I have a RB2011.
I have a DSL modem plugged into ether1. It picks up the address 192.168.40.100 from the modem via DHCP.
I have a switch plugged into ether2. ether2 has the static address of 192.168.42.1 and hands out DHCP addresses to production workstations. Traffic between ether1 and ether2 works fine.
I now have a wireless bridge to another site plugged into ether4. ether4 has the static address of 192.168.88.251 and the bridge is at 192.168.88.252.
If I run WinBox and ping the wireless bridge (192.168.88.252) I am successful. If I ping my workstation (192.168.42.99) I am successful. But if I ping from my workstation to the wireless bridge, I am not successful. If I torch ether4 while pinging from my workstation, it appears to me that the wireless bridge is responding to the pings, but the pings don't make it back to my workstation.
What am I missing here?
Thank you for your time,
Dave
Re: I can't figure out how to route between subnets
Hi davecove
U must set a default route(0.0.0.0/0)with dst 192.168.88.251 on bridge device it must be works
good luck body
U must set a default route(0.0.0.0/0)with dst 192.168.88.251 on bridge device it must be works
good luck body
Re: I can't figure out how to route between subnets
Here is more information. 'Inside' is ether2 and again, I am trying to route between ether2 and ether4. From 192.168.42.99 on ether2 I can ping 192.168.88.251 (ether4 itself), but not 192.168.88.252 attached to ether4.
ros code
/interface bridge port> pri # INTERFACE BRIDGE PRIORITY PATH-COST HORIZON 0 ether2 bridge-local 0x80 10 none 1 ether3 bridge-local 0x80 10 none 2 ether4 bridge-local 0x80 10 none 3 I ether5 bridge-local 0x80 10 none 4 I ether6-master-local bridge-local 0x80 10 none 5 Wireless bridge-local 0x80 10 none
ros code
/ip route> pri # DST-ADDRESS PREF-SRC GATEWAY DISTANCE 0 ADS 0.0.0.0/0 192.168.40.1 0 1 S 0.0.0.0/0 ether4 1 2 ADC 192.168.1.0/24 192.168.1.1 bridge-local 0 3 ADC 192.168.40.0/24 192.168.40.100 ether1 0 4 ADC 192.168.42.0/24 192.168.42.1 bridge-local 0 5 ADC 192.168.88.0/24 192.168.88.251 bridge-local 0
ros code
/ip address> pri
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 ;;; default configuration
192.168.42.1/24 192.168.42.0 Wireless
1 192.168.1.1/24 192.168.1.0 ether3
2 192.168.88.251/24 192.168.88.0 ether4
3 D 192.168.40.100/24 192.168.40.0 ether1Re: I can't figure out how to route between subnets
the main problem is for your bridgeHere is more information. 'Inside' is ether2 and again, I am trying to route between ether2 and ether4. From 192.168.42.99 on ether2 I can ping 192.168.88.251 (ether4 itself), but not 192.168.88.252 attached to ether4.
ros code
/interface bridge port> pri # INTERFACE BRIDGE PRIORITY PATH-COST HORIZON 0 ether2 bridge-local 0x80 10 none 1 ether3 bridge-local 0x80 10 none 2 ether4 bridge-local 0x80 10 none 3 I ether5 bridge-local 0x80 10 none 4 I ether6-master-local bridge-local 0x80 10 none 5 Wireless bridge-local 0x80 10 noneros code
/ip route> pri # DST-ADDRESS PREF-SRC GATEWAY DISTANCE 0 ADS 0.0.0.0/0 192.168.40.1 0 1 S 0.0.0.0/0 ether4 1 2 ADC 192.168.1.0/24 192.168.1.1 bridge-local 0 3 ADC 192.168.40.0/24 192.168.40.100 ether1 0 4 ADC 192.168.42.0/24 192.168.42.1 bridge-local 0 5 ADC 192.168.88.0/24 192.168.88.251 bridge-local 0ros code
/ip address> pri Flags: X - disabled, I - invalid, D - dynamic # ADDRESS NETWORK INTERFACE 0 ;;; default configuration 192.168.42.1/24 192.168.42.0 Wireless 1 192.168.1.1/24 192.168.1.0 ether3 2 192.168.88.251/24 192.168.88.0 ether4 3 D 192.168.40.100/24 192.168.40.0 ether1
split bridges and let the router works in L3 in which way that u instaal routes will broke and wont works fine
plus change the connction of internet from pppoe on modem to bridge and create a pppoe on RB to manage smoothly
Re: I can't figure out how to route between subnets
What do you mean by "split bridges and let the router works in L3"
Re: I can't figure out how to route between subnets
u create one bridge and all ports are in it this means all traffic will calulate in L2 and the ip addresses on these ports actually is on bridge! but when u give the ip address to one eth that isnt in bridge it means the port is working on L3What do you mean by "split bridges and let the router works in L3"
Re: I can't figure out how to route between subnets
How do I implement 'split bridges'?
