Community discussions

 
jml
newbie
Topic Author
Posts: 39
Joined: Wed May 15, 2013 3:22 am

Problem with simple RB750 Configuration

Sat Aug 31, 2013 4:39 pm

Hi,
I'm trying to configure a RB750 with this simple configuration:

Ether1 is connected by /30 to a radio uplink back to the rest of the network and the internet
Ether2 (and also 3-5 once this is working) will be connected on a bridge that will provide connectivity to tenants.
A /29 address will be assigned to the bridge.

After configuring this setup, it seems as though no packets would be forwarded from Ether1 to a tenant on Ether2 on the bridge and vice-versa.
I could ping the IP Address assigned to the bridge, but not the tenant's IP, and the tenant could not access the rest of the network or the internet.

xxx.xxx.187.229 is the network side of the /30
xxx.xxx.186.41 is the /29 address assigned to the bridge

Thanks.

-- James

Here is the configuration:

# aug/31/2013 13:32:56 by RouterOS 6.2
# software id = EAVP-MEQY
#
/interface bridge
add name=tenants-bridge
/interface ethernet
set 1 name=ether2 poe-out=off
set 2 name=ether3 poe-out=off
set 3 name=ether4 poe-out=off
set 4 name=ether5 poe-out=off
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m \
mac-cookie-timeout=3d
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
/tool user-manager customer
add backup-allowed=yes disabled=no login=admin password="" \
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no \
permissions=owner signup-allowed=no time-zone=-00:00
/interface bridge port
add bridge=tenants-bridge interface=ether2
/ip address
add address=xxx.xxx.186.41/29 comment="TENANTS SUBNET" interface=\
tenants-bridge network=xxx.xxx.186.40
add address=xxx.xxx.187.230/30 comment="DOWNLINK TO 13701" interface=\
ether1-gateway network=xxx.xxx.187.228
/ip dns
set allow-remote-requests=yes max-udp-packet-size=512
/ip dns static
add address=192.168.88.1 name=router
/ip proxy
set parent-proxy=0.0.0.0
/ip route
add distance=1 gateway=xxx.xxx.187.229
/ip service
set api disabled=yes
/queue interface
set ether1-gateway queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
set ether4 queue=ethernet-default
set ether5 queue=ethernet-default
/system identity
set name=MikroTik-13400
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set tenants-bridge disabled=yes display-time=5s
set ether1-gateway disabled=yes display-time=5s
set ether2 disabled=yes display-time=5s
set ether3 disabled=yes display-time=5s
set ether4 disabled=yes display-time=5s
set ether5 disabled=yes display-time=5s
/system ntp client
set enabled=yes primary-ntp=xxx.xxx.184.19
/tool mac-server
add interface=ether2
add interface=ether3
add interface=ether4
add interface=ether5
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether2
add interface=ether3
add interface=ether4
add interface=ether5
 
SurferTim
Forum Guru
Forum Guru
Posts: 4637
Joined: Mon Jan 07, 2008 10:31 pm
Location: Miramar Beach, Florida

Re: Problem with simple RB750 Configuration

Sat Aug 31, 2013 5:42 pm

Did you know ether2-ether5 are assigned to a switch by default?
http://wiki.mikrotik.com/wiki/Manual:De ... igurations
 
jml
newbie
Topic Author
Posts: 39
Joined: Wed May 15, 2013 3:22 am

Re: Problem with simple RB750 Configuration

Sat Aug 31, 2013 6:05 pm

Yes. I unslave all the ports and assign them to a bridge because I need to implement queues for bandwidth control.
However, I still can't figure out why packets aren't forwarded from ether1 <-> bridge.
 
SurferTim
Forum Guru
Forum Guru
Posts: 4637
Joined: Mon Jan 07, 2008 10:31 pm
Location: Miramar Beach, Florida

Re: Problem with simple RB750 Configuration

Sat Aug 31, 2013 6:42 pm

You have a public ip assigned to the bridge?
Do you have a srcnat or masquerade in "/ip firewall nat"?
Is your ISP routing that public ip subnet to your 750?
 
jml
newbie
Topic Author
Posts: 39
Joined: Wed May 15, 2013 3:22 am

Re: Problem with simple RB750 Configuration

Sat Aug 31, 2013 6:48 pm

Please see the pasted configuration:

I have xxx.xxx.186.41/29 assigned to the bridge
I have cleared all firewall rules
The ISP is routing xxx.xxx.186.40/29 to xxx.xxx.187.230 (assigned to ether1)

The very strange part was that I was able to ping the xxx.xxx.186.41 address fine.
 
SurferTim
Forum Guru
Forum Guru
Posts: 4637
Joined: Mon Jan 07, 2008 10:31 pm
Location: Miramar Beach, Florida

Re: Problem with simple RB750 Configuration

Sat Aug 31, 2013 6:55 pm

...and the address you can't ping is what?

Maybe you should post "/ip route".
 
jml
newbie
Topic Author
Posts: 39
Joined: Wed May 15, 2013 3:22 am

Re: Problem with simple RB750 Configuration

Sat Aug 31, 2013 7:02 pm

A tenant with IP xxx.xxx.186.43 could not reach the internet, nor could I ping that IP except from the router SSH interface.

Here is /ip route print

[admin@MikroTik-13400] /ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 xxx.xxx.187.229 1
1 ADC xxx.xxx.186.40/29 xxx.xxx.186.41 tenants-bridge 0
2 ADC xxx.xxx.187.228/30 xxx.xxx.187.230 ether1-gateway 0
 
SurferTim
Forum Guru
Forum Guru
Posts: 4637
Joined: Mon Jan 07, 2008 10:31 pm
Location: Miramar Beach, Florida

Re: Problem with simple RB750 Configuration

Sat Aug 31, 2013 7:07 pm

I guess the tenants network settings are static? Check the network settings on the tenants. Are you certain they have the correct gateway?
 
jml
newbie
Topic Author
Posts: 39
Joined: Wed May 15, 2013 3:22 am

Re: Problem with simple RB750 Configuration

Sat Aug 31, 2013 9:49 pm

Yup, static IPs.
The correct gateway was verified on the tenant's router..
 
SurferTim
Forum Guru
Forum Guru
Posts: 4637
Joined: Mon Jan 07, 2008 10:31 pm
Location: Miramar Beach, Florida

Re: Problem with simple RB750 Configuration

Sat Aug 31, 2013 10:28 pm

Ether1 is connected by /30 to a radio uplink back to the rest of the network and the internet
Maybe you should explain that in more detail.

BTW, "simple" is not the word I would use for this setup.

The next question will be "Did you route both those public subnets through all that?"

Who is online

Users browsing this forum: No registered users and 82 guests