I have a very simple vlan setup that I wish to get running, but stumbled upon some very strange problem. I come from Cisco and Juniper world and cannot understand why this is not working:
Devices: 2x Mikrotik hap ac3 (HAP1, and HAP2)
Introduction: I have a MGMT vlan (vid 16), each device has IP address in this VLAN (10.9.6.253 and 10.9.6.254), and each device has one untagged port (ether2) in this vlan (vid16), I'm using VLAN filtering
Scenario:
1) from HAP1 (10.9.6.254) I run ping HAP2 (10.9.6.253) which is successful
2) I connect PC to HAP2-ether2 - from that moment the L3 connectivity between switches is lost, I'm still able to arping HAP1 from HAP2, I'm also able to ping HAP2 from PC but not HAP1
The problem doesn't exist when I connect my PC to HAP1-ether2
HAP1 config:
Code: Select all
/system identity
set name=HAP1
/interface vlan
add interface=vlanbridge name=CAPSMAN vlan-id=15
add interface=vlanbridge name=LAN_TRUSTED vlan-id=13
add interface=vlanbridge name=LAN_UNTRUSTED vlan-id=14
add interface=vlanbridge name=MGMT vlan-id=16
/interface bridge
add name=vlanbridge vlan-filtering=yes
/interface bridge port
add bridge=vlanbridge comment="Access LAN_TRUSTED" frame-types=admit-only-untagged-and-priority-tagged interface=ether3 pvid=13
add bridge=vlanbridge comment=TRUNK interface=ether5
add bridge=vlanbridge comment="Access MGMT" frame-types=admit-only-untagged-and-priority-tagged interface=ether2 pvid=16
/interface bridge vlan
add bridge=vlanbridge tagged=ether5,vlanbridge vlan-ids=13
add bridge=vlanbridge tagged=ether5,vlanbridge vlan-ids=14
add bridge=vlanbridge tagged=ether5,vlanbridge vlan-ids=15
add bridge=vlanbridge tagged=vlanbridge,ether5 vlan-ids=16
/ip address
add address=10.9.6.254/24 interface=MGMT network=10.9.6.0
add address=10.9.5.254/24 interface=CAPSMAN network=10.9.5.0
add address=10.9.4.254/24 interface=LAN_UNTRUSTED network=10.9.4.0
add address=10.9.3.254/24 interface=LAN_TRUSTED network=10.9.3.0
add address=10.9.2.254/24 interface=WIFI_UNTRUSTED network=10.9.2.0
add address=10.9.1.254/24 interface=WIFI_TRUSTED network=10.9.1.0
/ip firewall filter
add action=accept chain=forward
add action=accept chain=input
Code: Select all
/system identity
set name=HAP2
/interface vlan
add interface=vlanbridge name=CAPSMAN vlan-id=15
add interface=vlanbridge name=LAN_TRUSTED vlan-id=13
add interface=vlanbridge name=LAN_UNTRUSTED vlan-id=14
add interface=vlanbridge name=MGMT vlan-id=16
/interface bridge
add name=vlanbridge vlan-filtering=yes
/interface bridge port
add bridge=vlanbridge comment=TRUNK interface=ether1
add bridge=vlanbridge comment="Access LAN_TRUSTED" frame-types=admit-only-untagged-and-priority-tagged interface=ether3 pvid=13
add bridge=vlanbridge frame-types=admit-only-untagged-and-priority-tagged interface=ether2 pvid=16
/interface bridge vlan
add bridge=vlanbridge comment=LAN_TRUSTED tagged=ether1 vlan-ids=13
add bridge=vlanbridge comment=LAN_UNTRUSTED tagged=ether1 vlan-ids=14
add bridge=vlanbridge comment=CAPSMAN tagged=ether1,vlanbridge vlan-ids=15
add bridge=vlanbridge comment=MGMT tagged=ether1,vlanbridge vlan-ids=16
/ip address
add address=10.9.5.253/24 interface=CAPSMAN network=10.9.5.0
add address=10.9.6.253/24 interface=MGMT network=10.9.6.0
/ip address
add address=10.9.5.253/24 interface=CAPSMAN network=10.9.5.0
add address=10.9.6.253/24 interface=MGMT network=10.9.6.0
anyone knows what might be the reason of this behavior and how to fix it?
greetz,
rk4fg2
Indeed the configuration of HAP2 was restored from HAP1 backup. After resetting to factory defaults and setting everything up manually, everything started to work as expected.