Dave
Dave
Re: I can't figure out how to route between subnets
Remove the interfaces from the bridge. Is there a reason they are on a bridge?
edit: Your listings of /ip address and /ip route above don't match. Have you done some editing of the settings in /ip address? The interface in /ip address and the gateway for that subnet in /ip route should match.
edit: Your listings of /ip address and /ip route above don't match. Have you done some editing of the settings in /ip address? The interface in /ip address and the gateway for that subnet in /ip route should match.
Re: I can't figure out how to route between subnets
"Is there a reason they are on a bridge?"
Why would they not be on a bridge together? Don't I want them bridged so that the traffic flows between them?
I had been reading this: https://www.mikrotik.com/testdocs/ros/2 ... bridge.php
Why would they not be on a bridge together? Don't I want them bridged so that the traffic flows between them?
I had been reading this: https://www.mikrotik.com/testdocs/ros/2 ... bridge.php
Re: I can't figure out how to route between subnets
If you want the interfaces on a bridge for a reason, that is fine, but the ip address/subnet must be assigned to the bridge, not an interface on that bridge.
I recommend removing all interfaces from the bridge, removing all but the ip/subnet you connect to the router with, and start over by adding the new ip/subnet to each interface.
Here are my entries for /ip address and /ip route. Note how the interface in /ip address matches the gateway in /ip route for each subnet. I obfuscated the public ip with xx.xx.xx.xx for security.
I recommend removing all interfaces from the bridge, removing all but the ip/subnet you connect to the router with, and start over by adding the new ip/subnet to each interface.
Here are my entries for /ip address and /ip route. Note how the interface in /ip address matches the gateway in /ip route for each subnet. I obfuscated the public ip with xx.xx.xx.xx for security.
Code: Select all
[admin@test] /ip address> pri
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 xx.xx.xx.xxx/27 xx.xx.xx.xx ether1
1 192.168.1.1/24 192.168.1.0 ether2
2 192.168.2.1/24 192.168.2.0 ether3
3 192.168.0.1/24 192.168.0.0 wlan1
[admin@test] /ip address>
Code: Select all
[admin@test] /ip route> pri
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 xx.xx.xx.xxx 1
1 ADC xx.xx.xx.xxx/27 xx.xx.xx.xx ether1 0
2 ADC 192.168.0.0/24 192.168.0.1 wlan1 0
3 ADC 192.168.1.0/24 192.168.1.1 ether2 0
4 DC 192.168.2.0/24 192.168.2.1 ether3 255
[admin@test] /ip route>
-
-
petrsimunek
just joined
- Posts: 2
- Joined:
Re: I can't figure out how to route between subnets
Hi MikroTik gurus. 
I am a newbie to routerOS and Mikrotiks, but I have the same problem as davecove.
I followed this thread, but with no success.
I have RB750 with 6.20 fw.
Three subnets,
10.0.1.0/24
10.0.2.0/24
10.0.3.0/24
I set addresses, dhcp servers and the routes has been created, but still, everyone in those subnets can reach the internet, but they can not see each other. ie my workstation has IP address 10.0.1.51, but can not ping machine on 10.0.3.49.
Here is /ip address
Here is /ip route
I have no bridge set on this device.
But I have noticed, that there is some default firewall settings. Could be the probleme there?
Thank you, as I said, I am complete newbie.
I also attached the config file from my RB750.
I am a newbie to routerOS and Mikrotiks, but I have the same problem as davecove.
I followed this thread, but with no success.
I have RB750 with 6.20 fw.
Three subnets,
10.0.1.0/24
10.0.2.0/24
10.0.3.0/24
I set addresses, dhcp servers and the routes has been created, but still, everyone in those subnets can reach the internet, but they can not see each other. ie my workstation has IP address 10.0.1.51, but can not ping machine on 10.0.3.49.
