Community discussions

MikroTik App
  4. RouterOS
  5. General

[SOLVED] Two subnets on different interfaces communication problem

Post Reply
 
User avatar
HumanDamned
newbie
Topic Author
Posts: 40
Joined: Wed Jun 20, 2012 11:21 am
Location: Tallinn

[SOLVED] Two subnets on different interfaces communication problem

Wed Jun 20, 2012 12:09 pm

751_communication_problem.jpg
LAN1: bridge-local (wan+lan1) with dhcp server and pool
LAN2: Ethernet-port with dhcp server and pool
Both LANs have internet access.

The problem is that I cannot ping devises from different networks (networks cannot communicate)… I can only ping the gateways.
From 10.5.28.0/24 ->> to 192.168.7.1 ping ok
From 192.168.7.0/24 ->> to 10.5.28.1 ping ok

How can I fix this? Please help…
The articles that I’ve been looking through…
http://forum.mikrotik.com/viewtopic.php?f=2&t=49575
http://forum.mikrotik.com/viewtopic.php?f=2&t=55230
http://forum.mikrotik.com/viewtopic.php?f=13&t=51892
http://forum.mikrotik.com/viewtopic.php?f=13&t=62619
Code: Select all
> /ip address print detail
Flags: X - disabled, I - invalid, D - dynamic 
 0 X ;;; default configuration
     address=192.168.88.1/24 network=192.168.88.0 interface=bridge-local 
     actual-interface=bridge-local 

 1   ;;; default configuration
     address=10.5.28.1/24 network=10.5.28.0 interface=bridge-local  actual-interface=bridge-local 

 2 D address=89.235.227.78/32 network=212.7.29.253 interface=STV  actual-interface=STV 

 3 D address=172.25.113.13/24 network=172.25.113.0 interface=ether1-gateway   actual-interface=ether1-gateway 

 4   address=192.168.7.1/24 network=192.168.7.0 interface=ether5-slave-local   actual-interface=ether5-slave-local
Code: Select all
> /ip route print detail
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 0 ADS  dst-address=0.0.0.0/0 gateway=212.7.29.253 
        gateway-status=212.7.29.253 reachable STV distance=1 scope=30 
        target-scope=10 

 1 ADC  dst-address=10.5.28.0/24 pref-src=10.5.28.1 gateway=bridge-local 
        gateway-status=bridge-local reachable distance=0 scope=10 

 2 ADS  dst-address=172.16.0.0/12 gateway=172.25.113.1 
        gateway-status=172.25.113.1 reachable ether1-gateway distance=1 
        scope=30 target-scope=10 vrf-interface=ether1-gateway 

 3 ADC  dst-address=172.25.113.0/24 pref-src=172.25.113.13 gateway=ether1-gatewa>
        gateway-status=ether1-gateway reachable distance=0 scope=10 

 4 ADC  dst-address=192.168.7.0/24 pref-src=192.168.7.1 
        gateway=ether5-slave-local gateway-status=ether5-slave-local reachable 
        distance=0 scope=10 

 5 ADC  dst-address=212.7.29.253/32 pref-src=89.235.227.78 gateway=STV 
        gateway-status=STV reachable distance=0 scope=10
Code: Select all
> /interface print detail
Flags: D - dynamic, X - disabled, R - running, S - slave 
 0  R  ;;; WIFI
       name="WLAN" type="wlan" mtu=1500 l2mtu=2290 

 1  R  ;;; WAN
       name="ether1-gateway" type="ether" mtu=1500 l2mtu=1600 

 2  R  ;;; LAN
       name="ether2-master-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 

 3  R  name="ether3-slave-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 

 4     name="ether4-slave-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 

 5  R  ;;; FREENET
       name="ether5-slave-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 

 6  R  ;;; LAN AND WIFI
       name="bridge-local" type="bridge" mtu=1500 l2mtu=1598 

 7  R  ;;; PPPoE Connection
       name="STV" type="pppoe-out" mtu=1480
Code: Select all
/ip dhcp-server> export
# jun/20/2012 14:19:07 by RouterOS 5.6
# software id = SJFD-6X9Z
#
/ip dhcp-server
add address-pool=default-dhcp authoritative=after-2sec-delay bootp-support=\
    static disabled=yes interface=bridge-local lease-time=3d name=default
add address-pool=dhcp-pool authoritative=after-2sec-delay bootp-support=static \
    disabled=no interface=bridge-local lease-time=3d name=dhcp-server
add address-pool=freenet_pool authoritative=after-2sec-delay bootp-support=\
    static disabled=no interface=ether5-slave-local lease-time=3d name=\
    dhcp-freenet

/ip dhcp-server config
set store-leases-disk=5m

/ip dhcp-server network
add address=10.5.28.0/24 comment="default configuration" dns-server=10.5.28.1 \
    gateway=10.5.28.1
add address=192.168.7.0/24 dns-server=10.5.28.1 gateway=192.168.7.1
You do not have the required permissions to view the files attached to this post.
Last edited by HumanDamned on Thu Nov 17, 2016 7:37 pm, edited 3 times in total.
Top
 
coffeecoco
Member Candidate
Member Candidate
Posts: 174
Joined: Wed Oct 12, 2005 1:17 pm

Re: Two subnets on different interfaces communication proble

Wed Jun 20, 2012 12:39 pm

751_communication_problem.jpg
LAN1: bridge-local (wan+lan1) with dhcp server and pool
LAN2: Ethernet-port with dhcp server and pool
Both LANs have internet access.

