Community discussions

MikroTik App
 
User avatar
drasir
just joined
Topic Author
Posts: 24
Joined: Sat Sep 11, 2021 4:48 pm

Missing ether7 / no DHCP active on Port

Wed Apr 27, 2022 11:13 pm

So i noticed some strange behaviour on my RB4011, connected devices on port ether7 never got an DHCP Lease if the port is configured on my LAN-Bridge.
- thought the cable was defective
- thought the port was defective
If i assign another bridge (i.e. LAB) that has another DHCP network on it, it does get a lease.

Port does showup in webinterface under interfaces, however, ethernet config looks like this:
/interface ethernet
set [ find default-name=sfp-sfpplus1 ] advertise=\
    100M-full,1000M-half,1000M-full,2500M-full,5000M-full disabled=yes name=\
    OPNsense_IN speed=1Gbps
set [ find default-name=ether1 ] comment=WAN-PORT name=WAN_PORT
set [ find default-name=ether2 ] comment="Work PC"
set [ find default-name=ether3 ] comment=VOIP
set [ find default-name=ether4 ] comment=OPNSENSE_IN
set [ find default-name=ether5 ] comment=LAB2
set [ find default-name=ether6 ] comment="Chromecast Ultra"
set [ find default-name=ether8 ] comment="Sonos Port"
set [ find default-name=ether9 ] comment=ThinkcentDR rx-flow-control=auto \
    tx-flow-control=auto
set [ find default-name=ether10 ] comment="Wohnzimmer Uplink" \
    rx-flow-control=auto tx-flow-control=auto

ether7 is missing. Adding it through the cli does not change config.
I am hesitant to wipe config and import it again as this is my main router, but i can't figure out what is going on..
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: Missing ether7 / no DHCP active on Port

Wed Apr 27, 2022 11:18 pm

Maybe you are using ether7 somewhere else in your config ? So it does not allow you to add it as a slave port on your Bridge ?
 
holvoetn
Forum Guru
Forum Guru
Posts: 5317
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Missing ether7 / no DHCP active on Port

Wed Apr 27, 2022 11:28 pm

Export full config, from terminal use /export hide-sensitive file=<anynameyouwish>
Post between [Code] quotes.

As indicated, most likely that port is already being used.
Reviewing that exported config might show you where (ctrl-F helps in a text editor :lol: )
 
User avatar
drasir
just joined
Topic Author
Posts: 24
Joined: Sat Sep 11, 2021 4:48 pm

