Community discussions

 
George90
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 50
Joined: Mon Sep 27, 2010 4:50 am

What is wrong with bridges and eoip?

Sat Mar 26, 2016 6:41 pm

Hello,

First device is router that have hotspot server, firewall rules, ...
On Ethernet 6 is connected gigabit switch and there is 2 computers connected to it.

Second device is RB411A, and it's used as AP.
one wireless interface is used for public access, and another wlan (virtual ap) for private access.

They are in brigde with eoip tunnels that ends on first device.

This is config from first device:
/interface bridge
add name=bridge-Djole

/interface ethernet
set [ find default-name=ether6 ] name="ether6 - Kuca"

/interface eoip
add !keepalive mac-address=02:39:FD:85:50:B0 mtu=1500 name="eoip-AP 1" \
    remote-address=192.168.0.6 tunnel-id=1
add !keepalive mac-address=02:4B:AD:A7:9D:BC name="eoip-AP 1 (Djole)" \
    remote-address=192.168.0.6 tunnel-id=15

/interface bridge port
add bridge=bridge-Djole interface="ether6 - Kuca"
add bridge=bridge-Djole interface="eoip-AP 1 (Djole)" path-cost=20
This is config from second device:
/interface bridge
add name=bridge_Djole
add name=bridge_korisnici

/interface eoip
add allow-fast-path=no !keepalive mac-address=02:DC:B2:BA:A9:4E mtu=1500 \
    name=eoip-AP1 remote-address=192.168.0.1 tunnel-id=1
add !keepalive mac-address=02:E1:17:76:D3:4D name=eoip-Djole remote-address=\
    192.168.0.1 tunnel-id=15
	
/interface bridge port
add bridge=bridge_korisnici interface=eoip-AP1
add bridge=bridge_korisnici interface=wlan1
add bridge=bridge_Djole interface="wlan2"
add bridge=bridge_Djole interface=eoip-Djole
Everything that is connected to public and private wlan works without any problems.
LAN computers connected to ether6 doesn't load some sites at all, or at very low speed. When I remove eoip tunnel from bridge on first device, they load all resources as they should.

What can be problem here?
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: What is wrong with bridges and eoip?

Sat Mar 26, 2016 6:54 pm

A diagram (even a hand drawn) will make things easier.
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
jarda
Forum Guru
Forum Guru
Posts: 7604
Joined: Mon Oct 22, 2012 4:46 pm

Sat Mar 26, 2016 6:56 pm

Isn't possible to use vlans instead eoip?
 
George90
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 50
Joined: Mon Sep 27, 2010 4:50 am

Re: What is wrong with bridges and eoip?

Sat Mar 26, 2016 7:18 pm

Here is my hand drawn diagram :D
Office Lens 20160326-181324.jpg
It's possible to use vlans, but bridges (or bridge on first device) will be problem as before...
You do not have the required permissions to view the files attached to this post.
 
pe1chl
Forum Guru
Forum Guru
Posts: 5915
Joined: Mon Jun 08, 2015 12:09 pm

Re: What is wrong with bridges and eoip?

Sat Mar 26, 2016 7:27 pm

Maybe you have issues with the STP protocol?
(e.g. when both incoming connections come via different VLANs of the same switch)
 
IntrusDave
Forum Guru
Forum Guru
Posts: 1290
Joined: Fri May 09, 2014 4:36 am
Location: Rancho Cucamonga, CA

Re: What is wrong with bridges and eoip?

Sat Mar 26, 2016 7:40 pm

I would bet that your MTU changed when you added the EOIP interface to the bridge. While your LAN PC's are using 1500, your bridge likely shrunk to 1480 or less. This will cause almost all https sites to break, and many normal sites.
David Joyce
Network & Security Engineer
Intrus Technologies, LLC.
Rancho Cucamonga, CA, USA
 
George90
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 50
Joined: Mon Sep 27, 2010 4:50 am

Re: What is wrong with bridges and eoip?

Sat Mar 26, 2016 8:36 pm

I used vlan instead eoip tunnel and everything seems ok, so problem is in eoip tunnel or somewhere related to eoip.

When I set bridge mtu to 1492 and eoip mtu to 1472 nothing changed.

It's interesting that eoip tunnel is making problems to traffic that are not passing through it.

Changing stp to stp or none from rstp didn't give any effects.
 
User avatar
pukkita
Trainer
Trainer
Posts: 2982
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: What is wrong with bridges and eoip?

