Hello,
I'm getting an interface warning "ethernet2: bridge port received packet with own address as source address, probably loop". Does any know how to trouble shoot this? I cant find any relative information about this on the net. I'm using RB2011UiAS-2HnD. It appears to be happening exactly 60 seconds apart. Ethernet2 is master port for Eth3,4,5. It is Slave to my lan Bridge. Bridge is also mapped to Eth6 and WLAN. ETH2 seems to have Role of root port. I'm not sure if this is correct. Thanks in advance.
Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?
Hope its not too must script to go through:
Code: Select all
# jun/26/2015 18:14:09 by RouterOS 6.29.1
# software id = K9L3-THMQ
#
/interface bridge
add arp=proxy-arp name=LAN/BRIDGE
/interface ethernet
set [ find default-name=ether2 ] name=LAN/ETH2
set [ find default-name=ether3 ] arp=proxy-arp master-port=LAN/ETH2 name=\
LAN/ETH3
set [ find default-name=ether4 ] arp=proxy-arp master-port=LAN/ETH2 name=\
LAN/ETH4
set [ find default-name=ether5 ] arp=proxy-arp master-port=LAN/ETH2 name=\
LAN/ETH5
set [ find default-name=ether6 ] name=LAN/ETH6
set [ find default-name=ether7 ] arp=proxy-arp master-port=LAN/ETH6 name=\
LAN/ETH7
set [ find default-name=ether8 ] arp=proxy-arp master-port=LAN/ETH6 name=\
LAN/ETH8
set [ find default-name=ether9 ] arp=proxy-arp master-port=LAN/ETH6 name=\
LAN/ETH9
set [ find default-name=ether10 ] arp=proxy-arp master-port=LAN/ETH6 name=\
LAN/ETH10
set [ find default-name=sfp1 ] name=NONE/SFP
set [ find default-name=ether1 ] name=WAN/ETH1
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
mode=dynamic-keys supplicant-identity=MikroTik
add authentication-types=wpa-psk,wpa2-psk eap-methods="" group-ciphers=\
tkip,aes-ccm mode=dynamic-keys name=WIFI/SECURITY supplicant-identity="" \
unicast-ciphers=tkip,aes-ccm
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=\
20/40mhz-ht-above country=bulgaria disabled=no frequency=auto l2mtu=2290 \
mode=ap-bridge name=WIFI/WLAN security-profile=WIFI/SECURITY ssid=\
Brolin-WIFI wireless-protocol=802.11
/ip pool
add name=dhcp ranges=192.168.168.30-192.168.168.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=LAN/BRIDGE name=DHCP/SERVER
/port
set 0 name=serial0
/ppp profile
set [ find name=default ] name=default
set [ find name=default-encryption ] name=default-encryption
/interface bridge port
add bridge=LAN/BRIDGE interface=LAN/ETH2
add bridge=LAN/BRIDGE interface=LAN/ETH6
add bridge=LAN/BRIDGE interface=WIFI/WLAN
/ip address
add address=192.168.168.1/24 comment=LAN interface=LAN/BRIDGE network=\
192.168.168.0
add address=96.86.191.125/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.124/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.116/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.119/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.121/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.122/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.123/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.120/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.115/28 comment="One-To-One NETMAP" interface=WAN/ETH1 \
network=96.86.191.112
add address=96.86.191.114/28 comment="DHCP Preffered" interface=WAN/ETH1 \
network=96.86.191.112
add address=96.86.191.117/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.118/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.126/28 interface=WAN/ETH1 network=96.86.191.112
/ip dhcp-server network
add address=192.168.168.0/24 dns-server=95.87.194.4,95.87.255.194 gateway=\
192.168.168.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=95.87.194.4,95.87.255.194
/ip firewall filter
add action=drop chain=input comment="Disallow weird packets" \
connection-state=invalid
add chain=input comment="Allow LAN access to the router itself" \
connection-state=new in-interface=LAN/BRIDGE
add chain=input comment=" ^^ that originated from LAN" connection-state=\
established
add chain=input comment=" ^^ that originated from LAN" connection-state=\
related
add chain=input comment="Allow ping ICMP from anywhere" protocol=icmp
add chain=input comment="Allow Winbox" dst-address=96.86.191.114 dst-port=\
8291 in-interface=WAN/ETH1 protocol=tcp
add chain=input comment="Allow Ports to WEBSERVER" dst-address=96.86.191.115 \
dst-port=80,443,3389 in-interface=WAN/ETH1 protocol=tcp