Re: Missing ether7 / no DHCP active on Port

Thu Apr 28, 2022 12:02 am

There you go, scripts and less sensitive stuff edited out. Ether 7 Does only show up in UPNP and Bridge Ports (currently on LAB as this works)
# apr/27/2022 22:53:40 by RouterOS 7.2.1
# software id = ZWRH-0FBN
#
# model = RB4011iGS+5HacQ2HnD
# serial number = xxxxx
/interface bridge
add name="bridge - LAB" protocol-mode=none
add admin-mac=2C:C8:1B:03:XX:XX arp=proxy-arp auto-mac=no igmp-snooping=yes \
    name="bridge - LAN"
add name="bridge - VOIP" protocol-mode=none
add name="bridge - WRK" protocol-mode=none
/interface ethernet
set [ find default-name=sfp-sfpplus1 ] advertise=\
    100M-full,1000M-half,1000M-full,2500M-full,5000M-full disabled=yes name=\
    OPNsense_IN speed=1Gbps
set [ find default-name=ether1 ] comment=WAN-PORT name=WAN_PORT
set [ find default-name=ether2 ] comment="Work PC"
set [ find default-name=ether3 ] comment=VOIP
set [ find default-name=ether4 ] comment=OPNSENSE_IN
set [ find default-name=ether5 ] comment=LAB2
set [ find default-name=ether6 ] comment="Chromecast Ultra"
set [ find default-name=ether8 ] comment="Sonos Port"
set [ find default-name=ether9 ] comment=ThinkcentDR rx-flow-control=auto \
    tx-flow-control=auto
set [ find default-name=ether10 ] comment="Wohnzimmer Uplink" \
    rx-flow-control=auto tx-flow-control=auto
/interface wireless
set [ find default-name=wlan1 ] band=5ghz-a/n/ac channel-width=\
    20/40/80mhz-Ceee country=germany disabled=no distance=indoors \
    installation=indoor mode=ap-bridge name="wlan1 - 5GHz" skip-dfs-channels=\
    all ssid=darkSTAR_5G wireless-protocol=802.11 wps-mode=\
    push-button-virtual-only
set [ find default-name=wlan2 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
    country=germany disabled=no distance=indoors frequency=2437 installation=\
    indoor mode=ap-bridge name="wlan2 - 2,4GHz" ssid=darkSTAR_2,4G \
    wireless-protocol=802.11 wps-mode=push-button-virtual-only
/interface l2tp-server
add name=VPN-IN user=bogus1
add name=VPN-IN_henny user=bogus2
add name=VPN-IN_l2s user=bogus3
/interface veth
add address=192.168.88.7/16 comment="Docker Container IF" gateway=\
    192.168.88.1 name=veth1
/interface vlan
add interface=WAN_PORT name="vlan7 - Stadtwerke" vlan-id=7
/interface pppoe-client
add add-default-route=yes disabled=no interface="vlan7 - Stadtwerke" max-mtu=\
    1480 name=Stadtwerke-Connect user=XXXXX
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys \
    supplicant-identity=MikroTik
add authentication-types=wpa2-psk,wpa2-eap mode=dynamic-keys name=guest \
    supplicant-identity=""
/interface wireless
add default-forwarding=no disabled=no mac-address=0A:55:31:E5:XX:XX \
    master-interface="wlan2 - 2,4GHz" name=2_4_guest security-profile=guest \
    ssid=darkGUEST wps-mode=disabled
add default-forwarding=no disabled=no mac-address=2E:C8:1B:03:XX:XX \
    master-interface="wlan1 - 5GHz" name=5_guest security-profile=guest ssid=\
    darkGUEST wds-default-bridge="bridge - LAB" wps-mode=disabled
/ip ipsec mode-config
add name=l2tp-VPN
add name=Surfshark responder=no src-address-list=onSurfshark \
    use-responder-dns=no
/ip ipsec policy group
add name=Surfshark
/ip ipsec profile
set [ find default=yes ] dpd-interval=20s enc-algorithm=aes-256,3des
add name=Surfshark
/ip ipsec peer
add address=de-fra.prod.surfshark.com comment="Base Surfeshark" disabled=yes \
    exchange-mode=ike2 name=Surfshark profile=Surfshark
add address=us-nyc.prod.surfshark.com disabled=yes exchange-mode=ike2 name=\
    Surfshark_2 profile=Surfshark
/ip ipsec proposal
set [ find default=yes ] disabled=yes
add enc-algorithms=aes-256-cbc,3des name=l2tp-vpn-proposal pfs-group=none
add name=Surfshark pfs-group=none
/ip pool
add comment="LAN / MAIN" name=default-dhcp ranges=\
    192.168.88.21-192.168.88.253
add name="dhcp - wrk" ranges=192.168.8.10-192.168.8.250
add comment="Lab Pool 1" name="dhcp - LAB" ranges=10.0.0.11-10.0.0.100
