I've set up an EoIP tunnel about half year ago. Basically it functions well, as I can use SMB file sharing through it, and I can also access the web servers from both side.
BUT!
I cannot ping through the tunnel. No response or "host unreachable" for every device. Also, I cannot access the routers (neither telnet or winbox).
It was like this from the beginning, but I think now it's time to fix this issue. Both routers are on the same subnet. DHCP had been set up, not to interfere with the other side of the tunnel. Also, DHCP pockets cannot go through EoIP because of some filtering. Both routers can be pinged using public IP. Winbox and telnet also works by using the public IPs.
EoIP & Bridge @ device #1
Code: Select all
/interface eoip
add arp=enabled comment="Tunnel between RENT and HOME" disabled=no keepalive=10 l2mtu=65535 local-address=192.168.0.102 mac-address=00:00:5E:80:00:02 mtu=1500 name=EoIP remote-address=188.143.120.72 tunnel-id=0
/interface bridge
add admin-mac=00:0C:42:E4:8A:BB ageing-time=5m arp=enabled auto-mac=no disabled=no forward-delay=15s l2mtu=1598 max-message-age=20s mtu=1500 name=IF-BRIDGE priority=0x8000 protocol-mode=rstp transmit-hold-count=6
/interface bridge filter
add !802.3-sap !802.3-type action=drop !arp-dst-address !arp-dst-mac-address !arp-gratuitous !arp-hardware-type !arp-opcode !arp-packet-type !arp-src-address !arp-src-mac-address chain=forward comment="Block DHCP over EoIP" disabled=\
no !dst-address !dst-mac-address dst-port=67-68 !in-bridge !in-interface !ingress-priority ip-protocol=udp !limit mac-protocol=ip !out-bridge out-interface=EoIP !packet-mark !packet-type !src-address !src-mac-address !src-port \
!stp-flags !stp-forward-delay !stp-hello-time !stp-max-age !stp-msg-age !stp-port !stp-root-address !stp-root-cost !stp-root-priority !stp-sender-priority !stp-type !vlan-encap !vlan-id !vlan-priority
/interface bridge port
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=NAS path-cost=10 point-to-point=auto priority=0x80
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=WIFI path-cost=10 point-to-point=auto priority=0x80
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=EoIP path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set allow-fast-path=yes use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no
[admin@HOME] /ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 10.0.0.1 1
1 ADC 10.0.0.1/32 62.165.198.216 DIGI 0
2 ADC 192.168.0.0/24 192.168.0.102 IF-BRIDGE 0
Code: Select all
/interface eoip
add arp=enabled comment="Tunnel between RENT and HOME" disabled=no keepalive=10 l2mtu=65535 local-address=192.168.0.2 mac-address=00:00:5E:80:00:01 mtu=1500 name=EoIP remote-address=62.165.198.216 tunnel-id=0
/interface bridge
add admin-mac=00:0C:42:E4:8A:BB ageing-time=5m arp=enabled auto-mac=no disabled=no forward-delay=15s l2mtu=1598 max-message-age=20s mtu=1500 name=IF-BRIDGE priority=0x8000 protocol-mode=rstp transmit-hold-count=6
/interface bridge filter
add action=drop chain=forward comment="Block DHCP over EoIP" disabled=no dst-port=67-68 ip-protocol=udp mac-protocol=ip out-interface=EoIP
/interface bridge port
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=DESKTOP path-cost=10 point-to-point=auto priority=0x80
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=WiFi path-cost=10 point-to-point=auto priority=0x80
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=EoIP path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no
[admin@RENT] /ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADS 0.0.0.0/0 188.143.120.1 0
1 ADC 188.143.120.0/24 188.143.120.72 WAN 0
2 ADC 192.168.0.0/24 192.168.0.2 IF-BRIDGE 0