroTik RBs and Training: http://linitx.com/brand/mikrotik
Official UK MikroTik Distributor
IRC chan: #routerboard on irc.z.je (IPv4 and IPv6)
 
User avatar
nest
Forum Veteran
Forum Veteran
Posts: 817
Joined: Tue Feb 27, 2007 1:52 am
Location: UK
Contact:

Re: Please check my setup

Thu Oct 20, 2016 5:27 pm

You have so many mistakes in your config it's hard to know where to start. But I'll try.

You have based your config on the factory default one. The factory default config bridges ethers2 and 6 into a bridge interface called bridge-local. In turn, ethers 3, 4 and 5 are switch slaved to ether2 and ethers 7, 8, 9, 10 are switch slaved to ether6. Therefore all the gigabit and fast ethernet ports from 2 to 10 are all in one L2 bridged network.

You have an IP Pool for "wifi" which contains the broadcast network 192.168.87.0/24 and you have assigned the IP address 192.168.87.1 to ether2-master-local. I admit it is disabled, but if you want to assign that IP as a gateway for your local L2 bridged network, then that IP must be assigned to the bridge interface, not one of it's ports.

You have also assigned the IP to ether2-master-local as a /32 IP address. Correct this to /24 if you intend using it. (After moving it to bridge-local)
You have also assigned an IP of 192.168.1.2/32 to ether1-gateway, yet you have a dhcp-client on ether1-gateway as well. Either use the DHCP Client or change the IP to a valid one, e.g. 192.168.1.2/24.

You have added a dhcp-client to ether10-slave-local. As noted above, ether10-slave-local is in the bridge, bridge-local. You can't have a dhcp-client on an interface that is a port of a bridge. Any dhcp-client will need to be on the bridge. Exceptof course, there is also a DHCP-Server on the bridge interface! I suspect the dhcp-client on ether10-slave-local needs to be removed.

You have added a network of 192.168.1.0/24 to the dhcp server. Remove this.

You have modified the firewall filter rules by disabling the default rules in the input and forward chains. Re-enable them

You appear to have added the User manager package. Remove it unless you really want to run that service. You may also have other un-necessary packages you have installed. You only need the main top level routeros package with all it's sub-packages listed underneath it. E.g. 'advanced-tools, dhcp, ppp, security, system, wireless. All the rest are optional. You do not need mpls, hotspot, ipv6 unless you are actually needing them and you don't need 'routing' if for example, you're not going to be using OSPF, RIP or BGP as normal standard simple routing is all carried out within the system package.

Finally there is something not right about the date/time on your PC. "Warning: time of day goes back (-72508us), taking countermeasures."
Ron Touw - Mikrotik Certified Trainer
LinITX.com - MultiThread Consultants
Get your MikroTik RBs and Training: http://linitx.com/category/166
Largest Official UK MikroTik Distributor
IRC channel: #routerboard on irc.z.je (IPv4), 6.irc.z.je (IPv6)

Who is online

Users browsing this forum: Baidu [Spider], jordan8080 and 60 guests