add comment="VOIP only" name="dhcp - VOIP" ranges=10.0.10.10-10.0.10.254
add name=DHCP_VPN-IN ranges=10.0.1.2-10.0.1.200
add name=dhcp_pool7 ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool="dhcp - wrk" interface="bridge - WRK" lease-time=2h name=\
    DHCP_WRK
add address-pool="dhcp - LAB" interface="bridge - LAB" lease-time=2h name=\
    DHCP_LAB
add address-pool="dhcp - VOIP" interface="bridge - VOIP" lease-time=2h name=\
    DHCP_VOIP
add address-pool=default-dhcp interface="bridge - LAN" lease-time=2h30m name=\
    DHCP_LAN
/port
set 0 name=serial0
set 1 name=serial1
/ppp profile
add bridge="bridge - LAN" interface-list=LAN local-address=192.168.88.1 name=\
    l2tp-vpn on-down=vpn_down on-up=vpn_up remote-address=DHCP_VPN-IN \
    use-encryption=required use-ipv6=no use-upnp=yes
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no in-filter-chain=ospf-in name=default-v2 out-filter-chain=\
    ospf-out
/routing ospf area
add disabled=no instance=default-v2 name=backbone-v2
/routing table
add fib name=""
/system logging action
set 3 remote=192.168.88.5
/interface bridge port
add bridge="bridge - VOIP" comment=defconf interface=ether3
add bridge="bridge - LAB" comment=defconf hw=no ingress-filtering=no \
    interface=ether5
add bridge="bridge - LAN" comment=defconf ingress-filtering=no interface=\
    ether8
add bridge="bridge - LAN" comment=defconf ingress-filtering=no interface=\
    ether10
add bridge="bridge - LAN" comment=defconf ingress-filtering=no interface=\
    "wlan1 - 5GHz"
add bridge="bridge - LAN" comment=defconf ingress-filtering=no interface=\
    "wlan2 - 2,4GHz"
add bridge="bridge - LAN" comment="Container for Adguard" interface=veth1
add bridge="bridge - WRK" comment="Work PC" interface=ether2
add bridge="bridge - WRK" interface=2_4_guest
add bridge="bridge - LAN" interface=ether9
add bridge="bridge - LAN" interface=ether6
add bridge="bridge - WRK" interface=5_guest
add bridge="bridge - LAB" interface=ether7
add bridge="bridge - LAN" interface=ether4
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ip settings
set icmp-rate-limit=50 max-neighbor-entries=8192 rp-filter=strict
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface detect-internet
set detect-interface-list=all wan-interface-list=WAN
/interface l2tp-server server
set allow-fast-path=yes authentication=mschap2 default-profile=l2tp-vpn \
    enabled=yes one-session-per-host=yes use-ipsec=required
/interface list member
add comment=defconf interface="bridge - LAN" list=LAN
add comment=defconf interface=WAN_PORT list=WAN
add interface=Stadtwerke-Connect list=WAN
add interface="bridge - WRK" list=LAN
add interface="bridge - LAB" list=LAN
add interface="bridge - VOIP" list=LAN
/interface ovpn-server server
set auth=sha1,md5
/interface wireguard peers
add allowed-address=10.8.8.8/24 disabled=yes public-key=\
    "xxxxxxxxx"
/ip address
add address=192.168.88.1/24 comment=defconf interface="bridge - LAN" network=\
    192.168.88.0
add address=192.168.8.1/24 interface="bridge - WRK" network=192.168.8.0
add address=10.0.0.1/16 comment="LAB Network" interface="bridge - LAB" \
    network=10.0.0.0
add address=10.0.10.1/24 comment="VOIP Prio" interface="bridge - VOIP" \
    network=10.0.10.0
add address=10.8.8.1/24 network=10.8.8.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add disabled=yes interface=WAN_PORT
/ip dhcp-relay
add dhcp-server=192.168.1.1 disabled=no interface=WAN_PORT name=\
    "pfSense - Relay"
/ip dhcp-server config
set store-leases-disk=never
/ip dhcp-server lease
add address=192.168.88.23 client-id=1:10:27:f5:8x:xx:x mac-address=\
    10:27:F5:83:xx:xx
add address=10.0.10.10 mac-address=58:9E:C6:33:xx:xx server=DHCP_VOIP
/ip dhcp-server network
add address=10.0.0.0/16 dns-server=10.0.0.1 gateway=10.0.0.1
add address=10.0.10.0/24 dns-server=10.0.10.1 gateway=10.0.10.1
add address=192.168.8.0/24 dns-server=192.168.8.1 gateway=192.168.8.1
add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=\
    192.168.88.1
/ip dns
