Unable to sniff traffic on bridge
Posted: Sun May 07, 2023 10:40 pm
I recently purchased a Hex S (RB760iGS / MT7621A) to replace a configuration I was running inside of a VM, and am having some problems.
I bridge two ports together as a transparent filtering bridge between my modem and my (non-microtik) router. On my virtual machine instance I am able to see the traffic flowing in torch as well as observe this traffic be using Traffic Flow feature to send IPFIX flows to my netflow receiver.
However on my Hex S, I cannot see traffic on the bridge using torch, nor can Traffic Flow see any traffic on that interface. 
Is there something different about the Hex S hardware that makes this impossible?
I bridge two ports together as a transparent filtering bridge between my modem and my (non-microtik) router. On my virtual machine instance I am able to see the traffic flowing in torch as well as observe this traffic be using Traffic Flow feature to send IPFIX flows to my netflow receiver.
However on my Hex S, I cannot see traffic on the bridge using torch, nor can Traffic Flow see any traffic on that interface. Code: Select all
[admin@RouterOS] /interface/bridge/settings> print
use-ip-firewall: yes
use-ip-firewall-for-vlan: no
use-ip-firewall-for-pppoe: no
allow-fast-path: no
bridge-fast-path-active: no
bridge-fast-path-packets: 0
bridge-fast-path-bytes: 0
bridge-fast-forward-packets: 0
bridge-fast-forward-bytes: 0
[admin@RouterOS] /interface/bridge> print detail
Flags: X - disabled, R - running
0 R ;;; wan bridge
name="br-wan" mtu=auto actual-mtu=1500 l2mtu=1596 arp=enabled arp-timeout=auto mac-address=48:A9:8A:72:1B:7D protocol-mode=rstp fast-forward=no igmp-snooping=no auto-mac=no admin-mac=48:A9:8A:72:1B:7D ageing-time=5m priority=0x8000 max-message-age=20s forward-delay=15s transmit-hold-count=6
vlan-filtering=no dhcp-snooping=no
[admin@RouterOS] /interface/bridge> port/print detail
Flags: X - disabled, I - inactive; D - dynamic; H - hw-offload
0 ;;; SWITCH
interface=ether3 bridge=br-wan priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=no auto-isolate=no restricted-role=no restricted-tcn=no pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes
unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query fast-leave=no
1 ;;; MODEM
interface=ether4 bridge=br-wan priority=0x80 path-cost=10 internal-path-cost=10 edge=auto point-to-point=auto learn=auto horizon=none hw=no auto-isolate=no restricted-role=no restricted-tcn=no pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes
unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no multicast-router=temporary-query fast-leave=no