Sat Mar 26, 2016 8:58 pm

What routerboard model is device 1? RouterOS and Firmware versions?
Simplicity is the Ultimate Sophistication - Da Vinci
Getting the most out of this forum
 
IntrusDave
Forum Guru
Forum Guru
Posts: 1290
Joined: Fri May 09, 2014 4:36 am
Location: Rancho Cucamonga, CA

Re: What is wrong with bridges and eoip?

Sat Mar 26, 2016 9:03 pm

It's not right, but try setting both MTUs to 1500.
David Joyce
Network & Security Engineer
Intrus Technologies, LLC.
Rancho Cucamonga, CA, USA
 
George90
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 50
Joined: Mon Sep 27, 2010 4:50 am

Re: What is wrong with bridges and eoip?

Sat Mar 26, 2016 9:10 pm

By default both mtu was 1500, on both sides. I restored original values after testing.

Device 1:
CCR1016-12G
Firmware 3.27
Router OS 6.32.4

Device 2:
RB411A
Firmware 3.24
Router OS 6.34.3
 
User avatar
sunblade
just joined
Posts: 8
Joined: Tue Apr 06, 2010 6:53 pm

Re: What is wrong with bridges and eoip?

Tue Dec 13, 2016 3:11 pm

I have the same or very similar issue.

On "main site" I have bridged Ethernet interface with EoIP tunel, and it is causing problems (probably with MTU). I am using CCR1036 on the main site and RB750G on remote site.

Any idea to resolve this issue? I need to connect remote site with main site with L2.

Tnx
 
pe1chl
Forum Guru
Forum Guru
Posts: 5915
Joined: Mon Jun 08, 2015 12:09 pm

Re: What is wrong with bridges and eoip?

Tue Dec 13, 2016 5:16 pm

When you just set the MTU of the EoIP interface to 1500 it will fragment the large frames on the link.
Not desirable, but in your case probably better than frames that are too large and simply dropped.
In the meantime, plan a network layout change so you don't need EoIP but can use a VPN.
 
ovidiu
just joined
Posts: 11
Joined: Sun Jan 15, 2017 9:28 am

Re: What is wrong with bridges and eoip?

Fri Nov 08, 2019 9:01 pm

I would bet that your MTU changed when you added the EOIP interface to the bridge. While your LAN PC's are using 1500, your bridge likely shrunk to 1480 or less. This will cause almost all https sites to break, and many normal sites.
This was my problem. I set MTU to 1500 for the EOIP interface and problem gone. Before ping and voip was working fine but no internet surfing
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1434
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: What is wrong with bridges and eoip?

Sat Nov 09, 2019 9:04 pm

I would bet that your MTU changed when you added the EOIP interface to the bridge. While your LAN PC's are using 1500, your bridge likely shrunk to 1480 or less. ...

I experienced this before, would you care to elaborate on why this will happen?
MTCNA, MTCTCE, MTCRE & MTCINE
 
sindy
Forum Guru
Forum Guru
Posts: 3906
Joined: Mon Dec 04, 2017 9:19 pm

Re: What is wrong with bridges and eoip?

Sat Nov 09, 2019 9:20 pm

I would bet that your MTU changed when you added the EOIP interface to the bridge. ...
I experienced this before, would you care to elaborate on why this will happen?
Do you ask why the bridge MTU auto-adjusts to the lowest one of its member interfaces' MTUs, or why an MTU smaller than 1500 causes trouble when accessing https servers?
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
Zacharias
Forum Veteran
Forum Veteran
Posts: 737
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: What is wrong with bridges and eoip?

Sat Nov 09, 2019 9:42 pm

The Bridge's actual MTU just changed to the value of it's lowest member.
However we can correct it by changing the Bridge's MTU to 1500 again...
Most sites indeed won't load, not all, because of fragmentation problems caused by the smaller MTU...
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1434
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: What is wrong with bridges and eoip?

Sun Nov 10, 2019 9:46 pm

Do you ask why the bridge MTU auto-adjusts to the lowest one of its member interfaces' MTUs, or why an MTU smaller than 1500 causes trouble when accessing https servers?
i asked why MTU of bridge changes, was not aware that bridge auto adjust to lowest member MTU, but did find the info about an hour after my post
MTCNA, MTCTCE, MTCRE & MTCINE

Who is online

Users browsing this forum: Google [Bot], MSN [Bot] and 122 guests