set allow-remote-requests=yes max-concurrent-queries=500 \
    max-concurrent-tcp-sessions=40 servers=9.9.9.9 use-doh-server=\
    https://dns.quad9.net/dns-query verify-doh-cert=yes
/ip dns static
add address=192.168.88.1 comment=defconf name=darkSTAR
add address=192.168.88.2 name=darkSTAR2
add address=192.168.88.3 name=darkSTAR3
add address=192.168.88.5 name=MediaDR
add address=192.168.88.7 name=adguard.local
add address=192.168.88.8 name=darkNAS
add address=10.0.10.10 name=darkSIP
/ip firewall address-list
add address=192.168.88.252 list=local
add address=192.168.88.252 list=Only_TC
add address=216.218.0.0/16 list=blocked_hosts
add address=146.88.240.0/24 comment="Netscout/Arbor Networks" list=\
    blocked_hosts
add address=74.82.47.0/24 comment="Shadow Server Foundation" list=\
    blocked_hosts
add address=65.49.20.0/24 comment="Shadow Server" list=blocked_hosts
add address=184.105.0.0/16 list=blocked_hosts
add address=64.62.197.0/24 list=blocked_hosts
add address=27.115.124.0/24 list=blocked_hosts
add address=47.242.35.0/24 list=blocked_hosts
add address=45.93.105.0/24 list=blocked_hosts
add address=5.63.60.0/24 list=blocked_hosts
add address=164.52.24.0/24 list=blocked_hosts
add address=45.33.44.0/24 list=blocked_hosts
add address=45.137.23.0/24 list=blocked_hosts
add address=45.83.66.0/24 list=blocked_hosts
add address=192.168.8.0/24 disabled=yes list=onSurfshark
add address=10.0.10.0/24 disabled=yes list=onSurfshark
add address=192.168.88.0/24 disabled=yes list=onSurfshark
add address=45.79.225.150 comment=Linode list=blocked_hosts
add address=170.106.115.0/24 list=blocked_hosts
add address=192.241.222.0/24 list=blocked_hosts
add address=192.241.216.0/24 list=blocked_hosts
add address=192.241.192.0/19 comment="Digital Ocean" list=blocked_hosts
add address=104.237.158.0/24 list=blocked_hosts
/ip firewall filter
add action=drop chain=forward comment="Drop all traffic to-from addresses on \
    \\\"CountryIPBlocks\\\" address list" dst-address-list=CountryIPBlocks \
    log-prefix="Country BLOCKLIST"
add action=drop chain=forward comment=SeparateNWs dst-address=192.168.88.0/24 \
    src-address=192.168.8.0/24
add action=drop chain=forward comment=SeparateNWs dst-address=192.168.8.0/24 \
    src-address=192.168.88.0/24
# VPN-IN_henny not ready
add action=drop chain=forward comment="Henny VPN Block / only NAS" \
    dst-address=!192.168.88.8 in-interface=VPN-IN_henny
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="BLOCKED HOSTS" dst-address-list=\
    blocked_hosts log-prefix="BLOCKED HOSTS"
add action=drop chain=input src-address-list=blocked_hosts
add action=accept chain=input comment="Allow L2PT" dst-port=500,1701,4500 \
    in-interface=Stadtwerke-Connect protocol=udp src-address-list=\
    !blocked_hosts
add action=accept chain=input in-interface=Stadtwerke-Connect protocol=\
    ipsec-esp
add action=accept chain=input in-interface=Stadtwerke-Connect protocol=\
    ipsec-ah
add action=accept chain=input comment="Allow Wireguard" dst-port=13231 \
    protocol=udp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    in-interface-list=!LAN log-prefix=FIREWALL
add action=drop chain=input comment="drop remote / external dns queries" \
    in-interface=Stadtwerke-Connect log=yes log-prefix="EXTERNAL DNS QUERY" \
    protocol=udp src-port=53
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
    "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
    ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
    ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment=\
    "defconf: fasttrack - Modified Surfshark" connection-mark=\
    !under_surfshark connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface-list=WAN
add action=drop chain=forward comment=\
    "Drop invalid connections through router" connection-state=invalid
/ip firewall mangle
add action=mark-connection chain=prerouting comment="Surfshark Route Marking" \
    log-prefix=VPN_FIREWALL new-connection-mark=under_surfshark passthrough=\
