Weird Routing problems

brixsat · Tue Jul 07, 2020 12:03 pm

Hello,

Thanks for helping me out.

I have a routerboard rb4011i configured as capsman and 4 Aps (2 metal ac 52 and 2 cAP Gi-5acD2nD) doing 3 networks, cable, wifi and hotspot.
I have 3 networks, cable 192.168.9.0/24, wifi administrative 10.2.2.0/24 and hotspot (172.16.1.0/24), and 10.1.1.0/24 for capsman comunication with aps.

The problem is I can only ping wifi clients when:
1 - I am connected to that ap,
2 - I am on lan (9.x)

I cant find out why i don't have pings beetwen wifi clients.

Here is my Rb4011 config.

# jul/07/2020 09:53:25 by RouterOS 6.47
# software id = LLNJ-5U84
#
# model = RB4011iGS+
# serial number = B8F60AE9E81B
/caps-man channel
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2412 name=CH1
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2417 name=CH2
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2422 name=CH3
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2427 name=CH4
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2432 name=CH5
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2437 name=CH6
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2442 name=CH7
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2447 name=CH8
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2452 name=CH9
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2457 name=CH10
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2462 name=CH11
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2467 name=CH12
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2472 name=CH13
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=disabled frequency=5180 name=CH36
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=disabled frequency=5200 name=CH40
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=disabled frequency=5220 name=CH44
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=disabled frequency=5240 name=CH48
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=disabled frequency=5280 name=CH56
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=disabled frequency=5260 name=CH52
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2412,2437,2462 name=2.4Ghz
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=disabled frequency=5180,5280 name=5Ghz
/interface bridge
add name=bridge_capsman
add name=bridge_lan
add name=bridge_wifi_corp
add name=bridge_wifi_guest
/interface ethernet
set [ find default-name=ether1 ] comment=Wan
set [ find default-name=ether2 ] comment=Pi-Hole
set [ find default-name=ether3 ] comment=Storage
set [ find default-name=ether6 ] comment=ToCaps
set [ find default-name=ether7 ] comment=ToCaps
set [ find default-name=ether8 ] comment=ToCaps
set [ find default-name=ether9 ] comment=ToCaps
/caps-man datapath
add bridge=bridge_wifi_corp bridge-horizon=15 client-to-client-forwarding=yes local-forwarding=no name=datapath-adm
add bridge=bridge_wifi_guest bridge-horizon=20 client-to-client-forwarding=no local-forwarding=no name=datapath-guest
/caps-man configuration
add channel=5Ghz country=portugal datapath=datapath-guest installation=any mode=ap name=cfg2-Guest-5ghz ssid=Wifi@CampingAve-5GHz
/caps-man rates
add basic=6Mbps name="GN Only - No B rates" supported=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps
/caps-man configuration
add channel=2.4Ghz country=portugal datapath=datapath-guest installation=any mode=ap name=cfg2-Guest-2.4ghz rates="GN Only - No B rates" ssid=Wifi@CampingAve
/caps-man security
add authentication-types=wpa2-psk disable-pmkid=yes encryption=aes-ccm group-encryption=aes-ccm group-key-update=1h name=Adm
/caps-man configuration
add channel=2.4Ghz country=portugal datapath=datapath-adm installation=any mode=ap name=cfg1-Corp-2.4ghz rates="GN Only - No B rates" rx-chains=0,1 security=Adm ssid=Adm@CampingAve tx-chains=0,1
add channel=5Ghz country=portugal datapath=datapath-adm installation=any mode=ap name=cfg1-Corp-5ghz rx-chains=0,1 security=Adm ssid=Adm@CampingAve-5GHz tx-chains=0,1
/interface ethernet switch port
set 0 default-vlan-id=0
set 1 default-vlan-id=0
