Community discussions

MikroTik App
 
ssalonen
just joined
Topic Author
Posts: 6
Joined: Sun Mar 01, 2020 7:43 pm

MPLS transparent p2p bridge: cannot reach clients on other side

Sun Apr 04, 2021 8:16 am

Hi

I have setup transparent MPLS/VPLS wireless bridge by following this guide
https://wiki.mikrotik.com/wiki/Transpar ... using_MPLS. While the connection works between the station and bridge, clients on station side are not functioning as expected: they are not reachable, not even from the sxt unit acting as station.


Network topology is as follows

LTE internet Router (non mikrotik) in bridged mode - openwrt router - l2 switch - sxt1 - sxt2 - l2 switch - (wired devices and unifi ap)

The intent is to have a flat 192.168.1.0/24 network, all clients should be able to communicate with each other. I am simply looking wireless alternative for pulling an ethernet cable between the l2 switches.

The two SXT 5HPnD, sxt1 and sxt2, are configured as bridge (sxt1) and as station (sxt2). Nv2 protocol with security is utilized. Openwrt router (192.168.1.11) is the only dhcp server in the network.

Ping tests :
- sxt2 cannot ping known static ip host (192.168.1.103) on sxt2 side. Timeout
- sxt2 *can* ping sxt1 side, e.g. openwrt router 192.168.1.11 and known static ip host (192.168.1.100)
- sxt1 can ping sxt2 but nothing else

What could be the reason for this? Do I need to add some routing somewhere?

Config from station sxt2 (compact with sensitive hidden)
# apr/04/2021 07:58:17 by RouterOS 6.48.1
# software id = DC9K-ZSPB
#
# model = SXT 5HPnD
# serial number = xxxx4A
/interface bridge
add fast-forward=no mtu=1500 name=bridge1 protocol-mode=none
/interface wireless
set [ find default-name=wlan1 ] band=5ghz-onlyn country=finland disabled=\
    no frequency=5500 hide-ssid=yes ht-supported-mcs="mcs-0,mcs-1,mcs-2,mcs\
    -3,mcs-4,mcs-5,mcs-6,mcs-7,mcs-8,mcs-9,mcs-10,mcs-11,mcs-12,mcs-13,mcs-\
    14,mcs-15" installation=outdoor nv2-security=enabled ssid=\
    MikroTikBridge station-roaming=enabled tx-power=1 tx-power-mode=\
    all-rates-fixed wireless-protocol=nv2
/interface ethernet
set [ find default-name=ether1 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full speed=\
    1Gbps
/interface vpls
add advertised-l2mtu=1508 disabled=no l2mtu=1508 mac-address=\
    02:DD:CB:47:5E:2B mtu=1508 name=vpls1 remote-peer=192.168.2.2 vpls-id=\
    1:1
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,\
    password,web,sniff,sensitive,api,romon,dude,tikapp"
/interface bridge port
add bridge=bridge1 hw=no interface=ether1
add bridge=bridge1 interface=vpls1
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ip address
add address=192.168.1.2/24 interface=ether1 network=192.168.1.0
add address=192.168.2.1/24 interface=wlan1 network=192.168.2.0
/ip dns
set servers=192.168.1.11
/ip ipsec policy
set 0 dst-address=0.0.0.0/32 src-address=0.0.0.0/32
/ip route
add distance=1 gateway=192.168.1.11
/ip ssh
set allow-none-crypto=yes
/mpls interface
set [ find default=yes ] mpls-mtu=1522
/mpls ldp
set enabled=yes lsr-id=192.168.2.1 transport-address=192.168.2.1
/mpls ldp interface
add interface=wlan1
/system clock
set time-zone-name=Europe/Helsinki
/system identity
set name=SXT2Varasto
/system leds
add interface=ether1 leds=user-led type=interface-activity
/system ntp client
set enabled=yes primary-ntp=130.233.224.52 secondary-ntp=130.233.224.60
/system watchdog
set automatic-supout=no ping-timeout=2m watch-address=192.168.2.2
/tool bandwidth-server
set authenticate=no
/tool netwatch
add host=8.8.8.8
/tool romon
set enabled=yes
/tool sniffer
set filter-direction=rx filter-interface=ether1 \
    filter-operator-between-entries=and
 
ssalonen
just joined
Topic Author
Posts: 6
Joined: Sun Mar 01, 2020 7:43 pm

Re: MPLS transparent p2p bridge: cannot reach clients on other side  [SOLVED]

Sun Apr 04, 2021 2:21 pm

Got it working:
- replaced cable from sxt2, I think it was faulty even though ethernet showed as connected. There was no link led lit up though in the switch
- enabled rstp on the bridge interface (this is the default as far as I can tell but I had it disabled while troubleshooting)

Who is online

Users browsing this forum: maigonis and 29 guests