add chain=input comment="Allow Ports to DEVSERVER" dst-address=96.86.191.120 \
dst-port=3306,3389,8443 in-interface=WAN/ETH1 protocol=tcp
add chain=input comment="Allow Ports to SVETLOZAR-PC" dst-address=\
96.86.191.118 dst-port=80,443,3389,8080,8443 in-interface=WAN/ETH1 \
protocol=tcp
add chain=input comment="Allow Ports to CHORO-LP" dst-address=96.86.191.123 \
dst-port=80,443,3389 in-interface=WAN/ETH1 protocol=tcp
add action=drop chain=input comment=\
"Disallow anything from anywhere on any interface"
add action=drop chain=forward comment="Disallow weird packets" \
connection-state=invalid disabled=yes
add chain=forward comment="Allow LAN access to move through the router" \
connection-state=new disabled=yes in-interface=LAN/BRIDGE
add chain=forward comment=" ^^ that originated from LAN" connection-state=\
established disabled=yes
add chain=forward comment=" ^^ that originated from LAN" connection-state=\
related disabled=yes
add action=drop chain=forward comment=\
"Disallow anything from anywhere on any interface" disabled=yes
/ip firewall nat
add action=dst-nat chain=dstnat comment="One-To-One NETMAP" dst-address=\
96.86.191.115 dst-port=80,443,3389 in-interface=WAN/ETH1 protocol=tcp \
to-addresses=192.168.168.15
add action=dst-nat chain=dstnat dst-address=96.86.191.116 in-interface=\
WAN/ETH1 to-addresses=192.168.168.16
add action=dst-nat chain=dstnat dst-address=96.86.191.117 in-interface=\
WAN/ETH1 to-addresses=192.168.168.17
add action=dst-nat chain=dstnat dst-address=96.86.191.118 dst-port=\
80,443,3389,8080,8443 in-interface=WAN/ETH1 protocol=tcp to-addresses=\
192.168.168.18
add action=dst-nat chain=dstnat dst-address=96.86.191.119 in-interface=\
WAN/ETH1 to-addresses=192.168.168.19
add action=dst-nat chain=dstnat dst-address=96.86.191.120 dst-port=\
3306,3389,8443 in-interface=WAN/ETH1 protocol=tcp to-addresses=\
192.168.168.20
add action=dst-nat chain=dstnat dst-address=96.86.191.121 in-interface=\
WAN/ETH1 to-addresses=192.168.168.21
add action=dst-nat chain=dstnat dst-address=96.86.191.122 in-interface=\
WAN/ETH1 to-addresses=192.168.168.22
add action=dst-nat chain=dstnat dst-address=96.86.191.123 dst-port=\
80,443,3389 in-interface=WAN/ETH1 protocol=tcp to-addresses=\
192.168.168.23
add action=dst-nat chain=dstnat dst-address=96.86.191.124 in-interface=\
WAN/ETH1 to-addresses=192.168.168.24
add action=dst-nat chain=dstnat dst-address=96.86.191.125 in-interface=\
WAN/ETH1 to-addresses=192.168.168.25
add action=dst-nat chain=dstnat dst-address=96.86.191.126 in-interface=\
WAN/ETH1 to-addresses=192.168.168.26
add action=src-nat chain=srcnat src-address=192.168.168.15 to-addresses=\
96.86.191.115
add action=src-nat chain=srcnat src-address=192.168.168.16 to-addresses=\
96.86.191.116
add action=src-nat chain=srcnat src-address=192.168.168.17 to-addresses=\
96.86.191.117
add action=src-nat chain=srcnat src-address=192.168.168.18 to-addresses=\
96.86.191.118
add action=src-nat chain=srcnat src-address=192.168.168.19 to-addresses=\
96.86.191.119
add action=src-nat chain=srcnat src-address=192.168.168.20 to-addresses=\
96.86.191.120
add action=src-nat chain=srcnat src-address=192.168.168.21 to-addresses=\
96.86.191.121
add action=src-nat chain=srcnat src-address=192.168.168.22 to-addresses=\
96.86.191.122
add action=src-nat chain=srcnat src-address=192.168.168.23 to-addresses=\
96.86.191.123
add action=src-nat chain=srcnat src-address=192.168.168.24 to-addresses=\
96.86.191.124
add action=src-nat chain=srcnat src-address=192.168.168.25 to-addresses=\
96.86.191.125
add action=src-nat chain=srcnat src-address=192.168.168.26 to-addresses=\
96.86.191.126
add action=masquerade chain=srcnat comment="Default Masquerade Rule for LAN" \
out-interface=WAN/ETH1 src-address=192.168.168.2-192.168.168.255
add action=dst-nat chain=dstnat comment="Redirect Ports to WEBSERVER" \
dst-address=96.86.191.115 dst-address-type=local dst-port=80,443,3389 \
protocol=tcp to-addresses=192.168.168.15
add action=dst-nat chain=dstnat comment="Redirect Ports to DEVSERVER" \
dst-address=96.86.191.120 dst-address-type=local dst-port=3306,3389,8443 \
protocol=tcp to-addresses=192.168.168.20
add action=dst-nat chain=dstnat comment="Redirect Ports to SVETLOZAR-PC" \
dst-address=96.86.191.118 dst-address-type=local dst-port=\
