Hello
i have eth2-5 connected to bridge. DHCP disabled so it is used as switch. The reasen why i use this setup is not important i think (EOIP tunnel to another office).
On eth2 i have connected cable where is one subnet 192.168.0.0/24 with enabled DHCP (range 10-70), GW is 192.168.0.1. And second 192.168.80.0/24 without DHCP and without GW.
I have connected two computers to MK. One has 192.168.0.81 and 192.168.80.201 and second has 192.168.0.82 and 192.168.80.202. Then i have third computer which is connected to a switch and this switch is conencted to MK eth2. The 3rd has 192.168.0.83 and 192.168.80.3. Then there are few computers connected to switch where is net 192.168.80.0.
All addresses are assigned manually or has resevation. MK bridge has assignet 192.168.0.76 from dhcp and make default route automatically to 192.168.0.1 (which is GW) and manually assigned 192.168.80.200 for ping tests directly from MK.
Now i see strange behavior. Network 192.168.0.0 works as expected. All computers can acces others.
But
1) 192.168.80.201 can ping 192.168.80.202 and oposite
2) 192.168.80.201 and 202 can't ping 192.168.80.203 and oposite (203 can ping all others devices connected to the switch)
3) when i disconnect MK eth2 cable and put 192.168.80.201 or 202 directly on the cable they can ping all others.
The question is which setting is missing to access 192.168.80.0 network?
When i tried add route 192.168.80.0 with GW eth2 or bridge nothing happened.
Thank you for help
Marek
-
-
AlainCasault
Trainer
- Posts: 632
- Joined:
- Location: Prévost, QC, Canada
- Contact:
Re: Two subnets, one mine one foreign
Hello,
No offence but your setup is... Special.
One layer 2 network, remote DHCP, two addresses per computer, no GW for 80.0/24, DHCP assigned address to the bridge and one manually...
You're probably having issues with your computers as well as with your mk setup.
I know you said that the reason is irrelevant, but I think it's not. That you did a layer 2 tunnel is ok, but you need to give us the big picture. Why are you doing what you're doing, because from my point of view, your setup is all wrong.
Regards,
Sent from Tapatalk
No offence but your setup is... Special.
One layer 2 network, remote DHCP, two addresses per computer, no GW for 80.0/24, DHCP assigned address to the bridge and one manually...
You're probably having issues with your computers as well as with your mk setup.
I know you said that the reason is irrelevant, but I think it's not. That you did a layer 2 tunnel is ok, but you need to give us the big picture. Why are you doing what you're doing, because from my point of view, your setup is all wrong.
Regards,
Sent from Tapatalk
Re: Two subnets, one mine one foreign
Hi,
thanks for reply. Main problem is that i have only one cable from a wall. The cable is configured by other IT technician and my task is to create L2 tunel. I am trying solve this terrible situation but now i need make it work. So i have two MK. One in second office, which is VPN concentrator. Sencond in in main office which is connecting to first one over internet. Then there is EOIP over the VPN connection. EOIP ifaces are connected to the bridges on both MKs.
When i will all 192.168.0.0 net under control I want create it better but there will be still the second net 192.168.80.0 which is foreign. There is a x-ray device which sends data to client computers on whole builing.
I think the best solution will be connect x-ray net to one eth port with multiple IPs (x-ray needs IP per device and i have three devices that need to be connected to) and then make forwarding to each IP to one client computer.
Is now clear why i am trying do this so ugly?
Thanks
Marek
thanks for reply. Main problem is that i have only one cable from a wall. The cable is configured by other IT technician and my task is to create L2 tunel. I am trying solve this terrible situation but now i need make it work. So i have two MK. One in second office, which is VPN concentrator. Sencond in in main office which is connecting to first one over internet. Then there is EOIP over the VPN connection. EOIP ifaces are connected to the bridges on both MKs.
When i will all 192.168.0.0 net under control I want create it better but there will be still the second net 192.168.80.0 which is foreign. There is a x-ray device which sends data to client computers on whole builing.
I think the best solution will be connect x-ray net to one eth port with multiple IPs (x-ray needs IP per device and i have three devices that need to be connected to) and then make forwarding to each IP to one client computer.
Is now clear why i am trying do this so ugly?
Thanks
Marek
-
-
AlainCasault
Trainer
- Posts: 632
- Joined:
- Location: Prévost, QC, Canada
- Contact:
Re: Two subnets, one mine one foreign
Hello Mareka,
Ya, I think I get you.
In this case, create TWO bridges and have 2 EOIP tunnels, one inside each bridge. You don't even have to have IP addresses on your MTK. Well, maybe one for management. Use 0.0/24 if this is your network.
So, in general (this in an example only. adapt it to your needs, but it should work):
______________________________
Bridge-A (IP address: 192.168.0.X/24, create a reservation on the DHCP server)
bridge ports=EOIP-A, ether2, ether3
ether2 -> switch #1
ether3, spare
Bridge-B
bridge ports=EOIP-B, ether4, ether5
ether4 -> switch #2
ether5, spare
______________________________
This way, both subnets are separated and PCs only have one IP address. Just make sure the other MTK has a similar configuration. It should also have some firewall rules to limit traffic between both subnets.
Of course, both subnets MUST have a fully configured DHCP server at the remote site, both offering addresses and default GW, otherwise it won't work.
I hope this gets you going in the right direction.
Cheers,
Ya, I think I get you.
In this case, create TWO bridges and have 2 EOIP tunnels, one inside each bridge. You don't even have to have IP addresses on your MTK. Well, maybe one for management. Use 0.0/24 if this is your network.
So, in general (this in an example only. adapt it to your needs, but it should work):
______________________________
Bridge-A (IP address: 192.168.0.X/24, create a reservation on the DHCP server)
bridge ports=EOIP-A, ether2, ether3
ether2 -> switch #1
ether3, spare
Bridge-B
bridge ports=EOIP-B, ether4, ether5
ether4 -> switch #2
ether5, spare
______________________________
This way, both subnets are separated and PCs only have one IP address. Just make sure the other MTK has a similar configuration. It should also have some firewall rules to limit traffic between both subnets.
Of course, both subnets MUST have a fully configured DHCP server at the remote site, both offering addresses and default GW, otherwise it won't work.
I hope this gets you going in the right direction.
Cheers,
Re: Two subnets, one mine one foreign
Hi, thanks you but this is not what i am looking for.
I'll try explain it easier.
MK
WAN - 10.0.0.1/24
eth2 - 192.168.80.0/24 - foreign cable from another router (not my) with dhcp
eth3 - 192.168.1.0/24 - my local network with dhcp
eth3 is master for eth4 and eth5 and eth3 is in bridge.
PC1 - my network
IP1 192.168.1.80
IP2 192.168.2.80
PC2 - foreign network on eth2
IP1 192.168.2.81
How i may setup MK to PC1 can access PC2 and PC2 to PC1?
Thanks
I'll try explain it easier.
MK
WAN - 10.0.0.1/24
eth2 - 192.168.80.0/24 - foreign cable from another router (not my) with dhcp
eth3 - 192.168.1.0/24 - my local network with dhcp
eth3 is master for eth4 and eth5 and eth3 is in bridge.
PC1 - my network
IP1 192.168.1.80
IP2 192.168.2.80
PC2 - foreign network on eth2
IP1 192.168.2.81
How i may setup MK to PC1 can access PC2 and PC2 to PC1?
Thanks
Re: Two subnets, one mine one foreign
So best and easy solution may be create mascarade to 192.168.80.0/24 with port forwarding