Hello,
Mikrotik RB4011 router.
I want setup network 192.168.1.1/21 for all ports.
I need dhcp 192.168.1.50-192.168.1.200 on port 1-5, and dhcp 192.168.0.1-192.168.0.254 on ether6 port. Clients from both ranges must discover and access each other.
Now on ether 6 i get ip 192.168.0.254 255.255.255.252 gateway 192.168.1.1 but i cannot ping 192.168.1.1 or any other pc. What i need to setup more?

/ip pool
add name=port1-5 ranges=192.168.1.50-192.168.1.200
add name=port6 ranges=192.168.0.1-192.168.0.254
/ip dhcp-server
add address-pool=port1-5 disabled=no interface=bridge name=port1-5
add address-pool=port6 disabled=no interface=ether6 name=port6
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
/ip address
add address=192.168.1.1/21 comment=defconf interface=ether2 network=\
192.168.0.0
add address=192.168.1.1/21 comment=defconf interface=ether6 network=\
192.168.0.0
/ip dhcp-server network
add address=192.168.0.0/21 dns-server=1.1.1.1 gateway=192.168.1.1 netmask=21

guess you are a little bit out of "usual concept" !?
.
your interfaces are in the same IP-subnet
192.168.1.1/21 is (192.168.0.1 - 192.168.7.254)
so there would be no need to configure different router interfaces
BUT
if you want it like that: .
configure 192.168.1.1/21 on your bridge-interface and 192.168.0.254/30 on ether6
clients on 192.168.1.0/21 can only communicate through proxy-arp to 192.168.0.253/30 (which is the only host in that subnet)
.
guess you would need two dhcp-server instances to provide both networks ( ... and I'm not shure, if it's possible to do that, because the subnets overlap [give it a try])
... your second DHCP-server would have a bold pool with one address (192.168.0.253 ... mask 255.255.255.252, gw 192.168.0.254)
.
but all that, looks not like a promising way to have fun for years to me ... only my opinion
.
better to change from 192.168.0.253-254 to 192.168.8.253-254 ... DHCP on a 'point-to-point'-link is still kinky ... but why not
.

In other words, forget the configuration solution you provided.
What is the requirements.
a. number of different user groups
b. what functionality should they have
c. what access to other group or devices (shared printer etc)
d. internet access?
e. wired and wireless??

With that in mind then a config will fall naturally into place.

all what i need is to have 192.168.1.1/31 subnet and different dhcp ranges on ports.
Bridge port1-5 192.168.1.50-192.168.1.200
Port 6 192.168.1.1-192.168.1.254
Port 7 192.168.2.1-192.168.2.254
All clients see each other, all client can access internet on port1. All clients use same gateway 192.168.1.1.

In other words, forget the configuration solution you provided.
What is the requirements.
a. number of different user groups
b. what functionality should they have
c. what access to other group or devices (shared printer etc)
d. internet access?
e. wired and wireless??

With that in mind then a config will fall naturally into place.

mmh ... without being rude (trying), I can recommend a link:
.
http://www.subnet-calculator.com/
.
you're switching bits very frequently ... which can you bring in networking-devils kitchen very soon
.
so ... if I see this right, you have more a DHCP-problem than a networking problem ?!
.
If you try to lease out different IP-Pools to different groups of clients on the same network, use the dhcp-tools ... there are plenty !!
.
If you're on the warpath with the isc-dhcp-guys, use different networks ... whats the big deal ... bridging is king ! ... routing is cesar !!
.
Maybe you really should explain what you wanna do !
If there is an exposition, where you have to start from ... make a sketch ... and try to show the decent supporters of this very forum what you need to achieve.

... to give my inside pestalozzi a chance ...

All clients see each other, all client can access internet on port1. All clients use same gateway 192.168.1.1

... why in the name of pestalozzi, do these entities need addresses from different pools for ?
... what is the distinguishable criterion for these entities ... hosts ... or machines ?

all what i need is to have 192.168.1.1/31 subnet and different dhcp ranges on ports.
Bridge port1-5 192.168.1.50-192.168.1.200
Port 6 192.168.1.1-192.168.1.254
Port 7 192.168.2.1-192.168.2.254
All clients see each other, all client can access internet on port1. All clients use same gateway 192.168.1.1.

In other words, forget the configuration solution you provided.
What is the requirements.
a. number of different user groups
b. what functionality should they have
c. what access to other group or devices (shared printer etc)
d. internet access?
e. wired and wireless??

With that in mind then a config will fall naturally into place.

All you provided was a regurgitation of the same spew you had in the first post??
If you answer the questions posed, a config that makes sense will be easy to setup and explain.
Trying to come up with a half baked solution when you dont even understand your own functional use case requirement is a waste of everybodys time.

