dhcp server can not run on slave interface mikrotik как исправить
Как настроить две подсети на одном физическом порте в mikrotik?
# DHCP server can not run on slave interface!
Видимо из-за этого не работает. Только не пойму почему. Воторой dhcp выделен красным(
вот мой конфиг:
/interface bridge
add admin-mac=E4:8D:8C:A1:88:ED auto-mac=no comment=defconf name=bridge
/interface ethernet
set [ find default-name=ether2 ] name=ether2-master
set [ find default-name=ether3 ] master-port=ether2-master
set [ find default-name=ether4 ] master-port=ether2-master
set [ find default-name=ether5 ] master-port=ether2-master
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-onlyn channel-width=20/40mhz-Ce \
country=russia2 disabled=no distance=indoors frequency=2427 mode=ap-bridge \
ssid=Alex1 wireless-protocol=802.11
/ip neighbor discovery
set ether1 discover=no
set bridge comment=defconf
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk group-ciphers=\
tkip,aes-ccm mode=dynamic-keys unicast-ciphers=tkip,aes-ccm \
wpa-pre-shared-key=CorteC2010 wpa2-pre-shared-key=CorteC2010
/ip pool
add name=dhcp ranges=192.168.1.10-192.168.1.254
add name=pool2 ranges=192.168.2.10-192.168.2.100
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
# DHCP server can not run on slave interface!
add address-pool=pool2 disabled=no interface=ether2-master name=server1
/interface bridge port
add bridge=bridge comment=defconf interface=ether2-master
add bridge=bridge comment=defconf interface=wlan1
/ip address
add address=192.168.1.1/24 comment=defconf interface=ether2-master network=\
192.168.1.0
add address=192.168.2.1/24 interface=ether2-master network=192.168.2.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.1.0/24 comment=defconf gateway=192.168.1.1 netmask=24
add address=192.168.2.0/24 gateway=192.168.2.1 netmask=24
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.1.1 name=router
/ip firewall filter
add action=accept chain=input comment=»defconf: accept ICMP» protocol=icmp
add action=accept chain=input comment=»defconf: accept established,related» \
connection-state=established,related
add action=drop chain=input comment=»defconf: drop all from WAN» in-interface=\
ether1
add action=fasttrack-connection chain=forward comment=»defconf: fasttrack» \
connection-state=established,related
add action=accept chain=forward comment=»defconf: accept established,related» \
connection-state=established,related
add action=drop chain=forward comment=»defconf: drop invalid» connection-state=\
invalid
add action=drop chain=forward comment=\
«defconf: drop all from WAN not DSTNATed» connection-nat-state=!dstnat \
connection-state=new in-interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat comment=»defconf: masquerade» out-interface=\
ether1
/system clock
set time-zone-name=Asia/Krasnoyarsk
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=bridge
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=bridge
Dhcp server can not run on slave interface mikrotik как исправить
Wed Jun 24, 2020 4:12 pm
Wed Jun 24, 2020 4:34 pm
Wed Jun 24, 2020 4:42 pm
Look in your «bridge» configuration, to the «ports» tab.
Ether1 is typically not part of the bridge, as it is by default assigned as a WAN standalone interface.
Ether2 and up are by default switched LAN interfaces, and are all connected to the bridge. (One port each).
If you you want to use ether3 as a standalone interface with its own DHCP IP address, remove it from the port (delete the port). It will then be a routed interface.
If you would like to have the DHCP client IP address on all interfaces defined as ports on the bridge, then the DHCP client should be on the bridge. (the interfaces connected to ports on the bridge cannot have IP configurations)
Wed Jun 24, 2020 5:07 pm
I have removed the bridge 2 from ether3 and I got it working.
so how can I get to access to the device from the PC network. ip/firewall or ip/route
This is remote support, can’t get to them.
Wed Jun 24, 2020 6:21 pm
I have removed the bridge 2 from ether3 and I got it working.
so how can I get to access to the device from the PC network. ip/firewall or ip/route
This is remote support, can’t get to them.
