Community discussions

 
cs1
just joined
Topic Author
Posts: 4
Joined: Tue Apr 24, 2018 7:39 am

dhcp does not appear to traverse my bridge

Wed Apr 25, 2018 6:33 am

I have a pair of SXT G-5HPacD z2 Microtik units set up as a bridge between 2 buildings. Most traffic seems to function just fine, including ARP. However, DHCP requests do not appear to traverse from one side of the bridge to the other.

The network topology is roughly: firewall <-LAN-> microtik PTP Bridge AP <-> microtik PTP Bridge CPE <-LAN-> clients

The DHCP server is the firewall, and clients at the right (the far side of the bridge from the firewall) cannot obtain addresses via DHCP. If I assign manual addresses and routes they have perfect IP connectivity.

If I run a tcpdump on the firewall and also on a laptop client, the client will see normal traffic including ARP and DHCP. The firewall will see normal traffic and ARP but not the DHCP requests. I mention ARP because it uses broadcast ethernet packets like DHCP does.

Is there something basic I should be examining to see why this might be?

There are no firewall rules or DHCP setup on the Microtiks.
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1435
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: dhcp does not appear to traverse my bridge

Wed Apr 25, 2018 1:04 pm


The DHCP server is the firewall, and clients at the right (the far side of the bridge from the firewall) cannot obtain addresses via DHCP. If I assign manual addresses and routes they have perfect IP connectivity.
Quick read of your post and one thing that stands out is that if you have to add routes, then your bridge config is not correct and you will have issues with DHCP
MTCNA, MTCTCE, MTCRE & MTCINE
 
2frogs
Long time Member
Long time Member
Posts: 540
Joined: Fri Dec 03, 2010 1:38 am

Re: dhcp does not appear to traverse my bridge

Wed Apr 25, 2018 5:38 pm

You need to change your wireless settings to AP Bridge and Station WDS. Using just Station all MAC addresses get translated to the MAC of the station. The DHCP server will only assign 1 IP per MAC. This is why statically assigning IP’s work and DHCP doesn’t.

https://wiki.mikrotik.com/wiki/PTP_Link ... Step_Guide
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1435
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: dhcp does not appear to traverse my bridge

Wed Apr 25, 2018 6:27 pm

You need to change your wireless settings to AP Bridge and Station WDS. Using just Station all MAC addresses get translated to the MAC of the station. The DHCP server will only assign 1 IP per MAC. This is why statically assigning IP’s work and DHCP doesn’t.

https://wiki.mikrotik.com/wiki/PTP_Link ... Step_Guide

2frogs, apologies, I am not a wireless expert but I do not agree with that link, in there they are using technology for extending an AP (WDS) for a point to point link which I personally think is fundamentally wrong.

I think a more, correct way will be https://wiki.mikrotik.com/wiki/Bridging ... s_with_SXT
MTCNA, MTCTCE, MTCRE & MTCINE
 
2frogs
Long time Member
Long time Member
Posts: 540
Joined: Fri Dec 03, 2010 1:38 am

Re: dhcp does not appear to traverse my bridge

Wed Apr 25, 2018 8:19 pm

If you read the first paragraph of the link you provided it states there are several ways to accomplish a PtP. Your solution only works for PtP, where as mine would work also for PtMP where there are multiple device at each endpoint. Plus I have not seen a definition of station-bridge, it not in https://wiki.mikrotik.com/wiki/Manual:I ... e/Wireless and I have never used it.
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1435
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: dhcp does not appear to traverse my bridge

Wed Apr 25, 2018 8:36 pm

If you read the first paragraph of the link you provided it states there are several ways to accomplish a PtP. Your solution only works for PtP, where as mine would work also for PtMP where there are multiple device at each endpoint. Plus I have not seen a definition of station-bridge, it not in https://wiki.mikrotik.com/wiki/Manual:I ... e/Wireless and I have never used it.

https://wiki.mikrotik.com/wiki/Manual:W ... tion_Modes
MTCNA, MTCTCE, MTCRE & MTCINE
 
2frogs
Long time Member
Long time Member
Posts: 540
Joined: Fri Dec 03, 2010 1:38 am

Re: dhcp does not appear to traverse my bridge

Wed Apr 25, 2018 9:32 pm

Fair enough, but reading that you see they are “Fundamentally” the same. They serve the same purpose, check the same boxes, and have the same outcome. And I would almost guarantee that at the core the are the same and use the same WDS protocols, but just done more transparently using the bridge/ station-bridge. And contrary to the last sentence on that wiki, station-WDS has more benefits which in my opinion would be best. And I still stand by my solution!

