Community discussions

MikroTik App
 
rusoo7
just joined
Topic Author
Posts: 9
Joined: Tue Jun 23, 2015 12:07 pm

how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?

Fri Jun 26, 2015 5:23 pm

Hello,

I'm getting an interface warning "ethernet2: bridge port received packet with own address as source address, probably loop". Does any know how to trouble shoot this? I cant find any relative information about this on the net. I'm using RB2011UiAS-2HnD. It appears to be happening exactly 60 seconds apart. Ethernet2 is master port for Eth3,4,5. It is Slave to my lan Bridge. Bridge is also mapped to Eth6 and WLAN. ETH2 seems to have Role of root port. I'm not sure if this is correct. Thanks in advance.
 
User avatar
pukkita
Trainer
Trainer
Posts: 3051
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?

Fri Jun 26, 2015 5:36 pm

post an export...
 
rusoo7
just joined
Topic Author
Posts: 9
Joined: Tue Jun 23, 2015 12:07 pm

Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?

Fri Jun 26, 2015 5:49 pm

Hope its not too must script to go through:
# jun/26/2015 18:14:09 by RouterOS 6.29.1
# software id = K9L3-THMQ
#
/interface bridge
add arp=proxy-arp name=LAN/BRIDGE
/interface ethernet
set [ find default-name=ether2 ] name=LAN/ETH2
set [ find default-name=ether3 ] arp=proxy-arp master-port=LAN/ETH2 name=\
    LAN/ETH3
set [ find default-name=ether4 ] arp=proxy-arp master-port=LAN/ETH2 name=\
    LAN/ETH4
set [ find default-name=ether5 ] arp=proxy-arp master-port=LAN/ETH2 name=\
    LAN/ETH5
set [ find default-name=ether6 ] name=LAN/ETH6
set [ find default-name=ether7 ] arp=proxy-arp master-port=LAN/ETH6 name=\
    LAN/ETH7
set [ find default-name=ether8 ] arp=proxy-arp master-port=LAN/ETH6 name=\
    LAN/ETH8
set [ find default-name=ether9 ] arp=proxy-arp master-port=LAN/ETH6 name=\
    LAN/ETH9
set [ find default-name=ether10 ] arp=proxy-arp master-port=LAN/ETH6 name=\
    LAN/ETH10
set [ find default-name=sfp1 ] name=NONE/SFP
set [ find default-name=ether1 ] name=WAN/ETH1
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
    mode=dynamic-keys supplicant-identity=MikroTik
add authentication-types=wpa-psk,wpa2-psk eap-methods="" group-ciphers=\
    tkip,aes-ccm mode=dynamic-keys name=WIFI/SECURITY supplicant-identity="" \
    unicast-ciphers=tkip,aes-ccm
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=\
    20/40mhz-ht-above country=bulgaria disabled=no frequency=auto l2mtu=2290 \
    mode=ap-bridge name=WIFI/WLAN security-profile=WIFI/SECURITY ssid=\
    Brolin-WIFI wireless-protocol=802.11
/ip pool
add name=dhcp ranges=192.168.168.30-192.168.168.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=LAN/BRIDGE name=DHCP/SERVER
/port
set 0 name=serial0
/ppp profile
set [ find name=default ] name=default
set [ find name=default-encryption ] name=default-encryption
/interface bridge port
add bridge=LAN/BRIDGE interface=LAN/ETH2
add bridge=LAN/BRIDGE interface=LAN/ETH6
add bridge=LAN/BRIDGE interface=WIFI/WLAN
/ip address
add address=192.168.168.1/24 comment=LAN interface=LAN/BRIDGE network=\
    192.168.168.0
add address=96.86.191.125/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.124/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.116/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.119/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.121/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.122/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.123/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.120/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.115/28 comment="One-To-One NETMAP" interface=WAN/ETH1 \