set 2 default-vlan-id=0
set 3 default-vlan-id=0
set 4 default-vlan-id=0
set 5 default-vlan-id=0
set 6 default-vlan-id=0
set 7 default-vlan-id=0
set 8 default-vlan-id=0
set 9 default-vlan-id=0
set 10 default-vlan-id=0
set 11 default-vlan-id=0
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
add dns-name=hotspot.campingave.net hotspot-address=172.16.1.1 login-by=http-chap name=hsprof1 smtp-server=5.189.138.125 use-radius=yes
/ip pool
add name=dhcp_lan ranges=192.168.9.2-192.168.9.254
add name=dhcp_hotspot ranges=172.16.1.2-172.16.1.254
add name=dhcp_wifi ranges=10.2.2.2-10.2.2.254
/ip dhcp-server
add address-pool=dhcp_lan disabled=no interface=bridge_lan lease-time=1d10m name=dhcp_lan
add address-pool=dhcp_hotspot disabled=no interface=bridge_wifi_guest lease-time=4h name=dhcp_guest
add address-pool=dhcp_wifi disabled=no interface=bridge_wifi_corp lease-time=1d10m name=dhcp_adm
/ip hotspot
add address-pool=dhcp_hotspot addresses-per-mac=1 disabled=no interface=bridge_wifi_guest name=hotspot1 profile=hsprof1
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes package-path=/upgrade upgrade-policy=suggest-same-version
/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=g master-configuration=cfg1-Corp-2.4ghz name-format=prefix-identity name-prefix=2.4Ghz slave-configurations=cfg2-Guest-2.4ghz
add action=create-dynamic-enabled hw-supported-modes=ac master-configuration=cfg1-Corp-5ghz name-format=prefix-identity name-prefix=5Ghz slave-configurations=cfg2-Guest-5ghz
/interface bridge port
add bridge=bridge_lan interface=ether2
add bridge=bridge_lan interface=ether3
add bridge=bridge_lan interface=ether4
add bridge=bridge_lan interface=ether5
add bridge=bridge_capsman interface=ether6
add bridge=bridge_capsman interface=ether7
add bridge=bridge_capsman interface=ether8
add bridge=bridge_capsman interface=ether9
/ip address
add address=192.168.9.1/24 interface=bridge_lan network=192.168.9.0
add address=10.2.2.1/24 interface=bridge_wifi_corp network=10.2.2.0
add address=172.16.1.1/24 interface=bridge_wifi_guest network=172.16.1.0
add address=10.1.1.1/29 interface=bridge_capsman network=10.1.1.0
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server network
add address=10.2.2.0/24 dns-server=10.2.2.1 gateway=10.2.2.1
add address=172.16.1.0/24 dns-server=172.16.1.1 gateway=172.16.1.1
add address=192.168.9.0/24 dns-server=192.168.9.1 gateway=192.168.9.1
/ip dns
set allow-remote-requests=yes servers=192.168.9.1
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=accept chain=input connection-state=established,related
add action=drop chain=input in-interface=ether1
add action=accept chain=forward connection-state=established,related
add action=drop chain=forward in-interface=ether1
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat comment="masquerade hotspot network" src-address=172.16.1.0/24
/ip hotspot user
add name=admin
/radius
add address=127.0.0.1 service=hotspot
/radius incoming
set accept=yes
/system clock
set time-zone-name=Europe/Lisbon
/system identity
set name=Core-Capsman
/system logging
add topics=firewall
/system routerboard settings
set auto-upgrade=yes
/tool bandwidth-server
set authenticate=no enabled=no
/tool graphing interface
add allow-address=192.168.9.0/24

And here is one of my Aps configuration:

# feb/19/1970 01:27:03 by RouterOS 6.47
# jul/07/2020 10:24:55 by RouterOS 6.47
# software id = YJJR-JLUL
#
# model = Metal G-52SHPacn
# serial number = A8080A08981E
/interface wireless
# managed by CAPsMAN
# channel: 2412/20/gn(20dBm), SSID: Adm@CampingAve, CAPsMAN forwarding
set [ find default-name=wlan1 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface wireless cap
# 
set discovery-interfaces=ether1 enabled=yes interfaces=wlan1
/ip address
add address=10.1.1.5/24 interface=ether1 network=10.1.1.0
/ip route
add distance=1 gateway=10.1.1.1
add distance=1 gateway=10.1.1.1
/system clock
set time-zone-name=Europe/Lisbon
/system identity
set name=Ap-Rio
/system ntp client
set enabled=yes primary-ntp=10.1.1.1

If you spot anything else that must be fixed, please do tell me.

