Community discussions

MikroTik App
 
rodrigolnl
just joined
Topic Author
Posts: 15
Joined: Sat Mar 25, 2023 4:02 pm

Can't ping between subnets on the same bridge

Sat Mar 25, 2023 6:07 pm

Hello guys, I made an account here because I tried everything and looked everywhere but nothing worked for me.

First, I'm quite a noob with network and english is not my first language, so please forgive me for any mistake on this post.

The scenario:
I have a bridge interface between two ports, ether2 and ether3 (ether1 is the connection to the internet).
This bridge has 4 subnet's, Subnet A 10.0.0.0/26, Subnet B 10.0.0.64/26, Subnet C 10.0.0.128/26, and Subnet D 10.0.0.192/26.
The Firewall has all the defaults settings plus a few rules to drop packets like this:
  • drop A -> B
  • drop B -> A
  • drop A -> D
  • drop D -> A
  • drop B -> D
And has the rules to allow like that:
  • allow A -> C
  • allow C -> A

In terms of static routes, the default is applied, meaning:
  • dst address: 10.0.0.0/26 | | gateway:bridge | | pref source: 10.0.0.1
  • dst address: 10.0.0.64/26 | | gateway:bridge | | pref source: 10.0.0.65
  • dst address: 10.0.0.128/26 | | gateway:bridge | | pref source: 10.0.0.129
  • dst address: 10.0.0.192/26 | | gateway:bridge | | pref source: 10.0.0.193
Plus I added, just to be sure:
  • dst address: 10.0.0.0/26 | | gateway:bridge
  • dst address: 10.0.0.128/26 | | gateway:bridge

The problem:
For some reason, I can't get to ping from a host on A to C or C to A, however I can ping from A to 10.0.0.64(gateway) and I from C to 10.0.0.0(gateway), what should I do to be able to ping from A to C and vice versa?

*I feel like is important to mention that all subnets have access to the internet and that access is working properly, and when I try to ping from A to C the rule on the firewall to allow the packets to go to C is incremented.

Who is online

Users browsing this forum: Ahrefs [Bot], Google [Bot], GoogleOther [Bot], rplant, Shylie and 85 guests