    network=96.86.191.112
add address=96.86.191.114/28 comment="DHCP Preffered" interface=WAN/ETH1 \
    network=96.86.191.112
add address=96.86.191.117/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.118/28 interface=WAN/ETH1 network=96.86.191.112
add address=96.86.191.126/28 interface=WAN/ETH1 network=96.86.191.112
/ip dhcp-server network
add address=192.168.168.0/24 dns-server=95.87.194.4,95.87.255.194 gateway=\
    192.168.168.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=95.87.194.4,95.87.255.194
/ip firewall filter
add action=drop chain=input comment="Disallow weird packets" \
    connection-state=invalid
add chain=input comment="Allow LAN access to the router itself" \
    connection-state=new in-interface=LAN/BRIDGE
add chain=input comment=" ^^ that originated from LAN" connection-state=\
    established
add chain=input comment=" ^^ that originated from LAN" connection-state=\
    related
add chain=input comment="Allow ping ICMP from anywhere" protocol=icmp
add chain=input comment="Allow Winbox" dst-address=96.86.191.114 dst-port=\
    8291 in-interface=WAN/ETH1 protocol=tcp
add chain=input comment="Allow Ports to WEBSERVER" dst-address=96.86.191.115 \
    dst-port=80,443,3389 in-interface=WAN/ETH1 protocol=tcp
add chain=input comment="Allow Ports to DEVSERVER" dst-address=96.86.191.120 \
    dst-port=3306,3389,8443 in-interface=WAN/ETH1 protocol=tcp
add chain=input comment="Allow Ports to SVETLOZAR-PC" dst-address=\
    96.86.191.118 dst-port=80,443,3389,8080,8443 in-interface=WAN/ETH1 \
    protocol=tcp
add chain=input comment="Allow Ports to CHORO-LP" dst-address=96.86.191.123 \
    dst-port=80,443,3389 in-interface=WAN/ETH1 protocol=tcp
add action=drop chain=input comment=\
    "Disallow anything from anywhere on any interface"
add action=drop chain=forward comment="Disallow weird packets" \
    connection-state=invalid disabled=yes
add chain=forward comment="Allow LAN access to move through the router" \
    connection-state=new disabled=yes in-interface=LAN/BRIDGE
add chain=forward comment=" ^^ that originated from LAN" connection-state=\
    established disabled=yes
add chain=forward comment=" ^^ that originated from LAN" connection-state=\
    related disabled=yes
add action=drop chain=forward comment=\
    "Disallow anything from anywhere on any interface" disabled=yes
/ip firewall nat
add action=dst-nat chain=dstnat comment="One-To-One NETMAP" dst-address=\
    96.86.191.115 dst-port=80,443,3389 in-interface=WAN/ETH1 protocol=tcp \
    to-addresses=192.168.168.15
add action=dst-nat chain=dstnat dst-address=96.86.191.116 in-interface=\
    WAN/ETH1 to-addresses=192.168.168.16
add action=dst-nat chain=dstnat dst-address=96.86.191.117 in-interface=\
    WAN/ETH1 to-addresses=192.168.168.17
add action=dst-nat chain=dstnat dst-address=96.86.191.118 dst-port=\
    80,443,3389,8080,8443 in-interface=WAN/ETH1 protocol=tcp to-addresses=\
    192.168.168.18
add action=dst-nat chain=dstnat dst-address=96.86.191.119 in-interface=\
    WAN/ETH1 to-addresses=192.168.168.19
add action=dst-nat chain=dstnat dst-address=96.86.191.120 dst-port=\
