Community discussions

MikroTik App
 
bbsu
just joined
Topic Author
Posts: 1
Joined: Fri Jul 02, 2021 1:05 pm

DHCP on bridge, only offer on eth1

Thu Jul 08, 2021 12:00 pm

Hello,

is it possible to only offer DHCP on eth1, when the Interfaces wg60 and eth1 are bridged?
And when yes, how?

The Problem is that i need a different subnet on eth1 but still need to access the main network from wg60
If i just setup the DHCP-Server on the bridge then it will also reach into the main network 10.101.0.0/16
so devices on the wg60 site will get an offer from the ether1 Interface.

I know the bridge is the cause of it but i cannot get a working connection from the subnet 10.108.0.0/16 to 10.101.0.0/16 without the bridge.
Is there another solution to route from eth1 to wg60 without bridge?

My Settings so far:

/interface bridge
add name=bridge1
/interface w60g
set [ find ] disabled=no mode=station-bridge name=wlan60-1 region=eu ssid=\
MikroTik-353f1
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=10.108.11.1-10.108.11.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 lease-time=3d name=dhcp1 \
relay=10.108.1.1
/interface bridge port
add bridge=bridge1 interface=wlan60-1
add bridge=bridge1 interface=ether1
/interface list member
add interface=wlan60-1 list=WAN
add interface=ether1 list=LAN
/ip address
add address=10.101.1.10/16 comment=defconf interface=wlan60-1 network=10.101.0.0
add address=10.108.1.1/16 interface=ether1 network=10.108.0.0
/ip dhcp-server network
add address=10.108.0.0/16 dns-server=10.108.1.1,10.101.1.1,8.8.8.8 domain=home.local gateway=10.108.1.1 netmask=16
/ip dns
set allow-remote-requests=yes servers=10.108.1.1,10.101.1.1,8.8.8.8
/ip route
add check-gateway=ping distance=1 gateway=10.101.1.1 pref-src=10.101.1.10
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11439
Joined: Thu Mar 03, 2016 10:23 pm

Re: DHCP on bridge, only offer on eth1  [SOLVED]

Thu Jul 08, 2021 12:15 pm

Since both network subnets (10.108.0.0/16 and 10.101.0.0/16) don't overlap you already need routing between those two subnets. In this case you can ditch the bridge, configure both ports as individual interfaces and allow routing between them. Depending on the rest of network infrastructure some routers may need additional static routes towards the "remote" IP subnet via wg60 as gateway. Another possible pit hole are statefull firewalls, you have to make sure traffic flows via those in both directions (it's easy to construct a routing triangle where traffic in one direction bypasses router/firewall making firewall extremely unhappy).

Who is online

Users browsing this forum: dwnldr and 48 guests