80,443,3389,8080,8443 protocol=tcp to-addresses=192.168.168.18
add action=dst-nat chain=dstnat comment="Redirect Ports to CHORO-LP" \
dst-address=96.86.191.123 dst-address-type=local dst-port=80,443,3389 \
protocol=tcp to-addresses=192.168.168.23
add action=masquerade chain=srcnat comment=\
"Masquerade Traffic going to WAN IP of mikrotik from local LAN users" \
dst-port=80,443,3306,3389,8080,8443 out-interface=LAN/BRIDGE protocol=tcp \
src-address=192.168.168.0/24
/ip route
add distance=1 gateway=96.86.191.113
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/lcd
set enabled=no
/system clock
set time-zone-name=Europe/Sofia
/system identity
set name=Brolin-FW
/tool romon port
add disabled=no
Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?
Just to add that there is also nothing physically connected to the Eithernet2 port
Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?
as far as i can see Eth2 is master port, so any port that have eth2 as master is eth2, from software point of view. So packet can arrive to any of those ports.
Usually when you receive packet, it indicates that problem is elsewhere in your network - some kind of loop, so check your network structure.
Also Proxy-arp looks kinda strange there - why do you use it everywhere?
Usually when you receive packet, it indicates that problem is elsewhere in your network - some kind of loop, so check your network structure.
Also Proxy-arp looks kinda strange there - why do you use it everywhere?
Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?
When i was having issues with the router i sent it in for checkup and configuration. They set it to proxy-arp. When i saw it i wondered about it but wasn't sure what it's for and so i left it as is.
I change it to "enabled" and the network wasn't effected in any way.
The Warning is still there
I change it to "enabled" and the network wasn't effected in any way.
The Warning is still there
Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?
Thank you Macgaiver,
I did what you said, i reviewed the entire network by unplugging the cables one by one to narrowing down where the loop is coming from. I narrowed it down to another Mikrotik that is configured to work like a switch. It had "Admin. MAC Address:" for the Bridge set to same address as the interface where i was getting the warning. I removed the address and the warning is gone.
Do you know if it normal for the bridge to have the same mac address as one of the Ethernet ports? It seem to have inherited the mac address from Ethernet 4.
I did what you said, i reviewed the entire network by unplugging the cables one by one to narrowing down where the loop is coming from. I narrowed it down to another Mikrotik that is configured to work like a switch. It had "Admin. MAC Address:" for the Bridge set to same address as the interface where i was getting the warning. I removed the address and the warning is gone.
Do you know if it normal for the bridge to have the same mac address as one of the Ethernet ports? It seem to have inherited the mac address from Ethernet 4.
Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?
Maybe someone exported the config with the bridge and mac admin address set and imported it the other router.
Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?
This is exactly what happen, i learned my lesson to do export instead of loading backup file from another router.
Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?
Is there any other way to detect duplicate mac address?
-
-
angboontiong
Forum Guru
- Posts: 1136
- Joined:
Re:
Changed ether port, disabled other two, same error...My case is that interface spoiled, disable it then problem solved.
Sent from my Che2-L11 using Tapatalk
-
-
angboontiong
Forum Guru
- Posts: 1136
- Joined:
Re: Re:
Changed ether port, disabled other two, same error...My case is that interface spoiled, disable it then problem solved.
Sent from my Che2-L11 using Tapatalk
Do you bridge all the port? or,
Do you master and slave all the port?
unlink the spoiled port (refer to the log which port given problem), then you problem should solve.
Re: Re:
I've all 3 in bridge...unlink the spoiled port (refer to the log which port given problem), then you problem should solve.
Who is online
Users browsing this forum: GoogleOther [Bot] and 101 guests