Community discussions

MikroTik App
  4. RouterOS
  5. General

EoIP tunnel - No PING through the tunnel (FIXED)

Post Reply
 
DBob
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 81
Joined: Fri Jun 10, 2011 4:13 pm

EoIP tunnel - No PING through the tunnel (FIXED)

Sun Aug 24, 2014 4:46 pm

Hi,

I've set up an EoIP tunnel about half year ago. Basically it functions well, as I can use SMB file sharing through it, and I can also access the web servers from both side.

BUT!
I cannot ping through the tunnel. No response or "host unreachable" for every device. Also, I cannot access the routers (neither telnet or winbox).
It was like this from the beginning, but I think now it's time to fix this issue. Both routers are on the same subnet. DHCP had been set up, not to interfere with the other side of the tunnel. Also, DHCP pockets cannot go through EoIP because of some filtering. Both routers can be pinged using public IP. Winbox and telnet also works by using the public IPs.

EoIP & Bridge @ device #1
Code: Select all
/interface eoip
add arp=enabled comment="Tunnel between RENT and HOME" disabled=no keepalive=10 l2mtu=65535 local-address=192.168.0.102 mac-address=00:00:5E:80:00:02 mtu=1500 name=EoIP remote-address=188.143.120.72 tunnel-id=0

/interface bridge
add admin-mac=00:0C:42:E4:8A:BB ageing-time=5m arp=enabled auto-mac=no disabled=no forward-delay=15s l2mtu=1598 max-message-age=20s mtu=1500 name=IF-BRIDGE priority=0x8000 protocol-mode=rstp transmit-hold-count=6
/interface bridge filter
add !802.3-sap !802.3-type action=drop !arp-dst-address !arp-dst-mac-address !arp-gratuitous !arp-hardware-type !arp-opcode !arp-packet-type !arp-src-address !arp-src-mac-address chain=forward comment="Block DHCP over EoIP" disabled=\
    no !dst-address !dst-mac-address dst-port=67-68 !in-bridge !in-interface !ingress-priority ip-protocol=udp !limit mac-protocol=ip !out-bridge out-interface=EoIP !packet-mark !packet-type !src-address !src-mac-address !src-port \
    !stp-flags !stp-forward-delay !stp-hello-time !stp-max-age !stp-msg-age !stp-port !stp-root-address !stp-root-cost !stp-root-priority !stp-sender-priority !stp-type !vlan-encap !vlan-id !vlan-priority
/interface bridge port
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=NAS path-cost=10 point-to-point=auto priority=0x80
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=WIFI path-cost=10 point-to-point=auto priority=0x80
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=EoIP path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set allow-fast-path=yes use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no

[admin@HOME] /ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADS  0.0.0.0/0                          10.0.0.1                  1
 1 ADC  10.0.0.1/32        62.165.198.216  DIGI                      0
 2 ADC  192.168.0.0/24     192.168.0.102   IF-BRIDGE                 0
EoIP & Bridge @ device #2
Code: Select all
/interface eoip
add arp=enabled comment="Tunnel between RENT and HOME" disabled=no keepalive=10 l2mtu=65535 local-address=192.168.0.2 mac-address=00:00:5E:80:00:01 mtu=1500 name=EoIP remote-address=62.165.198.216 tunnel-id=0

/interface bridge
add admin-mac=00:0C:42:E4:8A:BB ageing-time=5m arp=enabled auto-mac=no disabled=no forward-delay=15s l2mtu=1598 max-message-age=20s mtu=1500 name=IF-BRIDGE priority=0x8000 protocol-mode=rstp transmit-hold-count=6
/interface bridge filter
add action=drop chain=forward comment="Block DHCP over EoIP" disabled=no dst-port=67-68 ip-protocol=udp mac-protocol=ip out-interface=EoIP
/interface bridge port
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=DESKTOP path-cost=10 point-to-point=auto priority=0x80
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=WiFi path-cost=10 point-to-point=auto priority=0x80
add bridge=IF-BRIDGE disabled=no edge=auto external-fdb=auto horizon=none interface=EoIP path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no

[admin@RENT] /ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADS  0.0.0.0/0                          188.143.120.1             0
 1 ADC  188.143.120.0/24   188.143.120.72  WAN                       0
 2 ADC  192.168.0.0/24     192.168.0.2     IF-BRIDGE                 0
For me, it seems to be, there is some routing problem. But I cannot find what's missing. What rule should I add and where?
Last edited by DBob on Mon Aug 25, 2014 1:43 am, edited 1 time in total.
Top
 
DBob
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 81
Joined: Fri Jun 10, 2011 4:13 pm

Re: EoIP tunnel - No PING through the tunnel

Mon Aug 25, 2014 1:42 am

Got it fixed.

Both bridges had the same mac-address --> ARP failed.
Top
Post Reply

Who is online

Users browsing this forum: daliad100, deatras, johnson73, ronmik and 108 guests
  4. RouterOS
  5. General