Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

mikrotik problem

Posted on 2014-12-11
3
Medium Priority
?
649 Views
Last Modified: 2014-12-24
we are trying to create an eoip between 2 datacenters with given config below

problem is two mikrotik can ping each other with 1.1.1.1 and 1.1.1.3 but from the both network any machine can't get ip address from other sometimes, but sometimes it works :S how this should happen what is blocking them i could not understand

but while they can not get ip address from each side tcpdump -n -q shows that arp requests between networks still going on :S

# dec/11/2014 23:54:00 by RouterOS 6.0

/interface bridge
add name=Kopru protocol-mode=rstp
/interface ethernet
set 0 name=Lan
set 1 name=Wan
/interface eoip
add local-address=xx.xx.xx.22 mac-address=FE:14:B2:B8:92:DD name="EoIP - 1" remote-address=yy.yy.yy.6 tunnel-id=1
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m mac-cookie-timeout=3d
/port
set 0 name=serial0
set 1 name=serial1
/interface bridge port
add bridge=Kopru interface="EoIP - 1"
add bridge=Kopru interface=Lan
/interface bridge settings
set use-ip-firewall-for-vlan=yes
/ip address
add address=xx.xx.xx.22/27 comment="added by setup" interface=Wan network=xx.xx.xx.0
add address=1.1.1.3/24 interface=Kopru network=1.1.1.0
/ip firewall connection tracking
set enabled=no
/ip route
add comment="added by setup" distance=1 gateway=xx.xx.xx.1







# dec/11/2014 22:04:43 by RouterOS 6.0

/interface bridge
add name=Kopru protocol-mode=rstp
/interface ethernet
set 0 name=Lan
set 1 mac-address=00:50:56:31:A4:F0 name=Wan
/interface eoip
add local-address=yy.yy.yy.6 mac-address=02:A4:C8:60:CB:DA name="EoIP - 2" remote-address=xx.xx.xx.22 tunnel-id=1
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m mac-cookie-timeout=3d
/port
set 0 name=serial0
set 1 name=serial1
/interface bridge port
add bridge=Kopru interface="EoIP - 2"
add bridge=Kopru interface=Lan
/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-vlan=yes
/ip address
add address=yy.yy.yy.6/24 comment="added by setup" interface=Wan network=yy.yy.yy.0
add address=1.1.1.1/24 interface=Kopru network=1.1.1.0
/ip firewall connection tracking
set enabled=no
/ip route
add comment="added by setup" distance=1 gateway=yy.yy.yy.1

Open in new window

0
Comment
Question by:FireBall
  • 2
3 Comments
 
LVL 11

Expert Comment

by:naderz
ID: 40497156
Have you compared notes with Mikrotik wiki? I see you are using firewall and routing settings; which shouldn't be necessary.

See below:
http://wiki.mikrotik.com/wiki/Manual:Interface/EoIP#Notes
0
 

Author Comment

by:FireBall
ID: 40497211
I have already read them as far as start to trying our networks are so complicated and big some professionals need to ask sth. if needed to resolve
0
 
LVL 11

Accepted Solution

by:
naderz earned 2000 total points
ID: 40497239
Have you tried below on both?

/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-vlan=no
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question