Route traffic between two interfaces
Posted: Fri Feb 24, 2017 2:41 pm
Hello.
Two days ago I just bought this good device CRS125-24G-1S. Now I have problem with routing the traffic between the ports ether9 and ether10
The router is configured to act as home gateway but on ports ether9 and ether10 I have multicast traffic which is very important for my two servers and I want to isolate this traffic from DHCP server because is flooding all the time.
I hope you understand .
Here is my setup
Server 1 Centos7 have two NIC'S one is connected to DHCP server and works ok for public.
But second NIC is eno2 has ip 10.15.14.5 and is connected to ether9
Server 2 Centos7 have two NIC'S and first one is connected to DHCP server for public traffic.
Second NIC is enp8s0f1 has ip 10.15.15.5 and is connected to ether10
The problem is that both servesr are not communicating with each other .
Server1 is not able to ping Server 2
[root@~]# ping 10.15.15.5
PING 10.15.15.5 (10.15.15.5) 56(84) bytes of data.
Server2 not talk with Server1
[root@~]# ping 10.15.14.5
PING 10.15.14.5 (10.15.14.5) 56(84) bytes of data.
Server1 route table
[root@~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eno1
10.15.14.0 0.0.0.0 255.255.255.0 U 0 0 0 eno2
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eno1
224.0.0.0 0.0.0.0 240.0.0.0 U 0 0 0 lo
Server 2 route table
[root@~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 enp8s0f0
10.15.15.0 0.0.0.0 255.255.255.0 U 0 0 0 enp8s0f1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 enp8s0f0
CRS125-24G-1S can talk with both servers
[admin] > ping 10.15.14.5
SEQ HOST SIZE TTL TIME STATUS
0 10.15.14.5 56 64 1ms
1 10.15.14.5 56 64 0ms
2 10.15.14.5 56 64 0ms
3 10.15.14.5 56 64 0ms
sent=4 received=4 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=1ms
[admin@] > ping 10.15.15.5
SEQ HOST SIZE TTL TIME STATUS
0 10.15.15.5 56 64 0ms
1 10.15.15.5 56 64 0ms
2 10.15.15.5 56 64 0ms
3 10.15.15.5 56 64 0ms
sent=4 received=4 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=0ms
Also both servers can ping CRS125-24G-1S but they can't commmunicate with each other on eth9 and eth10 .
here is my setup config from CRS125-24G-1S
Two days ago I just bought this good device CRS125-24G-1S. Now I have problem with routing the traffic between the ports ether9 and ether10
The router is configured to act as home gateway but on ports ether9 and ether10 I have multicast traffic which is very important for my two servers and I want to isolate this traffic from DHCP server because is flooding all the time.
I hope you understand .
Here is my setup
Server 1 Centos7 have two NIC'S one is connected to DHCP server and works ok for public.
But second NIC is eno2 has ip 10.15.14.5 and is connected to ether9
Server 2 Centos7 have two NIC'S and first one is connected to DHCP server for public traffic.
Second NIC is enp8s0f1 has ip 10.15.15.5 and is connected to ether10
The problem is that both servesr are not communicating with each other .
Server1 is not able to ping Server 2
[root@~]# ping 10.15.15.5
PING 10.15.15.5 (10.15.15.5) 56(84) bytes of data.
Server2 not talk with Server1
[root@~]# ping 10.15.14.5
PING 10.15.14.5 (10.15.14.5) 56(84) bytes of data.
Server1 route table
[root@~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eno1
10.15.14.0 0.0.0.0 255.255.255.0 U 0 0 0 eno2
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eno1
224.0.0.0 0.0.0.0 240.0.0.0 U 0 0 0 lo
Server 2 route table
[root@~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 enp8s0f0
10.15.15.0 0.0.0.0 255.255.255.0 U 0 0 0 enp8s0f1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 enp8s0f0
CRS125-24G-1S can talk with both servers
[admin] > ping 10.15.14.5
SEQ HOST SIZE TTL TIME STATUS
0 10.15.14.5 56 64 1ms
1 10.15.14.5 56 64 0ms
2 10.15.14.5 56 64 0ms
3 10.15.14.5 56 64 0ms
sent=4 received=4 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=1ms
[admin@] > ping 10.15.15.5
SEQ HOST SIZE TTL TIME STATUS
0 10.15.15.5 56 64 0ms
1 10.15.15.5 56 64 0ms
2 10.15.15.5 56 64 0ms
3 10.15.15.5 56 64 0ms
sent=4 received=4 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=0ms
Also both servers can ping CRS125-24G-1S but they can't commmunicate with each other on eth9 and eth10 .
here is my setup config from CRS125-24G-1S
Code: Select all
# feb/24/2017 12:28:18 by RouterOS 6.36.3
/interface ethernet
set [ find default-name=ether1 ] comment=WAN mac-address=F4:xx:6D:xx:40:xx name=ether1-WAN
set [ find default-name=ether2 ] comment="DHCP server"
set [ find default-name=ether3 ] master-port=ether2
set [ find default-name=ether4 ] master-port=ether2
set [ find default-name=ether5 ] master-port=ether2
set [ find default-name=ether6 ] master-port=ether2
set [ find default-name=ether7 ] master-port=ether2
set [ find default-name=ether8 ] master-port=ether2
set [ find default-name=ether9 ] comment=multicast
set [ find default-name=ether10 ] comment=multicast
set [ find default-name=ether11 ] disabled=yes
set [ find default-name=ether12 ] disabled=yes
set [ find default-name=ether13 ] disabled=yes
set [ find default-name=ether14 ] disabled=yes
set [ find default-name=ether15 ] disabled=yes
set [ find default-name=ether16 ] disabled=yes
set [ find default-name=ether17 ] disabled=yes
set [ find default-name=ether18 ] disabled=yes
set [ find default-name=ether19 ] disabled=yes
set [ find default-name=ether20 ] disabled=yes
set [ find default-name=ether21 ] disabled=yes
set [ find default-name=ether22 ] disabled=yes
set [ find default-name=ether23 ] disabled=yes
set [ find default-name=ether24 ] disabled=yes
set [ find default-name=sfp1 ] disabled=yes
/ip neighbor discovery
set ether1-WAN comment=WAN discover=no
set ether2 comment="DHCP server"
set ether9 comment=multicast
set ether10 comment=multicast
/ip pool
add name=dhcp_pool1 ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add add-arp=yes address-pool=dhcp_pool1 always-broadcast=yes disabled=no interface=ether2 name=dhcp1
/ip address
add address=10.10.12.235 comment="WAN WAN" interface=ether1-WAN network=10.10.12.0
add address=192.168.1.1/24 comment="DHCP server" interface=ether2 network=192.168.1.0
add address=10.15.14.1/24 interface=ether9 network=10.15.14.0
add address=10.15.15.1/24 interface=ether10 network=10.15.15.0
/ip dhcp-server lease
add address=192.168.1.107 mac-address=6C:xx:xx:66:80:xx server=dhcp1
add address=192.168.1.97 mac-address=2C:xx:D7:51:xx:A8 server=dhcp1
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1
/ip dns
set servers=213.1xx.160.x8,21x.xx.1x0.19
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1-WAN
add action=dst-nat chain=dstnat dst-port=7560 in-interface=ether1-WAN protocol=tcp to-addresses=192.168.1.107 to-ports=7560
add action=dst-nat chain=dstnat dst-port=1864 in-interface=ether1-WAN protocol=tcp to-addresses=192.168.1.107 to-ports=1864
/ip route
add distance=1 gateway=ether1-WAN
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system identity
set name="myrouter"
/system routerboard settings
set protected-routerboot=disabled