Thanks in advance.

brixsat · Wed Jul 08, 2020 5:00 pm

Please Nobody?

mutluit · Wed Jul 08, 2020 7:08 pm

Please Nobody?

Don't have experience with CapsMan.
Without CapsMan I assign the wlanX a gateway IP, then the client can ping the others.
Of course under DHCPServer / Networks one has to list the network(s) of the wlanX.

If the client has more than one interface then maybe it's trying to go over the other interface.
You should do a traceroute ("tracert" on windows) from the client.
And check the routing table on the client.

sindy · Wed Jul 08, 2020 9:06 pm

I can see nothing suspicious in your configuration except bridge-horizon in the datapath, but it's true that I don't use automatic interface configuration. Can you post the output of caps-man actual-interface-configuration print detail and of interface bridge port print detail?
I can see local-forwarding=no and client-to-client-forwarding=yes in your datapath-adm, whereas you say you have to connect to the AP to be able to ping the clients registered to that AP, which rather suggests that local forwarding is active, because there is nothing in the firewall of the 4011 that would explain why it is not possible to ping the AP clients from a PC connected to ether2-ether5.

As for the bridge-horizon, traffic among ports with same value of horizon is blocked, which explains why you cannot ping a client of an SSID on one AP from a client of the same SSID on another AP, but nothing else - clients of the same AP should be able to ping each other if they are connected to an SSID which uses datapath-adm.

brixsat · Thu Jul 09, 2020 2:03 am

Thanks for the help

[admin@Core-Capsman] > caps-man actual-interface-coadmin@Core-Capsman > interface bridge port print detail
Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload 
 0     interface=ether2 bridge=bridge_lan priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 1     interface=ether3 bridge=bridge_lan priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 2     interface=ether4 bridge=bridge_lan priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 3 I   interface=ether5 bridge=bridge_lan priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 4     interface=ether6 bridge=bridge_capsman priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 5     interface=ether7 bridge=bridge_capsman priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 6     interface=ether8 bridge=bridge_capsman priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no nfiguration print detail 
Flags: M - master, D - dynamic, B - bound, X - disabled, I - inactive, R - running 
 0 MDB  name="2.4Ghz-Ap-Balneario-1" mac-address=74:4D:28:7E:10:58 arp-timeout=auto radio-mac=74:4D:28:7E:10:58 master-interface=none configuration.mode=ap configuration.ssid="Adm@CampingAve" 
        configuration.tx-chains=0,1 configuration.rx-chains=0,1 configuration.country=portugal configuration.installation=any security.authentication-types=wpa2-psk security.encryption=aes-ccm 
        security.group-encryption=aes-ccm security.group-key-update=1h security.passphrase="felicidade" security.disable-pmkid=yes l2mtu=1600 datapath.client-to-client-forwarding=yes 
        datapath.bridge=bridge_wifi_corp datapath.bridge-horizon=15 datapath.local-forwarding=no channel.frequency=2412,2437,2462 channel.control-channel-width=20mhz channel.band=2ghz-g/n 
        channel.extension-channel=disabled 

