Page 1 of 1

PPPoE Pings and bridge

Posted: Thu Jul 10, 2008 12:20 am
by welan
Hello guys, this is my first post on this board. I have a serious problem with my network!
I have a routerboard with 2 wlan and 1 ethernet.
I will explain my config:
The wlan1 is in bridge mode and it makes a ptp link with another mt.
The wlan2 is in ap bridge mode, here are connected the cpe clients (osbridge in this case) through pppoe server running on the wlan. The ip are private and static, assigned by a radius server.
The wlan1 and the ethernet have the same ip address, they are in the same bridge.
The question is:
I can only ping the cpe (eg: 172.16.28.123) from the mt where they are connected but i can't reach the cpe if i'm connected with my laptop to a switch linked to the ethernet of the mt. It is very strange for me, the cpe (and my clients) can surf internet without any problem. From the cpe side, i can ping only the ap where the cpe is connected.
I readed pages and pages of this board, but i can found a solution for me! Help!
Many thanks.

Re: PPPoE Pings and bridge

Posted: Thu Jul 10, 2008 2:35 am
by SurferTim
Greetings!

Which interface connects to the internet? ether1 or wlan1?
Which interface connects to the switch? ether1?
What IP/netmask does your laptop have? Public or private? static or dhcp?

Is there a masquerade in
ip firewall nat
that covers your IP?

Re: PPPoE Pings and bridge

Posted: Thu Jul 10, 2008 9:56 am
by welan
Thanks for your answer.
The interface connected to the internet is the ether1 (not directly).
I will explain better:
eg:

CPE (172.16.28.124)
|
|
|
(WLAN1 WITH PPPOE)
|
MT1-------------------------(ETHER1 172.16.28.1/24) <------> SWITCH1 <------> (MY LAPTOP 172.16.28.99/24)
|
(WLAN2 WITH WDS)
|
|
|
OTHER MT2 (172.16.28.2/24)

Connected to the SWITCH1 there is my gateway, a smoothwall box.

The ether1 and the wlan2 are in the same bridge.
From laptop side I can surf, I can ping all my lan except the cpe.
From cpe side I can surf, I can ping MT1 but nothing else of my lan.
From MT1 side I can ping internet hosts, ping my laptop and ping the cpe connected.

I don't have any rules in the ip firewall.
In the address list, a generic pppoe has Address: 172.16.28.1 Netmask: 172.16.28.124 Broadcast: 0.0.0.0 (This address are dynamically created when a cpe is connected and authenticated).
The only route that I added is 0.0.0.0/0 -> 172.16.28.251
The gatway for the cpe is the 172.16.28.1 (assigned by pppoe).

I hope that my explanation was clear, I have no idea about the problem, it sounds very strange for me.

Re: PPPoE Pings and bridge

Posted: Thu Jul 10, 2008 6:02 pm
by SurferTim
I use CLI, so:

Have you added all the interfaces?
/int bridge port print
Did you assign only one interface in the bridge an IP address? I would use the ether interface rather than the wlan. Don't know why...
/ip address print

ADD: And on your "/int wireless" settings, insure you have wds-mode=dynamic, and wds-default-bridge=bridge1
bridge1 should be the name of your bridge in "/int bridge". Same on other end.

Re: PPPoE Pings and bridge

Posted: Thu Jul 10, 2008 6:34 pm
by welan
Ok, I will answer:
This is my /int bridge port print
Terminal vt102 detected, using multiline input mode
[admin@STUDIO] > int
[admin@STUDIO] interface> bridge
[admin@STUDIO] interface bridge> port
[admin@STUDIO] interface bridge port> print
Flags: X - disabled, I - inactive, D - dynamic
# INTERFACE BRIDGE PRIORITY PATH-COST
0 ether1 mybridge_studio 128 10
1 wlan2 mybridge_studio 128 10
2 D wds_ptp mybridge_studio 128 100
[admin@STUDIO] interface bridge port>

The wlan2 where is runnibg pppoe is not in the bridge.
This is my ip address:

[admin@STUDIO] ip address> print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST
0 172.16.28.1/24 172.16.28.0 172.16.28.255
1 D 172.16.28.1/32 172.16.28.140 0.0.0.0
2 D 172.16.28.1/32 172.16.28.125 0.0.0.0
3 D 172.16.28.1/32 172.16.28.102 0.0.0.0
4 D 172.16.28.1/32 172.16.28.133 0.0.0.0
5 D 172.16.28.1/32 172.16.28.112 0.0.0.0
[admin@STUDIO] ip address>

However, I don't use wds features, the cpe are osbridge 5Gxi, they are in NAT router mode and authenticated with pppoe.

Re: PPPoE Pings and bridge

Posted: Thu Jul 10, 2008 8:49 pm
by SurferTim
Too many 172.16.28.1/32 assignments. And I am sure that /32 is incorrect. Maybe /24? I can't see to what interface they are assigned either. The very first IP assignment looks correct. I would delete the rest.

Re: PPPoE Pings and bridge

Posted: Thu Jul 10, 2008 9:34 pm
by welan
The ip that you see:

1 D 172.16.28.1/32 172.16.28.140 0.0.0.0
2 D 172.16.28.1/32 172.16.28.125 0.0.0.0
3 D 172.16.28.1/32 172.16.28.102 0.0.0.0
4 D 172.16.28.1/32 172.16.28.133 0.0.0.0
5 D 172.16.28.1/32 172.16.28.112 0.0.0.0

are generated dinamically, every time a cpe was connected to the mt. They are associated to <pppoe-username> that come up to the ap.

It is correct that the wlan2 (with pppoe running) is out of the bridge?
Every pppoe-in can't ping each others, can ping only mt and internet, nothing else of the same network 172.16.28.0/24.

Re: PPPoE Pings and bridge

Posted: Sat Jul 12, 2008 8:35 pm
by welan
Problem solved. Disabled WDS e no default bridge on the wlan where was running pppoe.

Thx!