Community discussions

MikroTik App
 
Mechaick
just joined
Topic Author
Posts: 13
Joined: Wed Mar 09, 2022 5:55 pm

Mesh Network and Ip adresses

Fri Jan 27, 2023 2:47 pm

Hello, I have an issue that I would like to share with you.
I have set up a Mesh network using multiple groove 52HPacn antennas. One of them is being used as a relay between the mesh network [172.19.1.0] and an other managed network [192.168.88.0]
Currently I'm using winbox and the mac adress to set the antenna while connected to the second network.
I tried to set an ip to both interfaces of my antenna but I cannot ping them from my computer and I cannot ping the computer from the antenna.

Even if the whole network is working well, I would need to be able to ssh on the antenna to retrieve some data to do some network analysis. If you have an other way of doing that I would like to hear of.
Else I would like to know what is wrong in my configuration so I cannot ping the antenna. As far as I guess, the mesh protocol being ISO layer 2, there is no IP protocol implemented.

Here is the dump of my config :
# jun/02/1970 05:07:28 by RouterOS 6.47.9
# software id = HK40-GL96
#
# model = RBGrooveGA-52HPacn
# serial number = A3F20E784474
/interface mesh
add hwmp-rann-propagation-delay=5 mesh-portal=yes name=mesh
/interface wireless
set [ find default-name=wlan1 ] band=5ghz-a/n channel-width=20/40mhz-XX country=luxembourg disabled=no frequency=5510 installation=outdoor mode=ap-bridge ssid=leo_mesh wds-default-bridge=mesh wds-mode=dynamic-mesh
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=ether1 list=LAN
add comment=defconf interface=wlan1 list=WAN
/interface mesh port
add interface=ether1 mesh=mesh
add interface=wlan1 mesh=mesh
/ip address
add address=192.168.88.248 comment=defconf interface=ether1 network=192.168.88.248
add address=172.19.1.99 interface=wlan1 network=172.19.1.0
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
/ip route
add distance=1 dst-address=172.19.1.0/24 gateway=wlan1
add distance=1 dst-address=192.168.88.0/24 gateway=ether1
/ip ssh
set allow-none-crypto=yes forwarding-enabled=both
/system logging
add action=disk
/system script
add dont-require-permissions=yes name=NetWatchBoot-172.19.1.100 owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":if ([/ping 172.19.1.100 interval=10 count=60] =0) do={\r\
    \n/system reboot\r\
    \n}\r\
    \n"
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool netwatch
add down-script="log info \"Netwatch missed a ping to 192.168.88.100 - starting 5 minute timeout script\" ; /system script run NetWatchBoot-172.19.1.100\r\
    \n" host=172.19.1.100
Thank you a lot for your attention
 
Mechaick
just joined
Topic Author
Posts: 13
Joined: Wed Mar 09, 2022 5:55 pm

Re: Mesh Network and Ip adresses

Thu Feb 02, 2023 3:34 pm

I just up this message, it's really an important issue we have here and I couldn't find any solution, would any one have a clue ?

Best
 
Mechaick
just joined
Topic Author
Posts: 13
Joined: Wed Mar 09, 2022 5:55 pm

Re: Mesh Network and Ip adresses

Tue Mar 07, 2023 12:26 pm

Hello again.

Can anyone give a look to my issue ? It do not seems to be that complicated, however I can't find it.

Thank you a lot,
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: Mesh Network and Ip adresses

Tue Mar 07, 2023 8:20 pm

What if you drop the routes and use standard /ip address add address=<address>/<mask>? I don't remember if what you have now is supposed to work.
 
Mechaick
just joined
Topic Author
Posts: 13
Joined: Wed Mar 09, 2022 5:55 pm

Re: Mesh Network and Ip adresses

Fri Mar 10, 2023 2:22 pm

Sorry for the late reply,

May you explain me how to drop these routes ? I'm not sure how to remove them.
I tried disabling them but there are only two of them that are static that I can disable.

Here are my ip route print :
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 X S  172.19.1.0/24                      wlan1                     1
 1 ADC  172.19.1.0/32      172.19.1.99     mesh                      0
 2 X S  192.168.88.0/24                    ether1                    1
 3 ADC  192.168.88.247/32  192.168.88.247  mesh                      0
 4 ADC  192.168.88.248/32  192.168.88.248  mesh                      0
For setting the IP, normally I already have set them up, here is what ip adress print gives me:
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE                                                                                                                                                                                                          
 0   ;;; defconf
     192.168.88.248/32  192.168.88.248  ether1                                                                                                                                                                                                             
 1   172.19.1.99/32     172.19.1.0      wlan1                                                                                                                                                                                                              
 2   192.168.88.247/32  192.168.88.247  mesh   
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3169
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: Mesh Network and Ip adresses

Sat Mar 11, 2023 9:44 pm

You can enable RoMON on them. If everything else is working, other than that, that might be easier.

Not as familiar with specific of HWMP, but if the winbox traffic is flowing the WAN side, the winbox port be blocked by the firewall.

Who is online

Users browsing this forum: No registered users and 19 guests