 1  DB  name="2.4Ghz-Ap-Balneario-1-1" mac-address=76:4D:28:7E:10:58 arp-timeout=auto radio-mac=00:00:00:00:00:00 master-interface=2.4Ghz-Ap-Balneario-1 configuration.mode=ap 
        configuration.ssid="Wifi@CampingAve" configuration.country=portugal configuration.installation=any l2mtu=1600 datapath.client-to-client-forwarding=no datapath.bridge=bridge_wifi_guest 
        datapath.bridge-horizon=20 datapath.local-forwarding=no channel.frequency=2412,2437,2462 channel.control-channel-width=20mhz channel.band=2ghz-g/n channel.extension-channel=disabled 

 0 MDBR name="2.4Ghz-Ap-Cafe-1" mac-address=B8:69:F4:D4:03:C2 arp-timeout=auto radio-mac=B8:69:F4:D4:03:C2 master-interface=none configuration.mode=ap configuration.ssid="Adm@CampingAve" 
        configuration.tx-chains=0,1 configuration.rx-chains=0,1 configuration.country=portugal configuration.installation=any security.authentication-types=wpa2-psk security.encryption=aes-ccm 
        security.group-encryption=aes-ccm security.group-key-update=1h security.passphrase="felicidade" security.disable-pmkid=yes l2mtu=1600 datapath.client-to-client-forwarding=yes 
        datapath.bridge=bridge_wifi_corp datapath.bridge-horizon=15 datapath.local-forwarding=no channel.frequency=2412,2437,2462 channel.control-channel-width=20mhz channel.band=2ghz-g/n 
        channel.extension-channel=disabled 

 1  DB  name="2.4Ghz-Ap-Cafe-1-1" mac-address=BA:69:F4:D4:03:C2 arp-timeout=auto radio-mac=00:00:00:00:00:00 master-interface=2.4Ghz-Ap-Cafe-1 configuration.mode=ap configuration.ssid="Wifi@CampingAve" 
        configuration.country=portugal configuration.installation=any l2mtu=1600 datapath.client-to-client-forwarding=no datapath.bridge=bridge_wifi_guest datapath.bridge-horizon=20 
        datapath.local-forwarding=no channel.frequency=2412,2437,2462 channel.control-channel-width=20mhz channel.band=2ghz-g/n channel.extension-channel=disabled 

 0 MDBR name="2.4Ghz-Ap-Casa-1" mac-address=B8:69:F4:D4:03:7F arp-timeout=auto radio-mac=B8:69:F4:D4:03:7F master-interface=none configuration.mode=ap configuration.ssid="Adm@CampingAve" 
        configuration.tx-chains=0,1 configuration.rx-chains=0,1 configuration.country=portugal configuration.installation=any security.authentication-types=wpa2-psk security.encryption=aes-ccm 
        security.group-encryption=aes-ccm security.group-key-update=1h security.passphrase="felicidade" security.disable-pmkid=yes l2mtu=1600 datapath.client-to-client-forwarding=yes 
        datapath.bridge=bridge_wifi_corp datapath.bridge-horizon=15 datapath.local-forwarding=no channel.frequency=2412,2437,2462 channel.control-channel-width=20mhz channel.band=2ghz-g/n 
        channel.extension-channel=disabled

And the interface bridge port print detail as requested:

admin@Core-Capsman > interface bridge port print detail
Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload 
 0     interface=ether2 bridge=bridge_lan priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 1     interface=ether3 bridge=bridge_lan priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 2     interface=ether4 bridge=bridge_lan priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 3 I   interface=ether5 bridge=bridge_lan priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 4     interface=ether6 bridge=bridge_capsman priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 5     interface=ether7 bridge=bridge_capsman priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no 
       pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query 
       fast-leave=no 

 6     interface=ether8 bridge=bridge_capsman priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no restricted-tcn=no