    yes src-address-list=onSurfshark
add action=change-mss chain=forward comment="Surfshark MSS Config" \
    connection-mark=under_surfshark new-mss=1360 passthrough=yes protocol=tcp \
    tcp-flags=syn tcp-mss=!0-1360
add action=mark-connection chain=prerouting in-interface="bridge - VOIP" \
    new-connection-mark="VOIP - CON" passthrough=yes
add action=mark-packet chain=prerouting in-interface="bridge - VOIP" \
    new-packet-mark="VOIP - PKG" passthrough=yes
add action=mark-packet chain=prerouting dst-port=80,443,8080 new-packet-mark=\
    surfing passthrough=yes protocol=tcp
/ip firewall nat
add action=redirect chain=dstnat comment="to proxy redirect" dst-address=\
    !192.168.88.0/24 dst-port=80 protocol=tcp to-ports=8080
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    ipsec-policy=out,none out-interface=Stadtwerke-Connect
add action=dst-nat chain=dstnat comment="Plex port forwarding" dst-port=32400 \
    in-interface=Stadtwerke-Connect protocol=tcp to-addresses=192.168.88.8
/ip firewall service-port
set sip sip-timeout=10m
/ip ipsec identity
add auth-method=eap certificate=surfshark_ikev2.crt_0 comment=\
    "SURFSHARK Frankfurt" disabled=yes eap-methods=eap-mschapv2 \
    generate-policy=port-strict mode-config=Surfshark peer=Surfshark \
    policy-template-group=Surfshark username=xxxxxxx
add auth-method=eap certificate=surfshark_ikev2.crt_0 comment=SURFSHARK \
    disabled=yes eap-methods=eap-mschapv2 generate-policy=port-strict \
    mode-config=Surfshark peer=Surfshark_2 policy-template-group=Surfshark \
    username=xxxxxxx
/ip ipsec policy
set 0 comment="Needed vor l2tp-in" dst-address=0.0.0.0/0 proposal=\
    l2tp-vpn-proposal src-address=0.0.0.0/0
add dst-address=0.0.0.0/0 group=Surfshark proposal=Surfshark src-address=\
    0.0.0.0/0 template=yes
/ip proxy
set cache-administrator=xxxxm enabled=yes max-cache-object-size=\
    10000KiB max-cache-size=200000KiB parent-proxy=0.0.0.0 src-address=\
    0.0.0.0
/ip proxy access
add dst-address=192.168.88.0/24 dst-port=80
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=192.168.88.0/24,10.0.0.0/16
set ssh address=192.168.88.0/24,10.0.0.0/16
set www-ssl address=192.168.88.0/24 certificate=Webfig disabled=no
set api address=192.168.88.0/24
set winbox address=192.168.88.0/24,10.0.0.0/16
set api-ssl address=192.168.88.0/24
/ip ssh
set strong-crypto=yes
/ip traffic-flow
set cache-entries=8k
/ip traffic-flow ipfix
set nat-events=yes
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=ether2 type=internal
add interface=ether3 type=internal
add interface=ether4 type=internal
add interface=ether5 type=internal
add interface=ether6 type=internal
add interface=ether7 type=internal
add interface=ether8 type=internal
add interface=ether9 type=internal
add interface=ether10 type=internal
add interface="wlan1 - 5GHz" type=internal
add interface="wlan2 - 2,4GHz" type=internal
add interface=OPNsense_IN type=internal
add disabled=yes interface=Stadtwerke-Connect type=external
add disabled=yes interface=WAN_PORT type=external
/ipv6 firewall address-list
add address=::/128 comment="defconf: unspecified address" list=bad_ipv6
add address=::1/128 comment="defconf: lo" list=bad_ipv6
add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6
add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6
add address=100::/64 comment="defconf: discard only " list=bad_ipv6
add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6
add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6
add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6
add address=::224.0.0.0/100 comment="defconf: other" list=bad_ipv6
add address=::127.0.0.0/104 comment="defconf: other" list=bad_ipv6
add address=::/104 comment="defconf: other" list=bad_ipv6
add address=::255.0.0.0/104 comment="defconf: other" list=bad_ipv6
/ipv6 firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMPv6" protocol=\
    icmpv6
add action=accept chain=input comment="defconf: accept UDP traceroute" port=\