The problem is that I cannot ping devises from different networks (networks cannot communicate)… I can only ping the gateways.
From 10.5.28.0/24 ->> to 192.168.7.1 ping ok
From 192.168.7.0/24 ->> to 10.5.28.1 ping ok

How can I fix this? Please help…
The articles that I’ve been looking through…
http://forum.mikrotik.com/viewtopic.php?f=2&t=49575
http://forum.mikrotik.com/viewtopic.php?f=2&t=55230
http://forum.mikrotik.com/viewtopic.php?f=13&t=51892
Code: Select all
> /ip address print detail
Flags: X - disabled, I - invalid, D - dynamic 
 0 X ;;; default configuration
     address=192.168.88.1/24 network=192.168.88.0 interface=bridge-local 
     actual-interface=bridge-local 

 1   ;;; default configuration
     address=10.5.28.1/24 network=10.5.28.0 interface=bridge-local  actual-interface=bridge-local 

 2 D address=89.235.227.78/32 network=212.7.29.253 interface=STV  actual-interface=STV 

 3 D address=172.25.113.13/24 network=172.25.113.0 interface=ether1-gateway   actual-interface=ether1-gateway 

 4   address=192.168.7.1/24 network=192.168.7.0 interface=ether5-slave-local   actual-interface=ether5-slave-local
Code: Select all
> /ip route print detail
Flags: X - disabled, A - active, D - dynamic, 
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, 
B - blackhole, U - unreachable, P - prohibit 
 0 ADS  dst-address=0.0.0.0/0 gateway=212.7.29.253 
        gateway-status=212.7.29.253 reachable STV distance=1 scope=30 
        target-scope=10 

 1 ADC  dst-address=10.5.28.0/24 pref-src=10.5.28.1 gateway=bridge-local 
        gateway-status=bridge-local reachable distance=0 scope=10 

 2 ADS  dst-address=172.16.0.0/12 gateway=172.25.113.1 
        gateway-status=172.25.113.1 reachable ether1-gateway distance=1 
        scope=30 target-scope=10 vrf-interface=ether1-gateway 

 3 ADC  dst-address=172.25.113.0/24 pref-src=172.25.113.13 gateway=ether1-gatewa>
        gateway-status=ether1-gateway reachable distance=0 scope=10 

 4 ADC  dst-address=192.168.7.0/24 pref-src=192.168.7.1 
        gateway=ether5-slave-local gateway-status=ether5-slave-local reachable 
        distance=0 scope=10 

 5 ADC  dst-address=212.7.29.253/32 pref-src=89.235.227.78 gateway=STV 
        gateway-status=STV reachable distance=0 scope=10
Code: Select all
> /interface print detail
Flags: D - dynamic, X - disabled, R - running, S - slave 
 0  R  ;;; WIFI
       name="WLAN" type="wlan" mtu=1500 l2mtu=2290 

 1  R  ;;; WAN
       name="ether1-gateway" type="ether" mtu=1500 l2mtu=1600 

 2  R  ;;; LAN
       name="ether2-master-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 

 3  R  name="ether3-slave-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 

 4     name="ether4-slave-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 

 5  R  ;;; FREENET
       name="ether5-slave-local" type="ether" mtu=1500 l2mtu=1598 max-l2mtu=2030 

 6  R  ;;; LAN AND WIFI
       name="bridge-local" type="bridge" mtu=1500 l2mtu=1598 

 7  R  ;;; PPPoE Connection
       name="STV" type="pppoe-out" mtu=1480
Ok so this is how routing and subnetting works

if a subnet has a destnation outside of its own subnet the packets are supposed to goto the router and say here route me.


so you'r router gets the packet destination 192.168.7/0/24 and the router goes hmm hold a second let me look up the table ( as it rubs its beared)
it goes hmm i only have a route for the 192.168.7.0/24 network, the source computer goes YAY!!!!, but the router goes BUT... im sorry the only people aloud to get to this destination is "pref src" is actualy in fact me, so that means YOU can not get to that network..... suck eggs.

So if you changed that pref source to = the source network not JUST .1 it will work
you could remove the pref source all together, you could also Enable RIP if you want to share routes to other routers etc etc


So route destination 192.168.7.0/24 via gateway which you can select an interface or interface address


the reason pref src is there so you can restrict who can access that network, in alot of case's you dont want every tom dick and harry connecting to any route.