Here is /ip address
Code: Select all
[admin@MikroTik] /ip address> pri
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 ;;; simunkovi
10.0.1.1/24 10.0.1.0 ether2-simunkovi
1 ;;; janeckovi
10.0.2.1/24 10.0.2.0 ether3-janeckovi
2 ;;; tukan
10.0.3.1/24 10.0.3.0 ether4-tukan
3 D 192.168.88.213/24 192.168.88.0 ether1-gateway
Code: Select all
[admin@MikroTik] /ip route> pri
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 192.168.88.1 1
1 ADC 10.0.1.0/24 10.0.1.1 ether2-simunkovi 0
2 DC 10.0.2.0/24 10.0.2.1 ether3-janeckovi 255
3 ADC 10.0.3.0/24 10.0.3.1 ether4-tukan 0
4 ADC 192.168.88.0/24 192.168.88.213 ether1-gateway 0
But I have noticed, that there is some default firewall settings. Could be the probleme there?
Code: Select all
[admin@MikroTik] /ip firewall filter> pri
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; default configuration
chain=input action=accept connection-state=established log=no
log-prefix=""
1 ;;; default configuration
chain=input action=accept protocol=icmp log=no log-prefix=""
2 ;;; default configuration
chain=input action=accept connection-state=related log=no log-prefix=""
3 ;;; default configuration
chain=input action=drop in-interface=ether1-gateway log=no log-prefix=""
I also attached the config file from my RB750.
You do not have the required permissions to view the files attached to this post.
-
-
petrsimunek
just joined
- Posts: 2
- Joined:
Re: I can't figure out how to route between subnets
Hi MikroTik gurus.
I am a newbie to routerOS and Mikrotiks, but I have the same problem as davecove.
I followed this thread, but with no success.
I have RB750 with 6.20 fw.
Three subnets,
10.0.1.0/24
10.0.2.0/24
10.0.3.0/24
I set addresses, dhcp servers and the routes has been created, but still, everyone in those subnets can reach the internet, but they can not see each other. ie my workstation has IP address 10.0.1.51, but can not ping machine on 10.0.3.49.
Here is /ip address
Here is /ip route
I have no bridge set on this device.
But I have noticed, that there is some default firewall settings. Could be the probleme there?
Thank you, as I said, I am complete newbie.
I also attached the config file from my RB750.
I am a newbie to routerOS and Mikrotiks, but I have the same problem as davecove.
I followed this thread, but with no success.
I have RB750 with 6.20 fw.
Three subnets,
10.0.1.0/24
10.0.2.0/24
10.0.3.0/24
I set addresses, dhcp servers and the routes has been created, but still, everyone in those subnets can reach the internet, but they can not see each other. ie my workstation has IP address 10.0.1.51, but can not ping machine on 10.0.3.49.
Here is /ip address
Code: Select all
[admin@MikroTik] /ip address> pri
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 ;;; simunkovi
10.0.1.1/24 10.0.1.0 ether2-simunkovi
1 ;;; janeckovi
10.0.2.1/24 10.0.2.0 ether3-janeckovi
2 ;;; tukan
10.0.3.1/24 10.0.3.0 ether4-tukan
3 D 192.168.88.213/24 192.168.88.0 ether1-gateway
Code: Select all
[admin@MikroTik] /ip route> pri
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 192.168.88.1 1
1 ADC 10.0.1.0/24 10.0.1.1 ether2-simunkovi 0
2 DC 10.0.2.0/24 10.0.2.1 ether3-janeckovi 255
3 ADC 10.0.3.0/24 10.0.3.1 ether4-tukan 0
4 ADC 192.168.88.0/24 192.168.88.213 ether1-gateway 0
But I have noticed, that there is some default firewall settings. Could be the probleme there?
Code: Select all
[admin@MikroTik] /ip firewall filter> pri
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; default configuration
chain=input action=accept connection-state=established log=no
log-prefix=""
1 ;;; default configuration
chain=input action=accept protocol=icmp log=no log-prefix=""
2 ;;; default configuration
chain=input action=accept connection-state=related log=no log-prefix=""
3 ;;; default configuration
chain=input action=drop in-interface=ether1-gateway log=no log-prefix=""
I also attached the config file from my RB750.
You do not have the required permissions to view the files attached to this post.