    3306,3389,8443 in-interface=WAN/ETH1 protocol=tcp to-addresses=\
    192.168.168.20
add action=dst-nat chain=dstnat dst-address=96.86.191.121 in-interface=\
    WAN/ETH1 to-addresses=192.168.168.21
add action=dst-nat chain=dstnat dst-address=96.86.191.122 in-interface=\
    WAN/ETH1 to-addresses=192.168.168.22
add action=dst-nat chain=dstnat dst-address=96.86.191.123 dst-port=\
    80,443,3389 in-interface=WAN/ETH1 protocol=tcp to-addresses=\
    192.168.168.23
add action=dst-nat chain=dstnat dst-address=96.86.191.124 in-interface=\
    WAN/ETH1 to-addresses=192.168.168.24
add action=dst-nat chain=dstnat dst-address=96.86.191.125 in-interface=\
    WAN/ETH1 to-addresses=192.168.168.25
add action=dst-nat chain=dstnat dst-address=96.86.191.126 in-interface=\
    WAN/ETH1 to-addresses=192.168.168.26
add action=src-nat chain=srcnat src-address=192.168.168.15 to-addresses=\
    96.86.191.115
add action=src-nat chain=srcnat src-address=192.168.168.16 to-addresses=\
    96.86.191.116
add action=src-nat chain=srcnat src-address=192.168.168.17 to-addresses=\
    96.86.191.117
add action=src-nat chain=srcnat src-address=192.168.168.18 to-addresses=\
    96.86.191.118
add action=src-nat chain=srcnat src-address=192.168.168.19 to-addresses=\
    96.86.191.119
add action=src-nat chain=srcnat src-address=192.168.168.20 to-addresses=\
    96.86.191.120
add action=src-nat chain=srcnat src-address=192.168.168.21 to-addresses=\
    96.86.191.121
add action=src-nat chain=srcnat src-address=192.168.168.22 to-addresses=\
    96.86.191.122
add action=src-nat chain=srcnat src-address=192.168.168.23 to-addresses=\
    96.86.191.123
add action=src-nat chain=srcnat src-address=192.168.168.24 to-addresses=\
    96.86.191.124
add action=src-nat chain=srcnat src-address=192.168.168.25 to-addresses=\
    96.86.191.125
add action=src-nat chain=srcnat src-address=192.168.168.26 to-addresses=\
    96.86.191.126
add action=masquerade chain=srcnat comment="Default Masquerade Rule for LAN" \
    out-interface=WAN/ETH1 src-address=192.168.168.2-192.168.168.255
add action=dst-nat chain=dstnat comment="Redirect Ports to WEBSERVER" \
    dst-address=96.86.191.115 dst-address-type=local dst-port=80,443,3389 \
    protocol=tcp to-addresses=192.168.168.15
add action=dst-nat chain=dstnat comment="Redirect Ports to DEVSERVER" \
    dst-address=96.86.191.120 dst-address-type=local dst-port=3306,3389,8443 \
    protocol=tcp to-addresses=192.168.168.20
add action=dst-nat chain=dstnat comment="Redirect Ports to SVETLOZAR-PC" \
    dst-address=96.86.191.118 dst-address-type=local dst-port=\
    80,443,3389,8080,8443 protocol=tcp to-addresses=192.168.168.18
add action=dst-nat chain=dstnat comment="Redirect Ports to CHORO-LP" \
    dst-address=96.86.191.123 dst-address-type=local dst-port=80,443,3389 \
    protocol=tcp to-addresses=192.168.168.23
add action=masquerade chain=srcnat comment=\
    "Masquerade Traffic going to WAN IP of mikrotik from local LAN users" \
    dst-port=80,443,3306,3389,8080,8443 out-interface=LAN/BRIDGE protocol=tcp \
    src-address=192.168.168.0/24
/ip route
add distance=1 gateway=96.86.191.113
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/lcd
set enabled=no
/system clock
set time-zone-name=Europe/Sofia
/system identity
set name=Brolin-FW
/tool romon port
add disabled=no
 
