Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




17 posts

Geek


# 179445 8-Sep-2015 23:53
Send private message

My Mikrotik RB2011U finally arrived for a home network configuration and I thought I'd throw it in and get it going before I had to be away with me. Unfortunately for around 4 hours now I've had absolutely no luck getting it to run.

I've attempted this configuration I found in a post:

 

open winbox and connect to the router
files backup
system reset configuration
interfaces --> plus button --> add vlan to ether1 - set tag to 10
ip - dhcp client - choose the default entry, change the interface to listen on your vlan
ip - firewall - nat - change the default entry to nat your vlan interface not ether1
ip - firewall - filter rules - as above. change every entry that is filtering eth1 to filter your new vlan

done

 

 

 

And I've attempted this also:

 

http://www.geekzone.co.nz/forums.asp?forumid=66&topicid=161676

With this I went and configured the DHCP Client to connect to the VLAN10; however whenever I did this (removing the previous DHCP Client) it changed the settings under internet to 'static'.

I left the DHCP Client on Ethernet1 and added one to the VLAN10 to no avail either.

I've also tried bridging the connections using this guide;

http://www.geekzone.co.nz/sbiddle/8744

To no avail here either.


Is there anyone out there that has a Mikrotik Router running on Orcon UFB able to lend me a hand to figure out how/where exactly I am going wrong here. 

 

I purchased this router as a learning experience (sorely needed networking experience needed) but I've outright hit a wall and have no clue which direction to turn any longer. I'd love quite simply get it up and running just so I can back up the settings then poke at it to my hearts content.

The general idea is I want to plug it into ETH1 and have it either Bridged or NAT (whichever work) to the remaining ports so I can have the several other devices connected to the network. It seemed like a simple task .. 

 

 

 

Any assistance would be hugely appreciated.

 

 

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3
2399 posts

Uber Geek

Trusted

  # 1382127 9-Sep-2015 00:19
Send private message

It seems you are doing it correctly.


Add a VLAN on Ethernet 1
--------------------------------
Interfaces.. Add New.. VLAN.
Name : VLAN10
VLAN ID: 10
Interface: Ether1

Set up DHCP Client on the New VLAN
---------------------------------------------
IP .. DHCP Client.. Add New
Interface: VLAN10


It should be connected now.. and if you go into IP Addresses you should see an Assigned Address

Make sure you have a DHCP Server on bridge-local  and you should get an internal ip address (can't remember if by default if already set up)

Then set up . IP , Firewall, NAT.

Chain: SRCNAT, Out Interface (VLAN10), Action, Masquerade




28439 posts

Uber Geek

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  # 1382151 9-Sep-2015 06:19
Send private message

My guide is for using a Mikrotik solely for VLAN tagging. It's of no use or no relevance for your setup which is to use the Mikrotik as a router.



 
 
 
 




17 posts

Geek


  # 1382163 9-Sep-2015 07:30
Send private message

LennonNZ: It seems you are doing it correctly.


Add a VLAN on Ethernet 1
--------------------------------
Interfaces.. Add New.. VLAN.
Name : VLAN10
VLAN ID: 10
Interface: Ether1

Set up DHCP Client on the New VLAN
---------------------------------------------
IP .. DHCP Client.. Add New
Interface: VLAN10


It should be connected now.. and if you go into IP Addresses you should see an Assigned Address

Make sure you have a DHCP Server on bridge-local  and you should get an internal ip address (can't remember if by default if already set up)

Then set up . IP , Firewall, NAT.

Chain: SRCNAT, Out Interface (VLAN10), Action, Masquerade





Thanks Lennon, I'll have a tool around with it some more in a couple days when I get back. It's really got me scratching my head but I may have screwed up the NAT settings.

With the DHCP Client is it applied to the Eth port or directly to the VLAN10 only? When I apply it to VLAN10 and remove it from the ETH and go to Quick Setup it's configured to 'Static' with a 0.0.0.0 address. Which is really throwing me and I'm wondering if that's what I'm doing wrong.


sbiddle: My guide is for using a Mikrotik solely for VLAN tagging. It's of no use or no relevance for your setup which is to use the Mikrotik as a router.




