Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

IP Question

Post Reply
 
suppersready
just joined
Topic Author
Posts: 2
Joined: Fri Apr 01, 2022 11:13 pm

IP Question

Fri Apr 01, 2022 11:33 pm

Let me start this off by saying I am well versed in a number of products, but mikrotik gives me fits every now and again. Device type is CCR1009

Scenario

New Internet Connection /30 coming from the carrier on Ether1 I can ping the internet fine, manage device, etc. Let's call it 100.100.100.0/30 My device is .1, peer is .2

I have a /27 the carrier routes to me for my new firewalls and other public IPs. 200.200.200.0/27 being that range.

If I set the ip address up on the ETH2, as 200.200.200.1 I can plug in a laptop and I can test the connectivity out to the internet just fine. However, being the glutton for punishment I am, I want to be able to hook multiple devices up to this mikrotik without having to put a switch behind any one single interface

I was thinking creating a bridge would work between ETHER2-6, and put the ip interface on the vlan. Unfortunately, it doesn't work and I no longer access the internet from hosts on 200.200.200.0/27

Any help would be most appreciated.

------------------- Detailed config Dump -------------------------------

[admin@INET-RTR1] /system> /ip route print detail
Flags: D - dynamic; X - disabled, I - inactive, A - active;
c - connect, s - static, r - rip, b - bgp, o - ospf, d - dhcp, v - vpn, m - modem, y - copy;
H - hw-offloaded; + - ecmp
0 As dst-address=0.0.0.0/0 routing-table=main pref-src=""
gateway=100.100.100.2 immediate-gw=100.100.100.1%ether1 distance=1
scope=30 target-scope=10 suppress-hw-offload=no

DAc dst-address=100.100.100.0/30 routing-table=main gateway=ether1
immediate-gw=ether1 distance=0 scope=10 suppress-hw-offload=no
local-address=100.100.100.1%ether1

DAc dst-address=200.200.200.0/27 routing-table=main gateway=vlan1
immediate-gw=vlan1 distance=0 scope=10 suppress-hw-offload=no
local-address=200.200.200.1%vlan1
[admin@INET-RTR1] /system> /interface bridge print
Flags: X - disabled, R - running
0 R name="bridge1" mtu=auto actual-mtu=1500 l2mtu=1580 arp=enabled
arp-timeout=auto mac-address=64:D1:54:E5:55:32 protocol-mode=rstp
fast-forward=yes igmp-snooping=no auto-mac=yes ageing-time=5m
priority=0x8000 max-message-age=20s forward-delay=15s
transmit-hold-count=6 vlan-filtering=no dhcp-snooping=no
[admin@INET-RTR1] /system> /interface bridge print detail
Flags: X - disabled, R - running
0 R name="bridge1" mtu=auto actual-mtu=1500 l2mtu=1580 arp=enabled
arp-timeout=auto mac-address=64:D1:54:E5:55:32 protocol-mode=rstp
fast-forward=yes igmp-snooping=no auto-mac=yes ageing-time=5m
priority=0x8000 max-message-age=20s forward-delay=15s
transmit-hold-count=6 vlan-filtering=no dhcp-snooping=no
[admin@INET-RTR1] /system> /interface vlan print det
Flags: X - disabled, R - running
0 R name="vlan1" mtu=1500 l2mtu=1576 mac-address=64:D1:54:E5:55:32 arp=enabled
arp-timeout=auto loop-protect=default loop-protect-status=off
loop-protect-send-interval=5s loop-protect-disable-time=5m vlan-id=1
interface=bridge1 use-service-tag=no

[admin@INET-RTR1] /system> /ip address print det
Flags: X - disabled, I - invalid, D - dynamic
0 address=100.100.100.1/30 network=100.100.100.0 interface=ether1
actual-interface=ether1

1 address=200.200.200.1/27 network=200.200.200.0 interface=vlan1
actual-interface=vlan1


[admin@INET-RTR1] /system> /interface ethernet print det
Flags: X - disabled, R - running; S - slave
0 name="combo1" default-name="combo1" mtu=1500 l2mtu=1580
mac-address=64:D1:54:E5:55:30 orig-mac-address=64:D1:54:E5:55:30
arp=enabled arp-timeout=auto loop-protect=default
loop-protect-status=off loop-protect-send-interval=5s
loop-protect-disable-time=5m auto-negotiation=yes
advertise=10M-full,100M-full,1000M-full full-duplex=yes
tx-flow-control=off rx-flow-control=off speed=1Gbps
bandwidth=unlimited/unlimited sfp-rate-select=high combo-mode=auto
sfp-shutdown-temperature=95C

1 R name="ether1" default-name="ether1" mtu=1500 l2mtu=1580
mac-address=64:D1:54:E5:55:31 orig-mac-address=64:D1:54:E5:55:31
arp=enabled arp-timeout=auto loop-protect=default
loop-protect-status=off loop-protect-send-interval=5s
loop-protect-disable-time=5m auto-negotiation=yes advertise=1000M-full
full-duplex=yes tx-flow-control=off rx-flow-control=off speed=100Mbps
bandwidth=unlimited/unlimited

2 RS name="ether2" default-name="ether2" mtu=1500 l2mtu=1580
mac-address=64:D1:54:E5:55:32 orig-mac-address=64:D1:54:E5:55:32
arp=enabled arp-timeout=auto loop-protect=default
loop-protect-status=off loop-protect-send-interval=5s
loop-protect-disable-time=5m auto-negotiation=yes
advertise=10M-full,100M-full,1000M-full full-duplex=yes
tx-flow-control=off rx-flow-control=off speed=100Mbps
bandwidth=unlimited/unlimited

