Community discussions

MikroTik App
 
astifr
just joined
Topic Author
Posts: 10
Joined: Thu Feb 21, 2019 5:57 pm

Broadcast loop in CHR bridge

Tue Jan 28, 2020 1:41 pm

Hi all!

I have a CHR virtualized in vmware ESXi and I have a problem when try to forward traffic across EoIP tunnel.

That's my scenario,

-----------------ESXi--------------------
| ----------- ----------- | -----------INTERNET------------
| | DHCP | | CHR |<--wan-->| <-------- EoIP --------------> MIKROTIK RB951G-2HnD <---------> DHCP Client
| | server | | | | ---------------------------------------
| ----------- ----------- |
| \----vSwitch---/ |
--------------------------------------------

In sumary, there are a DHCP server in the same esxi host that CHR is installed, both conected with vswitch. CHR has another interface facing internet, where eoip is configured.

This's CHR relate config,

/interface bridge
#there are more bridges
add name=BRIDGE
add name=BRIDGE-2
/interface ethernet
set [ find default-name=ether1 ] disable-running-check=no name=WAN
set [ find default-name=ether2 ] disable-running-check=no name=TRUNK
/interface eoip
#there are more interfaces
add comment=MY_COMMENT mac-address=MY_MAC name=eoip10103 remote-address=MY_IP tunnel-id=10103
add comment=MY_COMMENT mac-address=MY_MAC name=eoip10104 remote-address=MY_IP tunnel-id=10104
/interface vlan
#there are more interfaces
add interface=TRUNK name=vlan103 vlan-id=103
add interface=TRUNK name=vlan104 vlan-id=104
/interface bridge port
#there are more ports
add bridge=BRIDGE interface=eoip10103
add bridge=BRIDGE interface=vlan103
add bridge=BRIDGE-2 interface=eoip10104
add bridge=BRIDGE-2 interface=vlan104

The problem is about DHCP, when DHCP client send a DHCP request I can see the packet come in to CHR throught eoip10104, then throught vlan and bridge. But, the packet come in again throught interface vlan104 and CHR learn DHCP client mac address via vlan104 instead eoip10104.

This's the output of packet sniffer,

INTERFACE TIME NUM DIR SRC-MAC DST-MAC VLAN SRC-ADDRESS DST-ADDRESS PROTOCOL SIZE CPU FP
eoip10104 13.062 1 <- DH:CP:__:CL:IE:NT FF:FF:FF:FF:FF:FF 0.0.0.0:68 (bootpc) 255.255.255.255:67 (bootps) ip:udp 348 0 no
vlan104 13.063 2 -> DH:CP:__:CL:IE:NT FF:FF:FF:FF:FF:FF 0.0.0.0:68 (bootpc) 255.255.255.255:67 (bootps) ip:udp 348 0 no
TRUNK 13.063 3 -> DH:CP:__:CL:IE:NT FF:FF:FF:FF:FF:FF 104 0.0.0.0:68 (bootpc) 255.255.255.255:67 (bootps) ip:udp 352 0 no
BRIDGE-2 13.063 4 <- DH:CP:__:CL:IE:NT FF:FF:FF:FF:FF:FF 0.0.0.0:68 (bootpc) 255.255.255.255:67 (bootps) ip:udp 348 0 no
TRUNK 13.063 5 <- DH:CP:__:CL:IE:NT FF:FF:FF:FF:FF:FF 104:4 0.0.0.0:68 (bootpc) 255.255.255.255:67 (bootps) ip:udp 352 0 no
vlan104 13.063 6 <- DH:CP:__:CL:IE:NT FF:FF:FF:FF:FF:FF 0.0.0.0:68 (bootpc) 255.255.255.255:67 (bootps) ip:udp 348 0 no
eoip10104 13.063 7 -> DH:CP:__:CL:IE:NT FF:FF:FF:FF:FF:FF 0.0.0.0:68 (bootpc) 255.255.255.255:67 (bootps) ip:udp 348 0 no
BRIDGE-2 13.063 8 <- DH:CP:__:CL:IE:NT FF:FF:FF:FF:FF:FF 0.0.0.0:68 (bootpc) 255.255.255.255:67 (bootps) ip:udp 348 0 no

Any ideas?

Thank you very much.
 
User avatar
StubArea51
Trainer
Trainer
Posts: 1739
Joined: Fri Aug 10, 2012 6:46 am
Location: stubarea51.net
Contact:

Re: Broadcast loop in CHR bridge

Tue Jan 28, 2020 2:00 pm

Is there any reason you wouldn't use DHCP relay instead of bridging a Layer 2 tunnel segment?
 
astifr
just joined
Topic Author
Posts: 10
Joined: Thu Feb 21, 2019 5:57 pm

Re: Broadcast loop in CHR bridge  [SOLVED]

Tue Jan 28, 2020 2:18 pm

Is there any reason you wouldn't use DHCP relay instead of bridging a Layer 2 tunnel segment?
Yes, the scenario is a bit complex. In the remote side there are some APs offering wifi in diferent VLANs and in the ESXi side there are a captive portal for each of these VLAN.

UPDATE: The problem was in vswitch. In this link https://kb.vmware.com/s/article/59235 is the solution.

Who is online

Users browsing this forum: No registered users and 10 guests