    33434-33534 protocol=udp
add action=accept chain=input comment=\
    "defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=\
    udp src-address=fe80::/10
add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 \
    protocol=udp
add action=accept chain=input comment="defconf: accept ipsec AH" protocol=\
    ipsec-ah
add action=accept chain=input comment="defconf: accept ipsec ESP" protocol=\
    ipsec-esp
add action=accept chain=input comment=\
    "defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=input comment=\
    "defconf: drop everything else not coming from LAN" in-interface-list=\
    !LAN
add action=accept chain=forward comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6
add action=drop chain=forward comment=\
    "defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" \
    hop-limit=equal:1 protocol=icmpv6
add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=\
    icmpv6
add action=accept chain=forward comment="defconf: accept HIP" protocol=139
add action=accept chain=forward comment="defconf: accept IKE" dst-port=\
    500,4500 protocol=udp
add action=accept chain=forward comment="defconf: accept ipsec AH" protocol=\
    ipsec-ah
add action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=\
    ipsec-esp
add action=accept chain=forward comment=\
    "defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=forward comment=\
    "defconf: drop everything else not coming from LAN" in-interface-list=\
    !LAN
/ipv6 firewall nat
add action=masquerade chain=srcnat out-interface=Stadtwerke-Connect
/ppp secret
add name=xxx profile=l2tp-vpn service=l2tp
add name=xxx profile=l2tp-vpn service=l2tp
add name=xxx profile=l2tp-vpn service=l2tp
/routing igmp-proxy
set quick-leave=yes
/routing igmp-proxy interface
add interface=VPN-IN upstream=yes
add interface="bridge - LAN"
/snmp
set enabled=yes trap-target=192.168.88.5 trap-version=3
/system clock
set time-zone-name=Europe/Berlin
/system identity
set name=darkStar1
/system leds
set 0 disabled=yes interface=Stadtwerke-Connect type=interface-status
add disabled=yes interface="wlan1 - 5GHz" leds="" type=interface-activity
add disabled=yes interface="wlan2 - 2,4GHz" leds="" type=interface-activity
/system logging
set 1 topics=error,!dns
set 3 action=memory
add topics=firewall
add disabled=yes topics=pppoe
add disabled=yes topics=upnp
add action=remote topics=info,firewall,l2tp,critical,error,event,ipsec,pppoe
/system ntp client
set enabled=yes
/system ntp client servers
add address=213.209.109.44
add address=217.14.146.53
add address=85.10.240.253
/system resource irq rps
set OPNsense_IN disabled=no
/system routerboard settings
set auto-upgrade=yes
/system routerboard reset-button
set enabled=yes on-event=start_pc
/tool bandwidth-server
set authenticate=no max-sessions=10
/tool graphing
set store-every=24hours
/tool graphing interface
add interface=Stadtwerke-Connect
add interface="bridge - LAN" store-on-disk=no
add interface=ether10 store-on-disk=no
add interface="bridge - WRK" store-on-disk=no
add interface="bridge - VOIP" store-on-disk=no
add interface="bridge - LAB" store-on-disk=no
/tool graphing resource
add
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool netwatch
add comment=darkNAS down-script=dn_down host=192.168.88.8 interval=5s \
    timeout=500ms up-script=dn_up
add comment=Switch down-script=sw_down host=192.168.88.2 interval=2s timeout=\
    250ms up-script=sw_up
add host=192.168.88.252 interval=15s timeout=500ms
add comment=darkSTAR3 host=192.168.88.3 interval=2s timeout=250ms
add comment=MediaDR host=192.168.88.5 interval=2s timeout=250ms
add down-script=ph_down host=192.168.88.6 interval=2s timeout=250ms \
    up-script=ph_up
/tool sniffer
set filter-interface=2_4_guest filter-mac-protocol=ip \
    filter-operator-between-entries=and memory-limit=1000KiB \
    streaming-enabled=yes streaming-server=192.168.88.252
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Missing ether7 / no DHCP active on Port