Later (its very late here) will do the traceroute and the other advices.
Thanks in advance

brixsat · Thu Jul 09, 2020 7:17 pm

Thanks for the help.
On a device connected to ap 1

cesar@araujo-laptop >ping 10.2.2.187
PING 10.2.2.187 (10.2.2.187) 56(84) bytes of data.
From 10.2.2.166 icmp_seq=1 Destination Host Unreachable
From 10.2.2.166 icmp_seq=2 Destination Host Unreachable
root@prusai3:/home/pi# traceroute 10.2.2.166
traceroute to 10.2.2.166 (10.2.2.166), 30 hops max, 60 byte packets
 1  10.2.2.187 (10.2.2.187)  3083.848 ms !H  3083.759 ms !H  3083.718 ms !H

root@prusai3:/home/pi# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.2.2.1        0.0.0.0         UG    303    0        0 wlan0
10.2.2.0        0.0.0.0         255.255.255.0   U     303    0        0 wlan0

On a device connected to ap2

cesar@araujo-laptop >  traceroute 10.2.2.187
traceroute to 10.2.2.187 (10.2.2.187), 30 hops max, 60 byte packets
 1  araujo-laptop (10.2.2.166)  3076.927 ms !H  3076.887 ms !H  3076.883 ms !H
 cesar@araujo-laptop >route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.2.2.1        0.0.0.0         UG    600    0        0 wlp3s0
10.2.2.0        0.0.0.0         255.255.255.0   U     600    0        0 wlp3s0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 wlp3s0
cesar@araujo-laptop >ping 10.2.2.187
PING 10.2.2.187 (10.2.2.187) 56(84) bytes of data.
From 10.2.2.166 icmp_seq=1 Destination Host Unreachable
From 10.2.2.166 icmp_seq=2 Destination Host Unreachable

On a device connected by cable to the router:

cesar@Super-Desktop > traceroute 10.2.2.187
traceroute to 10.2.2.187 (10.2.2.187), 30 hops max, 60 byte packets
 1  192.168.9.1 (192.168.9.1)  13.240 ms  13.236 ms  13.226 ms
 2  10.2.2.187 (10.2.2.187)  123.431 ms  123.428 ms  123.414 ms

What else can i supply ?

Thanks in advance.

sindy · Thu Jul 09, 2020 11:16 pm

What surprises me most is that your /interface bridge port print detail not only doesn't show ether9 although in the configuration export it is listed as a member port of bridge_capsman, but it doesn't show membership of the capsman interfaces in the bridges bridge_wifi_corp and/or bridge_wifi_guest. Normally, dynamic items are created:

[me@myTik] > interface bridge port print where dynamic
Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload
 #     INTERFACE                                     BRIDGE                                     HW  PVID PRIORITY  PATH-COST INTERNAL-PATH-COST    HORIZON
 0 ID  2.abc-test.hugo                               br-abc                                            1     0x80         10                 10       none
 1  D  2.visitors.hugo                               br-guest                                          1     0x80         10                 10       none
 2 ID  2.WL-500gP.hugo                               bridge                                            3     0x80         10                 10       none
 3  D  5.abc-test.hugo                               br-abc                                            1     0x80         10                 10       none
 4  D  5.visitors.hugo                               br-guest                                          1     0x80         10                 10       none
 5 ID  5.WL-500gP.hugo                               bridge                                            3     0x80         10                 10       none
 6 ID  2.abc-test.max                                br-abc                                            1     0x80         10                 10       none
 7  D  2.visitors.max                                br-guest                                          1     0x80         10                 10       none
 8 ID  2.WL-500gP.max                                bridge                                            3     0x80         10                 10       none
 9 ID  5.abc-test.max                                br-abc                                            1     0x80         10                 10       none
10 ID  5.visitors.max                                br-guest                                          1     0x80         10                 10       none
11 ID  5.WL-500gP.max                                bridge                                            3     0x80         10                 10       none

Is it a copy-paste error or is these really an issue?

brixsat · Fri Jul 10, 2020 11:33 am

Removed bridge horizon on datapath.