rusoo7
just joined
Topic Author
Posts: 9
Joined: Tue Jun 23, 2015 12:07 pm

Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?

Mon Jun 29, 2015 12:48 pm

Just to add that there is also nothing physically connected to the Eithernet2 port
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1768
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?

Mon Jun 29, 2015 1:20 pm

as far as i can see Eth2 is master port, so any port that have eth2 as master is eth2, from software point of view. So packet can arrive to any of those ports.

Usually when you receive packet, it indicates that problem is elsewhere in your network - some kind of loop, so check your network structure.

Also Proxy-arp looks kinda strange there - why do you use it everywhere?
 
rusoo7
just joined
Topic Author
Posts: 9
Joined: Tue Jun 23, 2015 12:07 pm

Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?

Mon Jun 29, 2015 1:36 pm

When i was having issues with the router i sent it in for checkup and configuration. They set it to proxy-arp. When i saw it i wondered about it but wasn't sure what it's for and so i left it as is.

I change it to "enabled" and the network wasn't effected in any way.

The Warning is still there :(
 
rusoo7
just joined
Topic Author
Posts: 9
Joined: Tue Jun 23, 2015 12:07 pm

Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?

Mon Jun 29, 2015 3:44 pm

Thank you Macgaiver,

I did what you said, i reviewed the entire network by unplugging the cables one by one to narrowing down where the loop is coming from. I narrowed it down to another Mikrotik that is configured to work like a switch. It had "Admin. MAC Address:" for the Bridge set to same address as the interface where i was getting the warning. I removed the address and the warning is gone.

Do you know if it normal for the bridge to have the same mac address as one of the Ethernet ports? It seem to have inherited the mac address from Ethernet 4.
 
User avatar
pukkita
Trainer
Trainer
Posts: 3051
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?

Mon Jun 29, 2015 8:11 pm

Maybe someone exported the config with the bridge and mac admin address set and imported it the other router.
 
rusoo7
just joined
Topic Author
Posts: 9
Joined: Tue Jun 23, 2015 12:07 pm

Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?

Tue Jun 30, 2015 11:01 am

This is exactly what happen, i learned my lesson to do export instead of loading backup file from another router.
 
User avatar
m4rk0
Member Candidate
Member Candidate
Posts: 196
Joined: Sat Feb 16, 2008 8:30 pm
Location: BA
Contact:

Re: how to troubleshoot warning "ethernet2: bridge port received packet with own address as source address"?

Fri Aug 07, 2015 10:20 am

Is there any other way to detect duplicate mac address?
 
angboontiong
Forum Guru
Forum Guru
Posts: 1136
Joined: Fri Jan 16, 2009 9:59 am

Fri Aug 07, 2015 12:16 pm

My case is that interface spoiled, disable it then problem solved.

Sent from my Che2-L11 using Tapatalk
 
User avatar
m4rk0
Member Candidate
Member Candidate
Posts: 196
Joined: Sat Feb 16, 2008 8:30 pm
Location: BA
Contact:

Re:

Fri Aug 07, 2015 1:18 pm

My case is that interface spoiled, disable it then problem solved.

Sent from my Che2-L11 using Tapatalk
Changed ether port, disabled other two, same error...
 
angboontiong
Forum Guru
Forum Guru
Posts: 1136
Joined: Fri Jan 16, 2009 9:59 am

Re: Re:

Tue Aug 11, 2015 1:44 pm

My case is that interface spoiled, disable it then problem solved.

Sent from my Che2-L11 using Tapatalk
Changed ether port, disabled other two, same error...

Do you bridge all the port? or,
Do you master and slave all the port?

unlink the spoiled port (refer to the log which port given problem), then you problem should solve.
 
User avatar
m4rk0
Member Candidate
Member Candidate
Posts: 196
Joined: Sat Feb 16, 2008 8:30 pm
Location: BA
Contact:

Re: Re:

Wed Aug 19, 2015 11:57 am

unlink the spoiled port (refer to the log which port given problem), then you problem should solve.
I've all 3 in bridge...

Who is online

Users browsing this forum: No registered users and 25 guests