None the less, the OP has 2 viable solutions and can choose either.
 
cs1
just joined
Topic Author
Posts: 4
Joined: Tue Apr 24, 2018 7:39 am

Re: dhcp does not appear to traverse my bridge

Thu Apr 26, 2018 5:26 am


The DHCP server is the firewall, and clients at the right (the far side of the bridge from the firewall) cannot obtain addresses via DHCP. If I assign manual addresses and routes they have perfect IP connectivity.
Quick read of your post and one thing that stands out is that if you have to add routes, then your bridge config is not correct and you will have issues with DHCP
All the hosts on this bridge's LAN are on the same IP network (172.16.3.0/24) - no routes are required between each side and ordinary IP traffic works perfectly, both to local addresses on both sides of the bridges and to external hosts routed via the firewall. Only DHCP seems to be swallowed, not traversing the bridge.
 
cs1
just joined
Topic Author
Posts: 4
Joined: Tue Apr 24, 2018 7:39 am

Re: dhcp does not appear to traverse my bridge

Thu Apr 26, 2018 6:32 am


The DHCP server is the firewall, and clients at the right (the far side of the bridge from the firewall) cannot obtain addresses via DHCP. If I assign manual addresses and routes they have perfect IP connectivity.
Quick read of your post and one thing that stands out is that if you have to add routes, then your bridge config is not correct and you will have issues with DHCP
All the hosts on this bridge's LAN are on the same IP network (172.16.3.0/24) - no routes are required between each side and ordinary IP traffic works perfectly, both to local addresses on both sides of the bridges and to external hosts routed via the firewall. Only DHCP seems to be swallowed, not traversing the bridge.
Just to your "add routes" comment, which I didn't consider closely: the only route added to a client was to the firewall as the default gateway to the internet. The whole thing is one LAN with the same IP network - no routes are used to get to local hosts.
 
cs1
just joined
Topic Author
Posts: 4
Joined: Tue Apr 24, 2018 7:39 am

Re: dhcp does not appear to traverse my bridge

Thu Apr 26, 2018 8:04 am

You need to change your wireless settings to AP Bridge and Station WDS. Using just Station all MAC addresses get translated to the MAC of the station. The DHCP server will only assign 1 IP per MAC. This is why statically assigning IP’s work and DHCP doesn’t.

https://wiki.mikrotik.com/wiki/PTP_Link ... Step_Guide
The issue I'm observing is not that each "right hand" client receives the same IP, as would be the case if MAC addresses were being translated. The issue is that DHCP Request packets that issue from a client on the right hand side DO NOT SHOW UP at the firewall on the left side. Other ethernet broadcast traffic, such as ARP, does cross happily from the right to the left and is seen at the firewall with the correct untranslated original source MAC address.

The right hand Microtik was already "mode=station-wds". After reading:

https://wiki.mikrotik.com/wiki/Manual:W ... tion_Modes

I've changed this to "mode=station-bridge", though from the descriptions on that page I would expect either to work. But lo, now DHCP gets across the bridge.

Can someone explain to me why "station-wds" and "station-bridge" behave differently in this situation?
 
sindy
Forum Guru
Forum Guru
Posts: 3923
Joined: Mon Dec 04, 2017 9:19 pm

Re: dhcp does not appear to traverse my bridge

Thu Apr 26, 2018 12:09 pm

Having not seen your AP's configuration while you were running the
station-wds
mode on the client, I can only speculate.

According to the manual, the difference between the modes is that when a station is running the
station-bridge
mode, at AP side it is still reachable via the common interface which is used to talk to all stations except those running the
station-wds
mode. Each station running the
station-wds
mode causes the AP side to dynamically create an dedicated interface for itself. So the question would be which of the two interfaces (the common one which exists always or the dynamic one which only exists while the
station-wds
client is associated) was made a member of the bridge with the LAN port?
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.

Who is online

Users browsing this forum: No registered users and 135 guests