Community discussions

MikroTik App
  4. RouterOS
  5. General

Cannot ping VLAN gateway or obtain IP via DHCP

Post Reply
 
domon
just joined
Topic Author
Posts: 20
Joined: Sat Dec 03, 2016 4:20 pm

Cannot ping VLAN gateway or obtain IP via DHCP

Sat Dec 03, 2016 4:32 pm

I have a CRS-125 on latest routersOS with several VLANs configured, one per physical port on a few of the ports. A DHCP server is configured per VLAN, however when plugging into any of the ports, no IP is given to the client. Nor is it possible to ping the VLAN gateway when statically assigning an IP on the client.

I tried adding a few of the vlan ports to switch1, but that didn't work either.

/interface vlan
add interface=ether10 name=vlan10 vlan-id=10
add interface=ether2 name=vlan20 vlan-id=20
add interface=ether3 name=vlan30 vlan-id=30
add interface=ether4 name=vlan40 vlan-id=40
add interface=ether5 name=vlan50 vlan-id=50
add interface=ether6 name=vlan60 vlan-id=60
add interface=ether7 name=vlan70 vlan-id=70
add interface=ether8 name=vlan80 vlan-id=80


/ip pool
add name=poolvlan10 ranges=10.10.10.10-10.10.10.100
add name=poolvlan20 ranges=10.10.2.10-10.10.2.100
add name=poolvlan30 ranges=10.10.3.10-10.10.3.100
add name=poolvlan50 ranges=10.10.5.10-10.10.5.100
add name=poolvlan80 ranges=10.10.8.10-10.10.8.100
add name=poolvlan40 ranges=10.10.4.10-10.10.4.100
add name=poolvlan60 ranges=10.10.6.10-10.10.6.100
add name=poolvlan70 ranges=10.10.7.10-10.10.7.100
add name=poolvlan90 ranges=10.10.9.10-10.10.9.100

/ip dhcp-server
add address-pool=poolvlan10 disabled=no interface=vlan10 name=dhcpvlan10
add address-pool=poolvlan20 disabled=no interface=vlan20 name=dhcpvlan20
add address-pool=poolvlan30 disabled=no interface=vlan30 name=dhcpvlan30
add address-pool=poolvlan40 disabled=no interface=vlan40 name=dhcpvlan40
add address-pool=poolvlan50 disabled=no interface=vlan50 name=dhcpvlan50
add address-pool=poolvlan60 disabled=no interface=vlan60 name=dhcpvlan60
add address-pool=poolvlan70 disabled=no interface=vlan70 name=dhcpvlan70
add address-pool=poolvlan80 disabled=no interface=vlan80 name=dhcpvlan80

/interface ethernet switch vlan
add ports=ether5,switch1-cpu vlan-id=50
add ports=ether6,switch1-cpu vlan-id=60

/ip address
add address=10.10.3.1/24 interface=vlan30 network=10.10.3.0
add address=10.10.2.1/24 interface=vlan20 network=10.10.2.0
add address=10.10.4.1/24 interface=vlan40 network=10.10.4.0
add address=10.10.5.1/24 interface=vlan50 network=10.10.5.0
add address=10.10.7.1/24 interface=vlan70 network=10.10.7.0
add address=10.10.8.1/24 interface=vlan80 network=10.10.8.0
add address=10.10.10.1/24 interface=vlan10 network=10.10.10.0
add address=10.10.6.1/24 interface=ether6 network=10.10.6.0

/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1

/ip dhcp-server network
add address=10.10.1.0/24 dns-server=4.2.2.2 domain=test.lan gateway=10.10.1.1 ntp-server=10.10.1.1
add address=10.10.2.0/24 dns-server=4.2.2.2 domain=test.lan gateway=10.10.2.1 ntp-server=10.10.2.1
add address=10.10.3.0/24 dns-server=4.2.2.2 domain=test.lan gateway=10.10.3.1 ntp-server=10.10.3.1
add address=10.10.4.0/24 dns-server=4.2.2.2 domain=test.lan gateway=10.10.4.1 ntp-server=10.10.4.1
add address=10.10.5.0/24 dns-server=4.2.2.2 domain=test.lan gateway=10.10.5.1 ntp-server=10.10.5.1
add address=10.10.6.0/24 dns-server=4.2.2.2 domain=test.lan gateway=10.10.6.1 ntp-server=10.10.6.1
add address=10.10.7.0/24 dns-server=4.2.2.2 domain=test.lan gateway=10.10.7.1 ntp-server=10.10.7.1
add address=10.10.8.0/24 dns-server=4.2.2.2 domain=test.lan gateway=10.10.8.1 ntp-server=10.10.8.1
add address=10.10.9.0/24 dns-server=4.2.2.2 domain=test.lan gateway=10.10.9.1 ntp-server=10.10.9.1
add address=10.10.10.0/24 dns-server=4.2.2.2 domain=test.lan gateway=10.10.10.1 ntp-server=10.10.10.1