3 RS name="ether3" default-name="ether3" mtu=1500 l2mtu=1580
mac-address=64:D1:54:E5:55:33 orig-mac-address=64:D1:54:E5:55:33
arp=enabled arp-timeout=auto loop-protect=default
loop-protect-status=off loop-protect-send-interval=5s
loop-protect-disable-time=5m auto-negotiation=yes
advertise=10M-full,100M-full,1000M-full full-duplex=yes
tx-flow-control=off rx-flow-control=off speed=100Mbps
bandwidth=unlimited/unlimited

4 RS name="ether4" default-name="ether4" mtu=1500 l2mtu=1580
mac-address=64:D1:54:E5:55:34 orig-mac-address=64:D1:54:E5:55:34
arp=enabled arp-timeout=auto loop-protect=default
loop-protect-status=off loop-protect-send-interval=5s
loop-protect-disable-time=5m auto-negotiation=yes
advertise=10M-full,100M-full,1000M-full full-duplex=yes
tx-flow-control=off rx-flow-control=off speed=100Mbps
bandwidth=unlimited/unlimited

5 RS name="ether5" default-name="ether5" mtu=1500 l2mtu=1580
mac-address=64:D1:54:E5:55:35 orig-mac-address=64:D1:54:E5:55:35
arp=enabled arp-timeout=auto loop-protect=default
loop-protect-status=off loop-protect-send-interval=5s
loop-protect-disable-time=5m auto-negotiation=yes
advertise=10M-full,100M-full,1000M-full full-duplex=yes
tx-flow-control=off rx-flow-control=off speed=100Mbps
bandwidth=unlimited/unlimited

6 S name="ether6" default-name="ether6" mtu=1500 l2mtu=1580
mac-address=64:D1:54:E5:55:36 orig-mac-address=64:D1:54:E5:55:36
arp=enabled arp-timeout=auto loop-protect=default
loop-protect-status=off loop-protect-send-interval=5s
loop-protect-disable-time=5m auto-negotiation=yes
advertise=10M-full,100M-full,1000M-full full-duplex=yes
tx-flow-control=off rx-flow-control=off speed=100Mbps
bandwidth=unlimited/unlimited

7 name="ether7" default-name="ether7" mtu=1500 l2mtu=1580
mac-address=64:D1:54:E5:55:37 orig-mac-address=64:D1:54:E5:55:37
arp=enabled arp-timeout=auto loop-protect=default
loop-protect-status=off loop-protect-send-interval=5s
loop-protect-disable-time=5m auto-negotiation=yes
advertise=10M-full,100M-full,1000M-full full-duplex=yes
tx-flow-control=off rx-flow-control=off speed=100Mbps
bandwidth=unlimited/unlimited

[admin@INET-RTR1] /system> /interface bridge print det
Flags: X - disabled, R - running
0 R name="bridge1" mtu=auto actual-mtu=1500 l2mtu=1580 arp=enabled
arp-timeout=auto mac-address=64:D1:54:E5:55:32 protocol-mode=rstp
fast-forward=yes igmp-snooping=no auto-mac=yes ageing-time=5m
priority=0x8000 max-message-age=20s forward-delay=15s
transmit-hold-count=6 vlan-filtering=no dhcp-snooping=no


[admin@INET-RTR1] /system> /interface vlan print det
Flags: X - disabled, R - running
0 R name="vlan1" mtu=1500 l2mtu=1576 mac-address=64:D1:54:E5:55:32 arp=enabled
arp-timeout=auto loop-protect=default loop-protect-status=off
loop-protect-send-interval=5s loop-protect-disable-time=5m vlan-id=1
interface=bridge1 use-service-tag=no
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19322
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: IP Question

Sat Apr 02, 2022 4:29 pm

Try,
/export hide-sensitive file=anynameyouwish

viewtopic.php?p=908118#p908118
Top
 
suppersready
just joined
Topic Author
Posts: 2
Joined: Fri Apr 01, 2022 11:13 pm

Re: IP Question

Mon Apr 04, 2022 7:29 pm

@ANAV

/export hide-sensitive
# Apr/4/2022 01:44:53 by RouterOS 7.1.5
# software id = XXXX-XXXX
#
# model = CCR1009-7G-1C
# serial number = XXXXXXXX
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/lora servers
add address=eu.mikrotik.thethings.industries down-port=1700 name=TTN-EU up-port=1700
add address=us.mikrotik.thethings.industries down-port=1700 name=TTN-US up-port=1700
add address=eu1.cloud.thethings.industries down-port=1700 name="TTS Cloud (eu1)" up-port=1700
add address=nam1.cloud.thethings.industries down-port=1700 name="TTS Cloud (nam1)" up-port=1700
add address=au1.cloud.thethings.industries down-port=1700 name="TTS Cloud (au1)" up-port=1700
add address=eu1.cloud.thethings.network down-port=1700 name="TTN V3 (eu1)" up-port=1700
add address=nam1.cloud.thethings.network down-port=1700 name="TTN V3 (nam1)" up-port=1700
add address=au1.cloud.thethings.network down-port=1700 name="TTN V3 (au1)" up-port=1700
/port
set 0 name=serial0
set 1 name=serial1
/ip neighbor discovery-settings
set discover-interface-list=none
/ip address
add address=100.100.100.1/30 interface=ether1 network=100.100.100.0
add address=200.200.200.1/26 interface=ether2 network=200.200.200.0
/ip route
add dst-address=0.0.0.0/0 gateway=100.100.100.2
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system identity
set name=INET-RTR
/tool mac-server
set allowed-interface-list=none
Top
Post Reply

Who is online

Users browsing this forum: Amazon [Bot], Bing [Bot] and 17 guests
  4. RouterOS
  5. Beginner Basics