I appreciate that; I used it for the information on Vlan and people inevitably will link it. It is an excellent post.



8035 posts

Uber Geek

Trusted

  # 1385658 11-Sep-2015 13:42
Send private message

Complete123:

With the DHCP Client is it applied to the Eth port or directly to the VLAN10 only?



I think the interface for your dhcp client should be the vlan, so: lan/bridge >>  dhcp client >> vlan >> eth1



17 posts

Geek


  # 1387989 15-Sep-2015 16:59
Send private message

Ragnor:
Complete123:

With the DHCP Client is it applied to the Eth port or directly to the VLAN10 only?



I think the interface for your dhcp client should be the vlan, so: lan/bridge >>  dhcp client >> vlan >> eth1


Thanks Ragnor but the problem I have right now seems to be right at the start. Perhaps my understanding of the connection is wrong.

VLAN10 DHCP Client is what I need to connect to Orcon; so I create a VLAN10 connection in the RouterOS and attach it to the Ethernet1-Gateway.
By default it's created a bridge across the 2 switches Eth2-8 so I leave the bridge as is.
Create a DHCP-Client on EThernet1-Gateway (because if I don't it goes into static)
Create a DHCP-Client on VLAN10

At this point I'd expect to get a DHCP connection and IP. But when I check the connections, the ETH1 is 'Searching' and the Vlan10 is 'Requesting'. I never quite get a connection up. I can bridge the VLAN10 to the bridge and it should pass through all the traffic untagged. Which is what I want.

After this I can tinker with NAT and Bridging and everything but my problem is actually getting a connection to the Orcon network. It has rejected every attempt I've made to date. And I've read several pages on NAT and configuring VLAN10 routing all bridging etc. But for the life of me I can not get it to get an IP Address from the orcon connection.

There's plenty of great resources (like http://blog.butchevans.com/2010/02/to-tag-or-not-to-tag-that-is-the-question/ ) that give me everything I need to know AFTER I get a WAN connection. But I'll be DAMNED if I can figure out what I need to do to get the DHCP Client up and receiving packets. I'm clearly doing something wrong - I'm just not sure what.

1250 posts

Uber Geek


  # 1388034 15-Sep-2015 17:26
Send private message

Complete123:
Ragnor:
Complete123:

With the DHCP Client is it applied to the Eth port or directly to the VLAN10 only?



I think the interface for your dhcp client should be the vlan, so: lan/bridge >>  dhcp client >> vlan >> eth1


Thanks Ragnor but the problem I have right now seems to be right at the start. Perhaps my understanding of the connection is wrong.

VLAN10 DHCP Client is what I need to connect to Orcon; so I create a VLAN10 connection in the RouterOS and attach it to the Ethernet1-Gateway.
By default it's created a bridge across the 2 switches Eth2-8 so I leave the bridge as is.
Create a DHCP-Client on EThernet1-Gateway (because if I don't it goes into static)
Create a DHCP-Client on VLAN10

At this point I'd expect to get a DHCP connection and IP. But when I check the connections, the ETH1 is 'Searching' and the Vlan10 is 'Requesting'. I never quite get a connection up. I can bridge the VLAN10 to the bridge and it should pass through all the traffic untagged. Which is what I want.

After this I can tinker with NAT and Bridging and everything but my problem is actually getting a connection to the Orcon network. It has rejected every attempt I've made to date. And I've read several pages on NAT and configuring VLAN10 routing all bridging etc. But for the life of me I can not get it to get an IP Address from the orcon connection.

There's plenty of great resources (like http://blog.butchevans.com/2010/02/to-tag-or-not-to-tag-that-is-the-question/ ) that give me everything I need to know AFTER I get a WAN connection. But I'll be DAMNED if I can figure out what I need to do to get the DHCP Client up and receiving packets. I'm clearly doing something wrong - I'm just not sure what.