/ip dns static
add address=10.10.0.1 name=dns

/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1

/lcd pin
set pin-number=1234

/system clock
set time-zone-name=America/New_York

/system identity
set name=mikrotik

/system ntp client
set enabled=yes primary-ntp=45.33.84.208

/system routerboard settings
set protected-routerboot=disabled
Top
 
huntah
Member Candidate
Member Candidate
Posts: 289
Joined: Tue Sep 09, 2008 3:24 pm

Re: Cannot ping VLAN gateway or obtain IP via DHCP

Sat Dec 03, 2016 10:41 pm

If this is your complete export you are missing settings for switch chip and VLANs.
for tagged ports:
/interface ethernet switch egress-vlan-tag
for access ports:
/interface ethernet switch ingress-vlan-translation

Look at these examples:
http://wiki.mikrotik.com/wiki/Manual:CRS_examples
Top
 
domon
just joined
Topic Author
Posts: 20
Joined: Sat Dec 03, 2016 4:20 pm

Re: Cannot ping VLAN gateway or obtain IP via DHCP

Sun Dec 04, 2016 2:12 am

That was the complete export. I added what I *think* would be the correct additions, though it's still not giving out an IP. When assigning a static IP on the client, the client cannot ping the VLAN gateway.

I can however now see the request and reply on the client interface, but the client never accepts/gets the IP.

19:09:48.996471 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from d3:ea:95:a2:47:b7, length 300
19:09:48.998488 IP 10.10.4.1.67 > 10.10.4.100.68: BOOTP/DHCP, Reply, length 300

/interface ethernet switch egress-vlan-tag
add tagged-ports=ether2,switch1-cpu vlan-id=20
add tagged-ports=ether3,switch1-cpu vlan-id=30
add tagged-ports=ether4,switch1-cpu vlan-id=40
add tagged-ports=ether5,switch1-cpu vlan-id=50
add tagged-ports=ether6,switch1-cpu vlan-id=60
add tagged-ports=ether7,switch1-cpu vlan-id=70
add tagged-ports=ether8,switch1-cpu vlan-id=80

/interface ethernet switch ingress-vlan-translation
add customer-vid=0 new-customer-vid=20 ports=ether2
add customer-vid=0 new-customer-vid=30 ports=ether3
add customer-vid=0 new-customer-vid=40 ports=ether4
add customer-vid=0 new-customer-vid=50 ports=ether5
add customer-vid=0 new-customer-vid=60 ports=ether6
add customer-vid=0 new-customer-vid=70 ports=ether7
add customer-vid=0 new-customer-vid=80 ports=ether8
Top
 
huntah
Member Candidate
Member Candidate
Posts: 289
Joined: Tue Sep 09, 2008 3:24 pm

Re: Cannot ping VLAN gateway or obtain IP via DHCP

Sun Dec 04, 2016 11:33 am

You did not read the whole wiki ;)
Firstly you must put ports in one switch group.
so set ether1 and every other port to slave as master port set to ether1
Also you have to pot your vlan interface on to of ether1
Code: Select all
/interface vlan
add interface=ether1 name=vlan10 vlan-id=10
add interface=ether1 name=vlan20 vlan-id=20
add interface=ether1 name=vlan30 vlan-id=30
add interface=ether1 name=vlan40 vlan-id=40
add interface=ether1 name=vlan50 vlan-id=50
add interface=ether1 name=vlan60 vlan-id=60
add interface=ether1 name=vlan70 vlan-id=70
add interface=ether1 name=vlan80 vlan-id=80
Are you using this switch as a router also? Is your WAN (ISP) connected to ether1 (you have NAT masquerade out on ether1)? If yes then make master port ether2 and ether3-8 slave of it.
Ether1 stay master on its own (master port set to none)..Also the you need to put vlan interfaces on ether2.
Then it should work as you expect. I urge you to re-read the Wiki and follow every step. It is quite tricky setting it up for the first time.
If it is not working please post entire export config and draw a diagram of you network..
Top
Post Reply
  4. RouterOS
  5. General