Your Mikrotik is a router with multiple IP addresses. Most services on this Mikrotik are accessible through all the IP addresses of the router.
The Mikrotik will route traffic between 2 interfaces with different subnets. EG. 192.168.0.1/24 and 192.168.1.1/24 are the IP addresses. Devices in both subnets will find each other if the 2 interfaces of the Mikrotik are in the LAN interface list. (Routing is by default, and the «LAN interface list» allows connection in the firewall by default)
Wed Jun 24, 2020 6:25 pm
I have removed the bridge 2 from ether3 and I got it working.
so how can I get to access to the device from the PC network. ip/firewall or ip/route
This is remote support, can’t get to them.
Your Mikrotik is a router with multiple IP addresses. Most services on this Mikrotik are accessible through all the IP addresses of the router.
The Mikrotik will route traffic between 2 interfaces with different subnets. EG. 192.168.0.1/24 and 192.168.1.1/24 are the IP addresses. Devices in both subnets will find each other if the 2 interfaces of the Mikrotik are in the LAN interface list. (Routing is by default, and the «LAN interface list» allows connection in the firewall by default). Devices must have the router IP address in their own subnet as «gateway» for subnet interconnection.
Wed Jun 24, 2020 9:21 pm
Wed Jun 24, 2020 10:14 pm
See what IP address is assigned to the Mikrotik ether3 interface. If none is assigned then just give it 192.168.0.2 static.
Now you cannot communicate from the other side of the Mikrotik with that wireless device, because that device is not using the Mikrotik as gateway.
But there are a few ways out, as the Mikrotik can communicate with the device. (they are in the same subnet, no gateway involved)
— You could use Telnet or SSH by using the Telnet tool in the Mikrotik.
— You could set up the web-proxy in the Mikrotik, and define the Mikrotik 192.168.1.1 as proxy server in your PC browser
— After setting up the web-proxy. You could redirect HTTP traffic to the web-proxy port 8080 in the Mikrotik NAT rules. (avoiding the need to define the web proxy in the PC browser)
— You could try proxy-arp in the Mikrotik
Or even just differently. Bridge the interface of the PC with ether3. Now the PC is in the same network as the device. Give or obtain an IP address in the 192.168.0.0/24 range in the PC.
The PC can now communicate with the device as if it was directly connected to the device.
Changing the IP address of the PC will disrupt all other PC connections (so if you are handling this remotely you will loose contact to that PC)
Illustration of the web-proxy + redirect, so you can browse to the device directly connected to the Mikrotik. (I changed my subnet 87 to yours)
Dhcp server can not run on slave interface mikrotik как исправить
Fri Aug 11, 2017 11:45 pm
I noticed an error «cannot run DHCP server on slave interface».
In my case, DHCP server should run on VLAN interface, which is part of a bridge «trunk».
It seems that similar VLAN interfaces appear differently:
Re: DHCP server on slave interface
Fri Aug 11, 2017 11:58 pm
You cannot put an ip address on a slave port.
Secondly, your vlan interface has to be bound to a bridge (such as bridge-blan102) to show as slaved.
Sent from Tapatalk
Re: DHCP server on slave interface
Sat Aug 12, 2017 12:41 am
Edit: not can you put a dhcp server.
Sent from Tapatalk
Re: DHCP server on slave interface
Mon Aug 14, 2017 1:40 pm
Edit: not can you put a dhcp server.
Sent from Tapatalk
Re: DHCP server on slave interface
Mon Aug 14, 2017 1:43 pm
Ya, my mistake. I didn’t see that vlan101 is a bridge port. That is strange.
Sent from Tapatalk
Re: DHCP server on slave interface
Mon Aug 14, 2017 2:13 pm
Re: DHCP server on slave interface
Sat Aug 19, 2017 3:53 pm
Re: DHCP server on slave interface
Sat Aug 19, 2017 9:32 pm
Because vlan101 is not part of any bridge. while vlan102 is, although there aren’t any other interfaces in that bridge.