IF it works I am a little low on Karma :)
Top
 
User avatar
HumanDamned
newbie
Topic Author
Posts: 40
Joined: Wed Jun 20, 2012 11:21 am
Location: Tallinn

Re: Two subnets on different interfaces communication proble

Wed Jun 20, 2012 1:32 pm

Thanx for reply coffeecoco, but how can I change or remove it, if the entry in Route List was added automatically?
In "DAC" items I cannot change anything...
Top
 
coffeecoco
Member Candidate
Member Candidate
Posts: 174
Joined: Wed Oct 12, 2005 1:17 pm

Re: Two subnets on different interfaces communication proble

Wed Jun 20, 2012 2:27 pm

do you have rip enabled or any other routing proticols ospf etc
im taking a guess you have Rip enabled ? just untick all the box's and remove them

or goto to terminal type routing > rip > export and paste it here
the D in the routes means its dynamic which is usualy created by a routing protocol
Top
 
User avatar
HumanDamned
newbie
Topic Author
Posts: 40
Joined: Wed Jun 20, 2012 11:21 am
Location: Tallinn

Re: Two subnets on different interfaces communication proble

Wed Jun 20, 2012 2:42 pm

Here it is :)
Code: Select all
/routing rip> export
# jun/20/2012 13:40:09 by RouterOS 5.6
# software id = SJFD-6X9Z
#
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
    metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
    redistribute-connected=no redistribute-ospf=no redistribute-static=no \
    routing-table=main timeout-timer=3m update-timer=30s
Top
 
coffeecoco
Member Candidate
Member Candidate
Posts: 174
Joined: Wed Oct 12, 2005 1:17 pm

Re: Two subnets on different interfaces communication proble

Wed Jun 20, 2012 2:57 pm

wait i see it. Do you really need a VRF ?
if you dont then the VRF part is in the routes window delete all the stuff you added, unless you need it ?
a VRF allows you to create completly seperate routes that are sub managed in the router


I use them at work all the time. Its like a seperate routing zone for customers to route how they please
Top
 
User avatar
HumanDamned
newbie
Topic Author
Posts: 40
Joined: Wed Jun 20, 2012 11:21 am
Location: Tallinn

Re: Two subnets on different interfaces communication proble

Wed Jun 20, 2012 3:13 pm

Here is routing ospf. All the setting should be by default because it's a brand new rb751-2hnd
Code: Select all
/routing ospf> export
# jun/20/2012 14:11:30 by RouterOS 5.6
# software id = SJFD-6X9Z
#
/routing ospf instance
set default disabled=no distribute-default=never in-filter=ospf-in metric-bgp=\
    auto metric-connected=20 metric-default=1 metric-other-ospf=auto metric-rip=\
    20 metric-static=20 name=default out-filter=ospf-out redistribute-bgp=no \
    redistribute-connected=no redistribute-other-ospf=no redistribute-rip=no \
    redistribute-static=no router-id=0.0.0.0
/routing ospf area
set backbone area-id=0.0.0.0 disabled=no instance=default name=backbone type=\
    default
I also tried pinging from mikrotik (10.5.28.1):
->> to 192.168.7.1 gateway ping ok
->> to 192.168.7.x timeouts
->> to 10.5.28.x ping ok
Top
 
coffeecoco
Member Candidate
Member Candidate
Posts: 174
Joined: Wed Oct 12, 2005 1:17 pm

Re: Two subnets on different interfaces communication proble

Wed Jun 20, 2012 3:38 pm

yes from the router you will be able to ping everything the reason why one if them wont is because you created a VRF

under routes there is a VRF tab you might want to delete some of that stuff




then, go to the PC on the LAN you want to use to talk to the other subnets

i dont know what you use but for windows its like this

route add 10.5.28.0 mask 255.255.255.0 192.168.7.1
Top
 
User avatar
HumanDamned
newbie
Topic Author
Posts: 40
Joined: Wed Jun 20, 2012 11:21 am
Location: Tallinn

Re: Two subnets on different interfaces communication proble

Wed Jun 20, 2012 4:45 pm

I finally found the solution...one mikrotik guru told me to try this:
Code: Select all
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=!bridge-local src-address=10.5.28.0/24 - for LAN1
add action=masquerade chain=srcnat disabled=no out-interface=!ether5-slave-local src-address=192.168.7.0/24 - for LAN2
previously I've had such a rule:
Code: Select all
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=WAN
hope this will help somebody who has similar problems with subnets....
Top
 
TroyQ
Frequent Visitor
Frequent Visitor
Posts: 63
Joined: Thu Oct 20, 2016 10:02 pm

Re: [SOLVED] Two subnets on different interfaces communication problem

Thu Jun 15, 2017 2:20 pm

This is still not working for me, and i have tried on more than one mikrotik :cry :cry: :cry: :cry: :cry: :cry: :cry: :cry: :cry: :cry:
Top
Post Reply

Who is online

Users browsing this forum: anav, BartoszP, ieleja, Marc1963, sindy and 44 guests
  4. RouterOS
  5. General