The hAP ax^2 comes with ether1 as a WAN port and ether2-5 as LAN. I wanted to have all 5 ports in the bridge so I went ahead and added ether1 to the bridge. Didn't work, so I rebooted the router - which made no difference.
What did get it working was to make ether1 the first entry in the bridge port configuration section. That requires some faffing around as you can't just move them.
Anyone else tried all ports in the bridge and had a different experience?
Bridge all ports on hAP AX^2
Last edited by MrYan on Mon Dec 11, 2023 12:15 pm, edited 1 time in total.
Re: Bridge all ports on hAP AX^2
Interface list.
Move ether 1 from wan to lan.
And then move dhcp client from ether 1 to bridge.
Move ether 1 from wan to lan.
And then move dhcp client from ether 1 to bridge.
Re: Bridge all ports on hAP AX^2
I really thing asking about adding stuff to a bridge is the WRONG WAY to think.
Instead
a. identify all user(s)/device(s) / groups of users/devices including the admin
b. identify all the traffic the above users/devices require to accomplish.
Draw a network diagram of the plan, detailing where the mikrotik device fits on a network and where it gets internet from
and what other smart devices or dumb devices it supports behind it.
I ask this because you have provided zero practical information to figure out what you are trying to do and thus have no clue what you need.
Also post config
/export file=anynameyouwish ( minus router serial#, public WANIP information, keys etc... )
Instead
a. identify all user(s)/device(s) / groups of users/devices including the admin
b. identify all the traffic the above users/devices require to accomplish.
Draw a network diagram of the plan, detailing where the mikrotik device fits on a network and where it gets internet from
and what other smart devices or dumb devices it supports behind it.
I ask this because you have provided zero practical information to figure out what you are trying to do and thus have no clue what you need.
Also post config
/export file=anynameyouwish ( minus router serial#, public WANIP information, keys etc... )
Re: Bridge all ports on hAP AX^2
My query is to those who have a hAP ax^2 and have tried to bridge all ports.
Non-working configuration was:
Whereas working configuration is:
All my other configuration - bridging, IP routing, firewalling, Internet access etc are working. They are configured on VLANs over the bridge so aren't directly related to the bridge ports.
I could see packets tagged with VLAN 32 on the bridge (using /tool/sniffer), but they weren't seen on ether1 - like it wasn't part of the bridge. I'd seen that previously when bringing a port out of disabled state, although that was resolved with a reboot. On this occasion however, that didn't work.
The change that made the difference was the ordering. Hence the question whether others had observed the same behaviour.
Non-working configuration was:
Code: Select all
Flags: X - DISABLED, I - INACTIVE
Columns: INTERFACE, BRIDGE, HW, PVID, PRIORITY, PATH-COST, INTERNAL-PATH-COST, HORIZON
# INTERFACE BRIDGE HW PVID PRIORITY PATH-COST INTERNAL-PATH-COST HORIZON
0 ether2 bridge yes 31 0x80 10 10 none
1 I ether3 bridge yes 1 0x80 10 10 none
2 ether4 bridge yes 1 0x80 10 10 none
3 ether5 bridge yes 1 0x80 10 10 none
4 ether1 bridge yes 32 0x80 10 10 none
Code: Select all
Flags: X - DISABLED, I - INACTIVE
Columns: INTERFACE, BRIDGE, HW, PVID, PRIORITY, PATH-COST, INTERNAL-PATH-COST, HORIZON
# INTERFACE BRIDGE HW PVID PRIORITY PATH-COST INTERNAL-PATH-COST HORIZON
0 ether1 bridge yes 32 0x80 10 10 none
1 ether2 bridge yes 31 0x80 10 10 none
2 I ether3 bridge yes 1 0x80 10 10 none
3 ether4 bridge yes 1 0x80 10 10 none
4 ether5 bridge yes 1 0x80 10 10 none
I could see packets tagged with VLAN 32 on the bridge (using /tool/sniffer), but they weren't seen on ether1 - like it wasn't part of the bridge. I'd seen that previously when bringing a port out of disabled state, although that was resolved with a reboot. On this occasion however, that didn't work.
The change that made the difference was the ordering. Hence the question whether others had observed the same behaviour.
Last edited by MrYan on Mon Dec 11, 2023 12:15 pm, edited 1 time in total.
Re: Bridge all ports on hAP AX^2
Show config.
The order of ports in bridge setup is (in my experience) irrelevant.
The order of ports in bridge setup is (in my experience) irrelevant.
Re: Bridge all ports on hAP AX^2
Relevant configuration below.
Yes, I know there will be comments about the problem being elsewhere and the whole configuration is required but I'll take my chances. Things work, so this is more a case of leaving some information in case others encounter the same problem.
Yes, I know there will be comments about the problem being elsewhere and the whole configuration is required but I'll take my chances. Things work, so this is more a case of leaving some information in case others encounter the same problem.
Code: Select all
/interface bridge
add admin-mac=XX:XX:XX:XX:XX:XX auto-mac=no dhcp-snooping=yes frame-types=admit-only-vlan-tagged name=bridge priority=0x1000 vlan-filtering=yes
/interface bridge port
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether1 pvid=32 trusted=yes
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether2 pvid=31 trusted=yes
add bridge=bridge interface=ether3
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether4
add bridge=bridge interface=ether5
/interface bridge vlan
add bridge=bridge tagged=bridge untagged=ether3,ether4,ether5 vlan-ids=1
add bridge=bridge tagged=bridge,ether3,ether5 vlan-ids=101
add bridge=bridge tagged=bridge untagged=ether2 vlan-ids=31
add bridge=bridge tagged=bridge untagged=ether1 vlan-ids=32
Re: Bridge all ports on hAP AX^2
Partial config = unable to answer.
How are your interface lists defined and firewall rules using those interface lists ?
How are your interface lists defined and firewall rules using those interface lists ?
Re: Bridge all ports on hAP AX^2
Why would you want to bridge all ports............... That is not a requirement its an attempt, maybe legit, or maybe wrong, to design a config for some reason.
We care about the reason because the WHOLE CONFIG is often integrated and thus having the complete picture helps point towards development of an efficient and working config.
/export file=anynameyouwish ( minus router serial number, public WANIP information, keys etc.
Network diagram ??
We care about the reason because the WHOLE CONFIG is often integrated and thus having the complete picture helps point towards development of an efficient and working config.
/export file=anynameyouwish ( minus router serial number, public WANIP information, keys etc.
Network diagram ??
Who is online
Users browsing this forum: almdandi, Bing [Bot] and 33 guests