What’s the point of bridge-vlan102? No other ports but vlan102 on it. I’d remove that bridge, and run DHCP server directly on vlan102.
Dhcp server can not run on slave interface mikrotik как исправить
DHCP server cannot run on slave interface
DHCP server cannot run on slave interface
Fri Aug 31, 2018 10:59 pm
Re: DHCP server cannot run on slave interface
Sat Sep 01, 2018 12:51 am
Re: DHCP server cannot run on slave interface
Sat Sep 01, 2018 2:00 am
what you expecting, to run dhcp-server on interfaces who is in the bridge? ncncnc
If both SSIDs are good quality signal, most modern devices choose 5GHz for the speed.
viewtopic.php?f=7&t=176537
!) Safe Mode is your friend;
Re: DHCP server cannot run on slave interface
Mon Sep 10, 2018 1:42 pm
what you expecting, to run dhcp-server on interfaces who is in the bridge? ncncnc
Re: DHCP server cannot run on slave interface
Mon Sep 10, 2018 3:20 pm
This doesn’t make much sense to me. You want to have clients separated but not separated? What do you want to achieve by using separate IP pools from same subnet on different radios?
If the whole exercise is to avoid CPU when communications between clients: it somehow seems that Mikrotik is moving towards software-only bridges so all of the traffic hits CPU one way or another. Besides, all traffic to and from radio is handled by CPU anyway, no HW offload is possible here.
Re: DHCP server cannot run on slave interface
Mon Sep 10, 2018 3:57 pm
Re: DHCP server cannot run on slave interface
Mon Sep 10, 2018 3:58 pm
20%. It’s therefore I want everyting in a single LAN segment.
Re: DHCP server cannot run on slave interface
Mon Sep 10, 2018 4:22 pm
I don’t think it’s doable in the way you imagined to do it. Thing is that there can only be one DHCP server in single L2 domain (there can be more than one but they need to be synchronized one way or another). But you can’t divide your WiFi network to two L2 domains because you want to have single subnet because of broadcast/multicast constrains.
DHCP server on ROS can not be configured to assign IP address from different pools depending on interface which brings in the DHCP request. This might be doable if using RADIUS server, but that might be overkill in your case.
Re: DHCP server cannot run on slave interface
Mon Sep 10, 2018 4:46 pm
I don’t think it’s doable in the way you imagined to do it. Thing is that there can only be one DHCP server in single L2 domain (there can be more than one but they need to be synchronized one way or another). But you can’t divide your WiFi network to two L2 domains because you want to have single subnet because of broadcast/multicast constrains.
DHCP server on ROS can not be configured to assign IP address from different pools depending on interface which brings in the DHCP request. This might be doable if using RADIUS server, but that might be overkill in your case.
Dhcp server can not run on slave interface mikrotik как исправить
Бесплатный чек-лист
по настройке RouterOS
на 28 пунктов
Проблема с DHCP при настройке Virtual AP
Правила форума
Как правильно оформить вопрос.
Прежде чем начать настройку роутера, представьте, как это работает. Попробуйте почитать статьи об устройстве интернет-сетей. Убедитесь, что всё, что Вы задумали выполнимо вообще и на данном оборудовании в частности.
Не нужно изначально строить Наполеоновских планов. Попробуйте настроить простейшую конфигурацию, а усложнения добавлять в случае успеха постепенно.
Пожалуйста, не игнорируйте правила русского языка. Отсутствие знаков препинания и неграмотность автора топика для многих гуру достаточный повод проигнорировать топик вообще.
1. Назовите технологию подключения (динамический DHCP, L2TP, PPTP или что-то иное)
2. Изучите темку «Действия до настройки роутера».
viewtopic.php?f=15&t=2083
3. Настройте согласно выбранного Вами мануала
4. Дочитайте мануал до конца и без пропусков, в 70% случаев люди просто не до конца читают статью и пропускают важные моменты.