I'm a bit confused by your config.

Firstly vlan10 shouldn't be in the bridge - vlan10 is part of your WAN not LAN

Don't put the DHCP client on eth1 it needs to be on vlan10 - think of the eth1 as just a vehicle vlan10 now becomes your wan interface - that means in the firewall you need to change the drop rule to vlan10 and also masquerade rule also needs to be vlan10 not eth1.

 

1250 posts

Uber Geek


  # 1388041 15-Sep-2015 17:39
Send private message

There's more in this post - you can ignore the PPPoE stuff and replace that with DHCP client.

http://www.geekzone.co.nz/forums.asp?forumId=66&topicId=171257

If this is still no help I would suggest posting some screen shots of your config

 
 
 
 




17 posts

Geek


  # 1388053 15-Sep-2015 17:43
Send private message

 
I'm a bit confused by your config.

Firstly vlan10 shouldn't be in the bridge - vlan10 is part of your WAN not LAN

Don't put the DHCP client on eth1 it needs to be on vlan10 - think of the eth1 as just a vehicle vlan10 now becomes your wan interface - that means in the firewall you need to change the drop rule to vlan10 and also masquerade rule also needs to be vlan10 not eth1.

 



Mmm; it's gotten to the point I've confused myself. I'm a systems engineer not a network engineer so lets do it this way:

interface vlan add name=OrconVlan vlan-id=10 interface=ether1-gateway disabled=no
ip dhcp-client add interface=OrconVlan disabled=no
ip dhcp-client disable 0 <-------- this disables ETH1 Client, the result below I deleted the ETH1 client DHCP (oops)
ip dhcp-client print detail

Flags: X - disabled, I - invalid
0 interface=OrconVlan add-default-route=yes default-route-distance=1
use-peer-dns=yes use-peer-ntp=yes dhcp-options=hostname,clientid
status=requesting... dhcp-server=60.234.8.54


This is the first part of my problem. What am I doing wrong here?


I took a few quick screenshots that will explain my dilemma better. Here is a screenshot of removing the DHCP client from ETH1 and ONLY adding it to VLAN10. I haven't changed the QUICKSET on this config as I just reset the router but I went through all my options. I also tried BRIDGE but that didn't help much either. To fix the STATIC problem (change it to Automatic) it applies a DHCP Client on Ethernet1 which gets stuck on 'searching' and VLAN10 goes to 'Requesting'.

Any help at this point woould be HUGELY appreciated; I'm always up for learning something new.


Vlan10


Vlan10 (2)


8035 posts

Uber Geek

Trusted

  # 1388112 15-Sep-2015 19:31
Send private message

Does orcon still use DHCP option 82 on UFB? Wonder if it's something to do with that... but the ONT adds that iirc.



17 posts

Geek


  # 1388116 15-Sep-2015 19:41
Send private message

You've just stepped out of my comfort zone; not sure what Option 82 is (am reading about it now) but if you have any suggestions that'd be great. I just reconfigured the router with this config:

 

 

 

/system reset no-defaults=yes

/interface vlan add name=e10-v10-WAN interface=ether10 vlan-id=10 disabled=no
/interface bridge add name=br-lan
/interface ethernet set ether2,ether3,ether4,ether5 master-port=ether1
/interface ethernet set ether7,ether8,ether9 master-port=ether6
/interface bridge port add bridge=br-lan interface=ether1
/interface bridge port add bridge=br-lan interface=ether6
/interface bridge port add bridge=br-lan interface=wlan1
/ip dhcp-client add interface=e10-v10-WAN disabled=no
/ip address add address=192.168.1.1/24 interface=br-lan
/ip pool add name=lan ranges=192.168.1.100-192.168.1.254
/ip dhcp-server network add address=192.168.1.0/24 dns-server=8.8.8.8 gateway=192.168.1.1
/ip dhcp-server add address-pool=lan authoritative=yes disabled=no interface=br-lan lease-time=3d name=lan
/ip firewall nat add chain=srcnat action=masquerade src-address=192.168.1.0/24 out-interface=e10-v10-WAN

In a last ditch attempt to just get the connection up, but this gave me the same result. No IP Address. 

