I am trying to do something so extremely simple but I just can't get it to work. I recently got hold of a RB2011UiAS-RM and I am trying to configure it so that I have a separate subnet for my home automation project. I followed the steps described; here with some differences, only two subnets and one additional interface. What I am trying to achieve is this:
ETH1 - WAN port bridged to ETH2, DHCP client; my bridged modem connects to this
ETH2 - Master interface at 192.168.1.1/24, network 192.168.1.0
ETH3-ETH5 - Slaves of ETH2
DHCP server for the 192.168.1.100-192.168.1.255 range on ETH2
The above actually works as its more or less the default configuration. So now I am trying to get the following configuration to work on for the home automation subnet;
ETH6 - Master interface set to 10.1.0.1/24, network 10.1.0.0
ETH7-10 - Slaves of ETH6
DHCP server for the 10.1.0.100-10.1.0.255 range on ETH6
I suspect I did something wrong in the routing because when I go to IP > Routes it says the ETH6 interface cannot be reached. Also because of this, I think, the DHCP-server shows up red. This seems such a simple and standard problem but I just can't seem to figure it out. I have moderate networking skills so I figured I couldn't be that hard but after a few evenings I am almost ready to give everything up and use Openwrt. I really hope someone can help me (I can provide configs if necessary) .
-
-
CZFan
Forum Guru
- Posts: 2098
- Joined:
- Location: South Africa, Krugersdorp (Home town of Brad Binder)
- Contact:
Re: Two subnets, two interfaces
Firstly, I will remove Ether1 from the bridge in order to make use of your fiirewall between LAN and Internet and use routing to access the internet.
Make sure Ether6 is enabled and not disabled by accident
Make sure Ether6 is enabled and not disabled by accident
Re: Two subnets, two interfaces
Thanks! I've double checked that Ether6 was enabled but I couldn't get it to work. Instead of removing the bridge I tried to build everything from scratch, it is still not working unfortunately. I hope someone has time to check my config (I'm sure this will be a noob mistake). LAN works with DHCP but the DHCP-server on HA keeps assigning and reassigning IP addresses to the same MAC every second. Edit\ I've moved the ports around a bit so ether1 is wan, ether2 is lan, ether3 is wlan and I now use ether4 for home automation (HA).Firstly, I will remove Ether1 from the bridge in order to make use of your fiirewall between LAN and Internet and use routing to access the internet.
Make sure Ether6 is enabled and not disabled by accident
My config, thanks again to anyone who has time to look at this:
Code: Select all
/interface ethernet
set [ find default-name=ether1 ] comment=WAN
set [ find default-name=ether2 ] comment=LAN
set [ find default-name=ether3 ] comment=WLAN master-port=ether2
set [ find default-name=ether4 ] comment=HA
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=HA ranges=10.1.0.100-10.1.0.255
add name=LAN ranges=192.168.1.100-192.168.1.255
add name=dhcp_pool2 ranges=192.168.1.100-192.168.1.254
/ip dhcp-server
add address-pool=HA disabled=no interface=ether4 lease-time=1d name=HA
add address-pool=LAN disabled=no interface=ether2 lease-time=1d name=LAN \
src-address=192.168.1.1
/ip address
add address=10.1.0.1/24 interface=ether4 network=10.1.0.0
add address=192.168.1.1/24 interface=ether2 network=192.168.1.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server network
add address=10.1.0.0/24 dns-server=10.1.0.1 gateway=10.1.0.1
add address=192.168.1.0/24 dns-server=192.168.1.1 gateway=192.168.1.1
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall filter
add action=drop chain=input dst-port=53 in-interface=ether1 protocol=udp
/ip firewall nat
add action=masquerade chain=srcnat src-address=192.168.1.0/24
/ip route
add distance=1 gateway=ether1
Re: Two subnets, two interfaces [SOLVED]
Good evening!
first of all, get yourself a backup and change the following
/ip pool
add name=LAN ranges=192.168.1.100-192.168.1.255 <--- Change the record to .1.254, 0 & 255 cant be used.
add name=dhcp_pool2 ranges=192.168.1.100-192.168.1.254 <--- Delete this record as you already have it in LAN, second because it's not used from any of your DHCP servers. I suppose you set up a dhcp with the wizard but changed your mind while setting up and didnt finish, yet the pool remained :p
DHCPs, you have one on eth2 (192.168.1.0/24) but the second one runs on eth4, not eth6? Also the eth4 has the ip 10.1.0.1/24 instead of eth6? On your 1st post you write that 3-5 are slaves to 2, 7-10 are slaves of eth6 but the ip is on 4, not 6 I suppose you must change the 3nd DHCP to run on 6 and move ip address from 4 to 6
/ip route, i think that if you run a dhcp client with peer dns checked, there is no need for route as it comes auto from the main DHCP(not in 2011). just disable, no need i think (except if that's the D one created from the client)
/interface ethernet
set [ find default-name=ether4 ] comment=HA <-- is that 4 or 6?
first of all, get yourself a backup and change the following
/ip pool
add name=LAN ranges=192.168.1.100-192.168.1.255 <--- Change the record to .1.254, 0 & 255 cant be used.
add name=dhcp_pool2 ranges=192.168.1.100-192.168.1.254 <--- Delete this record as you already have it in LAN, second because it's not used from any of your DHCP servers. I suppose you set up a dhcp with the wizard but changed your mind while setting up and didnt finish, yet the pool remained :p
DHCPs, you have one on eth2 (192.168.1.0/24) but the second one runs on eth4, not eth6? Also the eth4 has the ip 10.1.0.1/24 instead of eth6? On your 1st post you write that 3-5 are slaves to 2, 7-10 are slaves of eth6 but the ip is on 4, not 6 I suppose you must change the 3nd DHCP to run on 6 and move ip address from 4 to 6
/ip route, i think that if you run a dhcp client with peer dns checked, there is no need for route as it comes auto from the main DHCP(not in 2011). just disable, no need i think (except if that's the D one created from the client)
/interface ethernet
set [ find default-name=ether4 ] comment=HA <-- is that 4 or 6?
Re: Two subnets, two interfaces
Thanks giorgiop! I managed to get it working with your instructions. Yes I changed a lot in between the two posts which makes everything even more confusing. I now just use eth2 and eth4, which works very good.
I have been reading about networks a bit more because there were some things I didn't fully understand yet. I found that compared to openwrt nothing is defined implicitly in RouterOS, this means you really have to understand how networks operate (and the OSI model for example). Together with your help I was able to solve the problem, so thanks again.
I have been reading about networks a bit more because there were some things I didn't fully understand yet. I found that compared to openwrt nothing is defined implicitly in RouterOS, this means you really have to understand how networks operate (and the OSI model for example). Together with your help I was able to solve the problem, so thanks again.
Re: Two subnets, two interfaces
You are welcome 
Good to know that i helped
Good to know that i helped