Perhaps adding a diagram to show the physical devices and connectivity may help explain your hopefully new text forthcoming.

I have software that is analyzing , blocking, sniffing traffic based on ip address group. I will connect to different port different departments (i want to have traffic report for all department, not for specific pc)
On bridge there will be 40pc, on port 6 about 200pc, on port 7 about 180pc.

all what i need is to have 192.168.1.1/31 subnet and different dhcp ranges on ports.
Bridge port1-5 192.168.1.50-192.168.1.200
Port 6 192.168.0.1-192.168.0.254
Port 7 192.168.2.1-192.168.2.254
All clients see each other, all client can access internet on port1. All clients use same gateway 192.168.1.1.

In other words, forget the configuration solution you provided.
What is the requirements.
a. number of different user groups
b. what functionality should they have
c. what access to other group or devices (shared printer etc)
d. internet access?
e. wired and wireless??

With that in mind then a config will fall naturally into place.

All you provided was a regurgitation of the same spew you had in the first post??
If you answer the questions posed, a config that makes sense will be easy to setup and explain.
Trying to come up with a half baked solution when you dont even understand your own functional use case requirement is a waste of everybodys time.

Perhaps adding a diagram to show the physical devices and connectivity may help explain your hopefully new text forthcoming.

The problem with your plan is the following: DHCP is a L2 protocol meaning that you can only have one DHCP server per ethernet segment. Which is fine as you plan to segment your network off separate ports of your router. However, devices belonging to same L3 network expect to freely communicate with each other without need for using a gateway. And that doesn't work if uniform L3 network is laid over segmented L2 network (which is what you want to do).

You could pull this off if you configured arp=proxy-arp on all ports involved in your hedonistic scheme ... I'm not sure if that's gonna actually work though, I've never tried it myself.

Beware that it might happen that inter-LAN-segment (intra IP subnet) communication won't be HW-offloaded. In that case you could well save yourself the trouble and segment your LAN into several IP subnets ... because devices from different ethernet segments will communicate over router anyways.

So now you are starting to open up with real information......
You have functional groups called departments.

They are not the problem, you are...........in that you have functional requirement to measure volume of department traffic.
Although this too is vague as it insinuates there is a a problem that is not detailed.

As MKX said, different subnets would permit the above to be done and without attempting to contort the router into something its not really designed to do.
However if all your departments were on their own VLAN, then you could work miracles........

I have software that is analyzing , blocking, sniffing traffic based on ip address group. I will connect to different port different departments (i want to have traffic report for all department, not for specific pc)

Ah, I forgot to add: whatever magic you do, within L2 network (whatever the extent) devices will still communicate between each other directly, ignoring your router/sniffer/whatever and you likely won't see that traffic either. Whatever you do, you'll only able to account traffic passing the routing/sniffing/whatever device.

mkx do you mean if the departments were on their own vlans, and we allowed vlan to vlan traffic, (L3), then we could track that volume??
(smirky smirky, meeting some perhaps vaguely stated requirements)

Device which routes traffic between subnets (e.g. between different VLANs) can of course account that traffic. However, VLANs are only one of ways to separate subnets (another one is having separate physical subnets). But regardless the L2 (or L2.5) technology, as long as there are devices within same subnet which can communicate without traffic passing the accounting device (e.g. via a dumb switch), that traffic can't get accounted. And even proxy-arp doesn't help in this case because the target device can hear the ARP "who has" message and can reply to it ... the worst case would be both real device and sniffer replying to that message and sending device would then probably faint. Or something.

music to my requirements tuned ears!!

I cannot use different subnets because then network discovery is not working, also i dont want to analyze internal traffic. So there is no solution to have one subnet and different dhcp based on port.

So I guess you tried my suggestion in post #10 above and it didn't work?

Sorry you dont have any clue of what you want to do or cannot communicate it so that we can understand.
GLuck!! Peace out.

I cannot use different subnets because then network discovery is not working, also i dont want to analyze internal traffic. So there is no solution to have one subnet and different dhcp based on port.

You cannot control the set of assigned IP addresses based on the bridge port. IP addresses are ISO layer 3. The bridge and all its ports are L2 and for L3 they are just one subnet and one broadcast domain. Any L3 service will work over all ports at once. One DHCP server on the bridge listens to all ports at once. The interfaces connnected to ports are not even full interfaces any more, just "slave" interfaces.

I have no knowledge of parameters that limit the DHCP server address pool to a specific part of this one single L2 broadcast domain.

You want to know on which port a device is connected, based on its IP address, is what I assume.