Thu Apr 28, 2022 12:50 am

/interface veth
add address=192.168.88.7/16

overlap with:

/ip pool
add comment="LAN / MAIN" name=default-dhcp ranges=192.168.88.21-192.168.88.253
add name="dhcp - wrk" ranges=192.168.8.10-192.168.8.250
add name=dhcp_pool7 ranges=192.168.88.10-192.168.88.254
/ppp profile
add bridge="bridge - LAN" interface-list=LAN local-address=192.168.88.1
/ip address
add address=192.168.88.1/24 comment=defconf interface="bridge - LAN" network=192.168.88.0
add address=192.168.8.1/24 interface="bridge - WRK" network=192.168.8.0



/ip address
add address=10.0.0.1/16 comment="LAB Network" interface="bridge - LAB" network=10.0.0.0

overlap with:

/ip pool
add comment="Lab Pool 1" name="dhcp - LAB" ranges=10.0.0.11-10.0.0.100
add comment="VOIP only" name="dhcp - VOIP" ranges=10.0.10.10-10.0.10.254
add name=DHCP_VPN-IN ranges=10.0.1.2-10.0.1.200
/ip address
add address=10.0.10.1/24 comment="VOIP Prio" interface="bridge - VOIP" network=10.0.10.0

/ip dhcp-server network
add address=10.0.0.0/16 dns-server=10.0.0.1 gateway=10.0.0.1
add address=10.0.10.0/24 dns-server=10.0.10.1 gateway=10.0.10.1
 
User avatar
drasir
just joined
Topic Author
Posts: 24
Joined: Sat Sep 11, 2021 4:48 pm

Re: Missing ether7 / no DHCP active on Port

Thu Apr 28, 2022 10:30 am

That is embarrising.. All of those netmasks should be /24's.
However, this wouldn't explain the missing port would it?
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Missing ether7 / no DHCP active on Port  [SOLVED]

Thu Apr 28, 2022 1:22 pm

Let me understand, "missing port" on export or inside winbox / print command?

Try paste this on terminal, and check if in export the port appear again:
/interface ethernet reset-mac-address [ find default-name=ether7 ]
/interface ethernet set [ find default-name=ether7 ] name=ether7-test comment="test"
/interface ethernet export
 
User avatar
drasir
just joined
Topic Author
Posts: 24
Joined: Sat Sep 11, 2021 4:48 pm

Re: Missing ether7 / no DHCP active on Port

Thu Apr 28, 2022 8:39 pm

Let me understand, "missing port" on export or inside winbox / print command?

Try paste this on terminal, and check if in export the port appear again:
/interface ethernet reset-mac-address [ find default-name=ether7 ]
/interface ethernet set [ find default-name=ether7 ] name=ether7-test comment="test"
/interface ethernet export
That totally did it. To be clear, port was only missing in export, but did show up in webfig, winbox and CLI with "/interface ethernet print"
Now it shows up in export and does lease from Bridge DHCP when connected.

Thank you very much!
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: Missing ether7 / no DHCP active on Port

Sat Apr 30, 2022 11:39 am

How can the port be missing from /interface ethernet print ?
Shouldn't it be there even with another name ?

Who is online

Users browsing this forum: No registered users and 66 guests