I'm likely moving house in a year; but this has really destroyed any option of going back to Orcon. I'm in a flat currently but I can say for certain that if I can't configure this I'll be looking at other providers. =(

8035 posts

Uber Geek

Trusted

  # 1388117 15-Sep-2015 19:45
Send private message

Hmm now you trying are using port 10 as your wan?



17 posts

Geek


  # 1388119 15-Sep-2015 19:48
Send private message

Ragnor: Hmm now you trying are using port 10 as your wan?


Haha, yes I did in that configuration. It has a GB and 10/100 switch. I figured if I was going to reset the router and configure it from scratch I was going to move it off the GB switch to the 10/100 to open up a free port. Why do things in halves; I also thought 'MAYBE' it was a fault with the port (I'm clutching at straws now). 

Edit: I had every intention of configuring it like this (been doing a lot of reading and had some assistance understanding what goes where; I'm currently reading up on the firewall interfaces) but for the purpose of trying to get some help I simplified it down as much as possible to the crux of the problem. You two are both clearly experienced so I just dumped what I have. =)

5614 posts

Uber Geek


  # 1388123 15-Sep-2015 19:56
Send private message

Can't offer much personally, but have you read this thread http://www.geekzone.co.nz/forums.asp?forumid=82&topicid=112729 ?

8035 posts

Uber Geek

Trusted

  # 1388153 15-Sep-2015 20:04
Send private message

Complete123: You two are both clearly experienced so I just dumped what I have. =)


I setup a RB2011 for work but it was on Voyager using PPPoE instead of DHCP.

I think the problem is just minor mistakes in the commands you're using.

Also isn't port 10 the PoE output port on  the RB2011 series? you probably don't want to use that as your WAN port.


8035 posts

Uber Geek

Trusted

  # 1388156 15-Sep-2015 20:12
Send private message

Here's where I think you need to be going (dhcp client on the vlan, no vlan in the bridge), example (port 1 for wan):

 

# vlan
/interface vlan add name=vlan1 vlan-id=10 interface=ether1
# dhcp client
/ip dhcp-client add interface=vlan1 disabled=no
# bridge
/interface bridge add name=bridge1
/interface bridge port add interface=ether2 bridge=bridge1
.. etc


 1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic



Switch your broadband provider now - compare prices


Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Intel introduces cryogenic control chip to enable quantum computers
Posted 10-Dec-2019 21:32


Vodafone 5G service live in four cities
Posted 10-Dec-2019 08:30


Samsung Galaxy Fold now available in New Zealand
Posted 6-Dec-2019 00:01


NZ company oDocs awarded US$ 100,000 Dubai World Expo grant
Posted 5-Dec-2019 16:00


New Zealand Rugby Selects AWS-Powered Analytics for Deeper Game Insights
Posted 5-Dec-2019 11:33


IMAGR and Farro bring checkout-less supermarket shopping to New Zealand
Posted 5-Dec-2019 09:07


Wellington Airport becomes first 5G connected airport in the country
Posted 3-Dec-2019 08:42


MetService secures Al Jazeera as a new weather client
Posted 28-Nov-2019 09:40


NZ a top 10 connected nation with stage one of ultra-fast broadband roll-out completed
Posted 24-Nov-2019 14:15


Microsoft Translator understands te reo Māori
Posted 22-Nov-2019 08:46


Chorus to launch Hyperfibre service
Posted 18-Nov-2019 15:00


Microsoft launches first Experience Center worldwide for Asia Pacific in Singapore
Posted 13-Nov-2019 13:08


Disney+ comes to LG Smart TVs
Posted 13-Nov-2019 12:55


Spark launches new wireless broadband "Unplan Metro"
Posted 11-Nov-2019 08:19


Malwarebytes overhauls flagship product with new UI, faster engine and lighter footprint
Posted 6-Nov-2019 11:48



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.