Now works.

brixsat · Fri Jul 10, 2020 11:44 am

What surprises me most is that your /interface bridge port print detail not only doesn't show ether9 although in the configuration export it is listed as a member port of bridge_capsman, but it doesn't show membership of the capsman interfaces in the bridges bridge_wifi_corp and/or bridge_wifi_guest. Normally, dynamic items are created:

[me@myTik] > interface bridge port print where dynamic
Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload
 #     INTERFACE                                     BRIDGE                                     HW  PVID PRIORITY  PATH-COST INTERNAL-PATH-COST    HORIZON
 0 ID  2.abc-test.hugo                               br-abc                                            1     0x80         10                 10       none
 1  D  2.visitors.hugo                               br-guest                                          1     0x80         10                 10       none
 2 ID  2.WL-500gP.hugo                               bridge                                            3     0x80         10                 10       none
 3  D  5.abc-test.hugo                               br-abc                                            1     0x80         10                 10       none
 4  D  5.visitors.hugo                               br-guest                                          1     0x80         10                 10       none
 5 ID  5.WL-500gP.hugo                               bridge                                            3     0x80         10                 10       none
 6 ID  2.abc-test.max                                br-abc                                            1     0x80         10                 10       none
 7  D  2.visitors.max                                br-guest                                          1     0x80         10                 10       none
 8 ID  2.WL-500gP.max                                bridge                                            3     0x80         10                 10       none
 9 ID  5.abc-test.max                                br-abc                                            1     0x80         10                 10       none
10 ID  5.visitors.max                                br-guest                                          1     0x80         10                 10       none
11 ID  5.WL-500gP.max                                bridge                                            3     0x80         10                 10       none

Is it a copy-paste error or is these really an issue?

I dont know.


[admin@Core-Capsman] > /interface bridge port print where dynamic
Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload 
 #     INTERFACE          BRIDGE          HW  PVID PRIORITY  PATH-COST INTERNAL-PATH-COST    HORIZON
 0 ID  5Ghz-Ap-Cafe-1     bridge_wifi_...        1     0x80         10                 10       none
 1 ID  5Ghz-Ap-Cafe-1-1   bridge_wifi_...        1     0x80         10                 10       none
 2  D  2.4Ghz-Ap-Rio-1    bridge_wifi_...        1     0x80         10                 10       none
 3 ID  2.4Ghz-Ap-Rio-1-1  bridge_wifi_...        1     0x80         10                 10       none
 4 ID  5Ghz-Ap-Casa-1     bridge_wifi_...        1     0x80         10                 10       none
 5 ID  5Ghz-Ap-Casa-1-1   bridge_wifi_...        1     0x80         10                 10       none
 6 ID  2.4Ghz-Ap-Balne... bridge_wifi_...        1     0x80         10                 10       none
 7 ID  2.4Ghz-Ap-Balne... bridge_wifi_...        1     0x80         10                 10       none
 8  D  2.4Ghz-Ap-Cafe-1   bridge_wifi_...        1     0x80         10                 10       none
 9 ID  2.4Ghz-Ap-Cafe-1-1 bridge_wifi_...        1     0x80         10                 10       none
10  D  2.4Ghz-Ap-Casa-1   bridge_wifi_...        1     0x80         10                 10       none
11  D  2.4Ghz-Ap-Casa-1-1 bridge_wifi_...        1     0x80         10                 10       none

sindy · Fri Jul 10, 2020 1:57 pm

So when you set the bridge-horizon on datapath again, these dynamically added bridge ports will disappear?

brixsat · Fri Jul 10, 2020 7:02 pm

So when you set the bridge-horizon on datapath again, these dynamically added bridge ports will disappear?

No sir, they will not.

Weird Routing problems [SOLVED]

Weird Routing problems

Re: Weird Routing problems

Re: Weird Routing problems

Re: Weird Routing problems

Re: Weird Routing problems

Re: Weird Routing problems

Re: Weird Routing problems

Re: Weird Routing problems [SOLVED]

Re: Weird Routing problems

Re: Weird Routing problems

Re: Weird Routing problems