5. Если не получается, в Winbox открываем терминал и вбиваем там /export hide-sensitive. Результат в топик под кат, интимные подробности типа личных IP изменить на другие, пароль забить звездочками.
6. Нарисуйте Вашу сеть, рисунок (схему) сюда. На словах может быть одно, в действительности другое.
add mtu=1500 name=bridge1 protocol-mode=none
set [ find default-name=wlan1 ] band=2ghz-b/g/n disabled=no distance=indoors \
frequency=2422 l2mtu=2290 mode=ap-bridge periodic-calibration=enabled \
periodic-calibration-interval=10 ssid=******* wireless-protocol=802.11
add add-default-route=yes disabled=no interface=ether1 max-mru=1480 max-mtu=\
1480 name=pppoe-out1 password=******* use-peer-dns=yes user=*********
/ip neighbor discovery
set wlan1 discover=no
set pppoe-out1 discover=no
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods=»» \
group-ciphers=tkip,aes-ccm mode=dynamic-keys unicast-ciphers=tkip,aes-ccm \
wpa-pre-shared-key=******** wpa2-pre-shared-key=*********
add authentication-types=wpa2-psk eap-methods=»» management-protection=\
allowed mode=dynamic-keys name=wifi-vip supplicant-identity=»» \
wpa2-pre-shared-key=**********
add disabled=no l2mtu=2290 mac-address=4E:5E:0C:34:2F:73 master-interface=\
wlan1 name=wlan2 security-profile=wifi-vip ssid=*******-VIP \
wds-cost-range=0 wds-default-cost=0
set [ find default=yes ] enc-algorithms=3des
add name=dhcp ranges=192.168.0.36-192.168.0.150
add name=vip-pool ranges=192.168.13.5-192.168.13.75
add address-pool=dhcp disabled=no interface=bridge1 lease-time=1h name=dhcp1
# DHCP server can not run on slave interface!
add address-pool=vip-pool disabled=no interface=wlan2 lease-time=3d name=\
vip-pool
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
/interface bridge port
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=wlan2
add address=192.168.0.1/24 interface=bridge1 network=192.168.0.0
add address=192.168.13.1/24 interface=wlan2 network=192.168.13.0
/ip dhcp-server network
add address=192.168.0.0/24 dns-server=192.168.0.1,8.8.8.8 gateway=192.168.0.1 \
netmask=24
add address=192.168.13.0/24 dns-server=192.168.13.1,8.8.8.8 gateway=\
192.168.13.1 netmask=24
set allow-remote-requests=yes servers=87.249.224.1,92.61.16.1
/ip firewall address-list
add address=192.168.13.0/24 comment=VIP-Users list=VIP
add address=192.168.0.0/24 comment=Bidlo list=Holops
add action=masquerade chain=srcnat src-address=192.168.0.0/24
add action=masquerade chain=srcnat src-address=192.168.13.0/24
add action=netmap chain=dstnat comment=Cam1 dst-port=48006 in-interface=\
pppoe-out1 protocol=tcp to-addresses=192.168.0.20 to-ports=48006
add action=netmap chain=dstnat comment=Cam2 dst-port=48005 in-interface=\
pppoe-out1 protocol=tcp to-addresses=192.168.0.21 to-ports=48005
add action=netmap chain=dstnat dst-port=554 in-interface=pppoe-out1 protocol=\
tcp to-addresses=192.168.0.20 to-ports=554
add action=netmap chain=dstnat dst-port=555 in-interface=pppoe-out1 protocol=\
tcp to-addresses=192.168.0.21 to-ports=554
set cache-path=web-proxy1 parent-proxy=0.0.0.0
set allow-disable-external-interface=yes enabled=yes
/ip upnp interfaces
add interface=bridge1 type=internal
add interface=pppoe-out1 type=external
set time-zone-autodetect=no time-zone-name=Europe/Samara
/system clock manual
set 0 interface=wlan1
set enabled=yes primary-ntp=94.242.49.220 secondary-ntp=95.140.150.140