Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

mikrotik problem

Posted on 2014-12-11
3
Medium Priority
?
621 Views
Last Modified: 2014-12-24
we are trying to create an eoip between 2 datacenters with given config below

problem is two mikrotik can ping each other with 1.1.1.1 and 1.1.1.3 but from the both network any machine can't get ip address from other sometimes, but sometimes it works :S how this should happen what is blocking them i could not understand

but while they can not get ip address from each side tcpdump -n -q shows that arp requests between networks still going on :S

# dec/11/2014 23:54:00 by RouterOS 6.0

/interface bridge
add name=Kopru protocol-mode=rstp
/interface ethernet
set 0 name=Lan
set 1 name=Wan
/interface eoip
add local-address=xx.xx.xx.22 mac-address=FE:14:B2:B8:92:DD name="EoIP - 1" remote-address=yy.yy.yy.6 tunnel-id=1
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m mac-cookie-timeout=3d
/port
set 0 name=serial0
set 1 name=serial1
/interface bridge port
add bridge=Kopru interface="EoIP - 1"
add bridge=Kopru interface=Lan
/interface bridge settings
set use-ip-firewall-for-vlan=yes
/ip address
add address=xx.xx.xx.22/27 comment="added by setup" interface=Wan network=xx.xx.xx.0
add address=1.1.1.3/24 interface=Kopru network=1.1.1.0
/ip firewall connection tracking
set enabled=no
/ip route
add comment="added by setup" distance=1 gateway=xx.xx.xx.1







# dec/11/2014 22:04:43 by RouterOS 6.0

/interface bridge
add name=Kopru protocol-mode=rstp
/interface ethernet
set 0 name=Lan
set 1 mac-address=00:50:56:31:A4:F0 name=Wan
/interface eoip
add local-address=yy.yy.yy.6 mac-address=02:A4:C8:60:CB:DA name="EoIP - 2" remote-address=xx.xx.xx.22 tunnel-id=1
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m mac-cookie-timeout=3d
/port
set 0 name=serial0
set 1 name=serial1
/interface bridge port
add bridge=Kopru interface="EoIP - 2"
add bridge=Kopru interface=Lan
/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-vlan=yes
/ip address
add address=yy.yy.yy.6/24 comment="added by setup" interface=Wan network=yy.yy.yy.0
add address=1.1.1.1/24 interface=Kopru network=1.1.1.0
/ip firewall connection tracking
set enabled=no
/ip route
add comment="added by setup" distance=1 gateway=yy.yy.yy.1

Open in new window

0
Comment
Question by:FireBall
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 11

Expert Comment

by:naderz
ID: 40497156
Have you compared notes with Mikrotik wiki? I see you are using firewall and routing settings; which shouldn't be necessary.

See below:
http://wiki.mikrotik.com/wiki/Manual:Interface/EoIP#Notes
0
 

Author Comment

by:FireBall
ID: 40497211
I have already read them as far as start to trying our networks are so complicated and big some professionals need to ask sth. if needed to resolve
0
 
LVL 11

Accepted Solution

by:
naderz earned 2000 total points
ID: 40497239
Have you tried below on both?

/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-vlan=no
0

Featured Post

Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question